Roberto Otero
Quiz by , created more than 1 year ago

Origin From: http://www.cloudsolutionsbook.com/amazon-cloud-solutions/june-20th-2015 Mock up 94 Questions – 80 Minutes Mark the right answers – do not use the right column

116
2
0
stephon
Created by stephon over 8 years ago
Roberto Otero
Copied by Roberto Otero almost 8 years ago
Close

AWS – Solution Architect Associate Level Certification - Test

Question 1 of 94

1

How do you secure company critical data on S3
(choose 4 correct answers)

Select one or more of the following:

  • You can use IAM Policies

  • You can use Bucket Policies

  • You can use Access Control Lists (ACLs)

  • You can use the Server Side Encryption (SSE)

  • You can serve it through CloudFront

Explanation

Question 2 of 94

1

How to secure data on rest in EBS
(choose 1 correct answer)

Select one of the following:

  • EBS automatically encrypts data on it for more security

  • You can use your own encryption layer on the top

  • Use S3 instead

  • Block the EC2 to access data to your EBS

Explanation

Question 3 of 94

1

You have a photo selling website where you have a library of photos on S3. You noticed that there are some websites that are showing the link to your S3 photos. How do you restrict sites like these using your S3 photos link?
(choose 1 correct answer)

Select one of the following:

  • Use CloudFront to serve images

  • Restrict access to those websites in the bucket policy

  • Use Glacier to store images

  • Restrict access to those websites in the IAM policy

  • Remove the public URL link from the object in S3

Explanation

Question 4 of 94

1

In which of the following cases should you use SQS – Simple Queue Service?
(choose 2 correct answers)

Select one or more of the following:

  • Designing a business application which requires a lot of co-ordination between different tasks

  • Video encoding application where each video is encoded with a pre-defined number of steps

  • Receiving thousands of notifications from a process and add them to a queue

  • Process a queue of messages where each message is a task that needs to be completed

Explanation

Question 5 of 94

1

How do you ensure that the data has been saved properly in S3?
(choose 1 correct answer)

Select one of the following:

  • Every S3 account has a predefined bucket where the logs are stored

  • When processing a request to store data, the service will redundantly store your object across multiple facilities before returning SUCCESS.

  • You can see the HTTP success code in the logs

  • Using a combination of Content-MD5 checksums

Explanation

Question 6 of 94

1

You are running an application on an EC2 and now you want to add another EC2 for your application that requires a high bandwidth connect with the existing EC2. Where should you launch your EC2 in this case?
(choose 1 correct answer)

Select one of the following:

  • VPC

  • Public Subnet

  • Private Subnet

  • Placement Group

  • Availability Zone

Explanation

Question 7 of 94

1

Where should you use SWF – Simple Workflow Service?
(choose 2 correct answers)

Select one or more of the following:

  • Designing a business application which requires a lot of co-ordination between different tasks

  • Video encoding application where each video is encoded with a pre-defined number of steps

  • Receiving thousands of notifications from a process and add them to a queue

  • Process a queue of messages where each message is a task that needs to be completed

Explanation

Question 8 of 94

1

What services are required for Auto Scaling?
(choose 2 correct answers)

Select one or more of the following:

  • SNS

  • CloudWatch

  • SQS

  • ELB

Explanation

Question 9 of 94

1

Your web application is using Auto Scaling and Elastic Load Balancer.
You want to monitor the application to ensure that it maintain a good quality of service for your customers, defined by the application’s page load time.

What metric in AWS CloudWatch can best be used for this?
(choose one correct answer)
(Origin Number: 71)

Select one of the following:

  • Latency reported by the Elastic Load Balancer(ELB)

  • Request count reported by ELB

  • Aggregate networking for the web tier

  • Aggregate CPU Utilisation for the web tier

Explanation

Question 10 of 94

1

Amazon Glacier is designed for
(chose 2 correct answers)

Select one or more of the following:

  • Active database storage.

  • Infrequently accessed data.

  • Data archives.

  • Frequently accessed data.

  • Cached session data.

Explanation

Question 11 of 94

1

An instance is launched into the public subnet of a VPC. Which of the following must be done in order for it to be accessible FROM the Internet?
(choose 1 correct answer)

Select one of the following:

  • Attach an Elastic IP to the instance

  • Nothing. The instance is accessible from the Internet

  • Launch a NAT instance and route all traffic to it

  • Make an entry in the route table passing all traffic going outside the VPC to the NAT instance

Explanation

Question 12 of 94

1

In VPCs with private and public subnets, database servers should ideally be launched into?
(choose 1 correct answer)

Select one of the following:

  • The public subnet

  • The private subnet

  • Either of them

  • Not recommended, they should ideally be launched outside VPC

Explanation

Question 13 of 94

1

What are the benefits of using ElastiCache for you web application?
(choose 2 correct answers)

Select one or more of the following:

  • It reduces the load on your web servers

  • It reduces the load on your database

  • Gives you more availability of cached data when your Multi-AZ RDS is under maintenance

  • Gives you faster access to your cache data

Explanation

Question 14 of 94

1

You configured ELB to perform health checks on EC2 instances. If an instance fails to pass health checks, which statement will be true?
(choose 1 correct answer)

Select one of the following:

  • The instance is replaced automatically by the ELB.

