- Submit Assignment on www.Debug.School.
- Each Question must be submitted in New Post
Part – 1: General
- Q1. What is the difference between Network firewall & Os level firewall?
- Q2. What are the type of pvt key?
- Q3. What is the diff between public and pvt ip
- Q4. What is Region and Availability zone?
- Q5. What are the types of Storage and use case of it?
- Q6. What is Policy and Permission in IAM?
- Q7. Write down and understanding of a concept of network, subnet, network firewall, internet gateway, route table?
- Q8. Explain a top 5 DNS records and their use cases in DNS server
- Q9. Create an Free Tier Account on AWS and List down Top 20 Services and each must be explained well.
AWS Assignment: Computing
- What is the difference between Network firewall & Os level firewall?
- What are the type of pvt key?
- What is the diff between public and pvt ip
AWS Lab & Exercise: VPC – Virtual Private Cloud Assignment
- What is VPC, Subnet, Routetable and Internet gateway?
AWS Cloudformation Lab and Assignment
AWS Storage
Write an answer for debug.school for the following questions
- What are the types of Storage?
- Diff betweeen BLOCK vs FILE vs OBJECT
- Use cases of EBS, EFS & S3 and which is cost effective?
- Write a step by step guide for attaching ebs to ec2 windows instance using powershell script?
Projects:
Step by Step guide for Buy a domain at AWS Route53 & develop one static CV website and host at aws S3
Latest posts by Rajesh Kumar (see all)
- Installing Jupyter: Get up and running on your computer - November 2, 2024
- An Introduction of SymOps by SymOps.com - October 30, 2024
- Introduction to System Operations (SymOps) - October 30, 2024
Day 4 – AWS Lab & Assignment.
Part – 1: GeneralQ1. What is the difference between Network firewall & Os level firewall?
Network Firewall: Firewall filters traffic going from Internet to secured LAN and vice versa. Is a hardware based.
OS Level Firewall: A Operating system firewall is a software application or suite of applications installed on a singular computer. Is a software based.
Q2. What are the type of private key?
A private key is a large, randomly-generated number with hundreds of digits. For simplicity, they are usually represented as strings of alphanumeric characters.
Example of Private key: KxFC1jmwwCoACiCAWZ3eXa96mBM6tb3TYzGmf6YwgdGWZgawvrtJ.
Well-known secret-key algorithms include:
Advanced Encryption Standard (AES).
Triple Data Encryption Standard (3DES).
Rivest Cipher 4 (RC4).
Q3. What is the difference between public and private ip?
A public IP address identifies you to the wider internet so that all the information you are searching for can find you.
A private IP address is used within a private network to connect securely to other devices within that same network.
Q4. What is Region and Availability zone?
AWS Regions: Are separate geographic areas that AWS uses to house its infrastructure. These are distributed around the world so that customers can choose a region closest to them in order to host their cloud infrastructure there. The closer your region is to you, the better, so that you can reduce network latency as much as possible for your end-users. You want to be near the data centers for fast service.
AWS Availability Zones: An AWS Availability Zone (AZ) is the logical building block that makes up an AWS Region. Each region has multiple Availability Zones.
Q5. What are the types of Storage and use case of it?
There are three main cloud storage types: object storage, file storage, and block storage. Each offers its own advantages and has its own use cases.
Object storage : Is a technology that stores and manages data in an unstructured format called objects.
Here are common use cases: Analytic, Data Lake, Data Archiving, rich media, backup and recovery and cloud native application data.
File storage: Is a method for storing data in the cloud that provides servers and applications access to data through shared file systems.
Here are common use cases: Web serving, Content management, Analytics, Media and entertainment, home directories, Database backups and Development tools.
Block storage: Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes for use with EC2 instances.
Here are common use cases: EBS is Amazon’s block-level storage solution used with the EC2 cloud service to store persistent data. This means that the data is kept on the AWS EBS servers even when the EC2 instances are shut down.
Q6. What is Policy and Permission in IAM?
Policy: Is an object in AWS that, when associated with an identity or resource, defines their permissions.
Permissions : In the policies determine whether the request is allowed or denied.
Q7. Write down and understanding of a concept of network, subnet, network firewall, internet gateway, route table?
Network: Is the combination of two or more computers and their connecting links.
Subnet: A subnet, or subnetwork, is a segmented piece of a larger network.
Network Firewall: Network firewall is a security device used to stop unauthorized access to private networks connected to the Internet.
Internet gateway: An Internet gateway transfers communications between an enterprise network and the Internet.
Route Table: A routing table is a set of rules that is used to determine where data packets traveling over an Internet Protocol network will be directed.
Q8. Explain a top 5 DNS records and their use cases in DNS server?
The following are the five major DNS record types:
A record: The “A” stands for “address” and this is the most fundamental type of DNS record. It indicates the IP address of a given domain.
