Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Associate Developer Exam > Section: 9: Amazon S3 Introduction > Flashcards

Section: 9: Amazon S3 Introduction Flashcards

1
Q

You’re trying to upload a 25 GB file on S3 and it’s not working
A) The file size limit on S3 is 5GB
B) The service must be down
C) You should use Multi Part Upload when your file is bigger than 5GB

A

C) You should use Multi Part Upload when your file is bigger than 5GB

Multi Part Upload is also recommended as soon as the file is over 100MB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

I tried creating an S3 bucket named “dev” but it didn’t work. This is a new AWS Account and I have no buckets at all. What is the cause?
A) I’m missing IAM permissions to create a bucket
B) Bucket names must be globally unique and “dev” is already taken

A

B) Bucket names must be globally unique and “dev” is already taken

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q 
You've added files in your bucket and then enabled versioning. The files you've already added will have which version?
A) 1
B) 0
C) -1
D) null
A

D) null

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
Your client wants to make sure the encryption is happening in S3, but wants to fully manage the encryption keys and never store them in AWS. You recommend
A) SSE-S3
B) SSE-KMS
C) SSE-C
D) Client Side Encryption
A

C) SSE-C

Here you have full control over the encryption keys, and let AWS do the encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
Your company wants data to be encrypted in S3, and maintain control of the rotation policy for the encryption keys, but not know the encryption keys values. You recommend
A) SSE-S3
B) SSE-KMS
C) SSE-C
D) Client Side Encryption
A

B) SSE-KMS

With SSE-KMS you let AWS manage the encryption keys but you have full control of the key rotation policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
Your company does not trust S3 for encryption and wants it to happen on the application. You recommend
A) SSE-S3
B) SSE-KMS
C) SSE-C
D) Client Side Encryption
A

D) Client Side Encryption

With Client Side Encryption you perform the encryption yourself and send the encrypted data to AWS directly. AWS does not know your encryption keys and cannot decrypt your data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The bucket policy allows our users to read/write files in the bucket, yet we were not able to perform a PutObject API call.
A) The bucket policy must be wrong
B) The IAM user must have an explicit DENY in the attached IAM policy
C) You need to contact AWS Support to lift this limit

A

B) The IAM user must have an explicit DENY in the attached IAM policy

Explicit DENY in an IAM policy will take precedence over a bucket policy permiss

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
You have a website that loads files from another S3 bucket. When you try the URL of the files directly in your Chrome browser it works, but when the website you're visiting tries to load these files it doesn't. What's the problem?
A) The Bucket policy is wrong
B) The IAM policy is wrong
C) CORS is wrong
D) Encryption is wrong
A

C) CORS is wrong

Cross-origin resource sharing (CORS) defines a way for client web applications that are loaded in one domain to interact with resources in a different domain. To learn more about CORS, go here: https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Associate Developer Exam (25 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions