Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Developer > guru > Flashcards

guru Flashcards

1
Q

Which of the following is NOT a feature of IAM?

Integrates with existing active directory account allowing single sign on

Centralised control of your AWS account

Fine-grained access control to AWS resources

Allows you to setup biometric authentication, so that no passwords are required

A

Allows you to setup biometric authentication, so that no passwords are required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The AWS sign-in endpoint for SAML is https://signin.aws.amazon.com/saml.

True or False?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the name of the API call used to request temporary security credentials from the AWS platform when federating with Active Directory?

AssumeRoleWithSAML

CovertRoleToSAML

GetSAMLRole

ShowMeTheSAML

A

AssumeRoleWithSAML

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

When using Active Directory to authenticate to AWS, which of the following answers contains the correct steps, in the correct order?

Federating with Active Directory is not possible with AWS.

The user navigates to ADFS webserver. The user enter in their single sign on credentials. The user’s web browser receives a SAML assertion from the AD server. The user’s browser then posts the SAML assertion to the AWS SAML end point for SAML and the AssumeRoleWithSAML API request is used to request temporary security credentials. 5) The user is then able to access the AWS Console.

The user navigates to the AWS console. The user enter in their active directory single sign on credentials in to AWS. The user’s web browser receives a SAML assertion from AWS. The user is then able to access the AWS Console.

The user navigates to ADFS webserver. The user enter in their single sign on credentials. The user’s web browser receives a SAML assertion from the AD server. The user’s browser then posts the SAML assertion to the AWS SAML end point for SAML and the GiveUserSAMLAccess API request is used to request temporary security credentials. 5) The user is then able to access the AWS Console.

A

The user navigates to ADFS webserver. The user enter in their single sign on credentials. The user’s web browser receives a SAML assertion from the AD server. The user’s browser then posts the SAML assertion to the AWS SAML end point for SAML and the AssumeRoleWithSAML API request is used to request temporary security credentials. 5) The user is then able to access the AWS Console.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AWS recommends that EC2 instances have credentials stored on them so that the instances can access other resources (such as S3 buckets).

True or False?

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the name of the service that allows users to use their social media account to gain temporary access to the AWS platform?

Facebook Sign In Service

Web Confederation Services

Web Identity Federation

Active Directory Authentication Services

A

Web Identity Federation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

When using Web Identity Federation to allow a user to access an AWS service (such as an S3 bucket), which of the following is the correct order of steps?

A user logs in to the AWS platform using their facebook credentials. AWS authenticate with facebook to check the credentials. Temporary Security Access is granted to AWS.

A user makes the AssumeRoleWithWebIdentity API Call. The user is then redirected to facebook to authenticate. Once authenticated, the user is given an ID token. The user is then granted temporary access to the AWS platform.

Users cannot use Facebook credentials to access the AWS platform.

A user authenticates with facebook first. They are then given an ID token by facebook. An API call, AssumeRoleWithWebIdentity, is then used in conjunction with the ID token. A user is then granted temporary security credentials.

A

A user authenticates with facebook first. They are then given an ID token by facebook. An API call, AssumeRoleWithWebIdentity, is then used in conjunction with the ID token. A user is then granted temporary security credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

When authenticating using Web Identity Federation, which of the following is the API call used to obtain temporary security credentials?

GetRoleWithWebIdentity

GetRole

AssumeRoleWithWebIdentity

AssumeRole

A

AssumeRoleWithWebIdentity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which statement best describes IAM?

IAM allows you to manage users, groups, and roles and their corresponding level of access to the AWS Platform.

IAM stands for Improvised Application Management, and it allows you to deploy and manage applications in the AWS Cloud.

IAM allows you to manage permissions for AWS resources only.

IAM allows you to manage users’ passwords only. AWS staff must create new users for your organization. This is done by raising a ticket.

A

IAM allows you to manage users, groups, and roles and their corresponding level of access to the AWS Platform.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

SAML stands for Security Assertion Markup Language.

True or False?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

XXXXXXXXXXXXXXXXXX

A

XXXXXXXXXXX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You have an EC2 instance that needs to know both its private IP address and its public IP address. To do this, the application needs to ________.

Run IPCONFIG (Windows) or IFCONFIG (Linux)

Use the following command: “AWS EC2 displayIP”

Retrieve the instance Metadata from http://169.254.169.254/latest/meta-data/

Retrieve the instance Userdata from http://169.254.169.254/latest/meta-data/

A

Retrieve the instance Metadata from http://169.254.169.254/latest/meta-data/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following languages is NOT supported by the AWS SDK?

Perl

Node.JS

C++

Python

Ruby

A

Perl

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following best describes Amazon ECS?

The Elastic Container Service is a serverless system to manage running many Docker containers in a flexible and cost-effective way.

The Elastic Container Scheduler is a serverless system to manage running many Docker containers in a flexible and cost-effective way.

The Elastic Container Scheduler is a service that manages running Docker containers on a group of your EC2 instances.

