AWS Weird Ones

114 Questions | By Catherine Halcomb | Updated: Feb 24, 2020 | Attempts: 602

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

This example quiz shows that you may upload a certificate with your own branding, logo, signature, design and even custom text.

Questions and Answers

1.

An application stack includes an Elastic Load Balancer in a public subnet, a fleet of Amazon EC2 instances in an Auto Scaling group, and an Amazon RDS MySQL cluster. Users connect to the application from the Internet. The application servers and database must be secure. How should a Solutions Architect perform this task?
- A.
  
  Create a private subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
- B.
  
  Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
- C.
  
  Create a public subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
- D.
  
  Create a public subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
Correct Answer
B. Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
2.

A legacy application needs to interact with local storage using iSCSI. A team needs to design a reliable storage solution to provision all new storage on AWS. Which storage solution meets the legacy application requirements?
- A.
  
  AWS Snowball storage for the legacy application until the application can be re-architected.
- B.
  
  AWS Storage Gateway in cached mode for the legacy application storage to write data to Amazon S3.
- C.
  
  AWS Storage Gateway in stored mode for the legacy application storage to write data to Amazon S3.
- D.
  
  An Amazon S3 volume mounted on the legacy application server locally using the File Gateway service
Correct Answer
B. AWS Storage Gateway in cached mode for the legacy application storage to write data to Amazon S3.
3.

A company is launching an application that it expects to be very popular. The company needs a database that can scale with the rest of the application. The schema will change frequently. The application cannot afford any downtime for database changes. Which AWS service allows the company to achieve these objectives?
- A.
  
  Amazon Redshift
- B.
  
  Amazon DynamoDB
- C.
  
  Amazon RDS MySQL
- D.
  
  Amazon Aurora
Correct Answer
B. Amazon DynamoDB
4.

A customer has written an application that uses Amazon S3 exclusively as a data store. The application works well until the customer increases the rate at which the application is updating information. The customer now reports that outdated data occasionally appears when the application accesses objects in Amazon S3. What could be the problem, given that the application logic is otherwise correct?
- A.
  
  The application is reading parts of objects from Amazon S3 using a range header.
- B.
  
  The application is reading objects from Amazon S3 using parallel object requests.
- C.
  
  The application is updating records by writing new objects with unique keys.
- D.
  
  The application is updating records by overwriting existing objects with the same keys.
Correct Answer
D. The application is updating records by overwriting existing objects with the same keys.
5.

A Lambda function must execute a query against an Amazon RDS database in a private subnet. Which steps are required to allow the Lambda function to access the Amazon RDS database? (Select two.)
- A.
  
  Create a VPC Endpoint for Amazon RDS.
- B.
  
  Create the Lambda function within the Amazon RDS VPC.
- C.
  
  Change the ingress rules of Lambda security group, allowing the Amazon RDS security group.
- D.
  
  Change the ingress rules of the Amazon RDS security group, allowing the Lambda security group.
- E.
  
  Add an Internet Gateway (IGW) to the VPC, route the private subnet to the IGW.
Correct Answer(s)
B. Create the Lambda function within the Amazon RDS VPC.
D. Change the ingress rules of the Amazon RDS security group, allowing the Lambda security group.
6.

A Solutions Architect needs to build a resilient data warehouse using Amazon Redshift. The Architect needs to rebuild the Redshift cluster in another region. Which approach can the Architect take to address this requirement?
- A.
  
  Modify the Redshift cluster and configure cross-region snapshots to the other region.
- B.
  
  Modify the Redshift cluster to take snapshots of the Amazon EBS volumes each day, sharing those snapshots with the other region.
- C.
  
  Modify the Redshift cluster and configure the backup and specify the Amazon S3 bucket in the other region.
- D.
  
  Modify the Redshift cluster to use AWS Snowball in export mode with data delivered to the other region.
Correct Answer
A. Modify the Redshift cluster and configure cross-region snapshots to the other region.
7.

A popular e-commerce application runs on AWS. The application encounters performance issues. The database is unable to handle the amount of queries and load during peak times. The database is running on the RDS Aurora engine on the largest instance size available. What should an administrator do to improve performance?
- A.
  
  Convert the database to Amazon Redshift.
- B.
  
  Create a CloudFront distribution.
- C.
  
  Convert the database to use EBS Provisioned IOPS.
- D.
  
  Create one or more read replicas.
Correct Answer
D. Create one or more read replicas.
8.

A Solutions Architect is designing the architecture for a new three-tier web-based e-commerce site that must be available 24/7. Requests are expected to range from 100 to 10,000 each minute. Usage can vary depending on time of day, holidays, and promotions. The design should be able to handle these volumes, with the ability to handle higher volumes if necessary. How should the Architect design the architecture to ensure the web tier is cost-optimized and can handle the expected traffic? (Select two.)
- A.
  
