Quiz Challenge 2

Question 1

Although your application customarily runs at 30% usage, you have identified a recurring usage spike (>90%) between 8pm and midnight daily. What is the most cost-effective way to scale your application to meet this increased need?

Answer 1

Use scheduled scaling to boost your capacity at fixed intervals.

Question 2

You have been asked to identify a service on AWS that is a durable object storage. Which of the services below meets this definition?

Answer 2

S3 - Simple Storage Services

Question 3

You have been asked to decouple an application by utilizing SQS. The application dictates that messages on the queue CAN be delivered more than once, but must be delivered in the order they have arrived while reducing the number of empty responses. Which of the following options are most suitable?

Answer 3

Configure a FIFO SQS queue and enable long polling

Question 4

You are building a NAT Instance in an m3.medium using the AWS Linux2 distro with amazon-linux-extras installed. Which of the following do you need to set

Answer 4

Ensure that “Source/Destination Checks” is disabled on the NAT instance

Question 5

You need to add a route to your routing table that will allow connections to the internet from your subnet. Which of the following routes should you add?

Answer 5

Destination: 0.0.0.0/0 –> Target: your Internet gateway

Question 6

You are reviewing Change Control requests, and you note that there is a change designed to reduce costs by updating the Amazon SQS “WaitTimeSeconds” attribute. What does this mean?

Answer 6

When the consumer instance polls for new work, the SQS service will allow it to wait a certain time for one or more messages to be available before closing the connection.

Question 7

You are reviewing Change Control requests and you note that there is a proposed change designed to reduce errors due to SQS Eventual Consistency by updating the “DelaySeconds” attribute. What does this mean?

Answer 7

When a new message is added to the SQS queue, it will be hidden from consumer instances for a fixed period.

Question 8

What data formats are used to create CloudFormation templates?

Answer 8

JSON and YAML

Question 9

AWS intends to shut down your spot instance; which of these scenarios is possible?

Answer 9

1. AWS sends a notification of termination and you receive it 120 seconds before the intended forced shutdown.
2. AWS sends a notification of termination and you receive it 120 seconds before the forced shutdown, but the defined duration period (also known as Spot blocks) hasn’t ended yet.
3. AWS sends a notification of termination, but you do not receive it within the 120 seconds and the instance is shutdown.

Question 10

To save money, you quickly stored some data in one of the attached volumes of an EC2 instance and stopped it for the weekend. When you returned on Monday and restarted your instance, you discovered that your data was gone. Why might that be?

Answer 10

1. The volume was ephemeral, block-level storage.
2. Data on an instance store volume is lost if an instance is stopped.

Question 11

You have launched a NAT instance into a public subnet, and you have configured all relevant security groups, network ACLs, and routing policies to allow this NAT to function. However, EC2 instances in the private subnet still cannot communicate out to the internet. What troubleshooting steps should you take to resolve this issue?

Answer 11

Disable the Source/Destination Check on your NAT instance.

Question 12

You’ve been commissioned to develop a high-availability application with a stateless web tier. Identify the most cost-effective means of reaching this end.

Answer 12

1. Use an Elastic Load Balancer, a multi-AZ deployment of an Auto-Scaling group of EC2 Spot instances (primary) running in tandem with an Auto-Scaling group of EC2 On-Demand instances (secondary), and DynamoDB.
2. With proper scripting and scaling policies, running EC2 On-Demand instances behind the Spot instances will deliver the most cost-effective solution because On-Demand instances will only spin up if the Spot instances are not available.
3. DynamoDB lends itself to supporting stateless web/app installations better than RDS .

Question 13

You manage a Ruby on Rails messaging application that lives on a cluster of EC2 instances. Your website occasionally experiences brief, strong, and entirely unpredictable spikes in traffic that overwhelm your EC2 instances’ resources and freeze the application. As a result, you’re losing recently submitted messages from end-users. You use Auto Scaling to deploy additional resources to handle the load during spikes, but the new instances don’t spin-up fast enough to prevent the existing application servers from freezing. Which of the following will provide the most cost-effective solution in preventing the loss of recently submitted messages?

Answer 13

Use Amazon SQS to decouple the application components and keep the messages in queue until the extra Auto-Scaling instances are available.

Question 14

You work for a busy real estate company, and you need to protect your data stored on S3 from accidental deletion. Which of the following actions might you take to achieve this?

Answer 14

1. Enable versioning on the bucket.
2. If a file is accidentally deleted, delete the delete marker.
3. Configure MFA-protected API access.

Question 15

You have created a VPC that contains two EC2 instances in different availability zones. Both are running web servers, hosting the same content. These web servers will be accessible via the internet. Which of the following DNS configurations could you consider?

Answer 15

1. Set up an Application Load Balancer and place your instances behind this ELB.
2. Configure a Route 53 Alias record to point to the resource of the Application Load Balancer.
3. Assign each EC2 instance with an Elastic IP Address.
4. Configure a Route 53 “A” multi-value record with both EIP’s and health checks.

Question 16

You are a student currently learning about the different AWS services. Your employer asks you to tell him a bit about Amazon’s Glacier service. Which of the following best describes the use cases for Glacier?

Answer 16

Infrequently accessed data and data archives.

Question 17

You have been engaged by a company to design and lead the migration to an AWS environment. An argument has broken out about how to meet future Backup & Archive requirements and how to transition. The Security Manager and CTO are concerned about backup continuity and the ability to continue to access old tape archives. The Senior engineer is adamant that there is no way to retain the old backup solution in the AWS environment, and that they will lose access to all the current archives. What information can you share that will satisfy both parties in a cost-effective manner?

Answer 17

1. Suggest that during transition, a second AWS Tape Gateway (VTL) solution could be commissioned in the customer’s new VPC and integrated with existing VTS.
2. At the same time, the existing Enterprise Backup Solution could be used to perform tape-to-tape copies to migrate the Archives from tape to VTL/VTS virtual tape.
3. Meet with both parties and brief them on the AWS Tape Gateway (VTL) solution.
4. Explain that it can initially be installed in the on-premises environment utilizing the existing enterprise backup product to start the transition without losing access to the existing backups and archives.
5. Over the duration of the migration, most (if not all) the backup cycles will be replaced by the new VTL & VTS tapes.

Question 18

Which of the following services should you provision in multiple availability zones in order to achieve high availability?

Answer 18

1. RDS and EC2 - S3, SQS & DynamoDB are already built in a fault tolerant fashion, you do not need to provision these services across multiple availability zones.
2. Therefore the correct answers are RDS and EC2

Question 19

You are reviewing Change Control requests, and you note that there is a change designed to reduce wasted CPU cycles by increasing the value of your Amazon SQS “VisibilityTimeout” attribute. What does this mean?

Answer 19

When a consumer instance retrieves a message, that message will be hidden from other consumer instances for a fixed period.

Question 20

With EBS, I can ____.

Answer 20

1. Create an encrypted volume from a snapshot of another encrypted volume.
2. Create an encrypted snapshot from an unencrypted snapshot by creating an encrypted copy of the unencrypted snapshot.

Question 21

By default, all EC2 instances are monitored by CloudWatch. Using the default settings, how many minutes elapse between when metrics are sent to CloudWatch? Using the detailed option, how many minutes would elapse between metrics being sent to CloudWatch?

Answer 21

1. 5 minutes, 1 minute - Using the default settings metrics are sent every 5 minutes to CloudWatch.
2. Using the detailed settings, metrics are then sent every 1 minute.

Question 22

You are a solutions architect working for a cosmetics company. Your company has a busy Magento online store that consists of a two-tier architecture. The web servers are on EC2 instances deployed across multiple AZs, and the database is on a Multi-AZ RDS MySQL database instance. Your store is having a Black Friday sale in five days, and having reviewed the performance for the last sale you expect the site to start running very slowly during the peak load. You investigate and you determine that the database was struggling to keep up with the number of reads that the store was generating. Which solution would you implement to improve the application read performance the most?

Answer 22

Add an RDS Read Replica in each AZ.

Question 23

Amazon ElastiCache can fulfill a number of roles. Choose the operations from the following list which can be implemented using ElastiCache for Redis.

Answer 23

Pub/Sub In-Memory Data Store Sorted Sets

Question 24

You have been asked to deploy an application on a small number of EC2 instances. The application must be placed across multiple Availability Zones and should also minimize the chance of underlying hardware failure. Which of the following options would provide this solution?

Answer 24

Deploy the EC2 Servers in a Spread Placement Group.

Question 25

Amazon SQS keeps track of all tasks and events in an application.

Answer 25

FALSE

Amazon SWF (not Amazon SQS) keeps track of all tasks and events in an application. Amazon SQS requires you to implement your own application-level tracking, especially if your application uses multiple queues.

Question 26

Select all the true statements on S3 URL styles:

Answer 26

1. Path-Style URLs (such as https://s3.Region.amazonaws.com/bucket-name/key name) are supported by AWS.
2. Virtual-host-style URLs (such as: https://bucket-name.s3.Region.amazonaws.com/key name) are supported by AWS.

Question 27

You need to store some easily re-creatable objects on S3. With rapid access times and cost-effectiveness in mind, which S3 storage class should you consider?

Answer 27

S3 One Zone-IA - S3 One Zone-IA is for data that is accessed less frequently, but requires rapid access when needed.

Question 28

You have been engaged by a company to design and lead a migration to an AWS environment. The team is concerned about the capabilities of the new environment, especially when it comes to high availability and cost-effectiveness. The design calls for about 20 instances (c3.2xlarge) pulling jobs/messages from SQS. Network traffic per instance is estimated to be around 500 Mbps at the beginning and end of each job. Which configuration should you plan on deploying?

Answer 28

1. Spread the Instances over multiple AZs to minimize the traffic concentration and maximize fault-tolerance.
2. Wherever possible, use simple solutions such as spreading the load out rather than expensive high tech solutions.

Question 29

Your Security Manager has hired a security contractor to audit your network and firewall configurations. The consultant doesn’t have access to an AWS account. You need to provide the required access for the auditing tasks, and answer a question about login details for the firewall appliance. Which of the following might you do?

Answer 29

1. Create an IAM User with a policy that can Read Security Group and NACL settings.
2. Explain that AWS implements network security differently and that there is no such thing as a Firewall appliance.
3. Security Groups and NACLs are used instead.

Question 30

How long can a message be retained in an SQS Queue?

Answer 30

14 days

Question 31

When coding a routine to upload to S3, you have the option of using either single part upload or multipart upload. Identify all the possible reasons below to use Multipart upload.

Answer 31

1. Multipart upload delivers the ability to pause and resume object uploads.
2. Multipart upload delivers improved throughput Multipart upload delivers quick recovery from network issues Multipart upload delivers the ability to begin an upload before you know the final object size.

Question 32

Following advice from your consultant, you have configured your VPC to use dedicated hosting tenancy. Your VPC has an Amazon EC2 Auto Scaling designed to launch or terminate Amazon EC2 instances on a regular basis, in order to meet workload demands. A subsequent change to your application has rendered the performance gains from dedicated tenancy superfluous, and you would now like to recoup some of these greater costs. How do you revert your instance tenancy attribute of a VPC to default for new launched EC2 instances?​

Answer 32

Modify the instance tenancy attribute of your VPC from dedicated to default using the AWS CLI, an AWS SDK, or the Amazon EC2 API.

Question 33

How many internet gateways can I attach to my custom VPC?

Answer 33

1

Question 34

Your AWS environment contains several on-demand Amazon EBS-backed EC2 instances dedicated to a project that has just been cancelled. Your supervisor does not want to incur charges for these on-demand instances, but also does not want to lose the data on the root volume just yet because there is a chance the project may be revived in the next few days. What should you do to minimize charges for these instances in the meantime?

Answer 34

Stop the instances.

Question 35

You need a storage service that delivers the lowest-latency access to data for a database running on a single EC2 instance. Which of the following AWS storage services is suitable for this use case?

Answer 35

Amazon EBS

1. Amazon EBS is a block level storage service for use with Amazon EC2.
2. Amazon EBS can deliver performance for workloads that require the lowest-latency access to data from a single EC2 instance.

Question 36

You run an automobile reselling company that has a popular online store on AWS. The application sits behind an Auto Scaling group and requires new instances of the Auto Scaling group to identify their public and private IP addresses. How can you achieve this?

Answer 36

Using a Curl or Get Command to get the latest meta-data from http://169.254.169.254/latest/meta-data/

Question 37

Amazon Web Services offers 4 different levels of support. Which of the following are valid support levels?

Answer 37

Enterprise Business Developer

Question 38

You are a security architect working for a large antivirus company. The production environment has recently been moved to AWS and is in a public subnet. You are able to view the production environment over HTTP. However, when your customers try to update their virus definition files over a custom port, that port is blocked. You log in to the console and you allow traffic in over the custom port. How long will this take to take effect?

Answer 38

Immediately

Question 39

Which native AWS service will act as a file system mounted on an S3 bucket?

Answer 39

File Gateway

A file gateway supports a file interface into Amazon Simple Storage Service (Amazon S3) and combines a service and a virtual software appliance

Question 40

DynamoDB has many use cases. Which of the following are legitimate use cases for DynamoDB?

Answer 40

Storing JSON Storing the metadata of BLOB data stored in S3 Storing web session data

Question 41

You need to restrict access to an S3 bucket. Which of the following methods can you use to do so?

Answer 41

Access Control Lists for S3 (permissions) S3 Bucket policies

Question 42

You are a solutions architect working for an oil and gas company. They are moving their production environment to AWS and need a custom VPC into which to put it. You have been asked to create a public subnet. You create the VPC with a subnet bearing the CIDR address range of 10.0.1.0/24. Which of the following steps should you take to make this subnet public?

Answer 42

Attach and Internet Gateway to the VPC Create a route in the route table associated with the subnet allowing a route to the internet gateway

Question 43

Your company likes the idea of storing files on AWS. However, low-latency service of the last few days of files is important to customer service. Which Storage Gateway configuration would you use to achieve both of these ends?

Answer 43

File Gateway Volume Gateway-Cached volumes