-
Notifications
You must be signed in to change notification settings - Fork 1
/
Quiz(aws-certified-solutions-architect-associate-practice-tests-k).html
252 lines (201 loc) · 854 KB
/
Quiz(aws-certified-solutions-architect-associate-practice-tests-k).html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
<!DOCTYPE html>
<html>
<head>
<title>something</title>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js"></script>
<link href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO"
crossorigin="anonymous">
</head>
<body>
<nav class="navbar navbar-dark bg-dark">
<a href="#" class="navbar-brand">The quizzes</a>
<p class="text-info mb-0 mr-0">选择题的选项由上至下分别对应a,b,c,d,e...以此类推</p>
</nav>
<div class="container-fluid">
<div class="row">
<nav class="col-3 navbar navbar-light bg-light" style="align-items: start">
<div class="sidebar-sticky">
<a class="navbar-brand" href="#">Chapter</a>
<nav class="nav nav-pills flex-column" style="font-size: 14px">
<ul class="list-group list-group-flush">
</ul>
</nav>
</div>
</nav>
<div class="col-9" style="background-color: #f3ffc4">
<div class="container">
</div>
</div>
</div>
</div>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js" integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49"
crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js" integrity="sha384-ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy"
crossorigin="anonymous"></script>
<script type="text/javascript">
var None = null;
var True = true
$(document).ready(function () {
var json_data = [{'quizzes': [{'title': 'AWS Certified Solutions Architect - Associate: Test 1', 'quiz_data': {'results': [{'_class': 'assessment', 'original_assessment_id': 4869548, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Access policies define access to resources and can be associated with resources (buckets and objects) and users</li> \t<li>You can use the\xa0AWS Policy Generator\xa0to create a bucket policy for your Amazon S3 bucket</li> \t<li>You can define permissions on objects when uploading and at any time afterwards using the AWS Management Console</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>You would like to share some documents with public users accessing an S3 bucket over the Internet. What are two valid methods of granting public read permissions so you can share the documents? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Grant public read access to the objects when uploading\xa0 \xa0 </p>', '<p>Share the documents using CloudFront and a static website\xa0 \xa0 </p>', '<p>Use the AWS Policy Generator to create a bucket policy for your Amazon S3 bucket granting read access to public anonymous users\xa0 \xa0 </p>', '<p>Grant public read on all objects using the S3 bucket ACL\xa0 \xa0 </p>', '<p>Share the documents using a bastion host in a public subnet\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231817, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:40Z', 'created': '2018-11-26T03:23:40Z', 'correct_response': ['a', 'c'], 'question_plain': 'You would like to share some documents with public users accessing an S3 bucket over the Internet. What are two valid methods of granting public read permissions so you can share the documents? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869550, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Federation can come from three sources: <ul> \t<li>Federation (typically AD)</li> \t<li>Federation with Mobile Apps (e.g. Facebook, Amazon, Google or other Open ID providers)</li> \t<li>Cross account access (another AWS account)</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>A Solutions Architect is designing an authentication solution using the AWS\xa0STS\xa0that will provide temporary, limited-privilege credentials for IAM users or for users that you authenticate (federated users). What supported sources are available to the Architect for users? (choose 2)\xa0</p>', 'relatedLectureIds': '', 'answers': ['<p>OpenID Connect\xa0 \xa0 </p>', '<p>EC2 instance</p>', '<p>Another AWS\xa0account</p>', "<p>A local user on a user's PC</p>", '<p>Cognito identity pool\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231819, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:40Z', 'created': '2018-11-26T03:23:40Z', 'correct_response': ['a', 'c'], 'question_plain': 'A Solutions Architect is designing an authentication solution using the AWS\xa0STS\xa0that will provide temporary, limited-privilege credentials for IAM users or for users that you authenticate (federated users). What supported sources are available to the Architect for users? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869552, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Dynamo DB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability</li> \t<li>Push button scaling means that you can scale the DB at any time without incurring downtime</li> \t<li>DynamoDB provides low read and write latency</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>You are building an application that will collect information about user behavior. The application will rapidly ingest large amounts of dynamic data and requires very low latency. The database must be scalable without incurring downtime. Which database would you recommend for this scenario?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>RDS\xa0with MySQL</p>', '<p>DynamoDB</p>', '<p>RedShift</p>', '<p>RDS\xa0with Microsoft SQL</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231821, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:40Z', 'created': '2018-11-26T03:23:40Z', 'correct_response': ['b'], 'question_plain': 'You are building an application that will collect information about user behavior. The application will rapidly ingest large amounts of dynamic data and requires very low latency. The database must be scalable without incurring downtime. Which database would you recommend for this scenario?'}, {'_class': 'assessment', 'original_assessment_id': 4869554, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses</li> \t<li>Elastic Load Balancing provides fault tolerance for applications by automatically balancing traffic across targets – Amazon EC2 instances, containers and IP addresses – and Availability Zones while ensuring only healthy targets receive traffic</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You are evaluating AWS services that can assist with creating scalable application environments. Which of the statements below best describes the Elastic Load Balancer service?</p>', 'relatedLectureIds': '', 'answers': ['<p>Helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application\xa0 \xa0 </p>', '<p>A highly available and scalable Domain Name System (DNS) service\xa0 \xa0 </p>', '<p>Automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses\xa0 \xa0 </p>', '<p>A network service that provides an alternative to using the Internet to connect customers’ on-premise sites to AWS\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231823, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:40Z', 'created': '2018-11-26T03:23:40Z', 'correct_response': ['c'], 'question_plain': 'You are evaluating AWS services that can assist with creating scalable application environments. Which of the statements below best describes the Elastic Load Balancer service?'}, {'_class': 'assessment', 'original_assessment_id': 4869556, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Metering – define plans that meter and restrict third-party developer access to APIs</li> \t<li>Lifecycle Management – Operate multiple API versions and multiple stages for each version simultaneously so that existing applications can continue to call previous versions after new API versions are published</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> </ul>', 'question': '<p>A Solutions Architect is building a complex application with several back-end APIs. The architect is considering using Amazon API\xa0Gateway. With Amazon API Gateway what are features that assist with creating and managing APIs? (Choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>You can define plans that meter and restrict third-party developer access to APIs\xa0 \xa0 </p>', '<p>Flexible message delivery over multiple transport protocols\xa0 \xa0 </p>', '<p>You can define the maintenance window or AWS will schedule a 30 minute window\xa0 \xa0 </p>', '<p>You can operate multiple API versions and multiple stages for each version simultaneously\xa0 \xa0 </p>', '<p>Executes your code as functions using serverless technology</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231825, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:40Z', 'created': '2018-11-26T03:23:40Z', 'correct_response': ['a', 'd'], 'question_plain': 'A Solutions Architect is building a complex application with several back-end APIs. The architect is considering using Amazon API\xa0Gateway. With Amazon API Gateway what are features that assist with creating and managing APIs? (Choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869558, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Virtual Private Gateway: The Amazon VPC side of a VPN connection</li> \t<li>Customer Gateway: Your side of a VPN connection</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You need to connect your company’s on-premise network into AWS and would like to establish a site-to-site VPN connection into your existing VPC. Which of the following configuration items needs to be setup in your company side of the connection?