Exam

Question 1

What 2 things should you do to improve the deployment time of an Elastic Beanstalk application that has a lot of dependencies?

Answer 1

• Create a Golden AMI with your application

- Create a new Beanstalk Environment for each application and apply blue/green pattern

Question 2

What gateway should you use if you would like to replace your on-premise NFS v3 drive with something that will leverage the huge capacity of Amazon S3?

Answer 2

• File Gateway

Question 3

Your bank has an on-premise key store and wants to migrate it to the cloud. It needs to support asymmetrical encryption. What service do you recommend?

Answer 3

Cloud HSM

Question 4

What are 3 reasons why a website cannot connect to the database anymore?

Answer 4

• DB Security Group inbound rules have changed
• NACL inbound rules have changed
• NACL outbound rules have changed

Question 5

When deleting a CLoudformation stack, what should you do to keep a snapshot of the EBS volumes for backup and compliance purposes?

Answer 5

Use DeletionPolicy=Snapshot

Question 6

How can you gain access AWS ISO Certs?

Answer 6

Use AWS Artifact

Question 7

How should MFA-Delete be enabled on an S3 bucket?

Answer 7

Use the root account with the CLI

Question 8

You have an ASG in which the Terminate process is suspended. Your ASG goes into a rebalance, what will happen?

Answer 8

The rebalance will start and the EC2 instances will launch. The ASG will grow to 10% of its size and they will not terminate.

Question 9

What is the best way to properly get billing reports for the different company departments?

Answer 9

Use Cost Allocation Tags

Question 10

How do you share an AMI with other AWS accounts that belong to the same organization?

Answer 10

Edit the account list that can see the AMI from the AMI console UI and the other accounts can start using it.

Question 11

What do you do if you want to monitor the number of users that are connected over time, in each region?

Answer 11

Create one Cloudwatch Dashboard and add a graph per region using the region selector in the top right corner of the AWS console

Question 12

What can you do to access EC2 logs that are part of a Cloudformation stack using cfn-init?

Answer 12

Set On_Failure=Do_Nothing to give you time to debug the logs

Question 13

Do you need an IAM role to submit an cfn signal?

Answer 13

no

Question 14

How can you automate restarting an app if the CPU exceeds a limit?

Answer 14

Create a Cloudwatch Alarm when CPU Utilization reaches 100% for 3 periods out of 5 minutes and trigger an EC2 reboot action