Incorrect Questions PT1

Question 1

Your EC2 Instances come with a monitoring feature that only offers basic metrics. Which service should you enable to get access to more metrics?

Answer 1

CloudWatch with detailed monitoring.

Question 2

SS-KMS

Answer 2

Server-Side Encryption using AWS Key Management Service

Question 3

Server-Side Encryption Technology that offers additional auditing eatures

Answer 3

Server-Side Encryption using AWS Key Management Service, Managed Keys - SSE-KMS.
Gives separate permissions for use of an envelope key.
Can also get an audit trail to show when your keys were used and who used the keys.

Question 4

What are the two files you need to upload to S3 to start a static website?

Answer 4

Index.html and Error.html

Question 5

By default, what do VPC NACLs and Security Groups do with inbound traffic?

Answer 5

In a default configuration, Security Groups allow only outbound traffic and block all incoming traffic. You need to enable inbound traffic specifying the protocol, port and source. In a VPC the default NACL is set to allow all inbound and outbound traffic. If you deploy a custom NACL, then all inbound and outbound traffic is blocked

Question 6

Which AWS service can be used to generate historical configuration change records for your AWS resources which can then be used for auditing your workloads on the AWS platform

Answer 6

AWS Config

Question 7

AWS Config

Answer 7

AWS Config is a managed service that provides AWS resource inventory information and enables you to record configuration change history to enable security and governance requirements. With AWS Config, you can discover both existing and deleted resources at any point in time.

Question 8

CloudTrail

Answer 8

Service that provides governance, compliance, operational auditing and risk auditing of AWS account.

• Continuously monitor and retain account activity.
• Event History helps with Security analysis, resource change tracking and troubleshooting.

Question 9

Lightsail

Answer 9

Launch a virtual private server with preconfigured components including VM, SSD-Based storage, data transfer, DNS management and static IP for a fixed montly price without having to design individually.

Question 10

What are the Reserved Instance Contract Lengths

Answer 10

1 Year

3 Years

Question 11

What are the Amazon Support Plans

Answer 11

• Basic
• Developer
• Business
• Enterprise

Question 12

What are the Amazon Support Plan Pricing models per month?

Answer 12

• Basic - Included
• Developer - $29+
• Business - $100+
• Enterprise - $15k+

Question 13

What is the maximum size of a signle Amazon Glacier Archive?

Answer 13

40 TB

Question 14

For AWS Enterprise customers, any questions about billing and overall AWS account can be directed to which AWS support personnel?

Answer 14

AWS Concierge

Question 15

AWS Trusted Advisor

Answer 15

Inspects your AWS environment and alerts you to opportunities to save money, improve system availability and performance, or help close security gaps.

Question 16

AWS Support Concierge Service

Answer 16

• Included with Enterprise Support Plan.
• 24x7 access to AWS billing and account inquires.
• Guidance and best practices for billing allocation, reporting, consolidation of accounts, and root-level account security.
• Access to Enterprise account specialists for payment inquiries, training on specific cost reporting, assistance with service limits, and facilitating bulk purchaces.

Question 17

Name 3 Alarm States for Cloudwatch

Answer 17

OK
Alarm
Insufficient_Data

Question 18

Redshift

Answer 18

Designed specifically for Data Warehousing and Business Intelligence applications.

Question 19

Name what CloudWatch monitors without customization

Answer 19

CPU
Disk
Networking
Status

Question 20

Name something that requires a custom CloudWatch metric

Answer 20

Memory - Cloudwatch works on the Hypervisor level and does not monitor memory utilization.

Question 21

What is Amazon responsible for RDS?

Answer 21

• Ensuring database infrastructure
• Patching DB instances
• Storing data

Question 22

How can you prevent the failure of a Zen Hypervisor in the AWS environment?

Answer 22

You can’t. It is Amazon’s responsibility as part of the shared responsibility model. They are responsible for the underlying hosts running the Xen Hypervisors.

Question 23

What are Convertible Reserved Instances (RI)?

Answer 23

The ability to change a Reserved Instance with different configuration, operating system and tenancy as long as the target instance is of equal of higher value.

Question 24

What is the default maximum number of linked accounts you can have under a paying account for Consolidated Billing?

Answer 24

20

This can be increased by placing a support request with AWS.

Question 25

What is the response time for a critical business failure for AWS Enterprise Support Plan?

Answer 25

15 minutes

Question 26

Which Database engines are available on Amazon RDS?

Answer 26

Microsoft SQL
Aurora
Oracle
MySQL
ProgreSQL
MariaDB

Question 27

What is a policy in Amazon IAM?

Answer 27

Policies enable you to assign permissions to users, groups and roles.

Question 28

How many Elastic IP Addresses can you have per region by default?

Answer 28

5

This can be raised by AWS Support.

Question 29

As an enterprise organization, which AWS Service can you use that can provision a simle and efficient means to make controlled changes to your infrastructure?

Answer 29

AWS Managed Service

Question 30

Which AWS service can you use to migrate an existing database to AWS?

Answer 30

DMS (Database Migration Service)

Question 31

Name a load balancer that allows the use of a Static Elastic IP Address

Answer 31

Network Load Balancer

Question 32

Name two options that are available to grant permissions in Amazon S3, both at the bucket level and individual file level.

Answer 32

Bucket - Bucket Policies

File - Access Control Lists

Question 33

Which AWS Service stores objects as a collection in an archive file format like tar or zip file?

Answer 33

Amazon Glacier

Question 34

In most cases what is the minimum number of Availability Zones per region?

Answer 34

2

Question 35

Which five categorise does Amazon Trusted Advisor report on to showcase if your workloads have been designed, deployed and are running in accordance with best practices?

Answer 35

Cost Optimization
Service Limits
Security
Fault Tolerance
Performance

Question 36

Which tools can you use to consolidate multiple AWS Accounts so that you can centrally manage them?

Answer 36

AWS Organizations

Question 37

What type of routing policy can help route people based on location?

Answer 37

Geolocation Routing