Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. In regard to DynamoDB, which of the following statements is correct?
A. An Item should have at least two value sets, a primary key and another attribute.
B. An Item can have more than one attributes.
C. A primary key should be single-valued.
D. An attribute can have one or several other attributes.
Answer: B
Explanation:
In Amazon DynamoDB, a database is a collection of tables. A table is a collection of items and each item
is a collection of attributes.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModeI.html
Q2. Regarding Amazon SQS, what happens if there is no actMty against a queue for more than 30 consecutive days?
A. Your account will be suspended
B. The queue may be deleted
C. Nothing
D. The queue will be deleted
Answer: B
Explanation:
AWS reserve the right to delete a queue if none of the following requests have been issued against the queue for more than 30 consecutive days:
SendMessage ReceiveMessage DeIeteMessage GetQueueAttributes SetQueueAttributes
You should design your application with this in mind. Reference: https://aws.amazon.com/sqs/faqs/
Q3. How can a user configure three termination policies for the AutoScaIing group?
A. Define multiple policies in random order
B. Define multiple policies in the ordered list
C. Keep updating the AutoScaIing group with each policy
D. The user cannot specify more than two policies for AutoScaIing
Answer: B
Explanation:
To configure the Auto Scaling termination policy, the user can either specify any one of the policies as a standalone policy or list multiple policies in an ordered list. The policies are executed in the order that they are listed.
Reference: http://docs.aws.amazon.com/AutoScaIing/latest/DeveIoperGuide/us-termination-policy.html
Q4. Which of the below mentioned options is not a best practice to securely manage the AWS access credentials?
A. Enable MFA for prMleged users
B. Create indMdual IAM users
C. Keep rotating your secure access credentials at regular intervals
D. Create strong access key and secret access key and attach to the root account
Answer: D
Explanation:
It is a recommended approach to avoid using the access and secret access keys of the root account.
Thus, do not download or delete it. Instead make the IAM user as powerful as the root account and use its credentials. The user cannot generate their own access and secret access keys as they are always generated by AWS.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html
Q5. ExamKiIIer (with AWS account ID 111122223333) has created 50 IAM users for its orgAMzation’s employees. What will be the AWS console URL for these associates?
A. https:// 111122223333.signin.aws.amazon.com/conso|e/
B. https:// signin.aws.amazon.com/consoIe/
C. https://signin.aws.amazon.com/111122223333/conso|e/
D. https://signin.aws.amazon.com/console/111122223333/
Answer: A
Explanation:
When an orgAMzation is using AWS IAM for creating various users and manage their access rights, the IAM user cannot use the login URL http://aws.amazon.com/console to access AWS management console. The console login URL for the IAM user will have AWS account ID of that orgAMzation to identify the IAM user belongs to particular account. The AWS console login URL for the IAM user will be https://
<AWS_Account_|D>.signin.aws.amazon.com/consoIe/. In this case it will be https:// 111122223333.signin.aws.amazon.com/consoIe/
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAIias.html
Q6. is a task coordination and state management service for cloud applications.
A. Amazon SES
B. Amazon SWF
C. Amazon FPS
D. Amazon SNS
Answer: B
Explanation:
Amazon Simple Workflow (Amazon SWF) is a task coordination and state management service for cloud applications. With Amazon SWF, you can stop writing complex glue-code and state machinery and invest more in the business logic that makes your applications unique.
Reference: http://aws.amazon.com/swf/
Q7. An orgAMzation has 20 employees. The orgAMzation wants to give all the users access to the orgAMzation AWS account. Which of the below mentioned options is the right solution?
A. Share the root credentials with all the users
B. Create an IAM user for each employee and provide access to them
C. It is not advisable to give AWS access to so many users
D. Use the IAM role to allow access based on STS
Answer: B
Explanation:
AWS Identity and Access Management is a web service that enables the AWS customers to manage users and user permissions in AWS. The IAM is targeted at orgAMzations with multiple users or systems that use AWS products such as Amazon EC2, Amazon RDS, and the AWS Management Console. With IAM, the orgAMzaiton can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users can access.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_Introduction.htm|
Q8. An orgAMzation is having an application which can start and stop an EC2 instance as per schedule. The orgAMzation needs the MAC address of the instance to be registered with its software. The instance is launched in EC2-CLASSIC. How can the orgAMzation update the MAC registration every time an instance is booted?
A. The instance MAC address never changes. Thus, it is not required to register the MAC address every time.
B. The orgAMzation should write a boot strapping script which will get the MAC address from the instance metadata and use that script to register with the application.
C. AWS never provides a MAC address to an instance; instead the instance ID is used for identifying the instance for any software registration.
D. The orgAMzation should provide a MAC address as a part of the user data. Thus, whenever the instance is booted the script assigns the fixed MAC address to that instance.
Answer: B
Explanation:
AWS provides an on demand, scalable infrastructure. AWS EC2 allows the user to launch On-Demand instances. AWS does not provide a fixed MAC address to the instances launched in EC2-CLASSIC. If the instance is launched as a part of EC2-VPC, it can have an ENI which can have a fixed MAC. However, with EC2-CLASSIC, every time the instance is started or stopped it will have a new MAC address.
