Aws Practice Exam
QUESTION 9: You work for a cosmetic company which has their production website on AWS. The site itself is in a two-tier configuration with web servers in the front end and database servers at the back end. The site uses using Elastic Load Balancing and Auto Scaling. The databases maintain consistency by replicating changes to each other as and when they occur. This requires the databases to have extremely low latency. Your website needs to be highly redundant and must be designed so that if one availability zone goes offline and Auto Scaling cannot launch new instances in the remaining Availability Zones, the site will not go offline. How can the current architecture be enhanced to ensure this? Deploy your website in 2 different regions. Configure Route53 with Weighted Routing. Assign a weight of 25% to region 1 and a weight of 75% to region 2. Deploy your site in three different AZs within the same region. Configure the Auto Scaling minimum to handle 33 percent of the peak load per zone. Deploy your site in three different AZs within the same region. Configure the Auto Scaling minimum to handle 50 percent of the peak load per zone. Deploy your website in 2 different regions. Configure Route53 with a failover routing policy, and set up health checks on the primary site.
"Deploy your site in 3 different AZ's within the same region. Configure the Auto Scaling minimum to handle 50% of the peak load per zone"
QUESTION 19: What is the maximum size of a general-purpose SSD EBS volume? 2TB 16TiB 2TiB 4GB
16TiB EXPLANATION: The maximum size of a general-purpose SSD EBS volume is 16 TiB.
QUESTION 11: Which of the following are true about Amazon S3-RRS? (Choose 3) S3-RRS offers 99.99% durability. S3-RRS is most often used with reproducible objects. S3-RRS offers 99.999999999 durability S3-RRS offers 99.99% availability.
A, B and D
QUESTION 3: Which of the following statements are not true? (Choose 3) EBS Volumes are ephemeral. EBS Volumes can be attached to an EC2 instance in another AZ EBS Volumes cannot be attached to an EC2 instance in another AZ. EBS Volumes can be attached to multiple instance simultaneously.
A, B, D are not true Volumes can only be mounted by one instance at any time.Instances can only attach EBS Volumes that are in the same Availability Zone. Multiple EBS Volumes can be attached to the same instance. Create an EBS Snapshot of an EBS Volume at any point in time. An EBS volume can be attached to only one instance at a time, but multiple volumes can be attached to a single instance.
QUESTION 29: You are creating an application that will leverage EC2 for its web servers. The application data will be stored on the root device volume attached to the EC2 instance. Data on this volume must persist independently of the life of this particular instance. What EC2 volume should you choose? EBS Lambda Local Instance Store Networked Instance Store
By using Amazon EBS, data on the root device will persist independently from the lifetime of the instance.
Question 1: You have an RDS database that has high performance OLTP workloads. Which storage medium would be best to accommodate these requirements?
C. Provisioned IOPS (SSD) Storage Amazon Redshift, on the other hand, is designed for OLAP workloads. Amazon Glacier is designed for cold archival storage.
QUESTION 18: You have been asked to advise on a scaling concern. The client has a elegant solution that works well. As the information base grows they use CloudFormation to spin up another stack made up of an S3 bucket and supporting compute instances. The trigger for creating a new stack is when the PUT rate approaches 100 PUTs per second. the problem is that as the business grows that number of buckets is growing into the hundreds and will soon be in the thousands. You have been asked what can be done to reduce the number of buckets without changing the basic architecture. Upgrade all buckets to S3 provisioned IOPS to achieve better performance. Set up multiple accounts so that the per account hard limit on S3 buckets is avoided. Change the trigger level to around 3000 as S3 can now accommodate much higher PUT and GET levels. Refine the key hashing to randomise the name Key to achieve the potential of 300 PUTs per second.
Change the trigger level to around 3000 as S3 can now accommodate much higher PUT and GET levels. EXPLANATION: Until 2018 there was a hard limit on S3 puts of 100 PUTs per second. To achieve this care needed to be taken with the structure of the name Key to ensure parallel processing. As of July 2018 the limit was raised to 3500 and the need for the Key design was basically eliminated. Disk IOPS is not the issue with the problem. The account limit is not the issue with the problem.
