Certification : Get AWS(Amazon Web Service) Certified Solutions Architect in 1 Day (2018 Update) Set 1

Your AWS(Amazon Web Service) environment contains several reserved EC2 instances dedicated to a project that has just been cancelled. You need to stop incurring charges for the reserved instances immediately. What steps would you take to avoid taking the hit on the charge for these reserved instances? Choose 2 correct options


Options are :

  • Stop the instances as soon as possible.
  • Contact AWS(Amazon Web Service) and explain the situation to try and recover the costs.
  • Sell the reserved instances on the AWS(Amazon Web Service) Reserved Instance Marketplace
  • Terminate the instances as soon as possible.

Answer : Sell the reserved instances on the AWS(Amazon Web Service) Reserved Instance Marketplace Terminate the instances as soon as possible.

You have 2 Ubuntu instances located in different subnets in the same VPC. Now to your understanding these instances should be able to communicate with each other, but when you try to ping from one instance to another, you get a timeout. The Route tables seem to be valid and has the entry for the Target ‘local’ for your VPC CIDR. Which of the following could be a valid reason for this issue.


Options are :

  • The Instances are of the wrong AMI , hence you are not able to ping the instances.
  • The Security Group has not been modified for allow the required traffic.
  • The Instances don’t have Public IP, so that the ping commands can be routed
  • The Instances don’t have Elastic IP, so that the ping commands can be routed

Answer : The Security Group has not been modified for allow the required traffic.

Which aws service is used to monitor all API calls to AWS


Options are :

  • Amazon SES
  • Amazon Cloudtrail
  • Amazon CloudFront
  • Amazon S3

Answer : Amazon Cloudtrail

Which of the following are valid statements about Amazon S3? Choose 2 options.


Options are :

  • S3 provides read-after-write consistency for any type of PUT or DELETE.
  • Consistency is not guaranteed for any type of PUT or DELETE.
  • A successful response to a PUT request only occurs when a complete object is saved.
  • Partially saved objects are immediately readable with a GET after an overwrite PUT.
  • S3 provides eventual consistency for overwrite PUTS and DELETES.

Answer : A successful response to a PUT request only occurs when a complete object is saved. S3 provides eventual consistency for overwrite PUTS and DELETES.

You have an environment that consists of a public subnet using Amazon VPC and 3 instances that are running in this subnet. These three instances can successfully communicate with other hosts on the Internet. You launch a fourth instance in the same subnet, using the same AMI and security group configuration you used for the others, but find that this instance cannot be accessed from the internet. What should you do to enable Internet access?


Options are :

  • Deploy a NAT instance into the public subnet.
  • Assign an Elastic IP address to the fourth instance.
  • Configure a publically routable IP Address in the host OS of the fourth instance.
  • Modify the routing table for the public subnet.

Answer : Assign an Elastic IP address to the fourth instance.

As a solution architect, you have been asked to design a cloud service based on AWS(Amazon Web Service) and choose to use RRS on S3 instead of S3 standard storage type. In such a case what type of trade-offs do you have to build your application around?


Options are :

  • With RRS you have to copy data and extract data which can take up to 3 hours.
  • RRS only has 99.99% availability
  • With RRS, you don’t need to worry since AWS(Amazon Web Service) will take care of the durability of RRS.
  • RRS only has 99.99% durability and you have to design automation around replacing lost objects

Answer : RRS only has 99.99% durability and you have to design automation around replacing lost objects

What is the name of the VPC that is automatically created for your AWS(Amazon Web Service) account for the first time ?


Options are :

  • Primary VPC
  • First VPC
  • Default VPC
  • Initial VPC

Answer : Default VPC

Per the AWS(Amazon Web Service) Acceptable Use Policy, penetration testing of EC2 instances:


Options are :

  • May be performed by AWS, and will be performed by AWS(Amazon Web Service) upon customer request.
  • May be performed by AWS, and is periodically performed by AWS.
  • Are expressly prohibited under all circumstances.
  • May be performed by the customer on their own instances with prior authorization from AWS.
  • May be performed by the customer on their own instances, only if performed from EC2 instances.

Answer : May be performed by the customer on their own instances with prior authorization from AWS.

In order to add current EC2 instances to an Autoscaling group, which of the following criteria must be met. Choose 3 options from the answers given below


Options are :

  • The instance is in the stopped state.
  • The AMI used to launch the instance must still exist.
  • The instance is not a member of another Auto Scaling group.
  • The instance is in the same Availability Zone as the Auto Scaling group.

Answer : The AMI used to launch the instance must still exist. The instance is not a member of another Auto Scaling group. The instance is in the same Availability Zone as the Auto Scaling group.

Which of the following statements are true about Amazon Reduced Redundancy Storage (RRS)? Choose the correct 3 answers from the below options.


Options are :

  • RRS has the ability to provide eleven nines availability.
  • RRS has the ability to provide 99.99% availability.
  • RRS has the ability to provide 99.99% durability.
  • If there is a requirement to store data that is easily reproducible or durably stored elsewhere, then RRS is the ideal option.

Answer : RRS has the ability to provide 99.99% availability. RRS has the ability to provide 99.99% durability. If there is a requirement to store data that is easily reproducible or durably stored elsewhere, then RRS is the ideal option.

A company has a set of web servers. They want to ensure that all the logs from these web servers can be analyzed in real time for any sort of threat detection. Which of the following would assist in this regard


Options are :

  • Upload all the logs to the SQS service and then use EC2 Instances to scan the logs
  • Upload the logs to Amazon Kinesis and then analyze the logs accordingly.
  • Upload the logs to Cloudtrail and then analyze the logs accordingly.
  • Upload the logs to Glacier and then analyze the logs accordingly.

Answer : Upload the logs to Amazon Kinesis and then analyze the logs accordingly.

In the Amazon CloudWatch, which metric should I be checking to ensure that your DB Instance has enough free Memory?


Options are :

  • FreeStorage
  • Freeable Memory
  • FreeStorageVolume
  • FreeDBStorageSpace

Answer : Freeable Memory

You are tasked with setting up a Linux bastion host for access to Amazon EC2 instances running in your VPC. Only clients connecting from the corporate external public IP address 72.34.51.100 should have SSH access to the host. Which option will meet the customer requirement?


Options are :

  • Security Group Inbound Rule: Protocol – TCP. Port Range – 22, Source 72.34.51.100/32
  • Security Group Inbound Rule: Protocol – UDP, Port Range – 22, Source 72.34.51.100/32
  • Network ACL Inbound Rule: Protocol – UDP, Port Range – 22, Source 72.34.51.100/32
  • Network ACL Inbound Rule: Protocol – TCP, Port Range-22, Source 72.34.51.100/0

Answer : Security Group Inbound Rule: Protocol – TCP. Port Range – 22, Source 72.34.51.100/32

There is a company website that is going to be launched in the coming weeks. There is a probability that the traffic will be quite high in the first couple of weeks. In the event of a load failure, how can you set up DNS failover to a static website? Choose the correct answer from the options given below.


Options are :

  • Duplicate the exact application architecture in another region and configure DNS weight-based routing
  • Enable failover to an on-premise data center to the application hosted there.
  • Use Route 53 with the failover option to failover to a static S3 website bucket or CloudFront distribution.
  • Add more servers in case the application fails.

Answer : Use Route 53 with the failover option to failover to a static S3 website bucket or CloudFront distribution.

A Solutions Architect is designing a shared service for hosting containers from several customers on Amazon ECS. These containers will use several AWS(Amazon Web Service) services. A container from one customer must not be able access data from another customer. Which solution should the architect use to meet the requirements?


Options are :

  • IAM roles for tasks
  • IAM roles for EC2 Instances
  • IAM Instance profile for EC2 Instances
  • Security Group rules

Answer : IAM roles for tasks

If you want to launch Amazon Elastic Compute Cloud (EC2) instances and assign each instance a private IP address in a predetermined range, you should: (choose one of the correct answer below)


Options are :

  • Launch the instance from a private Amazon Machine Image (AMI).
  • Assign a group of sequential Elastic IP address to the instances.
  • Launch the instances in the Amazon Virtual Private Cloud (VPC).
  • Launch the instances in a Placement Group.
  • Use standard EC2 instances since each instance gets a private Domain Name Service (DNS) already.

Answer : Launch the instances in the Amazon Virtual Private Cloud (VPC).

Which Amazon service can I use to define a virtual network that closely resembles a traditional data center?


Options are :

  • Amazon VPC
  • Amazon ServiceBus
  • Amazon EMR
  • Amazon RDS

Answer : Amazon VPC

A company has the requirement to store files in S3. After a period of a month, these files can be archived. The archived files might be required after a period of 3-4 months. Which of the following suits the requirements


Options are :

  • Use EC2 instances with EBS volumes, one for normal storage and the other for archived storage
  • Use S3 for normal file storage and use lifecycle policies for moving the files to glacier.
  • Use EC2 instances with EBS volumes and use lifecycle policies for moving the files to glacier.
  • Use glacier for normal file storage and use lifecycle policies for moving the files to S3.

Answer : Use S3 for normal file storage and use lifecycle policies for moving the files to glacier.

You have a requirement to create a subnet in an AWS(Amazon Web Service) VPC which will host around 20 hosts. This subnet will be used to host web servers. Which of the below could be the possible CIDR block allocated for the subnet


Options are :

  • 10.0.1.0/27
  • 10.0.1.0/28
  • 10.0.1.0/29
  • 10.0.1.0/30

Answer : 10.0.1.0/27

You have an EC2 Instance placed inside a subnet. You have created the VPC from scratch and the subnet and then added the EC2 Instance to the subnet. You need to ensure that the EC2 instance has complete access to the Internet, since it is going to be used by users on the Internet. Which of the following would help ensure this can be accomplished.


