This blog post is about some Sample Questions for AWS Certified Solution Architect. Answers with explanations are at the bottom.
Quiz 1
- Does S3 provide read-after-write consistency?
- No, not for any region
- Yes, but only for certain regions
- Yes, but only for certain regions and for new objects
- Yes, for all regions
- What is the maximum size of a single S3 object?
- There is no such limit
- 5 TB
- 5 GB
- 100 GB
- Is data stored in S3 is always encrypted?
- Yes, S3 always encrypts data for security
- No, there is no such feature
- Yes, but only when right APIs are called
- Yes, but only in Gov Cloud datacenters
- What is true for S3 buckets (select multiple if more than one is true)?
- Bucket namespace is shared and is global among all AWS users.
- Bucket names can contain alpha numeric characters
- Bucket are associated with a region, and all data in a bucket resides in that region
- Buckets can be transferred from one account to another through API
- EBS can always tolerate an Availability Zone failure?
- No, all EBS volume is stored in a single Availability Zone
- Yes, EBS volume has multiple copies so it should be fine
- Depends on how it is setup
- Depends on the Region where EBS volume is initiated
- Which of the following Auto scaling CANNOT do (select multiple if more than one is true)?
- Start up EC2 instances when CPU utilization is above threshold
- Release EC2 instances when CPU utilization is below threshold
- Increase the instance size when utilization is above threshold
- Add more Relational Database Service (RDS) read replicas when utilization is above threshold
- Which of the following benefits does adding Multi-AZ deployment in RDS provide (choose multiple if more than one is true)?
- MultiAZ deployed database can tolerate an Availability Zone failure
- Decrease latencies if app servers accessing database are in multiple Availability zones
- Make database access times faster for all app servers
- Make database more available during maintenance tasks
- What happens to data when an EC2 instance terminates (select multiple if more than one is true)?
- For EBS backed AMI, the EBS volume with operation system on it is preserved
- For EBS backed AMI, any volume attached other than the OS volume is preserved
- All the snapshots of the EBS volume with operating system is preserved
- For S3 backed AMI, all the data in the local (ephemeral) hard drive is deleted
- For an EC2 instance launched in a private subnet in VPC, which of the following are the options for it to be able to connect to the internet (assume security groups have proper ports open).
- Simply attach an elastic IP
- If there is also a public subnet in the same VPC, an ENI can be attached to the instance with the ip address range of the public subnet
- If there is a public subnet in the same VPC with a NAT instance attached to internet gateway, then a route can be configured from the instance to the NAT
- There is no way for an instance in private subnet to talk to the internet
- When an ELB is setup, what is the best way to route a website’s traffic to it?
- Resolve the ELB name to an ip address and point the website to that ip address
- There is no direct way to do so, Route53 has to be used
- Generate a CNAME record for the website pointing to the DNS name of the ELB
Answers:
1) Answer: C.
S3’s consistency model is that of eventual consistency. This means that when an object is stored in S3, it is replicated in different datacenters (availability zones) in the same region. And it can take a short amount of time before all the data centers have a uniform view of the object (This time is usually less than a second, but if system is in distress it could take much longer). Thus in essence, S3 does not provide read-after-write consistency.
But the S3 team has modified the algorithm so as to provide read-after-write consistency for new objects. Which means that if I upload “object-n” for the first time (lets call it version-1), I get the opportunity to immediately read it without any consistency issues. This is though not supported for US-East region. Thus S3 support read-after-write consistency for new objects but for all regions except US-East.
2) Answer: B.
Using multipart upload, a single object in S3 can be upto 5TB in size.
Using multipart upload, a single object in S3 can be upto 5TB in size.
3) Answer: C.
S3 by default do not encrypt the data stored into its service. But using Server Side Encryption feature, if proper headers are passes (in REST), S3 will first encrypt the data and then store that encrypted data.
S3 by default do not encrypt the data stored into its service. But using Server Side Encryption feature, if proper headers are passes (in REST), S3 will first encrypt the data and then store that encrypted data.
4) Answers: A, B, C
Bucket namespace is global, which means that if someone creates a bucket called “pics” nobody else can create a bucket of the same name. Bucket names can contain alphanumeric characters which means we can have a bucket named “cloudthat1234”. And when we create a bucket, we have to select a region for the bucket, and all data stored in that bucket is physically stored in that region only (although the data can be accessed from anywhere in the world with proper credentials).
