├── .gitignore ├── README.md ├── Vagrantfile ├── exam.py ├── convert_raw.py ├── questions.json └── raw.txt /.gitignore: -------------------------------------------------------------------------------- 1 | # vagrant 2 | .cache 3 | .vagrant 4 | 5 | # python 6 | .pip 7 | 8 | # shell 9 | .bash* 10 | 11 | # MAC OS 12 | .DS_Store 13 | 14 | # Project files 15 | *.sublime-* 16 | *.sln 17 | *.suo -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # aws-flash 2 | Study guide for AWS Certification 3 | 4 | ### Background 5 | 6 | I created this repo to help me study for the Amazon Web Services - Solution Architect Certification. I am not currently maintaining or updating the source code, but I will merge pull requests if you have changes 7 | 8 | ### Requirements 9 | 10 | `python` 11 | 12 | ### Contents 13 | 14 | |File|Contains| 15 | |---|---| 16 | |`Vagrantfile`|Useful if you want to run the application in a VM| 17 | |`convert_raw.py`|Parses the `raw.txt` file into a format used by the exam| 18 | |`exam.py`|The main module for running the exam| 19 | |`questions.json`|The file containing the parsed and processed questions| 20 | |`raw.txt`|A text file of all the questions I found on the internet while making this repo| 21 | 22 | ### Installation 23 | 24 | ```shell 25 | git clone https://github.com/JeffreyMFarley/aws-flash.git 26 | cd aws-flash 27 | python convert_raw.py 28 | ``` 29 | 30 | ### Usage 31 | ``` shell 32 | python exam.py # Provides a 40 question sample exam 33 | 34 | python exam.py 10 # Provides a 10 question sample exam 35 | ``` 36 | -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | require 'getoptlong' 4 | 5 | project = "aws-flash" 6 | container_root = "/home/vagrant" 7 | 8 | PORTS = %w(8080 8081 8082 2345 2346 5000) 9 | 10 | # ----------------------------------------------------------------------------- 11 | # Read options 12 | # ----------------------------------------------------------------------------- 13 | opts = GetoptLong.new( 14 | [ '--clean', GetoptLong::OPTIONAL_ARGUMENT ], 15 | ) 16 | 17 | clean = false 18 | 19 | opts.each do |opt, arg| 20 | case opt 21 | when '--clean' 22 | clean = true 23 | end 24 | end 25 | 26 | # ----------------------------------------------------------------------------- 27 | # Configure the VM 28 | # ----------------------------------------------------------------------------- 29 | Vagrant.configure(2) do |config| 30 | config.vm.box = "ubuntu/trusty64" 31 | config.vm.box_check_update = false 32 | 33 | PORTS.each do |p| 34 | config.vm.network "forwarded_port", guest: p, host: p 35 | end 36 | 37 | config.vm.synced_folder ".", "#{container_root}" 38 | 39 | config.vm.provider "virtualbox" do |v| 40 | v.name = project 41 | v.memory = 2000 42 | v.cpus = 2 43 | end 44 | 45 | # https://github.com/Varying-Vagrant-Vagrants/VVV/issues/517 46 | config.vm.provision "fix-no-tty", type: "shell" do |s| 47 | s.privileged = false 48 | s.inline = "sudo sed -i '/tty/!s/mesg n/tty -s \\&\\& mesg n/' /root/.profile" 49 | end 50 | 51 | config.vm.provision "shell", inline: "apt-get install python-dev python-pip" 52 | 53 | if clean 54 | config.vm.provision "shell", inline: "./clean.sh", run: "always" 55 | end 56 | end 57 | -------------------------------------------------------------------------------- /exam.py: -------------------------------------------------------------------------------- 1 | import sys 2 | import os 3 | import json 4 | import random 5 | import textwrap 6 | from collections import Counter 7 | if sys.version < '3': 8 | _input = raw_input 9 | else: 10 | _input = input 11 | 12 | # ----------------------------------------------------------------------------- 13 | 14 | def wrapped_out(i, s): 15 | lead = '{0}. '.format(i) 16 | wrapper = textwrap.TextWrapper(initial_indent=lead, 17 | subsequent_indent=' ' * len(lead)) 18 | s = wrapper.fill(s) 19 | print(s) 20 | 21 | def ask(i, q): 22 | os.system('cls' if os.name == 'nt' else 'clear') 23 | 24 | wrapped_out(i, q['text']) 25 | print('\n') 26 | 27 | for k in sorted(q['options']): 28 | wrapped_out(k, q['options'][k]) 29 | print('\n') 30 | 31 | if sys.version < '3': 32 | a = raw_input('> ').upper().translate(None, ' ,') 33 | else: 34 | a = input('> ').upper().translate({ord(' '): None, ord(','): None}) 35 | 36 | return [x for x in a] 37 | 38 | def check(q, a): 39 | compare = Counter(q['answers']) == Counter(a) 40 | return 1 if compare else 0 41 | 42 | def reveal(q, a, s): 43 | print('Correct' if s else 'Incorrect') 44 | if not s: 45 | print(', '.join(sorted(q['answers']))) 46 | _input("'Enter' to continue") 47 | 48 | # ----------------------------------------------------------------------------- 49 | 50 | def run(): 51 | with open('questions.json') as f: 52 | questions = json.load(f) 53 | 54 | total = 0 55 | # exam_length = 40 56 | exam_length = int(sys.argv[1]) if len(sys.argv) >1 else 40 57 | passing = (exam_length * 65) / 100 58 | study_guide = {} 59 | 60 | exam = random.sample(questions, exam_length) 61 | for i, question in enumerate(exam): 62 | answer = ask(i + 1, question) 63 | score = check(question, answer) 64 | total += score 65 | #reveal(question, answer, score) 66 | 67 | correct_answers = '' 68 | for correct_answer in question['answers']: 69 | correct_answers+= " : "+question['options'][correct_answer] 70 | 71 | if not score: 72 | study_guide[i+1] = question['text']+" (answers"+correct_answers+")" 73 | 74 | print('Your score: {0} of {1}'.format(total, exam_length)) 75 | print('Passed!' if total >= passing else 'Failed') 76 | 77 | print('\nMisses\n') 78 | for i,review in study_guide.items(): 79 | wrapped_out(i, review) 80 | 81 | if __name__ == '__main__': 82 | run() 83 | -------------------------------------------------------------------------------- /convert_raw.py: -------------------------------------------------------------------------------- 1 | import re 2 | import json 3 | import codecs 4 | 5 | # ----------------------------------------------------------------------------- 6 | 7 | def acquire(): 8 | with codecs.open('raw.txt', encoding='utf-8') as f: 9 | for line in f: 10 | s = line.strip() 11 | if s: 12 | yield s 13 | 14 | def extract_pair(match, table): 15 | a = match.group(1).upper() 16 | b = match.group(2).strip().translate(table) 17 | return (a, b) 18 | 19 | def buildPunctuationReplace(): 20 | table = {0xa6 : u'|', 21 | 0xb4 : u'\'', 22 | 0xb6 : u'*', 23 | 0xd7 : u'x', 24 | 25 | 0x2022 : u'*', # bullet 26 | 0x2023 : u'*', 27 | 0x2024 : u'.', 28 | 0x2027 : u'*', 29 | 0x2032 : u"'", 30 | 0x2035 : u"'", 31 | 0x2039 : u'<', 32 | 0x203a : u'>', 33 | 0x2043 : u'-', 34 | 0x2044 : u'/', 35 | 0x204e : u'*', 36 | 0x2053 : u'~', 37 | 0x205f : u' ', 38 | 0x2192 : u'>' # rightwards arrow 39 | } 40 | table.update({c :u' ' for c in range(0x2000, 0x200a)}) 41 | table.update({c :u'-' for c in range(0x2010, 0x2015)}) 42 | table.update({c :u"'" for c in range(0x2018, 0x201b)}) 43 | table.update({c :u'"' for c in range(0x201c, 0x201f)}) 44 | 45 | return table 46 | 47 | # ----------------------------------------------------------------------------- 48 | 49 | def run(): 50 | sm = [ 51 | re.compile('([0-9]+)\.\s(.*)'), 52 | re.compile('([a-fA-F])\.?\s(.*)'), 53 | re.compile('([a-fA-F])+') 54 | ] 55 | 56 | table = buildPunctuationReplace() 57 | 58 | state = 0 59 | accum = {} 60 | num = 1 61 | 62 | for l in acquire(): 63 | m = sm[state].match(l) 64 | if not m: 65 | m = sm[2].match(l) 66 | if m: 67 | accum['answers'] = [c for c in l.strip()] 68 | yield accum 69 | else: 70 | print('Lost State around {0}'.format(num)) 71 | state = 0 72 | accum = {} 73 | 74 | elif state == 0: 75 | num, accum['text'] = extract_pair(m, table) 76 | accum['options'] = {} 77 | state = state + 1 78 | 79 | elif state == 1: 80 | on, t = extract_pair(m, table) 81 | accum['options'].update({on: t}) 82 | 83 | if __name__ == '__main__': 84 | questions = [q for q in run()] 85 | with open('questions.json', 'w') as f: 86 | json.dump(questions, f, sort_keys=True) 87 | 88 | -------------------------------------------------------------------------------- /questions.json: -------------------------------------------------------------------------------- 1 | [{"answers": ["A", "B", "C", "D"], "options": {"A": "You can use IAM Policies", "B": "You can use Bucket policies", "C": "You can use Access Control Lists (ACLs)", "D": "You can use the Server Side Encryption (SSE)", "E": "You can serve it through Cloudfront"}, "text": "How do you secure company critical data on S3 (chose 4 correct answers)"}, {"answers": ["A"], "options": {"A": "EBS automatically encrypts data on it for more security", "B": "You can use your own encryption layer on the top", "C": "Use S3 instead", "D": "Block the EC2 to access data to your EBS"}, "text": "How to secure data on rest in EBS?"}, {"answers": ["A"], "options": {"A": "Use Cloudfront to serve images", "B": "Restrict access to those websites in the bucket policy", "C": "Use glacier to store images", "D": "Restrict access to those websites in the IAM policy", "E": "Remove the public URL link from the object in S3"}, "text": "You have a photo selling website where you have a library of photos on S3. You noticed that there are some websites that are showing the link to your S3 photos. How do you restrict sites like these using your S3 photos link?"}, {"answers": ["C", "D"], "options": {"A": "Designing a business application which requires a lot of co-ordination between different tasks", "B": "Video encoding application where each video is encoded with a pre-defined number of steps", "C": "Receiving thousands of notifications from a process and add them to a queue", "D": "Process a queue of messages where each message is a task that needs to be completed"}, "text": "In which of the following cases should you use SQS - Simple Queue Service (chose 2 correct answers)"}, {"answers": ["B"], "options": {"A": "Every S3 account has a predefined bucket where the logs are stored", "B": "When processing a request to store data, the service will redundantly store your object across multiple facilities before returning SUCCESS.", "C": "You can see the HTTP success code in the logs", "D": "Using a combination of Content-MD5 checksums"}, "text": "How do you ensure that the data has been saved properly in S3?"}, {"answers": ["D"], "options": {"A": "VPC", "B": "Public Subnet", "C": "Private Subnet", "D": "Placement Group", "E": "Availability Zone"}, "text": "You are running an application on an EC2 and now you want to add another EC2 for your application that requires a high bandwidth connect with the existing EC2. Where should you launch your EC2 in this case?"}, {"answers": ["A", "B"], "options": {"A": "Designing a business application which requires a lot of co-ordination between different tasks", "B": "Video encoding application where each video is encoded with a pre-defined number of steps", "C": "Receiving thousands of notifications from a process and add them to a queue", "D": "Process a queue of messages where each message is a task that needs to be completed"}, "text": "Where should you use SWF - Simple Workflow Service (chose 2 correct answers)"}, {"answers": ["B", "D"], "options": {"A": "SNS", "B": "Cloudwatch", "C": "SQS", "D": "ELB"}, "text": "What services are required for Auto Scaling (chose 2 correct answers)"}, {"answers": ["A", "B", "D", "E"], "options": {"A": "Automatic geo-redundant replication", "B": "It provides a simple web interface to create and store data sets, query and return data", "C": "You can store you relational database in Simple DB", "D": "Data is automatically indexed", "E": "You don't need to worry about the infrastructure required"}, "text": "What are the characteristics of Simple DB (chose 4 correct answers)"}, {"answers": ["B", "C"], "options": {"A": "Active database storage.", "B": "Infrequently accessed data.", "C": "Data archives.", "D": "Frequently accessed data.", "E": "Cached session data."}, "text": "Amazon Glacier is designed for (chose 2 correct answers)"}, {"answers": ["A"], "options": {"A": "Attach an Elastic IP to the instance", "B": "Nothing. The instance is accessible from the Internet", "C": "Launch a NAT instance and route all traffic to it", "D": "Make an entry in the route table passing all traffic going outside the VPC to the NAT instance"}, "text": "An instance is launched into the public subnet of a VPC. Which of the following must be done in order for it to be accessible FROM the Internet?"}, {"answers": ["B"], "options": {"A": "The public subnet", "B": "The private subnet", "C": "Either of them", "D": "Not recommended, they should ideally be launched outside VPC"}, "text": "In VPCs with private and public subnets, database servers should ideally be launched into:"}, {"answers": ["A", "B"], "options": {"A": "It reduces the load on your web servers", "B": "It reduces the load on your database", "C": "Gives you more availability of cached data when your Multi-AZ RDS is under maintenance", "D": "Gives you faster access to your cache data"}, "text": "What are the benefits of using Elasticache for your web application (chose 2 correct answers)"}, {"answers": ["C"], "options": {"A": "The instance is replaced automatically by the ELB.", "B": "The instance gets terminated automatically by the ELB.", "C": "The ELB stops sending traffic to the instance that failed its health check.", "D": "The instance gets quarantined by the ELB for root cause analysis."}, "text": "You configured ELB to perform health checks on EC2 instances. If an instance fails to pass health checks, which statement will be true?"}, {"answers": ["B", "C", "D"], "options": {"A": "It is used for SQL databases like MsSQL, MySQL, Oracle", "B": "Gives you a fast and predictable performance with seamless scalability", "C": "It is a managed service provided by AWS", "D": "When reading data from Amazon DynamoDB, users can specify whether they want the read to be eventually consistent or strongly consistent", "E": "There is a limit of stored data or throughput of data"}, "text": "What are the characteristics of Dynamo DB (chose 3 correct answers)"}, {"answers": ["A", "B", "D"], "options": {"A": "2 EC2 in 3 regions with ELB on top", "B": "3 EC2 in 2 AZ with ELB on top", "C": "Auto Scaling rule for 6 instances always running", "D": "Auto scaling rule for 3 instance always running in each zone", "E": "Auto Scaling Replace the lost capacity in case of zone failure in the other zone", "F": "Auto Scaling Replace the lost capacity in case of region failure in other region"}, "text": "You have a business critical application that requires it to be highly available with 6 instances always running. What should you do to achieve this (chose 3 correct answers)"}, {"answers": ["B", "D"], "options": {"A": "You can use it to replace an instance in the ELB when it fails its health check", "B": "Helps you quickly deploy and manage applications in the AWS cloud", "C": "It creates a template for your EC2 instance", "D": "You don't need to worry about the infrastructure required to run your applications"}, "text": "What are the characteristics of Elastic Beanstalk (chose 2 correct answers)"}, {"answers": ["C"], "options": {"A": "It is configurable in the IAM policies for the user", "B": "By Using Multi-factor authentication", "C": "By Using active directory and LDAP integration", "D": "By Configuring SAML 2.0", "E": "It is currently not possible in AWS"}, "text": "How do you achieve single sign on with AWS"}, {"answers": ["B", "C", "E"], "options": {"A": "You can have one EC2 in more than 1 VPC", "B": "There will always be atleast 1 default VPC", "C": "A VPC is always across multiple availability zones within a region", "D": "You can either have a VPC with public subnet or private subnet", "E": "You may use a third party software VPN to create a site to site or remote access VPN connection with your VPC via the Internet Gateway"}, "text": "What is true about VPC (chose 3 correct answers)"}, {"answers": ["A"], "options": {"A": "Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.", "B": "Add the CloudFront account security group \"Amazon-cf/Amazon-cf-sg\" to the appropriate S3 bucket policy.", "C": "Create an Identity and Access Management (IAM) User for CloudFront and grant access to the objects in your S3 bucket to that IAM User.", "D": "Create a S3 bucket policy that lists the CloudFront distribution ID as the Principal and the target bucket as the Amazon Resource Name (ARN)."}, "text": "You are building a system to distribute confidential training videos to employees. Using CloudFront, what method could be used to serve content that is stored in S3, but not publically accessible from S3 directly?"}, {"answers": ["B"], "options": {"A": "The instance follows the rules of the older subnet", "B": "The instance follows the rules of both the subnets", "C": "The instance follows the rules of the newer subnet", "D": "Not possible cannot be connected to 2 ENIs"}, "text": "An instance is connected to an ENI (Elastic Network Interface) in one subnet. What happens when you attach an ENI of a different subnet to this instance?"}, {"answers": ["D"], "options": {"A": "A Record", "B": "CName record", "C": "AAAA record", "D": "Alias", "E": "NS Record"}, "text": "How do you point apex record of your website (example.com) to the public DNS of the Elastic Load Balancer?"}, {"answers": ["B", "E"], "options": {"A": "The Elastic IP will be dissociated from the instance", "B": "All data on instance-store devices will be lost", "C": "All data on EBS (Elastic Block Store) devices will be lost", "D": "The ENI (Elastic Network Interface) is detached", "E": "The underlying host for the instance may change"}, "text": "Which of the following will occur when an EC2 instance in a VPC (Virtual Private Cloud) with an associated Elastic IP is stopped and started (chose 2 correct answers)"}, {"answers": ["B"], "options": {"A": "On-Demand", "B": "Reserved", "C": "Dedicated", "D": "Spot", "E": "EC2 is not the right choice here"}, "text": "You are running an ERP application on EC2 for your company that runs 24x7 and the load is predictable and constant throughout the year. Which is the most cost-efficient option for the EC2 purchase model in this case?"