Q1. You can seamlessly join an EC2 instance to your directory domain. What connectMty do you need to be able to connect remotely to this instance?
A. You must have IP connectMty to the instance from the network you are connecting from.
B. You must have the correct encryption keys to connect to the instance remotely.
C. You must have enough bandwidth to connect to the instance.
D. You must use MFA authentication to be able to connect to the instance remotely.
Answer: A
Explanation:
You can seamlessly join an EC2 instance to your directory domain when the instance is launched using the Amazon EC2 Simple Systems Manager. If you need to manuallyjoin an EC2 instance to your domain, you must launch the instance in the proper region and security group or subnet, then join the instance to the domain. To be able to connect remotely to these instances, you must have IP connectMty to the instances from the network you are connecting from. In most cases, this requires that an Internet gateway be attached to your VPC and that the instance has a public IP address.
Reference: http://docs.aws.amazon.com/directoryservice/latest/admin-guide/join_a_directory.html
Q2. Which one of the below is not an AWS Storage Service?
A. Amazon S3
B. Amazon Glacier
C. Amazon CIoudFront
D. Amazon EBS
Answer: C
Explanation:
AWS Storage Services are: Amazon S3
Amazon Glacier Amazon EBS
AWS Storage Gateway
Reference: https://consoIe.aws.amazon.com/console
Q3. In Amazon EC2, what is the limit of Reserved Instances per Availability Zone each month?
A. 5
B. 20
C. 50
D. 10
Answer: B
Explanation:
There are 20 Reserved Instances per Availability Zone in each month.
Reference: http://docs.aws.amazon.com/generaI/latest/gr/aws_service_Iimits.html
Q4. Your manager has just given you access to multiple VPN connections that someone else has recently set up between all your company's offices. She needs you to make sure that the communication between the VPNs is secure. Which of the following services would be best for providing a low-cost hub-and-spoke model for primary or backup connectMty between these remote offices?
A. Amazon C|oudFront
B. AWS Direct Connect
C. AWS C|oudHSM
D. AWS VPN CIoudHub
Answer: D
Explanation:
If you have multiple VPN connections, you can provide secure communication between sites using the
AWS VPN CIoudHub. The VPN CIoudHub operates on a simple hub-and-spoke model that you can use with or without a VPC. This design is suitable for customers with multiple branch offices and existing Internet connections who would like to implement a convenient, potentially low-cost hub-and-spoke model for primary or backup connectMty between these remote offices.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPN_CIoudHub.htmI
Q5. Read Replicas require a transactional storage engine and are only supported for the _ _ storage engine
A. OracIeISAM
B. MSSQLDB
C. InnoDB
D. IV|y|SAIV|
Answer: C
Q6. You are in the process of creating a Route 53 DNS failover to direct traffic to two EC2 zones. Obviously, if one fails, you would like Route 53 to direct traffic to the other region. Each region has an ELB with some instances being distributed. What is the best way for you to configure the Route 53 health check?
A. Route 53 doesn't support ELB with an internal health check.You need to create your own Route 53 health check of the ELB
B. Route 53 natively supports ELB with an internal health check. Turn "Eva|uate target health" off and "Associate with Health Check" on and R53 will use the ELB's internal health check.
C. Route 53 doesn't support ELB with an internal health check. You need to associate your resource record set for the ELB with your own health check
D. Route 53 natively supports ELB with an internal health check. Turn "Eva|uate target health" on and "Associate with Health Check" off and R53 will use the ELB's internal health check.
Answer: D
Explanation:
With DNS Failover, Amazon Route 53 can help detect an outage of your website and redirect your end users to alternate locations where your application is operating properly. When you enable this feature, Route 53 uses health checks-regularly making Internet requests to your appIication’s endpoints from multiple locations around the world-to determine whether each endpoint of your application is up or down.
To enable DNS Failover for an ELB endpoint, create an Alias record pointing to the ELB and set the "EvaIuate Target HeaIth" parameter to true. Route 53 creates and manages the health checks for your ELB automatically. You do not need to create your own Route 53 health check of the ELB. You also do not need to associate your resource record set for the ELB with your own health check, because Route 53 automatically associates it with the health checks that Route 53 manages on your behalf. The ELB health check will also inherit the health of your backend instances behind that ELB.
Reference:
http://aws.amazon.com/about-aws/whats-new/2013/05/30/amazon-route-53-adds-elb-integration-for-dns- fai|over/
Q7. You must increase storage size in increments of at least _ %
A. 40
B. 20
C. 50
D. 10
Answer: D
Q8. A friend tells you he is being charged $100 a month to host his WordPress website, and you tell him you can move it to AWS for him and he will only pay a fraction of that, which makes him very happy. He then tells you he is being charged $50 a month for the domain, which is registered with the same people that
set it up, and he asks if it's possible to move that to AWS as well. You tell him you aren't sure, but will look into it. Which of the following statements is true in regards to transferring domain names to AWS?
A. You can't transfer existing domains to AWS.
B. You can transfer existing domains into Amazon Route 53’s management.
C. You can transfer existing domains via AWS Direct Connect.
D. You can transfer existing domains via AWS Import/Export.
Answer: B
Explanation:
With Amazon Route 53, you can create and manage your public DNS records with the AWS Management Console or with an easy-to-use API. If you need a domain name, you can find an available name and register it using Amazon Route 53. You can also transfer existing domains into Amazon Route 53’s management.
Reference: http://aws.amazon.com/route53/
Q9. Having just set up your first Amazon Virtual Private Cloud (Amazon VPC) network, which defined a default network interface, you decide that you need to create and attach an additional network interface, known as an elastic network interface (ENI) to one of your instances. Which of the following statements is true regarding attaching network interfaces to your instances in your VPC?
A. You can attach 5 EN|s per instance type.
B. You can attach as many ENIs as you want.
C. The number of ENIs you can attach varies by instance type.
D. You can attach 100 ENIs total regardless of instance type.
Answer: C
Explanation:
Each instance in your VPC has a default network interface that is assigned a private IP address from the IP address range of your VPC. You can create and attach an additional network interface, known as an elastic network interface (ENI), to any instance in your VPC. The number of EN|s you can attach varies by instance type.
Q10. You are the new IT architect in a company that operates a mobile sleep tracking application
When activated at night, the mobile app is sending collected data points of 1 kilobyte every 5 minutes to
your backend
The backend takes care of authenticating the user and writing the data points into an Amazon DynamoDB table.
Every morning, you scan the table to extract and aggregate last night's data on a per user basis, and store the results in Amazon 53.
Users are notified via Amazon 5NI5 mobile push notifications that new data is available, which is parsed and visualized by (The mobile app Currently you have around IOOk users who are mostly based out of North America.
You have been tasked to optimize the architecture of the backend system to lower cost what would you recommend? (Choose 2 answers}
A. Create a new Amazon DynamoDB (able each day and drop the one for the previous day after its data is on Amazon 53.
B. Have the mobile app access Amazon DynamoDB directly instead of J50N files stored on Amazon 53.
C. Introduce an Amazon SQS queue to buffer writes to the Amazon DynamoDB table and reduce provisioned write throughput.
D. Introduce Amazon Elasticache Io cache reads from the Amazon DynamoDB table and reduce provisioned read throughput.
E. Write data directly into an Amazon Redshift cluster replacing both Amazon DynamoDB and Amazon 53.
Answer: B, D