The Elastic Container Service is a service that manages running Docker containers on a group of your EC2 instances.

The Elastic Container Scheduler is software that you can run and manage to orchestrate many running Docker containers.

The Elastic Container Service is software that you can run and manage to orchestrate many running Docker containers.

A

The Elastic Container Service is a service that manages running Docker containers on a group of your EC2 instances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which AWS service below is chargeable?

Elastic Beanstalk

Autoscaling

Elastic Load Balancers

Cloud Formation

A

Elastic Load Balancers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

In order to enable encryption at rest using EC2 and Elastic Block Store, you must ________.

Mount the EBS volume in to S3 and then encrypt the bucket using a bucket policy.

Configure encryption when creating the EBS volume

Configure encryption using X.509 certificates

Configure encryption using the appropriate Operating Systems file system

A

Configure encryption when creating the EBS volume

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The default region for an SDK is “US-EAST-1”.

True or False?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

An HTTP 200 code means ________.

There has been a server side error

The request has failed

There has been a client side error.

The request was successful

A

The request was successful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

An HTTP 3xx code means ________.

There has been a server side error

There has been a client side error

There has been a redirection

The request was successful

A

There has been a redirection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

To accommodate the hosting of multiple sites, you can have multiple SSL certificates on an Elastic Load Balancer.

True or False?

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

To retrieve instance Metadata or Userdata, you will need to use which the following IP Addresses?

http: //192.168.0.254
http: //169.254.169.254
http: //10.0.0.1
http: //127.0.0.1

A

http://169.254.169.254

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A HTTP 4XX code means ________.

The request was successful.

There has been a client side error.

There has been a server side error.

There has been a redirection.

A

There has been a client side error.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A HTTP 5XX code means ________.

The request was a success\

There has been a server side error

There has been a client side error

There has been a redirection

A

There has been a server side error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

XXXXXXXXXXXXXXXXXXXXXXXXXXXX

A

XXXXXXXX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

If you encrypt a bucket on S3, what type of encryption does AWS use?

Advanced Encryption Standard (AES) 128

International Data Encryption Algorithm (IDEA).

Advanced Encryption Standard (AES) 256

Data Encryption Standard (DES)

A

Advanced Encryption Standard (AES) 256

26
Q

S3 provides unlimited storage.

True or False?

A

True

27
Q

What is the HTTP code you would see once you successfully place a file in an S3 bucket?

404

200

524

312

A

200

28
Q

You are using S3 in AP-Northeast to host a static website in a bucket called “acloudguru”. What would the new URL endpoint be?

https: //s3-ap-northeast-1.amazonaws.com/acloudguru/
http: //acloudguru.s3-website-ap-northeast-1.amazonaws.com
http: //www.acloudguru.s3-website-ap-northeast-1.amazonaws.com
http: //acloudguru.s3-website-ap-southeast-1.amazonaws.com

A

http://acloudguru.s3-website-ap-northeast-1.amazonaws.com

29
Q

What is the largest size file you can transfer to S3 using a PUT operation?

5TB

100MB

1GB

5GB

A

5GB

30
Q

If you want to enable a user to download your private data directly from S3, you can insert a pre-signed URL into a web page before giving it to your user.

True or false?

A

True

31
Q

What is the maximum file size that can be stored on S3?

1TB

4TB

2TB

5TB

A

5TB

32
Q

The minimum file size allowed on S3 is 1 byte.

True or False

A

False

33
Q

In terms of performance, a scan is more efficient than a query.

True or False?

A

False

34
Q

What is the API call to retrieve multiple items from a DynamoDB table?

BatchGet

GetItems

BatchGetItem

BatchGetItems

A

BatchGetItem

35
Q

You have an application that needs to read 25 items of 13kb in size per second. Your application uses strongly consistent reads. What should you set the read throughput to?

10

25

50

100

A

100

36
Q

DynamoDB is a No-SQL database provided by AWS.

True or False?

A

True

37
Q

What does the error “ProvisionedThroughputExceededException” mean in DynamoDB?

The DynamoDB table is unavailable.

The DynamoDB table has exceeded the allocated space.

You exceeded your maximum allowed provisioned throughput for a table or for one or more global secondary indexes.

There is no such error message. The correct error message would be “ProvisionedThroughputFailureException”.

A

You exceeded your maximum allowed provisioned throughput for a table or for one or more global secondary indexes.

38
Q

You have a motion sensor which writes 600 items of data every minute. Each item consists of 5kb. What should you set the write throughput to?

10

20

50

40

A

50

39
Q

In terms of performance, a scan is more efficient than a query.

True or False?

A

False

40
Q

Using the AWS portal, you are trying to Scale DynamoDB past its preconfigured maximums. Which service can you increase by raising a ticket to AWS support?

Global Secondary Indexes

Local Secondary Indexes

Provisioned throughput limits

Item Sizes

A

Provisioned throughput limits

41
Q

10XXXXXXXXXX

A

XXXXXXXXXX

42
Q

You have an EC2 instance that needs to know both its private IP address and its public IP address. To do this, the application needs to ________.

Run IPCONFIG (Windows) or IFCONFIG (Linux)

Retrieve the instance Userdata from http://169.254.169.254/latest/meta-data/

Retrieve the instance Metadata from http://169.254.169.254/latest/meta-data/

Use the following command: “AWS EC2 displayIP”

A

Retrieve the instance Metadata from http://169.254.169.254/latest/meta-data/

43
Q

An HTTP 200 code means ________.

There has been a server side error

The request has failed

There has been a client side error.

The request was successful

A

The request was successful

44
Q

The default region for an SDK is “US-EAST-1”.

True or False

A

True

45
Q

When you first create an S3 bucket, this bucket is publicly accessible by default.

True or False

A

False

46
Q

You are hosting a static website in an S3 bucket that uses Java script to reference assets in another S3 bucket. For some reason, these assets are not displaying when users browse to the site. What could be the problem?

You haven’t enabled Cross Origin Resource Sharing (CORS) on the bucket where the assets are stored.

You cannot use one S3 bucket to reference another S3 bucket.

Amazon S3 does not support Javascript.

You need to open port 80 on the appropriate security group in which the S3 bucket is located.

A

You haven’t enabled Cross Origin Resource Sharing (CORS) on the bucket where the assets are stored.

47
Q

You have an application that needs to read 25 items of 13kb in size per second. Your application uses eventually consistent reads. What should you set the read throughput to?

50

10

25

100

A

50

48
Q

XXXSQSQUIZXXXXXX

A

XXXXXXXXXX

49
Q

Your EC2 instances download jobs from an SQS queue. However, they are taking too long to process the messages. What API call can you use to extend the length of time to process the jobs?

AlterMessageTime

SetMessageVisibility

ChangeMessageVisibility

ExtendMessageTime

A

ChangeMessageVisibility

50
Q

What is the maximum visibility of an SQS message in a queue?

12 hours

1 day

1 hour

14 days

A

12 hours

51
Q

What is the maximum long poll time out?

1 hour

20 seconds

50 seconds

5 minutes

A

20 seconds

52
Q

You run a video-hosting website with two types of members: premium, fee-paying members; and free members. Each video that is uploaded is processed by a fleet of EC2 instances, which poll an SQS queue as videos are uploaded. However, you need to ensure that the videos uploaded by your premium, fee-paying members have a higher priority than those of your free members. How might you work with SQS to endure priority treatment of the premium members’ videos?

Create two SQS queues — one for premium members, and one for free members. Program your EC2 fleet to poll the premium queue first and, if empty, to then poll your free members SQS queue.

SQS would not be suitable for this scenario. It would be much better to use SNS to encode the videos.

SQS allows you to set priorities on individual items within the queue, so simply set the fee paying members at a higher priority than your free members.

A

Create two SQS queues — one for premium members, and one for free members. Program your EC2 fleet to poll the premium queue first and, if empty, to then poll your free members SQS queue.

53
Q

SQS was the first service on the AWS platform?

True or False?

A

True

54
Q

How large can an SQS message be?

128KB

512KB

64KB

256KB

A

256KB

55
Q

An SQS message can be delivered multiple times.

True or False?

A

True

56
Q

What is the default visibility timeout for a message in an SQS queue?

1 minute

1 year

15 minutes

30 seconds

A

30 seconds

57
Q

What is the maximum retention period for an SQS message?

12 hours

1 day

14 days

1 hour

A

14 days

58
Q

Which Amazon service can you use in conjunction with SQS to “fan out” SQS messages to multiple queues.

ElastiCache

SWF

SES

SNS

A

SNS

59
Q

You have a fleet of EC2 instances that are constantly polling empty SQS queues, burning CPU cycles and costing your company money. What should you do?

Enable SQS Short Polling.

Delete the entire EC2 fleet so that they no longer poll the queue.

Enable SQS Long Polling.

Consider using ElastiCache to cache the messages, rather than SQS.

A

Enable SQS Long Polling.

60
Q

You are designing a new application that processes payments and delivers promotional emails to customers. You need to ensure that the payment process takes priority over the creation and delivery of emails. How might you use SQS to achieve this.

Use 1 SQS queue for the platform. Use the HighPriority API call to ensure that all payment SQS messages take priority over the promotional email messages.

Use 1 SQS queue for the platform. Use the SetPriority API call to ensure that all payment SQS messages take priority over the promotional email messages.

Use 2 SQS queues for the platform. Have the EC2 fleet poll the promotional emails SQS queue first. If this queue is empty, then poll the payment emails queue.

Use 2 SQS queues for the platform. Have the EC2 fleet poll the payment SQS queue first. If this queue is empty, then poll the promotional emails queue.

A

Use 2 SQS queues for the platform. Have the EC2 fleet poll the payment SQS queue first. If this queue is empty, then poll the promotional emails queue.

AWS Developer (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions