AWS SOA-C00 Certified Sys Ops Administrator Associate Exam Set 7

A sys admin is trying to understand the Auto Scaling activities. Which of the below mentioned processes is not performed by Auto Scaling?


Options are :

  • Reboot Instance (Correct)
  • Availability Zone Balancing
  • Replace Unhealthy
  • Schedule Actions

Answer : Reboot Instance

A user has created a subnet in VPC and launched an EC2 instance within it. The user has not selected the option to assign the IP address while launching the instance. The user has 3 elastic IPs and is trying to assign one of the Elastic IPs to the VPC instance from the console. The console does not show any instance in the IP assignment screen. What is a possible reason that the instance is unavailable in the assigned IP console?


Options are :

  • The IP address belongs to a different zone than the subnet zone
  • The user has not created an internet gateway
  • The IP address may be attached to one of the instances
  • The IP addresses belong to EC2 Classic; so they cannot be assigned to VPC (Correct)

Answer : The IP addresses belong to EC2 Classic; so they cannot be assigned to VPC

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 1

A user has created a VPC with public and private subnets using the VPC wizard. The user has not launched any instance manual y and is trying to delete the VPC. What will happen in this scenario?


Options are :

  • It will not allow to delete the VPC as it has subnets with route tables
  • It will not allow to delete the VPC since it has a running NAT instance (Correct)
  • It will not allow to delete the VPC since it has a running route instance
  • It will terminate the VPC along with all the instances launched by the wizard

Answer : It will not allow to delete the VPC since it has a running NAT instance

A root account owner has created an S3 bucket test my cloud. The account owner wants to allow everyone to upload the objects as well as enforce that the person who uploaded the object should manage the permission of those objects. Which is the easiest way to achieve this?


Options are :

  • The root account should use ACL with the bucket to allow everyone to upload the object (Correct)
  • The root account should create the IAM users and provide them the permission to upload content to the bucket
  • The root account owner should create the bucket policy which allows the other account owners to set the object policy of that bucket
  • The root account owner should create a bucket policy which allows the IAM users to upload the object

Answer : The root account should use ACL with the bucket to allow everyone to upload the object

A user has launched multiple EC2 instances for the purpose of development and testing in the same region. The user wants to find the separate cost for the production and development instances, How can the user find the cost distribution?


Options are :

  • It is not possible to get the AWS cost usage data of single region instances separately
  • The user should use Cost Distribution Metadata and AWS detailed billing
  • The user should download the activity report of the EC2 services as it has the instance ID wise data
  • The user should use Cost Allocation Tags and AWS billing reports (Correct)

Answer : The user should use Cost Allocation Tags and AWS billing reports

AWS Develops Engineer Professional Practice Final File Exam Set 13

A user is launching an instance. He is on the lag the instance” screen. Which of the below mentioned information will not help the user understand the functionality of an AWS tag?


Options are :

  • AWS tags are used to find the cost distribution of various resources
  • The maximum value of the tag key length is 64 unique code characters (Correct)
  • The user can apply tags to the S3 bucket
  • Each tag will have a key and value

Answer : The maximum value of the tag key length is 64 unique code characters

A user has created a VPC with CIDR 20.0.0.0/16 using VPC Wizard. The user has created a public CIDR (20.0.0.0/24. and a VPN only subnet CIDR (20.0.1.0/24. along with the hardware VPN access to connect to the user?s data centre. Which of the below mentioned components is not present when the VPC is setup with the wizard?


Options are :

  • An internet gateway for a public subnet
  • A NAT instance configured to allow the VPN subnet instances to connect with the internet (Correct)
  • Custom route table attached with a public subnet
  • Main route table attached with a VPN only subnet

Answer : A NAT instance configured to allow the VPN subnet instances to connect with the internet

A user is planning to set up the Multi AZ feature of RDS. Which of the below mentioned conditions won?t take advantage of the Multi AZ feature?


Options are :

  • Region outage (Correct)
  • Availability zone outage
  • When the user changes the DB instance?s server type
  • A manual failover of the DB instance using Reboot with failover option

Answer : Region outage

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 8

An organization has setup consolidated billing with 3 different AWS accounts. Which of the below mentioned advantages will organization receive in terms of the AWS pricing?


Options are :

  • The free usage tier for all the 3 accounts will be 3 years and not a single year
  • Al AWS accounts will be charged for S3 storage by combining the total storage of each account (Correct)
  • The consolidated billing does not bring any cost advantage for the organization
  • The EC2 instances of each account will receive a total of 750*3 micro instance hours free

Answer : Al AWS accounts will be charged for S3 storage by combining the total storage of each account

A user has configured Cloud Watch monitoring on an EBS backed EC2 instance. If the user has not attached any additional device, which of the below mentioned metrics will always show a 0 value?


Options are :

  • Network in
  • Network Out
  • CPU Utilization
  • Disk Read Bytes (Correct)

Answer : Disk Read Bytes

A sys admin has created the below mentioned policy on an S3 bucket named cloud academy. What does this policy define? “Statement”: I{ “Sid: “Stmt 388811069831”, “Effect”: “Allow”, “Principal”: { “AWS”: “k?), “Action: F „s3:GetObjectAcl?, “s3:ListBucket”J, Resource”: I arn:aws:s3:::cloud academy]


Options are :

  • It will allow everyone to view the ACL of the bucket
  • It will give an error as no object is defined as part of the policy while the action defines the rule about the object
  • It will make the cloud academy bucket as public (Correct)
  • It will make the cloud academy bucket as well as all its objects as public

Answer : It will make the cloud academy bucket as public

AWS SAP-C00 Certified Solution Architect Professional Exam Set 3

A user has created a VPC with the public subnet. The user has created a security group for that VPC. Which of the below mentioned statements is true when a security group is created?


Options are :

  • It can connect to the AWS services, such as S3 and RDS by default
  • It will have all the inbound traffic by default
  • It will by default allow traffic to the internet gateway
  • It will have all the outbound traffic by default (Correct)

Answer : It will have all the outbound traffic by default

A user has created a queue named my queue& in US-East region with AWS SQS. The users AWS account ID is 123456789012. If the user wants to perform some action on this queue, which of the below Queue URL should he use?


Options are :

  • http://sqs.amazonaws.com/l2345678901 2/my queue
  • http://sqs. 12345678901 2.us-east-1 .amazonaws.com/myqueue
  • http://sqs.us-east-1 .amazonaws.com/1 2345678901 2/my queue (Correct)
  • http:ll 12345678901 2.sqs. us-east-i .amazonaws.com/myqueue

Answer : http://sqs.us-east-1 .amazonaws.com/1 2345678901 2/my queue

An organization (account ID 123412341234. has configured the IAM policy to allow the user to modify his credentials. What will the below mentioned statement allow the user to perform? “Version”: “2012-10-17”, “Statement?: [{ “Effect”: “Allow”, “Action”: I “I am : Add User To Group”, “I am : Remove User From Group”, “jam: Get Group” “Resource?: “ARN : AWS : I am:: 123412341 234:group/Testing Group”


Options are :

  • The IAM policy will throw an error due to an invalid resource name
  • The IAM policy will allow the user to subscribe to any IAM group
  • Allow the IAM user to delete the Testing Group
  • Allow the IAM user to update the membership of the group called Testing Group (Correct)

Answer : Allow the IAM user to update the membership of the group called Testing Group

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 2

A user has created a VPC with CIDR 20.0.0.0/24. The user has created a public subnet with CIOR 20.0.0.0/25 and a private subnet with CIDR 20.0.0.128/25. The user has launched one instance each in the private and public subnets. Which of the below mentioned options cannot be the correct IP address (private IP. assigned to an instance in the public or private subnet?


