Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. After deciding that EMR will be useful in analysing vast amounts of data for a gaming website that you are architecting you have just deployed an Amazon EMR Cluster and wish to monitor the cluster performance. Which of the following tools cannot be used to monitor the cluster performance?
A. Kinesis
B. Ganglia
C. C|oudWatch Metrics
D. Hadoop Web Interfaces
Answer: A
Explanation:
Amazon EMR provides several tools to monitor the performance of your cluster. Hadoop Web Interfaces
Every cluster publishes a set of web interfaces on the master node that contain information about the cluster. You can access these web pages by using an SSH tunnel to connect them on the master node. For more information, see View Web Interfaces Hosted on Amazon EMR Clusters.
CIoudWatch Metrics
Every cluster reports metrics to CIoudWatch. CIoudWatch is a web service that tracks metrics, and which you can use to set alarms on those metrics. For more information, see Monitor Metrics with CIoudWatch. Ganglia
Ganglia is a cluster monitoring tool. To have this available, you have to install Ganglia on the cluster when you launch it. After you've done so, you can monitor the cluster as it runs by using an SSH tunnel to connect to the Ganglia UI running on the master node. For more information, see Monitor Performance with Ganglia.
Reference:
http://docs.aws.amazon.com/EIasticMapReduce/latest/DeveIoperGuide/emr-troubleshoot-tooIs.htmI
Q2. Can Amazon 53 uploads resume on failure or do they need to restart?
A. Restart from beginning
B. You can resume them, if you flag the "resume on fai lure" option before uploading.
C. Resume on failure
D. Depends on the file size
Answer: C
Q3. You decide that you need to create a number of Auto Scaling groups to try and save some money as you have noticed that at certain times most of your EC2 instances are not being used. By default, what is the maximum number of Auto Scaling groups that AWS will allow you to create?
A. 12
B. Unlimited
C. 20
D. 2
Answer: C
Explanation:
Auto Scaling is an AWS service that allows you to increase or decrease the number of EC2 instances within your appIication's architecture. With Auto Scaling, you create collections of EC2 instances, called Auto Scaling groups. You can create these groups from scratch, or from existing EC2 instances that are already in production.
Reference: http://docs.aws.amazon.com/general/latest/gr/aws_service_|imits.htm|#Iimits_autoscaIing
Q4. What does the following command do with respect to the Amazon EC2 security groups? ec2-revoke RevokeSecurityGroup Ingress
A. Removes one or more security groups from a rule.
B. Removes one or more security groups from an Amazon EC2 instance.
C. Removes one or more rules from a security group.
D. Removes a security group from our account.
Answer: C
Q5. An existing client comes to you and says that he has heard that launching instances into a VPC (virtual private cloud) is a better strategy than launching instances into a EC2-classic which he knows is what you currently do. You suspect that he is correct and he has asked you to do some research about this and get back to him. Which of the following statements is true in regards to what ability launching your instances into a VPC instead of EC2-Classic gives you?
A. All of the things listed here.
B. Change security group membership for your instances while they're running
C. Assign static private IP addresses to your instances that persist across starts and stops
D. Define network interfaces, and attach one or more network interfaces to your instances
Answer: A
Explanation:
By launching your instances into a VPC instead of EC2-Classic, you gain the ability to: Assign static private IP addresses to your instances that persist across starts and stops Assign multiple IP addresses to your instances
Define network interfaces, and attach one or more network interfaces to your instances Change security group membership for your instances while they're running
Control the outbound traffic from your instances (egress filtering) in addition to controlling the inbound traffic to them (ingress filtering)
Add an additional layer of access control to your instances in the form of network access control lists (ACL)
Run your instances on single-tenant hardware
Reference: http://media.amazonwebservices.com/AWS_CIoud_Best_Practices.pdf
Q6. You receive a bill from AWS but are confused because you see you are incurring different costs for the exact same storage size in different regions on Amazon S3. You ask AWS why this is so. What response would you expect to receive from AWS?
