Try the fastest way to create flashcards

AWS Certified Solutions Architect - Associate Practice Questions

5.0 (3 reviews)
Get a hint
Amazon Glacier is designed for: (Choose 2 answers)

A. active database storage.
B. infrequently accessed data.
C. data archives.
D. frequently accessed data.
E. cached session data.
Click the card to flip 👆
1 / 851
1 / 851
Terms in this set (851)
Your web application front end consists of multiple EC2 instances behind an Elastic Load Balancer. You
configured ELB to perform health checks on these EC2 instances. If an instance fails to pass health
checks, which statement will be true?

A. The instance is replaced automatically by the ELB.
B. The instance gets terminated automatically by the ELB.
C. The ELB stops sending traffic to the instance that failed its health check.
D. The instance gets quarantined by the ELB for root cause analysis.
You are building a system to distribute confidential training videos to employees. Using CloudFront, what
method could be used to serve content that is stored in S3, but not publicly accessible from S3 directly?

A. Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.
B. Add the CloudFront account security group "amazon-cf/amazon-cf-sg" to the appropriate S3 bucket
C. Create an Identity and Access Management (IAM) User for CloudFront and grant access to the
objects in your S3 bucket to that IAM User.
D. Create a S3 bucket policy that lists the CloudFront distribution ID as the Principal and the target
bucket as the Amazon Resource Name (ARN).
Which of the following will occur when an EC2 instance in a VPC with an
associated Elastic IP is stopped and started? (Choose 2 answers)

A. The Elastic IP will be dissociated from the instance
B. All data on instance-store devices will be lost
C. All data on EBS (Elastic Block Store) devices will be lost
D. The ENI (Elastic Network Interface) is detached
E. The underlying host for the instance is changed
In the basic monitoring package for EC2, Amazon CloudWatch provides the following metrics:

A. web server visible metrics such as number failed transaction requests
B. operating system visible metrics such as memory utilization
C. database visible metrics such as number of connections
D. hypervisor visible metrics such as CPU utilization
Which is an operational process performed by AWS for data security?

A. AES-256 encryption of data stored on any shared storage device
B. Decommissioning of storage devices using industry-standard practices
C. Background virus scans of EBS volumes and EBS snapshots
D. Replication of data across multiple AWS Regions
E. Secure wiping of EBS data when an EBS volume is unmounted
You have been tasked with creating a VPC network topology for your company. The VPC network must support both Internet-facing applications and internally-facing applications accessed only over VPN. Both Internet-facing and internally-facing applications must be able to leverage at least three AZs for high availability. At a minimum, how many subnets must you create within your VPC to accommodate these requirements?

A. 2
B. 3
C. 4
D. 6
You are developing a highly available web application using stateless web servers. Which services are suitable for storing session state data?
Choose 3 answers

A. Amazon CloudWatch
B. Amazon Relational Database Service (RDS)
C. Elastic Load Balancing
D. Amazon ElastiCache
E. AWS Storage Gateway
F. Amazon DynamoDB
You have a business-critical two-tier web app currently deployed in two AZs in a single region, using Elastic Load Balancing and Auto Scaling. The app depends on synchronous replication (very low latency connectivity) at the database layer. The application needs to remain fully available even if one application AZ goes off-line, and Auto Scaling cannot launch new instances in the remaining Availability Zones. How can the current architecture be enhanced to ensure this?

A. Deploy in two regions using Weighted Round Robin (WRR), with Auto Scaling minimums set for 50 percent peak load per Region.
B. Deploy in two regions using Weighted Round Robin (WRR), with Auto Scaling minimums set for 100 percent peak load per region.
C. Deploy in three Availability Zones, with Auto Scaling minimum set to handle 50 percent peak load per zone.
D. Deploy in three Availability Zones, with Auto Scaling minimum set to handle 33 percent peak load per zone.
You are deploying an application on EC2 that must call AWS APIs. What method of securely passing credentials to the application should you use?

A. Use AWS Identity and Access Management roles for EC2 instances.
B. Pass API credentials to the instance using instance userdata.
C. Embed the API credentials into your JAR files.
D. Store API credentials as an object in Amazon Simple Storage Service.
Which route must be added to your routing table in order to allow connections to the Internet from your subnet?

A. Destination: --> Target: your Internet gateway
B. Destination: --> Target: your Internet gateway
C. Destination: --> Target: your virtual private gateway
D. Destination: --> Target:
E. Destination: --> Target: your virtual private gateway
A customer's nightly EMR job processes a single 2-TB data file stored on Amazon Simple Storage Service (S3). The EMR job runs on two On-Demand core nodes and three On-Demand task nodes. Which of the following may help reduce the EMR job completion time?
Choose 2 answers

A. Use three Spot Instances rather than three On-Demand instances for the task nodes.
B. Change the input split size in the MapReduce job configuration.
C. Use a bootstrap action to present the S3 bucket as a local filesystem.
D. Launch the core nodes and task nodes within an Amazon Virtual Cloud.
E. Adjust the number of simultaneous mapper tasks.
F. Enable termination protection for the job flow.
You have an VPC with a public subnet. Three EC2 instances currently running inside the subnet can successfully communicate with other hosts on the internet. You launch a fourth instance in the same subnet, using the same AMI and security group configuration you used for the others, but find that this instance cannot be accessed from the Internet. What should you do to enable Internet access?

A. Deploy a NAT instance into the public subnet.
B. Modify the routing table for the public subnet.
C. Assign an elastic IP address to the fourth instance.
D. Configure a publicly routable IP address in the host OS of the fourth instance.