Topic to cover

  1. FAQ
  2. Topic to cover

• Redshift - when would you use it?

• Data Pipeline - when would you use it?

• Security Pentesting - Who is allowed, and how?

• EBS - how to encrypt? Steps for migrating to new AZ?

• Route 53 - What can A/CNAME point to? What is alias, how to use?

• how to set up high availability across multiple AZ.

• S3 Bucket Policy v S3 ACL v IAM. Why?

• SNS v SES v SQS

/**********************************************************************************************************************************/

First and foremost thanks to Ryan & ACloudGuru team for providing excellent material.

There are few questions for clarification and further feedback which I would like to share as below,

NOTE: Regret in case if improper phrasing

Direct Connect

VPC's connectivity using Direct Connect with Private / Public Interface, where one is in private subnet and another is in public facing subnet along with the VPN.

If I am not wrong, the videos did explain about the interfaces and its differences, but not between the public and private interface related to connectivity using VPN. Also good to have a video on VPN as fallback to DirectConnect.

EBS

Per the concepts in the course, there was a point to avoid using RAID 5 option. But I did get options like and need to select 2, for the question like how to increase write throughput having 300gb ebs volume.

  • Higher ec2 instance ( selected this as high CPU is also part of the overall throughput )

  • Raid 5 ( this is not recommended by AWS )

  • All Raid groups ( selected this as it covers all RAID options )

EC2

Q: instance and type of the virtualization used internally.

This charting is helpful to be added in videos, for type of instances against the virtualization types.

S3 & IAM

This is the topic where I felt more extra hands on example videos would be helpful where in various angles the questions were asked as mentioned below :

  • Difference between buckets ACL and bucket policies

  • Access to s3 buckets using federation

  • Master - Child accounts for consolidated billing and for resources access using federation and cross account access.

DynamoDb:

Per the practice exams dynamo storage use cases includes Storing blobs as right answer which is not present in the documentation, rather its like storing the metadata of the blob object stored in s3 ( Per FAQ ). Out of below options its was very confusing to select in exam, please let know the correct answer, apart from the other correct answers mentioned in the practice exam.

  • storing blob

  • storing s3 object metadata

Route53:

Might be helpful to add a further deep understanding of the various terminologies like A, CNAME Alias and Records, as its confusing with respect to ELB integration because the answers were like

A record aliased

A record with CNAME

CNAME alias

...

My take of approach :

  • A Cloud Guru definitely helped to cope up with practice exams.This sure is going to build a foundation.

  • Hands-on work / experimenting on the S3 using IAM federation, Route 53 ( must to do example run ), Security Groups & Network ACL's, IAM roles on S3 and EC2 and if possible Cross account linking too using federation.

  • Still have time purchase some practice exams ( wrote linuxacademy practice exam ).

  • Options are very confusing need to be careful and try finding out the keywords.

Thanks Ryan and Team once again for outstanding effort.

/************************************************

S3,EC2,ELB,SWF,SQS,RDS,DynamoDB,VPC,IAM

The exam itself was factual (ie: can you do "X" with service "Y" ?) peppered with scenario based questions. The results follow the exam blueprint (https://goo.gl/VrWPF4\) which helps identify where you're strong, and where you need to focus further. I definitely felt there was value in the AWS practice exam ($20 US), as some of the same questions were in the real exam.

I scoured the FAQs, and read the entire security best practices whitepaper (https://aws.amazon.com/whitepapers/aws-security-best-practices/\) 75+ pages is alot to digest. IMO, Ryan did an excellent job of summarizing the relevant points of this, and other whitepapers.

Based on my experience, areas to focus on (in rough order of importance) are EC2 (storage/encryption options), S3 (storage/encryption options), VPC (sec-groups, NACLs), DynamoDB and RDS (DB types/features), and Route53. There were also a few IAM questions, as well as consolidated billing (which will soon be replaced with AWS Orgs: https://aws.amazon.com/organizations/\).

Remember - there's no substitute for hands on experience, and you'll be hired not just on what you know, but what you can build/have built, so make sure you do ALL the labs, and as many others as you can find, and spend time experimenting.

A huge thanks to Ryan and the ACG team - and good luck to everyone else !

/******************************************************************************************************************

Published with GitBook · Last edit Jan 14th 17

results for ""

    No results matching ""