}, {"answers": ["C", "D", "E"], "options": {"A": "You can attach one EBS volume to multiple EC2 instance", "B": "Data in EBS is stored across multiple AZ for redundancy", "C": "Maximum size of an EBS can be 1 TB", "D": "You can have provisioned IOPS with your EBS volumes", "E": "EBS behaves like raw unformatted block device"}, "text": "What are the characteristics of EBS (chose 3 correct answers)"}, {"answers": ["D"], "options": {"A": "Make sure that the patches are up to date on the instance", "B": "Make sure the port 22 are open on the subnet for incoming traffic", "C": "Make sure the port 22 are open on the subnet for outgoing traffic", "D": "Make sure the port 22 are open on the security group for incoming traffic", "E": "Make sure the port 22 are open on the security group for outgoing traffic"}, "text": "You notice that you are not able to access your EC2 linux instance using SSH. What should you check first?"}, {"answers": ["A", "B", "C", "D"], "options": {"A": "You can share your AMI with other AWS account owners", "B": "You can create an instance store-backed AMI", "C": "You can create an EBS-backed AMI", "D": "For Instance stored-backed AMIs, the root volume is stored in S3", "E": "For EBS stored-backed AMIs, the root volume is stored in S3"}, "text": "What is true about AMI (chose 4 correct answers)"}, {"answers": ["E", "C", "A"], "options": {"A": "You can create multiple read replica for ready heavy applications", "B": "You can have a read replica of a read replica", "C": "Daily backups are automatically taken", "D": "You can enable Multi-AZ option to have automatic failover in a different region", "E": "You can have provisioned IOPS for your RDS database"}, "text": "What is true about RDS (chose 3 correct answers)"}, {"answers": ["B", "C"], "options": {"A": "By Default all the services are enabled for a new IAM user", "B": "By Default all the services are disabled for a new IAM user", "C": "You can create multiple access ID and secret keys for 1 IAM user", "D": "Option 4", "E": "Option 5"}, "text": "What are the characteristics of IAM (chose 2 correct answers)"}, {"answers": ["A", "D"], "options": {"A": "network traffic entering and exiting each subnet can be allowed or denied via network Access Control Lists (ACLs)", "B": "A subnet can be across multiple availability zones", "C": "A subnet can be across multiple regions", "D": "Default subnets are assigned a /20 netblocks", "E": "Default subnets are assigned a /16 netblocks"}, "text": "What are the characteristics of Subnet (chose 2 correct answers)"}, {"answers": ["B"], "options": {"A": "1/7th of the time", "B": "3/10th of the time", "C": "3/7th of the time", "D": "1/4th of the time"}, "text": "You have created 4 weighted resource record sets with weights 1, 2, 3 and 4. The 3rd record set is selected by Route53?"}, {"answers": ["A", "B", "D"], "options": {"A": "A webserver running on EC2", "B": "A webserver running in your own datacenter", "C": "A RDS instance", "D": "An Amazon S3 bucket", "E": "A Glacier storage"}, "text": "Which of the following can be used as an origin server in CloudFront?(Choose 3)"}, {"answers": ["B"], "options": {"A": "Option 1 An Error 404 not found is returned", "B": "CloudFront delivers the content directly from the origin server and stores it in the cache of the edge location", "C": "The request is kept on hold till content is delivered to the edge location", "D": "The request is routed to the next closest edge location"}, "text": "In cloudFront what happens when content is NOT present at an Edge location and a request is made to it?"}, {"answers": ["A", "B", "D"], "options": {"A": "Signed URLs can be created to access objects from CloudFront edge locations", "B": "Direct access to S3 URLs can be removed therefore allowing access only through CloudFront URLs", "C": "Mark the S3 bucket private and allow access to CloudFront by means of Roles", "D": "Mark the S3 bucket private and and create an Origin Access Identity to access the objects"}, "text": "Which of the following is true with respect to serving private content through CloudFront? (chose 3 correct answers)"}, {"answers": ["C"], "options": {"A": "Resources", "B": "Parameters", "C": "Outputs", "D": "Mappings"}, "text": "You have written a CloudFormation template that creates 1 elastic load balancer fronting 2 EC2 instances. Which section of the template should you edit so that the DNS of the load balancer is returned upon creation of the stack?"}, {"answers": ["D"], "options": {"A": "On-Demand", "B": "Reserved", "C": "Dedicated", "D": "Spot", "E": "EC2 is not the right choice here"}, "text": "You are doing a large data analysis which requires high computing power and many instances to be launched simultaneously and then to be retired after the analysis. If the instance is retired during the analysis, the program automatically shifts the analysis to the other instance. Which is the most cost-efficient option for launching the EC2 in this case?"}, {"answers": ["C", "D"], "options": {"A": "You can do the penetration on your individual EC2 instance only", "B": "A prior permission is required from AWS for penetration testing", "C": "You cannot do the penetration testing at all", "D": "You can ask AWS support to do the penetration testing", "E": "AWS will automatically conduct penetration testing from time to time"}, "text": "What is true about penetration testing in AWS (chose 2 correct answers)"}, {"answers": ["B", "C"], "options": {"A": "You get a read-replica", "B": "More availability during the maintenance window", "C": "Automatic failover in case of one data center failure", "D": "More IOPS available for data throughput", "E": "You get more privileges to manage your database"}, "text": "What are the benefits of Multi-AZ RDS deployments (chose 2 correct answers)"}, {"answers": ["C", "D", "E"], "options": {"A": "Images and videos", "B": "Static files for your websites", "C": "Your website database", "D": "Notifications from a computer program", "E": "Static Files that are accessed once in many years"}, "text": "What kind of data should not be stored in S3 (chose 3 correct answers)"}, {"answers": ["C", "B", "D"], "options": {"A": "It can be applied across regions", "B": "It saves you significant money over on-demand instance", "C": "You can shut down the reserved instance any time you want and the hourly charge wont incur for the shutdown hours", "D": "If your AMI changes the Reserved instance is still valid if it's the same instance type", "E": "You pay a fixed amount of money irrespective of the number of hours you used the instance for"}, "text": "What are the characteristics of a reserved instance (chose 3 correct answers)"}, {"answers": ["C", "D"], "options": {"A": "You can use it to replace an instance in the ELB when it fails its health check", "B": "Helps you quickly deploy and manage applications in the AWS cloud", "C": "It creates a template for your EC2 instance", "D": "You don't need to worry about the infrastructure required to run your applications"}, "text": "What are the characteristics of CloudFormation (chose 2 correct answers)"}, {"answers": ["D"], "options": {"A": "Disable S3 delete using an IAM bucket policy", "B": "Access S3 data only using signed URLs", "C": "Enable S3 reduced redundancy storage", "D": "Enable S3 versioning on the bucket", "E": "Enable MFA protected access"}, "text": "To protect S3 data from accidental deletion and overwriting you should:"}, {"answers": ["B"], "options": {"A": "AES 256 bit encryption of data stored on any shared storage device", "B": "Decommissioning of storage device using industry-standard practices", "C": "Background virus scans of EBS volumes and EBS snapshots", "D": "Replication of data across multiple geographic regions", "E": "Secure wiping of EBS volumes when they are un-mounted"}, "text": "Which is an operational process performed by AWS for data security?"}, {"answers": ["A", "C"], "options": {"A": "Hypervisor visible metrics such as CPU utilization", "B": "Operating system visible metrics such as memory utilization", "C": "Network Utilization (Read-write)", "D": "Web server visible metrics such as number failed transaction requests", "E": "Database visible metrics such as number of connections"}, "text": "In the basic monitoring package for EC2, Amazon CloudWatch provides the following metrics (chose 2 correct answers)"}, {"answers": ["C"], "options": {"A": "Launch it in a VPC", "B": "Launch it under an ELB", "C": "Pre-assign an IP using Cloudformation script", "D": "Launch it in a placement group"}, "text": "How should you launch instance if you need a pre-defined IP?"}, {"answers": ["A", "D"], "options": {"A": "EC2", "B": "RDS", "C": "Dynamo DB", "D": "EMR (Elastic Map Reduce)", "E": "Simple DB"}, "text": "In Which case do you have full authority of the underlying instance (chose 2 correct answers)"}, {"answers": ["A", "C", "D"], "options": {"A": "The snapshots are stored in S3", "B": "The snapshots are just stored as another EBS volume", "C": "Snapshots are incremental in nature and only", "D": "You can share the snapshot with other AWS accounts", "E": "Snapshots are automatically encrypted"}, "text": "What is true about EBS (chose 3 correct answers)"}, {"answers": ["B", "C", "D"], "options": {"A": "Security group restricts access to a Subnet while ACL restricts traffic to EC2", "B": "Security group restricts access to EC2 while ACL restricts traffic to a subnet", "C": "Security group can work outside the VPC also while ACL only works within a VPC", "D": "Network ACL performs stateless filtering and Security group provides stateful filtering", "E": "Security group can only set Allow rule, while ACL can set Deny rule also", "F": "Option 5"}, "text": "What is the difference between a security group in VPC and a network ACL in VPC (chose 3 correct answers)"}, {"answers": ["C"], "options": {"A": "Simply attach an elastic IP", "B": "If there is also a public subnet in the same VPC, an ENI can be attached to the instance with the IP address range of the public subnet", "C": "If there is a public subnet in the same VPC with a NAT instance attached to internet gateway, then a route can be configured from the instance to the NAT", "D": "There is no way for an instance in private subnet to talk to the internet"}, "text": "For an EC2 instance launched in a private subnet in VPC, which of the following are the options for it to be able to connect to the internet (assume security groups have proper ports open)"}, {"answers": ["B", "C", "D"], "options": {"A": "For EBS backed AMI, the EBS volume with operation system on it is preserved", "B": "For EBS backed AMI, any volume attached other than the OS volume is preserved", "C": "All the snapshots of the EBS volume with operating system is preserved", "D": "For S3 backed AMI, all the data in the local (ephemeral) hard drive is deleted", "E": "For Instance store-backed EC2 the data is lost when the instance is rebooted"}, "text": "What happens to data when an EC2 instance terminates (chose 3 correct answers)"}, {"answers": ["C", "D", "E"], "options": {"A": "Start up EC2 instances when CPU utilization is above threshold", "B": "Release EC2 instances when CPU utilization is below threshold", "C": "Increase the instance size when utilization is above threshold", "D": "Add more Relational Database Service (RDS) read replicas when utilization is above threshold", "E": "Reboots an instance if the health check is failed for that instance"}, "text": "Which of the following Auto scaling cannot do (chose 3 correct answers)"}, {"answers": ["A", "B", "C"], "options": {"A": "Bucket namespace is shared and is global among all AWS users.", "B": "Bucket names can contain alpha numeric characters", "C": "Bucket are associated with a region, and all data in a bucket resides in that region", "D": "Buckets can be transferred from one account to another through API", "E": "You can have unlimited number of buckets in each AWS account"}, "text": "What is true for S3 buckets (chose 3 correct answers)"}, {"answers": ["A"], "options": {"A": "Yes, not for all regions", "B": "Yes, for all regions", "C": "No, it does not provide read-after-write consistency", "D": "You can provision this by making the right API calls"}, "text": "Does S3 provides read-after-write consistency?"}, {"answers": ["A", "D", "E"], "options": {"A": "You can have unlimited number of objects in S3 bucket", "B": "An S3 object can be of unlimited size", "C": "Data stored in S3 is encrypted", "D": "You can use Reduced Redundancy storage for lower cost option", "E": "You can serve your static website from S3"}, "text": "Choose the correct statement (chose 3 correct answers)"}, {"answers": ["B"], "options": {"A": "An Error 404 not found is returned", "B": "CloudFront delivers the content directly from the origin server and stores it in the cache of the edge location", "C": "The request is kept on hold till content is delivered to the edge location", "D": "The request is routed to the next closest edge location"}, "text": "In CloudFront what happens when content is NOT present at an Edge location and a request is made to it?"}, {"answers": ["C", "B"], "options": {"A": "EC2", "B": "ELB", "C": "RDS", "D": "Dynamo DB", "E": "EBS"}, "text": "Which of the services could spread across Multi-AZ (chose 2 correct answers)"}, {"answers": ["A", "C", "E"], "options": {"A": "Using AWS management console", "B": "Using AWS API tools", "C": "Using AWS command line interface", "D": "By doing an RDP to the instance", "E": "By doing an SSH to the instance"}, "text": "How do you mount a new EBS to an EC2 (chose 3 correct answers)"}, {"answers": ["E"], "options": {"A": "Instance based SSD storage", "B": "EBS with SSD storage", "C": "EBS with provisioned IOPS", "D": "Stripe data across Multiple EBS volumes with Raid 5", "E": "Stripe data across Multiple EBS volumes with Raid 0"}, "text": "Which of the following will provide the maximum IOPS for your EC2?"}, {"answers": ["B", "E"], "options": {"A": "The instance based storage is automatically saved in S3", "B": "You can use the instance based storage for your root volume", "C": "You can attach multiple Elastic IPs to a single EC2", "D": "The public DNS of the EC2 remains intact when you shut down the EC2 and start it again", "E": "Data on the instance based storage remains intact when you reboot the instance"}, "text": "Chose the right statements about EC2 instance(chose 2 correct answers)"}, {"answers": ["C"], "options": {"A": "Stop the EC2, issue a snapshot command, Switch on the EC2", "B": "Stop the EC2, issue a snapshot command, wait to complete the snapshot, remount EBS", "C": "Just issue the snapshot command", "D": "Un-mount EBS, issue snapshot command, remount", "E": "Un-mount EBS, Take snapshot, wait to complete the snapshot, remount EBS"}, "text": "What is the best way of taking a fast snapshot without losing the consistency?"}, {"answers": ["B"], "options": {"A": "There is no such limit", "B": "5 TB", "C": "5 GB", "D": "100 GB"}, "text": "What is the maximum size of a single S3 object?"}, {"answers": ["A", "D"], "options": {"A": "MultiAZ deployed database can tolerate an Availability Zone failure", "B": "Decrease latencies if app servers accessing database are in multiple Availability zones", "C": "Make database access times faster for all app servers", "D": "Make database more available during maintenance tasks"}, "text": "Which of the following benefits does adding Multi-AZ deployment in RDS provide (choose multiple if more than one is true)?"}, {"answers": ["C"], "options": {"A": "Resolve the ELB name to an IP address and point the website to that IP address", "B": "There is no direct way to do so, Route53 has to be used", "C": "Generate a CNAME record for the website pointing to the DNS name of the ELB"}, "text": "When an ELB is setup, what is the best way to route a website's traffic to it?"}, {"answers": ["D"], "options": {"A": "A.", "B": "AAAA", "C": "NS", "D": "CNAME"}, "text": "You want to use Route53 to direct your www sub-domain to an elastic load balancer fronting your web servers. What kind of record set should you create?"}, {"answers": ["A"], "options": {"A": "Singapore", "B": "Oregon", "C": "Depends on the load on each machine", "D": "Both, because 2 requests are made, 1 to each machine"}, "text": "You have created a Route 53 latency record set from your domain to a machine in Singapore and a similar record to a machine in Oregon. When a user located in India visits your domain he will be routed to:"}, {"answers": ["A"], "options": {"A": "Elastic IP Address", "B": "Class B IP Address", "C": "Class A IP Address", "D": "Dynamic IP Address"}, "text": "If I want an instance to have a public IP address, which IP address should I use?"}, {"answers": ["D"], "options": {"A": "Redundancy Removal System", "B": "Relational Rights Storage", "C": "Regional Rights Standard", "D": "Reduced Redundancy Storage"}, "text": "What does RRS stand for when talking about S3?"}, {"answers": ["A"], "options": {"A": "It allows to integrate on-premises IT environments with Cloud Storage.", "B": "A direct encrypted connection to Amazon S3.", "C": "It's a backup solution that provides an on-premises Cloud storage.", "D": "It provides an encrypted SSL endpoint for backups in the Cloud."}, "text": "What does the AWS Storage Gateway provide?"}, {"answers": ["A"], "options": {"A": "Six: Amazon Aurora, Oracle, Microsoft SQL Server, PostgreSQL, MySQL and MariaDB", "B": "Just two: MySQL and Oracle.", "C": "Five: MySQL, PostgreSQL, MongoDB, Cassandra and SQLite.", "D": "Just one: MySQL."}, "text": "How many relational database engines does RDS currently support?"}, {"answers": ["D"], "options": {"A": "Resource-based and Product-based", "B": "Product-based and Service-based", "C": "Service-based", "D": "User-based and Resource-based"}, "text": "What are the two permission types used by AWS?"}, {"answers": ["d"], "options": {"A": "Disk usage activity of the ephemeral volumes of an Amazon EC2 instance", "B": "CPU Utilisation of an Amazon Elastic compute cloud(EC2) instance", "C": "Disk usage activity of an elastic block store volume attached to an Amazon EC2 instance", "D": "Disk full percentage of an Elastic Block store volume"}, "text": "Which of the following requires a custom CloudWatch metric to monitoring?"}, {"answers": ["A"], "options": {"A": "Latency reported by the elastic load balancer(ELB)", "B": "Request count reported by ELB", "C": "Aggregate networking for the web tier", "D": "Aggregate CPU Utilisation for the web tier"}, "text": "Your web application is using Auto Scaling and Elastic load balancing. You want to monitor the application to ensure that it maintains a good quality of service for your customers, defined by the application's page load time. What metric in Amazon CloudWatch can best be used for this?"