Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. A user has enabled the automated backup, but not specified the backup window. What will RDS do in this case?
A. Will throw an error on instance launch
B. RDS will take 3 AM — 3:30 AM as the default window
C. RDS assigns a random time period based on the region
D. Will not allow to launch a DB instance
Answer: C
Explanation:
If the user does not specify a preferred backup window while enabling an automated backup, Amazon RDS assigns a default 30-minute backup window which is selected at random from an 8-hour block of
time per region. Reference:
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.BackingUpAndRestoringAmazonR DSInstances.htmI
Q2. When you create a table with a hash-and-range key, you must define one or more secondary indexes on that table.
A. False, hash-range key is another name for secondary index
B. False, it is optional
C. True
D. False, when you have Hash-Range key you cannot define Secondary index
Answer: B
Explanation:
When you create a table with a hash-and-range key in DynamoDB, you can also define one or more secondary indexes on that table.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/LSI.htmI
Q3. Regarding Amazon SNS, when you want to subscribe to a topic and receive notifications to your email, in the Protocol drop-down box, you should select .
A. Email
B. Message
C. SMTP
D. IMAP
Answer: A
Explanation:
In Amazon SNS, when you want to subscribe to a topic and receive notifications to your email, select Email in the Protocol drop-down box. Enter an email address you can use to receive the notification in the Endpoint field.
Reference: http://docs.aws.amazon.com/sns/latest/dg/SubscribeTopic.html
Q4. How many types of block devices does Amazon EC2 support?
A. 5
B. 1
C. 2
D. 4
Answer: C
Explanation:
Amazon EC2 supports 2 types of block devices. Reference:
http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html
Q5. A user has attached one RDS security group with 5 RDS instances. The user has changed the ingress rule for the security group. What will be the initial status of the ingress rule?
A. Approving
B. Implementing
C. Authorizing
D. It is not possible to assign a single group to multiple DB instances
Answer: C
Explanation:
When the user makes any changes to the RDS security group the rule status will be authorizing for some time until the changes are applied to all instances that the group is connected with. Once the changes are propagated the rule status will change to authorized.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithSecurityGroups.html
Q6. A user is planning to create a structured database in the cloud. Which of the below mentioned AWS offerings help the user achieve the goal?
A. AWS DynamoDB
B. AWS RDS
C. AWS Simp|eDB
D. AWS RSD
Answer: B
Explanation:
AWS RDS is a managed database server offered by AWS, which makes it easy to set up, operate, and scale a relational database or structured data in cloud.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html
Q7. Can you SSH to your private machines that reside in a VPC from outside without elastic IP?
A. Yes, but only if you have direct connect or vpn
B. Only if you are using a non-US region
C. Only if you are using a US region
D. No
Answer: A
Explanation:
The instances that reside in the private subnets of your VPC are not reachable from the Internet, meAMng that is not possible to ssh into them. To interact with them you can use a bastion server, located in a public subnet, that will act as a proxy for them.
You can also connect if you have direct connect or vpn.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html
Q8. In Amazon SNS, to send push notifications to mobile devices using Amazon SNS and ADM, you need to obtain the following, except:
A. Client secret
B. Client ID
C. Device token
D. Registration ID
Answer: C
Explanation:
To send push notifications to mobile devices using Amazon SNS and ADM, you need to obtain the following: Registration ID and Client secret.
Reference: http://docs.aws.amazon.com/sns/latest/dg/SNSMobiIePushPrereq.htmI
Q9. A user has created an EBS instance in the US-East-1a AZ. The user has a volume of 30 GB in the US-East-1 b zone. How can the user attach the volume to an instance?
A. Since both the volume and the instance are in the same region, the user can attach the volume
B. Use the volume migrate function to move the volume from one AZ to another and attach to the instance
C. Take a snapshot of the volume. Create a new volume in the USEast-1a and attach that to the instance
D. Use the volume replicate function to create a new volume in the US-East-1a and attach that to the volume
Answer: C
Explanation:
If an EBS volume is not in the same AZ of an EC2 instance, it cannot be attached to the instance. The only option is to take a snapshot of the volume and create a new volume in the instance’s AZ. Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.htmI
Q10. A user has created a MySQL RDS instance with PIOPS. Which of the below mentioned statements will help user understand the advantage of PIOPS?
