AWS SOA-C00 Certified Sys Ops Administrator Associate Exam Set 3

A user is using the AWS(Amazon Web Service) SQS to decouple the services. Which of the below mentioned operations is not supported by SQS?


Options are :

  • Create Queue
  • Delete Message Batch
  • Send Message Batch
  • Delete Message Queue

Answer : Delete Message Queue

Certification : Get AWS(Amazon Web Service) Certified Solutions Architect in 1 Day (2018 Update) Set 16

A user has enabled versioning on an S3 bucket. The user is using server side encryption for data at Rest. If the user is supplying his own keys for encryption (SSE-C., which of the below mentioned statements is true?


Options are :

  • The SSE-C does not work when versioning is enabled
  • The user should use the same encryption key for all versions of the same object
  • It is possible to have different encryption keys for different versions of the same object
  • AWS S3 does not allow the user to upload his own keys for server side encryption

Answer : It is possible to have different encryption keys for different versions of the same object

A user has created a VPC with a subnet and a security group. The user has launched an instance in that subnet and attached a public IP. The user is still unable to connect to the instance. The internet gateway has also been created. What can be the reason for the error?


Options are :

  • The outbound traffic on the security group is disabled
  • The internet gateway is not configured with the security group
  • The private IP is not present
  • The internet gateway is not configured with the route table

Answer : The internet gateway is not configured with the route table

A user has created a mobile application which makes calls to Dynamo DB to fetch certain data. The application is using the Dynamo DB SDK and root account access/secret access key to connect to Dynamo DB from mobile. Which of the below mentioned statements is true with respect to the best practice for security in this scenario?


Options are :

  • Create an IAM Role with Dynamo DB access and attach it with the mobile application
  • The application should use an IAM role with web identity federation which validates calls to Dynamo DB with identity providers, such as Google, Amazon, and face book
  • The user should create an IAM role with Dynamo DB and EC2 access. Attach the role with EC2 and route all calls from the mobile through EC2
  • The user should create a separate IAM user for each mobile application and provide Dynamo DB access with it

Answer : The application should use an IAM role with web identity federation which validates calls to Dynamo DB with identity providers, such as Google, Amazon, and face book

AWS SCS-C01 Certified Security Speciality Practice Exam Set 1

A user has launched an EC2 instance from an instance store backed AM). If the user restarts the instance, what will happen to the storage data?


Options are :

  • The data is preserved
  • It is not possible to restart an instance launched from an instance store backed AMI
  • Al the data will be erased but the ephermal storage will stay connected
  • Al data will be erased and the ephermal storage is released

Answer : The data is preserved

A user has created a VPC with CIDR 20.0.0.0/16. The user has created one subnet with CIDR 20.0.0.0/16 in this VPC. The user is trying to create another subnet with the same VPC for CIDR 20.0.0.1/24. What will happen in this scenario?


Options are :

  • It will throw a CIDR overlaps error
  • The VPC will modify the first subnet CIDR automatically to allow the second subnet IP range
  • It is not possible to create a subnet with the same CIDR as VPC
  • The second subnet will be created

Answer : It will throw a CIDR overlaps error

A user is using the AWS(Amazon Web Service) EC2. The user wants to make so that when there is an issue in the EC2 server, such as instance status failed, it should start a new instance in the user?s private cloud. Which AWS(Amazon Web Service) service helps to achieve this automation?


Options are :

  • AWS Cloud Watch + AWS(Amazon Web Service) SNS
  • AWS Cloud Watch + AWS(Amazon Web Service) Auto Scaling + AWS(Amazon Web Service) ELB
  • AWS Cloud Watch + Cloud formation
  • AWS Cloud Watch + AWS(Amazon Web Service) VPC

Answer : AWS Cloud Watch + AWS(Amazon Web Service) SNS

A user has setup a custom application which generates a number in decimals. The user wants to track that number and setup the alarm whenever the number is above a certain limit. The application is sending the data to Cloud Watch at regular intervals for this purpose. Which of the below mentioned statements is not true with respect to the abov