Amazon Cloud Engineer Interview Questions & Answers
Below is a list of our Amazon interview questions. Click on any interview question to view our answer advice and answer examples. You may view 5 answer examples before our paywall loads. Afterwards, you'll be asked to upgrade to view the rest of our answers.
Discovery
1. Other than AWS, who are the main cloud service providers, and which ones have you worked with?
How to Answer
This is a very basic general question that can be asked at any time during the interview. Many hiring managers have not been trained in interview techniques and will ask various types of questions at different times during the interview. This unstructured interview style may be distracting, so you need to stay flexible throughout the interview. As always, keep your answer to this question brief and to the point and anticipate a follow-up question or two.
Answer Example
"I have worked with all three of the main cloud service providers, including AWS, Google, and Microsoft Azure. Each of these has unique advantages and disadvantages. The one I prefer the most is AWS. This is due to their offering's robustness and the number of different service modules available to hosted customers. The service modules make it easy for any organization to access the cloud services, regardless of their experience working in the cloud."
Discovery
2. What are some other major cloud database providers you have worked with, and why do you prefer their products?
How to Answer
An interviewer will ask this type of question to determine if you are familiar with some of the technologies they currently use or are considering. If they're looking to upgrade, they may be seeking recommendations based on your experience. If you have done your research, you will be familiar with the technologies the organization is currently using or may be considering. This will allow you to align your answer with their specific needs.
Answer Example
"I have worked with most of the main cloud database suppliers. These include Microsoft, AWS, IBM, Oracle, and Google. Of these, I prefer AWS. It is more flexible, reliable, and effective in processing SQL queries. Of course, you may select one that has been recommended and is supported by the cloud service provider you choose to use."
General
3. Can you define the cloud and discuss some of its features?
How to Answer
This is a general question which the Amazon interviewer will use to get you talking, learn more about your background, and collect information they can use throughout the interview. This provides you the opportunity to direct the interview towards an area that you are knowledgeable in and comfortable discussing.
Answer Example
"The cloud consists of IT infrastructure that is hosted off-site, typically by a third-party provider such as Amazon. It consists of hardware, software, storage, networking, and IT services. The cloud is managed by service providers, including AWS, Microsoft, Oracle, and others, and is accessed by users through various devices from virtually any location in the world."
Operational
4. How would you leverage caching technologies to improve the performance of Amazon's cloud computing systems?
How to Answer
Caching is a technical strategy that enables cloud engineers to improve the performance of the systems they architect and manage. Any Amazon cloud engineer should be able to describe the advantages and benefits of caching and how they use it in their daily activities. Interviewers will ask questions like this throughout the interview to test your knowledge and experience and ensure that you are qualified for an Amazon cloud engineer's job. Reviewing the technologies you use, and even some of the ones you use infrequently, will prepare you for the interview and help to ensure that you will be offered the role.
Answer Example
"I use caching in several different ways to improve the performance of the systems I manage. One strategy is to ensure that the data the Amazon users need is available by caching it frequently. You can use several different tools and algorithms to determine what data should be kept near the users in a database caching tool based on how frequently it is requested, edited, or revised. Another caching strategy is to place the most used resources as close to the users as possible using edge computing assets. This involves the use of content distribution networks."
Operational
5. Does your cloud computing architecture plan for spikes in network traffic, and if so, how?
How to Answer
Every cloud engineer knows that there are peaks and troughs of network activity. Many engineers will architect systems to accommodate the peaks or spikes in network traffic. While this ensures that the resources will be available to every user who needs them, it also results in higher infrastructure and maintenance costs for the organization. A better strategy is to architect an IT environment to accommodate both average traffic loads as well as occasional and infrequent peak traffic. Cloud computing contributes to accommodating the traffic by providing the availability of standby systems. Your answer to the Amazon interviewer's question should demonstrate your knowledge of this, as well as the strategies you employ to accommodate spikes in traffic while maintaining a reasonable IT operating budget.
Answer Example
"Every competent cloud engineer understands that network traffic is not constant. Peaks occur due to increased user activity which may be seasonal, a reaction to certain events, or a result of known issues such as end-of-year activities. Planning for both the known and unknown spikes in network traffic requires architecting a system that can handle higher than normal activity. This could involve having access to standby resources, using strategies such as IaaS, PaaS, and SaaS, and other provisions which can be brought online as network activity increases or spikes. I employ all of these strategies to ensure that the IT resources are available and that the operating budget is maintained at targeted levels."
