Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS > Ch1 - Design Resilient Architectures > Flashcards

Ch1 - Design Resilient Architectures Flashcards

1
Q
  1. A small business specializing in video processing wants to prototype cloud storage in order to lower its costs. However, management is wary of storing its client files in the cloud rather than on premises. They are focused on cost savings and experimenting with the cloud at this time. What is the best solution for their prototype?

Install a VPN, set up an S3 bucket for their files created within the last month, and set up an additional S3-IA bucket for older files. Create a lifecycle policy in S3 to move files older than 30 days into the S3-IA bucket nightly.

Install an AWS storage gateway using stored volumes.

Set up a Direct Connect and back all local hard drives up to S3 over the Direct Connect nightly.

Install an AWS storage gateway using cached volumes.

A

B. Anytime the primary consideration is storage with a local data presence—where data must be stored or seen to be stored locally—a storage gateway gives you the best option. This reduces the choices to B and D. B will store the files in S3 and provide local cached copies, while D will store the files locally and push them to S3 as a backup. Since management is concerned about storage in the cloud of primary files, B is the best choice; local files are the primary source of data, while still allowing the company to experiment with cloud storage without “risking” its data being stored primarily in the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. For which of the following HTTP methods does S3 have eventual consistency? (Choose two.)

PUTs of new objects
UPDATEs
DELETEs
PUTs that overwrite existing objects

A

CD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. What is the smallest file size that can be stored on standard class S3?

1 byte
1 MB
0 bytes
1 KB

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. You’ve just created a new S3 bucket named ytmProfilePictures in the US East 2 region and created a folder at the root level of the bucket called images/. You’ve turned on website hosting and asked your content team to upload images into the images/ folder. At what URL will these images be available through a web browser?

https: //s3-us-east-2.amazonaws.com/ytmProfilePictures/images
https: //s3-website-us-east-2.amazonaws.com/ytmProfilePictures/images
https: //ytmProfilePictures.s3-website-us-east-2.amazonaws.com/images
https: //ytmProfilePictures.s3-website.us-east-2.amazonaws.com/images

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. You have an S3 bucket and are working on cost estimates for your customer. She has asked you about pricing of objects stored in S3. There are currently objects in the buckets ranging from 0 bytes to over 1 GB. In this situation, what is the smallest file size that S3-IA will charge you for?

1 byte
1 MB
0 bytes
128 KB

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Which of the following items are included in an Auto Scaling Launch Configuration? (Choose two.)

The AMI to use for creating new instances
The EBS storage volume for the instances to create
The polling time for monitoring network latency
The IAM role to associate with created instances

A

AD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. How does AWS allow you to add metadata to your EC2 instances? (Choose two.)

Certificates
Tags
Policies
Labels

A

AB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

22 Where are individual EC2 instances provisioned?

In a specific region
In a specific availability zone
In a random availability zone within a specified region
It depends upon the region.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

23 Which of the following can be deployed across availability zones?

Cluster placement groups
Placement groups
Spread placement groups
Cross-region placement groups

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. In what manner are EBS snapshots backed up to S3?

Via full backup according to the backup policy set on the volume
Incrementally
Synchronously
EBS volumes are not stored on S3.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. Which of the following services is used at an on-premises site to build a site-to-site VPN connection?

Storage gateway
Virtual private gateway
Customer gateway
Virtual private network

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. What is the anchor on the AWS side of a site-to-site VPN connection between an on-premises site and AWS?

IPSec tunnel
Virtual private gateway
Customer gateway
VPC

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. How many tunnels for network traffic are involved when a customer gateway connects to an AWS VPC via an AWS-managed VPN connection?

One
Two
Three
It depends on the settings in the AWS VPC.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. You are setting up a site-to-site VPN from an on-premises network into an AWS VPC. Which of the following are steps you may need to perform? (Choose two.)

Set up a public IP address for the customer gateway.
Set up a public IP address for the AWS VPC.
Set up a public IP address for the virtual private gateway.
Set up a public IP address for the VPN tunnels.

A

AC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Which of the following are valid options for storage gateways? (Choose two.)

File gateway
Volume gateway
Cached gateway
Virtual private gateway

A

AB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. You are helping a medium-sized business migrate its large datasets to the cloud. However, the business has limited resources and has long used a tape backup system. It does not want to lose the investment in the software and systems that already have been configured to use this backup system. Which storage gateway would you recommend?

