Understanding Cloud Computing Basics

Questions and Answers

What benefit does the cloud computing model offer to businesses regarding new solutions?

• Quicker implementation and lower upfront costs. (correct)
• Guaranteed higher performance levels compared to traditional infrastructure.
• Reduced reliance on internal IT support teams.
• Simplified compliance with industry-specific regulations.

In the context of cloud computing, what does the on-demand nature of resources primarily enable?

• Unlimited access to cutting-edge technology regardless of subscription tier.
• Selection, provisioning, and termination of resources based on immediate needs, paying only for what is used. (correct)
• Automatic failover to secondary regions in case of an outage.
• Predictable long-term cost management for all IT resources.

Which deployment model would an organization choose if it wanted to maintain dedicated resources while still leveraging some benefits of cloud computing?

• Legacy IT Infrastructure
• Hybrid (correct)
• Cloud
• On-premises

How do AWS services facilitate cost savings based on economies of scale?

By leveraging aggregated usage from all customers to achieve higher economies of scale and passing the savings on. (C)

Which statement best describes the relationship between Availability Zones and data centers in AWS?

An Availability Zone consists of one or more data centers, providing fault tolerance and scalability. (A)

What is the primary purpose of AWS CloudFront?

To distribute content to end-users with low latency through a content delivery network (CDN). (C)

What does AWS Trusted Advisor provide to its users?

Real-time guidance and recommendations for provisioning resources by following AWS best practices. (B)

In the AWS Shared Responsibility Model, which of the following is a customer's responsibility?

Ensuring the encryption of data at rest and in transit. (D)

What is the key benefit of using AWS Identity and Access Management (IAM)?

Centralized management of user identities and permissions to AWS resources. (A)

What is the primary purpose of AWS Organizations?

To consolidate and centrally manage multiple AWS accounts under a single organization. (B)

What is the main benefit of using Amazon EC2 Auto Scaling?

It automatically adjusts the number of EC2 instances based on demand. (D)

Which cost optimization strategy allows you to save up to 75% compared to on-demand capacity by committing to a specific instance type for a specific period?

Reserved Instances (D)

What is the correct definition for the Web Services concept?

Piece of software that makes itself available over the internet and uses a standardized format. (B)

What does the AWS Cloud Adoption Framework (CAF) help organizations achieve when migrating to the AWS Cloud?

Identify gaps in skills and processes and accelerate successful cloud adoption. (A)

Which AWS service is best suited for long-term, low-cost data archiving?

Amazon S3 Glacier (B)

Which of the following is a key characteristic of Amazon DynamoDB?

It is a NoSQL database that delivers single-digit millisecond performance at any scale. (D)

Which AWS service allows you to create a private network within the AWS Cloud?

Amazon Virtual Private Cloud (VPC) (C)

When securing a new AWS account, after enabling multi-factor authentication (MFA), which action should be taken?

Delete account root user access keys. (C)

From the people perspective for people managers, what can the AWS Cloud Adoption Framework (CAF) be used for?

Outline needs and gaps. (B)

If an organization wants to ensure it meets security objectives for visibility, auditability, control, and agility, what perspective can they use.

Security perspective (C)

When selecting the AWS region, what is it important to consider?

All options (C)

Besides the compute and the storage drivers of cost, what other cost driver exist with AWS?

Amount of data transferred (A)

What provides the ability to operate applications and databases that are more highly available, fault-tolerant, and scalable than would be possible with a single data center?

AWS Availability zones (D)

Under the shared responsibility Model, AWS is responsible for which of the following?

Physical security of data centers (B)

Which AWS service analyzes your AWS environment and provides real-time guidance and recommendations to help you provision your resources by following AWS best practices?

AWS Trusted Advisor (B)

Which of the following is a service by AWS whose licensing model is typically subscription or pay as you go and customers do not need to manage the infrastructure that supports the service?

SAAS (D)

Which of the following is considered a compute service?

AWS Lambda (B)

A company needs to monitor the configurations of their AWS resources continuously and receive notifications of any changes. Which AWS service can help achieve this?

AWS Config (A)

An organization wants to create a billing report that provides information about their use of AWS resources and estimated costs, updated at least once per day. Which service can provide this?

AWS Cost and Usage Report (D)

What is the primary use case for the AWS Key Management Service (AWS KMS)?

To create and manage encryption keys used to protect data. (A)

What is the difference between the AWS virtual private cloud (VPC) and the Elastic Load Balancing?

Virtual Private Cloud (Amazon VPC) enables you to provision logically isolated sections of the AWS Cloud and ELB automatically distributes incoming application traffic. (C)

What are the correct characteristic for the Amazon Elastic Kubernetes Service (Amazon EKS)?

Makes it easy to deploy, manage, and scale containerized applications that use Kubernetes on AWS. (C)

How does Amazon Aurora enhance database performance compared to standard MySQL databases?

It is up to five times faster than standard MySQL databases. (B)

What level of granularity can the identity Access Management control?

Compute, storage, database, and application services. (C)

What kind of policy do you attach to a Principal?

Identity-based policies (C)

What kind of access to users require an access key ID and a secret access key?

Programmatic access (B)

Why must you ensure data encryption?

so that it is unreadable to anyone who does not have access to the secret key that can be used to decode it. (A)

What is Transport Layer Security's previous name?

Secure Sockets Layer (A)

Flashcards

Cloud Computing

On-demand delivery of compute power, database, storage, applications, and other IT resources via the internet, with pay-as-you-go pricing.

Cloud Deployment

A cloud deployment model where an application is fully deployed in the cloud. All parts of the application run in the cloud.

Hybrid Deployment

A cloud deployment model that connects infrastructure and applications between cloud-based resources and existing resources not in the cloud.

On-Premises Deployment

Deploying resources on-premises using virtualization and resource management tools. Doesn't offer many cloud benefits, but provides dedicated resources.

AWS Security Similarities

AWS security groups, network access control lists, and AWS Identity and Access Management which are similar to firewalls, access control lists, and administrators in a traditional IT setup.

AWS

AWS service offering a broad set of global cloud-based products.

Web Services

Software that makes itself available over the internet and uses a standardized format for requests/responses.

Go Global in Minutes

Enables you to deploy your application in multiple AWS Regions around the world with just a few clicks, providing lower latency and better experience.

AWS Pricing Calculator

Estimate monthly costs of AWS services, identify cost-reduction opportunities, and model solutions before building them.

AWS Region

A physical geographical area with one or more Availability Zones.

Availability Zone

Provides the ability to operate applications and databases that are highly available, fault-tolerant, and scalable. Can include multiple data centers.

Regional Edge Caches

Used by default with Amazon CloudFront. They are used when you have content that is not accessed frequently enough to remain in an edge location.

Elastic and Scalable

Resources can dynamically adjust to increases or decreases in capacity requirements. It can also rapidly adjust to accommodate growth.

Fault Tolerant

It has built-in component redundancy which enables it to continue operations despite a failed component.

Amazon S3

A storage service that offers scalability, data availability, security, and performance. Use it to store and protect any amount of data

Amazon EBS

High-performance block storage designed for use with Amazon EC2 for both throughput and transaction intensive workloads.

Amazon EFS

A scalable, fully managed elastic Network File System (NFS) file system for use with AWS Cloud services and on-premises resources.

Amazon S3 Glacier

A secure, durable, and extremely low-cost Amazon S3 cloud storage class for data archiving and long-term backup.

Amazon EC2

Provides resizable compute capacity as virtual machines in the cloud.

Amazon EC2 Auto Scaling

Enables you to automatically add or remove EC2 instances container orchestration service that supports Docker container.

Amazon ECS

A highly scalable, high-performance container orchestration service that supports Docker containers.

AWS Fargate

A compute engine for Amazon ECS that allows you to run containers without having to manage servers or clusters.

Amazon RDS

Makes it easy to set up, operate, and scale a relational database in the cloud.

Amazon Redshift

Enables you to run analytic queries against petabytes of data that is stored locally in Amazon Redshift, and directly against exabytes of data that are stored in Amazon S3.

Amazon DynamoDB

A key-value and document database that delivers single-digit millisecond performance at any scale, with built-in security, backup and restore, and in-memory caching.

Amazon VPC

Enables you to provision logically isolated sections of the AWS Cloud.

Elastic Load Balancing

Automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions.

Amazon CloudFront

A fast content delivery network (CDN) service that securely delivers data, videos, applications, and application programming interfaces (APIs) to customers globally, with low latency and high transfer speeds.

AWS Transit Gateway

A service that enables customers to connect their Amazon Virtual Private Clouds (VPCs) and their on-premises networks to a single gateway.

Amazon Route 53

A scalable cloud Domain Name System (DNS) web service designed to give you a reliable way to route end users to internet applications.

AWS Key Management Service (KMS)

Enables you to create and manage keys to control the use of encryption across a wide range of AWS services and in your applications.

AWS Identity and Access Management (IAM)

Enables you to manage access to AWS services and resources securely.

AWS Management Console

A web-based user interface for accessing your AWS account.

Customer Security Responsibilities

Customer is responsible for the encryption of data at rest and data in transit.

IaaS

Provides the customer with the highest level of flexibility and management control over IT resources.

PaaS

Services that remove the need for the customer to manage the underlying infrastructure (hardware, operating systems, etc.).

SaaS

Services that provide centrally hosted software that is typically accessible via a web browser, mobile app, or application programming interface

IAM Policy

A document that defines permissions to determine what users can do in the AWS account.

IAM Role

A tool for granting temporary access to specific AWS resources in an AWS account.

Programmatic Access

Requires to present an access key ID and a secret access key for access to a user.

Study Notes

Introduction to Cloud Computing

• Cloud computing is on-demand access to compute power, databases, storage, and applications over the Internet with pay-as-you-go pricing.
• Cloud resources are located in large data centers globally.
• AWS owns the computers its cloud service uses.
• Cloud resources work together to build solutions for business and tech needs.
• Cloud computing lets users think of infrastructure as software.
• Users select cloud services that match needs, provision/terminate resources on-demand, and pay for what they use.
• It is possible to elastically scale resources up/down in an automated way.
• Cloud resources can be treated as temporary/disposable.
• Cloud computing's flexibility helps businesses implement new solutions quickly with low upfront costs.

Cloud Computing Deployment Models

• Cloud deployment means the whole application runs in the cloud.
• Cloud deployment is either created in the cloud or migrated from existing infrastructure.
• Hybrid deployment connects cloud-based and existing on-premises resources.
• The hybrid model lets organizations grow infrastructure into the cloud while connecting cloud resources to internal systems.
• On-premises deployment uses virtualization and resource management tools, which is sometimes called private cloud.
• On-premises deployment can provide dedicated resources.
• On-premises deployments are often legacy IT infrastructure, but they might use application management and virtualization to increase resource utilization.

Similarities Between AWS and On-Premises IT

• AWS security groups, network ACLs, and IAM are similar to firewalls, ACLs, and administrators.
• Elastic Load Balancing and Amazon VPC are like routers, network pipelines, and switches.
• Amazon Machine Images (AMIs) and Amazon Elastic Compute Cloud (Amazon EC2) instances are like on-premises servers.
• Amazon EBS, Amazon EFS, Amazon S3, and Amazon RDS are similar to direct attached storage (DAS), storage area networks (SAN), network attached storage (NAS), and relational database management service (RDBMS).

Advantages with AWS

• Capital expenses are traded for variable expenses.
• AWS has higher economies of scale and passes savings to customers.
• It eliminates guessing capacity.
• AWS increases speed and agility.
• You stop spending money on running and maintaining data centers
• Focus on projects that differentiate your business instead of focusing on infrastructure.
• Applications can be deployed globally with just a few clicks.

Web Services

• Web services use a standardized format, such as XML or JSON, for API interactions.

AWS Specifics

• AWS is a secure cloud platform
• AWS offers many global cloud-based products.
• AWS offers on-demand access to compute, storage, network, database, other IT resources, and management tools.
• AWS services offer flexibility
• You only pay for the individual services you need, for as long as you use them.
• AWS services work together.

AWS Cloud Adoption Framework (CAF)

• AWS CAF guidance and best practices help organizations identify gaps in skills and processes to build a cloud approach across the organization and throughout the IT lifecycle, to accelerate cloud adoption.

Business Perspective in AWS CAF

• Stakeholders use AWS CAF to prioritize cloud adoption to align with business' strategies and goals with IT.

People Perspective in AWS CAF

• Stakeholders use AWS CAF to evaluate skills and process requirements to build an agile organization.

Governance Perspective in AWS CAF

• Stakeholders focus on aligning IT strategy and goals with business strategy and goals through skills and processes.

Platform Perspective in AWS CAF

• Stakeholders describe the architecture of the target state environment, and communicates using architectural dimensions and models.
• The AWS CAF includes principles and patterns for implementing new cloud solutions and migrating on-premises workloads.

Security Perspective in AWS CAF

• Stakeholders ensure security objectives are met by structuring the selection and implementation of security controls that meet the organization's needs.

Operation Perspective in AWS CAF

• Stakeholders define how day-to-day business is conducted and align with the operations of the business to define how current operating procedures.

Cloud Economics and Billing

• Compute is charged per hour/second and varies by instance type.
• Storage is charged typically per GB.
• Data transfer outbound is charged.
• There is no charge for data transfer inbound.
• Users pay for what you use.
• Reserved instances save money.
• AURI
• PURI
• NURI
• AWS offers custom pricing for high-volume projects.
• AWS Free Tier enables hands-on experience.

Total Cost of Ownership (TCO)

• TCO is a financial estimate that helps determine the direct and indirect costs of a service

AWS Pricing Calculator

• It is useful for estimating monthly costs of AWS services.
• For identifying opportunities for cost reduction.
• Before building, its useful for modeling solutions.
• AWS estimates allow users to explore price points and calculations behind their estimate.
• Users can find available instance types and contract terms that meet their needs.

AWS Global Infrastructure

• The AWS Global Infrastructure is designed to deliver a flexible, reliable, scalable, and secure cloud computing environment.

AWS Regions & Availability Zones

• AWS Regions are a geographical areas/locations with one or more Availability Zones.
• Availability zones consist of one or more data centers.
• China AWS account provides access to Beijing and Ningxia Regions only.
• US GovCloud Region is designed to allow US Gov agencies and customers to move sensitive workloads into the cloud by addressing regulatory and compliance requirements.

Selecting a Region

• Local laws might require that data is kept within geographical boundaries which restrict where content or services are offered.
• It is desirable to run applications and store data in a Region as close as possible to the user to reduce latency.
• Services are available within the region.
• Costs vary by region.

Availability Zones

• AZs provide the ability to operate applications and databases more highly available, fault-tolerant, and scalable.
• Each AZ can include multiple data centers, typically three.
• AZs are interconnected with high-bandwidth, low-latency networking over fully redundant, dedicated fiber that provides high throughput.
• Network accomplishes synchronous replication between Zones.
• The user is responsible for selecting where their systems will reside.

AWS Data Centers

• Data centers are the foundation for AWS infrastructure.
• Critical system components are backed up across multiple AZs.
• AWS continuously monitors service usage to deploy infrastructure to support commitments and requirements.
• AWS’ data center locations are not disclosed and restrict access to them.
• AWS custom network equipment is sourced from multiple original device manufacturers (ODMs)

Points of Presence

• Points of presence are located in most of the major cities around the world.
• Provides a better user experience through the continuous connection, performance and computing by finding the best route to request.

Amazon CloudFront

• Amazon Cloudfront is a content delivery network used to distribute content to end users to reduce latency.

Regional Edge Caches

• They are used by default with Amazon CloudFront when content isn't accessed frequently enough to remain in an edge location.

AWS Infrastructure Features

• AWS has elastic and scalable resources.
• Built-in component redundancy.
• AWS requires minimal to no human intervention, while also providing high availability with minimal downtime.

Amazon Electic File System (Amazon EFS)

• It provides a scalable, fully managed elastic Network File System (NFS) file system.
• Amazon EFS is built to scale on demand to petabytes, growing and shrinking automatically.

Amazon Simple Storage Service Glacier

• It is low-cost for data archiving and long-term backup.

Compute Service Category

• Compute capacity as virtual machines. Useful to provision an Amazon Elastic Compute Cloud (Amazon EC2).

Amazon EC2 Auto Scaling

• It automatically adds or removes EC2 intances container orchestration to support Docker container.

Storage Service Category

• Amazon Simple Storage Service (Amazon S3) Offers scalability, data availability, security, and performance. Use it to store and protect any amount of data

Amazon Elastic Block Store

• Amazon Elastic Block Store High-performance block storage designed for use with Amazon EC2

Aws Lambda

• Run code with provisioning or managing servers; pay only for compute time used

Amazon Elastic Kubernetes Service (Amazon EKS)

• Deploy, manage, and scale containerized applications that use Kubernetes

AWS Fargate

• Compute engine for ECS that allows you to run containers without managing services or clusters

Aws Relational Database Services (Amazon RDS)

• Set up, operate, and scale a relational database in the cloud with automation.

Amazon Virtual Private Cloud (Amazon VPC)

• Provision logically isolated sections of the AWS Cloud

AWS Transit Gateway

• Connect Amazon Virtual Private Clouds (VPCs) and on-premises networks to a single gateway

AWS Direct Connect

• A dedicated private network connection

AWS Key Management Service (AWS KMS)

• Create and manage encryption keys; use to control the encryption across applications

AWS Shield

• Managed Distributed Denial of Service (DDos) protection service that safeguards applications running on AWS.

AWS Cost Management Service

AWS Config

• Provides assessment, auditing and evaluation of your AWS resources

Amazon CloudWatch

• Monitor resources and applications.

Iaas

• It Provides highest level of flexibility and management control over IT resources

AWS CloudTrail Tracks

• Tracks user and API usage