Edited, memorised or added to reading list

on 25-Nov-2019 (Mon)

Do you want BuboFlash to help you learning these things? Click here to log in or create user.

Flashcard 4518847057164

Question
In AWS, there are 6 DB engines supported for RDS: MySQL, MariaDB, Oracle, [...], MS SQL Server and Aurora
Answer
PostgreSQL


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4600558128396

Question
In AWS, when you create a new Custom VPC, one of the first things you do is select the [...] range for the instances that will go within the VPC. <-- bonus: think of an example range you would assign
Answer

CIDR (i.e. IP)

^^ (e.g. 10.0.0.0/16).


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4600572808460

Question
In AWS, when you create a subnet in a VPC, with a CIDR range you select for the subnet, AWS reserves the first [...] and last [...] IPs in the range, so those are not avialable for your instances to have as their private IPs <-- different answer for each occulsion
Answer
first 4 and last 1


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4600617897228

Question
In AWS, for VPC, if you want your private sunbet instances to talk to internet (e.g. for your DB server to download software) without having the instance open to inbound internet initiated calls, you use NAT, which has two variants. NAT [...] is an EC2 that you manage yourself (it is made from a special AMI) while NAT [...] are managed by AWS and more highly available/with better bandwith constraints. <- two different answers for each occulsion
Answer
Instance / Gateway


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4600619994380

Question
In AWS, for VPC, if you want your private sunbet instances to talk to internet (e.g. for your DB server to download software) without having the instance open to inbound internet calls, you use NAT, which has two variants: NAT instance vs NAT Gateway. What is the difference between the two.
Answer
NAT instance is a single EC2 instance that you manage yourself (it is made from a special AMI) while NAT gateway are managed by AWS and more highly available/with better bandwith constraints.


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4600622091532

Question
In AWS, for VPC, if you want your private sunbet instances to talk to internet (e.g. for your DB server to download software) without having the instance open to inbound internet calls, you can use NAT instance or NAT gateway. If you choose NAT instance (which requires much more management on your part), you need to disable source/destination check (by default all EC2 instances have this check enabled). What is this source/destination check and why do you need to disable it for NAT instance?
Answer
source/destination check (enabled by default for EC2 instances) is to make sure the instance is the final source/destination of all outgoing/incoming packets but since NAT is a passthrough we need to disable this check.


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4600624188684

Question
In AWS, for VPC, for both NAT instance and gateway, to make them useful (in providing instances in private subnet ability to talk to internet for software updates but not allow outside initiated inbound calls), what step do you need to take after creating the NAT instance/gateway?
Answer
you need to configure route in route table for your private subnet (or you can use default/main subnet) to point internet bound traffic (Destination = 0.0.0.0/0) to the NAT instance/gateway (Target = NAT instance/gateway id).


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Our (Osthus et al, 2019) modeling approach extends the data assimilation/dynamic modeling approach and can be viewed as a combination of the machine learning/regression approach and the data assimilation/dynamic modeling approach. Our model, referred to as a dynamic Bayesian (DB) model, explicitly accounts for systematic deviations between the mechanistic model and the data that are unable to be explained by pure observational noise. This systematic deviation is referred to as model discrepancy and is modeled with a flexible, statistical model.

statusnot read reprioritisations
last reprioritisation on reading queue position [%]
started reading on finished reading on

pdf

cannot see any pdfs




Discrepancy modeling is an often used and effective modeling approach in the field of computer experiments, where systematic deviations between mechanistic models and data can be common (e.g., Kennedy and O’Hagan, 2001;Bayarri et al., 2007; Higdon et al., 2008;Brynjarsd´ottir and O’Hagan, 2014).

statusnot read reprioritisations
last reprioritisation on reading queue position [%]
started reading on finished reading on

pdf

cannot see any pdfs




Including a discrepancy model is an appealing way to account for the systematic inadequacy of the mechanistic model. The basic insight leading to the inclusion of a discrepancy model in our DB model is that the disease transmission model and the data-generating model are not equivalent. Disease transmission is merely a component of the data-generating process. Thus, even if a mechanistic model were able to accurately identify the disease transmission process, there may still be a systematic discrepancy between the disease transmission model and the data, introducing a source of uncertainty unable to be accounted for by observational noise alone.

statusnot read reprioritisations
last reprioritisation on reading queue position [%]
started reading on finished reading on

pdf

cannot see any pdfs




We (Osthus et al., 2019) address the discrepancy/forecasting issue by modeling the discrepancy hierarchically across all flu seasons. This allows us to borrow common discrepancy structure observed in past seasons in the forecasting of the flu for the current season.

statusnot read reprioritisations
last reprioritisation on reading queue position [%]
started reading on finished reading on

pdf

cannot see any pdfs




This paper (Osthus et al., 2019) makes contributions and advances in the following ways.