  • The instance gets terminated automatically by the ELB.

  • The ELB stops sending traffic to the instance that failed its health check.

  • The instance gets quarantined by the ELB for root cause analysis.

Explanation

Question 15 of 94

1

What are the characteristics of DynamoDB?
(choose 3 correct answers)

Select one or more of the following:

  • It is used for SQL databases like MsSQL, MySQL, Oracle

  • Gives you a fast and predictable performance with seamless scalability

  • It is a managed service provided by AWS

  • When reading data from Amazon DynamoDB, users can specify whether they want the read to be eventually consistent or strongly consistent

  • There is a limit of stored data or throughput of data

Explanation

Question 16 of 94

1

You have a business critical application that requires it to be highly available with 6 instances always running. What should you do to achieve this?
(choose 3 correct answers)

Select one or more of the following:

  • 2 EC2 in 3 regions with ELB on top

  • 3 EC2 in 2 AZ with ELB on top

  • Auto Scaling rule for 6 instances always running

  • Auto scaling rule for 3 instance always running in each zone

  • Auto Scaling Replace the lost capacity in case of zone failure in the other zone

  • Auto Scaling Replace the lost capacity in case of region failure in other region

Explanation

Question 17 of 94

1

What are the characteristics of Elastic Beanstalk?
(choose 2 correct answers)

Select one or more of the following:

  • You can use it to replace an instance in the ELB when it fails its health check

  • Helps you quickly deploy and manage applications in the AWS cloud

  • It creates a template for your EC2 instance

  • You don’t need to worry about the infrastructure required to run your applications

Explanation

Question 18 of 94

1

How do you achieve single sign on with AWS?
(choose 1 correct answer)

Select one of the following:

  • It is configurable in the IAM policies for the user

  • By Using Multi-factor authentication

  • By Using Active Directory and LDAP integration

  • By Configuring SAML 2.0

  • It is currently not possible in AWS

Explanation

Question 19 of 94

1

What is true about VPC?
(choose 3 correct answers)

Select one or more of the following:

  • You can have one EC2 in more than 1 VPC

  • There will always be atleast 1 default VPC

  • A VPC is always across multiple availability zones within a region

  • You can either have a VPC with public subnet or private subnet

  • You may use a third party software VPN to create a site to site or remote access VPN connection with your VPC via the Internet Gateway

Explanation

Question 20 of 94

1

You are building a system to distribute confidential training videos to employees. Using CloudFront, what method could be used to serve content that is stored in S3, but not publically accessible from S3 directly?
(choose 1 correct answer)

Select one of the following:

  • Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.

  • Add the CloudFront account security group “amazon-cf/amazon-cf-sg” to the appropriate S3 bucket policy.

  • Create an Identity and Access Management (IAM) User for CloudFront and grant access to the objects in your S3 bucket to that IAM User.

  • Create a S3 bucket policy that lists the CloudFront distribution ID as the Principal and the target bucket as the Amazon Resource Name (ARN).

Explanation

Question 21 of 94

1

An instance is connected to an ENI (Elastic Network Interface) in one subnet. What happens when you attach an ENI of a different subnet to this instance?
(choose 1 correct answer)

Select one of the following:

  • The instance follows the rules of the older subnet

  • The instance follows the rules of both the subnets

  • The instance follows the rules of the newer subnet

  • Not possible cannot be connected to 2 ENIs

Explanation

Question 22 of 94

1

How do you point apex record of your website (example.com) to the public DNS of the Elastic Load Balancer?
(choose 1 correct answer)

Select one of the following:

  • A Record

  • CNAME record

  • AAAA record

  • Alias

  • NS Record

Explanation

Question 23 of 94

1

Which of the following will occur when an EC2 instance in a VPC (Virtual Private Cloud) with an associated Elastic IP is stopped and started?
(choose 2 correct answers)

Select one or more of the following:

  • The Elastic IP will be dissociated from the instance

  • All data on instance-store devices will be lost

  • All data on EBS (Elastic Block Store) devices will be lost

  • The ENI (Elastic Network Interface) is detached

  • The underlying host for the instance may change

Explanation

Question 24 of 94

1

You are running an ERP application on EC2 for your company that runs 24x7 and the load is predictable and constant throughout the year. Which is the most cost-efficient option for the EC2 purchase model in this case?
(choose 1 correct answer)

Select one of the following:

  • On-Demand

  • Reserved

  • Dedicated

  • Spot

  • EC2 is not the right choice here

Explanation

Question 25 of 94

1

What are the characteristics of EBS?
(choose 3 correct answers)

Select one or more of the following:

  • You can attach one EBS volume to multiple EC2 instance

  • Data in EBS is stored across multiple AZ for redundancy

  • Maximum size of an EBS can be 1 TB

  • You can have provisioned IOPS with your EBS volumes

  • EBS behaves like raw unformatted block device

Explanation

Question 26 of 94

1

You notice that you are not able to access your EC2 linux instance using SSH. What should you check first?
(choose 1 correct answer)

Select one of the following:

  • Make sure that the patches are up to date on the instance

  • Make sure the port 22 are open on the subnet for incoming traffic

  • Make sure the port 22 are open on the subnet for outgoing traffic

  • Make sure the port 22 are open on the security group for incoming traffic

  • Make sure the port 22 are open on the security group for outgoing traffic

Explanation

Question 27 of 94

1

What is true about AMI?
(choose 4 correct answers)

Select one or more of the following:

  • You can share your AMI with other AWS account owners

  • You can create an instance store-backed AMI

  • You can create an EBS-backed AMI

  • For Instance stored-backed AMIs, the root volume is stored in S3

  • For EBS stored-backed AMIs, the root volume is stored in S3

Explanation

Question 28 of 94

1

What is true about RDS?
(choose 3 correct answers)

Select one or more of the following:

  • You can create multiple read replica for ready heavy applications

  • You can have a read replica of a read replica

  • Daily backups are automatically taken

  • You can enable Multi-AZ option to have automatic failover in a different region

  • You can have provisioned IOPS for your RDS database

Explanation

Question 29 of 94

1

What are the characteristics of IAM?
(choose 2 correct answers)

Select one or more of the following:

  • By Default all the services are enabled for a new IAM user

  • By Default all the services are disabled for a new IAM user

  • You can create multiple access ID and secret keys for 1 IAM user

Explanation

Question 30 of 94

1

What are the characteristics of VPC subnets?
(choose 2 correct answers)

Select one or more of the following:

  • network traffic entering and exiting each subnet can be allowed or denied via network Access Control Lists (ACLs)

  • A subnet can be across multiple availability zones

  • A subnet can be across multiple regions

  • Default subnets are assigned a /20 netblocks

  • Default subnets are assigned a /16 netblocks

Explanation

Question 31 of 94

1

You have created 4 weighted resource record sets with weights 1, 2, 3 and 4. the 3rd record set is selected by Route53?
(choose 1 correct answer)

Select one of the following:

  • 1/7th of the time

  • 3/10th of the time

  • 3/7th of the time

  • 1/4th of the time

Explanation

Question 32 of 94

1

Which of the following can be used as an origin server in CloudFront?
(Choose 3 correct answers)

Select one or more of the following:

  • A webserver running on EC2

  • A webserver running in your own datacenter

  • A RDS instance

  • An Amazon S3 bucket

  • A Glacier storage

Explanation

Question 33 of 94

1

In CloudFront what happens when content is NOT present at an edge location and a request is made to it?
(choose 1 correct answer)

Select one of the following:

  • Option 1 An Error 404 not found is returned

  • CloudFront delivers the content directly from the origin server and stores it in the cache of the edge location

  • The request is kept on hold till content is delivered to the edge location

  • The request is routed to the next closest edge location

Explanation

Question 34 of 94

1

Which of the following is true with respect to serving private content through CloudFront?
(choose 3 correct answers)

Select one or more of the following:

  • Signed URLs can be created to access objects from CloudFront edge locations

  • Direct access to S3 URLs can be removed therefore allowing access only through CloudFront URLs

  • Mark the S3 bucket private and allow access to CloudFront by means of Roles

  • Mark the S3 bucket private and and create an Origin Access Identity to access the objects

Explanation

Question 35 of 94

1

You have written a CloudFormation template that creates 1 elastic load balancer fronting 2 EC2 instances. Which section of the template should you edit so that the DNS of the load balancer is returned upon creation of the stack?
(choose 1 correct answers)

Select one of the following:

  • Resources

  • Parameters

  • Outputs

  • Mappings

Explanation

Question 36 of 94

1

You are doing a large data analysis which requires high computing power and many instances to be launched simultaneously and then to be retired after the analysis. If the instance is retired during the analysis, the program automatically shifts the analysis to the other instance. Which is the most cost-efficient option for launching the EC2 in this case?
(choose 1 correct answer)

Select one of the following:

  • On-Demand

  • Reserved

  • Dedicated

  • Spot

  • EC2 is not the right choice here

Explanation

Question 37 of 94

1

What is true about penetration testing in AWS?
(choose 2 correct answers)

Select one or more of the following:

