NEW QUESTION 1
In DynamoDB, if you create a table and request 10 units of write capacity and 200 units of read capacity of provisioned throughput, how much would you be charged in US East (Northern Virginia) Region?
A. $0.05 per hour
B. $0.10 per hour
C. $0.03 per hour
D. $0.15 per hour
Answer: A
Explanation:
To understand pricing in DynamoDB, consider the following example. If you create a table and request 10 units of write capacity and 200 units of read capacity of provisioned throughput, you would be charged:
$0.01 + (4 x $0.01) = $0.05 per hour
Reference: http://aws.amazon.com/dynamodb/pricing/
NEW QUESTION 2
You have been doing a lot of testing of your VPC Network by deliberately failing EC2 instances to test whether instances are failing over properly. Your customer who will be paying the AWS bill for all this asks you if he being charged for all these instances. You try to explain to him how the billing works on EC2 instances to the best of your knowledge. What would be an appropriate response to give to the customer
in regards to this?
A. Billing commences when Amazon EC2 AMI instance is completely up and billing ends as soon as the instance starts to shutdown.
B. Billing commences when Amazon EC2 initiates the boot sequence of an AMI instance and billing ends when the instance shuts down. C. Billing only commences only after 1 hour of uptime and billing ends when the instance terminates.
D. Billing commences when Amazon EC2 initiates the boot sequence of an AMI instance and billing ends as soon as the instance starts to shutdown.
Answer: B
Explanation:
Billing commences when Amazon EC2 initiates the boot sequence of an AMI instance. Billing ends when the instance shuts down, which could occur through a web services command, by running “shutdown -h”, or through instance failure.
Reference: http://aws.amazon.com/ec2/faqs/#BiIIing
NEW QUESTION 3
An orgAMzation has 500 employees. The orgAMzation wants to set up AWS access for each department. Which of the below mentioned options is a possible solution?
A. Create IAM roles based on the permission and assign users to each role
B. Create IAM users and provide indMdual permission to each
C. Create IAM groups based on the permission and assign IAM users to the groups
D. It is not possible to manage more than 100 IAM users with AWS
Answer: C
Explanation:
An IAM group is a collection of IAM users. Groups let the user specify permissions for a collection of users, which can make it easier to manage the permissions for those users.
Reference: http://docs.aws.amazon.com/IAM/|atest/UserGuide/Using_WorkingWithGroupsAndUsers.htmI
NEW QUESTION 4
How long can you keep your Amazon SQS messages in Amazon SQS queues?
A. From 120 secs up to 4 weeks
B. From 10 secs up to 7 days
C. From 60 secs up to 2 weeks
D. From 30 secs up to 1 week
Answer: C
Explanation:
The SQS message retention period is configurable and can be set anywhere from 1 minute to 2 weeks. The default is 4 days and once the message retention limit is reached your messages will be automatically deleted. The option for longer message retention provides greater filexibility to allow for longer intervals between message production and consumption.
Reference: https://aws.amazon.com/sqs/faqs/
NEW QUESTION 5
A user is planning to make a mobile game which can be played online or offline and will be hosted on EC2.
The user wants to ensure that if someone breaks the highest score or they achieve some milestone they can inform all their colleagues through email. Which of the below mentioned AWS services helps achieve this goal?
A. AWS Simple Workflow Service.
B. AWS Simple Queue Service.
C. Amazon Cognito
D. AWS Simple Email Servic
Answer: D
Explanation:
Amazon Simple Email Service (Amazon SES) is a highly scalable and cost-effective email-sending service for businesses and developers. It integrates with other AWS services, making it easy to send emails from applications that are hosted on AWS.
Reference: http://aws.amazon.com/ses/faqs/
NEW QUESTION 6
A user is accessing an EC2 instance on the SSH port for IP 10.20.30.40. Which one is a secure way to
configure that the instance can be accessed only from this IP?
A. In the security group, open port 22 for IP 1020.30.40/0
B. In the security group, open port 22 for IP 10.20.30.40/32
C. In the security group, open port 22 for IP 10.20.30.40/24
D. In the security group, open port 22 for IP 10.20.30.40
Answer: B
Explanation:
In AWS EC2, while configuring a security group, the user needs to specify the IP address in CIDR notation. The CIDR IP range 10.20.30.40/32 says it is for a single IP 10.20.30.40. If the user specifies the IP as 10.20.30.40 only, the security group will not accept and ask it in a CIRD format. Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
NEW QUESTION 7
Which one of the following data types does Amazon DynamoDB not support?
