Last Updated on October 31, 2022 by InfraExam
SOA-C01 : AWS-SysOps : Part 18
Which of the following are the customer’s responsibilities, according to the AWS Shared Responsibility Security Model? (Choose two.)
- Operating system, network, and firewall configuration
- Client-side data encryption and data integrity authentication
- AWS data center access logs
- Hypervisor updates and configuration
- Physical media destruction
Elastic Load Balancing automatically distributes incoming traffic across multiple _____ instances.
AWS provides the Elastic Load Balancing service to automatically distribute the incoming traffic across multiple Amazon Elastic Compute Cloud (Amazon EC2) instances. The load balancer serves as a single point of contact for clients, which increases the availability of your application.
You can add and remove instances from your load balancer as your needs change, without disrupt-ing the overall flow of requests to your application.
___________ is a task coordination and state management service for cloud applications.
- Amazon SWF
- Amazon FPS
- Amazon SES
- Amazon SNS
Amazon Simple Workflow (Amazon SWF) is a task coordination and state management service for cloud applications. With Amazon SWF, you can stop writing complex glue-code and state machin
A block device is a storage device that moves data in sequences. How many types of block devices does Amazon EC2 support?
- 2 -instance store volumes and EBS volumes
- 5 -General Purpose SSD, Provisioned IOPS SSD, Throughput Optimized HDD, Cold HDD, and Magnetic
- 3 -SSD, HDD, and Magnetic
- 1 -instance store volumes
A block device is a storage device that moves data in sequences of bytes or bits (blocks). These de-vices support random access and generally use buffered I/O. Examples include hard disks, CD-ROM drives, and flash drives. A block device can be physically attached to a computer or accessed remotely as if it were physically attached to the computer. Amazon EC2 supports two types of block devices:
Amazon EC2 supports two types of block devices.
Instance store volumes (virtual devices whose underlying hardware is physically attached to the host computer for the instance)
EBS volumes (remote storage devices)
The SSD, HDD and Magnetic choices are all options for the type of storage offered via EBS vol-umes. They are not types of block devices.
Do Amazon EBS volumes persist independently from the running life of an Amazon EC2 instance?
- No, they are dependent.
- No, you cannot attach EBS volumes to an instance.
- Yes, they do but only if they are detached from the instance.
- Yes, they do, if the Delete on termination flag is unset.
An Amazon EBS volume behaves like a raw, unformatted, external block device that you can attach to a single instance. The volume persists independently from the running life of an Amazon EC2instance.
Is it possible to access S3 objects from the Internet?
- Yes, but it has to pass through EC2.
- Yes, it is possible if proper public readable accesses and ACLs are set.
- No, there is no way to access any S3 objects from the Internet.
- No, only a general overview of S3 objects can be read from the Internet.
You must grant read permission on the specific objects to make them publicly accessible so that your users can view them on your website. You make objects publicly readable by using either the object ACL or by writing a bucket policy.
_________ is a fast, reliable, scalable, fully managed message queuing service.
- AWS Data Pipeline
- Amazon SES
- Amazon SQS
- Amazon SNS
Amazon Simple Queue Service (SQS) is a fast, reliable, scalable, fully managed message queuing service. SQS makes it simple and cost-effective to decouple the components of a cloud application.
Decoupling the components of an application -you have a queue of work items and want to track the successful completion of each item independently. Amazon SQS tracks the ACK/FAIL results, so the application does not have to maintain a persistent checkpoint or cursor. After a configured visibility timeout, Amazon SQS deletes acknowledged messages and redelivers failed messages.
Configuring individual message delay -you have a job queue and you need to schedule individual jobs with a delay. With standard queues, you can configure individual messages to have a delay of up to 15 minutes.
Dynamically increasing concurrency or throughput at read time -you have a work queue and want to add more consumers until the backlog is cleared. Amazon SQS requires no pre-provisioning.
Scaling transparently -your buffer requests and the load changes as a result of occasional load spikes or the natural growth of your business. Because Amazon SQS can process each buffered request independently, Amazon SQS can scale transparently to handle the load without any provisioning instructions from you.
What does Amazon Route53 provide?
- A global Content Delivery Network
- A scalable DNS web service
- An SSH endpoint for Amazon EC2
- None of these
Amazon Route53 provides a scalable Domain Name System. Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications by translating names like www.example.com into the numeric IP addresses like 192.0.2.1 that computers use to connect to each other. Amazon Route 53 is fully compliant with IPv6 as well.
What does Amazon VPC stand for?
- Amazon Virtual Private Cloud
- Amazon Variable Power Cluster
- Amazon Virtual Private Computer
- Amazon Virtual Public Cloud
Amazon VPC stands for Amazon Virtual Private Cloud (Amazon VPC). Amazon VPC lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of sub-nets, and configuration of route tables and network gateways. You can also create a hardware Vir-tual Private Network (VPN) connection between your corporate datacenter and your VPC and lev-erage the AWS cloud as an extension of your corporate datacenter.
Which of the following does Amazon S3 provide?
- A virtual server in the cloud
- A highly-scalable cloud storage
- A highly encrypted virtual disk in the cloud
- A transient storage in the cloud
Amazon S3 provides Scalable Storage in the Cloud. Amazon Simple Storage Service (Amazon S3) is object storage with a simple web service interface to store and retrieve any amount of data from anywhere on the web. It is designed to deliver 99.999999999% durability, and scale past trillions of objects worldwide.
The billing process for Amazon EC2 instances was updated as of October 2, 2017. Which of the
following statements is true regarding how you pay for Amazon EC2 instances? (Choose two.)
- Payment does not vary based on the instance AMI’s operating system.
- You can pay per hour or per second, depending on the instance AMI’s operating system.
- You pay for compute capacity by the day; hours are billed in proportion.
- You can pay per hour or per second, depending on the instance type.
Previously, if you launched an instance for 5 minutes, you would pay for 1 hour. If you launched an instance for 45 minutes, you would also pay for 1 hour. This means that partial hours cost as much as one full hour. Pricing is per instance-hour consumed for each instance, from the time an instance is launched until it is terminated or stopped. Each partial instance-hour consumed will be billed as a full hour.
With EC2 services now billed per-second in some cases, as well as per-hour in others as of October 2, 2017, there is more to consider. Amazon AWS is still based on the concept of pay-as-you-go. You pay Amazon EC2 instances by the second for all instance types except Dedicated Host, which is still billed per instance-hour. You are billed per second when using Linux operating systems with no separate hourly charge, and billed per hour when using Windows operating systems.
When an instance terminates, Amazon EC2 uses the value of the _____ attribute for each attached Amazon EBS volume to determine whether to preserve or delete the volume.
When an instance terminates, Amazon EC2 uses the value of the DeleteOnTermination attribute
for each attached Amazon EBS volume to determine whether to preserve or delete the volume.
- What does Amazon RDS perform?
- It tests the functionalities in websites.
- It blocks users from creating DB instances.
- It manages the work involved in setting up a relational database.
- It provides sensory feedback.
Amazon RDS manages the work involved in setting up a relational database: from provisioning the infrastructure capacity you request to installing the database software.
What was the recommended use case for S3 Reduced Redundancy storage before its deprecation was planned?
- It was used to reduce storage costs by providing 500 times the durability of a typical disk drive at lower levels of redundancy.
- It was used to reduce storage costs for noncritical data at lower levels of redundancy.
- It was used to reduce storage costs by allowing you to destroy any copy of your files outside a specific jurisdiction.
- It was used to reduce storage costs for reproducible data at high levels of redundancy in a single facility.
Reduced Redundancy Storage (RRS) was introduced in order to reduce storage costs. When first developed, you could use reduced redundancy storage for noncritical, reproducible data at lower levels of redundancy than Amazon S3 provides with standard storage. Now Standard is a more af-fordable from a cost perspective, because Amazon is deprecating RRS and has changed the pricing structure.
____________ is a fast, flexible, fully managed pub/sub messaging service.
- Amazon SQS
- Amazon SES
- Amazon FPS
- Amazon SNS
Amazon Simple Notification Service (Amazon SNS) is a fast, flexible, fully managed push messag-ing service. Amazon SNS makes it simple and cost-effective to push to mobile devices such as iPh-one, iPad, Android, Kindle Fire, and internet connected smart devices, as well as pushing to other distributed services.
Does AWS offer any web-based graphic user interface to access and manage EC2 instances?
- Yes, the AWS Application Clusters.
- No, you can only use the available software development kits.
- Yes, the AWS Management Console.
- No, you can only use the command line interface.
You can access and manage Amazon Web Services through a simple and intuitive web-based user interface known as the AWS Management Console.
What is the maximum size of an object in Amazon S3?
- 4 TB
- 5 TB
- 500 MB
5TB is the maximum size of an object in Amazon S3.
The total volume of data and number of objects you can store are unlimited. Individual Amazon S3 objects can range in size from a minimum of 0 bytes to a maximum of 5 terabytes. The largest object that can be uploaded in a single PUT is 5 gigabytes. For objects larger than 100 megabytes, custom-ers should consider using the Multipart Upload capability.
Amazon EBS provides the ability to create backups of any Amazon EC2 volume into what is known as _____.
- instance backups
Amazon allows you to backup the data stored in your EBS volumes with snapshots that can later be used to create a new EBS volume.
Which of the following size ranges is true of Individual Amazon S3 objects?
- 5 gigabytes to 5 terabytes
- 0 bytes to 5 terabytes
- 100 megabytes to 5 gigabytes
- 1 byte to 5 gigabytes
The total volume of data and number of objects you can store are unlimited. Individual Amazon S3 objects can range in size from 0 bytes to 5 terabytes.
What is a security group in Amazon AWS?
- A UNIX Group that gives permission to edit security settings
- An authorized group of instances that control access to other resources
- A virtual firewall that controls the traffic for one or more instances
- An Access Control List (ACL) for AWS resources
A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance. You add rules to each security group that allow traffic to or from its associated instances. You can modify the rules for a security group at any time; the new rules are automatically applied to all instances that are associated with the security group. When we decide whether to allow traffic to reach an instance, we evaluate all the rules from all the security groups that are associated with the instance.