Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. An orgAMzation is hosting an application as part of the free usage tier. The orgAMzation wants to create IAM users for each of its 150 employees and they may access AWS as part of free usage tier. What will you advise the orgAMzation?
A. The IAM is not available as a part of the free usage tier
B. Create IAM roles and give access based on role since it will not cost the user
C. Do not create more than 100 users as it will cost the orgAMzation.
D. Create IAM users for each employee as it does not cost
Answer: D
Explanation:
IAM is a free service. You can create as many IAM users or groups as desired free of cost. Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_Introduction.htm|
Q2. A user has launched an RDS instance. The user has created 3 databases on the same server. What can the maximum size be for each database?
A. The size of each DB cannot be more than 3 TB
B. It is not possible to have more than one DB on a single instance
C. The total instance storage size cannot be more than 3 TB
D. The size of each DB cannot be more than 1 TB
Answer: C
Explanation:
The AWS RDS DB instance is an isolated DB environment provided by AWS in which the user can create more than 1 database. The maximum size ofthe instance should be between 5 GB and 3 TB. The size of each DB can be anything in this range.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html
Q3. Your manager has requested you to tag EC2 instances to orgAMze and manage a load balancer. Which of the following statements about tag restrictions is incorrect?
A. The maximum key length is 127 Unicode characters.
B. The maximum value length is 255 Unicode characters.
C. Tag keys and values are case sensitive.
D. The maximum number of tags per load balancer is 20.
Answer: D
Explanation:
Tags help you to categorize your load balancers in different ways, for example, by purpose, owner, or environment. The following basic restrictions apply to tags: The maximum number of tags per resource is
10. The maximum key length is 127 Unicode characters. The maximum value length that can be used is 255 Unicode characters. The tag keys and values are case sensitive. Allowed characters are letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - =. _ : / @. Do not use leading or trailing spaces. Do not use the aws: prefix in your tag names or values because it is reserved for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per resource limit.
Reference:
http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/DeveIoperGuide/add-remove-tags.htmI#tag-res trictions
Q4. A user is creating an ELB with VPC. Which of the following options is available as a part of the "Add EC2
instances" page?
A. Select Subnet
B. Select IAM
C. Select ENI
D. Select VPC
Answer: A
Explanation:
When a user is launching an ELB with VPC, he/she has to select the options, such as subnet and security group before selecting the instances part of that subnet.
Reference:
http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/Deve|operGuide/elb-getting-started.htmI
Q5. Which Amazon service is not used by Elastic Beanstalk?
A. Amazon S3
B. Amazon ELB
C. Auto scaling
D. Amazon EMR
Answer: D
Explanation:
Elastic Beanstalk leverages AWS services such as Amazon Elastic Cloud Compute (Amazon EC2), Amazon Simple Storage Service (Amazon S3), Amazon Simple Notification Service (Amazon SNS), Elastic Load Balancing and Auto Scaling to deliver the same highly reliable, scalable, and cost-effective infrastructure that hundreds of thousands of businesses depend on today.
Reference: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/\NeIcome.html
Q6. A user has launched an EBS backed Linux instance. How can a user detach the root device and attach it to another instance as a secondary volume?
A. Unmount the root volume first and then detach it
B. It is not possible to mount the root volume to some other instance
C. Stop the first instance and then attach instance’s root volume as a new volume to the other instance
D. It is not possible to mount the root device as a secondary volume on the other instance
Answer: C
Explanation:
If an Amazon EBS volume is the root device of an instance, it cannot be detached unless the instance is in the stopped state.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html
Q7. How long are the messages kept on an SQS queue by default?
A. If a message is not read, it is never deleted
B. 2 weeks
C. 1 day
D. 4 days
Answer: D
Explanation:
The SQS message retention period is configurable and can be set anywhere from 1 minute to 2 weeks. The default is 4 days and once the message retention limit is reached your messages will be automatically deleted. The option for longer message retention provides greater filexibility to allow for longer intervals between message production and consumption.
Reference: https://aws.amazon.com/sqs/faqs/
Q8. An orgAMzation has hosted an application on the EC2 instances. There will be multiple users connecting to the instance for setup and configuration of application. The orgAMzation is planning to implement certain security best practices. Which of the below mentioned pointers will not help the orgAMzation achieve better security arrangement?
A. Apply the latest patch of OS and always keep it updated.
B. Allow only IAM users to connect with the EC2 instances with their own secret access key.
C. Disable the password based login for all the users. All the users should use their own keys to connect with the instance securely.
D. Create a procedure to revoke the access rights of the indMdual user when they are not required to connect to EC2 instance anymore for the purpose of application configuration.
Answer: B
Explanation:
Since AWS is a public cloud any application hosted on EC2 is prone to hacker attacks. It becomes extremely important for a user to setup a proper security mechAMsm on the EC2 instances. A few of the security measures are listed below:
Always keep the OS updated with the latest patch
Always create separate users with in OS if they need to connect with the EC2 instances, create their keys and disable their password
Create a procedure using which the admin can revoke the access of the user when the business work on the EC2 instance is completed
Lock down unnecessary ports
Audit any proprietary applications that the user may be running on the EC2 instance
Provide temporary escalated prMleges, such as sudo for users who need to perform occasional prMleged tasks
The IAM is useful when users are required to work with AWS resources and actions, such as launching an instance. It is not useful to connect (RDP / SSH) with an instance.
