General

Question 1

Can a clustered placement group span availability zones?

Answer 1

No

Question 2

Can a spread placement group span availability zones?

Answer 2

Yes

Question 3

Context of a placement group’s name: Global, Regional, Account, Availability Zone

Answer 3

AWS account

Question 4

At which levels can VPC Flow Logs be created?

Answer 4

Subnet Level
VPC Level
Network Interface Level

Question 5

What is the chief advantage of using VPC endpoints to connect your VPC to services such as S3?

Answer 5

Traffic between your VPC and the other service does not leave the Amazon network.

Question 6

When you create a new security group, all outbound traffic is allowed. True or False

Answer 6

True

Question 7

You created a custom VPC with an instance but forgot to assign an IP to the instance. How would you make the instance accessible from the internet?

Answer 7

Create an Internet gateway and an Elastic IP address. Associate the Elastic IP with the EC2 instance.

Question 8

By default, instances in new subnets in a custom VPC can communicate with each other across Availability Zones. True or False?

Answer 8

True

Question 9

What is the purpose of an Egress-Only Internet Gateway?

Answer 9

• Prevents IPv6 based Internet resources initiating a connection into a VPC
• Allows VPC based IPv6 traffic to communicate to the Internet

Question 10

When I create a new security group, all outbound traffic is allowed by default. True or False

Answer 10

True

Question 11

True or False: A subnet can span multiple Availability Zones.

Answer 11

False - A subnet must be associated to one AZ

Question 12

When you create a custom VPC, what is created automatically?

Answer 12

Access Control List
Security Group
Route Table

Question 13

True or False: An Application Load Balancer must be deployed into at least two subnets.

Answer 13

True

Question 14

Maximum responce time for premium level support

Answer 14

1 hour

Question 15

Which RDS database engines have a limit to the number of databases that can run per instance?

Answer 15

Oracle

SQL Server

Question 16

Two ways to increase read speeds in RDS

Answer 16

• Place the RDS instances behind an ElastiCache instance.

- Migrate the database from MySQL to Aurora for better performance.

Question 17

Configuration to increase network throughput for EC2-based application

Answer 17

Spread the Instances over multiple AZs to minimize the traffic concentration and maximize the fault tolerance.

Question 18

URL formats supported by S3

Answer 18

http: //s3-aws-region.amazonaws.com/mynewbucket
http: //mynewbucket.s3-aws-region.amazonaws.com

Question 19

What is Kineses used for

Answer 19

Streaming large amounts of data into the cloud

Consume Big Data

Question 20

What is RedShift for

Answer 20

Business Intelligence

Question 21

What is Elastic Map Reduce for?

Answer 21

Big data processing

Question 22

What is Elastic Transcoder?

Answer 22

Media Transcoder in the cloud
Paid per minute of use and quality (resolution)
Transcoding presets are built in, so no guessing of settings.

Question 23

What is Simple Workflow

Answer 23

AWS Workflow in the cloud

Question 24

What are the WorkFlow Actors?

Answer 24

1. Workflow starters - an application that can initiate the workflow
2. Deciders - controls the flow of work. When a step is completed or failed, the decider controls what happens next.
3. Activity workers - Carries out the work item

Question 25

What is Athena

Answer 25

Amazon Athena is an interactive query service that makes it easy to analyze data directly in Amazon Simple Storage Service (Amazon S3) using standard SQL.

Question 26

In which regions are inter-regional VPC peerings supported?

Answer 26

US East (N. Virginia), US East (Ohio), US West (Oregon) and EU (Ireland). Inter-region data transfer rates apply.

Question 27

Can VPC peers share the same CIDR blocks?

Answer 27

No - Each peered VPC must have a unique CIDR block

Question 28

True or False, VPC peering supports transitive peering.

Answer 28

False: VPC Peering only supports 1 to 1 peering.

Question 29

What is Security Token Service

Answer 29

Grants users limited and temporary access to AWS resources.

Question 30

From what three sources can STS users come?

Answer 30

1. Federation - Typically Active Directory
   a. Uses SAML 2.0
   b. Grants temp access based on AD - does not need
   IAM user
   c. Single Sign On
2. Federation with Mobile Apps such as Facebook.
3. Supports cross account access.

Question 31

STS Process

Answer 31

1. Use an identity broker that will communicate with your LDAP
2. IB Auths first against LDAP, then against STS
3. App gets temp access to AWS resource.
   a. App may assume IAM role per AWS policy

Question 32

Can you login into AWS using ADFS?

Answer 32

Yes - Uses SAML

Question 33

What is Amazon Workspace

Answer 33

VDI in the cloud. Virtual desktops

Question 34

Do you need an AWS account for users of Workspaces?

Answer 34

No

Question 35

What permissions are users granted on their VDI by default?

Answer 35

Administrator. This can be customized.

Question 36

On what drive should user data be stored?

Answer 36

D drive

Question 37

How often in the D:\ drive backed up?

Answer 37

Every 12 hours

Question 38

True or false: By default, users can adjust their experience, including wallpaper, icons, etc.

Answer 38

True. However, this can be limited by administrators.

Question 39

Can ECS clusters contain multiple container types?

Answer 39

Yes

Question 40

True or False, ECS clusters can span multiple regions?

Answer 40

False - EC2 clusters are region specific

Question 41

True or false, Container instances can be part of only one cluster at a time

Answer 41

True

Question 42

What types of scheduling does ECS support?

Answer 42

1. Service scheduler - Ensures a certain number of tasks are running.
2. Custom scheduler - Ability to create schedules to meet your business needs.

Question 43

Does ECS scheduler support 3rd party schedulers?

Answer 43

Yes

Question 44

True or False - ECS tasks can be registered with ELB?

Answer 44

True

Question 45

True or False, ECS instances require an ECS agent to participate in ECS clusters?

Answer 45

True - The agent is included in the Amazon Optimized Container image, but it can be installed on others.

Question 46

True or False: ECS agents work with Windows OS?

Answer 46

False - ECS agent is Linux only

Question 47

At which of the following levels can VPC Flow Logs be created?

Answer 47

1. VPC Level
2. Subnet Level
3. Network Interface Level

Question 48

When I create a new security group, all outbound traffic is allowed by default.

Answer 48

True

Question 49

A VPN connection consists of which components?

Answer 49

Virtual Private Gateway - VPN on AWS side

Customer Gateway - VPN on cusomter side

Question 50

True or False: In Amazon VPC, an instance does not retain its private IP.

Answer 50

False

Question 51

True or False: An Application Load Balancer must be deployed into at least two subnets.

Answer 51

True

Question 52

When you create a custom VPC, what is created automaticaly?

Answer 52

1. Route Table
2. Security Group
3. Access Control List

Question 53

True or False: By default, instances in new subnets in a custom VPC can communicate with each other across Availability Zones.

Answer 53

True

Question 54

Can I “force” a failover for any RDS instance that has Multi-AZ configured?

Answer 54

Yes

Question 55

In RDS, do changes to the backup window take place immediately?

Answer 55

Yes

Question 56

True or False: RDS Reserved instances are available for multi-AZ deployments.

Answer 56

True

Question 57

True or False: With new RDS Db instances, automated backups are enabled by default?

Answer 57

True

Question 58

True or False: When you add a rule to an RDS DB security group, you must specify a port number or protocol.

Answer 58

False - When you provision from RDS, the port information is generated automatically applied to the RDS security group

Question 59

MySQL default port

Answer 59

3306

Question 60

When you have deployed an RDS database into multiple availability zones, can you use the secondary database as an independent read node?

Answer 60

No

Question 61

Which AWS DB platform is most suitable for OLTP?

Answer 61

RDS

Question 62

How many copies of my data does RDS - Aurora store by default?

Answer 62

6

Question 63

Which of the following data formats does Amazon Athena support?

Answer 63

1. Apache Parquet
2. JSON
3. Apache ORC

Question 64

Which of the following DynamoDB features are chargeable, when using a single region?

Answer 64

1. Storage of Data

2. Read and Write Capacity