AWS

Question 1

You have a mission-critical application which must be globally available at all times. If this is the case, which deployment mechanisms would you employ

Answer 1

Deployment to Multiple Regions

Question 2

Services that can be used to protect against DDoS attacks.

Answer 2

AWS Shield Advanced

AWS Shield

Question 3

Principles when designing cloud-based systems.

Answer 3

Build loosely-coupled components

Assume everything will fail

Question 4

A company does not want to manage their database. Which of the following services is a fully managed NoSQL database provided by AWS

Answer 4

DynamoDB (DynamoDB is a fully managed NoSQL database offering provided by AWS. It is now available in most regions for users to consume.)

Question 5

AWS service allows for distribution of incoming application traffic across multiple EC2 instances?

Answer 5

AWS ELB (Elastic Load Balancing)

Question 6

Concepts used when you want to manage the bills for multiple accounts under one master account

Answer 6

Consolidating billing

Question 7

_________ is the amount of storage that can be stored in the Simple Storage service?

Answer 7

Virtually unlimited storage

Question 8

What service from AWS can help manage the costs for all resources in AWS?

Answer 8

Cost Explorer (Cost Explorer is a free tool that you can use to view your costs)

Question 9

What is the service provided by AWS that lets you host Domain Name systems?

Answer 9

Route 53

Question 10

What service helps you to aggregate logs from your EC2 instance?

Answer 10

Cloudwatch Logs ( Logs to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS CloudTrail, and other sources. You can then retrieve the associated log data from CloudWatch Logs)

Question 11

What is a serverless compute offering from AWS?

Answer 11

AWS Lambda (compute service that lets you run code without provisioning or managing servers. AWS Lambda executes your code only when needed and scales automatically, from a few requests per day to thousands per second.)

Question 11

What does Amazon EC2 provide?

Answer 11

Virtual servers in the Cloud.

Question 12

What is a storage mechanism that can be used to store messages effectively which can be used across distributed systems.

Answer 12

Amazon SQS (Amazon Simple Queue Service (Amazon SQS) offers a reliable, highly-scalable hosted queue for storing messages as they travel between applications or microservices. It moves data between distributed application components and helps you decouple these components)

Question 13

When working on the costing for on-demand EC2 instances, which are the following are attributes which determine the costing of the EC2 Instance.

• AMI Type
• Instance Type
• Region
• Edge location

Answer 13

• AMI Type
• Instance Type
• Region

Question 14

Services that help provide a connection from on-premises infrastructure to resources hosted in the AWS Cloud.

Answer 14

AWS VPN (AWS Site-to-Site VPN enables you to securely connect your on-premises network or branch office site to your Amazon Virtual Private Cloud (Amazon VPC). AWS Client VPN enables you to securely connect users to AWS or on-premises networks.)

AWS Direct Connect (Direct Connect makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections.)

Question 15

In order to predict the cost of moving resources from on-premise to the cloud, which services should be used?

Answer 15

AWS TCO (Total cost of ownership)

AWS Trusted Advisor

Question 16

There is a requirement to host a set of servers in the Cloud for a short period of 3 months. Which of the following launch types for AWS EC2 instances should be chosen to be the most cost-effective?

Answer 16

On-Demand, Since the requirement is just for 3 months, then the most cost-effective option is to use On-Demand Instances.

Question 17

What is a document that provides a formal statement of one or more permissions?

Answer 17

Policy- A policy is a JSON document that specifies what a user can do on AWS.

Question 18

You are planning to serve a web application on the AWS Platform by using EC2 Instances. What principles would you adopt to ensure that even if some of the EC2 Instances crashes, you still have a working application

Answer 18

Using a fault-tolerant system

Question 19

Security feature that is associated with a Subnet in a VPC to protect against Incoming traffic requests.

Answer 19

NACL (A-network access control list (ACL)-is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets)

Question 20

AWS provides a storage option known as Amazon Glacier. What is this AWS service designed for?

Answer 20

Infrequently accessed data

Data archives

Question 21

What is the concept of an AWS region?

