Free preview mode
Enjoy the free questions and consider upgrading to gain full access!
AWS Certified Solutions Architect - Professional
Free trial
Verified
Question 76
An organization (account ID 123412341234) has configured the IAM policy to allow the user to modify his credentials.
What will the below mentioned statement allow the user to perform?
- A: Allow the IAM user to update the membership of the group called TestingGroup
- B: The IAM policy will throw an error due to an invalid resource name
- C: The IAM policy will allow the user to subscribe to any IAM group
- D: Allow the IAM user to delete the TestingGroup
Question 77
You are designing the network infrastructure for an application server in Amazon VPC. Users will access all application instances from the Internet, as well as from an on-premises network. The on-premises network is connected to your VPC over an AWS Direct Connect link.
How would you design routing to meet the above requirements?
- A: Configure a single routing table with a default route via the Internet gateway. Propagate a default route via BGP on the AWS Direct Connect customer router. Associate the routing table with all VPC subnets.
- B: Configure a single routing table with a default route via the Internet gateway. Propagate specific routes for the on-premises networks via BGP on the AWS Direct Connect customer router. Associate the routing table with all VPC subnets.
- C: Configure a single routing table with two default routes: on to the Internet via an Internet gateway, the other to the on-premises network via the VPN gateway. Use this routing table across all subnets in the VPC.
- D: Configure two routing tables: on that has a default router via the Internet gateway, and other that has a default route via the VPN gateway. Associate both routing tables with each VPC subnet.
Question 78
A user has configured EBS volume with PIOPS. The user is not experiencing the optimal throughput.
Which of the following could not be factor affecting I/O performance of that EBS volume?
- A: EBS bandwidth of dedicated instance exceeding the PIOPS
- B: EBS volume size
- C: EC2 bandwidth
- D: Instance type is not EBS optimized
Question 79
How can multiple compute resources be used on the same pipeline in AWS Data Pipeline?
- A: You can use multiple compute resources on the same pipeline by defining multiple cluster objects in your definition file and associating the cluster to use for each activity via its runs On field.
- B: You can use multiple compute resources on the same pipeline by defining multiple cluster definition files
- C: You can use multiple compute resources on the same pipeline by defining multiple clusters for your activity.
- D: You cannot use multiple compute resources on the same pipeline.
Question 80
The two policies that you attach to an IAM role are the access policy and the trust policy. The trust policy identifies who can assume the role and grants the permission in the AWS Lambda account principal by adding the _______ action.
- A: aws:AssumeAdmin
- B: lambda:InvokeAsync
- C: sts:InvokeAsync
- D: sts:AssumeRole
Question 81
The MySecureData company has five branches across the globe. They want to expand their data centers such that their web server will be in the AWS and each branch would have their own database in the local data center. Based on the user login, the company wants to connect to the data center.
How can MySecureData company implement this scenario with the AWS VPC?
- A: Create five VPCs with the public subnet for the app server and setup the VPN gateway for each VPN to connect them individually.
- B: Use the AWS VPN CloudHub to communicate with multiple VPN connections.
- C: Use the AWS CloudGateway to communicate with multiple VPN connections.
- D: It is not possible to connect different data centers from a single VPC.
Question 82
One of your AWS Data Pipeline activities has failed consequently and has entered a hard failure state after retrying thrice.
You want to try it again. Is it possible to increase the number of automatic retries to more than thrice?
- A: Yes, you can increase the number of automatic retries to 6.
- B: Yes, you can increase the number of automatic retries to indefinite number.
- C: No, you cannot increase the number of automatic retries.
- D: Yes, you can increase the number of automatic retries to 10.
Question 83
True or False: In Amazon ElastiCache replication groups of Redis, for performance tuning reasons, you can change the roles of the cache nodes within the replication group, with the primary and one of the replicas exchanging roles.
- A: True, however, you get lower performance.
- B: FALSE
- C: TRUE
- D: False, you must recreate the replication group to improve performance tuning.
Question 84
How much memory does the cr1.8xlarge instance type provide?
- A: 224 GB
- B: 124 GB
- C: 184 GB
- D: 244 GB
Question 85
How many cg1.4xlarge on-demand instances can a user run in one region without taking any limit increase approval from AWS?
- A: 20
- B: 2
- C: 5
- D: 10
Question 86
Regarding Amazon SNS, you can send notification messages to mobile devices through any of the following supported push notification services, EXCEPT:
- A: Microsoft Windows Mobile Messaging (MWMM)
- B: Google Cloud Messaging for Android (GCM)
- C: Amazon Device Messaging (ADM)
- D: Apple Push Notification Service (APNS)
Question 87
You want to define permissions for a role in an IAM policy. Which of the following configuration formats should you use?
- A: An XML document written in the IAM Policy Language
- B: An XML document written in a language of your choice
- C: A JSON document written in the IAM Policy Language
- D: JSON document written in a language of your choice
Question 88
You control access to S3 buckets and objects with:
- A: Identity and Access Management (IAM) Policies.
- B: Access Control Lists (ACLs).
- C: Bucket Policies.
