0% found this document useful (0 votes)
679 views

Whizlabs Practice Test I

The document appears to be a practice test for the AWS Certified Solutions Architect Associate certification. It includes 6 multiple choice questions about AWS services like EC2, EBS, IAM roles, and security groups. For each question, it provides the question, possible answers, an explanation of the correct answer, and a link for more information.

Uploaded by

debashish
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
679 views

Whizlabs Practice Test I

The document appears to be a practice test for the AWS Certified Solutions Architect Associate certification. It includes 6 multiple choice questions about AWS services like EC2, EBS, IAM roles, and security groups. For each question, it provides the question, possible answers, an explanation of the correct answer, and a link for more information.

Uploaded by

debashish
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 56

 

AWS CSAA Practice Tests


Home / My courses / AWS CSAA Practice Tests / FULL TEST(S) / New Practice Test I

Started on Thursday, 8 March 2018, 4:24 PM

State Finished

Completed on Thursday, 8 March 2018, 5:21 PM

Time taken 56 mins 41 secs

Grade 33 out of 60 (55%)

Result FAIL

QUESTION 1

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You currently have an EC2 instance hosting a web application. The number of users is expected to increase in
the coming months and hence you need to add more elasticity to your setup. Which of the following methods
can help add elasticity to your existing setup. Choose 2 answers from the options given below

Please select :
A. Setup your web app on more EC2 instances and set them behind an Elastic Load balancer 

B. Setup an Elastic Cache in front of the EC2 instance. 

C. Setup your web app on more EC2 instances and use Route53 to route requests accordingly.

D. Setup DynamoDB behind your EC2 Instances

Your answer is incorrect.

Answer – A and C

The Elastic Load balancer is one of the most the ideal solution for adding elasticity to your application.

The below snapshot is an example where you can add 3 EC2 Instances to an ELB. All requests can then be routed
accordingly to these instances.
 

For more information on Elastic Load Balancer, please visit the below URL:

https://aws.amazon.com/elasticloadbalancing/

The other alternative is to create a routing policy in Route53 with Weighted routing policy . Weighted resource record
sets let you associate multiple resources with a single DNS name. Weighted routing policy enables Route 53 to route
tra c to di erent resources in speci ed proportions (weights).To create a group of weighted resource record sets, two
or more resource record sets can be created that have the same combination of DNS name and type, and each
resource record set is assigned a unique identi er and a relative weight.

For more information on Route53, please visit the below URL:

http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/Welcome.html

Option B is not valid because this will just cache the reads , and will not add that desired elasticity to your application.

Option D is not valid , because there is no mention of a persistence layer in the question , that would require the use of
DynamoDB.

The correct answers are: Setup your web app on more EC2 instances and set them behind an Elastic Load balancer,
Setup your web app on more EC2 instances and use Route53 to route requests accordingly.

Feedback about this question and answer

QUESTION 2

INCORRECT
MARK 0 OUT OF 1

Submit Feedback

You are creating a Provisioned IOPS volume in AWS. The size of the volume is 8 GiB. Which of the following are
the possible values that can put for the IOPS of the volume

Please select :
A. 400

B. 500

C. 600 

D. 1000

Your answer is incorrect.

Answer – A

The Maximum ratio of IOPS to volume size is 50:1 , so if the volume size is 8 GiB , the maximum IOPS of the volume can
be 400. If you go beyond this value , you will get an error as shown in the screenshot below.

For more information on Provisioned IOPS, please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html

The correct answer is: 400

Feedback about this question and answer

QUESTION 3

CORRECT
MARK 1 OUT OF 1

Submit Feedback

A company is hosting EC2 instances which focuses on work-loads are on non-production and non-priority
batch loads. Also these processes can be interrupted at any time. What is the best pricing model which can be
used for EC2 instances in this case?

Please select :
A. Reserved Instances

B. On-Demand Instances

C. Spot Instances 

D. Regular Instances

Your answer is correct.

Answer – C

Spot instances enable you to bid on unused EC2 instances, which can lower your Amazon EC2 costs signi cantly. The
hourly price for a Spot instance (of each instance type in each Availability Zone) is set by Amazon EC2, and uctuates
depending on the supply of and demand for Spot instances. Your Spot instance runs whenever your bid exceeds the
current market price.

Spot instances are a cost-e ective choice if you can be exible about when your applications run and if your
applications can be interrupted. For example, Spot instances are well-suited for data analysis, batch jobs, background
processing, and optional tasks

Option A is invalid because even though Reserved instances can reduce costs , its best for workloads that would be
active for a longer period of time rather than for batch load processes which could last for a shorter period of time.

Option B is not right because On-Demand Instances tend to be more expensive than Spot Instances.

Option D is invalid because there is no concept of Regular instances in AWS

For more information on Spot Instances, please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances.html

The correct answer is: Spot Instances

Feedback about this question and answer

QUESTION 4

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You have 2 Ubuntu instances located in di erent subnets in the same VPC. Now to your understanding these
instances should be able to communicate with each other, but when you try to ping from one instance to
another, you get a timeout. The Route tables seem to be valid and has the entry for the Target ‘local’ for your
VPC CIDR. Which of the following could be a valid reason for this issue.
Please select :
A. The Instances are of the wrong AMI , hence you are not able to ping the instances.

B. The Security Group has not been modi ed for allow the required tra c. 

C. The Instances don’t have Public IP, so that the ping commands can be routed

D. The Instances don’t have Elastic IP, so that the ping commands can be routed

Your answer is correct.

Answer – B

The security groups need to con gured to ensure that ping commands can go through. The below snapshot shows that
the ICMP protocol needs to be allowed to ensure that the ping packets can be routed to the instances. You need to edit
the Inbound Rules of the Web Security Group.

Option A is invalid because the AMI will not impact the ping command

Option C and D are invalid because even if you have a Public IP and Elastic IP allocated to the Instance, you need to
ensure there is a route to the internet gateway and the Web Security Groups are con gured accordingly.

For more information on Security Groups, please visit the below URL:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html

The correct answer is: The Security Group has not been modi ed for allow the required tra c.

Feedback about this question and answer

QUESTION 5

CORRECT

MARK 1 OUT OF 1
Submit Feedback

What is the best way to move an EBS volume currently attached to an EC2 instance from one
availability zone to another ?

Please select :
A. Detach the volume and attach to an EC2 instance in another AZ.

B. Create a new volume in the other AZ and specify the current volume as the source.

C. Create a snapshot of the volume and then create a volume from the snapshot in the other AZ 

D. Create a new volume in the AZ and do a disk copy of contents from one volume to another.

Your answer is correct.

Answer – C

In order for a volume to be available in another availability zone, you need to rst create a snapshot from the volume.
Then in the snapshot from creating a volume from the snapshot , you can then specify the new availability zone
accordingly.

Option A is invalid, because the Instance and Volume have to be in the same AZ in order for it to be attached to the
instance

Option B is invalid , because there is no way to specify a volume as a source

Option D is invalid , because the Diskcopy would just be a tedious process.

For more information on snapshots, please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html

The correct answer is: Create a snapshot of the volume and then create a volume from the snapshot in the other AZ

Feedback about this question and answer


QUESTION 6

CORRECT

MARK 1 OUT OF 1

Submit Feedback

When it comes to API credentials, what is the best practise recommended by AWS?

Please select :
A. Create a role which has the necessary and can be assumed by the EC2 instance. 

B. Use the API credentials from an EC2 instance.

C. Use the API credentials from a bastion host.

D. Use the API credentials from a NAT Instance.

Your answer is correct.

Answer – A

IAM roles are designed in such a way so that your applications can securely make API requests from your instances,
without requiring you to manage the security credentials that the applications use.

Option B,C and D are invalid because it is not secure to use API credentials from any EC2 instance. The API credentials
can be tampered with and hence is not the ideal secure way to make API calls.

For more information on IAM roles for EC2, please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

The correct answer is: Create a role which has the necessary and can be assumed by the EC2 instance.

Feedback about this question and answer

QUESTION 7

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You want to retrieve the Public IP addresses assigned to a running instance via the Instance metadata. Which
of the below urls is valid for retrieving this data.

