X-Past Exams

Question 1

What happens to surplus cached data at Edge Locations?

Answer 1

If it hasn’t been used recently, it gets ejected

If a Regional Edge Cache is configured, then it is ejected into a local S3 bucket

Question 2

How are High Availability and Fault Tolerance difference?

Answer 2

HA is resilient to component and AZ loss

Fault tolerant is HA but also no performance impact of losing an entire AZ

Question 3

How does root user and IAM user login to the console differ?

Answer 3

Root users use an email address, IAM users use a username (though it may be an email)

Question 4

What is notable about IPv6 addresses in VPCs?

Answer 4

They are all public

Question 5

To what extent can NACLs be reused?

Answer 5

They can apply to multiple subnets, but only within one region

Question 6

Can an instance have more than one security group?

Answer 6

Yes - this allows more traffic

Question 7

Can a VPC have more than one IGW?

Answer 7

No

Question 8

Can a VPC have more than one NAT Gateway?

Answer 8

Yes - in fact, they should have one for each AZ

Question 9

In what order at NACL rules evaluated?

Answer 9

Lowest to highest

Question 10

To what extent can security groups be reused?

Answer 10

They can be shared across instances in multiple subnets if they are in the same VPC

Question 11

What is Neptune?

Answer 11

A NoSQL graph database service

It uses SPARQL or Gremlin for queries

Question 12

What is Amazon MQ

Answer 12

A managed service for Apache MQ - is supports push and pull based operation

It is single instance sensitive - a standby is available but it can’t scale

Question 13

What is special about EMR?

Answer 13

It can use S3 for storage and allows for transient clusters

Question 14

Can can the performance impact of RDS back-ups be minimised?

Answer 14

With MultiAZ deployments, the backup can be taken from the secondary instance

Question 15

Does MultiAZ RDS improve performance?

Answer 15

Only in the sense that it minimises the impact of backups

Question 16

What is the SLA for EC2?

Answer 16

99.99% availability per month for ECS and EBS

Question 17

What S3 data transfers are free?

Answer 17

All data in, transfers between buckets and other AWS services if in same region, transfers to CloudFront

(also the first 1 GB is free tier)

Question 18

What is notable about the names for transfer acceleration buckets?

Answer 18

They can’t contain full-stops

Question 19

Which AWS services give root access to the machine?

Answer 19

EC2 and EMR

Question 20

What types of virtualisation exist on EC2?

Answer 20

Hardware Virtual Machine (HVM) and Paravirtual Machine (PM)

Question 21

Is S3-Z-IA durable?

Answer 21

Yes, it maintains 11 9’s durability

Question 22

What are the steps to setting up EFS on an instance?

Answer 22

Open Port 2049, mount it, and set the Linux file permissions

Question 23

What happens when an EC2 instance is stopped and started again?

Answer 23

The underlying host changes and the instance store is lost

The public IP will change. The private IP won’t

Question 24

What happens when an EC2 instance is rebooted?

Answer 24

The host does NOT change and the instance store is not wiped

The public IP will not change

Question 25

What SNS alert is useful when debugging auto-scaling groups?

Answer 25

Look for EC2_INSTANCE_LAUNCH-ERROR

Question 26

What is different about MariaDB?

Answer 26

It can’t combine read replicas with MultiAZ

Question 27

Do changes to RDS require downtime?

Answer 27

Increasing storage does not but scaling up the instance does

Question 28

What are some special features of Aurora?

Answer 28

It has continuous backups. Read-replicas share the underlying storage so there isn’t replication lag

They support both MySQL and PostgreSQL

There is a serverless offering in which you don’t worry about instances

Question 29

What are ALB path patterns used for?

Answer 29

Routing different URL parts to different servers

Question 30

What could cause a Classic Load Balancer do not share load across its instances?

Answer 30

Cross-Zone Load Balancing has not been enabled

Question 31

Does RDS support custom plugins?

Answer 31

No

Question 32

What are the limits on SQS message size? How does this affect pricing?

Answer 32

They can be up to 256 KB but are charged in blocks of 64 KB

Question 33

How long are CloudWatch metrics of deleted instances retained for?

Answer 33

15 months

Question 34

What happens when SAML is used to log into the console?

Answer 34

The user identity is verified before generating a response

A sign-in URL to the console is set as a redirect

Question 35

What does a VPN into AWS require?

Answer 35

A Virtual Private Gateway, an on-premises Customer Gateway, and a VPC with Hardware VPN access

Question 36

What are the tenancy options for EC2?

Answer 36

• Default (shared)
• Dedicated (just you)
• Host (you control config + same server each time)

Question 37

Can tenancy options on EC2 be changed?

Answer 37

You can only switch between dedicated and host, but this requires restarting the instance

Question 38

In practical terms, how resilient is S3?

Answer 38

All storage classes except S3-Z-IA are designed to sustain the complete loss of an AZ, or partial loss of two

Question 39

At what level do Route Tables apply?

Answer 39

They apply to subnets, not instances

Question 40

What are the steps to securely add an instance to the internet?

Answer 40

• Create a route from the instance’s subnet to a NAT Gateway

- Create a route from the NAT Gateway to an IGW

Question 41

Are IGWs highly-available?

Answer 41

Yes, then span AZs

Question 42

What should be used to prevent against single-instance failure?

Answer 42

An autoscaling group

Question 43

How does EC2 auto-recover work?

Answer 43

It monitors CloudWatch alarms.

Note that it preserves the IP addresses of instances

Question 44

Should you put load balancers in a database subnet?

Answer 44

No - there’s no point

Question 45

How can traffic to host-names be blocked?

Answer 45

Use a proxy server - NACLs can’t block host-names

Question 46

How can network throughput between instances be maximised?

Answer 46

Use enhanced networking and a clustered placement group

Question 47

What performance does S3 provide?

Answer 47

5500 requests per second to read data; 3500 requests per second to write

Question 48

Why might newly created EBS volumes be slow?

Answer 48

If created from a snapshot, they are slow each time a block is read for the first time

Question 49

Can CloudFront cache dynamic content?

Answer 49

Yes if it is based on query strings

Question 50

Can load balancers work with more than one https hostname at once?

Answer 50

ALBs can; Classic Load Balancers can’t because they can only have one SSL certificate at a time

Question 51

Should on-prem be used with CloudFront?

Answer 51

Not really - it’s usually cheaper just to use S3

Question 52

Can the type of an EC2 instance be changed?

Answer 52

Yes - this requires a restart and that they have similar architectures etc.