A. Arrays
B. String
C. Binary
D. Number Set
Answer: A
Explanation:
Amazon DynamoDB supports the following data types: Scalar data types (like Number, String, and Binary)
Multi-valued types (like String Set, Number Set, and Binary Set). Reference:
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModeI.htmI#DataModeI.Data Types
NEW QUESTION 8
In relation to Amazon SQS, how many queues and messages can you have per queue for each user?
A. Unlimited
B. 10
C. 256
D. 500
Answer: A
Explanation:
Amazon SQS supports an unlimited number of queues and unlimited number of messages per queue for each user. Please be aware that Amazon SQS automatically deletes messages that have been in the queue for more than 4 days.
Reference: https://aws.amazon.com/items/1343?externaIID=1343
NEW QUESTION 9
Regarding Amazon SNS, to begin using Amazon SNS mobile push notifications, you first need that uses one of the supported push notification services: APNS, GCM, or ADM.
A. an access policy for the mobile endpoints
B. to active push notification service of Amazon SNS
C. to know the type of mobile device operating system
D. an app for the mobile endpoints
Answer: D
Explanation:
In Amazon SNS, to begin using Amazon SNS mobile push notifications, you first need an app for the mobile endpoints that uses one of the supported push notification services: APNS, GCM, or ADM. After you’ve registered and configured the app to use one of these services, you configure Amazon SNS to send push notifications to the mobile endpoints.
Reference: http://docs.aws.amazon.com/sns/latest/dg/SNSMobiIePush.htmI
NEW QUESTION 10
How many types of block devices does Amazon EC2 support?
A. 5
B. 1
C. 2
D. 4
Answer: C
Explanation:
Amazon EC2 supports 2 types of block devices. Reference:
http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html
NEW QUESTION 10
ExamKiIIer (with AWS account ID H1122223333) has created 50 IAM users for its orgAMzation’s employees. ExamKiIIer wants to make the AWS console login URL for all IAM users as: https:// examkiI|er.signin.aws.amazon.com/conso|e/. How can this be configured?
A. Create a bucket with the name ExamKiI|er and map it with the IAM alias
B. It is not possible to have capital letters as a part of the alias name
C. The user needs to use Route 53 to map the ExamKiIIer domain and IAM URL
D. For the AWS account, create an alias ExamKiIIer for the IAM login
Answer: B
Explanation:
If a user wants the URL of the AWS IAM sign-in page to have the company name instead of the AWS
account ID, he can create an alias for his AWS account ID. The alias must be unique across all Amazon Webservices products and contain only digits, lowercase letters, and hyphens.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAIias.html
NEW QUESTION 11
Does AWS CIoudFormation support Amazon EC2 tagging?
A. It depends if the Amazon EC2 tagging has been defined in the template.
B. No, it doesn’t support Amazon EC2 tagging.
C. No, CIoudFormation doesn’t support any tagging
D. Yes, AWS CIoudFormation supports Amazon EC2 tagging
Answer: D
Explanation:
In AWS CIoudFormation, Amazon EC2 resources that support the tagging feature can also be tagged in an AWS template. The tag values can refer to template parameters, other resource names, resource attribute values (e.g. addresses), or values computed by simple functions (e.g., a concatenated list of strings). Reference: http://aws.amazon.com/c|oudformation/faqs/
NEW QUESTION 12
An online gaming site asked you if you can deploy a database that is a fast, highly scalable NoSQL database service in AWS for a new site that he wants to build. Which database should you recommend?
A. Amazon Redshift
B. Amazon SimpIeDB
C. Amazon DynamoDB
D. Amazon RDS
Answer: C
Explanation:
Amazon DynamoDB is ideal for database applications that require very low latency and predictable performance at any scale but don’t need complex querying capabilities like joins or transactions. Amazon DynamoDB is a fully-managed NoSQL database service that offers high performance, predictable throughput and low cost. It is easy to set up, operate, and scale.