Operational
6. What steps do you take to engineer your cloud computing infrastructure to maximize uptime?
How to Answer
Uptime is one of the more critical elements of any IT infrastructure. If Amazon users can't access the IT resources, then they are useless. As a cloud engineer, you should have a portfolio of skills and techniques to maintain access to Amazon IT resources and ensure that they are always available. Strategies include redundancy, active management, backup provisions, and other means of ensuring that IT resources are always available.
Answer Example
"System uptime is something that I focus on constantly in my role as a cloud engineer. When systems go down, not only does it cause issues, but it impacts the entire organization with lost productivity and the additional costs required to restore the system's availability. Measures I take to avoid this include architecting redundancy into the infrastructure, providing real-time monitoring of the environment, having contingency plans in place if a system failure occurs, and making myself available whenever needed to address system downtime. This comprehensive strategy has resulted in uptime metrics of greater than five-nines throughout my career."
Operational
7. What are the steps used to design and deploy a cloud architecture?
How to Answer
By asking this question, the Amazon interviewer indicates that they are interested in deploying a cloud architecture but may not have the internal experience or resources needed to do this. This probably is one of the main reasons they are looking to hire a cloud engineer. This may have even been disclosed in the job description. When interviewing for this role, a good strategy may be to create a pro forma plan to develop a cloud architecture and present it to the interviewer. This would be especially effective if this requirement was mentioned in the job description.
Answer Example
"When I am designing and deploying a cloud architecture, I use three distinct steps in the process. The first is to develop a reference architecture. This is based on how the cloud resources will be used and what services the users would like to access. The next step was to create a technical architecture. This involves all the hardware, software, network, and applications required to provision the reference architecture. The final step is the deployment operation architecture. This describes how the technical architecture will be deployed and what resources will be required to keep it functioning. These resources involve the cloud provider's services and those managed by the organization's IT personnel."
Technical
8. How are data centers deployed or transitioned to the AWS cloud environment?
How to Answer
This question seeks to understand your knowledge of how data centers can move from their on-premise location into the cloud. This is a complex operation that involves many steps and the coordination of a great number of resources. The timing is also critical so that the move does not impact an organization's operations or result in any data loss. Knowing how to perform this operation is a key qualification for a cloud engineer.
Answer Example
"Transitioning an organization's IT resources into the AWS cloud can take many forms. It can be a complete move of the data center, a partial move, or simply replicating the resources at an AWS cloud hosting site. Each of these requires a great deal of planning and coordination. The objective is to relocate the resources into the cloud without any disruption in the organization's operations or any data loss. When planning a data center move, I pay close attention to which resources will be transitioned, how the move will be executed to maintain continuity of operations, ensuring all the data is backed up to prevent loss, and executing the move when the company's activity is at its lowest, typically on a weekend or during a holiday. I also provision for contingencies just in case issues crop up."
Technical
9. How does edge computing technology relate to cloud computing?
How to Answer
Even though you are being interviewed for a role as an Amazon cloud engineer, some of the questions the interviewer will ask you will address issues outside of the cloud. Edge computing is a technology that applies to both cloud and non-cloud environments. When preparing for an interview with Amazon for a cloud engineer's job, you should spend time reviewing a wide range of IT technologies, both relative and independent of cloud operations. The more knowledgeable you are about these, the better qualified you will appear to the interviewer.
Answer Example
"Edge computing refers to the strategy of placing IT Resources as close to the users as possible to decrease the latency of network transmissions and increase the performance of the IT environment. While this typically refers to computing assets outside of the cloud, it can also be used when architecting cloud IT infrastructures. An example would be selecting a service provider who has a data center near Amazon's operations or which can be easily accessed through high-speed broadband networks."
Technical
10. What characteristics does a cloud-native technology possess?
How to Answer
In addition to being able to architect innovative and effective cloud infrastructures, Amazon cloud engineers must be familiar with and able to integrate a full range of information technology resources into their designs. The interviewer will ask you about cloud-native technologies to better understand your knowledge of these and how you use them in your work as a cloud engineer. In addition to providing the Amazon interviewer with the characteristics of cloud-native technologies, you may also want to give them some examples of ones you used in the past.
