Question - 1: Distributing Incoming Tra C Among The Instances

Batch 2 => Cloud Fundamen… 60 minutes
Question - 1 SCORE: 5 points
Which of the following are functions of the Elastic Load Balancer (ELB) ?
( Select 2 options )
Distributing incoming traffic among the instances
Checking the health status of the instances
Provisioning new instances to replace unhealthy instances
Scaling Out/In based on the demand
An Application consists of the following architecture :

a) EC2 instances in multiple AZ's behind an ELB
b) The EC2 instances are launched via an Auto Scaling group
c) There is a NAT instance which is used to ensure that instances in the Private Subnet
can connect to the internet

How can you make this architecture better by improving the availability
Have a NAT instance in both subnets
Replace the NAT instance with a NAT Gateway
Have some EC2 instances created outside of the Auto Scaling Group
Replace the Application Load Balancer to Classic Load Balancer
A user wants to use an EBS-backed Amazon EC2 instance for a temporary job. Based on
the input data, the job is most likely to finish within a week. Which of the following
steps should be followed to terminate the instance automatically once the job is
finished ?
Configure the EC2 instance with a stop instance to terminate it.

Configure the EC2 instance with ELB to terminate the instance when it remains idle.

Configure the CIoudWatch alarm on the instance that should perform the termination
action once the
instance is idle.

Configure the Auto Scaling schedule activity that terminates the instance after 7 days.
None of the above
What are some of the ways in which Horizontal Scaling can happen with RDS ?
1/29
( Select all that apply )
Changing the Instance Class (Type & Size)
Read Replicas
Sharding
Elasticache
You want to automate the process of creating a VPC, 2 public subnets, 2 private
subnets, Internet Gateway and a NAT instance.
You also want to provision an EC2 instance in the public Subnet and configure the
instance as a Web Server. Which AWS service
will help you to automate this task ?
AWS Config
AWS Systems Manager
AWS Opsworks
AWS CloudFormation
AWS Robot
Your team manages a popular website running Amazon Relational Database Service
(Amazon RDS) MySQL back end. The Marketing department has just informed you
about an upcoming television commercial that will drive thousands of new visitors to
the website. How can you prepare your database to handle the load?
(Choose 3 answers)
Vertically scale the DB Instance by selecting a more powerful instance class.
Create read replicas to offload read requests and update your application.

Upgrade the storage from Magnetic volumes to General Purpose Solid State Drive (SSD) volumes.
Upgrade to Amazon Redshift for faster columnar storage.
Change the database engine from MySQL to PostgreSQL
Configure Multi-AZ so that standby can also share the load
What should you do when the Primary fails in an RDS Multi AZ Deployment ?
Run a Script to start the StandBy
Transfer the IP Address of the Primary RDS instance to StandBy
Configure an Elastic IP for the Primary and attach it to StandBy
You don't have to do anything. The failover happens automatically
2/29
Which of the following are benefits of the AWS's Relational Database Service (RDS)?
Choose 3 correct answers from the options below.
Fully Managed
Choice of 6 DB Engines
It allows you to store unstructured data
Faster Querying capability
Multi AZ Capability
When using Amazon Relational Database Service (Amazon RDS) Multi-AZ, how can you
offload read requests from the primary?
(Choose 2 answers)

Configure the connection string of the clients to connect to the secondary node and perform reads while the
primary is used for writes.
Amazon RDS automatically sends writes to the primary and sends reads to the secondary.
Add a read replica DB instance, and configure the client’s application logic to use a read-replica.

