Practice Questions Flashcards
You work in the security industry for a large consultancy. A new customer of yours runs a production environment in AWS and they require a log of all API calls made to their Elastic Load Balancer. How can you achieve this?
Enable Cloud Trail on the ELB
True or False: Amazon will always have root level SSH access in to your EC2 instances.
False
You have a static HTML website that requires inexpensive, highly available hosting solution that scales automatically to meet traffic demands. Which AWS service would best suit this requirement?
S3 Static Website Hosting
True or False: You should expect the same latency and throughput performance as Amazon S3 Standard when using Standard - IA.
True
You have a website that allows users in third world countries to store their important documents safely and securely online. Internet connectivity in these countries is unreliable, so you implement multipart uploads to improve the success rate of uploading files. This works well, however you notice that when an object is not uploaded successfully, incomplete parts of that object are still being stored in S3 and you are still being charged for those objects. What S3 service can you implement to expire incomplete multipart uploads?
S3 Lifecycle Policies
What is the durability of S3 - IA?
99.999999999% (Eleven 9’s).
What is the minimum time interval granularity for the data that Amazon CloudWatch receives and aggregates?
1 Minute
True or False: S3 does not support website redirects.
False
You need to automatically migrate objects from one S3 storage class to another based on the age of the data. What S3 service can you use to achieve this?
Lifecycle Management
You work for an electric car company that has its front end website on EC2. Company policy dictates that you must retain a history of all EC2 API calls made on your account for security analysis and operational troubleshooting purposes. What AWS service can assist you with this?
CloudTrail
True or False: An Amazon Cluster Placement Group can be stretched across multiple availability zones?”
False - a placement group can only exist within 1 availability zone.
Your three AWS accounts (A, B and C) share data. In an attempt to maximize performance between the accounts, you place all the instances for these accounts in ‘eu-west-1b’. During testing, you find almost no transfer latency between accounts A and B, but significant latency between accounts B and C, and accounts C and A. Which of the following possibilities is the most likely source of the problem?
The names of the AZs are randomly applied, so ‘eu-west-1b’ is not the same location for all three accounts.
True or False: You can use S3 Transfer Acceleration with multipart uploads.
TRUE, You can use S3 Transfer Acceleration with multipart uploads.
You have built an online dating application that allows users to send and receive photos as they court each other. You need to secure this data and you need to implement server-side encryption to protect this data. You decide that you want server-side encryption provided by Amazon. You will also need to have an audit trail so you can see who used your key to access which object and when, as well as view failed attempts to access data from users without permission to decrypt the data. What out of the box Amazon solution would enable you to achieve this?
SSE-KMS - AWS KMS provides an audit trail so you can see who used your key to access which object and when, as well as view failed attempts to access data from users without permission to decrypt the data.
Which of the following is NOT a valid EC2 instance type? - D2, C4, M3, Z2
D2, C4, M3 are all valid EC2 instances. https://aws.amazon.com/ec2/instance-types/
You work for a large insurance company that has issued 10,000 insurance policies. These policies are stored as PDFs. You need these policies to be highly available and company policy says that the data must be able to survive the simultaneous loss of two facilities. What storage solution should you use?
Your best solution would be to use S3, which redundantly stores multiple copies of your data in multiple facilities and on multiple devices within each facility.
ou are a solutions architect working for a company that conducts surveys on specific industries. Each industry that you survey has its own EC2 fleet, separate from those of other industries. Company policy dictates that you should keep costs to a minimum, using only 1 load balancer, if possible. What type of load balancer should you use to suit this requirement?
You need an application-aware load balancer, so your best option would be to use an Application Load Balancer.
In the future, you will need to preserve, restore, and retrieve every version of every file that you have stored in AWS. Which service should you use?
ersioning allows you to preserve, retrieve, and restore every version of every object stored in an Amazon S3 bucket.
You need to restore an object from Glacier. What 2 ways can you accomplish this?
Because Amazon S3 maintains the mapping between your user-defined object name and Amazon Glacier’s system-defined identifier, Amazon S3 objects that are stored using the Amazon Glacier option are only accessible through the Amazon S3 APIs or the Amazon S3 Management Console.
What is the Uptime SLA for Amazon EC2 and EBS within a given region?
Amazon’s SLA guarantees a Monthly Uptime Percentage of at least 99.95% for Amazon EC2 and Amazon EBS within a Region.
What is the minimum object size for S3 - IA?
Standard - IA is designed for larger objects and has a minimum object size of 128KB. Objects smaller than 128KB in size will incur storage charges as if the object were 128KB.
You have designed an application that stores large videos in S3. These videos are usually larger than 100Mb in size. You need to maximize upload performance. Select two answers that will achieve this end.
Multipart Upload is recommended for files greater than 100 Mb, and is required for files 5 GB or larger. S3 Transfer Accelearation is especially useful in cases where your bucket resides in a Region other than the one in which the file transfer was originated.
You have an application that uses S3 to store objects. Company policy dictates that certain objects (such as JPGs and PDF’s) must be replicated to another region for redundancy. However, some objects (such as Word files) can stay in a single region. Company policy also dictates that you should use as few buckets as possible. How should you architect this solution?
You can use just one bucket and enable CRR on just a subset of uploaded objects (such as JPGs and PDF’s) by using specifying prefixes.
You back the files that exist on an in-house SAN to S3. You need to minimize cost, however company policy states that objects must be instantly accessible. What S3 storage class should you use?
The best solutions for instant access, but lowest cost would be S3 - Infrequently Accessed storage.