GoCloud CSA Practice Exam Qs

Question 1

An organization has an application in their on-premises data center that stores multiple 5GB files per day in S3. Recently many of these uploads have been failing. The customer’s data center is geographically close to the S3 region where they store their data. What can the organization do to increase the reliability of data transfers to AWS without incurring substantial costs?
A) Upload data to S3 using transfer acceleration
B) Upload data as part of a multipart upload
C) Upload data to glacier and then copy to S3
D) Upgrade to a faster connection to the internet

Answer 1

B) Upload data as part of a multipart upload

Question 2

An organization has users who upload a large number of files (each file is about 30MB) each day to S3. Recently, many of these uploads have been very slow. The organization’s employees are spread throughout the world. What can the organization do to increase the performance of these transfers to S3?
A) Upload data to S3 using transfer acceleration
B) Upload data as part of a multipart upload
C) Upload data to Glacier and then copy to S3
D) Upgrade to a faster connection to the internet

Answer 2

A) Upload data to S3 using transfer acceleration

Question 3

You have deployed a three-tier architecture in a VPC with a CIDR block of 172.16.1.0/28. The initial deployment has two web servers, two application servers, two database servers, and a custom server deployed on an EC2 instance. All web, application servers, and database servers are spread across two availability zones. Additionally, there is an ELB and DNS using Route 53. Demand for the application grows, and autoscaling is not able to keep up with demand, as autoscaling stops after adding two additional servers.
Why did autoscaling stop adding instances? Choose two:
A) AWS reserves the first four and last IP addresses, so there are not enough addresses to launch additional instances.
B) There should be 15 usable addresses in a /28 subnet, so there must be a configuration error.
C) Autoscaling is configured improperly.
D) The customer needs a larger subnet, i.e. a /27 instead of a /28.

Answer 3

A) AWS reserves the first four and last IP addresses, so there are not enough addresses to launch additional instances.
D) The customer needs a larger subnet, i.e. a /27 instead of a /28.

Question 4

When using IAM, a group is regarded as a:
A) Collection of AWS accounts
B) Collection of AWS users
C) Collection of computing instances
D) Link between a database and a compute instance

Answer 4

B) Collection of AWS users

Question 5

You have set up an autoscaling policy to scale in and out. You would like to control which instances are stopped first. How would you configure this?
A) IAM Role
B) A termination policy
C) Route 53
D) DynamoDB

Answer 5

B) A termination policy

Question 6

What are characteristics of VPC subnets? Choose 3:
A) Each subnet maps to a single availability zone.
B) Subnets are spread across availability zones.
C) Instances in a private subnet can access the internet if they have an elastic IP.
D) The smallest subnet on AWS is a /28.
E) With the default configuration all subnets can route between each other in a VPC.

Answer 6

A) Each subnet maps to a single availability zone.
D) The smallest subnet on AWS is a /28.
E) With the default configuration all subnets can route between each other in a VPC.

Question 7

In a CloudFormation template, each identified resource includes the following:
A) An operating system and AMI
B) A dedicated host and hypervisor
C) Logical ID, resource type, and resource properties
D) Physical ID, resource type, and resource properties

Answer 7

C) Logical ID, resource type, and resource properties

Question 8

Every time you attempt to delete an SSL certificate from the IAM certificate store, you keep getting the error “Certificate: <certificate-id> is being used by CloudFront”. What is the most likely reason for this error?
A) SSL certificates cannot be deleted.
B) You do not have sufficient IAM permissions.
C) CloudFront is not set up properly.
D) Prior to deleting the SSL certificate, its necessary to rotate SSL certificates or revert to the default CloudFront certificate.</certificate-id>

Answer 8

D) Prior to deleting the SSL certificate, its necessary to rotate SSL certificates or revert to the default CloudFront certificate.

Question 9

You plan on launching a new product. There is tremendous buzz and enthusiasm around the product launch, but you don’t know exactly the demand. Orders will be sent to the database, so it’s critical that writes to the database will not be lost. What is the best way to be sure orders are not lost when being written to the database?
A) Use a Microsoft SQL server cluster.
B) Use DynamoDB with the max write capacity.
C) Use an Amazon Simple Queue Service (SQS) to store orders until written to the database.
D) Add additional read replicas.

