Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Solutions Architect Associate > Storage > Flashcards

Storage Flashcards

1
Q

What is s3?

A

Simple, storage, service. Store and retrieve any amount of data from anywhere on the web. A safe place to store your files. Object-based storage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a universal name-space?

A

names must be unique globally, because it is using a web URL.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What code do you receive back if a file upload to s3 is successful?

A

HTTP 200 code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the key when referring to s3?

A

Simply the name of the file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the value when referring to s3 key?

A

The sequence of bytes that is the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is versioning in s3?

A

Versioning is a means of keeping multiple variants of an object in the same bucket. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does Read after Writes consistency for PUTS of new objects mean?

A

As soon as the file is uploaded it is available for reading immediately.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does eventual consistency for overwrite PUTS and DELETES mean?

A

This means that after a file is updated, there is an eventual consistency for availability. Roughly, 1 second.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are some s3 features that add value to the service?

Hint: TEL VMS

A
  1. tiered storage
  2. encryption
  3. lifecycle management
  4. versioning
  5. MFA for deletes
  6. secure data using access control lists / bucket policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is s3 standard?

A

99.9999999% availability. Stored redundantly across multiple devices in multiple facilities. Designed to sustain the loss of 2 facilities concurrently.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is s3 IA?

A

IA - infrequently accessed.

You don’t use the data regularly. Lower fee, but charges retrieval fee.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is s3 one zone IA?

A

When you want a lower access fee and don’t require multiple availability zone tiering.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is s3 intelligent tiering?

A

designed to optimize costs by using machine learning to figure out which files will going into which type of tiering.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is glacier?

A

Glacier is for data archiving. Store any amount of data, and it is super cheap.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is glacier deep archive?

A

For data that is rarely needed quickly. For slower access to data, usually in the magnitude of hours.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are features that you are charged for in s3?

A
  1. Storage
  2. Requests
  3. Storage management pricing
  4. Data Transfer pricing
  5. Transfer acceleration
  6. Cross-region replication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is cross-region replication?

A

As soon as you upload into a bucket, the bucket that is in a different region will have the file in there as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is RRS in s3?

A

S3 one zone IA but an older version of it. It is getting phased it out.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What make up the costs of s3?

A

Storage

Requests and Data Retrievals

Data Transfer

Management & Replication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is encryption in transit, namely in domain addresses? And what type is used in s3?

A

https. ssl/tls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is encryption at rest? What are the various options here?

A

Two different ways:

server side - amzn encrypts for you

  • s3 managed keys - sse s3 - amzn provides the keys, you don’t have worry about it at all
  • aws key management service - sse-kms - managed keys where you work together to create the keys
  • server side encryption with customer provided keys - sse - c - where you provide amazon with the keys to encrypt the data

client side - you encrypt and upload to s3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How can you turn off versioning for a bucket with versioning currently turned on?

A

You can’t.

Once enabled, versioning can not disabled. In order to turn it off for a bucket, you must delete the bucket and create a new one.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What happens to the properties of the file when a new version is uploaded?

A

Inherits the properties of the bucket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What happens to an object when you delete it in a versioned bucket?

A

A delete marker is placed on that version.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

How can you delete an object in a versioned bucket?

A

You must delete the file while the versions are on show.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Overall all qualities of the versioning of an s3 bucket? List 5

A
  1. Stores all versions of an object (including all writes and even if you delete an object
  2. Great backup tool
  3. Once enabled, Versioning cannot be disabled, only suspended
  4. Integrates with LifeCycle rules
  5. Versioning MFA Delete Capability can be used to prove an additional layer of security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is LifeCycle? List 2.

A
  1. Allows for the moving of objects to different tiers of storage
  2. Can be used in conjunction with Versioning
  3. Can be applied to current versions and previous versions as well
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is AWS Organizations?

A

Account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

List 4 best practices when using AWS Organizations?

A
  1. Always enable MFA on root account
  2. Always use a strong and complex password on root account
  3. Paying account should be used for billing services only. Do not deploy resources into the paying account.
  4. Enable/Disable aws services using service control processes (SCP) either on OU or on individual accounts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What are 3 ways to share s3 across accounts?

