AWS-Solution-Architect-Associate Guide

aws solution architect associate questions? Tips for success

It is impossible to pass Amazon aws solution architect associate certification exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed Amazon aws solution architect associate dumps practice questions. You will get a surprising result by our Refresh AWS Certified Solutions Architect - Associate practice guides.

Q81. What are the four levels of AWS Premium Support?

A. Basic, Developer, Business, Enterprise

B. Basic, Startup, Business, Enterprise

C. Free, Bronze, Silver, Gold

D. All support is free 

Answer: A


Q82. In the context of AWS support, why must an EC2 instance be unreachable for 20 minutes rather than allowing customers to open tickets immediately?

A. Because most reachability issues are resolved by automated processes in less than 20 minutes

B. Because all EC2 instances are unreachable for 20 minutes every day when AWS does routine maintenance

C. Because all EC2 instances are unreachable for 20 minutes when first launched

D. Because of all the reasons listed here 

Answer: A

Explanation:

An EC2 instance must be unreachable for 20 minutes before opening a ticket, because most reachability issues are resolved by automated processes in less than 20 minutes and will not require any action on the part of the customer. If the instance is still unreachable after this time frame has passed, then you should open a case with support.

Reference: https://aws.amazon.com/premiumsupport/faqs/


Q83. A user has configured a website and launched it using the Apache web server on port 80. The user is using ELB with the EC2 instances for Load Balancing. What should the user do to ensure that the EC2 instances accept requests only from ELB?

A. Configure the security group of EC2, which allows access to the ELB source security group

B. Configure the EC2 instance so that it only listens on the ELB port

C. Open the port for an ELB static IP in the EC2 security group

D. Configure the security group of EC2, which allows access only to the ELB listener 

Answer: A

Explanation:

When a user is configuring ELB and registering the EC2 instances with it, ELB will create a source security group. If the user wants to allow traffic only from ELB, he should remove all the rules set for the other requests and open the port only for the ELB source security group.

Reference:

http://docs.aws.amazon.com/EIasticLoadBaIancing/latest/DeveIoperGuide/using-elb-security-groups.htmI


Q84. Can you move a Reserved Instance from one Availability Zone to another?

A. Yes, but each Reserved Instance is associated with a specific Region that cannot be changed.

B. Yes, only in US-West-2.

C. Yes, only in US-East-1.

D. No

Answer:

Explanation:

Each Reserved Instance is associated with a specific Region, which is fixed for the lifetime of the reservation and cannot be changed. Each reservation can, however, be used in any of the available AZs within the associated Region.

Reference: https://aws.amazon.com/rds/faqs/


Q85. Which of the following statements is true of tagging an Amazon EC2 resource?

A. You don't need to specify the resource identifier while terminating a resource.

B. You can terminate, stop, or delete a resource based solely on its tags.

C. You can't terminate, stop, or delete a resource based solely on its tags.

D. You don't need to specify the resource identifier while stopping a resource. 

Answer: C

Explanation:

You can assign tags only to resources that already exist. You can't terminate, stop, or delete a resource based solely on its tags; you must specify the resource identifier.

Reference: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/Using_Tags.html


Q86. A read only news reporting site with a combined web and application tier and a database tier that receives large and unpredictable traffic demands must be able to respond to these traffic fluctuations automatically. What AWS services should be used meet these requirements?

A. Stateless instances for the web and application tier synchronized using Elasticache Memcached in an autoscaimg group monitored with CIoudWatch. And RDSwith read replicas.

B. Stateful instances for the web and application tier in an autoscaling group monitored with CIoudWatch and RDS with read replicas.

C. Stateful instances for the web and application tier in an autoscaling group monitored with CIoudWatch. And multi-AZ RDS.

D. Stateless instances for the web and application tier synchronized using EIastiCache Memcached in an autoscaling group monitored with CIoudWatch and multi-AZ RDS.

Answer: A


Q87. True or False: When you perform a restore operation to a point in time or from a DB Snapshot, a new DB Instance is created with a new endpoint.

A. FALSE

B. TRUE

Answer: B


Q88. Amazon S3 allows you to set per-file permissions to grant read and/or write access. However you have decided that you want an entire bucket with 100 files already in it to be accessible to the public. You don't want to go through 100 files indMdually and set permissions. What would be the best way to do this?

A. Move the bucket to a new region

B. Add a bucket policy to the bucket.

C. Move the files to a new bucket.

D. Use Amazon EBS instead of S3 

Answer: B

Explanation:

Amazon S3 supports several mechanisms that give you filexibility to control who can access your data as well as how, when, and where they can access it. Amazon S3 provides four different access control mechanisms: AWS Identity and Access Management (IAM) policies, Access Control Lists (ACLs), bucket policies, and query string authentication. IAM enables organizations to create and manage multiple users under a single AWS account. With IAM policies, you can grant IAM users fine-grained control to your Amazon S3 bucket or objects. You can use ACLs to selectively add (grant) certain permissions on indMdual objects.

Amazon S3 bucket policies can be used to add or deny permissions across some or all of the objects within a single bucket.

With Query string authentication, you have the ability to share Amazon S3 objects through URLs that are

valid for a specified period of time.

Reference: http://aws.amazon.com/s3/detai|s/#security


Q89. In DynamoDB, could you use IAM to grant access to Amazon DynamoDB resources and API actions?

A. In DynamoDB there is no need to grant access

B. Depended to the type of access

C. No

D. Yes 

Answer: D

Explanation:

Amazon DynamoDB integrates with AWS Identity and Access Management (IAM). You can use AWS IAM to grant access to Amazon DynamoDB resources and API actions. To do this, you first write an AWS IAM policy, which is a document that explicitly lists the permissions you want to grant. You then attach that  policy to an AWS IAM user or role.

Reference: http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/UsingIAMWithDDB.htmI


Q90. You need to create a management network using network interfaces for a virtual private cloud (VPC) network. Which of the following statements is incorrect pertaining to Best Practices for Configuring Network Interfaces.

A. You can detach secondary (ethN) network interfaces when the instance is running or stopped. However, you can't detach the primary (eth0) interface.

B. Launching an instance with multiple network interfaces automatically configures interfaces, private IP addresses, and route tables on the operating system of the instance.

C. You can attach a network interface in one subnet to an instance in another subnet in the same VPC, however, both the network interface and the instance must reside in the same Availability Zone.

D. Attaching another network interface to an instance is a valid method to increase or double the network bandwidth to or from the dual-homed instance

Answer:

Explanation:

Best Practices for Configuring Network Interfaces

You can attach a network interface to an instance when it's running (hot attach), when it's stopped (warm attach), or when the instance is being launched (cold attach).

You can detach secondary (ethN) network interfaces when the instance is running or stopped. However, you can't detach the primary (eth0) interface.

You can attach a network interface in one subnet to an instance in another subnet in the same VPC, however, both the network interface and the instance must reside in the same Availability Zone.

When launching an instance from the CLI or API, you can specify the network interfaces to attach to the instance for both the primary (eth0) and additional network interfaces.

Launching an instance with multiple network interfaces automatically configures interfaces, private IP addresses, and route tables on the operating system of the instance.

A warm or hot attach of an additional network interface may require you to manually bring up the second interface, configure the private IP address, and modify the route table accordingly. (Instances running Amazon Linux automatically recognize the warm or hot attach and configure themselves.)

Attaching another network interface to an instance is not a method to increase or double the network bandwidth to or from the dual-homed instance.

Reference:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.htmI#use-network-and-security-applia nces-in-your-vpc


To know more about the AWS-Solution-Architect-Associate, click here.

Tagged as : Amazon AWS-Solution-Architect-Associate Dumps, Download AWS-Solution-Architect-Associate pdf, AWS-Solution-Architect-Associate VCE, AWS-Solution-Architect-Associate pass4sure, examcollection AWS-Solution-Architect-Associate