Question 43

A user has enabled the automated backup, but not specified the backup window. What will RDS do in this case?

Correct Answer:C
If the user does not specify a preferred backup window while enabling an automated backup, Amazon RDS assigns a default 30-minute backup window which is selected at random from an 8-hour block of
time per region. Reference:
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.BackingUpAndRestoringAmazonR DSInstances.htmI

Question 44

A user is accessing an EC2 instance on the SSH port for IP 10.20.30.40. Which one is a secure way to
configure that the instance can be accessed only from this IP?

Correct Answer:B
In AWS EC2, while configuring a security group, the user needs to specify the IP address in CIDR notation. The CIDR IP range 10.20.30.40/32 says it is for a single IP 10.20.30.40. If the user specifies the IP as 10.20.30.40 only, the security group will not accept and ask it in a CIRD format.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html

Question 45

What is one key difference between an Amazon EBS-backed and an instance-store backed instance?

Correct Answer:B

Question 46

A user has created a MySQL RDS instance. Which of the below mentioned options is mandatory to configure while creating an instance?

Correct Answer:A
When creating an RDS instance, the user needs to specify whether it is Nlulti AZ or not. If the user does not provide the value for the zone, the maintenance window or automated backup window, RDS will automatically select the value.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.lV|u|tiAZ.htmI

Question 47

An orgAMzation is setting up their website on AWS. The orgAMzation is working on various security measures to be performed on the AWS EC2 instances. Which of the below mentioned security mechAMsms will not help the orgAMzation to avoid future data leaks and identify security weaknesses?

Correct Answer:D
AWS security follows the shared security model where the user is as much responsible as Amazon. Since Amazon is a public cloud it is bound to be targeted by hackers. If an orgAMzation is planning to host their application on AWS EC2, they should perform the below mentioned security checks as a measure to find any security weakness/data leaks:
Perform penetration testing as performed by attackers to find any vulnerability. The orgAMzation must take an approval from AWS before performing penetration testing
Perform hardening testing to find if there are any unnecessary ports open Perform SQL injection to find any DB security issues
The code memory checks are generally useful when the orgAMzation wants to improve the application performance.
Reference: http://aws.amazon.com/security/penetration-testing/

Question 48

In Amazon SNS, to send push notifications to mobile devices using Amazon SNS and ADM, you need to obtain the following, except:

Correct Answer:C
To send push notifications to mobile devices using Amazon SNS and ADM, you need to obtain the following: Registration ID and Client secret.
Reference: http://docs.aws.amazon.com/sns/latest/dg/SNSMobiIePushPrereq.htmI

START AWS-Certified-Developer-Associate EXAM