AWS-Solution-Architect-Associate Amazon Exam Questions and Free Practice Test

Question 31

In regards to IAM you can edit user properties later, but you cannot use the console to change the

A. user name

B. password

C. default group

Correct Answer:A

Question 32

You are building an automated transcription service in which Amazon EC2 worker instances process an uploaded audio file and generate a text file. You must store both of these files in the same durable storage until the text file is retrieved. You do not know what the storage capacity requirements are.
Which storage option is both cost-efficient and scalable?

A. Multiple Amazon EBS volume with snapshots

B. A single Amazon Glacier vault

C. A single Amazon 53 bucket

D. Multiple instance stores

Correct Answer:C

Question 33

You are configuring a new VPC for one of your clients for a cloud migration project, and only a public VPN will be in place. After you created your VPC, you created a new subnet, a new internet gateway, and attached your internet gateway to your VPC. When you launched your first instance into your VPC, you realized that you aren't able to connect to the instance, even if it is configured with an elastic IP. What should be done to access the instance?

A. A route should be created as 0.0.0.0/0 and your internet gateway as target.

B. Attach another ENI to the instance and connect via new ENI.

C. A NAT instance should be created and all traffic should be forwarded to NAT instance.

D. A NACL should be created that allows all outbound traffi

Correct Answer:A
All traffic should be routed via Internet Gateway. So, a route should be created with 0.0.0.0/0 as a source, and your Internet Gateway as your target.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario1.htmI

Question 34

What will be the status of the snapshot until the snapshot is complete.

A. running

B. working

C. progressing

D. pending

Correct Answer:D

Question 35

You have been asked to tighten up the password policies in your organization after a serious security breach, so you need to consider every possible security measure. Which of the following is not an account password policy for IAM Users that can be set?

A. Force IAM users to contact an account administrator when the user has allowed his or her password to expue.

B. A minimum password length.

C. Force IAM users to contact an account administrator when the user has entered his password incorrectly.

D. Prevent IAM users from reusing previous password

Correct Answer:C
IAM users need passwords in order to access the AWS Management Console. (They do not need passwords if they will access AWS resources programmatically by using the CLI, AWS SDKs, or the APIs.)
You can use a password policy to do these things: Set a minimum password length.
Require specific character types, including uppercase letters, lowercase letters, numbers, and non-alphanumeric characters. Be sure to remind your users that passwords are case sensitive. Allow all IAM users to change their own passwords.
Require IAM users to change their password after a specified period of time (enable password expiration). Prevent IAM users from reusing previous passwords.
Force IAM users to contact an account administrator when the user has allowed his or her password to expue.
Reference: http://docs.aws.amazon.com/|AM/Iatest/UserGuide/Using_ManagingPasswordPoIicies.htm|

Question 36

You try to connect via SSH to a newly created Amazon EC2 instance and get one of the following error messages:
"Network error: Connection timed out" or "Error connecting to [instance], reason: -> Connection timed out: connect,"
You have confirmed that the network and security group rules are configured correctly and the instance is passing status checks. What steps should you take to identify the source of the behavior? Choose 2 answers

A. Verify that the private key file corresponds to the Amazon EC2 key pair assigned at launch.

B. Verify that your IAM user policy has permission to launch Amazon EC2 instances.

C. Verify that you are connecting with the appropriate user name for your AMI.

D. Verify that the Amazon EC2 Instance was launched with the proper IAM role.

E. Verify that your federation trust to AWS has been establishe

Correct Answer:AC
Reference:
http://docs.aws.amazon.com/AWSEC2/Iatest/UserGuide/Troubleshooting|nstancesConnecting.htmI

START AWS-Solution-Architect-Associate EXAM