AWS SA Associate Practice Questions-12

Updated: Jul 17, 2020

501. Does Amazon RDS for SQL Server currently support importing data into the msdb database’?

A. No

B. Yes

Answer: A

502. Does Route 53 support MX Records?

A. Yes.

B. It supports CNAME records, but not MX records.

C. No

D. Only Primary MX records. Secondary MX records are not supported.

Answer: A

503. Because of the extensibility limitations of striped storage attached to Windows Server, Amazon RDS

does not currently support increasing storage on a _ DB Instance.

A. SQL Server


C. Oracle

Answer: A

504. Which Amazon storage do you think is the best for my database-style applications that frequently

encounter many random reads and writes across the dataset?

A. None of these.

B. Amazon Instance Storage

C. Any of these

D. Amazon EBS

Answer: D

505. Select the correct set of steps for exposing the snapshot only to specific AWS accounts

A. Select public for all the accounts and check mark t hose accounts with whom you want to expose the

snapshots and cl ick save.

B. Select Private, enter the IDs oft hose AWS accounts, and click Save.

C. Select Public, enter the IDs of those AWS accounts, and click Save.

D. Select Public, mark the IDs of those AWS accounts as private, and click Save.

Answer: C

506. Is decreasing the storage size of a DB Instance permitted?

A. Depends on the ROMS used

B. Yes

C. No

Answer: B

507. When should I choose Provisioned IOPS over Standard RDS storage?

A. If you use production online transaction processing (OLTP) workloads.

B. If you have batch-oriented workloads

C. If you have workloads that are not sensitive to consistent performance

Answer: A

508. In the context of MySQL, version numbers are organized as MySQL version = X.Y.Z. What does X

denote here?

A. release level

B. minor version

C. version number

D. major version

Answer: D

509. In the ‘Detailed ‘ monitoring data available for your Amazon EBS volumes, Provisioned IOPS volumes

automatically send _ minute metrics to Amazon C|oudWatch.

A. 5

B. 2

C. 1

D. 3

Answer: C

510. It is advised that you watch the Amazon C|oudWatch ” _ ” metric (available via the AWS Management

Console or Amazon Cloud Watch APIs) carefully and recreate the Read Replica should it fall behind due to

replication errors.

A. Write Lag

B. Read Replica

C. Replica Lag

D. Single Replica

Answer: C

511. Can the string value of ‘Key’ be prefixed with laws’?

A. No

B. Only for EC2 not 53

C. Yes

D. Only for 53 not EC

Answer: A

512. By default what are ENIs that are automatically created and attached to instances using the EC2

console set to do when the attached instance terminates?

A. Remain as is

B. Terminate

C. Hibernate

D. Pause

Answer: B

513. Are you able to integrate a multi-factor token service with the AW5 Platform?

A. Yes, you can integrate private multi-factor token devices to authenticate users to the AW5 platform.

B. No, you cannot integrate multi-factor token devices with the AW5 platform.

C. Yes, using the AW5 multi-factor token devices to authenticate users on the AW5 platform.

Answer: C

514. You can use _ and _ to help secure the instances in your VPC,

A. security groups and multi-factor authentication

B. security groups and 2-Factor authentication

C. security groups and biometric authentication

D. security groups and network ACLs

Answer: D

515. Fill in the blanks: _ is a durable, block-level storage volume that you can attach to a single, running

Amazon EC2 instance.

A. Amazon 53

B. Amazon EBS

C. None of these

D. All of these

Answer: B

516. Do the Amazon EBS volumes persist independently from the running life of an Amazon EC2 instance?

A. No

B. Only if instructed to when created

C. Yes

Answer: C

517. If I want my instance to run on a single-tenant hardware, which value do I have to set the instance’s

tenancy attribute to?