Create a caching environment using ElastiCache to cache frequently used data. Update the application logic
to read/write from the cache.
Ensure in the application logic that writes are sent to Primary and reads to Secondary
Cloud formation templates can be written using which of the following scripting
languages ? ( Select 2 options )
Javascript
YAML
Perl
JSON
Python
I have a situation where a file uploaded to S3 should trigger the following activities :

Lambda Function should read the file and update RDS MySQL tables

Which entity will help Lambda to access S3 for reading the file from the bucket and
access RDS MySQL table for writing the data
SNS
SQS
IAM Role
3/29
Multi Factor Authentication
None of the above
A company needs to know which user was responsible for terminating several critical
Amazon Elastic Compute Cloud (Amazon EC2) Instances.
Which service will help to find this information ?
VPC Flowlogs
Trusted Adviser
CloudTrail
CloudWatch
Which AWS Service treats infrastructure as code ?
OpsWorks
Config
CloudTrail
CloudFormation
Which service allows for the collection and tracking of metrics for AWS services?
CloudTrail
CloudWatch
CloudMetrics
CloudTrack
There is a json script file where there are the following divisions :
Parameters, Resources, Mappings, Output

Which service are we talking about here ?
Config
CloudTrail
CloudFormation
Elastic Bean Stalk
4/29
Who is the founder and CEO of Amazon ?
Bill Gates
Steve Jobs
Jeff Bezos
Larry Page
AWS EC2 is an example of
SAAS
PAAS
IAAS
RAAS

If Cross Zone Load Balancing is enabled for the above case what will be the traffic
percentage to the 2 instances from AZ A registered with the Load Balancer ?

25% 25%
6.25% 6.25%
50% 50%
None of the above
5/29
A company wants to implement their website in a virtual private cloud (VPC). The web
tier will use an Auto Scaling group across multiple Availability Zones (AZs). The
database will use Multi-AZ RDS MySQL and should not be publicly accessible. ‘What is
the minimum number of subnets that need to be configured in the VPC ?
1
2
3
4
None of the above
Elastic Load Balancing allows you to distribute traffic across which of the following?
Only within a single Availability Zone
Multiple Availability Zones within a region
Multiple Availability Zones within and between regions

Multiple Availability Zones within and between regions and on-premises virtualized
instances running OpenStack
Identify the components in the given string below :

DB Instance Endpoint, Schema Name, Region
DB Instance Endpoint, Schema Name, Availability Zone
DB Instance Endpoint, Database Name, Availability Zone
DB Instance Endpoint, DB Instance Identifier, Availability Zone
Which of the following can be used to increase the fault tolerance of an application ?
Deploying resources across multiple edge locations
6/29
Deploying resources across multiple VPC’s
Deploying resources across multiple Availability Zones
Deploying resources across multiple AWS Accounts
What are some of the reasons why failover happens in RDS ? ( Select all that apply )
Loss of availability in primary Availability Zone
Loss of network connectivity to primary database
Compute unit failure on primary database
Storage failure on primary database
Which among the following Amazon Relational Database Service (Amazon RDS)
database engines support Multi-AZ ?

1. mySQL
2. postGreSQL
3. Aurora
4. Maria DB
5. Oracle
6. SQL Server
All of them
Microsoft SQL Server, MySQL, and Oracle
Oracle, Amazon Aurora, and PostgreSQL
MySQL
An ERP application is deployed across multiple AZs in a single region. In the event of
failure, the
Recovery Time Objective (RTO) must be less than 3 hours, and the Recovery Point
Objective (RPO) must
be 15 minutes the customer realizes that data corruption occurred roughly 1.5 hours
ago.
What DR strategy could be used to achieve this RTO and RPO in the event of this kind
of failure?

Take hourly DB backups to S3, with transaction logs stored in S3 every 5 minutes.

Use synchronous database master-slave replication between two availability zones.

Take hourly DB backups to EC2 Instance store volumes with transaction logs stored In
S3 every 5 minutes.

Take 15 minute DB backups stored In Glacier with transaction logs stored in S3 every 5
minutes.
7/29
You launch an Amazon EC2 instance without an assigned AWS identity and Access
Management (IAM) role. Later, you decide that the instance should be running with an
IAM role. Which action must you take in order to have a running Amazon EC2 instance
with an IAM role assigned to it ?

Create an image of the instance, and register the image with an IAM role assigned and
an Amazon EBS volume mapping.

Create a new IAM role with the same permissions as an existing IAM role, and assign it
to the running instance.

