Big Data BDS-C00 Flashcards
An organization is developing a mobile social application and needs to collect logs from all devices on which it is installed. The organization is evaluating the Amazon Kinesis Data Streams to push logs and Amazon EMR to process data. They want to store data on HDFS using the default replication factor to replicate data among the cluster, but they are concerned about the durability of the data. Currently, they are producing 300 GB of raw data daily, with additional spikes during special events. They will need to scale out the Amazon EMR cluster to match the increase in streamed data.
Which solution prevents data loss and matches compute demand?
A. Use multiple Amazon EBS volumes on Amazon EMR to store processed data and scale out the Amazon EMR cluster as needed.
B. Use the EMR File System and Amazon S3 to store processed data and scale out the Amazon EMR cluster as needed.
C. Use Amazon DynamoDB to store processed data and scale out the Amazon EMR cluster as needed.
D. Use Amazon Kinesis Data Firehose and, instead of using Amazon EMR, stream logs directly into Amazon Elasticsearch Service.
D. Use Amazon Kinesis Data Firehose and, instead of using Amazon EMR, stream logs directly into Amazon Elasticsearch Service.
A user is running a webserver on EC2. The user wants to receive the SMS when the EC2 instance utilization is above the threshold limit.
Which AWS services should the user configure in this case?
A. AWS CloudWatch + AWS SES
B. AWS CloudWatch + AWS SNS
C. AWS CloudWatch + AWS SQS
D. AWS EC2 + AWS CloudWatch
B. AWS CloudWatch + AWS SNS
It is advised that you watch the Amazon CloudWatch “_____” metric (available via the AWS Management Console or Amazon Cloud Watch APIs) carefully and recreate the Read Replica should it fall behind due to replication errors.
A. Write Lag
B. Read Replica
C. Replica Lag
D. Single Replica
C. Replica Lag
You have been asked to use your department’s existing continuous integration (CI) tool to test a three- tier web architecture defined in an AWS CloudFormation template. The tool already supports AWS APIs and can launch new AWS CloudFormation stacks after polling version control. The CI tool reports on the success of the AWS CloudFormation stack creation by using the DescribeStacks API to look for the CREATE_COMPLETE status.
The architecture tiers defined in the template consist of:
. One load balancer
. Five Amazon EC2 instances running the web application
. One multi-AZ Amazon RDS instance How would you implement this?
Choose 2 answers
A. Define a WaitCondition and a WaitConditionhandle for the output of an output of a UserData command that does sanity checking of the application’s post-install state
B. Define a CustomResource and write a script that runs architecture-level integration tests through the load balancer to the application and database for the state of multiple tiers
C. Define a WaitCondition and use a WaitConditionHandle that leverages the AWS SDK to run the DescribeStacks API call until the CREATE_COMPLETE status is returned
D. Define a CustomResource that leverages the AWS SDK to run the DescribeStacks API call until the CREATE_COMPLETE status is returned
E. Define a UserDataHandle for the output of a UserData command that does sanity checking of the application’s post-install state and runs integration tests on the state of multiple tiers through load balancer to the application
F. Define a UserDataHandle for the output of a CustomResource that does sanity checking of the application’s post-install state
A. Define a WaitCondition and a WaitConditionhandle for the output of an output of a UserData command that does sanity checking of the application’s post-install state
F. Define a UserDataHandle for the output of a CustomResource that does sanity checking of the application’s post-install state
By default what are ENIs that are automatically created and attached to instances using the EC2 console set to do when the attached instance terminates?
A. Remain as is
B. Terminate
C. Hibernate
D. Pause
B. Terminate
Without _____, you must either create multiple AWS accounts-each with its own billing and subscriptions to AWS products-or your employees must share the security credentials of a single AWS account.
A. Amazon RDS
B. Amazon Glacier
C. Amazon EMR
D. Amazon IAM
D. Amazon IAM
The project you are working on currently uses a single AWS CloudFormation template to deploy its AWS infrastructure, which supports a multi-tier web application. You have been tasked with organizing the AWS CloudFormation resources so that they can be maintained in the future, and so that different departments such as Networking and Security can review the architecture before it goes to Production.
How should you do this in a way that accommodates each department, using their existing workflows?
A. Organize the AWS CloudFormation template so that related resources are next to each other in the template, such as VPC subnets and routing rules for Networking and Security groups and IAM information for Security
B. Separate the AWS CloudFormation template into a nested structure that has individual templates for the resources that are to be governed by different departments, and use the outputs from the networking and security stacks for the application template that you control
C. Organize the AWS CloudFormation template so that related resources are next to each other in the template for each department’s use, leverage your existing continuous integration tool to constantly deploy changes from all parties to the Production environment, and then run tests for validation
D. Use a custom application and the AWS SDK to replicate the resources defined in the current AWS CloudFormation template, and use the existing code review system to allow other departments to approve changes before altering the application for future deployments
B. Separate the AWS CloudFormation template into a nested structure that has individual templates for the resources that are to be governed by different departments, and use the outputs from the networking and security stacks for the application template that you control
An administrator is processing events in near real-time using Kinesis streams and Lambda. Lambda intermittently fails to process batches from one of the shards due to a 5 –minute time limit.
What is a possible solution for this problem?
A. Add more Lambda functions to improve concurrent batch processing
B. Reduce the batch size that lambda is reading from the stream
C. Ignore and skip events that are older than 5 minutes and put them to Dead Letter Queue (DLQ)
D. Configure Lambda to read from fewer shards in parallel
D. Configure Lambda to read from fewer shards in parallel
Fill in the blanks: A\_\_\_\_\_ is a storage device that moves data in sequences of bytes or bits (blocks). Hint: These devices support random access and generally use buffered I/O. A. block map B. storage block C. mapping device D. block device
D. block device
What does Amazon EBS stand for? A. Elastic Block Storage B. Elastic Business Server C. Elastic Blade Server D. Elastic Block Store
D. Elastic Block Store
You have an ASP.NET web application running in Amazon Elastic BeanStalk. Your next version of the application requires a third-party Windows installer package to be installed on the instance on first boot and before the application launches.
Which options are possible? Choose 2 answers
A. In the application’s Global.asax file, run msiexec.exe to install the package using Process.Start() in the Application_Start event handler
B. In the source bundle’s .ebextensions folder, create a file with a .config extension. In the file, under the “packages” section and “msi” package manager, include the package’s URL
C. Launch a new Amazon EC2 instance from the AMI used by the environment. Log into the instance, install the package and run sysprep. Create a new AMI. Configure the environment to use the new AMI
D. In the environment’s configuration, edit the instances configuration and add the package’s URL to the “Packages” section
E. In the source bundle’s .ebextensions folder, create a “Packages” folder. Place the package in the folder
B. In the source bundle’s .ebextensions folder, create a file with a .config extension. In the file, under the “packages” section and “msi” package manager, include the package’s URL
C. Launch a new Amazon EC2 instance from the AMI used by the environment. Log into the instance, install the package and run sysprep. Create a new AMI.
A gas company needs to monitor gas pressure in their pipelines. Pressure data is streamed from sensors placed throughout the pipelines to monitor the data in real time. When an anomaly is detected, the system must send a notification to open valve. An Amazon Kinesis stream collects the data from the sensors and an anomaly Kinesis stream triggers an AWS Lambda function to open the appropriate valve.
Which solution is the MOST cost-effective for responding to anomalies in real time?
A. Attach a Kinesis Firehose to the stream and persist the sensor data in an Amazon S3 bucket. Schedule an AWS Lambda function to run a query in Amazon Athena against the data in Amazon S3 to identify anomalies. When a change is detected, the Lambda function sends a message to the anomaly stream to open the valve.
B. Launch an Amazon EMR cluster that uses Spark Streaming to connect to the Kinesis stream and Spark machine learning to detect anomalies. When a change is detected, the Spark application sends a message to the anomaly stream to open the valve.
