AWS SAA Certification Test! Hardest Trivia Quiz

100 Questions

Settings
AWS SAA Certification Test! Hardest Trivia Quiz

Knowledge of the AWS cloud is one of the things that any cloud operator should know. Getting a certification in this course not only shows your ability to maintain or helping in cloud adoption but also guarantees you a chance to gain employment in a field that is lacking professionals. Are you studying for the AWS Saa certification? Take up this test and get to refresh your memory!


Questions and Answers
  • 1. 
    • A. 

      Three: MySQL, Oracle and Microsoft SQL Server.

    • B. 

      Just two: MySQL and Oracle.

    • C. 

      Six: Amazon Aurora, Oracle, Microsoft SQL Server, PostgreSQL, MySQL and MariaDB.

    • D. 

      Just one: MySQL.

  • 2. 
    Amazon rds provides a facility to modify the back-up retention policy for automated backups, with a value of 0 indicating for no backup retention. What is the maximum retention period allowed in days?
    • A. 

      45

    • B. 

      35

    • C. 

      15

    • D. 

      10

  • 3. 
    • A. 

      MSSQL

    • B. 

      MySQL

    • C. 

      Aurora

    • D. 

      DB2

  • 4. 
    A company is hosting EC2 instances which focuses on work-loads are on non-production and non-priority batch loads. Also these processes can be interrupted at any time. What is the best pricing model which can be used for EC2 instances in ülis case?
    • A. 

      Reserved Instances

    • B. 

      On-Demand Instances

    • C. 

      Spot Instances

    • D. 

      Regular Instances

  • 5. 
    • A. 

      Detach the volume and attach to an EC2 instance in another AZ.

    • B. 

      Create a new volume in the other AZ and speciW the current volume as the source.

    • C. 

      Create a snapshot of the volume and then create a volume from the snapshot in the other AZ

    • D. 

      Create a new volume in the AZ and do a disk copy of contents from one volume to another.

  • 6. 
    If a provisioned IOPS volume of 4GiB is created, what are the possible correct values for IOPS for the volume in order for it to be created?
    • A. 

      200

    • B. 

      300

    • C. 

      400

    • D. 

      500

  • 7. 
    • A. 

      2TB

    • B. 

      1 GiB

    • C. 

      1GB

    • D. 

      1Byte

  • 8. 
    A custorner has a requirement to extend their on-premises data center to AWS. The custorner requires a 50-Mbps dedicated and private connection to their VPC. Which AWS product or feature satisfies this requirernent?
    • A. 

      Amazon VPC

    • B. 

      Elastic IP Addresses

    • C. 

      AWS Direct Connect

    • D. 

      Amazon VPC virtual private gateway

  • 9. 
    When it comes to API credentials, what is the best practise recommended by AWS?
    • A. 

      Create a role which has the necessary and can be assumed by the EC2 instance.

    • B. 

      Use the API credentials from an EC2 instance.

    • C. 

      Use the API credentials from a bastion host.

    • D. 

      Use the API credentials from a NAT Instance.

  • 10. 
    Is an edge location in AWS the same as a region?
    • A. 

      True

    • B. 

      False

  • 11. 
    • A. 

      Amazon Simple Storage Service

    • B. 

      Amazon Simple Workflow Service

    • C. 

      Amazon Simple Queue Service

    • D. 

      Amazon Simple Notification Service

  • 12. 
    After creating a new AWS account, you use the API to request 40 on-demand EC2 instances in a single AZ. After 20 successful requests, subsequent requests failed. What could be a reason for this issue, and how would you resolve it?
    • A. 

      You encountered a soft limit of 20 instances per region. Submit the limit increase form and retry the failed requests once approved.

    • B. 

      AWS allows you to provision no more than 20 instances per Availability Zone. Select a different Availability Zone and retry the failed request.

    • C. 

      You need to use Amazon Virtual Private Cloud (VPC) in order to provision more than 20 instances in a single Availability Zone. Simply terminate the resources already provisioned and re-launch them all in a VPC.

    • D. 

      You encountered an API throttling situation and should try the failed requests using an exponential decay retry algorithm.

  • 13. 
    You have an application running in us-west-2 that requires six EC2 instances running at all times. With three AZs available in that region (us-west-2a, us-west-2b, and us-west-2c), which of the following deployments provides 100 percent fault tolerance if any single AZ in us-west-2 becomes unavailable? Choose 2 answers
    • A. 

      Us-west-2a with two EC2 instances, us-west-2b with two EC2 instances, and us-west-2c with two EC2 instances

    • B. 

      Us-west-2a with three EC2 instances, us-west-2b with three EC2 instances, and us-west-2c with no EC2 instances

    • C. 

      Us-west-2a with four EC2 instances, us-west-2b with two EC2 instances, and us-west-2c with two EC2 instances

    • D. 

      Us-west-2a with six EC2 instances, us-west-2b with six EC2 instances, and us-west-2c with no EC2 instances

    • E. 

      Us-west-2a with three EC2 instances, us-west-2b with three EC2 instances, and us-west-2c with three EC2 instances

  • 14. 
    • A. 

      Modify the main route table to allow traffic to a network address translation instance.

    • B. 

      Use a dedicated network address translation instance in the public subnet.

    • C. 

      Assign a static Internet-routable IP address to an Amazon VPC customer gateway.

    • D. 

      Establish a dedicated networking connection using AWS Direct Connect.

  • 15. 
    • A. 

      Query the local instance metadata.

    • B. 

      Query the local instance userdata.

    • C. 

      Query the appropriate Amazon CloudWatch metric.

    • D. 

      Use an ipconfig or ifconfig command.

  • 16. 
    A startup company hired you to help them build a mobile application, that will ultimately store billions of images and videos in S3. The company is lean on funding, and wants to minimize operational costs, however, they have an aggressive marketing plan, and expect to double their current installation base every six months. Due to the nature of their business, they are expecting sudden and large increases in traffic to and from S3, and need to ensure that it can handle the performance needs of their application. What other information must you gather from this customer in order to determine whether S3 is the right option?
    • A. 

      You must know how many customers the company has today, because this is critical in understanding what their customer base will be in two years.

    • B. 

      You must find out the total number of requests per second at peak usage.

    • C. 

      You must know the size of the individual objects being written to S3, in order to properly design the key namespace.

    • D. 

      In order to build the key namespace correctly, you must understand the total amount of storage needs for each S3 bucket.

  • 17. 
    A VPC public subnet is one that:
    • A. 

      Has at least one route in its associated routing table that uses an Internet Gateway (IGW).

    • B. 

      Includes a route in its associated routing table via a Network Address Translation (NAT) instance.

    • C. 

      Has a Network Access Control List (NACL) permitting outbound traffic to 0.0.0.0/0.

    • D. 

      Has the Public Subnet option selected in its configuration.

  • 18. 
    In reviewing the Auto Scaling events for your application you notice that your application is scaling up and down multiple times in the same hour. What design choice could you make to optimize for cost while preserving elasticity? Choose 2 answers
    • A. 

      Modify the Auto Scaling policy to use scheduled scaling actions

    • B. 

      Modify the Auto Scaling group termination policy to terminate the oldest instance first.

    • C. 

      Modify the Auto Scaling group cool-down timers.

    • D. 

      Modify the Amazon CloudWatch alarm period that triggers your Auto Scaling scale down policy.

    • E. 

      Modify the Auto Scaling group termination policy to terminate the newest instance first.

  • 19. 
    • A. 

      Enable S3 versioning on the bucket.

    • B. 

      Access S3 data using only signed URLs.

    • C. 

      Disable S3 delete using an IAM bucket policy.

    • D. 

      Enable S3 Reduced Redundancy Storage.

    • E. 

      Enable multi-factor authentication (MFA) protected access.

  • 20. 
    You have been tasked with creating a VPC network topology for your company. The VPC network must support both Internet-facing applications and internally-facing applications accessed only over VPN. Both Internet-facing and internally-facing applications must be able to leverage at least three AZs for high availability. At a minimum, how many subnets must you create within your VPC to accommodate these requirements?
    • A. 

      2

    • B. 

      3

    • C. 

      4

    • D. 

      6

  • 21. 
    You receive a Spot Instance at a bid of $0.05/hr. After 30 minutes, the Spot Price increases to $0.06/hr and your Spot Instance is terminated by AWS. What was the total EC2 compute cost of running your Spot Instance?
    • A. 

      $0.00

    • B. 

      $0.02

    • C. 

      $0.03

    • D. 

      $0.05

    • E. 

      $0.06

  • 22. 
    • A. 

      Memory use

    • B. 

      CPU use

    • C. 

      Disk read operations

    • D. 

      Network in

    • E. 