Options are :

  • Launch a NAT gateway and add routes for 0.0.0.0/0
  • Attach a VPC endpoint and add routes for 0.0.0.0/0
  • Attach an Internet gateway and add routes for 0.0.0.0/0
  • Deploy NAT instances in a public subnet and add routes for 0.0.0.0/0

Answer : Attach an Internet gateway and add routes for 0.0.0.0/0

A customer wants to have the ability to transfer stale data from their S3 location to a low cost storage system. If there is a possibility to automate this, they would be more than happy. As an AWS(Amazon Web Service) Solution Architect, what is the best solution you can provide to them?


Options are :

  • Use an EC2 instance and a scheduled job to transfer the stale data from their S3 location to Amazon Glacier.
  • Use Life-Cycle Policies
  • Use AWS(Amazon Web Service) SQS
  • There is no option, the users will have to download the data and then transfer the data to aws manually.

Answer : Use Life-Cycle Policies

You working in the media industry and you have created a web application where users will be able to upload photos they create to your website. This web application must be able to call the S3 API in order to be able to function. Where should you store your API credentials whilst maintaining the maximum level of security.


Options are :

  • Save the API credentials to your php files.
  • Don’t save your API credentials. Instead create a role in IAM and assign this role to an EC2 instance when you first create it.
  • Save your API credentials in a public Github repository.
  • Pass API credentials to the instance using instance userdata.

Answer : Don’t save your API credentials. Instead create a role in IAM and assign this role to an EC2 instance when you first create it.

As a solution architect, you have been asked to decide on whether to use Amazon EBS-backed or instance-store backed instance. What is one key difference between an Amazon EBS-backed and an instance-store backed instance that you need to keep in mind.


Options are :

  • Amazon EBS-backed instances can be stopped and restarted.
  • Instance-store backed instances can be stopped and restarted.
  • Auto scaling requires using Amazon EBS-backed instances.
  • Virtual Private Cloud (VPC) requires EBS backed instances.

Answer : Amazon EBS-backed instances can be stopped and restarted.

An application requires an EC2 Instance to do continuously batch processing activities which requires at least 500MiB/s throughput of data. Which of the following is the best storage option for this.


Options are :

  • EBS IOPS
  • EBS SSD
  • EBS Throughput Optimized
  • EBS Cold Storage

Answer : EBS Throughput Optimized

You are building an automated transcription service in which Amazon EC2 worker instances process an uploaded audio file and generate a text file. You must store both of these files in the same durable storage until the text file is retrieved. You do not know what the storage capacity requirements are. Which storage option is both cost-efficient and scalable?


Options are :

  • Multiple Amazon EBS volume with snapshots
  • A single Amazon Glacier vault
  • A single Amazon S3 bucket
  • Multiple instance stores

Answer : A single Amazon S3 bucket

As an AWS(Amazon Web Service) administrator you are trying to convince a team to use RDS Read Replica’s. What are two benefits of using read replicas? Choose the 2 correct answers from the options below


Options are :

  • Creates elasticity in RDS
  • Allows both reads and writes
  • Improves performance of the primary database by taking workload from it
  • Automatic failover in the case of Availability Zone service failures

Answer : Creates elasticity in RDS Improves performance of the primary database by taking workload from it

What service from AWS(Amazon Web Service) can help manage the budgets for all resources in AWS? Choose one answer from the options below


Options are :

  • Cost Explorer
  • Cost Allocation Tags
  • AWS Budgets
  • Payment History

Answer : AWS Budgets

There is a requirement for block level storage which would be able to store 500GB of data. Also encryption of the data is required. Which of the following can be used in such a case


Options are :

  • AWS EBS Volumes
  • AWS S3
  • AWS Glacier
  • AWS EFS

Answer : AWS EBS Volumes

A company has an entire infrastructure hosted on AWS. They want to create code templates which can be used to provision the same set of resources in another region in case of a disaster in the primary region. Which of the following services can help in this regard


Options are :

  • AWS Beanstalk
  • AWS Cloudformation
  • AWS CodeBuild
  • AWS CodeDeploy

Answer : AWS Cloudformation

There is an application which consists of EC2 Instances behind a classic ELB. An EC2 proxy is used for content management to backend instances. The application might not be able to scale properly. Which of the following can be used to scale the proxy and backend instances appropriately. Choose 2 answers from the options given below


Options are :

  • Use Autoscaling for the proxy servers
  • Use Autoscaling for the backend instances
  • Replace the Classic ELB with Application ELB
  • Use Application ELB for both the front end and backend instances

Answer : Use Autoscaling for the proxy servers Use Autoscaling for the backend instances