Options are :

  • 20.0.0.132
  • 20.0.0.55
  • 20.0.0.122
  • 20.0.0.255 (Correct)

Answer : 20.0.0.255

A user has configured Elastic Load Balancing by enabling a Secure Socket Layer (SSL,Negotiation configuration known as a Security Policy. Which of the below mentioned options is not part of this secure policy while negotiating the SSL connection between the user and the client?


Options are :

  • Server Order Preference
  • Client Order Preference (Correct)
  • SSL Ciphers
  • SSL Protocols

Answer : Client Order Preference

An organization is measuring the latency of an application every minute and storing data inside a file in the JSON format. The organization wants to send all latency data to AWS Cloud Watch. How can the organization achieve this?


Options are :

  • It is not possible to upload the custom data to Cloud Watch
  • The user can supply the file as an input to the Cloud Watch command (Correct)
  • The user has to parse the file before uploading data to Cloud Watch
  • The user can use the Cloud Watch Import command to import data from the file to Cloud Watch

Answer : The user can supply the file as an input to the Cloud Watch command

AWS Certified Security Specialty

A user has launched two EBS backed EC2 instances in the US-East-la region. The user wants to change the zone of one of the instances. How can the user change it?


Options are :

  • Create an AMI of the running instance and launch the instance in a separate AZ (Correct)
  • Stop one of the instances and change the availability zone
  • The zone can only be modified using the AWS CLI
  • From the AWS EC2 console, select the Actions -> Change zones and specify new zone

Answer : Create an AMI of the running instance and launch the instance in a separate AZ

A user is trying to connect to a running EC2 instance using SSH. However, the user gets a connection time out error. Which of the below mentioned options is not a possible reason for rejection?


Options are :

  • None
  • The access key to connect to the instance is wrong (Correct)
  • The private key used to launch the instance is not correct ft The instance CPU is heavily loaded
  • The security group is not configured properly

Answer : The access key to connect to the instance is wrong

A user has configured a VPC with a new subnet. The user has created a security group. The user wants to configure that instances of the same subnet communicate with each other. How can the user configure this with the security group?


Options are :

  • There is no need for a security group modification as all the instances can communicate with each other inside the same subnet
  • Configure the subnet as the source in the security group and allow traffic on all the protocols and ports
  • The user has to use VPC peering to configure this
  • Configure the security group itself as the source and allow traffic on all the protocols and ports (Correct)

Answer : Configure the security group itself as the source and allow traffic on all the protocols and ports

AWS Develops Engineer Professional Practice Final File Exam Set 7

A user has enabled detailed Cloud Watch metric monitoring on an Auto Scaling group. Which of the below mentioned metrics will help the user identify the total number of instances in an Auto Scaling group clouding pending, terminating and running instances?


Options are :

  • Group Sum instances
  • It is not possible to get a count of all the three metrics together. The user has to find the individual number of running, terminating and pending instances and sum it
  • Group Total instances (Correct)
  • Group instances Count

Answer : Group Total instances

A user has launched two EBS backed EC2 instances in the US-East-la region. The user wants to change the zone of one of the instances. How can the user change it?


Options are :

  • The zone can only be modified using the AWS CLI
  • From the AWS EC2 console, select the Actions - > Change zones and specify the new zone
  • It is not possible to change the zone of an instance after it is launched (Correct)
  • Stop one of the instances and change the availability zone

Answer : It is not possible to change the zone of an instance after it is launched

An AWS root account owner is trying to create a policy to access RDS. Which of the below mentioned statements is true with respect to the above information?


Options are :

  • The user cannot access the RDS database if he is not assigned the correct IAM policy
  • Create a policy which allows the users to access RDS and apply it to the RDS instances
  • The root account owner should create a policy for the IAM user and give him access to the RDS services (Correct)
  • The policy should be created for the user and provide access for RDS

Answer : The root account owner should create a policy for the IAM user and give him access to the RDS services

AWS SAP-C00 Certified Solution Architect Professional Exam Set 8

A user has launched an RDS postgre SQL DB with AWS. The user did not specify the maintenance window during creation. The user has configured RDS to update the DB instance type from micro to large. If the user wants to have it during the maintenance window, what will AWS do?


