❎
TutorialsDojo Wrong Answers
  • Points to remember for the exam
  • Jon Bonso (TutorialsDojo) Test Scores
  • Test 1 (70%)
    • Tracking Policies
    • Run an ECS Task When a File is Uploaded to an S3 Bucket using CloudWatch Events
    • Choosing the right Partition Key
    • Choosing the right EBS volume type
    • Throttle API requests for better throughput
    • Optimizing high availability with CloudFront origin failover
    • Storage Gateway vs FSx
    • RDS Read Replicas vs Multi-AZ Deployments
    • RDS Enhanced Monitoring & CloudWatch
    • Lifecycle Policies
    • Redshift enhanced VPC routing
    • Querying external data using Amazon Redshift Spectrum
    • How to Connect Your On-Premises Active Directory to AWS Using AD Connector
    • NAT Gateways
    • EC2 Auto Scaling
    • IAM database authentication for MySQL and PostgreSQL
    • SUMMARY
  • Test 2 (69%)
    • Synchronous & Asynchronous Lambda
    • S3 Static Website Hosting & CloudFront
    • Shard Iterator Expires Unexpectedly
    • Bastion Host Architecture
    • CodeDeploy deployment types
    • Route 53 Geolocation vs Route 53 Geopriximity vs CloudFront geo-restriction
    • VPC IP Addresses
    • SQS Message Retention
    • Routing traffic to a website that is hosted in a S3 bucket
    • Choosing the right EBS volume type
    • EBS Volumes Facts
    • Auto Scaling Group Cooldown Period
    • Monitoring memory and disk metrics for EC2 instances
    • Geoproximity vs Geolocation
    • VPC Endpoints
    • Edge to edge routing
    • Temporary security credentials in IAM
    • Configuring instances in different subnets to communicate to each other
    • SUMMARY
  • Test 3 (66%)
    • S3 Consistency
    • Selling in the Reserved Instance Marketplace
    • DDoS Mitigation
    • Managing Throughput Capacity Automatically with DynamoDB Auto Scaling
    • Kinesis Data Streams
    • S3 Single PUT Limit
    • CloudFormation Resource Attributes
    • Redshift
    • S3 Glacier Provisioned Capcity
    • Launch Configurations
    • Active-active and active-passive failover
    • File Gateway vs Volume Gateway
    • EC2 Instance Store Lifetime
    • RDS Backups for over 35 days
    • Simple Workflow Service (SWF)
    • EC2 Service Limits
    • Restricting Access to S3 Content by using an Origin Access Identity (OAI)
    • NACL Rules
    • Cross-account access to objects that are stored in S3 buckets
    • S3 Encryption
    • SUMMARY
  • Test 4 (82%)
    • Importing an SSL/TLS Certificate
    • S3 Network Costs
    • Step Functions vs SWF
    • EBS Performance vs S3
    • Global Accelerator
    • Provisioned IOPS SSD Volumes
    • SWF
    • RAID 0 vs RAID 1
    • RDS Enhanced Monitoring
    • AWS X-Ray
    • VPC Security Groups
    • Federating users by creating a custom identity broker application
    • SUMMARY
  • Test 5 (72%)
    • AWS Storage Gateway Hardware Appliance
    • General Purpose SSD volumes (gp2)
    • SQS short and long polling
    • EFA vs ENA vs ENI vs ParallelCluster
    • Auto Scaling lifecycle hooks
    • High availability for Aurora
    • Redshift vs Aurora
    • CloudFormation Outputs
    • Setting Up Route 53 Zone Apex Support with a Load Balancer
    • What is encrypted in EBS?
    • Systems Manager Run Command
    • Establish a connection to your EC2 instance
    • IAM
    • Amazon WorkSpaces
    • Usability of EBS Volumes while Snapshots are being created
    • Access logs for your ELBs
    • API Gateway HTTPS Endpoint
    • "Server refused our key" error
    • SUMMARY
  • Test 6 (78%)
    • Managing how long content stays in the cache (expiration)
    • Troubleshooting instance launch issues
    • Enhanced networking on Linux Instances
    • Best practices for working with MySQL storage engines
    • Replication with Aurora
    • Using Lambda with Kinesis
    • Inter-Region VPC Peering
    • Multi-AZ Cost Optimization
    • RDS Multi-AZ Deployments
    • RDS encryption in-transit (SSL)
    • Require that objects grant the bucket owner full control
    • Identity Federation
    • Enabling internet access in a VPC
    • Endpoint groups for standard accelerators in Global Accelerator
    • SUMMARY
  • Final Test
    • SQS FIFO + SWF
    • Bastion Host Login
    • Redshift Cross-Region Snapshots
    • Default VPC vs Non-default VPC DNS
    • Customer Gateway
    • Bucket owner granting cross-account bucket permissions
Powered by GitBook
On this page

Was this helpful?

  1. Test 3 (66%)

SUMMARY

  • S3 has strong consistency for read after write, so PUT then GET is strongly consistent.

  • There is eventual consistency for PUTs and DELETEs, so if you upload or delete something, you still might see the old object because it does update instantly.

  • S3 supports parallel requests, which means you can scale your performance by the factor of your compute cluster, without making any customizations to your application.

  • Reserved Instance Marketplace is for selling Reserved EC2 instances which you don't need or for any other reason.

  • To protect your system from DDoS attack, you can use CloudFront for distributing content and use an ALB with Auto Scaling groups for your EC2 instances and also prevent direct Internet traffic to your database by deploying it to a new private subnet.

  • You can enable DynamoDB Auto Scaling to automatically scale your DynamoDB database with ease.

  • Kinesis Data Streams is a real-time data streaming service and you can also use a Lambda function to process the data.

  • S3 Single PUT limit is 5GB and the Multipart Upload Limit is 5TB.

  • CreationPolicy is a CloudFormation resource attribute which waits upon a specified number of success signals or the timeout period is exceeded.

  • cfn-init reads from metadata and acts accordingly.

  • cfn-signal sees the changes to resources and acts accordingly.

  • Redshift = OLAP, so stores data in columns.

  • S3 Glacier Provisioned Capacity enables you to always use Glacier expedited retrieval times.

  • To change the launch configuration for an ASG, you must create a launch configuration and then update your Auto Scaling group with it because you can't modify a launch configuration once you've applied it.

  • Active-active failover is used when you want ALL OF YOUR RESOURCES available all the time.

  • Active-passive failover is used when you want a primary resource available and when that isn't available, it should transfer to the secondary resource (standby).

  • File Gateway is for SMB and NFS and Volume Gateway is for block storage.

  • EC2 Instance store persists only when an instance reboots but if the instance does anything else, the data on the instance store is gone.

  • You can use AWS Backup for centralised management of all your backups and you can use it for RDS backups over 35 days and you use Backup plans to specify the details of the backups.

  • SWF can be used for managing tasks and jobs in AWS and for invoking one task with another and other things like that.

  • AWS limits how much vCPUs per region you can get but you can increase this limit with a support request to AWS.

  • OAI makes sure you can only access S3 objects through CloudFront and not directly to S3.

  • NACL rules are evaluated their rule number from lowest to highest.

  • You can grant cross-account access to S3 objects with IAM policies.

  • There are many different ways of SSE in S3:

    • Using KMS managed keys.

    • Using S3 managed keys.

    • Using customer provided keys.

  • Client Side Encryption in S3:

    • Using KMS managed CMK.

    • Using a client side master key (the most control because encryption + key is client side).

PreviousS3 EncryptionNextImporting an SSL/TLS Certificate

Last updated 4 years ago

Was this helpful?