QUESTION 36: You need to implement a new web application that allows users to store family photos online in such a way that only invited guests will be able to view the images. Which type of S3 encryption should you choose to maintain full end-to-end control of the encryption/decryption of objects and assure that only encrypted objects are transmitted over the Internet to Amazon S3. SSE-S3 SSE-C SSE-KMS Provide a client-side master key to the Amazon S3 Encryption Client
D
QUESTION 39: You need to develop an infrastructure that can be replicated and deployed in another AWS Region in a matter of minutes. Which AWS service might you use to build a reproducible, version-controlled infrastructure? CloudFormation CloudWatch Template Elastic Beanstalk EC2 AMIs with EBS snapshots
EXPLANATION: AWS CloudFormation gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion.
QUESTION 37: You are attempting to move data from one EBS volume to a duplicate volume in a separate region. Which of the following methods will do this best? Allow a VPC peering connection to pull the data over. Use a Linux tool like rsync to sync the volume to the other region. Move the data to S3 and enable cross-region replication. Take a snapshot of the EBS volume and copy it to the desired region.
EXPLANATION: After you've created a snapshot and it has finished copying to Amazon S3, you can copy it from one AWS region to another, or within the same region.
QUESTION 40: Which of the following EC2 operating systems is NOT supported by CloudWatch? None of these. All EC2 instance types and operating systems are supported by CloudWatch. Debian Ubuntu Amazon Linux
EXPLANATION: All EC2 operating systems are supported by CloudWatch.
QUESTION 14: True or False: To prevent in-flight tampering, all requests sent with API keys over a REST or Query API should be sent via HTTPS. True False
EXPLANATION: All requests sent with API keys over a REST or Query API should be sent via HTTP
QUESTION 48: Which of the following protocols is not supported with an Classic Load Balancer? (Choose 2) HTTP HTTPS FTP SSH
EXPLANATION: Amazon's Classic ELB supports the following protocols: HTTP, HTTPS, TCP, and SSL.
QUESTION 34: The customer service organization at your company just told you that a client's purchase from your website was processed twice. Your order process involves EC2 instances processing messages from an SQS queue. What changes might you make to ensure this does not happen again? Switch to long-polling. Increase the visibility timeout on the SQS queue. Rewrite the order-processing workflow to use SWF, rather than SQS. Manually delete the order after processing..
EXPLANATION: An SWF workflow ensures that actions are executed only once.
QUESTION 24: What is the minimum size of an S3 object? 0 bytes 1 bit 1 byte 1 KB
EXPLANATION: An empty file (often, a file that has been 'touched') is allowed. As such, the answer is 0 bytes.
QUESTION 27: True or False: It is possible to have a Multi-AZ copy of your read replica? for some types of RDS engine True False
EXPLANATION: As of Jan 2018, Read-Replicas for some RDS types support multi-AZ read replica.
QUESTION 42: skip not important and I got wrong.... Using the AWS Server Migration Service, what's the maximum number of VMWare VMs that can be migrated concurrently? 10 100 25 50
EXPLANATION: At this writing, 50 VMs can be migrated concurrently.
QUESTION 44: wrong True or False: AutoScaling groups are not intended to handle sudden spikes in traffic. Rather, they are intended to allow your applications to grow elastically as load increases over a short period of time. True False
EXPLANATION: Auto scaling is not really intended to respond to instantaneous spikes in traffic, as it will take some time to spin-up the instances that will handle the additional traffic. For sudden traffic spikes, make sure your application issues a 503 - Service Unavailable message.
QUESTION 31: Which of the following AWS services store data as key-value pairs? (Choose 2) S3 EC2 RDS DynamoDB
EXPLANATION: Both DynamoDB and S3 use key-value pairs. Any database that stores data in json. like apache cassandra
QUESTION 7: By default, how many S3 buckets can you have with a new AWS account? 200 50 100 25
EXPLANATION: By default, customers can provision up to 100 buckets per AWS account. However, you can increase your Amazon S3 bucket limit by visiting AWS Service Limits.
QUESTION 51: You have been load testing a customers new production environment. You create the environment using CloudFormation and you utilize CloudWatch to monitor the environment. After extensive load testing, you are ready to hand the CloudFormation template over to your customer. You delete the environment and give your customer the CloudFormation template. However, they now want to see the results of the load test. How long does CloudWatch store the metrics for EC2 & ELB after deleting those resources? 6 months 15 months 24 months 1 month
EXPLANATION: CloudWatch stores metrics for terminated Amazon EC2 instances or deleted Elastic Load Balancers for 15 months.
QUESTION 55: True or False: Data stored on EBS volumes is automatically and redundantly stored in multiple physical volumes in the same availability zone as part of the normal operations of the EBS service at no additional charge. True False
EXPLANATION: Data stored on EBS volumes is automatically and redundantly stored in multiple physical volumes in the same availability zone as part of the normal operations of the EBS service at no additional charge.
QUESTION 60: At the monthly product meeting, one of the Product Owners proposes an idea to address an immediate shortcoming of the product system: storing a copy of the customer price schedule in the customer record in the database. You know that you can store large text or binary objects in DynamoDB. You give a tentative OK to do a Minimal Viable Product test, but stipulate that it must comply with the size limitation on the Attribute Name & Value. Which is the correct limitation? The combined Value and Name combined must not exceed 440 KB. The combined Value and Name combined must not exceed 256 KB. The combined Value and Name combined must not exceed 400 KB. The combined Value and Name combined must not exceed 500 KB.
EXPLANATION: DynamoDB allows for the storage of large text and binary objects, but there is a limit of 400 KB.
QUESTION 22: Which of the following are AWS compute services? (Choose 3) EFS EC2 Lambda ECS
EXPLANATION: EC2, ECS, and Lambda are AWS compute services. product-icon_Amazon_EC2_icon_squid_ink_125 Amazon EC2 Amazon Elastic Compute Cloud (Amazon EC2) is flexible service that provides resizable cloud-based compute capacity in the form of EC2 instances, which are equivalent to virtual servers. Learn more » product-icon_Amazon_Lightsail_icon_squid_ink_125 Amazon Lightsail Lightsail is an easy-to-use cloud platform that offers you everything you need to build an application or website, including: virtual servers, storage, managed databases, DNS management and static IP addresses - all for a low, predictable price. Learn more » product-icon_Amazon_ECS_icon_squid_ink_125 Amazon ECS Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS. Learn more » product-icon_AWS_Fargate_icon_squid_ink_125 AWS Fargate AWS Fargate is a container management service that allows you to run serverless containers so you don't have worry about provisioning, configuring, and scaling clusters of virtual machines to run containers. Fargate can launch tens of thousands of containers in seconds and easily scale to run your most mission-critical applications. Learn more » product-icon_AWS_Lambda_icon_squid_ink_125 AWS Lambda AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume - there is no charge when your code is not running. With Lambda, you can run code for virtually any type of application or backend service - all with zero administration.
QUESTION 35: True or False: You cannot attach more than one EC2 instance to an AWS Elastic Filesystem. False True
EXPLANATION: EFS provides multiple EC2 instances with low-latency, shared access to a fully-managed file system, and is designed to perform well for a wide variety of workloads, with the ability to scale to thousands of concurrent connections.
QUESTION 38: Your existing on-premise servers rely on Memcached to provide memory object caching. If you were to move to AWS, how might you preserve this functionality? Install Memcached on EC2 ElastiCache None of these Elastic MapReduce
EXPLANATION: ElastiCache is a web service that makes it easy to set up, manage, and scale a distributed in-memory cache environment in the cloud. It provides a high-performance, scalable, and cost-effective caching solution, while removing the complexity associated with deploying and managing a distributed cache environment.
QUESTION 21: You are auditing your company's RDS estate, and you discover a database that is in a single Availability Zone - a violation of company policy. You decide to convert this to a multi-AZ deployment. Which of the following things will happen? (Choose 3) Synchronous replication is configured between primary and standby instances A new standby instance is created in a different Availability Zone, from the snapshot Asynchronous replication is configured between primary and standby instances A snapshot of your primary instance is taken
EXPLANATION: For the RDS MySQL, MariaDB, PostgreSQL and Oracle database engines, when you elect to convert your RDS instance from Single-AZ to Multi-AZ, the following happens: A snapshot of your primary instance is taken, A new standby instance is created in a different Availability Zone, from the snapshot, synchronous replication is configured between primary and standby instances.
QUESTION 49: True or False: you can write objects directly to an edge location. True False
EXPLANATION: It is now possible to expedite uploads to S3 by writing directly to an Edge Location.