A. dedicated

B. isolated

C. one

D. reserved

Answer: A

518. What does Amazon RDS stand for?

A. Regional Data Sewer.

B. Relational Database Service.

C. Nothing.

D. Regional Database Service.

Answer: B

519. What is the maximum response time for a Business level Premium Support case?

A. 30 minutes

B. You always get instant responses (within a few seconds).

C. 10 minutes

D. 1 hour

Answer: D

520. What does Amazon ELB stand for?

A. Elastic Linux Box.

B. Encrypted Linux Box.

C. Encrypted Load Balancing.

D. Elastic Load Balancing.

Answer: D

521. What does Amazon Cloud Formation provide?

A. None of these.

B. The ability to setup Autoscaling for Amazon EC2 instances.

C. A template to map network resources for Amazon Web Services.

D. A templated resource creation for Amazon Web Services.

Answer: D

522. Is there a limit to the number of groups you can have?

A. Yes for all users except root

B. No

C. Yes unless special permission granted

D. Yes for all users

Answer: D

523. Location of Insta nces are —–

A. Regional

B. based on Availability Zone

C. Global

Answer: B

524. Is there any way to own a direct connection to Amazon Web Services’?

A. You can create an encrypted tunnel to VPC, but you don’t own the connection.

B. Yes, it’s called Amazon Dedicated Connection.

C. No, AWS only allows access from the public Internet.

D. Yes, it’s called Direct Connect.

Answer: D

525. What is the maximum response time for a Business level Premium Support case?

A. 30 minutes

B. 1 hour

C. 12 hours

D. 10 minutes

Answer: B

526. Does Dynamic DB support in-place atomic updates?

A. It is not defined

B. No

C. Yes

D. It does support in-place non-atomic updates

Answer: C

527. Is there a method in the IAM system to al low or deny access to a specific instance?

A. Only for VPC based instances

B. Yes

C. No

Answer: C

528. What is an isolated database environment running in the cloud (Amazon RDS) called?

A. DB Instance

B. DB Unit

C. DB Sen/er

D. DB Volume

Answer: A

529. What does Amazon SES stand for?

A. Simple Elastic Server

B. Simple Email Service

C. Software Email Solution

D. Software Enabled Sewer

Answer: B

530. Amazon 53 doesn’t automatically give a user who creates _ permission to perform other actions on

that bucket or object.

A. a file

B. a bucket or object

C. a bucket orfile

D. a object or file

Answer: B

531. Can I attach more than one policy to a particular entity?

A. Yes always

B. Only if within GovC|oud

C. No

D. Only if within VPC

Answer: A

532. Fill in the blanks: A _ is a storage device that moves data in sequences of bytes or bits (blocks). Hint:

These devices support random access and generally use buffered 1/0.

A. block map

B. storage block

C. mapping device

D. block device

Answer: D

533. Can I detach the primary (ethO) network interface when the instance is running or stopped?

A. Yes, You can.

B. No. You cannot

C. Depends on the state of the interface at the time

Answer: B

534. What’s an ECU?

A. Extended Cluster User.

B. None of these.

C. Elastic Computer Usage.

D. Elastic Compute Unit.

Answer: D

535. REST or Query requests are HTIP or HTIPS requests that use an HTIP verb (such as GET or POST)

and a parameter named Action or Operation that specifies the API you are calling.



Answer: A

536. What is the charge for the data transfer incurred in replicating data between your primary and


A. No charge. It is free.

B. Double the standard data transfer charge

C. Same as the standard data transfer charge

D. Half of the standard data transfer charge

Answer: C

537. Does AWS Direct Connect allow you access to all Availabilities Zones within a Region?

A. Depends on the type of connection

B. No

C. Yes

D. Only when there’s just one availability zone in a region. If there are more than one, only one availability

zone can be accessed directly.

Answer: A

538. What does the “Server Side Encryption” option on Amazon 53 provide?

A. It provides an encrypted virtual disk in the Cloud.

B. It doesn’t exist for Amazon 53, but only for Amazon EC2.

C. It encrypts the files that you send to Amazon 53, on the server side.

D. It allows to upload fi les using an SSL endpoint, for a secure transfer.

Answer: A

539. What does Amazon EBS stand for?

A. Elastic Block Storage

B. Elastic Business Server

C. Elastic Blade Server

D. Elastic Block Store

Answer: D

540. Within the IAM service a GROUP is regarded as a:

A. A collection of AWS accounts

B. |t’s the group of EC2 machines that gain t he permissions specified in the GROUP.

C. There’s no GROUP in IAM, but only USERS and RESOURCES.

D. A collection of users.

Answer: D

541. A _ is the concept of allowing (or disallowing) an entity such as a user, group, or role some type of

access to one or more resources.