Bucket namespace is global, which means that if someone creates a bucket called “pics” nobody else can create a bucket of the same name. Bucket names can contain alphanumeric characters which means we can have a bucket named “cloudthat1234”. And when we create a bucket, we have to select a region for the bucket, and all data stored in that bucket is physically stored in that region only (although the data can be accessed from anywhere in the world with proper credentials).
5) Answer: A
One of the known fallacies of EBS is that all the data of a single volume lives in a single Availability Zone. Thus it cannot withstand Availability zone failures.
One of the known fallacies of EBS is that all the data of a single volume lives in a single Availability Zone. Thus it cannot withstand Availability zone failures.
6) Answer: C, D
Auto scaling cannot increase instance size of an EC2 instance. The idea is to be able to scale horizontally, and not vertically. Also D is correct as Auto scaling currently cannot automate RDS instance to do anything.
Auto scaling cannot increase instance size of an EC2 instance. The idea is to be able to scale horizontally, and not vertically. Also D is correct as Auto scaling currently cannot automate RDS instance to do anything.
7) Answers: A, D
RDS MultiAZ does make database a single AZ failure tolerant, as it has automatic failover feature, where the secondly will become primary and application can keep accessing the database. It also increases availability during maintenance, as maintenance is performed first on secondary, then its made primary and then old-primary is updated.
RDS MultiAZ does make database a single AZ failure tolerant, as it has automatic failover feature, where the secondly will become primary and application can keep accessing the database. It also increases availability during maintenance, as maintenance is performed first on secondary, then its made primary and then old-primary is updated.
8) Answers: B, C, D
9) Answer: C
10) Answer: C
The ip address of an ELB can change, so it’s not advisable to point domain directly at that ip address. Instead use CNAME to map to the ELB DNS name
The ip address of an ELB can change, so it’s not advisable to point domain directly at that ip address. Instead use CNAME to map to the ELB DNS name
Quiz 2
- An instance is launched into the public subnet of a VPC. Which of the following must be done in order for it to be accessible FROM the Internet?
- Attach an Elastic IP to the instance
- Nothing. The instance is accessible from the Internet
- Launch a NAT instance and route all traffic to it
- Make an entry in the route table passing all traffic going outside the VPC to the NAT instance
- In VPCs with private and public subnets, database servers should ideally be launched into:
- The public subnet
- The private subnet
- Either of them
- Not recommended, they should ideally be launched outside VPC
- An instance is connected to an ENI (Elastic Network Interface) in one subnet. What happens when you attach an ENI of a different subnet to this instance?
- The instance follows the rules of the older subnet
- The instance follows the rules of both the subnets
- The instance follows the rules of the newer subnet
- Not possible cannot be connected to 2 ENIs
- You want to use Route53 to direct your www sub-domain to an elastic load balancer fronting your web servers. What kind of record set should you create?
- A.
- AAAA
- NS
- CNAME
- You have created 4 weighted resource record sets with weights 1, 2, 3 and 4. the 3rd record set is selected by Route53:
- 1/7th of the time
- 3/10th of the time
- 3/7th of the time
- 1/4th of the time
- You have created a Route 53 latency record set from your domain to a machine in Singapore and a similar record to a machine in Oregon. When a user located in India visits your domain he will be routed to:
- Singapore
- Oregon
- Depends on the load on each machine
- Both, because 2 requests are made, 1 to each machine
- Which of the following can be used as an origin server in CloudFront?(Choose 3)
- A webserver running on EC2
- A webserver running in your own datacenter
- A RDS instance
- An Amazon S3 bucket
- In CloudFront what happens when content is NOT present at an Edge location and a request is made to it?
- An Error 404 not found is returned
- CloudFront delivers the content directly from the origin server and stores it in the cache of the edge location
- The request is kept on hold till content is delivered to the edge location
- The request is routed to the next closest edge location
- Which of the following is true with respect to serving private content through CloudFront?
- Signed URLs can be created to access objects from CloudFront edge locations
- Direct access to S3 URLs can be removed therefore allowing access only through CloudFront URLs
- Mark the S3 bucket private and allow access to CloudFront by means of Roles
- Mark the S3 bucket private and and create an Origin Access Identity to access the objects
- You have written a CloudFormation template that creates 1 elastic load balancer fronting 2 EC2 instances. Which section of the template should you edit so that the DNS of the load balancer is returned upon creation of the stack.
- Resources
- Parameters
- Outputs
- Mappings
Answers:
1) a
2) b
3) b
4) d
5) b
6) a
7) a, b, d
8) b
9) a, b, d
10) c
No comments:
Post a Comment