Questions
By default, what is the maximum number of linked accounts per pay
3 fundamental cost Cost (compute, storage and outbound data transfer
# of Server migrated into EC2 - You pay for the instance
Amount of egress data (data going out)
Note you do not pay for ingress data
AWS pricing is in US dollars
S3 bucket - store objects, name must be unique globally, region specific
ElasticCache - In memory Database
ELB - Elastic Load balancing -
EC2 Auto Scaling - automatically expand/shrink your application in response to demand
DynamoDb- non-sql, Non-Relation DB, that automatically scale, scale horizontally
Shared Responsible
Patch Management
- AWS servers/router/storage system - Patch management
- Customer EC2 instances OS, patches/update, application
Configuration (record system config -build/operate)
-AWS - on their own system
-Customer Application/Service you are manage configuration
Customer
- Install security updates on EC2 Instances
- Enable multi-factor authenticating (MFA) for privilage users
REST API - Interact with AWS
CloudWatch - Metric - Performance Monitoring
CloudFormation - Automating building system using templates
CloudTrail - Auditing service who did what User activity
CloudHSM - hardware Security Module- Managed Keys - Cryptographic service
RDS - Managed Service running Relation database, you need to choose an EC2 instance
Read Replica,, Multi AZ
Aurora -
DynamoDB - non-relation DB, Consume table,
EC2 -
EMR - Mapp Hadoop service - analytics data
EBS - Elastic Block Store volume attached to an EC2 Instance store data
SNS - Loose Coupling, distributed application
EFS - Managed Filed system Shared with multiple EC2 System
SQS - Queue for storing messages in trasit between application service
SNS - de-coupline topic and notification
SWF - simple workflow service orchestration service
Lambda
- highly scale and do not need to make capacity decision upfront
IAM Best practice
User -> Groups - Policy (permission Access/deny), role
Do not assign permission to users but to groups
Create individual IAM users (don't share userID)
enable MFA for all users
*****************************
Which service enables you to build the workflows that are required for human review of machine learning predictions?
Amazon Augmented AI
Which Support plans include access to all AWS Trusted Advisor checks? (Select TWO.)
01/30
Which statement is TRUE for AWS Lambda?
You pay only for compute time while your code is running.
02/30
Which service is used to run containerized applications on AWS?
Amazon Elastic Kubernetes Service (Amazon EKS)
03/30
Which component or service enables you to establish a dedicated private connection between your data center and virtual private cloud (VPC)?
AWS Direct Connect
04/30
Which Support plans include access to all AWS Trusted Advisor checks? (Select TWO.)
The two correct response options are:
Enterprise
Business
05/30
In the S3 Intelligent-Tiering storage class, Amazon S3 moves objects between a frequent access tier and an infrequent access tier. Which storage classes are used for these tiers? (Select TWO.)
S3 Standard
S3 Standard-IA
06/30
Which migration strategy involves changing how an application is architected and developed, typically by using cloud-native features?
Refactoring
07/30
Which statement best describes AWS Marketplace?
A digital catalog that includes thousands of software listings from independent software vendors
08/30
Which service is used to quickly deploy and scale applications on AWS?
AWS Elastic Beanstalk.
09/30
You want Amazon S3 to monitor your objects’ access patterns. Which storage class should you use?
S3 Intelligent-Tiering
10/30
Which virtual private cloud (VPC) component controls inbound and outbound traffic for Amazon EC2 instances?
The correct response option is security group.
11/30
Which tasks are the responsibilities of AWS? (Select TWO.)
The two correct response options are:
Maintaining virtualization infrastructure
Configuring AWS infrastructure devices
12/30
Which service enables you to review details for user activities and API calls that have occurred within your AWS environment?
The correct response option is AWS CloudTrail.
13/30
You want to send and receive messages between distributed application components. Which service should you use?
Amazon Simple Queue Service (Amazon SQS)
14/30
You want to store data in a key-value database. Which service should you use?
The correct response option is Amazon DynamoDB.
15/30
You want to store data in a volume that is attached to an Amazon EC2 instance. Which service should you use?
Amazon Elastic Block Store (Amazon EBS)
16/30
Which Perspective of the AWS Cloud Adoption Framework focuses on recovering IT workloads to meet the requirements of your business stakeholders?
The correct response option is Operations Perspective.
17/30
Which service enables you to build the workflows that are required for human review of machine learning predictions?
Amazon Augmented AI.
18/30
Which tool is used to automate actions for AWS services and applications through scripts?
AWS Command Line Interface.
19/30
Which actions can you perform in Amazon Route 53? (Select TWO.)
The correct two response options are:
Connect user requests to infrastructure in AWS and outside of AWS.
Manage DNS records for domain names.
20/30
Which service is used to transfer up to 100 PB of data to AWS?
The correct response option is AWS Snowmobile.
21/30
You are running an Amazon EC2 instance and want to store data in an attached resource. Your data is temporary and will not be kept long term. Which resource should you use?
The correct response option is instance store.
22/30
Which compute option reduces costs when you commit to a consistent amount of compute usage for a 1-year or 3-year term?
Savings Plans.
23/30
Which statement best describes Elastic Load Balancing?
The correct response option is A service that distributes incoming traffic across multiple targets, such as Amazon EC2 instances.
24/30
Which AWS Trusted Advisor category includes checks for your service limits and overutilized instances?
The correct response option is Performance.
25/30
Which pillar of the AWS Well-Architected Framework focuses on using computing resources in ways that meet system requirements?
The correct response option is Performance Efficiency.
26/30
Which statement best describes an Availability Zone?
The correct response option is A fully isolated portion of the AWS global infrastructure.
27/30
Which tool enables you to visualize, understand, and manage your AWS costs and usage over time?
The correct response option is AWS Cost Explorer.
28/30
Which service enables you to consolidate and manage multiple AWS accounts from a central location?
The correct response option is AWS Organizations.
29/30
Which statement best describes Amazon GuardDuty?
The correct response option is A service that provides intelligent threat detection for your AWS infrastructure and resources
30/30
Which action can you perform in Amazon CloudFront?
The correct response is Deliver content to customers through a global network of edge locations.
Module 3 - Global Infrastructure and reliability
1. Which statement best describes an Availability Zone?
A single data center or group of data centers within a Region
2. Which statement is TRUE for the AWS global infrastructure?
A Region consists of two or more Availability Zones.
3. Which factors should be considered when selecting a Region? (Select TWO.)
Compliance with data governance and legal requirements
Proximity to your customers
4. Which statement best describes Amazon CloudFront?
A global content delivery service
5. Which site does Amazon CloudFront use to cache copies of content for faster delivery to users at any location?
Edge location
6. Which action can you perform with AWS Outposts?
Extend AWS infrastructure and services to your on-premises data center.
Question1
Which statement is TRUE for the AWS global infrastructure?
A Region consists of two or more Availability Zones.
The correct response option is A Region consists of two or more Availability Zones.
For example, the South America (São Paulo) Region is sa-east-1. It includes three Availability Zones: sa-east-1a, sa-east-1b, and sa-east-1c.
Question 2
Which factors should be considered when selecting a Region? (Select TWO.)
Compliance with data governance and legal requirements
Proximity to your customers
Question 3
-----------
Which statement best describes Amazon CloudFront?
A global content delivery service
The correct response option is A global content delivery service.
Amazon CloudFront is a content delivery service. It uses a network of edge locations to cache content and deliver content to customers all over the world. When content is cached, it is stored locally as a copy. This content might be video files, photos, webpages, and so on.
The other response options are incorrect because:
AWS Outposts is a service that enables you to run infrastructure in a hybrid cloud approach.
AWS Fargate is a serverless compute engine for containers.
Amazon Simple Queue Service (Amazon SQS) is a service that enables you to send, store, and receive messages between software components through a queue.
Question 4
-----------
Which site does Amazon CloudFront use to cache copies of content for faster delivery to users at any location?
Edge location
The correct response option is Edge location.
The other response options are incorrect because:
A Region is a separate geographical location with multiple locations that are isolated from each other.
An Availability Zone is a fully isolated portion of the AWS global infrastructure.
An origin is the server from which CloudFront gets your files. Examples of CloudFront origins include Amazon Simple Storage Service (Amazon S3) buckets and web servers. Note: Amazon S3 is explored later in this course.
Question 5
Which action can you perform with AWS Outposts?
Extend AWS infrastructure and services to your on-premises data center.
The correct response option is Extend AWS infrastructure and services to your on-premises data center.
The other response options are incorrect because:
The AWS Command Line Interface (AWS CLI) is used to automate actions for AWS services and applications through scripts.
The AWS Management Console includes wizards and workflows that you can use to complete tasks in AWS services.
Software development kits (SDKs) enable you to develop AWS applications in supported programming languages.
Module 4 Networking
Questions
1. Your company has an application that uses Amazon EC2 instances to run the customer-facing website and Amazon RDS database instances to store customers’ personal information. How should the developer configure the VPC according to best practices?
Place the Amazon EC2 instances in a public subnet and the Amazon RDS database instances in a private subnet.
2. Which component or service can be used to establish a private dedicated connection between your company’s data center and AWS?
AWS Direct Connect
3. Which statement best describes security groups?
They are stateful and deny all inbound traffic by default.
4. Which component is used to connect a VPC to the internet?
Internet gateway
5. Which service is used to manage the DNS records for domain names?
Amazon Route 53
Question1
Your company has an application that uses Amazon EC2 instances to run the customer-facing website and Amazon RDS database instances to store customers’ personal information. How should the developer configure the VPC according to best practices?
Place the Amazon EC2 instances in a public subnet and the Amazon RDS database instances in a private subnet.
Question2
Which component can be used to establish a private dedicated connection between your company’s data center and AWS?
AWS Direct Connect
Question3
Which statement best describes security groups?
They are stateful and deny all inbound traffic by default.
Question4
Which component is used to connect a VPC to the internet?
The correct response option is Internet gateway.
The other response options are incorrect because:
A public subnet is a section of a VPC that contains public-facing resources.
An edge location is a site that Amazon CloudFront uses to store cached copies of your content for faster delivery to customers.
A security group is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance.
Question5
Which service is used to manage the DNS records for domain names?
he correct response option is Amazon Route 53.
Amazon Route 53 is a DNS web service. It gives developers and businesses a reliable way to route end users to internet applications that host in AWS.
Another feature of Route 53 is the ability to manage the DNS records for domain names. You can transfer DNS records for existing domain names managed by other domain registrars. You can also register new domain names directly in Route 53.
The other response options are incorrect because:
Amazon Virtual Private Cloud (Amazon VPC) is a service that enables you to provision an isolated section of the AWS Cloud. In this isolated section, you can launch resources in a virtual network that you define.
AWS Direct Connect is a service that enables you to establish a dedicated private connection between your data center and VPC.
Amazon CloudFront is a content delivery service. It uses a network of edge locations to cache content and deliver content to customers all over the world.
Module 5 - Storage and Database
Question 1
1. Which Amazon S3 storage classes are optimized for archival data? (Select TWO.)
S3 Glacier
S3 Glacier Deep Archive
Note:
S3 Standard is a storage class that is ideal for frequently accessed data, not archival data.
S3 Intelligent-Tiering monitors access patterns of objects and automatically moves them between the S3 Standard and S3 Standard-IA storage classes. It is not designed for archival data.
S3 Standard-IA is ideal for data that is infrequently accessed but requires high availability when needed.
2. Which statement or statements are TRUE about Amazon EBS volumes and Amazon EFS file systems?
EBS volumes store data within a single Availability Zone. Amazon EFS file systems store data across multiple Availability Zones.
NOTE:
An EBS volume must be located in the same Availability Zone as the Amazon EC2 instance to which it is attached.
Data in an Amazon EFS file system can be accessed concurrently from all the Availability Zones in the Region where the file system is located.
3, You want to store data in an object storage service. Which AWS service is best for this type of storage?
Amazon Simple Storage Service (Amazon S3)
NOTE
Amazon Managed Blockchain is a service that you can use to create and manage blockchain networks with open-source frameworks. Blockchain is a distributed ledger system that lets multiple parties run transactions and share data without a central authority.