Options are :

  • AWS will not allow to update the DB until the maintenance window is configured
  • AWS will ask the user to specify the maintenance window during the update
  • AWS will select the default maintenance window if the user has not provided it (Correct)
  • It is not possible to change the DB size from micro to large with RDS

Answer : AWS will select the default maintenance window if the user has not provided it

A sys admin is trying to understand EBS snapshots. Which of the below mentioned statements will not be useful to the admin to understand the concepts about a snapshot?


Options are :

  • It is recommended to stop the instance before taking a snapshot for consistent data
  • The snapshot captures the data that has been written to the hard disk when the snapshot command was executed .
  • The snapshot is synchronous (Correct)
  • The snapshot is incremental

Answer : The snapshot is synchronous

Amazon Simple Notification Service (Amazon SNS. is a fast, flexible, and fully managed push Messaging service. Amazon SNS can deliver notifications by SMS text message or email to the Amazon Simple Queue Service (SQS. queues or to any HTTP endpoint. The user can configure some sensor devices at his home which receives data on the HTTP end point (REST calls. and turn on the red light. The user can configure the Cloud Watch alarm to send a notification to the AWS SNS HTTP end point (the sensor device, and it will turn the light red when there is an alarm condition.


Options are :

  • One instance of a small size and running in the US-East-l a zone of each AWS account will get the benefit of RI pricing
  • Any single instance from all the three accounts can get the benefit of AWS RI pricing if they are running in the same zone and are of the same size (Correct)
  • Only the account that has purchased the RI will get the advantage of RI pricing
  • If there are more than one instances of a small size running across multiple accounts in the same zone no one will get the benefit of RI

Answer : Any single instance from all the three accounts can get the benefit of AWS RI pricing if they are running in the same zone and are of the same size

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 18

A user has setup an EBS backed instance and a Cloud Watch alarm when the CPU utilization is more than 65%. The user has setup the alarm to watch it for 5 periods of 5 minutes each. The CPU utilization is 60% between 9 AM to 6 PM. The user has stopped the EC2 instance for 15 minutes between 11 AM to 11:1 5 AM. What will be the status of the alarm at 11:30 AM?


Options are :

  • Insufficient Data
  • Error
  • Alarm
  • OK (Correct)

Answer : OK

An AWS account wants to be part of the consolidated billing of his organizations payee account. How can the owner of that account achieve this?


Options are :

  • The payee account has to request AWS support to link the other accounts with his account
  • The owner of the linked account requests the payee account to add his account to consolidated billing
  • The owner of the linked account should add the payee account to his master account list from the billing console
  • The payee account will send a request to the linked account to be a part of consolidated billing (Correct)

Answer : The payee account will send a request to the linked account to be a part of consolidated billing

An organization is planning to use AWS for 5 different departments. The finance department is responsible to pay for all the accounts. However, they want the cost separation for each account to map with the right cost centre. How can the finance department achieve this?


Options are :

  • Create 5 separate accounts and use the IAM cross account access with the roles for belier management
  • Create 5 separate IAM users and set a different policy for their access
  • Create 5 separate IAM groups and add users as per the departments employees
  • Create 5 separate accounts and make them a part of one consolidate billing (Correct)

Answer : Create 5 separate accounts and make them a part of one consolidate billing

Certification : Get AWS Certified Solutions Architect in 1 Day (2018 Update) Set 17

A user is trying to understand the ACL and policy for an S3 bucket. Which of the below mentioned policy permissions is equivalent to the WRITE ACL on a bucket?


Options are :

  • s3:ListBucketVersions
  • s3:GetObjectVersion
  • s3:GetObjectAcl
  • s3:DeleteObject (Correct)

Answer : s3:DeleteObject

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions