AWS Solutions Architect Exam - SAA-C03
39 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary focus of the course mentioned?

  • Basic IT skills development
  • Advanced database management
  • Solutions Architect exam preparation (correct)
  • Cloud service pricing strategies
  • Which of the following AWS services content will be covered in the course?

  • AWS services only for developers
  • Only database services
  • Over 30 AWS services (correct)
  • Only services relevant to EC2
  • Who is the instructor for the course?

  • Stephane Maarek, a veteran instructor on AWS (correct)
  • An anonymous cloud expert
  • A beginner-level IT consultant
  • A current AWS Solutions Architect with no teaching experience
  • What basic requirement is suggested for participants of the course?

    <p>Basic IT knowledge</p> Signup and view all the answers

    What unique content does the course include?

    <p>Videos from various AWS-related courses</p> Signup and view all the answers

    What type of MFA device is provided by Gemalto for AWS?

    <p>Hardware Key Fob MFA Device</p> Signup and view all the answers

    Which of the following is a way to access AWS directly through command-line tools?

    <p>AWS Command Line Interface (CLI)</p> Signup and view all the answers

    What are access keys in AWS similar to?

    <p>Username and password</p> Signup and view all the answers

    Which of these statements about access keys is correct?

    <p>They are generated through the AWS Management Console.</p> Signup and view all the answers

    What is the function of the AWS CLI?

    <p>Enable interaction with AWS services using commands</p> Signup and view all the answers

    What does the Secret Access Key in AWS function as?

    <p>Account verification password</p> Signup and view all the answers

    Which of these is NOT an option for accessing AWS?

    <p>AWS File Transfer Protocol (FTP)</p> Signup and view all the answers

    Who manages their own access keys in AWS?

    <p>All AWS users</p> Signup and view all the answers

    What type of storage must the root volume be for an instance?

    <p>EBS, encrypted, and large</p> Signup and view all the answers

    Which of the following statements about EBS volumes is true?

    <p>EBS volumes can persist data after instance termination.</p> Signup and view all the answers

    What is the maximum duration an instance can be hibernated?

    <p>60 days</p> Signup and view all the answers

    Which statement correctly describes an EBS (Elastic Block Store) volume?

    <p>It functions like a network drive and is bound to an availability zone.</p> Signup and view all the answers

    What type of EBS storage is offered as part of the free tier?

    <p>General Purpose (SSD) or Magnetic up to 30 GB</p> Signup and view all the answers

    What is the primary cost structure of On-Demand Instances?

    <p>Pay by second for Linux and Windows, hourly for others</p> Signup and view all the answers

    Which type of EC2 instance is best suited for unpredictable, short workloads?

    <p>Spot Instances</p> Signup and view all the answers

    What is a key feature of Convertible Reserved Instances?

    <p>They allow changes to instance type, family, and OS</p> Signup and view all the answers

    For how long can a Reserved Instance be purchased?

    <p>1 year or 3 years</p> Signup and view all the answers

    Which of the following is NOT a benefit of Reserved Instances?

    <p>Higher cost compared to On-Demand</p> Signup and view all the answers

    What distinguishes Dedicated Hosts from Dedicated Instances?

    <p>Dedicated Hosts allow for instance placement control</p> Signup and view all the answers

    What is a key characteristic of Savings Plans?

    <p>They provide savings in exchange for a commitment to an amount of usage</p> Signup and view all the answers

    What type of billing system is used for Linux and Windows On-Demand Instances?

    <p>Billing per second after the first minute</p> Signup and view all the answers

    What is the default status of inbound traffic in security groups?

    <p>All inbound traffic is blocked</p> Signup and view all the answers

    Which port is used for Secure Shell (SSH) access in security groups?

    <p>22</p> Signup and view all the answers

    In a security group, what can rules reference?

    <p>By both IP addresses and other security groups</p> Signup and view all the answers

    What is the primary function of a security group in relation to EC2 instances?

    <p>To act as a firewall regulating inbound and outbound traffic</p> Signup and view all the answers

    If your application times out, what could be the cause?

    <p>A security group misconfiguration</p> Signup and view all the answers

    Which of the following is NOT typically controlled by a security group?

    <p>Performance of the EC2 instance</p> Signup and view all the answers

    For SSH access, which security group rule would you implement?

    <p>Allow inbound traffic on port 22</p> Signup and view all the answers

    What is a common misconception regarding outbound traffic in security groups?

    <p>Outbound traffic is authorized by default</p> Signup and view all the answers

    How many instances can a single security group be attached to?

    <p>Multiple instances</p> Signup and view all the answers

    Which port is associated with HTTP traffic?

    <p>80</p> Signup and view all the answers

    What does it mean if an application gives a 'connection refused' error?

    <p>The application is not running or has not been launched</p> Signup and view all the answers

    Which of the following protocols has a corresponding port of 443?

    <p>HTTPS</p> Signup and view all the answers

    What does a security group primarily restrict?

    <p>Traffic to and from an EC2 instance</p> Signup and view all the answers

    Study Notes

    AWS Solutions Architect Exam - SAA-C03

    • The course is designed for the AWS Solutions Architect - Associate exam (SAA-C03).
    • Basic IT knowledge is required.
    • The course will cover over 30 AWS services.
    • The course includes videos from the Cloud Practitioner, Developer and SysOps courses, as well as videos specific to the Solutions Architect exam.

    Instructor

    • The instructor is Stephane Maarek, an AWS Solutions Architect and veteran instructor.
    • He worked as an IT consultant and has built websites, apps, and streaming platforms using AWS.
    • You can find him on GitHub, LinkedIn, Medium, and Twitter.

    Multi-Factor Authentication (MFA) in AWS

    • MFA devices can be hardware key fobs.
    • Gemalto and SurePassID are third-party providers for hardware key fobs.
    • Hardware key fobs are available for AWS GovCloud (US).

    Accessing AWS

    • You can access AWS through the AWS Management Console, AWS Command Line Interface (CLI), or AWS Software Development Kit (SDK).
    • The Management Console is protected by passwords and MFA.
    • The CLI and SDK are protected by access keys.
    • Access keys are generated through the AWS Console.
    • Users manage their own access keys.
    • Access keys are secret and should not be shared.
    • Access Key ID is similar to a username.
    • Secret Access Key is similar to a password.

    AWS Command Line Interface (CLI)

    • The CLI is a tool that allows you to interact with AWS services using commands in your command-line shell.
    • It provides direct access to the public APIs of AWS services.
    • You can develop scripts to manage your resources.
    • It is open-source and available on GitHub.
    • The CLI is an alternative to the AWS Management Console.

    AWS Software Development Kit (SDK)

    • The SDK allows you to manage and interact with AWS services programmatically.
    • You can use the SDK to develop applications that interact with AWS services.
    • It is an alternative to manually making API calls.

    Security Groups

    • Security groups act as a firewall on EC2 instances.
    • They regulate access to ports, authorized IP ranges, and control inbound and outbound network traffic.
    • Security groups have rules that define what traffic is allowed in and out of the EC2 instance.
    • Security groups can be attached to multiple instances.
    • Security groups are locked down to a specific region and VPC combination.
    • They live outside the EC2 instances.
    • All inbound traffic is blocked by default.
    • All outbound traffic is authorized by default.

    EC2 Instance Purchasing Options

    • On-Demand Instances: - Short workload, predictable pricing, pay by second
    • Reserved Instances (1 & 3 years): - Long workloads, discount, upfront payment commitment
      • Conver tible Reserved Instances: - Flexible instance type, family, OS, scope, and tenancy
    • Savings Plans (1 & 3 years): - Commitment to an amount of usage, long workload, discount
    • Spot Instances: - Short workloads, cheap, can lose instances (less reliable)
    • Dedicated Hosts: - Book an entire physical server, control instance placement
    • Dedicated Instances: - No other customers share your hardware
    • Capacity Reservations: - Reserve capacity in a specific Availability Zone for any duration

    EC2 Instance Purchasing Option Details

    • On-Demand Instances: Pay for what you use, highest cost, no upfront payment, no long-term commitment. Recommended for short-term and uninterrupted workloads.
    • Reserved Instances: Up to 72% discount compared to On-Demand, long-term commitment. Recommended for steady-state usage applications. Can be bought and sold in the Reserved Instance Marketplace.

    EC2 Instance Storage

    • Instance Store: - Temporary storage that is lost when the instance terminates.
    • Elastic Block Store (EBS): - Persistent storage that is not lost when the instance terminates. Can be mounted to only one instance at a time and are bound to a specific Availability Zone.

    EBS Volume

    • An EBS volume is a network drive that can be attached to your instances while they run.
    • It allows instances to persist data even after termination.
    • Only one instance can be mounted at the same time.
    • Bound to a specific Availability Zone.
    • Free tier: 30 GB of free EBS storage per month.
    • Analogous to a "network USB stick".

    Classic Ports

    • 22: SSH (Secure Shell) - log into a Linux instance
    • 21: FTP (File Transfer Protocol) – upload files into a file share
    • 22: SFTP (Secure File Transfer Protocol) – upload files using SSH
    • 80: HTTP – access unsecured websites
    • 443: HTTPS – access secured websites
    • 3389: RDP (Remote Desktop Protocol) – log into a Windows instance

    SSH Summary Table

    • Mac/Linux: Use SSH
    • Windows < 10: Use Putty
    • Windows >= 10: Use SSH or Putty
    • EC2 Instance Connect: Use EC2 Instance Connect tool

    SSH Troubleshooting

    • If SSH doesn't work, try these steps:
      • Make sure your security group allows inbound traffic on port 22.
      • Verify your EC2 instance's status and ensure it is running.
      • Confirm that you are using the correct SSH credentials.
      • Ensure that the SSH client you are using is properly configured.

    Important to Remember

    • An instance can NOT be hibernated more than 60 days.
    • The root volume for an instance must be EBS, encrypted, not instance store, and large.
    • Instance storage is temporary and is lost when the instance shuts down.
    • An EBS volume can be attached to only one instance at a time.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Description

    This quiz is designed to help you prepare for the AWS Solutions Architect - Associate exam (SAA-C03). It covers over 30 AWS services, including access methods like Management Console, CLI, and SDK. With insights from an experienced instructor, you will enhance your understanding of AWS and Multi-Factor Authentication (MFA).

    More Like This

    Use Quizgecko on...
    Browser
    Browser