This post contains tips, live interview questions and first hand advice on acing the AWS interview

Interview questions have been mined from job candidate feedback on Glassdoor as well as direct feedback provided by a Code Sport team member.

Amazon expects you to answer in a very specific format called Situation, Task, Actions, and Results (STAR) format.

What’s going to help you in this interview is having a few examples already of situations where you went above and beyond. Have questions ready for the interviewer when they are done asking you question its your turn and you must have questions for them. They are looking for people that will do anything to meet deadlines and please the client. That’s what I got a sense of.

  1. Name a time when you went outside of you’re normal duties & what was the outcome
  2. Tell me about a time you had a conflict at work and how you handled it.
  3. Name a time you when went above what was expected
  4. Name situation Where you have to deviate from the plan
  5. When were you given tough and uncomfortable feedback
  6. Situation: Describe the situation that you were in or the task that you needed to accomplish

    I was prepping for an interview with my firm’s prestigious management consulting BU. A fellow junior employee working in that division was coaching me. And, guiding me through the case interview process.

    Task: What goal were you working toward?

    Needed to hone abilities to demonstrate: (1) Staying calm under pressure (when being placed “on the spot”). (2) Articulateness: skill in verbally articulating your thinking out loud. (3) Initiative and Confidence: to ask probing questions when not given sufficient information.

    Action: Describe the actions you took to address the situation. What specific steps did you take and what was your particular contribution?

    Set up a series of Q&A phone calls where he would point me to resources or to sample cases. Asses feedback and don’t repeat mistakes on interview

    Result: Describe the outcome of your actions and don’t be shy about taking credit for your behavior. What happened? How did the event end? What did you accomplish? What did you learn? Make sure your answer contains multiple positive results.

    Feedback was not to talk over people or cut them off. When you listen well (show attentive nodding, and repeat/ paraphrased what you’ve been told back to them) you come off as very intelligent.

  7. How would you troubleshoot a three-tier application?
  8. Source: Wikipedia/a>
    Additional Info: Stackoverflow:
    Explain a 3-tiered Architecture
  9. What is containerization and why is it useful?
Even after you indicate didn’t know much about an area, they will ask you to go ahead and try to answer. I was l often be surprised at how well I could answer a question by discussing, out-loud, key concepts. This process often lead me to develop firm, logical, and conclusive answers on the fly. The tech phone screen should be an enjoyable experience
  1. Whats the diff between an RDMS an NoSQL and what are the key advantages of each?
  2. What is DDOS and how can it be mitigated

DDL (Data Definition Language): language used by a databases (MySQL, SQLite, Oracle) that allows users to define the database and specify data types, structures and constraints on the data. Examples DDL statements are: CREATE TABLE, CREATE INDEX, ALTER, and DROP

Kernel-based Virtual Machine (KVM): virtualization infrastructure for the Linux kernel that turns it into a hypervisor. A hypervisor is virtual machine monitor (VMM) is a piece of computer software, firmware or hardware that creates and runs virtual machines

DevOps: blurring the lines between the development tasks: coding, QA/unit testing, server provisioning, SysAdmin, and DBA with automated scripts and IaaS (techcrunch)

  • Tools such as Docker (containerization), Jenkins (continuous Integration), Puppet (Infrastructure as Code) and Vagrant (virtualization platform) among many others are often used and frequently referenced in DevOps tooling discussions (wikipedia)
  • Automated infrastructure provisioning tools (e.g. Chef and Puppet) and automation tools (e.g. continuous integration like Jenkins), as well as for establishing developer work environments to mirror production (e.g. Vagrant)
  • DevOps defines a set of practices, tools and policies that lead to improved quality and Automated Delivery (AD)

Used in dev, not production. An open source tool that manages local virtual machines for you. Create a simple configuration file, use Vagrant’s command line interface, and within minutes you have a fresh virtual machine started and provisioning without any other human interaction. (puppet labs)

Puppet is a configuration management system that allows you to define the state of your IT infrastructure, then automatically enforces the correct state. Automate infrastructure deployment as well as scaling! (puppet labs)

The most common class of DDoS attack is a reflection attack. It exploits protocols which send responses that are many times larger than the initial request. These responses are sent to a spoofed source ip address, which is the target of the DDoS attack. (DDOS mitigation with AWS)