C. Launch a fleet of Amazon EC2 instances with a Kinesis Client Library application that consumes the stream and aggregates sensor data over time to identify anomalies. When an anomaly is detected, the application sends a message to the anomaly stream to open the valve.
D. Create a Kinesis Analytics application by using the RANDOM_CUT_FOREST function to detect an anomaly. When the anomaly score that is returned from the function is outside of an acceptable range, a message is sent to the anomaly stream to open the valve.
A. Attach a Kinesis Firehose to the stream and persist the sensor data in an Amazon S3 bucket. Schedule an AWS Lambda function to run a query in Amazon Athena against the data in Amazon S3 to identify anomalies. When a change is detected, the Lambda function sends a message to the anomaly stream to open the valve.
An Amazon Redshift Database is encrypted using KMS. A data engineer needs to use the AWS CLI to create a KMS encrypted snapshot of the database in another AWS region.
Which three steps should the data engineer take to accomplish this task? (Select Three.)
A. Create a new KMS key in the destination region
B. Copy the existing KMS key to the destination region
C. Use CreateSnapshotCopyGrant to allow Amazon Redshift to use the KMS key created in the destination region
D. Use CreateSnapshotCopyGrant to allow Amazon Redshift to use the KMS key from the source region
E. In the source, enable cross-region replication and specify the name of the copy grant created
F. In the destination region, enable cross-region replication and specify the name of the copy grant created
A. Create a new KMS key in the destination region
D. Use CreateSnapshotCopyGrant to allow Amazon Redshift to use the KMS key from the source region
F. In the destination region, enable cross-region replication and specify the name of the copy grant created
You have been tasked with implementing an automated data backup solution for your application servers that run on Amazon EC2 with Amazon EBS volumes. You want to use a distributed data store for your backups to avoid single points of failure and to increase the durability of the data. Daily backups should be retained for 30 days so that you can restore data within an hour.
How can you implement this through a script that a scheduling deamon runs daily on the application servers?
A. Write the script to call the ec2-create-volume API, tag the Amazon EBS volume with the current data time group, and copy backup data to a second Amazon EBS volume. Use the ec2-describe- volumes API to enumerate existing backup volumes. Call the ec2-delete-volume API to prune backup volumes that are tagged with a date-time group older than 30 days
B. Write the script to call the Amazon Glacier upload archive API, and tag the backup archive with the current date-time group. Use the list vaults API to enumerate existing backup archives. Call the delete vault API to prune backup archives that are tagged with a date-time group older than
30 days
C. Write the script to call the ec2-create-snapshot API, and tag the Amazon EBS snapshot with the current date-time group. Use the ec2-describe-snapshot API to enumerate existing Amazon EBS snapshots. Call the ec2-delete-snapshot API to prune Amazon EBs snapshots that are tagged with a date-time group older than 30 days
D. Write the script to call the ec2-create-volume API, tag the Amazon EBS volume with the current date-time group, and use the ec2-copy-snapshot API to backup data to the new Amazon EBS volume. Use the ec2-describe-snapshot API to enumerate existing backup volumes. Call the ec2- delete-snapshot API to prune backup Amazon EBS volumes that are tagged with a date-time group older than 30 days
C. Write the script to call the ec2-create-snapshot API, and tag the Amazon EBS snapshot with the current date-time group. Use the ec2-describe-snapshot API to enumerate existing Amazon EBS snapshots. Call the ec2-delete-snapshot API to prune Amazon EBs snapshots that are tagged with a date-time group older than 30 days
An enterprise customer is migrating to Redshift and is considering using dense storage nodes in its Redshift cluster. The customer wants to migrate 50 TB of data. The customer’s query patterns involve performing many joins with thousands of rows. The customer needs to know how many nodes are needed in its target Redshift cluster. The customer has a limited budget and needs to avoid performing tests unless absolutely needed.
Which approach should this customer use?
A. Start with many small nodes
B. Start with fewer large nodes
C. Have two separate clusters with a mix of small and large nodes
D. Insist on performing multiple tests to determine the optimal configuration
A. Start with many small nodes
An organization is using Amazon Kinesis Data Streams to collect data generated from thousands of temperature devices and is using AWS Lambda to process the data. Devices generate 10 to 12 million records every day, but Lambda is processing only around 450 thousand records. Amazon CloudWatch indicates that throttling on Lambda is not occurring.
What should be done to ensure that all data is processed? (Choose two.)
A. Increase the BatchSize value on the EventSource, and increase the memory allocated to the Lambda function.
B. Decrease the BatchSize value on the EventSource, and increase the memory allocated to the Lambda function.
C. Create multiple Lambda functions that will consume the same Amazon Kinesis stream.
D. Increase the number of vCores allocated for the Lambda function.
E. Increase the number of shards on the Amazon Kinesis stream.
A. Increase the BatchSize value on the EventSource, and increase the memory allocated to the Lambda function.
E. Increase the number of shards on the Amazon Kinesis stream.
A company needs to monitor the read and write IOPs metrics for their AWS MySQL RDS instances and send real-time alerts to their operations team. Which AWS services can accomplish this?
Choose 2 answers
A. Amazon Simple Email Service B. Amazon CloudWatch C. Amazon Simple Queue Service D. Amazon Route 53 E. Amazon Simple Notification Service
B. Amazon CloudWatch
E. Amazon Simple Notification Service
When should I choose Provisioned IOPS over Standard RDS storage?
A. If you use production online transaction processing (OLTP) workloads.
B. If you have batch-oriented workloads
C. If you have workloads that are not sensitive to consistent performance
A. If you use production online transaction processing (OLTP) workloads.
A customer needs to determine the optimal distribution strategy for the ORDERS fact table in its Redshift schema. The ORDERS table has foreign key relationships with multiple dimension tables in this schema.
How should the company determine the most appropriate distribution key for the ORDRES table?
A. Identity the largest and most frequently joined dimension table and ensure that it and the ORDERS table both have EVEN distribution
B. Identify the target dimension table and designate the key of this dimension table as the distribution key of the ORDERS table
C. Identity the smallest dimension table and designate the key of this dimension table as the distribution key of ORDERS table
D. Identify the largest and most frequently joined dimension table and designate the key of this dimension table as the distribution key for the orders table
D. Identify the largest and most frequently joined dimension table and designate the key of this dimension table as the distribution key for the orders table
In the 'Detailed' monitoring data available for your Amazon EBS volumes, Provisioned IOPS volumes automatically send \_\_\_\_\_ minute metrics to Amazon CloudWatch. A. 5 B. 2 C. 1 D. 3
C. 1
A medical record filing system for a government medical fund is using an Amazon S3 bucket to archive documents related to patients. Every patient visit to a physician creates a new file, which can add up to millions of files each month. Collection of these files from each physician is handled via a batch process that runs every night using AWS Data Pipeline. This is sensitive data, so the data and any associated metadata must be encrypted at rest.
Auditors review some files on a quarterly basis to see whether the records are maintained according to regulations. Auditors must be able to locate any physical file in the S3 bucket or a given data, patient, or physician. Auditors spend a signification amount of time locating such files.
What is the most cost-and time-efficient collection methodology in this situation?
A. Use Amazon kinesis to get the data feeds directly from physician, batch them using a Spark application on Amazon Elastic MapReduce (EMR) and then store them in Amazon S3 with folders separated per physician.
B. Use Amazon API Gateway to get the data feeds directly from physicians, batch them using a Spark application on Amazon Elastic MapReduce (EMR), and then store them in Amazon S3 with folders separated per physician.
C. Use Amazon S3 event notifications to populate an Amazon DynamoDB table with metadata about every file loaded to Amazon S3, and partition them based on the month and year of the file.
D. Use Amazon S3 event notifications to populate and Amazon Redshift table with metadata about every file loaded to Amazon S3, and partition them based on the month and year of the file
.
