AWS Certified Solutions Architect – Associate Questions and Answers (Dumps and Practice Questions)
Question : Suppose you have created an EC , during the processing some data is generated which is stored on the root device.
One of your colleague terminate this instance in between, so what happen to the data on root device?
1. As soon as instance is terminated data will be copied to S3.
2. As soon as instance is terminated data will be copied to the EBS.
3. As soon as instance is terminated data will be deleted.
4. Nothing happend to the data, it will remain as it is until you delete it.
Correct Answer : Get Lastest Questions and Answer :
Explanation: Amazon EC2 : Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud.
It is designed to make web-scale computing easier for developers. Amazon EC2s simple web service interface allows you to obtain and configure capacity
with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazons proven computing environment.
Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down,
as your computing requirements change.
EBS Storage : The data stored on a local instance store will persist only as long as that instance is alive.
However, data that is stored on an Amazon EBS volume will persist independently of the life of the instance.
Therefore, we recommend that you use the local instance store for temporary data and,
for data requiring a higher level of durability, we recommend using Amazon EBS volumes or backing up the data to Amazon S3.
If you are using an Amazon EBS volume as a root partition, you will need to set the
Delete On Terminate flag to "N" if you want your Amazon EBS volume to persist outside the life of the instance.
Question : You have launched AWS EC windows instance. Now as an administrator you want to connect to Windows instance using RDP. What process you
need to follow ?
1. You must have IAM role defined to do RDP and use that role to connect to windows instance.
2. You have to use putty and ssh shell to do RDP
3. Access Mostly Uused Products by 50000+ Subscribers
4. Using the private keys , you have to first decrypt the default administrator password on EC2 console. This password you can use for
remotely connecting to AWS Windows instance.
Correct Answer : Get Lastest Questions and Answer :
Explanation: To connect to a Windows instance, you must retrieve the initial administrator password and then specify this password when you
connect to your instance using Remote Desktop.
Note
If you've joined your instance to a domain, you can connect to your instance using domain credentials you've defined in AWS Directory Service.
The name of the administrator account depends on the language of the operating system. For example, for English, it's Administrator, for French it's
Administrator, and for Portuguese it's Administrator.
The license for the Windows Server operating system (OS) allows two simultaneous remote connections for administrative purposes. The license for Windows
Server is included in the price of your EC2 instance. If you need more than two simultaneous remote connections you must purchase a Remote Desktop
Services
(RDS) license. If you attempt a third connection, an error occurs. For more information, see Configure the Number of Simultaneous Remote Connections
Allowed
for a Connection.
To connect to your Windows instance using an RDP client
In the Amazon EC2 console, select the instance, and then choose Connect.
In the Connect To Your Instance dialog box, choose Get Password (it will take a few minutes after the instance is launched before the password is
available).
Choose Browse and navigate to the private key file you created when you launched the instance. Select the file and choose Open to copy the entire
contents of the file into the Contents field.
Choose Decrypt Password. The console displays the default administrator password for the instance in the Connect To Your Instance dialog box, replacing
the link to Get Password shown previously with the actual password.
Record the default administrator password, or copy it to the clipboard. You need this password to connect to the instance.
Choose Download Remote Desktop File. Your browser prompts you to either open or save the .rdp file. Either option is fine. When you have finished, you
can choose Close to dismiss the Connect To Your Instance dialog box.
If you opened the .rdp file, you'll see the Remote Desktop Connection dialog box.
If you saved the .rdp file, navigate to your downloads directory, and open the .rdp file to display the dialog box.
You may get a warning that the publisher of the remote connection is unknown. If you are using Remote Desktop Connection from a Windows PC, choose
Connect
to connect to your instance. If you are using Microsoft Remote Desktop on a Mac, skip the next step.
When prompted, log in to the instance, using the administrator account for the operating system and the password that you recorded or copied previously.
If your Remote Desktop Connection already has an administrator account set up, you might have to choose the Use another account option and enter the user
name and password manually.
Note
Sometimes copying and pasting content can corrupt data. If you encounter a "Password Failed" error when you log in, try typing in the password manually.
Due to the nature of self-signed certificates, you may get a warning that the security certificate could not be authenticated. Use the following steps to
verify the identity of the remote computer, or simply choose Yes or Continue to continue if you trust the certificate.
If you are using Remote Desktop Connection from a Windows PC, choose View certificate. If you are using Microsoft Remote Desktop on a Mac, choose Show
Certificate.
Choose the Details tab, and scroll down to the Thumbprint entry on a Windows PC, or the SHA1 Fingerprints entry on a Mac. This is the unique identifier
for the remote computer's security certificate.
In the Amazon EC2 console, select the instance, choose Actions, and then choose Get System Log.
In the system log output, look for an entry labeled RDPCERTIFICATE-THUMBPRINT. If this value matches the thumbprint or fingerprint of the certificate,
you have verified the identity of the remote computer.
If you are using Remote Desktop Connection from a Windows PC, return to the Certificate dialog box and choose OK. If you are using Microsoft Remote
Desktop on a Mac, return to the Verify Certificate and choose Continue.
If you are using Remote Desktop Connection from a Windows PC, choose Yes in the Remote Desktop Connection window to connect to your instance. If you are
using Microsoft Remote Desktop on a Mac, log in to the instance as prompted, using the default Administrator account and the default administrator
password that you recorded or copied previously.
Question : You have created a DB instance in VPC, for your web application (www.HadoopExam.com). You have not configured any rule to access this DB.
Which statement is correct?
1. There is no access to this DB by default. We have to explicitly assign some rule in security group to give access.
2. As part of default security group anybody can access this DB
3. Access Mostly Uused Products by 50000+ Subscribers
4. Port 80 will be open so, it can be reached using HTTP protocol.
Correct Answer : Get Lastest Questions and Answer :
Explanation: Security groups control the access that traffic has in and out of a DB instance. Three types of security groups are used with
Amazon RDS: DB security groups, VPC security groups, and EC2 security groups. In simple terms, a DB security group controls access to EC2-Classic DB
instances that are not in a VPC, a VPC security group controls access to DB instances and EC2 instances inside a VPC, and an EC2 security group controls
access to an EC2 instance.
By default, network access is turned off to a DB instance. You can specify rules in a security group that allows access from an IP address range, port,
or EC2 security group. Once ingress rules are configured, the same rules apply to all DB instances that are associated with that security group. You can
specify up to 20 rules in a security group.
DB security groups are used with DB instances that are not in a VPC and on the EC2-Classic platform. Each DB security group rule enables a specific
source to access a DB instance that is associated with that DB security group. The source can be a range of addresses (e.g., 203.0.113.0/24), or an EC2 security
group. When you specify an EC2 security group as the source, you allow incoming traffic from all EC2 instances that use that EC2 security group. Note
that DB security group rules apply to inbound traffic only; outbound traffic is not currently permitted for DB instances.
You do not need to specify a destination port number when you create DB security group rules; the port number defined for the DB instance is used as the
destination port number for all rules defined for the DB security group. DB security groups can be created using the Amazon RDS APIs or the Amazon RDS
page of the AWS Management Console.
Related Questions
Question : You are working with an Health Care IT company, which had recently created new application for collecting Health Data of the patient using
Web UI. Hence, staff in hospital can view and upload health data. Now, you have to deploy this application on AWS. Hence, you made a public subnet and a
private subnet. You will be deploying web application in public subnet. What all you have to do to make any subnet as public subnet?
A. Set up an IGW (Internet Gateway) to VPC
B. Create a route in a route table which is attached to subnet which route the traffic to IGW
C. You have to select EC2 instances, which are specifically designed for public subnet.
D. You should disable the NACL setting on the subnet, so it can reach to internet.
1. A,B
2. B,C
3. Access Mostly Uused Products by 50000+ Subscribers
4. A,D
5. B,D
Question : You are migrating existing Web and App servers to the AWS from your on-premises network. However, before migrating you need to create a VPC
network in AWS. Hence, you created a VPC network. What else you will be having once, you created VPC
1. It will create a default route table as well, which you can modify as per your need.
2. It will create 0 subnet, by default. You have to first create subnet in each AZ
3. Access Mostly Uused Products by 50000+ Subscribers
4. It will create one private subnet in each AZ and also will launch default EC2 instances in each AZ.
Question : . You have a created a VPC in a region which has three AZ, now you will deploy your website which can gave Multi-AZ deployment. You will
have to which of the following, so that each subnet which are created by default in each AZ can communicate with each other
1. You will attach new route table to each subnet, so that they can communicate with each other.
2. You have to have one IGW attached to VPC, so that all the instances can be created.
3. Access Mostly Uused Products by 50000+ Subscribers
4. You don’t have to do anything as by default created subnet in each AZ can communicate with each other.
Question :
When you want to use CloudFront to distribute your content, you create a distribution and specify configuration settings such as:
1. Configure the environment variables.
2. The number of files that you can serve per distribution.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Your origin and you can specify any combination of up to 100 Amazon S3 buckets and/or HTTP servers as your origins.
Ans : 3
Exp : When you want to use CloudFront to distribute your content, you create a distribution and specify configuration settings such as:
Your origin, which is the Amazon S3 bucket or HTTP server from which CloudFront gets the files that it distributes. You can specify any combination
of
up to 10 Amazon S3 buckets and/or HTTP servers as your origins.
Whether you want the files to be available to everyone or you want to restrict access to selected users.
Whether you want CloudFront to require users to use HTTPS to access your content.
Whether you want CloudFront to forward cookies and/or query strings to your origin.
Whether you want CloudFront to prevent users in selected countries from accessing your content.
Whether you want CloudFront to create access logs.
Question : How many request per second can Amazon CloudFront handle?
1. 10,000
2. 100
1. 1000
2. 500
Ans : 3
Exp : Amazon CloudFront Limits
Data transfer rate 1,000 Mbps
Requests per second 1000
Web distributions per AWS account 200
RTMP distributions per AWS account 100
Alternate domain names (CNAMEs) per distribution 100
Origins per distribution 25
Cache behaviors per distribution 25
Whitelisted cookies per cache behavior 10
SSL certificates per AWS account when serving HTTPS requests using dedicated IP addresses (no limit when serving HTTPS requests using SNI) 0
Question : You have been designing a high availability solution in AWS, for your high traffic website. You had deployed your website in a region which
has three AZ (availability zone). You need at least 10 EC2 instances up at any time. How, would you plan your architecture, so that it is highly
available?
1. You will be having 10 server in each AZ, hence there will be 30 EC2 instances you will be launching.
2. You will be having 5 server in each AZ, hence in total you will be having 15 ec2 instances.
3. Access Mostly Uused Products by 50000+ Subscribers
4. You will be having 10 instances in one AZ and 5-5 instances in other two. In total you will have 20 EC2 instances.
Question : You are working with the Arinika Bank, which already have their in house datacenter and entire IT and its banking is handled in that. You
have been recently hired for their new investment to develop mobile wallet. Also, it is decided to use AWS cloud and services provided by AWS cloud. For
storing wallet transactions you have to use services provided by AWS. Select the correct statement which applies correctly for this requirement.
A. For storing all the transactions through mobile wallet. You should consider using Amazon Redshift.
B. For storing all the transactions through mobile wallet. You should consider using Amazon RDS.
C. For storing all the transactions through mobile wallet. You should consider using Amazon Elastic Database.
D. For storing all the transactions through mobile wallet. You should consider using Amazon S3.
E. You should have kept this storage layer in public subnet. So that mobile application can connect it.
F. You should have kept this storage layer in private subnet.
1. A,B
2. C,D
3. Access Mostly Uused Products by 50000+ Subscribers
4. B,F
5. A,C
Question : You are working with the Arinika Bank, which already have their in house datacenter and entire IT and its banking is handled in that. You
have been recently hired for their new investment to develop mobile wallet. Also, it is decided to use AWS cloud and services provided by AWS cloud. You
have been asked to have commenting solutions implemented, where for each wallet transaction, user can send message and comment on it. These comments and
messages should be visible both the parties between transaction happened. Which of the following best suited for storing these messages and comments?
1. You should have used Amazon RDS
2. You should have used Amazon Redshift
3. Access Mostly Uused Products by 50000+ Subscribers
4. You should have used Amazon S3 or RRS
5. Use custom installed Oracle DB in private subnet with BYOD