Question : A user is trying to setup a security policy for ELB. The user wants ELB to meet the cipher supported by the client by configuring the server order preference in ELB security policy. Which of the below mentioned preconfigured policies supports this feature? 1. ELBSecurity Policy-2014-01 2. ELBSecurity Policy-2011-08 3. ELBDefault Negotiation Policy 4. ELBSample- OpenSSLDefault Cipher Policy
Correct Answer : 1 Elastic Load Balancing uses a Secure Socket Layer (SSL. negotiation configuration which is known as a Security Policy. It is used to negotiate the SSL connections between a client and the load balancer. If the load balancer is configured to support the Server Order Preference, then the load balancer gets to select the first cipher in its list that matches any one of the ciphers in the client's list. When the user verifies the preconfigured policies supported by ELB, the policy "ELBSecurity Policy-2014-01" supports server order preference.
Question : A user has configured ELB with Auto Scaling. The user suspended the Auto Scaling AlarmNotification (which notifies Auto Scaling for CloudWatch alarms. process for a while. What will Auto Scaling do during this period? 1. AWS will not receive the alarms from CloudWatch 2. AWS will receive the alarms but will not execute the Auto Scaling policy 3. Auto Scaling will execute the policy but it will not launch the instances until the process is resumed 4. It is not possible to suspend the AlarmNotification process
Correct Answer : 2
Explanation: Auto Scaling performs various processes, such as Launch, Terminate Alarm Notification etc. The user can also suspend individual process. The AlarmNotification process type accepts notifications from the Amazon CloudWatch alarms that are associated with the Auto Scaling group. If the user suspends this process type, Auto Scaling will not automatically execute the scaling policies that would be triggered by the alarms.
Question : Arvind has launched three EC instances inside the US-East-a zone with his AWS account. Rohit has launched two EC2 instances in the US-East-1a zone with his AWS account. Which of the below mentioned statements will help Arvind and Rohit to understand the availability zone (AZ). concept better? 1. The instances of Arvind and Rohit will be running in the same data centre 2. All the instances of Arvind and Rohit can communicate over a private IP with a minimal cost 3. All the instances of Arvind and Rohit can communicate over a private IP without any cost 4. The US-East-1a region of Arvind and Rohit can be different availability zones
Correct Answer : 4
Explanation: Each AWS region has multiple, isolated locations known as Availability Zones. To ensure that the AWS resources are distributed across the Availability Zones for a region, AWS independently maps the Availability Zones to identifiers for each account. In this case the Availability Zone US-East-1a where Arvind's EC2 instances are running might not be the same location as the US-East-1a zone of Rohit's EC2 instances. There is no way for the user to coordinate the Availability Zones between accounts.
1. When the user sets an alarm on the Auto Scaling group, it automatically enables detail monitoring 2. By default detailed monitoring is enabled for Auto Scaling 3. Access Mostly Uused Products by 50000+ Subscribers 4. Enable detail monitoring from the AWS console