To launch a reflection attack, the attacker will first scan the Internet for servers hosting User Datagram Protocol (UDP) services such as Simple Service Discovery Protocol (SSDP), Domain Name System (DNS), Network Time Protocol (NTP), and Simple Network Management Protocol (SNMP). Depending on their configuration, these services will often send a response that is many times larger than the initial request – Amazon Security Blog
  • Virtual Private Cloud (VPC): lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual network that you define
    • you can create a public-facing subnet for your webservers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.
  • Route 53: Domain Name System (DNS) web service. Connects user requests to infrastructure running in AWS – such as Amazon EC2 instances, Elastic Load Balancing load balancers, or Amazon S3 buckets – and can also be used to route users to infrastructure outside of AWS
  • Elastic Compute Cloud (Amazon EC2): web service providing resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers
  • Elastic Load Balancing (ELB): Auto-distributes inbound application traffic across multiple Amazon EC2 instances
    • Mitigates DDOS by receiving requests on behalf of your web application and automatically scaling to handle capacity demands
  • Amazon CloudFront: Global content delivery network (CDN). It integrates with other AWS products to give you an easy way to distribute content to end users with low latency, high data transfer speeds
    • When configured properly, CDNs will deliver content to your end user from the fastest, (and typically closest) server available. Additionally, CDNs act as a buffer between you and your users. The number we are most concerned with is the cache hit ratio, which describes the percentage of requests the CDN was able to answer out of its own cache without having to bother our servers (source: mobify blog)

TCP: is a standard that defines how to establish and maintain a network conversation via which application programs can exchange data. TCP works with the Internet Protocol (IP), which defines how computers send packets of data to each other

TCP provides reliable, ordered, and error-checked delivery of a stream of octets between applications running on hosts communicating over an IP network. Major Internet applications such as the World Wide Web, email, remote administration and file transfer rely on TCP. Applications that do not require reliable data stream service may use the User Datagram Protocol (UDP), which provides a connectionless datagram service that emphasizes reduced latency over reliability.

  1. Open Web Application Security Project (OWASP): not-for-profit group that helps organizations develop, purchase, and maintain software applications that can be trusted.
  2. First released in 2003.

    Represents a broad consensus about what the most critical web application security flaws. A step towards changing the software development culture within your organization into one that produces secure code.

    Executives should start thinking about how to manage the risk that software applications create in their enterprise

  3. OWASP Top Ten is a list of the 10 most dangerous current Web application security flaws, along with effective methods of dealing with those flaws
  4. OWASP ZAP Project: The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience including developers and functional testers who are new to penetration testing.

Describe the 7 stages of cyber attacks (lockheed)

Intrusion detection system that listens to live packets on your network interface while tripwire scans your file systems.

For a home or small office system (which is what it sounds like yours is, although you didn’t say explicitly), your single best security step is to put your computer(s) behind a Network Address Translation (NAT) router. This device will block incoming (inbound) connection attempts unless you explicitly enable them (, while allowing all outgoing (outbound) traffic.

Monitors file system integrity for changes and anomalies.

Tripwire Open Source agents monitor Linux systems to detect and report any unauthorized changes to files and directories. It first creates a baseline of all files in an encrypted file (encryption protects it from malware tampering) then monitors the files for changes, including permissions, internal file changes, and timestamp details. Cryptographic hashes are employed to detect changes in a file without storing its entire contents in the database. While useful for detecting intrusions after they’ve occurred, Tripwire Open Source can also serve many other purposes, such as integrity assurance, change management and policy compliance. (upguard)

One of Tripwire Open Source’s major shortcomings is that it does not generate real-time alerts upon intrusion detection – the details are only saved in a log file for later perusal. And it also cannot detect any intrusions already in the system prior to installation. It’s thus advisable to install Tripwire Open Source immediately after OS installation.

Std Dev: dispersion of a set of data from the mean

See: For a normal distribution how much of data within 1 standard deviation?

variance (volatility):

Alpha: See What is Alpha

Correlation Coefficient (“r” or r-value): Ranges from -1.0 to +1.0. The closer r is to +1 or -1, the more closely the two variables are related.

r-square: the percent of the variation in one variable that is related to the variation in the other. After squaring r, ignore the decimal point. An r of .5 means 25% of the variation is related (.5 squared =.25). An r value of .7 means 49% of the variance is related (.7 squared = .49).