Amazon Elastic File System (Amazon EFS) is a scalable file system used with AWS Cloud services and on-premises resources. It does not store data as object storage.
Amazon Elastic Block Store (Amazon EBS) is a service that provides block-level storage volumes that you can use with Amazon EC2 instances.
4. Which statement best describes Amazon DynamoDB?
A serverless key-value database service
Note:
A service that enables you to run relational databases in the AWS Cloud describes Amazon Relational Database Service (Amazon RDS).
A service that you can use to migrate relational databases, nonrelational databases, and other types of data stores describes AWS Database Migration Service (AWS DMS).
An enterprise-class relational database describes Amazon Aurora
5. Which service is used to query and analyze data across a data warehouse?
Amazon Redshift
Note:
Amazon Neptune is a graph database service. You can use Amazon Neptune to build and run applications that work with highly connected datasets, such as recommendation engines, fraud detection, and knowledge graphs.
Amazon DocumentDB is a document database service that supports MongoDB workloads.
Amazon ElastiCache is a service that adds caching layers on top of your databases to help improve the read times of common requests.
Module 6 - Security
Question
Which statement best describes an IAM policy?
A document that grants or denies permissions to AWS services and resources
Note:
An IAM role is an identity that you can assume to gain temporary access to permissions.
Question
An employee requires temporary access to create several Amazon S3 buckets. Which option would be the best choice for this task?
IAM Role
Note
Although you can attach IAM policies to an IAM group,
Question
Which statement best describes the principle of least privilege?
Granting only the permissions that are needed to perform specific tasks
Question
Which service helps protect your applications against distributed denial-of-service (DDoS) attacks?
AWS Shield
NOTE
As network traffic comes into your applications, AWS Shield uses a variety of analysis techniques to detect potential DDoS attacks in real time and automatically mitigates them.
Amazon GuardDuty is a service that provides intelligent threat detection for your AWS infrastructure and resources. It identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.
Amazon Inspector checks applications for security vulnerabilities and deviations from security best practices, such as open access to Amazon EC2 instances and installations of vulnerable software versions.
AWS Artifact is a service that provides on-demand access to AWS security and compliance reports and select online agreements.
Question
Which task can AWS Key Management Service (AWS KMS) perform?
Create cryptographic keys.
In Module 6, you learned about the following concepts:
The shared responsibility model
Features of AWS Identity and Access Management - least prelivage -Users, Groups, Policy (Access/Deny), Roles (time Temporary) Federation, Multifactor authentication
Methods of managing multiple accounts in AWS Organizations (Manage multiple accounts hierarchical)
AWS compliance resources - Compliance /Artifacts
AWS services for application security and encryption in transit at risk -ddos, Security WAF/Shield
Module 7 - Monitoring and Analytics
Questions
Which actions can you perform using Amazon CloudWatch? (Select TWO.)
Monitor your resources’ utilization and performance
Access metrics from a single dashboard
Note:
Receiving real-time recommendations for improving your AWS environment can be performed by AWS Trusted Advisor.
Comparing your infrastructure to AWS best practices in five categories can be performed by AWS Trusted Advisor.
Question
Which service enables you to review the security of your Amazon S3 buckets by checking for open access permissions?
Note
Amazon CloudWatch is a web service that enables you to monitor and manage various metrics for the resources that run your applications.
AWS CloudTrail is a web service that enables you to review details for user activities and API calls that have occurred within your AWS environment.
Amazon GuardDuty is a service that provides intelligent threat detection for your AWS environment and resources. It identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.
QUESTION
Which categories are included in the AWS Trusted Advisor dashboard? (Select TWO.)
Performance
Fault tolerance
AWS Trusted Advisor continuously inspects your AWS environment and provides best practice recommendations across five categories: cost optimization, performance, security, fault tolerance, and service limits.
Module 8 Pricing and Support
Question 1
Which action can you perform with consolidated billing?
Combine usage across accounts to receive volume pricing discounts.
