AWS Most Missed Q's
Which among the options below can you use to launch a new Amazon RDS database cluster to your VPC? (Select TWO.)
1. AWS CloudFormation 2. AWS Management Console
A company is planning to adopt a hybrid cloud architecture with AWS. Which of the following can they use to assist them in estimating their costs? (Select TWO.)
1. AWS Sales rep 2. AWS Pricing calc
Which of the following are the things that Amazon CloudWatch Logs can accomplish? (Select TWO.)
1. Adjust retention policy for each group 2. Monitor application logs from ec2 Instances
Your organization would like to boost productivity by improving business communication channels and customer service experience. Which of the following AWS applications would you suggest? (Select TWO.)
1. Amazon Chime is a high-quality communications service that transforms online meetings with an easy-to-use app that works seamlessly across all your devices. With Amazon Chime, you can schedule and attend online meetings and video conferences, and chat, call, and collaborate, inside and outside your organization, all with a single app. Now you can work productively from wherever you are. Amazon Chime is also integrated with Microsoft Outlook Calendar and Google Calendar for easy scheduling of meetings. 2. Amazon Connect is an easy-to-use omnichannel cloud contact center that helps companies provide superior customer service across voice, chat, and tasks at a lower cost than traditional contact center systems. You can create different channels and integrations with other AWS services such as Amazon Lex and Amazon Polly to create multiple types of actions and responses for customers who contact you.
Which service should you use if there is a need to launch a customized self-hosted database which requires a scheduled shutdown every night to save on cost?
1. Amazon EC2 instance with an EBS volume
Users from different parts of the globe are complaining about the slow performance of the newly launched photo-sharing website in loading their high-resolution images. Which combination of AWS services should you use to serve the files with lowest possible latency? (Select TWO.)
1. Cloudfront 2. S3
A company has a hybrid cloud architecture where their on-premises data center interacts with their cloud resources in AWS. Which of the following services in AWS can you use to deploy a web application to the servers running on-premises? (Select TWO.)
1. Codedeploy 2. Opsworks
Which of the following practices demonstrate operational excellence in AWS cloud? (Select TWO.)
1. Deploy small, incremental changes to your production servers using AWS CodeDeploy 2. Perform monthly game days on your AWS environment.
Which AWS services should you use to store rapidly changing data with low read and write latencies? (Select TWO.)
1. EBS 2. RDS
Which of the following are regarded as regional services in AWS? (Select TWO.)
1. EFS 2. BATCH
In AWS Trusted Advisor, which of the following options are included among the five categories being considered to analyze your AWS environment and provide the best practice recommendations?
1. Fault tolerance 2. Performance
In which of the following occasions should you use the Amazon SQS in your application system? (Select TWO.)
1. If you require a durable storage for your application events or messages 2. If you need to decouple certain parts of your system for better fault tolerance
What are the benefits of using Edge locations in AWS?
1. Improves application performance by delivering content closer to users 2. Provides caching
Which of the following security group rules are valid? (Select TWO.)
1. Inbound RDP rule with an address range as source 2. Inbound HTTP rule with security group ID as source
Which of the following is true regarding the Developer support plan in AWS? (Select TWO.)
1. Limited access to the 7 Core Trusted Advisor checks 2. No access to the AWS Support API
Which of the following below are the benefits of using Consolidated billing in AWS? (Select TWO.)
1. Share volume pricing & Reserved instance discounts 2. 1 bill for multiple accounts
Which of the following are true regarding Amazon Relational Database Service (Amazon RDS)? (Select TWO.) It is a fully managed nonrelational database service
1. Simplifies the management of time-consuming database administration tasks 2. Makes it easy to set up, operate, and scale a relational database
Which AWS Load Balancer types uses a Round-Robin load distribution strategy?
1. The Classic uses a Round-Robin strategy for TCP listeners only. 2. The ALB 1st selects a target based on the routing rule, then uses a Round-Robin strategy to select a node.
Which of the following characteristics correctly describes the Amazon Simple Storage Service? (Select TWO.)
1. Unlimited Space 2. Highly durable object storage Infrastructure
Which of the following services allows you to purchase Reserved Instances? (Select TWO.)
1. ec2 2. rds
Which of the following can you use to resolve the connection between your on-premises VPN and your AWS virtual private cloud? (Select TWO.)
1. virtual private gateway 2. route 53
Which of the below terms represents a series of Edge Locations plus information about how you want content managed as part of a CDN?