  • We introduce and demonstrate the importance of discrepancy modeling to the growing and consequential field of flu forecasting. Discrepancy modeling is done hierarchically, allowing information to be shared across available flu seasons.
  • We demonstrate the superiority of our approach relative to all models that competed in the CDC’s 2015–2016 and 2016–2017 flu forecasting challenges, providing yet another instance where discrepancy modeling is not only conceptually appealing but also practically effective.
  • In an effort to advance flu forecasting capabilities, much effort has been spent identifying possibly useful, nontraditional data sources such as Google (Ginsberg et al., 2009) and Wikipedia (Generous et al., 2014). Alternatively, as we demonstrate, flu forecasting can be improved through carefully made modeling choices, making use of the available traditional data hierarchically.

statusnot read reprioritisations
last reprioritisation on reading queue position [%]
started reading on finished reading on

pdf

cannot see any pdfs




The basic insight and motivation leading to Osthus et al. (2019)'s development of the DB model is that the disease transmission model (e.g., the SIR model) and the data-generating model are not equivalent; disease transmission is a component of but not equal to the data-generating process. The data-generating model is non-exhaustively comprised of a disease transmission process, a healthcare provider visitation process, an influenza-like illness determination process, and a reporting process. Thus, even if a disease transmission model more sophisticated than the SIR model were used, of which there are numerous (e.g., the SIRS model, the SEIR model), there might still be a disagreement between the best version of the disease transmission model and the data. Rather than attempt to model each component of the data-generating model, we acknowledge there will likely be a systematic disagreement between the best version of the disease transmission model and the data. We then model the commonalities of the discrepancy across flu seasons with a flexible, hierarchical model. The hierarchical discrepancy model allows us to leverage patterns in the data the disease transmission model is incapable of capturing and not simply model the discrepancy as white noise.

statusnot read reprioritisations
last reprioritisation on reading queue position [%]
started reading on finished reading on

pdf

cannot see any pdfs




The DB model assumes future flu seasons will exhibit similar trajectories to past flu seasons. We showed that the more dissimilar a flu season was as compared to the other considered flu seasons, the worse forecasts were. Because of this underlying assumption, the DB model would be inappropriate for forecasting pandemic influenza.

statusnot read reprioritisations
last reprioritisation on reading queue position [%]
started reading on finished reading on

pdf

cannot see any pdfs




Mapping Load statements
You may wonder why we are using the name MANUFACTURER in the ApplyMap() function, and not the name [Aircraft Manufacturer] that we renamed it to. This is because renamed fields only become known by the name after the entire LOAD statement has been executed

statusnot read reprioritisations
last reprioritisation on reading queue position [%]
started reading on finished reading on

pdf

cannot see any pdfs




Flashcard 4607031512332

Question
In AWS, for VPCs, [...]s provide access control to your instances at the subnet level while [...]s provide access at the instance level. <- two different answers for each occulsion and note each answer can be multi word or acronym
Answer
Network Access Control Lists / Security Groups


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607033609484

Question
In AWS, when you create a new Security Groups, you must pick the [...] to put it in. <- bonus: think of the implecations of this statement
Answer

VPC

^^ so this means each SG is only available/usable within a specific VPC, in other words SGs do NOT span different VPCs


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607035706636

Question
In AWS, for VPCs, Security groups are Stateful, while NACLs (Network Access Control Lists) are Stateless, what does that mean exacltly (you can use examples to explain, like use an example where you want to allow http traffic to your webserver from the internet).
Answer
It means for Security Group, if you add an inbound rule to allow traffic to port 80 and a client machine makes an http request to your server on port 80, your server will be able to responsd to that request on port 80, without you having to have an outbound rule for port 80. But for NACLs, for this type of http request setup you need to have an inbound rule for port 80 and an outbound rule for port 80.


