Chapter 1 - Compute: Amazon EC2, Auto Scaling, AWS Lambda, AWS Elastic Beanstalk, Amazon Elastic Container Service, AWS Fargate

Question 1

Q1. What are features of EC2?

1. Virtual computing environments, instances with Preconfigured templates known as Amazon Machine Images (AMIs)
2. Various configurations of CPU, memory, storage, and networking capacity for your instances, known as instance types
3. Provides temporary or permanent Storage volumes known as instance store volumes or Amazon EBS volumes
4. All of the above

Answer 1

1. Virtual computing environments, instances with Preconfigured templates known as Amazon Machine Images (AMIs)
2. Various configurations of CPU, memory, storage, and networking capacity for your instances, known as instance types
3. Provides temporary or permanent Storage volumes known as instance store volumes or Amazon EBS volumes
4. All of the above

Question 2

Q2. Which of the following is required to launch a new EC2 instance? Choose 2.

1. Root or IAM Admin user access keys
2. EC2 instance type
3. Linux or Windows license
4. Amazon Machine Image ( AMI)

Answer 2

1. Root or IAM Admin user access keys
2. EC2 instance type
3. Linux or Windows license
4. Amazon Machine Image ( AMI)

Question 3

Q3. What does an Amazon Machine Image (AMI) Include? Choose 3.

1. Instance Type
2. One or more EBS snapshots, or, for instance-store-backed AMIs, a template for the root volume of the instance (for example, an operating system, an application server, and applications).
3. Launch permissions that control which AWS accounts can use the AMI to launch instances.
4. A block device mapping that specifies the volumes to attach to the instance when it’s launched

Answer 3

1. Instance Type
2. One or more EBS snapshots, or, for instance-store-backed AMIs, a template for the root volume of the instance (for example, an operating system, an application server, and applications).
3. Launch permissions that control which AWS accounts can use the AMI to launch instances.
4. A block device mapping that specifies the volumes to attach to the instance when it’s launched

Question 4

What are the two root device option for AMI to launch EC2 instance?

1. AMIs backed by S3
2. AMIs backed by Amazon EC2 instance store
3. AMIs backed by Amazon EBS
4. AMIs backed by DynamoDB

Answer 4

1. AMIs backed by S3
2. AMIs backed by Amazon EC2 instance store
3. AMIs backed by Amazon EBS
4. AMIs backed by DynamoDB

Question 5

Which of the following statements are true for data persistence of EC2 root device volume? Choose 2.

1. Data on any instance store volumes always persists only during the life of the instance.
2. By default, data of the EBS root volume is deleted when the instance terminates but it can be changed to persist.
3. Data on any EBS root volumes always persists only during the life of the instance.
4. By default, data of the EBS root volume is not deleted when the instance terminates but it can be changed to be deleted.

Answer 5

1. Data on any instance store volumes always persists only during the life of the instance.
2. By default, data of the EBS root volume is deleted when the instance terminates but it can be changed to persist.
3. Data on any EBS root volumes always persists only during the life of the instance.
4. By default, data of the EBS root volume is not deleted when the instance terminates but it can be changed to be deleted.

Question 6

By default, the root device volume for an AMI backed by Amazon EBS is deleted when the instance terminates. How this behavior can be changed?

1. Set the DoNotDeleteOnTermination attribute to true
2. Set the DoNotDeleteOnTermination attribute to false
3. Set the DeleteOnTermination attribute to true
4. Set the DeleteOnTermination attribute to false

Answer 6

1. Set the DoNotDeleteOnTermination attribute to true
2. Set the DoNotDeleteOnTermination attribute to false
3. Set the DeleteOnTermination attribute to true
4. Set the DeleteOnTermination attribute to false

Question 7

What are the characteristics based on which you choose the AMI? Choose 2.

1. Region, Operating system, Architecture (32-bit or 64-bit)
2. Operating system, Architecture (32-bit or 64-bit)
3. Launch Permissions
4. Launch Permissions, Storage for the Root Device- EBS/Instance

Answer 7

1. Region, Operating system, Architecture (32-bit or 64-bit)
2. Operating system, Architecture (32-bit or 64-bit)
3. Launch Permissions
4. Launch Permissions, Storage for the Root Device- EBS/Instance

Question 8

What are three different type of launch permissions for AMI?

1. Public: The owner grants launch permissions to all AWS accounts.
2. Explicit: The owner grants launch permissions to specific AWS accounts.
3. Implicit: ​The owner has implicit launch permissions for an AMI.
4. Private: The owner grants launch permissions to specific AWS accounts.

Answer 8

1. Public: The owner grants launch permissions to all AWS accounts.
2. Explicit: The owner grants launch permissions to specific AWS accounts.
3. Implicit: ​The owner has implicit launch permissions for an AMI.
4. Private: The owner grants launch permissions to specific AWS accounts.

Question 9

You can convert your Instance Store-Backed Linux AMI to an Amazon EBS-Backed Linux AMI.

1. True
2. False

Answer 9

1. True
2. False

Question 10

You can convert an instance store-backed Windows AMI to an Amazon EBS-backed Windows AMI.

1. True
2. False

Answer 10

1. True
2. False

Question 11

To launch EC2 instances, you are using AMIs that are backed by Amazon EBS snapshots. Amazon EC2 instances are launched from AMIs using the RunInstances action with encryption parameters supplied through block device mapping, either by means of the AWS Management Console or directly using the Amazon EC2 API or CLI. In the scenario of Launch with no encryption parameters, which of the following three statements are correct?

1. An unencrypted snapshot is restored to an unencrypted volume, unless encryption by default is enabled, in which case all the newly created volumes will be encrypted.
2. An encrypted snapshot that you own is restored to a volume that is encrypted to the same CMK.
3. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted to original AMI owner’s AWS account’s default CMK.
4. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted to your AWS account’s default CMK.

Answer 11

1. An unencrypted snapshot is restored to an unencrypted volume, unless encryption by default is enabled, in which case all the newly created volumes will be encrypted.
2. An encrypted snapshot that you own is restored to a volume that is encrypted to the same CMK.
3. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted to original AMI owner’s AWS account’s default CMK.
4. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted to your AWS account’s default CMK.

Question 12

To launch EC2 instances, you are using AMIs that are backed by Amazon EBS snapshots. Amazon EC2 instances are launched from AMIs using the action with encryption parameters supplied through block device mapping, either by means of the AWS Management Console or directly using the Amazon EC2 API or CLI. In the scenario of Launch with Encrypted set, but no KmsKeyId specified, which of the following three statements are correct?

An unencrypted snapshot is restored to an EBS volume that is encrypted by your AWS account’s default CMK.

1. An encrypted snapshot that you own is restored to an EBS volume encrypted by the same CMK.
2. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted by your AWS account’s default CMK.
3. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted to original AMI owner’s AWS account’s default CMK.
4. An unencrypted snapshot is restored to an unencrypted volume.

Answer 12

1. An encrypted snapshot that you own is restored to an EBS volume encrypted by the same CMK.
2. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted by your AWS account’s default CMK.
3. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted to original AMI owner’s AWS account’s default CMK.
4. An unencrypted snapshot is restored to an unencrypted volume.

Question 13

To launch EC2 instances, you are using AMIs that are backed by Amazon EBS snapshots. Amazon EC2 instances are launched from AMIs using the action with encryption parameters supplied through block device mapping, either by means of the AWS Management Console or directly using the Amazon EC2 API or CLI. In the scenario of Launch with Encrypted set and also KmsKeyId specified, which of the following two statements are correct?

1. An unencrypted snapshot is restored to an unencrypted volume.
2. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted to original AMI owner’s AWS account’s default CMK.
3. An unencrypted snapshot is restored to an EBS volume encrypted by the specified CMK.
4. An encrypted snapshot is restored to an EBS volume encrypted not to the original CMK, but instead to the specified CMK.

Answer 13

1. An unencrypted snapshot is restored to an unencrypted volume.
2. An encrypted snapshot that you do not own (i.e., the AMI is shared with you) is restored to a volume that is encrypted to original AMI owner’s AWS account’s default CMK.
3. An unencrypted snapshot is restored to an EBS volume encrypted by the specified CMK.
4. An encrypted snapshot is restored to an EBS volume encrypted not to the original CMK, but instead to the specified CMK.

Question 14

Which of the following Source-Target encryption scenario is not supported when copying AMI?

1. Unencrypted-to-unencrypted
2. Encrypted-to-encrypted
3. Unencrypted-to-encrypted
4. Encrypted-to-unencrypted

Answer 14

1. Unencrypted-to-unencrypted
2. Encrypted-to-encrypted
3. Unencrypted-to-encrypted
4. Encrypted-to-unencrypted

Question 15

You have developed a web application and plan to deploy it in your VPC in us-west region. Your VPC has three subnets mapped to three availability zones: us-west-1a, us-west-1b, us-west-1c. How many minimum web server instances should you deploy in each of three AZ so that you have at least six instances running in case one of AZ goes down within minimum cost?

1. Six in us-west-1a, six in us-west-1b, six in us-west-1c.
2. Three in us-west-1a, three in us-west-1b, three in us-west-1c.
3. Two in us-west-1a, two in us-west-1b, four in us-west-1c.
4. Four in us-west-1a, two in us-west-1b, four in us-west-1c.

Answer 15

1. Six in us-west-1a, six in us-west-1b, six in us-west-1c.
2. Three in us-west-1a, three in us-west-1b, three in us-west-1c.
3. Two in us-west-1a, two in us-west-1b, four in us-west-1c.
4. Four in us-west-1a, two in us-west-1b, four in us-west-1c.

Question 16

What are benefits of enabling enhanced networking on your Linux instance type? Choose 3.

1. lower I/O performance and higher CPU utilization when compared to traditional virtualized network
   Interfaces
2. higher I/O performance and lower CPU utilization when compared to traditional virtualized Network interfaces
3. higher bandwidth, higher packet per second (PPS) performance, and consistently Lower inter-instance latencies
4. There is no additional charge for using enhanced networking.

Answer 16

1. lower I/O performance and higher CPU utilization when compared to traditional virtualized network
   Interfaces
2. higher I/O performance and lower CPU utilization when compared to traditional virtualized Network interfaces
3. higher bandwidth, higher packet per second (PPS) performance, and consistently Lower inter-instance latencies
4. There is no additional charge for using enhanced networking.

Question 17

Which of the following is not a type of EC2 placement group?

1. Cluster
2. Spread
3. Partition
4. Enhanced

Answer 17

1. Cluster
2. Spread
3. Partition
4. Enhanced

Question 18

What are the two steps you will take regarding your instances if your application requirement is low network latency, high network throughput, majority of the network traffic is between the instances in the group and require highest packet-per-second network Performance? Choose 2.

1. Use Cluster placement groups
2. Use Spread Placement groups
3. Choose an instance type that supports enhanced networking
4. Choose an instance type that supports performance networking

Answer 18

1. Use Cluster placement groups
2. Use Spread Placement groups
3. Choose an instance type that supports enhanced networking
4. Choose an instance type that supports performance networking

Question 19

Which placement groups can be used to deploy large distributed and replicated workloads, such as HDFS, HBase, and Cassandra, across distinct racks?

1. Use Cluster placement groups
2. Use Spread Placement groups
3. Use Partition Placement groups
4. Use Container Placement groups

Answer 19

1. Use Cluster placement groups
2. Use Spread Placement groups
3. Use Partition Placement groups
4. Use Container Placement groups

Question 20

Which placement groups are recommended for applications that have a small number of critical instances that should be kept separate from each other?

1. Use Cluster placement groups
2. Use Spread Placement groups
3. Use Partition Placement groups
4. Use Container Placement groups

Answer 20

1. Use Cluster placement groups
2. Use Spread Placement groups
3. Use Partition Placement groups
4. Use Container Placement groups

Question 21

How can you connect to your Linux EC2 instance from your local computer? Choose 3.

1. Local Computer is Linux, use SSH to connect to Linux EC2 instance.
2. Local Computer is windows, use SSH to connect to Linux EC2 instance.
3. Local Computer is windows, use Putty to connect to Linux EC2 instance.
4. Local Computer is Linux, use Putty to connect to Linux EC2 instance.

Answer 21

1. Local Computer is Linux, use SSH to connect to Linux EC2 instance.
2. Local Computer is windows, use SSH to connect to Linux EC2 instance.
3. Local Computer is windows, use Putty to connect to Linux EC2 instance.
4. Local Computer is Linux, use Putty to connect to Linux EC2 instance.

Question 22

Which of the following statements are correct when you stop an EC2 instance? Choose 2.

1. You can only stop an instance store-backed instance and not EBS-backed instance.
2. You can only stop an EBS-backed instance and not an instance store-backed instance.
3. Any Amazon EBS volumes remain attached to the instance, and their data persists. Any data stored in the RAM of the host computer or the instance store volumes of the host computer is gone.
4. Any Amazon instance volumes remain attached to the instance, and their data persists. Any data stored in the RAM of the host computer or the instance store volumes of the host computer is persisted.

Answer 22

1. You can only stop an instance store-backed instance and not EBS-backed instance.
2. You can only stop an EBS-backed instance and not an instance store-backed instance.
3. Any Amazon EBS volumes remain attached to the instance, and their data persists. Any data stored in the RAM of the host computer or the instance store volumes of the host computer is gone.
4. Any Amazon instance volumes remain attached to the instance, and their data persists. Any data stored in the RAM of the host computer or the instance store volumes of the host computer is persisted.

Question 23

Which of the following statements are correct when you stop an EC2 instance? Choose 2.

1. The instance retains its private IPv4 addresses and any IPv6 addresses when stopped and restarted. AWS releases the public IPv4 address and assign a new one when you restart it.
2. The instance retains its associated Elastic IP addresses. You’re charged for any Elastic IP addresses associated with a stopped instance.
3. The instance doesn’t retains its private IPv4 addresses and any IPv6 addresses when stopped and restarted. AWS releases the public IPv4 address and assign a new one when you restart it.
4. The instance retains its associated Elastic IP addresses. You’re not charged for any Elastic IP addresses associated with a stopped instance.

Answer 23

1. The instance retains its private IPv4 addresses and any IPv6 addresses when stopped and restarted. AWS releases the public IPv4 address and assign a new one when you restart it.
2. The instance retains its associated Elastic IP addresses. You’re charged for any Elastic IP addresses associated with a stopped instance.
3. The instance doesn’t retains its private IPv4 addresses and any IPv6 addresses when stopped and restarted. AWS releases the public IPv4 address and assign a new one when you restart it.
4. The instance retains its associated Elastic IP addresses. You’re not charged for any Elastic IP addresses associated with a stopped instance.

Question 24

Which of the following is true about Elastic Ip Address? Choose 3.

1. To use an Elastic IP address, you first allocate one to your account, and then associate it with your instance or a network interface.
2. An Elastic IP address is a private IPv4 address in subnet, which is not reachable from the internet.
3. With an Elastic IP address, you can mask the failure of an instance or software by rapidly remapping the address to another instance in your account.
4. An Elastic IP address is a public IPv4 address, which is reachable from the internet.

Answer 24

1. To use an Elastic IP address, you first allocate one to your account, and then associate it with your instance or a network interface.
2. An Elastic IP address is a private IPv4 address in subnet, which is not reachable from the internet.
3. With an Elastic IP address, you can mask the failure of an instance or software by rapidly remapping the address to another instance in your account.
4. An Elastic IP address is a public IPv4 address, which is reachable from the internet.

Question 25

Which of the following is true about Elastic Ip Address? Choose 4.

1. You can disassociate an Elastic IP address from a resource, and reassociate it with a different resource.
2. You are not charged if an Elastic IP address is not associated with a running instance, or if it is associated with a stopped instance or an unattached network interface.
3. A disassociated Elastic IP address remains allocated to your account until you explicitly release it.
4. Small hourly price is charged if an Elastic IP address is not associated with a running instance, or if it is associated with a stopped instance or an unattached network interface.
5. While your instance is running, you are not charged for one Elastic IP address associated with the instance, but you are charged for any additional Elastic IP addresses associated with the instance

Answer 25

1. You can disassociate an Elastic IP address from a resource, and reassociate it with a different resource.
2. You are not charged if an Elastic IP address is not associated with a running instance, or if it is associated with a stopped instance or an unattached network interface.
3. A disassociated Elastic IP address remains allocated to your account until you explicitly release it.
4. Small hourly price is charged if an Elastic IP address is not associated with a running instance, or if it is associated with a stopped instance or an unattached network interface.
5. While your instance is running, you are not charged for one Elastic IP address associated with the instance, but you are charged for any additional Elastic IP addresses associated with the instance

Question 26

You have developed a web application and plan to deploy it in your VPC in us-west region. Your VPC has three subnets mapped to three availability zones: us-west-1a, us-west-1b, us-west-1c. Your application requires in normal scenario nine servers but can run on a minimum 66 percent capacity. How many web server instances should you deploy in each of three AZ so that you can meet the above availability requirements in a cost effective way?

1. Six in us-west-1a, six in us-west-1b, six in us-west-1c.
2. Two in us-west-1a, two in us-west-1b, four in us-west-1c.
3. Four in us-west-1a, four in us-west-1b, four in us-west-1c.
4. Three in us-west-1a, three in us-west-1b, three in us-west-1c.

Answer 26

1. Six in us-west-1a, six in us-west-1b, six in us-west-1c.
2. Two in us-west-1a, two in us-west-1b, four in us-west-1c.
3. Four in us-west-1a, four in us-west-1b, four in us-west-1c.
4. Three in us-west-1a, three in us-west-1b, three in us-west-1c.

Question 27

Which of the following statement are correct when you hibernate an EC2 Linux instance? Choose 4.

1. Any Amazon EBS volumes remain attached to the instance, and their data persists, the contents of the RAM are not saved.
2. Operating system performs hibernation (suspend-to-disk), which freezes all the processes, saves the contents of the RAM to the Amazon EBS root volume, and then performs a regular shutdown.
3. Any Amazon EBS volumes remain attached to the instance, and their data persists, including the saved contents of the RAM.
4. When you restart the instance, the instance boots up and the operating system reads in the contents of the RAM from the Amazon EBS root volume before unfreezing processes to resume its state.
5. The instance retains its private IPv4 addresses and any IPv6 addresses when hibernated and started. We release the public IPv4 address and assign a new one when you start it.

Answer 27

1. Any Amazon EBS volumes remain attached to the instance, and their data persists, the contents of the RAM are not saved.
2. Operating system performs hibernation (suspend-to-disk), which freezes all the processes, saves the contents of the RAM to the Amazon EBS root volume, and then performs a regular shutdown.
3. Any Amazon EBS volumes remain attached to the instance, and their data persists, including the saved contents of the RAM.
4. When you restart the instance, the instance boots up and the operating system reads in the contents of the RAM from the Amazon EBS root volume before unfreezing processes to resume its state.
5. The instance retains its private IPv4 addresses and any IPv6 addresses when hibernated and started. We release the public IPv4 address and assign a new one when you start it.

Question 28

What is an elastic network interface? Choose 3.

1. A logical networking component in a VPC that represents a virtual network card.
2. You cannot create and configure network interfaces in your account and attach them to instances in your VPC.
3. You can create and configure network interfaces in your account and attach them to instances in your VPC.
4. A network interface can have a primary private IPv4 address attribute from the IPv4 address range of your VPC.

Answer 28

1. A logical networking component in a VPC that represents a virtual network card.
2. You cannot create and configure network interfaces in your account and attach them to instances in your VPC.
3. You can create and configure network interfaces in your account and attach them to instances in your VPC.
4. A network interface can have a primary private IPv4 address attribute from the IPv4 address range of your VPC.

Question 29

Which of the following is not a metrics sent by EC2 instance to cloudwatch?

1. CPUUtilization
2. DiskReadOps
3. NetworkIn
4. MemoryUtilization
5. EBSReadOps

Answer 29

1. CPUUtilization
2. DiskReadOps
3. NetworkIn
4. MemoryUtilization
5. EBSReadOps

Question 30

What are the benefits of assigning multiple private ip addresses to an EC2 instance?

1. Host multiple websites on a single server by using multiple SSL certificates on a single server and associating each certificate with a specific IP address.
2. Operate network appliances, such as firewalls or load balancers that have multiple IP addresses for each network interface.
3. Redirect internal traffic to a standby instance in case your instance fails, by reassigning the secondary IP address to the standby instance.
4. All of the above

Answer 30

1. Host multiple websites on a single server by using multiple SSL certificates on a single server and associating each certificate with a specific IP address.
2. Operate network appliances, such as firewalls or load balancers that have multiple IP addresses for each network interface.
3. Redirect internal traffic to a standby instance in case your instance fails, by reassigning the secondary IP address to the standby instance.
4. All of the above

Question 31

Choose two correct statements highlighting the difference between Amazon EBS-Backed AMI and Amazon Instance Store-Backed AMI?

1. Size limit for a root device: EBS-Backed AMI = 16 TiB, Instance Store-Backed AMI= 10 GB
2. Size limit for a root device: EBS-Backed AMI =10 GB, Instance Store-Backed AMI= 16 TiB
3. Modifications: EBS-Backed AMI = the instance type, kernel, RAM disk, and user data can be changed while the instance is stopped, Instance Store-Backed AMI= Instance attributes are fixed for the life of an instance.
4. Modifications: Instance Store -Backed AMI = the instance type, kernel, RAM disk, and user data can be changed while

Answer 31

1. Size limit for a root device: EBS-Backed AMI = 16 TiB, Instance Store-Backed AMI= 10 GB
2. Size limit for a root device: EBS-Backed AMI =10 GB, Instance Store-Backed AMI= 16 TiB
3. Modifications: EBS-Backed AMI = the instance type, kernel, RAM disk, and user data can be changed while the instance is stopped, Instance Store-Backed AMI= Instance attributes are fixed for the life of an instance.
4. Modifications: Instance Store -Backed AMI = the instance type, kernel, RAM disk, and user data can be changed while

Question 32

Which storage provides temporary block-level storage for your instance and is ideal for temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content, or for data that is replicated across a fleet of instances, such as a load-balanced pool of web servers ?

1. S3
2. RDS
3. Instance Store
4. EBS

Answer 32

1. S3
2. RDS
3. Instance Store
4. EBS

Question 33

When the data in the instance store persists?

1. Never
2. The underlying disk drive fails
3. The instance stops
4. The instance terminates
5. The instance reboots (intentionally or unintentionally)

Answer 33

1. Never
2. The underlying disk drive fails
3. The instance stops
4. The instance terminates
5. The instance reboots (intentionally or unintentionally)

Question 34

What do you need to connect to a new Linux EC2 instance using SSH?

1. Root userid and password
2. IAM userid and password
3. Digital certificate
4. Using the private key of the key pair linked with EC2 instance

Answer 34

1. Root userid and password
2. IAM userid and password
3. Digital certificate
4. Using the private key of the key pair linked with EC2 instance

Question 35

Which of the following is not a benefit for copying an AMI across geographically diverse Regions?

1. Consistent global deployment: Copying an AMI from one Region to another enables you to launch consistent instances in different Regions based on the same AMI.
2. Scalability: You can more easily design and build global applications that meet the needs of your users, regardless of their location.
3. Performance: You can increase performance by distributing your application, as well as locating critical components of your application in closer proximity to your users. You can also take advantage of Region-specific features, such as instance types or other AWS services.
4. Cost Reduction : No charges for copying, data transfer or storage
5. High availability: You can design and deploy applications across AWS regions, to increase availability.

Answer 35

1. Consistent global deployment: Copying an AMI from one Region to another enables you to launch consistent instances in different Regions based on the same AMI.
2. Scalability: You can more easily design and build global applications that meet the needs of your users, regardless of their location.
3. Performance: You can increase performance by distributing your application, as well as locating critical components of your application in closer proximity to your users. You can also take advantage of Region-specific features, such as instance types or other AWS services.
4. Cost Reduction : No charges for copying, data transfer or storage
5. High availability: You can design and deploy applications across AWS regions, to increase availability.

Question 36

For an instance in your VPC, you have attached two security groups. One security group has a rule that allows access to TCP port 22 (SSH) from IP address 203.0.113.1 and another security group has a rule that allows access to TCP port 22 from everyone. Which of the following is correct?

1. Everyone has access to TCP port 22
2. Only IP address 203.0.113 will have access.
3. You cannot have two rules for same port for an instance.
4. No one will have access.

Answer 36

1. Everyone has access to TCP port 22
2. Only IP address 203.0.113 will have access.
3. You cannot have two rules for same port for an instance.
4. No one will have access.

Question 37

What are the different ways to achieve high EC2 networking bandwidth performance? Choose 3.

1. Use dedicated hosts
2. Configure your AMIs and your current-generation EC2 instances to use the Elastic Network Adapter (ENA) to get high GBPs performance
3. Put the instances in placement group
4. Enable enhanced networking on the instances

Answer 37

1. Use dedicated hosts
2. Configure your AMIs and your current-generation EC2 instances to use the Elastic Network Adapter (ENA) to get high GBPs performance
3. Put the instances in placement group
4. Enable enhanced networking on the instances

Question 38

Which of the following two statements are correct regarding encryption in Amazon EBS backed AMI?

1. Snapshots of both data and root volumes can be encrypted and attached to an AMI.
2. You can launch instances and copy images with full EBS encryption support.
3. Snapshots of both data and root volumes cannot be encrypted and attached to an AMI.
4. You cannot launch instances and copy images with full EBS encryption support.

Answer 38

1. Snapshots of both data and root volumes can be encrypted and attached to an AMI.
2. You can launch instances and copy images with full EBS encryption support.
3. Snapshots of both data and root volumes cannot be encrypted and attached to an AMI.
4. You cannot launch instances and copy images with full EBS encryption support.

Question 39

Amazon EC2 AMIs are copied using the CopyImage action, either through the AWS Management Console or directly using the Amazon EC2 API or CLI. The encryption parameters are Encrypted and KmsKeyId. Which of the following three statements are correct when you copy with no encryption parameters.

1. An unencrypted snapshot is copied to another unencrypted snapshot, unless encryption by default is enabled, in which case all the newly created snapshots will be encrypted.
2. An encrypted snapshot that you own is copied to a snapshot encrypted with the same key.
3. An encrypted snapshot that you do not own (that is, the AMI is shared with you) is copied to a snapshot that is encrypted to your AWS account’s default CMK.
4. An encrypted snapshot that you do not own (that is, the AMI is shared with you) is copied to a snapshot that is encrypted by original owner’s default CMK.

Answer 39

1. An unencrypted snapshot is copied to another unencrypted snapshot, unless encryption by default is enabled, in which case all the newly created snapshots will be encrypted.
2. An encrypted snapshot that you own is copied to a snapshot encrypted with the same key.
3. An encrypted snapshot that you do not own (that is, the AMI is shared with you) is copied to a snapshot that is encrypted to your AWS account’s default CMK.
4. An encrypted snapshot that you do not own (that is, the AMI is shared with you) is copied to a snapshot that is encrypted by original owner’s default CMK.

Question 40

Amazon EC2 AMIs are copied using the CopyImage action, either through the AWS Management Console or directly using the Amazon EC2 API or CLI. The encryption parameters are Encrypted and KmsKeyId. Which of the following three statements are correct when you copy with encryption parameters Encrypted set, but no KmsKeyId specified?

1. An unencrypted snapshot is copied to a snapshot encrypted to the AWS account’s default CMK.
2. An encrypted snapshot that you do not own (the AMI is shared with you) is copied to a snapshot that is encrypted by original owner’s default CMK.
3. An encrypted snapshot is copied to a snapshot encrypted to the same CMK.
4. An encrypted snapshot that you do not own (the AMI is shared with you) is copied to a volume that is encrypted to your AWS account’s default CMK.

Answer 40

1. An unencrypted snapshot is copied to a snapshot encrypted to the AWS account’s default CMK.
2. An encrypted snapshot that you do not own (the AMI is shared with you) is copied to a snapshot that is encrypted by original owner’s default CMK.
3. An encrypted snapshot is copied to a snapshot encrypted to the same CMK.
4. An encrypted snapshot that you do not own (the AMI is shared with you) is copied to a volume that is encrypted to your AWS account’s default CMK.

Question 41

Amazon EC2 AMIs are copied using the CopyImage action, either through the AWS Management Console or directly using the Amazon EC2 API or CLI. The encryption parameters are Encrypted and KmsKeyId. Which of the following two statements are correct when you copy with both encryption parameters Encrypted and KmsKeyId specified?

1. An encrypted snapshot is copied to a snapshot encrypted to the original CMK
2. An unencrypted snapshot is copied to a snapshot encrypted to the specified CMK.
3. An unencrypted snapshot is copied to a snapshot encrypted to the original CMK.
4. An encrypted snapshot is copied to a snapshot encrypted not to the original CMK, but instead to the specified CMK.

Answer 41

1. An encrypted snapshot is copied to a snapshot encrypted to the original CMK
2. An unencrypted snapshot is copied to a snapshot encrypted to the specified CMK.
3. An unencrypted snapshot is copied to a snapshot encrypted to the original CMK.
4. An encrypted snapshot is copied to a snapshot encrypted not to the original CMK, but instead to the specified CMK.

Question 42

Which of the following are true about instance private ip address? Choose 3.

1. Instance private IPv4 address is not reachable over the Internet.
2. Instance private IPv4 addresses can be used for communication between instances in the same VPC.
3. Instance private IPv4 address is reachable over the Internet.
4. On launch an instance receives a primary private IP address from the IPv4 address range of the subnet.

Answer 42

1. Instance private IPv4 address is not reachable over the Internet.
2. Instance private IPv4 addresses can be used for communication between instances in the same VPC.
3. Instance private IPv4 address is reachable over the Internet.
4. On launch an instance receives a primary private IP address from the IPv4 address range of the subnet.

Question 43

What is an instance primary private ip address? Choose 3.

1. Each instance has a default network interface (eth0) that is assigned the primary private IPv4 address.
2. Primary private IP addresses can be reassigned from one instance to another.
3. You can also specify additional private IPv4 addresses, known as secondary private IPv4 addresses.
4. Secondary private IP addresses can be reassigned from one instance to another.

Answer 43

1. Each instance has a default network interface (eth0) that is assigned the primary private IPv4 address.
2. Primary private IP addresses can be reassigned from one instance to another.
3. You can also specify additional private IPv4 addresses, known as secondary private IPv4 addresses.
4. Secondary private IP addresses can be reassigned from one instance to another.

Question 44

What are the modifiable attributes of reserved instances? Choose 4.

1. Change Availability Zones within the same Region
2. Change the scope from Availability Zone to Region and vice versa
3. Change the instance size within the same instance family
4. Change the network platform from EC2-Classic to Amazon VPC and vice versa
5. Change standard reserve instance to convertible reserved instance

Answer 44

1. Change Availability Zones within the same Region
2. Change the scope from Availability Zone to Region and vice versa
3. Change the instance size within the same instance family
4. Change the network platform from EC2-Classic to Amazon VPC and vice versa
5. Change standard reserve instance to convertible reserved instance

Question 45

What are general prerequisites for Connecting to your Linux instance using SSH? Choose 4.

1. Get the public DNS name or elastic ip address of the instance.
2. Get the default user name for the AMI that you used to launch your instance.
3. Get a new AWS account IAM user.
4. Enable inbound SSH traffic from your IP address to your instance.
5. Instance private key.

Answer 45

1. Get the public DNS name or elastic ip address of the instance.
2. Get the default user name for the AMI that you used to launch your instance.
3. Get a new AWS account IAM user.
4. Enable inbound SSH traffic from your IP address to your instance.
5. Instance private key.

Question 46

Which of the following is not correct about EC2 instance’s Public IPv4 Addresses and External DNS Hostnames?

1. An external DNS hostname is resolved to the public IP address of the instance from outside its VPC, and to the private IPv4 address of the instance from inside its VPC.
2. Public IP address is mapped to the primary private IP address through network address translation (NAT).
3. Your instance’s public IP address is not released when you associate an Elastic IP address with it.
4. When an instance is launched into a non-default VPC, the subnet has an attribute that determines whether instances launched into that subnet receive a public IP address from the public IPv4 address pool.
5. Instance’s public IP address is released when it is stopped or terminated. Your stopped instance receives a new public IP address when it is restarted.

Answer 46

1. An external DNS hostname is resolved to the public IP address of the instance from outside its VPC, and to the private IPv4 address of the instance from inside its VPC.
2. Public IP address is mapped to the primary private IP address through network address translation (NAT).
3. Your instance’s public IP address is not released when you associate an Elastic IP address with it.
4. When an instance is launched into a non-default VPC, the subnet has an attribute that determines whether instances launched into that subnet receive a public IP address from the public IPv4 address pool.
5. Instance’s public IP address is released when it is stopped or terminated. Your stopped instance receives a new public IP address when it is restarted.

Question 47

You have purchased an a1.large Linux Standard Reserved Instance in us-west-1a. Which of the following ways you can modify the reservation? Choose 3.

1. Change it into windows instance
2. Change it in a1.xlarge
3. Change the region to us-east and AZ to us-east-1a
4. Change the AZ to us-west-1b
5. Change it into two a1.medium instances.

Answer 47

1. Change it into windows instance
2. Change it in a1.xlarge
3. Change the region to us-east and AZ to us-east-1a
4. Change the AZ to us-west-1b
5. Change it into two a1.medium instances.

Question 48

What are the purchasing options for EC2 instances? (Choose 4)

1. One Zone Instances
2. On-Demand Instances
3. Reserved Instances
4. Regional Instances
5. Spot Instances
6. Saving Plans

Answer 48

1. One Zone Instances
2. On-Demand Instances
3. Reserved Instances
4. Regional Instances
5. Spot Instances
6. Saving Plans

Question 49

Which of the following statements are correct for reserved instances? Choose 2.

1. Reserved Instances are more expensive compared to On-Demand Instance pricing.
2. Reserved Instances provide you with a significant discount compared to On-Demand Instance pricing.
3. Reserved Instances are not physical instances, but rather a billing discount applied to the use of On-Demand Instances in your account.
4. Reserved Instances are physical instances which are allocated to your account based on region and zone you would have selected.

Answer 49

1. Reserved Instances are more expensive compared to On-Demand Instance pricing.
2. Reserved Instances provide you with a significant discount compared to On-Demand Instance pricing.
3. Reserved Instances are not physical instances, but rather a billing discount applied to the use of On-Demand Instances in your account.
4. Reserved Instances are physical instances which are allocated to your account based on region and zone you would have selected.

Question 50

Your company started using AWS and initially you have T2 instances purchased at on-demand rates. After some time you purchase reserved instance that matches the attributes (instance type, region, dedicated instance, and platform) of your T2 instance. After some time you purchase reserved instance for C4 instances also. How reserved instance billing will be applied?

1. Reserved instance billing benefit is not applied to any of the instance.
2. Reserved instance billing benefit is immediately applied to C4 instance.
3. Reserved instance billing benefit is immediately applied to both T2 and C4 instance.
4. Reserved instance billing benefit is immediately applied to T2 instance.

Answer 50

1. Reserved instance billing benefit is not applied to any of the instance.
2. Reserved instance billing benefit is immediately applied to C4 instance.
3. Reserved instance billing benefit is immediately applied to both T2 and C4 instance.
4. Reserved instance billing benefit is immediately applied to T2 instance.

Question 51

What are the four instance attributes which determines the reserved instance pricing?

1. Instance Type
2. Scope : Regional or Zone
3. Tenancy : whether instance runs on shared or single-tenant hardware
4. Hardware memory and CPU
5. Operating System Platform

Answer 51

1. Instance Type
2. Scope : Regional or Zone
3. Tenancy : whether instance runs on shared or single-tenant hardware
4. Hardware memory and CPU
5. Operating System Platform

Question 52

Which of the following three statements are correct about Standard Reserved Instance?

1. Instance size, can be modified during the term; however, the instance family cannot be modified.
2. Instance size and instance family both can be modified.
3. Cannot be exchange for another standard reserved instance, it can only be modified.
4. Can be sold in the Reserved Instance Marketplace.
5. Cannot be sold in the Reserved Instance Marketplace.

Answer 52

1. Instance size, can be modified during the term; however, the instance family cannot be modified.
2. Instance size and instance family both can be modified.
3. Cannot be exchange for another standard reserved instance, it can only be modified.
4. Can be sold in the Reserved Instance Marketplace.
5. Cannot be sold in the Reserved Instance Marketplace.

Question 53

Which of the following two statements are correct about Convertible Reserved Instance?

1. Can be exchanged during the term for another Convertible Reserved Instance with new attributes including instance family, instance type, platform, scope, or tenancy.
2. Cannot be exchanged during the term for another Convertible Reserved Instance with new attributes including instance family, instance type, platform, scope, or tenancy.
3. Can be sold in the Reserved Instance Marketplace.
4. Cannot be sold in the Reserved Instance Marketplace.

Answer 53

1. Can be exchanged during the term for another Convertible Reserved Instance with new attributes including instance family, instance type, platform, scope, or tenancy.
2. Cannot be exchanged during the term for another Convertible Reserved Instance with new attributes including instance family, instance type, platform, scope, or tenancy.
3. Can be sold in the Reserved Instance Marketplace.
4. Cannot be sold in the Reserved Instance Marketplace.

Question 54

You have the following Convertible Reserved Instances in your account: (see attached)

Which of the following merging and exchanging options you can do?