Please select :
A. http://169.254.169.254/latest/meta-data/public-ipv4

B. http://254.169.254.169/latest/meta-data/public-ipv4

C. http://254.169.254.169/meta-data/latest/public-ipv4

D. http://169.254.169.254/meta-data/latest/public-ipv4 
Your answer is incorrect.

Answer - A

As per the AWS documentation, below is the right way to access the instance metadata

For more information on Instance metadata, please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html

The correct answer is: http://169.254.169.254/latest/meta-data/public-ipv4

Feedback about this question and answer

QUESTION 8

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You are planning to use the MySQL RDS in AWS. You have a requirement to ensure that you are available to
recover from a database crash. Which of the below is not a recommended practise when you want to ful l this
requirement

Please select :
A. Ensure that automated backups are enabled for the RDS

B. Ensure that you use the MyISAM storage engine for MySQL

C. Ensure that the database does not grow too large 

D. Ensure that le sizes for the RDS is well under 16 TB.

Your answer is incorrect.


Answer – B

Below is the best recommended practices for MySQL

For more information on best practices for MySQL Storage, please visit the below URL:

http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_BestPractices.html#CHAP_BestPractices.MySQLStorage

The correct answer is: Ensure that you use the MyISAM storage engine for MySQL

Feedback about this question and answer

QUESTION 9

CORRECT

MARK 1 OUT OF 1

Submit Feedback

Which of the following is a valid bucket name

Please select :
A. demo 

B. Example

C. .example

D. demo.

Your answer is correct.

Answer - A

Following are the restrictions when naming buckets in S3.

Bucket names must be at least 3 and no more than 63 characters long.


Bucket names must be a series of one or more labels. Adjacent labels are separated by a single period (.). Bucket
names can contain lowercase letters, numbers, and hyphens. Each label must start and end with a lowercase letter
or a number.
Bucket names must not be formatted as an IP address (e.g., 192.168.5.4).
When using virtual hosted–style buckets with SSL, the SSL wildcard certi cate only matches buckets that do not
contain periods. To work around this, use HTTP or write your own certi cate veri cation logic. We recommend that
you do not use periods (".") in bucket names.

Option B is invalid because it has an upper case character

Option C is invalid because the bucket name cannot start with a period (.).

Option D is invalid because the bucket name cannot end with a period (.).

For more information on S3 Bucket restrictions, please visit the below URL:

http://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html

The correct answer is: demo

Feedback about this question and answer

QUESTION 10

CORRECT

MARK 1 OUT OF 1

Submit Feedback

Which of the following is not a feature provided by Route53?

Please select :
A. Registration of Domain Names

B. Routing of internet tra c to domain resources

C. O oading content to cache locations 

D. Health check of resources

Your answer is correct.

Answer – C

The below features are available for Route53 hence option A,B and D are valid.

Register domain names – Your website needs a name, such as example.com. Amazon Route 53 lets you register a
name for your website or web application, known as a domain name.
Route internet tra c to the resources for your domain – When a user opens a web browser and enters your domain
name in the address bar, Amazon Route 53 helps the Domain Name System (DNS) connect the browser with your
website or web application.
Check the health of your resources – Amazon Route 53 sends automated requests over the internet to a resource,
such as a web server, to verify that it's reachable, available, and functional. You also can choose to receive
noti cations when a resource becomes unavailable and choose to route internet tra c away from unhealthy
resources.

 Option C is basically a feature provided by the AWS Content Delivery service.

For more information on Route53, please visit the below URL:

http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/Welcome.html
The correct answer is: O oading content to cache locations

Feedback about this question and answer

QUESTION 11

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

When working with API gateways in AWS , what is the type of endpoints that are exposed

Please select :
A. HTTP 

B. HTTPS

C. JSON

D. XML

Your answer is incorrect.

Answer - B

All of the endpoints created with the API gateway are of HTTPS.

Option A is incorrect because Amazon API Gateway does not support unencrypted (HTTP) endpoints

Option C and D are invalid because API gateway  expose HTTPS endpoints only

For more information on API Gateways, please visit the below URL:

https://aws.amazon.com/api-gateway/faqs/

The correct answer is: HTTPS

Feedback about this question and answer

QUESTION 12

CORRECT

MARK 1 OUT OF 1

Submit Feedback

Which of the following verbs are supported with the API Gateway

Please select :
A. GET

B. POST

C. PUT

D. All of the above 


Your answer is correct.

Answer - D

Each resource within a REST API can support one or more of the standard HTTP methods. You de ne which verbs
should be supported for each resource (GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS) and their implementation.

For more information on API Gateways, please visit the below URL:

https://aws.amazon.com/api-gateway/faqs/

The correct answer is: All of the above

Feedback about this question and answer

QUESTION 13

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

Which of the following container technologies are currently supported by the AWS ECS service?
Choose 2 answers.

Please select :
A. Kubernetes

B. Docker 

C. Mesosphere 

D. Canonical LXD

Your answer is incorrect.

Answer - Option A and B

Currently Kubernetes and Docker are the container platform supported by EC2 Container Service.

For more information on ECS, please visit the below URL:


https://aws.amazon.com/ecs/faqs/
https://aws.amazon.com/blogs/aws/amazon-elastic-container-service-for-kubernetes/

The correct answers are: Kubernetes, Docker

Feedback about this question and answer

QUESTION 14

INCORRECT
MARK 0 OUT OF 1

Submit Feedback

Which of the following when used alongside with the AWS Secure Token service can be used to provide a
single sign-on experience for existing users who are part of an organization using on-premise applications

Please select :
A. OpenID Connect

B. JSON

C. SAML 2.0

D. OAuth 

Your answer is incorrect.

Answer - C

You can authenticate users in your organization's network, and then provide those users access to AWS without
creating new AWS identities for them and requiring them to sign in with a separate user name and password. This is
known as the single sign-on (SSO) approach to temporary access. AWS STS supports open standards like Security
Assertion Markup Language (SAML) 2.0, with which you can use Microsoft AD FS to leverage your Microsoft Active
Directory.

Option A and D are incorrect because these are used when you want users to sign in using a well-known third party
identity provider such as Login with Amazon, Facebook, Google.

Option B  is incorrect because this is more of a data exchange protocol.

For more information on STS, please visit the below URL:

http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html

The correct answer is: SAML 2.0

Feedback about this question and answer

QUESTION 15

CORRECT

MARK 1 OUT OF 1

Submit Feedback

While performing status checks on your volume in AWS , you can see that the volume check has a status of
"insu cient-data". What can you derive from this status check

Please select :
A. All checks have passed

B. A particular check has failed only

C. All checks have failed

D. The check on the volume is still in progress. 


Your answer is correct.

Answer - D

Volume status checks enable you to better understand, track, and manage potential inconsistencies in the data on an
Amazon EBS volume. They are designed to provide you with the information that you need to determine whether your
Amazon EBS volumes are impaired, and to help you control how a potentially inconsistent volume is handled.

If the status is insu cient-data, the checks may still be in progress on the volume.

Option A is incorrect because if all checks have passed, then the status of the volume is OK.

Option B and C are incorrect because if a check fails, then the status of the volume is impaired

For more information on Volume status checks, please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-status.html

The correct answer is: The check on the volume is still in progress.

Feedback about this question and answer

QUESTION 16

CORRECT

MARK 1 OUT OF 1

Submit Feedback

Which of the following can constitute the term of a 'Golden Image'

Please select :
A. This is the basic AMI which is available in AWS.

B. This refers to an instance which has been bootstraped.

C. This refers to an AMI that has been constructed from a customized Image. 

D. This refers to a special type of Linux AMI.

Your answer is correct.

Answer - C

You can customize an Amazon EC2 instance and then save its con guration by creating an Amazon Machine Image
(AMI). You can launch as many instances from the AMI as you need, and they will all include those customizations that
you’ve made. Each time you want to change your con guration you will need to create a new golden image, so you will
need to have a versioning convention to manage your golden images over time

Because of the above explanation , all of the remaining options are automatically invalid.

For more information on AMI’s, please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html

The correct answer is: This refers to an AMI that has been constructed from a customized Image.

Feedback about this question and answer


QUESTION 17

CORRECT

MARK 1 OUT OF 1

Submit Feedback

When designing a health check for your web application which is hosted behind an elastic load balancer, which
of the following health checks is ideal to implement

Please select :
A. A TCP health check

B. A UDP health check

C. A HTTP health check 

D. A combination of TCP and UDP health checks

Your answer is correct.

Answer - C

Option B and D is invalid because UDP health checks are not possible

Option A is partially valid. A simple TCP health check would not detect the scenario where the instance itself is healthy,
but the web server process has crashed. Instead, you should assess whether the web server can return a HTTP 200
response for some simple request. 

For more information on ELB health checks, please visit the below URL:

http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-healthchecks.html

The correct answer is: A HTTP health check

Feedback about this question and answer

QUESTION 18

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

Which of the following is an example of synchronous replication which occurs in the AWS service?

Please select :
A. AWS RDS Read Replica's for MySQL, MariaDB and PostgreSQL 

B. AWS Multi-AZ RDS

C. Redis engine for Amazon ElastiCache replication

D. AWS RDS Read Replica's for Oracle


Your answer is incorrect.

Answer - B

Amazon RDS Multi-AZ deployments provide enhanced availability and durability for Database (DB) Instances, making
them a natural t for production database workloads. When you provision a Multi-AZ DB Instance, Amazon RDS
automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a di erent
Availability Zone (AZ).

For more information on Multi-AZ, please visit the below URL:

https://aws.amazon.com/rds/details/multi-az/

Option A is invalid because Amazon RDS takes a snapshot of the source instance and creates a read-only instance from
the snapshot. For MySQL, MariaDB and PostgreSQL, Amazon RDS  uses those engines' native asynchronous replication
to update the read replica whenever there is a change to the source DB instance.

Option C is invalid, because the Redis engine for Amazon ElastiCache supports replication with automatic failover, but
the Redis engine’s replication is asynchronous

Option D is invalid because this is not supported by AWS.

The correct answer is: AWS Multi-AZ RDS

Feedback about this question and answer

QUESTION 19

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You want to get the reason for your EC2 Instance termination from the CLI. Which of the below commands is
ideal in getting the reason.

Please select :
A. aws ec2 describe-instances 

B. aws ec2 describe-images

C. aws ec2 get-console-screenshot

D. aws ec2 describe-volume-status

Your answer is correct.

Answer - A

When you execute the AWS ec2 describe-instances CLI command with the instance_id as shown below

AWS ec2 describe-instances --instance-id instance_id

In the JSON response that's displayed, locate the StateReason element.

An example is shown below. This will help in understanding why the instance was shutdown.

"StateReason": {

  "Message": "Client.UserInitiatedShutdown: User initiated shutdown",


  "Code": "Client.UserInitiatedShutdown"

},

For more information on the command, please visit the below URL:

http://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html

Option B is invalid because this command describes one or more of the images (AMIs, AKIs, and ARIs) available to you

Option C is invalid because retrieve a JPG-format screenshot of a running instance. This might not help to the complete
extent of understanding why the instance was terminated.

Option D is invalid because this command describes the status of the speci ed volumes.

The correct answer is: aws ec2 describe-instances

Feedback about this question and answer

QUESTION 20

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

When using the following AWS services, which should be implemented in multiple Availability Zones for high
availability solutions?
Choose 2 answers from the options below.

Please select :
A.  Amazon DynamoDB

B. Amazon Elastic Compute Cloud (EC2) 

C. Amazon Elastic Load Balancing

D. Amazon Simple Storage Service (S3) 

Your answer is incorrect.

Answer – B and C

The below snapshot from the AWS documentation shows how the ELB and EC2 instances get setup for high availability.
You have the ELB placed in front of the instances. The instances are placed in di erent AZ’s.
 

For more information on the ELB,  please visit the below URL:

https://aws.amazon.com/elasticloadbalancing/

Option A is wrong because the service runs across Amazon’s proven, high-availability data centers. The service
replicates data across three facilities in an AWS Region to provide fault tolerance in the event of a server failure or
Availability Zone outage.

Option D is wrong because Amazon S3 Standard and Standard - IA redundantly stores your objects on multiple devices
across multiple facilities in an Amazon S3 Region. The service is designed to sustain concurrent device failures by
quickly detecting and repairing any lost redundancy

The correct answers are: Amazon Elastic Compute Cloud (EC2), Amazon Elastic Load Balancing

Feedback about this question and answer

QUESTION 21

CORRECT

MARK 1 OUT OF 1

Submit Feedback

An application is currently con gured on an EC2 instance to process messages in SQS. The queue has been
created with the default settings. The application is con gured to just read the messages once a week. It has
been noticed that not all the messages are being picked by the application. What could be the issue?

Please select :
A. The application is con gured to long polling, so some messages are not being picked up

B. The application is con gured to short polling, so some messages are not being picked up

C. Some of the messages have surpassed the retention period de ned for the queue 

D. Some of the messages don’t have the right permissions to be picked up by the application
Your answer is correct.

Answer - C

When you create an SQS with the default options , the message retention period is 4 days. So if the application is
processing the messages just once a week there are chances that messages sent at the start of the week will get
deleted before it can be picked up by the application.

Option A and B are invalid , because even if you use short or long polling , the application should be able to read the
messages eventually.

Option D is invalid because you can provide permissions at the queue level.

For more information on SQS,  please visit the below URL:

https://aws.amazon.com/sqs/faqs/

The correct answer is: Some of the messages have surpassed the retention period de ned for the queue

Feedback about this question and answer

QUESTION 22

CORRECT

MARK 1 OUT OF 1

Submit Feedback

Your application is on an EC2 instance in AWS. Users use the application to upload a le to S3. The message
rst goes to an SQS queue , before it is picked up by a worker process, which fetches the object and uploads it
to S3. An email is then sent on successful completion of the upload. You notice though that you are getting
numerous emails for each request, when ideally you should be getting only one nal email noti cation for
each successful upload. Which of the below could be the possible reasons for this.

Please select :
A. The application is con gured for long polling so the messages are being picked up multiple times.

B. The application is not deleting the messages from SQS. 

C. The application is con gured to short polling, so some messages are not being picked up
D. The application is not reading the message properly from the SQS queue.

Your answer is correct.

Answer – B

When you look at the Message lifecycle from AWS for SQS queues , one of the most important aspect is to delete the
messages after they have been read from the queue.

Option A and C are invalid because even if you use short or long polling , the application should be able to read the
messages eventually. The main part is that the deletion of messages is not happening after they have been read.

Option D is invalid because if the messages are not being read properly , then the application should not send
successful noti cations.

For more information on SQS message lifecycle,  please visit the below URL:

http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-message-lifecycle.html

The correct answer is: The application is not deleting the messages from SQS.

Feedback about this question and answer

QUESTION 23

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You have created your own VPC and subnet in AWS. You have launched an instance in that subnet. You have
noticed that the instance is not receiving a DNS name. Which of the below options could be a valid reason for
this issue.

Please select :
A. The CIDR block for the VPC is invalid

B. The CIDR block for the subnet is invalid 

C. The VPC con guration needs to be changed.

D. The subnet con guration needs to be changed.


Your answer is incorrect.

Answer – C

If the DNS hostnames option of the VPC is not set to ‘Yes’ then the instances launched in the subnet will not get DNS
Names.

You can change the option by choosing your VPC and clicking on ‘Edit DNS Hostnames’

Option A and B are invalid because if the CIDR blocks were invalid then the VPC or subnet would not be created.

Option D is invalid because the subnet con guration does not have the e ect on the DNS hostnames.

For more information on VPC’s,  please visit the below URL:

https://aws.amazon.com/vpc/

The correct answer is: The VPC con guration needs to be changed.

Feedback about this question and answer

QUESTION 24

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You have created your own VPC and subnet in AWS. You have launched an instance in that subnet. You have
attached an internet gateway to the VPC and seen that the instance has a public IP. The Route table is shown
below
 

The instance still cannot be reached from the Internet. Which of the below changes need to be made to the
route table to ensure that the issue can be resolved.

Please select :
A. Add the following entry to the route table – 0.0.0.0/0->Internet Gateway

B. Modify the above route table – 10.0.0.0/16 ->Internet Gateway 

C. Add the following entry to the route table – 10.0.0.0/16 ->Internet Gateway

D. Add the following entry to the route table - 0.0.0.0/16->Internet Gateway

Your answer is incorrect.

Answer – A

The Route  table need to be modi ed as shown below to ensure that the routes from the internet can reach the
instance

Hence by default all other options become invalid

For more information on Route Tables,  please visit the below URL:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html

The correct answer is: Add the following entry to the route table – 0.0.0.0/0->Internet Gateway

Feedback about this question and answer

QUESTION 25

INCORRECT

MARK 0 OUT OF 1

Submit Feedback
You wanted to have a VPC created in AWS which will host an application. The application will just consist of
web and database servers. The application just requires to be accessed from the internet by internet users.
Which of the following VPC con guration wizards options would you use

Please select :
A. VPC with a Single Public Subnet Only 

B. VPC with Public and Private Subnets

C. VPC with Public and Private Subnets and Hardware VPN Access

D. VPC with a Private Subnet Only and Hardware VPN Access

Your answer is incorrect.

Answer – B

The con guration for this scenario includes a virtual private cloud (VPC) with a public subnet and a private subnet. We
recommend this scenario if you want to run a public-facing web application, while maintaining back-end servers that
aren't publicly accessible. A common example is a multi-tier website, with the web servers in a public subnet and the
database servers in a private subnet. You can set up security and routing so that the web servers can communicate
with the database servers.

Option A is invalid , because ideally you need a private subnet to host the database server.

Option C and D are invalid because there is no case of accessing the application from on-premise locations using VPN
connections.

For more information on this scenario,  please visit the below URL:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html

The correct answer is: VPC with Public and Private Subnets

Feedback about this question and answer

QUESTION 26

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

Which of the following statements are true with regards to EBS Volumes. Choose 3 correct answers from the
options given below

Please select :
A. EBS Volumes are automatically replicated within that zone to prevent data loss due to failure of any single
hardware component 

B. EBS Volumes can be attached to any EC2 Instance in any AZ. 

C. After you attach a volume, it appears as a native block device similar to a hard drive or other physical device.

D. An EBS volume can be attached to only one instance at a time 


Your answer is incorrect.

Answer - A, C and D

When you create an EBS volume in an Availability Zone, it is automatically replicated within that zone to prevent data
loss due to failure of any single hardware component. After you create a volume, you can attach it to any EC2 instance
in the same Availability Zone. After you attach a volume, it appears as a native block device similar to a hard drive or
other physical device. At that point, the instance can interact with the volume just as it would with a local drive; the
instance can format the EBS volume with a le system, such as ext3, and then install applications.

An EBS volume can be attached to only one instance at a time within the same Availability Zone. However, multiple
volumes can be attached to a single instance.

 Option B is invalid because you can attach EBS Volumes to any EC2 instance in the same Availability Zone only

For more information on EBS Volumes,  please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html

The correct answers are: EBS Volumes are automatically replicated within that zone to prevent data loss due to failure
of any single hardware component, After you attach a volume, it appears as a native block device similar to a hard drive
or other physical device., An EBS volume can be attached to only one instance at a time

Feedback about this question and answer

QUESTION 27

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You are a solutions architect working for a large oil and gas company. Your company runs their production
environment on AWS and has a custom VPC. The VPC contains 3 subnets, 1 of which is public and the other 2
are private. Inside the public subnet is a eet of EC2 instances which are the result of an autoscaling group. All
EC2 instances are in the same security group. Your company has created a new custom application which
connects to mobile devices using a custom port. This application has been rolled out to production and you
need to open this port globally to the internet. What steps should you take to do this, and how quickly will the
change occur?

Please select :
A. Open the port on the existing network Access Control List. Your EC2 instances will be able to communicate on
this port after a reboot.

B. Open the port on the existing network Access Control List. Your EC2 instances will be able to
communicate over this port immediately. 

C. Open the port on the existing security group. Your EC2 instances will be able to communicate over this
port immediately.

D. Open the port on the existing security group. Your EC2 instances will be able to communicate over this port as
soon as the relevant Time To Live (TTL) expires.

Your answer is incorrect.


Answer – C

One can use the Security Group , change the Inbound Rules so that the tra c will be allowed on the custom port.

When you make a change to the Security Groups or Network ACL’s , they are applied immediately

This is clearly given in the AWS documentation

For more information on Security Groups, please refer to the below link

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html

The correct answer is: Open the port on the existing security group. Your EC2 instances will be able to communicate
over this port immediately.

Feedback about this question and answer

QUESTION 28

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You are designing various CloudFormation templates, each template to be used for a di erent purpose. What
determines the cost of using the CloudFormation templates?

Please select :
A. CloudFormation does not have a cost itself. 

B. You are charged based on the size of the template.

C. You are charged based on the time it takes to launch the template.

D. It has a basic charge of $1.10

Your answer is correct.

Answer – A

If you look at the AWS Documentation, this is clearly given.


 

You only get charged for the underlying resources created using Cloud Formation templates.

So , because of the explanation , all other options automatically become invalid.

For more information on Cloudformation,  please visit the below URL:

https://aws.amazon.com/cloudformation/faqs/

The correct answer is: CloudFormation does not have a cost itself.

Feedback about this question and answer

QUESTION 29

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You are creating a number of EBS Volumes for your EC2 instances. You are concerned on the backups of the
EBS Volumes. Which of the below is a way to backup the EBS Volumes

Please select :
A. Con gure Amazon Storage Gateway with EBS volumes as the data source and store the backups on premise
through the storage gateway 

B. Write a cronjob that uses the AWS CLI to take a snapshot of production EBS volumes.

C. Use a lifecycle policy to back up EBS volumes stored on Amazon S3 for durability

D. Write a cronjob on the server that compresses the data and then copy it to Glacier

Your answer is incorrect.

Answer – B

A point-in-time snapshot of an EBS volume, can be used as a baseline for new volumes or for data backup. If you make
periodic snapshots of a volume, the snapshots are incremental—only the blocks on the device that have changed after
your last snapshot are saved in the new snapshot. Even though snapshots are saved incrementally, the snapshot
deletion process is designed so that you need to retain only the most recent snapshot in order to restore the entire
volume.

You can create a snapshot via the CLI command – create-snapshot

Option A is incorrect because you normally use the Storage gateway to backup your on-premise data.

Option C is incorrect because this is used for S3 storage

Option D is incorrect because compression is another maintenance task and storing it in Glacier is not an ideal option

For more information on snapshots,  please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-snapshot.html
The correct answer is: Write a cronjob that uses the AWS CLI to take a snapshot of production EBS volumes.

Feedback about this question and answer

QUESTION 30

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You are planning on hosting a static website on an EC2 Instance. Which of the below aspects can be used to
create a highly available environment. Choose 3 answers from the options given below

Please select :
A. An auto scaling group to recover from EC2 instance failures 

B. Elastic Load Balancer 

C. An SQS queue

D. Multiple Availability Zones 

Your answer is correct.

Answer - A,B and D

The diagram below shows an example of a high available architecture for hosting EC2 Instances

Here you have the

1)      ELB which is placed in front of the users which helps in directing the tra c to the EC2 Instances.

2)      The EC2 Instances which are placed as part of an AutoScaling Group

3)      And then you have multiple subnets which are mapped to multiple availability zones

For a static web site , the SQS is not required to build such an environment. If you have a system such as an order
processing systems , which has that sort of queuing of requests , then that could be a candidate for using SQS Queues.
For more information on high availability,  please visit the below URL:

https://media.amazonwebservices.com/architecturecenter/AWS_ac_ra_ftha_04.pdf

The correct answers are: An auto scaling group to recover from EC2 instance failures, Elastic Load Balancer, Multiple
Availability Zones

Feedback about this question and answer

QUESTION 31

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You have a set of IIS Servers running on EC2 instances for a high tra c web site. You want to collect and
process the log les generated from the IIS Servers. Which of the below services is ideal to run in this scenario

Please select :
A. Amazon S3 for storing the log les and Amazon EMR for processing the log les

B. Amazon S3 for storing the log les and EC2 Instances for processing the log les

C. Amazon EC2 for storing and processing the log les

D. Amazon DynamoDB to store the logs and EC2 for running custom log analysis scripts 

Your answer is incorrect.

Answer – A

Amazon EMR is a managed cluster platform that simpli es running big data frameworks, such as Apache
Hadoop and Apache Spark, on AWS to process and analyze vast amounts of data. By using these frameworks and
related open-source projects, such as Apache Hive and Apache Pig, you can process data for analytics purposes and
business intelligence workloads. Additionally, you can use Amazon EMR to transform and move large amounts of data
into and out of other AWS data stores and databases, such as Amazon Simple Storage Service (Amazon S3) and
Amazon DynamoDB.

