❎
TutorialsDojo Wrong Answers
  • Points to remember for the exam
  • Jon Bonso (TutorialsDojo) Test Scores
  • Test 1 (70%)
    • Tracking Policies
    • Run an ECS Task When a File is Uploaded to an S3 Bucket using CloudWatch Events
    • Choosing the right Partition Key
    • Choosing the right EBS volume type
    • Throttle API requests for better throughput
    • Optimizing high availability with CloudFront origin failover
    • Storage Gateway vs FSx
    • RDS Read Replicas vs Multi-AZ Deployments
    • RDS Enhanced Monitoring & CloudWatch
    • Lifecycle Policies
    • Redshift enhanced VPC routing
    • Querying external data using Amazon Redshift Spectrum
    • How to Connect Your On-Premises Active Directory to AWS Using AD Connector
    • NAT Gateways
    • EC2 Auto Scaling
    • IAM database authentication for MySQL and PostgreSQL
    • SUMMARY
  • Test 2 (69%)
    • Synchronous & Asynchronous Lambda
    • S3 Static Website Hosting & CloudFront
    • Shard Iterator Expires Unexpectedly
    • Bastion Host Architecture
    • CodeDeploy deployment types
    • Route 53 Geolocation vs Route 53 Geopriximity vs CloudFront geo-restriction
    • VPC IP Addresses
    • SQS Message Retention
    • Routing traffic to a website that is hosted in a S3 bucket
    • Choosing the right EBS volume type
    • EBS Volumes Facts
    • Auto Scaling Group Cooldown Period
    • Monitoring memory and disk metrics for EC2 instances
    • Geoproximity vs Geolocation
    • VPC Endpoints
    • Edge to edge routing
    • Temporary security credentials in IAM
    • Configuring instances in different subnets to communicate to each other
    • SUMMARY
  • Test 3 (66%)
    • S3 Consistency
    • Selling in the Reserved Instance Marketplace
    • DDoS Mitigation
    • Managing Throughput Capacity Automatically with DynamoDB Auto Scaling
    • Kinesis Data Streams
    • S3 Single PUT Limit
    • CloudFormation Resource Attributes
    • Redshift
    • S3 Glacier Provisioned Capcity
    • Launch Configurations
    • Active-active and active-passive failover
    • File Gateway vs Volume Gateway
    • EC2 Instance Store Lifetime
    • RDS Backups for over 35 days
    • Simple Workflow Service (SWF)
    • EC2 Service Limits
    • Restricting Access to S3 Content by using an Origin Access Identity (OAI)
    • NACL Rules
    • Cross-account access to objects that are stored in S3 buckets
    • S3 Encryption
    • SUMMARY
  • Test 4 (82%)
    • Importing an SSL/TLS Certificate
    • S3 Network Costs
    • Step Functions vs SWF
    • EBS Performance vs S3
    • Global Accelerator
    • Provisioned IOPS SSD Volumes
    • SWF
    • RAID 0 vs RAID 1
    • RDS Enhanced Monitoring
    • AWS X-Ray
    • VPC Security Groups
    • Federating users by creating a custom identity broker application
    • SUMMARY
  • Test 5 (72%)
    • AWS Storage Gateway Hardware Appliance
    • General Purpose SSD volumes (gp2)
    • SQS short and long polling
    • EFA vs ENA vs ENI vs ParallelCluster
    • Auto Scaling lifecycle hooks
    • High availability for Aurora
    • Redshift vs Aurora
    • CloudFormation Outputs
    • Setting Up Route 53 Zone Apex Support with a Load Balancer
    • What is encrypted in EBS?
    • Systems Manager Run Command
    • Establish a connection to your EC2 instance
    • IAM
    • Amazon WorkSpaces
    • Usability of EBS Volumes while Snapshots are being created
    • Access logs for your ELBs
    • API Gateway HTTPS Endpoint
    • "Server refused our key" error
    • SUMMARY
  • Test 6 (78%)
    • Managing how long content stays in the cache (expiration)
    • Troubleshooting instance launch issues
    • Enhanced networking on Linux Instances
    • Best practices for working with MySQL storage engines
    • Replication with Aurora
    • Using Lambda with Kinesis
    • Inter-Region VPC Peering
    • Multi-AZ Cost Optimization
    • RDS Multi-AZ Deployments
    • RDS encryption in-transit (SSL)
    • Require that objects grant the bucket owner full control
    • Identity Federation
    • Enabling internet access in a VPC
    • Endpoint groups for standard accelerators in Global Accelerator
    • SUMMARY
  • Final Test
    • SQS FIFO + SWF
    • Bastion Host Login
    • Redshift Cross-Region Snapshots
    • Default VPC vs Non-default VPC DNS
    • Customer Gateway
    • Bucket owner granting cross-account bucket permissions
Powered by GitBook
On this page

Was this helpful?

  1. Test 1 (70%)

SUMMARY

These notes are completely from memory

  • Target Tracking - This is the most "managed"; you just give it some parameters and it automatically does everything to stay within that parameter value.

  • Step Tracking - Preferred to simple tracking. Has step adjustments (the greater the size of the breach, the greater action it takes).

  • Simple Tracking - Has a cooldown period and very similar to step tracking but it doesn't have step adjustments.

  • You can use CloudWatch Events to do ECS tasks when a file is uploaded to an S3 bucket using the PUT (uploading) and DELETE (deleting) operation, so CloudWatch sees when you perform those 2 operation and when you do PUT or DELETE, it performs an ECS task.

  • Use high-cardinality attributes (means that they have distinct values for each item) and use composite attributes and cache popular things with DAX.

  • Use SSD EBS volumes for small and random (in any order) operations.

  • Use HDD EBS volumes for large and sequential (ordered) operations.

  • You can throttle API requests when there are lots of requests coming in to the API gateway and this can give better throughput.

  • CloudFront Origin Failure means that you have two origin groups (one is the primary one and the other one is secondary) and when there is a HTTP error code with the primary origin group, CloudFront switches to the secondary group.

  • EFS is only for Linux instances and is POSIX complaint.

  • FSx for Lustre is for very high performance computing (HPC) and compute intensive tasks.

  • FSx for Windows Servers is for

  • Storage Gateway is when you want to extend your on-premises storage to AWS, so you basically have unlimited storage. There are 3 types. File Gateway is for file protocols like NFS and SMB. Volume Gateway is for block storage using iSCSI connectivity and you can take point-in-time snapshots with EBS snapshots. Tape Gateway is for very long archival data for S3 Glacier and S3 Glacier Deep Archive; it is for backup and archives and it uses iSCSI virtual tape library (VTL). So, Volume and Tape are the ones which support iSCSI.

  • DataSync is a way to migrate your on-premises data to and from AWS.

  • Read Replicas are asynchronous and Multi-AZ deployments are synchronous and read replicas can be "promoted" to standalone RDS DB instances.

  • RDS Enhanced Monitoring is monitoring on the RDS DB instance itself, whereas CloudWatch Monitoring is monitoring on the hypervisor, so CloudWatch monitoring includes the work that hypervisor does, so it might not be a fair representation of the RDS DB instance. Also, RDS Enhanced Monitoring provides information on how different processes in the DB instance use the CPU and how it impacts the CPU performance and CloudWatch doesn't have that.

  • To move from S3 Standard to S3 IA S3 One Zone-IA, the data has to be in S3 Standard for at least 30 days.

  • Redshift Enhanced VPC routing means that you have access to VPC features but also all your COPY and PUT operations go through your VPC.

  • Redshift Spectrum is just a way to query data in S3 without having to load up the data into Redshift tables first.

  • AD Connector is part of the AWS Directory Services and it enables you to use all your previous Active Directory on-premises stuff onto AWS; after all, it is just a proxy to connect your on-premises AD to AWS.

  • NAT Gateways are highly available even though they are in one AZ and you they are in a public subnet but the instances that use NAT Gateways are in a public subnet.

  • To have highly available Auto Scaling, you must think as if the AZ is definitely going to fail; then only will you have an extremely highly available architecture.

  • IAM database authentication is for MYSQL and PostgreSQL, so it can be used for RDS and instead of using password, it uses an authentication token to authenticate you for a database.

PreviousIAM database authentication for MySQL and PostgreSQLNextSynchronous & Asynchronous Lambda

Last updated 4 years ago

Was this helpful?