1. You can merge aaaa1111 and bbbb2222 and exchange them for a 1-year Convertible Reserved Instance with expiration date 2018-12-31
2. You can merge bbbb2222 and cccc3333 and exchange them for a 3-year Convertible Reserved Instance with expiration date 2018-07-31
3. You can merge bbbb2222 and cccc3333 and exchange them for a 1-year Convertible Reserved Instance with expiration date 2018-07-31
4. You can merge cccc3333 and dddd4444 and exchange them for a 3-year Convertible Reserved Instance with expiration date 2019-12-31
   5.

Answer 54

1. You can merge aaaa1111 and bbbb2222 and exchange them for a 1-year Convertible Reserved Instance with expiration date 2018-12-31
2. You can merge bbbb2222 and cccc3333 and exchange them for a 3-year Convertible Reserved Instance with expiration date 2018-07-31
3. You can merge bbbb2222 and cccc3333 and exchange them for a 1-year Convertible Reserved Instance with expiration date 2018-07-31
4. You can merge cccc3333 and dddd4444 and exchange them for a 3-year Convertible Reserved Instance with expiration date 2019-12-31

Question 55

What is a spot instance? Choose 2.

1. Spot instances are exactly the same as On-Demand or Reserved instances but offered at a significant discount off the On-Demand prices
2. Spot instances are exactly the same as On-Demand or Reserved instances but offered at more cost than the On-Demand prices
3. Spot instances can be interrupted by Amazon EC2 for capacity requirements with a 5-minute notification
4. Spot instances can be interrupted by Amazon EC2 for capacity requirements with a 2-minute notification

Answer 55

1. Spot instances are exactly the same as On-Demand or Reserved instances but offered at a significant discount off the On-Demand prices
2. Spot instances are exactly the same as On-Demand or Reserved instances but offered at more cost than the On-Demand prices
3. Spot instances can be interrupted by Amazon EC2 for capacity requirements with a 5-minute notification
4. Spot instances can be interrupted by Amazon EC2 for capacity requirements with a 2-minute notification

Question 56

What are the possible use cases and criteria for using spot instances? (Choose 2)

1. Not suitable for sensitive workloads or databases.
2. Stateless, non-production application, such as development and test servers, where occasional downtime is acceptable
3. Stateful, non-production application, such as development and test servers, where occasional downtime is acceptable
4. Stateless, production application

Answer 56

1. Not suitable for sensitive workloads or databases.
2. Stateless, non-production application, such as development and test servers, where occasional downtime is acceptable
3. Stateful, non-production application, such as development and test servers, where occasional downtime is acceptable
4. Stateless, production application

Question 57

What are the reasons because of which spot instances can be interrupted? Choose 3.

1. Your Spot Instances are guaranteed to run until you terminate them.
2. Not enough unused EC2 instances to meet the demand for Spot Instances.
3. The Spot price exceeds your maximum price.
4. Constraints in the request such as a launch group or an Availability Zone group cannot be met.

Answer 57

1. Your Spot Instances are guaranteed to run until you terminate them.
2. Not enough unused EC2 instances to meet the demand for Spot Instances.
3. The Spot price exceeds your maximum price.
4. Constraints in the request such as a launch group or an Availability Zone group cannot be met.

Question 58

Which of the following statements are correct about spot fleet? Choose 3.

1. A collection, or fleet, of Spot Instances, and optionally On-Demand Instances.
2. A collection, or fleet, only of Spot Instances.
3. The request for Spot Instances is fulfilled if there is available capacity and the maximum price you specified in the request exceeds the current Spot price.
4. Attempts to maintain its target capacity fleet if your Spot Instances are interrupted interrupted due to a change in the Spot price or available capacity.

Answer 58

1. A collection, or fleet, of Spot Instances, and optionally On-Demand Instances.
2. A collection, or fleet, only of Spot Instances.
3. The request for Spot Instances is fulfilled if there is available capacity and the maximum price you specified in the request exceeds the current Spot price.
4. Attempts to maintain its target capacity fleet if your Spot Instances are interrupted interrupted due to a change in the Spot price or available capacity.

Question 59

How zonal reserved instance are applied? Choose 2.

1. Reserved Instances assigned to a specific Availability Zone can provide the Reserved Instance discount to matching instance usage in every Availability Zone for the region.
2. Reserved Instances assigned to a specific Availability Zone provide the Reserved Instance discount to matching instance usage in that Availability Zone.
3. The Reserved Instance discount applies to instance usage for the specified instance type and size only.
4. The Reserved Instance discount applies to instance usage within the instance family, regardless of size for Amazon Linux/Unix Reserved Instances with default tenancy
   5.

Answer 59

1. Reserved Instances assigned to a specific Availability Zone can provide the Reserved Instance discount to matching instance usage in every Availability Zone for the region.
2. Reserved Instances assigned to a specific Availability Zone provide the Reserved Instance discount to matching instance usage in that Availability Zone.
3. The Reserved Instance discount applies to instance usage for the specified instance type and size only.
4. The Reserved Instance discount applies to instance usage within the instance family, regardless of size for Amazon Linux/Unix Reserved Instances with default tenancy

Question 60

How zonal reserved instance are applied? Choose 2.

1. Reserved Instances assigned to a specific Availability Zone can provide the Reserved Instance discount to matching instance usage in every Availability Zone for the region.
2. Reserved Instances assigned to a specific Availability Zone provide the Reserved Instance discount to matching instance usage in that Availability Zone.
3. The Reserved Instance discount applies to instance usage for the specified instance type and size only.
4. The Reserved Instance discount applies to instance usage within the instance family, regardless of size for Amazon Linux/Unix Reserved Instances with default tenancy

Answer 60

1. Reserved Instances assigned to a specific Availability Zone can provide the Reserved Instance discount to matching instance usage in every Availability Zone for the region.
2. Reserved Instances assigned to a specific Availability Zone provide the Reserved Instance discount to matching instance usage in that Availability Zone.
3. The Reserved Instance discount applies to instance usage for the specified instance type and size only.
4. The Reserved Instance discount applies to instance usage within the instance family, regardless of size for Amazon Linux/Unix Reserved Instances with default tenancy

Question 61

How regional reserved instance are applied? Choose 2.

1. The Reserved Instance discount applies to instance usage in any Availability Zone in the specified Region.
2. Reserved Instances assigned to a region provide the Reserved Instance discount to matching instance usage in only one Availability Zone.
3. The Reserved Instance discount applies to instance usage for the specified instance type and size only.
4. The Reserved Instance discount applies to instance usage within the instance family, regardless of size for Amazon Linux/Unix Reserved Instances with default tenancy

Answer 61

1. The Reserved Instance discount applies to instance usage in any Availability Zone in the specified Region.
2. Reserved Instances assigned to a region provide the Reserved Instance discount to matching instance usage in only one Availability Zone.
3. The Reserved Instance discount applies to instance usage for the specified instance type and size only.
4. The Reserved Instance discount applies to instance usage within the instance family, regardless of size for Amazon Linux/Unix Reserved Instances with default tenancy

Question 62

Which are the scenarios when the instance size flexibility is not provided when applying reserved instances? Choose 3.

1. Reserved instances purchased for a region
2. Reserved instances purchased for a specific Availability Zone
3. Reserved Instances with dedicated tenancy
4. Reserved Instances for Windows, Windows with SQL Standard, Windows with SQL Server Enterprise, Windows with SQL Server Web, RHEL, and SLES

Answer 62

1. Reserved instances purchased for a region
2. Reserved instances purchased for a specific Availability Zone
3. Reserved Instances with dedicated tenancy
4. Reserved Instances for Windows, Windows with SQL Standard, Windows with SQL Server Enterprise, Windows with SQL Server Web, RHEL, and SLES

Question 63

You purchased a t2.medium default tenancy Amazon Linux/Unix Reserved Instance in the US East (N. Virginia) region and you have two running t2.small instances in your account in that Region. How will the reserved instance billing benefit applied?

1. You will not get any benefit as you don’t have running instance type matching to reserved instance type bought.
2. You will get benefit applied to usage of only one running t2.small.
3. You will get benefit applied to usage of both running t2.small
4. You will get benefit applied to 75% usage of both running t2.small

Answer 63

1. You will not get any benefit as you don’t have running instance type matching to reserved instance type bought.
2. You will get benefit applied to usage of only one running t2.small.
3. You will get benefit applied to usage of both running t2.small
4. You will get benefit applied to 75% usage of both running t2.small

Question 64

You purchase a t2.medium default tenancy Amazon Linux/Unix Reserved Instance in the US East (N. Virginia) and you have one running t2.large instances in your account in that Region. How will the reserved instance billing benefit applied?

1. You will not get any benefit as you don’t have running instance type matching to reserved instance type bought.
2. You will get benefit applied to only 50% usage.
3. You will get 100% usage benefit
4. You will get 75% usage benefit

Answer 64

1. You will not get any benefit as you don’t have running instance type matching to reserved instance type bought.
2. You will get benefit applied to only 50% usage.
3. You will get 100% usage benefit
4. You will get 75% usage benefit

Question 65

Which of the following statements are correct pertaining to requirements and restrictions for reserved instance modification? Choose 4.

1. You can change Availability Zones within the same Region.
2. If you change the scope from Availability Zone to Region, you lose the capacity reservation benefit.
3. If you change the scope from Region to Availability Zone, you lose Availability Zone flexibility and instance size flexibility (if applicable).
4. To change the instance size within the same instance family, the reservation must use Amazon Linux on default tenancy.
5. If you change the scope from Region to Availability Zone, you don’t lose Availability Zone flexibility and instance size flexibility (if applicable).

Answer 65

1. You can change Availability Zones within the same Region.
2. If you change the scope from Availability Zone to Region, you lose the capacity reservation benefit.
3. If you change the scope from Region to Availability Zone, you lose Availability Zone flexibility and instance size flexibility (if applicable).
4. To change the instance size within the same instance family, the reservation must use Amazon Linux on default tenancy.
5. If you change the scope from Region to Availability Zone, you don’t lose Availability Zone flexibility and instance size flexibility (if applicable).

Question 66

Q66.You have a reservation for one t2.large instance. You want to modify this reservation. Which of the following statements are correct. Choose 2.

1. You can convert into one t2.small instances
2. You can convert into two t2.medium instances
3. You can convert into one t2.medium instances
4. You can convert into four t2.small instances

Answer 66

1. You can convert into one t2.small instances
2. You can convert into two t2.medium instances
3. You can convert into one t2.medium instances
4. You can convert into four t2.small instances

Question 67

Which of the following are correct for Scheduled Reserved Instances? Choose 3.

1. Enable you to purchase capacity reservations that recur on a daily, weekly, or monthly basis, with a specified start time and duration, for a one-year term.
2. You are not charged if you do not use the scheduled instances.
3. You pay for the time that the instances are scheduled, even if you do not use them.
4. You can’t stop or reboot Scheduled Instances, but you can terminate them manually as needed.

Answer 67

1. Enable you to purchase capacity reservations that recur on a daily, weekly, or monthly basis, with a specified start time and duration, for a one-year term.
2. You are not charged if you do not use the scheduled instances.
3. You pay for the time that the instances are scheduled, even if you do not use them.
4. You can’t stop or reboot Scheduled Instances, but you can terminate them manually as needed.

Question 68

What is an EC2 dedicated host?

1. A physical server with EC2 instance capacity fully dedicated to your use.
2. Provides visibility of the number of sockets and physical cores.
3. Allows you to consistently deploy your instances to the same physical server over time.
4. Supports Bring Your Own License.
5. All of the above

Answer 68

1. A physical server with EC2 instance capacity fully dedicated to your use.
2. Provides visibility of the number of sockets and physical cores.
3. Allows you to consistently deploy your instances to the same physical server over time.
4. Supports Bring Your Own License.
5. All of the above

Question 69

What are the different type of instance tenancy attribute? Choose 3.

1. Default: Your instance runs on shared hardware.
2. Dedicated: Your instance runs on single-tenant hardware.
3. Shared: Your instance runs on shared hardware.
4. Host: Your instance runs on a Dedicated Host, which is an isolated server with configurations that you can control.
   5.

Answer 69

1. Default: Your instance runs on shared hardware.
2. Dedicated: Your instance runs on single-tenant hardware.
3. Shared: Your instance runs on shared hardware.
4. Host: Your instance runs on a Dedicated Host, which is an isolated server with configurations that you can control.

Question 70

After you launch an instance, there are some limitations to changing its tenancy. Which of the following statements are correct? Choose 3.

1. You cannot change the tenancy of an instance from default to dedicated or host after you’ve launched it.
2. You can change the tenancy of an instance from default to dedicated or host after you’ve launched it.
3. You cannot change the tenancy of an instance from dedicated or host to default after you’ve launched it.
4. You can change the tenancy of an instance from dedicated to host, or from host to dedicated after you’ve launched it.

Answer 70

1. You cannot change the tenancy of an instance from default to dedicated or host after you’ve launched it.
2. You can change the tenancy of an instance from default to dedicated or host after you’ve launched it.
3. You cannot change the tenancy of an instance from dedicated or host to default after you’ve launched it.
4. You can change the tenancy of an instance from dedicated to host, or from host to dedicated after you’ve launched it.

Question 71

You have purchased two c4.xlarge default tenancy Linux/Unix Standard Reserved Instances in Availability Zone us-east-1a. Which of the following running instances will benefit from this?

1. two c4.xlarge default tenancy Linux/Unix instances running in the Availability Zone us-east-1b
2. two m4.xlarge default tenancy Linux/Unix instances running in the Availability Zone us-east-1a
3. two c4.xlarge default tenancy Linux/Unix instances running in the Availability Zone us-east-1a
4. four c4.large default tenancy Linux/Unix instances running in the Availability Zone us-east-1a

Answer 71

1. two c4.xlarge default tenancy Linux/Unix instances running in the Availability Zone us-east-1b
2. two m4.xlarge default tenancy Linux/Unix instances running in the Availability Zone us-east-1a
3. two c4.xlarge default tenancy Linux/Unix instances running in the Availability Zone us-east-1a
4. four c4.large default tenancy Linux/Unix instances running in the Availability Zone us-east-1a

Question 72

You are running the following On-Demand Instances in account A:

• 4 x m3.large Linux, default tenancy instances in Availability Zone us-east-1a
• 2 x m4.xlarge Amazon Linux, default tenancy instances in Availability Zone us-east-1b
• 1 x c4.xlarge Amazon Linux, default tenancy instances in Availability Zone us-east-1c
• You purchase the following Reserved Instances in account A:
  
  • 4 x m3.large Linux, default tenancy Reserved Instances in Availability Zone us-east-1a (capacity is reserved)
  • 4 x m4.large Amazon Linux, default tenancy Reserved Instances in Region us-east-1
  • 1 x c4.large Amazon Linux, default tenancy Reserved Instances in Region us-east-1

How the reserved instances are applied? Choose 3.

1. reservation of the four m3.large zonal Reserved Instances is used by the four m3.large instances
2. m4.large regional Reserved Instances billing discount applies to 100% usage of 2 x m4.xlarge Amazon Linux, default tenancy
3. m4.large regional Reserved Instances billing discount applies to 50% usage 2 x m4.xlarge Amazon Linux, default tenancy
4. c4.large regional Reserved Instance billing discount applies to 50% of c4.xlarge usage.
5. c4.large regional Reserved Instance billing discount applies to 100% of c4.xlarge usage.

Answer 72

1. reservation of the four m3.large zonal Reserved Instances is used by the four m3.large instances
2. m4.large regional Reserved Instances billing discount applies to 100% usage of 2 x m4.xlarge Amazon Linux, default tenancy
3. m4.large regional Reserved Instances billing discount applies to 50% usage 2 x m4.xlarge Amazon Linux, default tenancy
4. c4.large regional Reserved Instance billing discount applies to 50% of c4.xlarge usage.
5. c4.large regional Reserved Instance billing discount applies to 100% of c4.xlarge usage.

Question 73

Which of the following three statements are correct on reserved instance modifications?

1. You can combine a reservation for two t2.small instances into one t2.medium instance
2. You can divide a reservation for two t2.small instances into one t2.large instance.
3. You can divide a reservation for one t2.large instance into four t2.small instances
4. You can combine a reservation for four t2.small instances into one t2.large instance

Answer 73

1. You can combine a reservation for two t2.small instances into one t2.medium instance
2. You can divide a reservation for two t2.small instances into one t2.large instance.
3. You can divide a reservation for one t2.large instance into four t2.small instances
4. You can combine a reservation for four t2.small instances into one t2.large instance

Question 74

Which of the following is not an allocation strategy for the Spot Instances in a Spot Fleet?

1. lowestPrice
2. diversified
3. capacityOptimized
4. InstancePoolsToUseCount
5. PerformanceOptimized

Answer 74

1. lowestPrice
2. diversified
3. capacityOptimized
4. InstancePoolsToUseCount
5. PerformanceOptimized

Question 75

Your online gaming application gets steady traffic apart from first three days of month when you run promotion giving discounts and bonus points to gamers. During those three days the traffic triples because of new users joining and existing users playing more. Currently you have six instances on which your application runs. What is the cost effective way to plan your instances to handle this periodic traffic surge?

1. Run 6 on demand instances then add 12 more on-demand only for first three days of the month
2. Run 6 on demand instances then add 12 more as spot instances
3. Use 18 reserved instances i.e. three time the normal demand all the time
4. Run 6 reserved instance and then add 12 on demand instances for three days every month.

Answer 75

1. Run 6 on demand instances then add 12 more on-demand only for first three days of the month
2. Run 6 on demand instances then add 12 more as spot instances
3. Use 18 reserved instances i.e. three time the normal demand all the time
4. Run 6 reserved instance and then add 12 on demand instances for three days every month.

Question 76

You have a reservation with two t2.micro instances and a reservation with one t2.small instance. Which of the following two ways you can combine them? Choose 2.

1. Merge both reservations to a single reservation with one t2.medium instance
2. Merge both reservations to a single reservation with two t2.small instance
3. Merge both reservations to a single reservation with two t2.medium instance
4. Merge both reservations to a single reservation with one t2.large instance

Answer 76

1. Merge both reservations to a single reservation with one t2.medium instance
2. Merge both reservations to a single reservation with two t2.small instance
3. Merge both reservations to a single reservation with two t2.medium instance
4. Merge both reservations to a single reservation with one t2.large instance

Question 77

For a service or platform to be considered serverless, what capabilities it should provide? Choose 4.

1. No server management – You don’t have to provision or maintain any servers.
2. Flexible scaling – You can scale your application automatically or by adjusting its capacity through toggling the units of consumption (for example, throughput, memory) rather than units of individual servers.
3. Full control on server management – You will have the ability to install software, maintain or administer.
4. High availability – Serverless applications have built-in availability and fault tolerance.
5. No idle capacity – You don’t have to pay for idle capacity.