  • You can do the penetration on your individual EC2 instance only

  • A prior permission is required from AWS for penetration testing

  • You cannot do the penetration testing at all

  • You can ask AWS support to do the penetration testing

  • AWS will automatically conduct penetration testing from time to time

Explanation

Question 38 of 94

1

What are the benefits of Multi-AZ RDS deployments?
(choose 2 correct answers)

Select one or more of the following:

  • You get a read-replica

  • More availability during the maintenance window

  • Automatic failover in case of one data center failure

  • More IOPS available for data throughput

  • You get more privileges to manage your database

Explanation

Question 39 of 94

1

What kind of data should not be stored in S3?
(choose 3 correct answers)

Select one or more of the following:

  • Images and videos

  • Static files for your websites

  • Your website database

  • Notifications from a computer program

  • Static Files that are accessed once in many years

Explanation

Question 40 of 94

1

What are the characteristics of a reserved instance?
(choose 3 correct answers)

Select one or more of the following:

  • It can be applied across regions

  • It saves you significant money over on-demand instance

  • You can shut down the reserved instance any time you want and the hourly charge wont incur for the shutdown hours

  • If your AMI changes the Reserved instance is still valid if it’s the same instance type

  • You pay a fixed amount of money irrespective of the number of hours you used the instance for

Explanation

Question 41 of 94

1

What are the characteristics of CloudFormation?
(choose 2 correct answers)

Select one or more of the following:

  • You can use it to replace an instance in the ELB when it fails its health check

  • Helps you quickly deploy and manage applications in the AWS cloud

  • It creates a template for your EC2 instance

  • You don’t need to worry about the infrastructure required to run your applications

Explanation

Question 42 of 94

1

To protect S3 data from accidental deletion and overwriting you should
(choose 1 correct answer)

Select one of the following:

  • Disable S3 delete using an IAM bucket policy

  • Access S3 data only using signed URLs

  • Enable S3 reduced redundancy storage

  • Enable S3 versioning on the bucket

  • Enable MFA protected access

Explanation

Question 43 of 94

1

Which one is an operational process performed by AWS for data security?
(choose 1 correct answer)

Select one of the following:

  • AES 256 bit encryption of data stored on any shared storage device

  • Decommissioning of storage device using industry-standard practices

  • Background virus scans of EBS volumes and EBS snapshots

  • Replication of data across multiple geographic regions

  • Secure wiping of EBS volumes when they are un-mounted

Explanation

Question 44 of 94

1

Which metrics could CloudWatch monitor?
(choose 2 correct answers)

Select one or more of the following:

  • Hypervisor visible metrics such as CPU utilization

  • Operating system visible metrics such as memory utilization

  • Network Utilization (Read-write)

  • Web server visible metrics such as number failed transaction requests

  • Database visible metrics such as number of connections

Explanation

Question 45 of 94

1

How should you launch instance if you need a pre-defined IP?
(choose 1 correct answer)

Select one of the following:

  • Launch it in a VPC

  • Launch it under an ELB

  • Pre-assign an IP using CloudFormation script

  • Launch it in a Placement Group

Explanation

Question 46 of 94

1

In which case do you have full authority of the underlying instance?
(choose 2 correct answers)

Select one or more of the following:

  • EC2

  • RDS

  • DynamoDB

  • EMR (Elastic Map Reduce)

Explanation

Question 47 of 94

1

What is true about EBS?
(choose 3 correct answers)

Select one or more of the following:

  • The snapshots are stored in S3

  • The snapshots are just stored as another EBS volume

  • Snapshots are incremental in nature and only

  • You can share the snapshot with other AWS accounts

  • Snapshots are automatically encrypted

Explanation

Question 48 of 94

1

What is the difference between a security group in VPC and a network ACL in VPC?
(choose 3 correct answers)

Select one or more of the following:

  • Security group restricts access to a Subnet while ACL restricts traffic to EC2

  • Security group restricts access to EC2 while ACL restricts traffic to a subnet

  • Security group can work outside the VPC also while ACL only works within a VPC

  • Network ACL performs stateless filtering and Security group provides stateful filtering

  • Security group can only set Allow rule, while ACL can set Deny rule also

Explanation

Question 49 of 94

1

For an EC2 instance launched in a private subnet in VPC, which of the following are the options for it to be able to connect to the internet (assume security groups have proper ports open)?
(choose 1 correct answer)

Select one of the following:

  • Simply attach an Elastic IP

  • If there is also a public subnet in the same VPC, an ENI can be attached to the instance with the ip address range of the public subnet

  • If there is a public subnet in the same VPC with a NAT instance attached to internet gateway, then a route can be configured from the instance to the NAT

  • There is no way for an instance in private subnet to talk to the internet

Explanation

Question 50 of 94

1

What happens to data when an EC2 instance terminates?
(choose 3 correct answers)

