Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. A user is trying to create a policy for an IAM user from the AWS console. Which of the below mentioned options is not available to the user while configuring policy?
A. Use policy generator to create policy
B. Use custom policy to create policy
C. Use policy simulator to create policy
D. Assign No permission
Answer: C
Explanation:
When a user is trying to create a policy from the AWS console, it will have options such as create policy from templates or use a policy generator. The user can also define a custom policy or chose the option to have no permission. The policy simulator is not available in the console.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html
Q2. A user is running a MySQL RDS instance. The user will not use the DB for the next 3 months. How can the user save costs?
A. Pause the RDS actMties from CLI until it is required in the future
B. Stop the RDS instance
C. Create a snapshot of RDS to launch in the future and terminate the instance now
D. Change the instance size to micro
Answer: C
Explanation:
The RDS instances unlike the AWS EBS backed instances cannot be stopped or paused. The user needs to take the final snapshot, terminate the instance and launch a new instance in the future from that snapshot
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.BackingUpAndRestoringAmazonR DSInstances.htmI
Q3. A user has created a new EBS volume from an existing snapshot. The user mounts the volume on the instance to which it is attached. Which of the below mentioned options is a required step before the user can mount the volume?
A. Run a cyclic check on the device for data consistency
B. Create the file system of the volume
C. Resize the volume as per the original snapshot size
D. No step is required. The user can directly mount the device
Answer: D
Explanation:
When a user is trying to mount a blank EBS volume, it is required that the user first creates a file system within the volume. If the volume is created from an existing snapshot then the user needs not to create a file system on the volume as it will wipe out the existing data.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.htmI
Q4. A user has configured a bucket S3 to host a static website. What difference will there be when static website hosting is enabled?
A. It will help the user identify this bucket as the website root to map with the domain
B. It will create a new version of the bucket
C. It will not make any difference, but will help the user to configure the error page
D. It will provide the region specific website endpoint
Answer: D
Explanation:
To host a static website, the user needs to configure an Amazon S3 bucket for website hosting and then upload the website contents to the bucket. The website is then available at the region-specific website endpoint of the bucket.
Reference: http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.htmI
Q5. A user wants to configure AutoScaIing which scales up when the CPU utilization is above 70% and scales down when the CPU utilization is below 30%. How can the user configure AutoScaIing for the above mentioned condition?
A. Use AutoScaIing with a schedule
B. Configure ELB to notify AutoScaIing on load increase or decrease
C. Use dynamic AutoScaIing with a policy
D. Use AutoScaIing by manually modifying the desired capacity during a condition
Answer: C
Explanation:
The user can configure the AutoScaIing group to automatically scale up and then scale down based on the specified conditions. To configure this, the user must setup policies which will get triggered by the C|oudWatch alarms.
Reference:
http://docs.aws.amazon.com/AutoScaling/latest/DeveIoperGuide/as-scaIe-based-on-demand.html
Q6. A user had defined an IAM policy similar to the one given below on a bucket:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "A||ow",
"PrincipaI": {
"AWS": "arn:aws:iam::12112112:user/test"
}!
"Action": [ "s3:GetBucketLocation", "s3:ListBucket", "s3:GetObject"
]!
"Resource": [ "arn:aws:s3:::examkiI|er"
}
}
What will this do?
A. It will result in an error saying invalid policy statement
B. It will create an IAM policy for the user test
C. Allows the user test of the AWS account ID 12112112 to perform GetBucketLocation, ListBucket and GetObject on the bucket examkiller
D. It will allow all the IAM users of the account ID 12112112 to perform GetBucketLocation, ListBucket and GetObject on bucket examkiller
Answer: C
Explanation:
The IAM policy allows to test a user in the account 12112112 to perform: s3:GetBucketLocation
s3:ListBucket s3:GetObject
Amazon S3 permissions on the examkiller bucket.
Reference: http://docs.aws.amazon.com/AmazonS3/Iatest/dev/access-policy-language-overview.html
Q7. In relation to Amazon SQS, how many queues and messages can you have per queue for each user?
A. Unlimited
B. 10
C. 256
D. 500
Answer: A
Explanation:
Amazon SQS supports an unlimited number of queues and unlimited number of messages per queue for each user. Please be aware that Amazon SQS automatically deletes messages that have been in the queue for more than 4 days.
Reference: https://aws.amazon.com/items/1343?externaIID=1343
Q8. In DynamoDB, if you create a table and request 10 units of write capacity and 200 units of read capacity of provisioned throughput, how much would you be charged in US East (Northern Virginia) Region?
A. $0.05 per hour
B. $0.10 per hour
C. $0.03 per hour
D. $0.15 per hour
Answer: A
Explanation:
To understand pricing in DynamoDB, consider the following example. If you create a table and request 10 units of write capacity and 200 units of read capacity of provisioned throughput, you would be charged:
$0.01 + (4 x $0.01) = $0.05 per hour
Reference: http://aws.amazon.com/dynamodb/pricing/
Q9. A user is trying to understand AWS SNS. To which of the below mentioned end points is SNS unable to send a notification?
A. AWS SES
B. Email JSON
C. AWS SQS
D. HTTP
Answer: A
Explanation:
Amazon Simple Notification Service (Amazon SNS) is a fast, filexible, and fully managed push messaging service. Amazon SNS can deliver notifications by SMS text message or email to the Amazon Simple Queue Service (SQS) queues or to any HTTP endpoint. The user can select one the following
transports as part of the subscription requests: "HTTP", "HTTPS","Emai|", "EmaiI-JSON", "SQS", "and SMS".
Reference: http://aws.amazon.com/sns/faqs/
Q10. AWS Elastic Load Balancer supports SSL termination.
A. True. For specific availability zones only.
B. False
C. True. For specific regions only
D. True. For all regions
Answer: D
Explanation:
You can configure your load balancer in ELB (Elastic Load Balancing) to use a SSL certificate in order to improve your system security.The load balancer uses the certificate to terminate and then decrypt requests before sending them to the back-end instances. Elastic Load Balancing uses AWS Identity and Access Management (IAM) to upload your certificate to your load balancer.
Reference: http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/DeveIoperGuide/US_SettingUpLoadBaIancerH TTPS.htmI
Q11. Can you configure an RDS Read Replica using CIoudFormation templates?
A. Yes, provided that you have root access.
B. Yes, when you create a new CIoudFormation template
C. Yes, but not for all Regions.
D. No, you can add the ReadRepIica only when the resource is made available by CIoudFormation
Answer: B
Explanation:
AWS CIoudFormation gives developers and systems administrators an easy way to create and manage collections of AWS resources. You can now set Read Replicas for your databases with RDS when you create a new C|oudFormation tempIate.You can start using it with the sample template of C|oudFormation.
Reference:
https://s3.amazonaws.com/cloudformation-templates-us-east-1/RDS_MySQL_With_Read_RepIica.tempI
Q12. In regard to DynamoDB, what is the Global secondary index?
A. An index with a hash and range key that can be different from those on the table.
B. An index that has the same range key as the table, but a different hash key
C. An index that has the same hash key and range key as the table
D. An index that has the same hash key as the table, but a different range key
Answer: A
Explanation:
Global secondary index - an index with a hash and range key that can be different from those on the table.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModel.html
Q13. A user is planning to host MS SQL on an EBS volume. It was recommended to use the AWS RDS. What advantages will the user have if he uses RDS in comparison to an EBS based DB?
A. Better throughput with PIOPS
B. Automated backup
C. NIS SQL is not supported with RDS
D. High availability with multi AZs
Answer: B
Explanation:
Comparing with on-premises or EC2 based NIS SQL, RDS provides an automated backup feature. PIOPS is available with both RDS and EBS. However, HA is not available with NIS SQL.
Reference: https://aws.amazon.com/rds/faqs/
Q14. In relation to Amazon SQS, how can you ensure that messages are delivered in order?
A. Increase the size of your queue
B. Send them with a timestamp
C. Give each message a unique id.
D. AWS cannot guarantee that you will receive messages in the exact order you sent them
Answer: D
Explanation:
Amazon SQS makes a best effort to preserve order in messages, but due to the distributed nature of the queue, AWS cannot guarantee that you will receive messages in the exact order you sent them. You typically place sequencing information or timestamps in your messages so that you can reorder them upon receipt.
Reference: https://aws.amazon.com/items/1343?externaI|D=1343
Q15. An orgAMzation has 500 employees. The orgAMzation wants to set up AWS access for each department. Which of the below mentioned options is a possible solution?
A. Create IAM roles based on the permission and assign users to each role
B. Create IAM users and provide indMdual permission to each
C. Create IAM groups based on the permission and assign IAM users to the groups
D. It is not possible to manage more than 100 IAM users with AWS
Answer: C
Explanation:
An IAM group is a collection of IAM users. Groups let the user specify permissions for a collection of users, which can make it easier to manage the permissions for those users.
Reference: http://docs.aws.amazon.com/IAM/|atest/UserGuide/Using_WorkingWithGroupsAndUsers.htmI