With Amazon DynamoDB, you can start small, specify the throughput and storage you need, and easily scale your capacity requirements on the fly. Amazon DynamoDB automatically partitions data over a
number of servers to meet your request capacity. In addition, DynamoDB automatically replicates your data synchronously across multiple Availability Zones within an AWS Region to ensure high-availability and data durability.
Reference: https://aws.amazon.com/running_databases/#dynamodb_anchor
NEW QUESTION 16
Regarding Amazon SWF, the coordination logic in a workflow is contained in a software program called a
A. Handler
B. Decider
C. Cordinator
D. Worker
Answer: B
Explanation:
In Amazon SWF, the coordination logic in a workflow is contained in a software program called a decider. The decider schedules actMty tasks, provides input data to the actMty workers, processes events that arrive while the workflow is in progress, and ultimately ends (or closes) the workflow when the objective has been completed.
Reference: http://docs.aws.amazon.com/amazonswf/latest/developerguide/swf-dg-intro-to-swf.html
NEW QUESTION 17
A user has setup an application on EC2 which uses the IAM user access key and secret access key to make secure calls to S3. The user wants to temporarily stop
the access to S3 for that IAM user. What should the root owner do?
A. Delete the IAM user
B. Change the access key and secret access key for the users
C. Disable the access keys for the IAM user
D. Stop the instance
Answer: C
Explanation:
If the user wants to temporarily stop the access to S3 the best solution is to disable the keys. Deleting the user will result in a loss of all the credentials and the app will not be useful in the future. If the user stops the instance IAM users can still access S3. The change of the key does not help either as they are still active. The best possible solution is to disable the keys.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/NIanagingCredentia|s.html
NEW QUESTION 20
A user has launched an EC2 instance and installed a website with the Apache webserver. The webserver is running but the user is not able to access the website from the internet. What can be the possible reason for this failure?
A. The security group of the instance is not configured properly.
B. The instance is not configured with the proper key-pairs.
C. The Apache website cannot be accessed from the internet.
D. Instance is not configured with an elastic I
Answer: A
Explanation:
In Amazon Web Services, when a user has configured an instance with Apache, the user needs to ensure that the ports in the security group are opened as configured in Apache config. E.g. If Apache is running on port 80, the user should open port 80 in the security group.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
NEW QUESTION 23
When you use the AWS Elastic Beanstalk console to deploy a new application you’II need to upload a source bundle and it should .
A. Consist of a single .zip file
B. Consist of a single .war file
C. Consist of a single .zip file or .war file
D. Consist of a folder with all files
Answer: C
Explanation:
When you use the AWS Elastic Beanstalk console to deploy a new application or an application version, you’II need to upload a source bundle. Your source bundle must meet the following requirements: Consist of a single .zip file or .war file
Not exceed 512 MB
Not include a parent folder or top-level directory (subdirectories are fine) Reference:
http://docs.aws.amazon.com/elasticbeanstaIk/latest/dg/using-features.depIoyment.source.html
NEW QUESTION 26
How does Amazon SQS allow multiple readers to access the same message queue without losing messages or processing them many times?
A. By identifying a user by his unique id
B. By using unique cryptography
C. Amazon SQS queue has a configurable visibility timeout.
D. MuItipIe readers can’t access the same message queue
Answer: C
Explanation:
Every Amazon SQS queue has a configurable visibility timeout. For the designated amount of time after a message is read from a queue, it will not be visible to any other reader. As long as the amount of time that it takes to process the message is less than the visibility timeout, every message will be processed and deleted. In the event that the component processing the message fails or becomes unavailable, the message will again become visible to any component reading the queue once the visibility timeout ends. This allows you to have many components all reading messages from the same queue, with each working to process different messages.
Reference: https://aws.amazon.com/sqs/faqs/
NEW QUESTION 31
What does Amazon SQS provide?
A. An asynchronous message queue service.
B. A Simple Query Sewer, managed directly by Amazon Web Services.
C. None of these.
D. A synchronous message queue service.
Answer: A
Explanation:
Amazon SQS stands for Simple Queue Services, and provides a cost-effective way to decouple the components of your application through an asynchronous
message queue service
Reference: http://aws.amazon.com/sqs/
NEW QUESTION 32
Bob is an IAM user who has access to the EC2 services. Admin is an IAM user who has access to all the AWS services including IAM. Can Bob change his password?
A. No, the IAM user can never change the password
B. Yes, provided Admin has given Bob access to change his password
C. Yes, only from AWS CLI
D. Yes, only from the AWS console
Answer: B
Explanation:
The IAM users by default cannot change their password. The root owner or IAM administrator needs to set the policy in the password policy page, which should allow the user to change their password. Once it is enabled, the IAM user can always change their passwords from the AWS console or CLI. Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingUserPwdSeIf.htm|
NEW QUESTION 35
A user has configured ELB. Which of the below mentioned protocols the user can configure for ELB health checks while setting up ELB?
A. All of the options
B. TCP
C. HTTPS
D. SSL
Answer: A
Explanation:
An ELB performs a health check on its instances to ensure that it diverts traffic only to healthy instances. The ELB can perform a health check on HTTP, HTTPS, TCP and SSL protocols.
Reference: http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/Deve|operGuide/Welcome.html
NEW QUESTION 37
A user is part of a group which has a policy allowing him just read only access to EC2. The user is part of another group which has full access to EC2. What happens when the user tries to launch an instance?
A. It will allow the user to launch the instance
B. It will fail since the user has just read only access
C. It will allow or deny based on the group under which the user has logged into EC2
D. It will not allow the user to add to the conflicting groups
Answer: A
Explanation:
The IAM group policy is always aggregated. In this case, if the user does not have permission for one group, but has permission for another group, he will have full access to EC2. Unless there is specific deny policy, the user will be able to access EC2.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/PoIiciesOverview.htmI
NEW QUESTION 38
can be used to bootstrap both the Chef Server and Chef Client software on your EC2 instances.
A. AWS CIoudFormation
B. AWS Elastic Beanstalk
C. AWS OpsWorks
D. Amazon Glacier
Answer: A
Explanation:
AWS CIoudFormation can be used to bootstrap both the Chef Server and Chef Client software on your EC2 instances.
Reference: http://aws.amazon.com/c|oudformation/faqs/
NEW QUESTION 39
You cannot access your AWS console, so you revert to using the CLI that you are not familiar with. Which of the following commands is not a valid CLI command for EC2 instances?
A. ec2-allocate-address
B. ec2-attach-internet-gateway
C. ec2-associate-route-table
D. ec2-allocate-interface
Answer: D
Explanation:
You can use the CLI tools to manage your Amazon EC2 resources (such as instances, security groups, and volumes) and your Amazon VPC resources (such as
VPCs, subnets, route tables, and Internet gateways). Before you can start using the tools, you must download and configure them. The following are valid CLI commands for EC2 instances: ec2-accept-vpc-peering-connection
ec2-allocate-address
ec2-assign-private-ip-addresses ec2-associate-address
ec2-associate-dhcp-options ec2-associate-route-table
ec2-attach-internet-gateway
ec2-attach-network-interface (not ec2-allocate-interface) Reference:
http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/command-reference.html
NEW QUESTION 41
An orgAMzation has 20 employees. The orgAMzation wants to give all the users access to the orgAMzation AWS account. Which of the below mentioned options is the right solution?
A. Share the root credentials with all the users
B. Create an IAM user for each employee and provide access to them
C. It is not advisable to give AWS access to so many users
D. Use the IAM role to allow access based on STS
Answer: B
Explanation:
AWS Identity and Access Management is a web service that enables the AWS customers to manage users and user permissions in AWS. The IAM is targeted at orgAMzations with multiple users or systems that use AWS products such as Amazon EC2, Amazon RDS, and the AWS Management Console. With IAM, the orgAMzaiton can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users can access. Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_Introduction.htm|
NEW QUESTION 42
In AWS Elastic Beanstalk, if the application returns any response other than 200 ,OK or there is no response within the configured InactMtyTimeout period, .
A. SQS once again makes the message visible in the queue and available for another attempt at processing
B. SQS waits for another timeout
C. SQS run DeIeteMessagecaII and deletes the message from the queue
D. SQS sends a message to the application with the lVIessageID and pending status
Answer: A
Explanation:
In AWS Elastic Beanstalk, if the application returns any response other than 200, OK or there is no response within the configured InactMtyTimeout period, SQS once again makes the message visible in the queue and available for another attempt at processing.
