Question : A customer has a website which shows all the deals available across the market. The site experiences a load of large EC instances generally. However, a week before Thanksgiving vacation they encounter a load of almost 20 large instances. The load during that period varies over the day based on the office timings. Which of the below mentioned solutions is cost effective as well as help the website achieve better performance? 1. Keep only 10 instances running and manually launch 10 instances every day during office hours. 2. Setup to run 10 instances during the pre-vacation period and only scale up during the office time by launching 10 more instances using the AutoScaling schedule. 3. Access Mostly Uused Products by 50000+ Subscribers 4. During the pre-vacation period setup a scenario where the organization has 15 instances running and 5 instances to scale up and down using Auto Scaling based on the network I/O policy.
Correct Answer : Get Lastest Questions and Answer : Explanation: AWS provides an on demand, scalable infrastructure. AWS EC2 allows the user to launch On-Demand instances and the organization should create an AMI of the running instance. When the organization is experiencing varying loads and the time of the load is not known but it is higher than the routine traffic it is recommended that the organization launches a few instances before hand and then setups AutoScaling with policies which scale up and down as per the EC2 metrics, such as Network I/O or CPU utilization. If the organization keeps all 10 additional instances as a part of the AutoScaling policy sometimes during a sudden higher load it may take time to launch instances and may not give an optimal performance. This is the reason it is recommended that the organization keeps an additional 5 instances running and the next 5 instances scheduled as per the AutoScaling policy for cost effectiveness.
Question : QuickTechie.com has created multiple components of a single application for compartmentalization. Currently all the components are hosted on a single EC instance. Due to security reasons QuickTechie wants to implement two separate SSLs for the separate modules although it is already using VPC. How can the organization achieve this with a single instance? 1. Create a VPC instance which will have multiple network interfaces with multiple elastic IP addresses. 2. You have to launch two instances each in a separate subnet and allow VPC peering for a single IP. 3. Access Mostly Uused Products by 50000+ Subscribers 4. Create a VPC instance which will have multiple subnets attached to it and each will have a separate IP address.
Correct Answer : Get Lastest Questions and Answer : Explanation: In EC2-VPC, you can specify multiple private IP addresses for your instances. The number of network interfaces and private IP addresses that you can specify for an instance depends on the instance type. For more information, see Private IP Addresses Per ENI Per Instance Type. It can be useful to assign multiple private IP addresses to an instance in your VPC to do the following: Host multiple websites on a single server by using multiple SSL certificates on a single server and associating each certificate with a specific IP address. Operate network appliances, such as firewalls or load balancers, that have multiple private IP addresses for each network interface. Redirect internal traffic to a standby instance in case your instance fails, by reassigning the secondary private IP address to the standby instance. How Multiple IP Addresses Work
The following list explains how multiple IP addresses work with network interfaces:
You can assign a secondary private IP address to any network interface. The network interface can be attached to or detached from the instance. You must choose a secondary private IP address that's in the CIDR block range of the subnet for the network interface. Security groups apply to network interfaces, not to IP addresses. Therefore, IP addresses are subject to the security group of the network interface in which they're specified. Secondary private IP addresses can be assigned and unassigned to elastic network interfaces attached to running or stopped instances. Secondary private IP addresses that are assigned to a network interface can be reassigned to another one if you explicitly allow it. When assigning multiple secondary private IP addresses to a network interface using the command line tools or API, the entire operation fails if one of the secondary private IP addresses can't be assigned. Primary private IP addresses, secondary private IP addresses, and any associated Elastic IP addresses remain with the network interface when it is detached from an instance or attached to another instance. Although you can't move the primary network interface from an instance, you can reassign the secondary private IP address of the primary network interface to another network interface. You can move any additional network interface from one instance to another. The following list explains how multiple IP addresses work with Elastic IP addresses: Each private IP address can be associated with a single Elastic IP address, and vice versa. When a secondary private IP address is reassigned to another interface, the secondary private IP address retains its association with an Elastic IP address. When a secondary private IP address is unassigned from an interface, an associated Elastic IP address is automatically disassociated from the secondary private IP address.
Question : Acmeshell.com is planning to create a secure scalable application with AWS VPC and ELB and has two instances already running and each instance has an ENI attached to it in addition to a primary network interface. The primary network interface and additional ENI both have an elastic IP attached to it. If those instances are registered with ELB and Acmeshell wants ELB to send data to a particular EIP of the instance, how can they achieve this? 1. Acmeshell should ensure that the IP which is required to receive the ELB traffic is attached to an additional ENI. 2. It is not possible to attach an instance with two ENIs with ELB as it will give an IP conflict error. 3. Access Mostly Uused Products by 50000+ Subscribers 4. Acmeshell should ensure that the IP which is required to receive the ELB traffic is attached to a primary network interface.
Correct Answer : Get Lastest Questions and Answer : Explanation: Elastic Load Balancing automatically distributes incoming web traffic across multiple EC2 instances. With Elastic Load Balancing, you can add and remove EC2 instances as your needs change without disrupting the overall flow of information. If an EC2 instance fails, Elastic Load Balancing automatically reroutes the traffic to the remaining running EC2 instances. If a failed EC2 instance is restored, Elastic Load Balancing restores the traffic to that instance. Elastic Load Balancing offers clients a single point of contact, and it can also serve as the first line of defense against attacks on your network. You can offload the work of encryption and decryption to Elastic Load Balancing so that your servers can focus on their main work. Amazon Virtual Private Cloud (Amazon VPC) allows the user to define a virtual networking environment in a private, isolated section of the Amazon Web Services (AWS) cloud. The user has complete control over the virtual networking environment. Within this virtual private cloud, the user can launch AWS resources, such as an ELB, and EC2 instances. There are two ELBs available with VPC: internet facing and internal (private) ELB. For the internet facing ELB it is required that the ELB should be in a public subnet. When the user registers a multi-homed instance (an instance that has an Elastic Network Interface (ENI) attached) with a load balancer, the load balancer will route the traffic to the IP address of the primary network interface (eth0). Benefits of Elastic Load Balancing
When you use Elastic Load Balancing to manage traffic to your application, you get the following benefits:
Requests are distributed to EC2 instances in multiple Availability Zones, minimizing the risk of overloading one single instance. If an entire Availability Zone goes offline, the load balancer routes traffic to instances in other Availability Zones. The health of your EC2 instances registered with the load balancer so that requests are sent only to the healthy instances. If an instance becomes unhealthy, Elastic Load Balancing stops sending traffic to that instance and spreads the load across the remaining healthy instances. Support for end-to-end traffic encryption on those networks that use secure (HTTPS/SSL) connections. The ability to take over the encryption and decryption work from the EC2 instances, and manage it centrally on the load balancer. Support for sticky sessions, which is the ability to "stick" user sessions to specific EC2 instances. Association of the load balancer with your domain name. Because the load balancer is the only computer that is exposed to the Internet, you don't have to create and manage public domain names for the instances that the load balancer manages. You can point the instance's domain records at the load balancer instead and scale as needed (either adding or removing capacity) without having to update the records with each scaling activity. Support for security groups associated with your load balancer to provide additional networking and security options.
1. for second VPN connection must be publicly accessible 2. can be the same public IP address that you are using for the first VPN connection. 3. for second VPN connection must be privately accessible 4. 1 and 2 5. 2 and 3
1. The organization should plan the all 100 app server on the public subnet and oracle rds in a private subnet so it will not be in the public cloud. 2. The organization should plan the app server on the public subnet and keep the Oracle database in the organization's data center and connect them with the VPN gateway. 3. The organization should plan the app server on the public subnet and use RDS with the private subnet for a secure data operation. 4. The organization should use the public subnet for the app server and use RDS with a storage gateway to access as well as sync the data securely from the local data center.
Question : Select the correct statement regrading VPC and Subnet 1. You can create a VPC that spans multiple Availability Zones 2. subnet must reside entirely within one Availability Zone and cannot span zones 3. If a subnet have a route to the Internet gateway, the subnet is known as a private subnet 4. 1,2 5. 1,2,3