You had recently set up a Cloudwatch Alarm that performs status checks on your EBS volume. However, you noticed that the volume check has a status of insufficient-data.
What does this status means?
You had recently set up a Cloudwatch Alarm that performs status checks on your EBS volume. However, you noticed that the volume check has a status of insufficient-data.
What does this status means?
Which technique can you use to integrate AWS Identity and Access Management with an on-premise Lightweight Directory Access Protocol (LDAP) directory service?
Which technique can you use to integrate AWS Identity and Access Management with an on-premise Lightweight Directory Access Protocol (LDAP) directory service?
Which of the following statements are true regarding Amazon VPC subnets? (Choose 3)
Which of the following statements are true regarding Amazon VPC subnets? (Choose 3)
You installed sensors to track the number of visitors that goes to the park. The data is sent every other day to an Amazon Kinesis stream with default settings for processing. You noticed that your S3 bucket is not receiving all of the data that is being sent to the Kinesis stream.
What could be the reason for this?
You installed sensors to track the number of visitors that goes to the park. The data is sent every other day to an Amazon Kinesis stream with default settings for processing. You noticed that your S3 bucket is not receiving all of the data that is being sent to the Kinesis stream.
What could be the reason for this?
The social media company that you are working for needs to capture the detailed information of all HTTP requests that went through their public-facing application load balancer every five minutes. They want to use this data for analyzing traffic patterns and for troubleshooting their web applications in AWS.
Which of the following options meet the customer requirements?
The social media company that you are working for needs to capture the detailed information of all HTTP requests that went through their public-facing application load balancer every five minutes. They want to use this data for analyzing traffic patterns and for troubleshooting their web applications in AWS.
Which of the following options meet the customer requirements?
You have 2 SUSE Linux Enterprise Server instances located in different subnets in the same VPC. These EC2 instances should be able to communicate with each other, but you always get a timeout when you try to ping from one instance to another. In addition, the route tables seem to be valid and has the entry for the Target ‘local’ for your VPC CIDR.
Which of the following could be a valid reason for this issue?
You have 2 SUSE Linux Enterprise Server instances located in different subnets in the same VPC. These EC2 instances should be able to communicate with each other, but you always get a timeout when you try to ping from one instance to another. In addition, the route tables seem to be valid and has the entry for the Target ‘local’ for your VPC CIDR.
Which of the following could be a valid reason for this issue?
Does Amazon S3 provide read-after-write consistency for new objects?
Does Amazon S3 provide read-after-write consistency for new objects?
Which of the following is a durable key-based object store service?
Which of the following is a durable key-based object store service?
You created a new CloudFormation template that creates 4 EC2 instances and are connected to one Elastic Load Balancer (ELB). Which section of the template should you configure to get the Domain Name Server hostname of the ELB upon the creation of the AWS stack?
You created a new CloudFormation template that creates 4 EC2 instances and are connected to one Elastic Load Balancer (ELB). Which section of the template should you configure to get the Domain Name Server hostname of the ELB upon the creation of the AWS stack?
What is the correct indication that an object was indeed successfully stored when you put objects in Amazon S3?
What is the correct indication that an object was indeed successfully stored when you put objects in Amazon S3?
A news company has been using a Hardware Security Module (CloudHSM) for secure key storage. It is only used for generating keys for their On-demand EC2 instances. After a new support staff attempted to log in as the administrator three times using an invalid password, the Hardware Security Module has been zeroized which means that the encryption keys on it have been wiped. Sadly, You did not have a copy of the keys stored anywhere else.
How can you obtain a new copy of the keys that you have stored on Hardware Security Module?
A news company has been using a Hardware Security Module (CloudHSM) for secure key storage. It is only used for generating keys for their On-demand EC2 instances. After a new support staff attempted to log in as the administrator three times using an invalid password, the Hardware Security Module has been zeroized which means that the encryption keys on it have been wiped. Sadly, You did not have a copy of the keys stored anywhere else.
How can you obtain a new copy of the keys that you have stored on Hardware Security Module?
What is one of the major advantages of having a Virtual Private Network in AWS?