Answer 21

It is a geographical area divided into Availability Zones

Question 22

Which one of the following features is normally present in all of AWS Support plans

• A dedicated support person
• 24*7 access to Customer Service
• Access to all features in the Trusted Advisor
• A technical Account Manager

Answer 22

24*7 access to Customer Service

Question 23

AWS services allows you to build a data warehouse on the cloud?

Answer 23

AWS Redshift (Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. You can start with just a few hundred gigabytes of data and scale to a petabyte or more.)

Question 24

What IAM identities allow an application deployed on an EC2 instance to write data to S3 in a secure manner

Answer 24

AWS IAM Roles (An IAM role is similar to a user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS.)

Question 25

When using On-Demand instances in AWS, which of the following is a false statement when it comes to the costing for the Instance.

• You pay for much you use.
• You have to pay the termination fees if you terminate the instance
• You are charged per second based on the hourly rate
• You pay no upfront costs for the instance

Answer 25

You have to pay the termination fees if you terminate the instance

Question 26

What AWS services can assist you with cost optimization

Answer 26

AWS Trusted Advisor (An online resource to help you reduce cost, increase performance, and improve security by optimizing your AWS environment,)

Question 27

Which of the following is AWS managed database service provides processing power that is up to 5X faster than a traditional MySQL database.

• MariaDB
• Aurora
• PostgreSQL
• DynamoDB

Answer 27

Aurora ( is a fully managed, MySQL- and PostgreSQL-compatible, relational database engine. It combines the speed and reliability of high-end commercial databases with the simplicity and cost-effectiveness of open-source databases. It delivers up to five times the throughput of MySQL and up to three times the throughput of PostgreSQL without requiring changes to most of your existing applications.)

Question 28

There is a requirement to move a 10 TB data warehouse to the AWS cloud. Which of the following is an ideal service which can be used to move this amount of data to the AWS Cloud.

Answer 28

AWS Snowball (a service that accelerates transferring large amounts of data into and out of AWS using physical storage appliances, bypassing the Internet. Each AWS Snowball appliance type can transport data at faster-than internet speeds. This transport is done by shipping the data in the appliances through a regional carrier. The appliances are rugged shipping containers, complete with E Ink shipping labels.)

Question 29

Attributes that contribute to the cost of using the Simple Storage Service.

Answer 29

The total size in gigabytes of all objects stored.

The storage class used for the objects stored. (Amazon S3 offers a range of storage classes designed for different use cases with different pricing: - S3 Standard for general-purpose storage of frequently accessed data; - S3 Intelligent-Tiering for data with unknown or changing access patterns; - S3 Standard-Infrequent Access (S3 Standard-IA) - S3 One Zone-Infrequent Access (S3 One Zone-IA) for long-lived, but less frequently accessed data - S3 Glacier (S3 Glacier) for long-term archive and digital preservation.)

Question 30

You are exploring what services AWS has off-hand. You have a large number of data sets that need to be processed. Which of the following services can help fulfil this requirement.

• Storage gateway
• EMR
• Glacier
• S3

Answer 30

EMR (helps you analyze and process vast amounts of data by distributing the computational work across a cluster of virtual servers running in the AWS Cloud. The cluster is managed using an open-source framework called Hadoop. Amazon EMR lets you focus on crunching or analyzing your data without having to worry about time-consuming setup, management, and tuning of Hadoop clusters or the compute capacity they rely on.)

Question 31

You are are running a web-application and you want to improve response times for data that is requested frequently. Which AWS service should you use to improve performance to frequently accessed data?

Answer 31

Amazon ElastiCache (To improve response times for frequently accessed ready only data you want to implement a caching solution. Amazon ElastiCache provides two different in-memory storage solutions Redis and Memcache.)

Question 32

How do you backup an EBS Volume?

Answer 32

EBS Snapshot (You can take an EBS snapshot which will back up your data to S3)

Question 33

A company wants to utilize aws storage. For them low storage cost is paramount, the data is rarely retrieved, and data retrieval times of several hours are acceptable for them. What is the best storage option to use?