Select one or more of the following:

  • For EBS backed AMI, the EBS volume with operation system on it is preserved

  • For EBS backed AMI, any volume attached other than the OS volume is preserved

  • All the snapshots of the EBS volume with operating system is preserved

  • For S3 backed AMI, all the data in the local (ephemeral) hard drive is deleted

  • For Instance store-backed EC2 the data is lost when the instance is rebooted

Explanation

Question 51 of 94

1

Which of the following Auto scaling cannot do?
(choose 3 correct answers)

Select one or more of the following:

  • Start up EC2 instances when CPU utilization is above threshold

  • Release EC2 instances when CPU utilization is below threshold

  • Increase the instance size when utilization is above threshold

  • Add more Relational Database Service (RDS) read replicas when utilization is above threshold

  • Reboots an instance if the health check is failed for that instance

Explanation

Question 52 of 94

1

What is true for S3 buckets?
(choose 3 correct answers)

Select one or more of the following:

  • Bucket namespace is shared and is global among all AWS users.

  • Bucket names can contain alpha numeric characters

  • Bucket are associated with a region, and all data in a bucket resides in that region

  • Buckets can be transferred from one account to another through API

  • You can have unlimited number of buckets in each AWS account

Explanation

Question 53 of 94

1

Does S3 provides read-after-write consistency?
(choose 1 correct answer)

Select one of the following:

  • Yes, not for all regions

  • Yes, for all regions

  • No, it does not provide read-after-write consistency

  • You can provision this by making the right API calls

Explanation

Question 54 of 94

1

Choose the correct statement
(choose 3 correct answers)

Select one or more of the following:

  • You can have unlimited number of objects in S3 bucket

  • An S3 object can be of unlimited size

  • Data stored in S3 is encrypted

  • You can use Reduced Redundancy storage for lower cost option

  • You can serve your static website from S3

Explanation

Question 55 of 94

1

In CloudFront what happens when content is NOT present at an edge location and a request is made to it?
(choose 1 correct answer)

Select one of the following:

  • An Error 404 not found is returned

  • CloudFront delivers the content directly from the origin server and stores it in the cache of the edge location

  • The request is kept on hold till content is delivered to the edge location

  • The request is routed to the next closest edge location

Explanation

Question 56 of 94

1

Which if the services could spread across Multi-AZ?
(choose 2 correct answers)

Select one or more of the following:

  • EC2

  • ELB

  • RDS

  • DynamoDB

  • EBS

Explanation

Question 57 of 94

1

How do you mount a new EBS to an EC2?
(choose 3 correct answers)

Select one or more of the following:

  • Using AWS management console

  • Using AWS API tools

  • Using AWS command line interface

  • By doing an RDP to the instance

  • By doing an SSH to the instance

Explanation

Question 58 of 94

1

Which of the following will provide the maximum IOPS for your EC2?
(choose 1 correct answer)

Select one of the following:

  • Instance based SSD storage

  • EBS with SSD storage

  • EBS with provisioned IOPS

  • Stripe data across Multiple EBS volumes with Raid 5

  • Stripe data across Multiple EBS volumes with Raid 0

Explanation

Question 59 of 94

1

Choose the right statements about EC2 instance
(choose 2 correct answers)

Select one or more of the following:

  • The instance based storage is automatically saved in S3

  • You can use the instance based storage for your root volume

  • You can attach multiple Elastic IPs to a single EC2

  • The public DNS of the EC2 remains intact when you shut down the EC2 and start it again

  • Data on the instance based storage remains intact when you reboot the instance

Explanation

Question 60 of 94

1

What is the best way of taking a fast snapshot without losing the consistency?
(choose 1 correct answer)

Select one of the following:

  • Stop the EC2, issue a snapshot command, switch on the EC2

  • Stop the EC2, issue a snapshot command, wait to complete the snapshot, remount EBS

  • Just issue the snapshot command

  • Un-mount EBS, issue snapshot command, remount

  • Un-mount EBS, take snapshot, wait to complete the snapshot, remount EBS

Explanation

Question 61 of 94

1

What is the maximum size of a single S3 object?

Select one of the following:

  • There is no such limit

  • 5 TB

  • 5 GB

  • 100 GB

Explanation

Question 62 of 94

1

Which of the following benefits does adding Multi-AZ deployment in RDS provide?
(choose multiple if more than one is true)

Select one or more of the following:

  • Multi-AZ deployed database can tolerate an Availability Zone failure

  • Decrease latencies if app servers accessing database are in multiple availability zones

  • Make database access times faster for all app servers

  • Make database more available during maintenance tasks

Explanation

Question 63 of 94

1

When an ELB is setup, what is the best way to route a website’s traffic to it?