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>A Virtual Private Gateway\xa0 \xa0 </p>', '<p>A Customer Gateway\xa0 \xa0 </p>', '<p>A Network Address Translation device\xa0 \xa0 </p>', '<p>A Firewall\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231827, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:40Z', 'created': '2018-11-26T03:23:40Z', 'correct_response': ['b'], 'question_plain': 'You need to connect your company’s on-premise network into AWS and would like to establish a site-to-site VPN connection into your existing VPC. Which of the following configuration items needs to be setup in your company side of the connection?'}, {'_class': 'assessment', 'original_assessment_id': 4869560, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>A password policy can be defined for enforcing password length, complexity etc. (applies to all users)</li> \t<li>You can allow or disallow the ability to change passwords using an IAM policy</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>Your company would like to restrict the ability of most users to change their own passwords whilst continuing to allow a select group of users within specific user groups.</p><p>What is the best way to achieve this? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Under the IAM Password Policy deselect the option to allow users to change their own passwords\xa0 \xa0 </p>', '<p>Create an IAM Policy that grants users the ability to change their own password and attach it to the groups that contain the users\xa0 \xa0 </p>', '<p>Create an IAM Role that grants users the ability to change their own password and attach it to the groups that contain the users\xa0 \xa0 </p>', '<p>Disable the ability for all users to change their own passwords using the AWS Security Token Service\xa0 \xa0 </p>', '<p>Create an IAM Policy that grants users the ability to change their own password and attach it to the individual user\xa0accounts</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231829, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:40Z', 'created': '2018-11-26T03:23:40Z', 'correct_response': ['a', 'b'], 'question_plain': 'Your company would like to restrict the ability of most users to change their own passwords whilst continuing to allow a select group of users within specific user groups.What is the best way to achieve this? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869564, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Security group membership can be changed whilst instances are running</li> \t<li>Any changes to security groups will take effect immediately</li> \t<li>You can only assign permit rules in a security group, cannot assign deny rules</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>A colleague from your company’s IT Security team has notified you of an Internet-based threat that affects a certain port and protocol combination. You have conducted an audit of your VPC and found that this port and protocol combination is allowed on an Inbound Rule with a source of 0.0.0.0/0. You have verified that this rule only exists for maintenance purposes and need to make an urgent change to block the access.</p><p>What is the fastest way to block access from the Internet to the specific ports and protocols?</p>', 'relatedLectureIds': '', 'answers': ['<p>You don’t need to do anything; this rule will only allow access to VPC based resources\xa0 \xa0 </p>', '<p>Update the security group by removing the rule\xa0 \xa0 </p>', '<p>Delete the security group\xa0 \xa0 </p>', '<p>Add a deny rule to the security group with a higher priority\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231831, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'A colleague from your company’s IT Security team has notified you of an Internet-based threat that affects a certain port and protocol combination. You have conducted an audit of your VPC and found that this port and protocol combination is allowed on an Inbound Rule with a source of 0.0.0.0/0. You have verified that this rule only exists for maintenance purposes and need to make an urgent change to block the access.What is the fastest way to block access from the Internet to the specific ports and protocols?'}, {'_class': 'assessment', 'original_assessment_id': 4869566, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Cannot have the same port in multiple listeners</li> \t<li>Server Name Indication (SNI) supports multiple secure websites using a single secure listener</li> \t<li>With Server Name Indication (SNI) a client indicates the hostname to connect to</li> \t<li>Host-based routing – route client requests based on the Host field of the HTTP header allowing you to route to multiple domains from the same load balancer</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. One of your clients has requested that you design a solution for distributing load across a number of EC2 instances across multiple AZs within a region. Customers will connect to several different applications running the client’s servers through their browser using multiple domain names and SSL certificates. The certificates are stored in AWS Certificate Manager (ACM).</p><p>What is the optimal architecture to ensure high availability, cost effectiveness, and performance?</p>', 'relatedLectureIds': '', 'answers': ['<p>Launch a single ALB and bind multiple SSL certificates to multiple secure listeners\xa0 \xa0 </p>', '<p>Launch a single ALB and bind multiple SSL certificates to the same secure listener. Clients will use the Server Name Indication (SNI) extension\xa0 \xa0 </p>', '<p>Launch multiple ALBs and bind separate SSL certificates to each ELB\xa0 \xa0 </p>', '<p>Launch a single ALB, configure host-based routing for the domain names and bind an SSL certificate to each routing rule\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231833, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. One of your clients has requested that you design a solution for distributing load across a number of EC2 instances across multiple AZs within a region. Customers will connect to several different applications running the client’s servers through their browser using multiple domain names and SSL certificates. The certificates are stored in AWS Certificate Manager (ACM).What is the optimal architecture to ensure high availability, cost effectiveness, and performance?'}, {'_class': 'assessment', 'original_assessment_id': 4869568, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>A key pair consists of a public key that AWS stores, and a private key file that you store</li> \t<li>For Windows AMIs, the private key file is required to obtain the password used to log into your instance</li> \t<li>For Linux AMIs, the private key file allows you to securely SSH into your instance</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>A Linux instance running in your VPC requires some configuration changes to be implemented locally and you need to run some commands. Which of the following can be used to securely connect to the instance?</p>', 'relatedLectureIds': '', 'answers': ['<p>EC2 password</p>', '<p>Key pairs</p>', '<p>Public key</p>', '<p>SSL/TLS certificate</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231835, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'A Linux instance running in your VPC requires some configuration changes to be implemented locally and you need to run some commands. Which of the following can be used to securely connect to the instance?'}, {'_class': 'assessment', 'original_assessment_id': 4869570, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You cannot restore a snapshot of a root volume without downtime</li> \t<li>There is no direct way to change the encryption state of a volume</li> \t<li>Either create an encrypted volume and copy data to it or take a snapshot, encrypt it, and create a new encrypted volume from the snapshot</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>One of your EC2 instances runs an application process that saves user data to an attached EBS volume. The EBS volume was attached to the EC2 instance after it was launched and is unencrypted. You would like to encrypt the data that is stored on the volume as it is considered sensitive however you cannot shutdown the instance due to other application processes that are running.</p><p>What is the best method of applying encryption to the sensitive data without any downtime?