      Estimated charges

  • 23. 
    You are developing a highly available web application using stateless web servers. Which services are suitable for storing session state data? Choose 3 answers
    • A. 

      Amazon CloudWatch

    • B. 

      Amazon Relational Database Service (RDS)

    • C. 

      Elastic Load Balancing

    • D. 

      Amazon ElastiCache

    • E. 

      AWS Storage Gateway

    • F. 

      Amazon DynamoDB

  • 24. 
    You have a business-critical two-tier web app currently deployed in two AZs in a single region, using Elastic Load Balancing and Auto Scaling. The app depends on synchronous replication (very low latency connectivity) at the database layer. The application needs to remain fully available even if one application AZ goes off-line, and Auto Scaling cannot launch new instances in the remaining Availability Zones. How can the current architecture be enhanced to ensure this?
    • A. 

      Deploy in two regions using Weighted Round Robin (WRR), with Auto Scaling minimums set for 50 percent peak load per Region.

    • B. 

      Deploy in two regions using Weighted Round Robin (WRR), with Auto Scaling minimums set for 100 percent peak load per region.

    • C. 

      Deploy in three Availability Zones, with Auto Scaling minimum set to handle 50 percent peak load per zone.

    • D. 

      Deploy in three Availability Zones, with Auto Scaling minimum set to handle 33 percent peak load per zone.

  • 25. 
    You are deploying an application on EC2 that must call AWS APIs. What method of securely passing credentials to the application should you use?
    • A. 

      Use AWS Identity and Access Management roles for EC2 instances.

    • B. 

      Pass API credentials to the instance using instance userdata.

    • C. 

      Embed the API credentials into your JAR files.

    • D. 

      Store API credentials as an object in Amazon Simple Storage Service.

  • 26. 
    • A. 

      Destination: 0.0.0.0/0 –> Target: your Internet gateway

    • B. 

      Destination: 192.168.1.257/0 –> Target: your Internet gatewayC. Destination: 0.0.0.0/33 –> Target: your virtual private gateway

    • C. 

      Destination: 0.0.0.0/0 –> Target: 0.0.0.0/24

    • D. 

      Destination: 10.0.0.0/32 –> Target: your virtual private gateway

  • 27. 
    A customer’s nightly EMR job processes a single 2-TB data file stored on Amazon Simple Storage Service (S3). The EMR job runs on two On-Demand core nodes and three On-Demand task nodes. Which of the following may help reduce the EMR job completion time? Choose 2 answers
    • A. 

      Use three Spot Instances rather than three On-Demand instances for the task nodes.

    • B. 

      Change the input split size in the MapReduce job configuration.

    • C. 

      Use a bootstrap action to present the S3 bucket as a local filesystem.

    • D. 

      Launch the core nodes and task nodes within an Amazon Virtual Cloud.

    • E. 

      Adjust the number of simultaneous mapper tasks.

  • 28. 
    Which is an operational process performed by AWS for data security?
    • A. 

      AES-256 encryption of data stored on any shared storage device

    • B. 

      Decommissioning of storage devices using industry-standard practices

    • C. 

      Background virus scans of EBS volumes and EBS snapshots

    • D. 

      Replication of data across multiple AWS Regions

    • E. 

      Secure wiping of EBS data when an EBS volume is unmounted

  • 29. 
    Amazon Glacier is designed for: (Choose 2 answers)
    • A. 

      Active database storage.

    • B. 

      Infrequently accessed data.

    • C. 

      Data archives.

    • D. 

      Frequently accessed data.

    • E. 

      Cached session data

  • 30. 
    You are building a system to distribute confidential training videos to employees. Using CloudFront, what method could be used to serve content that is stored in S3, but not publicly accessible from S3 directly?
    • A. 

      Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.

    • B. 

      Add the CloudFront account security group “amazon-cf/amazon-cf-sg” to the appropriate S3 bucket policy.

    • C. 

      Create an Identity and Access Management (IAM) User for CloudFront and grant access to the objects in your S3 bucket to that IAM User.

    • D. 

      Create a S3 bucket policy that lists the CloudFront distribution ID as the Principal and the target bucket as the Amazon Resource Name (ARN).

  • 31. 
    • A. 

      The Elastic IP will be dissociated from the instance

    • B. 

      All data on instance-store devices will be lost

    • C. 

      All data on EBS (Elastic Block Store) devices will be lost

    • D. 

      The ENI (Elastic Network Interface) is detached

    • E. 