Use case: Address Record points a domain or subdomain to an IP address.
For example, you can use it for store.website.com or blog.website.com and point it to where you have your store.
AAAA record: Sometimes referred to as a quad A record gives the IPv6 information when a DNS query is performed.
Use case: AAAA record is used to find the IP address of a computer connected to the internet from a name. The AAAA record is conceptually similar to the A record, but it allows you to specify the IPv6 address of the server, rather than the IPv4.
CNAME record: A Canonical Name or CNAME record is a type of DNS record that maps an alias name to a true or canonical domain name.
Used case: CNAME record can map the web address http://www.example.com to the actual web site for the domain example.com.
NS record: Nameserver record is a DNS record that contains the name of the authoritative name server within a domain. When a client queries for an IP address, it can find the IP address of their intended destination from an NS record via a DNS lookup.
Use case: NS records tell the Internet where to go to find out a domain’s IP address.
MX record: A mail exchanger record specifies the mail server responsible for accepting email messages on behalf of a domain name.
Use case: A DNS mail exchange (MX) record directs email to a mail server.
Q9. Create an Free Tier Account on AWS and List down Top 20 Services and each must be explained well?
1. Amazon EC2 (Elastic Compute Cloud): It offers virtual servers to manage any kind of workload. It facilitates the computing infrastructure with the best suitable processors, networking facilities, and storage systems. Amazon EC2 provides highly reliable, performing computing infrastructure to meet business demands. It helps you to access resources quickly and dynamically scale capacities as per demands.
2. Amazon S3: Is an object storage AWS service, which is highly scalable. It mainly helps users to access any quantity of data from anywhere. The data is stored in storage classes to reduce costs. Amazon S3 can handle any volume of data. It supports maintaining data version controls and preventing accidental deletion.3. AWS Aurora: It is a MySQL and PostgreSQL compatible database with high performance. It is five times faster than standard MySQL databases. It can automate tasks such as hardware provisioning, database setup and backups, and patching. It is fault-tolerant, self-healing storage system that could scale automatically as per needs. Significantly, it enhances database security, availability, and reliability.
4. Amazon DynamoDB: DynamoDB is a promising addition to this list of AWS services. DynamoDB is a fast and flexible database system that provides innovative opportunities to developers at low costs.Unlimited throughput and storage. DynamoDB has in-built tools to generate useful analytics, and monitor traffic trends in applications.
5. Amazon RDS: Amazon RDS is the managed Relational Database Service (RDS) for MySQL, PostgreSQL, Oracle, SQL Server, and MariaDB. It allows the setup, operation, and scale of a relational database in the cloud quickly. Also, it achieves high performance by automating the tasks such as hardware provisioning, database setup, patching, and backups. When you use Amazon RDS, you don’t need to install and maintain the database software.
6. Amazon Lambda: Amazon Lambda is a serverless cloud service and that run event-driven applications as a service. It helps to run codes automatically without worrying about servers and clusters. Codes can be uploaded directly to run without worrying about provisioning or managing infrastructure. It manages the computing resources automatically across multiple availability zones and scales them when a new action triggers.
7. Amazon VPC: Amazon VPC is the Virtual Private Cloud, which is an isolated cloud resource. It controls the virtual networking environment, such as resource placement, connectivity, and security. And it allows you to build and manage compatible VPC networks across cloud AWS resources and on-premise resources. Here, it improves security by applying rules for inbound and outbound connections. Amazon VPC also detects anomalies in the patterns, prevents data leakage, and troubleshoots network connectivity and configuration issues.
8. Amazon CloudFront: This AWS service delivers content globally and offers high performance and security. It delivers data with high speed and low latency. The security of data is enhanced with traffic encryption methods and access controls. Also, data can be transferred within milliseconds with its in-built data compression, edge computing capabilities, and field-level encryption.
9. AWS Elastic Beanstalk: This AWS service supports running and managing web applications. Elastic Beanstalk allows for easy deployment of applications from capacity provisioning, load balancing, and auto-scaling to application health monitoring. It helps to manage peak workloads and traffic with minimum costs. AWS Elastic Beanstalk is a developer-friendly tool since it manages servers, load balancers, firewalls, and networks simply.
10. Amazon EC2 Auto-scaling: This AWS service scales computing capacity to meet the demands accurately. And it is achieved by adding or removing EC2 instances automatically. There are two types of scaling such as dynamic scaling and predictive scaling. Here, dynamic scaling responds to the presently changing demands, whereas predictive scaling responds based on predictions. Through Amazon EC2 Auto-scaling, you can identify the unhealthy EC2 instances, terminate them, and replace them with new instances.
11. Amazon S3 Glacier: Amazon S3 Glacier is the archive storage in the cloud at a low cost. It is built with three storage classes such as S3 Glacier instant retrieval, flexible retrieval, and deep archive. Here, the instant class supports immediate access to data, and the flexible class allows flexible access within minutes to hours with no cost. The third one, deep archive, helps archive compliance data and digital media. Overall, they support you to access data from archives faster.