A Distribution is made up of Edge Locations that you want to serve content from, and details about how that content will be tracked an managed. Edge Groups and Circulations are not CloudFront Concepts, and although Load Balancer is an AWS service that helps you direct web traffic, it is not applicable in this case.
Which of the following should you set up in order to connect your AWS VPC network to your local network via an IPsec tunnel?
A VPN gateway in your VPC connected to the Customer Gateway in your on-premises network
What service acts as a firewall for your EC2 instances?
A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC could be assigned to a different set of security groups. If you don't specify a particular group at launch time, the instance is automatically assigned to the default security group for the VPC.
How can you easily and securely copy your infrastructure to another AWS Region?
AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. CloudFormation allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. By turning your infra into code, you can deploy the code in your other regions.
Codedeploy
AWS CodeDeploy automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises. AWS CodeDeploy makes it easier to rapidly release new features, avoids downtime during application deployment, and handles the complexity of updating applications.
Which of the following services allow you to mask downtime of your application by rerouting your traffic to healthy instances? (Select TWO.)
AWS ELB and Amazon Route 53 help mask downtime by redirecting traffic to your healthy instances and allowing failover to your secondary systems. This is achieved through a combination of different health checks, routing policies, and failover policies.
Which service will allow you to quickly deploy your application into the AWS Cloud without having to build or launch the individual resources yourself? Amazon ECS Amazon EKS (Incorrect) Amazon EBS AWS Elastic Beanstalk (Correct)
AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.
Opsworks
AWS OpsWorks is a configuration management service that helps customers configure and operate applications, both on-premises and in the AWS Cloud, using Chef and Puppet.
Which of the following services should you use to deploy and easily rollback a web application from your Git repository to your on-premises server?
AWS OpsWorks is a configuration management service that helps customers configure and operate applications, both on-premises and in the AWS Cloud, using Chef and Puppet.
Which of the following AWS services gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources, alerting you and providing remediation guidance when AWS is experiencing events that my affect you?
AWS Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources.
Which of the following is the most cost-effective service to use if you want to coordinate multiple AWS services into serverless workflows? AWS Lambda (Incorrect) Amazon SWF AWS Step Functions (Correct) AWS Batch
AWS Step Functions provides serverless orchestration for modern applications. Orchestration centrally manages a workflow by breaking it into multiple steps, adding flow logic, and tracking the inputs and outputs between the steps. As your applications execute, Step Functions maintains application state, tracking exactly which workflow step your application is in, and stores an event log of data that is passed between application components. That means that if networks fail or components hang, your application can pick up right where it left off.
You are tasked to simplify the migration of your databases from your on-premises server to AWS. Which service fits best for this purpose?
AWS server migration service
Which of the below allows you to restrict access to individual objects in an S3 bucket?
Access Control Lists let you control access to individual objects within an S3 bucket, whereas Bucket Policies allow you to control access to entire buckets. In relation to S3, Bucket Control Lists and Access Policies do not exist as configuration items.
What should you provide to your developers to allow them to access your AWS services through the AWS CLI?
Access Keys
Which of the following is needed to retrieve a list of your EC2 instances using the AWS CLI?
Access keys
A company is currently using an On-Demand EC2 instance for their application which they plan to migrate to a Reserved EC2 Instance to save on cost. Which of the following is the most cost-effective option if the application being hosted would be used for more than 3 years?
All Upfront, Standard Reserved Instance pricing for a 3-year term.
Which service in AWS supports various business intelligence tools such as Apache Spark so that you may perform data transformation workloads (ETL) and analytics at a low cost?
Amazon EMR is a web service that enables businesses, researchers, data analysts, and developers to easily and cost-effectively process vast amounts of data. It utilizes a hosted Apache Hadoop framework running on the web-scale infrastructure of Amazon EC2 and Amazon S3. Amazon EMR lets you focus on crunching or analyzing your data without having to worry about time-consuming set-up, management, or tuning of Hadoop clusters or the compute capacity upon which they sit.
You have a fleet of on-premises servers that require a centralized scalable and durable file storage. It should be able to support massive parallel access. Which of the following is the most appropriate service to use?
Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. It is built to scale on-demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.
A company is planning to deploy its high-frequency trading (HFT) application which will store constantly changing financial data in AWS and require low latency access. Which AWS services below should you use?