- D: All of the above
Question 89
IAM Secure and Scalable is an organization which provides scalable and secure SAAS to its clients. They are planning to host a web server and App server on
AWS VPC as separate tiers. The organization wants to implement the scalability by configuring Auto Scaling and load balancer with their app servers (middle tier) too.
Which of the below mentioned options suits their requirements?
- A: Since ELB is internet facing, it is recommended to setup HAProxy as the Load balancer within the VPC.
- B: Create an Internet facing ELB with VPC and configure all the App servers with it.
- C: The user should make ELB with EC2-CLASSIC and enable SSH with it for security.
- D: Create an Internal Load balancer with VPC and register all the App servers with it.
Question 90
True or False: Amazon ElastiCache supports the Redis key-value store.
- A: True, ElastiCache supports the Redis key-value store, but with limited functionalities.
- B: False, ElastiCache does not support the Redis key-value store.
- C: True, ElastiCache supports the Redis key-value store.
- D: False, ElastiCache supports the Redis key-value store only if you are in a VPC environment.
Question 91
Which of the following is NOT an advantage of using AWS Direct Connect?
- A: AWS Direct Connect provides users access to public and private resources by using two different connections while maintaining network separation between the public and private environments.
- B: AWS Direct Connect provides a more consistent network experience than Internet-based connections.
- C: AWS Direct Connect makes it easy to establish a dedicated network connection from your premises to AWS.
- D: AWS Direct Connect reduces your network costs.
Question 92
An organization is setting up an application on AWS to have both High Availability (HA) and Disaster Recovery (DR). The organization wants to have both
Recovery point objective (RPO) and Recovery time objective (RTO) of 10 minutes.
Which of the below mentioned service configurations does not help the organization achieve the said RPO and RTO?
- A: Take a snapshot of the data every 10 minutes and copy it to the other region.
- B: Use an elastic IP to assign to a running instance and use Route 53 to map the user's domain with that IP.
- C: Create ELB with multi-region routing to allow automated failover when required.
- D: Use an AMI copy to keep the AMI available in other regions.
Question 93
An organization is having an application which can start and stop an EC2 instance as per schedule. The organization needs the MAC address of the instance to be registered with its software. The instance is launched in EC2-CLASSIC.
How can the organization update the MAC registration every time an instance is booted?
- A: The organization should write a boot strapping script which will get the MAC address from the instance metadata and use that script to register with the application.
- B: The organization should provide a MAC address as a part of the user data. Thus, whenever the instance is booted the script assigns the fixed MAC address to that instance.
- C: The instance MAC address never changes. Thus, it is not required to register the MAC address every time.
- D: AWS never provides a MAC address to an instance; instead the instance ID is used for identifying the instance for any software registration.
Question 94
Does Amazon RDS API provide actions to modify DB instances inside a VPC and associate them with DB Security Groups?
- A: Yes, Amazon does this but only for MySQL RDS.
- B: Yes
- C: No
- D: Yes, Amazon does this but only for Oracle RDS.
Question 95
An organization is setting up a backup and restore system in AWS of their in premise system. The organization needs High Availability(HA) and Disaster Recovery
(DR) but is okay to have a longer recovery time to save costs.
Which of the below mentioned setup options helps achieve the objective of cost saving as well as DR in the most effective way?
- A: Setup pre-configured servers and create AMIs. Use EIP and Route 53 to quickly switch over to AWS from in premise.
- B: Setup the backup data on S3 and transfer data to S3 regularly using the storage gateway.
- C: Setup a small instance with AutoScaling; in case of DR start diverting all the load to AWS from on premise.
- D: Replicate on premise DB to EC2 at regular intervals and setup a scenario similar to the pilot light.
Question 96
By default, what is the maximum number of Cache Nodes you can run in Amazon ElastiCache?
- A: 20
- B: 50
- C: 100
- D: 200
Question 97
Does an AWS Direct Connect location provide access to Amazon Web Services in the region it is associated with as well as access to other US regions?
- A: No, it provides access only to the region it is associated with.
- B: No, it provides access only to the US regions other than the region it is associated with.
- C: Yes, it provides access.
- D: Yes, it provides access but only when there's just one Availability Zone in the region.
Question 98
Which of the following components of AWS Data Pipeline specifies the business logic of your data management?
- A: Task Runner
- B: Pipeline definition
- C: AWS Direct Connect
- D: Amazon Simple Storage Service 9Amazon S3)
Question 99
The AWS IT infrastructure that AWS provides, complies with the following IT security standards, including:
- A: SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II), SOC 2 and SOC 3
- B: FISMA, DIACAP, and FedRAMP
- C: PCI DSS Level 1, ISO 27001, ITAR and FIPS 140-2
- D: HIPAA, Cloud Security Alliance (CSA) and Motion Picture Association of America (MPAA)
- E: All of the above
Question 100
What feature of the load balancing service attempts to force subsequent connections to a service to be redirected to the same node as long as it is online?
- A: Node balance
- B: Session retention
- C: Session multiplexing
- D: Session persistence
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!