AWS Devops Engineer Professional Certified Practice Exam Set 5

Your company has recently extended its datacenter into a VPC on AWS. There is a requirement for on- premise users manage AWS resources from the AWS console. You don?t want to create lAM users for them again. Which of the below options will fit your needs for authentication?


Options are :

  • Use web Identity Federation to retrieve AWS temporary security credentials to enable your members to sI> in to the AWS Management Console,
  • Use OAuth 2.0 to retrieve temporary AWS security credentials to enable your members to sign in to the AWS Management Console.
  • Use your on-premises SAML 2 0-compliant identity provider (IDP) to grant the members federated access to the AWS Management Console via the AWS single sign-on (550) endpoint. (Correct)
  • Use your on-premises SAML2.0-compliat identity provider (IDP) to retrieve temporary security credentials to enable members to sign in to the AWS Management Console.

Answer : Use your on-premises SAML 2 0-compliant identity provider (IDP) to grant the members federated access to the AWS Management Console via the AWS single sign-on (550) endpoint.

AWS DVA-C00 Certified Developer Associate Practice Exam Set 3

You are having a web and worker role infrastructure defined in AWS using Amazon EC2 resources. You are using SQS to manage the jobs being send by the web role, Which of the following is the right way to ensure the worker processes are adequately setup to handle the number of jobs send by the web role Please select:


Options are :

  • Use Cloud watch monitoring to check the size of the queue and then scale out SQS to ensure that it can handle the right number of jobs
  • Use Cloud watch monitoring to check the size of the queue and then scale out using Autoscaling to ensure that it can handle the right number of jobs. (Correct)
  • Use ELB to ensure that the load Is evenly distributed to the set of web and worker instances
  • Use Route53 to ensure that the load is evenly distributed to the set of web and worker instances

Answer : Use Cloud watch monitoring to check the size of the queue and then scale out using Autoscaling to ensure that it can handle the right number of jobs.

Which of the following CLI commands is used to spin up new EC2 Instances? Please select:


Options are :

  • aws ec2 new-Instances
  • aws ec2 run-instances (Correct)
  • aws ec2 launch-instances
  • aws ec2 create-instances

Answer : aws ec2 run-instances

When one creates an encrypted EBS volume and attach it to a supported instance type which of the following data types are encrypted?


Options are :

  • All data moving between the volume and the instance
  • Data at rest inside the volume (Correct)
  • All snapshots created from the volume
  • All data copied from the EBS volume to S3

Answer : Data at rest inside the volume

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 8

You are a Dev ops Engineer in your company. You have been instructed to ensure there is an automated backup solution in place for EBS Volumes. These snapshots need to be retained only for a period of 20 days. How can you achieve this requirement in an efficient manner?


Options are :

  • Use Lifecycle policies to push the EBS Volumes to Amazon S3. Then use further lifecycle policies to delete the snapshots after 20 days.
  • Use the aws ec2 create-volume API to create a snapshot of the EBS Volume. The use the describe-volume to see those snapshots which are greater than 20 days and then delete them accordingly using the delete-volume API call.
  • Use Lifecycle policies to push the EBS Volumes to Amazon Glacier. Then use further lifecycle policies to delete the snapshots after 20 days.
  • Use the aws ec2 create-snapshot API to create a snapshot of the EBS Volume. The use the describes nap shot to see those snapshots which are greater than 20 days and then delete them accordingly using the deletes nap shot API call. (Correct)

Answer : Use the aws ec2 create-snapshot API to create a snapshot of the EBS Volume. The use the describes nap shot to see those snapshots which are greater than 20 days and then delete them accordingly using the deletes nap shot API call.

You are designing a cloud formation stack which involves the creation of a web server and a database server. You need to ensure that the web server In the stack gets created after the database server is created. How can you achieve this?


Options are :

  • Ensure that the database server is defined as a child of the web server in the cloud formation template.
  • Ensure that the web server Is defined as a child of the database server in the cloud formation template.
  • Ensure that the database server Is defined first and before the web server In the cloud formation template. The stack creation normally goes in order to create the resources.
  • Use the Depends On attribute to ensure that the database server is created before the web server. (Correct)

Answer : Use the Depends On attribute to ensure that the database server is created before the web server.

