Cloud Computing test 1
Each AWS region is composed of two or more locations that offer organizations the ability to operate production systems that are more highly available, fault tolerant, and scalable than would be possible using a single data center. What are these locations called?
A. Availability zones
Amazon CloudWatch supports which types of monitoring plans (2)?
A. Basic (free) F. Detailed (additional)
You have purchased an m3.xlarge Linux Reserved instance in us-east-1a. In which ways can you modify this reservation? (2)
A. Change it to two m3.large instances C. Move it to us-east-1b
What must be done to host a static website in an S3 bucket? (3)
A. Configure the bucket for static hosting and specify an index and error document. B. D. Make the objects in the bucket world-readable.
Your web application needs four instances to support steady traffic nearly all of the time. On the last day of each month, the traffic triples. What is a cost-effective way to handle this traffic pattern?
C. Run four reserved instances constantly, then add 8 on-demand instances on the last day of each month.
You have valuable media files hosted on AWS and want them to be served only to authenticated users of your web application. You are concerned that your content could be stolen and distributed for free. How can you protect your content?
B. Pre-signed URLs (allow you to grant time-limited permission to download objects from an s3 bucket)
Which of the following can be used to address an EC2 instance over the web
B. Public DNS name D. Elastic IP address
Which of the following are characteristics of the auto scaling service on AWS (3)?
B. Responds to changing conditions by adding or terminating ec2 instances E. Deliver push notifications F. Enforces a minimum number of running EC2 instances
What aspects of an Amazon VPC is stateful?
B. Security groups are staeful (acl is stateless)
Your company has 100 TBs of financial records that need to be stored for seven years by law. Experience has shown that any record more than one-year old is unlikely to be accessed. Which of the following storage plans meets these needs in the most efficient manner?
B. Store the data on S3 with lifecycle policies that change the storage class to Amazon Glacier after one year and delete the object after seven years?
(#2) Which of the following are not appropriate use cases for S3?
B. Storing a file system mounted to an EC2 instance D. Primary storage for a database
You are restoring an EBS volume from a snapshot. How long will it be before the data is available?
B. The data will be available immediately
You need to take a snapshot of an EBS volume. How long will the volume be unavailable?
B. The volume will be available immediately
How are you billed for elastic IP addresses
B. There is a very small hourly charge for allocated IP addresses that are not associated with an instance
You create a new VPC in US-East-1 and provision three subnets inside this Amazon VPC. Which of the following statements is true?
C. All subnets will be able to communicate with each other by default
Which AWS cloud service allows organizations to gain system-wide visibility into resource utilization, application performance, operational health?
C. Amazon CloudWatch
What AWS Cloud Service provides a logically isolated section of the AWS CLoud where organizations can launch AWS resources in a virtual network that they define?
C. Amzon VPC
Your company requires that all data sent to external storage be encrypted before being sent. Which S3 encryption solution will meet this requirement?
C. Client-side encryption with customer-managed keys
A cell phone company is running dynamic-content television commercials for a contest. They want their website to handle traffic spikes that come after a commercial airs. The website is interactive, offering personalized content to each visitor based on location, purchase history, and the current commercial airing. Which architecture will configure auto scaling to scale out to respond to spike of demand, while minimizing costs during quiet periods?
C. Configure auto scaling to scale out as traffic increases. Configure the launch configuration to start new instances from a preconfigured AMI.
Which EC2 feature ensures that your instances will not share a physical host with instances from any other AWS customer?
C. Dedicated instances (Will not share hosts with other accounts)
Which of the following must be specified when launching a new amazon ec2 windows instance? (2)
C. EC2 instance type D. Amazon machine image
Your application stores critical data in s3, which must be protected against inadvertent or intentional deletion. How can this data be protected? (2)
C. Enable versioning E. Enable MFA delete on the bucket
You have a workload that requires one TB of durable block storage at 1,500 IOPS during normal use. Every night there is an Extract, transform, load (ETL) task that requires IOPS for 15 minutes. What is the most appropriate volume type for this workload?
