AWS Services and Architecture Principles

Questions and Answers

Which feature of AWS IAM allows developers to programmatically access AWS services?

SSH keys

Access keys (correct)

API keys

User names/Passwords

What is the primary purpose of Amazon S3?

To provide virtual machines on demand

To manage relational databases

To offer scalable object storage (correct)

To facilitate message queuing

What is the maximum size of an object that can be stored in Amazon S3?

10 TB

1 TB

100 GB

5 TB (correct)

What is the primary role of APN Consulting Partners?

They assist customers with design and management of AWS workloads.

Distributing workloads across multiple Availability Zones supports which cloud architecture design principle?

Design for failure.

Which AWS service focuses on enabling users to skip managing physical servers?

Amazon Glacier

What service does AWS IAM provide for managing user access?

Access control policies

Which AWS services can host a Microsoft SQL Server database? (Select two)

Amazon Relational Database Service (Amazon RDS)

What is the benefit of using multiple Availability Zones in cloud architecture?

To create redundancy and increase reliability.

Which of the following AWS services is designed for temporary storage of data?

Amazon EC2 Instance Store

Which statement about Availability Zones is accurate?

Each Availability Zone is engineered to be independent from failures.

What type of access does a user need to execute AWS CLI commands?

Programmatic access

In which aspect does Amazon Redshift primarily operate?

Data warehousing

How can multiple users access data from Amazon S3 concurrently?

Through high scalability features

What is a primary feature of Amazon S3?

Persistent storage with managed data integrity.

Which of the following principles is NOT associated with cloud design?

Restrict accessibility.

What is the primary role of a Virtual Private Gateway in AWS?

To act as a connection point for on-premises VPNs

Which service should a company consider for a self-hosted database needing nightly shutdown for maintenance?

Amazon RDS

Which of the following is NOT included in the AWS Total Cost of Ownership (TCO) calculation?

Cloud migration

What is the primary function of AWS Route 53 Resolver Endpoints?

To enable DNS queries from on-premises to AWS domains

What differentiates the Classic Load Balancer from other load balancers in AWS?

It distributes traffic at both Layer 4 and Layer 7

Which aspect of security is described as a shared responsibility between AWS and the customer?

Compliance with regulatory standards

What characteristic best describes Amazon S3 storage?

It provides highly-scalable binary object storage

Which AWS service is primarily used for monitoring and logging metrics?

Amazon CloudWatch

What is the primary benefit of using loosely coupled components in IT system design?

It minimizes the risk of cascade failure across components.

Which method can enhance security for IAM users on AWS?

Using Multi-Factor Authentication (MFA).

What should be avoided to enhance security for AWS resources?

Allowing personal devices to store IAM user credentials.

How can data loss be prevented during service disruptions?

By implementing frequent backups.

What role do groups play in the AWS IAM service?

They simplify the assignment of permissions to IAM users.

Which of the following actions is recommended for managing IAM user access?

Implementing log monitoring for user activities.

What is a primary characteristic of a well-designed IT system as complexity increases?

The ability to break down into loosely coupled components.

Which of the following is NOT a best practice for AWS Identity and Access Management?

Sharing root user credentials among team members.

What is the recommended method for a customer to achieve volume discounts while using multiple AWS accounts?

Use the consolidated billing feature from AWS Organizations.

Which of the following services is categorized as Infrastructure as a Service (IaaS)?

Amazon Elastic Compute Cloud (EC2)

What role does AWS Organizations play for customers managing multiple AWS accounts?

It allows customers to govern and manage their AWS resources as they scale.

Why is it important for customers to perform security management tasks for EC2 instances?

To prevent unauthorized access and ensure data protection.

What advantage does signing up for Reserved Instance pricing provide?

Guaranteed fixed pricing regardless of usage.

Which AWS service is identified as a managed Domain Name System (DNS) web service?

Amazon Route 53

In the context of security responsibilities, what is required of customers deploying Amazon EC2 instances?

They are responsible for the management of the guest operating system.

What capability does AWS Organizations offer to administrators managing multiple accounts?

It enables programmatic creation of new AWS accounts and resource allocation.

Which factors might affect a customer's choice of AWS Region for deploying a new application? (Choose two.)

Data sovereignty compliance

What is NOT a consideration when selecting an AWS Region for application deployment?

Support for multiple programming languages

Which of the following can influence the costs of AWS services across different regions?

Costs, taxes, and manpower for physical infrastructure

Which option directly impacts end-user experience in relation to AWS Region selection?

Reduced latency to users

Why might a customer prioritize data sovereignty compliance when choosing an AWS Region?

To comply with legal regulations regarding data storage

How can regional cooling costs affect a customer's decision regarding AWS services?

They influence the total operational costs of hosting the application.

Which choice is most likely to be a secondary factor when selecting an AWS Region?

The application's support for various languages

What could be a consequence of neglecting data sovereignty when selecting an AWS Region?

Potential legal action and penalties

Study Notes

AWS Service Catalogue

• APN Consulting Partners are professional services firms that help customers design, build, migrate, and manage workloads on AWS.

Cloud Architecture Design Principles

• Distributing workloads across multiple Availability Zones supports the design for failure principle. Multiple AZs reduce single points of failure.

AWS Databases

• Amazon EC2 and Amazon Relational Database Service (RDS) can host Microsoft SQL Server databases.
• Amazon Aurora and Amazon Redshift are other database services.
• Amazon S3 provides object storage, not database hosting.

AWS Total Cost of Ownership (TCO)

• TCO comparisons include project management, data center security, and software development costs, but not antivirus software licensing.

Database Maintenance

• For nightly shutdowns, Amazon Redshift is not ideal. Other services may be more suitable for scheduled downtime.

Loose Coupling in IT Systems

• As application complexity grows, loosely coupled components are desirable. Independent components reduce interdependencies and prevent cascading failures.

IAM Security Methods

• Employ Multi-Factor Authentication (MFA) for IAM user security.
• Use Security Groups for access blocking.
• Locking account root user access keys is important.
• Use individual IAM users within security groups.

AWS CLI Access

• Developers can access AWS services via API keys. Access keys and User names/passwords are used for programmatic access.

AWS Account Consolidation

• Using AWS Organizations and the consolidated billing feature allows leveraging volume discounts across multiple accounts.

AWS DNS Service

• Amazon Route 53 is an AWS managed DNS web service.

AWS Region Selection Factors

• Reduced latency to users and data sovereignty compliance influence region selection.
• Physical location and regional costs are important considerations.

Description

Test your knowledge on AWS services, database management, and cloud architecture principles. This quiz covers key topics like TCO, database maintenance, and the importance of loose coupling in IT systems. Perfect for those looking to enhance their understanding of cloud technologies!