When thinking of AWS Elastic Beanstalk, the „Swap Environment URLs? feature most directly aids in what?


Options are :

  • Mutable Rolling Deployments
  • Immutable Rolling Deployments
  • Canary Deployments
  • Blue-Green Deployments (Correct)

Answer : Blue-Green Deployments

AWS DVA-C00 Certified Developer Associate Practice Exam Set 10

You want to use Code Deploy to deploy code that is hosted on your git hub repository. Which of the following additional services can help fulfill this requirement?


Options are :

  • Use the Code Pipeline service
  • Use the Code Commit service
  • Use the Code Batch service (Correct)
  • Use the SQS service

Answer : Use the Code Batch service

Which of the following will you need to consider so you can set up a solution that incorporates single sign-on from your corporate AD or LDAP directory and restricts access for each user to a designated user folder in a bucket? Choose 3 Answers from the options below


Options are :

  • Setting up a matching lAM user for every user in your corporate directory that needs access to a folder in the bucket
  • Tagging each folder in the bucket
  • Configuring lAM role (Correct)
  • Using AWS Security Token Service to generate temporary tokens (Correct)
  • Setting up a federation proxy or Identity provider .-

Answer : Configuring lAM role Using AWS Security Token Service to generate temporary tokens

Explain what the following resource in a Cloud Formation template does? - Show all Choose the best possible answer. “SNSTopic” : { Show all I “Type” : “AWS::SNS::Topic”, Finish “Properties” : { “Subscription”: „Protocol” : “sqs”, “Endpoint” : { “Fn::GetAtt”: [“SQSQueue”, “Am”]) / I Please select:


Options are :

  • Creates an SNS topic that allow SQS subscription endpoints
  • Creates an SNS topic which allows SQS subscription endpoints to be added as a parameter on the template
  • Creates an SNS topic and adds a subscription ARN endpoint for the SQS resource created under the logical name SQS Queue (Correct)
  • Creates an SNS topic and then invokes the call to create an SQS queue with a logical resource name of SQS Queue

Answer : Creates an SNS topic and adds a subscription ARN endpoint for the SQS resource created under the logical name SQS Queue

AWS SOA-C00 Certified Sys Ops Administrator Associate Exam Set 3

Your company has an e-commerce platform which is expanding all over the globe, you have EC2 instances deployed in multiple regions you want to monitor performance of all of these EC2 instances. How will you setup Cloud Watch to monitor EC2 instances In multiple regions?


Options are :

  • Create separate dash boards in every region.
  • This Is not possible
  • Register instances running on different regions to Cloud Watch
  • Have one single dashboard to report metrics to Cloud Watch from different region (Correct)

Answer : Have one single dashboard to report metrics to Cloud Watch from different region

Which of the following are Lifecycle events available in Qps work? Choose 3 answers from the options below?


Options are :

  • Shutdown (Correct)
  • Setup
  • Deploy (Correct)
  • Decommission N

Answer : Shutdown Deploy

Your company owns multiple AWS accounts. There is currently one development and one production account. You need to grant access to the development team to an 53 bucket in the production account. How can you achieve this?


Options are :

  • Create an LAM cross account role in the Production account that allows users from the Development account to access the S3 bucket in the Production account. (Correct)
  • Create an lAM user in the Production account that allows users from the Development account (the trusted account) to access the 53 bucket in the Production account.
  • Use web identity federation with a third-party identity provider with AWS STS to grant temporary credentials and membership into the production lAM user.
  • When creating the role, define the Development account as a trusted entity and specify a permissions poli that allows trusted users to update the 53 bucket.

Answer : Create an LAM cross account role in the Production account that allows users from the Development account to access the S3 bucket in the Production account.

AWS Solutions Architect Associate 2019 with Practice Test Set 1

Which of the following is not a supported platform on Elastic Beanstalk?


Options are :

  • Go
  • Packer Builder
  • Node.js
  • Kurber netes (Correct)
  • java SE

Answer : Kurber netes

You are in charge of designing a Cloud formation template which deploys a LAMP stack. After deploying a stack . you see that the status of the stack Is showing as CREATE_COMPLETE, but the apache server is still not up and running and is experiencing issues while starting up. You want to ensure that the stack creation only shows the status of CREATE_COMPLETE after all resources defined in the stack are up and running. How can you achieve this? Choose 2 answers from the options given below.


Options are :

  • Define a stack policy which defines that all underlying resources should be up and running before showin, > status of CREATE_COMPLETE.
  • Use the CFN helper scripts to signal once the resource configuration is complete. (Correct)
  • Use the Creation Policy to ensure it is associated with the EC2 Instance resource. (Correct)
  • Use lifecycle hooks to mark the completion of the creation and configuration of the underlying resource.

Answer : Use the CFN helper scripts to signal once the resource configuration is complete. Use the Creation Policy to ensure it is associated with the EC2 Instance resource.

A gaming company adopted AWS Cloud Formation to automate load-testing of their games. They have created an AWS Cloud Formation template for each gaming environment and one for the load-testing stack. The load-testing stack creates an Amazon Relational Database Service (RDS) Postgres database and two web servers running on Amazon Elastic Compute Cloud (EC2) that send HTTP requests, measure response times, and write the results into the database. A test run usually takes between 15 and 30 minutes. Once the tests are done, the AWS Cloud Formation stacks are torn down immediately. The test results written to the Amazon RDS database must remain accessible for visualization and analysis. Select possible solutions that allow access to the test results after the AWS Cloud Formation load -testing stack is deleted. Choose 2 answers. Please select:


Options are :

  • Define a deletion policy of type Snapshot for the Amazon RDS resource to assure that the RDS database can be restored after the AWS Cloud Formation stack is deleted. (Correct)
  • Define an update policy to prevent deletion of the Amazon RDS database after the AWS Cloud Formation stack is deleted.
  • Define an Amazon RDS Read-Replica in the load-testing AWS Cloud Formation stack and define a dependency relation between master and replica via the Depends On attribute.
  • Define a deletion policy of type Retain for the Amazon RDS resource to assure that the RDS database Is not deleted with the AWS Cloud Formation stack. „ (Correct)
  • Define automated backups with a backup retention period of 30 days for the Amazon RDS database and perform point-in-time recovery of the database after the AWS Cloud Formation stack is deleted.

Answer : Define a deletion policy of type Snapshot for the Amazon RDS resource to assure that the RDS database can be restored after the AWS Cloud Formation stack is deleted. Define a deletion policy of type Retain for the Amazon RDS resource to assure that the RDS database Is not deleted with the AWS Cloud Formation stack. „

AWS Solutions Architect Associate 2019 with Practice Test Set 6

You were just hired as a Dev Ops Engineer for a startup. Your startup uses AWS for 100% of their infrastructure. They currently have no automation at all for deployment, and they have had many failures while trying to deploy to production. The company has told you deployment process risk mitigation is the most important thing now, and you have a lot of budget for tools and AWS resources. Their stack includes a 2-tier API with data stored in Dynamo DB or 53, depending on type. The Compute layer is EC2 in Auto Scaling Groups. They use Route53 for DNS pointing to an ELB. An ELB balances load across the EC2 instances. The scaling group properly varies between 4 and 12 EC2 servers. Which of the following approaches, given this company?s stack and their priorities, best meets the company?s needs? Please select:


Options are :

  • Model the stack in AWS Ops Works as a single Stack, with 1 compute layer and its associated ELB. Use Chef and App Deployments to automate Rolling Deployment.
  • Model the stack in 1 Cloud Formation template. to ensure consistency and dependency graph resolution. Write deployment and integration testing automation following Rolling Deployment methodologies.
  • Model the stack In three templates: Data layer. compute layer, and networking layer. Write stack deployment and integration testing automation following Blue-Green methodologies. (Correct)
  • Model the stack in AWS Elastic Beanstalk as a single Application with multiple Environments. Use Elastic Beanstalk?s Rolling Deploy option to progressively roll out application code changes when promoting across environments.

Answer : Model the stack In three templates: Data layer. compute layer, and networking layer. Write stack deployment and integration testing automation following Blue-Green methodologies.

You are currently using SQS to pass messages to EC2 Instances. You need to pass messages which are greater than 5 MB in size. Which of the following can help you accomplish this.


