2 - S3
An application which uses multiple EBS volumes could not cope with the growing storage requirements needed to store their data. Your IT Manager has instructed you to set up an S3 bucket as a replacement for their EBS volumes. Which of the following options is correct regarding the naming convention for the S3 bucket?
A bucket name must be unique across all existing bucket names in Amazon S3.
You are building a transcription service for a company in which a fleet of EC2 worker instances process an uploaded audio file and generate a text file as an output. You must store both of these files in the same durable storage until the text file is retrieved by the uploader. Due to an expected surge in demand, you have to ensure that the storage is scalable. Which storage option in AWS can you use in this situation, which is both cost-efficient and scalable?
A single Amazon S3 bucket
You are working for a large IT consultancy company as a Solutions Architect. One of your clients is launching a file sharing web application in AWS which requires a durable storage service for hosting their static contents such as PDFs, Word Documents, high resolution images and many others. Which type of storage service should you use to meet this requirement?
Amazon S3
You are working for a large bank that is developing a web application that receives large amounts of object data. They are using the data to generate a report for their stockbrokers to use on a daily basis. Unfortunately, a recent financial crisis has left the bank short on cash and cannot afford to purchase expensive storage hardware. They had resorted to use AWS instead. Which is the best service to use in order to store a virtually unlimited amount of object data without any effort to scale when demand unexpectedly increases?
Amazon S3
You are working as a Solutions Architect for a multinational financial firm. They have a global online trading platform in which the users from all over the world regularly upload terabytes of transactional data to a centralized S3 bucket. What AWS feature should you use in your present system to improve throughput and ensure consistently fast data transfer to the Amazon S3 bucket, regardless of your user's location?
Amazon S3 Transfer Acceleration
You are consulted by a multimedia company that needs to deploy web services to an AWS region which they have never used before. The company currently has an IAM role for their Amazon EC2 instance which permits the instance to access Amazon DynamoDB. They want their EC2 instances in the new region to have the exact same privileges. What should you do to accomplish this?
Assign the existing IAM role to instances in the new region.
For data privacy, a healthcare company has been asked to comply with the Health Insurance Portability and Accountability Act (HIPAA). They have been told that all of the data being backed up or stored on Amazon S3 must be encrypted. What is the best option to do this? (Choose 2)
Before sending the data to Amazon S3 over HTTPS, encrypt the data locally first using your own encryption keys, then enable Server-Side Encryption on an S3 bucket to make use of AES-256 encryption.
Your company has an e-commerce application that saves the transaction logs to an S3 bucket. You are instructed by the CTO to configure the application to keep the transaction logs for one month for troubleshooting purposes, and then afterwards, purge the logs. What should you do to accomplish this requirement?
Configure the lifecycle configuration rules on the Amazon S3 bucket to purge the transaction logs after a month
You are working as an IT Consultant for a large media company where you are tasked to design a web application that stores static assets in an Amazon Simple Storage Service (S3) bucket. You expect this S3 bucket to immediately receive over 2000 PUT requests and 3500 GET requests per second at peak hour. What should you do to ensure optimal performance?
Do nothing. Amazon S3 will automatically manage performance at this scale.
You are working for a major financial firm in Wall Street where you are tasked to design an application architecture for their online trading platform which should have high availability and fault tolerance. The application is using an Amazon S3 bucket located in the us-east-1 region to store large amounts of intraday financial data. To avoid any costly service disruptions, what will you do to ensure that the stored financial data in the S3 bucket would not be affected even if there is an outage in one of the Availability Zones or a regional service failure in us-east-1?
Enable Cross-Region Replication.
You are a Solutions Architect in your company working with 3 DevOps Engineers under you. One of the engineers accidentally deleted a file hosted in Amazon S3 which has caused disruption of service. What can you do to prevent this from happening again?
Enable S3 Versioning and Multi-Factor Authentication Delete on the bucket.
You are a new Solutions Architect in a large insurance firm. To maintain compliance with HIPPA laws, all data being backed up or stored on Amazon S3 needs to be encrypted at rest. In this scenario, what is the best method of encryption for your data, assuming S3 is being used for storing financial-related data?
Enable SSE on an S3 bucket to make use of AES-256 encryption, as well as encrypt the data locally using your own encryption keys, then copy the data to Amazon S3 over HTTPS endpoints
You are employed by a large electronics company that uses Amazon Simple Storage Service. For reporting purposes, they want to track and log every request access to their S3 buckets including the requester, bucket name, request time, request action, referrer, turnaround time, and error code information. The solution should also provide more visibility into the object-level operations of the bucket. Which is the best solution among the following options that can satisfy the requirement?
Enable server access logging for all required Amazon S3 buckets.
