This example quiz shows that you may upload a certificate with your own branding, logo, signature, design and even custom text.
Create a private subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
Create a public subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
Create a public subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
AWS Snowball storage for the legacy application until the application can be re-architected.
AWS Storage Gateway in cached mode for the legacy application storage to write data to Amazon S3.
AWS Storage Gateway in stored mode for the legacy application storage to write data to Amazon S3.
An Amazon S3 volume mounted on the legacy application server locally using the File Gateway service
Amazon Redshift
Amazon DynamoDB
Amazon RDS MySQL
Amazon Aurora
The application is reading parts of objects from Amazon S3 using a range header.
The application is reading objects from Amazon S3 using parallel object requests.
The application is updating records by writing new objects with unique keys.
The application is updating records by overwriting existing objects with the same keys.
Create a VPC Endpoint for Amazon RDS.
Create the Lambda function within the Amazon RDS VPC.
Change the ingress rules of Lambda security group, allowing the Amazon RDS security group.
Change the ingress rules of the Amazon RDS security group, allowing the Lambda security group.
Add an Internet Gateway (IGW) to the VPC, route the private subnet to the IGW.
Modify the Redshift cluster and configure cross-region snapshots to the other region.
Modify the Redshift cluster to take snapshots of the Amazon EBS volumes each day, sharing those snapshots with the other region.
Modify the Redshift cluster and configure the backup and specify the Amazon S3 bucket in the other region.
Modify the Redshift cluster to use AWS Snowball in export mode with data delivered to the other region.
Convert the database to Amazon Redshift.
Create a CloudFront distribution.
Convert the database to use EBS Provisioned IOPS.
Create one or more read replicas.
Launch Amazon EC2 instances in an Auto Scaling group behind an ELB.
Store all static files in a multi-AZ Amazon Aurora database.
Create an CloudFront distribution pointing to static content in Amazon S3.
Use Amazon Route 53 to route traffic to the correct region.
Use Amazon S3 multi-part uploads to improve upload times.
Configure the database security group to allow database traffic from the application server IP addresses.
Configure the database security group to allow database traffic from the application server security group.
Configure the database subnet network ACL to deny all inbound non-database traffic from the application-tier subnet.
Configure the database subnet network ACL to allow inbound database traffic from the application-tier subnet.
Change the Auto Scaling groups scale out event to scale based on network utilization.
Create an Auto Scaling scheduled action to scale out the necessary resources at 8:30 AM every morning.
Use Reserved Instances to ensure the system has reserved the right amount of capacity for the scale-up events.
Permanently keep a steady state of instances that is needed at 9:00 AM to guarantee available resources, but leverage Spot Instances.
Add a Step Scaling policy.
Add a Dynamic Scaling policy.
Add a Scheduled Scaling action.
Add Amazon EC2 Spot Instances.
Create an Auto Scaling group with a minimum of one instance and a maximum of two instances, then use an Application Load Balancer to balance the traffic.
Recreate the API using Amazon API Gateway and use AWS Lambda as the service backend.
Create an Auto Scaling group with a maximum of two instances, then use an Application Load Balancer to balance the traffic.
Recreate the API using Amazon API Gateway and integrate the new API with the existing backend service.
Place an elastic load balancer in front of the Amazon S3 bucket to distribute the load during peak hours.
Cache the web content with Amazon CloudFront and use all Edge locations for content delivery
Replicate the bucket in eu-west-1 and use an Amazon Route 53 failover routing policy to determine which bucket it should serve the request to.
Use an Amazon Route 53 weighted routing policy for the CloudFront domain name to distribute the GET request between CloudFront and the Amazon S3 bucket directly.
Add a date as the prefix.
Add a sequential id as the suffix.
Add a hexadecimal hash as the suffix.
Add a hexadecimal hash as the prefix.
Amazon DynamoDB
Amazon S3
Amazon EBS
Amazon EFS
Purchase Reserved Instances to run all containers. Use Auto Scaling groups to schedule jobs.
Host a container management service on Spot Instances. Use Reserved Instances to run Docker containers.
Use Amazon ECS orchestration and Auto Scaling groups: one with Reserve Instances, one with Spot Instances.
Use Amazon ECS to manage container orchestration. Purchase Reserved Instances to run all batch workloads at the same time.
Amazon S3
Amazon RDS
Amazon RedShift
AWS Storage Gateway
Host the website on an Amazon EC2 instance with ELB and Auto Scaling, and map a Route 53 alias record to the ELB endpoint.
Host the website using AWS Elastic Beanstalk, and map a Route 53 alias record to the Beanstalk stack.
Host the website on an Amazon EC2 instance, and map a Route 53 alias record to the public IP address of the Amazon EC2 instance.
Serve the website from an Amazon S3 bucket, and map a Route 53 alias record to the website endpoint.
Create a Route 53 hosted zone, and set the NS records of the domain to use Route 53 name servers.
Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3.
Create an Auto Scaling group of Amazon EC2 servers behind ELBs to write the data into Amazon RDS.
Create an Amazon SQS queue, and have the machines write to the queue.
Create an Amazon EC2 server farm behind an ELB to store the data in Amazon EBS Cold HDD volumes.
Upload directly to S3 using a pre-signed URL.
Upload to a second bucket, and have a Lambda event copy the image to the primary bucket.
Upload to a separate Auto Scaling group of servers behind an ELB Classic Load Balancer, and have them write to the Amazon S3 bucket.
Expand the web server fleet with Spot Instances to provide the resources to handle the images.
Replace the Amazon EC2 reverse proxy with an ELB internal Classic Load Balancer.
Add Auto Scaling to the Amazon EC2 backend fleet.
Add Auto Scaling to the Amazon EC2 reverse proxy layer.
Use t2 burstable instance types for the backend fleet.
Replace both the frontend and reverse proxy layers with an ELB Application Load Balancer.
Randomize a key name prefix.
Store the event data in separate buckets.
Randomize the key name suffix.
Use Amazon S3 Transfer Acceleration.
Create a private subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
Create a public subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
Create a public subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
Create an IAM role that allows access from the corporate network to Amazon S3.
Configure a proxy on Amazon EC2 and use an Amazon S3 VPC endpoint.
Use Amazon API Gateway to do IP whitelisting
Configure IP whitelisting on the customer’s gateway
Create an IAM access and secret key, and store it in the Lambda function.
Create an IAM role to the Lambda function with permissions to list all Amazon RDS instances.
Create an IAM role to Amazon RDS with permissions to list all Amazon RDS instances.
Create an IAM access and secret key, and store it in an encrypted RDS database.
Option 1
Option 2
Option 3
Option 4
Move some Amazon EC2 instances to a subnet in a different AZ"
Move the website to Amazon S3.
Change the ELB to an Application Load Balancer.
Move some Amazon EC2 instances to a subnet in the same Availability Zone.
Store an access key on the Amazon EC2 instance with rights to the Dynamo DB table.
Attach an IAM user to the Amazon EC2 instance.
Create an IAM role with permissions to write to the DynamoDB table.
Attach an IAM role to the Amazon EC2 instance.
Attach an IAM policy to the Amazon EC2 instance.
Ensure that CloudTrail is enabled.
Create a custom CloudWatch metric to monitor the API for data access.
Configure CloudWatch alarms for any metrics the support team requires.
Ensure that detailed monitoring for the EC2 instances is enabled.
Create an application to export and save CloudWatch metrics for longer term trending analysis.
Use Amazon CloudWatch to monitor utilization.
Use Amazon API Gateway to monitor availability.
Use an Amazon Elastic Load Balancer.
Use Amazon Route 53 health checks.
Create a network ACL on the web server’s subnet, and allow HTTPS inbound and MySQL outbound. Place both database and web servers on the same subnet.
Open an HTTPS port on the security group for web servers and set the source to 0.0.0.0/0. Open the MySQL port on the database security group and attach it to the MySQL instance. Set the source to Web Server Security Group.