      The underlying host for the instance is changed

  • 32. 
    In the basic monitoring package for EC2, Amazon CloudWatch provides the following metrics:
    • A. 

      Web server visible metrics such as number failed transaction requests

    • B. 

      Operating system visible metrics such as memory utilization

    • C. 

      Database visible metrics such as number of connections

    • D. 

      Hypervisor visible metrics such as CPU utilization

  • 33. 
    Can an EBS volume be attached to more than one EC2 instance at the same time?
    • A. 

      No

    • B. 

      Yes.

    • C. 

      Only EC2-optimized EBS volumes.

    • D. 

      Only in read mode.

  • 34. 
    Disabling automated backups disables the point-in-time recovery feature.
    • A. 

      True

    • B. 

      False

  • 35. 
    Out of the striping options available for the EBS volumes, which one has the following disadvantage : ‘Doubles the amount of I/O required from the instance to EBS compared to RAID 0, because you’re mirroring all writes to a pair of volumes, limiting how much you can stripe.’ ?
    • A. 

      Raid 5

    • B. 

      Raid 6

    • C. 

      Raid 1

    • D. 

      Raid 2

  • 36. 
    • A. 

      5,000 us east, 1,000 all other regions

    • B. 

      100,000 us east, 10, 000 all other regions

    • C. 

      Designed to scale without limits, but if you go beyond 40,000 us east/10,000 all other regions you have to contact AWS first.

    • D. 

      There is no limit

  • 37. 
    • A. 

      20

    • B. 

      5

    • C. 

      10

    • D. 

      15

  • 38. 
    While performing volume status checks using volume status checks, if the status is insufficient-data, what does it mean?
    • A. 

      Checks may still be in progress on the volume

    • B. 

      Check has passed

    • C. 

      Check has failed

    • D. 

      There is no such status

  • 39. 
    SQL Server stores logins and passwords in the master database.
    • A. 

      True

    • B. 

      False

  • 40. 
    Using Amazon IAM, I can give permissions based on organizational groups?
    • A. 

      True

    • B. 

      False

  • 41. 
    While creating an EC2 snapshot using the API, which Action should I be using?
    • A. 

      MakeSnapShot

    • B. 

      FreshSnapshot

    • C. 

      DeploySnapshot

    • D. 

      CreateSnapshot

  • 42. 
    Reserved Instances are available for Multi-AZ Deployments.
    • A. 

      True

    • B. 

      False

  • 43. 
    New database versions will automatically be applied to AWS RDS instances as they become available.
    • A. 

      True

    • B. 

      False

  • 44. 
    • A. 

      1

    • B. 

      3

    • C. 

      5

  • 45. 
    • A. 

      None of these.

    • B. 

      A list of users that can access Amazon EC2 instances.

    • C. 

      An Access Control List (ACL) for AWS resources.

    • D. 

      It acts as a virtual firewall that controls the traffic for one or more instances.

  • 46. 
    Multi-AZ deployment is supported for Microsoft SQL Server DB Instances.
    • A. 

      True

    • B. 

      False

  • 47. 
    Does AWS allow for the use of Multi Factor Authentication tokens?
    • A. 

      Yes, with both hardware or virtual MFA devices

    • B. 

      Yes, but only virtual MFA devices.

    • C. 

      Yes, but only physical (hardware) MFA devices.

    • D. 

      No

  • 48. 
    In a management network scenario, which interface on the instance handles public-facing traffic?
    • A. 

      Primary network interface

    • B. 

      Subnet interface

    • C. 

      Secondary network interface

  • 49. 
    By default, what happens to ENIs that are automatically created and attached to EC2 instances when the attached instance terminates?
    • A. 

      Remain as is

    • B. 

      Terminate

    • C. 

      Hibernate

    • D. 

      Pause

  • 50. 
    How many relational database engines does RDS currently support?
    • A. 

      Three: MySQL, Oracle and Microsoft SQL Server.

    • B. 

      Just two: MySQL and Oracle.

    • C. 

      Six: Amazon Aurora, Oracle, Microsoft SQL Server, PostgreSQL, MySQL and MariaDB.

    • D. 

      Just one: MySQL.

  • 51. 
    • A. 

      Creates a new rule inside the security group.

    • B. 

      Creates a new security group for use with your account.

    • C. 

      Creates a new group inside the security group.

    • D. 

      Groups the user created security groups in to a new group for easy access.

  • 52. 
    • A. 

      500

    • B. 

      50

    • C. 