What is one of the major advantages of having a Virtual Private Network in AWS?
Your manager asked you to look for a hybrid cloud storage solution for your company. You want to recommend AWS Storage Gateway as a cloud storage but first, you need to prepare a list of the use cases for this service to ensure that it is indeed the right service for your organization.
What is the main use case of AWS Storage Gateway?
Your manager asked you to look for a hybrid cloud storage solution for your company. You want to recommend AWS Storage Gateway as a cloud storage but first, you need to prepare a list of the use cases for this service to ensure that it is indeed the right service for your organization.
What is the main use case of AWS Storage Gateway?
As a Solutions Architect, you have been requested to set up a highly decoupled application in AWS. Which of the following can help you accomplish this goal?
As a Solutions Architect, you have been requested to set up a highly decoupled application in AWS. Which of the following can help you accomplish this goal?
Which of the following items are Invalid VPC peering configurations? (Choose 3)
Which of the following items are Invalid VPC peering configurations? (Choose 3)
You are a new Solutions Architect working for a financial company. Your manager wants to have the ability to automatically transfer obsolete data from their S3 bucket to a low cost storage system in AWS.
What is the best solution you can provide to them?
You are a new Solutions Architect working for a financial company. Your manager wants to have the ability to automatically transfer obsolete data from their S3 bucket to a low cost storage system in AWS.
What is the best solution you can provide to them?
You deployed a web application to an EC2 instance that adds a variety of photo effects to a picture uploaded by the users. The application will put the generated photos to a S3 bucket by sending PUT requests to the S3 API.
You deployed a web application to an EC2 instance that adds a variety of photo effects to a picture uploaded by the users. The application will put the generated photos to a S3 bucket by sending PUT requests to the S3 API.
Which AWS service can help protect web applications in your VPC from common security threats from the Internet?
Which AWS service can help protect web applications in your VPC from common security threats from the Internet?
You are working as a solutions architect for a large financial company They have a web application hosted in their on-premise infrastructure which they want to migrate to AWS cloud. Your manager had instructed you to ensure that there is no down time while the migration process is on-going. In order to achieve this, your team had decided to divert 50% of the traffic to the new application in AWS and the other 50% to the application hosted in their on-premise infrastructure. Once the migration is over and that the application works with no issues, a full diversion to the AWS will be implemented. Which of the following steps will you do to satisfy this requirement?
You are working as a solutions architect for a large financial company They have a web application hosted in their on-premise infrastructure which they want to migrate to AWS cloud. Your manager had instructed you to ensure that there is no down time while the migration process is on-going. In order to achieve this, your team had decided to divert 50% of the traffic to the new application in AWS and the other 50% to the application hosted in their on-premise infrastructure. Once the migration is over and that the application works with no issues, a full diversion to the AWS will be implemented. Which of the following steps will you do to satisfy this requirement?
You have an On-Demand EC2 instance located in a subnet in AWS which hosts a web application. The security group attached to this EC2 instance has the following Inbound Rules:
Larger image
The Route table attached to the VPC is shown below. You can do a SSH connection into the EC2 instance from the internet. However, you are not able to connect to the web server using your Chrome browser.
Larger image
Which of the below steps would resolve the issue?
You have an On-Demand EC2 instance located in a subnet in AWS which hosts a web application. The security group attached to this EC2 instance has the following Inbound Rules:
Larger image
The Route table attached to the VPC is shown below. You can do a SSH connection into the EC2 instance from the internet. However, you are not able to connect to the web server using your Chrome browser.
Larger image
Which of the below steps would resolve the issue?
Which Amazon service can you use to define a virtual network which closely resembles a traditional data center?
Which Amazon service can you use to define a virtual network which closely resembles a traditional data center?
A tech company wants to create standard templates for deployment of their Infrastructure. You told them about an AWS service called CloudFormation which can meet their needs but they are hesitant about the cost.
As a Solutions Architect, what advise can you give to them with regards to the cost?
A tech company wants to create standard templates for deployment of their Infrastructure. You told them about an AWS service called CloudFormation which can meet their needs but they are hesitant about the cost.