  Launch Amazon EC2 instances in an Auto Scaling group behind an ELB.
- B.
  
  Store all static files in a multi-AZ Amazon Aurora database.
- C.
  
  Create an CloudFront distribution pointing to static content in Amazon S3.
- D.
  
  Use Amazon Route 53 to route traffic to the correct region.
- E.
  
  Use Amazon S3 multi-part uploads to improve upload times.
Correct Answer(s)
A. Launch Amazon EC2 instances in an Auto Scaling group behind an ELB.
C. Create an CloudFront distribution pointing to static content in Amazon S3.
9.

A Solution Architect is designing a three-tier web application. The Architect wants to restrict access to the database tier to accept traffic from the application servers only. However, these application servers are in an Auto Scaling group and may vary in quantity. How should the Architect configure the database servers to meet the requirements?
- A.
  
  Configure the database security group to allow database traffic from the application server IP addresses.
- B.
  
  Configure the database security group to allow database traffic from the application server security group.
- C.
  
  Configure the database subnet network ACL to deny all inbound non-database traffic from the application-tier subnet.
- D.
  
  Configure the database subnet network ACL to allow inbound database traffic from the application-tier subnet.
Correct Answer
B. Configure the database security group to allow database traffic from the application server security group.
10.

A call center application consists of a three-tier application using Auto Scaling groups to automatically scale resources as needed. Users report that every morning at 9:00 AM the system becomes very slow for about 15 minutes. A Solution Architect determines that a large percentage of the call center staff starts work at 9:00 AM, so Auto Scaling does not have enough time to scale out to meet demand. How can the Architect fix the problem?
- A.
  
  Change the Auto Scaling groups scale out event to scale based on network utilization.
- B.
  
  Create an Auto Scaling scheduled action to scale out the necessary resources at 8:30 AM every morning.
- C.
  
  Use Reserved Instances to ensure the system has reserved the right amount of capacity for the scale-up events.
- D.
  
  Permanently keep a steady state of instances that is needed at 9:00 AM to guarantee available resources, but leverage Spot Instances.
Correct Answer
B. Create an Auto Scaling scheduled action to scale out the necessary resources at 8:30 AM every morning.
11.

An e-commerce application is hosted in AWS. The last time a new product was launched, the application experienced a performance issue due to an enormous spike in traffic. Management decided that capacity must be doubled the week after the product is launched. Which is the MOST efficient way for management to ensure that capacity requirements are met?
- A.
  
  Add a Step Scaling policy.
- B.
  
  Add a Dynamic Scaling policy.
- C.
  
  Add a Scheduled Scaling action.
- D.
  
  Add Amazon EC2 Spot Instances.
Correct Answer
C. Add a Scheduled Scaling action.
12.

A customer owns a simple API for their website that receives about 1,000 requests each day and has an average response time of 50 ms. It is currently hosted on one c4.large instance. Which changes to the architecture will provide high availability at the LOWEST cost?
- A.
  
  Create an Auto Scaling group with a minimum of one instance and a maximum of two instances, then use an Application Load Balancer to balance the traffic.
- B.
  
  Recreate the API using Amazon API Gateway and use AWS Lambda as the service backend.
- C.
  
  Create an Auto Scaling group with a maximum of two instances, then use an Application Load Balancer to balance the traffic.
- D.
  
  Recreate the API using Amazon API Gateway and integrate the new API with the existing backend service.
Correct Answer
B. Recreate the API using Amazon API Gateway and use AWS Lambda as the service backend.
13.

A company is using an Amazon S3 bucket located in us-west-2 to serve videos to their customers. Their customers are located all around the world and the videos are requested a lot during peak hours. Customers in Europe complain about experiencing slow downloaded speeds, and during peak hours, customers in all locations report experiencing HTTP 500 errors. What can a Solutions Architect do to address these issues?
- A.
  
  Place an elastic load balancer in front of the Amazon S3 bucket to distribute the load during peak hours.
- B.
  
  Cache the web content with Amazon CloudFront and use all Edge locations for content delivery
- C.
  
  Replicate the bucket in eu-west-1 and use an Amazon Route 53 failover routing policy to determine which bucket it should serve the request to.
- D.
  
  Use an Amazon Route 53 weighted routing policy for the CloudFront domain name to distribute the GET request between CloudFront and the Amazon S3 bucket directly.
Correct Answer
B. Cache the web content with Amazon CloudFront and use all Edge locations for content delivery
14.

A company's development team plans to create an Amazon S3 bucket that contains millions of images. The team wants to maximize the read performance of Amazon S3. Which naming scheme should the company use?
- A.
  
