AWS Certified Solutions Architect - Professional Questions and Answers (Dumps and Practice Questions)
Question : QuickTechie.com is planning to host a web server apache tomcat as well as a JEE app server weblogic on a single EC instance which
is a part of the public subnet of a VPC. How can QuickTechie setup to have two separate public IPs and separate security groups for
both the Weblogic as well as the tomcat servers?
1. Launch a VPC with ELB such that it redirects requests to separate VPC instances of the public subnet.
2. Launch a VPC instance with two network interfaces. Assign a separate security group and elastic IP to them
3. Access Mostly Uused Products by 50000+ Subscribers
4. Launch a VPC instance with two network interfaces. Assign a separate security group to each and AWS will assign a separate public IP to them.
Correct Answer : Get Lastest Questions and Answer :
Explanation: In EC2-VPC, you can specify multiple private IP addresses for your instances. The number of network interfaces and private IP addresses that you can specify for an instance
depends on the instance type. It can be useful to assign multiple private IP addresses to an instance in your VPC to do the following:
Host multiple websites on a single server by using multiple SSL certificates on a single server and associating each certificate with a specific IP address.
Operate network appliances, such as firewalls or load balancers, that have multiple private IP addresses for each network interface.
Redirect internal traffic to a standby instance in case your instance fails, by reassigning the secondary private IP address to the standby instance.
The following list explains how multiple IP addresses work with network interfaces:
You can assign a secondary private IP address to any network interface. The network interface can be attached to or detached from the instance.
You must choose a secondary private IP address that's in the CIDR block range of the subnet for the network interface.
Security groups apply to network interfaces, not to IP addresses. Therefore, IP addresses are subject to the security group of the network interface in which they're specified.
Secondary private IP addresses can be assigned and unassigned to elastic network interfaces attached to running or stopped instances.
Secondary private IP addresses that are assigned to a network interface can be reassigned to another one if you explicitly allow it.
When assigning multiple secondary private IP addresses to a network interface using the command line tools or API, the entire operation fails if one of the secondary private IP
addresses can't be assigned.
Primary private IP addresses, secondary private IP addresses, and any associated Elastic IP addresses remain with the network interface when it is detached from an instance or
attached to another instance.
Although you can't move the primary network interface from an instance, you can reassign the secondary private IP address of the primary network interface to another network
interface.
You can move any additional network interface from one instance to another.
The following list explains how multiple IP addresses work with Elastic IP addresses:
Each private IP address can be associated with a single Elastic IP address, and vice versa.
When a secondary private IP address is reassigned to another interface, the secondary private IP address retains its association with an Elastic IP address.
When a secondary private IP address is unassigned from an interface, an associated Elastic IP address is automatically disassociated from the secondary private IP address.
Question : Map the following storage and its characteristics
A. Amazon EBS
B. Amazon EC2 Instance Store
C. Amazon S3
D. Root Storage
1. recommended storage option when you run a database on an instance
2. if you stop or terminate an instance, any data stored on volumes is lost
3. Access Mostly Uused Products by 50000+ Subscribers
4. contains all the information necessary to boot the instance
1. A-1 , B-2, C-3, D-4
2. A-2 , B-1, C-4, D-3
3. Access Mostly Uused Products by 50000+ Subscribers
4. A-3 , B-4, C-1, D-2
5. A-1 , B-2, C-4, D-3
Correct Answer : Get Lastest Questions and Answer :
Explanation: Amazon EBS : Amazon EBS provides durable, block-level storage volumes that you can attach to a running Amazon EC2 instance. You can use Amazon EBS as a primary storage device
for data that requires frequent and granular updates. For example, Amazon EBS is the recommended storage option when you run a database on an instance. An Amazon EBS volume behaves
like a raw, unformatted, external block device that you can attach to a single instance. The volume persists independently from the running life of an Amazon EC2 instance. After an
EBS volume is attached to an instance, you can use it like any other physical hard drive. As illustrated in the previous figure, multiple volumes can be attached to an instance. You
can also detach an EBS volume from one instance and attach it to another instance. Amazon EBS volumes can also be created as encrypted volumes using the Amazon EBS encryption
feature.