QUESTION 47: When reviewing Auto Scaling events, it is noticed that an application is scaling up and down multiple times per hour. What design change could you make to optimize cost while preserving elasticity? Add a Provisioned IOPS volume to the instance. Change the Launch Configuration to use a larger instance type. Change the scale-down CloudWatch metric to a higher threshold. Increase the number of instances in the Auto Scaling group.
EXPLANATION: Modifying your scaling threshold is preferable to altering your number of instances manually.
QUESTION 54: You have designed an application that stores large videos in S3. These videos are usually larger than 100Mb in size. You need to maximize upload performance. Which of the following will achieve this end. (Choose 2) Implement a third party CDN solution. Design the application to use multipart upload, so that the file is split in to multiple parts which are then uploaded simultaneously. Utilize S3 Transfer Acceleration. Require the users to use Direct Connect in order to use to application so as to maximize the upload bandwidth.
EXPLANATION: Multipart Upload is recommended for files greater than 100 Mb, and is required for files 5 GB or larger. S3 Transfer Acceleration is especially useful in cases where your bucket resides in a Region other than the one in which the file transfer was originated.
QUESTION 28: When coding a routine to upload to S3, you have the option of using either single part upload or multipart upload. Identify all the possible reasons below to use Multipart upload. (Choose 4) Multipart upload delivers the ability to pause and resume object uploads. Multipart upload delivers the ability to append data into an open data file. Multipart upload delivers quick recovery from network issues. Multipart upload delivers improved security in transit. Multipart upload delivers the ability to begin an upload before you know the final object size. Multipart upload delivers improved throughput.
EXPLANATION: Multipart upload provides options for more robust file upload in addition to handling larger files than single part upload. Using multipart upload provides the following advantages: Improved throughput - You can upload parts in parallel to improve throughput. Quick recovery from any network issues - Smaller part size minimizes the impact of restarting a failed upload due to a network error. Pause and resume object uploads - You can upload object parts over time. Once you initiate a multipart upload there is no expiry; you must explicitly complete or abort the multipart upload. Begin an upload before you know the final object size - You can upload an object as you are creating it.
QUESTION 43: wrong You have a static HTML website that requires inexpensive, highly available hosting solution that scales automatically to meet traffic demands. Which AWS service would best suit this requirement?..................................a) EC2 with EBS behind and Autoscaling Group with a minimum configuration of 1 instance b)S3 - Static Website Hosting c) EC2 with EBS behind and Autoscaling Group with a minimum configuration of 2 instances d) EC2 with CloudFront
EXPLANATION: S3 Static Website Hosting offers the best solution here: it is highly-available, scales automatically, and is cost-effective............................................................................ Amazon CloudFront is a content delivery network offered by Amazon Web Services. Content delivery networks provide a globally-distributed network of proxy servers which cache content, such as web videos or other bulky media, more locally to consumers, thus improving access speed for downloading the content
QUESTION 41: Correct You have developed a file-sharing website for a large corporate entity. They require that the site to be protected from a regional failure. Which S3 service should you use to achieve this? S3 - RRS with Data Pipeline to DynamoDB S3 - Cross-Region Replication S3 Standard Configure S3 to trigger a Lambda function, which will take an object uploaded to S3 and automatically replicate it to an EBS volume.
EXPLANATION: S3 with Cross-Region Replication automatically replicates data across AWS regions. With CRR, every object uploaded to an S3 bucket is automatically replicated to a destination bucket in a different AWS region that you choose.
QUESTION 45: A client is concerned that someone other than approved administrators is trying to gain access to the Linux web app instances in their VPC. She asks what sort of network access logging can be added. Which of the following might you recommend? (Choose 2) Use Event Log filters to trigger alerts that are forwarded to CloudWatch. Set up a Flow Log for the group of instances and forward them to CloudWatch. Make use of an OS level logging tools such as iptables and log events to CloudWatch or S3. Set up a traffic logging rule on the VPC firewall appliance and direct the log to CloudWatch or S3.
EXPLANATION: Security and Auditing in AWS needs to be considered during the Design phase. B and D
QUESTION 32: On which of the following does the AWS Trusted Adviser service offer advice? (Choose 2) Antivirus protection on EC2 instances Vulnerability scans on existing VPCs Advice on security groups and what ports have unrestricted access Whether there is MFA configure on the Root Account
EXPLANATION: The correct answers are whether there is MFA configure on the Root Account and advice on security groups and what ports have unrestricted access.