A. Use Amazon kinesis to get the data feeds directly from physician, batch them using a Spark application on Amazon Elastic MapReduce (EMR) and then store them in Amazon S3 with folders separated per physician.
You have written a server-side Node.js application and a web application with an HTML/JavaScript front end that uses the Angular.js Framework. The server-side application connects to an Amazon Redshift cluster, issue queries, and then returns the results to the front end for display. Your user base is very large and distributed, but it is important to keep the cost of running this application low.
Which deployment strategy is both technically valid and the most cost-effective?
A. Deploy an AWS Elastic Beanstalk application with two environments: one for the Node.js application and another for the web front end. Launch an Amazon Redshift cluster, and point your application to its Java Database connectivity (JDBC) endpoint
B. Deploy an AWS OpsWorks stack with three layers: a static web server layer for your front end, a Node.js app server layer for your server-side application, and a Redshift DB layer Amazon Redshift cluster
C. Upload the HTML, CSS, images, and JavaScript for the front end to an Amazon Simple Storage Service
(S3) bucket. Create an Amazon CloudFront distribution with this bucket as its origin. Use AWS Elastic Beanstalk to deploy the Node.js application. Launch an Amazon Redshift cluster, and point your application to its JDBC endpoint
D. Upload the HTML, CSS, images, and JavaScript for the front end, plus the Node.js code for the server-side application, to an Amazon S3 bucket. Create a CloudFront distribution with this bucket as its origin. Launch an Amazon Redshift cluster, and point your application to its JDBC endpoint
E. Upload the HTML, CSS, images, and JavaScript for the front end to an Amazon S3 bucket. Use AWS Elastic Beanstalk to deploy the Node.js application. Launch an Amazon Redshift cluster, and point your application to its JDBC endpoint
C. Upload the HTML, CSS, images, and JavaScript for the front end to an Amazon Simple Storage Service
(S3) bucket. Create an Amazon CloudFront distribution with this bucket as its origin. Use AWS Elastic Beanstalk to deploy the Node.js application. Launch an Amazon Redshift cluster, and point your application to its JDBC endpoint
What is one key difference between an Amazon EBS-backed and an instance-store backed instance?
A. Amazon EBS-backed instances can be stopped and restarted
B. Instance-store backed instances can be stopped and restarted
C. Auto scaling requires using Amazon EBS-backed instances
D. Virtual Private Cloud requires EBS backed instances
A. Amazon EBS-backed instances can be stopped and restarted
You are configuring your company’s application to use Auto Scaling and need to move user state information.
Which of the following AWS services provides a shared data store with durability and low latency?
A. Amazon Simple Storage Service
B. Amazon DynamoDB
C. Amazon EC2 instance storage
D. AWS ElasticCache Memcached
A. Amazon Simple Storage Service
Is it possible to access your EBS snapshots?
A. Yes, through the Amazon S3 APIs.
B. Yes, through the Amazon EC2 APIs.
C. No, EBS snapshots cannot be accessed; they can only be used to create a new EBS volume.
D. EBS doesn’t provide snapshots.
B. Yes, through the Amazon EC2 APIs.
A user has provisioned 2000 IOPS to the EBS volume. The application hosted on that EBS is experiencing less IOPS than provisioned. Which of the below mentioned options does not affect the IOPS of the volume?
A. The application does not have enough IO for the volume
B. The instance is EBS optimized
C. The EC2 instance has 10 Gigabit Network connectivity
D. The volume size is too large
D. The volume size is too large
Using only AWS services. You intend to automatically scale a fleet of stateless of stateless web servers based on CPU and network utilization metrics. Which of the following services are needed? Choose 2 answers A. Auto Scaling B. Amazon Simple Notification Service C. AWS Cloud Formation D. CloudWatch E. Amazon Simple Workflow Service
A. Auto Scaling
D. CloudWatch
How many relational database engines does RDS currently support?
A. MySQL, Postgres, MariaDB, Oracle and Microsoft SQL Server
B. Just two: MySQL and Oracle.
C. Five: MySQL, PostgreSQL, MongoDB, Cassandra and SQLite.
D. Just one: MySQL.
A. MySQL, Postgres, MariaDB, Oracle and Microsoft SQL Server
A company is preparing to give AWS Management Console access to developers. Company policy mandates identity federation and role based access control. Roles are currently assigned using groups in the corporate Active Directory.
What combination of the following will give developers access to the AWS console? Choose 2 answers
A. AWS Directory Service AD connector
B. AWS Directory Service Simple AD
C. AWS identity and Access Management groups
D. AWS identity and Access Management roles
E. AWS identity and Access Management users
A. AWS Directory Service AD connector
D. AWS identity and Access Management roles
An organization currently runs a large Hadoop environment in their data center and is in the process of creating an alternative Hadoop environment on AWS, using Amazon EMR.
They generate around 20 TB of data on a monthly basis. Also on a monthly basis, files need to be grouped and copied to Amazon S3 to be used for the Amazon EMR environment. They have multiple S3 buckets across AWS accounts to which data needs to be copied. There is a 10G AWS Direct Connect setup between their data center and AWS, and the network team has agreed to allocate
A. Use an offline copy method, such as an AWS Snowball device, to copy and transfer data to Amazon S3.
B. Configure a multipart upload for Amazon S3 on AWS Java SDK to transfer data over AWS Direct Connect.
C. Use Amazon S3 transfer acceleration capability to transfer data to Amazon S3 over AWS Direct Connect.
D. Setup S3DistCop tool on the on-premises Hadoop environment to transfer data to Amazon S3 over AWS Direct Connect.
B. Configure a multipart upload for Amazon S3 on AWS Java SDK to transfer data over AWS Direct Connect.
An organization needs to store sensitive information on Amazon S3 and process it through Amazon EMR.
Data must be encrypted on Amazon S3 and Amazon EMR at rest and in transit. Using Thrift Server, the Data Analysis team users HIVE to interact with this data. The organization would like to grant access to only specific databases and tables, giving permission only to the SELECT statement.
Which solution will protect the data and limit user access to the SELECT statement on a specific portion of data?
A. Configure Transparent Data Encryption on Amazon EMR. Create an Amazon EC2 instance and install Apache Ranger. Configure the authorization on the cluster to use Apache Ranger.
B. Configure data encryption at rest for EMR File System (EMRFS) on Amazon S3. Configure data encryption in transit for traffic between Amazon S3 and EMRFS. Configure storage and SQL base authorization on HiveServer2.
C. Use AWS KMS for encryption of data. Configure and attach multiple roles with different permissions based on the different user needs.
D. Configure Security Group on Amazon EMR. Create an Amazon VPC endpoint for Amazon S3. Configure HiveServer2 to use Kerberos authentication on the cluster.
C. Use AWS KMS for encryption of data. Configure and attach multiple roles with different permissions based on the different user needs.
A \_\_\_\_\_\_\_\_\_\_ is the concept of allowing (or disallowing) an entity such as a user, group, or role some type of access to one or more resources. A. user B. AWS Account C. resource D. permission
B. AWS Account
What does Amazon CloudFormation provide?
A. None of these.
B. The ability to setup Autoscaling for Amazon EC2 instances.
C. A template to map network resources for Amazon Web Services.
D. A templated resource creation for Amazon Web Services.
D. A templated resource creation for Amazon Web Services.
What is the maximum response time for a Business level Premium Support case?
A. 30 minutes
B. You always get instant responses (within a few seconds).
C. 10 minutes
D. 1 hour
D. 1 hour
An organization is designing an Amazon DynamoDB table for an application that must meet the following requirements:
Item size is 40 KB
Read/write ratio 2000/500 sustained, respectively
Heavily read-oriented and requires low latencies in the order of milliseconds
The application runs on an Amazon EC2 instance
Access to the DynamoDB table must be secure within the VPC
Minimal changes to application code to improve performance using write-through cache
Which design options will BEST meet these requirements?