Options are :

  • Use AWS EFS as a shared pool storage medium. Store file system pointers to the files on disk in the SQS message bodies.
  • Use SQSs support for message partitioning and multi-part uploads on Amazon 53.
  • Use Kinesis as a buffer stream for message bodies. Store the checkpoint id for the placement in the Kinesis Stream In SQS.
  • Use the Amazon SQS Extended Client Library for Java and Amazon S3 as a storage mechanism for message bodies. (Correct)

Answer : Use the Amazon SQS Extended Client Library for Java and Amazon S3 as a storage mechanism for message bodies.

You work at a company that makes use of AWS resources. One of the key security policies is to ensure that all data is encrypted both at rest and in transit. Which of the following is not a right implementation which aligns to this policy?


Options are :

  • Using 53 Server Side Encryption (SSE) to store the information
  • Enabling Proxy Protocol
  • Enable SSL termination on the ELB (Correct)
  • Enabling sticky sessions on your load balancer

Answer : Enable SSL termination on the ELB

AWS Develops Engineer Professional Practice Final File Exam Set 5

Which of the following are true with regard to Ops works stack Instances? Choose 3 answers from the options given below?


Options are :

  • A stacks instances can be a combination of both Linux and Windows based operating systems
  • You can use instances running on your own hardware. „ (Correct)
  • You can start and stop instances manually. (Correct)
  • You can use EC2 Instances that were created out side the boundary of Ops work. (Correct)

Answer : You can use instances running on your own hardware. „ You can start and stop instances manually. You can use EC2 Instances that were created out side the boundary of Ops work.

Your firm has uploaded a large amount of aerial image data to 53. In the past, in your onpremises environment, you used a dedicated group of servers to process this data and used Rabbit MQ - An open source messaging system to get job Information to the servers. Once processed the data would go to tape and be shipped offsite. Your manager told you to stay with the current design, and leverage AWS archival storage and messaging services to minimize cost. Which is correct?


Options are :

  • Change the storage class of the 53 objects to Reduced Redundancy Storage. Setup AutoScaled workers triggered by queue depth that use spot instances to process messages in SQS. Once data is processed. change the storage class of the 53 objects to Glacier.
  • Use SQS for passing job messages. Use Cloud Watch alarms to terminate EC2 worker instances when they \. become Idle. Once data is processed, change the storage class of the S3 objects to Reduced Redundancy Storage.
  • Setup Auto-Scaled workers triggered by queue depth that use spot instances to process messages in SQS. Once data is processed, change the storage class of the 53 objects to Glacier (Correct)
  • Use SNS to pass job messages use Cloud Watch alarms to terminate spot worker instances when they become idle. Once data is processed. change the storage class of the S3 object to Glacier.

Answer : Setup Auto-Scaled workers triggered by queue depth that use spot instances to process messages in SQS. Once data is processed, change the storage class of the 53 objects to Glacier

Your finance supervisor has set a budget of 2000 USD for the resources in AWS. Which of the following is the simplest way to ensure that you know when this threshold is being reached?


Options are :

  • Use SQS queues to notify you when you reach the threshold value
  • Use Cloud watch events to notify you when you reach the threshold value
  • Use Cloud watch logs to notify you when you reach the threshold value
  • Use the Cloud watch billing alarm to notify you when you reach the threshold value (Correct)

Answer : Use the Cloud watch billing alarm to notify you when you reach the threshold value

AWS BDS-C00 Certified Big Data Speciality Practice Test Set 7

Your CTO is very worried about the security of your AWS account. How best can you prevent hackers from completely hijacking your account?


Options are :

  • Use short but complex password on the root account and any administrators.
  • Don?t write down or remember the root account password after creating the AWS account
  • Use MFA on all users and accounts, especially on the root account (Correct)
  • Use AWS PAM Geo-Lock and disallow anyone from logging in except for in your city.

Answer : Use MFA on all users and accounts, especially on the root account

You need to store a large volume of data. The data needs to be readily accessible for a short period, but the needs to be archived indefinitely after that. What is a cost-effective solution? Please select:


Options are :

  • Store all the data in 53 so that it can be more cost effective
  • Store your data in Amazon S3. and use lifecycle policies to archive to S3-lnfrequently Access
  • Store your data in Amazon S3, and use lifecycle policies to archive to Amazon Glacier (Correct)
  • Store your data in an EBS volume, and use lifecycle policies to archive to Amazon Glacier.