Answer Example
"Cloud-native technologies are IT resources which are either designed or customized for use in the cloud. Characteristics common to these include the ability to access and control them remotely, scalability, elasticity, connectivity, service orientation, and standardization. The technologies must also be compatible with a wide range of cloud infrastructure environments and the requirements specified by some of the major cloud service providers."
Technical
11. Can you describe a multi-cloud strategy you've applied in one of your previous positions?
How to Answer
This is an example of a follow-up question to another question the interviewer at Amazon may have asked earlier in the interview. Interviewers will ask follow-up questions either immediately after a related question or later in the interview. The purpose of a follow-up question is to collect more information, explore the topic in more detail, or correlate your answers to ensure you are consistent throughout the interview. You should be prepared for follow-up questions at all times during the interview for an Amazon cloud engineer's role.
Answer Example
"In my most recent job, I applied in multi-cloud strategy, using several cloud service providers to deliver the computing resources the organization needed. I worked with Azure and AWS to create independent but connected cloud computing environments. Initially, I did this to create redundant environments to prevent downtime. However, it became apparent that each provider offered a portfolio of specialized services that would optimize the operation of different segments of our infrastructure. Therefore, I relocated some of our computing services between the two providers to accomplish this."
Technical
12. What is a multi-cloud, and why would an organization like Amazon use it?
How to Answer
As cloud technologies evolve, organizations and cloud engineers are developing architectures to meet specific computing requirements. This is reflected in the move from 100% hosted cloud environments to private clouds, public clouds, and hybrid cloud environments. Cloud service providers or constantly developing new offerings to meet their clients' needs. Multicloud is one of the more recent developments in this evolution towards customized cloud environments. Knowing about this and the advantages it offers will help you further reinforce your qualifications for this job with Amazon.
Answer Example
"Multi-cloud refers to the use of multiple cloud computing service providers when architecting a cloud environment. Organizations like Amazon may design multi-cloud IT infrastructures for several different reasons. One is to ensure the reliability of the IT infrastructure since it is unlikely the multiple cloud providers will lose service at the same time. Another may be to place Amazon's computer resources close to the users. The third strategy is to optimize the services provided by each cloud provider and reduce their costs."
Technical
13. What are some of the characteristics of a distributed cloud?
How to Answer
The Amazon interviewer is asking you about another type of cloud architecture. During an interview for a cloud engineer job, you will be asked a wide range of questions about different technologies, architectures, service providers, and other elements of cloud computing. While you may not have direct experience with all of these, you should have knowledge of them. Reviewing the common cloud technologies and architectures before the Amazon interview will help you be prepared for these types of questions.
Answer Example
"A distributed cloud refers to a cloud infrastructure physically located in different data centers. This can be a private, public, or hybrid cloud and may be managed 100% by the organization or provided as a service by Azure, AWS, Oracle, or other cloud service providers. The key criterion to defining the cloud architecture as being distributed is where the physical assets reside. Management, operation, utilization, and governance of registering cloud are similar to that of a hosted cloud or on-premise environment. The advantages of a distributed cloud include security, reliability, and the ability to optimize the performance of cloud resources."
Technical
14. What is meant by a packaged hybrid cloud, and what are some types of this service offering?
How to Answer
As a prospective Amazon cloud engineer, you need to be familiar with all the service offerings provided by cloud vendors. Standard offerings include hosting, platform as a service, software as a service, infrastructure as a service, and others. This question asks you about a special type of offering that many cloud engineers may not have encountered during their careers. Nevertheless, you need to be aware of it and be able to describe it to the Amazon interviewer.
Answer Example
"A packaged hybrid cloud is an offering from several service providers consisting of a private cloud connected to a public cloud. This is a form of a hybrid cloud service offering. Examples of this include Oracle Cloud at Customer, AWS Outpost, and Azure Stack. The benefit of this is that it includes the best of both types of cloud offerings but at a lower cost. You have tight control over the resources and information in the private cloud with access to public cloud connectivity and resources which are shared and therefore cost less. These types of vendor offerings provide limited customization of your environment since they are pre-packaged, but they can save you money if you don't require a heavily customized environment. "
Technical
15. Can you discuss the differences between hybrid IT and a hybrid cloud?
How to Answer
Most cloud engineers interviewing with Amazon spent some of their careers working in traditional information technology environments. This question assumes that you have a background in or knowledge of traditional IT and are able to compare hybrid environments in traditional and cloud architectures. Whenever comparing two technologies, a good way to structure your response is to first define each technology and then describe the differences between them.