A. user

B. AWS Account

C. resource

D. permission

Answer: B

542. After an Amazon VPC instance is launched, can I change the VPC security groups it belongs to?

A. No. You cannot.

B. Yes. You can.

C. Only if you are the root user

D. Only if the tag “VPC_Change_Group” is true

Answer: C

543. Do the system resources on the Micro instance meet the recommended configuration for Oracle?

A. Yes completely

B. Yes but only for certain situations

C. Not in any circumstance

Answer: B

544. Willi be charged if the DB instance is idle?

A. No

B. Yes

C. Only is running in GovC|oud

D. Only if running in VPC

Answer: B

545. To help you manage your Amazon EC2 instances, images, and other Amazon EC2 resources, you

can assign your own metadata to each resource in the form of _ _

A. special filters

B. functions

C. tags

D. wildcards

Answer: C

546. Are you able to integrate a multi-factor token service with the AWS Platform?

A. No, you cannot integrate multi-factor token devices with the AWS platform.

B. Yes, you can integrate private multi-factor token devices to authenticate users to the AWS platform.

C. Yes, using the AWS multi-factor token devices to authenticate users on the AWS platform.

Answer: C

547. True or False: When you add a rule to a DB security group, you do not need to specify port number or


A. Depends on the ROMS used



Answer: B

548. Is there a limit to the number of groups you can have?

A. Yes for all users

B. Yes for all users except root

C. No

D. Yes unless special permission granted

Answer: A

549. Can I initiate a “forced failover” for my Oracle Multi-AZ DB Instance deployment?

A. Yes

B. Only in certain regions

C. Only in VPC

D. No

Answer: A

550. Amazon EC2 provides a repository of public data sets that can be seamlessly integrated into AWS

cloud-based applications. What is the monthly charge for using the public data sets?

A. A 1 time charge of 10$ for all the datasets.

B. 1$ per dataset per month

C. 10$ per month for all the datasets

D. There is no charge for using the public data sets

Answer: D

551. In the Amazon RDS Oracle DB engine, the Database Diagnostic Pack and the Database Tuning Pack

are only available with _ _

A. Oracle Standard Edition

B. Oracle Express Edition

C. Oracle Enterprise Edition

D. None of these

Answer: C

552. Without -‘ you must either create multiple AWS accounts-each with its own billing and subscriptions to

AWS products-or your employees must share the security credentials of a single AWS account.

A. Amazon RDS

B. Amazon Glacier

C. Amazon EMR

D. Amazon IAM

Answer: D

553. Amazon RDS supports SOAP only through _ _





Answer: D

554. The Amazon EC2 web service can be accessed using the _ web services messaging protocol. This

interface is described by a Web Services Description Language (WSDL) document.





Answer: A

555. Is creating a Read Replica of another Read Replica supported?

A. Only in VPC

B. Yes

C. Only in certain regions

D. No

Answer: D

556. What is the charge for the data transfer incurred in replicating data between your primary and


A. Same as the standard data transfer charge

B. Double the standard data transfer charge

C. No charge. It is free

D. Half of the standard data transfer charge

Answer: C

557. HTIP Query-based requests are HTIP requests that use the HTIP verb GET or POST and a Query

parameter named _ _

A. Action

B. Value

C. Reset

D. Retrieve

Answer: A

558. What happens to the 1/0 operations while you take a database snapshot?

A. 1/0 operations to the database are suspended for an hour while the backup is in progress.

B. 1/0 operations to the database are sent to a Replica (if available) for a few minutes while the backup is in


C. 1/0 operations will be functioning normally

D. 1/0 operations to the database are suspended for a few minutes while the backup is in progress.

Answer: D

559. Amazon RDS creates an SSL certificate and installs the certificate on the DB Instance when Amazon

RDS provisions the instance. These certificates are signed by a certificate authority. The _ is stored at

A. private key

B. foreign key

C. public key

D. protected key

Answer: A

560. embodies the “share-nothing” architecture and essentially involves breaking a large database into

several smaller databases. Common ways to split a database include

1) splitting tables that are notjoined in the same query onto different hosts or

2) duplicating a table across multiple hosts and then using a hashing algorithm to determine which host

receives a given update.

A. $harding

B. Fai lure recovery

C. Federation

D. DOL operations

Answer: A

561. What is the name of licensing model in which I can use your existing Oracle Database licenses to run

Oracle deployments on Amazon RDS?

A. Bring Your Own License

B. Role Bases License

C. Enterprise License

D. License Included

Answer: A

562. When you resize the Amazon RDS DB instance, Amazon RDS will perform the upgrade during the

next maintenance window. If you want the upgrade to be performed now, rather than waiting for the

maintenance window, specify the _ option.

A. Apply Now

B. Apply Soon

C. Apply This

D. Apply Immediately

Answer: D

563. Does Amazon Route 53 support NS Records?

A. Yes, it supports Name Service records.

B. No

C. It supports only MX records.

D. Yes, it supports Name Sewer records.

Answer: D

564. The SQL Server _ feature is an efficient means of copying data from a source database to your DB

Instance. It writes the data that you specify to a data file, such as an ASCII file.

A. bulk copy

B. group copy

C. dual copy

D. mass copy

Answer: A

565. When using consolidated billing there are two account types. What are they?

A. Paying account and Linked account

B. Parent account and Child account

C. Main account and Sub account.

D. Main account and Secondary account.

Answer: A

566. A _ is a document that provides a formal statement of one or more permissions.

A. policy

B. permission

C. Role

D. resource

Answer: A

567. In the Amazon RDS which uses the SQL Server engine, what is the maximum size for a Microsoft SQL

Server DB Instance with SQL Sewer Express edition?

A. 10GB per DB

B. 100GB per DB

C. 2 TB per DB

D. 1TB per DB

Answer: A

568. Regarding the attaching of ENI to an instance, what does ‘warm attach’ refer to?

A. Attaching an ENI to an instance when it is stopped.

B. This QUESTION doesn’t make sense.

C. Attaching an ENI to an instance when it is running

D. Attaching an ENI to an instance during the launch process

Answer: A

569. If I scale the storage capacity provisioned to my DB Instance by mid of a billing month, how will I be


A. You will be charged for the highest storage capacity you have used

B. On a proration basis

C. You will be charged for the lowest storage capacity you have used

Answer: B

570. You can modify the backup retention period; valid values are 0 (for no backup retention) to a maximum

of days.

A. 45

B. 35

C. 15

D. 5

Answer: B

571. A Provisioned IOPS volume must be at |east_ GB in size

A. 1

B. 50

C. 20

D. 10

Answer: D

572. Willi be alerted when automatic fail over occurs?

A. Only if SNS configured

B. No

C. Yes

D. Only if Cloudwatch configured

Answer: C

573. How can an EBS volume that is currently attached to an EC2 instance be migrated from one

Availability Zone to another?

A. Detach the volume and attach it to another EC2 instance in the other AZ.

B. Simply create a new volume in the other AZ and specify the original volume as the source.

C. Create a snapshot of the volume, and create a new volume from the snapshot in the other AZ.

D. Detach the volume, then use the ec2-migrate-voiume command to move it to another AZ.

Answer: C

574. If you’ re unable to connect via SSH to your EC2 instance, which of the following should you check and

possibly correct to restore connectMty?

A. Adjust Security Group to permit egress traffic over TCP port 443 from your IP.

B. Configure the JAM role to permit changes to security group settings.

C. Modify the instance security group to allow ingress of ICMP packets from your IP.

D. Adjust the instance’s Security Group to permit ingress traffic over port 22 from your IP.

E. Apply the most recently released Operating System security patches.

Answer: D


575. Which of the following features ensures even distribution of traffic to Amazon EC2 instances in

multiple Availability Zones registered with a load balancer?

A. Elastic Load Balancing request routing

B. An Amazon Route 53 weighted routing policy

C. Elastic Load Balancing cross-zone load balancing

D. An Amazon Route 53 latency routing pol icy

Answer: A



576. You are using an m1.smaII EC2 Instance with one 300GB EBS volume to host a relational database.

You determined that write throughput to the database needs to be increased. Which of the following

approaches can help achieve this? Choose 2 answers

A. Use an array of EBS volumes.

B. Enable Multi-AZ mode.

C. Place the instance in an Auto Scaling Groups

D. Add an EBS volume and place into RAID 5.

E. Increase the size of the EC2 Instance.

F. Put the database behind an Elastic Load Balancer.

Answer: D, E

577. After launching an instance that you intend to serve as a NAT (Network Address Translation) device in

a public subnet you modify your route tables to have the NAT device be the target of internet bound traffic

of your private subnet. When you try and make an outbound connection to the internet from an instance in

the private subnet, you are not successful. Which of the following steps could resolve the issue?

A. Disabling the Source/Destination Check attribute on the NAT instance

B. Attaching an Elastic IP address to the instance in the private subnet

C. Attaching a second Elastic Network Interface (EN I) to the NAT instance, and placing it in the private sub


D. Attaching a second Elastic Network Interface (ENI) to the instance in the private subnet, and placing it in

the public subnet

Answer: A



578. You are building a solution for a customer to extend their on-premises data center to AWS. The


requires a 50-Mbps dedicated and private connection to their VPC. Which AWS product or feature satisfies

this requirement?

A. Amazon VPC peering

B. Elastic IP Addresses

C. AWS Direct Connect

D. Amazon VPC virtual private gateway

Answer: C

579. You nave multiple Amazon EC2 instances running in a cluster across multiple Availability Zones within

the same region. What combination of the following should be used to ensure the highest network

performance (packets per second), lowest latency, and Iowestjitter? Choose 3 answers

A. Amazon EC2 placement groups

B. Enhanced networking

C. Amazon PV AMI

D. Amazon HVM AM

E. Amazon Linux

F. Amazon VPC

Answer: A, B, E

580. When using the following AWS services, which should be implemented in multiple Availability Zones

for high availability solutions? Choose 2 answers

A. Amazon DynamoDB

B. Amazon Elastic Compute Cloud (EC2)

C. Amazon Elastic Load Balancing

D. Amazon Simple Notification Service (SNS)

E. Amazon Simple Storage Service {53)

Answer: B, C

581. You have a video transcoding application running on Amazon EC2. Each instance pol Is a queue to

find out which video should be transcoded, and then runs a transcoding process. If this process is

interrupted, the video will be transcoded by another instance based on the queuing system. You have a

large backlog of videos which need to be transcoded and would like to reduce this backlog by adding more

instances. You will need these instances only until the backlog is reduced. Which type of Amazon EC2

instances should you use to reduce the backlog in the most cost efficient way?

A. Reserved instances

B. Spot instances

C. Dedicated instances

D. On-demand instances

Answer: B



582. You have an EC2 Security Group with several running EC2 instances. You change the Security Group

rules to allow inbound traffic on a new port and protocol, and launch several new instances in the same

Security Group. The new rules apply:

A. Immediately to all instances in the security group.

B. Immediately to the new instances only.

C. Immediately to the new instances, but old instances must be stopped and restarted before the new rules


D. To all instances, but it may take several minutes for old instances to see the changes.

Answer: A

583. Which services allow the customer to retain full administrative prMleges of the underlying EC2

instances? Choose 2 answers

A. Amazon Relational Database Service

B. Amazon Elastic Map Reduce

C. Amazon EIastiCache

D. Amazon DynamoDB

E. AWS Elastic Beanstalk

Answer: B, E

584. A company is building a two-tier web application to serve dynamic transaction-based content. The

data tier is leveraging an Online Transactional Processing (OLTP) database. What services should you

leverage to enable an elastic and scalable web tier?

A. Elastic Load Balancing, Amazon EC2, and Auto Scaling

B. Elastic Load Balancing, Amazon RDS with Multi-AZ, and Amazon 53

C. Amazon RDS with MuIti-AZ and Auto Scaling

D. Amazon EC2, Amazon DynamoDB, and Amazon 53

Answer: A

585. Your application provides data transformation services. Files containing data to be transformed are

first uploaded to Amazon 53 and then transformed by a fileet of spot EC2 instances. Fi les submitted by

your premium customers must be transformed with the highest priority. How should you implement such a


A. Use a DynamoDB table with an attribute defining the priority level. Transformation instances will scan the

table for tasks, sorting the results by priority level.

B. Use Route 53 latency based-routing to send high priority tasks to the closest transformation instances.

C. Use two SQS queues, one for high priority messages, the other for default priority. Transformation

instances first poll the high priority queue; if there is no message, they poll the default priority queue.

D. Use a single SQS queue. Each message contains the priority level. Transformation instances poll

high-priority messages first.

Answer: C

586. Which technique can be used to integrate AWS IAM (Identity and Access Management) with an

on-premise LDAP (Lightweight Directory Access Protocol) directory service?

A. Use an IAM policy that references the LDAP account identifiers and the AWS credentials.

B. Use SANIL (Security Assertion Markup Language) to enable single sign-on between AWS and LDAP.

C. Use AWS Security Token Service from an identity broker to issue short-lived AWS credentials.

D. Use IAM roles to automatically rotate the IAM credentials when LDAP credentials are updated.

E. Use the LDAP credentials to restrict a group of users from launching specific EC2 instance types.

Answer: B

587. Which of the following are characteristics of Amazon VPC subnets? Choose 2 answers

A. Each subnet spans at least 2 Availability Zones to provide a high-availability environment.

B. Each subnet maps to a single Availability Zone.

C. CIDR block mask of/25 is the smallest range supported.

D. By default, all subnets can route between each other, whether they are private or public.

E. Instances in a private subnet can communicate with the Internet only if they have an Elastic IP.

Answer: B, E

588. A customer is leveraging Amazon Simple Storage Service in eu-west-1 to store static content for a

web-based property. The customer is storing objects using the Standard Storage class. Where are the

customers objects replicated?

A. A single facility in eu-west-I and a single facility in eu-central-1

B. A single facility in eu-west-I and a single facility in us-east-I

C. IV|u|tip|e facilities in eu-west-I

D. A single facility in eu-west-1

Answer: C

589. Your web application front end consists of multiple EC2 instances behind an Elastic Load Balancer.

You configured ELB to perform health checks on these EC2 instances, if an instance fails to pass health

checks, which statement will be true?

A. The instance gets terminated automatically by the ELB

B. The instance gets quarantined by the ELB for root cause analysis.

C. The instance is replaced automatically by the ELB

D. The ELB stops sending traffic to the instance that failed its health check.

Answer: D

590. In AWS, which security aspects are the customer’s responsibility? Choose 4 answers

A. Security Group and ACL {Access Control List} settings

B. Decommissioning storage devices

C. Patch management on the EC2 instance’s operating system

D. Life-cycle management of IAM credentials

E. Controlling physical access to compute resources

F. Encryption of EBS {Elastic Block Storage} volumes

Answer: A, C, D, F


591. You have a web application running on six Amazon EC2 instances, consuming about 45% of

resources on each instance. You are using auto-scaling to make sure that six instances are running at all


The number of requests this application processes is consistent and does not experience spikes. The

application is critical to your business and you want high availability at all times. You want the load to be

distributed evenly between all instances. You also want to use the same Amazon Machine Image (AMI) for

all instances. Which of the following architectural choices should you make?

A. Deploy 6 EC2 instances in one availability zone and use Amazon Elastic Load Balancer.

B. Deploy 3 EC2 instances in one region and 3 in another region and use Amazon Elastic Load Balancer.

C. Deploy 3 EC2 instances in one availability zone and 3 in another availability zone and use Amazon

Elastic Load Balancer.

D. Deploy 2 EC2 instances in three regions and use Amazon Elastic Load Balancer.

Answer: C


Reference: (page 8)

592. You have decided to change the instance type for instances running in your application tier that is

using Auto Scaling. In which area below would you change the instance type definition?

A. Auto Scaling policy

B. Auto Scaling group

C. Auto Scaling tags

D. Auto Scaling launch configuration

Answer: D

593. When an EC2 EBS-backed (EBS root} instance is stopped, what happens to the data on any

ephemeral store volumes?

A. Data is automatically saved in an EBS volume.

B. Data is unavailable until the instance is restarted.

C. Data will be deleted and will no longer be accessible.

D. Data is automatically saved as an EBS snapshot.

Answer: B


594. Which of the following items are required to allow an application deployed on an EC2 instance to write

data to a DynamoDB table? Assume that no security keys are allowed to be stored on the EC2 instance.

(Choose 2 answers)

A. Create an IAM Role that allows write access to the DynamoDB tab Ie.

B. Add an IAM Role to a running EC2 instance.

C. Create an IAM User that al lows write access to the Dynamo DB tab Ie.

D. Add an IAM User to a running EC2 instance.

E. launch an EC2 Instance with the IAM Role included in the launch configuration.

Answer: A, E



595. When you put objects in Amazon 53, what is the indication that an object was successfully stored?

A. A HTIP 200 result code and MDS checksum, taken together, indicate that the operation was successful.

B. Amazon 53 is engineered for 99.999999999% durability. Therefore there is no need to confirm that data

was inserted.

C. A success code is inserted into the 53 object metadata.

D. Each 53 account has a special bucket named _s3_1ogs. Success codes are written to this bucket with a

timestamp and checksum.

Answer: A

596. What is one key difference between an Amazon EBS-backed and an instance-store backed instance?

A. Amazon EBS-backed instances can be stopped and restarted.

B. Instance-store backed instances can be stopped and restarted.

C. Auto scaling requires using Amazon EBS-backed instances.

D. Virtual Private Cloud requires EBS backed instances.

Answer: A




597. A company wants to implement their website in a virtual private cloud (VPC). The web tier will use an

Auto Scaling group across multiple Availability Zones (AZs). The database will use MuIti-AZ RDS MySQL

and should not be publicly accessible. What is the minimum number of subnets that need to be configured

in the VPC?

A. 1

B. 2

C. 3

D. 4

Answer: B

598. You have launched an Amazon Elastic Compute Cloud (EC2) instance into a public subnet with a

primary private I P address assigned, an internet gateway is attached to the VPC, and the public route table

is configured to send all Internet-based traffic to the Internet gateway. The instance security group is set to

allow all outbound traffic but cannot access the internet. Why is the Internet unreachable from this


A. The instance does not have a public IP address.

B. The internet gateway security group must allow all outbound traffic.

C. The instance security group must allow all inbound traffic.

D. The instance “Source/Destination check” property must be enabled.

Answer: A

599. You launch an Amazon EC2 instance without an assigned AVVS identity and Access Management

(IAM) role. Later, you decide that the instance should be running with an IAM role. Which action must you

take in order to have a running Amazon EC2 instance with an IAM role assigned to it?

A. Create an image of the instance, and register the image with an IAM role assigned and an Amazon EBS

volume mapping.

B. Create a new IAM role with the same permissions as an existing IAM role, and assign it to the running


C. Create an image of the instance, add a new IAM role with the same permissions as the desired IAM role,

and deregister the image with the new role assigned.

D. Create an image of the instance, and use this image to launch a new instance with the desired Lam role


Answer: D



600. How can the domain’s zone apex, for example, “”, be pointed towards an

Elastic Load Balancer?

A. By using an Amazon Route 53 Alias record

B. By using an AAAA record

C. By using an Amazon Route 53 CNAME record

D. By using an A record

Answer: A

27 views0 comments

Recent Posts

See All

Question 1 Exit Quiz Domain: Security Which AWS service provides infrastructure security optimization recommendations? A.AWS Application Programming Interface(API) B.Reserved Instances C.AWS Trusted A