A. The user can achieve additional dedicated capacity for the EBS I/O with an enhanced RDS option
B. It uses optimized EBS volumes and optimized configuration stacks
C. It provides a dedicated network bandwidth between EBS and RDS
D. It uses a standard EBS volume with optimized configuration the stacks
Answer: B
Explanation:
RDS DB instance storage comes in two types: standard and provisioned IOPS. Standard storage is allocated on the Amazon EBS volumes and connected to the user’s DB instance. Provisioned IOPS uses optimized EBS volumes and an optimized configuration stack. It provides additional, dedicated capacity for the EBS I/O.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html
Q11. A user has setup an application on EC2 which uses the IAM user access key and secret access key to make secure calls to S3. The user wants to temporarily stop the access to S3 for that IAM user. What should the root owner do?
A. Delete the IAM user
B. Change the access key and secret access key for the users
C. Disable the access keys for the IAM user
D. Stop the instance
Answer: C
Explanation:
If the user wants to temporarily stop the access to S3 the best solution is to disable the keys. Deleting the user will result in a loss of all the credentials and the app will not be useful in the future. If the user stops the instance IAM users can still access S3. The change of the key does not help either as they are still active. The best possible solution is to disable the keys.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/NIanagingCredentia|s.html
Q12. A user has launched an EC2 instance and installed a website with the Apache webserver. The webserver is running but the user is not able to access the website from the internet. What can be the possible reason for this failure?
A. The security group of the instance is not configured properly.
B. The instance is not configured with the proper key-pairs.
C. The Apache website cannot be accessed from the internet.
D. Instance is not configured with an elastic IP.
Answer: A
Explanation:
In Amazon Web Services, when a user has configured an instance with Apache, the user needs to ensure that the ports in the security group are opened as configured in Apache config. E.g. If Apache is running on port 80, the user should open port 80 in the security group.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
Q13. Bob is an IAM user who has access to the EC2 services. Admin is an IAM user who has access to all the AWS services including IAM. Can Bob change his password?
A. No, the IAM user can never change the password
B. Yes, provided Admin has given Bob access to change his password
C. Yes, only from AWS CLI
D. Yes, only from the AWS console
Answer: B
Explanation:
The IAM users by default cannot change their password. The root owner or IAM administrator needs to set the policy in the password policy page, which should allow the user to change their password. Once it is enabled, the IAM user can always change their passwords from the AWS console or CLI.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingUserPwdSeIf.htm|
Q14. A user is planning to use EBS for his DB requirement. The user already has an EC2 instance running in the VPC private subnet. How can the user attach the EBS volume to a running instance?
A. The user must create EBS within the same VPC and then attach it to a running instance.
B. The user can create EBS in the same zone as the subnet of instance and attach that EBS to instance.
C. It is not possible to attach an EBS to an instance running in VPC until the instance is stopped.
D. The user can specify the same subnet while creating EBS and then attach it to a running instance.
Answer: B
Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user’s AWS account. The user can create subnets as per the requirement within a VPC. The VPC is always specific to a region. The user can create a VPC which can span multiple Availability Zones by adding one or more subnets in each Availability Zone.
The instance launched will always be in the same availability zone of the respective subnet. When creating an EBS the user cannot specify the subnet or VPC. However, the user must create the EBS in the same zone as the instance so that it can attach the EBS volume to the running instance.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.htm|#VPCSubnet
Q15. When a user is detaching an EBS volume from a running instance and attaching it to a new instance, which of the below mentioned options should be followed to avoid file system damage?
A. Unmount the volume first
B. Stop all the I/O of the volume before processing
C. Take a snapshot of the volume before detaching
D. Force Detach the volume to ensure that all the data stays intact
Answer: A
Explanation:
When a user is trying to detach an EBS volume, the user can either terminate the instance or explicitly remove the volume. It is a recommended practice to unmount the volume first to avoid any file system damage.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html