Premium

AWS Certified Solutions Architect - Professional Questions and Answers (Dumps and Practice Questions)



Question : QuickTechie.com is planning to use EBS for his DB requirement and QuickTechie already has an EC instance running in the VPC private subnet.
How can QuickTechie attach the EBS volume to a running instance?
: QuickTechie.com is planning to use EBS for his DB requirement and QuickTechie already has an EC instance running in the VPC private subnet.
1. QuickTechie can create EBS in the same zone as the subnet of instance and attach that EBS to instance.
2. It is not possible to attach an EBS to an instance running in VPC until the instance is stopped.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. QuickTechie must create EBS within the same VPC and then attach it to a running instance.



Correct Answer : Get Lastest Questions and Answer : Exp: You can create a VPC that spans multiple Availability Zones. For more information, see Creating a VPC. After creating a VPC, you can add one or more subnets
in each Availability Zone. Each subnet must reside entirely within one Availability Zone and cannot span zones. Availability Zones are distinct locations that are engineered to be
isolated from failures in other Availability Zones. By launching instances in separate Availability Zones, you can protect your applications from the failure of a single location.
AWS assigns a unique ID to each subnet. A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. The user can create subnets as per the requirement
within a VPC. The VPC is always specific to a region. The user can create a VPC which can span multiple Availability Zones by adding one or more subnets in each Availability Zone.
The instance launched will always be in the same availability zone of the respective subnet. When creating an EBS the user cannot specify the subnet or VPC. However, the user must
create the EBS in the same zone as the instance so that it can attach the EBS volume to the running instance.
Your VPC with Subnets : The following diagram shows a VPC that has been configured with subnets in multiple Availability Zones. You can optionally add an Internet gateway to enable
communication over the Internet, or a virtual private network (VPN) connection to enable communication with your network, as shown in the diagram. If a subnet's traffic is routed to
an Internet gateway, the subnet is known as a public subnet. In this diagram, subnet 1 is a public subnet. If you want your instance in a public subnet to communicate with the
Internet, it must have a public IP address or an Elastic IP address. For more information about public IP addresses, see Public and Private IP Addresses. If a subnet doesn't have a
route to the Internet gateway, the subnet is known as a private subnet. In this diagram, subnet 2 is a private subnet. If a subnet doesn't have a route to the Internet gateway, but
has its traffic routed to a virtual private gateway, the subnet is known as a VPN-only subnet.






Question : QuickTechie.com has five branches across the globe (NeYork, Mumbai, HongKong, Geneva and London). They want to expand their data centers such that
their web server will be in the AWS and each branch would have their own database in the local data center. Based on the user login, the company wants to connect
to the data center. How can MySecureData company implement this scenario with the AWS VPC?
: QuickTechie.com has five branches across the globe (NeYork, Mumbai, HongKong, Geneva and London). They want to expand their data centers such that
1. It is not possible to connect different data centers from a single VPC.
2. Create five VPCs with the public subnet for the app server and setup the VPN gateway for each VPN to connect them individually.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Use the AWS VPN CloudHub to communicate with multiple VPN connections.



Correct Answer : Get Lastest Questions and Answer : Exp: If you have multiple VPN connections, you can provide secure communication between sites using the AWS VPN CloudHub. The VPN CloudHub operates on a simple
hub-and-spoke model that you can use with or without a VPC. This design is suitable for customers with multiple branch offices and existing Internet connections who'd like to
implement a convenient, potentially low-cost hub-and-spoke model for primary or backup connectivity between these remote offices.
To use the AWS VPN CloudHub, you must create a virtual private gateway with multiple customer gateways, each with unique Border Gateway Protocol (BGP) Autonomous System Numbers
(ASNs). Customer gateways advertise the appropriate routes (BGP prefixes) over their VPN connections. These routing advertisements are received and re-advertised to each BGP peer,
enabling each site to send data to and receive data from the other sites. The routes for each spoke must have unique ASNs and the sites must not have overlapping IP ranges. Each site
can also send and receive data from the VPC as if they were using a standard VPN connection.

Sites that use AWS Direct Connect connections to the virtual private gateway can also be part of the AWS VPN CloudHub. For example, your corporate headquarters in New York can have
an AWS Direct Connect connection to the VPC and your branch offices can use VPN connections to the VPC. The branch offices in Los Angeles and Miami can send and receive data with
each other and with your corporate headquarters, all using the AWS VPN CloudHub.

To configure the AWS VPN CloudHub, you use the AWS Management Console to create multiple customer gateways, each with the unique public IP address of the gateway and a unique ASN.
Next, you create a VPN connection from each customer gateway to a common virtual private gateway. Each VPN connection must advertise its specific BGP routes. This is done using the
network statements in the VPN configuration files for the VPN connection. The network statements differ slightly depending on the type of router you use. A Virtual Private Cloud
(VPC) is a virtual network dedicated to the user's AWS account. The user can create subnets as per the requirement within a VPC. If the user wants to connect VPC from his own data
centre, he can setup a public and VPN only subnet which uses hardware VPN access to connect with his data centre. If the organization has multiple VPN connections, he can provide
secure communication between sites using the AWS VPN CloudHub.
The VPN CloudHub operates on a simple hub-and-spoke model that the user can use with or without a VPC. This design is suitable for customers with multiple branch offices and existing
internet connections who would like to implement a convenient, potentially low-cost hub-and-spoke model for primary or backup connectivity between remote offices.

When using an AWS VPN CloudHub, you pay typical Amazon VPC VPN connection rates. You are billed the connection rate for each hour that each VPN is connected to the virtual private
gateway. When you send data from one site to another using the AWS VPN CloudHub, there is no cost to send data from your site to the virtual private gateway. You only pay standard
AWS data transfer rates for data that is relayed from the virtual private gateway to your endpoint. For example, if you have a site in Los Angeles and a second site in New York and
both sites have a VPN connection to the virtual private gateway, you pay $.05 per hour for each VPN connection (for a total of $.10 per hour). You also pay the standard AWS data
transfer rates for all data that you send from Los Angeles to New York (and vice versa) that traverses each VPN connection; network traffic sent over the VPN connection to the
virtual private gateway is free but network traffic sent over the VPN connection from the virtual private gateway to the endpoint is billed at the standard AWS data transfer rate.






Question : AWS has launched T instances which come with CPU usage credit. QuickTechie.com has a requirement which keeps an instance running for hours.
However, QuickTechie has high usage only during 11 AM to 12 PM and planning to use a T2 small instance for this purpose.
If QuickTechie.com already has multiple instances running since Jan 2012, which of the below mentioned options should the QuickTechie implement while launching a T2 instance?
: AWS has launched T instances which come with CPU usage credit. QuickTechie.com has a requirement which keeps an instance running for hours.
1. While launching a T2 instance the organization must select EC2-VPC as the platform.
2. The organization must migrate to the EC2-VPC platform first before launching a T2 instance.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. While launching a T2 instance the organization must create a new AWS account as this account does not have the EC2-VPC platform.



Correct Answer : Get Lastest Questions and Answer :
Exp: our AWS account might support both EC2-Classic and EC2-VPC, depending on when you created your account and which regions you've used. For more information, and to find out which
platform your account supports, see Supported Platforms. For more information about the benefits of using a VPC, and the differences between EC2-Classic and EC2-VPC, see Amazon EC2
and Amazon Virtual Private Cloud.

You create and use resources in your AWS account. Some resources and features, such as enhanced networking and T2 instances, can be used only in a VPC. Some resources in your account
can be shared between EC2-Classic and a VPC; some cannot. For more information, see Sharing and Accessing Resources Between EC2-Classic and EC2-VPC.

If your account supports EC2-Classic, you may have already set up a number of resources for use with EC2-Classic. If you want to migrate to using a VPC, you will have to recreate
those resources in your VPC. A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. The user can create subnets as per the requirement within a VPC.
The AWS account provides two platforms: EC2-CLASSIC and EC2-VPC, depending on when the user has created his AWS account and which regions he is using. If the user has created the AWS
account after 2013-12-04, it supports only EC2-VPC. In this scenario, since the account is before the required date the supported platform will be EC2-CLASSIC. It is required that
the organization creates a VPC as the T2 instances can be launched only as a part of VPC.

This topic describes two ways of migrating to a VPC. You can do a full migration in one procedure, or you can do an incremental migration over time. The method you choose depends on
the size and complexity of your application in EC2-Classic. For example, if your application consists of one or two instances running a static website, and you can afford a short
period of downtime, you can do a once-off migration. If you have a multi-tier application with processes that cannot be interrupted, you can do an incremental migration using
ClassicLink. This allows you to transfer functionality one component at a time until your application is running fully in your VPC.




Related Questions

Question : When you launch a DB instance inside any VPC (including a default VPC), you can designate whether the DB instance you create has a DNS that resolves
to a public IP address by using the Publicly Accessible parameter. This parameter lets you designate whether there is public access to the DB instance,
even if the VPC has a public IP address. If you want a DB instance in a VPC to be publicly accessible

 : When you launch a DB instance inside any VPC (including a default VPC), you can designate whether the DB instance you create has a DNS that resolves
1. you must also enable the VPC attributes DNS hostnames
2. you must also enable the VPC attributes DNS resolution
3. security group assigned to the DB instance should also permit
4. 1 and 3
5. 1 ,2 and 3

that is not publicly accessible. For example, you could create a VPC that has a public subnet and a private subnet. Amazon EC2 instances that function as web servers could be
deployed in the public subnet, and the Amazon RDS DB instances would be deployed in the private subnet. In such a deployment, only the web servers have access to the DB instances.

When you launch a DB instance inside any VPC (including a default VPC), you can designate whether the DB instance you create has a DNS that resolves to a public IP address by using
the PubliclyAccessible parameter. This parameter lets you designate whether there is public access to the DB instance, even if the VPC has a public IP address. Note that access to
the DB instance is ultimately controlled by the security group it uses, and that public access is not permitted if the security group assigned to the DB instance does not permit it.
If you want a DB instance in a VPC to be publicly accessible, you must also enable the VPC attributes DNS hostnames and DNS resolution.



Question : Previously created Oracle DB Instance in AWS was not in the VPC. Which of the following you have to do, so can launch your DB instance in VPC

1. create a VPC
2. create subnets in the VPC
3. create a DB subnet group that contains the subnets you created
4. create a VPC security group
5. must create a DB snapshot of your DB instance, and then restore that DB snapshot
: When you launch a DB instance inside any VPC (including a default VPC), you can designate whether the DB instance you create has a DNS that resolves
1. 1,3,5
2. 2,4,5

3. 1,2,4,5

4. 1,2,3,4,5



Question : Refer the image where the EC-Classic Instance is outside of the VPC,
now you wish to communicate with RDS (Which is inside VPC).
Which is the best solution for this

 : Refer the image where the EC-Classic Instance is outside of the VPC,
1. VPN
2. Remote Desktop
3. ClassicLink
4. AWS VPN CloudHub



Question : QuickTechie.com Inc has three different AWS acount for Admin, Billing and Technical Team. The Technical Team created a file sharing site where all the
technology employees data is uploaded. The Admin team uploads data about the all employee attendance to their DB hosted in the VPC. The billing team needs to access
data from the technology team to know the employees to calculate the salary based on the attendance. How QuickTechie can set up this configuration in AWS?
 : QuickTechie.com Inc has three different AWS acount for Admin, Billing and Technical Team. The Technical Team created a file sharing site where all the
1. Setup VPC peering for the VPCs of Admin and Billing.
2. Setup VPC peering for the VPCs of Admin and Tehnology Team
3. Setup VPC peering for the VPCs of Billing and technology Team as well as between the VPCs of Billing and Admin.
4. It is not possible to configure VPC peering since each department has a separate AWS account.




Question : QuickTechie.com Inc has three different AWS acount for Admin, Billing and Technical Team, all are in three different regions. The Technical Team
created a file sharing site where all the technology employees data is uploaded. The Admin team uploads data about the all employee attendance to their DB
hosted in the VPC. The billing team needs to access data from the technology team to know the employees to calculate the salary based on the attendance.
How QuickTechie can set up this configuration in AWS?
 : QuickTechie.com Inc has three different AWS acount for Admin, Billing and Technical Team, all are in three different regions. The Technical Team
1. Setup VPC peering for the VPCs of Admin and Billing.
2. Setup VPC peering for the VPCs of Admin and Tehnology Team
3. Setup VPC peering for the VPCs of Billing and technology Team as well as between the VPCs of Billing and Admin.
4. It is not possible to configure VPC peering since each department in separate regions.






Question : In QuickTechie.com Inc, you have two departments Admin and HR both have AWS accounts. You work as a technical member with Admin department.
HR department has their own VPC and similarly Admin. Now as a admin you wish to make VPC peering with HR VPC.
To enable the flow of traffic between the peer VPCs (Admin and HR) using private IP addresses, you have to
: In QuickTechie.com Inc, you have two departments Admin and HR both have AWS accounts. You work as a technical member with Admin department.
1. add a route to one or more of your (Admin) VPC's route tables that points to the IP address range of the peer VPC
2. The owner of the peer VPC (HR) adds a route to one of their VPC's route tables that points to the IP address range of your VPC

3. Both 1 and 2
4. For Peering the VPC's private IP addresses are not supported.




Question : You have a VPC peering connection (pcx-) between VPC A and VPC B,
which are in the same AWS account, and do not have overlapping CIDR blocks.

You set up VPC A for your
accounting records, and VPC B for your financial records, and now you want each VPC to
be able to access each others' resources without restriction.

Select the correct route tables for each VPC point to the relevant VPC peering
connection to access the entire CIDR block of the peer VPC.
: You have a VPC peering connection (pcx-) between VPC A and VPC B,
1. A
2. B
3. C
4. A,B
5. B,C