A
  1. Using bucket policies & IAM (applies across the entire bucket) - programmatic access only
  2. Using bucket ACLs & IAM (individual objects) - programmatic access only
  3. Cross-account IAM roles - programmatic AND console access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

True or False. Cross-region replication of a bucket does not need versioning enabled.

A

False. Cross-region replication requires bucket versioning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Does turning on cross region replication provide access to files that are already in the bucket being replicated?

A

No, it is only for files moving forward.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

True or False. Delete markers are replicated across buckets as this is the point of the replication bucket. As are deleting the file.

A

False. Delete markers are intentionally not replicated across. Nor is the deletion of a file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What is s3 transfer acceleration?

A

A service that utilizes the CloudFront edge network to accelerate your uploads to s3. Instead of uploading directly to S3 bucket, you use a distinct URL to upload to an edge location which will then transfer that file to s3.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What is CloudFront?

A

A content delivery network (CDN) that is a system of distributed servers that deliver webpages and other web content to a user based on the geographic locations of the user, the origin of the webpage, and a content delivery server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What are the two different types of CloudFront distributions?

A
  1. Web distribution
  2. RTMP - used for media streaming
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

True or False. Edge locations are read only.

A

False. You can write to them as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

How long are objects cached for when using CloudFront? Can you clear cached objects? Any strings attached to doing that?

A

They are cached for the life of TTL (time to live). You can clear cached objects but you will be charged.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Can you filter data from being pushed to an edge location?

A

Yes, by using the invalidate data tab. This comes at an extra charge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

How do you access the CloudFront location?

A

Use the URL given + / + key name.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What is Snowball?

A

Snowball comes in either 50 or 80 TB sizes. A petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud. Using Snowball addresses common challenges with large-scale data transfers including high network costs, long transfer times, and security concerns

42
Q

What is snowbell edge?

A

Portable version of AWS. It’s a bin that you can carry around that has AWS for on prem. Might be discontinued.

43
Q

What is Snowmobile?

A

45 ft shipping container that is used to moving massive amounts of data to the cloud

44
Q

What is Storage Gateway?

A

A service that connects an on-premise software appliance with cloud-based storage to provide seamless and secure integration between an organizations on-prem IT environment and AWS storage infrastructure

45
Q

What are 3 different types of Storage Gateway?

A
  1. File Gateway
  2. Volume Gateway
  3. Tape Gateway
46
Q

What is Athena?

A

Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run

47
Q

What is Macie?

A

Security service that uses Machine Learning & NLP to discover, classify and protect sensitive data stored in s3. Can be used to analyze CloudTrail logs as well. Includes Dashboard, Reports and Alerting.

48
Q

What is a File Gateway?

A

File Gateway is files stored as objects in s3 buckets.

49
Q

What is Volume Gateway?

A

Volume Gateway - presents applications with iSCSI block protocol

  • stored volumes - let you store primary data locally and asynchronously backed up to S3. Entire dataset stored on onside
  • cached volumes - let you use s3 as primary data storage while retaining frequently accessed data locally in your storage gateway. Only the dataset that is most frequently used cached on site
50
Q

What is tape gateway?

A

Tape Gateway - a durable cost-effective solution to archive your data in the AWS Cloud. It allows you to get rid of your tape storage.

51
Q

What is stored volumes in reference to volume gateway?

A

Stored volumes let you store primary data locally and asynchronously backed up to S3

52
Q

What are cached volumes in Volume Gateway?

A

Cached volumes let you use s3 as primary data storage while retaining frequently accessed data locally in your storage gateway. Only the dataset that is most frequently used cached on site.

53
Q

What is iSCSI? What does volume gateways have to do with it?

A

Internet Small Computer System Interface. Volume gateways provides cloud-backed storage volumes that you can mount as Internet Small Computer System Interface (iSCSI) devices from your on-premises application servers.

54
Q

You work for a major news network in Europe. They have just released a new mobile app that allows users to post their photos of newsworthy events in real-time, which are then reviewed by your editors before being copied to your website and made public. Your organization expects this app to grow very quickly, essentially doubling its user base each month. The app uses S3 to store the images, and you are expecting sudden and sizable increases in traffic to S3 when a major news event takes place (as users will be uploading large amounts of content.) You need to keep your storage costs to a minimum, and it does not matter if some objects are lost. With these factors in mind, which storage media should you use to keep costs as low as possible?