Create a network ACL on the web server’s subnet, and allow HTTPS inbound, and specify the source as 0.0.0.0/0. Create a network ACL on a database subnet, allow MySQL port inbound for web servers, and deny all outbound traffic.
Open the MySQL port on the security group for web servers and set the source to 0.0.0.0/0. Open the HTTPS port on the database security group and attach it to the MySQL instance. Set the source to Web Server Security Group.
Amazon SQS
Auto Scaling group
Amazon EC2 security group
Amazon ELB
Store data in a filesystem backed by Amazon Elastic File System (EFS).
Store data in Amazon S3 and use a third-party solution to expose Amazon S3 as a filesystem to the database server.
Store data in Amazon Dynamo DB and emulate relational database semantics.
Stripe data across multiple Amazon EBS volumes using RAID 0
An egress-only internet gateway
A NAT gateway
A custom NAT instance
A VPC endpoint
Create a read replica of the database.
Provision a new RDS instance as a secondary master.
Configure the database to be in multiple regions.
Increase the number of provisioned storage IOPS.
Scheduled Reserved Instances
Convertible Reserved Instances
Standard Reserved Instances
Spot Instances
Auto Scaling group
AWS CloudTrail
ELB Classic Load Balancer
Amazon DynamoDB
Amazon ElastiCache
Store the AWS Access Key ID/Secret Access Key combination in software comments
Assign an IAM user to the Amazon EC2 instance.
Assign an IAM role to the Amazon EC2 instance.
Enable multi-factor authentication for the AWS root account.
Migrate the data on the Amazon EBS volume to an SSD-backed volume.
Change the EC2 instance type to one with EC2 instance store volumes.
Migrate the data on the EBS volume to provisioned IOPS SSD (io1).
Change the EC2 instance type to one with burstable performance.
Amazon Aurora
Amazon Redshift
Amazon DynamoDB
Amazon RDS MySQL
Security group rule that allows inbound Internet traffic for port 443.
Security group rule that denies all inbound Internet traffic except port 443.
Network ACL rule that allows port 443 inbound and all ports outbound for Internet traffic.
Security group rule that allows Internet traffic for port 443 in both inbound and outbound.
Network ACL rule that allows port 443 for both inbound and outbound for all Internet traffic.
VPC peering connection.
NAT gateway
VPC endpoint
AWS Direct Connect
Amazon EFS
Amazon S3
Amazon EBS
Amazon ElastiCache
Amazon EC2 instance storage
Amazon EBS General Purpose SSD (gp2) storage
Amazon S3
Amazon EBS Provision IOPS SSD (io1) storage
Use AWS IAM authorization and add least-privileged permissions to each respective IAM role.
Use an API Gateway custom authorizer to invoke an AWS Lambda function to validate each users identity.
Use Amazon Cognito user pools to provide built-in user management.
Use Amazon Cognito user pools to integrate with external identity providers.
One public subnet for the load balancer tier, one public subnet for the front-end tier, and one private subnet for the backend tier.
One shared public subnet for all tiers of the application.
One public subnet for the load balancer tier and one shared private subnet for the application tiers.
One shared private subnet for all tiers of the application.
An Amazon EC2 instance store local SSD volume.
An Amazon EBS provisioned IOPS SSD volume.
An Amazon EBS throughput optimized HDD volume
An Amazon EBS general purpose SSD volume.
Using security groups that reference the security groups of the other application
Using security groups that reference the application servers IP addresses
Using Network Access Control Lists to allow/deny traffic based on application IP addresses
Migrating the applications to separate subnets from each other
Amazon EC2 Spot Instances
On-Demand Amazon EC2 Instances
Scheduled Reserved Instances
Dedicated Amazon EC2 Instances
Configure a NAT gateway in a public subnet and route all traffic to Amazon Kinesis through the NAT gateway.
Configure a gateway VPC endpoint for Kinesis and route all traffic to Kinesis through the gateway VPC endpoint.
Configure an interface VPC endpoint for Kinesis and route all traffic to Kinesis through the gateway VPC endpoint.
Configure an AWS Direct Connect private virtual interface for Kinesis and route all traffic to Kinesis through the virtual interface.
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.