Amazon EC2 Instance Store : Many Amazon EC2 instances can access storage from disks that are physically attached to the host computer. This disk storage is referred to as instance
store. Instance store provides temporary block-level storage for Amazon EC2 instances. The data on an instance store volume persists only during the life of the associated Amazon EC2
instance; if you stop or terminate an instance, any data on instance store volumes is lost.
Amazon S3 : Amazon S3 is a repository for Internet data. Amazon S3 provides access to reliable and inexpensive data storage infrastructure. It is designed to make web-scale computing
easier by enabling you to store and retrieve any amount of data, at any time, from within Amazon EC2 or anywhere on the web. For example, you can use Amazon S3 to store backup copies
of your data and applications.
Adding Storage : Every time you launch an instance from an AMI, a root storage device is created for that instance. The root storage device contains all the information necessary to
boot the instance. You can specify storage volumes in addition to the root device volume when you create an AMI or launch an instance using block device mapping.
Question : Select the correct statement for EBS
1. You can create Amazon EBS volumes from 1 GiB to 1 TiB in size. You can mount these volumes as devices on your Amazon EC2 instances.
2. You can create point-in-time snapshots of Amazon EBS volumes, which are persisted to Amazon S3.
3. Access Mostly Uused Products by 50000+ Subscribers
4. 1 and 2
4. 2 and 3
Correct Answer : Get Lastest Questions and Answer :
Explanation: Features of Amazon EBS : You can create Amazon EBS volumes from 1 GiB to 1 TiB in size. You can mount these volumes as devices on your Amazon EC2 instances. You can mount
multiple volumes on the same instance, but each volume can be attached to only one instance at a time.
With General Purpose (SSD) volumes, your volume receives a base performance of 3 IOPS/GiB, with the ability to burst to 3,000 IOPS for extended periods of time. General Purpose
(SSD) volumes are ideal for a broad range of use cases such as boot volumes, small and medium size databases, and development and test environments.
With Provisioned IOPS (SSD) volumes, you can provision a specific level of I/O performance, up to 4000 IOPS per volume. This allows you to predictably scale to thousands of IOPS
per EC2 instance.
Amazon EBS volumes behave like raw, unformatted block devices. You can create a file system on top of these volumes, or use them in any other way you would use a block device
(like a hard drive).
You can use encrypted Amazon EBS volumes to meet a wide range of data-at-rest encryption requirements for regulated/audited data and applications.
You can create point-in-time snapshots of Amazon EBS volumes, which are persisted to Amazon S3. Snapshots protect data for long-term durability, and they can be used as the
starting point for new Amazon EBS volumes. The same snapshot can be used to instantiate as many volumes as you wish. These snapshots can be copied across AWS regions.
Amazon EBS volumes are created in a specific Availability Zone, and can then be attached to any instances in that same Availability Zone. To make a volume available outside of
the Availability Zone, you can create a snapshot and restore that snapshot to a new volume anywhere in that region. You can copy snapshots to other regions and then restore them to
new volumes there, making it easier to leverage multiple AWS regions for geographical expansion, data center migration, and disaster recovery.
A large repository of public data set snapshots can be restored to Amazon EBS volumes and seamlessly integrated into AWS cloud-based applications.
Performance metrics, such as bandwidth, throughput, latency, and average queue length, are available through the AWS Management Console. These metrics, provided by Amazon
CloudWatch, allow you to monitor the performance of your volumes to make sure that you are providing enough performance for your applications without paying for resources you
don't need.
Related Questions
Question : QuickTechie.com is setting up a highly scalable application using the Elastic Beanstalk and is using ELB and RDS with VPC.
QuickTechie.com has public and private subnets within the cloud. Which of the below mentioned configurations will not work in this scenario?
1. The configuration must have two private subnets in separate AZs.
2. The configuration must have public and private subnets in the same AZ.
3. Access Mostly Uused Products by 50000+ Subscribers
4. It is recommended to setup RDS in a private subnet and ELB in a public subnet.
Question : QuickTechie.com has launched a large EC instance with an EBS store backed AMI and an additional ephermal drive and wants to ensure that even during
the outage all the critical data will not be lost. Which of the below mentioned steps will not help the QuickTechie achieve their goal?
1. Keep moving all the log files generated on the ephermal drive to the EBS volume for the audit trails.
2. Setup the EBS volume with the DeleteOnTermination flag set to False to ensure that EBS survives instance termination.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Take a snapshot of the EBS volume at regular intervals for backup purpose.
Question : QuickTechie.com has hosted an application on the EC instances. There will be multiple users connecting to the instance for setup and configuration of
application. QuickTechie is planning to implement certain security best practices. Which of the below mentioned pointers will not help the QT to achieve better security arrangement?
1. Allow only IAM users to connect with the EC2 instances with their own secret access key.
2. Apply the latest patch of OS and always keep it updated.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Create a procedure to revoke the access rights of the individual user when they are not required to connect to EC2 instance anymore for the purpose of application configuration.
Question : QuickTechie.com has five branches across the globe (NewYork, Geneva, HongKong, Mumbai and London). They want to expand their data centers such that
their web server will be in the AWS and each branch would have their own database in the local data center.
Based on the user login, the company wants to connect to the data center.
While designing this scenario with the AWS VPC CloudHub, which of the below mentioned important factors should QuickTechie ensure?
1. Each site cannot have an overlapping IP range and unique Autonomous System Numbers for each gateway.
2. Each site must have the same Autonomous System Numbers for each gateway and the IP address of each site should be within the VPC CIDR.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Each site should have the same Autonomous System Numbers and unique Border Gateway Protocol.
Question :
The following example shows a policy you could assign to Bob to allow him to manage his own access keys
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["iam:*AccessKey*"],
"Resource": "arn:aws:iam::ACCOUNT-ID-WITHOUT-HYPHENS:user/division_abc/subdivision_xyz/Bob"
}]
}
What is the resource in this example
1. iam
2. ACCOUNT-ID-WITHOUT-HYPHENS
3. Access Mostly Uused Products by 50000+ Subscribers
4. Resource is not correctly defined
5. Bob
Question :
Danial is the main administrator in HadoopExam Corp., and he decides to use paths to help delineate the
users in the company and set up a separate administrator group for each path-based division. Following is a subset
of the full list of paths he plans to use:
/marketing
/sales
/tech
/billing
/risk
Danial creates an administrator group for the marketing part of the company and calls it Marketing_Admin.
He assigns it the /marketing path. The group's ARN is arn:aws:iam::123456789012:group/marketing/Marketing_Admin.
Danial assigns the following policy to the Marketing_Admin group that gives the group permission to use all
IAM actions with all groups and users in the /marketing path
{ "Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:*",
"Resource": [
"arn:aws:iam::123456789012:group/marketing/*",
"arn:aws:iam::123456789012:user/marketing/*"
]
},
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "arn:aws:s3:::example_bucket/marketing/*"
},
{
"Effect": "Allow",
"Action": "s3:ListBucket*",
"Resource": "arn:aws:s3:::example_bucket",
"Condition": {"StringLike": {"s3:prefix": "marketing/*"}}
} ]}
The policy gives the Marketing_Admin group permission to perform
1. Any Amazon S3 actions on the objects in the portion of the corporate bucket dedicated to the marketing employees in the company
2. Only object addition on Amazon S3 in the portion of the corporate bucket dedicated to the marketing employees in the company
3. Access Mostly Uused Products by 50000+ Subscribers
4. None of the above