File gateway
Cached volume gateway
Stored volume gateway
Tape gateway

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. You are tasked with prototyping a cloud-based storage solution for a small business. The business’s chief concern is low network latency, as its systems need near-instant access to all of its datasets. Which storage gateway would you recommend?

File gateway
Cached volume gateway
Stored volume gateway
Tape gateway

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
  1. You are the solutions architect for a mapping division that has inherited a massive geospatial dataset from a recent acquisition. The data is all on local disk drives, and you want to transition the data to AWS. With datasets of over 10 TB, what is the best approach to getting this data into AWS?

S3 with Transfer Acceleration
Cached volume gateway
Snowball
Shipping the drives to AWS

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q
  1. Which of the following are not reasons to use a cached volumes storage gateway? (Choose two.)

You want low-latency access to your entire dataset.
You want to reduce the cost of on-site storage.
You want to support iSCSI storage volumes.
You want low-latency access to your most commonly accessed data.

A

AC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q
  1. Which of the following storage gateway options is best for traditional backup applications?

File gateway
Cached volume gateway
Stored volume gateway
Tape gateway

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q
  1. Which of the following storage gateway options is best for applications where latency of your entire dataset is the priority?

File gateway
Cached volume gateway
Stored volume gateway
Tape gateway

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q
  1. Which of the following storage gateway options is best for reducing the costs associated with an off-site disaster recovery solution?

File gateway
Cached volume gateway
Stored volume gateway
Tape gateway

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q
  1. What is the availability of S3 One Zone-IA?
  2. 5%
  3. 9%
  4. 99%
  5. 999999999%
A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q
  1. For which of the following storage classes do you need to specify an availability zone?

S3
S3-IA
S3 One Zone-IA
None of the above

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q
  1. Which of the following are true about S3 data access when traffic spikes (increases)? (Choose two.)

S3 will scale to handle the load if you have Auto Scaling set up.
S3 will scale automatically to ensure your service is not interrupted.
Scale spreads evenly across AWS network to minimize the effect of a spike.
A few instances are scaled up dramatically to minimize the effect of the spike.

A

BC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q
  1. You have been tasked with helping a company migrate its expensive off-premises storage to AWS. It will still primarily back up files from its on-premises location to a local NAS. These files then need to be stored off-site (in AWS rather than the original off-site location). The company is concerned with durability and cost and wants to retain quick access to its files. What should you recommend?

Copying files from the NAS to an S3 standard class bucket
Copying files from the NAS to an S3 One Zone-IA class bucket
Copying the files from the NAS to EBS volumes with provisioned IOPS
Copying the files from the NAS to Amazon Glacier

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q
  1. How many S3 buckets can you create per AWS account, by default?

25
50
100
There is not a default limit.

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q
  1. How are objects uploaded to S3 by default?

In parts
In a single operation
You must configure this option for each S3 bucket explicitly.
Via the REST API

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q
  1. When does AWS suggest you start uploading objects via the Multipart Upload API?

When you’re uploading a lot of files at once
When you’re uploading files of 10 GB or more
When you have multiple applications uploading files to the same S3 bucket
When you need the greatest network throughput for uploads

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q
  1. Which of the following are the ways you should consider using Multipart Upload?

For uploading large objects over a stable high-bandwidth network to maximize bandwidth
For uploading large objects to reduce the cost of ingress related to those objects
For uploading any size files over a spotty network to increase resiliency
For uploading files that must be appended to existing files

A

AC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q
  1. How is a presigned URL different from a normal URL? (Choose two.)

A presigned URL has permissions associated with certain objects provided by the creator of the URL.
A presigned URL has permissions associated with certain objects provided by the user of the URL.
A presigned URL allows access to private S3 buckets without requiring AWS credentials.
A presigned URL includes encrypted credentials as part of the URL.

A

AC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q
  1. Which of the following can be put behind a presigned URL?

An S3 object store
An EC2 instance with a web interface
An AWS CloudFront distribution
All of the above

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q
  1. How long is a presigned URL valid?

60 seconds
60 minutes
24 hours
As long as it is configured to last

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q
  1. What is the consistency model in S3 for PUTs of new objects?

Write after read consistency
Read after write consistency
Eventual consistency
Synchronous consistency

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q
  1. How many PUTs per second does S3 support?

100
1500
3500
5000

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q
  1. What are the two styles of URLs that AWS supports for S3 bucket access? (Choose two.)

