[AWS CCP] QUIZ 정리 -3

* 본 글은 https://simuladoclf.s3.amazonaws.com/english.html 사이트 내 문제를 참조하였습니다. 

---

#1. A retail company is building a new mobile application. The company is evaluating whether to build the application in an on-premises data center or in the AWS Cloud. Which service should the company consider?

=> AWS Directory Service for Microsoft Active Directory
AWS Directory Service for Microsoft Active Directory allows the company to utilize a managed service for Active Directory in AWS, making it easier to integrate and manage users and security resources for the new mobile application.

---

#2. Which of the following are advantages that a company receives by moving an on-premises production workload to AWS? (Select TWO.)

=> AWS provides high availability / AWS provides economies of scale
The correct answers are D and E because AWS provides high availability and AWS provides economies of scale, which are advantages that a company receives by moving an on-premises production workload to AWS. High availability means that AWS has a global infrastructure that enables customers to deploy their applications and data across multiple regions and Availability Zones. This increases the fault tolerance and resiliency of their applications and reduces the impact of failures. Economies of scale mean that AWS can achieve lower variable costs than customers can on their own. This allows customers to pay only for the resources they use and scale up or down as needed

---

#3. Which of the following are customer responsibilities(고객책임) according to the AWS Shared Responsibility Model? (Select TWO.)

=> Security group configuration

=>  Encryption of customer data on AWS

---

#4. A cloud engineer wants to know the percentage of allocated compute units that are in use for a specific Amazon EC2 instance. Which AWS service can provide this information?

=> Amazon CloudWatch

AWS 리소스(EC2, RDS, Lambda 등) 모니터링 및 지표 수집

CPU 가동률, 디스크 I/O, 네트워크 트래픽 등 제공

CPU, 리소스 사용률, 모니터링 -> CloudWatch

Amazon CloudWatch can provide detailed metrics about Amazon EC2 instance utilization, including the percentage of allocated compute units in use, allowing users to monitor and optimize performance.

---

#5. Which AWS services or features allow users to create a network connection between two VPCs? (Select TWO.)

=>  VPC peering / AWS Transit Gateway
VPC peering and AWS Transit Gateway are two AWS services or features that allow users to create a network connection between two VPCs.

---

#6. Which AWS service should be used to store database credentials with the highest security?

=> AWS Secrets Manager(★)

애플리케이션에서 사용하는 비밀 정보를 안전하게 관리하고 자동 갱신할 수 있는 AWS 관리 서비스

(비밀 정보 : API 키, 토큰, SSH 키, 인증서 등)

주요 기능 : 비밀 정보 안전저장, 자동 갱신, 통합 관리, 감사 및 모니터링
AWS Secrets Manager should be used to store database credentials with the highest security. It securely stores, encrypts, rotates, and retrieves secrets such as credentials, passwords, and API keys.

---

#7.  A manufacturing company has a mission-critical application that runs in a remote location with a slow internet connection. The company wants to migrate the workload to AWS. The application is latency-sensitive and prone to connectivity disruptions. Which AWS service or feature should the company use to meet these requirements?

=> AWS Outposts

AWS 서비스를 기업 자체 데이터센터에 설치하여 클라우드 환경을 구현, 격리된 환경에서 실행 가능

AWS 장치를 회사 내부에 설치하는 서비스

aws 인프라를 온프레미스에 설치(로컬에서 설치 > 지연 최소화)

인터넷 끊겨도 일부 작업 가능

AWS Outposts is a service that offers fully managed and configurable compute and storage racks, allowing you to run workloads on-premises and connect to AWS services in the cloud.

---

#8.(★) Which AWS service provides highly durable object storage?

=> Amazon S3

AWS에서 제공하는 객체 스토리지 서비스, 안전하고 확장가능한 클라우드 파일 저장

파일을 인터넷에 안전하게 저장하는 클라우드 저장소

(특징)

무제한 저장(용량 제한 거의 없음)

높은 내구성(99.999999%)(11 9s) > 데이터가 거의 안날아감

높은 가용성 > 언제든 접근 가능(웹에서 바로)

다양한 스토리지 클래스(사용 패턴에 따라 비용 최적화 가능) 

Amazon S3 provides highly durable object storage, ideal for a wide variety of cloud storage use cases.

 

+ Amazon EBS

Amazon 블록 스토리지

영구 스토리지 > EC2 꺼도 데이터 유지됨 (안전한 외장하드)

EC2에 붙여서 쓰는 하드디스크 

매우 빠른 성능

 

+ Instance Store

EC2에 붙어있는 임시 로컬 디스크

휘발성 > EC2 종료되면 데이터 삭제(램처럼 날아가는 임시 저장소)

엄청 빠름 (물리 서버에 직접 붙어있음)

 

+ Amazon EFS

파일 스토리지 > 여러 EC2가 동시에 쓰는 공유폴더

여러 서버에서 동시에 접근 가능, 자동 확장

NFS 기반

 

+ Amazon FSx

AWS에서 제공하는 관리형 파일 시스템 서비스

Windows 환경용 파일 서버(AD 연동)

특정 목적(윈도우, 고성능 등)에 최적화된 파일 서버 > 전문 기능 있는 고급 네트워크 드라이브 느낌

 

---

#9. Which AWS service is always free for users?

=> AWS Identity and Access Management (IAM)
AWS Identity and Access Management (IAM) is a service that enables users to manage access to AWS services and resources. IAM is always free for users.

---

#10. Which actions are examples of a company's effort to right-size their AWS resources to control cloud costs? (Select TWO.)

=> Selecting Amazon EC2 instance types based on previous utilization patterns

=> Using Amazon S3 lifecycle policies to move infrequently accessed objects to lower-cost storage tiers.
Selecting EC2 instance types based on past utilization and using S3 lifecycle policies to reduce costs are cost optimization strategies.

---

#11. Which AWS service provides encryption at rest for Amazon RDS and for Amazon Elastic Block Store (Amazon EBS) volumes?

=> B. AWS Key Management Service (AWS KMS)

데이터 암호화에 사용되는 암호화 키 관리 서비스

encryption(암호화) 나오면? > KMS
AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. AWS KMS provides centralized control over the encryption keys used to protect your data. You can use AWS KMS to encrypt data in Amazon RDS and Amazon EBS volumes.

 

---

#12.(★) A company has an application workload that is designed to be stateless(상태 저장안함) and can withstand occasional interruptions(중단 허용 가능). The application performs massively parallel computations(병렬 작업). Which Amazon EC2 instance pricing model should the company choose to reduce costs?

=> spot instances

남는 자원을 싸게 빌리는 대신, 언제든 끊길 수 있는 인스턴스

(키워드)

Stateless(상태저장안함)(끊겨도됨)

can withstand interruptions(중단 허용 가능)

massively parallel(병렬 작업)

(특징)

최대 90% 저렴

강제 종료 가능

Spot Instances allow you to take advantage of unused EC2 capacity in the AWS cloud available at up to a 90% discount compared to On-Demand prices.

 

+ On-Demand

필요할 때 바로 사용

가장 비쌈

중단 없음

=> 유연하지만 가장 비쌈

 

+ Reserved Instance(RI)

1년/3년 약정

특정 인스턴스(고정)를 예약해서 할인받는 방식(기준 : 인스턴스)

최대 ~75% 할인

중단 없음 > 계속 쓰는 서비스에 적합

오래 쓸 예정일 때 적합

"이 좌석 고정으로 살게요"

 

+ Spot Instance

최대 90% 할인

언제든 끊김 가능

=> 싸지만 불안정

 

+ Saving Plans

일정 사용량 약정 (사용 금액을 약정하고 할인받는 방식)(기준 : 사용 금액)

유연하게 할인 적용

=> RI보다 유연한 할인 "돈은 낼게요, 자리는 바꿔도돼요"

 

 

~> 장기 사용일때 : RI, Saving Plans

항상 켜져있어야할때 : on-demand / RI => 안끊겨야 할 때 !!

Batch, 병렬 작업 : spot

stateless, interruption가능 : spot