Aws Sysops Administrator Associate Flashcards
Host Level Metrics Consist of (4)?
CPUNetworkDiskStatus Check
What is the API call to retrieve metrics data from cloudwatch?
GetMetricStatistics
Cloudwatch stores logs _______ by default.
Indefinitely
In order to use cloudwatch to monitor on-premise, what two items must you download & install?
SSM AgentCloudwatch Agent
What are the 4 types of EBS Storage?
GP2 (General Purpose SSD)io1 (Provisioned IOPS SSD)st1 (Throughput Optimized HDD)sc1 (Cold HDD)
What metrics return the total number of I/O operations in a specified period of time?
VolumeReadOps, VolumeWriteOps
What metric return the number of read and write operation requests waiting to be completed in a specified period of time?
VolumeQueueLength
Also referred to as the layer 7 load balancer and typically used for HTTP/HTTPS traffic.
Application Load Balancer
Also referred to as the layer 4 load balancer and typically used for high performance and network throughput demands.
Network Load Balancer
What are the 4 ways to monitor ELB's?
Cloud Watch MetricsAccess LogsRequest TracingCloudtrail Logs
True/False: As soon as you provision an ELB, you must turn on Cloud Watch metrics.
False, CW metrics are turned on by default when you provision an ELB.
What is the only load balancer type that Request Tracing is supported for?
Application Load Balancer
For memcached, if the swap file usage is greater than 50mb, increase the ___________________________ parameter.
memcached_connections_overhead
For evictions monitoring of memcached, you can _____-____ (increase memory of existing nodes) OR _______-_____ (add more nodes).
scale-up, scale-out
For elasticache, it is important to set an alarm for the number of _____________ connections.
concurrent
These make it easier to group your resources using the tags that are assigned to them.
Resource Groups
What are the 4 EC2 pricing models?
On demandReservedSpotDedicated host
(AWS Config) Point in time attributes of the resource
Configuration Items
(AWS Config) Collection of config items
Configuration Snapshots
(AWS Config) Stream of changed config items
Configuration Stream
What are the two types of health dashboards?
-Service-Personal
What CloudWatch metrics can you use to determine the percentage of I/O operations delivered of the total IOPS provisioned for an EBS volume?
VolumeThroughputPercentage
EC2 instance launch error you receive when you have exceeded the default soft limit of the number of EC2 instances you can launch.
InstanceLimitExceeded
EC2 instance launch error you receive when AWS does not currently have the on-demand capacity to serve your request(s).
InsufficientInstanceCapacity
This load balancer is often referred to as the smart load balancer utilizing layer 7 technology, it is best for balancing HTTP and HTTPS traffic
Application Load Balancer
TRUE/FALSE: You can only resolve the DNS of an ELB, not the public IP
TRUE, AWS Elastic load balancers only resolve from their DNS, the IP's are controlled entirely by Amazon.
This load balancer is often referred to as the fast load balancer (performance focused) and is best for balancing TCP traffic for extreme performance utilizing layer 4 technology
Network Load Balancer
This load balancer is a basic load balancer with a mix of layer 4 and layer 7 technology. It is not as efficient as the other newer load balancers.
Classic Load Balancer
If you are expecting a sudden dramatic spike in traffic to your web-servers (fronted by ELB's), what should you contact AWS to do?
Pre-warm load balancers
If you require static IP addresses or elastic IP addresses for your clients to connect to your load balancers (1 per subnet) and to ensure simple firewall rules, which load balancer should you use?
Network Load Balancer
(ELB CW General Health Metric) Number of unsuccessful connections to backend instances.
BackendConnectionErrors
(ELB CW General Health Metric) number of unhealthy instances
UnHealthyHostCount
(ELB CW General Health Metric) Returns number of 2xx, 3xx, 4xx, 5xx http code responses.
HttpCode_backend
(ELB CW Performance Metrics) Number of seconds taken for registered instances to respond/connect
Latency
A count of the total number of requests that are pending submission to a registered instance.
SurgeQueueLength
A count of the total number of requests that were rejected due to the queue being full.
SpilloverCount
Management tool which gives you visibility and control over your AWS infrastructure. It integrates with CloudWatch allowing you to view your dashboards, view operational data and detect problems.
Systems Manager (SSM)
This feature of SSM allows you to run pre-defined commands on one or more EC2 instances.
Run Command
This high availability term refers to scaling out infrastructure with demand and is long term.
Scalability
With RDS Multi-AZ, your backup and restore processes are taken from your _____ DB to prevent I/O content on the _____ DB instance.
secondary, primary
What RDS instance types support read replicas?
MySQLPostgreSQLMariaDBAurora
If your Aurora instance is at 100% CPU and writes are causing the performance issues, what should you do?
scale-up (increase instance size)
If your Aurora instance is at 100% CPU and reads are causing the performance issues, what should you do?
scale-out (increase number of read replicas)
On-demand, auto-scaling configuration for Aurora where the DB will automatically start up, shutdown, and scale up or down capacity based on your app's needs.
Aurora Serverless
Amazon Aurora is highly _____ and ____-_____.
redundant, self-healing
Data consistency for S3?
Read after write for PUT of new objectsEventually consistent for overwrite PUT and DELETE
What is the durability & availability of S3 Standard?
Durability: 99.99.... (11 9's)Availability: 99.99%
What is the durability & availability of S3 IA?
Durability: 99.99... (11 9's)Availability: 99.9%
What is the durability & availability of One zone IA?
Durability: 99.99 (11 9's)Availability: 99.5%
What is the durability & availability of Glacier?
Durability: 99.99 (11 9's)Availability: 99.99%
What is the durability & availability of RRS?
Durability: 99.99%Availability: 99.99%
Access control lists apply at the ____-level while Bucket Policies apply at the _____-level.
object, bucket
S3 encrypts data at rest using?
Server Side (sse-s3, sse-kms, ss3-c)Client Side
(S3) If the file is to be encrypted at upload time, the _-___-_______-_____-_________ parameter will be included in the request header.
x-amz-server-side-encryption
KMS supports only _____ keys while Cloud HSM supports either _____/______ keys.
symmetric, symmetric/asymmetric
Flat files stored on S3, accessed using NFS or SMB.
File Gateway
Used for archiving your backups to Glacier. Can be used with or without your own backup application.
Tape Gateway
Service that protects all AWS customers on ELB, Cloudfront, and Route53 from DDOS attacks.
AWS Shield
AWS Service which grants users limited and temporary access to AWS resources coming from Federation, Federation with mobile (Google, Facebook, Amazon), or Cross Account Access.
STS (Simple Token Service)
A service embedded within EC2 that allows you to store sensitive/confidential information such as passwords, DB connection strings, and license codes. These values can be stored as plain text or encrypted and can later be referenced by their names.
Systems Manager Parameter Store
Security groups are ______ while NACL's are ______.
Stateful, stateless
True/False: A NACL can be associated with many subnet.
True (but subnet can only be associated with one NACL)
What are the three valid alarm statuses in CloudWatch?
OKALARMINSUFFICIENT_DATA
This load balancer is the only one that supports the use of a single fixed IP address.
Network Load Balancer
When fault tolerance is more important than I/O performance, this RAID configuration is ideal.
RAID 1
When I/O performance is more important than fault tolerance, this RAID configuration is ideal.
RAID 0
You can use ___ ___ ___ to monitor traffic going to and from your VPC as well as your network load balancer(s)
VPC Flow Logs
You can modify the ________________ file on an EBS backed volume (attach to a new instance) if you lose access to your instance.
authorized_keys
You can enable billing alerts in your _______ _______.
Account preferences
This feature expands on existing Amazon RDS monitoring features to illustrate your database's performance and help you analyze any issues that may affect it.
Performance Insights
What are the three types of Route 53 health checks you can create?
EndpointCloudWatch AlarmsOther Health Checks
What are the two flavors of snowball edge?
Storage Optimized Compute Optimized
Name some reasons why your EC2 instance may go from pending to terminated immediately:
EBS Volume Limit ReachedRoot EBS volume encrypted, you don't have permsEBS Snapshot corrupt
For CloudWatch, what type of EC2 monitoring metric is only for Instance store backed instances?
DISK
Feature of ELB's in which the load balancer selects the first cipher in its list that is in the client's list of ciphers is called?
Server Order Preference
You can create a load balancer with what three security features?
SSL Server CertsSSL NegotiationBack-end Server Authentication
What are the options for the --on-failure parameter for Cloud Formation create-stack CLI command? What is the default action?
DO_NOTHINGROLLBACKDELETEDefault: ROLLBACK
_______ _______ allow you to preview how proposed changes to a stack might impact your running resources.
Change Sets