Virtual-hosted-style URLs
Domain-hosted-style URLs
Apex zone record URLs
Path-style URLs

A

AD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q
  1. What is an AWS storage gateway?

A device to reside at a customer site that is part of a VPN connection between an on-premises site and AWS
A device that enables an on-premises site to upload files to S3 faster than over the public Internet
A device to facilitate large data migrations into S3
A device that can be used to cache S3-stored objects at an on-premises site

A

D. AWS storage gateway is a virtual appliance that allows on-premises sites to interact with S3 while still caching (in certain configurations) data locally.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q
  1. Which of the following statements is not true about an AWS storage gateway?

It is a virtual appliance.
It is available as both a physical and virtual appliance.
It caches data locally at a customer site.
It interacts with S3 buckets.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q
  1. Which of the following are not true about S3? (Choose two.)

Buckets are created in specific regions.
Bucket names exist in a per-region namespace.
Buckets are object-based.
Each S3 bucket stores up to 5 TB of object data.

A

BD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q
  1. Which of the following consistency models are supported by S3? (Choose two.)

Read after write consistency
Synchronous consistency
Write after read consistency
Eventual consistency

A

AC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q
  1. Which of the following is the best approach to ensuring that objects in your S3 buckets are not accidentally deleted?

Restrictive bucket permissions
Enabling versioning on buckets
Enabling MFA Delete on buckets
All of these options are equally useful.

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q
  1. What HTTP request header is used by MFA Delete requests?

x-delete
x-amz-mfa
x-aws-mfa
x-amz-delete

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q
  1. Which of the following operations will take advantage of MFA Delete, if it is enabled? (Choose two.)

Deleting an S3 bucket
Changing the versioning state of a bucket
Permanently deleting an object version
Deleting an object’s metadata

A

B, C. MFA Delete applies to deleting objects, not buckets (so option A is incorrect). It affects changing the versioning state of a bucket or permanently deleting any object (or a version of that object); this makes B and C correct. Deleting an object’s metadata while leaving the object intact does not require MFA Delete.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q
  1. Who can enable MFA Delete on an S3 bucket?

All authorized IAM users of the bucket
All authorized IAM users that can update the bucket
The bucket owner
The root account that owns the bucket

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q
  1. Which of the following exist and are attached to an object stored in S3? (Choose two.)

Metadata
Data
Authentication ID
Version history

A

AB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q
  1. Which of the following is the AWS mechanism for adding object metadata using the AWS console?

Labels
Tags
Metadata
Object name

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q
  1. Which of the following is the exception to S3 storing all versions of an object?

When an object is deleted via MFA Delete
When all of the versions of an object are deleted
When an object’s current version is deleted
There are no exceptions.

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q
  1. CloudFront is a web service for distributing what type of content? (Choose two.)

Object-based storage
Static files
Script-generated or programmatically generated dynamic content
All of the above

A

BC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q
  1. Which of the following are not origin servers for a CloudFront distribution? (Choose two.)

Docker containers running on ECS
MySQL ResultSet
S3 buckets
Redshift workloads

A

BD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q
  1. Which of the following are not origin servers for a CloudFront distribution? (Choose two.)

Elastic load balancer
Route 53 recordsets
SQS subscription endpoint
SNS topic retrieval endpoint

A

CD
CloudFront is able to distribute content from an ELB, rather than directly interfacing with S3, and can do the same with a Route 53 recordset. These allow the content to come from multiple instances. This means that options C and D are invalid origin servers and therefore the correct answers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q
  1. What is a collection of edge locations called?

Region
Availability zone
CloudFront
Distribution

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q
  1. Which of the following are true about edge locations? (Choose two.)

Edge locations are readable.
Edge locations are read-only.
Edge locations are write-only.
Edge locations are writable.

A

AD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q
  1. To which of the following can objects be written? (Choose two.)

Edge locations
EC2 instances
S3 buckets
Availability zones

A

AC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q
  1. What does TTL stand for?

Time to Live
Total Time to Live
Total traffic life
Traffic total life

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q
  1. You support a web application that uses a CloudFront distribution. A banner ad that was posted the previous night at midnight has an error in it, and you’ve been tasked with removing the ad so that users don’t see the error. What steps should you take? (Choose two.)

Delete the banner image from S3.
Remove the ad from the website.
Wait for 24 hours and the edge locations will automatically expire the ad from their caches.
Clear the cached object manually.