A

The key driver here is cost, so an awareness of cost is necessary to answer this. Full S3 is quite expensive at around $0.023 per GB for the lowest band. S3 standard IA is $0.0125 per GB, S3 One-Zone-IA is $0.01 per GB, and Legacy S3-RRS is around $0.024 per GB for the lowest band. Of the offered solutions SS3 One-Zone-IA is the cheapest suitable option. Glacier cannot be considered as it is not intended for direct access, however it comes in at around $0.004 per GB. Of course you spotted that RRS is being deprecated, and there is no such thing as S3 – Provisioned IOPS. In this case OneZone

55
Q

How many S3 buckets can I have per account by default?

A

100

56
Q

What is the minimum size file that an S3 bucket can have?

A

0 KB.

57
Q

S3 has eventual consistency for which HTTP Methods?

A

Overwrite PUTS and DELETES

58
Q

One of your users is trying to upload a 7.5GB file to S3. However, they keep getting the following error message: “Your proposed upload exceeds the maximum allowed object size.”. What solution to this problem does AWS recommend?

A

Design your application to use the multipart upload API for all objects

59
Q

What are the four different URL styles to access content in S3?

A
  • Virtual Hosted Style URL
    • Virtual style puts your bucket name 1st, s3 2nd, and the region 3rd.
  • Path-Style Access URL
    • Path style puts s3 1st and your bucket as a sub domain
  • Static web site URL
    • S3 static hosting can be your own domain or your bucket name 1st, s3-website 2nd, followed by the region
  • Legacy Global Endpoint URL
    • Legacy Global endpoint has no region
60
Q

Which of these represents a correct formatting of the Virtual Hosted Style URL style?

  • https://s3.Region.amazonaws.com/bucket-name/key name
  • https://bucket-name.s3.Region.amazonaws.com/key name
A

https://bucket-name.s3.Region.amazonaws.com/key name

Virtual style puts your bucket name 1st, s3 2nd, and the region 3rd.

61
Q

True or False. Amazon S3 is not a storage layer that can be mounted and accessed concurrently.

A

True.

62
Q

True or False. Amazon S3 notification feature enables you to receive notifications when certain events happen in your bucket. To enable notifications, you must first add a notification configuration that identifies the events you want Amazon S3 to publish and the destinations where you want Amazon S3 to send the notifications. You store this configuration in the notification subresource that is associated with a bucket.

A

True.

63
Q

True or False. S3 is an object store not a multi-master database.

A

True.

64
Q

True or False. EBS volumes are not single points of failure and can be shared with other instances.

A

False. EBS volumes are single points of failure which are not shared with other instances.

65
Q

True or False. EFS only supports Linux systems.

A

True.

66
Q

True or False. SQS queues have a maximum retention time of 15 days.

A

False, they have a maximum retention of 14 days.

67
Q

True or False. There is no such thing as EBS replication.

A

True.

68
Q

True or False. AWS DataSync can be used to move large amounts of data online between on-premises storage and Amazon S3 or Amazon Elastic File System (Amazon EFS). DataSync eliminates or automatically handles many of these tasks, including scripting copy jobs, scheduling and monitoring transfers, validating data, and optimizing network utilization. The source datastore can be Server Message Block (SMB) file servers.

A

True.

69
Q

A Solutions Architect is designing a workload that requires a high-performance object-based storage system that must be shared with multiple Amazon EC2 instances.

Which AWS service delivers these requirements?

  • Amazon S3
  • Amazon ElasticCache
  • Amazon EBS
  • Amazon EFS
A

Amazon S3.

Amazon S3 is an object-based storage system. Though object storage systems aren’t mounted and shared like filesystems or block based storage systems they can be shared by multiple instances as they allow concurrent access.

INCORRECT: “Amazon ElastiCache” is incorrect. Amazon ElastiCache is a database caching service.

INCORRECT: “Amazon EFS” is incorrect. Amazon EFS is file-based storage system it is not object-based.

INCORRECT: “Amazon EBS” is incorrect. Amazon EBS is a block-based storage system it is not object-based.

