DCT Exam Review

Question 1

A VPC peering connection is a networking connection between two ____ that enables you to _____ traffic between them using private IPv4 or IPv6 addresses.

Answer 1

A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 or IPv6 addresses.

Question 2

Amazon Elastic File System (Amazon EFS) provides a simple, _______, fully _______ elastic NFS file system for use with _____ services and on-premises resources.

Answer 2

Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with Cloud services and on-premises resources.

Question 3

What are some use cases for DynamoDB?

Managing ___ session data

Storing __________ accessed data

Storing metadata for __ objects

Answer 3

Managing web session data

Storing infrequently accessed data

Storing metadata for S3 objects

Question 4

You can create a VPC peering connection between your ______ or with a VPC in another AWS _______

Answer 4

You can create a VPC peering connection between your VPCs, or with a VPC in another AWS account.

Question 5

Kinesis Firehose Destinations include:

Amazon S3

Amazon ________.

Amazon ___________

Splunk

Answer 5

Kinesis Firehose Destinations include:

Amazon S3

Amazon Redshift.

Amazon Elasticsearch

Splunk

Question 6

_______ per instance is an appropriate metric for auto-scaling with SQS.

Answer 6

Backlog per instance is an appropriate metric for auto-scaling with SQS.

Question 7

Elasticsearch allows you to store, ______, and ________ huge volumes of data in near real-time and receive a response in _____________.

Answer 7

Elasticsearch allows you to store, search, and analyze huge volumes of data in near real-time and receive a response in milliseconds.

Question 8

What happens when a load balancer determines that an instance is unhealthy?

Answer 8

What happens when a load balancer determines that an instance is unhealthy?

It stops routing requests to that instance.

Question 9

Kinesis Data Firehose captures, _________, and _____ streaming data that you can deliver to destinations like S3 for later ________

Answer 9

Kinesis Data Firehose captures, transforms, and loads streaming data that you can deliver to destinations like S3 for later analysis

Question 10

EBS volumes cannot be shared by _______ instances

Answer 10

EBS volumes cannot be shared by multiple instances

Question 11

User data can be used to perform common automated ___________ tasks and even run _____ after the instance starts

Answer 11

User data can be used to perform common automated configuration tasks and even run scripts after the instance starts

Question 12

Kinesis Data Streams use cases include:

Real-time metrics and ________

Real-time data ________

Complex stream _________

Answer 12

Kinesis Data Streams use cases include:

Real-time metrics and reporting.

Real-time data analytics.

Complex stream processing.

Question 13

By default, security groups have no ________ rules

By default, a security group includes an ________ rule that ______ all ________ traffic

Answer 13

By default, security groups have no inbound rules.

By default, a security group includes an outbound rule that allows all outbound traffic

Question 14

When to use Elastic Network Interface (ENI):

This is the _____ adapter type for when you don’t have any _____-__________ requirements

Can be used with ___ instance types

Answer 14

When to use Elastic Network Interface (ENI):

This is the basic adapter type for when you don’t have any high-performance requirements

Can be used with all instance types

Question 15

By default, the root volume for an EC2 backed by EBS is deleted when the instance terminates. You can change the default behavior by setting the _______________ attribute to _____ using a block device mapping.

Answer 15

By default, the root volume for an EC2 backed by EBS is deleted when the instance terminates. You can change the default behavior by setting the DeleteOnTermination attribute to false using a block device mapping.

Question 16

Security groups are ________. If you send a request from your instance, the response traffic for that request is_______ regardless of _______ SG rules.

Answer 16

Security groups are stateful. If you send a request from your instance, the response traffic for that request is allowed regardless of inbound SG rules.

Question 17

You cannot create an ________ Read Replica from an __________ master DB instance.

Answer 17

You cannot create an encrypted Read Replica from an unencrypted master DB instance.

Question 18

File Gateway allows on-prem or EC2 instances to store objects in __ via ___ or ___ mount points

Answer 18

File Gateway allows on-prem or EC2 instances to store objects in S3 via NFS or SMB mount points

Question 19

Elastic Fabric Adapter (EFA) should be used with

_____-__________ Computing

Machine Learning use cases.

______ coupled applications.

Can be used with all _______ types.

Answer 19

When to use Elastic Fabric Adapter (EFA)

High-Performance Computing

Machine Learning use cases.

Tightly coupled applications.

Can be used with all instance types.

Question 20

You can change the security groups for an instance when the instance is in the _______ or ______

Answer 20

You can change the security groups for an instance when the instance is in the running or stopped

Question 21

If you need SSL/TLS encryption in transit when connecting to a database from application servers, you should _________ the AWS-provided ____ _________. Use the __________ when connecting to the RDS DB instance.

Answer 21

If you need SSL/TLS encryption in transit when connecting to a database from application servers, you should Download the AWS-provided root certificates. Use the certificates when connecting to the RDS DB instance.

Question 22

When to use Enhanced Network Adapter (ENA)

Good for use cases that require higher __________ and lower inter-instance _______.

Supports ___ instance types only

Answer 22

When to use Enhanced Network Adapter (ENA)

Good for use cases that require higher bandwidth and lower inter-instance latency.

Supports HVM instance types only

Question 23

Kinesis Video Streams Stores data for __ hours by default but can store for up to __ days.

Answer 23

Kinesis Video Streams Stores data for 24 hours by default but can store for up to 7 days.

Question 24

When using Volume Gateway Cached Mode, your primary data is stored in __ with frequently accessed data is _____ ______ on-prem

Answer 24

When using Volume Gateway Cached Mode, your primary data is stored in S3 with frequently accessed data is cached locally on-prem

Question 25

Amazon SQS is ___-based polling, not ___-based if you need ___-based polling, use ___

Answer 25

Amazon SQS is pull-based polling, not push-based if you need push-based polling, use SNS

Question 26

AWS Security Token Service (AWS STS) is the service that you can use to create and provide users with ________ credentials that can control access to your ________

Answer 26

AWS Security Token Service (AWS STS) is the service that you can use to create and provide users with temporary credentials that can control access to your resources

Question 27

An S3 notification can be set up to notify you when objects are _______ from Glacier to S3 standard.

Answer 27

An S3 notification can be set up to notify you when objects are restored from Glacier to S3.

Question 28

Auto Scaling groups cannot launch instances in multiple ______

Answer 28

Auto Scaling groups cannot launch instances in multiple Regions

Question 29

Between ECS and EKS, which is open source and which is AWS proprietary technology?

Answer 29

EKS is a managed version of the open-source tool Kubernetes.

ECS is AWS’ proprietary container management tool.

Question 30

If you need to prevent users in specific countries from accessing your content, you can use the ___________ geo-restriction

Answer 30

If you need to prevent users in specific countries from accessing your content, you can use the CloudFront geo-restriction

Question 31

____-_____ VPC peering connection is when the VPCs are in different _______

Answer 31

Inter-region VPC peering connection is when the VPCs are in different regions

Question 32

Geolocation routing lets you choose the resources that serve your traffic based on the location that ___ queries ________ from

Answer 32

Geolocation routing lets you choose the resources that serve your traffic based on the location that DNS queries originate from

Question 33

What state does an instance have to be in if you want to perform a hot, warm, or cold attach of an enhanced network interface?

Hot attach = ________

Warm attach = ________

Cold attach = ________

Answer 33

What state does an instance have to be in if you want to perform a hot, warm, or cold attach of an enhanced network interface?

Hot attach = Running

Warm attach = Stopped

Cold attach = Launching

Question 34

What do you call it when you attach an enhanced network interface to an instance when it’s running, stopped, or is being launched?

Answer 34

What do you call it when you attach an enhanced network interface to an instance when it’s, when it’s stopped or when the instance is being launched?

Instance is Running = Hot attach

Instance is Stopped = Warm attach

Instance is Launching = Cold attach

Question 35

Multiple Amazon EC2 instances can access an Amazon EFS file system _____________, providing a common data source for workloads and applications running on ________ instances or servers.

Answer 35

Multiple Amazon EC2 instances can access an Amazon EFS file system simultaneously, providing a common data source for workloads and applications running on multiple instances or servers.

Question 36

Scheduled Scaling is ideal for situations where you know ____ and how ____ you will need the additional capacity.

