Linnux academy questions

Question 1

Which of the following can be used to protect your environment from DDos Attacks (Pick 3)

A. Cloudfront
B.Trusted Advisor
C.AWS Shield
D.AWS ELB

Answer 1

A. Cloudfront
C. AWS Shield
D. AWS ELB

Question 2

Your company needs to host a database in their AWS environment but needs to have control over patching. Which is the best choice?

A. EC2 Instance
B. AWS RDS database
C. Oracle database

Answer 2

A. EC2 Instance

Question 3

If you take a snapshot of an EC2 instance and use the snapshot to create a new EC2 instance what is this called?
A. EC2 Snapshot
B. EBS Snapshot
C. AMI

Answer 3

C. an AMI

Question 4

Which option allows AWS RDS to failover to a secondary database in case of primary database failure

A. Standby
B. Multi-AZ
C. Read replicas

Answer 4

B. Multi - AZ

Question 5

In AWS Shared Responsibility Model, which if the following is not your responsibility as a customer?
A. Encrpyting Data
B. Managing Security groups 
C. Decommissioning your data
D. Patching your Instances

Answer 5

C. Decommissioning your data

Question 6

What is the best solution to provide secure access to an S3 bucket not using the internet?
A. Use a VPN connection
C. Use a VPC endpoint to access S3
D. Use an internet gateway

Answer 6

C. Use a VPC endpoint to access S3

Question 7

Can you encrpyt metadata in S3?

C. Yes, if you put the metadata in a DynamoDB table and enable encrpytion during creation
D. Yes all data in S3 can be encrpyted

Answer 7

C. Yes if you put metadata in a dynamoDB table with S3.

Question 8

You receive an alert about an issue between an application and the database servers. What should you check to ensure communication is working?
A. Security group rules
B. NACL rules
C. AWS IAM roles
D. AWS KMS

Answer 8

C. AWS IAM Roles

they control access at the instance level

Question 9

Which of the following options are best practices for permissions in your AWS environment? (Pick 2)

A. use the principle of least privilege
B. Rotate , remove and update credentials on regular schedule
C. Use IAM users instead of groups

Answer 9

A. Use the principle of least privilege

B. Rotate, remove and update credentials on regular schedule

Question 10

You need to find out which user was responsible for terminating several EC2 instances. Where would you look?

A. Cloudwatch
B. Cloudtrail logs

Answer 10

B. Cloudtrail Logs

Question 11

Which service allows you to build Infrastructure as Code?

A. Cloudformation
B. Config

Answer 11

Cloudformation

Question 12

Which Service gives you full administrative privilege of underlying v infrastructure ?

A. EC2
B. S3
C. Lambda

Answer 12

A. EC2

Question 13

Which choice allows you to carve out a portion of the AWS cloud?

A. Autoscaling Group
B. VPC
C. Security Groups

Answer 13

A. VPC

Question 14

Which options allow RDS to offer high availability of databases (Pick 2)

A. Multi Region
B. Multi-AZ
C.Read Replicas

Answer 14

B. Multi AZ

C. Read Replicas

Question 15

Which service provides fully managed NoSQL Database
A. DynamoDB
B. RDS
C.MySQL

Answer 15

A. DynamoDB

Question 16

What are two benefits of using RDS? (Pick 2)

B. You can resize your capacity as needed
C. It allows you to store noSQL data
D. It automates patches and backups

Answer 16

B. You can resize capacity

D. It automated patches and backups

Question 17

Which AWS service allows you to increase the number of resources based on demand of the application or the users?
A. Autoscaling
B. Elastic load balancer
C. Elasticity

Answer 17

Auto scaling

Question 18

What is the added value of being able to access your environment using cloud services through an API?

A. Allows customer owned , on premises infrastructure to also be programmable
B. Allows you to work with AWS services and resources programmatically

Answer 18

B. Allows you to work with AWS services and resources programatically

Question 19

For cost optimization in AWS, what are two options you must consider for S3?

A. The number of S3 buckets you need
B. The total size in gigabytes of all objects being stored
C. Storage class being used or picked to store objects

Answer 19

B. The total size in gigabytes of all objects being stored
C. Storage class being used or picked to store objects

Question 20

You have a distributed application that sometimes processes large volumes of data. The application is designed to recover gracefully if any EC2 instance fails. Your task is to process the large volumes of data in the most cost-effective way. What instance type will work best and be the most cost-effective?

A. Spot
B. Reserved Instances
D. On demand

Answer 20

A. Spot

Question 21

What tool is best for forecasting your AWS spending?

A. TCO Calculator
B. AWS Cost Explorer

Answer 21

B. AWS Cost Explorer

Question 22

What can be attached to an EC2 instance to store data?
A. Glacier
B. EBS Volume
C.EBS Snapshot

Answer 22

B. EBS Volume

Question 23

What helps you aggregate your logs from your EC2 instance?
A. CloudTrail
B. CloudWatch Logs
C. S3

Answer 23

B. Cloudwatch Logs

Question 24

Which of the following statements correctly describes the concept of Auto Scaling?

A. To Scale out resources based on demand
B. To distribute traffic to EC2 Instances
C. To increase the size of the EC2 instance based on demand

Answer 24

A. TO scale out resources based on demand

Question 25

You have a dedicated web servers and database that remains largely idle but sometimes has huge spikes in activity. What can you architect to improve your cost-efficiency?

A. Use an ELB bewteen your server and database
B. Configure server less architecture like Lambda
C. Migrate the web servers to EC2 spot

Answer 25

B. Use aws lambda

Question 26

You have an EC2 instance in your environment that needs access to a DynamoDB table. What option below gives your EC2 instance access to the DynamoDB table?

A. Use your KMS Key
D. Use an IAM Group
C. Use an IAM Role

Answer 26

C. Use an IAM Role.

Assign an IAM role to the EC2 instance for access to DynamoDB

Question 27

You receive an alert about an issue between an application and the database servers. What should you check to ensure communication is working?

A. Security group rules
B. AWS IAM Roles

Answer 27

B. Security Groups

Question 28

According to the AWS Shared Responsibility Model, what is AWS responsible for when you create a security group?

A. Making sure the security groups are linked to the Elastic Network Interface (ENI) of the EC2 instance
B. Defining Outbound Rules
C. Defining Inbound Rules
D. Making sure the security group rules are applied immediately

Answer 28

A. Making sure the security groups are linked to the Elastic Network Interface (ENI) of the EC2 instance

D. Making sure the security group rules are applied immediately

Question 29

You were asked to architect a solution for a new two-tier web application for your AWS environment. Your new web application is working and is gaining popularity, and you have now been tasked with a new requirement: to store the most frequently used data for low latency for quicker responses. What AWS service would you use to meet the requirements?

A. Elasticache
B. RDS with Multiple AZ

Answer 29

Elasticache

Question 30

You need to deploy a specific software configuration that you currently have on one EC2 instance in your environment to hundreds of other EC2 instances in your environment. Which AWS service is best suited for this implementation and would be most efficient at automating the replication and deployment?

A. AWS Cloudwatch
B. AWS OpsWorks
C. Auto Scaling

Answer 30

C. AWS Opsworks

Question 31

What is NACL?

Answer 31

Network access control list