Answer 9

C) Use an Amazon Simple Queue Service (SQS) to store orders until written to the database.

Question 10

An organization wants autoscaling to scale out at 65 percent CPU utilization and scale in at 35 percent. How can the organization make sure this occurs?
A) Use auto-scaling with the default policy.
B) Use autoscaling with a policy.
C) Use CloudWatch alarms to send an SNS message to autoscale.
D) It is not possible to scale at these CPU levels.

Answer 10

B) Use autoscaling with a policy.

Question 11

Which of the following EBS volume types is ideal for applications with light or burst I/O requirements?
A) Provisioned IOPS
B) EBS General Purpose SSD (gp2)
C) EBS Throughput Optimized HDD (st1)
D) EBS Cold HDD (sc1)

Answer 11

D) EBS Cold HDD (sc1)

Question 12

Which of the following EBS volume types is ideal for applications requiring the lowest latency possible?
A) Provisioned IOPS
B) EBS General Purpose SSD (gp2)
C) EBS Throughput Optimized HDD (st1)
D) EBS Cold HDD (sc1)

Answer 12

A) Provisioned IOPS

Question 13

Your company is getting ready to make a major public announcement about a highly anticipated new product. The website is running on EC2 instances deployed across multiple Availability Zones with a Multi-AZ RDS MySQL Extra Large DB Instance. There are a large number of read and writes on the database. After examination you discover that there is read contention on RDS MySQL. How can you best scale in this environment?
A) Deploy ElastiCache in-memory cache running in each availability zone.
B) Add an SQS queue in front of the RDS MySQL database.
C) Increase the RDS MySQL instance size and implement provisioned IOPS.
D) Add an RDS MySQL read replica in each availability zone.

Answer 13

D) Add an RDS MySQL read replica in each availability zone.

Question 14

An organization has a requirement for the highest-throughput and lowest-latency storage option. The organization is willing to trade redundancy for performance. What is the best RAID option for this situation?
A) Raid 0
B) Raid 1
C) Raid 5
D) Raid 10

Answer 14

A) Raid 0

Question 15

An organization has a requirement for the highest-throughput and lowest-latency storage option with complete redundancy. What is the best RAID option for this situation?
A) Raid 0
B) Raid 1
C) Raid 5
D) Raid 10

Answer 15

D) Raid 10

Question 16

An organization requires a solution that provides complete redundancy. Speed is not a concern. What is the best RAID option?
A) Raid 0
B) Raid 1
C) Raid 5
D) Raid 10

Answer 16

B) Raid 1

Question 17

Your company is developing a next-generation wearable device that collects health information to assist individuals with adopting healthy lifestyles. The sensor will push 25 KB of health data in JSON format every 2 seconds. The data should be processed and analyzed, and information should be sent to the individual’s primary care provider.
The application must provide the ability for real-time analytics of the inbound health data. The health data must be highly durable. The results of the analytic processing should persist for data mining.
Which architecture outlined below will meet the initial requirements for the collection platform?
A) Use S3 to collect the inbound sensor data analyze the data with Amazon Athena.
B) Use Amazon Kinesis to collect the inbound sensor data, analyze the data with Kinesis clients, and save the results to a Redshift cluster using EMR.
C) Send data to SNS to collect the inbound sensor data and save the results to AWS RDS Multi-AZ.
D) Send the data to SQS, which then sends to DynamoDB.

Answer 17

B) Use Amazon Kinesis to collect the inbound sensor data, analyze the data with Kinesis clients, and save the results to a Redshift cluster using EMR.

Question 18

A new reality game show is being created. During the show users will vote for their favorite contestant. It is expected that millions of users will be voting. The votes must be collected into a durable, scalable, and highly available location. Which service should you use?
A) Amazon DynamoDB
B) Amazon Redshift
C) Microsoft SQL Server
D) AWS S3

Answer 18

A) Amazon DynamoDB

Question 19

You are tasked with creating a solution to analyze a customer’s clickstream data on a website to analyze user behavior. The analysis must provide the sequence of pages that are clicked by websites users. This data will be used in real time to optimize the website’s performance in terms of page stickiness and advertising click-through rates. Which is the best option to capture and analyze user behavior in real time?
A) Send web clicks data to Amazon S3, and then analyze and analyze behavior using Amazon Athena.
B) Push web clicks data to Amazon Kinesis and analyze behavior using Kinesis workers.
C) Write web clicks directly to DynamoDB.
D) Write web clicks directly to Amazon RDS for Oracle.