12. Amazon Lightsail: This service offers Virtual Private Server instances, containers, databases, and storage. It allows a serverless computing service with AWS Lambda. With Amazon Lightsail, you can create websites using pre-configured applications such as WordPress, Magento, Prestashop, and Joomla in a few clicks and at a low cost. In addition to this, it is the best tool for testing, so you can create, test, and delete sandboxes with your new ideas.
13. Amazon EBS: Amazon Elastic Block Store (EBS) is the block storage service. It supports scaling high-performance workloads such as SAP, Oracle, and Microsoft products. And it provides better protection against failures up to 99.999%. It helps to resize clusters for big data analytics engines such as Hadoop and Spark. Also, you can build storage volumes, optimize storage performance, and reduce costs. Amazon EBS’s lifecycle management creates policies that help create and manage backups effectively.
14. Amazon Elastic File System (EFS): Amazon EFS is the fully managed file system for Amazon EC2. And it is a simple and serverless elastic file system. You can create and configure file systems without provisioning, deploying, patching, and maintenance using Amazon EFS. Files can be added and deleted as per the scaling needs. Especially, you can pay only for the used space, hence this service helps to reduce costs.
15. AWS IAM: It is the Identity and Access Management (IAM) service offered by AWS to securely access the applications and resources. It regulates access to various resources based on roles and access policies; as a result, you can achieve a fine-grained access control on your resources. The AWS IAM access analyzer helps streamline permission management through setting, verifying, and refining. In addition, AWS IAM attribute-based access control helps create fine-grained permissions based on the user attributes such as department, job role, team name, etc.
16. AWS Firewall Manager: It is the central management service of firewall rules. The firewall manager supports managing firewall rules across all the applications and accounts. The common security rules help to manage new applications included over time. It is the one-time solution for consistently creating firewall rules and security policies and implementing them across the infrastructure. AWS firewall manager helps you audit VPC security groups for compliance requirements and control network traffic effectively.
17. Amazon Route 53: It is a scalable cloud Domain Name System (DNS) service. It allows end-users to connect with Amazon EC2, Elastic load balancers, Amazon S3 buckets, and even outside AWS. In this service, the feature ‘Route 53 application recovery controllers’ configure DNS health checks and helps to monitor the ability of systems to recover from failures. And ‘Route 53 traffic flow’ helps manage traffic across the globe using routing methods such as latency-based routing, Geo DNS, Geoproximity, and weighted round-robin.
18. AWS Cloud Formation: This AWS service creates and manages resources with templates. It is a single platform that can handle all AWS accounts across the globe. It automates resource management with AWS service integration, and offers turnkey application distribution and governance controls. Also, AWS Cloud Formation can automate, test, and deploy infrastructure with continuous integration and delivery. And you can run applications right from AWS EC2 to complex multi-region applications using this service.
19. Amazon Sagemaker: Amazon Sage-maker is the AWS service that allows building, training, and deploying Machine Learning (ML) models at a large capacity. It is an analytical tool that functions based on Machine Learning power to analyze data more efficiently. With its single tool-set, you can build high-quality ML models quickly. Amazon Sage-maker not only generates reports but provides the purpose for generating predictions too. In addition, Amazon Ground Truth Plus creates datasets without labeling applications.
20. Amazon SNS: It is the Amazon Simple Notification Service (SNS). It is a messaging service between Application to Application (A2P) and Application to Person (A2Person). Here, A2P helps many-to-many messaging between distributed systems, microservices, and event-driven serverless applications. And, A2P supports applications to send messages to many users via mail, SMS, etc. For instance, you can send up to ten messages in a single API request. With effective filtering systems, subscribers will receive messages that they are interested in. Besides, Amazon SNS works alongside Amazon SQS to deliver messages accurately and consistently.
AWS Assignment: Computing.
Q1. What is the difference between Network firewall & Os level firewall?
Network Firewall: Firewall filters traffic going from Internet to secured LAN and vice versa. Is a hardware based.
OS Level Firewall: A Operating system firewall is a software application or suite of applications installed on a singular computer. Is a software based.
Q2. What are the type of private key?
A private key is a large, randomly-generated number with hundreds of digits. For simplicity, they are usually represented as strings of alphanumeric characters.
Example of Private key: KxFC1jmwwCoACiCAWZ3eXa96mBM6tb3TYzGmf6YwgdGWZgawvrtJ.
Well-known secret-key algorithms include:
Advanced Encryption Standard (AES).
Triple Data Encryption Standard (3DES).
Rivest Cipher 4 (RC4).
3.What is the diff between public and pvt ip:
A public IP address identifies you to the wider internet so that all the information you’re searching for can find you. A private IP address is used within a private network to connect securely to other devices within that same network.