Amazon Elastic File System (Amazon EFS) provides simple, scalable file storage for use with Amazon EC2. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage when they need it. Amazon EFS has a simple web services interface that allows you to create and configure file systems quickly and easily. Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups. It frees you to focus on your applications so you can give them the fast performance, high availability, security, and compatibility they need.
is AWS's digital user engagement service that enables AWS customers to effectively communicate with their end users and measure user engagement across multiple channels including email, Text Messaging (SMS) and Mobile Push Notifications.
Amazon Pinpoint is AWS's Digital User Engagement Service that enables AWS customers to effectively communicate with their end-users and measure user engagement across multiple channels including email, Text Messaging (SMS) and Mobile Push Notifications.
Which service in AWS is best used for data analytics and data warehousing?
Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools. It allows you to run complex analytic queries against petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance local disks, and massively parallel query execution.
Your sales operations group would like to perform monthly analyses on large amounts of sales activity. They want to be able to rank the performance of different territories, product categories, and sales channels. They will use visualization tools to generate graphical representations of the data. Which AWS service will provide the best solution for storing the sales data?
Amazon Redshift provides the best solution for performing queries based on a predefined set of dimensions. Redshift organizes data for high performance based on user-specified distribution schemes. Amazon ElastiCache provides in-memory performance, but no data organization assistance. Amazon Aurora and Amazon DynamoDB are good solutions, but Redshift's columnar storage gives it the edge.
Amazon vpc
Amazon VPC allows you to build a private, virtual network in the AWS cloud, affords you complete control of network configuration, and offers several layers of security controls.
Which AWS service lets you provision either Windows or Linux desktops in just a few minutes and can scale easily to provide thousands of desktops to workers?
Amazon WorkSpaces is a managed, secure Desktop-as-a-Service (DaaS) solution where you provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe.
EBS Volume
An EBS volume behaves like a raw, unformatted, external block device that you can attach to a single instance. The volume persists independently from the running life of an instance. After an EBS volume is attached to an instance, you can use it like any other physical hard drive. As illustrated in the figure, multiple volumes can be attached to an instance. You can also detach an EBS volume from one instance and attach it to another instance. You can dynamically change the configuration of a volume attached to an instance. EBS volumes can also be created as encrypted volumes using the Amazon EBS encryption feature.
Which of the following is a key use case of AWS Control Tower?
An easy way to establish a landing zone that implements an AWS well-architected, multi-account environment and applies the AWS best practices.
Which Elastic Load Balancer type would be best suited to help you host a website?
Application
Which type of Elastic Load Balancer supports path-based routing, host-based routing, and bi-directional communication channels using WebSockets?
Application load balancer
The use of multi-threading in your Amazon S3 requests via the Multipart Upload API is an example of which AWS cloud best practice?
As the name implies, the Think Parallel best practice accentuates the use of parallelization when designing architectures in the AWS cloud. It is advisable to not only implement parallelization wherever possible but also automate it because the cloud allows you to create a repeatable process very easily.
Which AWS service should you use if you need to launch a highly scalable MySQL OLTP database?
Aurora
Which of the following is AWS' managed database service that is up to 5X faster than a traditional MySQL database
Aurora is AWS' managed database service that is up to 5X faster than a traditional MySQL database.
Access to the full set of Trusted Advisor checks are available to
Business and Enterprise Support plans.
A company has enlisted the help of TDojo Consulting Co. to assist them in designing an AWS disaster recovery solution for their on-premises bare metal servers and SQL databases. The implementation has to be robust, fast, and simple to use. It should also prevent any type of data loss from occurring. The company would like to keep track of the status of the migration. Which tool should the team adopt for the DR solution?
CloudEndure
Which of the following languages can be used to author CloudFormation templates?
CloudFormation supports both JavaScript Object Notation (JSON) and YAML Ain't Markup Language (aka YAML) for authoring CloudFormation templates
Trusted Advisor Checks
Cost Optimization Performance Security Fault Tolerance Service Limits
Which of the following allows you to categorize and track your AWS costs on a detailed level?
Cost allocation tags
Which of the following are key components of Amazon Glacier?
Data is organised in S3 into Archives, and Vaults are used to group Archives together. Access policies control who can access the data in Archives & Vaults. Buckets are a part of S3, but not Glacier. Volumes are often associated with hard disks and therefore EBS, while Tables are database constructs.
You need a "virtual hard disk" for your EC2 instance. Which of the following should you choose?
EBS volumes are "virtual hard disks" for your EC2 instance.
There is a requirement to launch a new database in AWS where the customer assumes the responsibility and management of the guest operating system, including updates and security patches. Which of the following services should the customer use?
EC2
True or False: To complete the process of creating a Multi-AZ RDS instance, you must copy the primary instance to a public subnet in a second Availability Zone
FALSE To complete the process of creating a Multi-AZ RDS instance, you must copy the primary instance to a private subnet. AWS generates a standby, and transactions are synchronously replicated.
Which of the following IAM identities is associated with the access keys that are used in managing your cloud resources via the AWS Command Line Interface (AWS CLI)?
IAM User
You have a variable and intermittent workload, so you want to use a compute service that allows you to pay only for the compute resources you use, without paying for compute time when your code isn't running. Which of the following services should you use? EC2
Lambda allows you to run a variable and intermittent code without paying for compute time when your code isn't running.
Your project manager (PM) tasked you with launching an instance for a web application to be developed for an NGO. The PM is especially interested in using an AWS service that provides predicable monthly pricing, and he expects the instance to have the ability to burst above the baseline level of CPU performance when needed. What AWS service should you use to launch this instance?
Lightsail
Amazon Lightsail is an example of which of the following?
Lightsail is AWS' Platform-as-a-Service offering.
You need to allow resources in a private subnet to access the internet. Which of the following must be present to enable this access?
NAT Gateway
AWS VPC is a component of which of the following overall services categories?
Networking and Content Delivery
You have just created a new bucket and uploaded a file into it - will this be automatically viewable by anyone on the internet?
No - by default buckets and their contents are private
A company is planning to launch a new system in AWS but they do not have an employee who has AWS-related expertise. Which of the following AWS channels can instead help the company design, architect, build, migrate, and manage their workloads and applications on AWS?
Partner network consulting partners
Which of the following tools provides a view of the performance and availability of your AWS services based on your requirements?
Personal health dashboard
Which of the following is true on how AWS lessens the time to provision your IT resources?
Provides various ways to programmatically provision IT resources
What happens when an RDS Master database in a Multi-AZ deployment goes down?
RDS automatically fails over to the standby, which is promoted to Master.
Which of the following best describes what CloudWatch can be used for?
Repository for metrics and logs. is basically a metrics and logs repository. An AWS service, such as Amazon EC2, puts metrics and monitoring logs into Cloudwatch, and you can view statistics based on those metrics. If you put your own custom metrics into the service, you can retrieve statistics on these metrics as well.
Which type of EC2 instance is the most suitable and cost-effective if the customer will be running mission-critical workloads continuously for a whole year?
Reserved Instances provide you with a significant discount compared to On-Demand Instance pricing. RIs can provide a capacity reservation, offering additional confidence in your ability to launch the number of instances you have reserved when you need them. You can purchase a Reserved Instance for a one-year or three-year commitment, with the three-year commitment offering a bigger discount.
Which of the following services will be able to reroute traffic to your secondary EC2 instances in another region during disaster recovery?
Route 53
You have been asked to archive some data into Glacier that needs to be encrypted. What is the easiest way to achieve this?
Send the data to Glacier and do nothing more - all data in Glacier is encrypted by default
Which of the following is an advantage of using managed services like RDS, ElastiCache, and CloudSearch in AWS?
Simplifies all of your OS patching and backup activities to help keep your resources current and secure
Which Amazon EC2 instance purchasing option lets you take advantage of unused EC2 capacity in the AWS Cloud and provides up to a 90% discount compared to On-Demand prices?
Spot Instance
Where can you track the costs you've incurred so far in your AWS account with a graphical visualization?
The AWS Cost Explorer service has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. Get started quickly by creating custom reports (including charts and tabular data) that analyze cost and usage data, both at a high level and for highly-specific requests. Using AWS Cost Explorer, you can dive deeper into your cost and usage data to identify trends, pinpoint cost drivers, and detect anomalies.
AWS Pricing Calculator
The AWS Pricing Calculator is an easy-to-use online tool that enables you to estimate the monthly cost of AWS services for your use case based on your expected usage. It is continuously updated with the latest pricing for all AWS services in all regions.
AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Which of the following best describes what an account alias is in IAM?
The numerical value of your account ID
Network load Balancer
This is best suited for load balancing of Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLS) traffic where extreme performance is required. Operating at the connection level (Layer 4), Network Load Balancer routes traffic to targets within Amazon Virtual Private Cloud (Amazon VPC) and is capable of handling millions of requests per second while maintaining ultra-low latencies. Network Load Balancer is also optimized to handle sudden and volatile traffic patterns.
Classic Load Balancer
This provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level. Classic Load Balancer is intended for applications that were built within the EC2-Classic network.
Gateway Load Balancer
This provides both Layer 3 gateway and Layer 4 load balancing capabilities. It is a transparent bump-in-the-wire device that does not change any part of the packet. It is architected to handle millions of requests/second, volatile traffic patterns, and introduces extremely low latency.
For which of the following categories does AWS Trusted Advisor provide best practices and/or or checks of your AWS environment?
Trusted Advisor provide best practices and/or or checks on Cost Optimization, Performance, Security, and Fault Tolerance.
You've been tasked with assessing your AWS infrastructure in terms of cost optimization. Which of the following AWS services would help with this task?
Trusted advisor
With AWS Relational Database Service (RDS), which of the following are you responsible for?
You are responsible only for the optimization of your application that uses RDS - AWS will take care of the rest as this is considered a Managed Service.
Which IAM service is responsible for enforcing privileges and access controls in your AWS environment?
You manage access in AWS by creating IAM Policies and attaching them to IAM identities (users, groups of users, or roles) or AWS resources. A policy is an object in AWS that, when associated with an identity or resource, defines their permissions. AWS evaluates these policies when a principal uses an IAM entity (user or role) to make a request. Permissions in the policies determine whether the request is allowed or denied.
You need to re-create an EBS volume that you have used previously. How might you go about doing that?
You should re-create the volume from a snapshot
Access to the seven core Trusted Advisor checks are available to
all AWS users.
Elastic Load Balancing
automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones.
AWS Cost Explorer
has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. (BASED ON USAGE)
You visit a clients site and get called into a corridor discussion. You are asked to describe the new (2019) URL structure for objects in S3. Which of these do you use as a description
https, then the bucket name, then dot, then the AWS S3 regional endpoint, then slash, then the object name
Security
identification of security settings that could make your AWS solution less secure.
EFS
is a regional service storing data within and across multiple Availability Zones (AZs) for high availability and durability. Amazon EC2 instances can access your file system across AZs, regions, and VPCs, while on-premises servers can access using AWS Direct Connect or AWS VPN.
BATCH
is a regional service that simplifies running batch jobs across multiple Availability Zones within a region. You can create AWS Batch compute environments within a new or existing VPC. After a compute environment is up and associated with a job queue, you can define job definitions that specify which Docker container images to run your jobs.
CloudEndure Disaster Recovery
is a tool that minimizes downtime and data loss by providing fast, reliable recovery of physical, virtual, and cloud-based servers into AWS Cloud. You can also use CloudEndure Disaster Recovery to protect your most critical SQL databases thanks to the continuous replication of your machines into a low-cost staging area in your target AWS account and preferred Region.
RDS
makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups. It frees you to focus on your applications so you can give them the fast performance, high availability, security and compatibility they need.
Convertible Reserved Instances
provide you with a significant discount compared to On-Demand Instances and can be purchased for a 1-year or 3-year term. Purchase Convertible Reserved Instances if you need additional flexibility, such as the ability to use different instance families, operating systems, or tenancies over the Reserved Instance term.
Standard Reserved
provide you with a significant discount compared to On-Demand instance pricing and can be purchased for a 1-year or 3-year term. The average discount off On-Demand instances varies based on your term and chosen payment options. Customers have the flexibility to change the Availability Zone, the instance size, and networking type of their Standard Reserved Instances.
Reserved Instances
provide you with a significant discount compared to On-Demand instance pricing. In addition, when Reserved Instances are assigned to a specific Availability Zone, they provide a capacity reservation, giving you additional confidence in your ability to launch instances when you need them.
Performance
recommendations that can help to improve the speed and responsiveness of your applications.
Cost Optimization
recommendations that can potentially save you money by highlighting unused resources and opportunities to reduce your bill.
Fault Tolerance
recommendations that help increase the resiliency of your AWS solution by highlighting redundancy shortfalls, current service limits, and over-utilized resources.
Service limits
recommendations that will tell you when service usage is more than 80% of the service limit.