Reference:
http://docs.aws.amazon.com/elasticbeanstaIk/latest/dg/using-features-managing-env-tiers.htmI#worker-e nviron
NEW QUESTION 43
Which header received at the EC2 instance identifies the port used by the client while requesting ELB?
A. X-Forvvarded-Proto
B. X-Requested-Proto
C. X-Forvvarded-Port
D. X-Requested-Port
Answer: C
Explanation:
The X-Forvvarded-Port request header helps the user identify the port used by the client while sending a request to ELB.
Reference: http://docs.aws.amazon.com/EIasticLoadBalancing/latest/DeveIoperGuide/TerminologyandKeyConcepts. html
NEW QUESTION 47
A user is using an EBS backed instance. Which of the below mentioned statements is true?
A. The user will be charged for volume and instance only when the instance is running
B. The user will be charged for the volume even if the instance is stopped
C. The user will be charged only for the instance running cost
D. The user will not be charged for the volume if the instance is stopped
Answer: B
Explanation:
If a user has launched an EBS backed instance, the user will be charged for the EBS volume even though the instance is in a stopped state. The instance will be charged for the EC2 hourly cost only when it is running.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html
NEW QUESTION 50
A user is trying to configure access with S3. Which of the following options is not possible to provide access to the S3 bucket / object?
A. Define the policy for the IAM user
B. Define the ACL for the object
C. Define the policy for the object
D. Define the policy for the bucket
Answer: C
Explanation:
Amazon S3 offers access policy options broadly categorized as resource-based policies and user policies.
Access policies, such as ACL and resource policy can be attached to the bucket. With the object the user can only have ACL and not an object policy. The user can also attach access policies to the IAM users in the account. These are called user policies.
Reference: http://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html
NEW QUESTION 51
A user has created a new raw EBS volume. The user mounts the volume on the instance to which it is attached. Which of the below mentioned options is a required step before the user can mount the volume?
A. Run a cyclic check on the device for data consistency
B. Create a file system of the volume
C. No step is require
D. The user can directly mount the device
E. Resize the volume as per the original snapshot size
Answer: B
Explanation:
When a user is trying to mount a blank EBS volume, it is required that the user first creates a file system within the volume. Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.htmI
NEW QUESTION 55
A user is launching an AWS RDS with MySQL. Which of the below mentioned options allows the user to configure the INNODB engine parameters?
A. Options group
B. Engine parameters
C. Parameter groups
D. DB parameters
Answer: C
Explanation:
With regard to RDS, the user can manage the configuration of a DB engine by using a DB parameter group. A DB parameter group contains engine configuration values that can be applied to one or more DB instances of the same instance type.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html
NEW QUESTION 60
ExamKiIIer (with AWS account ID 111122223333) has created 50 IAM users for its orgAMzation’s employees. What will be the AWS console URL for these associates?
A. https:// 111122223333.signin.aws.amazon.com/conso|e/
B. https:// signin.aws.amazon.com/consoIe/
C. https://signin.aws.amazon.com/111122223333/conso|e/
D. https://signin.aws.amazon.com/console/111122223333/
Answer: A
Explanation:
When an orgAMzation is using AWS IAM for creating various users and manage their access rights, the IAM user cannot use the login URL http://aws.amazon.com/console to access AWS management console. The console login URL for the IAM user will have AWS account ID of that orgAMzation to identify the IAM user belongs to particular account. The AWS console login URL for the IAM user will be https://
<AWS_Account_|D>.signin.aws.amazon.com/consoIe/. In this case it will be https:// 111122223333.signin.aws.amazon.com/consoIe/ Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAIias.html
NEW QUESTION 62
A user has created a snapshot of an EBS volume. Which of the below mentioned usage cases is not possible with respect to a snapshot?
A. Nlirroring the volume from one AZ to another AZ
B. Launch an instance
C. Decrease the volume size
D. Increase the size of the volume
Answer: C
Explanation:
The EBS snapshots are a point in time backup ofthe volume. It is helpful to move the volume from one AZ to another or launch a new instance. The user can increase the size of the volume but cannot decrease it less than the original snapshot size.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.htmI
NEW QUESTION 66
Which of the following solutions is not supported by DynamoDB:
A. Hash secondary index
B. Local secondary index
C. Hash Primary Key
D. Global secondary index
Answer: A
Explanation:
In DynamoDB, a secondary index is a data structure that contains a subset of attributes from a table, along with an alternate key to support Query operations. DynamoDB supports the following two types of secondary indexes:
Local secondary index is an index that has the same hash key as the table, but a different range key. A local secondary index is “IocaI” in the sense that every partition of a local secondary index is scoped to a table partition that has the same hash key.
Global secondary index is an index with a hash and range key that can be different from those on the table. A global secondary index is considered “gIobaI” because queries on the index can span all of the data in a table, across all partitions.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModeI.html
NEW QUESTION 71
AWS Elastic Beanstalk stores your application files and optionally server log files in .
A. Amazon Storage Gateway
B. Amazon Glacier
C. Amazon EC2
D. Amazon S3
Answer: D
Explanation:
AWS Elastic Beanstalk stores your application files and optionally server log files in Amazon S3. If you are using the AWS Management Console, Git, the AWS Toolkit for Visual Studio, or AWS Toolkit for Eclipse, an Amazon S3 bucket will be created in your account for you and the files you upload will be automatically copied from your local client to Amazon S3. Optionally, you may configure Elastic Beanstalk to copy your server log files every hour to Amazon S3. You do this by editing the environment configuration settings.
Reference: http://docs.aws.amazon.com/elasticbeanstaIk/latest/dg/AWSHowTo.htmI
NEW QUESTION 73
An orgAMzation has created multiple components of a single application for compartmentalization. Currently all the components are hosted on a single EC2 instance. Due to security reasons the orgAMzation wants to implement two separate SSLs for the separate modules although it is already using VPC. How can the orgAMzation achieve this with a single instance?
A. Create a VPC instance which will have both the ACL and the security group attached to it and haveseparate rules for each IP address. B. Create a VPC instance which will have multiple network interfaces with multiple elastic IP addresses.
C. You have to launch two instances each in a separate subnet and allow VPC peering for a single IP.
D. Create a VPC instance which will have multiple subnets attached to it and each will have a separate IP address.
Answer: B
Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user’s AWS account. It enables the user to launch AWS resources into a virtual network that the user has defined. With VPC the user can specify multiple private IP addresses for his instances.
The number of network interfaces and private IP addresses that a user can specify for an instance depends on the instance type. With each network interface the orgAMzation can assign an EIP. This scenario helps when the user wants to host multiple websites on a single EC2 instance by using multiple SSL certificates on a single server and associating each certificate with a specific EIP address. It also helps in scenarios for operating network appliances, such as firewalls or load balancers that have multiple private IP addresses for each network interface.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/MuItipIeIP.html
NEW QUESTION 76
A user has hosted a website on AWS and uses ELB to load balance the multiple instances. The user application does not have any cookie management. How can the user bind the session of the requestor with a particular instance?
A. Bind the IP address with a sticky cookie
B. Create a cookie at the application level to set at ELB
C. Use session synchronization with ELB
D. Let ELB generate a cookie for a specified duration
Answer: D
Explanation:
The key to manage the sticky session is determining how long the load balancer should route the user’s request to the same application instance. If the application has its own session cookie, then the user can set the Elastic Load Balancing to create the session cookie to follow the duration specified by the appIication’s session cookie. If the user’s application does not have its own session cookie, then he can set the Elastic Load Balancing to create a session cookie by specifying his own stickiness duration. Reference: http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/DeveIoperGuide/US_StickySessions.html
NEW QUESTION 80
How can you peek at a message in Amazon SQS?
A. Log the message ID and the receipt handle for your messages and correlate them to confirm when a message has been received and deleted B. Send the message to Amazon S3
C. You can’t
D. Set up a CIoudWatch alarm to auto send you the message
Answer: A
Explanation:
With version 2008-01-01, the PeekMessage action has been removed from Amazon SQS. This functionality was used mainly to debug small systems — specifically to confirm a message was successfully sent to the queue or deleted from the queue.
To do this with version 2008-01-01, you can log the message ID and the receipt handle for your messages and correlate them to confirm when a message has been received and deleted. Reference: https://aws.amazon.com/items/1343?externaI|D=1343
NEW QUESTION 81
In regard to DynamoDB, for which one of the following parameters does Amazon not charge you?
A. Cost per provisioned write units
B. Cost per provisioned read units
C. Storage cost
D. I/O usage within the same Region
Answer: D
Explanation:
In DynamoDB, you will be charged for the storage and the throughput you use rather than for the I/O which has been used.
Reference: http://aws.amazon.com/dynamodb/pricing/
NEW QUESTION 83
A user has configured an automated backup between 5 AM — 5:30 AM for the MySQL RDS DB. Will the performance of RDS get frozen momentarily during a backup?
A. No
B. Yes, only if the instance size is smaller than large size
C. Yes, provided it is a single zone implementation
D. Yes, always
Answer: C
Explanation:
Amazon RDS provides two different methods for backing up and restoring the Amazon DB instances. A brief I/O freeze, typically lasting a few seconds, occurs during both automated backups and DB snapshot operations on Single-AZ DB instances.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.BackingUpAndRestoringAmazonR DSInstances.htmI
NEW QUESTION 87
A root AWS account owner has created three IAM users: Bob, John and Michael. Michael is the IAM administrator. Bob and John are not the superpower users, but users with some pre-defined policies. John does not have access to modify his password. Thus, he asks Bob to change his password. How can Bob change John’s password?
A. This statement is fals
B. It should be Michael who changes the password for John
C. It is not possible that John cannot modify his password
D. Provided Bob is the manager of John
E. Provided Michael has added Bob to a group, which has permissions to modify the IAM passwords
Answer: D
Explanation:
Generally with IAM users, the password can be modified in two ways. The first option is to define the IAM level policy which allows each user to modify their own passwords. The other option is to create a group and create a policy for the group which can change the passwords of various IAM users. Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.htmI
NEW QUESTION 92
To scale up the AWS resources using manual AutoScaIing, which of the below mentioned parameters should the user change?
A. Maximum capacity
B. Desired capacity
C. Preferred capacity
D. Current capacity
Answer: B
Explanation:
The Manual Scaling as part of Auto Scaling allows the user to change the capacity of Auto Scaling group. The user can add / remove EC2 instances on the fly. To execute manual scaling, the user should modify the desired capacity. AutoScaIing will adjust instances as per the requirements. If the user is trying to CLI, he can use command as-set-desired-capacity <Auto Scaling Group Name> –desired-capacity <New Capacity>
Reference: http://docs.aws.amazon.com/AutoScaIing/latest/DeveIoperGuide/as-manual-scaling.htmI
NEW QUESTION 95
When working with AWS CIoudFormation Templates what is the maximum number of stacks that you can create?
A. 500
B. 50
C. 20
D. 10
Answer: C
Explanation:
C|oudFormation Limits
Maximum number of AWS CIoudFormation stacks that you can create is 20 stacks. Reference:
http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/cloudformation-Iimits.htmI
NEW QUESTION 96
Which of the following programming languages have an officially supported AWS SDK? Choose 2 answers
A. Perl
B. PHP
C. Pascal
D. Java
E. SQL
Answer: BD
NEW QUESTION 98
Which statements about DynamoDB are true? Choose 2 answers
A. DynamoDB uses a pessimistic locking model
B. DynamoDB uses optimistic concurrency control
C. DynamoDB uses conditional writes for consistency
D. DynamoDB restricts item access during reads
E. DynamoDB restricts item access during writes
Answer: BC
NEW QUESTION 100
Company D is running their corporate website on Amazon S3 accessed from http//www.companyd.com. Their marketing team has published new web fonts to a separate S3 bucket accessed by the S3 endpoint https://s3-us-westl.amazonaws.com/cdfonts. While testing the new web fonts, Company D recognized the web fonts are being blocked by the browser. What should Company D do to prevent the web fonts from being blocked by the browser?
A. Enable versioning on the cdfonts bucket for each web font
B. Create a policy on the cdfonts bucket to enable access to everyone
C. Add the Content-NI D5 header to the request for webfonts in the cdfonts bucket from the website
D. Configure the cdfonts bucket to allow cross-origin requests by creating a CORS configuration
Answer: D
NEW QUESTION 103
If a message is retrieved from a queue in Amazon SQS, how long is the message inaccessible to other users by default?
A. 0 seconds
B. 1 hour
C. 1 day
D. forever
E. 30 seconds
Answer: E
NEW QUESTION 108
Company C is currently hosting their corporate site in an Amazon S3 bucket with Static Website Hosting enabled. Currently, when visitors go to http://www.companyc.com the index.htmI page is returned. Company C now would like a new page weIcome.htmI to be returned when a visitor enters http://www.companyc.com in the browser.
Which of the following steps will allow Company C to meet this requirement? Choose 2 answers
A. Upload an html page named we|come.htm| to their S3 bucket
B. Create a welcome subfolder in their S3 bucket
C. Set the Index Document property to weIcome.htmI
D. Move the index.htmI page to a welcome subfolder
E. Set the Error Document property to weIcome.htmI
Answer: AC
NEW QUESTION 111
Which of the following are valid arguments for an SNS Publish request? Choose 3 answers
A. TopicAm
B. Subject
C. Destination
D. Format
E. Message F.Language
Answer: ABE
NEW QUESTION 115
An application stores payroll information nightly in DynamoDB for a large number of employees across hundreds of offices. Item attributes consist of indMdual name, office identifier, and cumulative daily hours. Managers run reports for ranges of names working in their office. One query is. “Return all Items in this office for names starting with A through E”. Which table configuration will result in the lowest impact on provisioned throughput for this query?
A. Configure the table to have a hash index on the name attribute, and a range index on the office identifier
B. Configure the table to have a range index on the name attribute, and a hash index on the office identifier
C. Configure a hash index on the name attribute and no range index
D. Configure a hash index on the office Identifier attribute and no range index
Answer: B
NEW QUESTION 118
Which features can be used to restrict access to data in S3? Choose 2 answers
A. Use S3 Virtual Hosting
B. Set an S3 Bucket policy.
C. Enable IAM Identity Federation.
D. Set an S3 ACL on the bucket or the object.
E. Create a C|oudFront distribution for the bucket
Answer: CD
NEW QUESTION 120
What AWS products and features can be deployed by Elastic Beanstalk? Choose 3 answers
A. Auto scaling groups
B. Route 53 hosted zones
C. Elastic Load Balancers
D. RDS Instances
E. Elastic IP addresses
F. SQS Queues
Answer: ACD
NEW QUESTION 123
What is the maximum number of S3 Buckets available per AWS account?
A. 100 per region
B. there is no limit
C. 100 per account
D. 500 per account
E. 100 per IAM user
Answer: C
NEW QUESTION 124
When using a large Scan operation in DynamoDB, what technique can be used to minimize the impact of a scan on a tabIe’s provisioned throughput?
A. Set a smaller page size for the scan
B. Use parallel scans
C. Define a range index on the table
D. Prewarm the table by updating all items
Answer: C
NEW QUESTION 128
You run an ad-supported photo sharing website using S3 to serve photos to visitors of your site. At some point you find out that other sites have been linking to the photos on your site, causing loss to your business.
What is an effective method to mitigate this?
A. Store photos on an EBS volume ofthe web server
B. Remove public read access and use signed URLs with expiry dates.
C. Use C|oudFront distributions for static content.
D. Block the IPs of the offending websites in Security Group
Answer: B
NEW QUESTION 129
Games-R-Us is launching a new game app for mobile devices. Users will log into the game using their existing Facebook account and the game will record player data and scoring information directly to a DynamoDB table.
What is the most secure approach for signing requests to the DynamoDB API?
A. Create an IAM user with access credentials that are distributed with the mobile app to sign the requests
B. Distribute the AWS root account access credentials with the mobile app to sign the requests
C. Request temporary security credentials using web identity federation to sign the requests
D. Establish cross account access between the mobile app and the DynamoDB table to sign the requests
Answer: C
NEW QUESTION 132
What happens, by default, when one of the resources in a CIoudFormation stack cannot be created?
A. Previously-created resources are kept but the stack creation terminates.
B. Previously-created resources are deleted and the stack creation terminates.
C. The stack creation continues, and the final results indicate which steps failed.
D. CIoudFormation templates are parsed in advance so stack creation is guaranteed to succee
Answer: B
amazon.certforall.aws-certified-developer-associate.brain.dumps.2021-oct-29.by.maximilian.256q.vce
Source : https://www.dumpscollection.net/dumps/AWS-Certified-Developer-Associate/