Premium

AWS Certified Solutions Architect – Associate Questions and Answers (Dumps and Practice Questions)



Question :

When stopping an EC2 classic instance, which ONE is true?

:
1. Ephemeral storage is lost.
2. An attached Elastic IP Address is detached from the instance.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. None of the above


Correct Answer : Get Lastest Questions and Answer :

Explanation: When you stop a running instance, the following happens:

The instance performs a normal shutdown and stops running; its status changes to stopping and then stopped.

Any Amazon EBS volumes remain attached to the instance, and their data persists.

Any data stored in the RAM of the host computer or the instance store volumes of the host computer is gone.

EC2-Classic: We release the public and private IP addresses for the instance when you stop the instance, and assign new ones when you restart it.

EC2-VPC: The instance retains its private IP addresses when stopped and restarted. We release the public IP address and assign a new one when you restart it.

EC2-Classic: We disassociate any Elastic IP address (EIP) that's associated with the instance. You're charged for Elastic IP addresses that aren't
associated with an instance. When you restart the instance, you must associate the Elastic IP address with the instance; we don't do this automatically.

EC2-VPC: The instance retains its associated Elastic IP addresses (EIP). You're charged for any Elastic IP addresses associated with a stopped instance.

When you stop and restart a Windows instance, by default, we change the instance host name to match the new IP address and initiate a reboot. By default, we
also change the drive letters for any attached Amazon EBS volumes. For more information about these defaults and how you can change them, see Configuring a
Windows Instance Using the EC2Config Service in the Amazon Elastic Compute Cloud Microsoft Windows Guide.

If you've registered the instance with a load balancer, it's likely that the load balancer won't be able to route traffic to your instance after you've
stopped and restarted it. You must de-register the instance from the load balancer after stopping the instance, and then re-register after starting the
instance. For more information, see De-Registering and Registering Amazon EC2 Instances in the Elastic Load Balancing Developer Guide.




Question : You are creating an Auto Scaling group whose Instances need to insert a custom metric into CloudWatch.
Which method would be the best way to authenticate your CloudWatch PUT request?
: You are creating an Auto Scaling group whose Instances need to insert a custom metric into CloudWatch.
1. Create an IAM role with the PutMetricData permission and modify the Auto Scaling launch configuration to launch instances in that role
2. Create an IAM user with the PutMetricData permission and modify the Auto Scaling launch configuration to inject the userscredentials into
the instance User Data
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Create an IAM user with the PutMetricData permission and put the credentials in a private repository and have applications on the server
pull the credentials as needed

Correct Answer : Get Lastest Questions and Answer :

Explanation: Amazon CloudWatch integrates with AWS Identity and Access Management (IAM) so that you can specify which CloudWatch actions a user in your AWS Account
can perform. For example, you could create an IAM policy that gives only certain users in your organization permission to use GetMetricStatistics. They
could then use the action to retrieve data about your cloud resources.
You can't use IAM to control access to CloudWatch data for specific resources. For example, you can't give a user access to CloudWatch data for only a
specific set of instances or a specific LoadBalancer. Permissions granted using IAM cover all the cloud resources you use with CloudWatch. In addition, you
can't use IAM roles with the Amazon CloudWatch command line tools.

Although you can only access instance metadata and user data from within the instance itself, the data is not protected by cryptographic methods. Anyone who
can access the instance can view its metadata. Therefore, you should take suitable precautions to protect sensitive data (such as long-lived encryption
keys). You should not store sensitive data, such as passwords, as user data.







Question :

Which types of applications, when running on an EC2 instance, would you consider using provisioned IOPS for?

:
1. Web Servers
2. File Servers
 3. Access Mostly Uused Products by 50000+ Subscribers
4. All of the above

Correct Answer : Get Lastest Questions and Answer :
For any production application that requires fast and consistent I/O performance, we recommend Provisioned IOPS (input/output operations per second)
storage. Provisioned IOPS storage is a storage option that delivers fast, predictable, and consistent throughput performance. When you create a DB instance,
you specify an IOPS rate and storage space allocation. Amazon RDS provisions that IOPS rate and storage for the lifetime of the DB instance or until you
change it. Provisioned IOPS storage is optimized for I/O intensive, online transaction processing (OLTP) workloads that have consistent performance
requirements.

Your actual realized IOPS may vary from the value that you specify depending on your database workload, DB instance size, and the page size and channel
bandwidth that are available for your DB engine.



Related Questions

Question : Select the correct statement which applies for when you change the DB Subnet Group of your DB Instance?
1. An existing DB Subnet Group can be updated to add more subnets, either for existing Availability Zones or for new Availability Zones added since the
creation of the DB Instance.
2. Removing subnets from an existing DB Subnet Group can cause unavailability for instances if they are running in a particular AZ that gets removed from
the subnet group
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Explicitly changing the DB Subnet Group of a deployed DB instance is not currently allowed.

: Select the correct statement which applies for when you change the DB Subnet Group of your DB Instance?
1. 1 ,2 and 3 are correct
2. Only 1,3 and 4 are correct
 3. Access Mostly Uused Products by 50000+ Subscribers
4. All 1,2, 3 and 4 are correct


Question : Select the correct statement which applies to encrypt connections between your application and your DB Instance using SSL

1. This option is currently only supported for the MySQL, SQL Server, Oracle and PostgreSQL engines.
2. Amazon RDS generates an SSL certificate for each DB Instance. Once an encrypted connection is established, data transferred between the DB Instance and
your application will be encrypted during transfer.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. SSL support within Amazon RDS is for encrypting the connection between your application and your DB Instance; it should not be relied on for
authenticating the DB Instance itself.
5. SSL encryption is a compute-intensive operation and will increase the latency of your database connection

: Select the correct statement which applies to encrypt connections between your application and your DB Instance using SSL
1. 1,2,3,4
2. 1,3,4,5
 3. Access Mostly Uused Products by 50000+ Subscribers
4. All 1,2,3,4 and 5 are correct





Question : You had a setup of CloudWatch alarm on the CPU utilization metric at % with a time interval of minutes and periods to monitor.
What will be the state of the alarm at the end of 50 minutes, if the CPU utilization is constant at 90%?
 : You had a setup of CloudWatch alarm on the CPU utilization metric at % with a time interval of minutes and periods to monitor.
1. OK
2. ALARM
 3. Access Mostly Uused Products by 50000+ Subscribers
4. INSUFFICIENT_DATA


Question : Slect the all the correct features of Amazon CloudWatch Alarms

1. You can create up to 500 alarms per AWS account.To create or update an alarm, you use the PutMetricAlarm API function
2. You can list any or all of the currently configured alarms, and list any alarms in a particular state using the DescribeAlarms API
 3. Access Mostly Uused Products by 50000+ Subscribers
4. You can test an alarm by setting it to any state using the SetAlarmState API
5. Finally, you can view an alarm's history using the DescribeAlarmHistory API

: Slect the all the correct features of Amazon CloudWatch Alarms
1. 1,2,3,4
2. 2,3,4,5
 3. Access Mostly Uused Products by 50000+ Subscribers
4. All 1,2,3,4 and 5



Question : You have two Elastic Compute Cloud (EC) instances inside a Virtual Private Cloud (VPC) in the
same Availability Zone (AZ) but in different subnets.One instance is running a database and the
other instance an application that will interface with the database. You want to confirm that they
can talk to each other for your application to work properly.
Which two things do we need to confirm in the VPC settings so that these EC2 instances can
communicate inside the VPC?

Choose 2 answers
A. A network ACL that allows communication between the two subnets.
B. Both instances are the same instance class and using the same Key-pair.
C. That the default route is set to a NAT instance or internet Gateway (IGW) for them to communicate.
D. Security groups are set to allow the application host to talk to the database on the right port/protocol.

 : You have two Elastic Compute Cloud (EC) instances inside a Virtual Private Cloud (VPC) in the
1. A,B
2. A,D
 3. Access Mostly Uused Products by 50000+ Subscribers
4. C,D



Question : How different is creating an Amazon RDS Reserved Instance from creating an Amazon RDS On-Demand Instance?
 : How different is creating an Amazon RDS Reserved Instance from creating an Amazon RDS On-Demand Instance?
1. Both has to be configured differently
2. There is no difference
 3. Access Mostly Uused Products by 50000+ Subscribers
4. On_demand has DB Parameter Groups but reserved instance has optional DB Parameter Groups