      5

    • D. 

      There is no limit

  • 53. 
    Is there a method or command in the IAM system to allow or deny access to a specific instance?
    • A. 

      Only for VPC based instances

    • B. 

      Yes

    • C. 

      No

  • 54. 
    After an Amazon EC2-VPC instance is launched, can I change the VPC security groups it belongs to?
    • A. 

      No

    • B. 

      Yes

    • C. 

      Only if you are the root user

    • D. 

      Only if the tag “VPC_Change_Group” is true

  • 55. 
    In Amazon CloudWatch, which metric should I be checking to ensure that your DB Instance has enough free storage space?
    • A. 

      FreeStorage

    • B. 

      FreeStorageVolume

    • C. 

      FreeStorageSpace

    • D. 

      FreeStorageAllocation

  • 56. 
    A Provisioned IOPS SSD volume must be at least _____ GB in size.
    • A. 

      1

    • B. 

      6

    • C. 

      20

    • D. 

      4

  • 57. 
    You are a solutions architect working for a company that specializes in ingesting large data feeds (using Kinesis) and then analyzing these feeds using Elastic Map Reduce (EMR). The results are then stored on a custom MySQL database which is hosted on an EC2 instance which has 3 volumes, the root/boot volume, and then 2 additional volumes which are striped in to a RAID 1. Your company recently had an outage and lost some key data and have since decided that they will need to run nightly back ups. Your application is only used during office hours, so you can afford to have some down time in the middle of the night if required. You decide to take a snapshot of all three volumes every 24 hours. In what manner should you do this?
    • A. 

      Take a snapshot of each volume independently, while the EC2 instance is running.

    • B. 

      Stop the EC2 instance and take a snapshot of each EC2 instance independently. Once the snapshots are complete, start the EC2 instance and ensure that all relevant volumes are remounted.

    • C. 

      Add two additional volumes to the existing RAID 0 volume and mirror these volumes creating a RAID 10. Take a snap of only the two new volumes.

    • D. 

      Create a read replica of the existing EC2 instance and then take your snapshots from the read replica and not the live EC2 instance.

  • 58. 
    • A. 

      Server Side Encryption (SSE)-S3, SSE-C, SSE-KMS or a client library such as Amazon S3 Encryption Client.

    • B. 

      Server Side Encryption (SSE)-S3, SSE-A, SSE-KMS or a client library such as Amazon S3 EncryptionClient.

    • C. 

      Server Side Encryption (SSE)-S3, SSE-C, SSE-SSL or a client library such as Amazon S3 Encryption Client.

    • D. 

      Server Side Encryption (SSE)-S3, SSE-C, SSE-SSL or a server library such as Amazon S3 Encryption Client.

  • 59. 
    In Identity and Access Management, when you first create a new user, certain security credentials are automatically generated. Which of the below are valid security credentials?
    • A. 

      Access Key ID, Authorized Key

    • B. 

      Private Key, Secret Access Key

    • C. 

      Private Key, Authorized Key

    • D. 

      Access Key ID, Secret Access Key

  • 60. 
    Amazon Web Services offer 3 different levels of support, which of the below are valid support levels.
    • A. 

      Corporate, Business, Developer

    • B. 

      Enterprise, Business, Developer

    • C. 

      Enterprise, Business, Free Tier

    • D. 

      Enterprise, Company, Free Tier

  • 61. 
    You are a solutions architect working for a large digital media company. Your company is migrating their production estate to AWS and you are in the process of setting up access to the AWS console using Identity Access Management (IAM). You have created 5 users for your system administrators. What further steps do you need to take to enable your system administrators to get access to the AWS console?
    • A. 

      Generate an Access Key ID & Secret Access Key, and give these to your system administrators.

    • B. 

      Enable multi-factor authentication on their accounts and define a password policy.

    • C. 

      Generate a password for each user created and give these passwords to your system administrators.

    • D. 

      Give the system administrators the secret access key and access key id, and tell them to use these credentials to log in to the AWS console.

  • 62. 
    Amazon S3 buckets in all Regions provide which of the following?
    • A. 

      Read-after-write consistency for PUTS of new objects AND Strongly consistent for POST & DELETES

    • B. 

      Read-after-write consistency for POST of new objects AND Eventually consistent for overwrite PUTS & DELETES

    • C. 

      Read-after-write consistency for PUTS of new objects AND Eventually consistent for overwrite PUTS & DELETES

    • D. 