Answer 33

AWS Glacier (Amazon Glacier is a storage service optimized for infrequently used data, or “cold data.” The service provides durable and extremely low-cost storage with security features for data archiving and backup. )

Question 34

You have a distributed application that periodically processes large volumes of data across multiple Amazon EC2 Instances. The application is designed to recover gracefully from Amazon EC2 instance failures. How can you accomplish this in a cost effective way?

Answer 34

Spot Instances (When you think of cost effectiveness, you can either have to choose Spot or Reserved instances. Now when you have a regular processing job, the best is to use spot instances and since your application is designed recover gracefully from Amazon EC2 instance failures, then even if you lose the Spot instance , there is no issue because your application can recover.)

Question 35

What are the characteristics of Amazon S3?

Answer 35

S3 allows you to store unlimited amounts of data.

Objects are directly accessible via a URL.

Question 36

If you want to develop an application in Java, what tools would you use?

Answer 36

AWS SDK ( The AWS SDK for Java helps by providing Java APIs for AWS services including Amazon S3, Amazon ECS, DynamoDB, AWS Lambda, and more. The single, downloadable package includes the AWS Java library, code samples, and documentation you need to start developing.)

Question 37

Which services allow the customer to retain full administrative privileges of the underlying virtual infrastructure?

Answer 37

Amazon EC2 (All of the other services are all managed by AWS as serverless components. Only you have complete control over the EC2 service.)

Question 38

You have a Web application hosted in an EC2 Instance that needs to send notifications based on events. Which service can assist in sending notifications

Answer 38

AWS SNS (Amazon Simple Notification Service is a web service that enables applications, end-users, and devices to instantly send and receive notifications from-the cloud.)

Question 39

Which AWS service uses Edge Locations for content caching?

Answer 39

AWS CloudFront ( employs a global network of edge locations and regional edge caches that cache copies of your content close to your viewers. Amazon CloudFront ensures that end-user requests are served by the closest edge location)

Question 40

Which of the following is NOT a disaster recovery deployment technique.

• Multi-Site
• Warm standby
• Single Site
• Pilot light

Answer 40

Single Site

Question 41

Which of the following is a best practice when working with permissions in AWS?

• Ensure the highest privilege access is used
• Don’t use IAM users and groups
• Ensure the least privilege access is used
• Use the root account credentials

Answer 41

Ensure the least privilege access is used (When you create IAM policies, follow the standard security advice of granting-least privilege—that is, granting only the permissions required to perform a task. Determine what users need to do and then craft policies for them that let the users perform-only-those tasks.)

Question 42

Which of the below AWS services allows you to increase the number of resources on the demand of the application or users.

Answer 42

AWS Auto Scaling

Question 43

What acts as a firewall that controls the traffic allowed to reach one or more instances?

Answer 43

Security group (A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign the instance to up to five security groups. Security groups act at the instance level. Below is an example of a security group which has inbound rules. The below rule states that users can only SSH into EC2 instances that are attached to this security group.)

Question 44

You have 2 accounts in your AWS account. One for the Dev and the other for QA. All are part of consolidated billing. The master account has purchase 3 reserved instances. The Dev department is currently using 2 reserved instances. The QA team is planning on using 3 instances which of the same instance type. What is the pricing tier of the instances that can be used by the QA Team?

Answer 44

One Reserved and 2 on-demand (Since all are a part of consolidating billing, the pricing of reserved instances can be shared by All. And since 2 are already used by the Dev team , another one can be used by the QA team. The rest of the instances can be on-demand instances.)

Question 45

What is the AWS service provided which provides a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability?

Answer 45

DynamoDB

Question 46

What AWS service has built-in DDoS mitigation?

Answer 46

CloudFront

Question 47

hat is the key difference between an availability zone and an edge location?

Answer 47

Availability zone is an isolated location within an AWS region, whereas an edge location will deliver cached content to the closest location to reduce latency

Question 48

What can be used to manage identities in AWS.

Answer 48

AWS IAM (AWS Identity and Access Management is a web service that helps you securely control access to AWS resources.)

Question 49

What is the service provided by AWS that allows developers to easily deploy and manage applications on the cloud?

