Premium

AWS Certified Solutions Architect – Associate Questions and Answers (Dumps and Practice Questions)



Question : After the server certificate is uploaded, you can verify that the information is stored in IAM. Each certificate object has a unique _________
: After the server certificate is uploaded, you can verify that the information is stored in IAM. Each certificate object has a unique _________
1. Amazon Resource Name (ARN)
2. ID
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Amazon Resource Name (ARN) and Password
5. Amazon Resource Name (ARN) and encrypted Password

Correct Answer : Get Lastest Questions and Answer :

Verify Server Certificate
After the server certificate is uploaded, you can verify that the information is stored in IAM. Each certificate object
has a unique Amazon Resource Name (ARN) and ID. You can request these details for a specific certificate object by referencing the name of the
certificate
object.





Question : Which of the following services natively encrypts data at rest within an AWS region?
Choose 2 answers
A. AWS Storage Gateway
B. Amazon DynamoDB
C. Amazon CloudFront
D. Amazon Glacier
E. Amazon Simple Queue Service
: Which of the following services natively encrypts data at rest within an AWS region?
1. A,B
2. A,D
 3. Access Mostly Uused Products by 50000+ Subscribers
4. B,D

Ans : 2
Exp : The AWS Storage Gateway is a service connecting an on-premises software appliance with cloud-based storage to provide seamless and secure
integration
between an organization"s on-premises IT environment and AWS"s storage infrastructure. The service enables you to securely store data to the AWS cloud
for
scalable and cost-effective storage. The AWS Storage Gateway supports industry-standard storage protocols that work with your existing applications. It
provides low-latency performance by maintaining frequently accessed data on-premises while encrypting and storing all of your data in Amazon Simple
Storage
Service (Amazon S3) or Amazon Glacier.
Q. Does the AWS Storage Gateway encrypt my data?

The AWS Storage Gateway encrypts all data in-transit to and from AWS via SSL. All volume and snapshot data stored in AWS using Gateway-Stored
Volumes/Gateway-Cached Volumes and all virtual tape data stored in AWS using Gateway-VTL is encrypted-at-rest using Advanced Encryption Standard (AES)
256,
a secure symmetric-key encryption standard using 256-bit encryption keys.
: Is my data encrypted?
Yes, all data in the service will be encrypted on the server side. Amazon Glacier handles key management and key protection for you. Amazon Glacier uses
one
of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256). 256-bit is the largest key size defined for AES. Customers
wishing
to manage their own keys can encrypt data prior to uploading it.



It is suggested please do not memorize the answers. Understand each questions and
concepts in detail before appearing in real exam.

If you have any updates or questions with respect to real exam please share with hadoopexam@gmail.com

So other learner can get benefit out of this.

Whishing you all the best
www.HadoopExam.com and www.QuickTechie.com

Please do not forget to create your profile on our technical professionals website www.QuickTechie.com
1. You will get new Articles on modern technologies like Cloud, BigData, Virtualization, Data Science, Hadoop , NoSQL etc.
2. You wil get new Jobs alerts
3. You will get updates on global software companies reviews
4. Free Tutorials
. Interview Questions


Question : A customer implemented AWS Storage Gateway with a gateway-cached volume at their
main office. An event takes the link between the main and branch office offline. Which
methods will enable the branch office to access their data? Choose 3 answers

A. Use a HTTPS GET to the Amazon S3 bucket where the files are located.
B. Restore by implementing a lifecycle policy on the Amazon S3 bucket.
C. Make an Amazon Glacier Restore API call to load the files into another Amazon S3 bucket within four to six hours.
D. Launch a new AWS Storage Gateway instance AMI in Amazon EC2, and restore from a gateway snapshot.
E. Create an Amazon EBS volume from a gateway snapshot, and mount it to an Amazon EC2 instance.
F. Launch an AWS Storage Gateway virtual iSCSI device at the branch office, and restore from a gateway snapshot.


