NiC IT Academy

AWS Interview Questions Set 02

Published On: 23 July 2024

Last Updated: 11 September 2024

No Responses

21. How is stopping an Amazon EC2 instance different from terminating it?

Stopping an Amazon EC2 instance results in a normal shutdown being performed on the instance, and the instance is moved to a stop state. However, when an EC2 instance is terminated, it is transferred to a stopped state, and any EBS volumes attached to it are deleted and cannot be recovered.

22. Is there any other alternative tool to log into the cloud environment other than console?

The that can help you log into the AWS resources are:

  • Putty
  • AWS CLI for Linux
  • AWS CLI for Windows
  • AWS CLI for Windows CMD
  • AWS SDK
  • Eclipse

23. What services can be used to create a centralized logging solution?

The essential services that you can use are Amazon CloudWatch Logs, store them in Amazon S3 and then use Amazon Elastic Search to visualize them. You can use Amazon Kinesis Firehose to move the data from Amazon S3 to Amazon ElasticSearch.

24. What are the native AWS Security logging capabilities?

Most of the AWS services have their logging options. Also, some of them have account level logging, like in AWS CloudTrail, AWS Config, and others. Let’s take a look at two services in specific:

AWS CloudTrail

This is a service that provides a history of the AWS API calls for every account. It lets you perform security analysis, resource change tracking, and compliance auditing of your AWS environment as well. The best part about this service is that it enables you to configure it to send notifications via AWS SNS when new logs are delivered.

AWS Config 

This helps you understand the configuration changes that happen in your environment. This service provides an AWS inventory that includes configuration history, configuration change notification, and relationships between AWS resources. It can also be configured to send information via AWS SNS when new logs are delivered.

25. What is a DDoS attack, and what services can minimize them?

DDoS is a cyber-attack in which the perpetrator accesses a website and creates multiple sessions so that the other legitimate users cannot access the service. The native tools that can help you deny the DDoS attacks on your AWS services are:

  • AWS Shield
  • AWS WAF
  • Amazon Route53
  • Amazon CloudFront
  • ELB
  • VPC

26. You are trying to provide a service in a particular region, but you do not see the service in that region. Why is this happening, and how do you fix it?

Not all Amazon AWS services are available in all regions. When Amazon initially launches a new service, it doesn’t get immediately published in all the regions. They start small and then slowly expand to other regions. So, if you don’t see a specific service in your region, chances are the service hasn’t been published in your region yet. However, if you want to get the service that is not available, you can switch to the nearest region that provides the services.

27. How do you set up a system to monitor website metrics in real-time in AWS?

Amazon CloudWatch helps you to monitor the application status of various AWS services and custom events. It helps you to monitor:

  • State changes in Amazon EC2
  • Auto-scaling lifecycle events
  • Scheduled events
  • AWS API calls
  • Console sign-in events

28. What are the different types of virtualization in AWS, and what are the differences between them?

The three major types of virtualization in AWS are: 

  • Hardware Virtual Machine (HVM)
    It is a fully virtualized hardware, where all the virtual machines act separate from each other. These virtual machines boot by executing a master boot record in the root block device of your image.
  • Paravirtualization (PV)
    Paravirtualization-GRUB is the bootloader that boots the PV AMIs. The PV-GRUB chain loads the kernel specified in the menu.
  • Paravirtualization on HVM
    PV on HVM helps operating systems take advantage of storage and network I/O available through the host.

29. Name some of the AWS services that are not region-specific

AWS services that are not region-specific are:

  • IAM
  • Route 53
  • Web Application Firewall 
  • CloudFront

30. What are the differences between NAT Gateways and NAT Instances?

While both NAT Gateways and NAT Instances serve the same function, they still have some key differences.

31. What is CloudWatch?

The Amazon CloudWatch has the following features:

  • Depending on multiple metrics, it participates in triggering alarms.
  • Helps in monitoring the AWS environments like CPU utilization, EC2, Amazon RDS instances, Amazon SQS, S3, Load Balancer, SNS, etc.

32. What is an Elastic Transcoder?

To support multiple devices with various resolutions like laptops, tablets, and smartphones, we need to change the resolution and format of the video. This can be done easily by an AWS Service tool called the Elastic Transcoder, which is a media transcoding in the cloud that exactly lets us do the needful. It is easy to use, cost-effective, and highly scalable for businesses and developers.

33. With specified private IP addresses, can an Amazon Elastic Compute Cloud (EC2) instance be launched? If so, which Amazon service makes it possible?

Yes. Utilizing VPC makes it possible (Virtual Private Cloud).

34. Define Amazon EC2 regions and availability zones?

Availability zones are geographically separate locations. As a result, failure in one zone has no effect on EC2 instances in other zones. When it comes to regions, they may have one or more availability zones. This configuration also helps to reduce latency and costs.

35. Explain Amazon EC2 root device volume?

The image that will be used to boot an EC2 instance is stored on the root device drive. This occurs when an Amazon AMI runs a new EC2 instance. And this root device volume is supported by EBS or an instance store. In general, the root device data on Amazon EBS is not affected by the lifespan of an EC2 instance.

36. Mention the different types of instances in  Amazon EC2 and explain its features.

  1. General Purpose Instances: They are used to compute a range of workloads and aid in the allocation of processing, memory, and networking resources.
  2. Compute Optimized Instances: These are ideal for compute-intensive applications. They can handle  batch processing workloads, high-performance web servers, machine learning inference, and various other tasks.
  3. Memory Optimized: They process workloads that handle massive datasets in memory and deliver them quickly.
  4. Accelerated Computing: It aids in the execution of floating-point number calculations, data pattern matching, and graphics processing. These functions are carried out using hardware accelerators.
  5. Storage Optimized: They handle tasks that require sequential read and write access to big data sets on local storage.

37. Will your standby RDS be launched in the same availability zone as your primary?

No, standby instances are launched in different availability zones than the primary, resulting in physically separate infrastructures. This is because the entire purpose of standby instances is to prevent infrastructure failure. As a result, if the primary instance fails, the backup instance will assist in recovering all of the data.

38. What is the difference between a Spot Instance, an On-demand Instance, and a Reserved Instance?

Spot instances are unused EC2 instances that users can use at a reduced cost.

When you use on-demand instances, you must pay for computing resources without making long-term obligations.

Reserved instances, on the other hand, allow you to specify attributes such as instance type, platform, tenancy, region, and availability zone. Reserved instances offer significant reductions and capacity reservations when instances in certain availability zones are used.

39. How would you address a situation in which the relational database engine frequently collapses when traffic to your RDS instances increases, given that the RDS instance replica is not promoted as the master instance?

A larger RDS instance type is required for handling significant quantities of traffic, as well as producing manual or automated snapshots to recover data if the RDS instance fails.

40. What do you understand by ‘changing’ in Amazon EC2?

To make limit administration easier for customers, Amazon EC2 now offers the option to switch from the current ‘instance count-based limitations’ to the new ‘vCPU Based restrictions.’ As a result, when launching a combination of instance types based on demand, utilization is measured in terms of the number of vCPUs.

Loading

Login with your email & password

Sign up with your email & password

Signup/Registration Form