A

BD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q 
106. By default, how long do edge locations cache objects?
12 hours
24 hours
48 hours
360 minutes
A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q
  1. How are datasets utilized by stored volumes backed up to S3?

Asynchronously
Synchronously
The backup method is specified by the user at configuration time.
Synchronously unless the backup takes more than 2 seconds; then the backup switches to asynchronous

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q
  1. Which of the following is equivalent to a tape volume?

VTL
VPC
NetBackup
VPN

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q
  1. When should you use AWS Direct Connect instead of Snowball?

AWS Direct Connect is usually a better option than Snowball.
AWS Direct Connect is almost never a better option than Snowball.
If you have more than 50 TB of data to transfer, use Snowball.
If you have less than 50 TB of data to transfer, use Snowball.

A

C

60
Q
  1. What is the difference between Snowball and Snowball Edge?

Snowball is for data transfer; Snowball Edge provides local data processing prior to returning the data to AWS.
Snowball Edge is for data transfer; Snowball provides local data processing prior to returning the data to AWS.
Snowball and Snowball Edge are both for data transfer, but Snowball Edge offers caching when the data arrives at AWS.
Snowball and Snowball Edge are both for data transfer, but Snowball Edge offers additional storage capacity.

A

A

61
Q
  1. Which of the following can Snowball do?

Import data into S3 (but not export data)
Export data from S3 (but not import data)
Import data into S3 and export data from S3
Snowball can import data into S3, but only Snowball Edge can export data from S3.

A

C

62
Q
  1. Which of the following AWS services can be used to store large objects? (Choose two.)

Redshift
S3
Oracle
EC2

A

BC

63
Q
  1. How would you speed up transfers of data to S3?

Use Snowball to transfer large files more quickly.
Enable S3 Transfer Acceleration.
Configure AWS to use multiple network paths to your S3 bucket.
Configure AWS to use an internet gateway for routing traffic to your S3 buckets.

A

B

64
Q
  1. What users would benefit most from S3 Transfer Acceleration?

Users geographically closest to your S3 buckets
Users geographically farthest from your S3 buckets
Users taking advantage of HTTPS for uploads
All users equally benefit.

A

B

65
Q
  1. Which of the following are good reasons to use S3 Transfer Acceleration? (Choose two.)

You have customers that upload to your buckets from around the world.
You have customers complaining about performance of your applications.
You transfer gigabytes of data on a regular basis across continents.
You are seeing network latency in uploads to your S3 buckets.

A

A, C. The key here is to understand which problems will be solved by Transfer Acceleration versus which ones might be solved. With Transfer Acceleration, you’re generally looking at problems related to large datasets being transferred over significant distances. In this case, that’s A and C. While performance (B) and latency (D) might be connected to transfer speeds, there’s no guarantee of that, so those are both incorrect answers.

66
Q
  1. You have your own custom domain and want to host a dynamic website on that domain. You also want to minimize compute costs. Which of the following AWS services would you use to host your website on your custom domain? (Choose two.)

S3
EC2
Lambda
Route 53

A

CD

67
Q
  1. Which of the following does Elastic Beanstalk not provide? (Choose two.)

Deployment of code
Security hardening
Application health monitoring
Log inspection and backup

A

BD

68
Q
  1. Which of the following does Elastic Beanstalk support? (Choose two.)

Docker
C++
Scala
Node.js

A

AD

69
Q
  1. Which of the following database technologies does Elastic Beanstalk support? (Choose two.)

All AWS-supported RDS options
DynamoDB
Oracle running on EC2
Redshift

A

AB

70
Q
  1. Which of the following AWS services allow you to run code without worrying about provisioning specific resources for that code? (Choose two.)

Elastic Beanstalk
ECS
DynamoDB
Lambda

A

AD

71
Q
  1. What type of services are associated with Amazon Lightsail?

Storage services
Networking services
Compute services
All of the above

A

D

72
Q
  1. What type of services are associated with Elastic Beanstalk?

Storage services
Networking services
Compute services
All of the above

A

C

73
Q
  1. What type of services are associated with Redshift?

Storage services
Networking services
Database services
All of the above

A

C

74
Q
  1. What type of services are associated with CloudFront?

Storage services
Networking services
Compute services
Both B and C

A

B

75
Q
  1. What type of services are associated with EMR?

Storage services
Analytic services
Compute services
Networking services

A

B

76
Q
  1. What type of services are associated with Cloud9?

Storage services
Analytic services
Developer services
Networking services

A

C

77
Q
  1. What type of services are associated with Workspaces?

Mobile services
Analytic services
Developer services
Desktop services

A

D

78
Q
  1. Which of the following statements do not describe a region? (Choose two.)

A region is an area with specific AWS managed services (compute, networking, storage, etc.).
A region is a virtual data center with built-in redundancy.
A region is a collection of availability zones for redundancy.
A region is a geographic area with at least two virtual data centers.