Create an image of the instance, add a new IAM role with the same permissions as the
desired IAM role, and deregister the image with the new role assigned.

Create an image of the instance, and use this image to launch a new instance with the
desired IAM role assigned.
Your AWS account administrator left your company today. The administrator had
access to the root user and a personal IAM administrator account. With these
accounts, he generated other IAM accounts and keys. Which of the following should
you do today to protect your AWS infrastructure? (Choose 4 answers)
Change the password and add MFA to the root user.
Put an IP restriction on the root user.
Rotate keys and change passwords for IAM accounts.
Delete all IAM accounts.
Delete the administrator’s personal IAM account.
Relaunch all Amazon EC2 instances with new roles.
You want to grant the individuals on your network team the ability to fully manipulate
Amazon EC2 instances. Which of the following accomplish this goal?
(Choose 2 answers)
Create a new policy allowing EC2:* actions, and name the policy NetworkTeam.

Assign the managed policy, EC2FullAccess, to a group named NetworkTeam, and assign all the team
members’ IAM user accounts to that group.

Create a new policy that grants EC2:* actions on all resources, and assign that policy to each individual’s IAM
user account on the network team.

Create a NetworkTeam IAM group, and have each team member log in to the AWS Management Console
using the user name/password for the group.
8/29
Which service enables AWS customers to manage users and permissions in AWS ?
AWS Access Control Service (ACS)
AWS Identity and Access Management (IAM)
AWS Identity Manager (AIM)
Amazon Inspector
None of the above
Which of the following is the concept of Autoscaling ?
To scale up resources based on demand
To distribute traffic to multiple EC2 Instances
To distribute traffic to AWS resources across multiple regions
To increase the size of the EC2 Instance based on demand
There is a requirement to collect important metrics from AWS RDS and EC2 Instances.
Which of the following services can help fulfill this requirement.
Amazon CloudFront
Amazon CloudSearch
Amazon CloudWatch
Amazon Config
Identify the components X, Y and Z in the diagram given below :

X => Listener Process

Y => Target
Z => Target Group
X => ELB Node

Y => Target
Z => Target Group
X => Security Group

Y => Target
Z => Listener Process
X => NACL
Y => Target
Z => Listener Process
9/29
Which document provides a formal statement of one or more permissions ?
Permission
Role
Resource
Policy

Security Groupts
Which of the following statement is/are NOT TRUE regarding Security Groups ?

A) You can specify both Allow and Deny rules
B) You can specify separate rules for inbound and outbound traffic.
C) By default, no inbound traffic is allowed until you add inbound rules to the security
group.
D) By default, new security groups have an outbound rule that allows all outbound
traffic. You can remove the rule and add outbound rules that allow specific
outbound traffic only.
E) Security groups are stateful. This means that responses to allowed inbound traffic
are allowed to flow outbound regardless of outbound rules and vice versa. This is an
important difference between security groups and network ACLs.
D only
A Only
E only
Both A & D

Security Groups
What is the significance of using Security Group A in the source field of Inbound Rules
of a Security Group B ?
You cannot use Security Groups. Only IP Addresses are allowed

It means that only instances other than those that have Security Group A will be
allowed to send traffic

It means that only instances that have Security Group A will be allowed to send traffic

It means that the same rules in Security Group A will be applicable for SEcurity Group B
An EC2 instance is provisioned in a public subnet within a VPC. We are unable to
connect to the instance using putty(SSH). The Key Pair is verified to be the correct one.
What do you think is the issue ? The Inbound & Outbound rules of the Security Group
and NACL are provided below :
10/29

Security Group Inbound Rules

Security Group Outbound Rules

NACL Inbound Rules

NACL Outbound Rules

There is no Outbound Rule for TCP traffic in Security Groups
There is no Outbound ALLOW rule for TCP traffic in NACL

There is no Outbound Rule for TCP traffic in Security Groups and
There is no Outbound
Rule ALLOW rule for TCP traffic in NACL

There is no HTTP rules in both Inbound as well as Outbound in both Security Groups as
well as NACL
11/29
Which of the following statements are NOT TRUE regarding Security Groups ? ( Select
2)
Security Groups are stateless
You can specify allow rules and deny rules
You can specify separate rules for inbound and outbound traffic

You can change the security groups with which an instance is associated after launch, and the changes will
take effect immediately.