Answer 19

B) Push web clicks data to Amazon Kinesis and analyze behavior using Kinesis workers.

Question 20

An application provides data transformation services. Data to be transformed is uploaded to Amazon S3 and then transformed by a fleet of spot EC2 instances. VIP customers should have their files transformed before other customers. How should you implement a system that services VIP customers first?
A) This cannot be performed, as the apposition process messages in the order they are received.
B) Use an ELB to distribute VIP traffic first and then generic traffic to the spot fleet of transformation instances.
C) Set up two SQS queues, priority queue for VIP customers and a second queue with default priority for everyone else. Have the transformation instances first poll the high-priority queue; if there is no message, then poll the default priority queue.
D) Use SNS to send a message to administrators to manually send VIP customers data for immediate transformation.

Answer 20

C) Set up two SQS queues, priority queue for VIP customers and a second queue with default priority for everyone else. Have the transformation instances first poll the high-priority queue; if there is no message, then poll the default priority queue.

Question 21

An organization is planning on setting up a bastion host to help manage systems on their VPC. The bastion host must be reachable from all internet addresses. The bastion host must also be able to access the internal network and should only be open to SSH traffic from a small CIDR range of addresses. How can the bastion host be configured for this purpose?
A) This cannot be performed, as the host is on a public subnet.
B) Create two network interfaces on two different subnets. Assign security groups to allow external traffic on the public interface and SSH traffic on the internal network interface.
C) Create two network interfaces with the same subnets. Assign security groups to allow external traffic on the public interface and SSH traffic on the internal network interface.
D) Separate the services. Put the web server on an EC2 instance and set up a second server for SSH traffic.

Answer 21

B) Create two network interfaces on two different subnets. Assign security groups to allow external traffic on the public interface and SSH traffic on the internal network interface.

Question 22

_____________ pricing offers a significant discount over on-demand pricing. This pricing approach works well for mission-critical applications with known capacity utilization and known duration of use.
A) Discount voucher
B) Reserved instance
C) AWS coupon code
D) Spot instance

Answer 22

B) Reserved instance

Question 23

An organization’s security policy requires encryption of sensitive data at rest. The data is stored on an EBS volume which is attached to an EC2 instance. Which options would facilitate encrypting your data at rest? (Choose 3):
A) Leverage third-party volume encryption tools.
B) Move data from EBS to S3.
C) Encrypt data prior to storing on EBS.
D) Encrypt data using native data encryption drivers at the file system level.
E) Unnecessary, as all data on AWS is encrypted.

Answer 23

A) Leverage third-party volume encryption tools.
C) Encrypt data prior to storing on EBS.
D) Encrypt data using native data encryption drivers at the file system level.

Question 24

What does the PollForTask action perform when it’s called by a task runner in AWS Data Pipeline?
A) It retrieves the pipeline definition.
B) It sends an SNS message to AWS administrators.
C) It sends the data to the next application in the task.
D) It performs the next task to perform from AWS Data Pipeline.

Answer 24

A) It retrieves the pipeline definition.

Question 25

Which of the following are customer responsibilities under the shared security model? Choose 3. A) Security groups B) ACLs C) Patch management of the serverless operating system D) IAM credentials E) Managing the underlying hardware of an EC2 instance

Answer 25

A) Security groups B) ACLs D) IAM credentials

Question 26

An organization has three separate divisions (VPCs), and they are main, autos, and auto parts. The main organization needs access to auto and auto parts. How can the main organization access the VPCs of autos and auto parts? A) Set up VPC peering between main and autos and auto parts. B) Open NACLs to allow for full communication. C) Make sure the security groups allow for the CIDR ranges of all VPCs. D) This is not possible, as VPCs cannot communicate with each other.

Answer 26

A) Set up VPC peering between main and autos and auto parts.