Note:
AWS Budgets - Review how much your predicted AWS usage will incur in costs by the end of the month
AWS Pricing Calculator - Create an estimate for the cost of your use cases on AWS
AWS Cost Explorer - Visualize and manage your AWS costs and usage over time
Question 2
Which pricing tool is used to visualize, understand, and manage your AWS costs and usage over time?
AWS Cost Explorer
Note:
AWS Pricing Calculator enables you to create an estimate for the cost of your use cases on AWS.
AWS Budgets enables you to create budgets to plan your service usage, service costs, and instance reservations. In AWS Budgets, you can also set custom alerts when your usage exceeds (or is forecasted to exceed) the budgeted amount.
The AWS Free Tier is a program that consists of three types of offers that allow customers to use AWS services without incurring costs: Always free, 12 months free, and Trials.
Question 3
Which pricing tool enables you to receive alerts when your service usage exceeds a threshold that you have defined?
AWS Budgets
The correct response option is AWS Budgets.
In AWS Budgets, you can set custom alerts that will notify you when your service usage exceeds (or is forecasted to exceed) the amount that you have budgeted.
Your budget can be based on costs or usage. For example, you can set an alert that will notify you when you have incurred $100.00 of costs in Amazon EC2 or 500,000 requests in AWS Lambda.
The other response options are incorrect because:
From the billing dashboard in the AWS Management Console, you can view details on your AWS bill, such as service costs by Region, month to date spend, and more. However, you cannot set alerts from the billing dashboard.
The AWS Free Tier is a program that consists of three types of offers that allow customers to use AWS services without incurring costs: Always free, 12 months free, and Trials.
AWS Cost Explorer is a tool that enables you to visualize, understand, and manage your AWS costs and usage over time.
Question 4
Your company wants to receive support from an AWS Technical Account Manager (TAM). Which support plan should you choose?
The correct response option is Enterprise.
A Technical Account Manager (TAM) is available only to AWS customers with an Enterprise Support plan. A TAM provides guidance, architectural reviews, and ongoing communication with your company as you plan, deploy, and optimize your applications.
Question 5
Which service or resource is used to find third-party software that runs on AWS?
The correct response option is AWS Marketplace.
AWS Marketplace is a digital catalog that includes thousands of software listings from independent software vendors. You can use AWS Marketplace to find, test, and buy software that runs on AWS.
The other response options are incorrect because:
The AWS Free Tier consists of offers that allow customers to use AWS services without incurring costs. These offers are related to AWS services, not third-party software that can be used on AWS.
AWS Support is a resource that can answer questions about best practices, assist with troubleshooting issues, help you to identify ways to optimize your use of AWS services, and so on.
You can use the billing dashboard in the AWS Management Console to view details such as service costs by Region, the top services being used by your account, and forecasted billing costs. From the billing dashboard, you can also access other AWS billing tools, such as AWS Cost Explorer, AWS Budgets, and AWS Budgets Reports.
Module 9 - Migration and Innovation
Question 1
What is the storage capacity of Snowball Edge Storage Optimized?
The correct response option is 80 TB.
Snowball Edge Storage Optimized is a device that enables you to transfer large amounts of data into and out of AWS. It provides 80 TB of usable HDD storage.
- Innovation with AWS
Innovate with AWS Services
When examining how to use AWS services, it is important to focus on the desired outcomes. You are properly equipped to drive innovation in the cloud if you can clearly articulate the following conditions:
The current state
The desired state
The problems you are trying to solve
Consider some of the paths you might explore in the future as you continue on your cloud journey.
Serverless applications
With AWS, serverless refers to applications that don’t require you to provision, maintain, or administer servers. You don’t need to worry about fault tolerance or availability. AWS handles these capabilities for you.
AWS Lambda is an example of a service that you can use to run serverless applications. If you design your architecture to trigger Lambda functions to run your code, you can bypass the need to manage a fleet of servers.
Building your architecture with serverless applications enables your developers to focus on their core product instead of managing and operating servers.
Artificial intelligence
AWS offers a variety of services powered by artificial intelligence (AI).
For example, you can perform the following tasks:
Convert speech to text with Amazon Transcribe.
Discover patterns in text with Amazon Comprehend.
Identify potentially fraudulent online activities with Amazon Fraud Detector.