A. Size the DynamoDB table with 10000 RCUs/20000 WCUs, implement the DynamoDB Accelerator (DAX) for read performance, use VPC endpoints for DynamoDB, and implement an IAM role on the EC2 instance to secure DynamoDB access.
B. Size the DynamoDB table with 20000 RCUs/20000 WCUs, implement the DynamoDB Accelerator (DAX) for read performance, leverage VPC endpoints for DynamoDB, and implement an IAM user on the EC2 instance to secure DynamoDB access.
C. Size the DynamoDB table with 10000 RCUs/20000 WCUs, implement Amazon ElastiCache for read performance, set up a NAT gateway on VPC for the EC2 instance to access DynamoDB, and implement an IAM role on the EC2 instance to secure DynamoDB access.
D. Size the DynamoDB table with 20000 RCUs/20000 WCUs, implement Amazon ElastiCache for read performance, leverage VPC endpoints for DynamoDB, and implement an IAM user on the EC2 instance to secure DynamoDB access.
A. Size the DynamoDB table with 10000 RCUs/20000 WCUs, implement the DynamoDB Accelerator (DAX) for read performance, use VPC endpoints for DynamoDB, and implement an IAM role on the EC2 instance to secure DynamoDB access.
A user has deployed an application on his private cloud. The user is using his own monitoring tool. He wants to configure that whenever there is an error, the monitoring tool should notify him via SMS. Which of the below mentioned AWS services will help in this scenario?
A. None because the user infrastructure is in the private cloud/
B. AWS SNS
C. AWS SES
D. AWS SMS
B. AWS SNS
An existing application stores sensitive information on a non-boot Amazon EBS data volume attached to an Amazon Elastic Compute Cloud instance.
Which of the following approaches would protect the sensitive data on an Amazon EBS volume?
A. Snapshot the current Amazon EBS volume. Restore the snapshot to a new, encrypted Amazon
EBS volume Mount the Amazon EBS volume
B. Create and mount a new, encrypted Amazon EBS volume. Move the data to the new volume.
Delete the old Amazon EBS volume
C. Unmount the EBS volume. Toggle the encryption attribute to True. Re-mount the Amazon EBs volume
D. Upload your customer keys to AWS CloudHSM. Associate the Amazon EBS volume with AWS CloudHSM. Re-mount the Amazon EBS volume
A. Snapshot the current Amazon EBS volume. Restore the snapshot to a new, encrypted Amazon
EBS volume Mount the Amazon EBS volume
If I modify a DB Instance or the DB parameter group associated with the instance, should I reboot the instance for the changes to take effect?
A. No
B. Yes
B. Yes
A company uses Amazon Redshift for its enterprise data warehouse. A new op-premises PostgreSQL OLTP DB must be integrated into the data warehouse. Each table in the PostgreSQL DB has an indexed last_modified timestamp column. The data warehouse has a staging layer to load source data into the data warehouse environment for further processing.
The data log between the source PostgreSQL DB and the Amazon Redshift staging layer should NOT exceed four hours.
What is the most efficient technique to meet these requirements?
A. Create a DBLINK on the source DB to connect to Amazon Redshift. Use a PostgreSQL trigger on the source table to capture the new insert/update/delete event and execute the event on the Amazon Redshift staging table.
B. Use a PostgreSQL trigger on the source table to capture the new insert/update/delete event and write it to Amazon Kinesis Streams. Use a KCL application to execute the event on the Amazon Redshift staging table.
C. Extract the incremental changes periodically using a SQL query. Upload the changes to multiple Amazon Simple Storage Service (S3) objects and run the COPY command to load the Amazon Redshift staging table.
D. Extract the incremental changes periodically using a SQL query. Upload the changes to a single Amazon Simple Storage Service (S3) object run the COPY command to load to the Amazon Redshift staging layer.
C. Extract the incremental changes periodically using a SQL query. Upload the changes to multiple Amazon Simple Storage Service (S3) objects and run the COPY command to load the Amazon Redshift staging table.
Is there any way to own a direct connection to Amazon Web Services?
A. You can create an encrypted tunnel to VPC, but you don’t own the connection.
B. Yes, it’s called Amazon Dedicated Connection.
C. No, AWS only allows access from the public Internet.
D. Yes, it’s called Direct Connect.
D. Yes, it’s called Direct Connect.
Within the IAM service a GROUP is regarded as a:
A. A collection of AWS accounts
B. It’s the group of EC2 machines that gain the permissions specified in the GROUP.
C. There’s no GROUP in IAM, but only USERS and RESOURCES.
D. A collection of users.
D. A collection of users.
The Amazon EC2 web service can be accessed using the _____ web services messaging protocol. This interface is described by a Web Services Description Language (WSDL) document.
A. SOAP
B. DCOM
C. CORBA
D. XML-RPC
A. SOAP
What is an isolated database environment running in the cloud (Amazon RDS) called? A. DB Instance B. DB Unit C. DB Server D. DB Volume
A. DB Instance
You are currently hosting multiple applications in a VPC and have logged numerous port scans coming in from a specific IP address block. Your security team has requested that all access from the offending IP address block be denied for the next 24 hours.
Which of the following is the best method to quickly and temporarily deny access from the specified IP address block?
A. Create an AD policy to modify Windows Firewall settings on all hosts in the VPC to deny access from the IP address block
B. Modify the Network ACLs associated with all public subnets in the VPC to deny access from the IP address block
C. Add a rule to all of the VPC 5 Security Groups to deny access from the IP address block D. Modify the
Windows Firewall settings on all Amazon Machine Images (AMIs) that your organization uses in that VPC to deny access from the IP address block
B. Modify the Network ACLs associated with all public subnets in the VPC to deny access from the IP address block
It is advised that you watch the Amazon CloudWatch “_____” metric (available via the AWS Management Console or Amazon Cloud Watch APIs) carefully and recreate the Read Replica should it fall behind due to replication errors.
A. Write Lag
B. Read Replica
C. Replica Lag
D. Single Replica
C. Replica Lag
Does Dynamic DB support in-place atomic updates?
A. It is not defined
B. No
C. Yes
D. It does support in-place non-atomic updates
C. Yes
A company is building a new application is AWS. The architect needs to design a system to collect application log events. The design should be a repeatable pattern that minimizes data loss if an application instance fails, and keeps a durable copy of all log data for at least 30 days.
What is the simplest architecture that will allow the architect to analyze the logs?
A. Write them directly to a Kinesis Firehose. Configure Kinesis Firehose to load the events into an
Amazon Redshift cluster for analysis.
B. Write them to a file on Amazon Simple Storage Service (S3). Write an AWS lambda function that runs in response to the S3 events to load the events into Amazon Elasticsearch service for analysis.
C. Write them to the local disk and configure the Amazon cloud watch Logs agent to lead the data into CloudWatch Logs and subsequently into Amazon Elasticsearch Service.
D. Write them to CloudWatch Logs and use an AWS Lambda function to load them into HDFS on an Amazon Elastic MapReduce (EMR) cluster for analysis.
A. Write them directly to a Kinesis Firehose.
You have a load balancer configured for VPC, and all backend Amazon EC2 instances are in service. However, your web browser times out when
connecting to the load balancer’s DNS name.
Which options are probable causes of this behavior?
A. The load balancer was not configured to use a public subnet with an Internet gateway configured
B. The Amazon EC2 instances do not have a dynamically allocated private IP address
C. The security groups or network ACLs are not properly configured for web traffic
D. The load balancer is not configured in a private subnet with a NAT instance
A. The load balancer was not configured to use a public subnet with an Internet gateway configured
C. The security groups or network ACLs are not properly configured for web traffic
If your DB instance runs out of storage space or file system resources, its status will change to_____ and your DB Instance will no longer be available.
