Q1. You are using Amazon SQS and are getting a "Queue Deleted RecentIy" error. What is wrong?
A. The message is too big
B. You have incorrect permissions
C. Another user has deleted the queue
D. If you delete a queue, you need to wait for at least 60 seconds before creating a queue with the same name
Answer: D
Explanation:
If you delete a queue, you need to wait for at least 60 seconds before creating a queue with the same name. Please note that when you delete a queue, the deletion process takes up to 60 seconds. Requests you send to a recently deleted queue might succeed during the 60-second period. For example, a SendlVIessage request might succeed, but after 60 seconds the queue and that message you sent no longer exists.
Reference: https://aws.amazon.com/items/1343?externaI|D=1343
Q2. The user has configured AutoScaIing based on the dynamic policy. Which of the following is not the right command to specify a change in capacity as a part of the policy?
A. "adjustment=-50" (type is PercentChangeInCapacity)
B. "adjustment=3" (type is ExactCapacity)
C. "adjustment=-1" (type is ChangeInCapacity)
D. "adjustment=-8" (type is ExactCapacity)
Answer: D
Explanation:
The user can configure the AutoScaIing group to automatically scale up and then scale down based on the various specified CIoudWatch monitoring conditions. The user needs to provide the adjustment value and the adjustment type. A positive adjustment value increases the current capacity and a negative adjustment value decreases the current capacity. The user can express the change to the current size as an absolute number, an increment or as a percentage of the current group size.
In this option specifying the exact capacity with the adjustment value = -8 will not work as when type is exact capacity the adjustment value cannot be negative.
Reference:
http://docs.aws.amazon.com/AutoScaling/latest/DeveIoperGuide/as-scaIe-based-on-demand.html
Q3. A user has enabled serverside encryption with S3. The user downloads the encrypted object from S3. How can the user decrypt it?
A. S3 does not support server side encryption
B. S3 provides a server side key to decrypt the object
C. The user needs to decrypt the object using their own private key
D. S3 manages encryption and decryption automatically
Answer: D
Explanation:
If the user is using the server-side encryption feature, Amazon S3 encrypts the object data before saving it on disks in its data centres and decrypts it when the user downloads the objects. Thus, the user is free from the tasks of managing encryption, encryption keys, and related tools.
Reference: http://docs.aws.amazon.com/AmazonS3/Iatest/dev/UsingEncryption.htmI
Q4. When you create a table with a hash-and-range key, you must define one or more secondary indexes on that table.
A. False, hash-range key is another name for secondary index
B. False, it is optional
C. True
D. False, when you have Hash-Range key you cannot define Secondary index
Answer: B
Explanation:
When you create a table with a hash-and-range key in DynamoDB, you can also define one or more secondary indexes on that table.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/LSI.htmI
Q5. A user is creating an ELB with VPC. Which of the following options is available as a part of the "Add EC2
instances" page?
A. Select Subnet
B. Select IAM
C. Select ENI
D. Select VPC
Answer: A
Explanation:
When a user is launching an ELB with VPC, he/she has to select the options, such as subnet and security group before selecting the instances part of that subnet.
Reference:
http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/Deve|operGuide/elb-getting-started.htmI
Q6. An orgAMzation has 500 employees. The orgAMzation wants to set up AWS access for each department. Which of the below mentioned options is a possible solution?
A. Create IAM roles based on the permission and assign users to each role
B. Create IAM users and provide indMdual permission to each
C. Create IAM groups based on the permission and assign IAM users to the groups
D. It is not possible to manage more than 100 IAM users with AWS
Answer: C
Explanation:
An IAM group is a collection of IAM users. Groups let the user specify permissions for a collection of users, which can make it easier to manage the permissions for those users.
Reference: http://docs.aws.amazon.com/IAM/|atest/UserGuide/Using_WorkingWithGroupsAndUsers.htmI
Q7. You have a number of image files to encode. In an Amazon SQS worker queue, you create an Amazon SQS message for each file specifying the command (jpeg-encode) and the location of the file in Amazon S3. Which of the following statements best describes the functionality of Amazon SQS?
A. Amazon SQS is for single-threaded sending or receMng speeds.
B. Amazon SQS is a non-distributed queuing system.
C. Amazon SQS is a distributed queuing system that is optimized for horizontal scalability, not for single-threaded sending or receMng speeds.
D. Amazon SQS is a distributed queuing system that is optimized for vertical scalability and for single-threaded sending or receMng speeds.
Answer: C
Explanation:
Amazon SQS is a distributed queuing system that is optimized for horizontal scalability, not for
single-threaded sending or receMng speeds. A single client can send or receive Amazon SQS messages at a rate of about 5 to 50 messages per second. Higher receive performance can be achieved by requesting multiple messages (up to 10) in a single call. It may take several seconds before a message that has been to a queue is available to be received.
Reference: http://media.amazonwebservices.com/AWS_Storage_Options.pdf
Q8. A user has configured a bucket S3 to host a static website. What difference will there be when static website hosting is enabled?
A. It will help the user identify this bucket as the website root to map with the domain
B. It will create a new version of the bucket
C. It will not make any difference, but will help the user to configure the error page
D. It will provide the region specific website endpoint
Answer: D
Explanation:
To host a static website, the user needs to configure an Amazon S3 bucket for website hosting and then upload the website contents to the bucket. The website is then available at the region-specific website endpoint of the bucket.
Reference: http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.htmI
Q9. An orgAMzation is having an application which can start and stop an EC2 instance as per schedule. The orgAMzation needs the MAC address of the instance to be registered with its software. The instance is launched in EC2-CLASSIC. How can the orgAMzation update the MAC registration every time an instance is booted?
A. The instance MAC address never changes. Thus, it is not required to register the MAC address every time.
B. The orgAMzation should write a boot strapping script which will get the MAC address from the instance metadata and use that script to register with the application.
C. AWS never provides a MAC address to an instance; instead the instance ID is used for identifying the instance for any software registration.
D. The orgAMzation should provide a MAC address as a part of the user data. Thus, whenever the instance is booted the script assigns the fixed MAC address to that instance.
Answer: B
Explanation:
AWS provides an on demand, scalable infrastructure. AWS EC2 allows the user to launch On-Demand instances. AWS does not provide a fixed MAC address to the instances launched in EC2-CLASSIC. If the instance is launched as a part of EC2-VPC, it can have an ENI which can have a fixed MAC. However, with EC2-CLASSIC, every time the instance is started or stopped it will have a new MAC address.
To get this MAC, the orgAMzation can run a script on boot which can fetch the instance metadata and get the MAC address from that instance metadata. Once the MAC is received, the orgAMzation can register that MAC with the software.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AESDG-chapter-instancedata.html
Q10. How does Amazon SQS allow multiple readers to access the same message queue without losing messages or processing them many times?
A. By identifying a user by his unique id
B. By using unique cryptography
C. Amazon SQS queue has a configurable visibility timeout.
D. MuItipIe readers can't access the same message queue
Answer: C
Explanation:
Every Amazon SQS queue has a configurable visibility timeout. For the designated amount of time after a message is read from a queue, it will not be visible to any other reader. As long as the amount of time that it takes to process the message is less than the visibility timeout, every message will be processed and deleted. In the event that the component processing the message fails or becomes unavailable, the message will again become visible to any component reading the queue once the visibility timeout ends. This allows you to have many components all reading messages from the same queue, with each working to process different messages.
Reference: https://aws.amazon.com/sqs/faqs/