Answer 77

1. No server management – You don’t have to provision or maintain any servers.
2. Flexible scaling – You can scale your application automatically or by adjusting its capacity through toggling the units of consumption (for example, throughput, memory) rather than units of individual servers.
3. Full control on server management – You will have the ability to install software, maintain or administer.
4. High availability – Serverless applications have built-in availability and fault tolerance.
5. No idle capacity – You don’t have to pay for idle capacity.

Question 78

Choose the services from which Lambda can read events? Choose 3.

1. Amazon API Gateway
2. Amazon Kinesis
3. Amazon DynamoDB
4. Amazon Simple Queue Service

Answer 78

1. Amazon API Gateway
2. Amazon Kinesis
3. Amazon DynamoDB
4. Amazon Simple Queue Service

Question 79

You are a project manager for developing a web application on a tight budget with timeline of one year for end user release. You are planning to have three environments: for developers, for testers and for integration. You need four instances for each environment, minimum of two instances any time and will need them from first week itself. How can you optimize your cost for various environments instances?

1. Use 12 reserved instances covering requirement of all three environments.
2. Use 6 reserve instances and 6 spot instances
3. Use 6 reserve instances and 6 on-demand instances
4. Use 3 reserve instances and 9 spot instances

Answer 79

1. Use 12 reserved instances covering requirement of all three environments.
2. Use 6 reserve instances and 6 spot instances
3. Use 6 reserve instances and 6 on-demand instances
4. Use 3 reserve instances and 9 spot instances

Question 80

Which of the following services can be integrated with Lambda? Choose 3.

1. S3, SNS, SES, IoT events, Cloudwatch
2. ELB, Cognito, API Gateway, Cloudfront, Step Functions
3. Kinesis, DynamoDB, SQS
4. RDS, ECS, Auto Scaling

Answer 80

1. S3, SNS, SES, IoT events, Cloudwatch
2. ELB, Cognito, API Gateway, Cloudfront, Step Functions
3. Kinesis, DynamoDB, SQS
4. RDS, ECS, Auto Scaling

Question 81

What are the different ways you can use Lambda in your application design?

1. Configure triggers to invoke a function in response to resource lifecycle events
2. Respond to incoming HTTP requests
3. Consume events from a queue
4. Run on a schedule
5. All of the above

Answer 81

1. Configure triggers to invoke a function in response to resource lifecycle events
2. Respond to incoming HTTP requests
3. Consume events from a queue
4. Run on a schedule
5. All of the above

Question 82

You have an application which is using AWS services as depicted below for data ingestion, transformation and final storage in database. At the end of day files are uploaded to a designated S3 bucket. Lambda mapped to S3 captures the file upload event and has the function logic to read files from s3 bucket as stream and writing the data to the kinesis stream. Second Lambda reads the Kinesis streams and has function logic to process and transform the data before saving the records in Aurora DB. While testing you are getting error and the lambda task processing the file in S3 aborts. The code works fine in your local computer dev setup with test files. What could you do to solve the issue? Choose 2.

1. Increase the timeout setting. Maximum is 15 minutes. Optimize you code execution time.
2. Increase the memory allocation. Maximum is 3 GB.
3. Check your code for concurrency issue.
4. Increase the provisioned concurrency.

Answer 82

1. Increase the timeout setting. Maximum is 15 minutes. Optimize you code execution time.
2. Increase the memory allocation. Maximum is 3 GB.
3. Check your code for concurrency issue.
4. Increase the provisioned concurrency.

Question 83

Which of the following commands you can run on Linux Instance at Launch?

1. Installing web server, php, and mariadb packages.
2. Starting http service
3. Creating a simple web page to test the web server and PHP engine.
4. All of the above

Answer 83

1. Installing web server, php, and mariadb packages.
2. Starting http service
3. Creating a simple web page to test the web server and PHP engine.
4. All of the above

Question 84

Which AWS service gives you following features:

Lets connected devices easily and securely interact with cloud applications and other devices.

Support billions of devices and trillions of messages, and can process and route those messages to AWS endpoints and to other devices reliably and securely.

Lets your application keep track of and communicate with all your devices, all the time, even when they aren’t connected.

1. API Gateway
2. Application Load Balancer
3. IoT Core
4. Cloudfront

Answer 84

1. API Gateway
2. Application Load Balancer
3. IoT Core
4. Cloudfront

Question 85

You have a photo upload application running in an EC2 instance. The application uses S3 to store the uploaded images. After an image is uploaded you want to create a thumbnail version of it. You know that applications that run on an EC2 instance must include AWS credentials in their AWS API requests. Which of the following is the best option?

1. Store AWS credentials directly within the EC2 instance and allow applications in that instance to use those credentials.
2. Creates role which has permissions policy that grants required access to the specified S3 bucket and attaches the role to the EC2 instance.
3. Store AWS credentials directly with the application code.
4. Create a bucket policy attached to the bucket giving required permission to the EC2 instance.

Answer 85

1. Store AWS credentials directly within the EC2 instance and allow applications in that instance to use those credentials.
2. Creates role which has permissions policy that grants required access to the specified S3 bucket and attaches the role to the EC2 instance.
3. Store AWS credentials directly with the application code.
4. Create a bucket policy attached to the bucket giving required permission to the EC2 instance.

Question 86

You have created an ecommerce website and leveraged Serverless architecture by using Lambda for order management, payment management, cart management and recommendation engine. You are following recommended best practices by leveraging Lambda environment variables and not storing any DEV/TEST/PRODUCTION environment configuration, third party integration or any other AWS service information in the code. As some of these environment variable information are sensitive, sensitive, which of the following is the best possible encryption option for environment variables?

1. No need to do anything as first time you create or update Lambda functions that uses environment variables in a region, a default service key is created for you automatically within AWS KMS to encrypt environment variables.
2. Lambda doesn’t provide a way to encrypt sensitive information.
3. Write a custom code to encrypt decrypt environment variable stores in a text file.
4. Check the “Enable helpers for encryption in transit “checkbox in AWS Lambda console and supply a custom KMS key. This masks the value you entered and results in a call to AWS KMS to encrypt the value and return it as Ciphertext.

Answer 86

1. No need to do anything as first time you create or update Lambda functions that uses environment variables in a region, a default service key is created for you automatically within AWS KMS to encrypt environment variables.
2. Lambda doesn’t provide a way to encrypt sensitive information.
3. Write a custom code to encrypt decrypt environment variable stores in a text file.
4. Check the “Enable helpers for encryption in transit “checkbox in AWS Lambda console and supply a custom KMS key. This masks the value you entered and results in a call to AWS KMS to encrypt the value and return it as Ciphertext.

Question 87

You have a batch job which needs to run every night from 11 pm to 3 am. Which option will ensure that capacity is available for the required duration as well it is cost effective? Choose 2.

1. Use Scheduled Reserved Instances
2. Use Spot Instances
3. Use Reserved Instances
4. Use On-Demand Instances
5. On-demand Instances with Saving plans

Answer 87

1. Use Scheduled Reserved Instances
2. Use Spot Instances
3. Use Reserved Instances
4. Use On-Demand Instances
5. On-demand Instances with Saving plans

Question 88

What is the URI to view all categories of instance metadata from within a running instance?

1. http://169.254.169.254/meta-data/
2. http://169.254.169.254/latest/meta-data/
3. http://254..169.254.169/meta-data/
4. http:// 254..169.254.169/latest/meta-data/

Answer 88

1. http://169.254.169.254/meta-data/
2. http://169.254.169.254/latest/meta-data/
3. http://254..169.254.169/meta-data/
4. http:// 254..169.254.169/latest/meta-data/

Question 89

You are a designing microservices based architecture for an online banking application on AWS. You want to leverage AWS managed services, which eliminates the architectural burden to design for scale and high availability and eliminates the operational efforts of running and monitoring the microservice’s underlying infrastructure.

Which of the following AWS services will meet your criteria? Choose 5

1. Amazon API Gateway
2. AWS Lambda
3. AWS Fargate
4. EC2 Auto Scaling Fleet
5. Amazon RDS
6. Amazon Aurora Serverless
7. Amazon DynamoDB

Answer 89

1. Amazon API Gateway
2. AWS Lambda
3. AWS Fargate
4. EC2 Auto Scaling Fleet
5. Amazon RDS
6. Amazon Aurora Serverless
7. Amazon DynamoDB

Question 90

Which of the following is not a Serverless service offered by AWS? Choose 3

1. AWS Fargate
2. Amazon RDS
3. Amazon EC2
4. Amazon DynamoDB
5. Amazon Aurora Serverless
6. Amazon API Gateway
7. Amazon S3
8. Amazon EFS
9. Amazon EBS
10. Amazon SNS and SQS

Answer 90

1. AWS Fargate
2. Amazon RDS
3. Amazon EC2
4. Amazon DynamoDB
5. Amazon Aurora Serverless
6. Amazon API Gateway
7. Amazon S3
8. Amazon EFS
9. Amazon EBS
10. Amazon SNS and SQS

Question 91

You have a web app that provides video transcoding services. The videos uploaded by the users are first stored in a S3 bucket where you have configured “An object created event” notification to a SQS queue. There are fleet of EC2 instances which picks up the videos from the queue and places it in another S3 bucket after transcoding the file. These consumer fleet of EC2 instance also has dynamic auto scaling policy based on custom metric ‘backlog per instance’. Which type of EC2 instances you will use which will be most cost effective given that you don’t have defined duration in which you have to complete the transcoding for an uploaded file?

1. Reserved Instances
2. On-demand Instances
3. Saving plans Instances
4. Spot Instances

Answer 91

1. Reserved Instances
2. On-demand Instances
3. Saving plans Instances
4. Spot Instances

Question 92

What is the URI to instance user data from within a running instance?

1. http://169.254.169.254/latest/meta-data/user-data
2. http://169.254.169.254/latest/user-data
3. http:// 254. 169. 254.169/latest/meta-data/user-data
4. http:// 254. 169. 254.169/latest/user-data

Answer 92

1. http://169.254.169.254/latest/meta-data/user-data
2. http://169.254.169.254/latest/user-data
3. http:// 254. 169. 254.169/latest/meta-data/user-data
4. http:// 254. 169. 254.169/latest/user-data

Question 93

What are differences between Dedicated Hosts and Dedicated Instances? Choose 3.

1. Host and instance affinity: Dedicated Hosts allows you to consistently deploy your instances to the same physical server over time. Dedicated Instances don’t support this feature.
2. Bring Your Own License (BYOL): Dedicated Hosts Supports. Not supported in Dedicated Instances.
3. Bring Your Own License (BYOL): Not supported in Dedicated Hosts. Dedicated Instances Supports.
4. Visibility of sockets, cores, and host ID: Dedicated Hosts provides visibility of the number of sockets and physical cores. No visibility provided by Dedicated Instances.
5. Host and instance affinity: Dedicated Hosts don’t support this feature. Dedicated Instances allows you to consistently deploy your instances to the same physical server over time.

Answer 93

1. Host and instance affinity: Dedicated Hosts allows you to consistently deploy your instances to the same physical server over time. Dedicated Instances don’t support this feature.
2. Bring Your Own License (BYOL): Dedicated Hosts Supports. Not supported in Dedicated Instances.
3. Bring Your Own License (BYOL): Not supported in Dedicated Hosts. Dedicated Instances Supports.
4. Visibility of sockets, cores, and host ID: Dedicated Hosts provides visibility of the number of sockets and physical cores. No visibility provided by Dedicated Instances.
5. Host and instance affinity: Dedicated Hosts don’t support this feature. Dedicated Instances allows you to consistently deploy your instances to the same physical server over time.

Question 94

You have been tasked to migrate on-premise application hosted in Docker to AWS cloud platform. You want to simply upload your application containers without having to handle the details of capacity provisioning, load balancing, scaling, and application health monitoring. Which AWS service you will use?

1. CodeDeploy
2. ECS
3. Elastic Beanstalk
4. EC2

Answer 94

1. CodeDeploy
2. ECS
3. Elastic Beanstalk
4. EC2

Question 95

What are most appropriate use case for using ECS? Choose 2.

1. Microservice architecture based application.
2. Batch job workload.
3. GUI based desktop application.
4. Provide cross-platform compatibility.

Answer 95

1. Microservice architecture based application.
2. Batch job workload.
3. GUI based desktop application.
4. Provide cross-platform compatibility.

Question 96

To do your first PoC in AWS you deployed a small web application on an EC2 server in the public subnet of VPC. You also attached an EBS volume to the EC2 instance. After few days you stopped the EC2 instance but you were surprised to see that you are still receiving charges. What could be the reason of charges?

1. EC2 instances accrue charges even when they’re not running.
2. You are being charged for using VPC.
3. There is billing error, you should raise a ticket to AWS support.
4. You are charged for EBS storage for the amount of storage provisioned to your account.

Answer 96

1. EC2 instances accrue charges even when they’re not running.
2. You are being charged for using VPC.
3. There is billing error, you should raise a ticket to AWS support.
4. You are charged for EBS storage for the amount of storage provisioned to your account.

Question 97

What is the underlying hypervisor used for EC2 ? Choose 2.

1. Xen
2. Nitro
3. Hyper-v
4. vSphere

Answer 97

1. Xen
2. Nitro
3. Hyper-v
4. vSphere

Question 98

How is attaching multiple network interfaces to an instance useful?

1. Create a management network.
2. Use network and security appliances in your VPC.
3. Create dual-homed instances with workloads/roles on distinct subnets.
4. Create a low-budget, high-availability solution.
5. All of the above

Answer 98

1. Create a management network.
2. Use network and security appliances in your VPC.
3. Create dual-homed instances with workloads/roles on distinct subnets.
4. Create a low-budget, high-availability solution.
5. All of the above

Question 99

Your company is migrating existing web applications running on on-premise web servers to AWS. Your applications are using trusted IP addresses that your partners and customers have whitelisted in their firewalls. You want to move these applications to AWS without requiring your partners and customers to change their IP address whitelists. Some applications may also have hard-coded IP address dependencies. How can you migrate such applications to AWS with minimal disruptions?

1. Submit a support request to AWS to allocation Elastic IP address which matches your existing IP address range.
2. You cannot migrate your local IP address to AWS, use the Elastic IP address allocated by AWS.
3. Leverage AWS Bring Your Own IP (BYOIP) and create Elastic IP addresses from your BYOIP address prefix and use them with AWS resources such as EC2 instances, Network Load Balancers, and NAT gateways.
4. Route internet request/response of migrated web application on AWS through on-premise VPN.

Answer 99

1. Submit a support request to AWS to allocation Elastic IP address which matches your existing IP address range.
2. You cannot migrate your local IP address to AWS, use the Elastic IP address allocated by AWS.
3. Leverage AWS Bring Your Own IP (BYOIP) and create Elastic IP addresses from your BYOIP address prefix and use them with AWS resources such as EC2 instances, Network Load Balancers, and NAT gateways.
4. Route internet request/response of migrated web application on AWS through on-premise VPN.

Question 100

You are getting following error when trying to connect to newly launched EC2 instance using Putty. Error: Server refused our key Error: No supported authentication methods available What could be the possible reasons? Choose 2.

1. Verify that you are connecting with the appropriate user name for your AMI.
2. Verify that your private key (.pem) file has been correctly converted to the format recognized by PuTTY (.ppk).
3. Verify that your IAM user policy has permission to access EC2 instance.
4. Verify that your EC2 instance security group allows SSH connection

Answer 100

1. Verify that you are connecting with the appropriate user name for your AMI.
2. Verify that your private key (.pem) file has been correctly converted to the format recognized by PuTTY (.ppk).
3. Verify that your IAM user policy has permission to access EC2 instance.
4. Verify that your EC2 instance security group allows SSH connection

Question 101

Which of the following information are given in an Auto Scaling launch configuration?

1. ID of the Amazon Machine Image (AMI)
2. Instance Type and Key pair
3. One or more security group
4. Block device mapping
5. All of the above

Answer 101

1. ID of the Amazon Machine Image (AMI)
2. Instance Type and Key pair
3. One or more security group
4. Block device mapping
5. All of the above

Question 102

What are benefits of Auto Scaling? Choose 3.

1. Better Fault tolerance
2. Better Availability
3. Better Cost management
4. Better performance

Answer 102

1. Better Fault tolerance
2. Better Availability
3. Better Cost management
4. Better performance

Question 103

What are purchase types of instances an auto scaling group can launch?

1. On-Demand Instances only
2. Spot instance only
3. On demand instance or Spot instances or both
4. Reserved instances only

Answer 103

1. On-Demand Instances only
2. Spot instance only
3. On demand instance or Spot instances or both
4. Reserved instances only

Question 104

What are the different ways you can scale your EC2 auto scaling group? Choose 5.

1. Maintain current instance levels at all times
2. Manual Scaling by specifying change in the max, min and desired capacity
3. Scale based on demand
4. Account based scaling
5. Scale based on Schedule
6. Predictive Scaling

Answer 104

1. Maintain current instance levels at all times
2. Manual Scaling by specifying change in the max, min and desired capacity
3. Scale based on demand
4. Account based scaling
5. Scale based on Schedule
6. Predictive Scaling

Question 105

You want to define the auto scaling based on the CPU utilization of the instances. Which auto scaling policy you will use?

1. Maintain current instance levels at all times
2. Manual Scaling by specifying change in the max, min and desired capacity
3. Scale based on demand or dynamic Scaling
4. Account based scaling

Answer 105

1. Maintain current instance levels at all times
2. Manual Scaling by specifying change in the max, min and desired capacity
3. Scale based on demand or dynamic Scaling
4. Account based scaling

Question 106

What are the key components of Amazon EC2 Auto Scaling? Choose 3.

1. Auto Scaling Groups
2. Load Balancers
3. Launch Templates or Launch Configurations
4. Scaling options

Answer 106

1. Auto Scaling Groups
2. Load Balancers
3. Launch Templates or Launch Configurations
4. Scaling options

Question 107

Which of the following two statements are correct about EC2 auto scaling with regard to instances in AZ and regions? Choose 2.

1. An Auto Scaling group can contain EC2 instances in one or more Availability Zones within the same Region.
2. An Auto Scaling group will have EC2 instances in one Availability Zones only.
3. Auto scaling groups cannot span multiple Regions.
4. An Auto Scaling group can contain EC2 instances in one or more Availability Zones across Regions.

Answer 107

1. An Auto Scaling group can contain EC2 instances in one or more Availability Zones within the same Region.
2. An Auto Scaling group will have EC2 instances in one Availability Zones only.
3. Auto scaling groups cannot span multiple Regions.
4. An Auto Scaling group can contain EC2 instances in one or more Availability Zones across Regions.

Question 108

You have deployed your web application EC2 instances within an auto scaling group spanning three AZs in a region and attached to an application load balancer. AWS has launched a new AMI which will be more cost effective for you. How can you ensure that your auto scaling group uses new AMI to launch new instances?

1. Modify the existing launch configuration to use new AMI.
2. Create a new launch configuration with new AMI and then update the Auto Scaling group to use the new launch configuration.
3. First terminate the existing instances based on old AMI then Modify the existing launch configuration to use new AMI.
4. First terminate the existing instances based on old AMI, create a new launch configuration with new AMI and then update the Auto Scaling group to use the new launch configuration.

