[Solutions Architect] Active Directory

Question 1

What is the purpose of AWS Directory Service?

Answer 1

Connecting AWS resources with on-premises AD

Question 2

When using AWS Managed Microsoft AD, who is responsible for ensuring multi-AZ deployment?

Answer 2

AWS

Question 3

What does AD stand for?

Answer 3

Active Directory

Question 4

What is Active Directory?

Answer 4

• On-premises directory service
• Uses a Hierarchical database of users, groups, computers, organized in trees and forests
• You apply group policies to help you manage users and devices on a network

Question 5

What is the key feature of AWS Managed Microsoft AD?

Answer 5

AD Domain Controllers – to which you have exclusive access– running Windows Server that are reachable by applications in your VPCs,

Question 6

How does AWS Managed Microsoft AD ensure high availability?

Answer 6

• You get 2 DCs by default,
• You can also add DCs for additional HA and Performance

Question 7

When using AWS Managed Microsoft AD, who is responsible for backup operations?

Answer 7

AWS

Question 8

When using AWS Managed Microsoft AD, who is responsible for ensuring you are on the most up-to-date version of the software?

Answer 8

AWS

Question 9

When using AWS Managed Microsoft AD, who is responsible for scaling out domain controllers?

Answer 9

You

Question 10

When using AWS Managed Microsoft AD, who is responsible for maintaining users, groups, and group policy objects?

Answer 10

You

Question 11

Suppose you want to extend existing AD to your on-premises infrastructure. What tool might you use to do this?

Answer 11

AD Trust

Question 12

When using AWS Managed Microsoft AD, who is responsible for any identity federation?

Answer 12

You

Question 13

When using AWS Managed Microsoft AD, who is responsible for dealing with certificate authorities?

Answer 13

You

Question 14

What is AWS Simple AD?

Answer 14

A standalone managed directory in the cloud used for Basic AD features

Question 15

Does AWS Simple AD support trusts?

Answer 15

No

Question 16

How many users can a small Simple AD handle?

Answer 16

up to 500

Question 17

How many users can a large Simple AD handle?

Answer 17

Up to 5000

Question 18

Does Simple AD allow you to join with on-premises AD?

Answer 18

No, Simple AD does not support trusts

Question 19

What is AD Connector?

Answer 19

• AD Connector is a directory gateway (proxy) for on-premises AD

Question 20

What is AWS Cloud Directory?

Answer 20

• A fully-managed directory-based store for developers
• Used in applications that implement org charts, course catalogs, device registries

Question 21

What are Amazon Cognito User Pools?

Answer 21

• Managed User directory for SaaS Applications
• sign-up and sign-in for web / mobile
• typically used with social media identities

Question 22

What are the key benefits of AD Connector?

Answer 22

• Avoid cacheing information in the cloud
• Allow on-premises users to log in to AWS using AD
• Join EC2 instances to your existing AD domain
• Scale across multiple AD connectors