By default, new security groups have an outbound rule that allows all outbound traffic. You can remove the
rule and add outbound rules that allow specific outbound traffic only.
When you want to update the Security Group with which an instance is associated you
must :
Stop the instance, Update Security Group information, Start the Instance
You don't have to do anything. The updated rules take effect immediately

Update the Security Group. Download a fresh KeyPair and then connect to the instance
Security Group rules once created cannot be updated
Assuming that the Security Group allows ALL incoming Traffic from ALL sources (
0.0.0.0/0 ) will our web server receive HTTP Traffic ?
The NACL Inbound Rules are displayed below :

No
Yes
May be
Yes, if we change the order of the rules as follows : *, 50, 100
12/29
Your instance is associated with two security groups. The first allows Remote Desktop
Protocol (RDP) access over port 3389 from Classless Inter-Domain Routing (CIDR) block
72.14.0.0/16. The second allows HTTP access over port 80 from CIDR block 0.0.0.0/0.
What traffic can reach your instance ?
RDP and HTTP access from CIDR block 0.0.0.0/0
No traffic is allowed.
RDP and HTTP traffic from 72.14.0.0/16

RDP traffic over port 3389 from 72.14.0.0/16 and HTTP traffic over port 80 from
0.0.00/0
None of the above

EC2
EC2
The description in Columns A, B, C & D refer to

Spot Instances, On Demand Instances, Reserved Instances, Dedicated Instances
On Demand Instances, Spot Instances, Reserved Instances, Dedicated Hosts

On Demand Instances, Spot Instances, Reserved Instances, Dedicated Instances

Reserved Instances, Spot Instances, On Demand Instances, Dedicated Instances

EC2
IAM
I have a scenario where I have copy some files (objects) from S3 to my EC2 instance
(EBS). I have checked that AWS CLI is installed properly.
When I try connecting to the Linux EC2 instance using PUTTY I am able to connect. But
I am not able to access S3. What could be the issue here ? ( Select 2 options )
Check whether the Key Pair is the correct one
Check whether IAM role was configured when the instance was created
Check the Security Groups to see if they allow S3 access
Check whether the IAM role provided permissions for S3 access
Check whether the VPC has an Internet Gateway attached
13/29
When you provision an EC2 instance by default every instance will have
Private IP, Public IP & Elastic IP are assigned by default

Only Private IP is assigned by Default,
Public IP only on request,
Elastic IP should be
obtained separately and attached

Only Private IP & Public IP are assigned by Default
Elastic IP should be obtained
separately and attached
Nothing is by default. You need to request for Private, Public & Elastic IP

CPU Utilization
The following graph shows CPU utilization of EC2 instances in an Auto Scaling Group ?
Which service provides this information ?

CloudTrail
CloudFront
CloudWatch
CloudFormation
You want to take a snapshot of an EC2 Instance and create a new instance out of it. In
AWS what is this snapshot equivalent to?
EBS Volumes
AMI
EC2 Snapshot
EBS Snapshot

Scaling
When you upgrade your existing EC2 instance to an instance with more compute &
RAM. Changing an Instance Type to a better capacity instance is called
14/29
________________________
Horizontal Scaling
Load Balancing
Optimization
Vertical Scaling
None of the above
A company has a set of EC2 Linux based instances hosted in AWS. They need to have a
standard file interface to files which can be shared by all
linux instances. Which of the following AWS Services are appropriate for the purpose ?
S3
EBS
EFS
Storage Gateway

EBS
EBS
Which of the following are TRUE regarding EBS Volumes ?

a) When you create an EBS volume in an Availability Zone, it is automatically replicated
within that Region to prevent data loss due to failure of any single hardware
component.
b) After you create a volume, you can attach it to any EC2 instance in the same Region.
c) An EBS volume can be attached to more than one instance at a time, but multiple
volumes cannot be attached to a single instance.
d) An EBS volume and the instance to which it attaches can be in different Regions
e) None of the above
a
b
c
d
e