      Read-after-write consistency for POST of new objects AND Strongly consistent for POST & DELETES

  • 63. 
    • A. 

      Security Groups

    • B. 

      Elastic Load Balancers

    • C. 

      Network Access Control Lists

    • D. 

      EC2

  • 64. 
    • A. 

      Elastic Load Balancer

    • B. 

      Elastic Map Reduce

    • C. 

      Elasticache

    • D. 

      RDS

  • 65. 
    When trying to grant an amazon account access to S3 using access control lists what method of identification should you use to identify that account with?
    • A. 

      The email address of the account or the canonical user ID

    • B. 

      The AWS account number

    • C. 

      The ARN

    • D. 

      An email address with a RFA token

  • 66. 
    You are a solutions architect working for a large oil and gas company. Your company runs their production environment on AWS and has a custom VPC. The VPC contains 3 subnets, 1 of which is public and the other 2 are private. Inside the public subnet is a fleet of EC2 instances which are the result of an autoscaling group. All EC2 instances are in the same security group. Your company has created a new custom application which connects to mobile devices using a custom port. This application has been rolled out to production and you need to open this port globally to the internet. What steps should you take to do this, and how quickly will the change occur?
    • A. 

      Open the port on the existing network Access Control List. Your EC2 instances will be able to communicate on this port after a reboot.

    • B. 

      Open the port on the existing network Access Control List. Your EC2 instances will be able to communicate over this port immediately.

    • C. 

      Open the port on the existing security group. Your EC2 instances will be able to communicate over this port immediately.

    • D. 

      Open the port on the existing security group. Your EC2 instances will be able to communicate over this port as soon as the relevant Time To Live (TTL) expires.

  • 67. 
    • A. 

      Import to Amazon S3

    • B. 

      Export from Amazon S3

    • C. 

      Import to Amazon EBS

    • D. 

      Import to Amazon Glacier

    • E. 

      Export to Amazon Glacier

  • 68. 
    • A. 

      Security Groups – Specific Ports Unrestricted

    • B. 

      MFA on Root Account

    • C. 

      IAM Use

    • D. 

      Vulnerability scans on existing VPCs.

  • 69. 
    You work for a market analysis firm who are designing a new environment. They will ingest large amounts of market data via Kinesis and then analyze this data using Elastic Map Reduce. The data is then imported in to a high performance NoSQL Cassandra database which will run on EC2 and then be accessed by traders from around the world. The database volume itself will sit on 2 EBS volumes that will be grouped into a RAID 0 volume. They are expecting very high demand during peak times, with an IOPS performance level of approximately 15,000. Which EBS volume should you recommend?
    • A. 

      Magnetic

    • B. 

      General Purpose SSD

    • C. 

      Provisioned IOPS (PIOPS)

    • D. 

      Turbo IOPS (TIOPS)

  • 70. 
    • A. 

      Pseudo-Virtual (PV) & Hardware Virtual Module (HSM)

    • B. 

      Para-Virtual (PV) & Hardware Virtual Machine (HVM)

    • C. 

      Pseudo-Virtual (PV) & Hardware Virtual Machine (HVM)

    • D. 

      Para-Virtual (PV) & Hardware Virtual Module (HSM)

  • 71. 
    • A. 

      Gateway-accessed volumes

    • B. 

      Gateway-cached volumes

    • C. 

      Gateway-stored volumes

    • D. 

      Gateway-Virtual Tape Library

  • 72. 
    You have started a new role as a solutions architect for an architectural firm that designs large sky scrapers in the Middle East. Your company hosts large volumes of data and has about 250Tb of data on internal servers. They have decided to store this data on S3 due to the redundancy offered by it. The company currently has a telecoms line of 2Mbps connecting their head office to the internet. What method should they use to import this data on to S3 in the fastest manner possible.
    • A. 

      Upload it directly to S3

    • B. 

      Purchase and AWS Direct connect and transfer the data over that once it is installed.

    • C. 

      AWS Data pipeline

    • D. 

      AWS Import/Export

  • 73. 
    You are designing a site for a new start up which generates cartoon images for people automatically. Customers will log on to the site, upload an image which is stored in S3. The application then passes a job to AWS SQS and a fleet of EC2 instances poll the queue to receive new processing jobs. These EC2 instances will then turn the picture in to a cartoon and will then need to store the processed job somewhere. Users will typically download the image once (immediately), and then never download the image again. What is the most commercially feasible method to store the processed images?
    • A. 