QUESTION 25: Your company wants to begin automated backups of the EBS volumes that back their EC2 instances. The durability of the backed-up data is key. Which of the following solutions would you implement and why? Write a cron job that compresses the volume, and use the CLI to copy it to S3. Set the lifecycle policy on the EBS Volume to back it up to Glacier Configure your Storage Gateway as 'Gateway Stored' and store the backups on premise. Write a cron job that uses the AWS CLI to take a snapshot of production EBS volumes.
EXPLANATION: The data from an EBS volume snapshot is durable because EBS snapshots are stored on Amazon S3-Standard.
QUESTION 23: You have a small database workloads with infrequent I/O. Which storage medium would the most cost-effective way to meet these requirements? Amazon RDS Cold Storage Amazon RDS Provisioned IOPS (SSD) Storage Amazon RDS Magnetic Storage Amazon RDS General Purpose (SSD) Storage
EXPLANATION: The question is specific that you are evaluating for RDS. Cold Storage (or Glacier s3 is called, no one calls it cold storage anymore)is not a valid option for RDS. of the three valid types for RDS, Magnetic is still the cheapest. The following list briefly describes the three storage types: General Purpose SSD - General Purpose SSD, also called gp2, volumes offer cost-effective storage that is ideal for a broad range of workloads. These volumes deliver single-digit millisecond latencies and the ability to burst to 3,000 IOPS for extended periods of time. Baseline performance for these volumes is determined by the volume's size. For more information about General Purpose SSD storage, including the storage size ranges, see General Purpose SSD Storage. Provisioned IOPS - Provisioned IOPS storage is designed to meet the needs of I/O-intensive workloads, particularly database workloads, that require low I/O latency and consistent I/O throughput. For more information about provisioned IOPS storage, including the storage size ranges, see Provisioned IOPS SSD Storage. Magnetic - Amazon RDS also supports magnetic storage for backward compatibility. We recommend that you use General Purpose SSD or Provisioned IOPS for any new storage needs. The maximum amount of storage allowed for DB instances on magnetic storage is less than that of the other storage types. For more information, see Magnetic storage.
QUESTION 50: When making use of EC2 instances on Dedicated Hosting, which of the following modes are you able to transition between by stopping the instance and starting it again? (Choose 2) Dedicated & Host Default & Dedicated Host & Dedicated Host & Default
EXPLANATION: The tenancy of an instance can only be change between variants of 'dedicated' tenancy hosting. It cannot be changed from or to default tenancy hosting.
QUESTION 53: Your application stores your customers' sensitive passport information in S3. You are required by law to encrypt all data at rest. Company policy states that you must maintain control of your encryption keys. For ease of management, however, you do not want to implement or maintain a client-side encryption library. Which S3 encryption option should you use to secure your data at rest? SSE-S3 SSE-KMS SSE-C Amazon S3 Encryption Client
EXPLANATION: Use SSE-C if you want to maintain your own encryption keys, but don't want to implement or leverage a client-side encryption library.
QUESTION 59: You successfully configure VPC Peering between VPC-A and VPC-B. You then establish an IGW and a Direct-Connect connection in VPC-B. Can instances in VPC-A connect to your corporate office via the Direct-Connect service as well as connect to the Internet via the IGW? Instances in VPC-A will be able to access the corporate office, but not the Internet. Yes: VPC Peering is designed to route traffic between the VPCs. VPC peering does not support edge-to-edge routing. Instances in VPC-A will be able to access the Internet, but not the corporate office.
EXPLANATION: VPC peering only routes traffic between source and destination VPCs. VPC peering does not support edge-to-edge routing.
QUESTION 52: You need to upgrade your RDS database to a larger instance class and you must minimize the amount of disruption to your business as much as possible. What should you do. Do the upgrade using the AWS CLI using the option --NOREBOOT Do the upgrade using the AWS console and ensure the 'do not reboot' option is checked when upgrading. You do not need to worry: when upgrading an instance class, your database will not go off line. Schedule the upgrade for a maintenance window during a time when you have the fewest possible customers. The production database should only be unavailable for a couple of minutes.