There was an incident in your production environment where the user data stored in the S3 bucket has been accidentally deleted by one of the Junior DevOps Engineers. The issue was escalated to your manager and after a few days, you were instructed to improve the security and protection of your AWS resources. What combination of the following options will protect the S3 objects in your bucket from both accidental deletion and overwriting? (Choose 2)
Enable versioning and Multi-Factor Authentication Delete
A startup is building an AI-based face recognition application in AWS, where they store millions of images in an S3 bucket. As the Solutions Architect, you have to ensure that each and every image uploaded to their system is stored without any issues. What is the correct indication that an object was successfully stored when you put objects in Amazon S3?
HTTP 200 result code and MD5 checksum.
You are working as a Solutions Architect for a multinational IT consultancy company where you are managing an application hosted in an Auto Scaling group of EC2 instances which stores data in an S3 bucket. You must ensure that the data are encrypted at rest using an encryption key that is both provided and managed by the company. This change should also provide AES-256 encryption to their data to comply with the strict security policy of the company. Which of the following actions should you implement to achieve this?
Implement Amazon S3 server-side encryption with customer-provided keys (SSE-C), then encrypt the data on the client-side before sending to Amazon S3 using their own master key.
One of your clients wants to leverage on Amazon S3 and Amazon Glacier as part of their backup and archive infrastructure. They created a new S3 bucket called "tutorialsdojobackup". To support this integration between AWS and their on-premises network, they decided to use a third-party software. Which approach will limit the access of the third party software to the Amazon S3 bucket only and not to other AWS resources?
In IAM, setup a custom user policy for the third party software that is limited to the Amazon S3 API in the "tutorialsdojobackup" bucket.
You are trying to enable Cross-Region Replication to your S3 bucket but this option is disabled. Which of the following options is a valid reason for this?
In order to use the Cross-Region Replication feature in S3, you need to first enable versioning on the bucket.
Your fellow AWS Engineer has created a new Standard-class S3 bucket to store financial reports that are not frequently accessed but should be immediately available when an auditor requests for it. To save costs, you changed the storage class of the S3 bucket from Standard to Infrequent Access storage class. In Amazon S3 Standard - Infrequent Access storage class, which of the following statements are true? (Choose 2)
It is designed for data that is accessed less frequently and requires rapid access when needed.
One of your clients is leveraging on Amazon S3 in the ap-southeast-1 region to store their training videos for their employee onboarding process. The client is storing the videos using the Standard Storage class. Where are your client's training videos replicated?
Multiple facilities in ap-southeast-1
You are planning to reduce the amount of data that Amazon S3 transfers to your servers in order to lower your operating costs as well as to lower the latency of retrieving the data. To accomplish this, you need to use simple structured query language (SQL) statements to filter the contents of Amazon S3 objects and retrieve just the subset of data that you need. Which of the following services will help you accomplish this requirement?
S3 Select
You are working for a litigation firm as the Data Engineer for their case history application. You need to keep track of all the cases your firm has handled. The static assets like .jpg, .png, and .pdf files are stored in S3 for cost efficiency and high durability. As these files are critical to your business, you want to keep track of what's happening in your S3 bucket. You found out that S3 has an event notification whenever a delete or write operation happens within the S3 bucket. What are the possible Event Notification destinations available for S3 buckets? (Choose 2)
SQS and Lambda Function
You are working as a Principal Solutions Architect for a leading digital news company which has both an on-premises data center as well as an AWS cloud infrastructure. They store their graphics, audios, videos, and other multimedia assets primarily in their on-premises storage server and use an S3 Standard storage class bucket as a backup. Their data are heavily used for only a week (7 days) but after that period, it will be infrequently used by their customers. You are instructed to save storage costs in AWS yet maintain the ability to immediately fetch their media assets for a surprise annual data audit, which will be conducted both on-premises and on their cloud storage. Which of the following options should you implement to meet the above requirement?
Set a lifecycle policy in the bucket to transition the data to Glacier after one week (7 days) and set a lifecycle policy in the bucket to transition to S3 - Standard IA after 30 days
You are working for a media company and you need to configure an Amazon S3 bucket to serve static assets for your public-facing web application. Which methods ensure that all of the objects uploaded to the S3 bucket can be read publicly all over the Internet?
Set the permissions of the object to public read during upload and configure the bucket policy to set all objects to public read.
There are a few, easily reproducible but confidential files that your client wants to store in AWS without worrying about storage capacity. For the first month, all of these files will be accessed frequently but after that, they will rarely be accessed at all. The old files will only be accessed by developers so there is no set retrieval time requirement. However, the files under a specific tutorialsdojo-finance prefix in the S3 bucket will be used for post-processing that requires millisecond retrieval time. Given these conditions, which of the following options would be the most cost-effective solution for your client's storage needs?