}, {"answers": ["E", "B", "D"], "options": {"A": "Create an RDS read-replica and redirect half of the database read request to it", "B": "Cache database queries in Amazon elastic cloud", "C": "Setup RDS in multi-availability zone mode.", "D": "Shard the database and distribute loads between shards.", "E": "Use Amazon cloudfront to cache database queries."}, "text": "You run a two-tiered application with the following components: an elastic load balancer (ELB), three web/application servers on EC2, and one MySQL RDS database. With growing loads, the database queries take longer and longer and slow down the overall response time for user requests. What of the following options could speed up performance? (choose 3)"}, {"answers": ["C"], "options": {"A": "launch two to six additional instances outside of the autoscaling group to handle the additional load.", "B": "populate the custom CloudWatch metric for concurrent session and initiate scaling action based on that metric instead of CPU use.", "C": "Empirically determine the expected CPU use for 200 concurrent sessions and adjust the CloudWatch alarm threshold to be that CPU use.", "D": "Add a script to each instance to detect the number of concurrent sessions.if the no. of session remains over 200 for five minutes, have the instance increased the desired capacity of the autoscaling group by one."}, "text": "As an application has increased in popularity, reports of performance issues have grown. the current configuration initiates scaling actions based on avg CPU utilization; however during reports of slowness, CloudWatch graphs have shown that avg CPU remains steady at 40 percent. this is well below the alarm threshold of 60 percent.Your developers have discovered that, due to the unique design of the application,performance degradation occurs on an instance when it is processing more than 200 threads. What is the best way to ensure that your application scales to match the demands?"}, {"answers": ["A"], "options": {"A": "Federated Identity based on AWS security token service (STS) using an AWS IAM policy for the respective S3 bucket", "B": "IAM user per registered client with an IAM policy granted AWS S3 access to the respective bucket", "C": "AWS S3 policy with a ..."}, "text": "Your company built a mobile application that has already been downloaded several thousand times. Which authentication solution would enable mobile clients to access pictures stored on an AWS S3 bucket and provide you with the highest flexibility to rotate credentials?"}, {"answers": ["A"], "options": {"A": "No, all EBS volume is stored in a single Availability Zone", "B": "Yes, EBS volume has multiple copies so it should be fine", "C": "Depends on how it is setup", "D": "Depends on the Region where EBS volume is initiated"}, "text": "EBS can always tolerate an Availability Zone failure?"}, {"answers": ["A"], "options": {"A": "$0.00", "B": "$0.02", "C": "$0.03", "D": "$0.04", "E": "$0.05"}, "text": "You receive a spot instance at a bit of $0.05/hr. After 30 minutes, the spot price increase to $0.06/hr and your spot instances is terminated by AWS. what was the total EC2 compute cost of running your spot instance."}, {"answers": ["D"], "options": {"A": "Immediately to the new instances only", "B": "Immediately to the new instances only, but old instance must be stopped and restarted before before the new rule apply.", "C": "To all instances, but it may take several minutes for old install to see the changes.", "D": "Immediately to all instances in the security group"}, "text": "You have an Amazon Elastic Cloud Compute (EC2) security group with several running EC2 instances. You change the security group rules to allow inbound traffic on a new port and protocol, and launch several new instance in the same security group. The new rule apply:-"}, {"answers": ["A", "B", "E"], "options": {"A": "Amazon DynamoDB", "B": "Amazon ElastiCache", "C": "Elastic Load Balancing", "D": "AWS storage Gateway", "E": "Amazon Relational Database service[RDS]", "F": "Amazon CloudWatch"}, "text": "You are developing a highly available web application using stateless web servers. Which services are suitable for storing session state data (choose 3)."}, {"answers": ["A", "E"], "options": {"A": "Enable S3 versioning on bucket", "B": "Access S3 data using only signed URL.", "C": "Disable S3 delete using an IAM bucket policy.", "D": "Enable S3 Reduced Redundancy storage", "E": "Enable multi-factor authentication(MFA) protected access."}, "text": "What combination of the following options will protect Amazon Simple Storage Services (S3) objects from both accidental deletion and accidental overwriting? (Choose two)"}, {"answers": ["D"], "options": {"A": "2", "B": "3", "C": "4", "D": "6"}, "text": "You have been tasked with creating a VPC network topology for your company. The VPC network must support both internet-facing application and internally-facing application accessed only over VPN. Both internet-facing and internally-facing application must be able to leverage at least three AZs for high availability. At a minimum, how many subnets must you create within your VPC to accommodate these requirement."}, {"answers": ["D"], "options": {"A": "Deploy a NAT instance into the public subnet.", "B": "Modify the routing table for the public subnet.", "C": "Configure a publically routable IP address in the host OS of the fourth instance.", "D": "Assign an Elastic IP address to the fourth instance."}, "text": "You have an Amazon Virtual Private Cloud with a public subnet. Three EC2 instances currently running inside the subnet can successfully communicate with other hosts on the internet. You launch a fourth instance in the same subnet, using the same Amazon machine image (AMI) and security group configuration, you used for others, but find that this instance cannot be accessed from the internet. What should you do to enable internet access?"}, {"answers": ["D"], "options": {"A": "Deploy in three availability zone, with auto scaling minimum set to handel 33 percent peak load per zone.", "B": "Deploy in two region using Weighted Round Robin(WRR), with Auto Scaling minimums set for 50 percent peak load per Region.", "C": "Deploy in two region using Weighted Round Robin(WRR), with Auto Scaling minimums set for 100 percent peak load per region.", "D": "Deploy in three availability Zones, with auto scaling minimum set to handle 50 percent peak load per zone."}, "text": "You have a business-critical two-tier web app currently deployed in two availability zones in a single region, using elastic, load balancing and autoscaling. The app depends on synchronous replication(very low latency connectivity) at the data layer. The application need to remain fully available even if one application availability zone goes off-line, and auto scaling cannot launch new instances in the remaining availability zones, How can the current architecture be enhanced to ensure this?"}, {"answers": ["A"], "options": {"A": "Memory use", "B": "CPU use", "C": "Disk read operations", "D": "Network in", "E": "Estimated charges"}, "text": "which of the following requires a custom CloudWatch metric to monitor?"}, {"answers": ["C"], "options": {"A": "Query the appropriate AWS CloudWatch metric", "B": "Use an ipconfig or ifconfig command", "C": "query the local instance metadata", "D": "query the local instance userdata"}, "text": "How can software determine the public and private IP addresses of the AWS EC2 instance that it is running on?"}, {"answers": ["A", "D"], "options": {"A": "Infrequently accessed data", "B": "Cached session data", "C": "Active database storage", "D": "Data archive", "E": "Frequently accessed data"}, "text": "Amazon Glacier is designed for (choose 2)"}, {"answers": ["D"], "options": {"A": "Established a dedicated network connection using AWS direct connect.", "B": "Modify the main route table to allow traffic to a network address translation instance.", "C": "Use a dedicated network address translation instance in the public subnet", "D": "Assign a static internet-routable IP address to Amazon VPC customer gateway"}, "text": "what action is required to establish an Amazon VPC VPN connection between an on-premises data center and Amazon VPC virtual private gateway?"}, {"answers": ["D"], "options": {"A": "Amazon simple notification service", "B": "Amazon simple queue service", "C": "Amazon simple workflow service", "D": "Amazon simple storage service"}, "text": "which of the following is a durable key-value store?"}, {"answers": ["A"], "options": {"A": "Destination:0.0.0.0/0 > Target:your internet gateway", "B": "Destination:192.168.1.257/0 > Target:your internet gateway", "C": "Destination:0.0.0.0/33 > Target:your virtual private gateway", "D": "Destination:0.0.0.0/0 > Target:0.0.0.0/24", "E": "Destination:0.0.0.0/32 > Target:your virtual private gateway"}, "text": "which route must be added to your routing table in order to allow connections to the internet from your subnet?"}, {"answers": ["A"], "options": {"A": "You encountered a soft limit of 20 instances per region.submit the limit increase form and retry the failed requests once approved.", "B": "AWS allows you to provision no more than 20 instances per availability zone.select a different availability zone and retry the failed request.", "C": "You need to use Amazon VPC in order to provision more than 20 instances in a single availability zone. simply terminate the resources already provisioned and re-launch them all in a VPC.", "D": "you encountered an API throttling situation and should try the failed request using an exponential decay retry algorithm."}, "text": "After creating a new AWS account, you use the API to request 40 on-demand AWS EC2 instances in a single availability zone. After 20 successful requests, subsequent request failed. what could be a reason for this issue, and how would you resolve it?"}, {"answers": ["D", "E"], "options": {"A": "Modify the auto scaling group termination policy to terminate the oldest instance first.", "B": "Modify the auto scaling to use scheduled scaling actions", "C": "Modify the auto scaling group termination policy to terminate the newest instance first.", "D": "Modify the Amazon CloudWatch alarm period that trigger yours auto scaling scale down policy.", "E": "modify the auto scaling group cool-down timers."}, "text": "In reviewing the auto scaling events for your application you notice that your application is scaling up and down multiple times in the same hour. what design choice could you make to optimize for cost while preserving elasticity? choose 2"}, {"answers": ["B", "E"], "options": {"A": "Use three spot instances rather than three on-demand instances for the task nodes.", "B": "change the input split size in the mapreduce job configuration.", "C": "use a bootstrap action to present the S3 bucket as a local filesystem.", "D": "Launch the core nodes and task nodes within an Amazon virtual cloud.", "E": "adjust the number of simultaneous mapper tasks.", "F": "Enable termination protection for the job flow"}, "text": "A customer's nightly EMR job processes a single 2-TB data file stored on S3. The Amazon EMR job runs on two on-demand core nodes and three on-demand task nodes. which of the following may help reduce the EMR job completion time?choose 2"}, {"answers": ["D", "E"], "options": {"A": "us-west-2a with 2 EC2 instances, us-west-2b with 2 EC2 instance, us-west-2c with 2 EC2 instance", "B": "us-west-2a with 3 EC2 instances, us-west-2b with 3 EC2 instance, us-west-2c with no EC2 instance", "C": "us-west-2a with 4 EC2 instances, us-west-2b with 2 EC2 instance, us-west-2c with 2 EC2 instance", "D": "us-west-2a with 6 EC2 instances, us-west-2b with 6 EC2 instance, us-west-2c with no EC2 instance", "E": "us-west-2a with 3 EC2 instances, us-west-2b with 3 EC2 instance, us-west-2c with 3 EC2 instance"}, "text": "you have an application running in us-west-2 that requires 6 Amazon elastic compute cloud instances running at all times . with 3 availability of zones available in that region(us-west-2a,us-west-2b,us-west-2c) which of the following development provide 100% fault tolerance if any single availability zone in us-west-2 becomes unavailable?choose 2"}, {"answers": ["A"], "options": {"A": "has at least 1 route in its associate routing table that uses an internet gateway(IGW)", "B": "include a route in its associated routing table via a NAT.", "C": "has network Access control list (NACL) permitting outbound traffic to 0.0.0.0/0", "D": "has the public subnet options selected in its configuration"}, "text": "A VPC public subnet is one that:"}, {"answers": ["B"], "options": {"A": "store API credentials as an object in Amazon S3", "B": "use AWS identity and access management roles for EC2 instance", "C": "pass API credentials to the instance using instance user data", "D": "embed the API credential into your jar file"}, "text": "You are deploying a an application on EC2 that must call AWS APIs. what method of securely passing credential to the application should you use?"}, {"answers": ["B"], "options": {"A": "you must know how many customers the company has today, because this critical in understanding what their customer base will be in two years.", "B": "you must find out total number of requests per second at peak usage.", "C": "you must know the size individual objects being written to S3, in order to properly design the key namespace.", "D": "In order to build the key namespace correctly, you must understand the total amount of storage needs for each S3 bucket."}, "text": "A Startup company hired you to help them build a mobile application, that will ultimately store billions of images and videos in Amazon Simple Storage double their current installation base every six months, Due to the nature of their business, they are expecting sudden and large increase in traffic to and from S3,and need to ensure that it can handle the performance need of their applications. What other information must you gather from this customer in order to determine whether S3 is the right option."}, {"answers": ["A"], "options": {"A": "Simple Storage Solution.", "B": "Storage Storage Storage (triple redundancy Storage).", "C": "Storage Server Solution.", "D": "Simple Storage Service."}, "text": "What does Amazon S3 stand for?"}, {"answers": ["D"], "options": {"A": "3", "B": "2", "C": "4", "D": "1"}, "text": "You must assign each server to at least _____ security group"}, {"answers": ["B"], "options": {"A": "Create a copy of the EBS volume (not a snapshot)", "B": "Store a snapshot of the volume", "C": "Download the content to an EC2 instance", "D": "Back up the data in to a physical disk"}, "text": "Before I delete an EBS volume, what can I do if I want to recreate the volume later?"}, {"answers": ["B"], "options": {"A": "Possible for EBS volumes", "B": "Reserved for the root device", "C": "Recommended for EBS volumes", "D": "Recommended for instance store volumes"}, "text": "Select the most correct answer: The device name /dev/sda1 (within Amazon EC2 ) is _____"}, {"answers": ["C"], "options": {"A": "Multiple IP address", "B": "Public IP address", "C": "Private IP address", "D": "Elastic IP Address"}, "text": "All Amazon EC2 instances are assigned two IP addresses at launch. Which one can only be reached from within the Amazon EC2 network?"}, {"answers": ["A"], "options": {"A": "Less redundancy for a lower cost.", "B": "It doesn't exist in Amazon S3, but in Amazon EBS.", "C": "It allows you to destroy any copy of your files outside a specific jurisdiction.", "D": "It doesn't exist at all"}, "text": "What is the Reduced Redundancy option in Amazon S3?"}, {"answers": ["C"], "options": {"A": "Amazon Resource Number", "B": "Amazon Resource Name tag", "C": "Amazon Resource Name", "D": "Amazon Reesource Namespace"}, "text": "Fill in the blanks: Resources that are created in AWS are identified by a unique identifier called an _____."}, {"answers": ["A"], "options": {"A": "Start twenty instances as members of appserver group.", "B": "Creates 20 rules in the security group named appserver", "C": "Terminate twenty instances as members of appserver group.", "D": "Start 20 security groups"}, "text": "What does the command 'ec2-run-instances ami-e3a5408a -n 20 -g appserver' do?"}, {"answers": ["D"], "options": {"A": "secondary", "B": "backup", "C": "stand by", "D": "primary"}, "text": "When you run a DB Instance as a Multi-AZ deployment, the _____ serves database writes and reads"}, {"answers": ["A"], "options": {"A": "Virtual servers in the Cloud.", "B": "A platform to run code (Java, PHP, Python), paying on an hourly basis.", "C": "Computer Clusters in the Cloud.", "D": "Physical servers, remotely managed by the customer."}, "text": "What does Amazon EC2 provide?"}, {"answers": ["D"], "options": {"A": "Design graphical user interface interactions", "B": "Manage user identification and authorization", "C": "Store Web content", "D": "Coordinate synchronous and asynchronous tasks which are distributed and fault tolerant."}, "text": "Amazon SWF is designed to help users do what?"}, {"answers": ["C"], "options": {"A": "No", "B": "Only in VPC", "C": "Yes"}, "text": "Can I control if and when MySQL based RDS Instance is upgraded to new supported versions?"}, {"answers": ["B"], "options": {"A": "No", "B": "Yes"}, "text": "If I modify a DB Instance or the DB parameter group associated with the instance, should I reboot the instance for the changes to take effect?"}, {"answers": ["D"], "options": {"A": "Depends on the instance type", "B": "FALSE", "C": "Depends on whether you use API call", "D": "TRUE"}, "text": "When you view the block device mapping for your instance, you can see only the EBS volumes, not the instance store volumes."}, {"answers": ["A"], "options": {"A": "DeleteOnTermination", "B": "RemoveOnDeletion", "C": "RemoveOnTermination", "D": "TerminateOnDeletion"}, "text": "By default, EBS volumes that are created and attached to an instance at launch are deleted when that instance is terminated. You can modify this behavior by changing the value of the flag _____ to false when you launch the instance."}, {"answers": ["C"], "options": {"A": "Allow all inbound traffic and Allow no outbound traffic", "B": "Allow no inbound traffic and Allow no outbound traffic", "C": "Allow no inbound traffic and Allow all outbound traffic", "D": "Allow all inbound traffic and Allow all outbound traffic"}, "text": "What are the initial settings of an user created security group?"}, {"answers": ["B"], "options": {"A": "Only for Oracle RDS types", "B": "Yes", "C": "Only if configured at launch", "D": "No"}, "text": "Will my standby RDS instance be in the same Region as my primary?"}, {"answers": ["A"], "options": {"A": "TRUE", "B": "FALSE"}, "text": "When using IAM to control access to your RDS resources, the key names that can be used are case sensitive. For example, aws:CurrentTime is NOT equivalent to AWS:currenttime."}, {"answers": ["D"], "options": {"A": "running", "B": "working", "C": "progressing", "D": "pending"}, "text": "What will be the status of the snapshot until the snapshot is complete."}, {"answers": ["A"], "options": {"A": "TRUE", "B": "FALSE"}, "text": "Automated backups are enabled by default for a new DB Instance."}, {"answers": ["A"], "options": {"A": "InnoDB", "B": "MyISAM"}, "text": "Amazon RDS automated backups and DB Snapshots are currently supported for only the ______ storage engine"}, {"answers": ["D"], "options": {"A": "http://254.169.169.254/latest/", "B": "http://169.169.254.254/latest/", "C": "http://127.0.0.1/latest/", "D": "http://169.254.169.254/latest/"}, "text": "Fill in the blanks: The base URI for all requests for instance metadata is _____"}, {"answers": ["C"], "options": {"A": "ec2-deploy-snapshot", "B": "ec2-fresh-snapshot", "C": "ec2-create-snapshot", "D": "ec2-new-snapshot"}, "text": "While creating the snapshots using the the command line tools, which command should I be using?"}, {"answers": ["B"], "options": {"A": "FreeStorage", "B": "FreeStorageSpace", "C": "FreeStorageVolume", "D": "FreeDBStorageSpace"}, "text": "In Amazon CloudWatch, which metric should I be checking to ensure that your DB Instance has enough free storage space?"}, {"answers": ["A"], "options": {"A": "Amazon S3", "B": "Amazon ECS Volume", "C": "Amazon RDS", "D": "Amazon EMR"}, "text": "Amazon RDS DB snapshots and automated backups are stored in"}, {"answers": ["D"], "options": {"A": "512 Unicode characters", "B": "64 Unicode characters", "C": "256 Unicode characters", "D": "128 Unicode characters"}, "text": "What is the maximum key length of a tag?"}, {"answers": ["B"], "options": {"A": "be nested more than 3 levels", "B": "be nested at all", "C": "be nested more than 4 levels", "D": "be nested more than 2 levels"}, "text": "Security Groups can't _____."}, {"answers": ["D"], "options": {"A": "40", "B": "20", "C": "50", "D": "10"}, "text": "You must increase storage size in increments of at least _____ %"}, {"answers": ["C"], "options": {"A": "from the next billing cycle", "B": "after 30 minutes", "C": "immediately", "D": "after 24 hours"}, "text": "Changes to the backup window take effect ______."}, {"answers": ["A"], "options": {"A": "5 minutes", "B": "500 milliseconds.", "C": "30 seconds", "D": "1 minute"}, "text": "Using Amazon CloudWatch's Free Tier, what is the frequency of metric updates which you receive?"}, {"answers": ["B"], "options": {"A": "eu-west-1", "B": "us-east-1", "C": "us-east-2", "D": "ap-southeast-1"}, "text": "Which is the default region in AWS?"}, {"answers": ["B"], "options": {"A": "BYOL and Enterprise License", "B": "BYOL and License Included", "C": "Enterprise License and License Included", "D": "Role based License and License Included"}, "text": "What are the two types of licensing options available for using Amazon RDS for Oracle?"}, {"answers": ["C"], "options": {"A": "A security group in which only tasks inside can communicate with each other", "B": "A special type of worker", "C": "A collection of related Workflows", "D": "The DNS record for the Amazon SWF service"}, "text": "What does a \"Domain\" refer to in Amazon SWF?"}, {"answers": ["A"], "options": {"A": "Asynchronously", "B": "Synchronously", "C": "Weekly"}, "text": "EBS Snapshots occur _____"}, {"answers": ["A"], "options": {"A": "True", "B": "False"}, "text": "Disabling automated backups disables the point-in-time recovery feature."}, {"answers": ["C"], "options": {"A": "Raid 5", "B": "Raid 6", "C": "Raid 1", "D": "Raid 2"}, "text": "Out of the striping options available for the EBS volumes, which one has the following disadvantage : 'Doubles the amount of I/O required from the instance to EBS compared to RAID 0, because you're mirroring all writes to a pair of volumes, limiting how much you can stripe.' ?"}, {"answers": ["C"], "options": {"A": "Restart from beginning", "B": "You can resume them, if you flag the \"resume on failure\" option before uploading.", "C": "Resume on failure", "D": "Depends on the file size"}, "text": "Can Amazon S3 uploads resume on failure or do they need to restart?"}, {"answers": ["B"], "options": {"A": "Security Groups", "B": "IAM System", "C": "SSH keys", "D": "Windows passwords"}, "text": "Which of the following cannot be used in EC2 to control who has access to specific EC2 instances?"}, {"answers": ["C"], "options": {"A": "wildcards", "B": "pointers", "C": "tags", "D": "special filters"}, "text": "Fill in the blanks : _____ let you categorize your EC2 resources in different ways, for example, by purpose, owner, or environment."}, {"answers": ["A"], "options": {"A": "By using the service specific console or API\\CLI commands", "B": "None of these", "C": "Using Amazon EC2 API/CLI", "D": "Using all these methods"}, "text": "How can I change the security group membership for interfaces owned by other AWS, such as Elastic Load Balancing?"}, {"answers": ["C"], "options": {"A": "5,000 us east, 1,000 all other regions", "B": "100,000 us east, 10, 000 all other regions", "C": "Designed to scale without limits, but if you go beyond 40,000 us east/10,000 all other regions you have to contact AWS first.", "D": "There is no limit"}, "text": "What is the maximum write throughput I can provision per table for a single DynamoDB table?"}, {"answers": ["C"], "options": {"A": "Removes one or more security groups from a rule.", "B": "Removes one or more security groups from an Amazon EC2 instance.", "C": "Removes one or more rules from a security group.", "D": "Removes a security group from an account."}, "text": "What does the ec2-revoke command do with respect to the Amazon EC2 security groups?"}, {"answers": ["A"], "options": {"A": "No", "B": "Yes"}, "text": "Can a 'user' be associated with multiple AWS accounts?"}, {"answers": ["B"], "options": {"A": "TRUE", "B": "FALSE"}, "text": "True or False: Manually created DB Snapshots are deleted after the DB Instance is deleted."}, {"answers": ["A"], "options": {"A": "99.99%", "B": "99.95%", "C": "99.995%", "D": "99.999999999%"}, "text": "What is the durability of S3 RRS?"}, {"answers": ["D"], "options": {"A": "Prevents /dev/sdc from creating the instance.", "B": "Prevents /dev/sdc from deleting the instance.", "C": "Set the value of /dev/sdc to 'zero'.", "D": "Prevents /dev/sdc from attaching to the instance."}, "text": "What does specifying the mapping /dev/sdc=none do when launching an EC2 instance?"}, {"answers": ["B"], "options": {"A": "Only for Oracle RDS instances", "B": "No", "C": "Yes", "D": "Only in VPC"}, "text": "Is Federated Storage Engine currently supported by Amazon RDS for MySQL?"}, {"answers": ["C"], "options": {"A": "20", "B": "5", "C": "10", "D": "15"}, "text": "What is the maximum groups an IAM user be a member of?"}, {"answers": ["B"], "options": {"A": "FALSE", "B": "TRUE"}, "text": "True or False: When you perform a restore operation to a point in time or from a DB Snapshot, a new DB Instance is created with a new endpoint."}, {"answers": ["A"], "options": {"A": "Security Group", "B": "ACL", "C": "IAM", "D": "Private IP Addresses"}, "text": "A/An _____ acts as a firewall that controls the traffic allowed to reach one or more instances."}, {"answers": ["D"], "options": {"A": "Only for Oracle RDS types", "B": "Yes", "C": "Only if configured at launch", "D": "No"}, "text": "Will my standby RDS instance be in the same Availability Zone as my primary?"}, {"answers": ["D"], "options": {"A": "Review", "B": "DB Instance Details", "C": "Management Options", "D": "Additional Configuration"}, "text": "While launching an RDS DB instance, on which page I can select the Availability Zone?"}, {"answers": ["B"], "options": {"A": "Groups the user created security groups in to a new group for easy access.", "B": "Creates a new security group for use with your account.", "C": "Creates a new group inside the security group.", "D": "Creates a new rule inside the security group."}, "text": "What does the ec2-create-group command do with respect to the Amazon EC2 security groups?"}, {"answers": ["C"], "options": {"A": "DB Instance Details", "B": "Review", "C": "Management Options", "D": "Engine Selection"}, "text": "In the Launch Db Instance Wizard, where can I select the backup and maintenance options?"}, {"answers": ["B"], "options": {"A": "FALSE", "B": "TRUE"}, "text": "You are charged for the IOPS and storage whether or not you use them in a given month?"}, {"answers": ["D"], "options": {"A": "Read Only Access", "B": "Power User Access", "C": "AWS CloudFormation Read Only Access", "D": "Administrator Access"}, "text": "IAM provides several policy templates you can use to automatically assign permissions to the groups you create. The _____ policy template gives the Admins group permission to access all account resources, except your AWS account information."}, {"answers": ["A"], "options": {"A": "checks may still be in progress on the volume", "B": "check has passed", "C": "check has failed", "D": "there is no such status"}, "text": "While performing volume status checks using volume status checks, if the status is insufficient-data, if the status is 'insufficient-data', what does it mean?"}, {"answers": ["C"], "options": {"A": "EBSConfig Service", "B": "AMIConfig Service", "C": "Ec2Config Service", "D": "Ec2-AMIConfig Service"}, "text": "By default, when an EBS volume is attached to a Windows instance, it may show up as any drive letter on the instance. You can change the settings of the _____ Service to set the drive letters of the EBS volumes per your specifications."}, {"answers": ["A"], "options": {"A": "True", "B": "False"}, "text": "SQL Server stores logins and passwords in the master database."}, {"answers": ["B"], "options": {"A": "Yes", "B": "No", "C": "Depends on if it is in VPC or not"}, "text": "Does Amazon RDS allow direct host access via Telnet, Secure Shell (SSH), or Windows Remote Desktop Connection?"}, {"answers": ["D"], "options": {"A": "MakeSnapShot", "B": "FreshSnapshot", "C": "DeploySnapshot", "D": "CreateSnapshot"}, "text": "While creating an EC2 snapshot using the API, which Action should I be using?"}, {"answers": ["A"], "options": {"A": "I/O operations to the database are suspended for a few minutes while the backup is in progress.", "B": "I/O operations to the database are sent to a Replica (if available) for a few minutes while the backup is in progress.", "C": "I/O operations will be functioning normally", "D": "I/O operations to the database are suspended for an hour while the backup is in progress"}, "text": "What happens to the I/O operations while you take a database snapshot in a single AZ database?"}, {"answers": ["C"], "options": {"A": "OracleISAM", "B": "MSSQLDB", "C": "InnoDB", "D": "MyISAM"}, "text": "Read Replicas require a transactional storage engine and are only supported for the _____ storage engine."}, {"answers": ["D"], "options": {"A": "Yes", "B": "Only with MSSQL based RDS", "C": "Only for Oracle RDS instances", "D": "No"}, "text": "When running my DB Instance as a Multi-AZ deployment, can I use the standby for read or write operations?"}, {"answers": ["B"], "options": {"A": "If you have batch-oriented workloads", "B": "If you use production online transaction processing (OLTP) workloads.", "C": "If you have workloads that are not sensitive to consistent performance", "D": "If you infrequently read or write to the drive."}, "text": "When should I choose Provisioned IOPS over Standard RDS storage?"}, {"answers": ["B"], "options": {"A": "3", "B": "1", "C": "5", "D": "2"}, "text": "In the 'Detailed' monitoring data available for your Amazon EBS volumes, Provisioned IOPS volumes automatically send _____ minute metrics to Amazon CloudWatch."}, {"answers": ["B"], "options": {"A": "USD 0.10 per GB", "B": "No charge. It is free.", "C": "USD 0.02 per GB", "D": "USD 0.01 per GB"}, "text": "What is the minimum charge for the data transferred between Amazon RDS and Amazon EC2 Instances in the same Availability Zone?"}, {"answers": ["A"], "options": {"A": "True", "B": "False"}, "text": "Reserved Instances are available for Multi-AZ Deployments."}, {"answers": ["B"], "options": {"A": "AWS Access Control Service (ACS)", "B": "AWS Identity and Access Management (IAM)", "C": "AWS Identity Manager (AIM)", "D": "AWS Security Groups"}, "text": "Which service enables AWS customers to manage users and permissions in AWS?"}, {"answers": ["C"], "options": {"A": "None of these.", "B": "Amazon Instance Storage", "C": "Amazon EBS", "D": "All of these"}, "text": "Which Amazon Storage behaves like raw, unformatted, external block devices that you can attach to your instances?"}, {"answers": ["A"], "options": {"A": "Amazon VPC", "B": "Amazon ServiceBus", "C": "Amazon EMR", "D": "Amazon RDS"}, "text": "Which Amazon service can I use to define a virtual network that closely resembles a traditional data center?"}, {"answers": ["B"], "options": {"A": "desk.cpl", "B": "mstsc"}, "text": "What is the command line instruction for running the remote desktop client in Windows?"}, {"answers": ["B"], "options": {"A": "MyISAM", "B": "InnoDB"}, "text": "Amazon RDS automated backups and DB Snapshots are currently supported for only the ______ storage engine."}, {"answers": ["A"], "options": {"A": "3306", "B": "443", "C": "80", "D": "1158"}, "text": "MySQL installations default to port _____."}, {"answers": ["B"], "options": {"A": "DNAME", "B": "CNAME", "C": "TXT", "D": "MX"}, "text": "If you have chosen Multi-AZ deployment, in the event of an outage of your primary DB Instance, Amazon RDS automatically switches to the standby replica. The automatic failover mechanism simply changes the ______ record of the main DB Instance to point to the standby DB Instance."}, {"answers": ["A"], "options": {"A": "True", "B": "False"}, "text": "If I modify a DB Instance or the DB parameter group associated with the instance, I should reboot the instance for the changes to take effect?"}, {"answers": ["B"], "options": {"A": "Amazon Instance Storage", "B": "Amazon EBS", "C": "You can't run a database inside an Amazon instance.", "D": "Amazon S3"}, "text": "If I want to run a database in an Amazon instance, which is the most recommended Amazon storage option?"}, {"answers": ["A"], "options": {"A": "user name", "B": "password", "C": "default group"}, "text": "In regards to IAM you can edit user properties later, but you cannot use the console to change the _____."}, {"answers": ["B"], "options": {"A": "FALSE", "B": "TRUE"}, "text": "If you add a tag that has the same key as an existing tag on a DB Instance, the new value overwrites the old value."}, {"answers": ["A"], "options": {"A": "No", "B": "Yes"}, "text": "Making your snapshot public shares all snapshot data with everyone. Can the snapshots with AWS Marketplace product codes be made public?"}, {"answers": ["B"], "options": {"A": "primary public IP", "B": "secondary private IP", "C": "secondary public IP", "D": "add on secondary IP"}, "text": "Fill in the blanks: \"To ensure failover capabilities, consider using a _____ for incoming traffic on a network interface\"."}, {"answers": ["A"], "options": {"A": "The remaining Read Replicas will still replicate from the older master DB Instance", "B": "The remaining Read Replicas will be deleted", "C": "The remaining Read Replicas will be combined to one read replica"}, "text": "If I have multiple Read Replicas for my master DB Instance and I promote one of them, what happens to the rest of the Read Replicas?"}, {"answers": ["B"], "options": {"A": "No", "B": "Yes", "C": "Only in VPC", "D": "Only in certain regions"}, "text": "Can I encrypt connections between my application and my DB Instance using SSL?"}, {"answers": ["A"], "options": {"A": "Basic, Developer, Business, Enterprise", "B": "Basic, Startup, Business, Enterprise", "C": "Free, Bronze, Silver, Gold", "D": "All support is free"}, "text": "What are the four levels of AWS Premium Support?"}, {"answers": ["C"], "options": {"A": "Amazon Cloud Watch", "B": "Status of the Amazon RDS DB", "C": "AWS Service Health Dashboard", "D": "AWS Cloud Monitor"}, "text": "What can I access by visiting the URL: http://status.aws.amazon.com/ ?"}, {"answers": ["C"], "options": {"A": "Images (AMIs, kernels, RAM disks)", "B": "Amazon EBS volumes", "C": "Elastic IP addresses", "D": "VPCs"}, "text": "Please select the Amazon EC2 resource which cannot be tagged."}, {"answers": ["A"], "options": {"A": "SQL Server", "B": "MySQL", "C": "Oracle"}, "text": "Because of the extensibility limitations of striped storage attached to Windows Server, Amazon RDS does not currently support increasing storage on a _____ DB Instance."}, {"answers": ["D"], "options": {"A": "AWS Management Console", "B": "Command line interface (CLI)", "C": "IAM Query API", "D": "All of the above"}, "text": "Through which of the following interfaces is AWS Identity and Access Management available?"}, {"answers": ["C"], "options": {"A": "In Amazon EC2, private IP address is only returned to Amazon EC2 when the instance is stopped or terminated", "B": "In Amazon VPC, an instance retains its private IP address when the instance is stopped.", "C": "In Amazon VPC, an instance does NOT retain its private IP address when the instance is stopped.", "D": "In Amazon EC2, the private IP address is associated exclusively with the instance for its lifetime"}, "text": "Select the incorrect statement."}, {"answers": ["B"], "options": {"A": "Exponentially", "B": "Incrementally", "C": "EBS snapshots are not stored in the Amazon S3", "D": "Decrementally"}, "text": "How are the EBS snapshots saved on Amazon S3?"}, {"answers": ["A"], "options": {"A": "Basic", "B": "Primary", "C": "Detailed", "D": "Local"}, "text": "What is the type of monitoring data (for Amazon EBS volumes) which is available automatically in 5-minute periods at no charge called?"}, {"answers": ["A"], "options": {"A": "TRUE", "B": "FALSE"}, "text": "The new DB Instance that is created when you promote a Read Replica retains the backup window period."}, {"answers": ["B"], "options": {"A": "The topic is created, and it has the name you specified for it.", "B": "An ARN (Amazon Resource Name) is created.", "C": "You can create a topic on Amazon SQS, not on Amazon SNS.", "D": "This question doesn't make sense."}, "text": "What happens when you create a topic on Amazon SNS?"}, {"answers": ["C"], "options": {"A": "Only via API", "B": "Only via Console", "C": "Yes", "D": "No"}, "text": "Can I delete a snapshot of the root device of an EBS volume used by a registered AMI?"}, {"answers": ["B"], "options": {"A": "True", "B": "False"}, "text": "New database versions will automatically be applied to AWS RDS instances as they become available."}, {"answers": ["B"], "options": {"A": "120 seconds", "B": "1 hour", "C": "10 minutes", "D": "12 hours"}, "text": "What is the maximum response time for a Business level Premium Support case?"}, {"answers": ["C"], "options": {"A": "Amazon RDS", "B": "AWS Integrity Management", "C": "AWS Identity and Access Management", "D": "Amazon EMR"}, "text": "The _____ service is targeted at organizations with multiple users or systems that use AWS products such as Amazon EC2, Amazon SimpleDB, and the AWS Management Console."}, {"answers": ["B"], "options": {"A": "FALSE", "B": "TRUE"}, "text": "Without IAM, you cannot control the tasks a particular user or system can do and what AWS resources they might use."}, {"answers": ["B"], "options": {"A": "FALSE", "B": "TRUE"}, "text": "When you use the AWS Management Console to delete an IAM user, IAM also deletes any signing certificates and any access keys belonging to the user."}, {"answers": ["C"], "options": {"A": "FetchFailure", "B": "DescribeFailure", "C": "DescribeEvents", "D": "FetchEvents"}, "text": "When automatic failover occurs, Amazon RDS will emit a DB Instance event to inform you that automatic failover occurred. You can use the _____ to return information about events related to your DB Instance."}, {"answers": ["A"], "options": {"A": "1", "B": "5", "C": "15", "D": "10"}, "text": "What is the default maximum number of MFA devices in use per AWS account (at the root account level)?"}, {"answers": ["A"], "options": {"A": "Yes for all users except root", "B": "Yes unless special permission granted", "C": "Yes for all users", "D": "No"}, "text": "Is there a limit to how many groups a user can be in?"}, {"answers": ["B"], "options": {"A": "Only if instructed to when created", "B": "Yes", "C": "No"}, "text": "Do the Amazon EBS volumes persist independently from the running life of an Amazon EC2 instance?"}] -------------------------------------------------------------------------------- /raw.txt: -------------------------------------------------------------------------------- 1 | 1. How do you secure company critical data on S3 (chose 4 correct answers) 2 | 3 | a. You can use IAM Policies 4 | 5 | b. You can use Bucket policies 6 | 7 | c. You can use Access Control Lists (ACLs) 8 | 9 | d. You can use the Server Side Encryption (SSE) 10 | 11 | e. You can serve it through Cloudfront 12 | 13 | ABCD 14 | 15 | 2. How to secure data on rest in EBS? 16 | 17 | a. EBS automatically encrypts data on it for more security 18 | 19 | b. You can use your own encryption layer on the top 20 | 21 | c. Use S3 instead 22 | 23 | d. Block the EC2 to access data to your EBS 24 | 25 | A 26 | 27 | 3. You have a photo selling website where you have a library of photos on S3. You noticed that there are some websites that are showing the link to your S3 photos. How do you restrict sites like these using your S3 photos link? 28 | 29 | a. Use Cloudfront to serve images 30 | 31 | b. Restrict access to those websites in the bucket policy 32 | 33 | c. Use glacier to store images 34 | 35 | d. Restrict access to those websites in the IAM policy 36 | 37 | e. Remove the public URL link from the object in S3 38 | 39 | A 40 | 41 | 4. In which of the following cases should you use SQS – Simple Queue Service (chose 2 correct answers) 42 | 43 | a. Designing a business application which requires a lot of co-ordination between different tasks 44 | 45 | b. Video encoding application where each video is encoded with a pre-defined number of steps 46 | 47 | c. Receiving thousands of notifications from a process and add them to a queue 48 | 49 | d. Process a queue of messages where each message is a task that needs to be completed 50 | 51 | CD 52 | 53 | 5. How do you ensure that the data has been saved properly in S3? 54 | 55 | a. Every S3 account has a predefined bucket where the logs are stored 56 | 57 | b. When processing a request to store data, the service will redundantly store your object across multiple facilities before returning SUCCESS. 58 | 59 | c. You can see the HTTP success code in the logs 60 | 61 | d. Using a combination of Content-MD5 checksums 62 | 63 | B 64 | 65 | 6. You are running an application on an EC2 and now you want to add another EC2 for your application that requires a high bandwidth connect with the existing EC2. Where should you launch your EC2 in this case? 66 | 67 | a. VPC 68 | 69 | b. Public Subnet 70 | 71 | c. Private Subnet 72 | 73 | d. Placement Group 74 | 75 | e. Availability Zone 76 | 77 | D 78 | 79 | 7. Where should you use SWF – Simple Workflow Service (chose 2 correct answers) 80 | 81 | a. Designing a business application which requires a lot of co-ordination between different tasks 82 | 83 | b. Video encoding application where each video is encoded with a pre-defined number of steps 84 | 85 | c. Receiving thousands of notifications from a process and add them to a queue 86 | 87 | d. Process a queue of messages where each message is a task that needs to be completed 88 | 89 | AB 90 | 91 | 8. What services are required for Auto Scaling (chose 2 correct answers) 92 | 93 | a. SNS 94 | 95 | b. Cloudwatch 96 | 97 | c. SQS 98 | 99 | d. ELB 100 | 101 | BD 102 | 103 | 9. What are the characteristics of Simple DB (chose 4 correct answers) 104 | 105 | a. Automatic geo-redundant replication 106 | 107 | b. It provides a simple web interface to create and store data sets, query and return data 108 | 109 | c. You can store you relational database in Simple DB 110 | 111 | d. Data is automatically indexed 112 | 113 | e. You don’t need to worry about the infrastructure required 114 | 115 | ABDE 116 | 117 | 10. Amazon Glacier is designed for (chose 2 correct answers) 118 | 119 | a. Active database storage. 120 | 121 | b. Infrequently accessed data. 122 | 123 | c. Data archives. 124 | 125 | d. Frequently accessed data. 126 | 127 | e. Cached session data. 128 | 129 | BC 130 | 131 | 132 | 11. An instance is launched into the public subnet of a VPC. Which of the following must be done in order for it to be accessible FROM the Internet? 133 | 134 | a. Attach an Elastic IP to the instance 135 | 136 | b. Nothing. The instance is accessible from the Internet 137 | 138 | c. Launch a NAT instance and route all traffic to it 139 | 140 | d. Make an entry in the route table passing all traffic going outside the VPC to the NAT instance 141 | 142 | A 143 | 144 | 12. In VPCs with private and public subnets, database servers should ideally be launched into: 145 | 146 | a. The public subnet 147 | 148 | b. The private subnet 149 | 150 | c. Either of them 151 | 152 | d. Not recommended, they should ideally be launched outside VPC 153 | 154 | B 155 | 156 | 13. What are the benefits of using Elasticache for your web application (chose 2 correct answers) 157 | 158 | a. It reduces the load on your web servers 159 | 160 | b. It reduces the load on your database 161 | 162 | c. Gives you more availability of cached data when your Multi-AZ RDS is under maintenance 163 | 164 | d. Gives you faster access to your cache data 165 | 166 | AB 167 | 168 | 14. You configured ELB to perform health checks on EC2 instances. If an instance fails to pass health checks, which statement will be true? 169 | 170 | a. The instance is replaced automatically by the ELB. 171 | 172 | b. The instance gets terminated automatically by the ELB. 173 | 174 | c. The ELB stops sending traffic to the instance that failed its health check. 175 | 176 | d. The instance gets quarantined by the ELB for root cause analysis. 177 | 178 | C 179 | 180 | 15. What are the characteristics of Dynamo DB (chose 3 correct answers) 181 | 182 | a. It is used for SQL databases like MsSQL, MySQL, Oracle 183 | 184 | b. Gives you a fast and predictable performance with seamless scalability 185 | 186 | c. It is a managed service provided by AWS 187 | 188 | d. When reading data from Amazon DynamoDB, users can specify whether they want the read to be eventually consistent or strongly consistent 189 | 190 | e. There is a limit of stored data or throughput of data 191 | 192 | BCD 193 | 194 | 195 | 16. You have a business critical application that requires it to be highly available with 6 instances always running. What should you do to achieve this (chose 3 correct answers) 196 | 197 | a. 2 EC2 in 3 regions with ELB on top 198 | 199 | b. 3 EC2 in 2 AZ with ELB on top 200 | 201 | c. Auto Scaling rule for 6 instances always running 202 | 203 | d. Auto scaling rule for 3 instance always running in each zone 204 | 205 | e. Auto Scaling Replace the lost capacity in case of zone failure in the other zone 206 | 207 | f. Auto Scaling Replace the lost capacity in case of region failure in other region 208 | 209 | ABD 210 | 211 | 17. What are the characteristics of Elastic Beanstalk (chose 2 correct answers) 212 | 213 | a. You can use it to replace an instance in the ELB when it fails its health check 214 | 215 | b. Helps you quickly deploy and manage applications in the AWS cloud 216 | 217 | c. It creates a template for your EC2 instance 218 | 219 | d. You don’t need to worry about the infrastructure required to run your applications 220 | 221 | BD 222 | 223 | 18. How do you achieve single sign on with AWS 224 | 225 | a. It is configurable in the IAM policies for the user 226 | 227 | b. By Using Multi-factor authentication 228 | 229 | c. By Using active directory and LDAP integration 230 | 231 | d. By Configuring SAML 2.0 232 | 233 | e. It is currently not possible in AWS 234 | 235 | C 236 | 237 | 19. What is true about VPC (chose 3 correct answers) 238 | 239 | a. You can have one EC2 in more than 1 VPC 240 | 241 | b. There will always be atleast 1 default VPC 242 | 243 | c. A VPC is always across multiple availability zones within a region 244 | 245 | d. You can either have a VPC with public subnet or private subnet 246 | 247 | e. You may use a third party software VPN to create a site to site or remote access VPN connection with your VPC via the Internet Gateway 248 | 249 | BCE 250 | 251 | 20. You are building a system to distribute confidential training videos to employees. Using CloudFront, what method could be used to serve content that is stored in S3, but not publically accessible from S3 directly? 252 | 253 | a. Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI. 254 | 255 | b. Add the CloudFront account security group “Amazon-cf/Amazon-cf-sg” to the appropriate S3 bucket policy. 256 | 257 | c. Create an Identity and Access Management (IAM) User for CloudFront and grant access to the objects in your S3 bucket to that IAM User. 258 | 259 | d. Create a S3 bucket policy that lists the CloudFront distribution ID as the Principal and the target bucket as the Amazon Resource Name (ARN). 260 | 261 | A 262 | 263 | 21. An instance is connected to an ENI (Elastic Network Interface) in one subnet. What happens when you attach an ENI of a different subnet to this instance? 264 | 265 | a. The instance follows the rules of the older subnet 266 | 267 | b. The instance follows the rules of both the subnets 268 | 269 | c. The instance follows the rules of the newer subnet 270 | 271 | d. Not possible cannot be connected to 2 ENIs 272 | 273 | B 274 | 275 | 22. How do you point apex record of your website (example.com) to the public DNS of the Elastic Load Balancer? 276 | 277 | a. A Record 278 | 279 | b. CName record 280 | 281 | c. AAAA record 282 | 283 | d. Alias 284 | 285 | e. NS Record 286 | 287 | D 288 | 289 | 23. Which of the following will occur when an EC2 instance in a VPC (Virtual Private Cloud) with an associated Elastic IP is stopped and started (chose 2 correct answers) 290 | 291 | a. The Elastic IP will be dissociated from the instance 292 | 293 | b. All data on instance-store devices will be lost 294 | 295 | c. All data on EBS (Elastic Block Store) devices will be lost 296 | 297 | d. The ENI (Elastic Network Interface) is detached 298 | 299 | e. The underlying host for the instance may change 300 | 301 | BE 302 | 303 | 24. You are running an ERP application on EC2 for your company that runs 24x7 and the load is predictable and constant throughout the year. Which is the most cost-efficient option for the EC2 purchase model in this case? 304 | 305 | a. On-Demand 306 | 307 | b. Reserved 308 | 309 | c. Dedicated 310 | 311 | d. Spot 312 | 313 | e. EC2 is not the right choice here 314 | 315 | B 316 | 317 | 25. What are the characteristics of EBS (chose 3 correct answers) 318 | 319 | a. You can attach one EBS volume to multiple EC2 instance 320 | 321 | b. Data in EBS is stored across multiple AZ for redundancy 322 | 323 | c. Maximum size of an EBS can be 1 TB 324 | 325 | d. You can have provisioned IOPS with your EBS volumes 326 | 327 | e. EBS behaves like raw unformatted block device 328 | 329 | CDE 330 | 331 | 332 | 26. You notice that you are not able to access your EC2 linux instance using SSH. What should you check first? 333 | 334 | a. Make sure that the patches are up to date on the instance 335 | 336 | b. Make sure the port 22 are open on the subnet for incoming traffic 337 | 338 | c. Make sure the port 22 are open on the subnet for outgoing traffic 339 | 340 | d. Make sure the port 22 are open on the security group for incoming traffic 341 | 342 | e. Make sure the port 22 are open on the security group for outgoing traffic 343 | 344 | D 345 | 346 | 27. What is true about AMI (chose 4 correct answers) 347 | 348 | a. You can share your AMI with other AWS account owners 349 | 350 | b. You can create an instance store-backed AMI 351 | 352 | c. You can create an EBS-backed AMI 353 | 354 | d. For Instance stored-backed AMIs, the root volume is stored in S3 355 | 356 | e. For EBS stored-backed AMIs, the root volume is stored in S3 357 | 358 | ABCD 359 | 360 | 28. What is true about RDS (chose 3 correct answers) 361 | 362 | a. You can create multiple read replica for ready heavy applications 363 | 364 | b. You can have a read replica of a read replica 365 | 366 | c. Daily backups are automatically taken 367 | 368 | d. You can enable Multi-AZ option to have automatic failover in a different region 369 | 370 | e. You can have provisioned IOPS for your RDS database 371 | 372 | ECA 373 | 374 | 29. What are the characteristics of IAM (chose 2 correct answers) 375 | 376 | a. By Default all the services are enabled for a new IAM user 377 | 378 | b. By Default all the services are disabled for a new IAM user 379 | 380 | c. You can create multiple access ID and secret keys for 1 IAM user 381 | 382 | d. Option 4 383 | 384 | e. Option 5 385 | 386 | BC 387 | 388 | 30. What are the characteristics of Subnet (chose 2 correct answers) 389 | 390 | a. network traffic entering and exiting each subnet can be allowed or denied via network Access Control Lists (ACLs) 391 | 392 | b. A subnet can be across multiple availability zones 393 | 394 | c. A subnet can be across multiple regions 395 | 396 | d. Default subnets are assigned a /20 netblocks 397 | 398 | e. Default subnets are assigned a /16 netblocks 399 | 400 | AD 401 | 402 | 403 | 31. You have created 4 weighted resource record sets with weights 1, 2, 3 and 4. The 3rd record set is selected by Route53? 404 | 405 | a. 1/7th of the time 406 | 407 | b. 3/10th of the time 408 | 409 | c. 3/7th of the time 410 | 411 | d. 1/4th of the time 412 | 413 | B 414 | 415 | 32. Which of the following can be used as an origin server in CloudFront?(Choose 3) 416 | 417 | a. A webserver running on EC2 418 | 419 | b. A webserver running in your own datacenter 420 | 421 | c. A RDS instance 422 | 423 | d. An Amazon S3 bucket 424 | 425 | e. A Glacier storage 426 | 427 | ABD 428 | 429 | 33. In cloudFront what happens when content is NOT present at an Edge location and a request is made to it? 430 | 431 | a. Option 1 An Error 404 not found is returned 432 | 433 | b. CloudFront delivers the content directly from the origin server and stores it in the cache of the edge location 434 | 435 | c. The request is kept on hold till content is delivered to the edge location 436 | 437 | d. The request is routed to the next closest edge location 438 | 439 | B 440 | 441 | 34. Which of the following is true with respect to serving private content through CloudFront? (chose 3 correct answers) 442 | 443 | a. Signed URLs can be created to access objects from CloudFront edge locations 444 | 445 | b. Direct access to S3 URLs can be removed therefore allowing access only through CloudFront URLs 446 | 447 | c. Mark the S3 bucket private and allow access to CloudFront by means of Roles 448 | 449 | d. Mark the S3 bucket private and and create an Origin Access Identity to access the objects 450 | 451 | ABD 452 | 453 | 35. You have written a CloudFormation template that creates 1 elastic load balancer fronting 2 EC2 instances. Which section of the template should you edit so that the DNS of the load balancer is returned upon creation of the stack? 454 | 455 | a. Resources 456 | 457 | b. Parameters 458 | 459 | c. Outputs 460 | 461 | d. Mappings 462 | 463 | C 464 | 465 | 466 | 467 | 468 | 36. You are doing a large data analysis which requires high computing power and many instances to be launched simultaneously and then to be retired after the analysis. If the instance is retired during the analysis, the program automatically shifts the analysis to the other instance. Which is the most cost-efficient option for launching the EC2 in this case? 469 | 470 | a. On-Demand 471 | 472 | b. Reserved 473 | 474 | c. Dedicated 475 | 476 | d. Spot 477 | 478 | e. EC2 is not the right choice here 479 | 480 | D 481 | 482 | 37. What is true about penetration testing in AWS (chose 2 correct answers) 483 | 484 | a. You can do the penetration on your individual EC2 instance only 485 | 486 | b. A prior permission is required from AWS for penetration testing 487 | 488 | c. You cannot do the penetration testing at all 489 | 490 | d. You can ask AWS support to do the penetration testing 491 | 492 | e. AWS will automatically conduct penetration testing from time to time 493 | 494 | CD 495 | 496 | 38. What are the benefits of Multi-AZ RDS deployments (chose 2 correct answers) 497 | 498 | a. You get a read-replica 499 | 500 | b. More availability during the maintenance window 501 | 502 | c. Automatic failover in case of one data center failure 503 | 504 | d. More IOPS available for data throughput 505 | 506 | e. You get more privileges to manage your database 507 | 508 | BC 509 | 510 | 39. What kind of data should not be stored in S3 (chose 3 correct answers) 511 | 512 | a. Images and videos 513 | 514 | b. Static files for your websites 515 | 516 | c. Your website database 517 | 518 | d. Notifications from a computer program 519 | 520 | e. Static Files that are accessed once in many years 521 | 522 | CDE 523 | 524 | 40. What are the characteristics of a reserved instance (chose 3 correct answers) 525 | 526 | a. It can be applied across regions 527 | 528 | b. It saves you significant money over on-demand instance 529 | 530 | c. You can shut down the reserved instance any time you want and the hourly charge wont incur for the shutdown hours 531 | 532 | d. If your AMI changes the Reserved instance is still valid if it’s the same instance type 533 | 534 | e. You pay a fixed amount of money irrespective of the number of hours you used the instance for 535 | 536 | CBD 537 | 538 | 539 | 41. What are the characteristics of CloudFormation (chose 2 correct answers) 540 | 541 | a. You can use it to replace an instance in the ELB when it fails its health check 542 | 543 | b. Helps you quickly deploy and manage applications in the AWS cloud 544 | 545 | c. It creates a template for your EC2 instance 546 | 547 | d. You don’t need to worry about the infrastructure required to run your applications 548 | 549 | CD 550 | 551 | 42. To protect S3 data from accidental deletion and overwriting you should: 552 | 553 | a. Disable S3 delete using an IAM bucket policy 554 | 555 | b. Access S3 data only using signed URLs 556 | 557 | c. Enable S3 reduced redundancy storage 558 | 559 | d. Enable S3 versioning on the bucket 560 | 561 | e. Enable MFA protected access 562 | 563 | D 564 | 565 | 43. Which is an operational process performed by AWS for data security? 566 | 567 | a. AES 256 bit encryption of data stored on any shared storage device 568 | 569 | b. Decommissioning of storage device using industry-standard practices 570 | 571 | c. Background virus scans of EBS volumes and EBS snapshots 572 | 573 | d. Replication of data across multiple geographic regions 574 | 575 | e. Secure wiping of EBS volumes when they are un-mounted 576 | 577 | B 578 | 579 | 44. In the basic monitoring package for EC2, Amazon CloudWatch provides the following metrics (chose 2 correct answers) 580 | 581 | a. Hypervisor visible metrics such as CPU utilization 582 | 583 | b. Operating system visible metrics such as memory utilization 584 | 585 | c. Network Utilization (Read-write) 586 | 587 | d. Web server visible metrics such as number failed transaction requests 588 | 589 | e. Database visible metrics such as number of connections 590 | 591 | AC 592 | 593 | 45. How should you launch instance if you need a pre-defined IP? 594 | 595 | a. Launch it in a VPC 596 | 597 | b. Launch it under an ELB 598 | 599 | c. Pre-assign an IP using Cloudformation script 600 | 601 | d. Launch it in a placement group 602 | 603 | C 604 | 605 | 606 | 46. In Which case do you have full authority of the underlying instance (chose 2 correct answers) 607 | 608 | a. EC2 609 | 610 | b. RDS 611 | 612 | c. Dynamo DB 613 | 614 | d. EMR (Elastic Map Reduce) 615 | 616 | e. Simple DB 617 | 618 | AD 619 | 620 | 47. What is true about EBS (chose 3 correct answers) 621 | 622 | a. The snapshots are stored in S3 623 | 624 | b. The snapshots are just stored as another EBS volume 625 | 626 | c. Snapshots are incremental in nature and only 627 | 628 | d. You can share the snapshot with other AWS accounts 629 | 630 | e. Snapshots are automatically encrypted 631 | 632 | ACD 633 | 634 | 48. What is the difference between a security group in VPC and a network ACL in VPC (chose 3 correct answers) 635 | 636 | a. Security group restricts access to a Subnet while ACL restricts traffic to EC2 637 | 638 | b. Security group restricts access to EC2 while ACL restricts traffic to a subnet 639 | 640 | c. Security group can work outside the VPC also while ACL only works within a VPC 641 | 642 | d. Network ACL performs stateless filtering and Security group provides stateful filtering 643 | 644 | e. Security group can only set Allow rule, while ACL can set Deny rule also 645 | 646 | f. Option 5 647 | 648 | BCD 649 | 650 | 49. For an EC2 instance launched in a private subnet in VPC, which of the following are the options for it to be able to connect to the internet (assume security groups have proper ports open) 651 | 652 | a. Simply attach an elastic IP 653 | 654 | b. If there is also a public subnet in the same VPC, an ENI can be attached to the instance with the IP address range of the public subnet 655 | 656 | c. If there is a public subnet in the same VPC with a NAT instance attached to internet gateway, then a route can be configured from the instance to the NAT 657 | 658 | d. There is no way for an instance in private subnet to talk to the internet 659 | 660 | C 661 | 662 | 50. What happens to data when an EC2 instance terminates (chose 3 correct answers) 663 | 664 | a. For EBS backed AMI, the EBS volume with operation system on it is preserved 665 | 666 | b. For EBS backed AMI, any volume attached other than the OS volume is preserved 667 | 668 | c. All the snapshots of the EBS volume with operating system is preserved 669 | 670 | d. For S3 backed AMI, all the data in the local (ephemeral) hard drive is deleted 671 | 672 | e. For Instance store-backed EC2 the data is lost when the instance is rebooted 673 | 674 | BCD 675 | 676 | 677 | 51. Which of the following Auto scaling cannot do (chose 3 correct answers) 678 | 679 | a. Start up EC2 instances when CPU utilization is above threshold 680 | 681 | b. Release EC2 instances when CPU utilization is below threshold 682 | 683 | c. Increase the instance size when utilization is above threshold 684 | 685 | d. Add more Relational Database Service (RDS) read replicas when utilization is above threshold 686 | 687 | e. Reboots an instance if the health check is failed for that instance 688 | 689 | CDE 690 | 691 | 52. What is true for S3 buckets (chose 3 correct answers) 692 | 693 | a. Bucket namespace is shared and is global among all AWS users. 694 | 695 | b. Bucket names can contain alpha numeric characters 696 | 697 | c. Bucket are associated with a region, and all data in a bucket resides in that region 698 | 699 | d. Buckets can be transferred from one account to another through API 700 | 701 | e. You can have unlimited number of buckets in each AWS account 702 | 703 | ABC 704 | 705 | 53. Does S3 provides read-after-write consistency? 706 | 707 | a. Yes, not for all regions 708 | 709 | b. Yes, for all regions 710 | 711 | c. No, it does not provide read-after-write consistency 712 | 713 | d. You can provision this by making the right API calls 714 | 715 | A 716 | 717 | 54. Choose the correct statement (chose 3 correct answers) 718 | 719 | a. You can have unlimited number of objects in S3 bucket 720 | 721 | b. An S3 object can be of unlimited size 722 | 723 | c. Data stored in S3 is encrypted 724 | 725 | d. You can use Reduced Redundancy storage for lower cost option 726 | 727 | e. You can serve your static website from S3 728 | 729 | ADE 730 | 731 | 55. In CloudFront what happens when content is NOT present at an Edge location and a request is made to it? 732 | 733 | a. An Error 404 not found is returned 734 | 735 | b. CloudFront delivers the content directly from the origin server and stores it in the cache of the edge location 736 | 737 | c. The request is kept on hold till content is delivered to the edge location 738 | 739 | d. The request is routed to the next closest edge location 740 | 741 | B 742 | 743 | 744 | 56. Which of the services could spread across Multi-AZ (chose 2 correct answers) 745 | 746 | a. EC2 747 | 748 | b. ELB 749 | 750 | c. RDS 751 | 752 | d. Dynamo DB 753 | 754 | e. EBS 755 | 756 | CB 757 | 758 | 57. How do you mount a new EBS to an EC2 (chose 3 correct answers) 759 | 760 | a. Using AWS management console 761 | 762 | b. Using AWS API tools 763 | 764 | c. Using AWS command line interface 765 | 766 | d. By doing an RDP to the instance 767 | 768 | e. By doing an SSH to the instance 769 | 770 | ACE 771 | 772 | 58. Which of the following will provide the maximum IOPS for your EC2? 773 | 774 | a. Instance based SSD storage 775 | 776 | b. EBS with SSD storage 777 | 778 | c. EBS with provisioned IOPS 779 | 780 | d. Stripe data across Multiple EBS volumes with Raid 5 781 | 782 | e. Stripe data across Multiple EBS volumes with Raid 0 783 | 784 | E 785 | 786 | 59. Chose the right statements about EC2 instance(chose 2 correct answers) 787 | 788 | a. The instance based storage is automatically saved in S3 789 | 790 | b. You can use the instance based storage for your root volume 791 | 792 | c. You can attach multiple Elastic IPs to a single EC2 793 | 794 | d. The public DNS of the EC2 remains intact when you shut down the EC2 and start it again 795 | 796 | e. Data on the instance based storage remains intact when you reboot the instance 797 | 798 | BE 799 | 800 | 60. What is the best way of taking a fast snapshot without losing the consistency? 801 | 802 | a. Stop the EC2, issue a snapshot command, Switch on the EC2 803 | 804 | b. Stop the EC2, issue a snapshot command, wait to complete the snapshot, remount EBS 805 | 806 | c. Just issue the snapshot command 807 | 808 | d. Un-mount EBS, issue snapshot command, remount 809 | 810 | e. Un-mount EBS, Take snapshot, wait to complete the snapshot, remount EBS 811 | 812 | C 813 | 814 | 61. What is the maximum size of a single S3 object? 815 | 816 | a. There is no such limit 817 | 818 | b. 5 TB 819 | 820 | c. 5 GB 821 | 822 | d. 100 GB 823 | 824 | B 825 | 826 | 62. Which of the following benefits does adding Multi-AZ deployment in RDS provide (choose multiple if more than one is true)? 827 | 828 | a. MultiAZ deployed database can tolerate an Availability Zone failure 829 | 830 | b. Decrease latencies if app servers accessing database are in multiple Availability zones 831 | 832 | c. Make database access times faster for all app servers 833 | 834 | d. Make database more available during maintenance tasks 835 | 836 | AD 837 | 838 | 63. When an ELB is setup, what is the best way to route a website’s traffic to it? 839 | 840 | a. Resolve the ELB name to an IP address and point the website to that IP address 841 | 842 | b. There is no direct way to do so, Route53 has to be used 843 | 844 | c. Generate a CNAME record for the website pointing to the DNS name of the ELB 845 | 846 | C 847 | 848 | 64. You want to use Route53 to direct your www sub-domain to an elastic load balancer fronting your web servers. What kind of record set should you create? 849 | 850 | a. A. 851 | 852 | b. AAAA 853 | 854 | c. NS 855 | 856 | d. CNAME 857 | 858 | D 859 | 860 | 65. You have created a Route 53 latency record set from your domain to a machine in Singapore and a similar record to a machine in Oregon. When a user located in India visits your domain he will be routed to: 861 | 862 | a. Singapore 863 | 864 | b. Oregon 865 | 866 | c. Depends on the load on each machine 867 | 868 | d. Both, because 2 requests are made, 1 to each machine 869 | 870 | A 871 | 872 | 66. If I want an instance to have a public IP address, which IP address should I use? 873 | 874 | A Elastic IP Address 875 | 876 | B Class B IP Address 877 | 878 | C Class A IP Address 879 | 880 | D Dynamic IP Address 881 | 882 | A 883 | 884 | 67. What does RRS stand for when talking about S3? 885 | 886 | A Redundancy Removal System 887 | 888 | B Relational Rights Storage 889 | 890 | C Regional Rights Standard 891 | 892 | D Reduced Redundancy Storage 893 | 894 | D 895 | 896 | 68. What does the AWS Storage Gateway provide? 897 | 898 | A It allows to integrate on-premises IT environments with Cloud Storage. 899 | 900 | B A direct encrypted connection to Amazon S3. 901 | 902 | C It's a backup solution that provides an on-premises Cloud storage. 903 | 904 | D It provides an encrypted SSL endpoint for backups in the Cloud. 905 | 906 | A 907 | 908 | 69. How many relational database engines does RDS currently support? 909 | 910 | A. Six: Amazon Aurora, Oracle, Microsoft SQL Server, PostgreSQL, MySQL and MariaDB 911 | B. Just two: MySQL and Oracle. 912 | C. Five: MySQL, PostgreSQL, MongoDB, Cassandra and SQLite. 913 | D. Just one: MySQL. 914 | 915 | A 916 | 917 | 70. What are the two permission types used by AWS? 918 | 919 | A Resource-based and Product-based 920 | 921 | B Product-based and Service-based 922 | 923 | C Service-based 924 | 925 | D User-based and Resource-based 926 | 927 | D 928 | 929 | 71. Which of the following requires a custom CloudWatch metric to monitoring? 930 | 931 | A Disk usage activity of the ephemeral volumes of an Amazon EC2 instance 932 | 933 | B CPU Utilisation of an Amazon Elastic compute cloud(EC2) instance 934 | 935 | C Disk usage activity of an elastic block store volume attached to an Amazon EC2 instance 936 | 937 | D Disk full percentage of an Elastic Block store volume 938 | 939 | d 940 | 941 | 71. Your web application is using Auto Scaling and Elastic load balancing. You want to monitor the application to ensure that it maintains a good quality of service for your customers, defined by the application’s page load time. What metric in Amazon CloudWatch can best be used for this? 942 | 943 | A Latency reported by the elastic load balancer(ELB) 944 | 945 | B Request count reported by ELB 946 | 947 | C Aggregate networking for the web tier 948 | 949 | D Aggregate CPU Utilisation for the web tier 950 | 951 | A 952 | 953 | 72. You run a two-tiered application with the following components: an elastic load balancer (ELB), three web/application servers on EC2, and one MySQL RDS database. With growing loads, the database queries take longer and longer and slow down the overall response time for user requests. What of the following options could speed up performance? (choose 3) 954 | 955 | A Create an RDS read-replica and redirect half of the database read request to it 956 | 957 | B Cache database queries in Amazon elastic cloud 958 | 959 | C Setup RDS in multi-availability zone mode. 960 | 961 | D Shard the database and distribute loads between shards. 962 | 963 | E Use Amazon cloudfront to cache database queries. 964 | 965 | EBD 966 | 967 | 73. As an application has increased in popularity, reports of performance issues have grown. the current configuration initiates scaling actions based on avg CPU utilization; however during reports of slowness, CloudWatch graphs have shown that avg CPU remains steady at 40 percent. this is well below the alarm threshold of 60 percent.Your developers have discovered that, due to the unique design of the application,performance degradation occurs on an instance when it is processing more than 200 threads. What is the best way to ensure that your application scales to match the demands? 968 | 969 | A launch two to six additional instances outside of the autoscaling group to handle the additional load. 970 | 971 | B populate the custom CloudWatch metric for concurrent session and initiate scaling action based on that metric instead of CPU use. 972 | 973 | C Empirically determine the expected CPU use for 200 concurrent sessions and adjust the CloudWatch alarm threshold to be that CPU use. 974 | 975 | D Add a script to each instance to detect the number of concurrent sessions.if the no. of session remains over 200 for five minutes, have the instance increased the desired capacity of the autoscaling group by one. 976 | 977 | C 978 | 979 | 74. Your company built a mobile application that has already been downloaded several thousand times. Which authentication solution would enable mobile clients to access pictures stored on an AWS S3 bucket and provide you with the highest flexibility to rotate credentials? 980 | 981 | A Federated Identity based on AWS security token service (STS) using an AWS IAM policy for the respective S3 bucket 982 | 983 | B IAM user per registered client with an IAM policy granted AWS S3 access to the respective bucket 984 | 985 | C AWS S3 policy with a ... 986 | 987 | A 988 | 989 | 71. EBS can always tolerate an Availability Zone failure? 990 | 991 | a. No, all EBS volume is stored in a single Availability Zone 992 | 993 | b. Yes, EBS volume has multiple copies so it should be fine 994 | 995 | c. Depends on how it is setup 996 | 997 | d. Depends on the Region where EBS volume is initiated 998 | 999 | A 1000 | 1001 | 81. You receive a spot instance at a bit of $0.05/hr. After 30 minutes, the spot price increase to $0.06/hr and your spot instances is terminated by AWS. what was the total EC2 compute cost of running your spot instance. 1002 | 1003 | a. $0.00 1004 | 1005 | b. $0.02 1006 | 1007 | c. $0.03 1008 | 1009 | d. $0.04 1010 | 1011 | e. $0.05 1012 | 1013 | A 1014 | 1015 | 82. You have an Amazon Elastic Cloud Compute (EC2) security group with several running EC2 instances. You change the security group rules to allow inbound traffic on a new port and protocol, and launch several new instance in the same security group. The new rule apply:- 1016 | 1017 | a. Immediately to the new instances only 1018 | 1019 | b. Immediately to the new instances only, but old instance must be stopped and restarted before before the new rule apply. 1020 | 1021 | c. To all instances, but it may take several minutes for old install to see the changes. 1022 | 1023 | d. Immediately to all instances in the security group 1024 | 1025 | D 1026 | 1027 | 83. You are developing a highly available web application using stateless web servers. Which services are suitable for storing session state data (choose 3). 1028 | 1029 | a. Amazon DynamoDB 1030 | 1031 | b. Amazon ElastiCache 1032 | 1033 | c. Elastic Load Balancing 1034 | 1035 | d. AWS storage Gateway 1036 | 1037 | e. Amazon Relational Database service[RDS] 1038 | 1039 | f. Amazon CloudWatch 1040 | 1041 | ABE 1042 | 1043 | 84. What combination of the following options will protect Amazon Simple Storage Services (S3) objects from both accidental deletion and accidental overwriting? (Choose two) 1044 | 1045 | a. Enable S3 versioning on bucket 1046 | 1047 | b. Access S3 data using only signed URL. 1048 | 1049 | c. Disable S3 delete using an IAM bucket policy. 1050 | 1051 | d. Enable S3 Reduced Redundancy storage 1052 | 1053 | e. Enable multi-factor authentication(MFA) protected access. 1054 | 1055 | AE 1056 | 1057 | 85. You have been tasked with creating a VPC network topology for your company. The VPC network must support both internet-facing application and internally-facing application accessed only over VPN. Both internet-facing and internally-facing application must be able to leverage at least three AZs for high availability. At a minimum, how many subnets must you create within your VPC to accommodate these requirement. 1058 | 1059 | a. 2 1060 | 1061 | b. 3 1062 | 1063 | c. 4 1064 | 1065 | d. 6 1066 | 1067 | D 1068 | 1069 | 86. You have an Amazon Virtual Private Cloud with a public subnet. Three EC2 instances currently running inside the subnet can successfully communicate with other hosts on the internet. You launch a fourth instance in the same subnet, using the same Amazon machine image (AMI) and security group configuration, you used for others, but find that this instance cannot be accessed from the internet. What should you do to enable internet access? 1070 | 1071 | a. Deploy a NAT instance into the public subnet. 1072 | 1073 | b. Modify the routing table for the public subnet. 1074 | 1075 | c. Configure a publically routable IP address in the host OS of the fourth instance. 1076 | 1077 | d. Assign an Elastic IP address to the fourth instance. 1078 | 1079 | D 1080 | 1081 | 87. You have a business-critical two-tier web app currently deployed in two availability zones in a single region, using elastic, load balancing and autoscaling. The app depends on synchronous replication(very low latency connectivity) at the data layer. The application need to remain fully available even if one application availability zone goes off-line, and auto scaling cannot launch new instances in the remaining availability zones, How can the current architecture be enhanced to ensure this? 1082 | 1083 | a. Deploy in three availability zone, with auto scaling minimum set to handel 33 percent peak load per zone. 1084 | 1085 | b. Deploy in two region using Weighted Round Robin(WRR), with Auto Scaling minimums set for 50 percent peak load per Region. 1086 | 1087 | c. Deploy in two region using Weighted Round Robin(WRR), with Auto Scaling minimums set for 100 percent peak load per region. 1088 | 1089 | d. Deploy in three availability Zones, with auto scaling minimum set to handle 50 percent peak load per zone. 1090 | 1091 | D 1092 | 1093 | 88. which of the following requires a custom CloudWatch metric to monitor? 1094 | 1095 | A Memory use 1096 | 1097 | B CPU use 1098 | 1099 | C Disk read operations 1100 | 1101 | D Network in 1102 | 1103 | E Estimated charges 1104 | 1105 | A 1106 | 1107 | 89. How can software determine the public and private IP addresses of the AWS EC2 instance that it is running on? 1108 | 1109 | A Query the appropriate AWS CloudWatch metric 1110 | 1111 | B Use an ipconfig or ifconfig command 1112 | 1113 | C query the local instance metadata 1114 | 1115 | D query the local instance userdata 1116 | 1117 | C 1118 | 1119 | 90. Amazon Glacier is designed for (choose 2) 1120 | 1121 | A Infrequently accessed data 1122 | 1123 | B Cached session data 1124 | 1125 | C Active database storage 1126 | 1127 | D Data archive 1128 | 1129 | E Frequently accessed data 1130 | 1131 | AD 1132 | 1133 | 91. what action is required to establish an Amazon VPC VPN connection between an on-premises data center and Amazon VPC virtual private gateway? 1134 | 1135 | A Established a dedicated network connection using AWS direct connect. 1136 | 1137 | B Modify the main route table to allow traffic to a network address translation instance. 1138 | 1139 | C Use a dedicated network address translation instance in the public subnet 1140 | 1141 | D Assign a static internet-routable IP address to Amazon VPC customer gateway 1142 | 1143 | D 1144 | 1145 | 92. which of the following is a durable key-value store? 1146 | 1147 | A Amazon simple notification service 1148 | 1149 | B Amazon simple queue service 1150 | 1151 | C Amazon simple workflow service 1152 | 1153 | D Amazon simple storage service 1154 | 1155 | D 1156 | 1157 | 93. which route must be added to your routing table in order to allow connections to the internet from your subnet? 1158 | 1159 | A Destination:0.0.0.0/0 → Target:your internet gateway 1160 | 1161 | B Destination:192.168.1.257/0 → Target:your internet gateway 1162 | 1163 | C Destination:0.0.0.0/33 → Target:your virtual private gateway 1164 | 1165 | D Destination:0.0.0.0/0 → Target:0.0.0.0/24 1166 | 1167 | E Destination:0.0.0.0/32 → Target:your virtual private gateway 1168 | 1169 | A 1170 | 1171 | 94. After creating a new AWS account, you use the API to request 40 on-demand AWS EC2 instances in a single availability zone. After 20 successful requests, subsequent request failed. what could be a reason for this issue, and how would you resolve it? 1172 | 1173 | A You encountered a soft limit of 20 instances per region.submit the limit increase form and retry the failed requests once approved. 1174 | 1175 | B AWS allows you to provision no more than 20 instances per availability zone.select a different availability zone and retry the failed request. 1176 | 1177 | C You need to use Amazon VPC in order to provision more than 20 instances in a single availability zone. simply terminate the resources already provisioned and re-launch them all in a VPC. 1178 | 1179 | D you encountered an API throttling situation and should try the failed request using an exponential decay retry algorithm. 1180 | 1181 | A 1182 | 1183 | 95. In reviewing the auto scaling events for your application you notice that your application is scaling up and down multiple times in the same hour. what design choice could you make to optimize for cost while preserving elasticity? choose 2 1184 | 1185 | A Modify the auto scaling group termination policy to terminate the oldest instance first. 1186 | 1187 | B Modify the auto scaling to use scheduled scaling actions 1188 | 1189 | C Modify the auto scaling group termination policy to terminate the newest instance first. 1190 | 1191 | D Modify the Amazon CloudWatch alarm period that trigger yours auto scaling scale down policy. 1192 | 1193 | E modify the auto scaling group cool-down timers. 1194 | 1195 | DE 1196 | 1197 | 96. A customer's nightly EMR job processes a single 2-TB data file stored on S3. The Amazon EMR job runs on two on-demand core nodes and three on-demand task nodes. which of the following may help reduce the EMR job completion time?choose 2 1198 | 1199 | A Use three spot instances rather than three on-demand instances for the task nodes. 1200 | 1201 | B change the input split size in the mapreduce job configuration. 1202 | 1203 | C use a bootstrap action to present the S3 bucket as a local filesystem. 1204 | 1205 | D Launch the core nodes and task nodes within an Amazon virtual cloud. 1206 | 1207 | E adjust the number of simultaneous mapper tasks. 1208 | 1209 | F Enable termination protection for the job flow 1210 | 1211 | BE 1212 | 1213 | 97. you have an application running in us-west-2 that requires 6 Amazon elastic compute cloud instances running at all times . with 3 availability of zones available in that region(us-west-2a,us-west-2b,us-west-2c) which of the following development provide 100% fault tolerance if any single availability zone in us-west-2 becomes unavailable?choose 2 1214 | 1215 | A us-west-2a with 2 EC2 instances, us-west-2b with 2 EC2 instance, us-west-2c with 2 EC2 instance 1216 | 1217 | B us-west-2a with 3 EC2 instances, us-west-2b with 3 EC2 instance, us-west-2c with no EC2 instance 1218 | 1219 | C us-west-2a with 4 EC2 instances, us-west-2b with 2 EC2 instance, us-west-2c with 2 EC2 instance 1220 | 1221 | D us-west-2a with 6 EC2 instances, us-west-2b with 6 EC2 instance, us-west-2c with no EC2 instance 1222 | 1223 | E us-west-2a with 3 EC2 instances, us-west-2b with 3 EC2 instance, us-west-2c with 3 EC2 instance 1224 | 1225 | DE 1226 | 1227 | 98. A VPC public subnet is one that: 1228 | 1229 | A. has at least 1 route in its associate routing table that uses an internet gateway(IGW) 1230 | 1231 | B. include a route in its associated routing table via a NAT. 1232 | 1233 | C. has network Access control list (NACL) permitting outbound traffic to 0.0.0.0/0 1234 | 1235 | D. has the public subnet options selected in its configuration 1236 | 1237 | A 1238 | 1239 | 99. You are deploying a an application on EC2 that must call AWS APIs. what method of securely passing credential to the application should you use? 1240 | 1241 | A store API credentials as an object in Amazon S3 1242 | 1243 | B use AWS identity and access management roles for EC2 instance 1244 | 1245 | C pass API credentials to the instance using instance user data 1246 | 1247 | D embed the API credential into your jar file 1248 | 1249 | B 1250 | 1251 | 100. A Startup company hired you to help them build a mobile application, that will ultimately store billions of images and videos in Amazon Simple Storage double their current installation base every six months, Due to the nature of their business, they are expecting sudden and large increase in traffic to and from S3,and need to ensure that it can handle the performance need of their applications. What other information must you gather from this customer in order to determine whether S3 is the right option. 1252 | 1253 | a. you must know how many customers the company has today, because this critical in understanding what their customer base will be in two years. 1254 | 1255 | b. you must find out total number of requests per second at peak usage. 1256 | 1257 | c. you must know the size individual objects being written to S3, in order to properly design the key namespace. 1258 | 1259 | d. In order to build the key namespace correctly, you must understand the total amount of storage needs for each S3 bucket. 1260 | 1261 | B 1262 | 1263 | 101. What does Amazon S3 stand for? 1264 | 1265 | A. Simple Storage Solution. 1266 | 1267 | B. Storage Storage Storage (triple redundancy Storage). 1268 | 1269 | C. Storage Server Solution. 1270 | 1271 | D. Simple Storage Service. 1272 | 1273 | D 1274 | 1275 | 102. You must assign each server to at least _____ security group 1276 | 1277 | A. 3 1278 | 1279 | B. 2 1280 | 1281 | C. 4 1282 | 1283 | D. 1 1284 | 1285 | D 1286 | 1287 | 103. Before I delete an EBS volume, what can I do if I want to recreate the volume later? 1288 | 1289 | A. Create a copy of the EBS volume (not a snapshot) 1290 | 1291 | B. Store a snapshot of the volume 1292 | 1293 | C. Download the content to an EC2 instance 1294 | 1295 | D. Back up the data in to a physical disk 1296 | 1297 | B 1298 | 1299 | 104. Select the most correct answer: The device name /dev/sda1 (within Amazon EC2 ) is _____ 1300 | 1301 | A. Possible for EBS volumes 1302 | 1303 | B. Reserved for the root device 1304 | 1305 | C. Recommended for EBS volumes 1306 | 1307 | D. Recommended for instance store volumes 1308 | 1309 | B 1310 | 1311 | 105. All Amazon EC2 instances are assigned two IP addresses at launch. Which one can only be reached from within the Amazon EC2 network? 1312 | 1313 | A. Multiple IP address 1314 | 1315 | B. Public IP address 1316 | 1317 | C. Private IP address 1318 | 1319 | D. Elastic IP Address 1320 | 1321 | C 1322 | 1323 | 106. What is the Reduced Redundancy option in Amazon S3? 1324 | 1325 | A. Less redundancy for a lower cost. 1326 | 1327 | B. It doesn't exist in Amazon S3, but in Amazon EBS. 1328 | 1329 | C. It allows you to destroy any copy of your files outside a specific jurisdiction. 1330 | 1331 | D. It doesn't exist at all 1332 | 1333 | A 1334 | 1335 | 107. Fill in the blanks: Resources that are created in AWS are identified by a unique identifier called an _____. 1336 | 1337 | A. Amazon Resource Number 1338 | 1339 | B. Amazon Resource Name tag 1340 | 1341 | C. Amazon Resource Name 1342 | 1343 | D. Amazon Reesource Namespace 1344 | 1345 | C 1346 | 1347 | 108. What does the command 'ec2-run-instances ami-e3a5408a -n 20 -g appserver' do? 1348 | 1349 | A. Start twenty instances as members of appserver group. 1350 | 1351 | B. Creates 20 rules in the security group named appserver 1352 | 1353 | C. Terminate twenty instances as members of appserver group. 1354 | 1355 | D. Start 20 security groups 1356 | 1357 | A 1358 | 1359 | 109. When you run a DB Instance as a Multi-AZ deployment, the _____ serves database writes and reads 1360 | 1361 | A. secondary 1362 | B. backup 1363 | C. stand by 1364 | D. primary 1365 | 1366 | D 1367 | 1368 | 110. What does Amazon EC2 provide? 1369 | 1370 | A. Virtual servers in the Cloud. 1371 | B. A platform to run code (Java, PHP, Python), paying on an hourly basis. 1372 | C. Computer Clusters in the Cloud. 1373 | D. Physical servers, remotely managed by the customer. 1374 | 1375 | A 1376 | 1377 | 111. Amazon SWF is designed to help users do what? 1378 | 1379 | A. Design graphical user interface interactions 1380 | B. Manage user identification and authorization 1381 | C. Store Web content 1382 | D. Coordinate synchronous and asynchronous tasks which are distributed and fault tolerant. 1383 | 1384 | D 1385 | 1386 | 112. Can I control if and when MySQL based RDS Instance is upgraded to new supported versions? 1387 | 1388 | A. No 1389 | B. Only in VPC 1390 | C. Yes 1391 | 1392 | C 1393 | 1394 | 113. If I modify a DB Instance or the DB parameter group associated with the instance, should I reboot the instance for the changes to take effect? 1395 | 1396 | A. No 1397 | B. Yes 1398 | 1399 | B 1400 | 1401 | 114. When you view the block device mapping for your instance, you can see only the EBS volumes, not the instance store volumes. 1402 | 1403 | A. Depends on the instance type 1404 | B. FALSE 1405 | C. Depends on whether you use API call 1406 | D. TRUE 1407 | 1408 | D 1409 | 1410 | 115. By default, EBS volumes that are created and attached to an instance at launch are deleted when that instance is terminated. You can modify this behavior by changing the value of the flag _____ to false when you launch the instance. 1411 | 1412 | A. DeleteOnTermination 1413 | B. RemoveOnDeletion 1414 | C. RemoveOnTermination 1415 | D. TerminateOnDeletion 1416 | 1417 | A 1418 | 1419 | 116. What are the initial settings of an user created security group? 1420 | 1421 | A. Allow all inbound traffic and Allow no outbound traffic 1422 | B. Allow no inbound traffic and Allow no outbound traffic 1423 | C. Allow no inbound traffic and Allow all outbound traffic 1424 | D. Allow all inbound traffic and Allow all outbound traffic 1425 | 1426 | C 1427 | 1428 | 117. Will my standby RDS instance be in the same Region as my primary? 1429 | 1430 | A. Only for Oracle RDS types 1431 | B. Yes 1432 | C. Only if configured at launch 1433 | D. No 1434 | 1435 | B 1436 | 1437 | 118. When using IAM to control access to your RDS resources, the key names that can be used are case sensitive. For example, aws:CurrentTime is NOT equivalent to AWS:currenttime. 1438 | 1439 | A. TRUE 1440 | B. FALSE 1441 | 1442 | A 1443 | 1444 | 119. What will be the status of the snapshot until the snapshot is complete. 1445 | 1446 | A. running 1447 | B. working 1448 | C. progressing 1449 | D. pending 1450 | 1451 | D 1452 | 1453 | 120. Automated backups are enabled by default for a new DB Instance. 1454 | 1455 | A. TRUE 1456 | B. FALSE 1457 | 1458 | A 1459 | 1460 | 121. Amazon RDS automated backups and DB Snapshots are currently supported for only the ______ storage engine 1461 | 1462 | A. InnoDB 1463 | B. MyISAM 1464 | 1465 | A 1466 | 1467 | 122. Fill in the blanks: The base URI for all requests for instance metadata is _____ 1468 | 1469 | A. http://254.169.169.254/latest/ 1470 | B. http://169.169.254.254/latest/ 1471 | C. http://127.0.0.1/latest/ 1472 | D. http://169.254.169.254/latest/ 1473 | 1474 | D 1475 | 1476 | 123. While creating the snapshots using the the command line tools, which command should I be using? 1477 | 1478 | A. ec2-deploy-snapshot 1479 | B. ec2-fresh-snapshot 1480 | C. ec2-create-snapshot 1481 | D. ec2-new-snapshot 1482 | 1483 | C 1484 | 1485 | 124. In Amazon CloudWatch, which metric should I be checking to ensure that your DB Instance has enough free storage space? 1486 | 1487 | A. FreeStorage 1488 | B. FreeStorageSpace 1489 | C. FreeStorageVolume 1490 | D. FreeDBStorageSpace 1491 | 1492 | B 1493 | 1494 | 125. Amazon RDS DB snapshots and automated backups are stored in 1495 | 1496 | A. Amazon S3 1497 | B. Amazon ECS Volume 1498 | C. Amazon RDS 1499 | D. Amazon EMR 1500 | 1501 | A 1502 | 1503 | 126. What is the maximum key length of a tag? 1504 | 1505 | A. 512 Unicode characters 1506 | B. 64 Unicode characters 1507 | C. 256 Unicode characters 1508 | D. 128 Unicode characters 1509 | 1510 | D 1511 | 1512 | 127. Security Groups can't _____. 1513 | 1514 | A. be nested more than 3 levels 1515 | B. be nested at all 1516 | C. be nested more than 4 levels 1517 | D. be nested more than 2 levels 1518 | 1519 | B 1520 | 1521 | 128. You must increase storage size in increments of at least _____ % 1522 | 1523 | A. 40 1524 | B. 20 1525 | C. 50 1526 | D. 10 1527 | 1528 | D 1529 | 1530 | 129. Changes to the backup window take effect ______. 1531 | 1532 | A. from the next billing cycle 1533 | B. after 30 minutes 1534 | C. immediately 1535 | D. after 24 hours 1536 | 1537 | C 1538 | 1539 | 130. Using Amazon CloudWatch's Free Tier, what is the frequency of metric updates which you receive? 1540 | 1541 | A. 5 minutes 1542 | B. 500 milliseconds. 1543 | C. 30 seconds 1544 | D. 1 minute 1545 | 1546 | A 1547 | 1548 | 131. Which is the default region in AWS? 1549 | 1550 | A. eu-west-1 1551 | B. us-east-1 1552 | C. us-east-2 1553 | D. ap-southeast-1 1554 | 1555 | B 1556 | 1557 | 132. What are the two types of licensing options available for using Amazon RDS for Oracle? 