EXPLANATION: When upgrading an RDS instance class your database will be temporarily unavailable while the DB Instance Class is modified. This period of unavailability typically lasts only a few minutes, and will occur during the maintenance window for your DB Instance, unless you specify that the modification should be applied immediately.
QUESTION 17: True or False: There is no cost associated with removing cached objects from a CDN Edge Location. True False
EXPLANATION: While the first 1000 invalidation paths per month are free, additional invalidation paths are $0.005 per request
QUESTION 46: You have an I/O-intensive database in your production environment that requires regular backups. You need to configure it in such a way so that when an automated backup is taken, it does not impact your production environment. Which RDS option should you choose to help you accomplish this? Read Replicas Multi-AZ Cross Region Failover Use Redshift for your backup environment.
EXPLANATION: With Multi-AZ RDS instances and automated backups, I/O activity is no longer suspended on your primary during your preferred backup window, since backups are taken from the standby.
QUESTION 57: Which of the following statements is TRUE. It is possible to configure an Autoscaling Group to repair degraded EBS volumes, without the need to terminate the EC2 instances. You are able to attach multiple EBS volumes to an EC2 instance. You are able to attach multiple EC2 instances to an EBS Volume. It is possible to use Autoscaling with EBS, rather than EC2.
EXPLANATION: You are able to attach multiple EBS volumes to an EC2 instance.
QUESTION 56: You have a website that allows users in third world countries to store their important documents safely and securely online. Internet connectivity in these countries is unreliable, so you implement multipart uploads to improve the success rate of uploading files. Although this approach works well, you notice that when an object is not uploaded successfully, incomplete parts of that object are still being stored in S3 and you are still being charged for those objects. What S3 feature can you implement to delete incomplete multipart uploads? Have CloudWatch trigger a Lambda function that deletes the S3 data. S2 Reduced Redundancy Storage Have S3 trigger DataPipeling Auto-delete. S3 Lifecycle Policies
EXPLANATION: You can create a lifecycle policy that expires incomplete multipart uploads, allowing you to save on costs by limiting the time non-completed multipart uploads are stored.
QUESTION 26: True or False: In addition to hosting domains, Route 53 serves as a domain registrar. False True
EXPLANATION: You can register domains with Amazon Route 53. You can also transfer the registration for existing domains from other registrars to Amazon Route 53 or transfer the registration for domains that you register with Amazon Route 53 to another registrar.
QUESTION 30: You work for a games development company who are re-architecting their production environment. They have decided to make all web servers stateless. Which of following the AWS services will help your company achieve this goal? (Choose 3) ELB DynamoDB RDS ElastiCache EMR
EXPLANATION: B C D An Elastic Load Balancer can help you deliver stateful services, but not stateless. Elastic Map Reduce is a data-analysis service and is not related to servicing web traffic. EMR is a processing engine.
QUESTION 20: You work in the security industry for a large consultancy. One of your customers runs a production environment in AWS, and they require a log of all API calls made to their Elastic Load Balancer. How can you achieve this? Enable Detailed Monitoring on the ELB when first creating the instance. Enable Cloud Trail on the ELB. Enable Cloud Audit on the ELB when first creating the instance. Enable CloudWatch on the ELB.
Enable Cloud Trail on the ELB. EXPLANATION: Enabling CloudTrail on the ELB will allow you to log all API calls.
QUESTION 13: True or False: A Placement Group can be stretched across multiple availability zones?
False. EXPLANATION: Because of the low latency required, a placement group can only exist within 1 availability zone.
QUESTION 12: Which AWS service should you use to host MySQL, MariaDB, Oracle, SQL Server, or PostgreSQL database where you do not need to manage the underlying operating system? EC2 with EBS Aurora DynamoDB RDS
RDS Amazon RDS is available on several database instance types - optimized for memory, performance or I/O - and provides you with six familiar database engines to choose from, including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and Microsoft SQL Server.
QUESTION 5: What is the availability of S3 - IA?
S3 - IA is 99.9% available. Do not confuse availability with durability. designed for durability of 99.999999999% of objects across multiple Availability Zones
QUESTION 8: Which of the following statements about an Amazon SQS standard queue is true? (Choose 2) SQS will deliver your message at least once in FIFO order. SQS will deliver your message at least once, and guarantees that it will not create duplicates of that message. SQS will deliver your message at least once, but cannot guarantee the order in which the messages will be delivered. SQS will deliver your message at least once, but cannot guarantee that it will not create duplicates of that message.
SQS will deliver your message at least once, but cannot guarantee the order in which the messages will be delivered.SELECTED SQS will deliver your message at least once, but cannot guarantee that it will not create duplicates of that message.
QUESTION 2: You have an application that stores data in S3, and you need to design an integrated solution providing encryption at rest. You want Amazon to handle key management and protection using multiple layers of security. Which S3 encryption option should you use?
SSE-S3 uses managed keys and one of the strongest block ciphers available, AES-256, to secure your data at rest.
QUESTION 4: You wonder why a SWF workflow you created has not made any progress in the last three weeks. What is the most likely explanation for the workflow's behavior? The workflow has exceeded the maximum 90-day lifespan of an SWF workflow. SWF does not support tasks located outside of AWS, so you will need to remove those tasks from your on-premise servers. The last task has exceeded SWF's 14-day task execution time. SWF is awaiting human input from a task you assigned to a colleague.
SWF is awaiting human input from a task you assigned to a colleague. D answer
QUESTION 6: The company you work for is considering a move to AWS, but they are concerned that their current, 50Mbps connection will not be able to handle the 100 TB of data that need to be migrated without causing unacceptable downtime. As their solutions architect, which AWS service would you recommend to move this data? AWS Storage Gateway DirectConnect S3 with Transfer Acceleration Snowball
Snowball
QUESTION 16: If an instance belonging to an Elastic Load Balancer fails its health check, what will the ELB do? The ELB will launch a new instance. The ELB will de-register the instance and stop sending traffic to it. Unfortunately, the ELB will continue to send the unhealthy instance traffic until the instance is terminated. ELB will tell Auto Scaling to launch a new instance.
The ELB will de-register the instance and stop sending traffic to it.
QUESTION 33: You must encrypt all incoming and outgoing traffic between your servers and your customers. Your fleet of EC2 instances lives inside a public subnet and behind an elastic load balancer. Your application is very CPU intensive, and you want to minimize the processing load these EC2 instances must bear. What should you do? Install the SSL certificates on each EC2 instance and allow them to do the encryption/decryption with your customers. Use API Gateway to offload the SSL certificate, reducing the amount of load on both your ELB and EC2 instances. Install the SSL certificates on your ELBs so that there is less load on the EC2 instances. Configure a NAT and install the EC2 instance on that NAT so that you offload SSL termination to a third party EC2 instance and not your production environment.
The best answer would be to offload your SSL decryption to an Elastic Load Balancer.
QUESTION 58: You are a system administrator and you need to take a consistent snapshot of your EC2 instance. Your application holds large amounts of data in cache that is not written to disk automatically. What would be the best approach to taking an application consistent snapshot? Take a snapshot in real time using the EC2 API. In the AWS console, take a snapshot and ensure that the 'application consistent' check box is ticked. Shut down the EC2 instance and detach the EBS volume, then take the snapshot. Take a snapshot using the AWS CLI.
XPLANATION: As you need an application consistent snapshot, your best option would be to shutdown the EC2 instance and detach the EBS volume, then take the snapshot.
QUESTION 15: You need to restore an object from S3-Glacier. Which of the following will help you do that? Using the S3 subcommand from the AWS CLI Using the Glacier API Using the S3 REST API Using the AWS s3-Glacier Console
XPLANATION: When discussing GLACIER it is important to distinguish between the storage-class 'Glacier' use by S3, and the 'S3-Glacier' service. The 1st is managed via the 'S3' console & API, and the 2nd the 'S3-Glacier' console & API. The Amazon 'S3' service maintains the mapping between your user-defined object name and Amazon Glacier's system-defined identifier. These objects are not accessible via the 'S3-Glacier' service. Objects that are stored using the 'S3-Glacier' service are only accessible through the Amazon 'S3' CLI or APIs.
QUESTION 10: In the future, you will need to preserve, restore, and retrieve every version of every file that you have stored in AWS. Which service should you use? S3 - OneZone-IA S3 with Versioning enabled. Glacier RDS
s3 with versioning enabled
