AWS Certified Advanced Networking Official Study Guide: Specialty Exam ペーパーバック – 2018/3/7
Kindle 端末は必要ありません。無料 Kindle アプリのいずれかをダウンロードすると、スマートフォン、タブレットPCで Kindle 本をお読みいただけます。
The official study guide for the AWS certification specialty exam
The AWS Certified Advanced Networking Official Study Guide – Specialty Exam helps to ensure your preparation for the AWS Certified Advanced Networking – Specialty Exam. Expert review of AWS fundamentals align with the exam objectives, and detailed explanations of key exam topics merge with real-world scenarios to help you build the robust knowledge base you need to succeed on the exam—and in the field as an AWS Certified Networking specialist. Coverage includes the design, implementation, and deployment of cloud-based solutions; core AWS services implementation and knowledge of architectural best practices; AWS service architecture design and maintenance; networking automation; and more. You also get one year of free access to Sybex’s online interactive learning environment and study tools, which features flashcards, a glossary, chapter tests, practice exams, and a test bank to help you track your progress and gauge your readiness as exam day grows near.
The AWS credential validates your skills surrounding AWS and hybrid IT network architectures at scale. The exam assumes existing competency with advanced networking tasks, and assesses your ability to apply deep technical knowledge to the design and implementation of AWS services. This book provides comprehensive review and extensive opportunities for practice, so you can polish your skills and approach exam day with confidence.
- Study key exam essentials with expert insight
- Understand how AWS skills translate to real-world solutions
- Test your knowledge with challenging review questions
- Access online study tools, chapter tests, practice exams, and more
Technical expertise in cloud computing, using AWS, is in high demand, and the AWS certification shows employers that you have the knowledge and skills needed to deliver practical, forward-looking cloud-based solutions. The AWS Certified Advanced Networking Official Study Guide – Specialty Exam helps you learn what you need to take this next big step for your career.
ABOUT THE AUTHORS
Sidhartha Chauhan is a solutions architect with Amazon Web Services (AWS).
James Devine is a solutions architect with AWS.
Alan Halachmi is a senior manager, solutions architect with AWS.
Matt Lehwess is a principal solutions architect with AWS.
Nick Matthews is a solutions architect with AWS.
Steve Morad is a principal solutions architect with AWS.
Steve Seymour is a principal solutions architect with AWS.
Anyone that's done advanced networking scenarios mentioned in this book can and should admit to themselves that there is some complexity to AWS (no matter how "easy" it is), and this book helps address those focal areas in a concise manner (vs. AWS docs, FAQs, and random web searches). While AWS is changing every few months, this book should remain relevant for years, due to the value in the core principles it covers.
Each chapter also has labs that you can do in AWS, as well as practice questions for the test.
Let's see what that covers, by chapter:
1. Introduction to AWS Networking:
50k ft. view basics
2. Amazon Virtual Private Cloud (Amazon VPC) and Networking Fundamentals - everything regarding VPC configuration
Anything associated with the VPC configuration panel goes here: subnets, route tables, IP addresses, security groups, network ACLs, gateways, NAT, and VPN. While this might seem like the part you'd "already know", it covers many critical aspects of core VPC fundamentals that should be present in your AWS architecture and design patterns. It also dips into VPC peering and endpoints, which are expanded upon later (when we get to the advanced portion)
3. Advanced Amazon VPC - VPC interconnectivity
This is where your experience possibly starts deviating from the book material. This chapter covers VPC endpoints in detail, AWS PrivateLink vs. VPC peering, and VPC resizing.
4. Virtual Private Networks - VPNs into your VPC
You will find Site-to-Site and Client VPNs in many scenarios in this chapter. These were helpful for me, because no end user or customer has every scenario, and this will undoubtedly give you some ideas, as well as provide some design patterns.
5. AWS Direct Connect - connecting your on-prem networks to AWS
Direct Connect is something that's easy enough to setup, once you get it. There's more of a prevalence of 3rd-party providers like Megaport providing Direct Connect access to AWS in different regions, so the basic Direct Connect documentation resources might not apply to you, and this will give you a better picture of where it fits in either way.
6. Domain Name System and Load Balancing - DNS with Route 53, and load balancing with Elastic Load Balancer (ELB)
This chapter starts off by covering DNS within a VPC, and moves to using AWS' Route 53 DNS services. These are included in the same chapter as load balancing, since both can used to dynamically direct traffic to AWS resources. If you've used traditional load balancing, this chapter on ELB is very similar, and if not, it's a good resource anyway. If Amazon was to test on these subjects, you can imagine that they'd have questions as to whether Route 53 or ELB would be a good scenario, and this chapter should help.
7. Amazon CloudFront - AWS' Content Delivery Network (CDN)
This relatively short chapter covers the basics of working with CDNs, and the advanced features AWS has that tie into the value of having existing resources on the platform. If you need a primer on CDNs in general, this is not the place.
8. Network Security - securing your AWS resources
While reading this chapter won't make you an AWS security expert, it does steer you into some basic principles and design patterns, as well as provides info on security-focused AWS services. It does provide a very comprehensive set of next steps via links to other info. While anyone building AWS environments should read this, the test takers want to focus on the shared responsibility model, which is prevalent in all AWS training I've seen.
9. Network Performance - a small collection of resources
This short chapter is a useful hodgepodge of resources, containing everything from performance through a VGW, Direct Connect circuit, etc. to EC2 advanced networking (available from HVM instance of Amazon Linux), including SR-IOV and Intel DPDK.
10. Network Automation - AWS CloudFormation, Network monitoring tools, and logging
If you're not experienced with infrastructure as code, this short chapter won't make you an expert. If you're studying, it will provide enough information you'd need for the test, and if you haven't used CloudFormation on Amazon yet, it's a good starting point.
11. Service Requirements - networking requirements for other AWS Services, like Workspaces or Lambda
12. Hybrid Architectures - advanced AWS networking design for on-prem and AWS resources
This chapter returns to more advanced networking scenarios between your on-premise resources and AWS, e.g. Direct Connect, using Transitive Routing, and transit VPC scenarios. If you have a hybrid cloud, or even just AWS and on-prem, you'll benefit from this chapter.
13. Network Troubleshooting - summary of troubleshooting with traditional tools and AWS tools
Covers AWS Direct Connect, Security Groups, Network ACLs, VPC peering, CloudFront, ELB, DNS, AWS service limits, and VPN / IKE with traditional and AWS-specific tools.
14. Biling - short chapter to help you understand how billing works for all of the AWS networking-centric services covered
15. Risk & Compliance - Risk Management for your AWS enivonment
First and foremost, this covers the AWS Services in Scope (compliance for external standards like PCI DSS) for AWS components like VPC, DNS, etc. Other resources, such as audit reports and whitepapers are linked This also covers encryption, and monitoring network activity with CloudWatch et al. Finally, malicious activity detection with AWS Shield and Anti-DDOS measures, VPC flow logs, and CloudWatch alerting.
16. Scenarios and Reference Architectures - a short chapter covering how you'd apply the appropriate hybrid IT architecture connectivity solution based on what you've learned in the book
One topic I missed is BGP entirely in details. Not that you need in all situations or even in the exam (as I haven't been tested yet) but I assumed some knowledge such as hierarchy of routing decision would be mentioned. This should be fine if it out of exam scope, and it does not harm going a step forward if you can reading more about it as well.