70
Q

A Solutions Architect is migrating a small relational database into AWS. The database will run on an EC2 instance and the DB size is around 500 GB. The database is infrequently used with small amounts of requests spread across the day. The DB is a low priority and the Architect needs to lower the cost of the solution.

What is the MOST cost-effective storage type?

  • Amazon EBS General Purpose SSD
  • Amazon EFS
  • Amazon EBS Throughput Optimized HDD
  • Amazon EBS Provisioned IOPS SSD
A

Amazon EBS Throughput Optimized HDD

Throughput Optimized HDD is the most cost-effective storage option and for a small DB with low traffic volumes it may be sufficient. Note that the volume must be at least 500 GB in size.

71
Q

A High Performance Computing (HPC) application needs storage that can provide 135,000 IOPS. The storage layer is replicated across all instances in a cluster.

What is the optimal storage solution that provides the required performance and is cost-effective?

  • Use Amazon Instance Store
  • Use Amazon EC2 Enahnaced Entworkign with an EBS HDD Throughput Optimzed Volume
  • Use Amazon EBS Provsione IOPS volume with 135,000 IOPS
  • Use Amazon S3 with byte-range fetch
A

Use Amazon Instance Store​.

Instance stores offer very high performance and low latency. As long as you can afford to lose an instance, i.e. you are replicating your data, these can be a good solution for high performance/low latency requirements. Also, the cost of instance stores is included in the instance charges so it can also be more cost-effective than EBS Provisioned IOPS.

INCORRECT: “Use Amazon EBS Provisioned IOPS volume with 135,000 IOPS” is incorrect. In the case of a HPC cluster that replicates data between nodes you don’t necessarily need a shared storage solution such as Amazon EBS Provisioned IOPS – this would also be a more expensive solution as the Instance Store is included in the cost of the HPC instance.

INCORRECT: “Use Amazon S3 with byte-range fetch” is incorrect. Amazon S3 is not a solution for this HPC application as in this case it will require block-based storage to provide the required IOPS.

INCORRECT: “Use Amazon EC2 Enhanced Networking with an EBS HDD Throughput Optimized volume” o\is incorrect. Enhanced networking provides higher bandwidth and lower latency and is implemented using an Elastic Network Adapter (ENA). However, using an ENA with an HDD Throughput Optimized volume is not recommended and the volume will not provide the performance required for this use case.

72
Q

An application runs on Amazon EC2 Linux instances. The application generates log files which are written using standard API calls. A storage solution is required that can be used to store the files indefinitely and must allow concurrent access to all files.

Which storage service meets these requirements and is the MOST cost-effective?

  • Amazon EFS
  • Amazon EBS
  • Amazon S3
  • Amazon EC2 Instance Store
A

Amazon S3

The application is writing the files using API calls which means it will be compatible with Amazon S3 which uses a REST API. S3 is a massively scalable key-based object store that is well-suited to allowing concurrent access to the files from many instances.

Amazon S3 will also be the most cost-effective choice. A rough calculation using the AWS pricing calculator shows the cost differences between 1TB of storage on EBS, EFS, and S3 Standard.

INCORRECT: “Amazon EFS” is incorrect as though this does offer concurrent access from many EC2 Linux instances, it is not the most cost-effective solution.

INCORRECT: “Amazon EBS” is incorrect. The Elastic Block Store (EBS) is not a good solution for concurrent access from many EC2 instances and is not the most cost-effective option either. EBS volumes are mounted to a single instance except when using multi-attach which is a new feature and has several constraints.

INCORRECT: “Amazon EC2 instance store” is incorrect as this is an ephemeral storage solution which means the data is lost when powered down. Therefore, this is not an option for long-term data storage.

73
Q

A high-performance file system is required for a financial modelling application. The data set will be stored on Amazon S3 and the storage solution must have seamless integration so objects can be accessed as files.

Which storage solution should be used?

  • Amazon Elastic Block Store (EBS)
  • Amazon Elastic File System (EFS)
  • Amazon FSx for Lustre
  • Amazon FSx for Windows File Server
A

CORRECT: “Amazon FSx for Lustre” is the correct answer.

