AWS Practice Test 1 Incorrect Answer Review

AWS IoT Greengrass

Enables devices to perform local data processing and real-time event handling, even when cloud connectivity is not available.

Brings cloud capabilities to the edge, allowing the factoring to respond quickly to critical machinery events.

AWS Detective

A persistent machine learning driven service that automatically collates log data from all AWS resources. 

The log data is then applied to machine learning algorithms to derive data patterns between AWS services and resources, graph theory, and statistical analysis.

Allows the user to proactively visualize their AWS environment from a security standpoint, thereby allowing them to quickly and efficiently conduct security investigations when they occur.

Network ACL

Can be additionally configured on the subnet level to allow traffic in and out of the VPC

Web Application Firewall (WAF)

Can be configured to protect web applications from common security threats.

Can be deployed on services such as AWS CloudFront, Application Load Balancer, and Amazon API Gateway

AWS Direct Connect

Cloud service solution that makes it easy to establish a dedicated network connection from the organization’s premises to AWS.

Guaranteed high bandwidth and low-latency

AWS Kinesis Data Streams (KDS)

Massively scalable and durable real-time data streaming service. 

Does not guarantee the quality of connectivity between the organizations on-premise infrastructure and the AWS cloud build.

AWS Amplify

Designed to simplify the process of building and deploying web and mobile applications

Offers features like real-time data synchronization, backend logic with AWS Lambda, database integration, and authentication services

AWS AppSync

Empowers developers to establish connections between their applications and services with secure, serverless, and high-performance GraphQL and Pub/Sub APIs, enabling seamless access to data and events.

Savings Plans

Discount pricing models that offer reduced rates if the customer commits to one year or three-year consistent usage.

For: AWS EC2, AWS Fargate, and AWS Lambda

AWS Organizationss

An Organizational Unit (OU) can only have one parent

Organizational level policies are known as Service Control Policies (SCPs)

AWS Global Accelerator

Uses highly available, high speed AWS global network and anycast routing techniques to greatly improve the availability and network performance of the customer application.

Leverages Edge Locations and Edge infrastructure traffic to and from customer application endpoints ingresses and egresses the AWS global network at geographically closer locations to clients.

Systems Manager

Allows users to control their AWS resources by unifying services into a user interface. One in which they can be able to view, automate and monitor operational tasks

Gives users the ability to group AWS resources across different AWS Regions by application and then collectively view their operational data for monitoring purposes

Resource Access Manager (AWS RAM)

Allows users to share resources with other AWS accounts or via AWS Organizations

AWS License Manager

Provisions and tracks license usage across multiple AWS accounts & also on-premises environment.

Helps to send an alert to an Administrator when license usage exceeds the limit

AWS CloudHSM

Managed hardware security model for generating and managing encryption keys on the AWS cloud

Can be used for offloading SSL processing for web servers, which in the case of SSL, the processing is done on CloudHSM instead of web servers which reduces load on web servers.

Amazon Cognito User Pools

Managed service that can be used to manage user authentication to mobile applications

Can scale up to millions of users

Supports direct user sign in as well as federated users using social and enterprise identity providers

Amazon Cognito Identity Pools

Used to provide privileged credentials for accessing AWS services

Provides authorization for accessing AWS resources, while user pools are for authenticating users. 

AWS IoT Core

Enables secure and efficient communication between devices and the cloud

Amazon S3 Transfer Acceleration

Enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket

Takes advantage of Amazon CloudFront’s globally distributed edge locations

The five categories Trusted Advisor provides insight on

1. Performance

2. Cost Optimization

3. Security

4. Fault Tolerance

5. Service Limits

Availability Zones

Isolated locations within a region, each with its own power, cooling, and networking

Regions have at least 3 AZs

AWS Config

Records and captures all configuration changes done to AWS resources using the Configuration Recorder

Configuration Items crated by AWS Config can be retained depending on the S3 lifecycle policies defined & can be referred to during any audit

Helps an organization track compliance of its resources elegantly

On Demand EC2 Dedicated Hosts

Ensure that the underlying host will not change even when the server is stopped and started

Ex: Using an existing SQL Server license on AWS cloud provided on a CPU core basis

Scaling Vertically

Adds more resources to an instance

Scaling Horizontally

Adding more instances