Elastic Load Balancer
Match the following items =>

A) Cross Zone Load Balancing 1) The period for which the Load Balancer keeps
connections alive for the unhealthy instances before de-registering
B) Idle Connection Timeout 2) Are the EC2 instances to which the Load
Balancer directs traffic
C) Healthy Threshold 3) Ensures equitable distribution of load across all
instances in 2 or more AZ's
15/29
D) Connection Draining 4) Number of consecutive health checks to be
performed by the Load Balancer before declaring a target instance as healthy
E) Target 5) The period of waiting when there is no traffic after
which the Load Balancer closes the connection with the target instance

A) => 3 B) => 5 C) => 4 D) => 1 E) => 2
A) => 3 B) => 1 C) => 4 D) => 5 E) => 2
A) => 4 B) => 1 C) => 3 D) => 5 E) => 2
A) => 3 B) => 3 C) => 1 D) => 5 E) => 2

Bucket Policy
S3
Which of the policies grants read only access to anonymous user ?

A)

{ "Version":"2012-10-17",
"Statement":[
{
"Sid":"PublicRead",
"Effect":"Read",
"Principal": "*",
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3::: examplebucket /*"]
}
]
}
B)

{ "Version":"2012-10-17",
"Statement":[
{
"Sid":"PublicRead",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:PutObject"],
}
]
}

C)
{ "Version":"2012-10-17",
"Statement":[
{
"Sid":"PublicRead",
"Effect":"Allow",
"Principal": "*",
}
]
}

D)
{ "Version":"2012-10-17",
"Statement":[
{
"Sid":"PublicRead",
"Effect":"Allow",
"Principal": "All",
16/29
}
]
}
A
B
C
D

Cross Region Replication
S3
One of the important conditions to create Cross Region Replication =>

Identical Lifecycle Policies must be created for both Source and Destination Buckets
Both Source and Destination Buckets should have the same owner
Both Source and Destination Buckets must have versioning enabled
The objects in the Source and Destination buckets cannot exceed 2 TB is size

S3
Which S3 feature stores objects in two access tiers :

1. higher cost tier that is optimized for frequent access
2. lower cost tier that is optimized for infrequent access
S3 - Storage Analytics
S3 - Lifecycle Policy
S3 - Intelligent Tiering
S3 - Reduced Redundancy

S3
How can you allow access of the buckets created by you ( you are the owner ) to
another AWS Account ?

By adding the other AWS Account as principal and your bucket as the Resource in the
Bucket Policy
By adding other account as an IAM user to your account

By adding the other AWS Account as principal and your bucket as the Resource in the
IAM User Policy

By updating the Bucket Metadata and changing the owner of the Bucket to the other
AWS Account user
17/29
You are migrating your applications to the cloud. You have decided to use S3 as the
storage solution for your needs.
You have to move a set of files and folders to S3 from your on-premise unix file system.
You have to strictly maintain
the hierarchy in the order shown below.

logs/2016/January/server42.log
logs/2016/February/server42.log
logs/2016/March/server42.log

How would you create this hiearchy in S3 ?

Create a bucket called logs and under that bucket create a bucket for the year 2016
and under that bucket create buckets for each of the months January through
December and then upload the file server42.log

You cannot create this hierarchy in S3 as S3 follows a flat hierarchy. You have to use
EBS instead

Though you cannot create this hierarchy with S3 you can simulate the same behavior by
the filename Prefix. S3 allows / to be used in filenames and the filename can be used to
reflect the hierarchy though all files will be stored in a flat structure inside the bucket

S3 allows only 2 levels of nesting and hence the year and month should be created as
separate buckets inside the logs bucket
None of the above

EC2
EC2
In the EC2 Lab you copied in this script in the User Data window. What does this script
do ?