</p>', 'relatedLectureIds': '', 'answers': ['<p>Create an encrypted snapshot of the current EBS volume. Restore the snapshot to the EBS volume\xa0 \xa0 </p>', '<p>Create and mount a new encrypted EBS volume. Move the data to the new volume and then delete the old volume\xa0 \xa0 </p>', '<p>Unmount the volume and enable server-side encryption. Re-mount the EBS volume\xa0 \xa0 </p>', '<p>Leverage the AWS Encryption CLI to encrypt the data on the volume\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231837, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'One of your EC2 instances runs an application process that saves user data to an attached EBS volume. The EBS volume was attached to the EC2 instance after it was launched and is unencrypted. You would like to encrypt the data that is stored on the volume as it is considered sensitive however you cannot shutdown the instance due to other application processes that are running.What is the best method of applying encryption to the sensitive data without any downtime?'}, {'_class': 'assessment', 'original_assessment_id': 4869572, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Custom security groups do not have inbound allow rules (all inbound traffic is denied by default)</li> \t<li>Default security groups do have inbound allow rules (allowing traffic from within the group)</li> \t<li>All outbound traffic is allowed by default in custom and default security groups</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You have created a new custom security group. Which of the below statements is correct in relation to the default rules that will be created? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Inbound traffic is allowed from instances assigned to the group\xa0 \xa0 </p>', '<p>No inbound traffic is allowed by default\xa0 \xa0 </p>', '<p>All outbound traffic is allowed by default\xa0 \xa0 </p>', '<p>No outbound traffic is allowed by default\xa0 \xa0 </p>', '<p>Inbound traffic is allowed from the VPC CIDR\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231839, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b', 'c'], 'question_plain': 'You have created a new custom security group. Which of the below statements is correct in relation to the default rules that will be created? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869574, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Simple scaling maintains a current number of instances, you can manually change the ASGs min/desired/max and attach/detach instances</li> \t<li>Auto Scaling will try to distribute EC2 instances evenly across AZs</li> \t<li>Must have a minimum of 12 instances running in the event of an AZ failure</li> \t<li>ELBs can be Internet facing or internal-only</li> \t<li>Internet facing ELB nodes have public IPs</li> \t<li>Internal only ELB nodes have private IPs</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. A client has requested a design for a highly-available, fault tolerant architecture for the web and app tiers of a three-tier application. The requirements are as follows:</p><p>- Web instances will be in a public subnet and app instances will be in a private subnet</p><p>- Connections to EC2 instances should be automatically distributed across AZs</p><p>- A minimum of 12 web server EC2 instances must be running at all times</p><p>- A minimum of 6 app server EC2 instances must be running at all times</p><p>- The failure of a single availability zone (AZ) must not affect the availability of the application or result in a reduction of capacity beneath the stated requirements</p><p>Which of the following design options would be the most suitable and cost-effective solution?</p>', 'relatedLectureIds': '', 'answers': ['<p>One Auto Scaling Group using 3 AZs and a minimum of 18 EC2 instances behind an Internet facing ALB for the web layer. One Auto Scaling Group using 3 AZs and a minimum of 9 EC2 instances behind an internal-only ALB for the app layer</p>', '<p>One Auto Scaling Group using 3 AZs and a minimum of 12 EC2 instances behind an Internet facing ALB for the web layer. One Auto Scaling Group using 3 AZs and a minimum of 6 EC2 instances behind an internal-only ALB for the app layer\xa0 \xa0 </p>', '<p>One Auto Scaling Group with a minimum of 18 EC2 instances for the web layer. One Auto Scaling Group using 3 AZs and a minimum of 9 EC2 instances for the app layer. A single Internet-facing ALB using 3 AZs and two target groups for the web and app layers\xa0 \xa0 </p>', '<p>One Auto Scaling Group with a minimum of 12 EC2 instances for the web layer. One Auto Scaling Group using 3 AZs and a minimum of 6 EC2 instances for the app layer. A single Internet-facing ALB using 3 AZs and two target groups for the web and app layers\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231841, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. A client has requested a design for a highly-available, fault tolerant architecture for the web and app tiers of a three-tier application. The requirements are as follows:- Web instances will be in a public subnet and app instances will be in a private subnet- Connections to EC2 instances should be automatically distributed across AZs- A minimum of 12 web server EC2 instances must be running at all times- A minimum of 6 app server EC2 instances must be running at all times- The failure of a single availability zone (AZ) must not affect the availability of the application or result in a reduction of capacity beneath the stated requirementsWhich of the following design options would be the most suitable and cost-effective solution?'}, {'_class': 'assessment', 'original_assessment_id': 4869578, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Relational Database Service (Amazon RDS) is a managed service that makes it easy to set up, operate, and scale a relational database in the cloud</li> \t<li>Multi-AZ RDS creates a replica in another AZ and synchronously replicates to it (DR only)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>A customer has asked you to recommend the best solution for a highly available database. The database is an OLTP type of database and the customer does not want to manage the operating system the database runs on. Failover between AZs must be automatic.</p><p>Which of the below options would you suggest to the customer?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use DynamoDB\xa0 \xa0 </p>', '<p>Use RDS in a Multi-AZ configuration\xa0 \xa0 </p>', '<p>Install a relational database on EC2 instances in multiple AZs and create a cluster\xa0 \xa0 </p>', '<p>Use RedShift in a Multi-AZ configuration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231843, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'A customer has asked you to recommend the best solution for a highly available database. The database is an OLTP type of database and the customer does not want to manage the operating system the database runs on. Failover between AZs must be automatic.Which of the below options would you suggest to the customer?'}, {'_class': 'assessment', 'original_assessment_id': 4869582, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Public subnets are subnets that have: <ul> \t<li>“Auto-assign public IPv4 address” set to “Yes” which will assign a public IP</li> \t<li>The subnet route table has an attached Internet Gateway</li> </ul> </li> \t<li>The instance will also need to a security group with an inbound rule allowing the traffic</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>You are troubleshooting a connectivity issue where you cannot connect to an EC2 instance in a public subnet in your VPC from the Internet. Which of the configuration items in the list below would you check first? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The subnet has “Auto-assign public IPv4 address” set to “Yes”\xa0 \xa0 </p>', '<p>There is a NAT Gateway installed in the subnet\xa0 \xa0 </p>', '<p>The subnet route table has an attached NAT Gateway\xa0 \xa0 </p>', '<p>The security group attached to the EC2 instance has an inbound rule allowing the traffic\xa0 \xa0 </p>', '<p>The EC2 instance has a private IP address associated with it\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231845, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'd'], 'question_plain': 'You are troubleshooting a connectivity issue where you cannot connect to an EC2 instance in a public subnet in your VPC from the Internet. Which of the configuration items in the list below would you check first? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869584, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>For serving both the media player and media files you need two types of distributions:</li> \t<li>- A web distribution for the media player</li> \t<li>- An RTMP distribution for the media files</li> \t<li>RTMP:</li> \t<li>- Distribute streaming media files using Adobe Flash Media Server’s RTMP protocol</li> \t<li>- Allows an end user to begin playing a media file before the file has finished downloading from a CloudFront edge location</li> \t<li>- Files must be stored in an S3 bucket</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> </ul>', 'question': '<p>You would like to provide some on-demand and live streaming video to your customers. The plan is to provide the users with both the media player and the media files from the AWS cloud. One of the features you need is for the content of the media files to begin playing while the file is still being downloaded.</p><p>What AWS services can deliver these requirements? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use CloudFront with a Web and RTMP distribution\xa0 \xa0 </p>', '<p>Use CloudFront with an RTMP distribution\xa0 \xa0 </p>', '<p>Store the media files on an EC2 instance\xa0 \xa0 </p>', '<p>Store the media files in an S3 bucket\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231847, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'd'], 'question_plain': 'You would like to provide some on-demand and live streaming video to your customers. The plan is to provide the users with both the media player and the media files from the AWS cloud. One of the features you need is for the content of the media files to begin playing while the file is still being downloaded.What AWS services can deliver these requirements? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869586, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Redis engine stores data persistently</li> \t<li>Memached engine does not store data persistently</li> \t<li>Redis engine supports Multi-AZ using read replicas in another AZ in the same region</li> \t<li>You can have a fully automated, fault tolerant ElastiCache-Redis implementation by enabling both cluster mode and multi-AZ failover</li> \t<li>Memcached engine does not support Multi-AZ failover or replication</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/</a></li> </ul>', 'question': '<p>There is a new requirement to implement in-memory caching for a Financial Services application due to increasing read-heavy load. The data must be stored persistently. Automatic failover across AZs is also required.</p><p>Which two items from the list below are required to deliver these requirements? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>ElastiCache with the Redis engine\xa0 \xa0 </p>', '<p>ElastiCache with the Memcached engine\xa0 \xa0 </p>', '<p>Multi-AZ with Cluster mode and Automatic Failover enabled\xa0 \xa0 </p>', '<p>Multiple nodes placed in different AZs\xa0 \xa0 </p>', '<p>Read replica with failover mode enabled\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231849, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'c'], 'question_plain': 'There is a new requirement to implement in-memory caching for a Financial Services application due to increasing read-heavy load. The data must be stored persistently. Automatic failover across AZs is also required.Which two items from the list below are required to deliver these requirements? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869590, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Glacier objects are visible through S3 only (not Glacier directly)</li> \t<li>The contents of an archive that has been uploaded cannot be modified</li> \t<li>Uploading archives is synchronous</li> \t<li>Downloading archives is asynchronous</li> \t<li>Retrieval can take a few hours</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>A Solutions Architect is designing a data archive strategy using Amazon Glacier. The Architect needs to explain the features of the service to his manager, which statements about Glacier are correct? (choose 2)\xa0 \xa0</p>', 'relatedLectureIds': '', 'answers': ['<p>Glacier objects are visible through S3 only</p>', '<p>The contents of an archive can be modified after uploading</p>', '<p>Uploading archives is synchronous; downloading\xa0archives is asynchronous</p>', '<p>Retrieval is immediate</p>', '<p>Glacier objects are visible through the Glacier console\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231851, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'c'], 'question_plain': 'A Solutions Architect is designing a data archive strategy using Amazon Glacier. The Architect needs to explain the features of the service to his manager, which statements about Glacier are correct? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869594, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Event sources are mapped to Lambda functions</li> \t<li>Event sources maintain the mapping configuration except for stream-based services (e.g. DynamoDB, Kinesis) for which the configuration is made on the Lambda side and Lambda performs the polling</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>The association between a poll-based source and a Lambda function is called the event source mapping. Event sources maintain the mapping configuration except for stream-based services such as ________ and ________ for which the configuration is made on the Lambda side and Lambda performs the polling.</p><p>Fill in the blanks from the options below (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>DynamoDB</p>', '<p>S3</p>', '<p>IoT\xa0Button</p>', '<p>Kinesis</p>', '<p>API\xa0Gateway</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231853, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'd'], 'question_plain': 'The association between a poll-based source and a Lambda function is called the event source mapping. Event sources maintain the mapping configuration except for stream-based services such as ________ and ________ for which the configuration is made on the Lambda side and Lambda performs the polling.Fill in the blanks from the options below (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869596, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for specialized needs</li> \t<li>Amazon Kinesis Data Analytics is the easiest way to process and analyze real-time, streaming data</li> \t<li>Kinesis Data Analytics can use standard SQL queries to process Kinesis data streams</li> \t<li>Kinesis Data Analytics can ingest data from Kinesis Streams and Kinesis Firehose</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> </ul>', 'question': '<p>The data scientists in your company are looking for a service that can process and analyze real-time, streaming data. They would like to use standard SQL queries to query the streaming data.</p><p>Which combination of AWS services would deliver these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>DynamoDB and EMR\xa0 \xa0 </p>', '<p>Kinesis Data Streams and Kinesis Data Analytics\xa0 \xa0 </p>', '<p>ElastiCache and EMR\xa0 \xa0 </p>', '<p>Kinesis Data Streams and Kinesis Firehose\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231855, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'The data scientists in your company are looking for a service that can process and analyze real-time, streaming data. They would like to use standard SQL queries to query the streaming data.Which combination of AWS services would deliver these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 4869600, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Simple Queue Service (Amazon SQS) is a web service that gives you access to message queues that store messages waiting to be processed</li> \t<li>SQS offers a reliable, highly-scalable, hosted queue for storing messages in transit between computers</li> \t<li>SQS is used for distributed/decoupled applications</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at a media company and you need to build an application stack that can receive customer comments from sporting events. The application is expected to receive significant load that could scale to millions of messages within a short space of time following high-profile matches. As you are unsure of the load required for the database layer what is the most cost-effective way to ensure that the messages are not dropped?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use DynamoDB for the database layer which will automatically scale as required\xa0 \xa0 </p>', '<p>Create an SQS queue and modify the application to write to the SQS queue. Launch another application instance the polls the queue and writes messages to the database\xa0 \xa0 </p>', '<p>Write the data to an S3 bucket, configure RDS to poll the bucket for new messages\xa0 \xa0 </p>', '<p>Use DynamoDB and provision enough write capacity to handle the highest expected load\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231857, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect at a media company and you need to build an application stack that can receive customer comments from sporting events. The application is expected to receive significant load that could scale to millions of messages within a short space of time following high-profile matches. As you are unsure of the load required for the database layer what is the most cost-effective way to ensure that the messages are not dropped?'