  Add a date as the prefix.
- B.
  
  Add a sequential id as the suffix.
- C.
  
  Add a hexadecimal hash as the suffix.
- D.
  
  Add a hexadecimal hash as the prefix.
Correct Answer
A. Add a date as the prefix.
15.

A company has a legacy application using a proprietary file system and plans to migrate the application to AWS. Which storage service should the company use?
- A.
  
  Amazon DynamoDB
- B.
  
  Amazon S3
- C.
  
  Amazon EBS
- D.
  
  Amazon EFS
Correct Answer
D. Amazon EFS
16.

A company plans to use AWS for all new batch processing workloads. The company's developers use Docker containers for the new batch processing. The system design must accommodate critical and non-critical batch processing workloads 24/7. How should a Solutions Architect design this architecture in a cost-efficient manner?
- A.
  
  Purchase Reserved Instances to run all containers. Use Auto Scaling groups to schedule jobs.
- B.
  
  Host a container management service on Spot Instances. Use Reserved Instances to run Docker containers.
- C.
  
  Use Amazon ECS orchestration and Auto Scaling groups: one with Reserve Instances, one with Spot Instances.
- D.
  
  Use Amazon ECS to manage container orchestration. Purchase Reserved Instances to run all batch workloads at the same time.
Correct Answer
C. Use Amazon ECS orchestration and Auto Scaling groups: one with Reserve Instances, one with Spot Instances.
17.

A customer has a production application that frequently overwrites and deletes data, the application requires the most up-to-date version of the data every time it is requested. Which storage should a Solutions Architect recommend to bet accommodate this use case?
- A.
  
  Amazon S3
- B.
  
  Amazon RDS
- C.
  
  Amazon RedShift
- D.
  
  AWS Storage Gateway
Correct Answer
B. Amazon RDS
18.

A company is launching a static website using the zone apex (mycompany.com). The company wants to use Amazon Route 53 for DNS. Which steps should the company perform to implement a scalable and cost-effective solution? (Choose two.)
- A.
  
  Host the website on an Amazon EC2 instance with ELB and Auto Scaling, and map a Route 53 alias record to the ELB endpoint.
- B.
  
  Host the website using AWS Elastic Beanstalk, and map a Route 53 alias record to the Beanstalk stack.
- C.
  
  Host the website on an Amazon EC2 instance, and map a Route 53 alias record to the public IP address of the Amazon EC2 instance.
- D.
  
  Serve the website from an Amazon S3 bucket, and map a Route 53 alias record to the website endpoint.
- E.
  
  Create a Route 53 hosted zone, and set the NS records of the domain to use Route 53 name servers.
Correct Answer(s)
D. Serve the website from an Amazon S3 bucket, and map a Route 53 alias record to the website endpoint.
E. Create a Route 53 hosted zone, and set the NS records of the domain to use Route 53 name servers.
19.

A manufacturing company captures data from machines running at customer sites. Currently, thousands of machines send data every 5 minutes, and this is expected to grow to hundreds of thousands of machines in the near future. The data is logged with the intent to be analyzed in the future as needed. What is the SIMPLEST method to store this streaming data at scale?
- A.
  
  Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3.
- B.
  
  Create an Auto Scaling group of Amazon EC2 servers behind ELBs to write the data into Amazon RDS.
- C.
  
  Create an Amazon SQS queue, and have the machines write to the queue.
- D.
  
  Create an Amazon EC2 server farm behind an ELB to store the data in Amazon EBS Cold HDD volumes.
Correct Answer
A. Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3.
20.

A Solutions Architect is designing a mobile application that will capture receipt images to track expenses. The Architect wants to store the images on Amazon S3. However, uploading images through the web server will create too much traffic. What is the MOST efficient method to store images from a mobile application on Amazon S3?
- A.
  
  Upload directly to S3 using a pre-signed URL.
- B.
  
  Upload to a second bucket, and have a Lambda event copy the image to the primary bucket.
- C.
  
  Upload to a separate Auto Scaling group of servers behind an ELB Classic Load Balancer, and have them write to the Amazon S3 bucket.
- D.
  
  Expand the web server fleet with Spot Instances to provide the resources to handle the images.
Correct Answer
A. Upload directly to S3 using a pre-signed URL.
21.

A Solutions Architect has a multi-layer application running in Amazon VPC. The application has an ELB Classic Load Balancer as the front end in a public subnet, and an Amazon EC2-based reverse proxy that performs content-based routing to two backend Amazon EC2 instances hosted in a private subnet. The Architect sees tremendous traffic growth and is concerned that the reverse proxy and current backend set up will be insufficient. Which actions should the Architect take to achieve a cost-effective solution that ensures the application automatically scales to meet traffic demand? (Select two.)
- A.
  