Answer 108

1. Modify the existing launch configuration to use new AMI.
2. Create a new launch configuration with new AMI and then update the Auto Scaling group to use the new launch configuration.
3. First terminate the existing instances based on old AMI then Modify the existing launch configuration to use new AMI.
4. First terminate the existing instances based on old AMI, create a new launch configuration with new AMI and then update the Auto Scaling group to use the new launch configuration.

Question 109

How does Amazon EC2 Auto Scaling distribute instances? Choose 2.

1. Randomly between the Availability Zones that are enabled for Auto Scaling group
2. Evenly between the Availability Zones that are enabled for Auto Scaling group
3. Launches new instances in the Availability Zone with the fewest instances.
4. Launches new instances in the Availability Zone with the highest instances.

Answer 109

1. Randomly between the Availability Zones that are enabled for Auto Scaling group
2. Evenly between the Availability Zones that are enabled for Auto Scaling group
3. Launches new instances in the Availability Zone with the fewest instances.
4. Launches new instances in the Availability Zone with the highest instances.

Question 110

You are the solution architect for an ecommerce company. There are regular flash discounts and festivals discount offered which leads to sudden burst in orders at an unpredictable magnitude and many time more than off discount period. The architecture of the web application is shown in the diagram below. At times during the discount sales the EC2 Auto scaling is not adding instances fast enough and it is leading to performance deterioration during orders checkout and backend processing. How can you ensure none of the customer order is lost without impacting performance, scalability, and resiliency?

1. Increase the minimum fleet of servers saving the customers’ orders.
2. Have an SQS queue for customer orders and fleet of EC2 instances in auto scale group to process the order.
3. Increase the performance and capacity of database.
4. Use lambda instead of EC2 for processing the customer order.

Answer 110

1. Increase the minimum fleet of servers saving the customers’ orders.
2. Have an SQS queue for customer orders and fleet of EC2 instances in auto scale group to process the order.
3. Increase the performance and capacity of database.
4. Use lambda instead of EC2 for processing the customer order.

Question 111

What are the three ways Auto Scale group can be created?

1. Using an AMI
2. Using launch template
3. Using launch configuration
4. Using an EC2 instance

Answer 111

1. Using an AMI
2. Using launch template
3. Using launch configuration
4. Using an EC2 instance

Question 112

Which of the following statements are correct about auto scaling group? Choose 3.

1. An Auto Scaling group contains a collection of Amazon EC2 instances that are treated as a logical grouping for the purposes of automatic scaling and management.
2. An Auto Scaling group starts by launching enough instances to meet its desired capacity. It maintains this number of instances by performing periodic health checks on the instances in the group.
3. An Auto Scaling group can launch On-Demand Instances, Spot Instances, and Reserved Instances. You can specify multiple purchase options for your Auto Scaling group only when you configure the group to use a launch template.
4. An Auto Scaling group can launch On-Demand Instances, Spot Instances, or both. You can specify multiple purchase options for your Auto Scaling group only when you configure the group to use a launch template.

Answer 112

1. An Auto Scaling group contains a collection of Amazon EC2 instances that are treated as a logical grouping for the purposes of automatic scaling and management.
2. An Auto Scaling group starts by launching enough instances to meet its desired capacity. It maintains this number of instances by performing periodic health checks on the instances in the group.
3. An Auto Scaling group can launch On-Demand Instances, Spot Instances, and Reserved Instances. You can specify multiple purchase options for your Auto Scaling group only when you configure the group to use a launch template.
4. An Auto Scaling group can launch On-Demand Instances, Spot Instances, or both. You can specify multiple purchase options for your Auto Scaling group only when you configure the group to use a launch template.

Question 113

You are the solution architect for a national retail store. You have a reporting application running on EC2 instances in an auto scaling group maintaining a fixed number of instances. All the stores across the cities uploads the data every day from 1 AM-3AM for report batch processing. You notice that for last one week the performance has degraded which is affecting downstream analytical applications. What can you do to ensure that batch processing process EC2 instances are scaled at 1AM?

1. Create a new Auto Scaling group with schedule scaling policy scheduled at 1 AM.
2. Configure your existing Auto Scaling group to scale based on a schedule by creating a scheduled action for 1 AM.
3. Configure your existing Auto Scaling group with Dynamic scaling policy scheduled at 1 AM.
4. Configure your existing Auto Scaling group to scale based on a schedule by creating a scheduled action for 12.30 AM.

Answer 113

1. Create a new Auto Scaling group with schedule scaling policy scheduled at 1 AM.
2. Configure your existing Auto Scaling group to scale based on a schedule by creating a scheduled action for 1 AM.
3. Configure your existing Auto Scaling group with Dynamic scaling policy scheduled at 1 AM.
4. Configure your existing Auto Scaling group to scale based on a schedule by creating a scheduled action for 12.30 AM.

Question 114

You are the solution architect for a national retail store. You have a sales reporting application running on EC2 spot instances in an auto scaling group. All the stores across the cities uploads the data during the day. Auto scaling group is configured with step policy to scale out using the Amazon CloudWatch CPUUtilization metric to add capacity using EC2 spot instances when the metric value exceeds 90 percent utilization for 15 minutes. You notice that number of EC2 instances have reached to 20, all running at 100 percent utilization and Auto Scaling group scaling out is failing. What could be the reason? Choose 2.

1. New instances must be taking too much time to bootstart.
2. Cooldown period must be high.
3. The maximum size of your auto scaling group is 20.
4. You have reached the maximum number of spot instance of 20 per region.

Answer 114

1. New instances must be taking too much time to bootstart.
2. Cooldown period must be high.
3. The maximum size of your auto scaling group is 20.
4. You have reached the maximum number of spot instance of 20 per region.

Question 115

When you configure dynamic scaling, you define how to scale the capacity of your Auto Scaling group in response to changing demand. You can configure your Auto Scaling group to scale dynamically to meet this need by creating a scaling policy. Which of the following scaling policies are supported by Amazon EC2 Auto Scaling? Choose 3.

1. Weighted Scaling
2. Target tracking scaling
3. Step scaling
4. Simple scaling

Answer 115

1. Weighted Scaling
2. Target tracking scaling
3. Step scaling
4. Simple scaling

Question 116

You are architecting a website which will have three subdomains, for example subdomain1.site.com, subdomain2.site.com, subdomain3.site.com. Each of these subdomain’s request will be served by web servers running on EC2 instances. The webserver EC2 instances can be configured in one auto scaling group or multiple auto scaling group to meet the user request volume. Your business need is that each subdomains request to be handled differently by backend EC2 instances. You are contemplating whether to set up multiple ALBs (one for each subdomain) or have only one ALB. Which of the two following options are correct?

1. An auto scaling group can be attached to multiple ALB so you can have one ALB for each subdomain. All instances are configured under on auto scaling group.
2. An auto scaling group can be attached to only one ALB so you cannot have one ALB for each subdomain i.e. more than one ALB mapped to one auto scaling group.
3. You can use one ALB as it has the ability for Routing Rules (Domain and Path based) and you can have the request routed to domain specific auto scaling group.

Answer 116

1. An auto scaling group can be attached to multiple ALB so you can have one ALB for each subdomain. All instances are configured under on auto scaling group.
2. An auto scaling group can be attached to only one ALB so you cannot have one ALB for each subdomain i.e. more than one ALB mapped to one auto scaling group.
3. You can use one ALB as it has the ability for Routing Rules (Domain and Path based) and you can have the request routed to domain specific auto scaling group.

Question 117

What are the features of EC2 Auto Scaling cooldown period? Choose 3.

1. The cooldown period helps to ensure that your Auto Scaling group doesn’t launch or terminate additional instances before the previous scaling activity takes effect.
2. After the Auto Scaling group dynamically scales in/out using a simple scaling policy, it waits for the cooldown period to complete before resuming scaling activities.
3. The default cooldown period is 300 seconds.
4. Cooldown period is the duration when auto scaling group don’t scale out but scale in happens.

Answer 117

1. The cooldown period helps to ensure that your Auto Scaling group doesn’t launch or terminate additional instances before the previous scaling activity takes effect.
2. After the Auto Scaling group dynamically scales in/out using a simple scaling policy, it waits for the cooldown period to complete before resuming scaling activities.
3. The default cooldown period is 300 seconds.
4. Cooldown period is the duration when auto scaling group don’t scale out but scale in happens.

Question 118

Which statements is correct when you configure the EC2 Auto Scaling group to use Elastic Load Balancing health checks?

1. Instance is considered unhealthy if it fails either the EC2 status checks or the load balancer health checks
2. Instance is considered unhealthy only when it fails the load balancer health checks
3. Instance is considered unhealthy only when it fails the EC2 status checks
4. Instance is considered unhealthy only when it fails the customized health checks

Answer 118

1. Instance is considered unhealthy if it fails either the EC2 status checks or the load balancer health checks
2. Instance is considered unhealthy only when it fails the load balancer health checks
3. Instance is considered unhealthy only when it fails the EC2 status checks
4. Instance is considered unhealthy only when it fails the customized health checks

Question 119

If you attach multiple load balancers to an auto scaling group. How is an instance marked as unhealthy?

1. All load balancers must report that the instance is unhealthy in order for it to consider the instance unhealthy.
2. If one load balancer reports an instance as unhealthy, the instance is marked as unhealthy and replaced by auto scaling group.
3. Majority of load balancers must report that the instance is unhealthy in order for it to consider the instance unhealthy.
4. You can designate a specific load balancers that must report that the instance is unhealthy in order for it to consider the instance unhealthy.

Answer 119

1. All load balancers must report that the instance is unhealthy in order for it to consider the instance unhealthy.
2. If one load balancer reports an instance as unhealthy, the instance is marked as unhealthy and replaced by auto scaling group.
3. Majority of load balancers must report that the instance is unhealthy in order for it to consider the instance unhealthy.
4. You can designate a specific load balancers that must report that the instance is unhealthy in order for it to consider the instance unhealthy.

Question 120

Which of the following statement are correct about auto scaling group? Choose 2.

1. An Auto Scaling group can contain Amazon EC2 instances from multiple Availability Zones within the same Region.
2. An Auto Scaling group can contain Amazon EC2 instances from multiple Availability Zones across Regions.
3. An Auto Scaling group can contain Amazon EC2 instances only in one Availability Zones within a Region.
4. Incoming traffic is distributed equally across all Availability Zones enabled by the load balancer attached to Auto Scaling group.

Answer 120

1. An Auto Scaling group can contain Amazon EC2 instances from multiple Availability Zones within the same Region.
2. An Auto Scaling group can contain Amazon EC2 instances from multiple Availability Zones across Regions.
3. An Auto Scaling group can contain Amazon EC2 instances only in one Availability Zones within a Region.
4. Incoming traffic is distributed equally across all Availability Zones enabled by the load balancer attached to Auto Scaling group.

Question 121

Your company has an intranet application for employees to fill up their weekly timesheet. Usage pattern analysis depicts a surge in traffic on Friday evening and Wednesday evening from 4-6 pm. Which auto scaling policy would you use to add and remove instances?

1. Schedule based auto scaling policy
2. Demand based auto scaling policy
3. Maintain current instance levels at all times
4. Manual Scaling by specifying change in the max, min and desired capacity

Answer 121

1. Schedule based auto scaling policy
2. Demand based auto scaling policy
3. Maintain current instance levels at all times
4. Manual Scaling by specifying change in the max, min and desired capacity

Question 122

What is the difference between RunTask and StartTask in ECS ? Choose 2.

1. RunTask starts a new task using the specified task definition and can be placed in any container instance.
2. StartTask starts a new task from the specified task definition on the specified container instance or instances.
3. StartTask starts a new task using the specified task definition and can be placed in any container instance.
4. RunTask starts a new task from the specified task definition on the specified container instance or instances

Answer 122

1. RunTask starts a new task using the specified task definition and can be placed in any container instance.
2. StartTask starts a new task from the specified task definition on the specified container instance or instances.
3. StartTask starts a new task using the specified task definition and can be placed in any container instance.
4. RunTask starts a new task from the specified task definition on the specified container instance or instances

Question 123

You have deployed a fleet of EC2 instances using an auto scaling group based on target tracking dynamic scaling. Recently you notice that scaling policy is launching, terminating and relaunching many instances in an hour. This has led to increased cost as you are getting billed for every instance which is getting launched for few seconds to few minutes. What should you do so that frequency of launching and termination of instances is optimized? Choose 2.

1. Scale out quickly but scale in slowly. Increase the duration of cooldown period.
2. Scale out slowly and scale in quickly. Decrease the duration of cooldown period.
3. Change the target tracking scaling metric.
4. Analyze and change the target tracking metric target value.

Answer 123

1. Scale out quickly but scale in slowly. Increase the duration of cooldown period.
2. Scale out slowly and scale in quickly. Decrease the duration of cooldown period.
3. Change the target tracking scaling metric.
4. Analyze and change the target tracking metric target value.

Question 124

You have migrated your on-premise intranet application to AWS. You deployed this as a web application in a VPC with an Application Load Balancer (ALB). Web server EC2 instances are in an auto scaling group (ASG) attached to ALB. Based on past data you know the number of instances required to serve the user requests. How can you configure the auto scaling group to maintain a fixed number of instances without compromising on fault tolerance and better availability?

1. Set the same value for minimum, maximum, and desired capacity in ASG equal to required number of fixed instance.
2. No need to have an ASG. Deploy the required number of instances and attach it to ALB.
3. Set the same value for desired capacity in ASG equal to required number of fixed instance.
4. Set the minimum value in ASG equal to required number of fixed instance.

Answer 124

1. Set the same value for minimum, maximum, and desired capacity in ASG equal to required number of fixed instance.
2. No need to have an ASG. Deploy the required number of instances and attach it to ALB.
3. Set the same value for desired capacity in ASG equal to required number of fixed instance.
4. Set the minimum value in ASG equal to required number of fixed instance.

Question 125

Which of the following statement are correct regarding Manual Scaling for Amazon EC2 Auto Scaling? Choose 3.

1. At any time, you can change the size of an existing Auto Scaling group manually.
2. You cannot change the size of an existing Auto Scaling group manually.
3. You can update the instances that are attached to the Auto Scaling group.
4. You can attach EC2 Instances to your Auto Scaling Group

Answer 125

1. At any time, you can change the size of an existing Auto Scaling group manually.
2. You cannot change the size of an existing Auto Scaling group manually.
3. You can update the instances that are attached to the Auto Scaling group.
4. You can attach EC2 Instances to your Auto Scaling Group

Question 126

You are creating proof of concept web application and want to quickly deploy and manage applications in the AWS Cloud without having to learn about the infrastructure that runs those applications. You don’t want to handle the details of capacity provisioning, load balancing, scaling, and application health monitoring. Which AWS services you should leverage?

1. EC2, ELB, Auto Scaling
2. AWS Elastic Beanstalk
3. Lambda, ELB, Auto Scaling
4. EC2, S3, ELB, Auto Scaling
5. Lambda, ELB, Auto Scaling, CloudFormation

Answer 126

1. EC2, ELB, Auto Scaling
2. AWS Elastic Beanstalk
3. Lambda, ELB, Auto Scaling
4. EC2, S3, ELB, Auto Scaling
5. Lambda, ELB, Auto Scaling, CloudFormation

Question 127

Elastic Beanstalk supports applications developed in?

1. Go, Java, .NET, Node.js, PHP, Python, Scala and Ruby
2. Go, Java, .NET, Node.js, PHP, Python, React.js and Ruby
3. Go, Java, .NET, Node.js, PHP, Python, React.js , Angular and Ruby
4. Go, Java, .NET, Node.js, PHP, Python, Scala, Swift and Ruby
5. Go, Java, .NET, Node.js, PHP, Python, and Ruby

Answer 127

1. Go, Java, .NET, Node.js, PHP, Python, Scala and Ruby
2. Go, Java, .NET, Node.js, PHP, Python, React.js and Ruby
3. Go, Java, .NET, Node.js, PHP, Python, React.js , Angular and Ruby
4. Go, Java, .NET, Node.js, PHP, Python, Scala, Swift and Ruby
5. Go, Java, .NET, Node.js, PHP, Python, and Ruby

Question 128

You have an EC2 auto scaling group with following setting:

• Auto Scaling group name = my-asg
• Minimum size = 1
• Maximum size = 5
• Desired capacity = 2
• Availability Zone = us-west-1a, Region: us-west-1 US West (N. California)

You know that AWS allows attaching instances to existing auto scaling group. What are the considerations you should check before you can attach an existing instance? Choose 3.

1. The instance is in the running state. The AMI used to launch the instance must still exist.
2. The instance is in AZ us-west-1a.
3. The instance is in any AZ in us-west-1 Region.
4. The instance is not a member of another Auto Scaling group.

Answer 128

1. The instance is in the running state. The AMI used to launch the instance must still exist.
2. The instance is in AZ us-west-1a.
3. The instance is in any AZ in us-west-1 Region.
4. The instance is not a member of another Auto Scaling group.

Question 129

You have an EC2 auto scaling group with following setting:

• Auto Scaling group name = my-asg
• Minimum size = 1
• Maximum size = 5
• Desired capacity = 3
• Availability Zone = us-west-1a, Region: us-west-1 US West (N. California)

Currently there are 3 instances equal to desired capacity in running state. You want to create a separate auto scale group by detaching 2 instance, which of the following statements are applicable? Choose 3.

1. You have the option of decrementing the desired capacity for the Auto Scaling group by the number of instances you are detaching.
2. If you choose not to decrement the desired capacity, Amazon EC2 Auto Scaling launches new instances to replace the ones that you detach.
3. If you choose not to decrement the desired capacity, Amazon EC2 Auto Scaling will automatically decrement the value of desired capacity as you detach instances.
4. If you decrement the capacity but detach multiple instances from the same Availability Zone, Amazon EC2 Auto Scaling can rebalance the Availability Zones unless you suspend the AZ Rebalance process.

Answer 129

1. You have the option of decrementing the desired capacity for the Auto Scaling group by the number of instances you are detaching.
2. If you choose not to decrement the desired capacity, Amazon EC2 Auto Scaling launches new instances to replace the ones that you detach.
3. If you choose not to decrement the desired capacity, Amazon EC2 Auto Scaling will automatically decrement the value of desired capacity as you detach instances.
4. If you decrement the capacity but detach multiple instances from the same Availability Zone, Amazon EC2 Auto Scaling can rebalance the Availability Zones unless you suspend the AZ Rebalance process.

Question 130

You have deployed an intranet HR application on AWS Elastic Beanstalk. Initially it was rolled out to few beta user employees with single instance deployment on a t2.micro, with single instance capacity. After positive feedback it is planned to be rolled out to all the employees. What you should do so that there is no performance issues? Choose 2.

1. No need to do anything Elastic Beanstalk will automatically handle appropriate capacity provisioning, load balancing, auto-scaling to meet performance requirements.
2. Change the single instance type from t2.micro to t2.large.
3. Modify the configuration to instance type as t2.large, change the root volume type to general purpose SSD with 100 GB
4. Change the environment type from single instance to load balanced and configure auto scaling based on CPUutilization.

Answer 130

1. No need to do anything Elastic Beanstalk will automatically handle appropriate capacity provisioning, load balancing, auto-scaling to meet performance requirements.
2. Change the single instance type from t2.micro to t2.large.
3. Modify the configuration to instance type as t2.large, change the root volume type to general purpose SSD with 100 GB
4. Change the environment type from single instance to load balanced and configure auto scaling based on CPUutilization.

Question 131

In which order EC2 auto scaling group implements the following rules for default termination policy when a scale-in event happens?

• If there are multiple unprotected instances to terminate, determine which instances are closest to the next billing hour. If there are multiple unprotected instances closest to the next billing hour, terminate one of these instances at random.
• Determine which Availability Zones have the most instances, and at least one instance that is not protected from scale in.
• Determine which instances to terminate so as to align the remaining instances to the allocation strategy for the On-Demand or Spot Instance that is terminating. This only applies to an Auto Scaling group that specifies allocation strategies.
• Determine whether any of the instances use the oldest launch template or configuration.

1. 1,2,3,4
2. 2, 3,4,1
3. 3,4,1,2
4. 4,3,2,1

Answer 131

1. 1,2,3,4
2. 2, 3,4,1
3. 3,4,1,2
4. 4,3,2,1

Question 132

Which scaling policy you should use if you are scaling based on a utilization metric that increases or decreases proportionally to the number of instances in an Auto Scaling group?

1. Cloudwatch Scaling
2. Target tracking scaling
3. Step scaling
4. Simple scaling

Answer 132

1. Cloudwatch Scaling
2. Target tracking scaling
3. Step scaling
4. Simple scaling

Question 133

You have deployed an application that uses an Auto Scaling group and an Amazon SQS queue to send requests to a single EC2 instance. To help ensure that the application performs at optimum levels, there are two policies that control when the Auto Scaling group should scale out. One is a target tracking policy that uses a custom metric to add and remove capacity based on the number of SQS messages in the queue. The other is a step policy that uses the Amazon CloudWatch CPUUtilization metric to add capacity when the instance exceeds 90 percent utilization for a specified length of time. What will happen when EC2 instance could trigger the CloudWatch alarm for the CPUUtilization metric at the same time that the SQS queue triggers the alarm for the custom metric resulting in scale-out and scale in criteria for both policies being met at the same time?

1. Auto Scaling group will throw an error and scale out/in will not happen.
2. Auto Scaling will execute one policy that provides the largest capacity for scale out and scale in.
3. Auto Scaling will always execute policy based on CloudWatch metric.
4. Auto Scaling will always execute policy based on SQS custom metric.

Answer 133

1. Auto Scaling group will throw an error and scale out/in will not happen.
2. Auto Scaling will execute one policy that provides the largest capacity for scale out and scale in.
3. Auto Scaling will always execute policy based on CloudWatch metric.
4. Auto Scaling will always execute policy based on SQS custom metric.

Question 134

Your solution architect has configured following scaling policy in the auto scaling group for your web server instances:

• Scaling policy to keep the average aggregate CPU utilization of your Auto Scaling group at 40 percent.
• Scaling policy to keep the request count per target of your Elastic Load Balancing target group at 1000 for your Auto Scaling group.

Which type of dynamic scaling policy is this?

1. Cloudwatch Scaling
2. Target tracking scaling
3. Step scaling
4. Simple scaling

Answer 134

1. Cloudwatch Scaling
2. Target tracking scaling
3. Step scaling
4. Simple scaling

Question 135

Which of the following metric will not work for target tracking policy in EC2 auto scaling group? Choose 3.

1. The number of requests received by the load balancer fronting the Auto Scaling group (that is, the Elastic Load Balancing metric RequestCount).
2. The CPU utilization of an Auto Scaling group.
3. Load balancer request latency.
4. CloudWatch SQS queue metric ApproximateNumberOfMessagesVisible.
5. A customized metric that measures the number of messages in the queue per EC2 instance.

Answer 135

1. The number of requests received by the load balancer fronting the Auto Scaling group (that is, the Elastic Load Balancing metric RequestCount).
2. The CPU utilization of an Auto Scaling group.
3. Load balancer request latency.
4. CloudWatch SQS queue metric ApproximateNumberOfMessagesVisible.
5. A customized metric that measures the number of messages in the queue per EC2 instance.

Question 136

For a proof of concept, you are planning to use Elastic Beanstalk as you can quickly deploy and manage applications in the AWS Cloud without having to learn about the infrastructure that runs the application. Which of the following is automatically handled by Elastic Beanstalk? Choose 4.

1. Data at rest and data in transit encryption
2. capacity provisioning
3. load balancing
4. scaling
5. application health monitoring

Answer 136

1. Data at rest and data in transit encryption
2. capacity provisioning
3. load balancing
4. scaling
5. application health monitoring

Question 137

Choose the supported platforms by Elastic Beanstalk?

1. Programming languages: Go, Java, Node.js, PHP, Python, Ruby
2. Application servers :WebSphere, WebLogic, Tomcat, Passenger, Puma
3. Application servers :Tomcat, Passenger, Puma
4. Docker Containers

Answer 137

1. Programming languages: Go, Java, Node.js, PHP, Python, Ruby
2. Application servers :WebSphere, WebLogic, Tomcat, Passenger, Puma
3. Application servers :Tomcat, Passenger, Puma
4. Docker Containers

Question 138

What elements of application can you control when using AWS Elastic Beanstalk?

1. Select the operating system that matches your application requirements (e.g., Amazon Linux or Windows Server 2012 R2) and run other application components, such as a memory caching service, side-by-side in Amazon EC2
2. Choose from several available database and storage options and Access log files without logging in to the application servers
3. Enable login access to Amazon EC2 instances for immediate and direct troubleshooting and enhance application security by enabling HTTPS protocol on the load balancer
4. Quickly improve application reliability by running in more than one Availability Zone and Adjust application server settings (e.g., JVM settings) and pass environment variables
5. Access built-in Amazon CloudWatch monitoring and getting notifications on application health and other important events
6. All of the above
7. None of the above

Answer 138

1. Select the operating system that matches your application requirements (e.g., Amazon Linux or Windows Server 2012 R2) and run other application components, such as a memory caching service, side-by-side in Amazon EC2
2. Choose from several available database and storage options and Access log files without logging in to the application servers
3. Enable login access to Amazon EC2 instances for immediate and direct troubleshooting and enhance application security by enabling HTTPS protocol on the load balancer
4. Quickly improve application reliability by running in more than one Availability Zone and Adjust application server settings (e.g., JVM settings) and pass environment variables
5. Access built-in Amazon CloudWatch monitoring and getting notifications on application health and other important events
6. All of the above
7. None of the above

Question 139

Which of the following are correct considerations for target tracking policy in EC2 auto scaling group? Choose 2.

1. An Auto Scaling group can have multiple scaling policies in force at the same time using same metric but different target.
2. An Auto Scaling group can have multiple scaling policies in force at the same time, provided that each of them uses a different metric.
3. You can disable the scale-in portion of a target tracking scaling policy.
4. A target tracking scaling policy should have both scale-in and scale-out portion.

Answer 139

1. An Auto Scaling group can have multiple scaling policies in force at the same time using same metric but different target.
2. An Auto Scaling group can have multiple scaling policies in force at the same time, provided that each of them uses a different metric.
3. You can disable the scale-in portion of a target tracking scaling policy.
4. A target tracking scaling policy should have both scale-in and scale-out portion.

Question 140

Which of the following adjustment types is not supported by Amazon EC2 Auto Scaling for step scaling and simple scaling?

1. ChangeInCapacity
2. ExactCapacity
3. DesiredCapacity
4. PercentChangeInCapacity

Answer 140

1. ChangeInCapacity
2. ExactCapacity
3. DesiredCapacity
4. PercentChangeInCapacity

Question 141

Which of the following options are true about AWS Lambda? Choose 4.

1. AWS Lambda lets you run code without provisioning or managing servers.
2. You pay only for the compute time you consume, there is no charge when your code is not running.
3. You can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app.
4. Stateful Processing is perfect use case for AWS Lambda
5. Stateless Processing is perfect use case for AWS Lambda

Answer 141

1. AWS Lambda lets you run code without provisioning or managing servers.
2. You pay only for the compute time you consume, there is no charge when your code is not running.
3. You can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app.
4. Stateful Processing is perfect use case for AWS Lambda
5. Stateless Processing is perfect use case for AWS Lambda

Question 142

Which statements are true with regards to EC2 and Lambda? Choose 2.

1. With Amazon EC2 you are responsible for provisioning capacity, monitoring fleet health and performance, and designing for fault tolerance and scalability.
2. With Amazon EC2 you are not responsible for provisioning capacity, monitoring fleet health and performance, and designing for fault tolerance and scalability.
3. Lambda performs on your behalf, including capacity provisioning, monitoring fleet health, deploying your code, running a web service front end, and monitoring and logging your code
4. Lambda you are responsible for capacity provisioning, monitoring fleet health, deploying your code, running a web service front end, and monitoring and logging your code

Answer 142

1. With Amazon EC2 you are responsible for provisioning capacity, monitoring fleet health and performance, and designing for fault tolerance and scalability.
2. With Amazon EC2 you are not responsible for provisioning capacity, monitoring fleet health and performance, and designing for fault tolerance and scalability.
3. Lambda performs on your behalf, including capacity provisioning, monitoring fleet health, deploying your code, running a web service front end, and monitoring and logging your code
4. Lambda you are responsible for capacity provisioning, monitoring fleet health, deploying your code, running a web service front end, and monitoring and logging your code

Question 143

What languages does AWS Lambda support? Choose 2.

1. React.js, Python, Java, Ruby
2. Angular, C#, Go and PowerShell.
3. Node.js, Python, Java, Ruby
4. C#, Go and PowerShell.

Answer 143

1. React.js, Python, Java, Ruby
2. Angular, C#, Go and PowerShell.
3. Node.js, Python, Java, Ruby
4. C#, Go and PowerShell.

Question 144

You have a web app that lets users upload images and use them online. Each image requires resizing and encoding before it can be published. The web app runs on EC2 instances in a Dynamic Auto Scaling group based on CPU utilization that is configured to handle your typical upload rates. Unhealthy instances are terminated and replaced to maintain current instance levels at all times. The app places the raw bitmap data of the images in an Amazon SQS queue for processing. There are fleet of EC2 instance acting as worker program polling the SQS queue to processes the images and then publishes the processed images where they can be viewed by users. These consumer fleet of EC2 instance also has dynamic auto scaling policy. Which of the following AWS service you can use for processing the images instead of EC2 instances without compromising performance and also achieving cost optimization?

1. AWS Elastic Beanstalk
2. AWS Lambda
3. Amazon SNS
4. None of the above

Answer 144

1. AWS Elastic Beanstalk
2. AWS Lambda
3. Amazon SNS
4. None of the above

Question 145

You have a photo upload application and use S3 to store the uploaded images. After an image is uploaded you want to create a thumbnail version of it. Which of the following option will be most scalable and cost effective?

1. Create a Lambda function that Amazon S3 can invoke when objects are created. Then, the Lambda function can read the image object from the source bucket and create a thumbnail image target bucket.
2. Have a fleet of EC2 instances running a program which continuously reads the most latest object uploaded in S3 and converts into thumbnail.
3. S3 posts new image upload event notification as JSON to a SQS queue from which a fleet of EC2 servers will process the image.
4. S3 posts new image upload event notification as JSON to a SNS topic from which a fleet of EC2 servers will process the image.

Answer 145

1. Create a Lambda function that Amazon S3 can invoke when objects are created. Then, the Lambda function can read the image object from the source bucket and create a thumbnail image target bucket.
2. Have a fleet of EC2 instances running a program which continuously reads the most latest object uploaded in S3 and converts into thumbnail.
3. S3 posts new image upload event notification as JSON to a SQS queue from which a fleet of EC2 servers will process the image.
4. S3 posts new image upload event notification as JSON to a SNS topic from which a fleet of EC2 servers will process the image.

Question 146

Which of the following are suitable use cases that can be implemented with Amazon Lambda for real time data processing? Choose 3.

1. Dynamic Websites
2. Real-time File Processing
3. Real-time Stream Processing
4. Extract, Transform, Load

Answer 146

1. Dynamic Websites
2. Real-time File Processing
3. Real-time Stream Processing
4. Extract, Transform, Load

Question 147

You have web server EC2 instances in auto scaling group with dynamic step adjustment policy. You are using the CloudWatch metric ASGAverageCPUUtilization (Average CPU utilization of the Auto Scaling group) for dynamic scaling. You have an alarm with a breach threshold of 50 and a scaling adjustment type of PercentChangeInCapacity. You also have scale-out and scale-in policies with the following step adjustments:

Your group has both a current capacity and a desired capacity of 10 instances. The group maintains its current and desired capacity while the aggregated metric value is greater than 40 and less than 60.

Based on scenario given above for step scaling configuration what will happen if the metric value gets to 60 and further to 70 after sometime? Choose 2.

1. If the metric value gets to 60, the desired capacity of the group increases by 1 instance, to 11 instances.
2. If the metric value rises to 70, the desired capacity of the group increases by another 3 instances, to 13 instances.
3. If the metric value rises to 70, the desired capacity of the group increases by another 3 instances, to 14 instances.
4. If the metric value rises to 70, the desired capacity of the group increases by another 3 instances, to 15 instances.

Answer 147

1. If the metric value gets to 60, the desired capacity of the group increases by 1 instance, to 11 instances.
   ​
2. If the metric value rises to 70, the desired capacity of the group increases by another 3 instances, to 13 instances.
3. If the metric value rises to 70, the desired capacity of the group increases by another 3 instances, to 14 instances.
4. If the metric value rises to 70, the desired capacity of the group increases by another 3 instances, to 15 instances.

Question 148

On continuation from scenario given in Q147 above for step scaling configuration what will happen if the metric value after reaching 70 first falls to 40 and falls further to 30 after some time? Choose 2.

1. If the metric value gets to 40, the desired capacity of the group decreases by 1 instance, to 9 instances.
2. If the metric value gets to 40, the desired capacity of the group decreases by 1 instance, to 13 instances.
3. If the metric value falls to 30, the desired capacity of the group decreases by another 3 instances, to 10 instances.
4. If the metric value falls to 30, the desired capacity of the group decreases by another 3 instances, to 6 instances.

Answer 148

1. If the metric value gets to 40, the desired capacity of the group decreases by 1 instance, to 9 instances.
2. If the metric value gets to 40, the desired capacity of the group decreases by 1 instance, to 13 instances.
3. If the metric value falls to 30, the desired capacity of the group decreases by another 3 instances, to 10 instances.
4. If the metric value falls to 30, the desired capacity of the group decreases by another 3 instances, to 6 instances.

Question 149

Which of the following are rules for configuring step adjustments for your policy? Choose 4.

1. The ranges of your step adjustments can’t overlap or have a gap.
2. Only one step adjustment can have a null lower bound (negative infinity). If one step adjustment has a negative lower bound, then there must be a step adjustment with a null lower bound.
3. Only one step adjustment can have a null upper bound (positive infinity). If one step adjustment has a positive upper bound, then there must be a step adjustment with a null upper bound.
4. You can define a default adjustments for gaps in the range.
5. If the metric value is above the breach threshold, the lower bound is exclusive and the upper bound is inclusive. If the metric value is below the breach threshold, the lower bound is inclusive and the upper bound is exclusive.
6. If the metric value is above the breach threshold, the lower bound is inclusive and the upper bound is exclusive. If the metric value is below the breach threshold, the lower bound is exclusive and the upper bound is inclusive.

Answer 149

1. The ranges of your step adjustments can’t overlap or have a gap.
2. Only one step adjustment can have a null lower bound (negative infinity). If one step adjustment has a negative lower bound, then there must be a step adjustment with a null lower bound.
3. Only one step adjustment can have a null upper bound (positive infinity). If one step adjustment has a positive upper bound, then there must be a step adjustment with a null upper bound.
4. You can define a default adjustments for gaps in the range.
5. If the metric value is above the breach threshold, the lower bound is exclusive and the upper bound is inclusive. If the metric value is below the breach threshold, the lower bound is inclusive and the upper bound is exclusive.
6. If the metric value is above the breach threshold, the lower bound is inclusive and the upper bound is exclusive. If the metric value is below the breach threshold, the lower bound is exclusive and the upper bound is inclusive.

Question 150

Amazon EC2 Auto Scaling can determine the health status of an instance using one or more of the following. Choose 3.

1. Status checks provided by Amazon EC2
2. Health checks provided by Elastic Load Balancing.
3. Cloudwatch metrics.
4. Your custom health checks.

Answer 150

1. Status checks provided by Amazon EC2
2. Health checks provided by Elastic Load Balancing.
3. Cloudwatch metrics.
4. Your custom health checks.

Question 151

You have created a Linux EC2 instance in the default VPC and attached key pair to it. Now you are not able to connect to EC2 instance from your windows laptop using Putty, SSH client for Windows. You have downloaded the key pair from AWS console, converted to .ppk file and configured the Putty to use it. You are using the user name ‘ec2-user’ and instance ip address displayed in the console. What could be the possible reason?

1. ‘ec2-user’ is not the right user name for Linux EC2
2. To connect to your instance, security group attached to instance must have inbound rules that allow SSH access from public IP address of your computer, or a range of IP addresses in your local network.
3. You have to use a separate key pair to login from your laptop.
4. None of the above

Answer 151

1. ‘ec2-user’ is not the right user name for Linux EC2
2. To connect to your instance, security group attached to instance must have inbound rules that allow SSH access from public IP address of your computer, or a range of IP addresses in your local network.
3. You have to use a separate key pair to login from your laptop.
4. None of the above

Question 152

Which of the following are correct regarding AWS lambda limits? Choose 3.

1. Function timeout value is 900 sec or 15 mts
2. Function memory allocation 128 mb to 3008 mb in 64 MB increments
3. Function timeout value is 300 sec or 5 mts
4. Deployment package size is 50 MB (zipped, for direct upload)

Answer 152

1. Function timeout value is 900 sec or 15 mts
2. Function memory allocation 128 mb to 3008 mb in 64 MB increments
3. Function timeout value is 300 sec or 5 mts
4. Deployment package size is 50 MB (zipped, for direct upload)

Question 153

How does a load balancer check the health of an EC2 instance? Choose 3.

1. By sending ping
2. Monitor Cloudwatch metric for EC2 status
3. Attempting connections
4. Sends requests

Answer 153

1. By sending ping
2. Monitor Cloudwatch metric for EC2 status
3. Attempting connections
4. Sends requests

Question 154

If you have configured the Auto Scaling group to use Elastic Load Balancing health checks, when it considers the instance unhealthy? Choose 2.

1. If it fails the EC2 status checks
2. If it fails the load balancer health checks.
3. Only when it fails the EC2 status checks.
4. Only when it fails the load balancer health checks.

Answer 154

1. If it fails the EC2 status checks
2. If it fails the load balancer health checks.
3. Only when it fails the EC2 status checks.
4. Only when it fails the load balancer health checks.

Question 155

If you are using an internal ELB (Elastic Load Balancer), what are the security group configuration you need to do so that ELB can communicate with instances running a web server? Choose 3.

1. ELB Security Group Inbound Setting: Protocol = TCP, Port for 80(HTTP) and 443(HTTPS), Source IP =0.0.0.0/0 (all IPv4 addresses)
2. ELB Security Group Inbound Setting: Protocol = TCP, Port for 80(HTTP) and 443(HTTPS), Source IP = the IPv4 CIDR block of the VPC
3. ELB Security Group Outbound Setting: Protocol = TCP, Port for 80(HTTP) and 443(HTTPS), Destination IP = The ID of the instance security group
4. Instance Security Group Inbound Setting: Protocol = TCP, Port for 80(HTTP) and 443(HTTPS), Source IP = The ID of the ELB security group
5. Instance Security Group Outbound Setting: Protocol = TCP, Port for 80(HTTP)

Answer 155

1. ELB Security Group Inbound Setting: Protocol = TCP, Port for 80(HTTP) and 443(HTTPS), Source IP =0.0.0.0/0 (all IPv4 addresses)
2. ELB Security Group Inbound Setting: Protocol = TCP, Port for 80(HTTP) and 443(HTTPS), Source IP = the IPv4 CIDR block of the VPC
3. ELB Security Group Outbound Setting: Protocol = TCP, Port for 80(HTTP) and 443(HTTPS), Destination IP = The ID of the instance security group
4. Instance Security Group Inbound Setting: Protocol = TCP, Port for 80(HTTP) and 443(HTTPS), Source IP = The ID of the ELB security group
5. Instance Security Group Outbound Setting: Protocol = TCP, Port for 80(HTTP)

Question 156

Which load balancer you will use for network/transport protocols (layer4 – TCP, UDP) load balancing, and for extreme performance/low latency applications?

1. Application load balancer
2. Network load balancer
3. Classic load balancer
4. None of the above

Answer 156

1. Application load balancer
2. Network load balancer
3. Classic load balancer
4. None of the above

Question 157

Which of the following is not an action type for listener rules?

1. authenticate-cognito
2. authenticate-oidc
3. SSL
4. fixed-response
5. forward
6. redirect

Answer 157

1. authenticate-cognito
2. authenticate-oidc
3. SSL
4. fixed-response
5. forward
6. redirect

Question 158

Which of the following is not a rule condition type for listener rules?

1. host-header
2. http-request-method
3. http-header
4. geo-location
5. path-pattern
6. query-string
7. source-ip

.

Answer 158

1. host-header
2. http-request-method
3. http-header
4. geo-location
5. path-pattern
6. query-string
7. source-ip

Question 159

You have configured an application load balancer listening on port 80 and mapped it to a target group of EC2 instances also listening on port 80. When a client request reaches load balancer with correct protocol and port, how many connection load balancer maintains between client and target EC2 instance?

1. 1
2. 2
3. 3
4. 4

Answer 159

1. 1
2. 2
3. 3
4. 4

Question 160

You want to perform maintenance activities on your EC2 instances such as deploying software upgrades or replacing back-end instances .What configuration should you do to your ELB and auto scale group so that your users experience is not impacted during maintenance activities?

1. Shut down all the instances for a period of time when you are doing upgrade or replacing instances.
2. Enable Connection draining on ELBs.
3. Wait for the instance to have zero user connection and then stop the instance for maintenance.
4. Abruptly stop the instance even when they have user connection as they can reconnect to another healthy instance on next try.

Answer 160

1. Shut down all the instances for a period of time when you are doing upgrade or replacing instances.
2. Enable Connection draining on ELBs.
3. Wait for the instance to have zero user connection and then stop the instance for maintenance.
4. Abruptly stop the instance even when they have user connection as they can reconnect to another healthy instance on next try.

Question 161

You have deployed your web application within an auto scaling group spanning three AZs in a region and attached to an application load balancer. You observe that instances in two AZs are receiving traffic but instances in third AZ is not receiving traffic? You verify that security group and network ACL setting for ALB and instances are as per guideline what could be the possible reason?

1. ALB works with only two AZs
2. Auto scaling works with only two AZs
3. Third AZ is not added to the ALB
4. None of the above

Answer 161

1. ALB works with only two AZs
2. Auto scaling works with only two AZs
3. Third AZ is not added to the ALB
4. None of the above

Question 162

What are the recommended security group rules for internet facing application load balancer? Choose 3.

1. Inbound : Source=0.0.0.0/0, Port Range = listener port
2. No need to configure outbound rule
3. Outbound : Destination=instance security group, Port Range=instance listener port
4. Outbound : Destination=instance security group, Port Range= health check port

Answer 162

1. Inbound : Source=0.0.0.0/0, Port Range = listener port
2. No need to configure outbound rule
3. Outbound : Destination=instance security group, Port Range=instance listener port
4. Outbound : Destination=instance security group, Port Range= health check port

Question 163

What are the recommended security group rules for internal facing application load balancer? Choose 3.

1. Inbound : Source= VPC CIDR, Port Range = listener port
2. No need to configure outbound rule
3. Outbound : Destination=instance security group, Port Range=instance listener port
4. Outbound : Destination=instance security group, Port Range= health check port

Answer 163

1. Inbound : Source= VPC CIDR, Port Range = listener port
2. No need to configure outbound rule
3. Outbound : Destination=instance security group, Port Range=instance listener port
4. Outbound : Destination=instance security group, Port Range= health check port

Question 164

Which service you can use with your Application Load Balancer to allow or block requests based on the rules in a web access control list (web ACL)?

1. Amazon Inspector
2. Amazon Guard Duty
3. Amazon Cognito
4. AWS WAF

Answer 164

1. Amazon Inspector
2. Amazon Guard Duty
3. Amazon Cognito
4. AWS WAF

Question 165

Which of the following load balancer supports TLS termination?

1. Application load balancer
2. Network load balancer
3. Classic load balancer
4. None of the above

Answer 165

1. Application load balancer
2. Network load balancer
3. Classic load balancer
4. None of the above

Question 166

Which of the following load balancer supports SSL termination? Choose 2.

1. Application load balancer
2. Network load balancer
3. Classic load balancer
4. None of the above

Answer 166

1. Application load balancer
2. Network load balancer
3. Classic load balancer
4. None of the above

Question 167

You have an ecommerce web application deployed in a VPC behind an application load balancer (ALB) and has EC2 instances in an auto scaling group in two availability zones. Both the availability zones are mapped to the load balancer. Security group and network ACLs are configured appropriately and instances in both the AZs are receiving traffic from ALB. You are also leveraging Route53 and Cloudfront in your architecture. How can you ensure that instances in both the AZ receive equal amount of traffic. ?

1. Configure Route53 simple routing policy to distribute traffic evenly across all instances.
2. Configure Route53 weighted routing policy to distribute traffic evenly across all instances.
3. No need to do anything Route53 will distribute traffic evenly across all instances.
4. Enable cross zone load balancing in the ALB configuration.

Answer 167

1. Configure Route53 simple routing policy to distribute traffic evenly across all instances.
2. Configure Route53 weighted routing policy to distribute traffic evenly across all instances.
3. No need to do anything Route53 will distribute traffic evenly across all instances.
4. Enable cross zone load balancing in the ALB configuration.

Question 168

Your company is in the transition phase of an application migration to AWS and want to use AWS to augment on-premises resources with EC2 instances. How can you configure Application Load Balancer to distribute application traffic across both your AWS and on-premises resources? Choose 3.

1. It is not possible to use Application Load Balancer for on premise instances as target.
2. Provision Direct Connect or VPN between on premise and AWS VPC. Use IP addresses based target groups in ALB.
3. Register all the resources (AWS and on-premises) to the same target group and associate the target group with a load balancer.
4. You can use DNS based weighted load balancing across AWS and on-premises resources using two load balancers i.e. one load balancer for AWS and other for on-premises resources.

Answer 168

1. It is not possible to use Application Load Balancer for on premise instances as target.
2. Provision Direct Connect or VPN between on premise and AWS VPC. Use IP addresses based target groups in ALB.
3. Register all the resources (AWS and on-premises) to the same target group and associate the target group with a load balancer.
4. You can use DNS based weighted load balancing across AWS and on-premises resources using two load balancers i.e. one load balancer for AWS and other for on-premises resources.

Question 169

which of the following CloudWatch metrics are available for application load balancer?

1. The total number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets.
2. The total number of bytes processed by the load balancer over IPv4 and IPv6.
3. The number of targets that are considered healthy and unhealthy.
4. All of the above.

Answer 169

1. The total number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets.
2. The total number of bytes processed by the load balancer over IPv4 and IPv6.
3. The number of targets that are considered healthy and unhealthy.
4. All of the above.

Question 170

To analyze traffic patterns and troubleshoot issues, you want to capture detailed information about requests sent to your load balancer such as the time the request was received, the client’s IP address, latencies, request paths, and server responses. Which AWS service or feature you will use?

1. Cloudwatch
2. Access logs
3. Request Tracing
4. Cloudtrail logs

Answer 170

1. Cloudwatch
2. Access logs
3. Request Tracing
4. Cloudtrail logs

Question 171

Which service you will use to capture detailed information about the traffic going to and from your Network Load Balancer?

1. Access logs
2. VPC Flow Logs
3. CloudTrail logs
4. CloudWatch metrics

Answer 171

1. Access logs
2. VPC Flow Logs
3. CloudTrail logs
4. CloudWatch metrics

Question 172

Which service you will use to capture detailed information about the TLS requests sent to your Network Load Balancer?

1. Access logs
2. VPC Flow Logs
3. CloudTrail logs
4. CloudWatch metrics

Answer 172

1. Access logs
2. VPC Flow Logs
3. CloudTrail logs
4. CloudWatch metrics

Question 173

How can you get a history of Application Load Balancing API calls made on your account for security analysis and operational troubleshooting purposes?

1. Access logs
2. VPC Flow Logs
3. CloudTrail
4. CloudWatch

Answer 173

1. Access logs
2. VPC Flow Logs
3. CloudTrail
4. CloudWatch

Question 174

Using which AWS service you can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections?

1. AWS Transit Gateway
2. AWS VPN
3. AWS Direct Connect
4. AWS Storage Gateway

Answer 174

1. AWS Transit Gateway
2. AWS VPN
3. AWS Direct Connect
4. AWS Storage Gateway

Question 175

Which of the following statements are correct about AWS Direct Connect? Choose 3.

1. It is a network service that provides an alternative to using the Internet to connect customer’s on premise sites to AWS.
2. Enable access to your remote network from your VPC by creating an AWS Site-to-Site VPN (Site-to-Site VPN) connection
3. Data that would have previously been transported over the Internet can now be delivered through a private network connection between AWS and your datacenter or corporate network.
4. It can reduce costs, increase bandwidth, and provide a more consistent network experience than Internet-based connections.

Answer 175

1. It is a network service that provides an alternative to using the Internet to connect customer’s on premise sites to AWS.
2. Enable access to your remote network from your VPC by creating an AWS Site-to-Site VPN (Site-to-Site VPN) connection
3. Data that would have previously been transported over the Internet can now be delivered through a private network connection between AWS and your datacenter or corporate network.
4. It can reduce costs, increase bandwidth, and provide a more consistent network experience than Internet-based connections.

Question 176

In AWS what are the approaches in which you can leverage cost effective resources? Choose 4.

1. Appropriate provisioning and right sizing
2. Using appropriate purchasing options to meet use case
3. Using EC2 and VPC for deploying workloads
4. Geographic location selection
5. Using managed services and optimizing data transfer

Answer 176

1. Appropriate provisioning and right sizing
2. Using appropriate purchasing options to meet use case
3. Using EC2 and VPC for deploying workloads
4. Geographic location selection
5. Using managed services and optimizing data transfer

Question 177

Which of the following two services supports and helps in optimizing data transfer? Choose 2.

1. AWS RDS
2. AWS VPN
3. AWS Direct Connect
4. Amazon CloudFront content delivery network (CDN)

Answer 177

1. AWS RDS
2. AWS VPN
3. AWS Direct Connect
4. Amazon CloudFront content delivery network (CDN)

Question 178

A building construction company’s architects use CAD software installed in their workstation to design architecture blueprints. These blueprint files are very large. The company started using S3 and AWS Storage gateway for file storage and back up. After a while as number of users increased after rolling it out across different global office locations, it was found that transferring/fetching large data files speed was slow. What should they do to decrease the amount of time required to transfer data in a cost effective way?

1. Increase the bandwidth with your Internet service provider.
2. Create VPN connection with AWS resources.
3. Use AWS Direct Connect to connect with AWS resources.
4. Use AWS Transit Gateway to connect with AWS resources.

Answer 178

1. Increase the bandwidth with your Internet service provider.
2. Create VPN connection with AWS resources.
3. Use AWS Direct Connect to connect with AWS resources.
4. Use AWS Transit Gateway to connect with AWS resources.

Question 179

Choose 3 use cases for which AWS Direct Connect is suitable?

1. Applications that use real-time data feeds from on-premise.
2. Hybrid environments that satisfy regulatory requirements requiring the use of private connectivity.
3. Transferring large data sets over the Internet from on-premise data centers.
4. Applications that can work solely on cloud and doesn’t need integration with on-premise.

Answer 179

1. Applications that use real-time data feeds from on-premise.
2. Hybrid environments that satisfy regulatory requirements requiring the use of private connectivity.
3. Transferring large data sets over the Internet from on-premise data centers.
4. Applications that can work solely on cloud and doesn’t need integration with on-premise.

Question 180

Which AWS service gives you the ability to build a hub-and-spoke network topology and flexibility to your Amazon Virtual Private Clouds (VPCs) and on-premises networks to a single gateway?

1. AWS DirectConnect
2. AWS Privatelink
3. AWS VPN
4. AWS Transit Gateway

Answer 180

1. AWS DirectConnect
2. AWS Privatelink
3. AWS VPN
4. AWS Transit Gateway

Question 181

You have created a VPC subnet with CIDR block 10.0.0.0/28. How many instances you can have in this subnet?

1. 11
2. 12
3. 14
4. 16

Answer 181

1. 11
2. 12
3. 14
4. 16

Question 182

You are configuring a subnet for your VPC where you want to deploy 16 EC2 instances. Which of the following CIDR block will be correct?

1. 10.0.0.0/28
2. 10.0.0.0/27
3. 10.0.0.0/29
4. 10.0.0.0/30

Answer 182

1. 10.0.0.0/28
2. 10.0.0.0/27
3. 10.0.0.0/29
4. 10.0.0.0/30

Question 183

Which of the following two services you can leverage to build a hybrid cloud architecture connecting your on premise application to cloud applications?

1. AWS Direct Connect
2. AWS VPN
3. AWS Transit Gateway
4. AWS Privatelink

Answer 183

1. AWS Direct Connect
2. AWS VPN
3. AWS Transit Gateway
4. AWS Privatelink

Question 184

You are the solution architect for a financial services company who is migrating their in-house application to AWS. Because of the sensitive financial data and security requirement you are planning to house the application instances in private subnet that are not publicly reachable. How can you connect a public-facing load balancer to instances that have private IP addresses?

1. Associate your internet-facing load balancer with private subnet of your instances.
2. It is not possible to connect internet-facing load balancer with private subnet of your instances.
3. Create a public subnet with NAT gateway. Map the public subnet to load balancer and NAT gateway to private instances.
4. Create public subnets in the same Availability Zones as the private subnets that are used by your private instances. Then associate these public subnets to the internet-facing load balancer.

Answer 184

1. Associate your internet-facing load balancer with private subnet of your instances.
2. It is not possible to connect internet-facing load balancer with private subnet of your instances.
3. Create a public subnet with NAT gateway. Map the public subnet to load balancer and NAT gateway to private instances.
4. Create public subnets in the same Availability Zones as the private subnets that are used by your private instances. Then associate these public subnets to the internet-facing load balancer.

Question 185

You are the solution architect for a financial services company who is migrating their in-house application to AWS. Because of the sensitive financial data and security requirement you are planning to house the application instances in private subnet that are not publicly reachable. Your architecture consists of

• A public-facing load balancer to distribute the load across the instances in the private subnets.
• Two tier: Application and Database tiers. Application tier consists of EC2 instances in auto scaling group. Database tier using RDS in a Multi-AZ deployment.
• Application and Database tiers should be in separate private subnets.
• Application which should be highly available and scalable.

How many minimum subnets you will need to create?

1. Total 4. Across Two AZs, each with two private subnets.
2. Total 6. Across Two AZs, each having one public subnet and two private subnets.
3. Total 6. One AZ, having two public subnet and four private subnets.
4. Total 5. One AZ, having one public subnet and four private subnets.

Answer 185

1. Total 4. Across Two AZs, each with two private subnets.
2. Total 6. Across Two AZs, each having one public subnet and two private subnets.
3. Total 6. One AZ, having two public subnet and four private subnets.
4. Total 5. One AZ, having one public subnet and four private subnets.

Question 186

You have created a VPC with CIDR block 10.0.0.0/24, which of the following two statements are correct? Choose 3.

1. It supports 256 IP addresses.
2. You can break this CIDR block into two subnets, each supporting 128 IP addresses. One subnet uses CIDR block 10.0.0.0/25 (for addresses 10.0.0.0 - 10.0.0.127) and the other uses CIDR block 10.0.0.128/25 (for addresses 10.0.0.128 - 10.0.0.255).
3. The first four IP addresses and the last IP address in each subnet CIDR block are not available for you to use, and cannot be assigned to an instance.
4. The first IP addresses and the last four IP address in each subnet CIDR block are not available for you to use, and cannot be assigned to an instance.

Answer 186

1. It supports 256 IP addresses.
2. You can break this CIDR block into two subnets, each supporting 128 IP addresses. One subnet uses CIDR block 10.0.0.0/25 (for addresses 10.0.0.0 - 10.0.0.127) and the other uses CIDR block 10.0.0.128/25 (for addresses 10.0.0.128 - 10.0.0.255).
3. The first four IP addresses and the last IP address in each subnet CIDR block are not available for you to use, and cannot be assigned to an instance.
4. The first IP addresses and the last four IP address in each subnet CIDR block are not available for you to use, and cannot be assigned to an instance.

Question 187

You have two public subnet in your VPC having one instance each. The security group of both the instance has ‘Local’ with VPC CIDR as default rule so that they can communicate with each other. You are using default Network ACL. However when you try to ping from one instance to another you are getting timeout. What could be the possible reason?

1. You need to add rule in their security group to allow RDP traffic as ping command is a type of RDP traffic.
2. You need to add rule in their security group to allow SSH traffic as ping command is a type of SSH traffic.
3. You need to add rule in their security group to allow ICMP traffic as ping command is a type of ICMP traffic.
4. The instances may not have public IP address.

Answer 187

1. You need to add rule in their security group to allow RDP traffic as ping command is a type of RDP traffic.
2. You need to add rule in their security group to allow SSH traffic as ping command is a type of SSH traffic.
3. You need to add rule in their security group to allow ICMP traffic as ping command is a type of ICMP traffic.
4. The instances may not have public IP address.

Question 188

You have created an online event ticket platform in which users can buy tickets for county and state fairs. The platform supports user request originating from multiple channels of desktop web, mobile web and native mobile app in iOS/Android. You have designed and deployed your instances in such a way that there are different instances to serve the request based on source channel. The request URL when user starts to buy a ticket are:

• Web: www.statefair.com/web/buytickets
• Mobile Web: www.statefair.com/mobileweb/buytickets
• Native mobile app: www.statefair.com/mobileapp/buytickets

Your architecture has one application load balancer to serve the requests originating from different channels. How can you configure the load balancer so that request are served by their respective instances?

1. Replace your application load balancer with network load balancer and configure path based routing in your application load balancer to route request to different target group of instances.
2. Replace your application load balancer with network load balancer and configure host based routing in your application load balancer to route request to different target group of instances.
3. Configure path based routing in your application load balancer to route request to different target group of instances.
4. Configure host based routing in your application load balancer to route request to different target group of instances.

Answer 188

1. Replace your application load balancer with network load balancer and configure path based routing in your application load balancer to route request to different target group of instances.
2. Replace your application load balancer with network load balancer and configure host based routing in your application load balancer to route request to different target group of instances.
3. Configure path based routing in your application load balancer to route request to different target group of instances.
4. Configure host based routing in your application load balancer to route request to different target group of instances.

Question 189

You have created an online event ticket platform in which users can buy tickets for county and state fairs. The platform supports user request originating from multiple channels of desktop web, mobile web and native mobile app in iOS/Android. You have designed and deployed your instances in such a way that there are different instances to serve the request based on source channel. The request URL when user starts to buy a ticket are:

• Web: web.statefair.com/buytickets
• Mobile Web: webmobile.statefair.com/buytickets
• Native mobile app: mobile.statefair.com/buytickets

Your architecture has one application load balancer to serve the requests originating from different channels. How can you configure the load balancer so that request are served by their respective instances?

1. Replace your application load balancer with network load balancer and configure path based routing in your application load balancer to route request to different target group of instances.
2. Replace your application load balancer with network load balancer and configure host based routing in your application load balancer to route request to different target group of instances.
3. Configure path based routing in your application load balancer to route request to different target group of instances.
4. Configure host based routing in your application load balancer to route request to different target group of instances.

Answer 189

1. Replace your application load balancer with network load balancer and configure path based routing in your application load balancer to route request to different target group of instances.
2. Replace your application load balancer with network load balancer and configure host based routing in your application load balancer to route request to different target group of instances.
3. Configure path based routing in your application load balancer to route request to different target group of instances.
4. Configure host based routing in your application load balancer to route request to different target group of instances.

Question 190

You have designed your web application to use a microservices architecture to structure your application as services that you can develop and deploy independently. You want to install one or more of these services on each EC2 instance, with each service accepting connections on a different port. How can you use a load balancer with this design? Choose 2.

1. Use a single Application Load Balancer to route requests to all the services for your application.
2. Use a single Classic Load Balancer to route requests to all the services for your application.
3. Register an EC2 instance with a target group, you can register it multiple times; for each service, register the instance using the port for the service.
4. You have to deploy each microservice in a separate instance as you can attach an instance only once to a target group.

Answer 190

1. Use a single Application Load Balancer to route requests to all the services for your application.
2. Use a single Classic Load Balancer to route requests to all the services for your application.
3. Register an EC2 instance with a target group, you can register it multiple times; for each service, register the instance using the port for the service.
4. You have to deploy each microservice in a separate instance as you can attach an instance only once to a target group.

Question 191

Your Amazon ECS service can optionally be configured to use Elastic Load Balancing to distribute traffic evenly across the tasks in your service.

1. TRUE
2. FALSE

Answer 191

1. TRUE
2. FALSE

Question 192

Which type of AWS cloud infrastructure deployment places compute, storage, database, and other select services closer to large population, industry, and IT centers, enabling you to deliver applications that require single-digit millisecond latency to end-users?

1. Availability Zone
2. Local Zone
3. Outpost
4. Region

Answer 192

1. Availability Zone
2. Local Zone
3. Outpost
4. Region

Question 193

You have an ecommerce application which has its web servers and databases in private subnet of a VPC. There are three stacks of web tier and data tier deployed in private subnet in three different AZ for fault tolerance and availability. Application load balancer receives the user request and balances the load across three stacks of web-data servers. The web tier instances in these three private subnet have to access a third party payment gateway over the internet for customer credit card processing. Which option will be highly available?

1. Provision a NAT gateway in a public subnet of each AZ and configure the routing to ensure that web server uses the NAT gateway in their respective AZ.
2. Provision a NAT gateway in in a public subnet of one AZ and configure the routing to ensure that web server in all three AZ uses the NAT gateway.
3. Provision a NAT gateway in a private subnet of each AZ and configure the routing to ensure that web server uses the NAT gateway in their respective AZ.
4. Provision a NAT gateway in in a private subnet of one AZ and configure the routing to ensure that web server in all three AZ uses the NAT gateway.

Answer 193

1. Provision a NAT gateway in a public subnet of each AZ and configure the routing to ensure that web server uses the NAT gateway in their respective AZ.
2. Provision a NAT gateway in in a public subnet of one AZ and configure the routing to ensure that web server in all three AZ uses the NAT gateway.
3. Provision a NAT gateway in a private subnet of each AZ and configure the routing to ensure that web server uses the NAT gateway in their respective AZ.
4. Provision a NAT gateway in in a private subnet of one AZ and configure the routing to ensure that web server in all three AZ uses the NAT gateway.

Question 194

Which of the following virtual interfaces you don’t need to create to begin using your AWS Direct Connect connection?

1. Private virtual interface
2. Public virtual interface
3. Transit virtual interface
4. VPC virtual interface

Answer 194

1. Private virtual interface
2. Public virtual interface
3. Transit virtual interface
4. VPC virtual interface

Question 195

Using AWS Direct Connect, you want to establish private connectivity between AWS and your datacenter to reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections. Your virtual interface is up and you’ve established a BGP peering session. If you cannot route traffic over the virtual interface, what steps you will take to diagnose the issue? Choose 3.

1. For a private virtual interface, ensure that your VPC route tables have prefixes pointing to the virtual customer gateway to which your private virtual interface is connected.
2. Ensure that you are advertising a route for your on-premises network prefix over the BGP session.
3. For a private virtual interface, ensure that your VPC security groups and network ACLs allow inbound and outbound traffic for your on-premises network prefix.
4. For a private virtual interface, ensure that your VPC route tables have prefixes pointing to the virtual private gateway to which your private virtual interface is connected.

Answer 195

1. For a private virtual interface, ensure that your VPC route tables have prefixes pointing to the virtual customer gateway to which your private virtual interface is connected.
2. Ensure that you are advertising a route for your on-premises network prefix over the BGP session.
3. For a private virtual interface, ensure that your VPC security groups and network ACLs allow inbound and outbound traffic for your on-premises network prefix.
4. For a private virtual interface, ensure that your VPC route tables have prefixes pointing to the virtual private gateway to which your private virtual interface is connected.

Question 196

What are the different options in AWS to connect your on-premise corporate data center to your VPC in the cloud?

1. AWS PrivateLink
2. AWS Direct Connect
3. AWS Managed VPN
4. AWS Transit Gateway or Transit VPC

Answer 196

1. AWS PrivateLink
2. AWS Direct Connect
3. AWS Managed VPN
4. AWS Transit Gateway or Transit VPC

Question 197

How can you capture client IP addresses in ELB access logs? Choose 3.

1. For Application Load Balancers and Classic Load Balancers with HTTP/HTTPS listeners, you must use X-Forwarded-For headers
2. For Application Load Balancers with TCP/SSL listeners, you must enable Proxy Protocol support on the Classic Load Balancer and the target application.
3. For Classic Load Balancers with TCP/SSL listeners, you must enable Proxy Protocol support on the Classic Load Balancer and the target application.
4. For Network Load Balancers, you can register your targets by instance ID to capture client IP addresses without additional web server configuration.

Answer 197

1. For Application Load Balancers and Classic Load Balancers with HTTP/HTTPS listeners, you must use X-Forwarded-For headers
2. For Application Load Balancers with TCP/SSL listeners, you must enable Proxy Protocol support on the Classic Load Balancer and the target application.
3. For Classic Load Balancers with TCP/SSL listeners, you must enable Proxy Protocol support on the Classic Load Balancer and the target application.
4. For Network Load Balancers, you can register your targets by instance ID to capture client IP addresses without additional web server configuration.

Question 198

Your multinational company has IT departments in different regional headquarters around the globe. Each regional IT department has created VPCs in AWS region overlapping or near to their geographic location. What AWS networking capabilities you can leverage which will:

• Provide VPCs full access to each other’s resources or to provide a set of VPCs partial access to resources in a central VPC.
• Be simple and cost-effective way to share resources between regions or replicate data for geographic redundancy.
• Communicate privately and securely with one another for sharing data or applications.
• Stay on the AWS global network backbone and never traverses the public internet, thereby reducing threat vectors, such as common exploits and DDoS attacks.

1. Using VPC endpoints
2. It is not possible to Peer VPCs across regions.
3. Using Corporate Network Backbone
4. Using Inter-region VPC Peering

Answer 198

1. Using VPC endpoints
2. It is not possible to Peer VPCs across regions.
3. Using Corporate Network Backbone
4. Using Inter-region VPC Peering

Question 199

Which of the following statement is correct about AWS Region? Choose 2.

1. It is a physical location around the world which has cluster of data centers.
2. Each region maps to one data center at a geographic location.
3. Each AWS Region is an extension of an AWS Local Zone where you can run your latency sensitive applications using AWS services.
4. Each AWS Region consists of multiple, isolated, and physically separate AZ’s within a geographic area.

Answer 199

1. It is a physical location around the world which has cluster of data centers.
2. Each region maps to one data center at a geographic location.
3. Each AWS Region is an extension of an AWS Local Zone where you can run your latency sensitive applications using AWS services.
4. Each AWS Region consists of multiple, isolated, and physically separate AZ’s within a geographic area.

Question 200

Which of the following statement is not correct about AWS Local Zones?

1. AWS Local Zones place compute, storage, database, and other select AWS services closer to end-users.
2. With AWS Local Zones, you can easily run highly-demanding applications that require single-digit millisecond latencies.
3. Each AWS Local Zone location is an extension of an AWS Region where you can run your latency sensitive applications using AWS services
4. Each Local Zone maps to an AZ in a region.

Answer 200

1. AWS Local Zones place compute, storage, database, and other select AWS services closer to end-users.
2. With AWS Local Zones, you can easily run highly-demanding applications that require single-digit millisecond latencies.
3. Each AWS Local Zone location is an extension of an AWS Region where you can run your latency sensitive applications using AWS services
4. Each Local Zone maps to an AZ in a region.

Question 201

Which of the following statement is not correct about AZ? Choose 2.

1. An Availability Zone (AZ) is one discrete data centers with redundant power, networking, and connectivity in an AWS Region.
2. All AZ’s in an AWS Region are interconnected with high-bandwidth, low-latency networking, over fully redundant, dedicated metro fiber providing high-throughput, low-latency networking between AZ’s.
3. Traffic between AZ’s is not encrypted.
4. AZ’s give customers the ability to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center.

Answer 201

1. An Availability Zone (AZ) is one discrete data centers with redundant power, networking, and connectivity in an AWS Region.
2. All AZ’s in an AWS Region are interconnected with high-bandwidth, low-latency networking, over fully redundant, dedicated metro fiber providing high-throughput, low-latency networking between AZ’s.
3. Traffic between AZ’s is not encrypted.
4. AZ’s give customers the ability to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center.

Question 202

You have web server running on two EC2 instances behind an Application Load Balancer. How can you improve the fault tolerance of application using Auto Scaling? Choose 3.

1. After you create the Auto Scaling group, attach your existing load balancer to it.
2. Your Auto Scaling group region and Availability Zones not necessarily has to be same as the load balancer.
3. You have to create a new load balancer to attach to the Auto Scaling group.
4. Create your Auto Scaling group in the same region and Availability Zone as your load balancer.
5. Create an Auto Scaling group that launches copies of instances you’ve already configured, or create a launch configuration that uses an Amazon Machine Image (AMI) instead.

Answer 202

1. After you create the Auto Scaling group, attach your existing load balancer to it.
2. Your Auto Scaling group region and Availability Zones not necessarily has to be same as the load balancer.
3. You have to create a new load balancer to attach to the Auto Scaling group.
4. Create your Auto Scaling group in the same region and Availability Zone as your load balancer.
5. Create an Auto Scaling group that launches copies of instances you’ve already configured, or create a launch configuration that uses an Amazon Machine Image (AMI) instead.

Question 203

Which AWS service you will use to direct your users to application based on their geographic location, application health, and weights that you can configure. You also want to use static IP addresses that are globally unique for your application so that there is no need to update clients as your application scales. Your application has Application Load Balancers.

1. CloudFront
2. Route53
3. Application Load Balancer
4. Global Accelerator

Answer 203

1. CloudFront
2. Route53
3. Application Load Balancer
4. Global Accelerator

Question 204

Which of the following are components of AWS Global Accelerator? Choose 3.

1. Load Balancer, DNS Hosted Zone
2. Static IP addresses, Accelerator
3. DNS name, Listener
4. Endpoint group, Endpoint

Answer 204

1. Load Balancer, DNS Hosted Zone
2. Static IP addresses, Accelerator
3. DNS name, Listener
4. Endpoint group, Endpoint

Question 205

What are the use cases for using AWS Global Accelerator? Choose 2.

1. For applications, such as gaming, media, mobile applications, and financial applications, which need very low latency for a great user experience.
2. Useful for IoT, retail, media, automotive and healthcare use cases in which client applications cannot be updated frequently.
3. Speed up the delivery of your static content (e.g., images, style sheets, JavaScript, etc.) to viewers across the globe.
4. Private connectivity between VPCs, AWS services, and on-premises applications, securely on the Amazon network.

Answer 205

1. For applications, such as gaming, media, mobile applications, and financial applications, which need very low latency for a great user experience.
2. Useful for IoT, retail, media, automotive and healthcare use cases in which client applications cannot be updated frequently.
3. Speed up the delivery of your static content (e.g., images, style sheets, JavaScript, etc.) to viewers across the globe.
4. Private connectivity between VPCs, AWS services, and on-premises applications, securely on the Amazon network.

Question 206

How is AWS Global Accelerator different from Amazon CloudFront? Choose 2.

1. Global Accelerator improves performance for both cacheable content (such as images and videos) and dynamic content (such as API acceleration and dynamic site delivery).
2. CloudFront improves performance for both cacheable content (such as images and videos) and dynamic content (such as API acceleration and dynamic site delivery).
3. Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions.
4. CloudFront improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions.

Answer 206

1. Global Accelerator improves performance for both cacheable content (such as images and videos) and dynamic content (such as API acceleration and dynamic site delivery).
2. CloudFront improves performance for both cacheable content (such as images and videos) and dynamic content (such as API acceleration and dynamic site delivery).
3. Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions.
4. CloudFront improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions.

Question 207

What are two ways that you can customize how AWS Global Accelerator sends traffic to your endpoints?

1. Change the traffic dial to limit the traffic for one or more endpoint groups.
2. Change the traffic dial to limit the traffic for endpoints in a group.
3. Specify weights to change the proportion of traffic to the endpoint group.
4. Specify weights to change the proportion of traffic to the endpoints in a group.

Answer 207

1. Change the traffic dial to limit the traffic for one or more endpoint groups.
2. Change the traffic dial to limit the traffic for endpoints in a group.
3. Specify weights to change the proportion of traffic to the endpoint group.
4. Specify weights to change the proportion of traffic to the endpoints in a group.

Question 208

You have two endpoint groups for your AWS Global Accelerator, one for the us-west-2 Region and one for the us-east-1 Region. You’ve set the traffic dials to 50% for each endpoint group. Now if 100 requests coming to your accelerator, with 50 from the East Coast of the United States and 50 from the West Coast which of the following two statements are correct as how the traffic will be directed?

1. First 25 requests are directed to the endpoint group in us-west-2 and 25 are directed to the endpoint group in us-east-1.
2. The next 25 requests from the East Coast are served by us-west-2, and the next 25 requests from the West Coast are served by us-east-1.
3. First 50 request are served by us-west-2 and next 50 requests are served by us-east-1.
4. First 50 request are served by us-east-1 and next 50 requests are served by us-west-2.

Answer 208

1. First 25 requests are directed to the endpoint group in us-west-2 and 25 are directed to the endpoint group in us-east-1.
2. The next 25 requests from the East Coast are served by us-west-2, and the next 25 requests from the West Coast are served by us-east-1.
3. First 50 request are served by us-west-2 and next 50 requests are served by us-east-1.
4. First 50 request are served by us-east-1 and next 50 requests are served by us-west-2.

Question 209

What are the options for preserving and accessing the client IP address for AWS Global Accelerator for different endpoints? Choose 3.

1. Global Accelerator does not support client IP address preservation when you use an internal Application Load Balancer or an EC2 instance.
2. When you use an internet-facing Application Load Balancer as an endpoint with Global Accelerator, you can choose to preserve the source IP address of the original client for packets that arrive at the load balancer by enabling client IP address preservation.
3. When you use an internal Application Load Balancer or an EC2 instance with Global Accelerator, the endpoint always has client IP address preservation enabled.
4. Global Accelerator does not support client IP address preservation for Network Load Balancer and Elastic IP address endpoints.

Answer 209

1. Global Accelerator does not support client IP address preservation when you use an internal Application Load Balancer or an EC2 instance.
2. When you use an internet-facing Application Load Balancer as an endpoint with Global Accelerator, you can choose to preserve the source IP address of the original client for packets that arrive at the load balancer by enabling client IP address preservation.
3. When you use an internal Application Load Balancer or an EC2 instance with Global Accelerator, the endpoint always has client IP address preservation enabled.
4. Global Accelerator does not support client IP address preservation for Network Load Balancer and Elastic IP address endpoints.