A. storage-overflow
B. storage-full
C. storage-exceed
D. storage-overage
B. storage-full
You have a video Trans coding application running on Amazon EC2. Each instance pools a queue to find out which video should be Trans coded, and then runs a Trans coding process.
If this process is interrupted, the video will be Trans coded by another instance based on the queuing system. You have a large backlog of videos which need to be Trans coded and would like to reduce this backlog by adding more instances. You will need these instances only until the backlog is reduced. Which type of Amazon EC2 instance should you use to reduce the backlog in the most cost-effective way?
A. Dedicated instances
B. Spot instances
C. On-demand instances
D. Reserved instances
B. Spot instances
An advertising organization uses an application to process a stream of events that are received from clients in multiple unstructured formats.
The application does the following:
Transforms the events into a single structured format and streams them to Amazon Kinesis for real-time analysis.
Stores the unstructured raw events from the log files on local hard drivers that are rotated and uploaded to Amazon S3.
The organization wants to extract campaign performance reporting using an existing Amazon redshift cluster.
Which solution will provide the performance data with the LEAST number of operations?
A. Install the Amazon Kinesis Data Firehose agent on the application servers and use it to stream the log files directly to Amazon Redshift.
B. Create an external table in Amazon Redshift and point it to the S3 bucket where the unstructured raw events are stored.
C. Write an AWS Lambda function that triggers every hour to load the new log files already in S3 to Amazon redshift.
D. Connect Amazon Kinesis Data Firehose to the existing Amazon Kinesis stream and use it to stream the event directly to Amazon Redshift.
B. Create an external table in Amazon Redshift and point it to the S3 bucket where the unstructured raw events are stored.
A user has setup an RDS DB with Oracle. The user wants to get notifications when someone modifies the security group of that DB. How can the user configure that?
A. It is not possible to get the notifications on a change in the security group
B. Configure SNS to monitor security group changes
C. Configure event notification on the DB security group
D. Configure the CloudWatch alarm on the DB for a change in the security group
C. Configure event notification on the DB security group
A system admin is planning to setup event notifications on RDS. Which of the below mentioned services will help the admin setup notifications?
A. AWS SES
B. AWS Cloudtrail
C. AWS CloudWatch
D. AWS SNS
D. AWS SNS
A media advertising company handles a large number of real-time messages sourced from over 200 websites.
The company’s data engineer needs to collect and process records in real time for analysis using Spark Streaming on Amazon Elastic MapReduce (EMR). The data engineer needs to fulfill a corporate mandate to keep ALL raw messages as they are received as a top priority.
Which Amazon Kinesis configuration meets these requirements?
A. Publish messages to Amazon Kinesis Firehose backed by Amazon Simple Storage Service (S3). Pull messages off Firehose with Spark Streaming in parallel to persistence to Amazon S3
B. Publish messages to Amazon Kinesis Streams. Pull messages off Stream with Spark Streaming in parallel to AWS messages from Streams to Firehose backed by Amazon Simple Storage Service (S3)
C. Publish messages to Amazon Kinesis Firehose backed by Amazon Simple Storage (S3).
Use AWS Lambda messages from Firehose to Streams for processing with Spark Streaming
D. Publish messages to Amazon Kinesis Streams, pull messages off with Spark Streaming and write data new data to Amazon Simple Storage Service (S3) before and after processing
C. Publish messages to Amazon Kinesis Firehose backed by Amazon Simple Storage (S3).
Use AWS Lambda messages from Firehose to Streams for processing with Spark Streaming
What is the charge for the data transfer incurred in replicating data between your primary and standby?
A. No charge. It is free.
B. Double the standard data transfer charge
C. Same as the standard data transfer charge
D. Half of the standard data transfer charge
C. Same as the standard data transfer charge
Which Amazon storage do you think is the best for my database-style applications that frequently encounter many random reads and writes across the dataset? A. None of these.
B. Amazon Instance Storage
C. Any of these
D. Amazon EBS
D. Amazon EBS
Your Devops team is responsible for a multi-tier, Windows-based web application consisting of web servers, Amazon RDS database instances, and a load balancer behind Amazon Route53. You have been asked by your manager to build a cost-effective rolling deployment solution for this web application.
What method should you use?
A. Re-deploy your application on an AWS OpsWorks stack. Use the AWS OpsWorks clone stack feature to allow updates between duplicate stacks
B. Re-deploy your application on Elastic BeanStalk and take advantage of Elastic BeanStalk rolling updates
C. Re-deploy your application using an AWS CloudFormation template, launch a new AWS
CloudFormation stack during each deployment, and then tear down the old stack
D. Re-deploy your application using an AWS CloudFormation template. Use AWS CloudFormation rolling deployment policies, create a new policy for your AWS CloudFormation stack, and initiate an update stack operation to deploy new code
D. Re-deploy your application using an AWS CloudFormation template. Use AWS CloudFormation rolling deployment policies, create a new policy for your AWS CloudFormation stack, and initiate an update stack operation to deploy new code
Your company operates a website for promoters to sell tickets for entertainment events. You are using a load balancer in front of an Auto Scaling group of web server. Promotion of popular events can cause surges of websites visitors. During scaling-out at theses times, newly launched instances are unable to complete configuration quickly enough, leading to user disappointment.
What option should you choose to improve scaling yet minimize costs? Choose 2 answers
A. Create an AMI with the application pre-configured. Create a new Auto Scaling launch configuration using this new AMI, and configure the Auto Scaling group to launch with this AMI
B. Use Auto Scaling pre-warming to launch instances before they are required. Configure prewarming to use the CPU trend CloudWatch metric for the group
C. Publish a custom CloudWatch metric from your application on the number of tickets sold, and create an Auto Scaling policy based on this
D. Using the history of past scaling events for similar event sales to predict future scaling requirements. Use the Auto Scaling scheduled scaling feature to vary the size of the fleet
E. Configure an Amazon S3 bucket for website hosting. Upload into the bucket an HTML holding page with its ‘x-amz-website-redirect-location’ metadata property set to the load balancer endpoint.
Configure Elastic Load Balancing to redirect to the holding page when the load on web servers is above a certain level
D. Using the history of past scaling events for similar event sales to predict future scaling requirements. Use the Auto Scaling scheduled scaling feature to vary the size of the fleet
E. Configure an Amazon S3 bucket for website hosting. Upload into the bucket an HTML holding page with its ‘x-amz-website-redirect-location’ metadata property set to the load balancer endpoint.
Configure Elastic Load Balancing to redirect to the holding page when the load on web servers is above a certain level
To help you manage your Amazon EC2 instances, images, and other Amazon EC2 resources, you can assign your own metadata to each resource in the form of\_\_\_\_\_\_\_\_\_\_\_\_ A. special filters B. functions C. tags D. wildcards
C. tags
Can I detach the primary (eth0) network interface when the instance is running or stopped?
A. Yes, You can.
B. No. You cannot
C. Depends on the state of the interface at the time
B. No. You cannot
Do the Amazon EBS volumes persist independently from the running life of an Amazon EC2 instance?
A. No
B. Only if instructed to when created
C. Yes
C. Yes
A user is running one instance for only 3 hours every day. The user wants to save some cost with the instance. Which of the below mentioned Reserved Instance categories is advised in this case?
A. The user should not use RI; instead only go with the on-demand pricing
B. The user should use the AWS high utilized RI
C. The user should use the AWS medium utilized RI D. The user should use the AWS low utilized RI
A. The user should not use RI; instead only go with the on-demand pricing
Amazon S3 doesn't automatically give a user who creates \_\_\_\_\_ permission to perform other actions on that bucket or object. A. a file B. a bucket or object C. a bucket or file D. a object or file
B. a bucket or object
My Read Replica appears “stuck” after a Multi-AZ failover and is unable to obtain or apply updates from the source DB Instance. What do I do?