Answer 36

Scheduled Scaling is ideal for situations where you know when and how long you will need the additional capacity.

Question 37

An Aurora global database consists of one primary AWS Region where your data is _______ and up to __ read-only, secondary AWS Regions

Answer 37

An Aurora global database consists of one primary AWS Region where your data is mastered and up to 5 read-only, secondary AWS Regions.

Question 38

File gateway provides a ________ on-premises file server, which enables you to _____ and ______ files as objects in Amazon S3.

Answer 38

File gateway provides a virtual on-premises file server, which enables you to store and retrieve files as objects in Amazon S3.

Question 39

A pre-signed URL is mainly used to ________ access

Answer 39

A pre-signed URL is mainly used to restrict access

Question 40

Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for ________ needs

Answer 40

Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for specialized needs

Question 41

Attaching a second network interface to an instance cannot be used as a method to _______ or _______ the network bandwidth

Answer 41

Attaching a second network interface to an instance cannot be used as a method to increase or double the network bandwidth.

Question 42

Amazon Elastic File System (Amazon EFS) is built to ____ and _____ automatically as you ___ and ___ files, eliminating the need to provision and manage capacity to accommodate growth.

Answer 42

Amazon Elastic File System (Amazon EFS) is built to grow and shrink automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.

Question 43

Enhanced networking provides higher __________, higher _______-___-______ (PPS) performance, and consistently lower inter-instance latencies than Elastic Network Interfaces.

Answer 43

Enhanced networking provides higher bandwidth, higher packet-per-second (PPS) performance, and consistently lower inter-instance latencies than Elastic Network Interfaces.

Question 44

How can you save money on unused EC2 Reserved Instances?

Answer 44

Sell the reserved instances on the Reserved Instance Marketplace.

Question 45

Which service can terminate and replace instances reported as unhealthy by the load balancer?

Answer 45

EC2 Auto Scaling

Question 46

Amazon RDS _____ an SSL certificate and _______ the certificate on the DB instance when Amazon RDS ________ the instance.

Answer 46

Amazon RDS creates an SSL certificate and installs the certificate on the DB instance when Amazon RDS provisions the instance.

Question 47

If you want to modify permissions to an SQS Queue, you’ll have to edit the ________-______ policy that’s ________ to the SQS queue

Answer 47

If you want to modify permissions to an SQS Queue you’ll have to edit the resource-based policy that’s attached to the SQS queue

Question 48

With Elastic Beanstalk, you can quickly _____ and _____ applications in the AWS Cloud without learning about the ___________ that runs those applications.

Answer 48

With Elastic Beanstalk, you can quickly deploy and manage applications in the AWS Cloud without learning about the infrastructure that runs those applications.

Question 49

The instance launched from the _______ launch configuration will be terminated first if you have triggered a scale-in.

Answer 49

The instance launched from the oldest launch configuration will be terminated first if you have triggered a scale-in.

Question 50

You can move a network interface from 1 instance to another if the instances are in different ______ but in the same AZ and VPC

Answer 50

You can move a network interface from 1 instance to another if the instances are in different subnets but in the same AZ and VPC

Question 51

When using VPC peering, you can not have overlapping ____ _____

Answer 51

When using VPC peering, you can not have overlapping CIDR blocks

Question 52

When you reboot an instance, it remains on the same physical host, so your instance keeps its public ___ name, ______ IP address, and any data on its _______ _____ volumes.

Answer 52

When you reboot an instance, it remains on the same physical host, so your instance keeps its public DNS name, private IP address, and any data on its instance store volumes.

Question 53

Amazon Kinesis makes it easy to ______, _______, and ________ real-time, streaming data to get timely insights that allow you to _____ quickly to new information.

Answer 53

Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data to get timely insights that allow you to react quickly to new information.

Question 54

Elastic Fabric Adapter (EFA) enables customers to run applications requiring ____ levels of ____-____ communications at scale on AWS.

Answer 54

Elastic Fabric Adapter (EFA) enables customers to run applications requiring high levels of node-node communications at scale on AWS.

Question 55

You can detach secondary network interfaces when the instance is _______ or _______. However, you can’t detach the _______ network interface in those same states.

Answer 55

You can detach secondary network interfaces when the instance is running or stopped. However, you can’t detach the primary network interface in those states.

Question 56

NACL rules are evaluated by rule number from ______ to ______ and executed immediately when a ________ rule is found.

Answer 56

NACL rules are evaluated by rule number from lowest to highest and executed immediately when a matching rule is found.

Question 57

You cannot enable __________ after the initial _______ of the master DB instance.

Answer 57

You cannot enable encryption after the initial launch of the master DB instance.

Question 58

Your AWS account has default _____, formerly referred to as ______, for each AWS service.

Answer 58

Your AWS account has default quotas, formerly referred to as limits, for each AWS service.

Question 59

Network ACLs are _________, which means that responses to allowed ________ traffic are subject to the rules for _________ traffic and _____-____

Answer 59

Network ACLs are stateless, which means that responses to allowed inbound traffic are subject to the rules for outbound traffic and vice-versa.

Question 60

Volume Gateway is meant for Asynchronous _________ of on-prem data to __

Answer 60

Volume Gateway is meant for Asynchronous replication of on-prem data to S3

Question 61

DynamoDB is highly scalable and supports ______ read units per second and _____ write units per second.

Answer 61

DynamoDB is highly scalable and supports 24,000 read units per second and 3,300 write units per second.

Question 62

CloudFront is not used to create ____ __________ for your application, it is used to ________ access to media content.

Answer 62

CloudFront is not used to create High Availability for your application, it is used to accelerate access to media content.

Question 63

Kinesis Data Firehose is the easiest way to load ________ data into data _____ and ________ tools

Answer 63

Kinesis Data Firehose is the easiest way to load streaming data into data stores and analytics tools

Question 64

A pre-signed URL from S3 gives you more control over access to your content one example is that you can specify the __ ________ or range of __ ________ of the users who can ______ your content.

Answer 64

A pre-signed URL from S3 gives you more control over access to your content one example is that you can specify the IP address or range of IP addresses of the users who can access your content.

Question 65

Simple and Step Scaling policies are more suitable for situations where the load is __________.

Answer 65

Simple and Step Scaling policies are more suitable for situations where the load is unpredictable.

Question 66

Kinesis Data Streams enables real-time processing of streaming ___ _____

Answer 66

Kinesis Data Streams enables real-time processing of streaming big data.

Question 67

Kinesis Video Streams make it easy to securely stream video from ________ devices to AWS for ________, machine learning (ML), and _________

Answer 67

Kinesis Video Streams make it easy to securely stream video from connected devices to AWS for analytics, machine learning (ML), and processing

Question 68

A launch template is similar to a launch configuration in that it specifies instance ___________ information for EC2 instances.

Answer 68

A launch template is similar to a launch configuration in that it specifies instance configuration information for EC2 instances.

Question 69

An advantage of using a launch template instead of a launch configuration is that you can have multiple _______ of a launch template.

Answer 69

An advantage of using a launch template instead of a launch configuration is that you can have multiple versions of a launch template.

Question 70

A launch configuration is an _________ configuration template that an ____ uses to launch EC2 instances.

Answer 70

A launch configuration is an instance configuration template that an ASG’s uses to launch EC2 instances.

Question 71

AWS Import/Export allows you to ____ your portable storage devices to AWS to be uploaded to the ______

Answer 71

AWS Import/Export allows you to mail your portable storage devices to AWS to be uploaded to the cloud

Question 72

When failing over, Amazon RDS simply flips the _____ record for your DB instance to point to the ______, which is promoted to become the new _______.

Answer 72

When failing over, Amazon RDS simply flips the CNAME record for your DB instance to point to the standby, which is promoted to become the new primary.

Question 73

Amazon RDS automatically provisions and maintains a __________ standby replica in a different Availability Zone.

Answer 73

Amazon RDS automatically provisions and maintains a synchronous standby replica in a different Availability Zone.

Question 74

FIFO queues support up to ____ messages per second per API method

Answer 74

FIFO queues support up to 3,000 messages per second per API method

Question 75

Amazon Kinesis Data Analytics, the easiest way to process streaming data in real-time with standard ___

Answer 75

Amazon Kinesis Data Analytics, the easiest way to process streaming data in real-time with standard SQL