      Rather than use S3, store the images inside a BLOB on RDS with Multi-AZ configured for redundancy.

    • B. 

      Store the images on S3 RRS, and create a lifecycle policy to delete the image after 24 hours.

    • C. 

      Store the images on glacier instead of S3.

    • D. 

      Use elastic block storage volumes to store the images.

  • 74. 
    You are hosting a website in Ireland called aloud.guru and you decide to have a static DR site available on S3 in the event that your primary site would go down. Your bucket name is also called “acloudguru”. What would be the S3 URL of the static website?
    • A. 

      Https://acloudguru.s3-website-eu-west-1.amazonaws.com

    • B. 

      Https://s3-eu-east-1.amazonaws.com/acloudguru

    • C. 

      Https://acloudguru.s3-website-us-east-1.amazonaws.com

    • D. 

      Https://s3-eu-central-1.amazonaws.com/acloudguru

  • 75. 
    • A. 

      Lambda

    • B. 

      SWF

    • C. 

      SQS

    • D. 

      Email

    • E. 

      HTTPS

  • 76. 
    You are appointed as your company’s Chief Security Officer and you want to be able to track all changes made to your AWS environment, by all users and at all times, in all regions. What AWS service should you use to achieve this?
    • A. 

      CloudAudit

    • B. 

      CloudWatch

    • C. 

      CloudTrail

    • D. 

      CloudDetective

  • 77. 
    You have a high performance compute application and you need to minimize network latency between EC2 instances as much as possible. What can you do to achieve this?
    • A. 

      Use Elastic Load Balancing to load balance traffic between availability zones

    • B. 

      Create a CloudFront distribution and to cache objects from an S3 bucket at Edge Locations.

    • C. 

      Create a placement group within an Availability Zone and place the EC2 instances within that placement group.

    • D. 

      Deploy your EC2 instances within the same region, but in different subnets and different availability zones so as to maximize redundancy.

  • 78. 
    Amazon S3 buckets in the US Standard region do not provide eventual consistency.
    • A. 

      True

    • B. 

      False

  • 79. 
    Placement Groups can be created across 2 or more Availability Zones.
    • A. 

      True

    • B. 

      False

  • 80. 
    You can add multiple volumes to an EC2 instance and then create your own RAID 5/RAID 10/RAID 0 configurations using those volumes.
    • A. 

      True

    • B. 

      False

  • 81. 
    You are creating your own relational database on an EC2 instance and you need to maximize IOPS performance. What can you do to achieve this goal?
    • A. 

      Add a single additional volume to the EC2 instance with provisioned IOPS.

    • B. 

      Create the database on an S3 bucket.

    • C. 

      Add multiple additional volumes with provisioned IOPS and then create a RAID 0 stripe across those volumes.

    • D. 

      Attach the single volume to multiple EC2 instances so as to maximize performance.

  • 82. 
    • A. 

      Elasticache & Elastic MapReduce

    • B. 

      RDS & DynamoDB

    • C. 

      EC2 & Elastic MapReduce

    • D. 

      Elasticache & DynamoDB

  • 83. 
    Using SAML (Security Assertion Markup Language 2.0) you can give your federated users single sign-on (SSO) access to the AWS Management Console.
    • A. 

      True

    • B. 

      False

  • 84. 
    You can have 1 subnet stretched across multiple availability zones.
    • A. 

      True

    • B. 

      False

  • 85. 
    When you create new subnets within a custom VPC, by default they can communicate with each other, across availability zones.
    • A. 

      True

    • B. 

      False

  • 86. 
    It is possible to transfer a reserved instance from one Availability Zone to another.
    • A. 

      True

    • B. 

      False

  • 87. 
    You have an EC2 instance which needs to find out both its private IP address and its public IP address. To do this you need to;
    • A. 

      Run IPCONFIG (Windows) or IFCONFIG (Linux)

    • B. 

      Retrieve the instance Metadata from http://169.254.169.254/latest/meta-data/

    • C. 

      Retrieve the instance Userdata from http://169.254.169.254/latest/meta-data/

    • D. 

      Use the following command; AWS EC2 displayIP

  • 88. 
    To retrieve instance metadata or userdata you will need to use the following IP Address;
    • A. 

      Http://127.0.0.1

    • B. 

      Http://192.168.0.254

    • C. 

      Http://10.0.0.1

    • D. 

