AWS Certified Solutions Architect – Associate Questions and Answers (Dumps and Practice Questions)
Question :
To enable your IAM users to create Temporary Security Credentials for federated users, you have to grant this user limited permission to create temporary security credentials for federated users using
1. GetSessionName
2. GetFederationName
3. Access Mostly Uused Products by 50000+ Subscribers
4. GetSessionToken
Correct Answer : Get Lastest Questions and Answer :
Explanation: When you give an IAM user permission to create temporary security credentials for federated users, you should be aware that this enables the IAM user
to delegate his or her own permissions.
Example of granting a user limited permission to create temporary security credentials for federated users
When you let an IAM user call GetFederationToken to create temporary security credentials for federated users, it is a best practice to restrict as much as
practical the permissions that the IAM user is allowed to delegate.
By default, IAM users do not have permission to create temporary security credentials for federated users and roles. However, IAM users can call
GetSessionToken by default. To grant an IAM group permission to create temporary security credentials for federated users or roles, you should attach a
policy to the IAM group that the IAM users belong to that grants one or both of the following privileges:
For federated users, access to AWS STS GetFederationToken.
Question :
Is it possible for both of them to send request to ELB with IPV4 and IPV6.
1. No, Either one is only supported
2. Yes, but at a time only one type of request can be handled like all IPV4 same time then IPV6 has to wait
3. Access Mostly Uused Products by 50000+ Subscribers
4. Yes, provided the client is requesting on the dualstack DNS record
Correct Answer : Get Lastest Questions and Answer :
Explanation: Elastic Load Balancing supports both Internet Protocol version 6 (IPv6) and Internet Protocol version 4 (IPv4). Clients can connect to your load
balancer using either IPv4 or IPv6. Communication between the load balancer and its back-end instances uses only IPv4 (regardless of how the client
communicates with your load balancer). This means that your back-end Amazon EC2 instances do not need native IPv6 support.
Elastic Load Balancing provides a public DNS name that combines your load balancer's name and Region. For example, a load balancer named myLB in the US-East
Region might be represented by the DNS name myLB-1234567890.us-east-1.elb.amazonaws.com. This base public DNS name returns only IPv4 records.
In addition to the base public DNS name, Elastic Load Balancing provides two additional public DNS names. The first combines the string ipv6 with the name of
your load balancer and Region. This might look like ipv6.myLB-1234567890.us-east-1.elb.amazonaws.com. The ipv6-prefixed DNS name returns only IPv6 records.
The second public DNS name combines the string dualstack with the name of your load balancer and Region. This might look like
dualstack.myLB-1234567890.us-east-1.elb.amazonaws.com. The dualstack-prefixed DNS name returns both IPv4 and IPv6 records.
Most customers will want to use the dualstack-prefixed DNS name to enable IPv6 support for their load balancers. Because the dualstack-prefixed DNS name
returns both IPv6 and IPv4 records, clients are able to access the load balancer using either IPv4 or IPv6 as their individual connectivity needs dictate.
The ipv6-prefixed DNS name returns only IPv6 addresses, which means that clients with only IPv4 connectivity will not be able to reach the load balancer if
they use the ipv6-prefixed DNS name.
Question :
When you remove an Availability Zone from your load balancer, the load balancer ________
1. stops routing traffic to the instances in the removed Availability Zone.
2. still route the traffic to the instances in the removed Availability Zone.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Stop working
Correct Answer : Get Lastest Questions and Answer :
Explanation: Elastic Load Balancing provides you with option to add or remove Availability Zones for your load balancer at any time. After you add an Availability
Zone, the load balancer starts routing traffic to the instances in the added zone. When you remove an Availability Zone from your load balancer, the load
balancer stops routing traffic to the instances in the removed Availability Zone.
Related Questions
Question : You have a website which has huge logs archival and for regulatory reason it is mandate to keep saved, now you decided to use Amazon
glacier to store this logs why ?
1. Amzon glaciers are good for Infrequently accessed data
2. Amzon glaciers are good for Data archives
3. Access Mostly Uused Products by 50000+ Subscribers
4. Amzon glaciers are good for Frequently accessed data
1. 1,3
2. 1,2
3. Access Mostly Uused Products by 50000+ Subscribers
4. 3,4
5. 1,2,3
Question : QuickTechie.com has a archival mechanism of everyday logs, however for the regulatory requirement they have to keep it somewhere. So they
have decided to use tape libraries, but the initial cost involved with this is very high. So in this case which is the better solution from AWS
1. AWS S3
2. AWS RDS
3. Access Mostly Uused Products by 50000+ Subscribers
4. Any of the above
Ans : 3
Exp : On-premises or offsite tape libraries can lower storage costs but require large upfront investments and specialized maintenance. Amazon Glacier
has no upfront cost and eliminates the cost and burden of maintenance.
