QUESTION 75
A user wants to access RDS from an EC2 instance using IP addresses. Both RDS and EC2 are
in the same region, but different AZs. Which of the below mentioned options help configure that
the instance is accessed faster?
A. Configure the Private IP of the Instance in RDS security group
B. Security group of EC2 allowed in the RDS security group
C. Configuring the elastic IP of the instance in RDS security group
D. Configure the Public IP of the instance in RDS security group
Answer: A
Explanation:
If the user is going to specify an IP range in RDS security group, AWS recommends using the
private IP address of the Amazon EC2 instance. This provides a more direct network route from
the Amazon EC2 instance to the Amazon RDS DB instance, and does not incur network charges
for the data sent outside of the Amazon network.
QUESTION 76
A user is creating a snapshot of an EBS volume. Which of the below statements is incorrect in
relation to the creation of an EBS snapshot?
A. Its incremental
B. It can be used to launch a new instance
C. It is stored in the same AZ as the volume
D. It is a point in time backup of the EBS volume
Answer: C
Explanation:
The EBS snapshots are a point in time backup of the EBS volume. It is an incremental snapshot,
but is always specific to the region and never specific to a single AZ. Hence the statement "It is
stored in the same AZ as the volume" is incorrect.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html
QUESTION 77
A user is planning to use EBS for his DB requirement. The user already has an EC2 instance
running in the VPC private subnet. How can the user attach the EBS volume to a running
instance?
A. The user must create EBS within the same VPC and then attach it to a running instance.
B. The user can create EBS in the same zone as the subnet of instance and attach that EBS to
instance.
C. It is not possible to attach an EBS to an instance running in VPC until the instance is stopped.
D. The user can specify the same subnet while creating EBS and then attach it to a running
instance.
Answer: B
Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. The user
can create subnets as per the requirement within a VPC. The VPC is always specific to a region.
The user can create a VPC which can span multiple Availability Zones by adding one or more
subnets in each Availability Zone.
The instance launched will always be in the same availability zone of the respective subnet.
When creating an EBS the user cannot specify the subnet or VPC. However, the user must
create the EBS in the same zone as the instance so that it can attach the EBS volume to the
running instance.
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html#VPCSubnet
QUESTION 78
Which of the following groups is AWS Elastic Beanstalk best suited for?
A. Those who want to deploy and manage their applications within minutes in the AWS cloud
B. Those who want to privately store and manage Git repositories in the AWS cloud.
C. Those who want to automate the deployment of applications to instances and to update the
applications as required
D. Those who want to model, visualize, and automate the steps required to release software
Answer: A
Explanation:
AWS Elastic Beanstalk is best suited for those groups who want to deploy and manage their
applications within minutes in the AWS cloud. As a bonus, you don't even need experience with
cloud computing to get started.
https://aws.amazon.com/elasticbeanstalk/faqs/
QUESTION 79
You are using Amazon SQS and are getting a "Queue Deleted Recently" error. What is wrong?
A. The message is too big
B. You have incorrect permissions
C. Another user has deleted the queue
D. If you delete a queue, you need to wait for at least 60 seconds before creating a queue with the
same name
Answer: D
Explanation:
If you delete a queue, you need to wait for at least 60 seconds before creating a queue with the
same name. Please note that when you delete a queue, the deletion process takes up to 60
seconds. Requests you send to a recently deleted queue might succeed during the 60-second
period. For example, a SendMessage request might succeed, but after 60 seconds the queue
and that message you sent no longer exists.
https://aws.amazon.com/items/1343?externalID=1343
QUESTION 80
Your manager has requested you to tag EC2 instances to organize and manage a load balancer.
Which of the following statements about tag restrictions is incorrect?
A. The maximum key length is 127 Unicode characters.
B. The maximum value length is 255 Unicode characters.
C. Tag keys and values are case sensitive.
D. The maximum number of tags per load balancer is 20.
Answer: D
Explanation:
Tags help you to categorize your load balancers in different ways, for example, by purpose,
owner, or environment. The following basic restrictions apply to tags: The maximum number of
tags per resource is
- The maximum key length is 127 Unicode characters. The maximum value length that can be
used is 255 Unicode characters. The tag keys and values are case sensitive. Allowed characters
are letters, spaces, and numbers representable in UTF-8, plus the following special characters: +
- =. _ : / @. Do not use leading or trailing spaces. Do not use the aws: prefix in your tag names or
values because it is reserved for AWS use. You can't edit or delete tag names or values with this
prefix. Tags with this prefix do not count against your tags per resource limit.
QUESTION 81
A user is trying to find the state of an S3 bucket with respect to versioning. Which of the below
mentioned states AWS will not return when queried?
A. versioning-enabled
B. versioning-suspended
C. unversioned
D. versioned
Answer: D
Explanation:
S3 buckets can be in one of the three states: unversioned (the default), versioning-enabled or
versioning-suspended. The bucket owner can configure the versioning state of a bucket. The
versioning state applies to all (never some) of the objects in that bucket. The first time owner
enables a bucket for versioning, objects in it are thereafter always versioned and given a unique
version ID.
http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html
QUESTION 82
What is the maximum number of tags that a user can assign to an EC2 instance?
A. 50
B. 10
C. 5
D. 25
Answer: B
Explanation:
To help manage EC2 instances as well as their usage in a better way, the user can tag the
instances. The tags are metadata assigned by the user which consists of a key and a value.
One resource can have a maximum of 10 tags.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html
QUESTION 83
How do you configure SQS to support longer message retention?
A. Set the MessageRetentionPeriod attribute using the SetQueueAttributes method
B. Using a Lambda function
C. You can't. It is set to 14 days and cannot be changed
D. You need to request it from AWS
Answer: A
Explanation:
To configure the message retention period, set the MessageRetentionPeriod attribute using the
SetQueueAttributes method. This attribute is used to specify the number of seconds a message
will be retained by SQS. Currently the default value for the message retention period is 4 days.
Using the MessageRetentionPeriod attribute, the message retention period can be set anywhere
from 60 seconds (1 minute), up to 1209600 seconds (14 days).
https://aws.amazon.com/sqs/faqs/
QUESTION 84
The user has created multiple AutoScaling groups. The user is trying to create a new AS group
but it fails. How can the user know that he has reached the AS group limit specified by
AutoScaling in that region?
A. Run the command: as-describe-account-limits
B. Run the command: as-describe-group-limits
C. Run the command: as-max-account-limits
D. Run the command: as-list-account-limits
Answer: A
Explanation:
A user can see the number of AutoScaling resources currently allowed for the AWS account
either by using the as-describe-account-limits command or by calling the DescribeAccountLimits
action.
http://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/ts-as-capacity.html
QUESTION 85
An organization is hosting an application as part of the free usage tier. The organization wants to
create IAM users for each of its 150 employees and they may access AWS as part of free usage
tier. What will you advise the organization?
A. The IAM is not available as a part of the free usage tier
B. Create IAM roles and give access based on role since it will not cost the user
C. Do not create more than 100 users as it will cost the organization.
D. Create IAM users for each employee as it does not cost
Answer: D
Explanation:
IAM is a free service. You can create as many IAM users or groups as desired free of cost.
http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_Introduction.html
QUESTION 86
A user has enabled serverside encryption with S3. The user downloads the encrypted object from
S3.
How can the user decrypt it?
A. S3 does not support server side encryption
B. S3 provides a server side key to decrypt the object
C. The user needs to decrypt the object using their own private key
D. S3 manages encryption and decryption automatically
Answer: D
Explanation:
If the user is using the server-side encryption feature, Amazon S3 encrypts the object data before
saving it on disks in its data centres and decrypts it when the user downloads the objects. Thus,
the user is free from the tasks of managing encryption, encryption keys, and related tools.
http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingEncryption.html
QUESTION 87
A user has configured ELB with two instances running in separate AZs of the same region?
Which of the below mentioned statements is true?
A. Multi AZ instances will provide HA with ELB
B. Multi AZ instances are not possible with a single ELB
C. Multi AZ instances will provide scalability with ELB
D. The user can achieve both HA and scalability with ELB
Answer: A
Explanation:
If a user is running two instances in separate AZs, it will provide HA with ELB since ELB will
automatically stop routing the traffic to unhealthy instances and send it to healthy instances only.
QUESTION 88
Does Amazon DynamoDB support both increment and decrement atomic operations?
A. No, neither increment nor decrement operations.
B. Only increment, since decrement are inherently impossible with DynamoDB's data model.
C. Only decrement, since increment are inherently impossible with DynamoDB's data model.
D. Yes, both increment and decrement operations.
Answer: D
Explanation:
Amazon DynamoDB supports increment and decrement atomic operations.
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/APISummary.html
QUESTION 89
What is the data model of DynamoDB?
A. "Items", with Keys and one or more Attribute; and "Attribute", with Name and Value.
B. "Database", which is a set of "Tables", which is a set of "Items", which is a set of "Attributes".
C. "Table", a collection of Items; "Items", with Keys and one or more Attribute; and "Attribute", with
Name and Value.
D. "Database", a collection of Tables; "Tables", with Keys and one or more Attribute; and
"Attribute", with Name and Value.
Answer: C
Explanation:
The data model of DynamoDB is:
"Table", a collection of Items;
"Items", with Keys and one or more Attribute;
"Attribute", with Name and Value.
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModel.html
QUESTION 90
A user is trying to configure access with S3. Which of the following options is not possible to
provide access to the S3 bucket / object?
A. Define the policy for the IAM user
B. Define the ACL for the object
C. Define the policy for the object
D. Define the policy for the bucket
Answer: C
Explanation:
Amazon S3 offers access policy options broadly categorized as resource-based policies and user
policies. Access policies, such as ACL and resource policy can be attached to the bucket. With
the object the user can only have ACL and not an object policy. The user can also attach access
policies to the IAM users in the account. These are called user policies.
http://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html
QUESTION 91
An organization has enabled a strict password policy for its IAM users. The organization is taking
help from the IAM console to set the password policy. Which of the below mentioned rules cannot
be specified by the user as a part of the policy?
A. Allow at least one lower case letter
B. Allow at least one number
C. Allow at least one non-alphanumeric character
D. Do not allow the user to use the password from the last three passwords
Answer: D
Explanation:
AWS IAM allows an organization to create multiple users and provide them access to various
AWS services. By default when the user is created, he does not have password enabled and can
not login to AWS console. If the organization wants to allow the users to login to AWS console,
they can enable password for each user. It is required that IAM users follow certain guidelines to
set their IAM login password. For this IAM provides root account owner to setup passwrod policy.
The password policy also lets the specify whether all IAM users can change their own passwords.
As part of policy, organization can specify that passwords for IAM users must be of a certain
minimum length, must include certain characters, and a few more criteria such as below.
One upper / lower or both letters
One alpha numeric
One number
http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html
QUESTION 92
A user has developed an application which is required to send the data to a NoSQL database.
The user wants to decouple the data sending such that the application keeps processing and
sending data but does not wait for an acknowledgement of DB. Which of the below mentioned
applications helps in this scenario?
A. AWS Simple Notification Service
B. AWS Simple Workflow
C. AWS Simple Query Service
D. AWS Simple Queue Service
Answer: D
Explanation:
Amazon Simple Queue Service (SQS) is a fast, reliable, scalable, and fully managed message
queuing service. SQS provides a simple and cost-effective way to decouple the components of
an application. In this case, the user can use AWS SQS to send messages which are received
from an application and sent to DB. The application can continue processing data without waiting
for any acknowledgement from DB. The user can use SQS to transmit any volume of data without
losing messages or requiring other services to always be available.
QUESTION 93
In regard to DynamoDB, can I modify the index once it is created?
A. Yes, if it is a primary hash key index
B. Yes, if it is a Global secondary index
C. No
D. Yes, if it is a local secondary index
Answer: C
Explanation:
Currently, in DynamoDB, an index cannot be modified once it is created.
http://aws.amazon.com/dynamodb/faqs/#security_anchor
QUESTION 94
A user has created a new raw EBS volume. The user mounts the volume on the instance to
which it is attached. Which of the below mentioned options is a required step before the user can
mount the volume?