#!/bin/bash
yum update -y
yum -y install httpd
systemctl enable httpd
systemctl start httpd
echo '<html><h1>Hello World!</h1></html>' >

/var/www/html/index.html
It creates a Virtual Machine and installs the Linux OS
It creates an RDS instance and installs the SQL Server database

18/29
It installs the Apache Web Server on the Linux EC2 instance and runs the Web Server

It installs the IIS Web Server on the Windows EC2 instance and runs the Web Server
It formats and configures an EBS Volume

Shared Responsibility Model
SRM
Which of the following is the responsibility of the customer to ensure the availability
and backup of EBS Volumes ?
Create new EBS Volumes
Create EBS Snapshots
Go for Provisioned IOPS Volumes
Go for Magnetic Volumes
None of the above

AWS Free Tier
AWS Free Tier
Whcih of the following cannot be AWS free tier ?
12 Months Free
Always Free
Long Term Free Trials
Short Term Free Trials
None of the above

S3
S3
In the Bucket Policy if we replace "S3:GetObject" with "S3:PutObject" then what

permissions do we have ?

19/29
We will be able to upload files into the bucket
We will be able to download files from the bucket
We will be able to upload and download files from the bucket
We will be able to overwrite existing files
We will be able to delete files from the bucket

Dynamic Website
Which of the following activities require a dynamic website ?
Rendering an image
Rendering HTML page
Processing a Form
Rendering a Video

RDS
RDS
Below mentioned are the steps to connect to an

RDS database running mySQL
Step 1 => Create a VPC with a public and private subnet
Step 2 => Create an EC2 instance in the public subnet and configure
it as a Web Server
20/29
Step 3 => Configure the inbound rules of the Security Group of the
EC2 instance to allow mySQL Traffic on port 3306 from the
Internet
Step 4 => Create an RDS instance with mySQL engine in the
private subnet
Step 5 => Configure the Security Groups for the RDS instance to
allow mySQL Traffic on port 3306 from the EC2 instance
Step 6 => Configure for Multi AZ
Step 7 => Connect to the EC2 instance in the public subnet using
SSH
Step 8 => From the EC2 instance connect to the RDS instance
Step 9 => Connect to the RDS instance using the IP address
as well as the username and password that were
configured
when you creaated the instance.

Which steps are incorrect ( select 2 ) ?

Step 7 & Step 9
Step 3 & Step 5
Step 3 & Step 9
Step 3 & Step 7
None of the above

Cross Zone Load Balancing
Consider the above diagram. There are 2 Availability Zones AZ1 & AZ2. The ELB spans
both the Availability Zones.
EC2 Instances A & B are in Subnets in AZ1 and C, D and E are in Subnets in AZ2.

If Cross Zone Load Balancing is enabled on the ELB what will be the percentage of
traffic to the EC2 instances
A => 25% B => 25% C => 25% D => 25% E => 0%
A => 25% B => 25% C => 16.66% D => 16.66% E => 16.66%
A => 50% B => 0% C => 50% D => 0% E => 0%
A => 20% B => 20% C => 20% D => 20% E => 20%
21/29
ELB cannot span Availability Zones. So the configuration is not possible

CIDR Blocks
VPC
If a VPC has a configuration 10.0.0.0/26 - How many IP addresses are available for EC2
instances to be created in that VPC ?
64
62
59
32
None of the above
In EC2, what happens to the data in an instance store if an instance reboots (either
intentionally or accidentally) ?
Data is deleted from the instance store for security reasons.
Data persists in the instance store.
Data is copied to an EBS Volume
Data in the instance store will be lost.
None of the above
Which of the following must be specified when launching a new Amazon Elastic
Compute Cloud (Amazon EC2) Windows instance ? (Choose 2 answers)
The Amazon EC2 instance ID
Password for the administrator account
Amazon EC2 instance type
Amazon Machine Image (AMI)

RDS
RDS
In the RDS Lab that you did what type of traffic did you allow in the Inbound Rules of
the Security Group for your RDS instance
SSH, Port 22
HTTP, Port 80
22/29
MySQL, Port 3306
MSSQL, Port 1433
None of the above