Select one of the following:

  • Resolve the ELB name to an ip address and point the website to that ip address

  • There is no direct way to do so, Route53 has to be used

  • Generate a CNAME record for the website pointing to the DNS name of the ELB

Explanation

Question 64 of 94

1

You want to use Route53 to direct your www sub-domain to an Elastic Load Balancer fronting your web servers. What kind of record set should you create?

Select one of the following:

  • A record

  • AAAA record

  • NS record

  • CNAME record

Explanation

Question 65 of 94

1

You have created a Route 53 latency record set from your domain to a machine in Singapore and a similar record to a machine in Oregon. When a user located in India visits your domain he will be routed to:

Select one of the following:

  • Singapore

  • Oregon

  • Depends on the load on each machine

  • Both, because 2 requests are made, 1 to each machine

Explanation

Question 66 of 94

1

If I want an instance to have a public IP address, which IP address should I use?

Select one of the following:

  • Elastic IP Address

  • Class B IP Address

  • Class A IP Address

  • Dynamic IP Address

Explanation

Question 67 of 94

1

What does RRS stand for when talking about S3?

Select one of the following:

  • Redundancy Removal System

  • Relational Rights Storage

  • Regional Rights Standard

  • Reduced Redundancy Storage

Explanation

Question 68 of 94

1

What does the AWS Storage Gateway provide?

Select one of the following:

  • It allows to integrate on-premises IT environments with cloud storage.

  • A direct encrypted connection to Amazon S3.

  • It's a backup solution that provides an on-premises cloud storage.

  • It provides an encrypted SSL endpoint for backups in the cloud.

Explanation

Question 69 of 94

1

How many relational database engines does RDS currently support?

Select one of the following:

  • Three: MySQL, Oracle and Microsoft SQL Server.

  • Just two: MySQL and Oracle.

  • Five: MySQL, PostgreSQL, MongoDB, Cassandra and SQLite.

  • Just one: MySQL.

Explanation

Question 70 of 94

1

What are the two permission types used by AWS?

Select one of the following:

  • Resource-based and Product-based

  • Product-based and Service-based

  • Service-based

  • User-based and Resource-based

Explanation

Question 71 of 94

1

Which of the following requires a custom cloudwatch metric to monitoring?

Select one of the following:

  • Disk usage activity of the ephemeral volumes of an Amazon EC2 instance

  • CPU Utilisation of an Amazon Elastic Compute Cloud (EC2) instance

  • Disk usage activity of an Elastic Block Store volume attached to an Amazon EC2 instance

  • Disk full percentage of an Elastic Block Store volume

Explanation

Question 72 of 94

1

You run a two-tiered application with the following components: an Elastic Load Balancer (ELB), three web/application server on Amazon Elastic Compute Cloud (EC2), and one MySQL RDS database. With growing load, database query take longer and longer and slow down the overall response time for user requests.

What of the following options could speed up performance ? choose 3

Select one or more of the following:

  • Create an RDS read-replica and redirect half of the database read request to it

  • Cache database queries in Amazon Elastic Cloud

  • Setup RDS in Multi-AZ mode.

  • Shard the database and distribute loads between shards.

  • Use AWS CloudFront to cache database queries.

Explanation

Question 73 of 94

1

As an application has increased in popularity, reports of performance issues have grown. the current configuration initiates scaling actions based on avg CPU utilization; however during reports of slowness, CloudWatch graphs have shown that average CPU remains steady at 40 percent. This is well below the alarm threshold of 60 percent. Your developers have discovered that, due to the unique design of the application, performance degradation occurs on an instance when it is processing more than 200 threads.

What is the best way to ensure that your application scales to match the demands?

Select one of the following:

  • Launch two to six additional instances outside of the AutoScaling group to handle the additional load.

  • Populate the custom CloudWatch metric for concurrent session and initiate scaling action based on that metric instead of CPU use.

  • Empirically determine the expected CPU use for 200 concurrent sessions and adjust the CloudWatch alarm threshold to be that CPU use.

  • Add a script to each instance to detect the number of concurrent sessions. If the number of sessions remains over 200 for 5 minutes, have the instance increased the desired capacity of the AutoScaling group by one.

Explanation

Question 74 of 94

1

Your company build the mobile application that has already been downloaded several hundreds and thousands of times.

Which authentication solution would enables mobile client to access picture stored on aws s3 bucket and provide you with the height flexibility to rotate credentials?

Select one of the following:

  • Identify federation based on AWS security token service(STS) using an aws IAM policy for the respective s3 bucket

  • IAM user per registered client with an IAM policy granted aws s3 access to the respective bucket

Explanation

Question 75 of 94

1

EBS can always tolerate an Availability Zone failure?

Select one of the following:

  • No, all EBS volume is stored in a single Availability Zone

  • Yes, EBS volume has multiple copies so it should be fine

  • Depends on how it is setup

  • Depends on the Region where EBS volume is initiated

Explanation

Question 76 of 94

1

You receive a spot instance at a bit of $0.05/hr. After 30 minutes, the spot price increase to $0.06/hr and your spot instances is terminated by AWS. What was the total EC2 compute cost of running your spot instance?

Select one of the following:

  • $0.00

  • $0.02

  • $0.03

  • $0.04

  • $0.05

Explanation

Question 77 of 94

1

You have an Amazon Elastic Cloud Compute (EC2) security group with several running EC2 instances. You change the security group rules to allow inbound traffic on a new port and protocol, and launch several new instance in the same security group. The new rule apply:-

Select one of the following:

  • Immediately to the new instances only

  • Immediately to the new instances only, but old instance must be stopped and restarted before before the new rule apply.

  • To all instances, but it may take several minutes for old install to see the changes.

  • Immediately to all instances in the security group

Explanation

Question 78 of 94

1

You are developing a highly available web application using stateless web servers. Which services are suitable for storing session state data?
(choose 3).

Select one or more of the following:

  • Amazon DynamoDB

  • Amazon ElastiCache

  • Elastic Load Balancing

  • AWS storage Gateway

  • Amazon Relational Database service (RDS)

  • Amazon CloudWatch

Explanation

Question 79 of 94

1

What combination of the following options will protect Amazon Simple Storage Services (S3) objects from both accidental deletion and accidental overwriting?
(Choose two)

Select one or more of the following:

  • Enable S3 versioning on bucket

  • Access S3 data using only signed URL.

  • Disable S3 delete using an IAM bucket policy.

  • Enable S3 Reduced Redundancy storage

  • Enable multi-factor authentication(MFA) protected access.

Explanation

Question 80 of 94

1

You have been tasked with creating a VPC network topology for your company. The VPC network must support both internet-facing application and internally-facing application accessed only over VPN. Both internet-facing and internally-facing application must be able to leverage at least three AZs for high availability. At a minimum, how many subnets must you create within your VPC to accommodate these requirement?

Select one of the following:

  • 2

  • 3

  • 4

  • 6

Explanation

Question 81 of 94

1

You have an Amazon Virtual Private Cloud with a public subnet. Three Amazon Elastic Compute Cloud (EC2) instances currently running inside the subnet can successfully communicate with other hosts on the internet. You launch a fourth instance in the same subnet, using the same amazon machine image (AMI) and security group configuration, you used for others, but find that this instance cannot be accessed from the internet. What should you do to enable internet access?

Select one of the following:

  • Deploy a NAT instance into the public subnet.

  • Modify the routing table for the public subnet.

  • Configure a publically routable IP address in the host OS of the fourth instance.

  • Assign an elastic ip address to the fourth instance.

Explanation

Question 82 of 94

1

You have a business-critical two-tier web app currently deployed in two availability zones in a single region, using Elastic, Load Balancing and AutoScaling. The app depends on synchronous replication(very low latency connectivity) at the data layer. The application need to remain fully available even if one application availability zone goes off-line, and auto scaling cannot launch new instances in the remaining availability zones, How can the current architecture be enhanced to ensure this?

Select one of the following:

  • Deploy in three availability zone, with auto scaling minimum set to handel 33 percent peak load per zone.

  • Deploy in two region using Weighted Round Robin(WRR), with Auto Scaling minimums set for 50 percent peak load per Region.

  • Deploy in two region using Weighted Round Robin(WRR), with Auto Scaling minimums set for 100 percent peak load per region.

  • Deploy in three availability Zones, with auto scaling minimum set to handle 50 percent peak load per zone.

Explanation

Question 83 of 94

1

Which of the following requires a custom CloudWatch metric to monitor?

Select one of the following:

  • Memory use

  • CPU use

  • Disk read operations

  • Network in

  • Estimated charges

Explanation

Question 84 of 94

1

How can software determine the public and private ip addresses of the aws EC2 instance that it is running on?

Select one of the following:

  • Query the appropriate AWS cloudwatch metric

  • Use an ipconfig or ifconfig command

  • Query the local instance metadata

  • Query the local instance userdata

Explanation

Question 85 of 94

1

What action is required to establish an Amazon VPC VPN connection between an on-premises data center and Amazon VPC Virtual Private Gateway?

Select one of the following:

  • Established a dedicated network connection using AWS Direct Connect

  • Modify the main route table to allow traffic to a network address translation instance.

  • Use a dedicated network address translation instance in the public subnet

  • Assign a static internet-routable ip address to Amazon VPC Customer Gateway

Explanation

Question 86 of 94

1

Which of the following is a durable key-value store?

Select one of the following:

  • Amazon Simple Notification Service

  • Amazon Simple Queue Service

  • Amazon Simple WorkFlow Service

  • Amazon Simple Storage Service

Explanation

Question 87 of 94

1

Which route must be added to your routing table in order to allow connections to the internet from your subnet?