}, {'_class': 'assessment', 'original_assessment_id': 4869602, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Cross-region replication allows you to replicate across regions: <ul> \t<li>Amazon DynamoDB global tables provides a fully managed solution for deploying a multi-region, multi-master database</li> \t<li>When you create a global table, you specify the AWS regions where you want the table to be available</li> \t<li>DynamoDB performs all of the necessary tasks to create identical tables in these regions, and propagate ongoing data changes to all of them</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. A large multi-national client has requested a design for a multi-region, multi-master database. The client has requested that the database be designed for fast, massively scaled applications for a global user base. The database should be a fully managed service including the replication.</p><p>Which AWS service can deliver these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>RDS with Multi-AZ\xa0 \xa0 </p>', '<p>S3 with Cross Region Replication\xa0 \xa0 </p>', '<p>DynamoDB with Global Tables and Cross Region Replication\xa0 \xa0 </p>', '<p>EC2 instances with EBS replication\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231859, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['c'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. A large multi-national client has requested a design for a multi-region, multi-master database. The client has requested that the database be designed for fast, massively scaled applications for a global user base. The database should be a fully managed service including the replication.Which AWS service can deliver these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 4869606, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>It is possible to associate a service on Amazon ECS to an Application Load Balancer (ALB) for the Elastic Load Balancing (ELB) service</li> \t<li>ALB allows containers to use dynamic host port mapping so that multiple tasks from the same service are allowed on the same container host</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>The application development team in your company has a new requirement for the deployment of a container solution. You plan to use the AWS Elastic Container Service (ECS). The solution should include load balancing of incoming requests across the ECS containers and allow the containers to use dynamic host port mapping so that multiple tasks from the same service can run on the same container host.</p><p>Which AWS load balancing configuration will support this?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use an Application Load Balancer (ALB) and map the ECS service to the ALB\xa0 \xa0 </p>', '<p>Use a Classic Load Balancer (CLB) and create a static mapping of the ports\xa0 \xa0 </p>', '<p>Use a Network Load Balancer (NLB) and host-based routing\xa0 \xa0 </p>', '<p>You cannot run multiple copies of a task on the same instance, because the ports would conflict\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231861, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a'], 'question_plain': 'The application development team in your company has a new requirement for the deployment of a container solution. You plan to use the AWS Elastic Container Service (ECS). The solution should include load balancing of incoming requests across the ECS containers and allow the containers to use dynamic host port mapping so that multiple tasks from the same service can run on the same container host.Which AWS load balancing configuration will support this?'}, {'_class': 'assessment', 'original_assessment_id': 4869608, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can authenticate using an MFA device in the following two ways: <ul> \t<li>Through the AWS Management Console – the user is prompted for a user name, password and authentication code</li> \t<li>Using the AWS API – restrictions are added to IAM policies and developers can request temporary security credentials and pass MFA parameters in their AWS STS API requests</li> \t<li>Using the AWS CLI by obtaining temporary security credentials from STS (aws sts get-session-token)</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>To improve security in your AWS account you have decided to enable multi-factor authentication (MFA). You can authenticate using an MFA device in which two ways? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Locally to EC2 instances\xa0 \xa0 </p>', '<p>Through the AWS Management Console\xa0 \xa0 </p>', '<p>Using a key pair\xa0 \xa0 </p>', '<p>Using the AWS API\xa0 \xa0 </p>', '<p>Using biometrics\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231863, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b', 'd'], 'question_plain': 'To improve security in your AWS account you have decided to enable multi-factor authentication (MFA). You can authenticate using an MFA device in which two ways? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869610, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Direct Connect is an incorrect option as it can take months to provision and a quick resolution has been requested</li> \t<li><span>AWS Microsoft AD does not support replication mode where replication to an on-premise AD takes place</span></li> \t<li>The best answer is to\xa0Install an additional Microsoft Active Directory Domain Controller for your existing domain on EC2: <ul> \t<li>When you build your own you can join an <em>existing</em> on-premise Active Directory domain/directory\xa0 (replication mode)</li> \t<li>Must establish a VPN (on top of Direct Connect if you have it)</li> \t<li>Replication mode is less secure than establishing trust relationships</li> </ul> </li> \t<li>The option to use the AWS Active Directory Service for Microsoft Active Directory and create a new domain is incorrect as it involves creating a new directory which the administrators don\'t want</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/</a></li> </ul>', 'question': '<p>An application that was recently moved into the AWS cloud has been experiencing some authentication issues. The application is currently configured to authenticate to an on-premise Microsoft Active Directory Domain Controller via a VPN connection. Upon troubleshooting the issues, it seems that latency across the VPN connection is causing authentication to fail. Your company is very cost sensitive at the moment and the administrators of the Microsoft AD do not want to manage any additional directories. You need to resolve the issues quickly.</p><p>What is the best solution to solve the authentication issues taking cost considerations into account?</p>', 'relatedLectureIds': '', 'answers': ['<p>Create an AWS Direct Connect connection to reduce the latency between your company and AWS\xa0 \xa0 </p>', '<p>Use the AWS Active Directory Service for Microsoft Active Directory and join your existing on-premise domain\xa0 \xa0 </p>', '<p>Install an additional Microsoft Active Directory Domain Controller for your existing domain on EC2 and configure the application to authenticate to the local DC\xa0 \xa0 </p>', '<p>Use the AWS Active Directory Service for Microsoft Active Directory and create a new domain. Establish a trust relationship with your existing on-premise domain\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231865, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['c'], 'question_plain': 'An application that was recently moved into the AWS cloud has been experiencing some authentication issues. The application is currently configured to authenticate to an on-premise Microsoft Active Directory Domain Controller via a VPN connection. Upon troubleshooting the issues, it seems that latency across the VPN connection is causing authentication to fail. Your company is very cost sensitive at the moment and the administrators of the Microsoft AD do not want to manage any additional directories. You need to resolve the issues quickly.What is the best solution to solve the authentication issues taking cost considerations into account?'}, {'_class': 'assessment', 'original_assessment_id': 4869612, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>An inexpensive Active Directory-compatible service with common directory features</li> \t<li>Standalone, fully managed, directory on the AWS cloud</li> \t<li>Simple AD is generally the least expensive option</li> \t<li>Best choice for less than 50000 users and don’t need advanced AD features</li> \t<li>Powered by SAMBA 4 Active Directory compatible server</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/</a></li> </ul>', 'question': '<p>You are designing an identity, authorization and access management solution for the AWS cloud. The features you need include the ability to manage user accounts and group memberships, create and apply group policies, securely connect to Amazon EC2 instances, and provide Kerberos-based single sign-on (SSO). You do not need to establish trust relationships with other domains, use DNS dynamic update, implement schema extensions or use other advanced directory features.