AWS Certified Solutions Architect – Associate Questions and Answers (Dumps and Practice Questions)
Question : As an AWS architect you have saved training courses videos to Amazon S buckte and some PDF files. Now you wanted to know that who has
accessed
your S3 content. How will you do that ?
1. We should have used CloudFront logs
2. We should have used Cloud Monitoring detail statistics
3. Access Mostly Uused Products by 50000+ Subscribers
4. We should enabled Server Access Logging on S3 bucket
Correct Answer : Get Lastest Questions and Answer :
Explanation: In order to track requests for access to your bucket, you can enable access logging. Each access log record provides details
about
a single access request, such as the requester, bucket name, request time, request action, response status, and error code, if any. Access log
information
can be useful in security and access audits. It can also help you learn about your customer base and understand your Amazon S3 bill.
Note
There is no extra charge for enabling server access logging on an Amazon S3 bucket; however, any log files the system delivers to you will accrue the
usual
charges for storage. (You can delete the log files at any time.) No data transfer charges will be assessed for log file delivery, but access to the
delivered log files is charged the same as any other data transfer.
By default, logging is disabled. To enable access logging, you must do the following:
Turn on the log delivery by adding logging configuration on the bucket for which you want Amazon S3 to deliver access logs. We will refer to this bucket
as
the source bucket.
Grant the Amazon S3 Log Delivery group write permission on the bucket where you want the access logs saved. We will refer to this bucket as the target
bucket.
To turn on log delivery, you provide the following logging configuration information:
Name of the target bucket name where you want Amazon S3 to save the access logs as objects. You can have logs delivered to any bucket that you own,
including the source bucket. We recommend that you save access logs in a different bucket so you can easily manage the logs. If you choose to save access
logs in the same bucket as the source bucket, we recommend you specify a prefix to all log object keys so that you can easily identify the log objects.
Note
Both the source and target buckets must be owned by the same AWS account.
Question : You are using IAM, for Access control. You also want to have access key rotation enabled. So how many active access keys are possible in
IAM ?
1. 1
2. 2
3. Access Mostly Uused Products by 50000+ Subscribers
4. 100
5. Unlimited
Correct Answer : Get Lastest Questions and Answer :
Explanation: By default, when you create an access key, its status is Active, which means the user can use the access key for AWS CLI, Tools
for
Windows PowerShell, and API calls. Each user can have two active access keys, which is useful when you must rotate the user's access keys. You can
disable a
user's access key, which means it can't be used for API calls. You might do this while you're rotating keys or to revoke API access for a user.
To ensure the security of your AWS account, the secret access key is accessible only at the time you create it. If a secret access key is lost, you must
delete the access key for the associated user and create a new key.
You can delete an access key at any time. However, when you delete an access key, it's gone forever and cannot be retrieved. (You can always create new
keys.)
Question :
Who is responsible for modifying the routing tables and networking ACLs in a VPC to ensure that a DB instance is reachable from other instances in the
VPC?
1. The DB Instance Creator.
2. Anybody who is the owner of the AWS account.
3. Access Mostly Uused Products by 50000+ Subscribers
4. AWS administrator of your company.
Correct Answer : Get Lastest Questions and Answer :
The owner of the AWS account are responsible for modifying routing tables and networking
ACLs in your VPC to ensure that your DB instance is reachable from your client instances in the VPC.
For Multi-AZ deployments, after a failover, your client EC2 instance and RDS DB Instance may be in different Availability Zones.
You should configure your networking ACLs to ensure that cross-AZ communication is possible.
Related Questions
Question :
In DynamoDB, if your items are 1.5 KB and you want to do 10 writes per second, then you would need to provision _____ write capacity units.
1. 30
2. 20
3. Access Mostly Uused Products by 50000+ Subscribers
4. 25
Question :
Is it possible to create an S3 bucket accessible only by a determinate IAM user using policies in the same CloudFormation template?
1. No, you can only create the S3 bucket and the IAM user.
2. Yes, all these resources can be created using a CloudFormation template
3. Access Mostly Uused Products by 50000+ Subscribers
4. S3 is not supported by CloudFormation.
Question :
PutItem, UpdateItem and DeleteItem have a ________ parameter, which you can use to return the attributes before or after they are modified.
1. ItemValues
2. CurrentValues
3. Access Mostly Uused Products by 50000+ Subscribers
4. GetValues
Question :
A user has suspended the Auto Scaling process. The user updates the desired capacity of the Auto Scaling group.
Which of the below mentioned statements is true with respect to this condition?
1. The desired capacity will not get updated as scaling is frozen
2. The desired capacity will get updated, but the scaling activity will not happen
3. Access Mostly Uused Products by 50000+ Subscribers
4. The scaling activity will happen as this is manual scaling
Question :
How many days of the CloudWatch alarm history does AWS preserve?
1. 14 days
2. 1 day
3. Access Mostly Uused Products by 50000+ Subscribers
4. CloudWatch does not store the alarm history
Question : If you want to delegate API access to a third party, after you create the IAM role,
you must share the role's ________ with the third party.
1. User name
2. The 6 digit code which you get from the hardware MFA device
3. Access Mostly Uused Products by 50000+ Subscribers
4. Amazon Resource Name (ARN)