      Http://169.254.169.254

  • 89. 
    Amazon S3 buckets in all other regions (other than US Standard) provide read-after-write consistency for PUTS of new objects.
    • A. 

      True

    • B. 

      False

  • 90. 
    Amazon S3 buckets in all other regions (other than US Standard) do not provide eventual consistency for overwrite PUTS and DELETES.
    • A. 

      True

    • B. 

      False

  • 91. 
    Amazon S3 provides;
    • A. 

      Unlimited File Size for Objects

    • B. 

      Unlimited Storage

    • C. 

      A great place to run a No SQL database from

    • D. 

      The ability to act as a web server for dynamic content (i.e. can query a database)

  • 92. 
    In order to enable encryption at rest using EC2 and Elastic Block Store you need to
    • A. 

      Configure encryption when creating the EBS volume

    • B. 

      Configure encryption using the appropriate Operating Systems file system

    • C. 

      Configure encryption using X.509 certificates

    • D. 

      Mount the EBS volume in to S3 and then encrypt the bucket using a bucket policy.

  • 93. 
    You can select a specific Availability Zone in which to place your DynamoDB Table?
    • A. 

      True

    • B. 

      False

  • 94. 
    When creating an RDS instance you can select which availability zone in which to deploy your instance.
    • A. 

      True

    • B. 

      False

  • 95. 
    Amazon’s Redshift uses which block size for its columnar storage?
    • A. 

      2KB

    • B. 

      8KB

    • C. 

      16KB

    • D. 

      32KB

    • E. 

      1024KB / 1MB

  • 96. 
    You run a website which hosts videos and you have two types of members, premium fee paying members and free members. All videos uploaded by both your premium members and free members are processed by a fleet of EC2 instances which will poll SQS as videos are uploaded. However you need to ensure that your premium fee paying members videos have a higher priority than your free members. How do you design SQS?
    • A. 

      SQS allows you to set priorities on individual items within the queue, so simply set the fee paying members at a higher priority than your free members.

    • B. 

      Create two SQS queues, one for premium members and one for free members. Program your EC2 fleet to poll the premium queue first and if empty, to then poll your free members SQS queue.

    • C. 

      SQS would not be suitable for this scenario. It would be much better to use SNS to encode the videos.

  • 97. 
    You have uploaded a file to S3. What HTTP code would indicate that the upload was successful?
    • A. 

      HTTP 404

    • B. 

      HTTP 501

    • C. 

      HTTP 200

    • D. 

      HTTP 307

  • 98. 
    You are hosting a MySQL database on the root volume of an EC2 instance. The database is using a large amount of IOPs and you need to increase the IOPs available to it. What should you do?
    • A. 

      Migrate the database to an S3 bucket.

    • B. 

      Migrate the database to Glacier.

    • C. 

      Add 4 additional EBS SSD volumes and create a RAID 10 using these volumes.

    • D. 

      Use CloudFront to cache the database.

  • 99. 
    You have been asked to create VPC for your company. The VPC must support both Internet-facing web applications (ie they need to be publicly accessible) and internal private applications (i.e. they are not publicly accessible and can be accessed only over VPN). The internal private applications must be inside a private subnet. Both the internet-facing and private applications must be able to leverage at least three Availability Zones for high availability. At a minimum, how many subnets must you create within your VPC to achieve this?
    • A. 

      5

    • B. 

      3

    • C. 

      4

    • D. 

      6

  • 100. 
    You work for a cosmetic company which has their production website on AWS. The site itself is in a two-tier configuration with web servers in the front end and database servers at the back end. The site uses using Elastic Load Balancing and Auto Scaling. The databases maintain consistency by replicating changes to each other as and when they occur. This requires the databases to have extremely low latency. Your website needs to be highly redundant and must be designed so that if one availability zone goes offline and Auto Scaling cannot launch new instances in the remaining Availability Zones the site will not go offline. How can the current architecture be enhanced to ensure this?
    • A. 

      Deploy your site in three different AZ’s within the same region. Configure the Auto Scaling minimum to handle 50 percent of the peak load per zone.

    • B. 

      Deploy your website in 2 different regions. Configure Route53 with a failover routing policy and set up health checks on the primary site.

    • C. 

      Deploy your site in three different AZ’s within the same region. Configure the Auto Scaling minimum to handle 33 percent of the peak load per zone.

    • D. 

      Deploy your website in 2 different regions. Configure Route53 with Weighted Routing. Assign a weight of 25% to region 1 and a weight of 75% to region 2.