Sunday 25 September 2016

Pass AWS Certification Exam in 10 days..!! The complete guide to pass AWS Certified Solutions Architect - Associate exam.


I achieved AWS Certified Solutions Architect - Associate certification recently, and would like to share some experiences with people who are pursuing for this certification. I hope my method might saves your time to prepare for the exam. I'm also enlisting some of the questions that I collected from Internet. 

Before we begin, its good to have below :

  • AWS fundamentals & the overview of the offerings from AWS in the form of services. 
  • You have some practical hands on experience on AWS (good to have for solving scenario based questions and troubleshooting questions)


I feel Associate exams are much easier than professional level, I believe you can pass this exam in 10 days if you already have fairly good AWS understanding. But if you are brand new to AWS, please spend another month or two for hands-on experience. 

If you focus on preparing for the exam (which you must be doing),it shouldn't be that difficult. Question is how do you prepare.

My opinion is you focus on whats relevant. This exam doesn't ask you questions on what buttons to press to launch an EC2 instance or how to launch RDS instances so you don't need to know each and everything step by step. 


Services I focused for this particular examination : 


S3IAMCloudFront
EBSStorage GatewaysEC2
CloudWatchImport/ExportELB
PlacementGroupsAutoScallingRoute53
DynamoDBRDSVPC
SNSSQSSES
ElasticBeanstalkCloudFormationBastionHost


Keep below tips in mind while you follow my guide step by step, that you DO NOT miss on any of these points while studying. 


  • Understand the fundamentals/functionalities of all the services listed above.
  • VPC is the key to clear any AWS certification. You should have good understanding & working of ENI, EIP, Security Groups, Network ACL, Routers, Gateways and NAT Instances.
  • Focus more on RDS concepts than specific database specific implementation details. This includes understanding the snapshots,  parameter groups & impact of maintenance window.
  • Understand the scenarios on choosing the right AWS services. This includes Auto Scale vs Beanstalk, EBS vs Ephemeral Storage, Security Groups vs NACLs, CloudFormation, RDS vs DynamoDB and so on.
  • Integration between Amazon S3 and Glacier, Lifecycle of objects and Bucket Policy vs ACLs.
  • Understand the shared responsibility model of AWS. Clearly differentiate between your responsibilities vs. AWS responsibilities
  • Know the performance optimization techniques in terms of choosing the right EC2 instance, PIOPS of EBS and EBS Optimized Instances.
  • Read the question carefully because most of the correct answers can be derived from the problem statement.
  • Finally, applying some commonsense will help you eliminate wrong choices.


STEPS : 

1. Online Course :

You may want to enroll in one of the AWS Solution Architect training sessions. There are many options out there, 

I studied using Udemy's "A Cloud Guru" series created by Ryan Kroonenburg.  Ryan Kroonenburg | Solutions Architect | Udemy, training's that are tailor-made for these certifications (Udemy Online Courses - Learn Anything, On Your Schedule). I would recommend this course since this course is affordable(I got this for $12 in discount.:) )

The best part with them is they have a good amount of practice exam questions that will give you an idea about the quality of questions you may see in actual AWS certification exam.

Complete all the lectures of solutions architect course  This is really important to complete all the lectures and the quizzes after each lecture, I would recommend to take quizzes at least twice, because many of these practice questions was appeared in my actual exam. 

PS : I’m not trying to encourage/promote any Training providers, neither I'm associated anyhow with these training provider , the names mentioned/recommended is just what I’ve felt to be good. :)


2. Watch some videos for below services:


  • Elastic Beanstalk  
  • Cloud Formation 


 This is just to understand the fundamentals and functionalities of these services. Do not watch long duration service videos just google it, you’ll find some 8 to 10 min duration videos on YouTube.  


3. FAQ’s of all the services: 

 https://aws.amazon.com/faqs/ 

If you have seen Udemy course and if you have understood the concepts very well you need not spend much time in checking each service FAQ’s thoroughly, but definitely you should look for some unique questions and limitations mentioned in FAQ’s . But, but if contents of course are not really clear then you should really go through the FAQ’s very well. 

I would recommend you FAQ's are the last thing you should study or may be just a day before exam if you are planing to go through them for each and every services, this will help you recall whatever you have studied till now. 

4. Service Limits:  

Below link has all the service limits, the service limits are really very important in exam point of view as we get direct questions in the exam on limit of service.  For example, How many VPC we can create in any region.  Ans: 5  

So, these kind of direct questions can be asked of service limits, though you need not require to remember each and every parameter of service limits but you should remember limits of main parameters or functions of any services.  

http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html 


5. Read about Pricing models of AWS services:(i.e how we get charged for AWS services) : 

You need to understand how we are getting charged by AWS for using any particular services and what are other factors involved that incurs cost for using the service. For example, 

Pricing for EC2 : 
Here you need not know what is the exact cost of any particular instance type. But you need to know how we get charged for ec2 and what are other parameters we need to consider in terms of cost if we use ec2 instances.  i.e for ec2, other things we might get charged for is elastic ip, ebs, data transfer out/in etc.  likewise, same applies for other services also.  

This is important to know of scenario based questions where we also need to consider cost factor. 

6. Read below blog: 

This blog is really useful for solving trouble shooting questions go through complete blog at least once. 

http://jayendrapatil.com/ 

7. Take practice exam and sample questions :

You only need to pay for practice exam once as the questions are the same each time.

These questions are very important, search and learn the answers deeply. Make sure you understand these knowledge shown in these questions. Questions are either same or quite similar in the actual exam.


8. Additional recommendations :

In addition to online courses, I recommend reading the AWS whitepapers and more you need to do thorough Hands-on while you go through AWS documentation and/or Training video sessions. That’s the much needed part of your preparation. Sign up for AWS Free Tier account and play around with the services as you learn. I recommend you read through AWS CloudWatch and setup a couple of Alarms on the Billing as soon as you sign up for AWS Free Tier account, just to make sure you don’t get charged for the unattended services you start for practice(DO NOT FORGET TO DELETE THE RESOURCES YOU START).

You can also go to:  https://qwiklabs.com/ which offers more than 72 free labs where you can get to do good amount of hands on practice. 

Also there are few blogs and  IOS application available which has more than 300 questions which might also useful for your practice, you can purchase the same if you want to, from app store, the same is available for android as well. 

http://apple.co/1Mv6Bua 

Let me know your feedback in comment section below. 

9. Now, Questions and answers: 
(Apology for unsorted questions )


Q. When you run a DB Instance as a Multi-AZ deployment, the "_____" serves database writes and reads
A secondary
B backup
C stand by
D primary

Q. Can I control if and when MySQL based RDS Instance is upgraded to new supported versions?
A No
B Only in VPC
C Yes

Q. If I modify a DB Instance or the DB parameter group associated with the instance, should I reboot the instance for the changes to take effect?
A No
B Yes

Q.  Will my standby RDS instance be in the same Region as my primary?
A Only for Oracle RDS types
B Yes
C Only if configured at launch
D No

Q. In the Amazon cloudwatch, which metric should I be checking to ensure that your DB Instance has enough free storage space?
A FreeStorage
B FreeStorageSpace
C FreeStorageVolume
D FreeDBStorageSpace

Q.  What is the maximum key length of a tag?
A 512 Unicode characters
B 64 Unicode characters
C 256 Unicode characters
D 128 Unicode characters --

Q. Groups can't _____.
A be nested more than 3 levels
B be nested at all --
C be nested more than 4 levels
D be nested more than 2 levels

Q. What does a "Domain" refer to in Amazon SWF?
A A security group in which only tasks inside can communicate with each other
B A special type of worker
C A collection of related Workflows
D The DNS record for the Amazon SWF service

Q. Out of the stripping options available for the EBS volumes, which one has the following disadvantage: 'Doubles the amount of I/O required from the instance to EBS compared to RAID 0, because you're mirroring all writes to a pair of volumes, limiting how much you can stripe.' ?
A Raid 0
B RAID 1+0 (RAID 10)
C Raid 1
D Raid 2

Q. Is creating a Read Replica of another Read Replica supported?
A Only in certain regions
B Only with MSSQL based RDS
C Only for Oracle RDS types
D No

Q. Can Amazon S3 uploads resume on failure or do they need to restart?
A Restart from beginning
B You can resume them, if you flag the "resume on failure" option before uploading.
C Resume on failure
D Depends on the file size

Q. What is the maximum write throughput I can provision for a single DynamoDB table?
A 1,000 write capacity units
B 100,000 write capacity units
C DynamoDB is designed to scale without limits, but if you go beyond 10,000 you have to contact AWS first.---
D 10,000 write capacity units

Q. What does the following command do with respect to the Amazon EC2 security groups?
ec2-revoke RevokeSecurityGroupIngress
A Removes one or more security groups from a rule.
B Removes one or more security groups from an Amazon EC2 instance.
C Removes one or more rules from a security group.
D Removes a security group from our account.

Q. Is Federated Storage Engine currently supported by Amazon RDS for MySQL?
A Only for Oracle RDS instances
B No
C Yes
D Only in VPC

Q.  How many types of block devices does Amazon EC2 support A
A 2
B 3
C 4
D 1

Q. You must increase storage size in increments of at least _____ % 
A 40
B 30
C 10
D 20

Q. What happens to the I/O operations while you take a database snapshot?
A I/O operations to the database are suspended for a few minutes while the backup is in progress.
B I/O operations to the database are sent to a Replica (if available) for a few minutes while the backup is in progress.
C I/O operations will be functioning normally
D I/O operations to the database are suspended for an hour while the backup is in progress

Q. Read Replicas require a transactional storage engine and are only supported for the _____ storage engine 
A OracleISAM
B MSSQLDB
C InnoDB
D MyISAM

Q. HTTP Query-based requests are HTTP requests that use the HTTP verb GET or POST and a Query parameter named_____.
A Action
B Value
C Reset
D Retrieve

Q.  _____ embodies the "share-nothing" architecture and essentially involves breaking a large database into several smaller databases. Common ways to split a database include 1)splitting tables that are not joined in the same query onto different hosts or 2)duplicating a table across multiple hosts and then using a hashing algorithm to determine which host receives a given update.
A Sharding
B Failure recovery
C Federation
D DDL operations

Q. 1) You have an application running in us-west-2 that requires six Amazon Elastic Compute Cloud (EC2) instances running at all times.  With three Availability Zones available in that region (us-west-2a, us-west-2b, and us-west-2c), which of the following deployments provides 100 percent fault tolerance if any single Availability Zone in us-west-2 becomes unavailable?Choose 2 answers
A. Us-west-2a with two EC2 instances, us-west-2b with two EC2 instances, and us-west-2c with two EC2 instances
B. Us-west-2a with three EC2 instances, us-west-2b with three EC2 instances, and us-west-2c with no EC2 instances
C. Us-west-2a with four EC2 instances, us-west-2b with two EC2 instances, and us-west-2c with two EC2 instances
D. Us-west-2a with six EC2 instances, us-west-2b with six EC2 instances, and us-west-2c with no EC2 instances
E. Us-west-2a with three EC2 instances, us-west-2b with three EC2 instances, and us-west-2c with three EC2 instances

Q.  You have a business-critical two-tier web app currently deployed in two Availability Zones in a single region, using Elastic Load Balancing and Auto Scaling. The app depends on synchronous replication (very low latency connectivity) at the database layer. The application needs to remain fully available even if one application Availability Zone goes off-line, and Auto Scaling cannot launch new instances in the remaining Availability Zones. How can the current architecture be enhanced to ensure this?

A. Deploy in three Availability Zones, with Auto Scaling minimum set to handle 33 percent peak load per zone.
B. Deploy in three Availability Zones, with Auto Scaling minimum set to handle 50 percent peak load per zone.
C. Deploy in two regions using Weighted Round Robin (WRR), with Auto Scaling minimums set for 50 percent peak load per Region.
D. Deploy in two regions using Weighted Round Robin (WRR), with Auto Scaling minimums set for 100 percent peak load per region.

Q.  Amazon Glacier is designed for:Choose 2 answers
A. Frequently accessed data
B. Active database storage
C. Infrequently accessed data
D. Cached session data
E. Data archives

Q.  You receive a Spot Instance at a bid of $0.05/hr. After 30 minutes, the Spot Price increases to $0.06/hr and your Spot Instance is terminated by AWS. What was the total EC2 compute cost of running your Spot Instance?
You receive a Spot Instance at a bid of $0.03/hr. After 30 minutes, the Spot Price increases to $0.05/hr and your Spot Instance is terminated by AWS. What was the total EC2 compute cost of running your Spot Instance?
A. $0.00
B. $0.02
C. $0.03
D. $0.05
E. $0.06

Q. You have been tasked with creating a VPC network topology for your company. The VPC network must support both Internet-facing applications and internally-facing applications accessed only over VPN. Both Internet-facing and internally-facing applications must be able to leverage at least three AZs for high availability.  At a minimum, how many subnets must you create within your VPC to accommodate these requirements?
A. 2
B. 3
C. 4
D. 6

Q. One of your users is trying to upload a 7.5GB file to S3 however they keep getting the following error message - �"Your proposed upload exceeds the maximum allowed object size.". What is a possible solution for this?_

The answer seems a bit odd "design you app to use...".
Ans : multipart upload

Q . Your customer wishes to deploy an enterprise application to AWS which will consist of several web servers, several application servers and a small (50GB) Oracle database information is stored, both in the database and the file systems of the various servers. The backup system must support database recovery whole server and whole disk restores, and individual file restores with a recovery time of no more than two hours They have chosen to use RDS Oracle as the database Which backup architecture will meet these requirements?
A. Backup RDS using automated daily DB backups Backup the EC2 instances using AMIs and supplement with file-level backup to S3 using traditional enterprise backup software to provide file level restore
B. Backup RDS using a Multi-AZ Deployment Backup the EC2 instances using Amis, and supplement by copying file system data to S3 to provide file level restore.
C. Backup RDS using automated daily DB backups Backup the EC2 instances using EBS snapshots and supplement with file-level backups to Amazon Glacier using traditional enterprise backup software to provide file level restore
D. Backup RDS database to S3 using Oracle RMAN Backup the EC2 instances using Amis, and supplement with EBS snapshots for individual volume restore.

Q. You are tasked with setting up a cluster of EC2 Instances for a NoSQL database. The database requires random read IO disk performance up to a 100,000 IOPS at 4KB block side per node.
Which of the following EC2 instances will perform the best for this workload?
A. A High-Memory Quadruple Extra Large (m2.4xlarge) with EBS-Optimized set to true and a PIOPs EBS volume
B. A Cluster Compute Eight Extra Large (cc2.8xlarge) using instance storage
C. High I/O Quadruple Extra Large (hi1.4xlarge) using instance storage
D. A Cluster GPU Quadruple Extra Large (cg1.4xlarge) using four separate 4000 PIOPS EBS volumes in a RAID 0 configuration

Q. Your company Is moving towards tracking web page users with a small tracking
Image loaded on each page Currently you are serving this image out of US-East, but are starting to get concerned about the time It takes to load the image for users on the west coast.

What are the two best ways to speed up serving this image?
Choose 2 answers
A. Use Route 53's Latency Based Routing and serve the image out of US-West-2 as well as US-East-1
B. Serve the image out through CloudFront
C. Serve the image out of S3 so that it isn't being served of  of your web application tier
D. Use EBS PIOPs to serve the image faster out of your EC2 instances


Q. Your EC2-Based Multi-tier application includes a monitoring instance that periodically makes application -level read only requests of various application components and if any of those fail more than three times 30 seconds calls CloudWatch lo fire an alarm, and the alarm notifies your operations team by email and SMS of a possible application health problem. However, you also need to watch the watcher -the monitoring instance itself - and be notified if it becomes unhealthy.
Which of the following is a simple way to achieve that goal?
A. Run another monitoring instance that pings the monitoring instance and fires a could watch alarm mat notifies your operations team should the primary monitoring instance become unhealthy.
B. Set a CloudWatch alarm based on EC2 system and instance status checks and have the alarm notify your operations team of any detected problem with the monitoring instance.
C. Set a CloudWatch alarm based on the CPU utilization of the monitoring instance and nave the alarm notify your operations team if the CPU usage exceeds 50% few more than one minute: then have your monitoring application go into a CPU-bound loop should it Detect any application problems.
D. Have the monitoring instances post messages to an SOS queue and then dequeue those messages on another instance should the queue cease to have new messages, the second instance should first terminate the original monitoring instance start another backup monitoring instance and assume the role of the previous monitoring instance and beginning adding messages to the SQS queue.

 Q .You have a content management system running on an Amazon EC2 instance that is approaching 100% CPU utilization. Which option will reduce load on the Amazon EC2 instance?
1.Create a load balancer, and register the Amazon EC2 instance with it
2.Create a CloudFront distribution, and configure the Amazon EC2 instance as the origin
3.Create an Auto Scaling group from the instance using the CreateAutoScalingGroup action
4.Create a launch configuration from the instance using the CreateLaunchConfiguration action

Q. With which AWS services HSM can be used?
s3,
ebs,
redshift **
dynamodb

Q. If we are to host an application on a single ec2 instance, what can be done to make sure highest iops?
 a. A single ec2 ebs backed instance with provisioned IOPS
b. An array of EBS volumes with provisioned IOPS.