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607037803788

Question
In AWS, for VPCs, a [...] can only be associated with 1 NACL (Network Access Control List).
Answer

Subnet

^^ but reverse is not true, i.e. NACL can be associated with multiple subnets
^^^ when you associate a subnet with new NACL previous association is removed.


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607039900940

Question
In AWS, for VPCs, if you want to blacklist an IP (from accessing your EC2 within the VPC), the only way to do so is via [...]
Answer

NACL (Network Access Contorl List)

^^ since only NACL has deny rules (in addition to allow rules), while Security Groups only have allow rules, no Deny. Recall NACL is set at whole subnet level


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607041998092

Question
In AWS, for VPCs, the default NACL (Network Access Control Lists) [...] everything for both inbound and outbound (all subnets are associated with this NACL by default), and when you create a new NACL, by default it [...] everything for both inbound and outbound <-- looking for two differnt answers for each occulsion
Answer

Allows / Denies

^^ so you need to add allow rules for new NACL you create


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607044095244

Question
In AWS, for VPCs, NACL (Network Access Control Lists) rules are processed in order of rule number where the [...] numbered rule takes precidence
Answer

lower

^^ so if you have rule 100 that allows all inbound traffic to port 80 but rule 101 that denies inbound traffic from your specific IP, the allow rule will take precidence and allow inbound traffic from your specific IP, contradicting rule 101


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607046192396

Question
In AWS, for VPCs, NACL (Network Access Control Lists) rules are processed in order of rule number, where the lower numbered rule takes precidence, and if none of the rules match, then the [...] rule is applied
Answer
*


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607048289548

Question
In AWS, for VPC NACL (Network Access Control List) rules, Amazon recommends creating rule number by increments of [...] <-- bonus: think of why they recommend this
Answer

100

^^ They recommend this so you can easily add rules with proper order of precidence. For ex is you have a rule 100 that allows all incoming http (port 80) traffic (0.0.0.0/0), but then you want to add a rule to deny traffic from a specific IP, you would add the deny rule as rule 99 so it takes precedence over rule 100. If you had the Allow rule as rule 1, there was no where to fit your specific Deny rule.


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607050386700

Question
In AWS, for VPC NACL (Network Access Control List) rules, Amazon recommends creating rule number by increments of 100. Why is this? (you can give an example to explain)
Answer
So you can add rules in between existing rules E.G rule 100 allows all inbound on port 80 but you want to backlist a specific IP (adding it after 100 will note help, so you add it as rule 99), but if you had rule 1 (with increments of 1) instead of 100, this would not work.


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607053270284

Question
In AWS, for VPC NACLs (Network Access Control Lists), if you add inbound rules to account for a web server, for example, you should have an outbound rule for ephemeral ports 1024 to 65535. Why is this/what are ephemeral ports?
Answer
They are temporary ports that are used for response communication on servers, so client connects on well known port 80, for ex, but server assign a temp ephemeral port to continue the communication on for the length of the communication.


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607055367436

Question
In AWS, for VPCs you can join two VPCs together such that each resource in the VPCs (e.g. EC2 instance) is treated as part of the same VPC. In other words, instances can communite across VPCs, with only their internal IP, as if they were in the same VPC. Joining two VPCs together is called [...] [...]
Answer
VPC Peering


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607057464588

Question
In AWS, for VPCs, explain what VPC Peering is, in terms of example VPC A and VPC B, and the instances within each.
Answer
When you do VPC peering, instances in VPC A can talk to instances in VPC B via just their intenal IPs, as if they were in the same VPC (i.e. without going over the internet, but just connecting from within the Amazon private network.)


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill






Flashcard 4607059561740

Question
In AWS, for VPC Peering, it said to be star configuration, not transitive peering. Explain what this means in terms of example VPC A, B, and C.

Answer
If A is Peered with B, and B is peered with C, A and C are not peered by default (i.e. instances in A and C cannot talk to each other), unless you explicitly do VPC peering between A and C.


statusnot learnedmeasured difficulty37% [default]last interval [days]               
repetition number in this series0memorised on               scheduled repetition               
scheduled repetition interval               last repetition or drill