Answer 49

Elastic Beanstalk

Question 50

Which of the following is not a supported database engine in the AWS Relation Database Service?

• MySQL
• Aurora
• DB2
• MariaDB

Answer 50

DB2 (Amazon RDS is available on several database instance types - optimized for memory, performance or I/O - and provides you with six familiar database engines to choose from, including-Amazon Aurora,-PostgreSQL,-MySQL,-MariaDB,-Oracle, and-Microsoft SQL Server.-)

Question 51

In AWS billing what option can be used to ensure costs can be reduced if you have multiple accounts

Answer 51

Consolidated billing

Question 52

You want to take a snapshot of an EC2 Instance and create a new instance out of it. In AWS what is this snapshot equivalent to?

Answer 52

AMI (An Amazon Machine Image (AMI) provides the information required to launch an instance, which is a virtual server in the cloud. You specify an AMI when you launch an instance, and you can launch as many instances from the AMI as you need. You can also launch instances from as many different AMIs as you need.)

Question 53

A company wants to create standard templates for deployment of their Infrastructure. Which AWS service can be used in this regard?

Answer 53

AWS CloudFormation (AWS CloudFormation gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion.)

Question 54

AWS services should used to migrate an existing database to AWS

Answer 54

AWS DMS (AWS Database Migration Service helps you migrate databases to AWS quickly and securely)

Question 55

You want to monitor the CPU utilization of an EC2 resource in AWS. What service can help in this regard

Answer 55

AWS Cloudwatch (Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS)

Question 56

What is the ability provided by AWS to enable fast, easy, and secure transfers of files over long distances between your client and your Amazon S3 bucket.

Answer 56

S3 Transfer Acceleration (Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket. Transfer Acceleration takes advantage of Amazon CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path.)

Question 57

In AWS, which security aspects are the customer’s responsibility?

• Patch management on the EC2 instance’s operating system
• Security Group and ACL (Access Control List)settings
• 0
• Decommissioning storage devices
• Life-cycle management of IAM credentials
• Encryption of EBS (Elastic Block Storage)volumes
• Controlling physical access to compute resources

Answer 57

• Patch management on the EC2 instance’s operating system
• Security Group and ACL (Access Control List)settings
• Life-cycle management of IAM credentials
• Encryption of EBS (Elastic Block Storage)volumes

Question 58

What AWS RDS allows for AWS to failover to a secondary database in case the primary one fails?

Answer 58

AWS Multi-AZ (Amazon RDS Multi-AZ deployments provide enhanced availability and durability for Database (DB) Instances, making them a natural fit for production database workloads. )

Question 59

Which of the following benefits would attractive to a company moving from on-premise to AWS?

• Flexible
• Control of Physical Servers
• Pay Up Front
• Cost-Effective

Answer 59

Flexible

Cost-Effective

Question 60

What allows you to carve out your own portion of the AWS Cloud?

Answer 60

AWS VPC (Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you’ve defined. This virtual network closely resembles a traditional network that you’d operate in your own data center, with the benefits of using the scalable infrastructure of AWS.)

Question 61

What are the four levels of AWS Premium Support?

Answer 61

• Basic: Only for AWS account related support queries
• Developer: Recommended if you are experimenting or testing in AWS.
• Business: Recommended if you have production workloads in AWS.
• Enterprise: Recommended if you have business and/or mission critical workloads in AWS.

Question 62

Which of the following are benefits of the AWS’s Relational Database Service (RDS)?

• Automated patches and backups
• It allows you to store unstructured data
• It allows you to store NoSQL data
• You can resize the capacity accordingly

Answer 62

Automated patches and backups

You can resize the capacity accordingly

Question 63

What service helps in governance, compliance, and risk auditing in AWS.

Answer 63

AWS Cloudtrail

Question 64

A company is deploying a two-tier, highly available web application to AWS. Which service provides durable storage for static content while utilizing lower Overall CPU resources for the web tier?

Answer 64

Amazon S3 (Amazon S3 is the default storage service that should be considered for companies. If provides durable storage for all static content.)