Select one of the following:

  • Destination:0.0.0.0/0 → Target:your internet gateway

  • Destination:192.168.1.257/0 → Target:your internet gateway

  • Destination:0.0.0.0/33 → Target:your virtual private gateway

  • Destination:0.0.0.0/0 → Target:0.0.0.0/24

  • Destination:0.0.0.0/32 → Target:your virtual private gateway

Explanation

Question 88 of 94

1

After creating a new aws account, you use the api to request 40 on-demand AWS EC2 instances in a single availability zone. After 20 successful requests, subsequent request failed. what could be a reason for this issue, and how would you resolve it?

Select one of the following:

  • You encountered a soft limit of 20 instances per region.submit the limit increase form and retry the failed requests once approved.

  • AWS allows you to provision no more than 20 instances per availability zone.select a different availability zone and retry the failed request.

  • You need to use amazon VPC in order to provision more than 20 instances in a single availability zone. simply terminate the resources already provisioned and re-launch them all in a VPC.

  • You encountered an api throttling situation and should try the failed request using an exponential decay retry algorithm.

Explanation

Question 89 of 94

1

In reviewing the auto scaling events for your application you notice that your application is scaling up and down multiple times in the same hour. What design choice could you make to optimize for cost while preserving elasticity? choose 2

Select one or more of the following:

  • Modify the auto scaling group termination policy to terminate the oldest instance first.

  • Modify the auto scaling to use scheduled scaling actions

  • Modify the auto scaling group termination policy to terminate the newest instance first.

  • Modify the amazon cloudwatch alarm period that trigger yours auto scaling scale down policy.

  • Modify the auto scaling group cool-down timers.

Explanation

Question 90 of 94

1

A customer's nightly EMR job processes a single 2-TB data file stored on S3. The amazon EMR job runs on two on-demand core nodes and three on-demand task nodes. Which of the following may help reduce the EMR job completion time? choose 2

Select one or more of the following:

  • Use three spot instances rather than three on-demand instances for the task nodes.

  • Change the input split size in the mapreduce job configuration.

  • Use a bootstrap action to present the s3 bucket as a local filesystem.

  • Launch the core nodes and task nodes within an amazon virtual cloud.

  • Adjust the number of simultaneous mapper tasks.

  • Enable termination protection for the job flow

Explanation

Question 91 of 94

1

You have an application running in us-west-2 that requires 6 amazon elastic compute cloud instances running at all times. With 3 availability of zones available in that region(us-west-2a,us-west-2b,us-west-2c), which of the following development provide 100% fault tolerance if any single availability zone in us-west-2 becomes unavailable? choose 2

Select one or more of the following:

  • us-west-2a with 2 EC2 instances, us-west-2b with 2 EC2 instance, us-west-2c with 2 EC2 instance

  • us-west-2a with 3 EC2 instances, us-west-2b with 3 EC2 instance, us-west-2c with no EC2 instance

  • us-west-2a with 4 EC2 instances, us-west-2b with 2 EC2 instance, us-west-2c with 2 EC2 instance

  • us-west-2a with 6 EC2 instances, us-west-2b with 6 EC2 instance, us-west-2c with no EC2 instance

  • us-west-2a with 3 EC2 instances, us-west-2b with 3 EC2 instance, us-west-2c with 3 EC2 instance

Explanation

Question 92 of 94

1

A VPC public subnet is one that:

Select one of the following:

  • Has at least 1 route in its associate routing table that uses an internet gateway(IGW)

  • Include a route in its associated routing table via a NAT.

  • Has network Access control list (NACL) permitting outbound traffic to 0.0.0.0/0

  • Has the public subnet options selected in its configuration

Explanation

Question 93 of 94

1

You are deploying a an application on EC2 that must call aws APIs. what method of securely passing credential to the application should you use?

Select one of the following:

  • Store API credentials as an object in Amazon S3

  • Use AWS Identity and Access Management roles for EC2 instance

  • Pass API credentials to the instance using instance user data

  • Embed the API credential into your jar file

Explanation

Question 94 of 94

1

A Startup company hired you to help them build a mobile application, that will ultimately store billions of images and videos in Amazon Simple Storage double their current installation base every six months, Due to the nature of their business, they are expecting sudden and large increase in traffic to and from s3, and need to ensure that it can handle the performance need of their applications. What other information must you gather from this customer in order to determine whether s3 is the right option?

Select one of the following:

  • You must know how many customers the company has today, because this critical in understanding what their customer base will be in two years.

  • Uou must find out total number of requests per second at peak usage.

  • Uou must know the size individual objects being written to S3, in order to properly design the key namespace.

  • In order to build the key namespace correctly, you must understand the total amount of storage needs for each S3 bucket.

Explanation