Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Because of the extensibility limitations of striped storage attached to Windows Sewer, Amazon RDS does not currently support increasing storage on a _ DB Instance.
A. SQL Sewer
B. MySQL
C. Oracle
Answer: A
Q2. In Amazon EC2, how many Elastic IP addresses can you have by default?
A. 10
B. 2
C. 5
D. 20
Answer: C
Explanation:
The number of Elastic IP addresses you can have in EC2 is 5.
Reference: http://docs.aws.amazon.com/generaI/latest/gr/aws_service_Iimits.htmI#|imits_ec2
Q3. You have been setting up an Amazon Virtual Private Cloud (Amazon VPC) for your company, including setting up subnets. Security is a concern, and you are not sure which is the best security practice for securing subnets in your VPC. Which statement below is correct in describing the protection of AWS resources in each subnet?
A. You can use multiple layers of security, including security groups and network access control lists (ACL).
B. You can only use access control lists (ACL).
C. You don't need any security in subnets.
D. You can use multiple layers of security, including security groups, network access control lists (ACL) and CIoudHSM.
Answer: A
Explanation:
A subnet is a range of IP addresses in your VPC. You can launch AWS resources into a subnet that you select. Use a public subnet for resources that must be connected to the Internet, and a private subnet for resources that won't be connected to the Internet.
To protect the AWS resources in each subnet, you can use multiple layers of security, including security groups and network access control lists (ACL).
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_|ntroduction.htmI
Q4. Can a single EBS volume be attached to multiple EC2 instances at the same time?
A. Yes
B. No
C. Only for high-performance EBS volumes.
D. Only when the instances are located in the US regions.
Answer: B
Explanation:
You can't attach an EBS volume to multiple EC2 instances. This is because it is equivalent to using a single hard drive with many computers at the same time.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.htmI
Q5. In the Amazon cloudwatch, which metric should I be checking to ensure that your DB Instance has enough free storage space?
A. Free Storage
B. Free Storage Space
C. Free Storage Volume
D. Free DB Storage Space
Answer: B
Q6. You need to set up a security certificate for a cIient's e-commerce website as it will use the HTTPS protocol. Which of the below AWS services do you need to access to manage your SSL server certificate?
A. AWS Directory Service
B. AWS Identity & Access Management
C. AWS CIoudFormation
D. Amazon Route 53
Answer: B
Explanation:
AWS Identity and Access Management (IAM) is a web service that enables Amazon Web Services (AWS) customers to manage users and user permissions in AWS.
All your SSL server certificates are managed by AWS Identity and Access management (IAM). Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.htm|
Q7. Doug has created a VPC with CIDR 10.201.0.0/16 in his AWS account. In this VPC he has created a public subnet with CIDR block 10.201.31.0/24. While launching a new EC2 from the console, he is not able to assign the private IP address 10.201.31.6 to this instance. Which is the most likely reason for this issue?
A. Private IP address 10.201.31.6 is blocked via ACLs in Amazon infrastructure as a part of platform security.
B. Private address IP 10.201.31.6 is currently assigned to another interface.
C. Private IP address 10.201.31.6 is not part of the associated subnet's IP address range.
D. Private IP address 10.201.31.6 is reserved by Amazon for IP networking purposes.
Answer: B
Explanation:
In Amazon VPC, you can assign any Private IP address to your instance as long as it is: Part of the associated subnet's IP address range
Not reserved by Amazon for IP networking purposes Not currently assigned to another interface Reference: http://aws.amazon.com/vpc/faqs/
Q8. Which of the following is true of Amazon EC2 security group?
A. You can modify the outbound rules for EC2-Classic.
B. You can modify the rules for a security group only if the security group controls the traffic for just one instance.
C. You can modify the rules for a security group only when a new instance is created.
D. You can modify the rules for a security group at any time.
Answer: D
Explanation:
A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance. You add rules to each security group that allow traffic to or from its associated instances. You can modify the rules for a security group at any time; the new rules are automatically applied to all instances that are associated with the security group.
Reference: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/using-network-security.htmI
Q9. IAM's Policy Evaluation Logic always starts with a default _ for every request, except for those that use the AWS account's root security credentials b
A. Permit
B. Deny
C. Cancel
Answer: B
Q10. SQL Sewer _ store log ins and passwords in the master database.
A. can be configured to but by default does not
B. doesn't
C. does
Answer: C
Q11. You need to migrate a large amount of data into the cloud that you have stored on a hard disk and you decide that the best way to accomplish this is with AWS Import/Export and you mail the hard disk to AWS. Which of the following statements is incorrect in regards to AWS Import/Export?
A. It can export from Amazon S3
B. It can Import to Amazon Glacier
C. It can export from Amazon Glacier.
D. It can Import to Amazon EBS
Answer: C
Explanation:
AWS Import/Export supports: Import to Amazon S3
Export from Amazon S3 Import to Amazon EBS Import to Amazon Glacier
AWS Import/Export does not currently support export from Amazon EBS or Amazon Glacier. Reference: https://docs.aws.amazon.com/AWSImportExport/Iatest/DG/whatisdisk.html
Q12. Can I initiate a "forced failover" for my MySQL Multi-AZ DB Instance deployment?
A. Only in certain regions
B. Only in VPC
C. Yes
D. No
Answer: A
Q13. Does DynamoDB support in-place atomic updates?
A. Yes
B. No
C. It does support in-place non-atomic updates
D. It is not defined
Answer: A
Explanation:
DynamoDB supports in-place atomic updates.
Reference:
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/\NorkingWithItems.htmI#Working WithItems.AtomicCounters
Q14. Are Resenred Instances available for Multi-AZ Deployments?
A. Only for Cluster Compute instances
B. Yes for all instance types
C. Only for M3 instance types
D. No
Answer: B
Q15. What does Amazon 53 stand for?
A. Simple Storage Solution.
B. Storage Storage Storage (triple redundancy Storage).
C. Storage Sewer Solution.
D. Simple Storage Sewice.
Answer: D