1558 | 1559 | A. BYOL and Enterprise License 1560 | B. BYOL and License Included 1561 | C. Enterprise License and License Included 1562 | D. Role based License and License Included 1563 | 1564 | B 1565 | 1566 | 133. What does a "Domain" refer to in Amazon SWF? 1567 | 1568 | A. A security group in which only tasks inside can communicate with each other 1569 | B. A special type of worker 1570 | C. A collection of related Workflows 1571 | D. The DNS record for the Amazon SWF service 1572 | 1573 | C 1574 | 1575 | 134. EBS Snapshots occur _____ 1576 | 1577 | A. Asynchronously 1578 | B. Synchronously 1579 | C. Weekly 1580 | 1581 | A 1582 | 1583 | 135. Disabling automated backups disables the point-in-time recovery feature. 1584 | 1585 | A. True 1586 | B. False 1587 | 1588 | A 1589 | 1590 | 136. Out of the striping options available for the EBS volumes, which one has the following disadvantage : 'Doubles the amount of I/O required from the instance to EBS compared to RAID 0, because you're mirroring all writes to a pair of volumes, limiting how much you can stripe.' ? 1591 | 1592 | A. Raid 5 1593 | B. Raid 6 1594 | C. Raid 1 1595 | D. Raid 2 1596 | 1597 | C 1598 | 1599 | 137. Can Amazon S3 uploads resume on failure or do they need to restart? 1600 | 1601 | A. Restart from beginning 1602 | B. You can resume them, if you flag the "resume on failure" option before uploading. 1603 | C. Resume on failure 1604 | D. Depends on the file size 1605 | 1606 | C 1607 | 1608 | 138. Which of the following cannot be used in EC2 to control who has access to specific EC2 instances? 1609 | 1610 | A. Security Groups 1611 | B. IAM System 1612 | C. SSH keys 1613 | D. Windows passwords 1614 | 1615 | B 1616 | 1617 | 139. Fill in the blanks : _____ let you categorize your EC2 resources in different ways, for example, by purpose, owner, or environment. 1618 | 1619 | A. wildcards 1620 | B. pointers 1621 | C. tags 1622 | D. special filters 1623 | 1624 | C 1625 | 1626 | 140. How can I change the security group membership for interfaces owned by other AWS, such as Elastic Load Balancing? 1627 | 1628 | A. By using the service specific console or API\CLI commands 1629 | B. None of these 1630 | C. Using Amazon EC2 API/CLI 1631 | D. Using all these methods 1632 | 1633 | A 1634 | 1635 | 141. What is the maximum write throughput I can provision per table for a single DynamoDB table? 1636 | 1637 | A. 5,000 us east, 1,000 all other regions 1638 | B. 100,000 us east, 10, 000 all other regions 1639 | C. Designed to scale without limits, but if you go beyond 40,000 us east/10,000 all other regions you have to contact AWS first. 1640 | D. There is no limit 1641 | 1642 | C 1643 | 1644 | 142. What does the ec2-revoke command do with respect to the Amazon EC2 security groups? 1645 | 1646 | A. Removes one or more security groups from a rule. 1647 | B. Removes one or more security groups from an Amazon EC2 instance. 1648 | C. Removes one or more rules from a security group. 1649 | D. Removes a security group from an account. 1650 | 1651 | C 1652 | 1653 | 143. Can a 'user' be associated with multiple AWS accounts? 1654 | 1655 | A. No 1656 | B. Yes 1657 | 1658 | A 1659 | 1660 | 144. True or False: Manually created DB Snapshots are deleted after the DB Instance is deleted. 1661 | 1662 | A. TRUE 1663 | B. FALSE 1664 | 1665 | B 1666 | 1667 | 145. What is the durability of S3 RRS? 1668 | 1669 | A. 99.99% 1670 | B. 99.95% 1671 | C. 99.995% 1672 | D. 99.999999999% 1673 | 1674 | A 1675 | 1676 | 146. What does specifying the mapping /dev/sdc=none do when launching an EC2 instance? 1677 | 1678 | A. Prevents /dev/sdc from creating the instance. 1679 | B. Prevents /dev/sdc from deleting the instance. 1680 | C. Set the value of /dev/sdc to 'zero'. 1681 | D. Prevents /dev/sdc from attaching to the instance. 1682 | 1683 | D 1684 | 1685 | 147. Is Federated Storage Engine currently supported by Amazon RDS for MySQL? 1686 | 1687 | A. Only for Oracle RDS instances 1688 | B. No 1689 | C. Yes 1690 | D. Only in VPC 1691 | 1692 | B 1693 | 1694 | 148. What is the maximum groups an IAM user be a member of? 1695 | 1696 | A. 20 1697 | B. 5 1698 | C. 10 1699 | D. 15 1700 | 1701 | C 1702 | 1703 | 149. True or False: When you perform a restore operation to a point in time or from a DB Snapshot, a new DB Instance is created with a new endpoint. 1704 | 1705 | A. FALSE 1706 | B. TRUE 1707 | 1708 | B 1709 | 1710 | 150. A/An _____ acts as a firewall that controls the traffic allowed to reach one or more instances. 1711 | 1712 | A. Security Group 1713 | B. ACL 1714 | C. IAM 1715 | D. Private IP Addresses 1716 | 1717 | A 1718 | 1719 | 151. Will my standby RDS instance be in the same Availability Zone as my primary? 1720 | 1721 | A. Only for Oracle RDS types 1722 | B. Yes 1723 | C. Only if configured at launch 1724 | D. No 1725 | 1726 | D 1727 | 1728 | 152. While launching an RDS DB instance, on which page I can select the Availability Zone? 1729 | 1730 | A. Review 1731 | B. DB Instance Details 1732 | C. Management Options 1733 | D. Additional Configuration 1734 | 1735 | D 1736 | 1737 | 153. What does the ec2-create-group command do with respect to the Amazon EC2 security groups? 1738 | 1739 | A. Groups the user created security groups in to a new group for easy access. 1740 | B. Creates a new security group for use with your account. 1741 | C. Creates a new group inside the security group. 1742 | D. Creates a new rule inside the security group. 1743 | 1744 | B 1745 | 1746 | 154. In the Launch Db Instance Wizard, where can I select the backup and maintenance options? 1747 | 1748 | A. DB Instance Details 1749 | B. Review 1750 | C. Management Options 1751 | D. Engine Selection 1752 | 1753 | C 1754 | 1755 | 155. You are charged for the IOPS and storage whether or not you use them in a given month? 1756 | 1757 | A. FALSE 1758 | B. TRUE 1759 | 1760 | B 1761 | 1762 | 156. IAM provides several policy templates you can use to automatically assign permissions to the groups you create. The _____ policy template gives the Admins group permission to access all account resources, except your AWS account information. 1763 | 1764 | A. Read Only Access 1765 | B. Power User Access 1766 | C. AWS CloudFormation Read Only Access 1767 | D. Administrator Access 1768 | 1769 | D 1770 | 1771 | 157. While performing volume status checks using volume status checks, if the status is insufficient-data, if the status is 'insufficient-data', what does it mean? 1772 | 1773 | A. checks may still be in progress on the volume 1774 | B. check has passed 1775 | C. check has failed 1776 | D. there is no such status 1777 | 1778 | A 1779 | 1780 | 158. By default, when an EBS volume is attached to a Windows instance, it may show up as any drive letter on the instance. You can change the settings of the _____ Service to set the drive letters of the EBS volumes per your specifications. 1781 | 1782 | A. EBSConfig Service 1783 | B. AMIConfig Service 1784 | C. Ec2Config Service 1785 | D. Ec2-AMIConfig Service 1786 | 1787 | C 1788 | 1789 | 159. SQL Server stores logins and passwords in the master database. 1790 | 1791 | A. True 1792 | B. False 1793 | 1794 | A 1795 | 1796 | 160. Does Amazon RDS allow direct host access via Telnet, Secure Shell (SSH), or Windows Remote Desktop Connection? 1797 | 1798 | A. Yes 1799 | B. No 1800 | C. Depends on if it is in VPC or not 1801 | 1802 | B 1803 | 1804 | 161. While creating an EC2 snapshot using the API, which Action should I be using? 1805 | 1806 | A. MakeSnapShot 1807 | B. FreshSnapshot 1808 | C. DeploySnapshot 1809 | D. CreateSnapshot 1810 | 1811 | D 1812 | 1813 | 162. What happens to the I/O operations while you take a database snapshot in a single AZ database? 1814 | 1815 | A. I/O operations to the database are suspended for a few minutes while the backup is in progress. 1816 | B. I/O operations to the database are sent to a Replica (if available) for a few minutes while the backup is in progress. 1817 | C. I/O operations will be functioning normally 1818 | D. I/O operations to the database are suspended for an hour while the backup is in progress 1819 | 1820 | A 1821 | 1822 | 163. Read Replicas require a transactional storage engine and are only supported for the _____ storage engine. 1823 | 1824 | A. OracleISAM 1825 | B. MSSQLDB 1826 | C. InnoDB 1827 | D. MyISAM 1828 | 1829 | C 1830 | 1831 | 164. When running my DB Instance as a Multi-AZ deployment, can I use the standby for read or write operations? 1832 | 1833 | A. Yes 1834 | B. Only with MSSQL based RDS 1835 | C. Only for Oracle RDS instances 1836 | D. No 1837 | 1838 | D 1839 | 1840 | 165. When should I choose Provisioned IOPS over Standard RDS storage? 1841 | 1842 | A. If you have batch-oriented workloads 1843 | B. If you use production online transaction processing (OLTP) workloads. 1844 | C. If you have workloads that are not sensitive to consistent performance 1845 | D. If you infrequently read or write to the drive. 1846 | 1847 | B 1848 | 1849 | 166. In the 'Detailed' monitoring data available for your Amazon EBS volumes, Provisioned IOPS volumes automatically send _____ minute metrics to Amazon CloudWatch. 1850 | A. 3 1851 | B. 1 1852 | C. 5 1853 | D. 2 1854 | 1855 | B 1856 | 1857 | 167. What is the minimum charge for the data transferred between Amazon RDS and Amazon EC2 Instances in the same Availability Zone? 1858 | 1859 | A. USD 0.10 per GB 1860 | B. No charge. It is free. 1861 | C. USD 0.02 per GB 1862 | D. USD 0.01 per GB 1863 | 1864 | B 1865 | 1866 | 168. Reserved Instances are available for Multi-AZ Deployments. 1867 | 1868 | A. True 1869 | B. False 1870 | 1871 | A 1872 | 1873 | 169. Which service enables AWS customers to manage users and permissions in AWS? 1874 | 1875 | A. AWS Access Control Service (ACS) 1876 | B. AWS Identity and Access Management (IAM) 1877 | C. AWS Identity Manager (AIM) 1878 | D. AWS Security Groups 1879 | 1880 | B 1881 | 1882 | 170. Which Amazon Storage behaves like raw, unformatted, external block devices that you can attach to your instances? 1883 | 1884 | A. None of these. 1885 | B. Amazon Instance Storage 1886 | C. Amazon EBS 1887 | D. All of these 1888 | 1889 | C 1890 | 1891 | 171. Which Amazon service can I use to define a virtual network that closely resembles a traditional data center? 1892 | 1893 | A. Amazon VPC 1894 | B. Amazon ServiceBus 1895 | C. Amazon EMR 1896 | D. Amazon RDS 1897 | 1898 | A 1899 | 1900 | 172. What is the command line instruction for running the remote desktop client in Windows? 1901 | 1902 | A. desk.cpl 1903 | B. mstsc 1904 | 1905 | B 1906 | 1907 | 173. Amazon RDS automated backups and DB Snapshots are currently supported for only the ______ storage engine. 1908 | 1909 | A. MyISAM 1910 | B. InnoDB 1911 | 1912 | B 1913 | 1914 | 174. MySQL installations default to port _____. 1915 | 1916 | A. 3306 1917 | B. 443 1918 | C. 80 1919 | D. 1158 1920 | 1921 | A 1922 | 1923 | 175. If you have chosen Multi-AZ deployment, in the event of an outage of your primary DB Instance, Amazon RDS automatically switches to the standby replica. The automatic failover mechanism simply changes the ______ record of the main DB Instance to point to the standby DB Instance. 1924 | 1925 | A. DNAME 1926 | B. CNAME 1927 | C. TXT 1928 | D. MX 1929 | 1930 | B 1931 | 1932 | 176. If I modify a DB Instance or the DB parameter group associated with the instance, I should reboot the instance for the changes to take effect? 1933 | 1934 | A. True 1935 | B. False 1936 | 1937 | A 1938 | 1939 | 177. If I want to run a database in an Amazon instance, which is the most recommended Amazon storage option? 1940 | 1941 | A. Amazon Instance Storage 1942 | B. Amazon EBS 1943 | C. You can't run a database inside an Amazon instance. 1944 | D. Amazon S3 1945 | 1946 | B 1947 | 1948 | 178. In regards to IAM you can edit user properties later, but you cannot use the console to change the _____. 1949 | 1950 | A. user name 1951 | B. password 1952 | C. default group 1953 | 1954 | A 1955 | 1956 | 179. If you add a tag that has the same key as an existing tag on a DB Instance, the new value overwrites the old value. 1957 | 1958 | A. FALSE 1959 | B. TRUE 1960 | 1961 | B 1962 | 1963 | 180. Making your snapshot public shares all snapshot data with everyone. Can the snapshots with AWS Marketplace product codes be made public? 1964 | 1965 | A. No 1966 | B. Yes 1967 | 1968 | A 1969 | 1970 | 181. Fill in the blanks: "To ensure failover capabilities, consider using a _____ for incoming traffic on a network interface". 1971 | 1972 | A. primary public IP 1973 | B. secondary private IP 1974 | C. secondary public IP 1975 | D. add on secondary IP 1976 | 1977 | B 1978 | 1979 | 182. If I have multiple Read Replicas for my master DB Instance and I promote one of them, what happens to the rest of the Read Replicas? 1980 | 1981 | A. The remaining Read Replicas will still replicate from the older master DB Instance 1982 | B. The remaining Read Replicas will be deleted 1983 | C. The remaining Read Replicas will be combined to one read replica 1984 | 1985 | A 1986 | 1987 | 183. Can I encrypt connections between my application and my DB Instance using SSL? 1988 | 1989 | A. No 1990 | B. Yes 1991 | C. Only in VPC 1992 | D. Only in certain regions 1993 | 1994 | B 1995 | 1996 | 184. What are the four levels of AWS Premium Support? 1997 | 1998 | A. Basic, Developer, Business, Enterprise 1999 | B. Basic, Startup, Business, Enterprise 2000 | C. Free, Bronze, Silver, Gold 2001 | D. All support is free 2002 | 2003 | A 2004 | 2005 | 185. What can I access by visiting the URL: http://status.aws.amazon.com/ ? 2006 | 2007 | A. Amazon Cloud Watch 2008 | B. Status of the Amazon RDS DB 2009 | C. AWS Service Health Dashboard 2010 | D. AWS Cloud Monitor 2011 | 2012 | C 2013 | 2014 | 186. Please select the Amazon EC2 resource which cannot be tagged. 2015 | 2016 | A. Images (AMIs, kernels, RAM disks) 2017 | B. Amazon EBS volumes 2018 | C. Elastic IP addresses 2019 | D. VPCs 2020 | 2021 | C 2022 | 2023 | 187. Because of the extensibility limitations of striped storage attached to Windows Server, Amazon RDS does not currently support increasing storage on a _____ DB Instance. 2024 | 2025 | A. SQL Server 2026 | B. MySQL 2027 | C. Oracle 2028 | 2029 | A 2030 | 2031 | 188. Through which of the following interfaces is AWS Identity and Access Management available? 2032 | 2033 | A. AWS Management Console 2034 | B. Command line interface (CLI) 2035 | C. IAM Query API 2036 | D. All of the above 2037 | 2038 | D 2039 | 2040 | 189. Select the incorrect statement. 2041 | 2042 | A. In Amazon EC2, private IP address is only returned to Amazon EC2 when the instance is stopped or terminated 2043 | B. In Amazon VPC, an instance retains its private IP address when the instance is stopped. 2044 | C. In Amazon VPC, an instance does NOT retain its private IP address when the instance is stopped. 2045 | D. In Amazon EC2, the private IP address is associated exclusively with the instance for its lifetime 2046 | 2047 | C 2048 | 2049 | 190. How are the EBS snapshots saved on Amazon S3? 2050 | 2051 | A. Exponentially 2052 | B. Incrementally 2053 | C. EBS snapshots are not stored in the Amazon S3 2054 | D. Decrementally 2055 | 2056 | B 2057 | 2058 | 191. What is the type of monitoring data (for Amazon EBS volumes) which is available automatically in 5-minute periods at no charge called? 2059 | 2060 | A. Basic 2061 | B. Primary 2062 | C. Detailed 2063 | D. Local 2064 | 2065 | A 2066 | 2067 | 192. The new DB Instance that is created when you promote a Read Replica retains the backup window period. 2068 | 2069 | A. TRUE 2070 | B. FALSE 2071 | 2072 | A 2073 | 2074 | 193. What happens when you create a topic on Amazon SNS? 2075 | 2076 | A. The topic is created, and it has the name you specified for it. 2077 | B. An ARN (Amazon Resource Name) is created. 2078 | C. You can create a topic on Amazon SQS, not on Amazon SNS. 2079 | D. This question doesn't make sense. 2080 | 2081 | B 2082 | 2083 | 194. Can I delete a snapshot of the root device of an EBS volume used by a registered AMI? 2084 | 2085 | A. Only via API 2086 | B. Only via Console 2087 | C. Yes 2088 | D. No 2089 | 2090 | C 2091 | 2092 | 195. New database versions will automatically be applied to AWS RDS instances as they become available. 2093 | 2094 | A. True 2095 | B. False 2096 | 2097 | B 2098 | 2099 | 196. What is the maximum response time for a Business level Premium Support case? 2100 | 2101 | A. 120 seconds 2102 | B. 1 hour 2103 | C. 10 minutes 2104 | D. 12 hours 2105 | 2106 | B 2107 | 2108 | 197. The _____ service is targeted at organizations with multiple users or systems that use AWS products such as Amazon EC2, Amazon SimpleDB, and the AWS Management Console. 2109 | 2110 | A. Amazon RDS 2111 | B. AWS Integrity Management 2112 | C. AWS Identity and Access Management 2113 | D. Amazon EMR 2114 | 2115 | C 2116 | 2117 | 198. Without IAM, you cannot control the tasks a particular user or system can do and what AWS resources they might use. 2118 | 2119 | A. FALSE 2120 | B. TRUE 2121 | 2122 | B 2123 | 2124 | 199. When you use the AWS Management Console to delete an IAM user, IAM also deletes any signing certificates and any access keys belonging to the user. 2125 | 2126 | A. FALSE 2127 | B. TRUE 2128 | 2129 | B 2130 | 2131 | 200. When automatic failover occurs, Amazon RDS will emit a DB Instance event to inform you that automatic failover occurred. You can use the _____ to return information about events related to your DB Instance. 2132 | 2133 | A. FetchFailure 2134 | B. DescribeFailure 2135 | C. DescribeEvents 2136 | D. FetchEvents 2137 | 2138 | C 2139 | 2140 | 201. What is the default maximum number of MFA devices in use per AWS account (at the root account level)? 2141 | 2142 | A. 1 2143 | B. 5 2144 | C. 15 2145 | D. 10 2146 | 2147 | A 2148 | 2149 | 202. Is there a limit to how many groups a user can be in? 2150 | 2151 | A. Yes for all users except root 2152 | B. Yes unless special permission granted 2153 | C. Yes for all users 2154 | D. No 2155 | 2156 | A 2157 | 2158 | 203. Do the Amazon EBS volumes persist independently from the running life of an Amazon EC2 instance? 2159 | 2160 | A. Only if instructed to when created 2161 | B. Yes 2162 | C. No 2163 | 2164 | B 2165 | --------------------------------------------------------------------------------