Premium

AWS Certified Solutions Architect - Professional Questions and Answers (Dumps and Practice Questions)



Question : QuickTechie.com has five branches across the globe (NewYork, Geneva, HongKong, Mumbai and London). They want to expand their data centers such that
their web server will be in the AWS and each branch would have their own database in the local data center.
Based on the user login, the company wants to connect to the data center.
While designing this scenario with the AWS VPC CloudHub, which of the below mentioned important factors should QuickTechie ensure?


: QuickTechie.com has five branches across the globe (NewYork, Geneva, HongKong, Mumbai and London). They want to expand their data centers such that
1. Each site cannot have an overlapping IP range and unique Autonomous System Numbers for each gateway.
2. Each site must have the same Autonomous System Numbers for each gateway and the IP address of each site should be within the VPC CIDR.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Each site should have the same Autonomous System Numbers and unique Border Gateway Protocol.



Correct Answer : Get Lastest Questions and Answer :
Exp: A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. The user can create subnets as per the requirement within a VPC. If the user wants to
connect VPC from his own data centre, he can setup a public and VPN only subnet which uses hardware VPN access to connect with his data centre. If the organization has multiple VPN
connections, he can provide secure communication between sites using the AWS VPN CloudHub.
The VPN CloudHub operates on a simple hub-and-spoke model that the user can use with or without a VPC. To use the AWS VPN CloudHub, the user must create a virtual private gateway
with multiple customer gateways, each with unique Border Gateway Protocol (BGP) Autonomous System Numbers (ASNs).
Customer gateways advertise the appropriate routes (BGP prefixes) over their VPN connections. These routing advertisements are received and re-advertised to each BGP peer, enabling
each site to send data to and receive data from other sites. The routes for each spoke must have unique ASNs and the sites must not have overlapping IP ranges. Each site can also
send and receive data from the VPC as if they were using a standard VPN connection.







Question :

The following example shows a policy you could assign to Bob to allow him to manage his own access keys

{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["iam:*AccessKey*"],
"Resource": "arn:aws:iam::ACCOUNT-ID-WITHOUT-HYPHENS:user/division_abc/subdivision_xyz/Bob"
}]
}

What is the resource in this example


:
1. iam
2. ACCOUNT-ID-WITHOUT-HYPHENS
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Resource is not correctly defined
5. Bob

Correct Answer : Get Lastest Questions and Answer :
The above example shows a policy you could assign to Bob to allow him to manage his own access keys. and that the resource is Bob himself.





Question :
Danial is the main administrator in HadoopExam Corp., and he decides to use paths to help delineate the
users in the company and set up a separate administrator group for each path-based division. Following is a subset
of the full list of paths he plans to use:
/marketing
/sales
/tech
/billing
/risk
Danial creates an administrator group for the marketing part of the company and calls it Marketing_Admin.
He assigns it the /marketing path. The group's ARN is arn:aws:iam::123456789012:group/marketing/Marketing_Admin.
Danial assigns the following policy to the Marketing_Admin group that gives the group permission to use all
IAM actions with all groups and users in the /marketing path
{ "Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:*",
"Resource": [
"arn:aws:iam::123456789012:group/marketing/*",
"arn:aws:iam::123456789012:user/marketing/*"
]
},
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "arn:aws:s3:::example_bucket/marketing/*"
},
{
"Effect": "Allow",
"Action": "s3:ListBucket*",
"Resource": "arn:aws:s3:::example_bucket",
"Condition": {"StringLike": {"s3:prefix": "marketing/*"}}
} ]}
The policy gives the Marketing_Admin group permission to perform
:
1. Any Amazon S3 actions on the objects in the portion of the corporate bucket dedicated to the marketing employees in the company
2. Only object addition on Amazon S3 in the portion of the corporate bucket dedicated to the marketing employees in the company
 3. Access Mostly Uused Products by 50000+ Subscribers
4. None of the above

Correct Answer : Get Lastest Questions and Answer :


Related Questions

Question : An ENI is a virtual network interface that can include the whihc of the following attributes
A. a primary private IP address
B. one or more secondary private IP addresses
C. one Elastic IP address per private IP address
D. one public IP address, which can be auto-assigned to the network interface for eth0 when you launch an instance, but only when you create a network interface for eth0 instead
of using an existing network interface
E. one or more security groups
F. a MAC address
G. a source/destination check flag

 : An ENI is a virtual network interface that can include the whihc of the following attributes
1. A,B,C,D

2. C,D,E,F,G

3. A,B,C,D,E

4. A,B,C,D,E,F,G


Question : QuickTechie INc is planning to setup their blogging website on the AWS VPC and it shoud have automated HA and DR along with security.
Which of the below mentioned configurations satisfies the QuickTechie's requirement?
 : QuickTechie INc is planning to setup their blogging website on the AWS VPC and it shoud have automated HA and DR along with security.
1. Create two separate VPCs and run RDS. RDS will have the multi AZ feature enabled which spans across these two VPCs using VPC peering. Setup the App server with one of
the public subnets of any VPC.

2. Create two separate VPCs in different zones. Setup two EC2 instances by installing a DB in the two different VPCs and enable the failover mechanism. Setup the App
server with one of the public subnets of any VPC.
3. Create a VPC with one private and one public subnet in separate AZs. Setup the EC2 instance with a DB in the private subnet and the web application in a public subnet.
4. Create a VPC with two private subnets and a public subnet. In separate AZs and setup RDS with the multi AZ feature by creating a subnet group. Launch a web application
in the public subnet.



Question : AcmeShell Inc is purchasing licensed software and license can be registered only to a specific MAC Address. Acmeshell Inc is going to host the
software in the AWS environment. How can the organization fulfil the license requirement as the MAC address changes every time an instance is started/stopped/terminated?
 : AcmeShell Inc is purchasing licensed software and license can be registered only to a specific MAC Address. Acmeshell Inc is going to host the
1. It is not possible to have a fixed MAC address with AWS.
2. The organization should use VPC with the private subnet and configure the MAC address with that subnet.
3. The organization should use VPC with an elastic network interface which will have a fixed MAC Address.
4. The organization should use VPC since VPC allows to configure the MAC address for each EC2 instance.


Question : In this scenario, the secondary network interface
on the instance handles __________ and the primary network interface
handles _________ traffic and is connected
to a separate subnet in your VPC that
has more restrictive access controls.
 : In this scenario, the secondary network interface
1. public-facing traffic, back-end management
2. back-end management, public-facing traffic
3. public-facing traffic, public-facing traffic
4. back-end management, back-end management


Question : Because of low budget constraint, you can not create full flash HA for the data base instances. However, you still need HA for your database instance,
and you are find with the little connectivity issue while failure. Which is the suitable solution for this problm.
 : Because of low budget constraint, you can not create full flash HA for the data base instances. However, you still need HA for your database instance,
1. If one of your instances serving a particular function fails, its elastic ip address can be attached to a replacement
or hot standby instance pre-configured for the same role in order to rapidly recover the service
2. If one of your instances serving a particular function fails, its private ip address can be attached to a replacement
or hot standby instance pre-configured for the same role in order to rapidly recover the service
3. If one of your instances serving a particular function fails, its network interface can be attached to a replacement
or hot standby instance pre-configured for the same role in order to rapidly recover the service
4. 1 and 2
5. 2 and 3



Question : Please map the following for Configuring Network Interfaces

a. hot attach
b. warm attach
c. cold attach

1. when instance running
2. when instance stopped
3. when the instance is being launched



: Please map the following for Configuring Network Interfaces
1. a-1, b-2, c-3
2. a-2, b-1, c-3
3. a-2, b-3, c-1
4. a-3, b-2, c-3