A. Run a cyclic check on the device for data consistency
B. Create a file system of the volume
C. No step is required. The user can directly mount the device
D. Resize the volume as per the original snapshot size
Answer: B
Explanation:
When a user is trying to mount a blank EBS volume, it is required that the user first creates a file
system within the volume.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html
QUESTION 95
A user is launching an AWS RDS with MySQL. Which of the below mentioned options allows the
user to configure the INNODB engine parameters?
A. Options group
B. Engine parameters
C. Parameter groups
D. DB parameters
Answer: C
Explanation:
With regard to RDS, the user can manage the configuration of a DB engine by using a DB
parameter group. A DB parameter group contains engine configuration values that can be applied
to one or more DB instances of the same instance type.
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html
QUESTION 96
A user is configuring the HTTPS protocol on a front end ELB and the SSL protocol for the backend
listener in ELB. What will ELB do?
A. It will allow you to create the configuration, but the instance will not pass the health check
B. Receives requests on HTTPS and sends it to the back end instance on SSL
C. It will not allow you to create this configuration
D. It will allow you to create the configuration, but ELB will not work as expected
Answer: C
Explanation:
If a user is configuring HTTPS on the front end and TCP on the back end, ELB will not allow
saving these listeners and will respond with the message.
"Load Balancer protocol is an application layer protocol, but instance protocol is not. Both the
Load Balancer protocol and the instance protocol should be at the same layer. Please fix."
QUESTION 97
ExamKiller (with AWS account ID 111122223333) has created 50 IAM users for its organization's
employees. What will be the AWS console URL for these associates?
A. https:// 111122223333.signin.aws.amazon.com/console/
B. https:// signin.aws.amazon.com/console/
C. https://signin.aws.amazon.com/111122223333/console/
D. https://signin.aws.amazon.com/console/111122223333/
Answer: A
Explanation:
When an organization is using AWS IAM for creating various users and manage their access
rights, the IAM user cannot use the login URL http://aws.amazon.com/console to access AWS
management console. The console login URL for the IAM user will have AWS account ID of that
organization to identify the IAM user belongs to particular account. The AWS console login URL
for the IAM user will be https:// <AWS_Account_ID>.signin.aws.amazon.com/console/.
In this case it will be https:// 111122223333.signin.aws.amazon.com/console/
http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html
QUESTION 98
A user is planning to host MS SQL on an EBS volume. It was recommended to use the AWS
RDS. What advantages will the user have if he uses RDS in comparison to an EBS based DB?
A. Better throughput with PIOPS
B. Automated backup
C. MS SQL is not supported with RDS
D. High availability with multi AZs
Answer: B
Explanation:
Comparing with on-premises or EC2 based MS SQL, RDS provides an automated backup
feature. PIOPS is available with both RDS and EBS. However, HA is not available with MS SQL.
https://aws.amazon.com/rds/faqs/
QUESTION 99
A user is setting up an Elastic Load Balancer(ELB). Which of the below parameters should the
user consider so as the instance gets registered with the ELB?
A. ELB DNS
B. IP address
C. Security group
D. ELB IP
Answer: B
Explanation:
The EC2 instances are registered with the load balancer using the IP addresses associated with
the instances. When an instance is stopped and then started, the IP address associated with the
instance changes. This prevents the load balancer from routing traffic to the restarted instance.
When the user stops and then starts registered EC2 instances, it is recommended that to deregister
the stopped instance from load balancer, and then register the restarted instance. Failure
to do so may prevent the load balancer from performing health checks and routing the traffic to
the restarted instance.
QUESTION 100
The user has configured AutoScaling based on the dynamic policy. Which of the following is not
the right command to specify a change in capacity as a part of the policy?
A. "adjustment=-50" (type is PercentChangeInCapacity)
B. "adjustment=3" (type is ExactCapacity)
C. "adjustment=-1" (type is ChangeInCapacity)
D. "adjustment=-8" (type is ExactCapacity)
Answer: D
Explanation:
The user can configure the AutoScaling group to automatically scale up and then scale down
based on the various specified CloudWatch monitoring conditions. The user needs to provide the
adjustment value and the adjustment type. A positive adjustment value increases the current
capacity and a negative adjustment value decreases the current capacity. The user can express
the change to the current size as an absolute number, an increment or as a percentage of the
current group size. In this option specifying the exact capacity with the adjustment value = -8 will
not work as when type is exact capacity the adjustment value cannot be negative.
http://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/as-scale-based-on-demand.html
QUESTION 101
When you use the AWS Elastic Beanstalk console to deploy a new application
_________________.
A. you'll need to upload each file separately
B. you'll need to create each file and path
C. you'll need to upload a source bundle
D. you'll need to create each file
Answer: C
Explanation:
When you use the AWS Elastic Beanstalk console to deploy a new application or an application
version, you'll need to upload a source bundle.
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.deployment.source.html
QUESTION 102
A user is planning to use the AWS RDS with MySQL. Which of the below mentioned services the
user is not going to pay?
A. Data transfer
B. RDS Cloudwatch metrics
C. Data storage
D. I/O requests per month
Answer: B
Explanation:
RDS charges the user on a pay as you go basis. It charges the user based on the instance type,
number of hours that the instance is running, data transfer, storage cost as well for the I/O
requests. The monitoring is free of cost.
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html
QUESTION 103
A user has created a snapshot of an EBS volume. Which of the below mentioned usage cases is
not possible with respect to a snapshot?
A. Mirroring the volume from one AZ to another AZ
B. Launch an instance
C. Decrease the volume size
D. Increase the size of the volume
Answer: C
Explanation:
The EBS snapshots are a point in time backup of the volume. It is helpful to move the volume
from one AZ to another or launch a new instance. The user can increase the size of the volume
but cannot decrease it less than the original snapshot size.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html
QUESTION 104
True or False: AWS CloudFormation allows you to create Microsoft Windows stacks.
A. False, AWS CloudFormation does not support Microsoft Windows.
B. False, Amazon doesn't support Microsoft Windows.
C. False, you cannot create Windows stacks.
D. True
Answer: D
Explanation:
AWS CloudFormation allows you to create Microsoft Windows stacks based on Amazon EC2
Windows Amazon Machine Images (AMIs) and provides you with the ability to install software, to
use remote desktop to access your stack, and to update and configure your stack.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-windows-stacks.html
QUESTION 105
Which of the following solutions is not supported by DynamoDB:
A. Hash secondary index
B. Local secondary index
C. Hash Primary Key
D. Global secondary index
Answer: A
Explanation:
In DynamoDB, a secondary index is a data structure that contains a subset of attributes from a
table, along with an alternate key to support Query operations. DynamoDB supports the following
two types of secondary indexes:
Local secondary index is an index that has the same hash key as the table, but a different range
key. A local secondary index is "local" in the sense that every partition of a local secondary index
is scoped to a table partition that has the same hash key.
Global secondary index is an index with a hash and range key that can be different from those on
the table. A global secondary index is considered "global" because queries on the index can span
all of the data in a table, across all partitions.
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModel.html
QUESTION 106
An ELB is diverting traffic across 5 instances. One of the instances was unhealthy only for 20
minutes. What will happen after 20 minutes when the instance becomes healthy?
A. ELB will never divert traffic back to the same instance
B. ELB will not automatically send traffic to the same instance. However, the user can configure to
start sending traffic to the same instance
C. ELB starts sending traffic to the instance once it is healthy
D. ELB terminates the instance once it is unhealthy. Thus, the instance cannot be healthy after 10
minutes
Answer: C
Explanation:
AWS Elastic Load Balancing continuously checks the health of an instance. If one of the
instances is unhealthy it stops sending traffic to it and automatically reroutes the traffic to the
remaining running EC2 instances. If the failed EC2 instance is restored, Elastic Load Balancing
will again start sending traffic to that instance.
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/SvcIntro.html
QUESTION 107
An organization has created an application which is hosted on the AWS EC2 instance. The
application stores images to S3 when the end user uploads to it. The organization does not want
to store the AWS secure credentials required to access the S3 inside the instance. Which of the
below mentioned options is a possible solution to avoid any security threat?