  Replace the Amazon EC2 reverse proxy with an ELB internal Classic Load Balancer.
- B.
  
  Add Auto Scaling to the Amazon EC2 backend fleet.
- C.
  
  Add Auto Scaling to the Amazon EC2 reverse proxy layer.
- D.
  
  Use t2 burstable instance types for the backend fleet.
- E.
  
  Replace both the frontend and reverse proxy layers with an ELB Application Load Balancer.
Correct Answer(s)
B. Add Auto Scaling to the Amazon EC2 backend fleet.
E. Replace both the frontend and reverse proxy layers with an ELB Application Load Balancer.
22.

A Solutions Architect is designing a solution to store a large quantity of event data in Amazon S3. The Architect anticipates that the workload will consistently exceed 100 requests each second. What should the Architect do in Amazon S3 to optimize performance?
- A.
  
  Randomize a key name prefix.
- B.
  
  Store the event data in separate buckets.
- C.
  
  Randomize the key name suffix.
- D.
  
  Use Amazon S3 Transfer Acceleration.
Correct Answer
A. Randomize a key name prefix.
23.

An application stack includes an Elastic Load Balancer in a public subnet, a fleet of Amazon EC2 instances in an Auto Scaling group, and an Amazon RDS MySQL cluster. Users connect to the application from the Internet. The application servers and database must be secure. How should a Solutions Architect perform this task?
- A.
  
  Create a private subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
- B.
  
  Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
- C.
  
  Create a public subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
- D.
  
  Create a public subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
Correct Answer
B. Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
24.

A legacy application running in premises requires a Solutions Architect to be able to open a firewall to allow access to several Amazon S3 buckets. The Architect has a VPN connection to AWS in place. How should the Architect meet this requirement?
- A.
  
  Create an IAM role that allows access from the corporate network to Amazon S3.
- B.
  
  Configure a proxy on Amazon EC2 and use an Amazon S3 VPC endpoint.
- C.
  
  Use Amazon API Gateway to do IP whitelisting
- D.
  
  Configure IP whitelisting on the customerâ€™s gateway
Correct Answer
B. Configure a proxy on Amazon EC2 and use an Amazon S3 VPC endpoint.
25.

A Solutions Architect is designing a Lambda function that calls an API to list all running Amazon RDS instances. How should the request be authorized?
- A.
  
  Create an IAM access and secret key, and store it in the Lambda function.
- B.
  
  Create an IAM role to the Lambda function with permissions to list all Amazon RDS instances.
- C.
  
  Create an IAM role to Amazon RDS with permissions to list all Amazon RDS instances.
- D.
  
  Create an IAM access and secret key, and store it in an encrypted RDS database.
Correct Answer
B. Create an IAM role to the Lambda function with permissions to list all Amazon RDS instances.
26.

Which one do you like?
- A.
  
  Option 1
- B.
  
  Option 2
- C.
  
  Option 3
- D.
  
  Option 4
Correct Answer
A. Option 1
27.

An interactive, dynamic website runs on Amazon EC2 instances in a single subnet behind an ELB Classic Load Balancer. Which design changes will make the site more highly available?
- A.
  
  Move some Amazon EC2 instances to a subnet in a different AZ"
- B.
  
  Move the website to Amazon S3.
- C.
  
  Change the ELB to an Application Load Balancer.
- D.
  
  Move some Amazon EC2 instances to a subnet in the same Availability Zone.
Correct Answer
A. Move some Amazon EC2 instances to a subnet in a different AZ"
28.

A Solutions Architect is designing a web application that is running on an Amazon EC2 instance. The application stores data in DynamoDB. The Architect needs to secure access to the DynamoDB table. What combination of steps does AWS recommend to achieve secure authorization? (Select two.)
- A.
  
  Store an access key on the Amazon EC2 instance with rights to the Dynamo DB table.
- B.
  
  Attach an IAM user to the Amazon EC2 instance.
- C.
  
  Create an IAM role with permissions to write to the DynamoDB table.
- D.
  
  Attach an IAM role to the Amazon EC2 instance.
- E.
  
  Attach an IAM policy to the Amazon EC2 instance.
Correct Answer(s)
C. Create an IAM role with permissions to write to the DynamoDB table.
D. Attach an IAM role to the Amazon EC2 instance.
29.

A Solutions Architect is about to deploy an API on multiple EC2 instances in an Auto Scaling group behind an ELB. The support team has the following operational requirements: 1 They get an alert when the requests per second go over 50,000 2 They get an alert when latency goes over 5 seconds 3 They can validate how many times a day users call the API requesting highly-sensitive data Which combination of steps does the Architect need to take to satisfy these operational requirements? (Select two.)
- A.
  
  Ensure that CloudTrail is enabled.
- B.
  
  Create a custom CloudWatch metric to monitor the API for data access.
- C.
  
  Configure CloudWatch alarms for any metrics the support team requires.
- D.
  
  Ensure that detailed monitoring for the EC2 instances is enabled.
- E.
  
  Create an application to export and save CloudWatch metrics for longer term trending analysis.
Correct Answer(s)
A. Ensure that CloudTrail is enabled.
C. Configure CloudWatch alarms for any metrics the support team requires.
30.

A Solutions Architect is designing a highly-available website that is served by multiple web servers hosted outside of AWS. If an instance becomes unresponsive, the Architect needs to remove it from the rotation. What is the MOST efficient way to fulfill this requirement?
- A.
  
  Use Amazon CloudWatch to monitor utilization.
- B.
  
  Use Amazon API Gateway to monitor availability.
- C.
  
  Use an Amazon Elastic Load Balancer.
- D.
  
  Use Amazon Route 53 health checks.
Correct Answer
D. Use Amazon Route 53 health checks.
31.

A company hosts a popular web application. The web application connects to a database running in a private VPC subnet. The web servers must be accessible only to customers on an SSL connection. The RDS MySQL database server must be accessible only from the web servers. How should the Architect design a solution to meet the requirements without impacting running applications?
- A.
  
  Create a network ACL on the web serverâ€™s subnet, and allow HTTPS inbound and MySQL outbound. Place both database and web servers on the same subnet.
- B.
  
  Open an HTTPS port on the security group for web servers and set the source to 0.0.0.0/0. Open the MySQL port on the database security group and attach it to the MySQL instance. Set the source to Web Server Security Group.
- C.
  
  Create a network ACL on the web serverâ€™s subnet, and allow HTTPS inbound, and specify the source as 0.0.0.0/0. Create a network ACL on a database subnet, allow MySQL port inbound for web servers, and deny all outbound traffic.
- D.
  
  Open the MySQL port on the security group for web servers and set the source to 0.0.0.0/0. Open the HTTPS port on the database security group and attach it to the MySQL instance. Set the source to Web Server Security Group.
Correct Answer
B. Open an HTTPS port on the security group for web servers and set the source to 0.0.0.0/0. Open the MySQL port on the database security group and attach it to the MySQL instance. Set the source to Web Server Security Group.
32.

An Administrator is hosting an application on a single Amazon EC2 instance, which users can access by the public hostname. The administrator is adding a second instance, but does not want users to have to decide between many public hostnames. Which AWS service will decouple the users from specific Amazon EC2 instances?
- A.
  
  Amazon SQS
- B.
  
  Auto Scaling group
- C.
  
  Amazon EC2 security group
- D.
  
  Amazon ELB
Correct Answer
D. Amazon ELB
33.

A Solutions Architect is designing the storage layer for a production relational database. The database will run on Amazon EC2. The database is accessed by an application that performs intensive reads and writes, so the database requires the LOWEST random I/O latency. Which data storage method fulfills the above requirements?
- A.
  
  Store data in a filesystem backed by Amazon Elastic File System (EFS).
- B.
  
  Store data in Amazon S3 and use a third-party solution to expose Amazon S3 as a filesystem to the database server.
- C.
  
  Store data in Amazon Dynamo DB and emulate relational database semantics.
- D.
  
  Stripe data across multiple Amazon EBS volumes using RAID 0
Correct Answer
D. Stripe data across multiple Amazon EBS volumes using RAID 0
34.

A Solutions Architect is designing a VPC. Instances in a private subnet must be able to establish IPv6 traffic to the Internet. The design must scale automatically and not incur any additional cost. This can be accomplished with:
- A.
  
  An egress-only internet gateway
- B.
  
  A NAT gateway
- C.
  
  A custom NAT instance
- D.
  
  A VPC endpoint
Correct Answer
A. An egress-only internet gateway
35.

A web application stores all data in an Amazon RDS Aurora database instance. A Solutions Architect wants to provide access to the data for a detailed report for the Marketing team, but is concerned that the additional load on the database will affect the performance of the web application. How can the report be created without affecting the performance of the application?
- A.
  
  Create a read replica of the database.
- B.
  
  Provision a new RDS instance as a secondary master.
- C.
  
  Configure the database to be in multiple regions.
- D.
  
  Increase the number of provisioned storage IOPS.
Correct Answer
A. Create a read replica of the database.
36.

A Solutions Architect is designing a stateful web application that will run for one year (24/7) and then be decommissioned. Load on this platform will be constant, using a number of r4.8xlarge instances. Key drivers for this system include high availability, but elasticity is not required. What is the MOST cost-effective way to purchase compute for this platform?
- A.
  
  Scheduled Reserved Instances
- B.
  
  Convertible Reserved Instances
- C.
  
  Standard Reserved Instances
- D.
  
  Spot Instances
Correct Answer
C. Standard Reserved Instances
37.

A Solution Architect has a two-tier application with a single Amazon EC2 instance web server and Amazon RDS MySQL Multi-AZ DB instances. The Architect is re-architecting the application for high availability by adding instances in a second Availability Zone. Which additional services will improve the availability of the application? (Choose two.)
- A.
  
  Auto Scaling group
- B.
  
  AWS CloudTrail
- C.
  
  ELB Classic Load Balancer
- D.
  
  Amazon DynamoDB
- E.
  
  Amazon ElastiCache
Correct Answer(s)
A. Auto Scaling group
C. ELB Classic Load Balancer
38.

A Solutions Architect is developing software on AWS that requires access to multiple AWS services, including an Amazon EC2 instance. This is a security sensitive application, and AWS credentials such as Access Key ID and Secret Access Key need to be protected and cannot be exposed anywhere in the system. What security measure would satisfy these requirements?
- A.
  
  Store the AWS Access Key ID/Secret Access Key combination in software comments
- B.
  
  Assign an IAM user to the Amazon EC2 instance.
- C.
  
  Assign an IAM role to the Amazon EC2 instance.
- D.
  
  Enable multi-factor authentication for the AWS root account.
Correct Answer
C. Assign an IAM role to the Amazon EC2 instance.
39.

An AWS workload in a VPC is running a legacy database on an Amazon EC2 instance. Data is stored on a 200GB Amazon EBS (gp2) volume. At peak load times, logs show excessive wait time. What solution should be implemented to improve database performance using persistent storage?
- A.
  
  Migrate the data on the Amazon EBS volume to an SSD-backed volume.
- B.
  
  Change the EC2 instance type to one with EC2 instance store volumes.
- C.
  
  Migrate the data on the EBS volume to provisioned IOPS SSD (io1).
- D.
  
  Change the EC2 instance type to one with burstable performance.
Correct Answer
C. Migrate the data on the EBS volume to provisioned IOPS SSD (io1).
40.

A company wants to migrate a highly transactional database to AWS. Requirements state that the database has more than 6 TB of data and will grow exponentially. Which solution should a Solutions Architect recommend?
- A.
  
  Amazon Aurora
- B.
  
  Amazon Redshift
- C.
  
  Amazon DynamoDB
- D.
  
  Amazon RDS MySQL
Correct Answer
A. Amazon Aurora
41.

A company hosts a two-tier application that consists of a publicly accessible web server that communicates with a private database. Only HTTPS port 443 traffic to the web server must be allowed from the Internet. Which of the following options will achieve these requirements? (Choose two.)
- A.
  
  Security group rule that allows inbound Internet traffic for port 443.
- B.
  
  Security group rule that denies all inbound Internet traffic except port 443.
- C.
  
  Network ACL rule that allows port 443 inbound and all ports outbound for Internet traffic.
- D.
  
  Security group rule that allows Internet traffic for port 443 in both inbound and outbound.
- E.
  
  Network ACL rule that allows port 443 for both inbound and outbound for all Internet traffic.
Correct Answer(s)
A. Security group rule that allows inbound Internet traffic for port 443.
E. Network ACL rule that allows port 443 for both inbound and outbound for all Internet traffic.
42.

A Solutions Architect is designing an Amazon VPC. Applications in the VPC must have private connectivity to Amazon DynamoDB in the same AWS Region. The design should route DynamoDB traffic through:
- A.
  
  VPC peering connection.
- B.
  
  NAT gateway
- C.
  
  VPC endpoint
- D.
  
  AWS Direct Connect
Correct Answer
C. VPC endpoint
43.

A Solutions Architect is architecting a workload that requires a performant object-based storage system that must be shared with multiple Amazon EC2 instances. Which AWS service meets this requirement?
- A.
  
  Amazon EFS
- B.
  
  Amazon S3
- C.
  
  Amazon EBS
- D.
  
  Amazon ElastiCache
Correct Answer
B. Amazon S3
44.

A company runs a legacy application with a single-tier architecture on an Amazon EC2 instance. Disk I/O is low, with occasional small spikes during business hours. The company requires the instance to be stopped from 8 PM to 8 AM daily. Which storage option is MOST appropriate for this workload?
- A.
  
  Amazon EC2 instance storage
- B.
  
  Amazon EBS General Purpose SSD (gp2) storage
- C.
  
  Amazon S3
- D.
  
  Amazon EBS Provision IOPS SSD (io1) storage
Correct Answer
B. Amazon EBS General Purpose SSD (gp2) storage
45.

As part of securing an API layer built on Amazon API gateway, a Solutions Architect has to authorize users who are currently authenticated by an existing identity provider. The users must be denied access for a period of one hour after three unsuccessful attempts. How can the Solutions Architect meet these requirements?
- A.
  
  Use AWS IAM authorization and add least-privileged permissions to each respective IAM role.
- B.
  
  Use an API Gateway custom authorizer to invoke an AWS Lambda function to validate each users identity.
- C.
  
  Use Amazon Cognito user pools to provide built-in user management.
- D.
  
  Use Amazon Cognito user pools to integrate with external identity providers.
Correct Answer
D. Use Amazon Cognito user pools to integrate with external identity providers.
46.

A development team is building an application with front-end and backend application tiers. Each tier consists of Amazon EC2 instances behind an ELB Classic Load Balancer. The instances run in Auto Scaling groups across multiple Availability Zones. The network team has allocated the 10.0.0.0/24 address space for this application. Only the front-end load balancer should be exposed to the Internet. There are concerns about the limited size of the address space and the ability of each tier to scale. What should the VPC subnet design be in each Availability Zone?
- A.
  
  One public subnet for the load balancer tier, one public subnet for the front-end tier, and one private subnet for the backend tier.
- B.
  
  One shared public subnet for all tiers of the application.
- C.
  
  One public subnet for the load balancer tier and one shared private subnet for the application tiers.
- D.
  
  One shared private subnet for all tiers of the application.
Correct Answer
C. One public subnet for the load balancer tier and one shared private subnet for the application tiers.
47.

A Solutions Architect must select the storage type for a big data application that requires very high sequential I/O. The data must persist if the instance is stopped. Which of the following storage types will provide the best fit at the LOWEST cost for the application?
- A.
  
  An Amazon EC2 instance store local SSD volume.
- B.
  
  An Amazon EBS provisioned IOPS SSD volume.
- C.
  
  An Amazon EBS throughput optimized HDD volume
- D.
  
  An Amazon EBS general purpose SSD volume.
Correct Answer
C. An Amazon EBS throughput optimized HDD volume
48.

Two Auto Scaling applications, Application A and Application B, currently run within a shared set of subnets. A Solutions Architect wants to make sure that Application A can make requests to Application B, but Application B should be denied from making requests to Application A. Which is the SIMPLEST solution to achieve this policy?
- A.
  
  Using security groups that reference the security groups of the other application
- B.
  
  Using security groups that reference the application servers IP addresses
- C.
  
  Using Network Access Control Lists to allow/deny traffic based on application IP addresses
- D.
  
  Migrating the applications to separate subnets from each other
Correct Answer
A. Using security groups that reference the security groups of the other application
49.

A Solutions Architect needs to design an architecture for a new, mission-critical batch processing billing application. The application is required to run Monday, Wednesday, and Friday from 5 AM to 11 AM. Which is the MOST cost-effective Amazon EC2 pricing model?
- A.
  
  Amazon EC2 Spot Instances
- B.
  
  On-Demand Amazon EC2 Instances
- C.
  
  Scheduled Reserved Instances
- D.
  
  Dedicated Amazon EC2 Instances
Correct Answer
C. Scheduled Reserved Instances
50.

An application is running on an Amazon EC2 instance in a private subnet. The application needs to read and write data onto Amazon Kinesis Data Streams, and corporate policy requires that this traffic should not go to the internet. How can these requirements be met?
- A.
  
  Configure a NAT gateway in a public subnet and route all traffic to Amazon Kinesis through the NAT gateway.
- B.
  
  Configure a gateway VPC endpoint for Kinesis and route all traffic to Kinesis through the gateway VPC endpoint.
- C.
  
  Configure an interface VPC endpoint for Kinesis and route all traffic to Kinesis through the gateway VPC endpoint.
- D.
  
  Configure an AWS Direct Connect private virtual interface for Kinesis and route all traffic to Kinesis through the virtual interface.
Correct Answer
C. Configure an interface VPC endpoint for Kinesis and route all traffic to Kinesis through the gateway VPC endpoint.

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Feb 24, 2020

Quiz Edited by
ProProfs Editorial Team
Oct 10, 2019

Quiz Created by
Catherine Halcomb

Featured Quizzes

Which FNAF Character Are You? Which FNAF Character Are You?

POTS Syndrome Quiz - Do You Have POTS? POTS Syndrome Quiz - Do You Have POTS?

Take the Does He Like Me Quiz to Decode His True Feelings Take the Does He Like Me Quiz to Decode His True Feelings

Am I Pretty, Cute Or Beautiful? Am I Pretty, Cute Or Beautiful?