Option B and C , even though partially correct would be an overhead for EC2 Instances to process the log les when
you already have a ready made service which can help in this regard

Option D is in invalid because DynamoDB is not an ideal option to store log les.

For more information on EMR,  please visit the below URL:

http://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-what-is-emr.html

The correct answer is: Amazon S3 for storing the log les and Amazon EMR for processing the log les

Feedback about this question and answer

QUESTION 32

CORRECT
MARK 1 OUT OF 1

Submit Feedback

You are trying to con gure Cross Region Replication for your S3 bucket. But you are not able to select the
option of Cross Region Replication and is disabled.
Which of the below could be the possible reasons for this ?

Please select :
A. The feature is not available in that region

B. You need to enable versioning on the bucket 

C. The source region is currently down

D. The destination region is currently down

Your answer is correct.

Answer – B

Requirements for cross-region replication:

The source and destination buckets must be versioning-enabled.


The source and destination buckets must be in di erent AWS regions.
You can replicate objects from a source bucket to only one destination bucket.
Amazon S3 must have permission to replicate objects from that source bucket to the destination bucket on your
behalf.
If the source bucket owner also owns the object, the bucket owner has full permissions to replicate the object. If not,
the source bucket owner must have permission for the Amazon S3
actions s3:GetObjectVersion and s3:GetObjectVersionACL to read the object and object ACL.
If you are setting up cross-region replication in a cross-account scenario (where the source and destination buckets
are owned by di erent AWS accounts), the source bucket owner must have permission to replicate objects in the
destination bucket.

The destination bucket owner needs to grant these permissions via a bucket policy.

Option A is invalid , because it is available in all regions

Option C is invalid because if so, then you would not be able to access S3 in that region

Option D is invalid because you have not reached the con guration stage to select the destination bucket

For more information on S3 Cross Region Replication,  please visit the below URL:

https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html

The correct answer is: You need to enable versioning on the bucket

Feedback about this question and answer

QUESTION 33

CORRECT
MARK 1 OUT OF 1

Submit Feedback

What is the amount of temp space is allocated to you when using Lambda functions per invocation.

Please select :
A. 256 MB

B. 512 MB 

C. 2 GiB

D. 16 GiB

Your answer is correct.

Answer – B

The below snapshot from the AWS documentation lists some of the service limits with AWS Lambda

For more information on AWS Lambda,  please visit the below URL:

http://docs.aws.amazon.com/lambda/latest/dg/limits.html

The correct answer is: 512 MB

Feedback about this question and answer

QUESTION 34

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You have a requirement to create a subnet in an AWS VPC which will host around 20 hosts. This subnet will be
used to host web servers. Which of the below could be the possible CIDR block allocated for the subnet
Please select :
A. 10.0.1.0/27

B. 10.0.1.0/28 

C. 10.0.1.0/29

D. 10.0.1.0/30

Your answer is incorrect.

Answer - A

With this con guration you can have 27 allowable hosts which ts the requirement.

Option B is invalid because you can have only a maxiumum of 16 hosts with this con guration

Option C and D are invalid because you can assign a single CIDR block to a VPC. The allowed block size is between a /16
netmask and /28 netmask.

For more information on Subnets,  please visit the below URL:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html

The correct answer is: 10.0.1.0/27

Feedback about this question and answer

QUESTION 35

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You run a website which hosts videos and you have two types of members, premium fee paying members and
free members. All videos uploaded by both your premium members and free members are processed by a
eet of EC2 instances which will poll SQS as videos are uploaded. However you need to ensure that your
premium fee paying members videos have a higher priority than your free members. How do you design SQS?

Please select :
A. SQS allows you to set priorities on individual items within the queue, so simply set the fee paying members at
a higher priority than your free members.

B. Create two SQS queues, one for premium members and one for free members. Program your EC2 eet to poll
the premium queue rst and if empty, to then poll your free members SQS queue. 

C. SQS would not be suitable for this scenario. It would be much better to use SNS to encode the videos.

D. Use SNS to notify when a premium member has uploaded a video and then process that video accordingly.

Your answer is correct.

Answer – B

In this case, you can have multiple SQS queues. The SQS queues for the premium members can be polled rst by the
EC2 Instances and then those messages can be processed.
For information on SQS best practices, please refer to the below link

http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-best-practices.html

The correct answer is: Create two SQS queues, one for premium members and one for free members. Program your
EC2 eet to poll the premium queue rst and if empty, to then poll your free members SQS queue.

Feedback about this question and answer

QUESTION 36

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

Which of the following services does not natively encrypts data at rest within an AWS region? (Choose two.)

Please select :
A. AWS Storage Gateway 

B. Amazon DynamoDB

C. Amazon CloudFront

D. Amazon Glacier 

E. Amazon Simple Queue Service

Your answer is incorrect.

Answer – C and E

CloudFront and SQS do not have Encryption at Rest.

All remaining options have Encryption at Rest.

This is clearly given in the AWS documentation

For information on Amazon Glacier, please refer to the below link:

https://aws.amazon.com/glacier/faqs/

For information on Amazon Storage gateways, please refer to the below link:

https://aws.amazon.com/storagegateway/faqs/

On Feb 8 2018, Amazon announced Encryption at Rest for DynamoDB


For information on Amazon DynamoDb Encryption at Rest, please refer to the below link:

https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/EncryptionAtRest.html

The correct answers are: Amazon CloudFront, Amazon Simple Queue Service

Feedback about this question and answer

QUESTION 37

CORRECT

MARK 1 OUT OF 1

Submit Feedback

In a VPC, you have launched two web servers and attached to an internet facing ELB. Both your web servers
and ELB are located in the public subnet. Yet, you are still not able to access your web application via the ELB's
DNS through the internet. What could be done to resolve this issue?

Please select :
A. Attach an Internet gateway to the VPC and route it to the subnet 

B. Add an elastic IP address to the instance

C. Use Amazon Elastic Load Balancer to serve requests to your instances located in the internal subnet

D. Recreate the instances again

Your answer is correct.

Answer – A

You need to ensure that the VPC has an internet gateway attached and the route table properly con gured for the
subnet.

Option B is invalid because even the ELB is not accessible from the internet.
Option C is invalid because the instances and ELB is not reachable via internet if no internet gateway is attached to the
VPC.

Option D is invalid because this will not have an impact on the issue.

For more information on troubleshooting ELB,  please visit the below URL:

https://aws.amazon.com/premiumsupport/knowledge-center/elb-connectivity-troubleshooting/

The correct answer is: Attach an Internet gateway to the VPC and route it to the subnet

Feedback about this question and answer

QUESTION 38

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You want to ensure that you keep a check on the Active Volumes , Active snapshots and Elastic IP addresses
you use so that you don’t go beyond the service limit. Which of the below services can help in this regard?

Please select :
A. AWS Cloudwatch 

B. AWS EC2

C. AWS Trusted Advisor

D. AWS SNS

Your answer is incorrect.

Answer - C

An online resource to help you reduce cost, increase performance, and improve security by optimizing your AWS
environment, Trusted Advisor provides real time guidance to help you provision your resources following AWS best
practices.

Below is a snapshot of the service limits it can monitor


 

Option A is invalid because even though you can monitor resources , it cannot be checked against the service limit.

Option B is invalid because this is the Elastic Compute cloud service

Option D is invalid because it can be send noti cation but not check on service limits

For more information on the Trusted Advisor monitoring,  please visit the below URL:

https://aws.amazon.com/premiumsupport/ta-faqs/

The correct answer is: AWS Trusted Advisor

Feedback about this question and answer

QUESTION 39

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You are building an automated transcription service in which Amazon EC2 worker instances process an
uploaded audio le and generate a text le. You must store both of these les in the same durable storage
until the text le is retrieved. You do not know what the storage capacity requirements are. Which storage
option is both cost-e cient and scalable?

Please select :
A. Multiple Amazon EBS volume with snapshots

B. A single Amazon Glacier vault

C. A single Amazon S3 bucket 

D. Multiple instance stores

Your answer is correct.

Answer – C
The AWS Simple Storage service is the best option for this scenario. The AWS documentation provides the following
information on the Simple Storage service

Amazon S3 is object storage built to store and retrieve any amount of data from anywhere – web sites and mobile
apps, corporate applications, and data from IoT sensors or devices. It is designed to deliver 99.999999999% durability,
and stores data for millions of applications used by market leaders in every industry

For more information on the Simple Storage Service, please refer to the below link

https://aws.amazon.com/s3/

The correct answer is: A single Amazon S3 bucket

Feedback about this question and answer

QUESTION 40

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You are an AWS Administrator for your company. The company currently has a set of AWS resources hosted in
a particular region. You have been requested by your supervisor to create a script which could create
duplicate resources in another region incase of a disaster. Which of the below AWS services could help ful l
this requirement.

Please select :
A. AWS Elastic Beanstalk

B. AWS SQS

C. AWS Cloudformation 

D. AWS SNS

Your answer is correct.

Answer – C

AWS CloudFormation is a service that helps you model and set up your Amazon Web Services resources so that you
can spend less time managing those resources and more time focusing on your applications that run in AWS. You
create a template that describes all the AWS resources that you want (like Amazon EC2 instances or Amazon RDS DB
instances), and AWS CloudFormation takes care of provisioning and con guring those resources for you.

Option A is invalid because this is good to get a certain set of de ned resources up and running. But It cannot be used
to duplicate infrastructure as code.

Option B is invalid because this is the Simple Queue Service which is used for sending messages.

Option D is invalid because this is the Simple Noti cation service that is used for sending noti cations.

For more information on Cloudformation,  please visit the below URL:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html

The correct answer is: AWS Cloudformation

Feedback about this question and answer


QUESTION 41

CORRECT

MARK 1 OUT OF 1

Submit Feedback

What are bastion hosts?

Please select :
A. They are instances in the public subnet which are used as a jump server to resources within other subnets.

B. They are instances in the private subnet which are used as a jump server to resources within other subnets.

C. They are instances in the public subnet which are used to host web resources that can be accessed by users.

D. They are instances in the private subnet which are used to host web resources that can be accessed by users.

Your answer is correct.

Answer – A

As the number of EC2 instances in your AWS environment grows, so too does the number of administrative access
points to those instances. Depending on where your administrators connect to your instances from, you may consider
enforcing stronger network-based access controls. A best practice in this area is to use a bastion. A bastion is a special
purpose server instance that is designed to be the primary access point from the Internet and acts as a proxy to your
other EC2 instances.

The below picture from the AWS documentation shows the setup of the bastion hosts in a public subnet.
 

Option B is invalid because bastion hosts need to be in the public subnet

Option C and D are invalid because bastion hosts are not used to host web resources.

For more information on Bastion hosts,  please visit the below URL:

https://aws.amazon.com/blogs/security/controlling-network-access-to-ec2-instances-using-a-bastion-server/

The correct answer is: They are instances in the public subnet which are used as a jump server to resources within
other subnets.
Feedback about this question and answer

QUESTION 42

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You have several AWS reserved instances in your account. They have been running for some time, but now
need to be shutdown since they are no longer required. The data is still required for future purposes. Which of
the below possible 2 steps can be taken.

Please select :
A. Convert the instance to on-demand instances 

B. Sell the instances on the AWS Reserved Instance Marketplace

C. Take snapshots of the EBS volumes and terminate the instances 

D. Convert the instance to spot instances

Your answer is incorrect.

Answer - B and C

The Reserved Instance Marketplace is a platform that supports the sale of third-party and AWS customers' unused
Standard Reserved Instances, which vary in term lengths and pricing options. For example, you may want to sell
Reserved Instances after moving instances to a new AWS region, changing to a new instance type, ending projects
before the term expiration, when your business needs change, or if you have unneeded capacity

For more information on selling instances,  please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html

Since the data is still required , its better to take snapshots of the existing volumes and then terminate the instances.

For more information on EBS Snapshots,  please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html

Option A and D are invalid , because you cannot convert Reserved instances to either on-demand instances or Spot
Instances.

The correct answers are: Sell the instances on the AWS Reserved Instance Marketplace, Take snapshots of the EBS
volumes and terminate the instances

Feedback about this question and answer

QUESTION 43

CORRECT

MARK 1 OUT OF 1
Submit Feedback

You have an EC2 Instance in a particular region. This EC2 Instance has a precon gured software running on it.
You have been requested to create a disaster recovery solution incase the instance in the region fails. Which of
the following is the best solution.

Please select :
A. Create a duplicate EC2 Instance in another AZ. Keep it in the shutdown state. When required , bring it back up.

B. Backup the EBS data volume. If the instance fails , bring up a new EC2 instance and attach the volume.

C. Store the EC2 data on S3. If the instance fails , bring up a new EC2 instance and restore the data from S3.

D. Create an AMI of the EC2 Instance and copy it to another region 

Your answer is correct.

Answer - D

You can copy an Amazon Machine Image (AMI) within or across an AWS region using the AWS Management Console,
the AWS command line tools or SDKs, or the Amazon EC2 API, all of which support the CopyImage action. You can copy
both Amazon EBS-backed AMIs and instance store-backed AMIs. You can copy AMIs with encrypted snapshots and
encrypted AMIs.

Copying a source AMI results in an identical but distinct target AMI with its own unique identi er. In the case of an
Amazon EBS-backed AMI, each of its backing snapshots is, by default, copied to an identical but distinct target
snapshot.

Option A is invalid , because it is a maintenance overhead to maintain another non-running instance

Option B is invalid , because the pre-con gured software could have settings on the root volume

Option C is invalid because this is a long and ine cient way to restore a failed instance

For more information on Copying AMI’s,  please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html

The correct answer is: Create an AMI of the EC2 Instance and copy it to another region

Feedback about this question and answer

QUESTION 44

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You have an EC2 instance located in a subnet in AWS. You have installed a web application on this instance.
The security group attached to this instance is shown below
 

The VPC has the following Route table attached to it

   

You can SSH into the instance from the internet, but you are not able to access the web server via the web
browser. Which of the below steps would resolve the issue?

Please select :
A. Add an HTTP rule to the Security Group

B. Remove the SSH rule from the security group

C. Add the route 10.0.0.0/16 -> igw-a97272cc to the Route Table

D. Add the route 0.0.0.0/0 -> local to the Route Table 

Your answer is incorrect.

Answer – A

You need to add the following security rule so that you can access HTTP tra c to the server. Add the rules to the
security group as desired.

Option B is invalid because then you will not be able to access the server via SSH

Option C and D are invalid because these routes are not ideal routes to add to the VPC.

For more information on security groups,  please visit the below URL:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html
The correct answer is: Add an HTTP rule to the Security Group

Feedback about this question and answer

QUESTION 45

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

Amazon’s Redshift uses which block size for its columnar storage

Please select :
A. 2KB

B. 8KB

C. 16KB

D. 32KB 

E. 1024KB

Your answer is incorrect.

Answer - E

Columnar storage for database tables is an important factor in optimizing analytic query performance because it
drastically reduces the overall disk I/O requirements and reduces the amount of data you need to load from disk.

Typical database block sizes range from 2 KB to 32 KB. Amazon Redshift uses a block size of 1 MB, which is more
e cient and further reduces the number of I/O requests needed to perform any database loading or other operations
that are part of query execution.

For more information on Redshift column storage,  please visit the below URL:

http://docs.aws.amazon.com/redshift/latest/dg/c_columnar_storage_disk_mem_mgmnt.html

The correct answer is: 1024KB

Feedback about this question and answer

QUESTION 46

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You working in the media industry and you have created a web application where users will be able to upload
photos they create to your website. This web application must be able to call the S3 API in order to be able to
function. Where should you store your API credentials whilst maintaining the maximum level of security.

Please select :
A. Save the API credentials to your php les.

B. Don’t save your API credentials. Instead create a role in IAM and assign this role to an EC2 instance when you
rst create it. 

C. Save your API credentials in a public Github repository.

D. Pass API credentials to the instance using instance userdata.

Your answer is correct.

Answer – B

Applications must sign their API requests with AWS credentials. Therefore, if you are an application developer, you
need a strategy for managing credentials for your applications that run on EC2 instances. For example, you can
securely distribute your AWS credentials to the instances, enabling the applications on those instances to use your
credentials to sign requests, while protecting your credentials from other users. However, it's challenging to securely
distribute credentials to each instance, especially those that AWS creates on your behalf, such as Spot Instances or
instances in Auto Scaling groups. You must also be able to update the credentials on each instance when you rotate
your AWS credentials.