Store the files in S3 then after a month, change the storage class of the 'tutorialsdojo-finance' prefix to One Zone-IA while the remaining go to Glacier using lifecycle policy.
You are working as a Cloud Engineer for a top aerospace engineering firm. One of your tasks is to set up a document storage system using S3 for all of the engineering files. In Amazon S3, which of the following statements are true?
The total volume of data and number of objects you can store are unlimited and the largest object that can be uploaded in a single PUT is 5 GB
A Fortune 500 company which has numerous offices and customers around the globe has hired you as their Principal Architect. You have staff and customers that upload gigabytes to terabytes of data to a centralized S3 bucket from the regional data centers, across continents, all over the world on a regular basis. At the end of the financial year, there are thousands of data being uploaded to the central S3 bucket which is in ap-southeast-2 (Sydney) region and a lot of employees are starting to complain about the slow upload times. You were instructed by the CTO to resolve this issue as soon as possible to avoid any delays in processing their global end of financial year (EOFY) reports. Which feature in Amazon S3 enables fast, easy, and secure transfer of your files over long distances between your client and your Amazon S3 bucket?
Transfer Acceleration
You are working as a Solutions Architect in a new startup that provides storage for high-quality photos which are infrequently accessed by the users. To make the architecture cost-effective, you designed the cloud service to use an S3 One Zone-Infrequent Access (S3 One Zone-IA) storage type for free users and an S3 Standard-Infrequent Access (S3 Standard-IA) storage type for premium users. When your manager found out about this, he asked you about the trade-offs of using S3 One Zone-IA instead of the S3 Standard-IA. What will you say to your manager? (Choose 2)
Unlike other Amazon object storage classes, which store data in a minimum of three Availability Zones (AZs), S3 One Zone-IA stores data in a single AZ, Storing data in S3 One Zone-IA costs less than storing it in S3 Standard-IA.
You are working for a computer animation film studio that has a web application running on an Amazon EC2 instance. It uploads 5 GB video objects to an Amazon S3 bucket. Video uploads are taking longer than expected, which impacts the performance of your application. Which method will help improve the performance of your application?
Use Amazon S3 Multipart Upload API.
You are working as an IT Consultant for a large financial firm. They have a requirement to store irreproducible financial documents using Amazon S3. For their quarterly reporting, the files are required to be retrieved after a period of 3 months. There will be some occasions when a surprise audit will be held, which requires access to the archived data that they need to present immediately. What will you do to satisfy this requirement in a cost-effective way?
Use Amazon S3 Standard - Infrequent Access
A start-up company that offers an intuitive financial data analytics service has consulted you about their AWS architecture. They have a fleet of Amazon EC2 worker instances that process financial data and then outputs reports which are used by their clients. You must store the generated report files in a durable storage. The number of files to be stored can grow over time as the start-up company is expanding rapidly overseas and hence, they also need a way to distribute the reports faster to clients located across the globe. Which of the following is a cost-efficient and scalable storage option that you should use for this scenario?
Use Amazon S3 as the data storage and CloudFront as the CDN.
A music company is storing data on Amazon Simple Storage Service (S3). The company's security policy requires that data are encrypted at rest. Which of the following methods can achieve this?
Use Amazon S3 server-side encryption with customer-provided keys, as well as encrypt the data on the client-side before ingesting to Amazon S3 using their own master key.
You are a Cloud Migration Engineer in a media company which uses EC2, ELB, and S3 for its video-sharing portal for filmmakers. They are using a standard S3 storage class to store all high-quality videos that are frequently accessed only during the first three months of posting. What should you do if the company needs to automatically transfer or archive media data from an S3 bucket to Glacier?
Use Lifecycle Policies
You are a new Solutions Architect working for a financial company. Your manager wants to have the ability to automatically transfer obsolete data from their S3 bucket to a low cost storage system in AWS. What is the best solution you can provide to them?
Use Lifecycle Policies in S3 to move obsolete data to Glacier.
A document sharing website is using AWS as its cloud infrastructure. Free users can upload a total of 5 GB data while premium users can upload as much as 5 TB. Their application uploads the user files, which can have a max file size of 1 TB, to an S3 Bucket. In this scenario, what is the best way for the application to upload the large files in S3?
Use Multipart Upload
Your company wants to host a static website on Amazon S3 using a bucket named "tutorialsdojo" in the Asia Pacific (Sydney) region. What website URL will be assigned to the S3 bucket?
tutorialsdojo.s3-website-ap-southeast-2.amazonaws.com