To get this MAC, the orgAMzation can run a script on boot which can fetch the instance metadata and get the MAC address from that instance metadata. Once the MAC is received, the orgAMzation can register that MAC with the software.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AESDG-chapter-instancedata.html
Q9. A user has enabled serverside encryption with S3. The user downloads the encrypted object from S3. How can the user decrypt it?
A. S3 does not support server side encryption
B. S3 provides a server side key to decrypt the object
C. The user needs to decrypt the object using their own private key
D. S3 manages encryption and decryption automatically
Answer: D
Explanation:
If the user is using the server-side encryption feature, Amazon S3 encrypts the object data before saving it on disks in its data centres and decrypts it when the user downloads the objects. Thus, the user is free from the tasks of managing encryption, encryption keys, and related tools.
Reference: http://docs.aws.amazon.com/AmazonS3/Iatest/dev/UsingEncryption.htmI
Q10. An online gaming site asked you if you can deploy a database that is a fast, highly scalable NoSQL database service in AWS for a new site that he wants to build. Which database should you recommend?
A. Amazon Redshift
B. Amazon SimpIeDB
C. Amazon DynamoDB
D. Amazon RDS
Answer: C
Explanation:
Amazon DynamoDB is ideal for database applications that require very low latency and predictable performance at any scale but don’t need complex querying capabilities like joins or transactions. Amazon DynamoDB is a fully-managed NoSQL database service that offers high performance, predictable throughput and low cost. It is easy to set up, operate, and scale.
With Amazon DynamoDB, you can start small, specify the throughput and storage you need, and easily scale your capacity requirements on the fly. Amazon DynamoDB automatically partitions data over a
number of servers to meet your request capacity. In addition, DynamoDB automatically replicates your data synchronously across multiple Availability Zones within an AWS Region to ensure high-availability and data durability.
Reference: https://aws.amazon.com/running_databases/#dynamodb_anchor
Q11. Regarding Amazon SWF, the coordination logic in a workflow is contained in a software program called a
A. Handler
B. Decider
C. Cordinator
D. Worker
Answer: B
Explanation:
In Amazon SWF, the coordination logic in a workflow is contained in a software program called a decider. The decider schedules actMty tasks, provides input data to the actMty workers, processes events that arrive while the workflow is in progress, and ultimately ends (or closes) the workflow when the objective has been completed.
Reference: http://docs.aws.amazon.com/amazonswf/latest/developerguide/swf-dg-intro-to-swf.html
Q12. How do you configure SQS to support longer message retention?
A. Set the lVIessageRetentionPeriod attribute using the SetQueueAttributes method
B. Using a Lambda function
C. You can't. It is set to 14 days and cannot be changed
D. You need to request it from AWS
Answer: A
Explanation:
To configure the message retention period, set the lVIessageRetentionPeriod attribute using the SetQueueAttributes method. This attribute is used to specify the number of seconds a message will be retained by SQS. Currently the default value for the message retention period is 4 days. Using the lVIessageRetentionPeriod attribute, the message retention period can be set anywhere from 60 seconds (1 minute), up to 1209600 seconds (14 days).
Reference: https://aws.amazon.com/sqs/faqs/
Q13. Which one of the following operations is NOT a DynamoDB operation?
A. BatchWrite|tem
B. DescribeTabIe
C. BatchGetItem
D. BatchDeIeteItem
Answer: D
Explanation:
In DynamoDB, Deleteltem deletes a single item in a table by primary key, but BatchDeIeteItem doesn’t exist.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/operationIist.htmI
Q14. AutoScaIing is configured with 3 AZs. Each zone has 5 instances running. If AutoScaIing wants to terminate an instance based on the policy action, which instance will it terminate first?
A. Terminate the first launched instance
B. Randomly select the instance for termination
C. Terminate the instance from the AZ which does not have a high AWS load
D. Terminate the instance from the AZ which has instances running near to the billing hour
Answer: B
Explanation:
Before Auto Scaling selects an instance to terminate, it first identifies the Availability Zone that has more instances than the other Availability Zones used by the group. If all the Availability Zones have the same number of instances, it identifies a random Availability Zone.
Reference: http://docs.aws.amazon.com/AutoScaIing/latest/DeveIoperGuide/us-termination-policy.html
Q15. Regarding Amazon SNS, you can send notification messages to mobile devices through any of the following supported push notification services, EXCEPT:
A. Google Cloud Messaging for Android (GCM)
B. Apple Push Notification Service (APNS)
C. Amazon Device Messaging (ADM)
D. Microsoft Windows Mobile Messaging (MWMM)
Answer: D
Explanation:
In Amazon SNS, you have the ability to send notification messages directly to apps on mobile devices. Notification messages sent to a mobile endpoint can appear in the mobile app as message alerts, badge updates, or even sound alerts. Microsoft Windows MobiIe Messaging (MWMM) doesn’t exist and is not supported by Amazon SNS.
Reference: http://docs.aws.amazon.com/sns/latest/dg/SNSMobiIePush.htmI