A

A, B. AWS will always ask at least a few questions related to regions and availability zones. As long as you read these carefully, they should be easy correct answers. A region is a geographical area with redundancy within it, through at least two availability zones. Option A is false as services are not tied to regions. B is false because a region contains virtual data centers; it is not itself a virtual data center.

79
Q
  1. Which of the following statements do not describe an availability zone? (Choose two.)

An availability zone hosts your compute instances.
An availability zone provides redundancy for your applications.
An availability zone is isolated from other availability zones except with regard to networking.
An availability zone contains virtual data centers.

A

B, D. Availability zones are virtual data centers (which makes D false, as AZs do not contain data centers) and are isolated from each other except through low-latency network links. So C is true (and therefore incorrect), and A is true, as AZs definitely host compute resources. That leaves B in addition to D. B is not describing an AZ as an AZ does not itself provide redundancy. It’s the combination of AZs that does this work.

80
Q
  1. Which of the following statements are true about availability zones? (Choose two.)

An elastic IP is always tied to one specific availability zone.
A region always contains two availability zones.
An availability zone’s name (for example, us-east-1a) may change across AWS accounts.
You can specify an availability zone in which to launch your instance when creating the instance.

A

CD

81
Q
  1. Which of the following is a valid availability zone identifier within AWS?

us-east-2b
eu-west-1
us-west-az-1
az-sa-east-1a

A

A?

82
Q
  1. Which of the following can you use reserved instances with?

RDS
EC2
Both A and B
None of the above

A

C

83
Q
  1. For which of the following can you use reserved instances?

RDS Multi-AZ deployments.
RDS standard deployments
ElastiCache nodes
All of the above

A

D

84
Q
  1. In which situations will an RDS instance with Multi-AZ configured fail over? (Choose two.)

When you manually force a failover
When the primary zone is unreachable
When the secondary zone is unreachable
When two successive database reads fail

A

AB

85
Q
  1. Which of the following can you select when you create an RDS instance? (Choose two.)

The type of database to use
The number of network connections to allow before failing over
The number of database processes to allow
The availability zone to deploy the instance to

A

AD

86
Q
  1. Which of the following may happen when you have a single-AZ RDS database and a backup begins? (Choose two.)

Latency increases.
Database responses may temporarily slow.
The database goes offline temporarily.
Network requests will fail for up to a minute.

A

AB

87
Q
  1. Which of the following database engines are available for RDS? (Choose two.)

Hyperion
Cassandra
Oracle
SQL Server

A

CD

88
Q
  1. Which of the following is true about RDS? (Choose two.)

Reserved instances can be used for Multi-AZ deployments.
Automated backups are turned off by default.
Every database supported by RDS can also be installed directly on EC2 instances.
All RDS databases support SQL as an interface.

A

AD

89
Q
  1. Which of the following is best suited for data warehousing?

redis
Oracle
DynamoDB
Redshift

A

D

90
Q
  1. Which of the following is best suited for big data processing?

EMR
QuickSight
ElastiCache
Athena

A

A. EMR, Elastic MapReduce, is ideal for big data processing. Is uses the Hadoop and Spark frameworks and is a managed service for processing very large datasets.

91
Q
  1. Which of the following is best suited for interactive analytics?

EMR
QuickSight
Kinesis
Athena

A

D

92
Q
  1. How many copies of data does Aurora store by default?

One
Three
Four
Six

A

D

93
Q
  1. In an RDS, managed service capacity, which of the following databases is most resistant to disaster by default?

Aurora
Oracle
MySQL
They are all equivalent.

