Test 4

Question 1

What does the Server Access Logging feature in S3 provide?

Answer 1

requestor, bucket name, request time, request action, response status, and error code information

Question 2

What service can coordinate multiple AWS services into serverless workflows?

Answer 2

AWS Step Functions

Question 3

What 2 steps will you take to automatically restart EC2 instances whenever a simple restart will resolve an error?

Answer 3

• First, look at the existing Cloudwatch logs for keywords matching the error to create a custom metric.
• Second, create a Cloudwatch alarm for that metric which invokes a restart action

Question 4

What would you use to uniquely identify all of your AWS resources that will allow them to specify a resource unambiguously across all of AWS, such as in IAM policies, Amazon Relational Database Service (Amazon RDS) tags, and API calls.

Answer 4

Amazon Resource Name (ARN)

Question 5

What is the maximum ratio of provisioned IOPS to requested volume size in Gibibyte?

Answer 5

50:1 so for 10 GiB volume, request 500 iops

Question 6

If you need to provide high availability and fault tolerance to an app that has a ALB and 2 tiers (app and db) that cannot be in the same subnet, how many subnets will you need?

Answer 6

6:
- ALB is in a public subnet
- App serubnetsver is in a priavte subnet
- DB is in a private subnet
3x2 (Availability zones) = 6 subnets

Question 7

How do you handle disaster recovery in a Redshift Cluster?

Answer 7

Enable Cross Region Snapshots Copy in your cluster.

Question 8

What is the most efficient way to collect and analyze logs from the instances with minimal effort?

Answer 8

Install the unified Cloudwatch logs agent in each instance which will automatically collect and push logs to Cloudwatch. You can then analyze the logs with Cloudwatch Insights.

Question 9

What solution can be easily implemented to alert a Lambda function of new entries in a DynamoDB while requiring minimal configuration change to your architecture?

Answer 9

Enable DynamoDB Streams to capture table activity and automatically trigger the Lambda function

Question 10

What service allows you to deploy a custom shell script to all of your instances?

Answer 10

User data for passing in scripts

Question 11

What are the 2 enhanced monitoring metrics that Amazon CloudWatch provides for Amazon RDS DB instances?

Answer 11

• RDS child processes

- OS Processes

Question 12

Where can you safely import the SSL/TLS certificate of your application?

Answer 12

• AWS Certificate Manager

- IAM Certificate Store

Question 13

What website URL will be assigned to the S3 bucket named johnmac81?

Answer 13

johnmac81.s3-website–amazonaws.com

Question 14

What service would you use to trace and analyze user requests as they travel through your Amazon API Gateway APIs to the underlying services.

Answer 14

AWS X-Ray

Question 15

What service would you use if you require a durable storage service that is able to handle future increases in storage capacity and can provide the lowest-latency access to data.

Answer 15

EBS

Question 16

Why would a new EC@ instance in a new VPC, not have an associated DNS hostname?

Answer 16

The DNS resolution and DNS hostname of the VPC should be enabled

Question 17

What is the best way to configure a fault-tolerant NAT instance in your VPC?

Answer 17

Launch 2 Nat Instances in 2 separate public subnets and add a route from the private subnet to each Nat Instance

Question 18

What is Classic Load Balancer Connection Draining?

Answer 18

This enables the load balancer to complete in-flight requests made to instances that are de-registering or unhealthy