: Which of the following services natively encrypts data at rest within an AWS region?
1. A,D,F
2. A,B,D
 3. Access Mostly Uused Products by 50000+ Subscribers
4. C,D,E
5. B,C,E

Ans : 1
Exp :



Question : Select the which correcly applies to changing the DB Subnet Group of your DB Instance
1. An existing DB Subnet Group can be updated to add more subnets, for existing Availability Zones

2. An existing DB Subnet Group can not be updated to add more subnets, for new Availability Zones

3. Access Mostly Uused Products by 50000+ Subscribers
running in a particular AZ that gets removed from the subnet group

4. Updating an existing DB Subnet Group does not change the current subnet of the deployed DB instance

5. Explicitly changing the DB Subnet Group of a deployed DB instance is not currently allowed

: Which of the following services natively encrypts data at rest within an AWS region?
1. 1,2,3,4
2. 1,2,3
 3. Access Mostly Uused Products by 50000+ Subscribers
4. 1,4,5
5. All 1,2,3,4,5


Correct Answer : Get Lastest Questions and Answer :

An existing DB Subnet Group can be updated to add more subnets, either for existing Availability Zones or for new Availability Zones
added since the creation of the DB Instance. Removing subnets from an existing DB Subnet Group can cause unavailability for instances
if they are running in a particular AZ that gets removed from the subnet group.

At the present time, updating an existing DB Subnet Group does not change the current subnet of the deployed DB instance;
an instance-type scale operation is required. Explicitly changing the DB Subnet Group of a deployed DB instance is not currently allowed.





Question : If want to use an SSL protocol but do not want to terminate the connection on your load balancer,
you can use a ______________ protocol for connection from the client to your load balancer

: If want to use an SSL protocol but do not want to terminate the connection on your load balancer,
1. HTTP
2. TSL
 3. Access Mostly Uused Products by 50000+ Subscribers
4. TCP
5. SSL

Correct Answer : Get Lastest Questions and Answer :

If want to use an SSL protocol but do not want to terminate the connection on your load balancer,
you can use a TCP protocol for connection from the client to your load balancer, use the SSL protocol for connection
from the load balancer to your back-end application, and install certificates on all the back-end instances handling requests.

If you choose to use an HTTPS/SSL connection for your back end, you can enable authentication on your back-end instance.
This authentication can be used to ensure that back-end instances accept only encrypted communication and
to ensure that the back-end instance has the correct certificates.

You can install any certificate you want on your back-end instances, including a self-signed certificate.



Related Questions

Question :

Regarding Amazon S3, how many buckets can an account own at a time?

 :
1. 250
2. 100
3. Access Mostly Uused Products by 50000+ Subscribers
4. 10


Question :

Which one of the following statements about mapping in CloudFormation is correct?

 :
1. Mappings enable you to map your resources that are defined in your template.
2. Mappings enable you to specify resources in your template.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Mappings enable you to specify conditional parameter values in your template.


Question :

In regard to AWS CloudFormation, each parameter can have a default value and description and may be marked as __________
in order to hide the actual value you enter on the screen and in the AWS CloudFormation event logs.

 :
1. NoLog
2. NoEcho
1. HideLog
2. HideValue


Question :

An object named 'log.txt' is uploaded to a bucket named
'test-education in AWS account ID 1111-2222-3333. Which of the options given below is a valid URL of the object for accessing it over the internet?

 :
1. https://s3-us-west-1.amazonaws.com/test-education/log.txt
2. https://s3.amazonaws.com/111122223333/test-education/log.txt
 3. Access Mostly Uused Products by 50000+ Subscribers
4. https://111122223333.s3.amazonaws.com/test-education/log.txt


Question :

What will occur when the user uploads a new object to S3 in the US Standard Region and tries to read it immediately?

 :
1. Until the change is propagated, S3 will return a copy of the object.
2. Until the change is propagated, S3 will report that the "Key Does not Exist"
 3. Access Mostly Uused Products by 50000+ Subscribers
4. S3 will return the object


Question :

Which of the statements given below is correct?

 :
1. Amazon S3 supports object locking
2. Amazon S3 rejects all simultaneous object upload requests
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Amazon S3 does not support object locking