IAM roles are designed so that your applications can securely make API requests from your instances, without
requiring you to manage the security credentials that the applications use.

For more information on IAM Roles,  please visit the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

The correct answer is: Don’t save your API credentials. Instead create a role in IAM and assign this role to an EC2
instance when you rst create it.

Feedback about this question and answer

QUESTION 47

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You are a systems administrator and you need to monitor the health of your production environment. You
decide to do this using Cloud Watch, however you notice that you cannot see the health of every important
metric in the default dash board. Which of the following metrics do you need to design a custom cloud watch
metric for, when monitoring the health of your EC2 instances?

Please select :
A. CPU Usage

B. Memory usage

C. Disk read operations 

D. Network in

Your answer is incorrect.

Answer - B
When you look at your cloudwatch metric dashboard , you can see the metrics for CPU Usage , Disk read operations
and Network in

You need to add a custom metric for Memory Usage. An example of enabling the custom metric is shown below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/mon-scripts.html

The correct answer is: Memory usage

Feedback about this question and answer

QUESTION 48

CORRECT

MARK 1 OUT OF 1

Submit Feedback

In order for an EC2 instance to be accessed from the internet , which of the following are required. Choose 3
answers from the options given below

Please select :
A. An Internet gateway attached to the VPC 

B. A private IP address attached to the instance

C. A public IP address attached to the instance 

D. A route entry to the Internet gateway in the Route table 

Your answer is correct.

Answer - A,C and D

The below image shows the con guration of an instance which can be accessed from the internet. The key
requirements are
1)      An Internet gateway attached to the VPC

2)      A public IP or elastic IP address attached to the instance

3)      A route entry to the Internet gateway in the Route table

   

Option B is invalid , because this is only required for communication between instances in the VPC.

For more information on Public subnets , please refer to the below URL:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario1.html

The correct answers are: An Internet gateway attached to the VPC, A public IP address attached to the instance, A route
entry to the Internet gateway in the Route table

Feedback about this question and answer

QUESTION 49

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You are IOT sensors to monitor the number of bags that are handled at an airport. The data gets sent back to
a Kinesis stream with default settings. Every alternate day, the data from the stream is sent to S3 for
processing. But you notice that S3 is not receiving all of the data that is being sent to the Kinesis stream. What
could be the reason for this.

Please select :
A. The sensors probably stopped working on some days hence data is not sent to the stream.
B. S3 can only store data for a day

C. Data records are only accessible for a default of 24 hours from the time they are added to a stream 

D. Kinesis streams are not meant to handle IoT related data

Your answer is correct.

Answer – C

Kinesis Streams supports changes to the data record retention period of your stream. An Kinesis stream is an ordered
sequence of data records meant to be written to and read from in real-time. Data records are therefore stored in
shards in your stream temporarily. The time period from when a record is added to when it is no longer accessible is
called the retention period. An Kinesis stream stores records from 24 hours by default, up to 168 hours.

Option A , even though a possibility , cannot be taken for granted as the right option.

Option B is invalid since S3 can store data inde ntely unless you have a lifecycle policy de ned.

Option D is invalid because the Kinesis service is perfect for this sort of data injestion

For more information on Kinesis data retention , please refer to the below URL:

http://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html

The correct answer is: Data records are only accessible for a default of 24 hours from the time they are added to a
stream

Feedback about this question and answer

QUESTION 50

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

A customer wants to track access to their Amazon Simple Storage Service (S3) buckets and also use this
information for their internal security and access audits. Which of the following will meet the Customer
requirement?

Please select :
A. Enable AWS CloudTrail to audit all Amazon S3 bucket access. 

B. Enable server access logging for all required Amazon S3 buckets.

C. Enable the Requester Pays option to track access via AWS Billing

D. Enable Amazon S3 event noti cations for Put and Post.

Your answer is incorrect.

Answer – B

The AWS Documentation mentions the following on S3 Logging

In order to track requests for access to your bucket, you can enable access logging. Each access log record provides
details about a single access request, such as the requester, bucket name, request time, request action, response
status, and error code, if any. Access log information can be useful in security and access audits. 
For more information on the Simple Storage Service logging, please refer to the below link

http://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html

The correct answer is: Enable server access logging for all required Amazon S3 buckets.

Feedback about this question and answer

QUESTION 51

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You are de ned the following Network ACL for your subnet
 

What will be the outcome when a workstation of IP 54.12.34.34 tries to access your subnet

Please select :
A. The request will be allowed

B. The request will be denied 

C. The request will be allowed initially and then denied

D. The request will be denied initially and then allowed

Your answer is incorrect.

Answer - A

The following are the parts of a network ACL rule:

Rule number. Rules are evaluated starting with the lowest numbered rule. As soon as a rule matches tra c, it's
applied regardless of any higher-numbered rule that may contradict it.

Now since the rst rule number is 100 and allows all tra c , no matter what rule you put after that all tra c will be
allowed. Hence, all options except A are incorrect

For more information on Network ACL , please refer to the below URL:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html

The correct answer is: The request will be allowed

Feedback about this question and answer


QUESTION 52

CORRECT

MARK 1 OUT OF 1

Submit Feedback

Which procedure for backing up a relational database on EC2 that is using a set of RAlDed EBS volumes for
storage minimizes the time during which the database cannot be written to and results in a consistent
backup?

Please select :
A. 1. Detach EBS volumes, 2. Start EBS snapshot of volumes, 3. Re-attach EBS volumes

B. 1. Stop the EC2 Instance. 2. Snapshot the EBS volumes

C. 1. Suspend disk I/O, 2. Create an image of the EC2 Instance, 3. Resume disk I/O

D. 1. Suspend disk I/O, 2. Start EBS snapshot of volumes, 3. Resume disk I/O

E. 1. Suspend disk I/O, 2. Start EBS snapshot of volumes, 3. Wait for snapshots to complete, 4. Resume disk 

Your answer is correct.

Answer – E

The AWS Documentation mentions the following when considering snapshot for EBS Volumes in a RAID con guration

When you take a snapshot of an attached Amazon EBS volume that is in use, the snapshot excludes data cached by
applications or the operating system. For a single EBS volume, this is often not a problem. However, when cached data
is excluded from snapshots of multiple EBS volumes in a RAID array, restoring the volumes from the snapshots can
degrade the integrity of the array.

When creating snapshots of EBS volumes that are con gured in a RAID array, it is critical that there is no data I/O to or
from the volumes when the snapshots are created. RAID arrays introduce data interdependencies and a level of
complexity not present in a single EBS volume con guration.

For more information on this, please refer to the below link:

https://aws.amazon.com/premiumsupport/knowledge-center/snapshot-ebs-raid-array/

The correct answer is: 1. Suspend disk I/O, 2. Start EBS snapshot of volumes, 3. Wait for snapshots to complete, 4.
Resume disk

Feedback about this question and answer

QUESTION 53

CORRECT

MARK 1 OUT OF 1

Submit Feedback
You are a solutions architect working for a company. They store their data on S3, however recently an
someone accidentally deleted some critical les in S3. You’ve been asked to prevent this from happening in
the future. What options below can prevent this?

Please select :
A. Make sure you provide signed URL's to all users.

B. Enable S3 versioning and Multifactor Authentication (MFA) on the bucket. 

C. Use S3 Infrequently Accessed storage to store the data on.

D. Create an IAM bucket policy that disables deletes.

Your answer is correct.

Answer - B

Versioning is a means of keeping multiple variants of an object in the same bucket. You can use versioning to preserve,
retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily
recover from both unintended user actions and application failures.

You can optionally add another layer of security by con guring a bucket to enable MFA (Multi-Factor Authentication)
Delete, which requires additional authentication for either of the following operations.

1) Change the versioning state of your bucket

2) Permanently delete an object version

Option A is invalid because this would be a maintenance overhead

Option C is invalid because changing the storage option will not prevent accidential deletion.

Option D is invalid because the question does not ask to remove the delete permission completely.

For more information on S3 versioning , please refer to the below URL:

http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html

The correct answer is: Enable S3 versioning and Multifactor Authentication (MFA) on the bucket.

Feedback about this question and answer

QUESTION 54

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You run an automobile reselling company that has a popular online store on AWS. The application sits behind
an Auto Scaling group and requires new instances of the Auto Scaling group to identify their public and private
IP addresses. How can you achieve this?

Please select :
A. By using Ipcon g for windows or Ifcon g for Linux.

B. By using a cloud watch metric.

C. Using a Curl or Get Command to get the latest meta-data from http://169.254.169.254/latest/meta-data/ 
D. Using a Curl or Get Command to get the latest user-data from http://169.254.169.254/latest/user-data/

Your answer is correct.

Answer – C

To get the private and public IP addresses , you can run the following commands on the running instance

http://169.254.169.254/latest/meta-data/local-ipv4
http://169.254.169.254/latest/meta-data/public-ipv4

Option A is partially correct , but is an overhead when you already have the service running in AWS.

Option B is incorrect , because you cannot get the IP address from the cloudwatch metric.

Option D is incorrect , because user-data cannot get the IP addresses

For more information on instance metadata , please refer to the below URL:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html

The correct answer is: Using a Curl or Get Command to get the latest meta-data from
http://169.254.169.254/latest/meta-data/

Feedback about this question and answer

QUESTION 55

CORRECT

MARK 1 OUT OF 1

Submit Feedback

You are the solution architect for a company. The company has a requirement to deploy an application
which will need to have session management in place. Which of the following services can be used to
store session data for session management?

Please select :
A. AWS Storage Gateway, Elasticache & ELB

B. ELB, Elasticache & RDS

C. Cloudwatch, RDS & DynamoDb

D. RDS, DynamoDB & Elasticache. 

Your answer is correct.

Answer – D

These options are the best when it comes to storing session data.

Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache
in the cloud. The service improves the performance of web applications by allowing you to retrieve information from
fast, managed, in-memory data stores, instead of relying entirely on slower disk-based databases
For more information , please visit the below URL:

https://aws.amazon.com/elasticache/

For DynamoDB , this is also evident from the AWS documentation

For more information , please visit the below URL:

http://docs.aws.amazon.com/gettingstarted/latest/awsgsg-intro/gsg-aws-database.html

And by default , in the industry , RDS have been used to store session data.

The Elastic Load Balancer , AWS Storage Gateway  and Cloudwatch cannot store session data.

The correct answer is: RDS, DynamoDB & Elasticache.

Feedback about this question and answer

QUESTION 56

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

You are working for an Enterprise and have been asked to get a support plan in place from AWS.
1) 24x7 access to support
2) Access to the full set of Trusted Advisor checks
Which of the following would meet these requirements ensuring that cost is kept at a minimum

Please select :
A. Basic  

B. Developer

C. Business 

D. Enterprise

Your answer is incorrect.

Answer - C

Some of the features of Business support are

 1) 24x7 access to customer service, documentation, whitepapers, and support forums

2) Access to full set of Trusted Advisor checks

3) 24x7 access to Cloud Support Engineers via email, chat & phone
Option A and B are invalid because they have Access to 6 core Trusted Advisor checks only. And they don’t have 24*7
support

Option D is invalid because even though it ful ls all requirements , it is an expensive option and since Business support
already covers the requirement , this should be selected , when you are taking cost as an option.

For a full comparison of plans , please visit the following URL:

https://aws.amazon.com/premiumsupport/compare-plans/

The correct answer is: Business 

Feedback about this question and answer

QUESTION 57

CORRECT

MARK 1 OUT OF 1

Submit Feedback

Which of the following is incorrect with regards to Private IP addresses?


 

Please select :
A. In Amazon EC2 classic, the private IP addresses are only returned to Amazon EC2 when the instance is
stopped or terminated

B. In Amazon VPC, an instance retains its private IP addresses when the instance is stopped.
C. In Amazon VPC, an instance does NOT retain its private IP addresses when the instance is stopped. 

D. In Amazon EC2 classic, the private IP address is associated exclusively with the instance for its lifetime

Your answer is correct.

Answer - C

The following is true with regards to Private IP addressing

For instances launched in a VPC, a private IPv4 address remains associated with the network interface when the
instance is stopped and restarted, and is released when the instance is terminated.

For instances launched in EC2-Classic, we release the private IPv4 address when the instance is stopped or terminated.
If you restart your stopped instance, it receives a new private IPv4 address

For more information on IP addressing , please refer to the below link:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html

The correct answer is: In Amazon VPC, an instance does NOT retain its private IP addresses when the instance is
stopped.

Feedback about this question and answer

QUESTION 58

CORRECT

MARK 1 OUT OF 1

Submit Feedback

Which of the following are best practices for monitoring your EC2 Instances

Please select :
A. Create and implement a monitoring plan that collects monitoring data from all of the parts in your AWS
solution

B. Automate monitoring tasks as much as possible

C. Check the log les on your EC2 instances

D. All of the above 

Your answer is correct.

Answer – D

Use the following best practices for monitoring to help you with your Amazon EC2 monitoring tasks.

Make monitoring a priority to head o small problems before they become big ones.
Create and implement a monitoring plan that collects monitoring data from all of the parts in your AWS solution so
that you can more easily debug a multi-point failure if one occurs. Your monitoring plan should address, at a
minimum, the following questions:
What are your goals for monitoring?
What resources you will monitor?
How often you will monitor these resources?
What monitoring tools will you use?
Who will perform the monitoring tasks?
Who should be noti ed when something goes wrong?
Automate monitoring tasks as much as possible.
Check the log les on your EC2 instances.

For more information on monitoring EC2 , please refer to the below link:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring_ec2.html

The correct answer is: All of the above

Feedback about this question and answer

QUESTION 59

INCORRECT

MARK 0 OUT OF 1

Submit Feedback

For which of the following use cases are Simple Work ow Service (SWF) and Amazon EC2 an appropriate
solution? Choose two answers from the options given below

Please select :
A. Using as an endpoint to collect thousands of data points per hour from a distributed eet of sensors 

B. Managing a multi-step and multi-decision checkout process of an e-commerce website 

C. Orchestrating the execution of distributed and auditable business processes

D. Using as an SNS (Simple Noti cation Service) endpoint to trigger execution of video transcoding jobs

E. Using as a distributed session store for your web application

Your answer is incorrect.

Answer- B and C

The AWS Documentation mentions the following on the AWS Simple Work ow service

The Amazon Simple Work ow Service (Amazon SWF) makes it easier to develop asynchronous and distributed
applications by providing a programming model and infrastructure for coordinating distributed components and
maintaining their execution state in a reliable way. By relying on Amazon SWF, you are freed to focus on building the
aspects of your application that di erentiate it.

For more information on the simple work ow service, please refer to the below link:

http://docs.aws.amazon.com/amazonswf/latest/developerguide/swf-dg-intro-to-swf.html

The correct answers are: Managing a multi-step and multi-decision checkout process of an e-commerce website,
Orchestrating the execution of distributed and auditable business processes

Feedback about this question and answer

QUESTION 60
CORRECT

MARK 1 OUT OF 1

Submit Feedback

You work for a major news network in Europe. They have just released a new app which allows users to report
on events as and when they happen using their mobile phone. Users are able to upload pictures from the app
and then other users will be able to view these pics. Your organization expects this app to grow very quickly,
essentially doubling it’s user base every month. The app uses S3 to store the media and you are expecting
sudden and large increases in tra c to S3 when a major news event takes place  as people will be uploading
content in huge numbers). You need to keep your storage costs to a minimum however and it does not matter
if some objects are lost. Which storage media should you use to keep costs as low as possible?

Please select :
A. S3 – Infrequently Accessed Storage.

B. S3 – Reduced Redundancy Storage (RRS). 

C. Glacier.

D. S3 – Provisioned IOPS.

Your answer is correct.

Answer – B
Since the requirement mentions that it does not matter if objects are lost and you need a low cost storage option then
Reduced Redundancy Storage is the best option.

The AWS Documentation mentions the below on Reduced Redundancy Storage

Reduced Redundancy Storage (RRS) is an Amazon S3 storage option that enables customers to store noncritical,
reproducible data at lower levels of redundancy than Amazon S3’s standard storage. It provides a highly available
solution for distributing or sharing content that is durably stored elsewhere, or for storing thumbnails, transcoded
media, or other processed data that can be easily reproduced

For more information on RRS, please refer to the below link:

https://aws.amazon.com/s3/reduced-redundancy/

The correct answer is: S3 – Reduced Redundancy Storage (RRS).

Feedback about this question and answer

Company
About Us

Discussions

Blog
Support
Contact Us

Follow Us

You might also like