Question : Which of the following provides secure, durable, highly-scalable key-value object storage
1. Amazon Simple Queue Service
2. Amazon Simple Workflow Service
3. Access Mostly Uused Products by 50000+ Subscribers
4. Amazon Simple Notification Service
Ans: 3 Exp : Amazon Simple Storage Service (Amazon S3), provides developers and IT teams with secure, durable, highly-scalable object storage. Amazon S3
is
easy to use, with a simple web services interface to store and retrieve any amount of data from anywhere on the web. With Amazon S3, you pay only for the
storage you actually use. There is no minimum fee and no setup cost.
Amazon S3 can be used alone or together with other AWS services such as Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Block Store (Amazon
EBS),
and Amazon Glacier, as well as third party storage repositories and gateways. Amazon S3 provides cost-effective object storage for a wide variety of use
cases including cloud applications, content distribution, backup and archiving, disaster recovery, and big data analytics.
Amazon S3 provides a highly durable storage infrastructure designed for mission-critical and primary data storage. Amazon S3 redundantly stores data in
multiple facilities and on multiple devices within each facility. To increase durability, Amazon S3 synchronously stores your data across multiple
facilities before confirming that the data has been successfully stored. In addition, Amazon S3 calculates checksums on all network traffic to detect
corruption of data packets when storing or retrieving data. Unlike traditional systems, which can require laborious data verification and manual repair,
Amazon S3 performs regular, systematic data integrity checks and is built to be automatically self-healing.
Amazon S3's standard storage is:
" Backed with the Amazon S3 Service Level Agreement for availability.
" Designed for 99.999999999% durability and 99.99% availability of objects over a given year.
" Designed to sustain the concurrent loss of data in two facilities.
Amazon S3 is storage for the Internet. It's a simple storage service that offers software developers a highly-scalable, reliable, and low-latency data
storage infrastructure at very low costs.
Amazon S3 provides a simple web services interface that you can use to store and retrieve any amount of data, at any time, from anywhere on the web.
Using
this web service, developers can easily build applications that make use of Internet storage. Since Amazon S3 is highly scalable and you only pay for
what
you use, developers can start small and grow their application as they wish, with no compromise on performance or reliability. It is designed to be
highly
flexible: Store any type and amount of data that you want; read the same piece of data a million times or only for emergency disaster recovery; build a
simple FTP application, or a sophisticated web application such as the Amazon.com retail web site. Amazon S3 frees developers to focus on innovation, not
figuring out how to store their data.
With Amazon S3's lifecycle policies, you can configure your objects to be archived to Amazon Glacier or deleted after a specific period of time. You can
use
this policy-driven automation to quickly and easily reduce storage costs as well as save time. In each rule you can specify a prefix, a time period, a
transition to Amazon Glacier, and/or an expiration. For example, you could create a rule that archives all objects with the common prefix "logs/" 30 days
from creation, and expires these objects after 365 days from creation. You can also create a separate rule that only expires all objects with the prefix
"backups/" 90 days from creation. Lifecycle policies apply to both existing and new S3 objects, ensuring that you can optimize storage and maximize cost
savings for all current data and any new data placed in S3 without time-consuming manual data review and migration. Within a lifecycle rule, the prefix
field identifies the objects subject to the rule. To apply the rule to an individual object, specify the key name. To apply the rule to a set of objects,
specify their common prefix (e.g. "logs/"). You can specify a transition action to have your objects archived and an expiration action to have your
objects
removed. For time period, provide the date (e.g. January 31, 2013) or the number of days from creation date (e.g. 30 days) after which you want your
objects
to be archived or removed. You may create multiple rules for different prefixes.
Question : QuickTechie.com is a static website, however there is a lot of content links and files which visitors can download by clicking hyperlink.
Which of the below is best solutions to provide, low-cost, highly available hosting solution that can scale automatically to meet traffic demands
1. AWS S3
2. AWS RDS
3. Access Mostly Uused Products by 50000+ Subscribers
4. Any of the above
Ans : 1
Exp : You can host your entire static website on Amazon S3 for a low-cost, highly available hosting solution that can scale automatically to meet traffic
demands. With Amazon S3, you can reliably serve your traffic and handle unexpected peaks without worrying about scaling your infrastructure.
