AWS-Solution-Architect-Associate Amazon Exam Questions and Free Practice Test

Question 97

Does AWS Direct Connect allow you access to all Availabilities Zones within a Region?

A. Depends on the type of connection

B. No

C. Yes

D. Only when there's just one availability zone in a regio

E. If there are more than one, only one availability zone can be accessed directly.

Correct Answer:A

Question 98

You launch an Amazon EC2 instance without an assigned AVVS identity and Access Management (IAM) role. Later, you decide that the instance should be running with an IAM role. Which action must you take in order to have a running Amazon EC2 instance with an IAM role assigned to it?

A. Create an image of the instance, and register the image with an IAM role assigned and an Amazon EBS volume mapping.

B. Create a new IAM role with the same permissions as an existing IAM role, and assign it to the running instance.

C. Create an image of the instance, add a new IAM role with the same permissions as the desired IAM role, and deregister the image with the new role assigned.

D. Create an image of the instance, and use this image to launch a new instance with the desired Lam role assigned.

Correct Answer:D
Reference:http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-usingroIe-ec2instanee.htm|

Question 99

Your company has multiple IT departments, each with their own VPC. Some VPCs are located within the same AWS account, and others in a different AWS account. You want to peer together all VPCs to enable the IT departments to have full access to each others' resources. There are certain limitations placed on VPC peering. Which of the following statements is incorrect in relation to VPC peering?

A. Private DNS values cannot be resolved between instances in peered VPCs.

B. You can have up to 3 VPC peering connections between the same two VPCs at the same time.

C. You cannot create a VPC peering connection between VPCs in different regions.

D. You have a limit on the number active and pending VPC peering connections that you can have per VPC.

Correct Answer:B
To create a VPC peering connection with another VPC, you need to be aware of the following limitations and rules:
You cannot create a VPC peering connection between VPCs that have matching or overlapping CIDR blocks.
You cannot create a VPC peering connection between VPCs in different regions.
You have a limit on the number active and pending VPC peering connections that you can have per VPC. VPC peering does not support transitive peering relationships; in a VPC peering connection, your VPC will not have access to any other VPCs that the peer VPC may be peered with. This includes VPC peering connections that are established entirely within your own AWS account.
You cannot have more than one VPC peering connection between the same two VPCs at the same time. The Maximum Transmission Unit (MTU) across a VPC peering connection is 1500 bytes.
A placement group can span peered VPCs; however, you will not get full-bisection bandwidth between instances in peered VPCs.
Unicast reverse path forwarding in VPC peering connections is not supported.
You cannot reference a security group from the peer VPC as a source or destination for ingress or egress rules in your security group. Instead, reference CIDR blocks of the peer VPC as the source or destination of your security group's ingress or egress rules.
Private DNS values cannot be resolved between instances in peered VPCs. Reference:
http://docs.aws.amazon.com/AmazonVPC/Iatest/PeeringGuide/vpc-peering-overview.htmI#vpc-peering-Ii mitations

Question 100

A user is currently building a website which will require a large number of instances in six months, when a demonstration of the new site will be given upon launch.
Which of the below mentioned options allows the user to procure the resources beforehand so that they need not worry about infrastructure availability during the demonstration?

A. Procure all the instances as reserved instances beforehand.

B. Launch all the instances as part of the cluster group to ensure resource availability.

C. Pre-warm all the instances one month prior to ensure resource availability.

D. Ask AWS now to procure the dedicated instances in 6 month

Correct Answer:A
Amazon Web Services has massive hardware resources at its data centers, but they are finite. The best way for users to maximize their access to these resources is by reserving a portion of the computing capacity that they require. This can be done through reserved instances. With reserved instances, the user literally reserves the computing capacity in the Amazon Web Services cloud.
Reference: http://media.amazonwebservices.com/AWS_Building_FauIt_To|erant_AppIications.pdf

Question 101

To serve Web traffic for a popular product your chief financial officer and IT director have purchased 10 ml large heavy utilization Reserved Instances (Rls) evenly spread across two availability zones:
Route 53 is used to deliver the traffic to an Elastic Load Balancer (ELB). After several months, the product grows even more popular and you need additional capacity As a result, your company purchases two C3.2x|arge medium utilization Rls You register the two c3 2xIarge instances with your ELB and quickly find that the ml large instances are at 100% of capacity and the c3 2xIarge instances have significant capacity that's unused Which option is the most cost effective and uses EC2 capacity most effectively?

A. Use a separate ELB for each instance type and distribute load to ELBs with Route 53 weighted round robin

B. Configure Autoscaning group and Launch Configuration with ELB to add up to 10 more on-demand ml large instances when triggered by Cloudwatch shut off c3 2xIarge instances

C. Route traffic to EC2 ml large and c3 2xIarge instances directly using Route 53 latency based routing and health checks shut off ELB

D. Configure ELB with two c3 2xiarge Instances and use on-demand Autoscaling group for up to two additional c3.2x|arge instances Shut on mi .|arge instances.

Correct Answer:D

Question 102

You need to create an Amazon Machine Image (AM) for a customer for an application which does not appear to be part of the standard AWS AM template that you can see in the AWS console. What are the alternative possibilities for creating an AM on AWS?

A. You can purchase an AMs from a third party but cannot create your own AM.

B. You can purchase an AMIs from a third party or can create your own AMI.

C. Only AWS can create AMIs and you need to wait till it becomes available.

D. Only AWS can create AMIs and you need to request them to create one for yo

Correct Answer:B
You can purchase an AMIs from a third party, including AMIs that come with service contracts from organizations such as Red Hat. You can also create an AMI and sell it to other Amazon EC2 users. After you create an AMI, you can keep it private so that only you can use it, or you can share it with a specified list of AWS accounts. You can also make your custom AMI public so that the community can
use it. Building a safe, secure, usable AMI for public consumption is a fairly straightforward process, if you follow a few simple guidelines.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.htm|

START AWS-Solution-Architect-Associate EXAM