As a Solutions Architect, what advise can you give to them with regards to the cost?
What AWS services should you use to implement a fault-tolerant, highly available architecture? (Choose 2)
What AWS services should you use to implement a fault-tolerant, highly available architecture? (Choose 2)
Your company has a web-based ticketing service that utilizes Amazon SQS and a fleet of EC2 instances. The EC2 instances that consume messages from the SQS queue are configured to poll the queue as often as possible to keep end-to-end throughput as high as possible. You noticed that polling the queue in tight loops is using unnecessary CPU cycles, resulting to increased operational costs due to empty responses.
In this scenario, what will you do to make the system more cost-effective?
Your company has a web-based ticketing service that utilizes Amazon SQS and a fleet of EC2 instances. The EC2 instances that consume messages from the SQS queue are configured to poll the queue as often as possible to keep end-to-end throughput as high as possible. You noticed that polling the queue in tight loops is using unnecessary CPU cycles, resulting to increased operational costs due to empty responses.
In this scenario, what will you do to make the system more cost-effective?
You have just launched a new API Gateway service in AWS. In what type of protocol will your API endpoint be exposed?
You have just launched a new API Gateway service in AWS. In what type of protocol will your API endpoint be exposed?
Which of the following is a valid bucket name on Amazon S3?
Which of the following is a valid bucket name on Amazon S3?
You are instructed by your manager to create a publicly accessible EC2 instance by using an Elastic IP (EIP) address and also to give him a report on how much it will cost to use that EIP.
Which of the following statements is correct regarding the pricing of EIP?
You are instructed by your manager to create a publicly accessible EC2 instance by using an Elastic IP (EIP) address and also to give him a report on how much it will cost to use that EIP.
Which of the following statements is correct regarding the pricing of EIP?
Which AWS service will you use to monitor all API calls to your EC2 instance?
Which AWS service will you use to monitor all API calls to your EC2 instance?
Which of the following is needed in order to access an EC2 instance from the Internet? (Choose 3)
Which of the following is needed in order to access an EC2 instance from the Internet? (Choose 3)
You are designing a social media website for a startup company and the founders want to know the ways to mitigate distributed denial-of-service (DDoS) attacks to their website.
Which of the following are viable mitigation techniques? (Choose 3)
You are designing a social media website for a startup company and the founders want to know the ways to mitigate distributed denial-of-service (DDoS) attacks to their website.
Which of the following are viable mitigation techniques? (Choose 3)
You are working for a large financial firm and you are instructed to set up a Linux bastion host. It will allow access to the Amazon EC2 instances running in their VPC. For security purposes, only the clients connecting from the corporate external public IP address 175.45.116.100 should have SSH access to the host.
Which is the best option that can meet the customer's requirement?
You are working for a large financial firm and you are instructed to set up a Linux bastion host. It will allow access to the Amazon EC2 instances running in their VPC. For security purposes, only the clients connecting from the corporate external public IP address 175.45.116.100 should have SSH access to the host.
Which is the best option that can meet the customer's requirement?
A mobile application stores pictures in Amazon Simple Storage Service (S3) and allows application sign-in using an OpenID Connect-compatible identity provider.
Which AWS Security Token Service approach to temporary access should you use for this scenario?
A mobile application stores pictures in Amazon Simple Storage Service (S3) and allows application sign-in using an OpenID Connect-compatible identity provider.
Which AWS Security Token Service approach to temporary access should you use for this scenario?
You are working for a large bank that is developing a web application that receives large amounts of data. They are using the data to generate a report for their stockbrokers to use on a daily basis. Unfortunately, a recent financial crisis has left the bank short on cash and cannot afford to purchase expensive storage hardware. They had resorted to use AWS instead.
Which is the best service to use in order to store a virtually unlimited amount of data without any effort to scale when demand unexpectedly increases?
You are working for a large bank that is developing a web application that receives large amounts of data. They are using the data to generate a report for their stockbrokers to use on a daily basis. Unfortunately, a recent financial crisis has left the bank short on cash and cannot afford to purchase expensive storage hardware. They had resorted to use AWS instead.
Which is the best service to use in order to store a virtually unlimited amount of data without any effort to scale when demand unexpectedly increases?
In your VPC, you have a Classic Load Balancer distributing traffic to six EC2 instances that are evenly spread across two Availability Zones. However, you realize that only half of your EC2 instances are actually receiving traffic.
In your VPC, you have a Classic Load Balancer distributing traffic to six EC2 instances that are evenly spread across two Availability Zones. However, you realize that only half of your EC2 instances are actually receiving traffic.
Which type of networking connection in AWS allows you to connect two Virtual Private Cloud networks?
Which type of networking connection in AWS allows you to connect two Virtual Private Cloud networks?
What are the valid use case scenarios to use Enhanced Networking? (Choose 2)
What are the valid use case scenarios to use Enhanced Networking? (Choose 2)
You are a Solutions Architect for a major TV network. They have a web application running on eight Amazon EC2 instances, consuming about 55% of resources on each instance. You are using Auto Scaling to make sure that eight instances are running at all times. The number of requests that this application processes are consistent and do not experience spikes. Your manager instructed you to ensure high availability of this web application at all times to avoid any loss of revenue. You want the load to be distributed evenly between all instances. You also want to use the same Amazon Machine Image (AMI) for all EC2 instances.
How will you be able to achieve this?
You are a Solutions Architect for a major TV network. They have a web application running on eight Amazon EC2 instances, consuming about 55% of resources on each instance. You are using Auto Scaling to make sure that eight instances are running at all times. The number of requests that this application processes are consistent and do not experience spikes. Your manager instructed you to ensure high availability of this web application at all times to avoid any loss of revenue. You want the load to be distributed evenly between all instances. You also want to use the same Amazon Machine Image (AMI) for all EC2 instances.
How will you be able to achieve this?
Which of the following can be used as an origin server in Amazon CloudFront? (Choose 3)
Which of the following can be used as an origin server in Amazon CloudFront? (Choose 3)
A tech company is running two production web servers hosted on Reserved EC2 instances with EBS-backed root volumes. These instances have a consistent CPU load of 90%. Traffic is being distributed to these instances by an Elastic Load Balancer. In addition, they also have Multi-AZ RDS MySQL databases for their production, test, and development environments.
What recommendation would you make to reduce cost in this AWS environment without affecting availability and performance of mission critical systems? Choose the best answer.
A tech company is running two production web servers hosted on Reserved EC2 instances with EBS-backed root volumes. These instances have a consistent CPU load of 90%. Traffic is being distributed to these instances by an Elastic Load Balancer. In addition, they also have Multi-AZ RDS MySQL databases for their production, test, and development environments.
What recommendation would you make to reduce cost in this AWS environment without affecting availability and performance of mission critical systems? Choose the best answer.
You are consulted by a multimedia company that needs to deploy web services to an AWS region which they have not used before. The company currently has an IAM role for their Amazon EC2 instance which permits the instance to access Amazon DynamoDB. They want their EC2 instances in the new region to have the exact same privileges. What should you do to accomplish this?
You are consulted by a multimedia company that needs to deploy web services to an AWS region which they have not used before. The company currently has an IAM role for their Amazon EC2 instance which permits the instance to access Amazon DynamoDB. They want their EC2 instances in the new region to have the exact same privileges. What should you do to accomplish this?
You are working for a computer animation film studio that has a web application running on an Amazon EC2 instance. It uploads 5 GB video objects to an Amazon S3 bucket. Video uploads are taking longer than expected, which impacts the performance of your application.
Which method will help improve performance of your application
You are working for a computer animation film studio that has a web application running on an Amazon EC2 instance. It uploads 5 GB video objects to an Amazon S3 bucket. Video uploads are taking longer than expected, which impacts the performance of your application.
Which method will help improve performance of your application
You are working for a top IT consultancy and one of your clients asked you how to properly secure their AWS infrastructure. They have a VPC with two On-Demand EC2 instances with Elastic IP addresses which recently were under SSH brute force attacks over the Internet. Their IT Security team has identified the IP Addresses where these attacks originated.
What should you do to fix this security vulnerability?
You are working for a top IT consultancy and one of your clients asked you how to properly secure their AWS infrastructure. They have a VPC with two On-Demand EC2 instances with Elastic IP addresses which recently were under SSH brute force attacks over the Internet. Their IT Security team has identified the IP Addresses where these attacks originated.
What should you do to fix this security vulnerability?
You have EC2 instances running on your VPC. You have both UAT and production EC2 instances running. You want to ensure that employees who are responsible for the UAT instances don’t have the access to work on the production instances to minimize security risks.
Which of the following would be the best way to achieve this?
You have EC2 instances running on your VPC. You have both UAT and production EC2 instances running. You want to ensure that employees who are responsible for the UAT instances don’t have the access to work on the production instances to minimize security risks.
Which of the following would be the best way to achieve this?
You have a web application hosted in AWS cloud where the application logs are sent to Amazon CloudWatch. Lately, the web application has recently been encountering some errors which can be resolved simply by restarting the instance.
What will you do to automatically restart the EC2 instances whenever the same application error occurs?
You have a web application hosted in AWS cloud where the application logs are sent to Amazon CloudWatch. Lately, the web application has recently been encountering some errors which can be resolved simply by restarting the instance.
What will you do to automatically restart the EC2 instances whenever the same application error occurs?
By default, what happens to your data when an EC2 instance created terminates? (Choose 3)
By default, what happens to your data when an EC2 instance created terminates? (Choose 3)
Which of the following is not a benefit of Auto Scaling?
Which of the following is not a benefit of Auto Scaling?
What can be used for EC2 instances in a private subnet to connect to the internet?
What can be used for EC2 instances in a private subnet to connect to the internet?
You are working as a solutions architect for a tech company where you are instructed to build a web architecture using On-Demand EC2 instances and a database in AWS. However, due to budget constraints, the company instructed you to choose a database service in which they no longer need to worry about database management tasks such as hardware or software provisioning, setup, configuration, scaling and backups.
Which database service in AWS is best to use in this scenario?
You are working as a solutions architect for a tech company where you are instructed to build a web architecture using On-Demand EC2 instances and a database in AWS. However, due to budget constraints, the company instructed you to choose a database service in which they no longer need to worry about database management tasks such as hardware or software provisioning, setup, configuration, scaling and backups.
Which database service in AWS is best to use in this scenario?
In Amazon RDS, database snapshots and automated backups are stored in:
In Amazon RDS, database snapshots and automated backups are stored in:
You are unable to connect to your Spot EC2 instance via SSH. Which of the following should you check and possibly correct to restore connectivity?
You are unable to connect to your Spot EC2 instance via SSH. Which of the following should you check and possibly correct to restore connectivity?
The game development company that you are working for has an Amazon VPC with a public subnet. It has 4 EC2 instances that are deployed in the public subnet. These 4 instances can successfully communicate with other hosts on the Internet. You launched a fifth instance in the same public subnet, using the same AMI and security group configuration that you used for the others. However, this new instance cannot be accessed from the internet unlike the other instance.
What should you do to enable access to the fifth instance over the Internet?
The game development company that you are working for has an Amazon VPC with a public subnet. It has 4 EC2 instances that are deployed in the public subnet. These 4 instances can successfully communicate with other hosts on the Internet. You launched a fifth instance in the same public subnet, using the same AMI and security group configuration that you used for the others. However, this new instance cannot be accessed from the internet unlike the other instance.
What should you do to enable access to the fifth instance over the Internet?
You are a Solutions Architect of a tech company. You are having an issue whenever you try to connect to your newly created EC2 instance using a Remote Desktop connection from your computer. Upon checking, you have verified that the instance has a public IP and the Internet gateway and route tables are in place.
What else should you do for you to resolve this issue?
You are a Solutions Architect of a tech company. You are having an issue whenever you try to connect to your newly created EC2 instance using a Remote Desktop connection from your computer. Upon checking, you have verified that the instance has a public IP and the Internet gateway and route tables are in place.
What else should you do for you to resolve this issue?
A tech company is currently using Amazon Simple Workflow (SWF) service with a default configuration for their order processing system. The system works fine but you noticed that some of the orders seem to be stuck for almost 4 weeks.
What could be the possible reason for this?
A tech company is currently using Amazon Simple Workflow (SWF) service with a default configuration for their order processing system. The system works fine but you noticed that some of the orders seem to be stuck for almost 4 weeks.
What could be the possible reason for this?
Your company would like to store their old yet confidential corporate files that are infrequently accessed. What cost-efficient solution in AWS should you recommend?
Your company would like to store their old yet confidential corporate files that are infrequently accessed. What cost-efficient solution in AWS should you recommend?
You have a web-based order processing system which is currently using a queue in Amazon SQS. The support team noticed that there are a lot of cases where an order was processed twice. This issue has caused a lot of trouble in your processing and made your customers very unhappy. Your IT Manager has asked you to ensure that this issue does not happen again.
What can you do to prevent this from happening again in the future?
You have a web-based order processing system which is currently using a queue in Amazon SQS. The support team noticed that there are a lot of cases where an order was processed twice. This issue has caused a lot of trouble in your processing and made your customers very unhappy. Your IT Manager has asked you to ensure that this issue does not happen again.
What can you do to prevent this from happening again in the future?
What will happen if you disabled the automated backups for AWS RDS?
What will happen if you disabled the automated backups for AWS RDS?
You have an Auto Scaling group which is configured to launch new t2.micro EC2 instances when there is a significant load increase in the application. To cope with the demand, you now need to replace those instances with a larger t2.2xlarge instance type. How would you implement this change?
You have an Auto Scaling group which is configured to launch new t2.micro EC2 instances when there is a significant load increase in the application. To cope with the demand, you now need to replace those instances with a larger t2.2xlarge instance type. How would you implement this change?
In AWS Lambda, what can you use to manage your functions? (Choose 3)
In AWS Lambda, what can you use to manage your functions? (Choose 3)
You are working for a large insurance firm that has a requirement to store miscellaneous data in AWS that are not frequently accessed. If data recovery time is not an issue, which of the following is the best and most cost-efficient solution that will fulfill this requirement?
You are working for a large insurance firm that has a requirement to store miscellaneous data in AWS that are not frequently accessed. If data recovery time is not an issue, which of the following is the best and most cost-efficient solution that will fulfill this requirement?
In EBS encryption, what service does AWS use to secure the volume's data? (Choose 2)
In EBS encryption, what service does AWS use to secure the volume's data? (Choose 2)
You need an automated way to install the latest version of Node.js and Node Package Manager (NPM) on a Linux instance when the EC2 instance is launched.
Which feature in AWS allows you to accomplish this requirement?
You need an automated way to install the latest version of Node.js and Node Package Manager (NPM) on a Linux instance when the EC2 instance is launched.
Which feature in AWS allows you to accomplish this requirement?
You are working for a tech company that is using a lot of EBS volumes in their EC2 instances. An incident occurred that requires you to delete the EBS volumes and then re-create them again.
What step should you do before you delete the EBS volumes?
You are working for a tech company that is using a lot of EBS volumes in their EC2 instances. An incident occurred that requires you to delete the EBS volumes and then re-create them again.
What step should you do before you delete the EBS volumes?
You are working for a large global media company with multiple office locations all around the world. You are instructed to build a system to distribute training videos to all employees. Using CloudFront, what method would be used to serve content that is stored in S3, but not publicly accessible from S3 directly?
You are working for a large global media company with multiple office locations all around the world. You are instructed to build a system to distribute training videos to all employees. Using CloudFront, what method would be used to serve content that is stored in S3, but not publicly accessible from S3 directly?
All Amazon EC2 instances are assigned 2 IP addresses at launch. Which of these two addresses can only be reached from within the Amazon EC2 network?
All Amazon EC2 instances are assigned 2 IP addresses at launch. Which of these two addresses can only be reached from within the Amazon EC2 network?
What is the best definition of an SQS message?
What is the best definition of an SQS message?