Answer : Store your data in Amazon S3, and use lifecycle policies to archive to Amazon Glacier

Which of the following features of the Auto scaling Group ensures that additional instances are neither launched or terminated before the previous scaling activity takes effect ?


Options are :

  • Creation policy
  • Ramp up period
  • Cool down period (Correct)
  • Termination policy

Answer : Cool down period

AWS Certified Solutions Architect Associate

How can you resolve a dependency Error when using Cloud formation? Please select:


Options are :

  • Use the parameter attribute
  • Use the Error attribute
  • Use the Depends on attribute (Correct)
  • Use the mappings attribute

Answer : Use the Depends on attribute

A web-startup runs its very successful social news application on Amazon EC2 with an Elastic Load Balancer, an Auto-Scaling group of Java/Tomcat application-servers, and Dynamo DB as data store. The main web application best runs on m2 x large Instances since it is highly memory- bound. Each new deployment requires semi-automated creation and testing of a new AMI for the application servers which takes quite a while and is therefore only done once per week. Recently, a new chat feature has been implemented in node js and wails to be integrated in the architecture. First tests show that the new component is CPU bound because the company has some experience with using Chef, they decided to streamline the deployment process and use AWS Ops Works as an application life cycle tool to simplify management of the application > and reduce the deployment cycles. What configuration in AWS Ops Works is necessary to integrate the nev\ chat module in the most cost-efficient and flexible way?


Options are :

  • Create one AWS Ops Works stack, create one AWS Ops Works layer, create one custom recipe
  • Create two AWS Ops Works stacks create two AWS Ops Works layers create two custom recipe
  • Create two AWS Ops Works stacks create two AWS Ops Works layers create one custom recipe
  • Create one AWS Ops Works stack create two AWS Ops Works layers create one custom recipe (Correct)

Answer : Create one AWS Ops Works stack create two AWS Ops Works layers create one custom recipe

You are using lifecycle hooks in your Auto Scaling Group. Because there is a lifecycle hook, the instance is put in the Pending: Wait state, which means that it is not available to handle traffic yet. When the Instance enters the wait state, other scaling actions are suspended. After some time, the instance state is changed to Pending: Proceed, and finally ln Service where the instances that are part of the Auto scaling Group can start serving up traffic. But you notice that the bootstrapping process on the instances finish much earlier, long before the state is changed to Pending :Proceed. What can you do to ensure the Instances are placed In the right state after the bootstrapping process Is complete? Please select:


Options are :

  • Use the complete-lifecycle-action call to complete the lifecycle action. Run this command from the Simple Notification service.
  • Use the complete-lifecycle-action call to complete the lifecycle action. Run this command from a SQS queue
  • Use the complete-lifecycle-action call to complete the lifecycle action. Run this command from another EC2 Instance.
  • Use the complete-lifecycle-action call to complete the lifecycle action. Run this command from the Command line interface. (Correct)

Answer : Use the complete-lifecycle-action call to complete the lifecycle action. Run this command from the Command line interface.

AWS Solutions Architect Associate 2019 with Practice Test Set 5

What would you set in your Cloud Formation template to fire up different instance sizes based off of environment type?


Options are :

  • Outputs
  • Resources
  • Mappings
  • conditions (Correct)

Answer : conditions

You are Dev ops Engineer for a large organization. The company wants to start using Cloud formation templates to start building their resources in AWS. You are getting requirements for the templates from various departments, such as the networking, security, application etc. What is the best way to architect these Cloud formation templates.


Options are :

  • Create separate logical templates . for example. a separate template for networking, security, application etc. Then nest the relevant templates. (Correct)
  • Consider using Opsworks to create your environments since Cloud formation is not built for such customization.
  • Use a single Cloud formation template, since this would reduce the maintenance overhead on the templates itself.
  • Consider using Elastic beanstalk to create your environments since Cloud formation is not built for such customization.

Answer : Create separate logical templates . for example. a separate template for networking, security, application etc. Then nest the relevant templates.

Comment / Suggestion Section