A. You will need to delete the Read Replica and create a new one to replace it.
B. You will need to disassociate the DB Engine and re associate it.
C. The instance should be deployed to Single AZ and then moved to Multi- AZ once again
D. You will need to delete the DB Instance and create a new one to replace it.
A. You will need to delete the Read Replica and create a new one to replace it.
A user is planning to host a mobile game on EC2 which sends notifications to active users on either high score or the addition of new features. The user should get this notification when he is online on his mobile device. Which of the below mentioned AWS services can help achieve this functionality?
A. AWS Simple Notification Service
B. AWS Simple Queue Service
C. AWS Mobile Communication Service
D. AWS Simple Email Service
A. AWS Simple Notification Service
Which of the following notification endpoints or clients does Amazon Simple Notification Service support? Choose 2 answers
A. Email B. CloudFront distribution C. File Transfer Protocol D. Short Message Service E. Simple Network Management Protocol
A. Email
D. Short Message Service
A company that provides economics data dashboards needs to be able to develop software to display rich, interactive, data-driven graphics that run in web browsers and leverages the full stack of web standards (HTML, SVG and CSS).
Which technology provides the most appropriate for this requirement?
A. D3.js
B. Python/Jupyter
C. R Studio
D. Hue
A. D3.js
Which of these configuration or deployment practices is a security risk for RDS?
A. Storing SQL function code in plaintext
B. Non-Multi-AZ RDS instance
C. Having RDS and EC2 instances exist in the same subnet
D. RDS in a public subnet
D. RDS in a public subnet
A company needs to deploy services to an AWS region which they not previously used. The company currently has an AWS identity and Access Management (IAM) role for their Amazon EC2 instances, which permits the instance to have access to Amazon DynamoDB. The company wants their EC2 instances in the new region to have the same privileges.
How should the company achieve this?
A. Create a new IAM role and associated policies within the new region
B. Assign the existing IAM role to the Amazon EC2 instances in the new region
C. Copy the IAM role and associated policies to the new region and attach it to the instances
D. Create the Amazon Machine Image of the instance and copy it to the desired region using the AMI Copy feature
B. Assign the existing IAM role to the Amazon EC2 instances in the new region
Will I be charged if the DB instance is idle? A. No B. Yes C. Only is running in GovCloud D. Only if running in VPC
B. Yes
A solutions architect works for a company that has a data lake based on a central Amazon S3 bucket. The data contains sensitive information. The architect must be able to specify exactly which files each user can access. Users access the platform through SAML federation Single Sign On platform.
The architect needs to build a solution that allows fine grained access control, traceability of access to the objects, and usage of the standard tools (AWS Console, AWS CLI) to access the data.
Which solution should the architect build?
A. Use Amazon S3 Server-Side Encryption with AWS KMS-Managed Keys for strong data.
Use AWS KMS to allow access to specific elements of the platform. Use AWS CloudTrail for auditing
B. Use Amazon S3 Server-Side Encryption with Amazon S3 Managed Keys. Set Amazon S3
ACI to allow access to specific elements of the platform. Use Amazon S3 to access logs for auditing
C. Use Amazon S3 Client-Side Encryption with Client-Side Master Key. Set Amazon S3 ACI to allow access to specific elements of the platform. Use Amazon S3 access logs for auditing
D. Use Amazon S3 Client-Side Encryption with AWS KMS-Managed keys for storing data.
Use AMS KWS to allow access to specific elements of the platform. Use AWS CloudTrail for auditing
D. Use Amazon S3 Client-Side Encryption with AWS KMS-Managed keys for storing data.
Use AMS KWS to allow access to specific elements of the platform. Use AWS CloudTrail for auditing
An online photo album app has a key design feature to support multiple screens (e.g. desktop, mobile phone, and tablet) with high quality displays. Multiple versions of the image must be saved in different resolutions and layouts.
The image processing Java program takes an average of five seconds per upload, depending on the image size and format. Each image upload captures the following image metadata: user, album, photo label, upload timestamp
The app should support the following requirements:
• Hundreds of user image uploads per second
• Maximum image metadata size of 10 MB
• Maximum image metadata size of 1 KB
•Image displayed in optimized resolution in all supported screens no later than one minute after image upload Which strategy should be used to meet these requirements?
A. Write images and metadata to Amazon Kinesis, Use a Kinesis Client Library (KCL) application to run the image processing and save the image output to Amazon S3 and metadata to the app repository DB
B. Write image and metadata RDS with BLOB data type. Use AWS Data Pipeline to run the image processing and save the image output to Amazon S3 and metadata to the app repository DB
C. Upload image with metadata to Amazon S3 use Lambda function to run the image processing and save the image output to Amazon S3 and metadata to the app repository DB
D. Write image and metadata to Amazon kinesis. Use Amazon Elastic MapReduce (EMR) with Spark Streaming to run image processing and save image output to Amazon
D. Write image and metadata to Amazon kinesis. Use Amazon Elastic MapReduce (EMR) with Spark Streaming to run image processing and save image output to Amazon
A customer has an Amazon S3 bucket. Objects are uploaded simultaneously by a cluster of servers from multiple streams of data. The customer maintains a catalog of objects uploaded in Amazon S3 using an Amazon DynamoDB table. This catalog has the following fields StreamName, TimeStamp, and ServerName, TimeStamp, and ServerName, from which ObjectName can be obtained.
The customer needs to define the catalog to support querying for a given stream or server within a defined time range.
Which DynamoDB table scheme is most efficient to support these queries?
A. Define a Primary Key with ServerName as Partition Key and TimeStamp as Sort Key. Don NOT define a Secondary Index or Global Secondary Index.
B. Define a Primary Key with StreamName as Partition Key and TimeStamp followed by ServerName as Sort Key. Define a Global Secondary Index with ServerName as Partition Key and TimeStamp followed by StreamName.
C. Define a Primary Key with ServerName as Partition Key. Define a Local Secondary Index with StreamName as Partition Key. Define a Global Secondary Index with TimeStamp as Partition Key.
D. Define a Primary Key with ServerName as Partition Key. Define a Local Secondary Index with TimeStamp as Partition Key. Define a Global Secondary Index with StreamName as Partition key and TimeStamp as Sort Key.
A. Define a Primary Key with ServerName as Partition Key and TimeStamp as Sort Key. Don NOT define a Secondary Index or Global Secondary Index.
An organization uses a custom map reduce application to build monthly reports based on many small data files in an Amazon S3 bucket. The data is submitted from various business units on a frequent but unpredictable schedule. As the dataset continues to grow, it becomes increasingly difficult to process all of the data in one day. The organization has scaled up its Amazon EMR cluster, but other optimizations could improve performance.
The organization needs to improve performance minimal changes to existing processes and applications.
What action should the organization take?
A. Use Amazon S3 Event Notifications and AWS Lambda to create a quick search file index in
DynamoDB.
B. Add Spark to the Amazon EMR cluster and utilize Resilient Distributed Datasets in-memory.
C. Use Amazon S3 Event Notifications and AWS Lambda to index each file into an Amazon Elasticsearch Service cluster.
D. Schedule a daily AWS Data Pipeline process that aggregates content into larger files using
S3DistCp.
E. Have business units submit data via Amazon Kinesis Firehose to aggregate data hourly into Amazon S3.
B. Add Spark to the Amazon EMR cluster and utilize Resilient Distributed Datasets in-memory.
A company is using Amazon Machine Learning as part of a medical software application. The application will predict the most likely blood type for a patient based on a variety of other clinical tests that are available when blood type knowledge is unavailable.
What is the appropriate model choice and target attribute combination for the problem?
A. Multi-class classification model with a categorical target attribute B. Regression model with a numeric target attribute C. Binary Classification with a categorical target attribute D. K-Nearest Neighbors model with a multi-class target attribute
A. Multi-class classification model with a categorical target attribute
An organization has added a clickstream to their website to analyze traffic. The website is sending each page request with the PutRecord API call to an Amazon Kinesis stream by using the page name as the partition key. During peak spikes in website traffic, a support engineer notices many ProvisionedThroughputExcededException events in the application logs.
