AWS Certified Solutions Architect - Professional Questions and Answers (Dumps and Practice Questions)

Question : The following example shows a CloudTrail log entry for a request made for the IAM
{ "eventVersion": "1.01",
"userIdentity": {
"type": "IAMUser",
"principalId": "AIDACKCEVSQ6C2EXAMPLE",
"arn": "arn:aws:iam::444455556666:user/Alice",
"accountId": "444455556666",
"accessKeyId": "AKIAI44QH8DHBEXAMPLE",
"userName": "Alice",
"sessionContext": {
"attributes": {
"mfaAuthenticated": "false",
"creationDate": "2014-07-15T21:39:40Z"
} },
"invokedBy": "signin.amazonaws.com"
}, "eventTime": "2014-07-15T21:40:14Z",
"eventSource": "iam.amazonaws.com",
"eventName": "GetUserPolicy",
"awsRegion": "us-east-1",
"sourceIPAddress": "signin.amazonaws.com",
"userAgent": "signin.amazonaws.com",
"requestParameters": {
"userName": "Bob",
"policyName": "ReadOnlyAccess-Bob-201407151307"
}, "responseElements": null,
"requestID": "9b4bb6fe-0c68-11e4-a24e-d5e160cfd347",
"eventID": "cf6228c3-127e-4632-980d-505a4d39c01e"
} From this event information, you can determine that

1. the request was made to get a user policy named ReadOnlyAccess-Bob-201407151307 for user Bob
2. the request was made to create a user policy named ReadOnlyAccess-Bob-201407151307 for user Bob
3. Access Mostly Uused Products by 50000+ Subscribers
4. the request was made to update a user policy named ReadOnlyAccess-Bob-201407151307 for user Bob

Correct Answer : Get Lastest Questions and Answer :

From this event information, you can determine that the request was made to get a user policy named ReadOnlyAccess-Bob-201407151307 for user Bob, as specified in the
requestParameters element. You can also see that the request was made by an IAM user named Alice on July 15, 2014 at 9:40 PM (UTC). In this case, the request originated in the AWS
Management Console, as you can tell from the userAgent element.





Question : While working withing an organization called AcmeShell Inc. as an AWS developer, you have created an AWS role
called HRFinanceAdmin, you have created 12 different policies file, each is haing size 1KB+ approx.
While applying all the policies you are having problem. Why ?

1. You can not add more than one policy to role
2. It will not allow more than 10 policy file to a role
3. Access Mostly Uused Products by 50000+ Subscribers
4. All of the above


Correct Answer : Get Lastest Questions and Answer :

You can add as many policies as needed to a role, as long as the total size of all the policies doesn't exceed 10 KB.
You are limited to 250 IAM roles under your AWS account. If you need more roles, submit the IAM limit increase request form with your use case and your IAM role increase will be
considered.






Question : You have created a role which is common for HR and Finance dept, called HRFinance.
And you started ec2 instance with this role. Now after few days you have
decided to seperate it out both this role and created to role separately
e.g. HRRole and FinanceRole. You first delete the HRFinance role, and tries to apply
both the role to running instance. Select the correct statement for this scenerio


1. You can only associate two IAM role with an EC2 instance at this time, so applying these two roles are fine
2. All the HR and Finance application which were part of HRFinance will be denied access immediately
3. Access Mostly Uused Products by 50000+ Subscribers
4. 1 and 2
5. 2 and 3

Correct Answer : Get Lastest Questions and Answer :

Explanation: Can I associate more than one IAM role to an EC2 instance?
No. You can only associate one IAM role with an EC2 instance at this time.

What happens if I delete an IAM role that is associated with a running EC2 instance?
Any application running on that instance that's using the role will be denied access immediately.

Related Questions

---

Question : QuickTechie.com Inc is planning to setup a management network on the AWS VPC which is trying to secure the webserver on a single VPC instance such
that it allows the internet traffic as well as the back-end management traffic. QuickTechie admin wants to make sure that the back end management network interface
can receive the SSH traffic only from a selected IP range, while the internet facing webserver will have an IP address which can receive traffic from all the internet IPs.
How can the QuickTechie.com achieve this by running web server on a single instance?


1. The organization should create two network interfaces with the same subnet and security group to assign separate IPs to each network interface.
2. The organization should create two network interfaces with separate subnets so one instance can have two subnets and the respective security groups for controlled
access.
3. The organization should launch an instance with two separate subnets using the same network interface which allows to have a separate CIDR as well as security groups.
4. It is not possible to have two IP addresses for a single instance.



Question : HadoopExam.com has setup an application on AWS and wants to achieve scalability and HA for the application. Application should scale up and down
when there is a higher / reduced load on the application. Which of the below mentioned configurations is not required to be performed in this scenario?

1. Setup ELB with instances to distribute the load on the web server.
2. Setup schedule to shut off the instance when the instance is not in use.
3. Setup bootstrapping to start the web and DB servers on instance boot.
4. Create an AMI of a running instance and configure that AMI with AutoScaling.



Question : You can use Amazon Route health checking and DNS failover features to



1. enhance the availability of the applications running behind Elastic Load Balancers
2. run applications in multiple AWS regions and designate alternate load balancers for failover across regions
3. Both 1 and 2
4. None of above



Question : Using Elastic Load Balancing in your Amazon VPC, you can




1. balance load between tiers of your application within your VPC
2. specify whether the load balancer is internal to VPC.
3. specify whether the load balancer is internet-facing .
4. Only 1 and 2
5. 1,2 and 3



Question : You already know that the website you are going to re-launch on new servers will have millions of hits everyday. Hence, you need reserved instance
with known capacity for that you chose all upfront payment method. Now after launching the Reserved Instance you wish to change the aavailability zone. Which of '
the following is correct statement.

1. If you change the Availability Zone of an RI, its capacity reservation and pricing benefits no longer apply to the original
Availability Zone and start applying to usage in the new Availability Zone.
2. If you change the Availability Zone of an RI, its capacity reservation no longer apply to the original
Availability Zone and start applying to usage in the new Availability Zone.
3. If you change the Availability Zone of an RI, its capacity reservation and pricing benefits will apply to the original
Availability Zone as wel as in the new Availability Zone.
4. None of above



Question : You already know that the website you are going to re-launch on new servers will have millions of hits everyday. Hence, you need reserved instance
with known capacity for that you chose all upfront payment method.As you know you server is already running with lesser capacity, can you upgrade the same server
with RI ?



1. No, You can not
2. Yes, you can
3. It depend which AZ you are using
4. Yes, you can but you need to re-start the server after paying RI fee upfront.