Reference: http://aws.amazon.com/articles/1233/
Q9. In AWS Elastic Beanstalk, you can update your deployed application even while it is part of a running environment. For a Java application, you can also use to update your deployed application.
A. the AWS Toolkit for Eclipse
B. the AWS Toolkit for Visual Studio
C. the AWS Toolkit for JVM
D. the AWS Toolkit for Netbeans
Answer: A
Explanation:
In AWS Elastic Beanstalk, you can update your deployed application, even while it is part of a running environment. For a Java application, you can also use the AWS Toolkit for Eclipse to update your deployed application.
Reference: http://docs.aws.amazon.com/elasticbeanstaIk/latest/dg/GettingStarted.WaIkthrough.htmI
Q10. AutoScaIing is configured with 3 AZs. Each zone has 5 instances running. If AutoScaIing wants to terminate an instance based on the policy action, which instance will it terminate first?
A. Terminate the first launched instance
B. Randomly select the instance for termination
C. Terminate the instance from the AZ which does not have a high AWS load
D. Terminate the instance from the AZ which has instances running near to the billing hour
Answer: B
Explanation:
Before Auto Scaling selects an instance to terminate, it first identifies the Availability Zone that has more instances than the other Availability Zones used by the group. If all the Availability Zones have the same number of instances, it identifies a random Availability Zone.
Reference: http://docs.aws.amazon.com/AutoScaIing/latest/DeveIoperGuide/us-termination-policy.html
Q11. A user has launched one EC2 instance in the US West region. The user wants to access the RDS instance launched in the US East region from that EC2 instance. How can the user configure the access for that EC2 instance?
A. It is not possible to access RDS of the US East region from the US West region
B. Open the security group of the US West region in the RDS security group’s ingress rule
C. Configure the IP range of the US West region instance as the ingress security rule of RDS
D. Create an IAM role which has access to RDS and launch an instance in the US West region with it
Answer: C
Explanation:
The user cannot authorize an Amazon EC2 security group if it is in a different AWS Region than the RDS DB instance. The user can authorize an IP range or specify an Amazon EC2 security group in the same region that refers to an IP address in another region.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithSecurityGroups.html
Q12. A user wants to access RDS from an EC2 instance using IP addresses. Both RDS and EC2 are in the same region, but different AZs. Which of the below mentioned options help configure that the instance is accessed faster?
A. Configure the Private IP of the Instance in RDS security group
B. Security group of EC2 allowed in the RDS security group
C. Configuring the elastic IP of the instance in RDS security group
D. Configure the Public IP of the instance in RDS security group
Answer: A
Explanation:
If the user is going to specify an IP range in RDS security group, AWS recommends using the private IP address of the Amazon EC2 instance. This provides a more direct network route from the Amazon EC2 instance to the Amazon RDS DB instance, and does not incur network charges for the data sent outside of the Amazon network.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithSecurityGroups.html
Q13. When you use the AWS Elastic Beanstalk console to deploy a new application you’II need to upload a source bundle and it should .
A. Consist of a single .zip file
B. Consist of a single .war file
C. Consist of a single .zip file or .war file
D. Consist of a folder with all files
Answer: C
Explanation:
When you use the AWS Elastic Beanstalk console to deploy a new application or an application version, you’II need to upload a source bundle. Your source bundle must meet the following requirements: Consist of a single .zip file or .war file
Not exceed 512 MB
Not include a parent folder or top-level directory (subdirectories are fine) Reference:
http://docs.aws.amazon.com/elasticbeanstaIk/latest/dg/using-features.depIoyment.source.html
Q14. Which of the following groups is AWS Elastic Beanstalk best suited for?
A. Those who want to deploy and manage their applications within minutes in the AWS cloud
B. Those who want to privately store and manage Git repositories in the AWS cloud.
C. Those who want to automate the deployment of applications to instances and to update the applications as required
D. Those who want to model, visualize, and automate the steps required to release software
Answer: A
Explanation:
AWS Elastic Beanstalk is best suited for those groups who want to deploy and manage their applications within minutes in the AWS cloud. As a bonus, you don’t even need experience with cloud computing to get started.
Reference: https://aws.amazon.com/elasticbeansta|k/faqs/
Q15. A user has launched five instances with ELB. How can the user add the sixth EC2 instance to ELB?
A. The user can add the sixth instance on the fly.
B. The user must stop the ELB and add the sixth instance.
C. The user can add the instance and change the ELB config file.
D. The ELB can only have a maximum of five instances.
Answer: A
Explanation:
Elastic Load Balancing automatically distributes incoming traffic across multiple EC2 instances. You create a load balancer and register instances with the load balancer in one or more Availability Zones. The load balancer serves as a single point of contact for clients. This enables you to increase the availability of your application. You can add and remove EC2 instances from your load balancer as your needs change, without disrupting the overall flow of information.
Reference: http://docs.aws.amazon.com/E|asticLoadBaIancing/latest/DeveIoperGuide/Svclntro.htm|