Question : PhotoAnalytics.com is a photo and video hosting website and they have millions of users, which of the following is a good solutions for
storing big data object, by reducing costs, scaling to meet demand, and increasing the speed of innovation.
1. AWS S3
2. AWS RDS
3. Access Mostly Uused Products by 50000+ Subscribers
4. Any of the above
Ans :1
Exp : Whether you're storing pharmaceutical or financial data, or multimedia files such as photos and videos, Amazon S3 can be used as your big data
object store. Amazon Web Services offers a comprehensive portfolio of services to help you manage big data by reducing costs, scaling to meet demand, and
increasing the speed of innovation.
Backup and Archiving
Amazon S3 offers a highly durable, scalable, and secure solution for backing up and archiving your critical data. You can use Amazon S3's versioning
capability to provide even further protection for your stored data. You can also define lifecycle rules to archive sets of Amazon S3 objects to Amazon
Glacier, an extremely low-cost storage service.
Content Storage and Distribution
Amazon S3 provides highly durable and available storage for a variety of content. It allows you to offload your entire storage infrastructure into the
cloud, where you can take advantage of Amazon S3's scalability and pay-as-you-go pricing to handle your growing storage needs. You can distribute your
content directly from Amazon S3 or use Amazon S3 as an origin store for delivering content to your Amazon CloudFront edge locations.
Cloud-native Application Data
Amazon S3 provides high performance, highly available storage that makes it easy to scale and maintain cost-effective mobile and Internet-based apps that
run fast. With Amazon S3, you can add any amount of content and access it from anywhere, so you can deploy applications faster and reach more customers.
Disaster Recovery
Amazon S3's highly durable, secure, global infrastructure offers a robust disaster recovery solution designed to provide superior data protection.
Whether
you're looking for disaster recovery in the cloud or from your corporate data center to Amazon S3, AWS has the right solution for you.
Question : AcmeArchive.com is website where you have file sharing and storing services like Google Drive and DropBox, now you also want to support
that during the syncup from desktop you have by accident deleted one of the file and you realized that it was important for you. So whichof the Simple storeage service will help you to get the deleted file.
A. Versioning in S3
B. Secured signed URLs for S3 data access
C. Dont allow delete objects from s3 (only soft delete is permitted)
D. S3 Reduced Redundancy Storage.
E. Amazon S3 event notifications
1. A, B, C
2. B, C, D
3. Access Mostly Uused Products by 50000+ Subscribers
4. A, E
5. A, D
Ans : 5
Exp : Versioning
Amazon S3 provides further protection with versioning capability. You can use versioning to preserve, retrieve, and restore every version of every object
stored in your Amazon S3 bucket. This allows you to easily recover from both unintended user actions and application failures. By default, requests will
retrieve the most recently written version. Older versions of an object can be retrieved by specifying a version in the request. Storage rates apply for
every version stored. You can configure lifecycle rules to automatically control the lifetime and cost of storing multiple versions.
Reduced Redundancy Storage (RRS)
Reduced Redundancy Storage (RRS) is an Amazon S3 storage option that enables customers to reduce their costs by storing noncritical, reproducible data at
lower levels of redundancy than Amazon S3's standard storage. It provides a cost-effective, highly available solution for distributing or sharing content
that is durably stored elsewhere, or for storing thumbnails, transcoded media, or other processed data that can be easily reproduced. The RRS option
stores
objects on multiple devices across multiple facilities, providing 400 times the durability of a typical disk drive, but does not replicate objects as
many
times as standard Amazon S3 storage.
Reduced Redundancy Storage is:
" Backed with the Amazon S3 Service Level Agreement for availability.
" Designed to provide 99.99% durability and 99.99% availability of objects over a given year. This durability level corresponds to an average annual
expected loss of 0.01% of objects.
" Designed to sustain the loss of data in a single facility.
Question : Your Hadoop job should be triggered based on the event notification of file upload, so which of the followig component can help
implementing this in AWS
1. S3
2. SQS
3. Access Mostly Uused Products by 50000+ Subscribers
4. EC2
5. IAM
6. CloudWatch Alarm
1. 1,2,3
2. 2,3,4
3. Access Mostly Uused Products by 50000+ Subscribers
4. 1,2,3,6
5. 2,3,4,5
Ans : 1
Exp : Amazon S3 can send event notifications when objects are uploaded to Amazon S3. Amazon S3 event notifications can be delivered using Amazon SQS or
Amazon SNS, or sent directly to AWS Lambda, enabling you to trigger workflows, alerts, or other processing. For example, you could use Amazon S3 event
notifications to trigger transcoding of media files when they are uploaded, processing of data files when they become available, or synchronization of
Amazon S3 objects with other data stores.
Question : AchmePhoto.com website has millions of photos and also thumbnail for each photo. Thumbnail can easily be reproduced from the actual full
photo. However, thumbnail take less space than actual photo. Which of the folloing is best solutions to store thumbnails.
1. S3
2. RRS
3. Access Mostly Uused Products by 50000+ Subscribers
4. ElastiCache
5. Amazon Glacier
Question : You have a www.QuickTechie.com, which has huge load, hence you decided to use EC instances, with two availability zone in two
region each with 25 instances. However, while starting the servers you are able to start 20 servers in each zone and 5 request failed in each zone. Why ?
1. There is a limit of 20 ec2 instances in each region, you can ask to increase this limit.
2. There is a limit of 20 ec2 instances in each availability zone, you can ask to increase this limit.
3. Access Mostly Uused Products by 50000+ Subscribers
4. None of the above.
Question : You have reserved instances to run www.QuickTechie.com website, but you see that all instances launched in one AZ's are not performing
well and you decided to change the AZ of the instances, please select the correct statement in this case.
1. If you change the Availability Zone of an RI, its capacity reservation will still apply to the original Availability Zone
2. If you modify the Network Platform of a RI, its capacity reservation no longer applies to the original Network Platform and starts
applying to usage with the new Network Platform
3. Access Mostly Uused Products by 50000+ Subscribers
4. None of the 1,2 and 3
5. Both 1 and 2
Ans : 2
Exp : Reserved Instances provide you with a capacity reservation, so you can have confidence that you will be able to launch the instances you have
reserved
when you need them. There are three RI payment options (No Upfront, Partial Upfront, All Upfront) that enable you to balance the amount you pay upfront
with
your effective hourly price.
Yes. You can request to modify active RIs that you own in one of the following ways:
Move RIs between Availability Zones within the same region
Change the Network Platform of your RIs between "EC2-VPC" and "EC2-Classic" (for EC2 Classic-enabled customers)
Change the instance type of your Linux/UNIX RIs to a larger or smaller size in the same family (e.g., convert 8 m1.smalls into 4 m1.mediums, or vice
versa)
You can submit an RI modification request from the AWS Management Console or the ModifyReservedInstances API. We process your requests as soon as
possible,
depending on available capacity. There is no additional cost for modifying your RI.
If you change the Availability Zone of an RI, its capacity reservation and pricing benefits no longer apply to the original Availability Zone and start
applying to usage in the new Availability Zone. If you modify the Network Platform of a RI, its capacity reservation no longer applies to the original
Network Platform and starts applying to usage with the new Network Platform. Pricing benefits continue to apply to both EC2-Classic and EC2-VPC instance
usage matching the rest of the RI parameters.
Question : Your company in process of migrating from in-house to AWS and it is in the middle of that process. Some of the services already migrated on AWS, and users in that
want to have access those services, hence you are using the VPN connection. Which of the following statement is correct?
A. VPG is a AWS side of VPN connection
B. CGW is a customer side VPN connection
C. IGW is a Server side VPN connection
D. Cygwin is a customer side VPN connection
1. A,B
2. B,C
3. Access Mostly Uused Products by 50000+ Subscribers
4. A,D
5. B,D
Question : You are working with a HealthCare IT company, which helps hospitals to create their infrastructure in AWS. You will be creating VPC for each individual hospital,
after creating 5 VPC it is failed to create a new VPC, why?
1. On each AWS account you can create at MAX 5 VPC only.
2. On each AWS account, you can create at MAX 5 VPC in a region only.
3. Access Mostly Uused Products by 50000+ Subscribers
4. For having more than 5 VPC, you have to make upfront payment for new VPC.
Question : You have deployed a real estate property listing website in AWS on an EC instance. It is working fine and getting popular day by day. Suddenly one day you see
suddenly traffic increases and when you risk team investigated that this IP is coming from some other country which no relation with the property listed on INDIA. It seems
they are trying to access and find which ports are open on EC2 server. Which of the following will help you to prevent this guy to EC2?
1. You will define strict rule in security group which will deny the traffic.
2. You will be defining rule in NACL, which will deny specific traffic
3. Access Mostly Uused Products by 50000+ Subscribers
4. You will put ELB in front of your EC instance