A

A

94
Q
  1. Which of the following is allowed on your RDS instance? (Choose two.)

SSH
SQL queries
RDP
HTTP-accessible APIs

A

BD

95
Q
  1. What is the maximum backup retention period allowed by RDS, in days?

15 days
30 days
35 days
45 days

A

C

96
Q
  1. Which of the following does a read replica support? (Choose two.)

Reads from applications
Writes to applications
Writes from the primary instance
Writes from applications using the RDS API

A

AC

97
Q
  1. Which of the following does a Multi-AZ setup not provide?

Disaster recovery
Data redundancy
Improved performance
Access to all RDS databases

A

C

98
Q
  1. Which of the following does a Multi-AZ setup provide?

Decreased network latency
Synchronous replication
Asynchronous replication
Multiple read sources for applications

A

B

99
Q
  1. Which of the following does a read replica provide?

Increased network latency
Synchronous replication
Disaster recovery
Asynchronous replication

A

D

100
Q
  1. Which of the following is associated with read replicas?

High scalability
Primary and secondary instances
High durability
Automatic failover

A

A

101
Q
  1. Which of the following is associated with Multi-AZ RDS?

Manual backup configuration
Independent database upgrades
High durability
More than two database instances

A

C. A Multi-AZ setup is about disaster recovery, and therefore durability. They provide automatic backups (so not A), upgrades happen on the primary database and then are replicated (so not B), and there is a primary and usually a single secondary instance (so not D). That leaves C: durability.

102
Q
  1. How many read replicas are supported in a read replica setup?

Three
Five
Seven
Unlimited (although cost applies for each replica)

A

B

103
Q
  1. Which of the following databases do not support a read replica setup? (Choose two.)

DynamoDB
Redshift
MySQL
MariaDB

A

AB

104
Q
  1. Which of the following statements about DynamoDB are true? (Choose two.)

DynamoDB offers push-button scaling.
DynamoDB supports read replicas.
DynamoDB databases can scale up without needing a bigger underlying instance.
DynamoDB instance sizes are selected at runtime.

A

AC

105
Q
  1. Which of the following statements about DynamoDB are true? (Choose two.)

DynamoDB is more difficult to scale than RDS.
DynamoDB uses SSD storage.
DynamoDB is spread across at least three regions.
DynamoDB uses magnetic storage.

A

BC

106
Q
  1. What is the default consistency model for DynamoDB?

Eventually consistent reads
Immediately consistent reads
Eventually pristine reads
Eventually consistent writes

A

A

107
Q
  1. Which of the following are supported consistency models for DynamoDB? (Choose two.)

Eventually consistent reads
Strongly consistent writes
Immediately consistent reads
Strongly consistent reads

A

AD

108
Q
  1. You are a solutions architect for a data-driven company using DynamoDB. They want to ensure always-accurate responses, so they have enabled strongly consistent reads. However, API calls to read data sometimes do not immediately return, and sometimes fail. What possible causes could there be? (Choose two.)

A recent write was made and is not yet complete. As a result, a read operation is delayed waiting on the write operation to complete.
A recent write was made and is replicating to the secondary instance. Until that replication completes, the read operation will lag.
A network outage has interrupted a recent read, and subsequent reads of that data are delayed as a result.
A network outage has interrupted a recent write, and subsequent reads of that data are delayed as a result.

A

AD

109
Q
  1. Which of the following can an EC2 instance in a public VPC be assigned? (Choose two.)

A private IP address
An elastic IP address
An IPv6 address
Both A and B

A

CD

110
Q
  1. What does the SWF in Amazon SWF stand for?

Simple Workflow
Simple Workflow Formation
Simple Web Forms
Simple Working Automation

A

A

111
Q
  1. How are requests and responses to SWF sent and received?

Via the AWS-specific API using application keys
Via HTTP request and response codes
Via web-accessible language-specific endpoints
All of the above

A

B

112
Q
  1. How does SWF communicate?

Synchronously
Asynchronously
Both A and B
Neither A nor B

A

C

113
Q
  1. What does SES stand for in Amazon SES?

Simple Electronic Service
Simple Email Service
Scalable Elastic Service
Sample Engagement Service

A

B

114
Q
  1. Which of the following terms are associated with SQS? (Choose two.)

Tasks
Messages
Notifications
Worker node

A

BD

115
Q
  1. Which of the following terms are associated with SNS? (Choose two.)

Subscription
Topic
Message
Queue

A

AB

116
Q
  1. How many times are tasks assigned in SWF?

Once and only once
Once in general, but a task can be reassigned if it fails
Up to three times within the set polling period
A and C are both valid, depending upon the workflow configuration.

A

A

117
Q
  1. How are topics represented in SNS?

By a linked list
By an Amazon Resource Name
By an IAM role
By a named message

A

B

118
Q
  1. What is a collection of related SWF workflows called?

A group
A policy
A domain
A cluster

A

C

119
Q
  1. How are messages arranged in an SQS queue by default?

FIFO
LIFO
In reverse order, that is, the last message received is the first available, as much as is possible
In the order in which they were received, as much as is possible

A

D

120
Q
  1. Into how many subnets must an ALB be deployed (at a minimum)?

One
Two
Three
Five

A

B

121
Q
  1. What is the size of the default subnet in each availability zone within the default VPC?

/20
/16
/28
/24

A

A

122
Q
  1. Which of the following statements are true? (Choose two.)

The default VPC has a NACL created by default.
All incoming traffic is allowed by the default security group on a VPC.
All outgoing traffic is allowed by the default security group on a VPC.
The default security group for the default VPC allows inbound HTTP traffic.

A

AC

123
Q
  1. Which of the following are created automatically for the default VPC but not for custom VPCs? (Choose two.)

A route table
A subnet
A security group allowing outbound traffic
An internet gateway

A

BD

124
Q
  1. All EC2 instances in the default VPC have which of the following by default? (Choose two.)

An elastic IP address
A public IP address
A private IP address
HTTP access for incoming requests

A

BC? All EC2 instances in the default VPC have both a public and private IP address. They do not have an elastic IP address, and the security group that is created by default does not allow any inbound traffic (until changed manually).

125
Q
  1. You created a new instance in the default VPC. You want this instance to be publicly available and serve web content. What steps do you need to take? (Choose two.)

Create an private IP for the instance.
Create a public IP for the instance.
Neither A nor B, these are done automatically.
Update the security group to allow traffic over HTTP and HTTPS to the instance.

A

CD

126
Q
  1. You created a new instance in a custom VPC. You want this instance to be publicly available and serve web content. What steps do you need to take? (Choose two.)

Create an elastic IP for the instance.
Create an internet gateway for the VPC.
Update the security group to allow traffic over HTTP and HTTPS to the instance.
Both A and B

A

CD

127
Q
  1. Which of the following statements about a VPC endpoint are true? (Choose two.)

It is a hardware device.
It is a virtual device.
It is automatically redundant.
It scales vertically.

A

BC

128
Q
  1. Which of the following can a VPC interface endpoint connect to? (Choose two.)

An API gateway
A VPN
A Kinesis data stream
DynamoDB

A

AC

129
Q
  1. At what level do security groups operate?

The subnet level
The VPC level
The instance level
All of the above

A

C

130
Q
  1. How many VPCs can you create in a single AWS region by default?

3
5
10
20

A

B

131
Q
  1. You have created a custom VPC, created instances within that VPC, and stood up web servers on those instances. What are the simplest steps you might need to perform to serve this web content to the public Internet? (Choose two.)

Add an internet gateway to the VPC.
Create a NAT gateway for the instances.
Create an ALB and point it at the instances.
Set a public IP for the instances.

A

AD

132
Q
  1. You have created a custom VPC, created instances within that VPC, attached an internet gateway to the VPC, and stood up web servers on those instances. However, users are unable to access the web content. What might be the problem? (Choose two.)

The security group doesn’t allow outbound HTTP traffic.
The security group doesn’t allow inbound HTTP traffic.
The instances don’t have elastic IP addresses.
The NACL for the VPC’s subnet allows all inbound traffic.

A

BC

133
Q
  1. Which of the following statements is false?

A subnet cannot span multiple availability zones.
A VPC can peer with no more than two other VPCs.
A VPC can peer with VPCs in other AWS accounts.
A subnet can be public or private if a VPC has an internet gateway attached.

A

B

134
Q
  1. How do you change a VPC that is set to use dedicated hosting tenancy to use default tenancy?

You can change the hosting tenancy of the VPC without affecting the running instances.
Stop all instances in the VPC, and then you can change the VPC’s hosting tenancy.
Remove all instances in the VPC, and then you can change the VPC’s hosting tenancy.
You can’t; you must re-create the VPC.

A

D

135
Q
  1. Which types of content can CloudFront cache?

Static and dynamic content
Static content, but not dynamic content
Dynamic content, but not static content
CloudFront is not a caching mechanism.

A

A

136
Q
  1. You have a custom VPC with a public subnet. The VPC has an internet gateway attached to it. What else should you do to ensure that instances within the subnet can reach the Internet?

Add a route to the route table that directs traffic directed at the public Internet to go through the internet gateway.
Add a rule to the security group allowing outbound traffic out via HTTP.
Ensure that each instance has a public IP address.
The instances should have public access with this configuration already.

A

A

137
Q
  1. You are tasked with creating a new VPC for a large company, hosting a fleet of instances within the VPC, and ensuring that they can write to the company’s S3 buckets and also be accessed via a REST API that they each host. Which of the following would be part of your proposed solution? (Choose two.)

A customer gateway
An internet gateway
A VPC endpoint
A new NACL

A

BC

138
Q
  1. You are tasked with hosting a fleet of instances within the default VPC of a company’s AWS account and ensuring that the instances can write to the company’s S3 buckets and also be accessed via a REST API that they each host. Which of the following would be part of your proposed solution? (Choose two.)

A customer gateway
An internet gateway
A VPC endpoint
An updated set of rules for the NACL

A

CD

139
Q
  1. You have been asked to troubleshoot a Direct Connect connection between your company’s on-site data center and a subnet within a public VPC. You have confirmed that you can reach the instances in the VPC from your data center, but those instances cannot reach back to your data center. What would you investigate? (Choose two.)

The VPC subnet’s routing table
The on-site storage gateway
The NAT instance in your VPC
The virtual private gateway configuration

A

A, D. The most likely culprits are the routing table of the VPC subnet and the virtual private gateway. A storage gateway (B) is not part of a Direct Connect solution, nor is a NAT instance (C).

140
Q
  1. What is route propagation with respect to a virtual private gateway?

It copies all routes from an on-site network to an AWS VPC’s subnets routing tables.
It helps avoid manually entering VPN routes into your VPC routing tables.
It automatically allows inbound traffic from your on-premises connection.
It enables storage-based traffic from a customer’s storage gateway.

A

B

141
Q
  1. What URL provides you with the public and private IP addresses of running EC2 instances?

http: //169.254.169.254/meta-data/
http: //169.254.169.254/latest/meta-data/
http: //169.254.169.254/instance-data/
http: //169.254.169.254/latest/instance-data/

A

B

142
Q
  1. You have been called in to mitigate a disastrous loss of data on S3 at a bioethics company. After investigating, it is determined that the data was deleted accidentally by a developer. The company wants to ensure that data cannot be accidentally deleted like this in the future. What would you suggest? (Choose two.)

Enable S3 versioning on all S3 buckets.
Create an IAM policy that disallows developers from deleting data in S3.
Replace the current access pattern with signed URLs.
Enable MFA Delete on the buckets.

A

AD

143
Q
  1. How many instances can you launch in a given AWS region?

20
40
20, but this is a soft limit and can be increased by AWS
40, but this is a soft limit and can be increased by AWS

A

C

144
Q
  1. What is the simplest way to reduce frequent scaling in an application? For example, if an application is showing that it’s scaling up and down multiple times in an hour, how would you reduce the number of “ups and downs” you are seeing?

Set up scheduled times with proactive cycling for the scaling so that it is not occurring all the time.
Increase the cooldown timers so that scaling down requires greater thresholds of change in your triggers.
Update CloudWatch to use a FIFO termination policy, only terminating the oldest instances in a scaledown.
None of these will improve the issue.

A

B

145
Q
  1. Which of these steps are required to get a NAT instance working? (Choose two.)

Update the routing table for EC2 instances accessing the public Internet to go through the NAT instance.
Locate the NAT instance within the private subnet that it will be serving.
Disable source/destination checks on your instance.
Set the NAT instance to allow port forwarding from the private subnet.

A

AC

146
Q
  1. Which of these is not a default CloudWatch metric?

Disk read operations
Memory usage
CPU usage
Inbound network traffic

A

B

147
Q
  1. You have an existing fleet of EC2 instances in a public subnet of your VPC. You launch an additional instance from the same AMI as the existing instances, into the same public subnet. What steps might you need to take to ensure that this instance can reach the public Internet? (Choose two.)

Assign an elastic IP address to the instance.
Add the instance to the ELB serving the existing instances.
Add the instance into a private subnet.
Ensure that the instance has a route out to the Internet.

A

A, B. The instance will need an elastic IP for public communication (A) and should be behind the same ELB as the other instances (B). Adding it into a private subnet (C) will remove its ability to communicate with the public Internet. D looks good, but if the instance is in the same subnet as the other instances, it automatically gets their routes; routing tables apply to the subnet, not a specific instance.

AWS (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions