AWS-Solution-Architect-Associate Amazon Exam Questions and Free Practice Test

Question 73

What does RRS stand for when talking about 53?

A. Redundancy Removal System

B. Relational Rights Storage

C. Regional Rights Standard

D. Reduced Redundancy Storage

Correct Answer:D

Question 74

When running my DB Instance as a MuIti-AZ deployment, can I use the standby for read or write operations?

A. Yes

B. Only with MSSQL based RDS

C. Only for Oracle RDS instances

D. No

Correct Answer:D

Question 75

Because of the extensibility limitations of striped storage attached to Windows Server, Amazon RDS does not currently support increasing storage on a _ DB Instance.

A. SQL Server

B. MySQL

C. Oracle

Correct Answer:A

Question 76

Can you specify the security group that you created for a VPC when you launch an instance in EC2-Classic?

A. No, you can specify the security group created for EC2-Classic when you launch a VPC instance.

B. No

C. Yes

D. No, you can specify the security group created for EC2-Classic to a non-VPC based instance onl

Correct Answer:B
If you're using EC2-Classic, you must use security groups created specifically for EC2-Classic. When you launch an instance in EC2-Classic, you must specify a security group in the same region as the instance. You can't specify a security group that you created for a VPC when you launch an instance in
EC2-Classic.
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.htmI#ec2-classic-securit y-groups

Question 77

Your team has a tomcat-based Java application you need to deploy into development, test and production environments. After some research, you opt to use Elastic Beanstalk due to its tight integration with your developer tools and RDS due to its ease of management. Your QA team lead points out that you need to roll a sanitized set of production data into your environment on a nightly basis. Similarly, other software teams in your org want access to that same restored data via their EC2 instances in your VPC .The
optimal setup for persistence and security that meets the above requirements would be the following.

A. Create your RDS instance as part of your Elastic Beanstalk definition and alter its security group to allow access to it from hosts in your application subnets.

B. Create your RDS instance separately and add its IP address to your appIication's DB connection strings in your code Alter its security group to allow access to it from hosts within your VPC's IP address block.

C. Create your RDS instance separately and pass its DNS name to your app's DB connection string as an environment variabl

D. Create a security group for client machines and add it as a valid source for DB traffic to the security group of the RDS instance itself.

E. Create your RDS instance separately and pass its DNS name to your's DB connection string as an environment variable Alter its security group to allow access to It from hosts In your application subnets.

Correct Answer:A

Question 78

A customer enquires about whether all his data is secure on AWS and is especially concerned about Elastic Map Reduce (EMR) so you need to inform him of some of the security features in place for AWS. Which of the below statements would be an incorrect response to your customers enquiry?

A. Amazon ENIR customers can choose to send data to Amazon S3 using the HTTPS protocol for secure transmission.

B. Amazon S3 provides authentication mechanisms to ensure that stored data is secured against unauthorized access.

C. Every packet sent in the AWS network uses Internet Protocol Security (IPsec).

D. Customers may encrypt the input data before they upload it to Amazon S3.

Correct Answer:C
Amazon S3 provides authentication mechanisms to ensure that stored data is secured against unauthorized access. Unless the customer who is uploading the data specifies otherwise, only that customer can access the data. Amazon EMR customers can also choose to send data to Amazon S3
using the HTTPS protocol for secure transmission. In addition, Amazon EMR always uses HTTPS to send data between Amazon S3 and Amazon EC2. For added security, customers may encrypt the input data before they upload it to Amazon S3 (using any common data compression tool); they then need to add a decryption step to the beginning of their cluster when Amazon EMR fetches the data from Amazon S3. Reference: https://aws.amazon.com/elasticmapreduce/faqs/

START AWS-Solution-Architect-Associate EXAM