A. Use the IAM role and assign it to the instance.
B. Since the application is hosted on EC2, it does not need credentials to access S3.
C. Use the X.509 certificates instead of the access and the secret access keys.
D. Use the IAM based single sign between the AWS resources and the organization application.
Answer: A
Explanation:
The AWS IAM role uses temporary security credentials to access AWS services. Once the role is
assigned to an instance, it will not need any security credentials to be stored on the instance.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
QUESTION 108
When a user is launching an instance with EC2, which of the below mentioned options is not
available during the instance launch console for a key pair?
A. Proceed without the key pair
B. Upload a new key pair
C. Select an existing key pair
D. Create a new key pair
Answer: B
Explanation:
While launching an EC2 instance, the user can create a new key pair, select an existing key pair
or proceed without a key pair. The user cannot upload a new key pair in the EC2 instance launch
console.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/launching-instance.html
QUESTION 109
Which OS does the current version of AWS Elastic Beanstalk use?
A. Amazon Linux AMI, Windows Server 2003 R2 AMI or the Windows Server 2008 R2 AMI
B. Amazon Linux AMI only
C. Amazon Linux AMI or the Windows Server 2008 R2 AMI
D. Windows Server 2008 R2 AMI only
Answer: C
Explanation:
The current version of AWS Elastic Beanstalk uses the Amazon Linux AMI or the Windows
Server 2008 R2 AMI.
https://aws.amazon.com/elasticbeanstalk/faqs/
QUESTION 110
A user is creating an EBS volume. He asks for your advice. Which advice mentioned below
should you not give to the user for creating an EBS volume?
A. Take the snapshot of the volume when the instance is stopped
B. Stripe multiple volumes attached to the same instance
C. Create an AMI from the attached volume
D. Attach multiple volumes to the same instance
Answer: C
Explanation:
When a user creates an EBS volume, the user can attach it to a running instance. The user can
attach multiple volumes to the same instance and stripe them together to increase the I/O. The
user can take a snapshot from the existing volume but cannot create an AMI from the volume.
However, the user can create an AMI from a snapshot.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html
QUESTION 111
AWS Elastic Beanstalk stores your application files and optionally server log files in_________.
A. Amazon Storage Gateway
B. Amazon Glacier
C. Amazon EC2
D. Amazon S3
Answer: D
Explanation:
AWS Elastic Beanstalk stores your application files and optionally server log files in Amazon S3.
If you are using the AWS Management Console, Git, the AWS Toolkit for Visual Studio, or AWS
Toolkit for Eclipse, an Amazon S3 bucket will be created in your account for you and the files you
upload will be automatically copied from your local client to Amazon S3. Optionally, you may
configure Elastic Beanstalk to copy your server log files every hour to Amazon S3. You do this by
editing the environment configuration settings.
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/AWSHowTo.html
QUESTION 112
The AWS console for DynamoDB enables you to do all the following operations, except:
A. Set up alarms to monitor your table's capacity usage.
B. Create, update, and delete tables.
C. Import Data from other databases or from files.
D. View your table's top monitoring metrics on real-time graphs from CloudWatch.
Answer: C
Explanation:
The AWS console for DynamoDB enables you to do all the above operation but not Importing
Data from other databases or from files and it is not possible to do it.
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ConsoleDynamoDB.html
QUESTION 113
An organization has created multiple components of a single application for
compartmentalization. Currently all the components are hosted on a single EC2 instance. Due to
security reasons the organization wants to implement two separate SSLs for the separate
modules although it is already using VPC. How can the organization achieve this with a single
instance?
A. Create a VPC instance which will have both the ACL and the security group attached to it and
have separate rules for each IP address.
B. Create a VPC instance which will have multiple network interfaces with multiple elastic IP
addresses.
C. You have to launch two instances each in a separate subnet and allow VPC peering for a single
IP.
D. Create a VPC instance which will have multiple subnets attached to it and each will have a
separate IP address.
Answer: B
Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. It enables
the user to launch AWS resources into a virtual network that the user has defined. With VPC the
user can specify multiple private IP addresses for his instances. The number of network
interfaces and private IP addresses that a user can specify for an instance depends on the
instance type. With each network interface the organization can assign an EIP. This scenario
helps when the user wants to host multiple websites on a single EC2 instance by using multiple
SSL certificates on a single server and associating each certificate with a specific EIP address. It
also helps in scenarios for operating network appliances, such as firewalls or load balancers that
have multiple private IP addresses for each network interface.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/MultipleIP.html
QUESTION 114
In regards to VPC, select the correct statement:
A. You can associate multiple subnets with the same Route Table.
B. You can associate multiple subnets with the same Route Table, but you can't associate a
subnet with only one Route Table.
C. You can't associate multiple subnets with the same Route Table.
D. None of these.
Answer: A
Explanation:
Every subnet in your VPC must be associated with exactly one Route Table.
However, multiple subnets can be associated with the same Route Table.
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html
QUESTION 115
Which of the following device names is reserved for the root device for Linux instances of
Amazon EC2?
A. /dev/sda1
B. /dev/sd[b-e]
C. xvd[a-e]
D. /dev/sd[f-p][1-6]
Answer: A
Explanation:
/dev/sda1 is the name of the device reserved for the root device for Linux instances.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html
QUESTION 116
A user has hosted a website on AWS and uses ELB to load balance the multiple instances.
The user application does not have any cookie management.
How can the user bind the session of the requestor with a particular instance?
A. Bind the IP address with a sticky cookie
B. Create a cookie at the application level to set at ELB
C. Use session synchronization with ELB
D. Let ELB generate a cookie for a specified duration
Answer: D
Explanation:
The key to manage the sticky session is determining how long the load balancer should route the
user's request to the same application instance. If the application has its own session cookie,
then the user can set the Elastic Load Balancing to create the session cookie to follow the
duration specified by the application's session cookie. If the user's application does not have its
own session cookie, then he can set the Elastic Load Balancing to create a session cookie by
specifying his own stickiness duration.
QUESTION 117
Your supervisor has asked you to build a simple file synchronization service for your department.
He doesn't want to spend too much money and he wants to be notified of any changes to files by
email. What do you think would be the best Amazon service to use for the email solution?
A. Amazon CloudSearch
B. Amazon Elastic Transcoder
C. Amazon SES
D. Amazon AppStream
Answer: C
Explanation:
File change notifications can be sent via email to users following the resource with Amazon
Simple Email Service (Amazon SES), an easy-to-use, cost-effective email solution.
http://media.amazonwebservices.com/architecturecenter/AWS_ac_ra_filesync_08.pdf
QUESTION 118
ExamKiller has three AWS accounts. They have created separate IAM users within each account.
ExamKiller wants a single IAM console URL such as
https://examkiller.signin.aws.amazon.com/console/ for all account users. How can this be
achieved?
A. Merge all the accounts with consolidated billing
B. Create the same account alias with each account ID
C. It is not possible to have the same IAM account login URL for separate AWS accounts
D. Create the S3 bucket with an alias name and use the redirect rule to forward requests to
various accounts
Answer: C
Explanation:
If a user wants the URL of the AWS IAM sign-in page to have a company name instead of the
AWS account ID, he can create an alias for his AWS account ID. The alias should be unique.
http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html
QUESTION 119
A user has enabled automated backup for an RDS instance. What is the longest duration for
which the user can retain the automated backup?
A. 25 days
B. 15 days
C. 45 days
D. 35 days
Answer: D
Explanation:
Amazon RDS provides two different methods for backing up and restoring the Amazon DB
instances:
automated backups and DB snapshots. Automated backups automatically back up the DB
instance during a specific, user-definable backup window, and keep the backups for a limited,
user-specified period of time. The maximum period can be 35 days.
QUESTION 120
A user is enabling a static website hosting on an S3 bucket. Which of the below mentioned
parameters cannot be configured by the user?
A. Error document
B. Conditional error on object name
C. Index document
D. Conditional redirection on object name
Answer: B
Explanation:
To host a static website, the user needs to configure an Amazon S3 bucket for website hosting
and then upload the website contents to the bucket. The user can configure the index, error
document as well as configure the conditional routing of on object name.
http://docs.aws.amazon.com/AmazonS3/latest/dev/HowDoIWebsiteConfiguration.html