AWS Cost and Security Overview

Questions and Answers

Which service allows organizations to create and manage catalogs of IT services approved for use on AWS?

AWS Organizations

AWS CloudFormation

AWS Resource Explorer

AWS Service Catalog (correct)

What is a primary function of AWS Service Catalog in relation to IaC templates?

Central management and governance of IaC templates (correct)

Backup and recovery of IaC templates

Creation of runtime environments for IaC templates

Automatic generation of IaC templates

Which of the following best describes the compliance capabilities of AWS Service Catalog?

It does not support compliance management.

It ensures compliance requirements are met while managing cloud resource deployments. (correct)

It allows for manual compliance audits only.

It provides automatic compliance checking only at deployment.

Which AWS service is designed for account management across multiple AWS accounts?

AWS Organizations

In which format are Infrastructure as Code (IaC) templates commonly written to be used with AWS Service Catalog?

CloudFormation and Terraform

What is the primary function of Amazon Inspector?

To detect security vulnerabilities in applications

Which of the following best describes Amazon Inspector's scanning capabilities?

Scans for software vulnerabilities and network exposure

What does Amazon Inspector produce after completing an assessment?

A detailed list of security findings prioritized by severity

In which environment does Amazon Inspector primarily operate?

Cloud environments on AWS

Which aspect of security is NOT a focus of Amazon Inspector?

Managing user access controls

How does Amazon Inspector enhance security for AWS applications?

By providing automated vulnerability assessments

What is a significant benefit of using Amazon Inspector?

It identifies security vulnerabilities and compliance deviations

What does Amazon Inspector prioritize in its findings?

Severity of the security issues

Which type of deployment does Amazon Inspector assess?

Infrastructure that does not adhere to best practices

What is AWS Fargate primarily used for?

Running containers without managing infrastructure

Which of the following tasks does AWS Fargate simplify?

Cluster management and task scheduling

How does AWS Fargate affect billing for resources?

You specify and pay for resources per application

Which of the following statements about AWS Fargate is true?

It allows users to focus on deploying and managing containers.

What advantage does AWS Fargate provide regarding scalability?

It handles scaling automatically without user input.

Why might companies choose AWS Fargate over traditional EC2 instances for container management?

It simplifies container management by abstracting infrastructure complexities.

What infrastructure management tasks does AWS Fargate take care of?

Cluster management and environment maintenance

Which feature does AWS Fargate NOT provide?

Direct control over the underlying EC2 instances

In which situation is AWS Fargate most beneficial?

For rapidly deploying applications without managing servers.

What type of service is AWS Fargate categorized as?

Serverless Compute Service

What is one of the activities related to a Snowball Edge device that incurs no cost for the company?

The transfer of data from the Snowball Edge appliance into Amazon S3

Which of the following options is not a cost-free action when using an Amazon Snowball Edge device?

Use of the Snowball Edge appliance after the first 10-day period

How long can a company use the Snowball Edge appliance at no cost?

10 days

Which action related to the Snowball Edge device would typically involve a fee?

Transferring data from the Snowball Edge appliance back to on-premises

Which of the following correctly describes the transfer of data out of Amazon S3?

It incurs a cost based on the amount of data transferred

What is the main purpose of using an Amazon Snowball Edge device for a company?

To transfer large volumes of data to the AWS Cloud efficiently

What may be a consideration for a company when using the Snowball Edge appliance for longer than the specified free period?

Incurring additional costs for extended use

What is the primary function of AWS Storage Gateway?

To connect on-premises applications with cloud-based storage

Which of the following best describes the file gateway in AWS Storage Gateway?

It interfaces directly with Amazon S3

What is a key benefit of using an AWS Storage Gateway file gateway?

It allows users to access files as if they were stored locally

How does AWS Storage Gateway enhance administration and scalability?

By reducing the need for user-specific configurations

Which statement accurately reflects the performance characteristics of AWS Storage Gateway?

It provides low-latency access while maintaining local performance

Why is it advantageous to connect user workstations to an AWS Storage Gateway file gateway?

It extends on-premises file storage to the cloud seamlessly

What is a major operational aspect of utilizing AWS Storage Gateway?

Management of multiple S3 buckets can be avoided

What kind of applications does AWS Storage Gateway primarily connect?

On-premises applications

In addition to file access, what is another core function of an AWS Storage Gateway file gateway?

It offers centralized management of storage

Which of the following is true regarding the S3 integration of AWS Storage Gateway?

It provides a bridge between cloud storage and local file systems

Study Notes

Snowball Edge Device Cost Considerations

• Transferring data from the Snowball Edge device to Amazon S3 is free.
• Using the device for up to ten days is not free
• Transferring data out of Amazon S3 to the Snowball Edge device is not free

AWS Services for Security and Compliance

• Amazon Inspector: An automated vulnerability management service that scans AWS resources for vulnerabilities and deviations from best practices.
• AWS Storage Gateway: Connects on-premises applications to Amazon S3 storage.
  • Includes a file gateway.
  • Enables consistent access to data, simplifying administration.
  • Lowers latency while retaining local access performance
• AWS Fargate: A serverless compute engine for containers, abstracting infrastructure management from the user.
• AWS Service Catalog: Facilitates centralized management and governance of IT services, including infrastructure as code (IaC) templates.
  • Allows for control of access, ensuring compliance, and managing deployed services.
• AWS Resource Explorer: Aids in exploring and querying AWS resources.
• AWS Organizations: Consolidates multiple AWS accounts into a single organization for centralized management.
• AWS Systems Manager: Manages AWS infrastructure at scale, useful for operational tasks but not specifically for governance of infrastructure as code.

Description

This quiz covers key considerations for the costs associated with the AWS Snowball Edge device and highlights important AWS services for security and compliance. Understand data transfer costs and learn about various AWS tools that help manage security vulnerabilities and storage solutions.