RDS
RDS
Which of the following services in sharing the read workloads of the Master Database ?
( Select 2 options )
Elasticache
Standby
Read Replica
Secondary Database

RDS Endpoint
In the RDS Lab you connected to your database instance using an RDS Endpoint such
as

my_app_db.ch6fe7ykq1zd.us-west-2.rds.amazonaws.com

What happens when you connect to the RDS Endpint ?
RDS Instances are identified by Endpoints instead of IP Addresses
RDS Endpoints get resolved by DNS to the IP Address of the RDS Instance

The Web Server instances in the Public Subnet have a table mapping RDS Instance
Endpoints to VPC Endpoints

The Hash Code generated by the Endpoint indexes a table that contains the IP address
of the RDS instance

RDS
What type of replication happens between the Main RDS instance and the Standby RDS
instance in the Multi AZ configuration shown below ?

23/29
There is no replication from Main to Standby.
Synchronous Replication
Asynchronous Replication
Skewed Replication
None of the above

RDS
Which RDS Database Engine combines the performance and availability of high-end
commercial databases with
the simplicity and cost-effectiveness of open-source databases
Oracle
MS SQL Server
Maria DB
Aurora
Order the options in ascending order of cost :

A. Provisioning an RDS mySQL Instance with higher IOPS
B. Installing a relational database such as mySQL on an EC2 instance
C. Provisioning an RDS mySQL with higher IOPS and multi AZ
D. Provisioning an RDS mySQL Instance
A, B, C, D
B, D, A, C
C, B, A, D
D, A, B. C
24/29
ELB
ELB
What type of a Elastic Load Balancer (ELB) is the one below ?

Classic Load Balancer
Network Load Balancer
Application Load Balancer
Gateway Load Balkancer
None of the above

Auto Scaling
The Auto Scaling that kicked in the ELB Lab that you did can be categorized as
Manual Scaling
Scheduled Scaling
Dynamic Scaling
Static Scaling
25/29
Cloud Watch
Cloud Watch
In the Cloud Watch Lab the alram will trigger based on what Metric ?
Whenever CPU utilization of the EC2 instances exceeds 90%
Whenever RAM usage exceed 4 GB
Whenever S3 storage cost exceeds 100 USD
Whenever estimated billing charges exceeds 100 USD
Whenever RDS instance cost exceeds 50 USD

CloudWatch
Cloud Watch is associated with which of the following : ( Select 2 options )
Tracking Metrics
Logging API calls
Resolving DNS Names
Alarms

Cloud Deployment
Amazon RDS is an example of
IAAS
PAAS
SAAS
None of the above

S3
Bucket Policy
What permissions does this policy provide to the bucket ?

26/29
Nobody can access this bucket
Nobody can access this bucket except the owner of the bucket

Anybody can list and download files but they cannot upload files or update(modify)
objects

Anybody can upload and download objects but they cannot update or delete objects
None of the above
A user has an S3 object in the US Standard region with the content “color=red”. The
user updates the object with the content as “color=”white”.
If the user tries to read the value immediately after it was uploaded, what will S3
return ?
It will return “color=white”
It will return “color=red”
It will return an error saying that the object was not found
It may return either “color=red” or “color=white” i.e. any of the value
What are characteristics of Amazon S3? Choose 2 answers.
S3 allows you to store objects of virtually unlimited size.
S3 offers Provisioned IOPS.
S3 allows you to store unlimited amounts of data.
S3 should be used to host a relational database.
Objects are directly accessible via a URL.
27/29
Which of the following help improve performance with respect to S3 ? ( Select 2 )
Range GET's
Multi Factor Authentication (MFA)
Cross Region Replication
Multi-part Uploads
Some of the use cases for S3 are ( Select 2 options ) :
Static Website Hosting
Content, Media, and Software Storage
Dynamic Website Hosting
Transcoding Media Files
In this URL identify the Bucket Name and Object Name (Key)

http://johnsmith.s3.amazonaws.com/photos/puppy.jpg
Bucket Name => photos

Object Name => puppy.jpg

Bucket Name =>johnsmith.s3.amazonaws.com/photos
Object Name => puppy.jpg
Bucket Name =>johnsmith

