NEW QUESTION 1
In regards to Amazon SQS how many times will you receive each message?

• A. At least twice
• B. Exactly once
• C. As many times as you want
• D. At least once

Answer: D

Explanation:
Amazon SQS is engineered to provide "at least once" delivery of all messages in its queues. Although most of the time, each message will be delivered to your application exactly once, you should design your system so that processing a message more than once does not create any errors or inconsistencies. Reference: https://aws.amazon.com/sqs/faqs/

NEW QUESTION 2
Which of the following are valid arguments for an SNS Publish request? Choose 3 answers

• A. TopicAm
• B. Subject
• C. Destination
• D. Format
• E. Message F.Language

Answer: ABE

NEW QUESTION 3
A user has launched a MySQL RDS. The user wants to plan for the DR and automate the snapshot. Which of the below mentioned functionality offers this option with RDS?

• A. Copy snapshot
• B. Automated synchronization
• C. Snapshot
• D. Automated backup

Answer: D

Explanation:
Amazon RDS provides two different methods for backing up and restoring the Amazon DB instances: automated backups and DB snapshots. Automated backups automatically back up the DB instance during a specific, user-definable backup window, and keep the backups for a limited, user-specified period of time.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.BackingUpAndRestoringAmazonR DSInstances.htmI

NEW QUESTION 4
An orgAMzation has hosted an application on the EC2 instances. There will be multiple users connecting to the instance for setup and configuration of application. The orgAMzation is planning to implement certain security best practices. Which of the below mentioned pointers will not help the orgAMzation achieve better security arrangement?

• A. Apply the latest patch of OS and always keep it updated.
• B. Allow only IAM users to connect with the EC2 instances with their own secret access key.
• C. Disable the password based login for all the user
• D. All the users should use their own keys to connect with the instance securely.
• E. Create a procedure to revoke the access rights of the indMdual user when they are not required to connect to EC2 instance anymore for the purpose of application configuration.

Answer: B

Explanation:
Since AWS is a public cloud any application hosted on EC2 is prone to hacker attacks. It becomes extremely important for a user to setup a proper security mechAMsm on the EC2 instances. A few of the security measures are listed below:
Always keep the OS updated with the latest patch
Always create separate users with in OS if they need to connect with the EC2 instances, create their keys and disable their password
Create a procedure using which the admin can revoke the access of the user when the business work on the EC2 instance is completed
Lock down unnecessary ports
Audit any proprietary applications that the user may be running on the EC2 instance
Provide temporary escalated prMleges, such as sudo for users who need to perform occasional prMleged tasks
The IAM is useful when users are required to work with AWS resources and actions, such as launching an instance. It is not useful to connect (RDP / SSH) with an instance.
Reference: http://aws.amazon.com/articles/1233/

NEW QUESTION 5
can be used to bootstrap both the Chef Server and Chef Client software on your EC2 instances.

• A. AWS CIoudFormation
• B. AWS Elastic Beanstalk
• C. AWS OpsWorks
• D. Amazon Glacier

Answer: A

Explanation:
AWS CIoudFormation can be used to bootstrap both the Chef Server and Chef Client software on your EC2 instances.
Reference: http://aws.amazon.com/c|oudformation/faqs/

NEW QUESTION 6
What item operation allows the retrieval of multiple items from a DynamoDB table in a single API call?

• A. Getltem
• B. BatchGetItem
• C. GetMu|tip|e|tems
• D. GetItemRange

Answer: B

NEW QUESTION 7
Which of the following statements about SWF are true? Choose 3 answers

• A. SWF tasks are assigned once and never duplicated
• B. SWF requires an S3 bucket for workflow storage
• C. SWF workflow executions can last up to a year
• D. SWF triggers SNS notifications on task assignment
• E. SWF uses deciders and workers to complete tasks
• F. SWF requires atleast 1 EC2 instance per domain

Answer: ACE

NEW QUESTION 8
Which of the following services are key/value stores? Choose 3 answers

• A. Amazon EIastiCache
• B. Simple Notification Service
• C. DynamoDB
• D. Simple Workflow Service
• E. Simple Storage Service

Answer: ABC

NEW QUESTION 9
In AWS Elastic Beanstalk, you can update your deployed application even while it is part of a running environment. For a Java application, you can also use to update your deployed application.

• A. the AWS Toolkit for Eclipse
• B. the AWS Toolkit for Visual Studio
• C. the AWS Toolkit for JVM
• D. the AWS Toolkit for Netbeans

Answer: A

Explanation:
In AWS Elastic Beanstalk, you can update your deployed application, even while it is part of a running environment. For a Java application, you can also use the AWS Toolkit for Eclipse to update your deployed application.
Reference: http://docs.aws.amazon.com/elasticbeanstaIk/latest/dg/GettingStarted.WaIkthrough.htmI

NEW QUESTION 10
A user has created photo editing software and hosted it on EC2. The software accepts requests from the user about the photo format and resolution and sends a message to S3 to enhance the picture accordingly. Which of the below mentioned AWS services will help make a scalable software with the AWS infrastructure in this scenario?