What should be done to resolve the issue in the MOST cost-effective way?
A. Create multiple Amazon Kinesis streams for page requests to increase the concurrency of the clickstream.
B. Increase the number of shards on the Kinesis stream to allow for more throughput to meet the peak spikes in traffic.
C. Modify the application to use on the Kinesis Producer Library to aggregate requests before sending them to the Kinesis stream.
D. Attach more consumers to the Kinesis stream to process records in parallel, improving the performance on the stream
B. Increase the number of shards on the Kinesis stream to allow for more throughput to meet the peak spikes in traffic.
Is there a method in the IAM system to allow or deny access to a specific instance?
A. Only for VPC based instances
B. Yes
C. No
C. No
Because of the extensibility limitations of striped storage attached to Windows Server, Amazon RDS does not currently support increasing storage on a _____ DB Instance.
A. SQL Server
B. MySQL
C. Oracle
A. SQL Server
Which of the following requires a custom cloudwatch metric to monitor?
A. Memory utilization of an EC2 instance
B. CPU utilization of an EC2 instance
C. Disk usage activity of an EC2 instance
D. Data transfer of an EC2 instance
A. Memory utilization of an EC2 instance
What are the two types of licensing options available for using Amazon RDS for Oracle?
A. BYOL and Enterprise License
B. BYOL and License Included
C. Enterprise License and License Included
D. Role based License and License Included
B. BYOL and License Included
Managers in a company need access to the human resources database that runs on Amazon Redshift, to run reports about their employees. Managers must only see information about their direct reports.
Which technique should be used to address this requirement with Amazon Redshift?
A. Define an IAM group for each employee as an IAM user in that group and use that to limit the access.
B. Use Amazon Redshift snapshot to create one cluster per manager. Allow the managers to access only their designated clusters.
C. Define a key for each manager in AWS KMS and encrypt the data for their employees with their private keys.
D. Define a view that uses the employee’s manager name to filter the records based on current user names
.
A. Define an IAM group for each employee as an IAM user in that group and use that to limit the access.
What is the charge for the data transfer incurred in replicating data between your primary and standby?
A. Same as the standard data transfer charge
B. Double the standard data transfer charge
C. No charge. It is free
D. Half of the standard data transfer charge
C. No charge. It is free
What’s an ECU?
A. Extended Cluster User.
B. None of these.
C. Elastic Computer Usage.
D. Elastic Compute Unit.
D. Elastic Compute Unit.
An administrator tries to use the Amazon Machine Learning service to classify social media posts that mention the administrator’s company into posts that requires a response and posts that do not. The training dataset of 10,000 posts contains the details of each post including the timestamp, author, and full text of the post. The administrator is missing the target labels that are required for training.
Which Amazon Machine Learning model is the most appropriate for the task?
A. Unary classification model, where the target class is the require-response post B. Binary classification model, where the two classes are require-response and does-not-require- response C. Multi-class prediction model, with two classes require-response and does-not-require response D. Regression model where the predicted value is the probability that the post requires a response
A. Unary classification model, where the target class is the require-response post
A large oil and gas company needs to provide near real-time alerts when peak thresholds are exceeded in its pipeline system. The company has developed a system to capture pipeline metrics such as flow rate, pressure and temperature using millions of sensors. The sensors deliver to AWS IoT.
What is a cost-effective way to provide near real-time alerts on the pipeline metrics?
A. Create an AWS IoT rule to generate an Amazon SNS notification
B. Store the data points in an Amazon DynamoDB table and polite peak metrics data from an Amazon EC2 application
C. Create an Amazon Machine Learning model and invoke with AWS Lambda
D. Use Amazon Kinesis Streams and a KCL-based application deployed on AWS Elastic Beanstalk
C. Create an Amazon Machine Learning model and invoke with AWS Lambda
What does Amazon ELB stand for? A. Elastic Linux Box. B. Encrypted Linux Box. C. Encrypted Load Balancing. D. Elastic Load Balancing.
D. Elastic Load Balancing.
A company is running a batch analysis every hour on their main transactional DB running on an RDS MySQL instance to populate their central Data Warehouse running on Redshift. During the execution of the batch their transactional applications are very slow. When the batch completes they need to update the top management dashboard with the new data. The dashboard is produced by another system running on-premises that is currently started when a manually-sent email notifies that an update is required The on-premises system cannot be modified because is managed by another team.
How would you optimize this scenario to solve performance issues and automate the process as much as possible?
A. Replace RDS with Redshift for the batch analysis and SNS to notify the on-premises system to update the dashboard
B. Replace RDS with Redshift for the batch analysis and SQS to send a message to the on-premises system to update the dashboard
C. Create an RDS Read Replica for the batch analysis and SNS to notify me on-premises system to update the dashboard
D. Create an RDS Read Replica for the batch analysis and SQS to send a message to the on-premises system to update the dashboard.
C. Create an RDS Read Replica for the batch analysis and SNS to notify me on-premises system to update the dashboard
Multiple rows in an Amazon Redshift table were accidentally deleted. A System Administrator is restoring the table from the most recent snapshot. The snapshot contains all rows that were in the table before the deletion.
What is the SIMPLEST solution to restore the table without impacting users?
A. Restore the snapshot to a new Amazon Redshift cluster, then UNLOAD the table to Amazon S3. In the original cluster, TRUNCATE the table, then load the data from Amazon S3 by using a COPY command.
B. Use the Restore Table from a Snapshot command and specify a new table name DROP the original table, then RENAME the new table to the original table name.
C. Restore the snapshot to a new Amazon Redshift cluster. Create a DBLINK between the two clusters in the original cluster, TRUNCATE the destination table, then use an INSERT command to copy the data from the new cluster.
D. Use the ALTER TABLE REVERT command and specify a time stamp of immediately before the data deletion. Specify the Amazon Resource Name of the snapshot as the SOURCE and use the OVERWRITE REPLACE option.
B. Use the Restore Table from a Snapshot command and specify a new table name DROP the original table, then RENAME the new table to the original table name.
A user is planning to setup infrastructure on AWS for the Christmas sales. The user is planning to use Auto Scaling based on the schedule for proactive scaling.
What advise would you give to the user?
A. It is good to schedule now because if the user forgets later on it will not scale up
B. The scaling should be setup only one week before Christmas
C. Wait till end of November before scheduling the activity
D. It is not advisable to use scheduled based scaling
C. Wait till end of November before scheduling the activity
Your application uses CloudFormation to orchestrate your application’s resources. During your testing phase before application went live, your Amazon RDS instance type was changed and caused the instance to be re-created, resulting in the loss of test data.
How should you prevent this from occurring in the future?
A. Within the AWS CloudFormation parameter with which users can select the Amazon RDS instance type, set AllowedValues to only contain the current instance type
B. Use an AWS CloudFormation stack policy to deny updates to the instance. Only allow
UpdateStack permission to IAM principles that are denied SetStackPolicy
C. In the AWS CloudFormation template, set the AWS::RDS::DBInstance’s DBInstanceClass property to be read-only
D. Subscribe to the AWS CloudFormation notification “BeforeResourceUpdate” and call
CancelStackUpdate if the resource identified is the Amazon RDS instance
E. In the AWS ClousFormation template, set the DeletionPolicy of the AWS::RDS::DBInstance’s DeletionPolicy property to “Retain”
E. In the AWS ClousFormation template, set the DeletionPolicy of the AWS::RDS::DBInstance’s DeletionPolicy property to “Retain”
Is there a limit to the number of groups you can have?
A. Yes for all users except root
B. No
C. Yes unless special permission granted
D. Yes for all users
D. Yes for all users
Your company wants to start working with AWS, but has not yet opened an account. With which of the following services should you begin local development? A. Amazon DynamoDB B. Amazon Simple Queue Service C. Amazon Simple Email Service D. Amazon CloudSearch
A. Amazon DynamoDB
HTTP Query-based requests are HTTP requests that use the HTTP verb GET or POST and a Query parameter named\_\_\_\_\_\_\_\_\_\_\_\_\_. A. Action B. Value C. Reset D. Retrieve
A. Action
Amazon EC2 provides a repository of public data sets that can be seamlessly integrated into AWS cloud-based applications.What is the monthly charge for using the public data sets? A. A 1 time charge of 10$ for all the datasets.
B. 1$ per dataset per month
C. 10$ per month for all the datasets
D. There is no charge for using the public data sets
D. There is no charge for using the public data sets
Are you able to integrate a multi-factor token service with the AWS Platform?
A. Yes, you can integrate private multi-factor token devices to authenticate users to the AWS platform.
B. No, you cannot integrate multi-factor token devices with the AWS platform.
C. Yes, using the AWS multi-factor token devices to authenticate users on the AWS platform.
C. Yes, using the AWS multi-factor token devices to authenticate users on the AWS platform.
You have an application running on an Amazon Elastic Compute Cloud instance, that uploads 5 GB video objects to Amazon Simple Storage Service (S3). Video uploads are taking longer than expected, resulting in poor application performance.
Which method will help improve performance of your application?
A. Enable enhanced networking
B. Use Amazon S3 multipart upload
C. Leveraging Amazon CloudFront, use the HTTP POST method to reduce latency.
D. Use Amazon Elastic Block Store Provisioned IOPs and use an Amazon EBS-optimized instance
B. Use Amazon S3 multipart upload
In the Amazon RDS Oracle DB engine, the Database Diagnostic Pack and the Database Tuning Pack are only available with ______________
A. Oracle Standard Edition
B. Oracle Express Edition
C. Oracle Enterprise Edition
D. None of these
C. Oracle Enterprise Edition
You have a large number of web servers in an Auto Scaling group behind a load balancer. On an hourly basis, you want to filter and process the logs to collect data on unique visitors, and then put that data in a durable data store in order to run reports. Web servers in the Auto Scaling group are constantly launching and terminating based on your scaling policies, but you do not want to lose any of the log data from these servers during a stop/termination initiated by a user or by Auto Scaling.
What two approaches will meet these requirements?
Choose 2 answers
A. Install an Amazon CloudWatch Logs Agent on every web server during the bootstrap process.
Create a CloudWatch log group and define metric Filters to create custom metrics that track unique visitors from the streaming web server logs. Create a scheduled task on an Amazon EC2 instance that runs every hour to generate a new report based on the CloudWatch custom metrics
B. On the web servers, create a scheduled task that executes a script to rotate and transmit the logs to Amazon Glacier. Ensure that the operating system shutdown procedure triggers a logs transmission when the Amazon EC2 instance is stopped/terminated. Use Amazon Data pipeline to process data in Amazon Glacier and run reports every hour
C. On the web servers, create a scheduled task that executes a script to rotate and transmit the logs to an Amazon S3 bucket. Ensure that the operating system shutdown process triggers a logs transmission when the Amazon EC2 instance is stopped/terminated. Use AWS Data Pipeline to move log data from the Amazon S3 bucket to Amazon Redshift in order to process and run reports every hour
D. Install an AWS Data Pipeline Logs Agent on every web server during the bootstrap process. Create a log group object in AWS Data Pipeline, and define Metric filters to move processed log data directly from the web servers to Amazon Redshift and runs reports every hour
A. Install an Amazon CloudWatch Logs Agent on every web server during the bootstrap process.
Create a CloudWatch log group and define metric Filters to create custom metrics that track unique visitors from the streaming web server logs. Create a scheduled task on an Amazon EC2 instance that runs every hour to generate a new report based on the CloudWatch custom metrics
C. On the web servers, create a scheduled task that executes a script to rotate and transmit the logs to an Amazon S3 bucket. Ensure that the operating system shutdown process triggers a logs transmission when the Amazon EC2 instance is stopped/terminated. Use AWS Data Pipeline to move log data from the Amazon S3 bucket to Amazon Redshift in order to process and run reports every hour
An organization needs a data store to handle the following data types and access patterns
• Faceting
• Search
• Flexible schema (JSON) and fixed schema
• Noise word elimination
Which data store should the organization choose?
A. Amazon Relational Database Service (RDS)
B. Amazon Redshift
C. Amazon DynamoDB
D. Amazon Elasticsearch Service
C. Amazon DynamoDB
A user has setup an RDS DB with Oracle. The user wants to get notifications when someone modifies the security group of that DB. How can the user configure that?
A. It is not possible to get the notifications on a change in the security group
B. Configure SNS to monitor security group changes
C. Configure event notification on the DB security group
D. Configure the CloudWatch alarm on the DB for a change in the security group
C. Configure event notification on the DB security group
A photo-sharing service stores pictures in Amazon Simple Storage Service (S3) and allows application sign-in using an opened connect-compatible identity provider. Which AWS Security Token Service approach to temporary access should you use for the Amazon S3 operations?
A. Cross-Account Access
B. AWS identity and Access Management roles
C. SAML-based Identity Federation
D. Web identity Federation
C. SAML-based Identity Federation
A data engineer is running a DWH on a 25-node Redshift cluster of a SaaS service. The data engineer needs to build a dashboard that will be used by customers. Five big customers represent 80% of usage, and there is a long tail of dozens of smaller customers. The data engineer has selected the dashboarding tool.
How should the data engineer make sure that the larger customer workloads do NOT interfere with the smaller customer workloads?
A. Apply query filters based on customer-id that can NOT be changed by the user and apply distribution keys on customer id
B. Place the largest customers into a single user group with a dedicated query queue and place the rest of the customer into a different query queue
C. Push aggregations into an RDS for Aurora instance. Connect the dashboard application to Aurora rather than Redshift for faster queries
D. Route the largest customers to a dedicated Redshift cluster, Raise the concurrency of the multi-tenant Redshift cluster to accommodate the remaining customers
D. Route the largest customers to a dedicated Redshift cluster, Raise the concurrency of the multi-tenant Redshift cluster to accommodate the remaining customers
You have a web application that is currently running on a collection of micro instance types in a single AZ
behind a single load balancer. You have an Auto Scaling group configured to scale from 2 to 64 instances. When reviewing your CloudWatch metrics, you see that sometimes your Scaling group is running 64 micro instances. The web application is reading and writing to a DyanamoDB-configured backend and configured with 800 Write Capacity units and 800 Read Capacity units. Your customers are complaining that they are experiencing load times when viewing you website. You have investigated the DynamoDB CloudWatch metrics; you are under the provisioned read and Write Capacity units and there is no throttling.
How do you scale your service to improve the load times and ensure the principles of high availability?
A. Change your Auto Scaling group configuration to include multiple AZs
B. Change you Auto Scaling group configuration to include multiple AZs, and increase the number of Read Capacity units in your DynamoDB table by a factor of three, because you will need to be calling DynamoDB from three AZs
C. Add a second load balancer to your Auto Scaling group so that you can support more inbound connections per second
D. Change your Auto Scaling group configuration to use larger instances and include multiple AZs instead of one
D. Change your Auto Scaling group configuration to use larger instances and include multiple AZs instead of one
A user has launched an EC2 instance and deployed a production application in it. The user wants to prohibit any mistakes from the production team to avoid accidental termination. How can the user achieve this?
A. The user can the set DisableApiTermination attribute to avoid accidental termination
B. It is not possible to avoid accidental termination
C. The user can set the Deletion termination flag to avoid accidental termination
D. The user can set the InstanceInitiatedShutdownBehavior flag to avoid accidental termination
A. The user can the set DisableApiTermination attribute to avoid accidental termination
Is creating a Read Replica of another Read Replica supported? A. Only in VPC B. Yes C. Only in certain regions D. No
D. No
