Premium

AWS Certified Solutions Architect - Professional Questions and Answers (Dumps and Practice Questions)



Question : QuickTechie.com website is deployed on Weblogic App Server. And they are also using AWS VPC with high availability. Select the correct statement
which will help to deploy application with HA

: QuickTechie.com website is deployed on Weblogic App Server. And they are also using AWS VPC with high availability. Select the correct statement
1. Create two VPCs in two separate zones and setup failover with ELB such that if one VPC fails it will divert traffic to another VPC.

2. Create VPC with only one private subnet and launch instances in different AZs using that subnet.
3. Create VPC subnets in two separate availability zones and launch instances in different subnets.

4. Create VPC with only one public subnet and launch instances in different AZs using that subnet.


Correct Answer : 3 Exp: You can create a VPC that spans multiple Availability Zones. After creating a VPC, you can add one or more subnets in each Availability Zone. Each subnet
must reside entirely within one Availability Zone and cannot span zones. Availability Zones are distinct locations that are engineered to be isolated from failures in other
Availability Zones. By launching instances in separate Availability Zones, you can protect your applications from the failure of a single location. AWS assigns a unique ID to each
subnet.







Question : You have created a public subnet and one private subnet to host your website and databases. Select the most correct statement which applies

: You have created a public subnet and one private subnet to host your website and databases. Select the most correct statement which applies
1. Regardless of the type of subnet, the internal IP address range of the subnet is always private
2. In public subnet, the internal IP address range of the subnet is always private
3. Regardless of the type of subnet, the internal IP address range of the subnet is always public
4. In public subnet, the internal IP address range of the subnet is always private

Correct Answer : 1
Explanation: The following diagram shows a VPC that has been configured with subnets in multiple Availability Zones. You can optionally add an Internet gateway to enable
communication over the Internet, or a virtual private network (VPN) connection to enable communication with your network, as shown in the diagram.

If a subnet's traffic is routed to an Internet gateway, the subnet is known as a public subnet. In this diagram, subnet 1 is a public subnet. If you want your instance in a public
subnet to communicate with the Internet, it must have a public IP address or an Elastic IP address. For more information about public IP addresses, see Public and Private IP
Addresses.

If a subnet doesn't have a route to the Internet gateway, the subnet is known as a private subnet. In this diagram, subnet 2 is a private subnet.

If a subnet doesn't have a route to the Internet gateway, but has its traffic routed to a virtual private gateway, the subnet is known as a VPN-only subnet. In this diagram, subnet 3
is a VPN-only subnet.

Note

Regardless of the type of subnet, the internal IP address range of the subnet is always private - we do not announce the address block to the Internet. For more information,




Question : You have hosted QuickTechie.com website in AWS VPC, and also configured the security with below

1. Security groups
2. Network access control lists (ACLs)

a. Act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level
b. Act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level
c. a second layer of defense

Please map the above

: You have hosted QuickTechie.com website in AWS VPC, and also configured the security with below
1. 1-a,2-b, 2-c
2. 1-b, 2-a, 1-c
2. 1-a, 1-b, 2-c,


Correct Answer : 1

Explanation: Amazon VPC provides two features that you can use to increase security for your VPC:

Security groups-Act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level

Network access control lists (ACLs)-Act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level

When you launch an instance in a VPC, you can associate one or more security groups that you've created. Each instance in your VPC could belong to a different set of security groups.
If you don't specify a security group when you launch an instance, the instance automatically belongs to the default security group for the VPC. For more information about security
groups, see Security Groups for Your VPC

You can secure your VPC instances using only security groups; however, you can add network ACLs as a second layer of defense. For more information about network ACLs,


Related Questions

Question : Which of the following feature will not be available in case of High Storage Instance?
 : Which of the following feature will not be available in case of High Storage Instance?
1. Spot Instances
2. On-Demand Instance
3. Reserved Instance
4. None of the above



Question : Which of the following application is a good choice for High Storage instances ?
: Which of the following application is a good choice for High Storage instances ?
1. Hadoop
2. Data warehousing
3. Cluster file systems
4. All 1,2 and 3
5. None of the above



Question : QuickTechie.com is setting up a web application for providing online recruitment solutions in the AWS VPC. And as a backend database
they will use an AWS RDS,so that they can get High Availability and Disaster Recovery requirements fullfilled. They also need secure access to RDS oracle instance
Select the correct statement for above setup?
 : QuickTechie.com is setting up a web application for providing online recruitment solutions in the AWS VPC. And as a backend database
1. Create a VPC with one public and one private subnet. Launch an application instance in the public subnet while RDS is launched in the private subnet.
2. Create two separate VPCs and launch a Web app in one VPC and RDS in a separate VPC and connect them with VPC peering.
3. Setup a public and two private subnets in different AZs within a VPC and create a subnet group. Launch RDS with that subnet group.
4. Create a network interface and attach two subnets to it. Attach that network interface with RDS while launching a DB instance.



Question : Please map the below RDS types and its features.

1. Magnetic (Standard)
2. General Purpose (SSD)
3. Provisioned IOPS

A. This storage type is excellent for small to medium-sized databases.
B. offers cost-effective storage that is ideal for applications with light or burst I/O requirements.
C. You specify the amount of storage you want allocated, and then specify the amount of dedicated IOPS you want.


 : Please map the below RDS types and its features.
1. 1-A, 2-B, 3-C
2. 1-B, 2-A, 3-C
3. 1-A, 2-C, 3-B
4. 1-C, 2-B, 3-A



Question : You have created an RDS for you website. Now in which of the following case you will face "first touch penalty"

 : You have created an RDS for you website. Now in which of the following case you will face
1. DB instance created from a snapshot
2. a point-in-time restore of database
3. Access Mostly Uused Products by 50000+ Subscribers
4. None of the above
5. All 1,2 and 3



Question : You have two DB instances with GB-months of provisioned database storage, however, only one instance is in active mode. How much backup storage
you will get as a free.
: You have two DB instances with GB-months of provisioned database storage, however, only one instance is in active mode. How much backup storage
1. 10 GB-months
2. 20 GB-months
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Nothing free of cost in case of database storage