Amazon FSx for Lustre provides a high-performance file system optimized for fast processing of workloads such as machine learning, high performance computing (HPC), video processing, financial modeling, and electronic design automation (EDA). Amazon FSx works natively with Amazon S3, letting you transparently access your S3 objects as files on Amazon FSx to run analyses for hours to months.

INCORRECT: “Amazon FSx for Windows File Server” is incorrect. Amazon FSx for Windows File Server provides a fully managed native Microsoft Windows file system so you can easily move your Windows-based applications that require shared file storage to AWS. This solution integrates with Windows file shares, not with Amazon S3.

INCORRECT: “Amazon Elastic File System (EFS)” is incorrect. EFS and EBS are not good use cases for this solution. Neither storage solution is capable of presenting Amazon S3 objects as files to the application.

INCORRECT: “Amazon Elastic Block Store (EBS)” is incorrect. EFS and EBS are not good use cases for this solution. Neither storage solution is capable of presenting Amazon S3 objects as files to the application.

74
Q

A new security mandate requires that all personnel data held in the cloud is encrypted at rest. Which two methods allow you to encrypt data stored in S3 buckets at rest cost-efficiently? (choose 2)

  • Use AWS S3 server-side encryption with Key Management Service keys or Customer-provided keys
  • Make use of AWS S3 bucket policies to control access to the data at rest
  • Encrypt the data at the source using the client’s CMK keys before transferring it to S3
  • Use CloudHSM
A

CORRECT: “Use AWS S3 server-side encryption with Key Management Service keys or Customer-provided keys” is the correct answer.

CORRECT: “Encrypt the data at the source using the client’s CMK keys before transferring it to S3” is the correct answer.

When using S3 encryption your data is always encrypted at rest and you can choose to use KMS managed keys or customer-provided keys. If you encrypt the data at the source and transfer it in an encrypted state it will also be encrypted in-transit.

With client side encryption data is encrypted on the client side and transferred in an encrypted state and with server-side encryption data is encrypted by S3 before it is written to disk (data is decrypted when it is downloaded).

INCORRECT: “Make use of AWS S3 bucket policies to control access to the data at rest” is incorrect. You can use bucket policies to control encryption of data that is uploaded but use of encryption is not stated in the answer given. Simply using bucket policies to control access to the data does not meet the security mandate that data must be encrypted.

INCORRECT: “Use CloudHSM” is incorrect. CloudHSM can be used to encrypt data but as a dedicated service it is charged on an hourly basis and is less cost-efficient compared to S3 encryption or encrypting the data at the source.

INCORRECT: “Use Multipart upload with SSL” is incorrect. Multipart upload helps with uploading large files but does not encrypt your data.

75
Q

A company is planning to migrate a large quantity of important data to Amazon S3. The data will be uploaded to a versioning enabled bucket in the us-west-1 Region. The solution needs to include replication of the data to another Region for disaster recovery purposes.

How should a solutions architect configure the replication?

  • Create an additional S3 bucket with versioning in another Region and configure cross-origin resource sharing (CORS)
  • Create an additional S3 bucket with versioning in another Region and configure cross-Region replication
  • Create an additional S3 bucket in another Region and configure cross-Region replication
  • Create an additional S3 bucket in another Region and configure cross-origin resource sharing (CORS)
A

CORRECT: “Create an additional S3 bucket with versioning in another Region and configure cross-Region replication” is the correct answer.

Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can copy objects between different AWS Regions or within the same Region. Both source and destination buckets must have versioning enabled.

INCORRECT: “Create an additional S3 bucket in another Region and configure cross-Region replication” is incorrect as the destination bucket must also have versioning enabled.

INCORRECT: “Create an additional S3 bucket in another Region and configure cross-origin resource sharing (CORS)” is incorrect as CORS is not related to replication.

INCORRECT: “Create an additional S3 bucket with versioning in another Region and configure cross-origin resource sharing (CORS)” is incorrect as CORS is not related to replication.

76
Q

A Solutions Architect is designing a solution to store and archive corporate documents, and has determined that Amazon Glacier is the right solution. Data must be delivered within 10 minutes of a retrieval request.

Which features in Amazon Glacier can help meet this requirement?

  • Bulk retrieval
  • Expedited retrieval
  • Standard retrieval
  • Vault Lock
A

CORRECT: “Expedited retrieval” is the correct answer.

You can specify one of the following when initiating a job to retrieve an archive based on your access time and cost requirements.

Expedited — Expedited retrievals allow you to quickly access your data when occasional urgent requests for a subset of archives are required. For all but the largest archives (250 MB+), data accessed using Expedited retrievals are typically made available within 1–5 minutes. Provisioned Capacity ensures that retrieval capacity for Expedited retrievals is available when you need it.

Standard — Standard retrievals allow you to access any of your archives within several hours. Standard retrievals typically complete within 3–5 hours. This is the default option for retrieval requests that do not specify the retrieval option.

Bulk — Bulk retrievals are S3 Glacier’s lowest-cost retrieval option, which you can use to retrieve large amounts, even petabytes, of data inexpensively in a day. Bulk retrievals typically complete within 5–12 hours.

INCORRECT: “Standard retrieval” is incorrect. Standard retrievals typically complete in 3-5 hours.

INCORRECT: “Bulk retrieval” is incorrect. Bulk retrievals allow cost-effective access to significant amounts of data in 5-12 hours.

INCORRECT: “Vault Lock” is incorrect. Vault Lock allows you to easily deploy and enforce compliance controls on individual Glacier vaults via a lockable policy (Vault Lock policy).

77
Q

A company is planning to use Amazon S3 to store documents uploaded by its customers. The images must be encrypted at rest in Amazon S3. The company does not want to spend time managing and rotating the keys, but it does want to control who can access those keys.

What should a solutions architect use to accomplish this?

  • Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS)
  • Server-Side Encryption with keys stored in an S3 bucket
  • Server-Side Encryption with Customer-Provided Keys (SSE-C)
  • Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)
A

CORRECT: “Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS)” is the correct answer.

SSE-KMS requires that AWS manage the data key but you manage the customer master key (CMK) in AWS KMS. You can choose a customer managed CMK or the AWS managed CMK for Amazon S3 in your account.

Customer managed CMKs are CMKs in your AWS account that you create, own, and manage. You have full control over these CMKs, including establishing and maintaining their key policies, IAM policies, and grants, enabling and disabling them, rotating their cryptographic material, adding tags, creating aliases that refer to the CMK, and scheduling the CMKs for deletion.

For this scenario, the solutions architect should use SSE-KMS with a customer managed CMK. That way KMS will manage the data key but the company can configure key policies defining who can access the keys.

INCORRECT: “Server-Side Encryption with keys stored in an S3 bucket” is incorrect as you cannot store your keys in a bucket with server-side encryption

INCORRECT: “Server-Side Encryption with Customer-Provided Keys (SSE-C)” is incorrect as the company does not want to manage the keys.

INCORRECT: “Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)” is incorrect as the company needs to manage access control for the keys which is not possible when they’re managed by Amazon.

78
Q

A Solutions Architect is designing a mobile application that will capture receipt images to track expenses. The Architect wants to store the images on Amazon S3. However, uploading the images through the web server will create too much traffic.

What is the MOST efficient method to store images from a mobile application on Amazon S3?

  • Expand the web server fleet with Spot instances to provide the resources to handle the images
  • Upload directly to S3 using a pre-signed URL
  • Upload to a second bucket, and have a Lambda event copy the image to the primary bucket
  • Upload to a separate Auto Scaling Group of server behind an ELB Classic Load Balancer, and have the server instances write to the Amazon S3 bucket
A

CORRECT: “Upload directly to S3 using a pre-signed URL” is the correct answer.

Uploading using a pre-signed URL allows you to upload the object without having any AWS security credentials/permissions. Pre-signed URLs can be generated programmatically and anyone who receives a valid pre-signed URL can then programmatically upload an object. This solution bypasses the web server avoiding any performance bottlenecks.

INCORRECT: “Expand the web server fleet with Spot instances to provide the resources to handle the images” is incorrect as this is not the most efficient solution.

INCORRECT: “Upload to a second bucket, and have a Lambda event copy the image to the primary bucket” is incorrect. Uploading to a second bucket (through the web server) does not solve the issue of the web server being the bottleneck.

INCORRECT: “Upload to a separate Auto Scaling Group of server behind an ELB Classic Load Balancer, and have the server instances write to the Amazon S3 bucket” is incorrect as this is not the most efficient solution.

79
Q

True or False. General Purpose SSD (gp2) volumes offer cost-effective storage that is ideal for a broad range of workloads. These volumes deliver single-digit millisecond latencies and the ability to burst to 3,000 IOPS for extended periods of time.

A

True.

80
Q

True or False. Between a minimum of 1000 IOPS (at 33.33 GiB and below) and a maximum of 16,000 IOPS (at 5,334 GiB and above), baseline performance scales linearly at 5 IOPS per GiB of volume size. AWS designs gp2 volumes to deliver its provisioned performance 99% of the time. A gp2 volume can range in size from 1 GiB to 16 TiB.

A

False. Between a minimum of 100 IOPS (at 33.33 GiB and below) and a maximum of 16,000 IOPS (at 5,334 GiB and above), baseline performance scales linearly at 3 IOPS per GiB of volume size. AWS designs gp2 volumes to deliver its provisioned performance 99% of the time. A gp2 volume can range in size from 1 GiB to 16 TiB.

81
Q

An Architect is designing a serverless application that will accept images uploaded by users from around the world. The application will make API calls to back-end services and save the session state data of the user to a database.

Which combination of services would provide a solution that is cost-effective while delivering the least latency?

  • Amazon CloudFront, API Gateway, Amazon S3, AWS Lambda, Amazon RDS
  • Amazon S3, API Gateway, AWS Lambda, Amazon RDS
  • Amazon CloudFront, API Gateway, Amazon S3, AWS Lambda, DynamoDB
  • API Gateway, Amazon S3, AWS Lambda, DynamoDB
A

CORRECT: “Amazon CloudFront, API Gateway, Amazon S3, AWS Lambda, DynamoDB” is the correct answer.

Amazon CloudFront caches content closer to users at Edge locations around the world. This is the lowest latency option for uploading content. API Gateway and AWS Lambda are present in all options. DynamoDB can be used for storing session state data. This is a 100% serverless application.

INCORRECT: “Amazon CloudFront, API Gateway, Amazon S3, AWS Lambda, Amazon RDS” is incorrect. Amazon RDS is not a serverless service so this option can be ruled out.

INCORRECT: “Amazon S3, API Gateway, AWS Lambda, Amazon RDS” is incorrect. Amazon S3 alone will not provide the least latency for users around the world unless you have many buckets in different regions and a way of directing users to the closest bucket (such as Route 3 latency based routing). However, you would then need to manage replicating the data.

INCORRECT: “API Gateway, Amazon S3, AWS Lambda, DynamoDB” is incorrect. This answer does not offer a front-end for users to upload content to.

82
Q

True or False. Amazon FSx for Lustre provides a high-performance file system optimized for fast processing of workloads such as machine learning, high-performance computing (HPC), video processing, financial modeling, and electronic design automation (EDA).

These workloads commonly require data to be presented via a fast and scalable file system interface, and typically have data sets stored on long-term data stores like Amazon S3.

A

True.

83
Q

True or False. Amazon FSx works natively with Amazon S3, making it easy to access your S3 data to run data processing workloads. Your S3 objects are presented as files in your file system, and you can write your results back to S3. This lets you run data processing workloads on FSx for Lustre and store your long-term data on S3 or on-premises data stores.

A

True.

84
Q

True or False. HDD are better for sequential access and SSD is better for random access.

A

True. Sequential access includes processing log files or big data workloads. It entails fewer read and write operations.

85
Q

True or False. EC2 Instance Stores are high-speed ephemeral storage that is physically attached to the EC2 instance. The i3.large instance type comes with a single 475GB NVMe SSD instance store. If the files are NOT temporary, it can be assumed that ephemeral storage (which means the data is lost when the instance is stopped) is sufficient.

A

False. EC2 Instance Stores are high-speed ephemeral storage that is physically attached to the EC2 instance. The i3.large instance type comes with a single 475GB NVMe SSD instance store. If the files are temporary, it can be assumed that ephemeral storage (which means the data is lost when the instance is stopped) is sufficient.

86
Q

True or False. Amazon EFS is a fully managed service that requires no changes to your existing applications and tools, providing access through a standard file system interface for seamless integration. It is built to scale on demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files.

A

True.

87
Q

True or False. An instance store provides temporary block-level storage for an EC2 instance. However, if you terminate the instance you will not lose all data.

A

False. An instance store provides temporary block-level storage for an EC2 instance. If you terminate the instance you lose all data.

88
Q

True or False. Elastic Block Store volumes are block-level storage devices and the data is persistent. EBS is a fully managed solution and does grow automatically as your data requirements increase.

A

False. Elastic Block Store volumes are block-level storage devices and the data is persistent. However, EBS is not a fully managed solution and doesn’t grow automatically as your data requirements increase – you would need to increase the volume size and then extend your filesystem.

89
Q

True or False. EBS Optimization is a network traffic optimization, it does not change the I/O performance of the volume.

A

True.

90
Q

True or False. Amazon S3 Transfer Acceleration is used for speeding up uploads of data to Amazon S3 by using the CloudFront network. It is not used for downloading data.

A

True.

91
Q

To serve a static website hosted on Amazon S3, you can deploy a CloudFront distribution using one of three configurations. what are the three configurations?

A
  1. Using a REST API endpoint as the origin with access restricted by an origin access identity (OAI).
  2. Using a website endpoint as the origin with anonymous (public) access allowed
  3. Using a website endpoint as the origin with access restricted by a Referer header.
92
Q

True or False. You can create an Amazon CloudFront distribution that uses an S3 bucket as the origin. This will allow you to serve the static content using the HTTPS protocol.

A

True.

93
Q

True or False. You can use Amazon S3 to host a static website. On a static website, individual webpages include static content. They might also contain client-side scripts.

A

True.

94
Q

An organization is migrating data to the AWS cloud. An on-premises application uses Network File System shares and must access the data without code changes. The data is critical and is accessed frequently.

Which storage solution should a Solutions Architect recommend to maximize availability and durability?

  • Amazon Elastic File System
  • AWS Storage Gateway – File Gateway
  • Amazon Simple Storage Service
  • Amazon Elastic Block Store
A

CORRECT: “AWS Storage Gateway – File Gateway” is the correct answer.

The solution must use NFS file shares to access the migrated data without code modification. This means you can use either Amazon EFS or AWS Storage Gateway – File Gateway. Both of these can be mounted using NFS from on-premises applications.

However, EFS is the wrong answer as the solution asks to maximize availability and durability. The File Gateway backs off of Amazon S3 which has much higher availability and durability than EFS which is why it is the best solution for this scenario.

INCORRECT: “Amazon Elastic Block Store” is incorrect. Amazon EBS is not a suitable solution as it is a block-based (not file-based like NFS) storage solution that you mount to EC2 instances in the cloud – not from on-premises applications.

INCORRECT: “Amazon Simple Storage Service” is incorrect. Amazon S3 does not offer an NFS interface.

INCORRECT: “Amazon Elastic File System” is incorrect as explained above.

95
Q

True or False. An instance store provides temporary block-level storage for your instance.

A

True.

96
Q

True or False. An instance store provides temporary block-level storage for your instance. This storage is located on disks that are physically attached to the host computer. Instance store is ideal for temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content, or for data that is replicated across a fleet of instances, such as a load-balanced pool of web servers.

A

True.

97
Q

True or False. Instance store is not a good option when you need storage with very low latency, but you don’t need the data to persist when the instance terminates or you can take advantage of fault-tolerant architectures.

A

False. Instance store is a good option when you need storage with very low latency, but you don’t need the data to persist when the instance terminates or you can take advantage of fault-tolerant architectures.

98
Q

True or False. Elastic Block Store (EBS) is a block storage device that is better for distributed and fault-tolerant data than instance stores.

A

False. Elastic Block Store (EBS) is a block storage device but for data that is distributed and fault-tolerant a better option for performance would be to use instance stores.

99
Q

True or False. EFS is not a block device, it is a filesystem that is accessed using the NFS protocol.

A

True.

100
Q

True or False. Cross-region replication is an Amazon S3 concept and dynamic data by an application is unlikely to be stored in an S3 bucket.

A

True.

101
Q
A

AWS Solutions Architect Associate (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions