Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. In Amazon EC2, partial instance-hours are billed .
A. per second used in the hour
B. per minute used
C. by combining partial segments into full hours
D. as full hours
Answer: D
Explanation:
Partial instance-hours are billed to the next hour. Reference: http://aws.amazon.com/ec2/faqs/
Q2. Amazon RDS automated backups and DB Snapshots are currently supported for only the _ _ storage engine
A. InnoDB
B. MyISAM
Answer: A
Q3. Your fortune 500 company has under taken a TCO analysis evaluating the use of Amazon 53 versus acquiring more hardware The outcome was that ail employees would be granted access to use Amazon 53 for storage of their personal documents.
Which of the following will you need to consider so you can set up a solution that incorporates single sign-on from your corporate AD or LDAP directory and restricts access for each user to a designated user folder in a bucket? (Choose 3 Answers)
A. Setting up a federation proxy or identity provider
B. Using AWS Security Token Service to generate temporary tokens
C. Tagging each folder in the bucket
D. Configuring IAM role
E. Setting up a matching IAM user for every user in your corporate directory that needs access to a folder in the bucket
Answer: A, B, D
Q4. What is the Reduced Redundancy option in Amazon 53?
A. Less redundancy for a lower cost.
B. It doesn't exist in Amazon 53, but in Amazon EBS.
C. It allows you to destroy any copy of your files outside a specific jurisdiction.
D. It doesn't exist at all
Answer: A
Q5. What is the data model of DynamoDB?
A. Since DynamoDB is schema-less, there is no data model.
B. "Items", with Keys and one or more Attribute; and "Attribute", with Name and Value.
C. "TabIe", a collection of Items; "Items", with Keys and one or more Attribute; and "Attribute", with Name and Value.
D. "Database", which is a set of "TabIes", which is a set of "Items", which is a set of "Attributes".
Answer: C
Explanation:
The data model of DynamoDB is: "TabIe", a collection of Items;
"Items", with Keys and one or more Attribute; "Attribute", with Name and Value.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModeI.html
Q6. Your website is serving on-demand training videos to your workforce. Videos are uploaded monthly in high resolution MP4 format. Your workforce is distributed globally often on the move and using company-provided tablets that require the HTTP Live Streaming (HLS) protocol to watch a video. Your company has no video transcoding expertise and it required you may need to pay for a consultant.
How do you implement the most cost-efficient architecture without compromising high availability and quality of video delivery'?
A. A video transcoding pipeline running on EC2 using SQS to distribute tasks and Auto Scaling to adjust the number of nodes depending on the length of the queue. EBS volumes to host videos and EBS snapshots to incrementally backup original files after a few days. CIoudFront to serve HLS transcoded videos from EC2.
B. Elastic Transcoder to transcode original high-resolution MP4 videos to HLS. EBS volumes to host videos and EBS snapshots to incrementally backup original files after a few days. CIoudFront to serve HLS transcoded videos from EC2.
C. Elastic Transcoder to transcode original high-resolution NIP4 videos to HLS. 53 to host videos with Lifecycle Management to archive original files to Glacier after a few days. C|oudFront to serve HLS transcoded videos from 53.
D. A video transcoding pipeline running on EC2 using SQS to distribute tasks and Auto Scaling to adjust the number of nodes depending on the length of the queue. 53 to host videos with Lifecycle Management to archive all files to Glacier after a few days. CIoudFront to serve HLS transcoded videos from Glacier.
Answer: C
Q7. You must assign each sewer to at least _ security group
A. 3
B. 2
C. 4
D. 1
Answer: A
Q8. You are setting up your first Amazon Virtual Private Cloud (Amazon VPC) network so you decide you should probably use the AWS Management Console and the VPC Wizard. Which of the following is not an option for network architectures after launching the "Start VPC Wizard" in Amazon VPC page on the AWS Management Console?
A. VPC with a Single Public Subnet Only
B. VPC with a Public Subnet Only and Hardware VPN Access
C. VPC with Public and Private Subnets and Hardware VPN Access
D. VPC with a Private Subnet Only and Hardware VPN Access
Answer: B
Explanation:
Amazon VPC enables you to build a virtual network in the AWS cloud - no VPNs, hardware, or physical datacenters required.
Your AWS resources are automatically provisioned in a ready-to-use default VPC. You can choose to create additional VPCs by going to Amazon VPC page on the AWS Management Console and click on the "Start VPC Wizard" button.
You’II be presented with four basic options for network architectures. After selecting an option, you can modify the size and IP address range of the VPC and its subnets. If you select an option with Hardware VPN Access, you will need to specify the IP address of the VPN hardware on your network. You can modify the VPC to add more subnets or add or remove gateways at any time after the VPC has been created.
The four options are:
VPC with a Single Public Subnet Only VPC with Public and Private Subnets
VPC with Public and Private Subnets and Hardware VPN Access VPC with a Private Subnet Only and Hardware VPN Access Reference: https://aws.amazon.com/vpc/faqs/
Q9. What does Amazon EC2 provide?
A. Virtual sewers in the Cloud.
B. A platform to run code (Java, PHP, Python), paying on an hourly basis.
C. Computer Clusters in the Cloud.
D. Physical sewers, remotely managed by the customer.
Answer: A
Q10. What are the two types of licensing options available for using Amazon RDS for Oracle?
A. BYOL and Enterprise License
B. BYOL and License Included
C. Enterprise License and License Included
D. Role based License and License Included
Answer: B
Q11. You must increase storage size in increments of at least _ %
A. 40
B. 20
C. 50
D. 10
Answer: D
Q12. You need to set up a security certificate for a cIient's e-commerce website as it will use the HTTPS protocol. Which of the below AWS services do you need to access to manage your SSL server certificate?
A. AWS Directory Service
B. AWS Identity & Access Management
C. AWS CIoudFormation
D. Amazon Route 53
Answer: B
Explanation:
AWS Identity and Access Management (IAM) is a web service that enables Amazon Web Services (AWS) customers to manage users and user permissions in AWS.
All your SSL server certificates are managed by AWS Identity and Access management (IAM). Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.htm|
Q13. You are planning and configuring some EBS volumes for an application. In order to get the most performance out of your EBS volumes, you should attach them to an instance with enough to support your volumes.
A. Redundancy
B. Storage
C. Bandwidth
D. Memory
Answer: C
Explanation:
When you plan and configure EBS volumes for your application, it is important to consider the configuration of the instances that you will attach the volumes to. In order to get the most performance out of your EBS volumes, you should attach them to an instance with enough bandwidth to support your volumes, such as an EBS-optimized instance or an instance with 10 Gigabit network connectMty. This is especially important when you use General Purpose (SSD) or Provisioned IOPS (SSD) volumes, or when you stripe multiple volumes together in a RAID configuration.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-ec2-config.htmI
Q14. Your company policies require encryption of sensitive data at rest. You are considering the possible options for protecting data while storing it at rest on an EBS data volume, attached to an EC2 instance. Which of these options would allow you to encrypt your data at rest? (Choose 3 answers)
A. Implement third party volume encryption tools
B. Do nothing as EBS volumes are encrypted by default
C. Encrypt data inside your applications before storing it on EBS
D. Encrypt data using native data encryption drivers at the file system level
E. Implement SSL/TLS for all services running on the server
Answer: A, C, D
Q15. Your company previously configured a heavily used, dynamically routed VPN connection between your on-premises data center and AWS. You recently provisioned a DirectConnect connection and would like to start using the new connection. After configuring DirectConnect settings in the AWS Console, which of the following options win provide the most seamless transition for your users?
A. Delete your existing VPN connection to avoid routing loops configure your DirectConnect router with the appropriate settings and verity network traffic is leveraging DirectConnect.
B. Configure your DirectConnect router with a higher 8GP priority man your VPN router, verify network traffic is leveraging Directconnect and then delete your existing VPN connection.
C. Update your VPC route tables to point to the DirectConnect connection configure your DirectConnect router with the appropriate settings verify network traffic is leveraging DirectConnect and then delete the VPN connection.
D. Configure your DirectConnect router, update your VPC route tables to point to the DirectConnect connection, configure your VPN connection with a higher BGP pointy. And verify network traffic is leveraging the DirectConnect connection.
Answer: D