A. We charge less in different time zones.
B. We charge less where our costs are less.
C. This will balance out next bill.
D. It must be a mistake.
Answer: B
Explanation:
Amazon S3 is storage for the internet. |t’s a simple storage service that offers software developers a highly-scalable, reliable, and low-latency data storage infrastructure at very low costs.
AWS charges less where their costs are less.
For example, their costs are lower in the US Standard Region than in the US West (Northern California) Region.
Reference: https://aws.amazon.com/s3/faqs/
Q7. A user is observing the EC2 CPU utilization metric on CIoudWatch. The user has observed some interesting patterns while filtering over the 1 week period for a particular hour. The user wants to zoom that data point to a more granular period. How can the user do that easily with CIoudWatch?
A. The user can zoom a particular period by selecting that period with the mouse and then releasing the mouse
B. The user can zoom a particular period by specifying the aggregation data for that period
C. The user can zoom a particular period by double clicking on that period with the mouse
D. The user can zoom a particular period by specifying the period in the Time Range
Answer: A
Explanation:
Amazon CIoudWatch provides the functionality to graph the metric data generated either by the AWS services or the custom metric to make it easier for the user to analyse. The AWS CIoudWatch console provides the option to change the granularity of a graph and zoom in to see data over a shorter time period. To zoom, the user has to click in the graph details pane, drag on the graph area for selection, and then release the mouse button.
Reference: http://docs.aws.amazon.com/AmazonCloudWatch/Iatest/Deve|operGuide/zoom_in_on_graph.htmI
Q8. You are setting up a VPC and you need to set up a public subnet within that VPC. Which following requirement must be met for this subnet to be considered a public subnet?
A. Subnet's traffic is not routed to an internet gateway but has its traffic routed to a virtual private gateway.
B. Subnet's traffic is routed to an internet gateway.
C. Subnet's traffic is not routed to an internet gateway.
D. None of these answers can be considered a public subnet.
Answer: B
Explanation:
A virtual private cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC. You can configure your VPC: you can select its IP address range, create subnets, and configure route tables, network gateways, and security settings.
A subnet is a range of IP addresses in your VPC. You can launch AWS resources into a subnet that you select. Use a public subnet for resources that must be connected to the internet, and a private subnet for resources that won't be connected to the Internet.
If a subnet's traffic is routed to an internet gateway, the subnet is known as a public subnet.
If a subnet doesn't have a route to the internet gateway, the subnet is known as a private subnet.
If a subnet doesn't have a route to the internet gateway, but has its traffic routed to a virtual private gateway, the subnet is known as a VPN-only subnet.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html
Q9. What happens to the data on an instance if the instance reboots (intentionally or unintentionally)?
A. Data will be lost
B. Data persists
C. Data may persist however cannot be sure
Answer: B
Q10. You have been storing massive amounts of data on Amazon Glacier for the past 2 years and now start to wonder if there are any limitations on this. What is the correct answer to your QUESTION ?
A. The total volume of data is limited but the number of archives you can store are unlimited.
B. The total volume of data is unlimited but the number of archives you can store are limited.
C. The total volume of data and number of archives you can store are unlimited.
D. The total volume of data is limited and the number of archives you can store are limited.
Answer: C
Explanation:
An archive is a durably stored block of information. You store your data in Amazon Glacier as archives. You may upload a single file as an archive, but your costs will be lower if you aggregate your data. TAR and ZIP are common formats that customers use to aggregate multiple files into a single file before uploading to Amazon Glacier.
The total volume of data and number of archives you can store are unlimited. IndMdual Amazon Glacier archives can range in size from 1 byte to 40 terabytes.
The largest archive that can be uploaded in a single upload request is 4 gigabytes.
For items larger than 100 megabytes, customers should consider using the MuItipart upload capability. Archives stored in Amazon Glacier are immutable, i.e. archives can be uploaded and deleted but cannot be edited or overwritten.
Reference: https://aws.amazon.com/gIacier/faqs/
Q11. You are the new IT architect in a company that operates a mobile sleep tracking application
When activated at night, the mobile app is sending collected data points of 1 kilobyte every 5 minutes to
your backend
The backend takes care of authenticating the user and writing the data points into an Amazon DynamoDB table.
Every morning, you scan the table to extract and aggregate last night's data on a per user basis, and store the results in Amazon 53.
Users are notified via Amazon 5NI5 mobile push notifications that new data is available, which is parsed and visualized by (The mobile app Currently you have around IOOk users who are mostly based out of North America.
You have been tasked to optimize the architecture of the backend system to lower cost what would you recommend? (Choose 2 answers}
A. Create a new Amazon DynamoDB (able each day and drop the one for the previous day after its data is on Amazon 53.
B. Have the mobile app access Amazon DynamoDB directly instead of J50N files stored on Amazon 53.
C. Introduce an Amazon SQS queue to buffer writes to the Amazon DynamoDB table and reduce provisioned write throughput.
D. Introduce Amazon Elasticache Io cache reads from the Amazon DynamoDB table and reduce provisioned read throughput.
E. Write data directly into an Amazon Redshift cluster replacing both Amazon DynamoDB and Amazon 53.
Answer: B, D
Q12. You have multiple VPN connections and want to provide secure communication between sites using the AWS VPN CIoudHub. Which statement is the most accurate in describing what you must do to set this up correctly?
A. Create a virtual private gateway with multiple customer gateways, each with unique Border Gateway Protocol (BGP) Autonomous System Numbers (ASNs)
B. Create a virtual private gateway with multiple customer gateways, each with a unique set of keys
C. Create a virtual public gateway with multiple customer gateways, each with a unique Private subnet
D. Create a virtual private gateway with multiple customer gateways, each with unique subnet id
Answer: A
Explanation:
If you have multiple VPN connections, you can provide secure communication between sites using the AWS VPN CIoudHub. The VPN CIoudHub operates on a simple hub-and-spoke model that you can use with or without a VPC. This design is suitable for customers with multiple branch offices and existing Internet connections who'd like to implement a convenient, potentially low-cost hub-and-spoke model for primary or backup connectMty between these remote offices.
To use the AWS VPN CIoudHub, you must create a virtual private gateway with multiple customer
gateways, each with unique Border Gateway Protocol (BGP) Autonomous System Numbers (ASNs). Customer gateways advertise the appropriate routes (BGP prefixes) over their VPN connections. These routing advertisements are received and re-advertised to each BGP peer, enabling each site to send data to and receive data from the other sites. The routes for each spoke must have unique ASNs and the sites must not have overlapping IP ranges. Each site can also send and receive data from the VPC as if they were using a standard VPN connection.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPN_CIoudHub.htmI
Q13. You require the ability to analyze a customer's clickstream data on a website so they can do behavioral analysis. Your customer needs to know what sequence of pages and ads their customer clicked on. This data will be used in real time to modify the page layouts as customers click through the site to increase stickiness and advertising click-through. Which option meets the requirements for captioning and analyzing this data?
A. Log clicks in weblogs by URL store to Amazon 53, and then analyze with Elastic MapReduce
B. Push web clicks by session to Amazon Kinesis and analyze behavior using Kinesis workers
C. Write click events directly to Amazon Redshift and then analyze with SQL
D. Publish web clicks by session to an Amazon SQS queue men periodically drain these events to Amazon RDS and analyze with sol
Answer: B
Explanation:
Reference: http:/ /www.slideshare.net/AmazonWebServices/aws-webcast-introduction-to-amazon-kinesis
Q14. While signing in REST/ Query requests, for additional security, you should transmit your requests using Secure Sockets Layer (SSL) by using
A. HTIP
B. Internet Protocol Security(IPsec)
C. TLS (Transport Layer Security)
D. HTIPS
Answer: D
Q15. What does t he following command do with respect to the Amazon EC2 security groups? ec2-create-group CreateSecurityGroup
A. Groups the user created security groups in to a new group for easy access.
B. Creates a new security group for use with your account.
C. Creates a new group inside the security group.
D. Creates a new rule inside the security group.
Answer: B