Answer Example
"Hybrid IT architectures typically refer to on-premise IT environments in which some of the components are virtualized. Common applications in this architecture include OpenStack and VMware. Hybrid cloud environments refer to the combination of public, community, and private cloud infrastructures. These cloud infrastructures may or may not include hybrid IT architectures."
Technical
16. What are some of the main service components offered by AWS?
How to Answer
This is a follow-up to a previous question. During an interview, you can anticipate follow-up questions whenever you provide the interviewer a response to their question. This indicates that the interviewer has a specific interest in this topic or wants to explore it in more detail. When answering follow-up questions, keep your response brief and to the point. The interviewer may continue to ask additional questions about this topic, indicating a special interest in it, or they will move on to a new subject.
Answer Example
"AWS offers several different service modules, making it easy for their hosted customers to access resources within the cloud. Most of these will replace the services the hosting clients used to provide themselves. They include DNS, Simple E-mail Service, Simple Storage Device, Elastic Compute Cloud, Elastic Block Stores, and CloudWatch. Additional services include identity and access management as well as user authorization."
Technical
17. What are the three types of clouds individuals or organizations can use?
How to Answer
This is another variation of a question asked earlier in the interview. The unique aspect of this question is that it brings up the personal use of clouds. This indicates that the Amazon interviewer is interested in the types of clouds you have been involved with and what your role and these were. You could answer this question by first describing each type of cloud and then discussing your role.
Answer Example
"The three main types of clouds I have been involved with include professional, personal, and performance. The professional cloud is the one most organizations are familiar with. This usually involves utilizing resources in commercial environments such as AWS or Microsoft Azure to supplement or replace their organization's current IT environment. A personal cloud may be an individual's website or an off-site computing environment. An example of this is Google, which can provide a range of services, including computing, applications, and data storage. The third type of cloud environment is performance-based. This enables organizations to reduce the time it takes to access resources by placing them closer to the users, increasing the bandwidth, and providing resources which the organization itself can't provision."
Technical
18. How are APIs used in the cloud?
How to Answer
This is a hybrid technical and operational question. It requires you to be familiar with the technology used in this profession and how it is employed. When responding to this type of question, you should continue to keep your answers brief and to the point. The Amazon interviewer will ask a follow-up question if they need additional information or want to explore the topic in more detail.
Answer Example
"Application Programming Interfaces, or APIs, are used in a cloud environment the same way they are in software applications. Their primary purpose is to eliminate the necessity to write programs that connect cloud services to applications, tools, and utilities. This facilitates communication between these resources and the services provided by the cloud. The availability of APIs also increases the number of applications users can access through the cloud."
Technical
19. Can you discuss the major differences between the AWS cloud and a traditional data center?
How to Answer
As the interview progresses, the Amazon interviewer may switch between the different types of questions. These can include general, technical, operational, behavioral, and situational questions. Being familiar with each type of question and knowing how to respond to them is critical to a successful interview. This is a general question, so your response should be general in nature. Keep your answer brief and to the point to include the interviewer to move on to a new question or explore this topic in more detail by asking a follow-up question.
Answer Example
"There's very little difference between the AWS cloud environment and a traditional data center from an infrastructure standpoint. The key differences are how the resources are accessed and who is responsible for managing them. In a traditional data center, the organization is responsible for all aspects of the IT environment. These include acquiring the resources, managing them, updating them, and maintaining them. In the AWS cloud environment, the organization purchases the services on an as-needed basis. This reduces their initial investment, allows them to scale up or down as needed, and provides them access to resources they may not be able to afford. The tradeoff between the two environments is that the AWS cloud offering is often less expensive, whereas the traditional data center provides the organization with more control and better security."
Technical
20. Please describe the layers used within a cloud computing architecture, similar to the one provide by AWS.
How to Answer
This question may seem similar to one asked earlier in the interview. Amazon hiring managers will often ask the same question several times during an interview, changing the format slightly. They do this to calibrate your answers and make sure you are providing valid information throughout the interview. This is why your answers should be honest and factual. If you don't know the answer to a question, admit this and then describe how you would obtain the information.
Answer Example
"There are several layers used to manage a cloud computing architecture. These include the cloud controller, the cluster controller, the storage controller, and the node controller. Each of these helps the AWS cloud engineers manage a specific set of resources within the cloud. The software tools used to do this are specific to the type of cloud environment you are working with. However, they may be provided by a third party. Often, the tools are consolidated into a single dashboard which provides the cloud engineer a comprehensive picture of the entire cloud architecture."
Technical
21. What technologies are used to ensure that cloud computing is secure, and the organization's information is protected?
How to Answer
Security is one of the major concerns organizations have when considering the use of cloud computing. There are several different technologies and techniques to ensure that cloud computing is as safe as on-premise computing. As a prospective Amazon cloud engineer, you should be able to discuss several of these and provide in-depth information if asked follow-up questions about them.
Answer Example
"Technologies used to protect information within a cloud computing environment are the same ones used when securing an organization's data on-premises. These include identity management, access control, authentication, and authorization. Also, data transmitted across the internet between users and the cloud computing environment can be encrypted, adding an additional layer of security."
Technical
22. What is an AMI, and how is it implemented in a cloud computing environment?
How to Answer
This is a question about a specific technology used with the cloud computing services provided by Amazon's AWS division. When preparing for an interview for a cloud engineer role with Amazon, you should ensure that you are familiar with the latest technologies used in this field. Amazon looks for candidates who maintain their currency in the most recent technologies introduced in those fast-moving segments of the computing industry. It would be best if you also were prepared to discuss how you stay current and the resources you utilize to do this.
Answer Example
"AMI is an acronym for the Amazon Machine Image. This is a copy of your root file system and is required to launch a computing instance on a virtual machine within the Amazon Web Services cloud computing environment. You only need one version of this to launch multiple instances unless you're using a different root file system configuration. AMI also controls which AWS accounts can launch the instances."
Technical
23. What is Eucalyptus, and how is it used in cloud computing?
How to Answer
You may recognize this question as technical. Technical questions ask about a specific concept, term, process, or operation used in your profession. When answering technical questions, you should first define the term or concept and then describe its use. You may want to provide an example to illustrate your answer. As always, be prepared for a follow-up question.
Answer Example
"Eucalyptus is an open-source software infrastructure. The term Eucalyptus stands for 'Elastic Utility Computing Architecture for Linking Your Programs to Useful Systems.' Its primary use is to implement clusters with them in a cloud computing environment, regardless of the type of environment. You could even use it to convert an on-premises data center into a private cloud."
Technical
24. Please talk about how cloud computing can help with the reliability and availability of an organization like Amazon's IT resources.
How to Answer
As a cloud engineer, you should be able to describe the benefits of cloud computing. One of the key benefits of this technology is helping organizations maintain access to and the availability of IT resources. You should also be able to describe the technology behind these benefits, including specific features. Be prepared for follow-up questions, which the Amazon interviewer will use to explore this topic in more depth.
Answer Example
"One of the key benefits of cloud computing is that it provides a higher level of reliability and availability to the users. This is because of its use of fault domains. This technology involves two virtual machines so that if one were to fail, the other would be available. The software will distribute and control computing instances across both VM's, so failover is instantaneous. Fault domains can also be employed when upgrading software by first upgrading one virtual machine and then the other. Another benefit of fault domains is that network access, and data storage are replicated, ensuring these resources are always available."
Technical
25. Why would an organization use a hybrid cloud rather than one of the three other types?
How to Answer
This is a follow-up to a previous question. Interviewers in organizations like Amazon will ask follow-up questions if they want to learn more about a topic or have a special interest in the subject. When asked a follow-up question, keep your answer brief and to the point. This also indicates that the Amazon interviewer may have a special interest in this area. You may want to respond to other questions by referencing this topic since it may be important to the organization.
Answer Example
"The benefit of a hybrid cloud is that it offers organizations access to resources that may not be available if they choose to use one of the other three dedicated cloud configurations. An example of this would be having access to specialized software available in the public cloud, which may not be part of a private cloud. A virtual cloud could also give organizations access to a portion of the resources hosted by AWS which they could not afford in a dedicated private, public, or community cloud, such as high-end storage or computing hardware."
Technical
26. Can you discuss the different types of clouds, and how they are used?
How to Answer
If an organization is new to cloud computing, it will be looking to learn about the different features, benefits, and options available within the cloud computing environment. As a prospective employee, they want to test your knowledge of these to determine if you can assist them in selecting the appropriate cloud type for their organization. When responding to this question, keep your answer brief and to the point. The interviewer will ask a follow-up question if they need additional information or explore the topic in more depth.
Answer Example
"There are four main types of cloud environments. These include private cloud, public cloud, community cloud, and hybrid cloud. A private cloud is dedicated to the organization and may be hosted by a third party or maintained by the organization. A public cloud is hosted by a third party, such as AWS, with resources dedicated to individual clients. A community cloud is hosted but shares the resources among multiple clients. The hybrid cloud is a combination of any of these three and offers organizations options and flexibility."
Technical
27. Can you define the components of a PaaS architecture, as provided by AWS?
How to Answer
This is an example of a technical question. These types of questions test your knowledge of the subject matter associated with the job for which you are interviewing. As a cloud engineer, you can anticipate that most of the questions you will be asked will be similar to this. The best way to prepare for these is to review the terms, concepts, processes, and operations used in your job.
Answer Example
"There are three main layers of AWS' platform as a service or PaaS architecture. The first of the cloud controller. This is used to create virtual machines, deploy applications, and connect services. The second layer is storage. This is where data and applications reside. It manages relational databases and SQL queries. The final layer is applications. These provide the services needed by the users. It is the one component of cloud computing which is managed by the client organization."
Technical
28. What are the main services provided in a cloud computing environment such as AWS?
How to Answer
Identifying and discussing the key services provided in a cloud computing environment is a fundamental qualification for this role. When answering this type of question, you should identify each service and briefly define it. Your answer should be succinct and to the point. The interviewer will ask a follow-up question if they need additional information.
Answer Example
"There are three main services provided in a cloud computing environment. These are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Infrastructure as a service refers to the environment managed by the cloud service provider. This includes the building, power, cooling, and management services. Platform as a service refers to the computing hardware. This may be dedicated to the client or shared by several clients. Software as a service is the applications, operating systems, and tools provided by the cloud service provider or a third party. Clients rent these rather than purchase them. A service provider like AWS is very experienced at offering these services and assisting their clients to select and configure the services best suited to their needs."
Technical
29. What are some of the benefits offered by cloud computing that would induce an organization to adopt it?
How to Answer
The Amazon interviewer may ask this question for two reasons. The first is to test your knowledge of cloud computing and confirm that you know some of the benefits it offers. The second is that they may be considering expanding their use of this technology and want to get your opinion of its benefits and why they should move in this direction. Since you are interviewing for an Amazon cloud engineer's role, your answer should promote the use of cloud technologies.
Answer Example
"Cloud computing offers many benefits compared to hosting an IT infrastructure on-premise. First, it is cost-effective in that you only invest in the IT infrastructure you need. Since cloud computing scales easily, you can increase or decrease the infrastructure in real-time. Cloud computing also offers organizations access to IT resources they may not be able to afford to either purchase or manage themselves. Another advantage is that the cloud service provider such as AWS is responsible for the data backup and recovery, which is a key requirement for any organization's disaster recovery plan."
Technical
30. Please discuss the differences between cloud and on-premise computing.
How to Answer
This question is requesting you to pick and compare two concepts used in this profession. When answering a question like this, you should first define each concept and then discuss their differences and similarities. You can either list all the features and benefits of one of the concepts, then do the same for the other, or compare them point by point. Your answer should include the features offered by Amazon's AWS service.
Answer Example
"The main difference between cloud and on-premise computing is that cloud computing is off-site and hosted by a service provider such as AWS while on-premise is managed by the organization, which is responsible for all aspects of the IT infrastructure. The key features of on-premise computing are that there is a high initial investment, the organization is responsible for all the maintenance and support, hardware and software upgrades must be maintained, and scaling the infrastructure can be challenging. On the other hand, cloud computing has a low initial investment, requires no maintenance or support from the client organization, upgrades are automatic and managed by the service provider, and the infrastructure can be scaled as needed. The disadvantages of cloud computing over on-premise infrastructure are centered around security and control."