AWS Certified Solutions Architect – Associate Questions and Answers (Dumps and Practice Questions)

Question : A customer is hosting their company website on a cluster of web servers that are behind a
public-facing load balancer. The customer also uses Amazon Route 53 to manage their
public DNS. How should the customer configure the DNS zone apex record to point to the
load balancer?

1. Create an A record pointing to the IP address of the load balancer
2. Create a CNAME record pointing to the load balancer DNS name.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Create an A record aliased to the load balancer DNS name

Ans : 3
Exp : Associating Your Custom Domain Name with Your Load Balancer Name

First, if you haven't already done so, register your domain name. The Internet Corporation for Assigned Names and Numbers (ICANN) manages domain names on
the Internet. You register a domain name using a domain name registrar, an ICANN-accredited organization that manages the registry of domain names. The
website for your registrar will provide detailed instructions and pricing information for registering your domain name. For more information, see the
following resources:

To use Amazon Route 53 to register a domain name, see Registering Domain Names Using Amazon Route 53 in the Amazon Route 53 Developer Guide.

For a list of accredited registrars, see the Accredited Registrar Directory.

If you have a domain name but are using another DNS service, such as your domain registrar, consider the option to use Amazon Route 53 as your DNS
service.
When you use Amazon Route 53 as your DNS service, you can create an alias resource record set, which has the following advantages over other DNS services
for routing DNS queries to your load balancer:

Amazon Route 53 doesn't charge for DNS queries for alias resource record sets.

You can use alias record sets to route DNS queries to your load balancer for the zone apex of your domain (for example, example.com). If you're
using a
different DNS service, you need to create a CNAME resource record set to route queries to your load balancer, but DNS doesn't allow you to create a
CNAME resource record set for the zone apex. (Note that some DNS services provide a workaround.)

Question : What is the minimum time Interval for the data that Amazon CloudWatch receives and aggregates?

1. One second
2. Five seconds
3. Access Mostly Uused Products by 50000+ Subscribers
4. Three minutes
5. Five minutes

Ans : 1 Exp : What is the minimum time interval granularity for the data that Amazon CloudWatch receives and aggregates?

Many metrics are received and aggregated at 1-minute intervals. Some are at 3-minute or 5-minute intervals.

Question : Which of the following statements are true about Amazon Route resource records?
Choose 2 answers
A. An Alias record can map one DNS name to another Amazon Route 53 DNS name.
B. A CNAME record can be created for your zone apex.
C. An Amazon Route 53 CNAME record can point to any DNS record hosted anywhere.
D. TTL can be set for an Alias record in Amazon Route 53.
E. An Amazon Route 53 Alias record can point to any DNS record hosted anywhere.

1. A,B
2. A,C
3. Access Mostly Uused Products by 50000+ Subscribers
4. B,D

Ans : 2 Exp :

Question : Which storage engines are supported for use with Read Replicas?

1. S3
2. EBS
3. Access Mostly Uused Products by 50000+ Subscribers
4. MyISAM

Correct Answer : Get Lastest Questions and Answer :
Read Replicas require a transactional storage engine and are only supported for the InnoDB storage engine.

Non-transactional engines such as MyISAM might prevent Read Replicas from working as intended. However, if you still choose to use MyISAM with Read
Replicas, It is advise you to watch the Amazon CloudWatch Replica Lag metric (available via the AWS Management Console or Amazon CloudWatch APIs)
carefully
and recreate the Read Replica should it fall behind due to replication errors. The same considerations apply to the use of temporary tables and any other
non-transactional engines.

Question : You need to pass a custom script to new Amazon Linux instances created in your Auto
Scaling group. Which feature allows you to accomplish this?

1. User data
2. EC2Config service
3. Access Mostly Uused Products by 50000+ Subscribers
4. AWS Config

Correct Answer : Get Lastest Questions and Answer :
Explanation: You can actually set that up in userdata within the launch configuration. Some AMI's have cloudinit and will execute userdata
automatically, but otherwise you can bake something into the AMI that will check the instance metadata for userdata. User Data and Shell Scripts

If you are familiar with shell scripting, this is the easiest and most complete way to send instructions to an instance at launch, and the cloud-init log
file (/var/log/cloud-init.log) captures console output so it is easy to debug your scripts following a launch if the instance does not behave the way you
intended.

Important
User data scripts and cloud-init directives only run during the first boot cycle when an instance is launched.
User data shell scripts must start with the #! characters and the path to the interpreter you want to read the script (commonly /bin/bash). For a great
introduction on shell scripting, see the BASH Programming HOW-TO at the Linux Documentation Project (tldp.org).

Scripts entered as user data are executed as the root user, so do not use the sudo command in the script. Remember that any files you create will be
owned
by root; if you need non-root users to have file access, you should modify the permissions accordingly in the script. Also, because the script is not run
interactively, you cannot include commands that require user feedback (such as yum update without the -y flag).

Adding these tasks at boot time adds to the amount of time it takes to boot the instance. You should allow a few minutes of extra time for the tasks to
complete before you test that the user script has finished successfully.

Question : When a user is uploading the SSL certificate for ELB, which of the below mentioned criteria IAM validates hence certificate comply?

1. Certificates must follow the X.509 PEM format.
2. Public and private certificate files can have more than one certificate
3. Access Mostly Uused Products by 50000+ Subscribers
4. 2 and 3 both are correct
5. 1 and 3 are correct

Correct Answer : Get Lastest Questions and Answer :
When you upload your certificates, IAM validates the certificates with the following criteria:

Certificates must follow the X.509 PEM format.
The current date must be between the certificates start and end date.
Public and private certificate files must contain only a single certificate.
The private key must match the public key that is in the certificate.
The private key must be an RSA private key in PEM format, where the PEM header is BEGIN RSA PRIVATE KEY and the footer is END RSA PRIVATE KEY (as shown
in
Sample Certificates ).
The private key cannot be encrypted with a password.
The certificate chain must include all of your CAs intermediary certificates that lead to the root certificate, and optionally ends with your CAs root
certificate. Typically, both intermediary and root certificates are provided by a CA in a bundled file with the proper chained order. If a certificate
bundle is not available or not available in the required order, you can create your own file similar to the sample certificate chain in Sample
Certificates.
Use the intermediary certificates that were provided by your CA. Any intermediaries that are not involved in the chain of trust path must not be included.

After you upload your certificate chain to AWS, you can use SSL Checker to verify it.

Note
o The order of intermediate certificates should be documented by the CA. AWS does not recommend any one CA. For a listing of some CAs,
o Although the root certificate is optional, you can include it so that you can run full chain of trust verifications, such as SSL Checker.

If you have certificates that result in an error when you upload them, ensure that they meet the criteria, and then try uploading them again.

AWS Certified Solutions Architect – Associate Questions and Answers (Dumps and Practice Questions)

Related Questions