Incorrect Questions PT1 Flashcards
Correct your answer of Udemy AWS practice tests.
Your EC2 Instances come with a monitoring feature that only offers basic metrics. Which service should you enable to get access to more metrics?
CloudWatch with detailed monitoring.
SS-KMS
Server-Side Encryption using AWS Key Management Service
Server-Side Encryption Technology that offers additional auditing eatures
Server-Side Encryption using AWS Key Management Service, Managed Keys - SSE-KMS.
Gives separate permissions for use of an envelope key.
Can also get an audit trail to show when your keys were used and who used the keys.
What are the two files you need to upload to S3 to start a static website?
Index.html and Error.html
By default, what do VPC NACLs and Security Groups do with inbound traffic?
In a default configuration, Security Groups allow only outbound traffic and block all incoming traffic. You need to enable inbound traffic specifying the protocol, port and source. In a VPC the default NACL is set to allow all inbound and outbound traffic. If you deploy a custom NACL, then all inbound and outbound traffic is blocked
Which AWS service can be used to generate historical configuration change records for your AWS resources which can then be used for auditing your workloads on the AWS platform
AWS Config
AWS Config
AWS Config is a managed service that provides AWS resource inventory information and enables you to record configuration change history to enable security and governance requirements. With AWS Config, you can discover both existing and deleted resources at any point in time.
CloudTrail
Service that provides governance, compliance, operational auditing and risk auditing of AWS account.
- Continuously monitor and retain account activity.
- Event History helps with Security analysis, resource change tracking and troubleshooting.
Lightsail
Launch a virtual private server with preconfigured components including VM, SSD-Based storage, data transfer, DNS management and static IP for a fixed montly price without having to design individually.
What are the Reserved Instance Contract Lengths
1 Year
3 Years
What are the Amazon Support Plans
- Basic
- Developer
- Business
- Enterprise
What are the Amazon Support Plan Pricing models per month?
- Basic - Included
- Developer - $29+
- Business - $100+
- Enterprise - $15k+
What is the maximum size of a signle Amazon Glacier Archive?
40 TB
For AWS Enterprise customers, any questions about billing and overall AWS account can be directed to which AWS support personnel?
AWS Concierge
AWS Trusted Advisor
Inspects your AWS environment and alerts you to opportunities to save money, improve system availability and performance, or help close security gaps.
AWS Support Concierge Service
- Included with Enterprise Support Plan.
- 24x7 access to AWS billing and account inquires.
- Guidance and best practices for billing allocation, reporting, consolidation of accounts, and root-level account security.
- Access to Enterprise account specialists for payment inquiries, training on specific cost reporting, assistance with service limits, and facilitating bulk purchaces.
Name 3 Alarm States for Cloudwatch
OK
Alarm
Insufficient_Data
Redshift
Designed specifically for Data Warehousing and Business Intelligence applications.
Name what CloudWatch monitors without customization
CPU
Disk
Networking
Status
Name something that requires a custom CloudWatch metric
Memory - Cloudwatch works on the Hypervisor level and does not monitor memory utilization.
What is Amazon responsible for RDS?
- Ensuring database infrastructure
- Patching DB instances
- Storing data
How can you prevent the failure of a Zen Hypervisor in the AWS environment?
You can’t. It is Amazon’s responsibility as part of the shared responsibility model. They are responsible for the underlying hosts running the Xen Hypervisors.
What are Convertible Reserved Instances (RI)?
The ability to change a Reserved Instance with different configuration, operating system and tenancy as long as the target instance is of equal of higher value.
What is the default maximum number of linked accounts you can have under a paying account for Consolidated Billing?
20
This can be increased by placing a support request with AWS.
What is the response time for a critical business failure for AWS Enterprise Support Plan?
15 minutes
Which Database engines are available on Amazon RDS?
Microsoft SQL Aurora Oracle MySQL ProgreSQL MariaDB
What is a policy in Amazon IAM?
Policies enable you to assign permissions to users, groups and roles.
How many Elastic IP Addresses can you have per region by default?
5
This can be raised by AWS Support.
As an enterprise organization, which AWS Service can you use that can provision a simle and efficient means to make controlled changes to your infrastructure?
AWS Managed Service
Which AWS service can you use to migrate an existing database to AWS?
DMS (Database Migration Service)
Name a load balancer that allows the use of a Static Elastic IP Address
Network Load Balancer
Name two options that are available to grant permissions in Amazon S3, both at the bucket level and individual file level.
Bucket - Bucket Policies
File - Access Control Lists
Which AWS Service stores objects as a collection in an archive file format like tar or zip file?
Amazon Glacier
In most cases what is the minimum number of Availability Zones per region?
2
Which five categorise does Amazon Trusted Advisor report on to showcase if your workloads have been designed, deployed and are running in accordance with best practices?
Cost Optimization Service Limits Security Fault Tolerance Performance
Which tools can you use to consolidate multiple AWS Accounts so that you can centrally manage them?
AWS Organizations
What type of routing policy can help route people based on location?
Geolocation Routing
