Professional Documents
Culture Documents
AWS Certified Cloud Practitioner All-in-One Exam Guide (Exam CLF-C01) Daniel Carter full chapter instant download
AWS Certified Cloud Practitioner All-in-One Exam Guide (Exam CLF-C01) Daniel Carter full chapter instant download
https://ebookmass.com/product/ccsp-certified-cloud-security-
professional-all-in-one-exam-guide-daniel-carter/
https://ebookmass.com/product/aws-certified-security-specialty-
all-in-one-exam-guide-exam-scs-c01-tracy-pierce/
https://ebookmass.com/product/aws-certified-developer-associate-
all-in-one-exam-guide-exam-dva-c01-kamesh-ganesan/
https://ebookmass.com/product/google-cloud-certified-
professional-cloud-architect-all-in-one-exam-guide-iman-
ghanizada/
Google Cloud Certified Associate Cloud Engineer All-in-
One Exam Guide Jack Hyman
https://ebookmass.com/product/google-cloud-certified-associate-
cloud-engineer-all-in-one-exam-guide-jack-hyman/
https://ebookmass.com/product/aws-certified-solutions-architect-
associate-all-in-one-exam-guide-exam-saa-c02-joyjeet-banerjee/
https://ebookmass.com/product/ccsp-certified-cloud-security-
professional-all-in-one-exam-guide-3rd-edition-daniel-carter/
https://ebookmass.com/product/google-cloud-certified-
professional-cloud-architect-all-in-one-exam-guide-1st-edition-
iman-ghanizada/
https://ebookmass.com/product/cc-certified-in-cybersecurity-all-
in-one-exam-guide-steven-bennett-2/
ABOUT THE AUTHOR
ISBN: 978-1-26-047388-9
MHID: 1-26-047388-0
The material in this eBook also appears in the print version of this
title: ISBN: 978-1-26-047387-2, MHID: 1-26-047387-2.
Glossary
Index
CONTENTS
Acknowledgments
Introduction
Chapter 1 Becoming an AWS Certified Cloud Practitioner
Why Get Certified?
How to Get Certified
AWS CCP Domains
Domain 1: Cloud Concepts
Domain 2: Security and Compliance
Domain 3: Technology
Domain 4: Billing and Pricing
Chapter Review
Chapter 2 Cloud Concepts
What Is Cloud Computing?
Cloud Computing Concepts
Cloud Computing Definitions
Cloud Computing Roles
Key Cloud Computing Characteristics
Virtualization
Cloud Service Categories
Infrastructure as a Service
Platform as a Service
Software as a Service
Cloud Deployment Models
Public Cloud
Private Cloud
Community Cloud
Hybrid Cloud
Cost-Benefit Analysis
Resource Pooling and Cyclical Demands
Data Center Costs vs. Operational Expense Costs
Focus Change
Ownership and Control
Cost Structure
Universal Cloud Concepts
Interoperability
Elasticity and Scalability
Performance, Availability, and Resiliency
Portability
Service Level Agreements
Regulatory Requirements
Security
Privacy
Auditability
Governance
Maintenance and Versioning
Reversibility
Chapter Review
Exercise 2-1: Creating an AWS Account
Exercise 2-2: Exploring the AWS Management
Console
Questions
Questions and Answers
Chapter 3 Security and Compliance
The AWS Shared Responsibility Model
Underlying Cloud Framework
Managed vs. Unmanaged
Regulatory Compliance
Data Security
Encryption
Hashing
Key Management
Tokenization
Data Loss Prevention
Data De-identification
AWS Identity and Access Management
AWS Root Account
The AWS IAM Dashboard
Securing the Root User
Exercise 3-1: Enable MFA on Your Root Account
IAM Users and Security
Exercise 3-2: Create a Password Policy for IAM
Users
Exercise 3-3: Create an IAM User Account
Federated Access
User Reporting
AWS Support
Support Plan Options
Other Support Resources
Trusted Advisor
Security Support Offerings
Chapter Review
Questions
Questions and Answers
Chapter 4 Technology
Deploying and Operating in the AWS Cloud
AWS Management Console
AWS CLI
AWS Developer Tools
Configuration Management
AWS Global Infrastructure
AWS Regions
Availability Zones
Edge Locations
Core AWS Services
Administrative, Monitoring, and Security Services
Networking and Content Delivery
Storage
Compute Services
Databases
Automation
End-User Computing
Technology Support
Chapter Review
Exercise 4-1: Create an S3 Bucket
Exercise 4-2: Use the AWS CLI
Questions
Questions and Answers
Chapter 5 Billing and Pricing
AWS Free Tier
Categories of Free Offerings
Use of Services Beyond the Free Tier
AWS Service Pricing
AWS Pricing Calculator
Groups
AWS Service Quotas
Reserved Instances
Savings Plans
AWS Billing Dashboard
Viewing Your Bill
Monitoring Your Usage and Costs
Consolidated Billing
Billing Security
Billing Support
AWS IQ
Exercise 5-1: Generate a Pricing Estimate for
VPN Through VPC
Exercise 5-2: Generate a Pricing Estimate for
Multiple Services
Chapter Review
Questions
Questions and Answers
Appendix A Objective Map
Exam CLF-C01
Appendix B AWS Certified Cloud Practitioner Practice Exam
Questions
Questions and Answers
Appendix C About the Online Content
System Requirements
Your Total Seminars Training Hub Account
Privacy Notice
Single User License Terms and Conditions
TotalTester Online
Technical Support
Glossary
Index
ACKNOWLEDGMENTS
This is my third book and my first foray into AWS. I first want to
thank Matt Walker for connecting me to the opportunity with my first
book and encouraging me to take it on. I hope that you find this
book to be an informative and comprehensive aid in your own
professional development and growth.
I owe a special thanks for my technical editor on this book, Taylor
York, for always steering me in the right direction with AWS and
keeping me focused on the right perspective when presenting AWS
technologies and how to approach them.
I worked with David Henry for many years at the University of
Maryland and gained much of my knowledge about middleware and
systems architecture from him. I owe much of my philosophy and
approach to facing IT challenges today to the things I learned
working for and with him. There are so many others from my days
at the University of Maryland from whom I learned so much.
However, I want to specifically call out John Pfeifer, David Arnold,
Spence Spencer, Kevin Hildebrand, Prasad Dharmasena, Fran
LoPresti, Eric Sturdivant, Willie Brown, Sonja Kueppers, Ira Gold, and
Brian Swartzfager.
From my time at the Centers for Medicare & Medicaid Services
(CMS), I want to specifically thank Jon Booth and Ketan Patel for
giving me the opportunity to move into a formal security position for
the first time and trusting me to oversee incredibly public and visible
systems. Also, thanks to Zabeen Chong for giving me the
opportunity to join CMS and expand beyond my roots in the
academic world. Finally, I could never leave out my dear friend Andy
Trusz, who from my first day at CMS showed me the ropes of the
workplace and became a very close personal friend. Sadly, he lost
his battle with cancer the very day I left CMS for Hewlett Packard
Enterprise. I will never forget his friendship and all he showed me!
With any project of this scale, one needs enormous support and
understanding from bosses and coworkers. Ruth Pine was a terrific
boss, giving me the time and freedom to work on my original books
and was always very supportive, as well as giving me the
opportunity at all times to work on new challenges and expand my
areas of expertise, most notably with cloud and SIEM technologies.
Thanks also to Brian Moore, Joe Fuhrman, Steve Larson, BJ
Kerlavage, David Kohlway, Seref Konur, Jack Schatoff, and the
already mentioned Matt Walker for being part of an amazing team at
HPE/DXC/Perspecta and showing me so many different perspectives
and new approaches to challenges! I also have to thank some
colleagues from other companies I have worked closely with on
projects over the years for all their support and encouragement—
specifically, Anna Tant, Jason Ashbaugh, and Richie Frieman.
Three years ago, I was presented with the opportunity to get
back to my roots in the academic world with a terrific job at Johns
Hopkins University working with the Enterprise Authentication team
on SSO and federated identity systems. With a large hospital, this
was an ideal opportunity to combine my experience working in
healthcare. I want to thank my director, Andy Baldwin, for this
opportunity; my manager, Anthony Reid; and the amazing team I
work with: Etan Weintraub, Stephen Molczyk, Kevin Buckley, Sam
Bennett, John Clark, Brian Schisler, Michael Goldberg, and Dotun
Adeoson. I would also like to thank Tyge Goodfellow, Eric Wunder,
Steve Metheny, Phil Bearmen, and Dawn Hayes for expanding my
security and IDM knowledge in many different directions!
Thank you to my parents, Richard and Susan, for all of your
support and encouragement!
Last and most certainly not least, I want to thank my amazing
wife, Robyn, for always being supportive with everything I have
done professionally and personally. With four young kids at home, I
would have never been able to even consider this project without
her help and understanding—and for running interference with all
our kids and pets!
INTRODUCTION
Over the last several years, the term cloud has become common in
the modern lexicon of even lay persons with no connection to,
training in, or expertise in the IT industry. It has become common in
commercials targeting the public at large and is often used as a
main selling point for various services. Even those who do not
understand what cloud computing is or how it works have largely
come to understand it as a positive feature for a product or service,
feeling it means higher reliability, speed, and an overall more
beneficial consumer experience. Many companies are flocking to
cloud computing at a rapid pace due to its benefits and features.
With this enormous paradigm shift in the industry, the demand for
skilled professionals who understand cloud computing has grown at
a similarly rapid pace. This demand applies to professionals in all
facets of computing, but the unique aspects and features of cloud
computing make the need for skilled personnel paramount to any
organization in order to properly design, provision, leverage, and
protect their systems, applications, and data.
Cloud computing represents a paradigm shift in how IT experts
look at leveraging resources and data and the various techniques,
methodologies, and cost models available to them. Some of you
approaching this certification are experienced security professionals
and already hold other certifications. For others, this certification will
be your first. Some of you have been working with cloud computing
from its onset, while others are learning the basics of cloud for the
first time. This certification guide aims to fulfill the requirements of
anyone approaching this challenging exam, regardless of
background or specific experience in IT.
This guide will give you the information you need to pass the AWS
Certified Cloud Practitioner exam, but it will also expand your
understanding and knowledge of cloud computing and security
beyond just being able to answer specific exam questions. The
structure of this All-in-One aligns closely with and provides complete
coverage of the AWS exam objectives. You also get an appendix with
a full-length practice exam. My hope is that you will find this guide
to be a reference that serves you long past this specific exam.
Regardless of your background, experience, and certifications, I
hope you find the world of cloud computing and its capabilities and
challenges to be both enlightening and intellectually stimulating.
Cloud represents a dynamic, exciting new direction in computing and
one that is certain to be a major paradigm for the foreseeable
future.
Objective Map
The objective map included in Appendix A has been constructed to
help you cross-reference the official exam objectives from AWS with
the relevant coverage in the book. Official exam objectives have
been provided exactly as AWS has presented them with the
corresponding chapter that covers that objective.
Kualii who was king at this time, No Kualii, oia ke ’lii nana ka
was building the temple called heiau o Kapua e waiho la ma ke
Kapua, which was situated to the komohana o Leahi puu e nana
east of Leahi Hill overlooking ala ia Mamala. A paa ka heiau,
Mamala. At the completion of the kena o Kualii e hele i o Pumaia
temple, Kualii ordered that a hog ala i puaa, a hiki na elele, ninau
be brought from Pumaia. Upon aku o Pumaia: “Heaha ka oukou
the arrival of the messengers, huakai?” “He puaa, i olelo mai
Pumaia asked them: “What is nei o Kualii i puaa no ka heiau ia
the object of your call?” “We oe, e haawi mai oe.” “Ae he
have been sent by Kualii to you puaa,” pela mai o Pumaia; “aia
for a hog for the temple. You give ka pa puaa.” Pela no ke noi
us one.” “Yes, you can have hooune ana a pau na pa puaa
one,” said Pumaia. “There is the he umi a Pumaia, a koe kana
pig pen.” This request was kept puaa i minamina loa ai. Kena o
up until all the ten hog pens were Kualii i na kanaka e kii i ka puaa,
exhausted and there remained a hiki lakou imua o Pumaia,
but the one hog he thought so ninau mai la o Pumaia: “Heaha
much of. After a time Kualii sent ka oukou o ka hele ana mai
his men for another hog. Upon nei?” “I kii mai oukou i ko puaa i
their arrival in the presence of koe e lawe, pela mai nei o
Pumaia, they were asked: “What Kualii.” “Aole e loaa ia oukou, he
has brought you here?” “We imihala ia; kai no paha he make
have been sent by Kualii to puaa kona, aole ka.” Ia wa, lalau
come for the hog that is left.” lakou la i ka puaa, a lawe me ke
“You shall not have it. He is only aumeume me Pumaia, hookahi
seeking trouble. I thought he was keia he nui lakou la. [473]Ia ianei
really in need of swine, but no.” ia lakou la, pela ke aumeume
The men then grabbed the hog ana a hakaka maoli. Hookahi
and fought with Pumaia for its puupuu a Pumaia ma ka akau, a
possession, many against one. hookahi ma ka hema, pau loa na
In this fight [472]sometimes kanaka i ka make, a koe hookahi
Pumaia would get possession of kanaka. Oia kai holo aku a mua
the pig and again the others o Kualii olelo aku: “Ua pau loa
would get it. This was kept up for makou i ka make ia Pumaia, a
some time when at last a regular owau, hookuu ia mai i ahailono i
fight was had. Pumaia then lohe oe.” Ia wa, kena o Kualii i
struck out one blow on the right na koa, a me na ’lii koa, me koa,
and one on the left with his fists, me ko lakou mau makaukau a
killing all the men except one, pau loa, na mahiole, na ahuula,
who ran to the king, Kualii, and na ihe, na pololu, na mea make
reported to him, saying: “We a pau loa. A makaukau lakou e
have all been killed by Pumaia hele mai e kau me Pumaia.
and I alone am left to bring the
tidings to you.” Kualii then
ordered his soldiers and officers
to arm themselves with their
spears and other implements of
war and to dress in their war
helmets and feather capes and
when ready to go and make war
on Pumaia.
On the top of the left hand peak Aia ma kela huli o ka pali o
of the Nuuanu Pali where you Nuuanu e lou mai ana, i ka iho
come down toward ana a ka Hoowahapohaku, nana
Hoowahapohaku and look aku i ka hikina o ka pali o
towards the eastern peaks of the Nuuanu, aia iluna pono, i ka
pali and right at the top of this welau pali oia iho, aia ilaila he
left hand peak is a cave. The ana. Lele aku la ka uhane o
spirit of Pumaia flew to this cave Pumaia a laila lapalapa, pii aku
and lit there flaming. The wife la ka wahine me na iwi o Pumaia
with the bones of Pumaia and a me ke kaikamahine a hiki, i
the daughter then climbed up the nana aku ka hana he ana. Noho
cliff 4 until they arrived at the iho la lakou ilaila. Eha la i hala,
cave, where they made their pau kahi mikiai a ke
dwelling. At the end of the fourth kaikamahine, pane aku ka
day, the last finger 5 of food for makuahine: “U, o oe ka hoi ka
the daughter was eaten up when mea aloha o ka iwi koko; hele
the mother said: “I am distressed mai nei kaua mahope o ka iwi
at your fate, the one having koko ole, haalele aku nei kaua i
bones that need blood. Here we ka ai me ka ia.”
are following after the bones that
have no blood, and have left Ia po ana iho, moe laua a ala ae
food and meat.” When they woke o ke kakahiaka nui, e ku ana ka
up the next morning they saw ai, ka ia, ka waiwai, ke kapa, ka
food, meat and other articles pau, na mea a pau loa. O keia
such as kapas, skirts and mau mea a pau loa na ka uhane
various other things. All these o Pumaia i kii a lawe, mai kai o
things had been brought by the Waikiki aku, hookahi po mai uka
spirit of Pumaia from Waikiki. In a kai o ka aina, pela aku he po,
that one night the spirit had pau loa ka ai, ka holoholona, ka
traveled over the whole district. ia o ka loko, a me ka ai e ulu
This was carried on for several ana. Pela no ka hana ana a ka
nights and the food and animals, uhane o Pumaia, a hiki i ko
the fish in the ponds and the Kualii mau aina ponoi. Pau loa
growing food were brought to the ka waiwai, na waa, na
cave. The spirit of Pumaia kept huamoena, na mahiole, na
up these raids until at last it ahuula, na ipu a me na huawai
began to raid Kualii’s own lands. na mea a pau loa o ka hale a me
All the different properties were ka aina. No ka mea, i ka po, i ka
taken, even the canoes, mats, wa moe o kanaka, lawe o
war helmets, feather capes, Pumaia i ke kino a waho o ka
calabashes, water gourds and hale, waiho, moe oe a ala ae hoi
various other things of the house aku i ka hale, aohe na pono o
and the land. At night, while the loko, ua pau ia Pumaia i ka lawe
people were asleep, Pumaia’s ia, pela ka ai o waena; o luna e
spirit would enter the house, ulu ana, o ka io ua pau. [477]
carry out the sleepers and then
empty the house of their No keia hana a Pumaia, ua lako
valuables. Upon waking up in the loa ka wahine a me ke
morning the people would find kaikamahine; nolaila, kaniuhu
themselves out of doors and iho ka wahine, penei: “U, nui ka
their houses robbed of all the waiwai ia kaua, a hookahi
things of value; even the growing hemahema i koe, o ke kanaka
crops in the [476]field were stolen ole nana e lawelawe mai.” Lohe
by Pumaia’s spirit. By these no o Pumaia, kii no, loaa ke
raids the wife and daughter were kanaka lawelawe o ka wahine a
able to have all they wanted and me ke kaikamahine.
far more than their needs. One
day the wife sighed and said:
“Yes, we have all we need, but
there is one thing lacking, we
have no servant to do our work
for us.” When Pumaia’s spirit
heard this, it went off and
brought back a servant for the
wife and daughter.
Kualii in the meantime was being No Kualii. Nui loa kona haohao,
puzzled and often asked who a me ka ninau i keia aihue ike
this unknown thief could be. A ole ia, aia he kahuna e noho pu
priest who was living with him at ana me ia, nana i hai mai ia
the time then told Kualii who the Kualii. “Aole na he kanaka e, o
thief was in the following ko hoa paio o Pumaia; ua make
manner: “This thief is no other ke kino, o ka uhane ia e hele nei;
person than your enemy eia nae, ua oi ka ikaika o ka
Pumaia; his body is dead, but his uhane mamua o ke kino.”
spirit is at large and is much Kokoke oe e make, ina e noonoo
stronger than when the body pono oe, alaiia ola oe. “Pehea e
was alive. You will soon be killed; ola ai?” wahi a Kualii. I aku ke
if you act rightly you will then be kahuna: “E hana oe i ekolu hale,
saved.” “What must I do to be i hookahi hale no ka wahine me
saved?” asked Kualii. The priest ke kaikamahine, i hookahi no ka
replied: “You must build three waiwai a me ka ohua, i hookahi
houses; one house for the wife no na iwi o Pumaia. A paa ka
and daughter; one house for the hale, kii oe i ko hoa paio a hoihoi
property and servants; and one mai me ka malama pono,
house for the bones of Pumaia. malama o maliu mai ko hoa
After the houses are completed paio, ola oe.” Ae aku o Kualii i ka
go and bring your enemy back olelo a ke kahuna.
and take good care of his bones;
he may then take compassion on
you and you will then be saved.”
Kualii then consented to do all
the things advised by the priest.