C. General purpose SSD (bursting nature)
Which statements about Amazon Glacier are true? (3)
C. Glacier archives take three to five hours to restore. D. Glacier vaults can be locked. E. Glacier can be used as a standalone service and as an S3 storage class.
Which of the following is the security protocol supported by VPC?
IPSec
What is the maximum size IP address range that you can have in an Amazon VPC?
A. /16
How many IGWs can you attach to an Amazon VPC at any one time?
A. 1
What is the default limit for the number of Amazon VPC's that a customer may have in a region?
A. 5
What happens when you create a new Amazon VPC?
A. A main route table is created by default
Elastic load balancing health check may be (3)?
A. A ping C. A connection request D. A page request
What are some of the key characteristics of Amazon S3? (3)
A. All objects have a URL B. S3 can store unlimited amounts of data D. S3 uses a REST API
What properties of an Amazon VPC must be specified at the time of creation? (2)
A. Amazon S3 gateway C. CGW
Your company experiences fluctuations in traffic patterns to their e-commerce website based on flash sales. What service can help your company dynamically match the required compute capacity to the spike in traffic during flash sales?
A. Auto Scaling
You want to host HTTPS websites on a fleet of amazon ec2 instances behind an elastic load balancing load balancer with a single X.509 certificate. How must you configure the Secure Socket Layer certificate so that clients connecting to the load balancer are not presented with a warning when they connect?
A. Create one SSL certificate with a subject alternative name (SAN) value for each website name
Which of the following are features of Amazon Elastic Block store? (2)
A. Data stored on EBS is automatically replicated within an availability zone. C. EBS volumes can be encrypted transparently to workloads on the attached instance.
Your company runs an ec2 instance periodically to perform a batch processing job on a large and growing filesystem. At the end of the batch job, you shut down the Amazon ec2 instance to save money but need to persist the filesystem on the amazon ec2 instance from prev batch runs. What AWS Cloud service can you leverage to meet these reqs?
A. Elastic Block Store
What is needed before you can enable cross-region replication? (2)
A. Enable versioning on the bucket D. Create an AWS Identity and Access Management policy to allow S3 to replicate objects on your behalf.
Amazon Glacier is well-suited to data that is which of the following? (2)
A. Infrequently or rarely accessed C. Is available after three- to five-hour restore period.
Which of the following are the minimum required elements to create an auto scaling launch configuration?
A. Launch configuration name, Amazon Machine Image (AMI), and instance type
Which of the following are required elements of an auto scaling group? (2)
A. Minimum size D. Launch configuration
Which of the following are features of enhanced networking? (3)
A. More packets per second B. Lower latency E. Less jitter
Which of the following is an optional security control that can be applied at the subnet layer of a VPC?
A. Network ACLs (control traffic flow)
An auto scaling group may use (2)?
A. On demand C. Spot instances
Using the correctly decrypted Administrator password and RDP, you cannot log in to a Windows instance you just launched. Which of the following is a reason?
A. There is no security group rule that allows RDP access over port 3389
You have a workload that requires 15,000 consistent IOPS for data that must be durable. What combination of the following steps do you need? (2)
A. Use an EBS-optimized instance C. Use a provisioned IOPS SSD Volume
You are creating a High-performance computing cluster and need very low latency and high bandwidth between instances. What combination of the following will allow this? (3)
A. Use an instance type with 10 Gbps network performance. B. Put the instances in a placement group. D. Enable enhanced networking on the instances.
S3 is an eventually consistent storage system. For what kinds of operations is it possible to get stale data as a result of eventual consistency? (2)
B. Get or list after a delete C. GET after overwrite PUT (PUT into an existing key)
You have created an elastic load balancing load balancer listening on port 80, and you registered it with a single EC2 instance also listening on port 80. A client makes a request to the load balancer with the correct protocol and port for the load balancer. In this scenario, how many connections, does the balancer maintain?