• A. AWS Elastic Transcoder
• B. AWS Simple Notification Service
• C. AWS Simple Queue Service
• D. AWS Glacier

Answer: C

Explanation:
Amazon Simple Queue Service (SQS) is a fast, reliable, scalable, and fully managed message queuing service. SQS provides a simple and cost-effective way to decouple the components of an application. The user can configure SQS, which will decouple the call between the EC2 application and S3. Thus, the application does not keep waiting for S3 to provide the data.
Reference: http://aws.amazon.com/sqs/faqs/

NEW QUESTION 11
A corporate web application is deployed within an Amazon VPC, and is connected to the corporate data center via IPSec VPN. The application must authenticate against the on-premise LDAP server. Once authenticated, logged-in users can only access an S3 keyspace specific to the user.
Which two approaches can satisfy the objectives? Choose 2 answers

• A. The application authenticates against LDA
• B. The application then calls the IAM Security Service to login to IAM using the LDAP credential
• C. The application can use the IAM temporary credentials to access the appropriate S3 bucket.
• D. The application authenticates against LDAP, and retrieves the name of an IAM role associated with the use
• E. The application then calls the IAM Security Token Service to assume that IAM Rol
• F. The application can use the temporary credentials to access the appropriate S3 bucket.
• G. The application authenticates against IAM Security Token Service using the LDAP credential
• H. The application uses those temporary AWS security credentials to access the appropriate S3 bucket.
• I. Develop an identity broker which authenticates against LDAP, and then calls IAM Security Token Service to get IAM federated user credential
• J. The application calls the identity broker to get IAM federated user credentials with access to the appropriate S3 bucket.
• K. Develop an identity broker which authenticates against IAM Security Token Service to assume an IAM Role to get temporary AWS security credential
• L. The application calls the identity broker to get AWS temporary security credentials with access to the appropriate S3 bucket.

Answer: BD

NEW QUESTION 12
Which one of the following operations is NOT a DynamoDB operation?

• A. BatchWrite|tem
• B. DescribeTabIe
• C. BatchGetItem
• D. BatchDeIeteItem

Answer: D

Explanation:
In DynamoDB, Deleteltem deletes a single item in a table by primary key, but BatchDeIeteItem doesn’t exist.
Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/operationIist.htmI

NEW QUESTION 13
When should a user try to Force Detach an EBS volume?

• A. If the volume is stuck in a detaching state
• B. If the volume is not accessible from the instance
• C. If the volume is not unmounted and the user still wants to detach
• D. If the volume is a root volume

Answer: A

Explanation:
If an EBS volume stays in the detaching state, the user can force the detachment by clicking Force Detach. Forcing the detachment can lead to either data loss or a corrupted file system. The user should use this option only as a last resort to detach a volume from a failed instance or if he is detaching a volume with the intention of deleting it.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html

NEW QUESTION 14
What is the maximum number of tags that a user can assign to an EC2 instance?

• A. 50
• B. 10
• C. 5
• D. 25

Answer: B

Explanation:
To help manage EC2 instances as well as their usage in a better way, the user can tag the instances. The tags are metadata assigned by the user which consists of a key and a value. One resource can have a maximum of 10 tags.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html

NEW QUESTION 15
Which of the below mentioned options can be a good use case for storing content in AWS RRS?

• A. Storing mission critical data Files
• B. Storing infrequently used log files
• C. Storing a video file which is not reproducible
• D. Storing image thumbnails

Answer: D

Explanation:
AWS RRS provides the same functionality as AWS S3, but at a cheaper rate. It is ideally suited for non-mission, critical applications, such as files which can be reproduced.
Reference: http://docs.aws.amazon.com/AmazonS3/Iatest/dev/UsingRRS.htmI

NEW QUESTION 16
A user has created a blank EBS volume in the US-East-1 region. The user is unable to attach the volume to a running instance in the same region. What could be the possible reason for this?

• A. The instance must be in a running stat
• B. It is required to stop the instance to attach volume
• C. The AZ for the instance and volume are different
• D. The instance is from an instance store backed AMI
• E. The instance has enabled the volume attach protection

Answer: B

Explanation:
An EBS volume provides persistent data storage. The user can attach a volume to any instance provided they are both in the same AZ. Even if they are in the same region but in a different AZ, it will not be able to attach the volume to that instance.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.htmI

NEW QUESTION 17
A bucket owner has allowed another account’s IAM users to upload or access objects in his bucket. The IAM user of Account A is trying to access an object created by the IAM user of account B. What will happen in this scenario?

• A. The bucket policy may not be created as S3 will give error due to conflict of Access Rights
• B. It is not possible to give permission to multiple IAM users
• C. AWS S3 will verify proper rights given by the owner of Account A, the bucket owner as well as by the IAM user B to the object
• D. It is not possible that the IAM user of one account accesses objects of the other IAM user

Answer: C

Explanation:
If a IAM user is trying to perform some action on an object belonging to another AWS user’s bucket, S3 will verify whether the owner of the IAM user has given sufficient permission to him. It also verifies the policy for the bucket as well as the policy defined by the object owner.
Reference:
http://docs.aws.amazon.com/AmazonS3/Iatest/dev/access-control-auth-workflow-object-operation.htmI

NEW QUESTION 18
......