What Should I Be When I Grow Up? Quiz What Should I Be When I Grow Up? Quiz

Am I Handsome? Quiz Am I Handsome? Quiz

Back to top

AWS Weird Ones

A legacy application needs to interact with local storage using iSCSI. A team needs to design a reliable storage solution to provision all new storage on AWS. Which storage solution meets the legacy application requirements?

A Lambda function must execute a query against an Amazon RDS database in a private subnet. Which steps are required to allow the Lambda function to access the Amazon RDS database? (Select two.)

A Solutions Architect needs to build a resilient data warehouse using Amazon Redshift. The Architect needs to rebuild the Redshift cluster in another region. Which approach can the Architect take to address this requirement?

A customer owns a simple API for their website that receives about 1,000 requests each day and has an average response time of 50 ms. It is currently hosted on one c4.large instance. Which changes to the architecture will provide high availability at the LOWEST cost?

A company's development team plans to create an Amazon S3 bucket that contains millions of images. The team wants to maximize the read performance of Amazon S3. Which naming scheme should the company use?

A company has a legacy application using a proprietary file system and plans to migrate the application to AWS. Which storage service should the company use?

A customer has a production application that frequently overwrites and deletes data, the application requires the most up-to-date version of the data every time it is requested. Which storage should a Solutions Architect recommend to bet accommodate this use case?

A company is launching a static website using the zone apex (mycompany.com). The company wants to use Amazon Route 53 for DNS. Which steps should the company perform to implement a scalable and cost-effective solution? (Choose two.)

A Solutions Architect is designing a solution to store a large quantity of event data in Amazon S3. The Architect anticipates that the workload will consistently exceed 100 requests each second. What should the Architect do in Amazon S3 to optimize performance?

A legacy application running in premises requires a Solutions Architect to be able to open a firewall to allow access to several Amazon S3 buckets. The Architect has a VPN connection to AWS in place. How should the Architect meet this requirement?

A Solutions Architect is designing a Lambda function that calls an API to list all running Amazon RDS instances. How should the request be authorized?

Which one do you like?

An interactive, dynamic website runs on Amazon EC2 instances in a single subnet behind an ELB Classic Load Balancer. Which design changes will make the site more highly available?

A Solutions Architect is designing a web application that is running on an Amazon EC2 instance. The application stores data in DynamoDB. The Architect needs to secure access to the DynamoDB table. What combination of steps does AWS recommend to achieve secure authorization? (Select two.)

A Solutions Architect is designing a highly-available website that is served by multiple web servers hosted outside of AWS. If an instance becomes unresponsive, the Architect needs to remove it from the rotation. What is the MOST efficient way to fulfill this requirement?

A Solutions Architect is designing a VPC. Instances in a private subnet must be able to establish IPv6 traffic to the Internet. The design must scale automatically and not incur any additional cost. This can be accomplished with:

An AWS workload in a VPC is running a legacy database on an Amazon EC2 instance. Data is stored on a 200GB Amazon EBS (gp2) volume. At peak load times, logs show excessive wait time. What solution should be implemented to improve database performance using persistent storage?

A company wants to migrate a highly transactional database to AWS. Requirements state that the database has more than 6 TB of data and will grow exponentially. Which solution should a Solutions Architect recommend?

A company hosts a two-tier application that consists of a publicly accessible web server that communicates with a private database. Only HTTPS port 443 traffic to the web server must be allowed from the Internet. Which of the following options will achieve these requirements? (Choose two.)

A Solutions Architect is designing an Amazon VPC. Applications in the VPC must have private connectivity to Amazon DynamoDB in the same AWS Region. The design should route DynamoDB traffic through:

A Solutions Architect is architecting a workload that requires a performant object-based storage system that must be shared with multiple Amazon EC2 instances. Which AWS service meets this requirement?

A company runs a legacy application with a single-tier architecture on an Amazon EC2 instance. Disk I/O is low, with occasional small spikes during business hours. The company requires the instance to be stopped from 8 PM to 8 AM daily. Which storage option is MOST appropriate for this workload?

A Solutions Architect must select the storage type for a big data application that requires very high sequential I/O. The data must persist if the instance is stopped. Which of the following storage types will provide the best fit at the LOWEST cost for the application?

A Solutions Architect needs to design an architecture for a new, mission-critical batch processing billing application. The application is required to run Monday, Wednesday, and Friday from 5 AM to 11 AM. Which is the MOST cost-effective Amazon EC2 pricing model?

An application is running on an Amazon EC2 instance in a private subnet. The application needs to read and write data onto Amazon Kinesis Data Streams, and corporate policy requires that this traffic should not go to the internet. How can these requirements be met?