Premium

AWS Certified Solutions Architect – Associate Questions and Answers (Dumps and Practice Questions)



Question : If an IP address range is specified using a CIDR(Classless Inter Domain Routing) notation like this: .../,
without using the standard IP address classes like Class A, Class B or Class C, how many bits are available to specify the host addresses?


: If an IP address range is specified using a CIDR(Classless Inter Domain Routing) notation like this: .../,
1. 14
2. 10
3. 32
4. 18



Correct Answer : 1


Explanation: CIDR notation like this: 10.10.1.32 with a mask of 18 bits allows 14 bits (18 + 14 = 32) to be used for host addresses.
This notation is important when defining rules for a security group in order to control the inbound traffic that's allowed to reach your instances.

In CIDR notation, an IP address is represented as A.B.C.D /n,
where "/n" is called the IP prefix or network prefix.
The IP prefix identifies the number of significant bits used to identify a network.
For example, 192.9.205.22 /18 means, the first 18 bits are used to represent the network and the remaining 14 bits are used to identify hosts.
Common prefixes are 8, 16, 24, and 32.





Question : Which of the following Elastic Bean Stalk environment tier can be configured?

A. WebServer
B. Worker
C. EMR
D. Messaging
E. Databse
: Which of the following Elastic Bean Stalk environment tier can be configured?
1. A,B
2. B,C
3. C,D
4. D,E
5. A,E

Correct Answer : 1
Explanation: You can configure only two types of environment for Elastic Bean stalk.

WebServer and Worker

Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to
support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.

WebServer : For Web Application
Worker : for background-processing tasks

You can now launch Worker Tier environments in Elastic Beanstalk.

These environments are optimized to process application background tasks at any scale. Worker tiers complement the existing web tiers and are ideal for
time consuming tasks such as report generation, database cleanup, and email notification.

For example, to send confirmation emails from your application, you can now simply queue a task to later send the email while your application code
immediately proceeds to render the rest of your webpage. A worker tier in your environment will later pick up the task and send the email in the
background.

A worker is simply another HTTP request handler that Beanstalk invokes with messages buffered using the Amazon Simple Queue Service (SQS). Elastic
Beanstalk takes care of creating and managing the queue if one isn't provided. Messages put in the queue are forwarded via HTTP POST to a configurable URL on the
local host. You can develop your worker code using any language supported by Elastic Beanstalk in a Linux environment: PHP, Python, Ruby, Java, or Node.js.




Question : You are defining a network ACL which is numbered list of rules, to determine whether traffic is allowed in or out of any subnet associated
with the network ACL. So what is the highest number that you can use for a rule

: You are defining a network ACL which is numbered list of rules, to determine whether traffic is allowed in or out of any subnet associated
1. 1024
2. 4076
3. 32766
4. 34028



Correct Answer : 3
Explanation: A network access control list (ACL) is an optional layer of security that acts as a firewall for controlling traffic in and out
of a subnet. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC.

A network ACL is a numbered list of rules that we evaluate in order, starting with the lowest numbered rule,
to determine whether traffic is allowed in or out of any subnet associated with the network ACL.
The highest number that you can use for a rule is 32766. We suggest that you start by creating rules with rule
numbers that are multiples of 100, so that you can insert new rules where you need to later on.

A network ACL has separate inbound and outbound rules, and each rule can either allow or deny traffic.

Your VPC automatically comes with a modifiable default network ACL; by default, it allows all inbound and outbound traffic.

Each subnet must be associated with a network ACL; if you don't explicitly associate a subnet with a network ACL,
the subnet is automatically associated with the default network ACL

Network ACLs are stateless; responses to allowed inbound traffic are subject to the rules for outbound traffic



Related Questions

Question : You have to implement security on VPC level. So that communication can be secured. Which of the following protocols are supported by the VPC?


 : You have to implement security on VPC level. So that communication can be secured. Which of the following protocols are supported by the VPC?
1. VPC support TLS protocol

2. VPC support HTTPS protocol

3. Access Mostly Uused Products by 50000+ Subscribers

4. VPC support IPSec protocol for security



Question : You have an EC instance, on which web server installed. This instance is hosting a critical financial online loan processing application and have critical data, now
you want, whatever logs generated by installed web application should be moved from EC2 instance to S3 without having any internet connection. Which of the following option will
help to connect EC2 instance in a VPC to S3


 : You have an EC instance, on which web server installed. This instance is hosting a critical financial online loan processing application and have critical data, now
1. You have to create a NAT instance, and a CloudWatch Log Agent on that NAT instance which will transfer logs from web server to S3

2. You have to create a public EC2 instance, and a CloudWatch Log Agent on that EC2 instance which will transfer logs from web server to S3

 3. Access Mostly Uused Products by 50000+ Subscribers

4. You have to create a VPC endpoint.



Question : You are migrating your existing in-house solution to AWS, hence you created the AWS account. Your networking admin wants that IP address range should not be same as
in-house. What happen when, you create a VPC
A. You can define CIDR block and Range of IP addresses, once VPC created.
B. You can define CIDR block and Range of IP addresses, while creating VPC
C. You need to choose, in which region you want your VPC created. Which you can change later on
D. You need to choose, in which region you want your VPC created. Which you cannot change later on.

 : You are migrating your existing in-house solution to AWS, hence you created the AWS account. Your networking admin wants that IP address range should not be same as
1. A,B
2. B,C
 3. Access Mostly Uused Products by 50000+ Subscribers
4. A,D
5. B,D


Question : You have two subnet in a VPC, Now you will be creating an ENI in a subnet-A and an instance is launched in subnet B . You will be attaching the same ENI to the
instance in a subnet-B, what will happen?


 : You have two subnet in a VPC, Now you will be creating an ENI in a subnet-A and an instance is launched in subnet B . You will be attaching the same ENI to the
1. It will make EC2 instance to failed start

2. It will make EC2 instance dual-homed

 3. Access Mostly Uused Products by 50000+ Subscribers

4. It will give MAC address conflict error after start



Question : You have a websites www.HadoopExam.com, which is hosted on AWS. However, during USA time zone you see there is a heavy
workload. For having better performance, you create 10 EC2 instances on which your website will be deployed. However, being an architect you need to design or
place these 10 EC2 instances, properly. Select the correct option from below, which you will be applying

 : You have a websites www.HadoopExam.com, which is hosted on AWS. However, during USA time zone you see there is a heavy
1. Place all 10 EC2 instances in single Availability Zone place the ELB in front of that.

2. Place 5 EC2 instances in single Availability Zone in Region 1 and remaining 5 EC2 instances in Region 2 in single availability zone
and place the ELB in front of that.

 3. Access Mostly Uused Products by 50000+ Subscribers
zone and place the ELB in front of that.

4. Place all 9 EC2 instances in single Availability Zone and 1 in another Availability Zone in any region and place the ELB in front of that.



Question : A company is deploying a new two-tier web application in AWS. The company has limited staff and requires high availability, and the application requires complex
queries and table joins. Which configuration provides the solution for the company's requirements?
 : A company is deploying a new two-tier web application in AWS. The company has limited staff and requires high availability, and the application requires complex
1. MySQL Installed on two Amazon EC2 Instances in a single Availability Zone
2. Amazon RDS for MySQL with Multi-AZ
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Amazon DynamoDB

Ans : 2

Exp : As Amazon's business grew from being a startup in
the mid-1990s to a global multi-billion-dollar business, we came to realize the scaling limitations of relational databases. A number of high profile
outages at the height of the 2004 holiday shopping season can be traced back to scaling relational database technologies beyond their capabilities. In
response, we began to develop a collection of storage and database technologies to address the demanding scalability and reliability requirements of the
Amazon.com ecommerce platform. This was the genesis of NoSQL databases like Dynamo at Amazon. From our own experience designing and operating a highly
available, highly scalable ecommerce platform, we have come to realize that relational databases should only be used when an application really needs the
complex query, table join and transaction capabilities of a full-blown relational database. In all other cases, when such relational features are not
needed, a NoSQL database service like DynamoDB offers a simpler, more available, more scalable and ultimately a lower cost solution.




Question : You have deployed HadoopExam.com website on AWS and using the EC instances and DynamoDB as a database. As you know, all the applications
deployed on Amazon EC2 is very critical for your business. Hence, you want basic monitoring and if required you also want to look in detail matrices.
Which of the best service AWS provides to monitor EC2 instances and DynamoDB



: A company is deploying a new two-tier web application in AWS. The company has limited staff and requires high availability, and the application requires complex
1. Elastic BeanStalk

2. CloudWatch

 3. Access Mostly Uused Products by 50000+ Subscribers

4. Each component has its own monitoring tool. Which you can configure in AWS dashboard, to see on single screen. Also you can watch each components detail view.