AWS Expert Quiz

AWS Quiz : This Amazon Web Services Expert Quiz contains set of 77 AWS Quiz which will help to clear any any exam which is designed for Expert.



1) Is it possible to remove object automatically from s3 after a specified period of time

1. Yes, By integrating with Glacier
2. Yes, By using Verisioning
3. No, We need to manually delete each object
4. Yes, using the object expiration rule

Show Answer

2) Your VPC CIDR is 10.0.0.0/23. It has two subnets. One public subnet contains a NAT instance. The route table associated to one of the subnets has the following entries:
10.0.0.0/23 -> local ;
0.0.0.0/0 -> nat-instance-ID
Which of the following is true about this subnet?

1. The instances in the subnet can communicate with instances in the other subnets of the same VPC
2. The instances in the subnet cannot communicate with the Internet
3. The instances in the subnet can communicate with the instances in the peered VPC.
4. The instances in the subnet cannot communicate with other instances in the other subnets of the same vpc

Show Answer

3) Company ABC is hosting images on their website which are being misused by an anonymous internet user from a different geographical location. What should ABC do to transfer images securely to their customers?

1. Create an IAM role with access only to the bucket and assign to the users
2. Mark the bucket private and allow access only through signed URLs
3. Edit the bucket policy to allow access only from a specific geographic location
4. Serve the content from cloudfront distribution

Show Answer

4) You have written a cloud formation template that created one load balancer fronting 2 EC2 instances. Which section of the template should you edit so that it returns the DNS of the elastic load balancer upon creation.

1. Mappings
2. Parameters
3. Outputs
4. Resources

Show Answer

5) What action is required to establish an IPSec VPN connection between on-premise datacenter and a Virtual Private Gateway (VGW) attached to the VPC?

1. Use a dedicated NAT instance in the public subnet
2. Create a Customer Gateway with Internet Routable IP Address
3. Establish a dedicated network connection using Amazon Direct Connect
4. Modify the main route table to allow traffic through the NAT instance

Show Answer

6) Static websites can be hosted in AWS using

1. Simple Storage Service
2. Elastic Block Store
3. Elastic Load Balancer
4. All of the above

Show Answer

7) For a server in VPC to have internet access, the following are required:

1. Internet Gateway attached to the subnet in the VPC
2. Elastic IP attached to the server
3. Outbound traffc allowed to 0.0.0.0/0 over required ports
4. Inbound traffic allowed on the server from 0.0.0.0/0 over required ports

 

1. 1, 2 and 3
2. 1, 3 and 4
3. 2, 3 and 4
4. D 1, 2, 3 and 4

Show Answer

8) A VPC is configured in AWS with hardware VPN back into on-premise. All inbound ports are open in the security group attached to an instance in the VPC but still it cannot be reached from an on-premise server over a certain port. Which component of the VPC has to be checked

1. Network Access Control list
2. Route Table
3. VPN gateway
4. Both A and B

Show Answer

9) VPC Peering is transtive in nature

1. True
2. False

Show Answer

10) AN instance is launched into the public subnet of the VPC. Which of the following must be done in order to allow it to connect to internet?

1. Launch a NAT instance and pass all traffic to it.
2. It can connect to the internet.
3. Attach an elastic IP in case it does not have a public IP already.
4. Make an entry in the route table, pasing traffic outside if the VPC to the NAT instance

Show Answer

11) Company ABC is working with SQS. He has premier customers and regular customers. Request of the premier customer should be attended first. What architecture will you follow to achieve the above conditions.

1. Use one queue and configure ec2 instances to take premier customers request first
2. Use priority queue service of SQS
3. Cannot arcitect such a condition
4. Use 2 different queue, one for the regular customer and one for priority customer.

Show Answer

12) Organization DEF has EC2 instances created and running at 04:15 PM and 04:30 PM respectively in us-east-1a availabilityzone. They have an autoscaling group configured which started one instance in a different availability zone at 08:45 PM due to a surge in load. At 09:00PM, the load reduces below autoscaling threshold. WHich instance would get terminated in case of default autoscaling termination policy?

1. Instance created at 04:15 PM
2. Instance created at 08:45 PM
3. One instance from us-east-1a availability zone is terminated at random
4. Instance created at 04:30 PM

Show Answer

13) Which service in Amazon allows you to create and delete stacks of AWS resources which are defined in templates?

1. Cloudfront
2. Redhift
3. Cloud Formation
4. Route 53

Show Answer

14) Customer’s mandatory requirement is to encrypt his data on S3 at REST. How would you do it?

1. S3 server side encryption with KMS
2. S3 server side encryption with the keys that the customer provides you
3. AWS ensures that all the data uploaded to S3 is encrypted.
4. CloudTrail would ensure encryption of the data.

Show Answer

15) For what are you charged for in CloudFormation

1. Per template created
2. No additional charges aside from the resources created
3. Per hour the stack is running
4. Per hour Cloudformation is used

Show Answer

16) Amazon Glacier should be preferred over Amazon S3 in which of these cases?

1. You need better durability of data
2. You need low latency
3. You need faster access times
4. Low cost is important and data is accessed rarely

Show Answer

17) A company is working with chef and they are now coming on he cloud using AWS,. They want to run their chef recipe which AWS service they should use?

1. App Stream
2. Direct Connect
3. Opswork
4. Elastic Beanstalk

Show Answer

18) How are messages accessed in Amazon SQS?

1. LIFO (last in first out)
2. FIFO ( first in first out)
3. Depends on application design
4. Round Robin

Show Answer

19) Which of the following cannot be configured as a Load Balancer protocol in AWS Elastic Load Balancer?

1. TCP
2. SSL
3. TCP
4. UDP

Show Answer

20) Which one of the following is allowed licensing scheme for SQL Server in Relational Database Service

1. License Included
2. Bring Your Own License
3. All of the above
4. None of the above

Show Answer

21) Which of the following is charged by AWS?

1. Data Transfer into S3
2. Data Transfer from S3
3. A and B both
4. Neither A nor B

Show Answer

22) Which of the following properties is not mandatory to be defined for an Auto Scaling Group?

1. Maximum Size
2. Minimum Size
3. Desired Capacity
4. None of the above

Show Answer

23) AWS Elastic Load Balancer logs can be pushed to

1. A S3 Bucket
2. An EBS Volume
3. A RDS Instance
4. CloudWatch

Show Answer

24) AWS RDS read replica is not available for which DB Engine

1. MySQL
2. Oracle
3. PostgreSQL
4. MariaDB

Show Answer

25) Which property change of an RDS Instance does not involve an Outage when ApplyImmediately flag is set?

1. Storage Class
2. Allocated Storage
3. Instance Class
4. Security Groups

Show Answer

26) Encrypted Snapshots can be shared between AWS Accounts

1. TRUE
2. FALSE

Show Answer

27) A company has decided to leverage the web conferencing services provided by a cloud provider and to pay for those services as they are used. The cloud provider manages the infrastructure and any application upgrades. This is an example of what type of cloud delivery model?

1. Platform as a Service
2. Software as a Service
3. Application as a Service
4. Infrastructure as a Service

Show Answer

28) Which customer scenario best fits a deployment on a public cloud?

1. A customer whose IT infrastructure is underutilized.
2. A customer who deals with highly sensitive user information.
3. A customer who does not have the IT infrastructure to handle variable system load.
4. A customer who is not too concerned about security control over their data, and the system load is almost a constant at all times.

Show Answer

29) A company operates data centers in two different regions. Energy costs for one of the data centers increases during the warmer, summer months. The company already uses server virtualization techniques in order to consolidate the total number of required resources. How might the company further reduce operating costs at this data center?

1. The company can shut down the data center in the summer season.
2. The company does not need to do anything because they are already using server virtualization techniques.
3. The company can leverage provisioning to optimize the availability of their environments in the summer season.
4. The company can further leverage virtualization to easily and quickly move as many assets from the data center in the warmer region to the data center in the cooler region during the summer season.

Show Answer

30) Does Amazon S3 (Simple Storage Service) provide read-after-write consistency?

1. No, not for any region
2. Yes, but only for certain regions
3. Yes, but only for certain regions and for new objects
4. Yes, in all regions for new objects added

Show Answer

31) What is the maximum size of a single S3 (Simple Storage Service) object?

1. There is no such Limit
2. 5 TB
3. 5 GB
4. 100 GB

Show Answer

32) Is data stored in S3 (Simple Storage Service)  is always encrypted?

1. Yes, S3 always encrypts data for security
2. No, there is no such feature
3. Yes, but only when right APIs are called
4. Yes, but only in Gov Cloud datacenters

Show Answer

33) What is true for S3 (simple Storage Service) buckets (select multiple if more than one is true)?

1. Bucket namespace is shared and is global among all AWS users
2. Bucket names can contain alpha numeric characters
3. Bucket are associated with a region, and all data in a bucket resides in that region
4. All of the above

Show Answer

34) EBS can always tolerate an Availability Zone failure?

1. No, EBS volumes are stored in a single Availability Zone
2. Yes, EBS volume has multiple copies so it should be fine
3. Depends on how it is setup
4. Depends on the Region where EBS volume is initiated

Show Answer

35) In VPCs with private and public subnets, database servers should ideally be launched into:

1. The public subnet
2. The private subnet
3. Either of them
4. Not recommended, they should ideally be launched outside VPC

Show Answer

36) An instance is connected to an ENI (Elastic Network Interface) in one subnet. What happens when you attach an ENI of a different subnet to this instance?

1. The instance follows the rules of the older subnet
2. The instance follows the rules of both the subnets
3. The instance follows the rules of the newer subnet
4. Not possible cannot be connected to 2 ENIs

Show Answer

37) When an ELB (Elastic Load Balancer) is setup, what is the best way to route a website’s traffic to it?

1. Resolve the ELB name to an ip address and point the website to that ip address
2. Generate a CNAME record for the website pointing to the DNS name of the ELB
3. Use Route53 network.
4. Attach additional ENI to ELB to communicate with Application Web server

Show Answer

38) How can we protect accidental termination of our instances?

1. By using “Enable termination protection” option
2. By using security group and disabling remote access to instances
3. By using “Change shutdown behavior” option
4. We can not prevent accidental termination

Show Answer

39) Is it possible to create an AMI (Amazon Machine Image) while an instance is running?

1. Yes, if only “no reboot” option is checked
2. No, instance should be stopped and rebooted
3. Yes, AMI can be created without any change
4. Yes, only if it is Linux instance

Show Answer

40) Is it possible to change an instance type after it has been created?

1. Instance type cannot be changed
2. Type can be changed if it has an instance store volume root device and the instance is in stopped state
3. Type can be changed if it has an EBS store volume root device and the instance is in stopped state
4. Instance type can be changed while the instance is running.

Show Answer

41) How can an instance be copied to another region?

1. By creating an AMI and copy it to another region
2. There is no way to copy an instance to another region
3. By stopping instance and using copy option
4. By detaching root volume & re-attach it to new instance in other region

Show Answer

42) How can you change the instance type used in Auto Scaling Group?

1. As Group should be deleted and recreated
2. Instances should be stopped and then type can be changed
3. A new launch configuration with a new instance type should be created and attached to AS group
4. It is not possible to change the instance type

Show Answer

43) Which protocol is not supported when using with Route 53 health check?

1. HTTP
2. HTTPS
3. TCP
4. UDP

Show Answer

44) Which type of volume is suited for use as boot volume?

1. Standard volume
2. Provisioned IOPS volume
3. Ephemeral instance store volume
4. None of the above

Show Answer

45) If any change is made to a security group rule, when are these changes effective?

1. Changes will be effective after 5 minutes
2. Changes are automatically applied after a short period
3. Changes will be effective after rebooting the instances in that security group
4. Security group cannot be changed, instead new group be created & assign it to an instance

Show Answer

46) What types of servers are used to send messages within Amazon SQS (Simple Queue Service)?

1. Requesting server/worker server
2. Alternating server/planner server
3. Performance server/slacker server
4. Available server/negative server

Show Answer

47) Amazon SQS (Simple Queue Service) allows users to transmit any amount of data through the Web without ____________  responsibility

1. Managerial
2. Requesting
3. Administrative
4. Solicited

Show Answer

48) A _____ letter queue is a queue that other queues can target to send messages that could not be processed successfully

1. Broken
2. Maimed
3. Dead
4. Fixed

Show Answer

49) Amazon SQS (Simple Queue Service) is optimized for ______ scalability, not for single-threaded sending or receiving speeds.

1. Lateral
2. Parallel
3. Frontal
4. Horizontal

Show Answer

50) With Amazon _________, developers can monitor metrics for Amazon SQS (Simple Queue Service) and trigger an alarm when a threshold is reached

1. CloudWatch
2. CloudFront
3. CloudFormation
4. CloudSearch

Show Answer

51) Amazon Elastic MapReduce falls under the _______________ and Amazon EC2 falls under the ___________ cloud service model.

1. Saas and PaaS
2. Both SaaS
3. Both IaaS
4. PaaS and IaaS

Show Answer

52) The number of SSL certificates supported by an ELB (Elastic Load Balancer)  at a given time is

1. 2
2. 3
3. 0
4. 1

Show Answer

53) S3 (Simple Storage Service) has an SLA of 99.5% availability” and “S3 has 99.999999999% durability”

1. False, True
2. False, False
3. True, False
4. True, True

Show Answer

54) ElastiCache is a web service that makes it easy to setup, operate and scale  a relational database in the cloud

1. True
2. False

Show Answer

55) What is the SLA provided by Amazon Web Services for availability of EC2 services?

99. 99.97%
100. 99.95%
101. 99.99%
102. 99.98%

Show Answer

56) Which of the following statements not suitable to S3 (Simple Storage Service)?

1. Very fast
2. Within single datacenter
3. Within multiple datacenters
4. Accessible from the net

Show Answer

57) What AWS (Amazon Web Service) is used to provide service from virtual instances running in multiple availability zones?

1. ElastiCache
2. Elastic Load Balancing
3. Route 53
4. CloudFront

Show Answer

58) Which of the following statement is true about  “S3” (Simple Storage Service)

1. Read Many, Write Many
2. Write Many, Read Once
3. Write Once, Read Many
4. Write Once, Read Once

Show Answer

59) Which one of the below is not an AWS pricing model?

1. Reserved Instance
2. On Demand Instance
3. Available Instance
4. Spot Instance

Show Answer

60) What are the essential steps in creating a virtual machine?

1. Select a machine image to run, size of virtual machine & security credentials
2. Select size of virtual machine, security credentials & application set to run
3. Select a machine image, attach an Elastic IP & network details to operate
4. None of the above

Show Answer

61) What terminology is used by AWS to describle their highly available & scalable domain name system?

1. DNS 53
2. AWS 53
3. Network 53
4. Route 53

Show Answer

62) Edge locations form part of CloudFront as AWS Service as they help to deliver content across global locations

1. True
2. False

Show Answer

63) Identity & Access Management (IAM) controls the following

1. Deployment
2. User groups
3. User Permissions
4. All of the above

Show Answer

64) In AWS, Object Storage Systems store files in a flat organization of containers called as  ___________

1. Baskets
2. Brackets
3. Clusters
4. Buckets

Show Answer

65) Applications running on one Cloud can be migrated to another cloud.

1. a True
2. b False

Show Answer

66) A company runs a virtualized web-application server in house. They decided to make this application accessible over internet through a cloud provider. Which of the following method represents a quickest way to accomplish this?

1. a create a new cloud server, install web services & configure web applications
2. b create a new cloud server, install web services & import web application data
3. c Migrate in-house web application server to cloud
4. d This cannot be done

Show Answer

67) For which businesses would cloud computing be best suited for?

1. a A financial institution or bank
2. Rural medical center with 4 employees
3. c Law enforcement agency
4. d a new start-up compony that manufactures watercraft

Show Answer

68) A software developer of a company decides to build & test a web application in a cloud environment. Which type of the following cloud service best suited for this requirement?

1. a PaaS
2. SaaS
3. c laaS
4. d XaaS

Show Answer

69) You are linking your company’s Microsoft Active Directory user accounts to your cloud provider for federated identity management. What type of configuration must you create within your company

1. a Identity trust
2. b XML provider
3. c Relying party trust
4. d JSON provider

Show Answer

70) Your public cloud environment is configured such that additional cloud storage is allocated to a virtual server when the used disk space on that server reaches more than 80 percent of disk capacity. Which term best describes this configuration?

1. a Elasticity
2. b Automation
3. c Self-service
4. d Disk latency

Show Answer

71) Which of the following allows cloud customers to move web services or data between cloud providers?

1. Vendor-lock-in
2. b Self-service
3. c Standardization
4. d Automation

Show Answer

72) Which term best describes the ability to rapidly increase user accounts for given cloud service?

1. a Volatility
2. Synchronicity
3. c viability
4. d Elasticity

Show Answer

73) What are the three authentication options offered by AWS?

1. a Username and password, certificate, access keys
2. b Access monitoring, password, locking systems
3. c Access keys, system monitoring, password
4. Access keys, hardware locking, password

Show Answer

74) Which is a recommended way to protect Access Keys?

1. a Train developers how to better protect their access keys
2. b Define IAM policies.
3. c Enable CloudWatch notifications.
4. d All of the above

Show Answer

75) Which is Amazon Web Services’ newest encryption tool?

1. a AWS Identity and Access Management
2. b Amazon Elastic Block Storage Encryption
3. c Amazon S3
4. None of the above

Show Answer

76) What can happen if a hacker gets a hold of your account key?

1. a Accounts can be hacked
2. b Servers may be terminated.
3. c Data may be deleted.
4. d All of the above

Show Answer

77) Which storage service provides encryption services for both data in flight and data at rest?

1. a Dynamo DB
2. b Relational Database Service (RDS)
3. c Simple Storage Service (S3)
4. Elastic Block Storage

Show Answer