Build voice and text chatbots with Amazon Lex.
Machine learning
Traditional machine learning (ML) development is complex, expensive, time consuming, and error prone. AWS offers Amazon SageMaker to remove the difficult work from the process and empower you to build, train, and deploy ML models quickly.
You can use ML to analyze data, solve complex problems, and predict outcomes before they happen.
Question 1
Which service enables you to quickly build, train, and deploy machine learning models?
Amazon SageMaker
The correct response option is Amazon SageMaker.
With Amazon SageMaker, you can quickly and easily begin working on machine learning projects. You do not need to follow the traditional process of manually bringing together separate tools and workflows.
Note:
Amazon Textract is a machine learning service that automatically extracts text and data from scanned documents.
Amazon Lex is a service that enables you to build conversational interfaces using voice and text.
AWS DeepRacer is an autonomous 1/18 scale race car that you can use to test reinforcement learning models.
In Module 9, you learned about the following concepts:
The AWS Cloud Adoption Framework
The six strategies for migration
The AWS Snow Family
Innovation with AWS services
Question 1
Which Perspective of the AWS Cloud Adoption Framework helps you structure the selection and implementation of permissions?
The correct response option is Security Perspective.
The Security Perspective of the AWS Cloud Adoption Framework also helps you to identify areas on non-compliance and plan ongoing security initiatives.
Note:
The Governance Perspective helps you to identify and implement best practices for IT governance and support business processes with technology.
The Operations Perspective focuses on operating and recovering IT workloads to meet the requirements of your business stakeholders.
The Business Perspective helps you to move from a model that separates business and IT strategies into a business model that integrates IT strategy.
Question 2
Which strategies are included in the six strategies for application migration? (Select TWO.)
The two correct response options are:
Retaining
Rehosting
The application migration strategies are rehosting, replatforming, refactoring/re-architecting, repurchasing, retaining, and retiring.
Question 3
What is the storage capacity of AWS Snowmobile?
The correct response option is 100 PB.
AWS Snowmobile is a service that is used for transferring up to 100 PB of data to AWS. Each Snowmobile is a 45-foot long shipping container that is pulled by a semi trailer truck.
Question 4
Which statement best describes Amazon Lex?
A service that enables you to build conversational interfaces using voice and text
Note:
A machine learning service that automatically extracts text and data from scanned document describes Amazon Textract.
A document database service that supports MongoDB workloads describes Amazon DocumentDB.
A service that enables you to identify potentially fraudulent online activities describes Amazon Fraud Detector.
Module 10 - The Cloud Journey
Module 10 The Cloud Journey
Learning objectives
In this module, you will learn how to:
Summarize the five pillars of the Well-Architected Framework.
Explain the six benefits of cloud computing.
The five pillars of the AWS Well-Architected Framework:
- Operational excellence
- Security
- Reliability
- Performance efficiency
- Cost optimization
Six advantages of cloud computing:
- Trade upfront expense for variable expense.
- Benefit from massive economies of scale.
- Stop guessing capacity.
- Increase speed and agility.
- Stop spending money running and maintaining data centers.
- Go global in minutes.
TAKEAWAYS
AWS services
AWS Terminology
6 main benefits of using the AWS cloud
6 ADVANTAGES OF CLOUD COMPUTING:- Trade upfront expense for variable expense.
- Benefit from massive economies of scale.
- Stop guessing capacity.
- Increase speed and agility.
- Stop spending money running and maintaining data centers.
- Go global in minutes.
Question:
Which process is an example of benefiting from massive economies of scale?
Receiving lower pay-as-you-go prices as the result of AWS customers’ aggregated usage of services
NOTE
Deploying an application in multiple Regions around the world: This process is an example of Go global in minutes.
Paying for compute time as you use it instead of investing upfront costs in data centers: This process is an example of Trade upfront expense for variable expense.
Scaling your infrastructure capacity in and out to meet demand: This process is an example of Stop guessing capacity.
Question
1. Which pillar of the AWS Well-Architected Framework includes the ability to run workloads effectively and gain insights into their operations?
Operational Excellence
NOTE
The Cost Optimization pillar focuses on the ability to run systems to deliver business value at the lowest price point.
The Performance Efficiency pillar focuses on using computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve.
The Reliability pillar focuses on the ability of a workload to consistently and correctly perform its intended functions.
Question
2. What are the benefits of cloud computing? (Select TWO.)
Increase speed and agility.
Stop spending money running and maintaining data centers.
Notes -
CloudWatch- Performance Metrics/Logs/Events/Alerts
Realtime monitoring of AWS resources and customer applications running on Amazon Infrastructure
Basic Monitoring - -It's free, -It polls every 5 mns, -Very few metrics
Detailed Monitoring - - It's charged, - It polls every 1 mins, - Wide range of Metrics
Amazon CloudWatch is a web service that enables you to monitor and manage various metrics for the resources that run your applications.
CloudTrail - Auditing Login, API calls
Service that enable governance, compliance, operational auditing and risk auditing of your AWS account
AWS CloudTrail is a web service that enables you to review details for user activities and API calls that have occurred within your AWS environment.
AWS Trusted Advisor - Performance, Security
AWS Inspector - Vulerability scanning
AWS GuardDuty - VPC logs, Cloudtrail eventlogs, dns logs,
Amazon GuardDuty is a service that provides intelligent threat detection for your AWS environment and resources. It identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.
AWS Shield Standard and AWS Shield Advanced - DDoS Protection
https://www.youtube.com/watch?v=N4DdqAkeqD4&list=PLxzKY3wu0_FL4VDfuCohtikXTQNTvKQVX
Amazon Trusted Advisor
Automated security assessment service to help improve the security and compliance of applications deployed on AWS
Vulnerability scanning
1. Which AWS service provides you on-demand access to AWS security and compliance report and select online agreements?
AWS Artifact
2. Which AWS Business Intelligence (BI) Service deliver easy to understand insight to the people who you work iwth where ever they are?
Amazon Quick Sight
3. Amazon Kinesis - Amizon keness makes it easy to collect, process and analyze video and data streeem in real time.
AWS Foundation Services- Database
RDS - Managed relational Database in AWS cloud that you can launch in minutes with a few clicks
Aurora - Fully managed MYSQL compatible relational Database with 5X performance and Enterprise level features
DynamoDB - A managed NoSQL database offering extremely fast performance, elastic scability and reliability
RedShift - Fast, fully managed petabyte scale data warehouse at less that thents of the cost of traditional solutions.
ElasticCache - Deploy, operate and scale in-memory cache in AWS cloud that supports Redis and memcached
Data Base Services - migrate your database to the cloud easly. Inspensive with zero downtime
Amazon Relational Database Service (Amazon RDS) and Amazon Aurora use structured query language (SQL) to store and query data. They are not key-value databases.
Amazon DocumentDB is a document database service that supports MongoDB workloads.
https://www.youtube.com/watch?v=YVe9amljgaw
AWS Snowball is a device that enables you to transfer large amounts of data into and out of AWS.
Amazon ElastiCache is a service that adds caching layers on top of your databases to help improve the read times of common requests.
Amazon Route 53 is a DNS web service. It gives developers and businesses a reliable way to route end users to internet applications that are hosted in AWS. Additionally, you can transfer DNS records for existing domain names that are currently managed by other domain registrars or register new domain names directly in Amazon Route 53.
Amazon CloudFront is a content delivery service. It uses a network of edge locations to cache content and deliver content to customers all over the world.
A virtual private gateway enables you to establish a virtual private network (VPN) connection between your VPC and a private network, such as an on-premises data center or internal corporate network. A virtual private gateway allows traffic into the VPC only if it is coming from an approved network.
An internet gateway is a connection between a VPC and the internet. It allows public traffic from the internet to access a VPC.
The Operational Excellence pillar includes the ability to run workloads effectively, gain insights into their operations, and continuously improve supporting processes to deliver business value.
The Security pillar focuses on protecting data, systems, and assets. It also focuses on using cloud technologies to improve the security of your workloads.
The Reliability pillar focuses on the ability of a workload to consistently and correctly perform its intended functions.
