Term
You have an Amazon S3 bucket that you use to store objects. You'd like to encrypt some of the new objects you upload to this bucket. Which header do you need to use in order to request server-side encryption when using the REST API? |
|
Definition
x-amz-server-side-encryption |
|
|
Term
What is the primary advantage of a conditional write? |
|
Definition
A change to the Dynamo DB attribute will only be written if that attributes has not changed since it was last read. |
|
|
Term
Which of the following best describes the messages SNS sends to endpoints: |
|
Definition
A JSON document with parameters such as Message, Signature, Subject, and Type. |
|
|
Term
While working with the S3 API you receive an error: 404 Not Found. What is the most likely cause for this error? |
|
Definition
|
|
Term
True or False: 10.4.120.24 is a valid S3 bucket name. |
|
Definition
|
|
Term
What is the Uptime SLA for Amazon EC2 and EBS within a given region? |
|
Definition
|
|
Term
Your application instance takes 40 seconds to process instructions received in an SQS message. Assuming the SQS queue is configured with the default Visibility Timeout, what is the best way to configure your application to ensure that no other instances retrieve a message that has already been processed or is currently being processed? |
|
Definition
Use the ReceiveMessage API call to retrieve the message, the ChangeMessageVisibility API call to increase the visibility timeout and the DeleteMessageAPI call to delete the message. |
|
|
Term
Your AWS environment contains several reserved EC2 instances dedicated to a project that has just been cancelled. You need to recoup the cost of these reserved instances, and you need to preserve the data for future use. What can you do to minimize charges for these instances? |
|
Definition
Take snapshots of the EBS volumes and terminate the instances. Sell the unused instances on the AWS marketplace. |
|
|
Term
True or False: Amazon S3 does not generally handle error codes with HTTP responses. |
|
Definition
|
|
Term
Your EC2 instance has an IAM role that allows it to write to an SQS queue. The instance is attempting to write a 512KB message to the SQS queue. What will the result of this attempt be? |
|
Definition
It will fail. The 512KB message size exceeds the size limit of 256KB. |
|
|
Term
When using the Ref function in CloudFormation, what do we get back if we pass in the logical ID of an AWS::EC2::Instance object? |
|
Definition
The object's Instance ID. |
|
|
Term
Your "forums" table has a primary key of "id". Using DynamoDB, you're able to query the data based on the "id" primary key. You need to be able to query the forums table by userId. What would you add to the table during table creation time? |
|
Definition
Create a secondary index. |
|
|
Term
Your app requires 600 eventually consistent reads of 9KB per minute. How many read capacity units should you provision? |
|
Definition
|
|
Term
Your application is trying to upload a 6TB file to S3 and you receive an error message telling you that your proposed upload exceeds the maximum allowed object size. What is the best way to accomplish this file upload? |
|
Definition
Cannot fix, maximum size of S3 is 5TB. |
|
|
Term
You can use your existing Microsoft Windows Server licenses with an Amazon EC2 shared tenancy instance. |
|
Definition
FALSE. A Dedicated Host is required if you want to use your existing Windows Server licenses with EC2. |
|
|
Term
Your supervisor calls you wanting to know why she has not been receiving email notifications for AWS billing alerts. What do you suspect the problem might be? (Choose 3 answers.) |
|
Definition
Your supervisor has not responded to the confirmation email sent from the SNS when you added a subscription for her email address. Billing alerts are not configured. SNS subscription is not configured for email alerts. |
|
|
Term
Which of the following services can be used to host a static web site? |
|
Definition
|
|
Term
Which of these CloudFormation snippets of code will return an address that can be used to access our application from our browser if we're using a resource type of AWS::ElasticLoadBalancing::LoadBalancer with Logical ID "ElasticLoadBalancer"? |
|
Definition
Fn::Join":["",{"Fn::GetAtt":["ElasticLoadBalancer","DNSName"]}] |
|
|
Term
You are a system administrator and you need to take a consistent snapshot of your EC2 instance. Your application holds large amounts of data in cache that is not written to disk automatically. What would be the best approach to taking an application consistent snapshot? |
|
Definition
As you need an application consistent snapshot, your best option would be to shutdown the EC2 instance and detach the EBS volume, then take the snapshot. |
|
|
Term
You've enabled website hosting on a bucket named "acloud.guru" in the US-East-1 (US standard region). Select the URL you'll receive from AWS as the URL for the bucket. |
|
Definition
acloud.guru.s3-website-us-east-1.amazonaws.com |
|
|
Term
Which of the following is NOT a valid EC2 instance type? |
|
Definition
|
|
Term
Your supervisor is upset about the fact that SNS topics that he subscribed to are now cluttering up his email inbox. How can he stop receiving email from SNS without disrupting other usersäó» ability to receive email from SNS? (Choose two.) |
|
Definition
You can delete the subscription from the SNS topic responsible for the emails. He can use the SNS information provided within emails. |
|
|
Term
By default, how many Elastic IP addresses are you limited to per region? |
|
Definition
|
|
Term
You are working with the S3 API and receive an error: 409 Conflict. What is a possible cause of this error? |
|
Definition
You're attempting to remove a bucket without first deleting the contents of the bucket. |
|
|
Term
It is best practice to use Access Keys whenever possible, rather than IAM Roles. |
|
Definition
FALSE. It is always better to assign roles. Following the "least privilege modeI, IAM Roles grant each user a unique set of security credentials. |
|
|
Term
What is the default limit for CloudFormation templates per region? |
|
Definition
There is no limit to the number of cloud formation templates you can have in a region. |
|
|
Term
True or False: You should store your Access Keys in an AMI. |
|
Definition
FALSE, Access Keys should never be stored in an AMI. |
|
|
Term
Each AWS account can own a maximum of how many buckets? |
|
Definition
|
|
Term
Which of the following AWS services can be used to record logs of API calls |
|
Definition
|
|
Term
True or False: S3 does not support website redirects. |
|
Definition
FALSE, S3 DOES support website redirects. |
|
|
Term
Which of the following can be increased by contacting AWS support: |
|
Definition
S3 buckets per account and DynamoDB tables per account. |
|
|
Term
One of your junior developers has never had AWS Access before, and he needs access to an Elastic Load Balancer in your custom VPC. This is the first and only time he will need access. Which of the following choices is the most secure way to grant this access? |
|
Definition
Create a user with the desired privileges then delete the user after completion. |
|
|
Term
Ajax, Inc. provides an online image recognition service and utilizes SQS to decouple system components. The SQS consumers poll the imaging queue as often as possible to keep end-to-end throughput as high as possible. However, Ajax, Inc. is realizing that polling in tight loops is burning CPU cycles and that empty responses are increasing costs. How can Ajax, Inc. reduce the number of empty responses? |
|
Definition
Set the imaging queue ReceiveMessageWaitTimeSeconds attribute to 20 seconds. |
|
|
Term
True or Flase: The only SNS notification event supported by S3 is S3:ReducedRedundancyLostObject. |
|
Definition
FALSE. There are commands for Notifications are also available for HTTP PUT and POST, S3 copy actions, and S3 CompleteMultipartUpload. |
|
|
Term
Your new web app is deployed within an Amazon VPC, and is connected to your corporate data center via IPSec VPN. The application must authenticate against the on-premise LDAP server to give authenticated, logged-in users access to an S3 keyspace specific to the user. Which two of the following methods will give your users the access they need? |
|
Definition
The application authenticates against LDAP, retrieves the name of an IAM role associated with the user. The application then calls the IAM Security Token Service to assume that IAM role. Application can use temporary credentials to access the S3 keyspace.
Develop an identity broker which authenticates against LDAP, and then calls the IAM Security Token Service to get IAM Federated User Credentials. The application calls the identity broker to get IAM federated user credentials with access to the appropriate keyspace. |
|
|
Term
S3 bucket names are transferrable. True or False? |
|
Definition
False, bucket names are not transferrable. |
|
|
Term
A recent increase in the amount of users of an application hosted on an EC2 instance that you manage has caused the instanceäó»s OS to run out of CPU resources and crash. The crash caused several usersäó» unsaved data to be lost and your supervisor wants to know how this problem can be avoided in the future. Which of the following would you not recommend? |
|
Definition
Take frequent snapshots of the EBS volume during business hours to ensure user data is backed up. |
|
|
Term
You have designed an application that stores large videos in S3. These videos are usually larger than 100Mb in size. You need to maximize upload performance. Select two answers that will achieve this end. |
|
Definition
Design the application to use multipart upload, which are then uploaded simultaneously. Utilize S3 transfer acceleration. |
|
|
Term
You would like to set up a static website on S3 with the least possible effort. The URL of the website is unimportant to you. Which of the following steps are necessary? |
|
Definition
Upload an index document to your S3 bucket, enable static website hosting, select the make public permission of S3 buckets. |
|
|
Term
Uptime SLA for EC2 and EBS |
|
Definition
|
|
Term
Your application is trying to upload a 6TB file to S3 and you receive an error message telling you that your proposed upload exceeds the maximum allowed object size. What is the best way to accomplish this file upload? |
|
Definition
Cannot fix, maximum size of an object is 5TB. |
|
|
Term
What is the availability of S3 - IA |
|
Definition
|
|