Object Name => photos/puppy.jpg

Bucket Name =>johnsmith.s3.amazonaws.com
Object Name => photos/puppy.jpg
Which feature of AWS enables very fast, easy, and secure transfers of files over long
distances between your client and your
Amazon S3 bucket ?
File Transfer
HTTP Transfer
S3 Acceleration
Transfer Acceleration
A Solutions Architect is designing a solution to store and archive corporate documents

and has determined that Amazon Glacier is the right solution.
Data must be delivered within 10 minutes of a retrieval request. Which feature in
Amazon Glacier can help meet this requirement ?
Vault Lock
28/29
Expedited Retrieval
Bulk Retrieval
Standard Retrieval

IAM
.NET
IAM
When I want to group users who need permissions to common resources then I would
create ____________________
IAM Role
IAM User
IAM Group
IAM Policy

IAM Best Practices
Which of the following are IAM Best Practices ? ( Select 2 )
Use passwords that you can remember easily such as your name, DOB etc.
Grant Least Privilege to users
Use Multi Factor Authentication (MFA)
Assign policies to users individually instead of groups
Do not change passwords regularly
29/29

Question - 1: Distributing Incoming Tra C Among The Instances

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Question - 1: Distributing Incoming Tra C Among The Instances

Uploaded by

Copyright:

Available Formats

Batch 2 => Cloud Fundamen… 60 minutes

Question - 1 SCORE: 5 points

Distributing incoming traffic among the instances

Checking the health status of the instances

Provisioning new instances to replace unhealthy instances

Scaling Out/In based on the demand

Question - 2 SCORE: 5 points

An Application consists of the following architecture :

Have a NAT instance in both subnets

Replace the NAT instance with a NAT Gateway

Replace the Application Load Balancer to Classic Load Balancer

Question - 3 SCORE: 5 points

Configure the EC2 instance with a stop instance to terminate it.

None of the above

Question - 4 SCORE: 5 points

Changing the Instance Class (Type & Size)

Question - 5 SCORE: 5 points

AWS Systems Manager

Question - 6 SCORE: 5 points

Vertically scale the DB Instance by selecting a more powerful instance class.

Upgrade to Amazon Redshift for faster columnar storage.

Change the database engine from MySQL to PostgreSQL

Configure Multi-AZ so that standby can also share the load

Question - 7 SCORE: 5 points

Run a Script to start the StandBy

Transfer the IP Address of the Primary RDS instance to StandBy

Configure an Elastic IP for the Primary and attach it to StandBy

You don't have to do anything. The failover happens automatically

Question - 8 SCORE: 5 points

Choose 3 correct answers from the options below.

It allows you to store unstructured data

Faster Querying capability

Question - 9 SCORE: 5 points

Question - 10 SCORE: 5 points

Question - 11 SCORE: 5 points

None of the above

Question - 12 SCORE: 5 points

Question - 13 SCORE: 5 points

Which AWS Service treats infrastructure as code ?

Question - 14 SCORE: 5 points

Question - 15 SCORE: 5 points

Elastic Bean Stalk

Question - 16 SCORE: 5 points

Question - 17 SCORE: 5 points

AWS EC2 is an example of

Question - 18 SCORE: 5 points

None of the above

Question - 19 SCORE: 5 points

None of the above

Question - 20 SCORE: 5 points

Only within a single Availability Zone

Multiple Availability Zones within a region

Multiple Availability Zones within and between regions

Question - 21 SCORE: 5 points

Identify the components in the given string below :

DB Instance Endpoint, Schema Name, Region

DB Instance Endpoint, Schema Name, Availability Zone

DB Instance Endpoint, Database Name, Availability Zone

DB Instance Endpoint, DB Instance Identifier, Availability Zone

Question - 22 SCORE: 5 points

Deploying resources across multiple edge locations

Deploying resources across multiple Availability Zones