B. 2 (one with the client and one with the server)
Which of the follwong AWS resources would you use in order for an EC2-VPC instance to resolve DNS names outside of AWS?
B. A DHCP option set
Which of the following will occur when an Amazon EBS-backed EC2 instance in an amazon vpc with an associated EIP is stopped and started(2)?
B. All data on instance-store devices will be lost E. The underlying host for the instance is changed
You are responsible for the application logging solution for your company's existing applications running on multiple Amazon EC2 Instances. Which of the following is the best approach for aggregating the application logs withing AWS?
B. Amazon CloudWatch Logs Agent
Which of the following AWS Cloud services is a fully managed NoSQL database service?
B. Amazon DynamoDB
VM import/export can import existing virtual machines as: (2)
B. Amazon EC2 instances C. Amazon machine images
Your company provides a mobile voting app for a popular TV show, and 5 - 25 million viewers all vote in a 15-second time span. What mechanism can you use to decouple the voting application from your back-end services that tally the votes.
B. Amazon SQS
Which features can be used to restrict S3 data? (3)
B. Create a pre-signed url for an object c. Use an S3 access control list on a bucket or object E. use an s3 bucket policy
How is data stored in s3 for high durability?
B. Data is automatically replicated within a region
Which of the following are true of instance stores? (2)
B. Data is lost when the instance stops C. Very high IOPS
Your order-processing application processes orders extracted from a queue with two reserved instances processing 10 orders/minute. If an order fails during processing, then it is returned to the queue without penalty. Due to a weekend sale, the queues have several hundred orders backed up. While the backup is not catastrophic, you would like to drain it so that customers get their confirmation emails faster., What is a cost-effective way to drain the queue for orders?
B. Deploy additional Spot Instances to assist in processing the orders.
For an application running in the ap-northeast-1 region with three availability zones (1a, 1b, 1c), which instance deployment provides high availability for the application that normally requires nine running EC2 instances but can run on a minimum of 65 percent capacity while auto scaling launches replacement instances in the remaining availability zones?
B. Deploy the application on 3 servers for each availability zone
You have a popular web application that accesses data stored in an amazon s3 bucket. You expect the access to be very read-intensive, with expected request rates of up to 500 GETs per second from many clients. How can you increase the performance and scalability of S3 in this case?
B. Ensure randomness in the namespace by including a hash prefix to key names.
What is the deployment term for an environment that extends an existing on-premises infrastructure into the cloud to connect cloud resources to internal systems?
B. Hybrid deployment
S3 bucket policies can restrict access to an S3 bucket and objects by which of the following? (3)
B. IP address range C. AWS account E. Objects with a specific prefix
Elastic load balancing supports which of the following types of load balancers? (3)
B. Internet Facing E. Internal F. HTTPS
When an EC2 instance registered with an elastic load balancing load balancer using connection draining is deregistered or unhealthy, which of the following will happen (2)?
B. Keep connections open to that instance, and attempt to complete in-flight requests. D. Forcibly close all connections to that instance after a timeout period.
Auto scaling supports which of the following plans for auto scaling groups (3)?
B. Manual D. Scheduled E. End-user request driven
You are responsible for your companies AWS resources, and you notice a significant amount of traffic from an IP address in a foreign country in which your company does not have customers. Further investigation of the traffic indicates the source is scanning for open ports on your ec2-vpc instances. Which one of the following resources can deny the traffic from reaching the instances?
B. Network acl (can deny traffic)
Which Amazon VPC feature allows you to create a dual-homed instance?
B. One or more subnets for the VPC
What are some reasons to enable cross-region replication on an amazon s3 bucket?
B. you have a set of second users who can access the second bucket with lower latency c. for compliance reasons, you need to store data in a location at least 300 miles away from the first region
What is the minimum size sub net that you can have in an Amazon VPC?
C. /28
You are a solutions architect working for a large travel company that is migrating its existing server estate to AWS. You have recommended that they use a custom VPC, and they have agreed to proceed. They will need a public subnet for their web servers and a private subnet in which to place their databases. They also require that the web servers and database servers be highly available and that there be a minimum of two web servers and two database servers each. How many subnets should you have to maintain high availability?
C. 4
Which of the following must be configured on an elastic load balancing load balancer to accept incoming traffic?
C. A listener
To have a record of who accessed your S3 data and from where, you should do what?
C. Server access logs (store a record of what requester accessed the objects in your bucket, including IP address).
Your web application front end consists of multiple ec2 instances behind a elastic load balancing load balancer. You have configured the load balancer to perform health checks on these amazon ec2 instances. If an instance fails to pass health checks, which statement will be true?
C. The load balancer stops sending traffic to the instance that failed its health check
https://bucket1.abc.com.s3.amazonaws.com/folderx/myfile.doc
C. The object "folderx/myfile.doc" is stored in the bucket "bucket1.abc.com"
How can you connect to a linux instance using ssh?
C. Using the private half of the instance's key pair
You have created a custom VPC with both private and public subnets. You have created a NAT instance and deployed this instance to a public subnet. You have attached an EIP address and added your NAT to the route table. Unfortunately, instances in your private subnet still cannot access the internet. What may be the cause of this?
C. You should disable source/destination checks on the NAT.
Your company stores documents in S3, but it wants to minimize cost. Most documents are used actively for only about a month, then much less frequently. However, all data needs to be available within minutes when requested. How?
C. migrate to s3 standard - Infrequent access after 30 days
Why is the launch configuration referenced by the auto scaling group instead of being part of the auto scaling group?
D. 1- It allows you to change the ec2 instance type and ami without disrupting the auto scaling group 2- It facilitates rolling out a patch to an existing set of instances managed by an auto scaling group. 3- It allows you to change security groups
How long does Amazon CloudWatch keep metric data?
D. 2 Weeks
How many VPC peering connections are required for four VPCs located within the same AWS region to be able to send traffic to each others?
D. 6
Which of the following is the Amazon side of an amazon VPN connection?
D. A VPG
You create a new subnet and then add a route to your route table that routes traffic out from that subnet to the internet using an IGW. What type of subnet have you created?
D. A public subnet
Your company provides an online photo sharing service. The development team is looking for ways to deliver image files with the lowest latency to end users so the website content is delivered with the best possible performance. What service can help speed up distribution of these image files to end users around the world?
D. Amazon Cloudfront
Which of the following can be accomplished through bootstrapping?
D. Bootstrapping runs the provided script, so anything you can accomplish in a script you can accomplish during bootstrapping.
In the basic monitoring package for amazon compute cloud, what amazon cloudwatch metrics are available?
D. Hypervisor visible metrics such as CPU utilization
In what ways does Amazon Simple storage service object storage differ from block and file storage? (choose 2.)
D. Objects contain data and metadata E. Objects are stored in buckets
Your instance is associated with two security groups. The first allows RDP access over port 3389 from classless inter-domain routing block (CIDR) 72.14.0.0/16. The second allows HTTP access over port 80 from CIDR block 0.0.0.0/0. What traffic can reach your instance?
D. RDP over port 3389 72.12..... and HTTP traffic over port 80 from 0.0.0.0/0
Which of the following describes a physical location around the world where AWS clusters data centers? A. Endpoint B. Collection C. Fleet D. Region
D. Region
Which of the following Amazon VPC resources would you use in order for EC2-VPC instances to send traffic directly to S3?
D. VPC endpoint
You create an auto scaling group in a new region that is configured wit a minimum size of value 10, a maximum size value of 100, and a desired capacity of value 50. However, you notice that 30 of the Amazon EC2 instances within the auto scaling group fail to launch. Why?
D. You have not raised your default amazon EC2 capacity (20) for the new region