Q. What all things are for aws users to make sure are secure?
a.   Security Group
b. IAM User access
c. NACL
d. Wrong ones: a. decommissioning of storage devices
b. Physical Security


Q. If an instance hosts website on multiple virtual hosts each with it's own ssl certificate, what should be done?
a. Upload the SSL certificates to IAM
b. Create an SSL termination at the ELB

Q.  Name four things that Trusted Advisor checks ...
performance
cost opt
security
fault tolerance


Q.  2 services that you get root access to (and ec2 is not an option) ...
emr

Q. Amazon RDS automated backups and DB Snapshots are currently supported for only the ______ storage engine
A. MyISAM
B. InnoDB

Q. The compliance department within your multi-national organization requires that all data for
your customers that reside in the European Union (EU) must not leave the EU and also data for
customers that reside in the US must not leave the US without explicit authorization. In order
to register, a user must include a residential address as part of the user profile.
What must you do to comply with this requirement for a web-based application running on
Amazon Elastic Compute Cloud (EC2)?

A. Run Amazon EC2 instances in multiple regions, and leverage Route 53’s latency-based
routing capabilities to route traffic to the appropriate region based on a user’s profile.
B. Run Amazon EC2 instances in multiple regions, and leverage an elastic load balancer with
session stickiness to route traffic to the appropriate region based on a user’s profile.
C. Run Amazon EC2 instances in multiple regions, and leverage a third-party data provider to
determine whether a user should be redirected to the appropriate region based on that
user’s profile.
D. Run Amazon EC2 instances in multiple AWS Availability Zones in a single region, and
leverage an elastic load balancer with session stickiness to route traffic to the appropriate
zone based on a user’s profile.

Q. Your customer wishes to deploy an enterprise application to AWS which will consist of several web servers, several application servers and a small (50GB) Oracle database information is stored, both in the database and the file systems of the various servers. The backup system must support database recovery whole server and whole disk restores, and individual file restores with a recovery time of no more than two hours They have chosen to use RDS Oracle as the database Which backup architecture will meet these requirements?
A. Backup RDS using automated daily DB backups Backup the EC2 instances using AMIs and supplement with file-level backup to S3 using traditional enterprise backup software to provide file level restore
B. Backup RDS using a Multi-AZ Deployment Backup the EC2 instances using Amis, and supplement by copying file system data to S3 to provide file level restore.
C. Backup RDS using automated daily DB backups Backup the EC2 instances using EBS snapshots and supplement with file-level backups to Amazon Glacier using traditional enterprise backup software to provide file level restore
D. Backup RDS database to S3 using Oracle RMAN Backup the EC2 instances using Amis, and supplement with EBS snapshots for individual volume restore.

Q. Company B is launching a new game app for mobile devices. Users will log into the game using their existing social media account to streamline data capture. Company B would like to directly save player data and scoring information from the mobile app to a DynamoDS table named Score Data When a user saves their game the progress data will be stored to the Game state S3 bucket. what is the best approach for storing data to DynamoDB and S3?

A. Use an EC2 Instance that is launched with an EC2 role providing access to the Score Data DynamoDB table and the GameState S3 bucket that communicates with the mobile app via web services.
B. Use temporary security credentials that assume a role providing access to the Score Data
DynamoDB table and the Game State S3 bucket using web identity federation.
C. Use Login with Amazon allowing users to sign in with an Amazon account providing the mobile app with access to the Score Data DynamoDB table and the Game State S3 bucket.
D. Use an 1AM user with access credentials assigned a role providing access to the Score Data DynamoDB table and the Game State S3 bucket for distribution with the mobile app

Q. An instance running a webserver is launched in a VPC subnet. A security group and a NACL are configured to allow inbound port 80. What should be done to make web server accessible by everyone?

1.   Outbound Port 80 rule should be enabled on security group
2.   Outbound Ports 49152-65535 should be enabled on NACL
3.   Outbound Port 80 rule should be enabled on both security group and NACL
4.   All ports both inbound and outbound should be enabled on security group and NACL

Q. What happens to data on ephemeral volume of an EBS-backed instance if instance is stopped and started?
1.   Data persists
2.   Data is deleted
3.   Volume snapshot is saved in S3
4.   Data is automatically copied to another volume

Q. You're creating a forum DynamoDB database for hosting forums. Your "thread" table contains the forum name and each "forum name" can have one or more "subjects". What primary key type would you give the thread table in order to allow more than one subject to be tied to the forum primary key name?
    Hash
    Primary and range
    Range and Hash
    Hash and Range



Q Amazon Glacier is designed for: (Choose 2 answers)
·                  A. active database storage.
·                  B. infrequently accessed data.
·                  C. data archives.
·                  D. frequently accessed data.
·                  E. cached session data.

Answer: B. infrequently accessed data. C. data archives.

Q. You configured ELB to perform health checks on these EC2 instances. If an instance fails to pass health checks, which statement will be true?

·                  A. The instance is replaced automatically by the ELB.
·                  B. The instance gets terminated automatically by the ELB.
·                  C. The ELB stops sending traffic to the instance that failed its health check.
·                  D. The instance gets quarantined by the ELB for root cause analysis.
Answer: C.

Q. You are building a system to distribute confidential training videos to employees. Using CloudFront, what method could be used to serve content that is stored in S3, but not publically accessible from S3 directly?

·                  A. Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.
·                  B. Add the CloudFront account security group “amazon-cf/amazon-cf-sg” to the appropriate S3 bucket policy.
·                  C. Create an Identity and Access Management (IAM) User for CloudFront and grant access to the objects in your S3 bucket to that IAM User.
·                  D. Create a S3 bucket policy that lists the CloudFront distribution ID as the Principal and the target bucket as the Amazon Resource Name (ARN).
Answer: A.

Q. Which of the following will occur when an EC2 instance in a VPC (Virtual Private Cloud) with an associated Elastic IP is stopped and started? (Choose 2 answers)

·                  A. The Elastic IP will be dissociated from the instance
·                  B. All data on instance-store devices will be lost
·                  C. All data on EBS (Elastic Block Store) devices will be lost
·                  D. The ENI (Elastic Network Interface) is detached
·                  E. The underlying host for the instance is changed
Answers: B.

Q. In the basic monitoring package for EC2, Amazon CloudWatch provides the following metrics:

·                  A. web server visible metrics such as number failed transaction requests
·                  B. operating system visible metrics such as memory utilization
·                  C. database visible metrics such as number of connections
·                  D. hypervisor visible metrics such as CPU utilization
Answer: D.

Question 6 (of 7): Which is an operational process performed by AWS for data security?

·                  A. AES-256 encryption of data stored on any shared storage device
·                  B. Decommissioning of storage devices using industry-standard practices
·                  C. Background virus scans of EBS volumes and EBS snapshots
·                  D. Replication of data across multiple AWS Regions E. Secure wiping of EBS data when an EBS volume is un-mounted
Answer: B.

Q. To protect S3 data from both accidental deletion and accidental overwriting, you should:

·                  A. enable S3 versioning on the bucket
·                  B. access S3 data using only signed URLs
·                  C. disable S3 delete using an IAM bucket policy
·                  D. enable S3 Reduced Redundancy Storage
·                  E. enable Multi-Factor Authentication (MFA) protected access
Answer: A.

1.    1. Question
1 points
Category: Security
Select the correct set of options. These are the initial settings for the default security group:
o    Allow no inbound traffic, Allow all outbound traffic and Allow instances associated with this security group to talk to each other.
o    Allow all inbound traffic, Allow no outbound traffic and Allow instances associated with this security group to talk to each other.
o    Allow no inbound traffic, Allow all outbound traffic and Does NOT allow instances associated with this security group to talk to each other.
o    Allow all inbound traffic, Allow all outbound traffic and Does NOT allow instances associated with this security group to talk to each other.
Correct

2.   2. Question
1 points
Category: Security
An IAM user is trying to perform an action on an object belonging to some other root account’s bucket. Which of the below mentioned options will AWS S3 not verify?
o    Permission provided by the parent of the IAM user on the bucket
o    The object owner has provided access to the IAM user
o    Permission provided by the parent of the IAM user
o    Permission provided by the bucket owner to the IAM user
Correct

If the IAM user is trying to perform some action on the object belonging to another AWS user’s bucket, S3 will verify whether the owner of the IAM user has given sufficient permission to him. It also verifies the policy for the bucket as well as the policy defined by the object owner.
http://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-auth-workflow-object-operation.html
3.   3. Question
1 points
Category: High Availability
Placement Groups: enables applications to participate in a low-latency, 10 Gbps network. Which of below statements is false.
o    Not all of the instance types that can be launched into a placement group.
o    A placement group can't span multiple Availability Zones.
o    You can move an existing instance into a placement group by specify parameter of placement group.
o    A placement group can span peered VPCs.
Correct

4.   4. Question
1 points
Category: High Availability
What about below is false for AWS SLA
o    S3 availability is guarantee to 99.95%.
o    EBS availability is guarantee to 99.95%.
o    EC2 availability is guarantee to 99.95%.
o    RDS multi-AZ is guarantee to 99.95%.
Correct

S3 availability is 99.9%
http://aws.amazon.com/s3/sla/
5.    5. Question
1 points
Category: Networks
You have assigned one Elastic IP to your EC2 instance. Now we need to restart the VM without EIP changed. Which of below you should not do?
o    Reboot and stop/start both works.
o    Reboot the instance.
o    When the instance is in VPC public subnets, stop/start works.
o    When the instance is in VPC private subnet, stop/start works.
Correct

6.   6. Question
1 points
Category: Networks
About the charge of Elastic IP Address, which of the following is true?
o    You can have one Elastic IP (EIP) address associated with a running instance at no charge.
o    You are charged for each Elastic IP addressed.
o    You can have 5 Elastic IP addresses per region with no charge.
o    Elastic IP addresses can always be used with no charge.
Correct

7.    7. Question
1 points
Category: Networks
EC2 role
o    Launch an instance with an AWS Identity and Aceess Management (IAM) role to restrict AWS API access for the instance.
o    Pass access AWS credentials in the User Data field when the instance is launched.
o    Setup an IAM group with restricted AWS API access and put the instance in the group at launch.
o    Setup an IAM user for the instance to restrict access to AWS API and assign it at launch.
Correct

8.   8. Question
1 points
Category: Data Management
A startup company hired you to help them build a mobile application, that will ultimately store billions of images and videos in Amazon Simple Storage Service (S3). The company is lean on funding, and wants to minimize operational costs, however, they have an aggressive marketing plan, and expect to double their current installation base every six months. Due to the nature of their business, they are expecting sudden and large increases in traffic to and from S3, and need to ensure that it can handle the performance needs of their application.

 What other information must you gather from this customer in order to determine whether S3 is the right option?
o    You must know the size of the individual objects being written to S3, in order to properly design the key namespace.
o    You must find out the total number of requests per second at peak usage.
o    In order to build the key namespace correctly, you must understand the total amount of storage needs for each S3 bucket.
o    You must know how many customers the company has today, because this is critical in understanding what their customer base will be in two years.
Correct

B
9.   9. Question
1 points
Category: Data Management
What cli tools does AWS provide
o    AWS CLI.
o    Amazon EC2 CLI.
o    All of the three.
o    AWS Tools for Windows PowerShell.
Correct

All three are provided
10.                   10. Question
1 points
Category: Deployment / Provisioning
Which of the below mentioned steps will not be performed while creating the AMI of instance stored-backend?
o    Define the AMI launch permissions.
o    Upload the bundled volume.
o    Register the AMI.
o    Bundle the volume.
Incorrect

11. 11. Question
1 points
Category: Monitoring / Metrics
The user just started an instance at 3 PM. Between 3 PM to 5 PM, he stopped and started the instance twice. During the same period, he has run the linux reboot command by ssh once and triggered reboot from AWS console once. For how many instance hours will AWS charge this user?
o    4
o    3
o    2
o    5
Incorrect






QUESTION 1

Amazon Redshift is what type of data warehouse service?
·        Gigabyte-scale
·        Exobyte-scale
·        Petabyte-scale
·        Terabyte-scale

YOUR ANSWER - Petabyte-scale
MORE INFORMATION:
Amazon Redshift is a fully-managed, petabyte-scale data warehouse service.

QUESTION 2

What does MPP stand for when referring to the type of architecture Redshift has?
·        massively parallel processing
·        massive protection policy
·        massively parallel policy
·        massive protection processing

YOUR ANSWER - massively parallel processing
MORE INFORMATION:
Redshift has a massively parallel processing architecture that parallelizes and distributes SQL operations to take advantage of available resources.

QUESTION 3

Redshift can provide fast query performance by leveraging _______ storage approaches and technology.
·        key-value
·        database
·        row
·        columnar

YOUR ANSWER - columnar
MORE INFORMATION:
Redshift can provide fast query performance by leveraging columnar storage approaches and technology, much of which is taken from enterprise database technology.

QUESTION 4

Amazon's Redshift data warehouse allows enterprise IT pros to execute ________ against ____ data sets.
·        simple SQL queries / small
·        complex SQL queries / large
·        simple SQL queries / large
·        complex SQL queries / small

YOUR ANSWER - complex SQL queries / large
MORE INFORMATION:
Amazon's Redshift data warehouse allows enterprise IT pros to execute complex SQL queries against large data sets.

QUESTION 5

Redshift was designed to alleviate the frustrating, time-consuming challenges database clusters have imposed on _____ administrators?
·        system
·        database
·        certified
·        privilege

YOUR ANSWER - system
CORRECT ANSWER - database 
MORE INFORMATION:
Redshift was designed to alleviate the frustrating, time-consuming challenges database clusters have imposed on database administrators.

QUESTION 6

True or False: Amazon Redshift is adept at handling data analysis workflows.
·        True
·        False

YOUR ANSWER - undefined
CORRECT ANSWER - True 
MORE INFORMATION:
There currently are two Amazon data warehouse services adept at handling data analysis workflows: Amazon Redshift and Amazon Relational Database Service.

QUESTION 7

Adding nodes to a Redshift cluster provides _______ performance improvements.
·        linear
·        non-linear
·        both
·        neither

YOUR ANSWER - both
MORE INFORMATION:
Adding nodes to a Redshift cluster provides linear or near-linear performance improvements.

QUESTION 8

The preferred way to load data into Redshift is through ______ using the COPY command.
·        Remote hosts
·        Simple Storage Service
·        Elastic MapReduce
·        All of the above

YOUR ANSWER - All of the above
MORE INFORMATION:
The preferred way to load data into Redshift is through remote hosts, Simple Storage Service or Elastic MapReduce using the COPY command. The COPY command executes loads in parallel and has the option to compress data during the load process.

QUESTION 9

Amazon Redshift has how many pricing components?
·        4
·        3
·        2
·        5

YOUR ANSWER - 3
MORE INFORMATION:
Amazon Redshift has three pricing components: data warehouse node hours, backup storage and data transfer.

QUESTION 10

What type of API provides a management interface to manage data warehouse clusters programmatically?
·        Query
·        REST
·        Management
·        SOAP

YOUR ANSWER - Management
CORRECT ANSWER - Query 
MORE INFORMATION:
The Amazon Redshift Query API provides a management interface to manage data warehouse clusters programmatically.

--------------------------------------------------------------------------------------------------------

QUESTION 1

Amazon Web Services falls into which cloud-computing category?
·        Software as a Service (SaaS)
·        Platform as a Service (PaaS)
·        Infrastructure as a Service (IaaS)
·        Back-end as a Service (BaaS)

YOUR ANSWER - Infrastructure as a Service (IaaS)
CORRECT ANSWER - 
AWS is among the largest IaaS vendors.

QUESTION 2

Amazon Elastic Compute Cloud (Amazon EC2) does which of the following?
·        Provides customers with an isolated section of the AWS cloud where they can launch AWS resources in a virtual network that they define.
·        Provides resizable computing capacity in the cloud.
·        Provide a simple web services interface that customers can use to store and retrieve any amount of data from anywhere on the Web.
·        Provides a web service allowing customers to easily set up, operate and scale relational databases in the cloud.

YOUR ANSWER - Provides resizable computing capacity in the cloud.
CORRECT ANSWER - 
AWS describes Amazon EC2 a web service that provides resizable computing capacity in the cloud, allowing customers "to quickly scale capacity, both up and down, as your computing requirements change." 

QUESTION 3

Amazon Glacier is a storage service allowing customers to store data for as little as:
·        1 cent per gigabyte (GB) per month
·        10 cents per GB per month
·        20 cents per GB per month
·        50 cents per GB per month

YOUR ANSWER - 10 cents per GB per month
CORRECT ANSWER - 1 cent per gigabyte (GB) per month  
According to AWS, Amazon Glacier customers can store data for as little as 1 cent per gigabyte per month.

QUESTION 4

Amazon Elastic Beanstalk automates the details of which of the following functions?
·        Capacity provisioning
·        Load balancing
·        Auto-scaling
·        Application deployment
·        All of the above

YOUR ANSWER - All of the above
CORRECT ANSWER - 
According to AWS, Amazon Elastic Beanstalk offers capacity provisioning, load balancing, auto-scaling and application deployment. 

QUESTION 5

All AWS IaaS services are pay-as-you-go.
·        True
·        False

YOUR ANSWER - True
CORRECT ANSWER - 
At this writing, AWS services are pay-as-you-go, with no long-term contracts required and no minimum fees. 

QUESTION 6

When analyst firm IDC interviewed 11 major AWS customers in 2012, researchers found an average five-year return on investment of how much?
·        26%
·        186%
·        626%
·        1,226%

YOUR ANSWER - 186%
CORRECT ANSWER - 626% 
In research commissioned by AWS, IDC researchers found that companies earned an average five-year ROI of 626%. 

QUESTION 7

In the same survey, researchers said the customers' average payback period on their AWS IaaS investments was how long?
·        7 weeks
·        7 months
·        14 months
·        2.5 years

YOUR ANSWER - 14 months
CORRECT ANSWER - 7 months 
IDC researchers found that the average payback period on survey respondents' AWS investments is about 7 months.

QUESTION 8

AWS reaches customers in how many countries?
·        86
·        137
·        182
·        190

YOUR ANSWER - 86
CORRECT ANSWER - 190 
AWS says it serves hundreds of thousands of customers in 190 countries.

QUESTION 9

The investment firm Robert W. Baird & Co. predicts that AWS revenues will reach how much by 2016?
·        $3 billion
·        $10 billion
·        $12 billion
·        $15 billion

YOUR ANSWER - $3 billion
CORRECT ANSWER - $10 billion  
Baird estimates that AWS revenues will reach $10 billion by 2016.

QUESTION 10

Baird also estimates that for every $1 spent on AWS, the traditional IT market loses how much?
·        $1 to $2
·        $2 to $3
·        $3 to $4
·        $4 to $5

YOUR ANSWER - $2 to $3
CORRECT ANSWER - $3 to $4 
Baird estimates that every $1 customers spend on AWS reduces spending on traditional IT services by $3 to $4.


QUESTION 1

Amazon S3 is which type of storage service?
·        Object
·        Block
·        Simple
·        Secure

YOUR ANSWER - Object
CORRECT ANSWER - 
Object storage is more scalable than traditional file system storage, which is typically what users think about when comparing storage to databases for data persistence.

QUESTION 2

Which AWS storage service assists S3 with transferring data?
·        CloudFront
·        AWS Import/Export
·        DynamoDB
·        ElastiCache

YOUR ANSWER - AWS Import/Export
CORRECT ANSWER - 
AWS Import/Export accelerates moving large amounts of data into and out of AWS using portable storage devices. AWS transfers your data directly onto and off of storage devices by using Amazon's internal network and avoiding the Internet.

QUESTION 3

Object storage systems store files in a flat organization of containers called what?
·        Baskets
·        Brackets
·        Clusters
·        Buckets

YOUR ANSWER - Buckets
CORRECT ANSWER - 
Instead of organizing files in a directory hierarchy, object storage systems store files in a flat organization of containers known as buckets in Amazon S3.

QUESTION 4

Amazon S3 offers encryption services for which types of data?
·        data in flight
·        data at relax
·        data at rest
·        data in motion
·        a and c
·        b and d

YOUR ANSWER - data at rest
CORRECT ANSWER - a and c 
Amazon offers encryption services for data at flight and data at rest.

QUESTION 5

Amazon S3 has how many pricing components?
·        4
·        5
·        3
·        2

YOUR ANSWER - 2
CORRECT ANSWER - 3 
Amazon S3 offers three pricing options. Storage (per GB per month), data transfer in or out (per GB per month), and requests (per x thousand requests per month).

QUESTION 6

What does RRS stand for when referring to the storage option in Amazon S3 that offers a lower level of durability at a lower storage cost?
·        Reduced Reaction Storage
·        Redundant Research Storage
·        Regulatory Resources Storage
·        Reduced Redundancy Storage

YOUR ANSWER - Reduced Redundancy Storage
CORRECT ANSWER - 
Non-critical data, such as transcoded media or image thumbnails, can be easily reproduced using the Reduced Redundancy Storage option. Objects stored using the RRS option have less redundancy than objects stored using standard Amazon S3 storage.

QUESTION 7

Object storage systems require less _____ than file systems to store and access files.
·        Big data
·        Metadata
·        Master data
·        Exif data

YOUR ANSWER - Metadata
CORRECT ANSWER - 
Object storage systems are typically more efficient because they reduce the overhead of managing file metadata by storing the metadata with the object. This means object storage can be scaled out almost endlessly by adding nodes.

QUESTION 8

True or False. S3 objects are only accessible from the region they were created in.
·        True
·        False

YOUR ANSWER - False
CORRECT ANSWER - 
While S3 objects are created in a specific region, they can be accessed from anywhere.

QUESTION 9

Amazon S3 offers developers which combination?
·        High scalability and low latency data storage infrastructure at low costs.
·        Low scalability and high latency data storage infrastructure at high costs.
·        High scalability and low latency data storage infrastructure at high costs.
·        Low scalability and high latency data storage infrastructure at low costs.

YOUR ANSWER - High scalability and low latency data storage infrastructure at low costs.
CORRECT ANSWER - 
Amazon S3 offers software developers a reliable, highly scalable and low-latency data storage infrastructure at very low costs. S3 provides an interface that can be used to store and retrieve any amount of data from anywhere on the Web.

QUESTION 10

Why is a bucket policy necessary?
·        To allow bucket access to multiple users.
·        To grant or deny accounts to read and upload files in your bucket.
·        To approve or deny users the option to add or remove buckets.
·        All of the above

YOUR ANSWER - All of the above
CORRECT ANSWER - To grant or deny accounts to read and upload files in your bucket. 
Users need a bucket policy to grant or deny accounts to read and upload files in your bucket. 

1.     Multi-AZ deployment for high availability and provisioned IOPS for fast, consistent performance
INCORRECT: You gave no answer
ANSWER: For databases used in production or pre production you should consider two options
2.     Auto Scaling Group
INCORRECT: You gave no answer
ANSWER: This tells AWS where it can create servers : which launch configuration to use, the minimum and maximum allowed servers in the group, and how to scale up and down.
3.     The automated snapshot will be deleted
INCORRECT: You gave no answer
ANSWER: If you choose not to create a final snapshot for a DB instance what will happen to the automated snapshot associated with the instance?
4.     Placement Groups
INCORRECT: You gave no answer
ANSWER: using these types od groups enables applications to get the full-bisection bandwidth and low-latency network performance required for tightly coupled, node-to-node communication typical of High Performance Computing (HPC) on AWS.
5.     Your ec2 instance
INCORRECT: You gave no answer
ANSWER: This type of storage is a device like a RAM disk physically attached to your virtual server and characteristically it gets completely wiped every reboot

5 Matching questions

1.     An AWS account can have up to ____CloudFront origin access identities.
INCORRECT: No answer given
ANSWER: d100
2.     This type of storage is suitable for temporary storage, but nothing that needs to survive something as simple as a reboot.
INCORRECT: No answer given
ANSWER: bec2 instance
3.     _____ is a web service that gives you access to a ______ that can be used to store messages while waiting for a computer to process them. This allows you to quickly build message queuing applications that can be run on any computer on the internet.
INCORRECT: No answer given
ANSWER: aAmazon SQS is a web service that gives you access to a message queue that can be used to store messages while waiting for a computer to process them. This allows you to quickly build message queuing applications that can be run on any computer on the internet.
4.     You are building a system to distribute confidential training videos to employees. Using CloudFront, what method could be used to serve content that is stored in S3, but not publically accessible from S3 directly?
INCORRECT: No answer given
ANSWER: eCreate an Origin Access Identity known as, OAI for CloudFront and grant access to the objects in your S3 bucket to that OAI.
5.     You can restrict access to S3 content by creating a special Cloudfront user called:
INCORRECT: No answer given
ANSWER: corigin access identiy (OAI) You restrict access to Amazon S3 content by creating an origin access identity, which is a special CloudFront user
1.     aAmazon SQS is a web service that gives you access to a message queue that can be used to store messages while waiting for a computer to process them. This allows you to quickly build message queuing applications that can be run on any computer on the internet.
2.     bec2 instance
3.     corigin access identiy (OAI) You restrict access to Amazon S3 content by creating an origin access identity, which is a special CloudFront user
4.     d100
5.     eCreate an Origin Access Identity known as, OAI for CloudFront and grant access to the objects in your S3 bucket to that OAI.

5 Multiple choice questions

1.     autoscaling group & launch configuration(No Answer)
a.     This tells AWS where it can create servers : which launch configuration to use, the minimum and maximum allowed servers in the group, and how to scale up and down.
b.     These two actions will occur when an EC2 instance in a VPC (Virtual Private Cloud) with an associated Elastic IP is stopped and started
c.     True or false Elastic IPs are sticky until re-assigned
d.     CORRECT: These two items handle replacement of instances when they are configured. Then when an instance fails the health checks,presumably because it is down, it is these two items that will decide whether we now need to add another server to compensate
2.     EBS (Elastic Block Store)(No Answer)
 .       This type of storage is a device like a RAM disk physically attached to your virtual server and characteristically it gets completely wiped every reboot
a.     _____ is a web service that gives you access to a ______ that can be used to store messages while waiting for a computer to process them. This allows you to quickly build message queuing applications that can be run on any computer on the internet.
b.     CORRECT: _____is a service where you buy devices more akin to a hard disk that can be attached to one (and only one -at the time of writing) EC2 instance
c.     for a DB instance the default setting for minor upgrades is set to
3.     enable S3 versioning on the bucket(No Answer)
 .       True or false Elastic IPs are sticky until re-assigned
a.     CORRECT: To protect S3 data from both accidental deletion and accidental overwriting, you should:
b.     What 3 things must you provide the DB instance during setup
c.     for a DB instance the default setting for minor upgrades is set to
4.     infrequently accessed data & data archives.(No Answer)
 .       True or false Elastic IPs are sticky until re-assigned
a.     Define a Placement Group
b.     CORRECT: Amazon Glacier is designed for____ & ______
c.     S3 Versioning means
5.     EBS devices are independent of EC2 instances and by default outlive them (unless configured otherwise). All data on Instance storage however will be lost and also on the root (/dev/sda1) partition of S3 backed servers(No Answer)
 .       CORRECT: EBS devices are ______of EC2 instances and by default _____them (unless configured otherwise). All data on Instance storage however will be lost and also on the root (/dev/sda1) partition of S3 backed servers
a.     These two items handle replacement of instances when they are configured. Then when an instance fails the health checks,presumably because it is down, it is these two items that will decide whether we now need to add another server to compensate
b.     True or false Elastic IPs are sticky until re-assigned
c.     for a DB instance the default setting for minor upgrades is set to

5 True/False questions

1.     You configured ELB to perform health checks on these EC2 instances. If an instance fails to pass health checks what can we assume the ELB will do?  The ELB stops sending traffic to the instance that failed its health check
This is true. You gave no answer.
2.     What 3 things must you provide the DB instance during setup  The DB instance Identifer, the master username, the master password
This is true. You gave no answer.
3.     This storage option is best for storing your EC2 server images (Amazon Machine Images aka AMIs), static content e.g. for a web site, input or output data files (like you've use an SFTP site), or anything that you'd treat like a file.  S3
This is true. You gave no answer.
4.     Define a Placement Group  A placement group is a logical grouping of instances within a single Availability Zone
This is true. You gave no answer.
5.     True or false Elastic IPs are sticky until re-assigned  True Elastic Ips are sticky until the instance or volume they are associated with is deleted
This is true. You gave no answer.