Question : A user is configuring a CloudWatch alarm on RDS to receive a notification when the CPU utilization of RDS is higher than %. The user has setup an alarm when there is some inactivity on RDS, such as RDS unavailability. How can the user configure this? 1. Setup the notification when the CPU is more than 75% on RDS 2. Setup the notification when the state is Insufficient Data 3. Setup the notification when the CPU utilization is less than 10% 4. It is not possible to setup the alarm on RDS
Correct Answer : 2
Explanation: Amazon CloudWatch alarms watch a single metric over a time period that the user specifies and performs one or more actions based on the value of the metric relative to a given threshold over a number of time periods. The alarm has three states: Alarm, OK and Insufficient data. The Alarm will change to Insufficient Data when any of the three situations arise: when the alarm has just started, when the metric is not available or when enough data is not available for the metric to determine the alarm state. If the user wants to find that RDS is not available, he can setup to receive the notification when the state is in Insufficient data.
Question : George has shared an EC AMI created in the US East region from his AWS account with Stefano. George copies the same AMI to the US West region. Can Stefano access the copied AMI of George's account from the US West region? 1. No, copy AMI does not copy the permission 2. It is not possible to share the AMI with a specific account 3. Yes, since copy AMI copies all private account sharing permissions 4. Yes, since copy AMI copies all the permissions attached with the AMI
Correct Answer : 1
Explanation: Within EC2, when the user copies an AMI, the new AMI is fully independent of the source AMI; there is no link to the original (source. AMI. AWS does not copy launch the permissions, user- defined tags or the Amazon S3 bucket permissions from the source AMI to the new AMI. Thus, in this case by default Stefano will not have access to the AMI in the US West region.
Question : A user has created a VPC with a subnet and a security group. The user has launched an instance in that subnet and attached a public IP. The user is still unable to connect to the instance. The internet gateway has also been created. What can be the reason for the error? 1. The internet gateway is not configured with the route table 2. The private IP is not present 3. The outbound traffic on the security group is disabled 4. The internet gateway is not configured with the security group
Correct Answer : 1 A Virtual Private Cloud (VPC. is a virtual network dedicated to the user's AWS account. AWS provides two features the user can use to increase security in VPC: security groups and network ACLs. Security groups work at the instance level. When a user launches an instance and wants to connect to an instance, he needs an internet gateway. The internet gateway should be configured with the route table to allow traffic from the internet.