Question 27

A company has 500 TB of business-critical data. The company had a fire at their facility and is in immediate need to move their data center to the AWS cloud. The company needs to perform this within 7 business days. The company has a 1-Gig direct connection to AWS, which is running at near full capacity. How can you get the system fully operational within the short timeframe? A) Request multiple Snowball devices from AWS. Load data on the Snowball device. Have AWS download data to an S3 bucket. B) Order a 10GB direct connection and send over that link. C) Upload to S3 over the existing 1GB internet connection with multipart uploads. D) Use the AWS import/export service. Load data on the hard drives. Have AWS download data to an S3 bucket.

Answer 27

A) Request multiple Snowball devices from AWS. Load data on the Snowball device. Have AWS download data to an S3 bucket.

Question 28

An organization is using ElastiCache in front of Amazon RDS database which has four read replicas deployed. The database CPU is at 65 percent with the ElastiCache and cannot meet current capacity if the ElastiCache Fails. The server has very limited write use and is mostly limited by read contention. What is a solution to mitigate the impact of an ElastiCache failure? A) Spread memory and capacity over a smaller number of larger cache nodes. B) Spread memory and capacity over a larger number of smaller cache nodes. C) Implement an SQS queue to assist with write capacity. a. Use AWS SNS messenger to alert team of cache failures.

Answer 28

B) Spread memory and capacity over a larger number of smaller cache nodes.

Question 29

What indicates that an object is successfully stored when put in S3? A) An http 404 code is received. B) An http 300 code is received. C) Cloud watch logs show put was successful. D) An http 200 code is received, along with an MD5 hash.

Answer 29

D) An http 200 code is received, along with an MD5 hash.

Question 30

What indicates that an object is successfully stored when put in S3? is the maximum number of VPCs per region? A) 10 B) 50 C) 100 D) 5

Answer 30

D) 5

Question 31

S3 bucket policies are written in what language? A) JavaScript B) C++ C) JSON D) Python

Answer 31

C) JSON

Question 32

A global organization is hosting a website on S3. The company is experiencing large data charges for cross-region sharing from the S3 bucket. What changes can be made to reduce costs? A) VPC peering B) S3 cross-region replication C) Move the website off S3 and onto an EC2 instance D) CloudHub

Answer 32

B) S3 cross-region replication

Question 33

An organization has been storing their data on instance storage. The server was patched for security vulnerability, and when it was rebooted, all data stored was gone. Why did this happen? A) Malware infection B) Not enough information is provided to troubleshoot C) Instance storage is deleted upon termination or reboot D) None of the above

Answer 33

C) Instance storage is deleted upon termination or reboot

Question 34

An organization is using an AWS RDS database. The database is currently running on EBS general purpose storage. At times read and write latency is too high for the organization’s needs. How can this be easily remedied? A) Upgrade the EBS volume to previsioned OPS B) Change storage type to EBS throughput optimized C) Change storage location to an EFS volume D) Change to high-speed instance storage

Answer 34

A) Upgrade the EBS volume to previsioned OPS

Question 35

Relational databases follow the BASE model (Basically Available, Soft State, and Eventually Consistent). A) True B) False

Answer 35

B) False

Question 36

An organization has noticed the CPU on their RDS database is consistently at 85%. When looking at the database, there is heavy read activity from frequent SQL queries from the finance department. What can the organization do to improve the performance and scalability of the database? Choose 2: A) Add a read replica and point the finance department’s SQL queries to the read replica B) Add an ElastiCache to reduce read contention for frequently accessed information C) Add an SQS queue to reduce read contention D) Set up Multi-AZ for the RDS database

Answer 36

A) Add a read replica and point the finance department’s SQL queries to the read replica B) Add an ElastiCache to reduce read contention for frequently accessed information

Question 37

An organization has set up a high-availability database architecture using a Multi-AZ environment. If the primary database fails, which of the following will cause the database to failover to the backup database? Choose 4: A) The primary database instance fails. B) There is an outage in an availability zone. C) The database instance type is changed. D) The primary database is under maintenance (i.e., patching an operating system). E) The database is busy, with a CPU utilization of 90%.

Answer 37

A) The primary database instance fails. B) There is an outage in an availability zone. C) The database instance type is changed. D) The primary database is under maintenance (i.e., patching an operating system).