diff --git a/README.md b/README.md
index 64dd057..0a8b54c 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
:information_source: This repo contains questions and exercises on various technical topics, sometimes related to DevOps and SRE :)
-:bar_chart: There are currently **1097** questions
+:bar_chart: There are currently **1139** questions
:busts_in_silhouette: [Join](https://www.facebook.com/groups/538897960007080) our [Facebook group](https://www.facebook.com/groups/538897960007080) or follow us on [Twitter](https://twitter.com/devopsbit) for additional daily exercises, articles and more resources on DevOps
@@ -36,7 +36,7 @@
Python Beginner :baby: Advanced :star: |
Go Beginner :baby:
|
Shell Scripting Beginner :baby: Advanced :star: |
- Kubernetes Beginner :baby:
|
+ Kubernetes |
Prometheus Beginner :baby: Advanced :star: |
Mongo Beginner :baby:
|
SQL Beginner :baby: Advanced :star: |
@@ -53,7 +53,7 @@
Monitoring Beginner :baby:
|
- Elastic Beginner :baby:
|
+ Elastic |
Virtualization Beginner :baby:
|
DNS Beginner :baby:
|
Operating System Beginner :baby:
|
@@ -71,6 +71,9 @@
Questions you ask |
Exercises |
+
+ Certificates |
+
@@ -632,6 +635,16 @@ Read more [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html)
Read more about instance types [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)
+
+True or False? The following are instance types available for a user in AWS:
+
+ * Compute optimizied
+ * Network optimizied
+ * Web optimized
+
+False. From the above list only compute optimized is available.
+
+
What is EBS?
@@ -659,6 +672,32 @@ More on this subject [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/
How to migrate an instance to another availability zone?
+#### AWS Serverless Compute
+
+
+Explain what is AWS Lambda
+
+AWS definition: "AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume."
+
+Read more on it [here](https://aws.amazon.com/lambda)
+
+
+
+True or False? In AWS Lambda, you are charged as long as a function exists, regardless of whether it's running or not
+
+False. Charges are being made when the code is executed.
+
+
+
+Which of the following set of languages Lambda supports?
+
+ * R, Swift, Rust, Kotlin
+ * Python, Ruby, Go
+ * Python, Ruby, PHP
+
+ * Python, Ruby, Go
+
+
#### AWS Storage
@@ -747,6 +786,16 @@ More on storage classes [here](https://aws.amazon.com/s3/storage-classes)
+
+A customer would like to move data which is rarely accessed from standard storage class to the most cheapest class there is. Which storage class should be used?
+
+ * One Zone-IA
+ * Glacier Deep Archive
+ * Intelligent-Tiering
+
+Glacier Deep Archive
+
+
Explain what is Storage Gateway
@@ -869,6 +918,12 @@ The shared responsibility model defines what the customer is responsible for and
More on the shared responsibility model [here](https://aws.amazon.com/compliance/shared-responsibility-model)
+
+True or False? Based on the shared responsibility model, Amazon is responsible for physical CPUs and security groups on instances
+
+False. It is responsible for Hardware in its sites but not for security groups which created and managed by the users.
+
+
What is the AWS compliance program?
@@ -907,6 +962,25 @@ AWS definition: "KMS makes it easy for you to create and manage cryptographic ke
More on KMS [here](https://aws.amazon.com/kms)
+
+What is AWS Acceptable Use Policy?
+
+It describes prohibited uses of the web services offered by AWS.
+More on AWS Acceptable Use Policy [here](https://aws.amazon.com/aup)
+
+
+
+True or False? A user is not allowed to perform penetration testing on any of the AWS services
+
+False. On some services, like EC2, CloudFront and RDS, penetration testing is allowed.
+
+
+
+True or False? DDoS attack is an example of allowed penetration testing activity
+
+False.
+
+
#### AWS Databases
@@ -977,7 +1051,13 @@ Read more about it [here](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_I
-Multiple Internet Gateways can be attached to one VPC
+True or False? NACL allow or deny traffic on the subnet level
+
+True
+
+
+
+True or False? Multiple Internet Gateways can be attached to one VPC
False. Only one internet gateway can be attached to a single VPC.
@@ -1039,10 +1119,6 @@ Cost Explorer
Trusted Advisor
-
-What is the Trusted Advisor?
-
-
What service allows you to transfer large amounts (Petabytes) of data in and out of the AWS cloud?
@@ -1085,6 +1161,42 @@ AWS RDS
AWS DynamoDB
+
+What would you use for adding image and video analysis to your application?
+
+AWS Rekognition
+
+
+
+Which service is used for sending notifications?
+
+SNS
+
+
+
+What would you use for running SQL queries interactively on S3?
+
+AWS Athena
+
+
+
+Which service would you use for monitoring malicious activity and unauthorized behavior in regards to AWS accounts and workloads?
+
+Amazon GuardDuty
+
+
+
+Which service would you use for centrally manage billing, control access, compliance, and security across multiple AWS accounts?
+
+AWS Organizations
+
+
+
+Which service would you use for web application protection?
+
+AWS WAF
+
+
#### AWS DNS
@@ -1146,6 +1258,14 @@ AWS definition: "AWS Organizations helps you centrally govern your environment a
More on Organizations [here](https://aws.amazon.com/organizations)
+
+What are Service Control Policies and to what service they belong?
+
+AWS organizations service and the definition by Amazon: "SCPs offer central control over the maximum available permissions for all accounts in your organization, allowing you to ensure your accounts stay within your organization’s access control guidelines."
+
+Learn more [here](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html)
+
+
Explain AWS pricing model
@@ -1172,6 +1292,23 @@ More on AWS pricing model [here](https://aws.amazon.com/pricing)
* AWS personal Health Dashoard
+
+Which of the following are AWS accounts types (and are sorted by order)?
+
+ * Basic, Developer, Business, Enterprise
+ * Newbie, Intermediate, Pro, Enterprise
+ * Developer, Basic, Business, Enterprise
+ * Beginner, Pro, Intermediate Enterprise
+
+ * Basic, Developer, Business, Enterprise
+
+
+
+True or False? Region is a factor when it comes to EC2 costs/pricing
+
+True. You pay differently based on the chosen region.
+
+
#### AWS Misc
@@ -1180,20 +1317,30 @@ More on AWS pricing model [here](https://aws.amazon.com/pricing)
What is AWS Lightsail?
+
+AWS definition: "Lightsail is an easy-to-use cloud platform that offers you everything needed to build an application or website, plus a cost-effective, monthly plan."
+
+
+
+What is AWS Rekognition?
+
+AWS definition: "Amazon Rekognition makes it easy to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise to use."
+
+Learn more [here](https://aws.amazon.com/rekognition)
What is AWS Athena?
+
+"Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL."
+
+Learn more about AWS Athena [here](https://aws.amazon.com/athena)
What is AWS EMR?
-
-Explain what is AWS Lambda
-
-
What is AWS Quick Starts?
@@ -1202,6 +1349,17 @@ AWS definition: "Quick Starts are built by AWS solutions architects and partners
Read more [here](https://aws.amazon.com/quickstart)
+
+What is the Trusted Advisor?
+
+
+
+What AWS services are serverless (or have the option to be serverless)?
+
+AWS Lambda
+AWS Athena
+
+
## Network
@@ -2920,7 +3078,7 @@ Ansible is:
What kind of automation you wouldn't do with Ansible and why?
While it's possible to provision resources with Ansible it might not be the best choice for doing so as Ansible doesn't
-save state by default and a task that creates 5 instances, when executed again will create additional 5 instances (unless
+save state by default. So a task that creates 5 instances for example, when executed again will create additional 5 instances (unless
additional check is implemented).
@@ -3589,8 +3747,7 @@ Because each container has its own writable container layer, and all changes are
## Kubernetes
-
-#### :baby: Beginner
+
What is Kubernetes? Why organizations are using it?
@@ -3762,6 +3919,25 @@ It includes:
What is kubconfig? What do you use it for?
+#### Submariner
+
+
+Explain what is Submariner and what is it used for
+
+"Submariner enables direct networking between pods and services in different Kubernetes clusters, either on premise or in the cloud."
+
+You can learn more [here](https://submariner-io.github.io)
+
+
+
+What each of the following components does?:
+
+ * Lighthouse
+ * Broker
+ * Gateway Engine
+ * Route Agent
+
+
## Coding
@@ -5355,6 +5531,12 @@ a = f()
How yield works exactly?
+##### Python Geeks :)
+
+
+Tell me something about Python that you think most people don't know
+
+
## Monitoring
@@ -5374,21 +5556,15 @@ If the issue doesn't require any human intervention, then the problem can be fix
What types of monitoring outputs are you familiar with and/or used in the past?
-Alerts
-Tickets
-Logging
+Alerts
+Tickets
+Logging
What is the different between infrastructure monitoring and application monitoring? (methods, tools, ...)
-##### Python Geeks :)
-
-
-Tell me something about Python that you think most people don't know
-
-
## Prometheus
@@ -7285,9 +7461,6 @@ CPDoS or Cache Poisoned Denial of Service. It poisons the CDN cache. By manipula
## Elastic
-
-#### :baby: Beginner
-
What is the Elastic Stack?
@@ -7590,9 +7763,6 @@ Total number of documents matching the search results. If not query used then si
What are filebeat modules?
-
-#### :star: Advnaced
-
Describe how would an architecture of production environment with large amounts of data would be different from a small-scale environment
@@ -7602,6 +7772,14 @@ A small-scale architecture of elastic will consist of the elastic stack as it is
A production environment with large amounts of data can include some kind of buffering component (e.g. Reddis or RabbitMQ) and also security component such as Nginx.
+#### Elastic Stack
+
+
+How do you secure an Elastic Stack?
+
+You can generate certificates with the provided elastic utils and change configuration to enable security using certificates model.
+
+
## DNS
@@ -7946,6 +8124,22 @@ TODO: explain what is actually a Cookie
What is DNS load balancing? What its advantages? When would you use it?
+
+What are sticky sessions?
+
+Recommended read:
+ * [Red Hat Article](https://access.redhat.com/solutions/900933)
+
+
+
+What are the cons and pros of sticky sessions?
+
+Cons:
+ * Can cause uneven load on instance (since requests routed to the same instances)
+Pros:
+ * Ensures in-proc sessions are not lost when a new request is created
+
+
#### Licenses
@@ -8502,12 +8696,9 @@ A programming model for large-scale data processing
If you are looking for a way to prepare for a certain exam this is the section for you. Here you'll find a list of certificates, each references to a separate file with focused questions that will help you to prepare to the exam. Good luck :)
-Note: in order to make sure you are looking at a relevant source of questions, each certificate name also specifies the year these questions were reviewed or last updated
-
#### AWS
-* [Cloud Practitioner - 2020](certificates/cloud-practitioner.md)
-
+* [Cloud Practitioner](certificates/cloud-practitioner.md) (Latest update: 2020)
## Exercises
diff --git a/certificates/cloud-practitioner.md b/certificates/cloud-practitioner.md
index 6fae4fe..5702e81 100644
--- a/certificates/cloud-practitioner.md
+++ b/certificates/cloud-practitioner.md
@@ -80,7 +80,13 @@ Read more about it [here](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_I
-Multiple Internet Gateways can be attached to one VPC
+True or False? NACL allow or deny traffic on the subnet level
+
+True
+
+
+
+True or False? Multiple Internet Gateways can be attached to one VPC
False. Only one internet gateway can be attached to a single VPC.
@@ -137,6 +143,16 @@ Read more [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html)
Read more about instance types [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)
+
+True or False? The following are instance types available for a user in AWS:
+
+ * Compute optimizied
+ * Network optimizied
+ * Web optimized
+
+False. From the above list only compute optimized is available.
+
+
What is EBS?
@@ -248,6 +264,16 @@ More on storage classes [here](https://aws.amazon.com/s3/storage-classes)
+
+A customer would like to move data which is rarely accessed from standard storage class to the most cheapest class there is. Which storage class should be used?
+
+ * One Zone-IA
+ * Glacier Deep Archive
+ * Intelligent-Tiering
+
+Glacier Deep Archive
+
+
Explain what is Storage Gateway
@@ -442,6 +468,12 @@ The shared responsibility model defines what the customer is responsible for and
More on the shared responsibility model [here](https://aws.amazon.com/compliance/shared-responsibility-model)
+
+True or False? Based on the shared responsibility model, Amazon is responsible for physical CPUs and security groups on instances
+
+False. It is responsible for Hardware in its sites but not for security groups which created and managed by the users.
+
+
What is the AWS compliance program?
@@ -473,6 +505,13 @@ More on the shared responsibility model [here](https://aws.amazon.com/compliance
True
+
+What is AWS Acceptable Use Policy?
+
+It describes prohibited uses of the web services offered by AWS.
+More on AWS Acceptable Use Policy [here](https://aws.amazon.com/aup)
+
+
What is AWS Key Management Service (KMS)?
@@ -480,6 +519,18 @@ AWS definition: "KMS makes it easy for you to create and manage cryptographic ke
More on KMS [here](https://aws.amazon.com/kms)
+
+True or False? A user is not allowed to perform penetration testing on any of the AWS services
+
+False. On some services, like EC2, CloudFront and RDS, penetration testing is allowed.
+
+
+
+True or False? DDoS attack is an example of allowed penetration testing activity
+
+False.
+
+
#### AWS Databases
@@ -508,6 +559,217 @@ A MySQL & Postgresql based relational database. Also, the default database propo
Great for use cases like two-tier web applications that has a MySQL or Postgresql database layer and you need automated backups for your application.
+#### AWS Serverless Compute
+
+
+Explain what is AWS Lambda
+
+AWS definition: "AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume."
+
+Read more on it [here](https://aws.amazon.com/lambda)
+
+
+
+True or False? In AWS Lambda, you are charged as long as a function exists, regardless of whether it's running or not
+
+False. Charges are being made when the code is executed.
+
+
+
+Which of the following set of languages Lambda supports?
+
+ * R, Swift, Rust, Kotlin
+ * Python, Ruby, Go
+ * Python, Ruby, PHP
+
+ * Python, Ruby, Go
+
+
+#### Identify the service or tool
+
+
+Which service would you use for building a website or web application?
+
+Lightsail
+
+
+
+Which tool would you use for choosing between Reserved instances or On-Demand instances?
+
+Cost Explorer
+
+
+
+What would you use to check how many unassociated Elastic IP address you have?
+
+Trusted Advisor
+
+
+
+What service allows you to transfer large amounts (Petabytes) of data in and out of the AWS cloud?
+
+AWS Snowball
+
+
+
+What provides a virtual network dedicated to your AWS account?
+
+VPC
+
+
+
+What you would use for having automated backups for an application that has MySQL database layer?
+
+Amazon Aurora
+
+
+
+What would you use to migrate on-premise Oracle database to AWS?
+
+AWS Database Migration Service
+
+
+
+What would you use to check why certain EC2 instances were terminated?
+
+AWS CloudTrail
+
+
+
+What would you use for SQL database?
+
+AWS RDS
+
+
+
+What would you use for NoSQL database?
+
+AWS DynamoDB
+
+
+
+What would you use for running SQL queries interactively on S3?
+
+AWS Athena
+
+
+
+What would you use for adding image and video analysis to your application?
+
+AWS Rekognition
+
+
+
+Which service is used for sending notifications?
+
+SNS
+
+
+
+Which service would you use for monitoring malicious activity and unauthorized behavior in regards to AWS accounts and workloads?
+
+Amazon GuardDuty
+
+
+
+Which service would you use for centrally manage billing, control access, compliance, and security across multiple AWS accounts?
+
+AWS Organizations
+
+
+
+Which service would you use for web application protection?
+
+AWS WAF
+
+
+#### AWS Billing & Support
+
+
+What is AWS Organizations?
+
+AWS definition: "AWS Organizations helps you centrally govern your environment as you grow and scale your workloads on AWS."
+More on Organizations [here](https://aws.amazon.com/organizations)
+
+
+
+Explain AWS pricing model
+
+It mainly works on "pay-as-you-go" meaning you pay only for what are using and when you are using it.
+In s3 you pay for 1. How much data you are storing 2. Making requests (PUT, POST, ...)
+In EC2 it's based on the purchasing option (on-demand, spot, ...), instance type, AMI type and the region used.
+
+More on AWS pricing model [here](https://aws.amazon.com/pricing)
+
+
+
+How one should estimate AWS costs when for example comparing to on-premise solutions?
+
+* TCO calculator
+* AWS simple calculator
+* Cost Explorer
+
+
+
+What basic support in AWS includes?
+
+* 24x7 customer service
+* Trusted Advisor
+* AWS personal Health Dashoard
+
+
+
+Which of the following are AWS accounts types (and are sorted by order)?
+
+ * Basic, Developer, Business, Enterprise
+ * Newbie, Intermediate, Pro, Enterprise
+ * Developer, Basic, Business, Enterprise
+ * Beginner, Pro, Intermediate Enterprise
+
+ * Basic, Developer, Business, Enterprise
+
+
+
+True or False? Region is a factor when it comes to EC2 costs/pricing
+
+True. You pay differently based on the chosen region.
+
+
+#### AWS Misc
+
+
+What is AWS Lightsail?
+
+AWS definition: "Lightsail is an easy-to-use cloud platform that offers you everything needed to build an application or website, plus a cost-effective, monthly plan."
+
+
+
+What is AWS Rekognition?
+
+AWS definition: "Amazon Rekognition makes it easy to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise to use."
+
+Learn more [here](https://aws.amazon.com/rekognition)
+
+
+
+What is the Trusted Advisor?
+
+
+
+What AWS services are serverless (or have the option to be serverless)?
+
+AWS Lambda
+AWS Athena
+
+
+
+What is AWS Athena?
+
+"Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL."
+
+Learn more about AWS Athena [here](https://aws.amazon.com/athena)
+
+
### Final Note
Good luck! You can do it :)
diff --git a/credits.md b/credits.md
index 0a020fe..f04c3c0 100644
--- a/credits.md
+++ b/credits.md
@@ -16,3 +16,4 @@ Challenge icon by Elizabeth Arostegui in Technology Mix
Testing logo by [Flatart](https://www.iconfinder.com/Flatart)
Google Cloud Plataform Logo created by Google®
VirtualBox Logo created by dAKirby309, under the Creative Commons Attribution-Noncommercial 4.0 License.
+Certificates logo by Flatart
diff --git a/images/certificates.png b/images/certificates.png
new file mode 100644
index 0000000..2124a55
Binary files /dev/null and b/images/certificates.png differ