</p><p>What would be the most cost-effective solution?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use AWS Simple AD\xa0 \xa0 </p>', '<p>Use AWS Directory Service for Microsoft AD\xa0 \xa0 </p>', '<p>Use Amazon Cloud Directory\xa0 \xa0 </p>', '<p>Use AD Connector\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231867, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a'], 'question_plain': 'You are designing an identity, authorization and access management solution for the AWS cloud. The features you need include the ability to manage user accounts and group memberships, create and apply group policies, securely connect to Amazon EC2 instances, and provide Kerberos-based single sign-on (SSO). You do not need to establish trust relationships with other domains, use DNS dynamic update, implement schema extensions or use other advanced directory features.What would be the most cost-effective solution?'}, {'_class': 'assessment', 'original_assessment_id': 4869614, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Simple scaling maintains a current number of instances, you can manually change the ASGs min/desired/max and attach/detach instances</li> \t<li>Auto Scaling will try to distribute EC2 instances evenly across AZs</li> \t<li>If you’re anticipating a fast increase in load you can contact AWS and instruct them to pre-warm (provision) additional ELB nodes</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You work for a company that produces TV commercials. You are planning to run an advertising campaign during a major political event that will be watched by millions of people over several days. It is expected that your website will receive large bursts of traffic following commercial breaks. You have performed an analysis and determined that you will need around 150 EC2 web instances to process the traffic</p><p>You need to ensure you deliver a high quality and consistent user experience and to also consider cost-effectiveness. How would you design a highly available and elastic?</p>', 'relatedLectureIds': '', 'answers': ['<p>Create an Auto Scaling Group across multiple AZs with a desired capacity of 150 EC2 instances. Launch an Application Load Balancer and specify the same AZs as the ASG and pre-warm the ALB by contacting AWS prior to the event\xa0 \xa0 </p>', '<p>Create an Auto Scaling Group across multiple AZs with a desired capacity of 150 EC2 instances. Launch an Application Load Balancer and specify the same AZs as the ASG and pre-warm the ALB by contacting AWS prior to the event and pre-warm the ALB by contacting AWS prior to the event\xa0 \xa0 </p>', '<p>Create an Auto Scaling Group across multiple AZs with a maximum capacity of 150 EC2 instances. Launch an Application Load Balancer and specify the same AZs as the ASG\xa0 \xa0 </p>', '<p>Create an Auto Scaling Group across multiple AZs with a maximum capacity of 150 EC2 instances. Launch an Application Load Balancer and specify the same AZs as the ASG and pre-warm the ALB by contacting AWS prior to the event\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231869, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['d'], 'question_plain': 'You work for a company that produces TV commercials. You are planning to run an advertising campaign during a major political event that will be watched by millions of people over several days. It is expected that your website will receive large bursts of traffic following commercial breaks. You have performed an analysis and determined that you will need around 150 EC2 web instances to process the trafficYou need to ensure you deliver a high quality and consistent user experience and to also consider cost-effectiveness. How would you design a highly available and elastic?'}, {'_class': 'assessment', 'original_assessment_id': 4869616, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can configure EC2 instances as bastion hosts (aka jump boxes) in order to access your VPC instances for management</li> \t<li>Can use the SSH or RDP protocols</li> \t<li>Need to configure a security group with the relevant permissions</li> \t<li>Can use auto-assigned public IPs or Elastic IPs</li> \t<li>Can use security groups to restrict the IP addresses/CIDRs that can access the bastion host</li> \t<li>Use auto-scaling groups for HA (set to 1 to just replace)</li> \t<li>Best practice is to deploy Linux bastion hosts in two AZs, use auto-scaling and Elastic IP</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>For operational access to your AWS environment you are planning to setup a bastion host implementation. Which of the below are AWS best practices for setting up bastion hosts? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Deploy in 2 AZs and use an Auto Scaling group to ensure that the number of bastion host instances always matches the desired capacity you specify during launch\xa0 \xa0 </p>', '<p>Bastion hosts are deployed in the private subnets of the VPC\xa0 \xa0 </p>', '<p>Elastic IP addresses are associated with the bastion instances to make it easier to remember and allow these IP addresses from on-premises firewalls\xa0 \xa0 </p>', '<p>Access to the bastion hosts is configured to 0.0.0.0/0 for ingress in security groups\xa0 \xa0 </p>', '<p>Ports are unrestricted to allow full operational access to the bastion hosts\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231871, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'c'], 'question_plain': 'For operational access to your AWS environment you are planning to setup a bastion host implementation. Which of the below are AWS best practices for setting up bastion hosts? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869618, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Can enable Cross Origin Resource Sharing (CORS) for multiple domain use with Javascript/AJAX: <ul> \t<li>Can be used to enable requests from domains other the APIs domain</li> \t<li>Allows the sharing of resources between different domains</li> \t<li>The method (GET, PUT, POST etc) for which you will enable CORS must be available in the API Gateway API before you enable CORS</li> \t<li>If CORS is not enabled and an API resource received requests from another domain the request will be blocked</li> \t<li>Enable CORS on the APIs resources using the selected methods under the API Gateway</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> </ul>', 'question': '<p>An application running on an external website is attempting to initiate a request to your company’s website on AWS using API calls. A problem has been reported in which the requests are failing with an error that includes the following text:</p><p>“Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource”</p><p>You have been asked to resolve the problem, what is the most likely solution?</p>', 'relatedLectureIds': '', 'answers': ['<p>The IAM policy does not allow access to the API\xa0 \xa0 </p>', '<p>The ACL on the API needs to be updated\xa0 \xa0 </p>', '<p>Enable CORS on the APIs resources using the selected methods under the API Gateway\xa0 \xa0 </p>', '<p>The request is not secured with SSL/TLS\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231873, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['c'], 'question_plain': 'An application running on an external website is attempting to initiate a request to your company’s website on AWS using API calls. A problem has been reported in which the requests are failing with an error that includes the following text:“Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource”You have been asked to resolve the problem, what is the most likely solution?'}, {'_class': 'assessment', 'original_assessment_id': 4869620, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount</li> \t<li>Budget alerts can be sent via email and/or Amazon Simple Notification Service (SNS) topic</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/aws-cost-management/aws-budgets/">https://aws.amazon.com/aws-cost-management/aws-budgets/</a></li> </ul>', 'question': '<p>You are an entrepreneur building a small company with some resources running on AWS. As you have limited funding you are extremely cost conscious. What AWS service can help you to ensure your costs do not exceed your funding capacity and send you alerts via email or SNS topic?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Cost Explorer</p>', '<p>AWS\xa0Budgets</p>', '<p>AWS\xa0Billing Dashboard</p>', '<p>Cost &\xa0Usage reports</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231875, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'You are an entrepreneur building a small company with some resources running on AWS. As you have limited funding you are extremely cost conscious. What AWS service can help you to ensure your costs do not exceed your funding capacity and send you alerts via email or SNS topic?'}, {'_class': 'assessment', 'original_assessment_id': 4869622, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon EMR is a web service that enables businesses, researchers, data analysts, and developers to easily and cost-effectively process vast amounts of data</li> \t<li>EMR utilizes a hosted Hadoop framework running on Amazon EC2 and Amazon S3</li> \t<li>EMR uses Apache Hadoop as its distributed data processing engine which is an open source, Java software framework that supports data-intensive distributed applications running on large clusters of commodity hardware</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-emr/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-emr/</a></li> </ul>', 'question': '<p>A company is in the process of deploying an Amazon Elastic Map Reduce (EMR) cluster. Which of the statements below accurately describe the EMR service? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>EMR utilizes a hosted Hadoop framework running on Amazon EC2 and Amazon S3\xa0 \xa0 </p>', '<p>EMR makes it easy to securely stream video from connected devices to AWS for analytics, machine learning (ML), and other processing\xa0 \xa0 </p>', '<p>EMR launches all nodes for a given cluster in the same Amazon EC2 Availability Zone\xa0 \xa0 </p>', '<p>EMR is a fully-managed service that makes it easy to set up and scale file storage in the Amazon Cloud\xa0 \xa0 </p>', '<p>EMR clusters span availability zones providing redundancy\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231877, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'c'], 'question_plain': 'A company is in the process of deploying an Amazon Elastic Map Reduce (EMR) cluster. Which of the statements below accurately describe the EMR service? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869624, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Options for storing logs: <ul> \t<li>CloudWatch Logs</li> \t<li>Centralized logging system (e.g. Splunk)</li> \t<li>Custom script and store on S3</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/</a></li> </ul>', 'question': '<p>As a SysOps engineer working at Digital Cloud Guru, you are constantly trying to improve your processes for collecting log data. Currently you are collecting logs from across your AWS resources using CloudWatch and a combination of standard and custom metrics. You are currently investigating how you can optimize the storage of log files collected by CloudWatch.</p><p>Which of the following are valid options for storing CloudWatch log files? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>CloudWatch Logs\xa0 \xa0 </p>', '<p>EFS</p>', '<p>Splunk</p>', '<p>EBS</p>', '<p>RedShift</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231879, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'c'], 'question_plain': 'As a SysOps engineer working at Digital Cloud Guru, you are constantly trying to improve your processes for collecting log data. Currently you are collecting logs from across your AWS resources using CloudWatch and a combination of standard and custom metrics. You are currently investigating how you can optimize the storage of log files collected by CloudWatch.Which of the following are valid options for storing CloudWatch log files? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869626, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>There is a charge if you delete data within 90 days – however we are not talking about deleting data here, just retrieving it</li> \t<li>Retrieved data is available for 24 hours by default (can be changed)</li> \t<li>Amazon Glacier must complete a job before you can get its output</li> \t<li>Glacier automatically encrypts data at rest using AES 256 symmetric keys and supports secure transfer of data over SSL</li> \t<li>Retrieved data will not be encrypted if it was uploaded unencrypted</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>Your company uses Amazon Glacier to store files that must be retained for compliance reasons and are rarely accessed. An auditor has requested access to some information that is stored in a Glacier archive. You have initiated an archive retrieval job.</p><p>Which factors are important to know about the process from this point? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>There is a charge if you delete data within 90 days\xa0 \xa0 </p>', '<p>Following retrieval, you have 24 hours to download your data\xa0 \xa0 </p>', '<p>Amazon Glacier must complete a job before you can get its output\xa0 \xa0 </p>', '<p>The retrieved data will always be encrypted\xa0 \xa0 </p>', '<p>An MFA device is required to access the files\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231881, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b', 'c'], 'question_plain': 'Your company uses Amazon Glacier to store files that must be retained for compliance reasons and are rarely accessed. An auditor has requested access to some information that is stored in a Glacier archive. You have initiated an archive retrieval job.Which factors are important to know about the process from this point? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869630, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Capacity is reserved for a term of 1 or 3 years</li> \t<li>Standard = commitment of 1 or 3 years, charged whether it\'s on or off</li> \t<li>Scheduled = reserved for specific periods of time, accrue charges hourly, billed in monthly increments over the term (1 year)</li> \t<li>Scheduled RIs match your capacity reservation to a predictable recurring schedule</li> \t<li>RIs are used for steady state workloads and predictable usage</li> \t<li>Ideal for applications that need reserved capacity</li> \t<li>Upfront payments can reduce the hourly rate</li> \t<li>Can switch AZ within the same region</li> \t<li>Can change the instance size within the same instance type</li> \t<li>Instance type modifications are supported for Linux only</li> \t<li>Cannot change the instance size of Windows RIs</li> \t<li>Billed whether running or not</li> \t<li>Can sell reservations on the AWS marketplace</li> \t<li>Can be used in Auto Scaling Groups</li> \t<li>Can be used in Placement Groups</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>A company is considering using EC2 Reserved Instances to reduce cost. The Architect involved is concerned about the potential limitations in flexibility of using RIs instead of On-Demand instances.</p><p>Which of the following statements about RIs are useful to the Architect? (choose\xa02)</p>', 'relatedLectureIds': '', 'answers': ['<p>RIs can be sold on the Reserved Instance Marketplace\xa0 \xa0 </p>', '<p>You can change the region with Convertible RIs\xa0 \xa0 </p>', '<p>There is a fee charged for any RI modifications\xa0 \xa0 </p>', '<p>You cannot launch RIs using Auto Scaling Groups\xa0 \xa0 </p>', '<p>You can use RIs in Placement Groups\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231883, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'e'], 'question_plain': 'A company is considering using EC2 Reserved Instances to reduce cost. The Architect involved is concerned about the potential limitations in flexibility of using RIs instead of On-Demand instances.Which of the following statements about RIs are useful to the Architect? (choose\xa02)'}, {'_class': 'assessment', 'original_assessment_id': 4869634, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Instance store volumes are sometimes called Ephemeral storage (non-persistent)</li> \t<li>Instance store volumes cannot be stopped. If the underlying host fails the data will be lost</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You have an EC2 instance that has an EBS-backed root volume. You have attached a couple of Instance Store-backed volumes which have some important log files on them. What will happen to the data if the instance is stopped?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The data will be accessible\xa0 \xa0 </p>', '<p>The data will be lost</p>', '<p>You cannot stop an EC2 instance with instance store volumes attached\xa0 \xa0 </p>', '<p>The data is automatically saved as an EBS snapshot\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231885, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'You have an EC2 instance that has an EBS-backed root volume. You have attached a couple of Instance Store-backed volumes which have some important log files on them. What will happen to the data if the instance is stopped?'}, {'_class': 'assessment', 'original_assessment_id': 4869636, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Peering connections can be created with VPCs in different regions (available in most regions now)</li> \t<li>Data sent between VPCs in different regions is encrypted (traffic charges apply)</li> \t<li>Must update route tables to configure routing</li> \t<li>Must update the inbound and outbound rules for VPC security group to reference security groups in the peered VPC</li> \t<li>When creating a VPC peering connection with another account you need to enter the account ID and VPC ID from the other account</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>Your company has recently formed a partnership with another company. Both companies have resources running in the AWS cloud and you would like to be able to access each other’s resources using private IP addresses. The resources for each company are in different AWS regions and you need to ensure that fully redundant connectivity is established.</p><p>You have established a VPC peering connection between the VPCs, what steps need to be taken next to establish connectivity and resource sharing between the VPCs across regions? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Establish an IPSec VPN between the VPCs\xa0 \xa0 </p>', '<p>Establish redundant Direct Connect connections between the VPCs\xa0 \xa0 </p>', '<p>Manually add routes to each VPCs routing tables as required to enable IP connectivity\xa0 \xa0 </p>', '<p>Establish dynamic routing with BGP and BFD\xa0 \xa0 </p>', '<p>Update Security Group rules to allow resource sharing\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231887, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['c', 'e'], 'question_plain': 'Your company has recently formed a partnership with another company. Both companies have resources running in the AWS cloud and you would like to be able to access each other’s resources using private IP addresses. The resources for each company are in different AWS regions and you need to ensure that fully redundant connectivity is established.You have established a VPC peering connection between the VPCs, what steps need to be taken next to establish connectivity and resource sharing between the VPCs across regions? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869638, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Proxy protocol for TCP/SSL carries the source (client) IP/port information</li> \t<li>X-forwarded-for for HTTP/HTTPS carries the source IP/port information</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>Several websites you run on AWS use multiple Internet-facing Elastic Load Balancers (ELB) to distribute incoming connections to EC2 instances running web applications. The ELBs are configured to forward using either TCP (layer 4) or HTTP (layer 7) protocols. You would like to start recording the IP addresses of the clients that connect to your web applications.</p><p>Which ELB features will you implement with which protocols? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>X-Forwarded-For request header and TCP\xa0 \xa0 </p>', '<p>X-Forwarded-For request header and HTTP\xa0 \xa0 </p>', '<p>Proxy Protocol and TCP\xa0 \xa0 </p>', '<p>Proxy Protocol and HTTP\xa0 \xa0 </p>', '<p>X-Forwarded-For request header for TCP and HTTP\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231889, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b', 'c'], 'question_plain': 'Several websites you run on AWS use multiple Internet-facing Elastic Load Balancers (ELB) to distribute incoming connections to EC2 instances running web applications. The ELBs are configured to forward using either TCP (layer 4) or HTTP (layer 7) protocols. You would like to start recording the IP addresses of the clients that connect to your web applications.Which ELB features will you implement with which protocols? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869640, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Peering connections can be created with VPCs in different regions (available in most regions now)</li> \t<li>Data sent between VPCs in different regions is encrypted (traffic charges apply)</li> \t<li>Cannot do transitive peering (establish a mesh)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>Your company has offices in several locations around the world. Each office utilizes resources deployed in the geographically closest AWS region. You would like to implement connectivity between all of the VPCs so that you can provide full access to each other’s resources. As you are security conscious you would like to ensure the traffic is encrypted and does not traverse the public Internet. The topology should be many-to-many to enable all VPCs to access the resources in all other VPCs.</p><p>How can you successfully implement this connectivity using only AWS services? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use software VPN appliances running on EC2 instances\xa0 \xa0 </p>', '<p>Use inter-region VPC peering\xa0 \xa0 </p>', '<p>Implement a fully meshed architecture\xa0 \xa0 </p>', '<p>Implement a hub and spoke architecture\xa0 \xa0 </p>', '<p>Use VPC endpoints between VPCs\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231891, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b', 'c'], 'question_plain': 'Your company has offices in several locations around the world. Each office utilizes resources deployed in the geographically closest AWS region. You would like to implement connectivity between all of the VPCs so that you can provide full access to each other’s resources. As you are security conscious you would like to ensure the traffic is encrypted and does not traverse the public Internet. The topology should be many-to-many to enable all VPCs to access the resources in all other VPCs.How can you successfully implement this connectivity using only AWS services? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869644, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ALB supports IP addresses as targets</li> \t<li>IP addresses as targets allows load balancing any application hosted in AWS or on-premises using IP addresses of the application back-ends as targets</li> \t<li>Requires a VPN or Direct Connect connection</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> \t<li><a href="https://aws.amazon.com/blogs/aws/new-application-load-balancing-via-ip-address-to-aws-on-premises-resources/">https://aws.amazon.com/blogs/aws/new-application-load-balancing-via-ip-address-to-aws-on-premises-resources/</a></li> </ul>', 'question': '<p>The company you work for is currently transitioning their infrastructure and applications into the AWS cloud. You are planning to deploy an Elastic Load Balancer (ELB) that distributes traffic for a web application running on EC2 instances. You still have some application servers running on-premise and you would like to distribute application traffic across both your AWS and on-premises resources.</p><p>How can this be achieved?</p>', 'relatedLectureIds': '', 'answers': ['<p>Provision a Direct Connect connection between your on-premises location and AWS and create a target group on an ALB to use IP based targets for both your EC2 instances and on-premises servers\xa0 \xa0 </p>', '<p>Provision a Direct Connect connection between your on-premises location and AWS and create a target group on an ALB to use Instance ID based targets for both your EC2 instances and on-premises server\xa0 \xa0 </p>', '<p>Provision an IPSec VPN connection between your on-premises location and AWS and create a CLB that uses cross-zone load balancing to distributed traffic across EC2 instances and on-premises servers\xa0 \xa0 </p>', '<p>This cannot be done, ELBs are an AWS service and can only distributed traffic within the AWS cloud\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231893, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a'], 'question_plain': 'The company you work for is currently transitioning their infrastructure and applications into the AWS cloud. You are planning to deploy an Elastic Load Balancer (ELB) that distributes traffic for a web application running on EC2 instances. You still have some application servers running on-premise and you would like to distribute application traffic across both your AWS and on-premises resources.How can this be achieved?'}, {'_class': 'assessment', 'original_assessment_id': 4869648, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Elastic Transcoder is a highly scalable, easy to use and cost-effective way for developers and businesses to convert (or “transcode”) video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PCs</li> \t<li>MediaConvert converts file-based content for broadcast and multi-screen delivery</li> \t<li>Data Pipeline helps you move, integrate, and process data across AWS compute and storage resources, as well as your on-premises resources</li> \t<li>Rekognition is a deep learning-based visual analysis service</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/media-services/amazon-elastic-transcoder/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/media-services/amazon-elastic-transcoder/</a></li> </ul>', 'question': '<p>You are undertaking a project to make some audio and video files that your company uses for onboarding new staff members available via a mobile application. You are looking for a cost-effective way to convert the files from their current formats into formats that are compatible with smartphones and tablets. The files are currently stored in an S3 bucket.</p><p>What AWS service can help with converting the files?</p>', 'relatedLectureIds': '', 'answers': ['<p>MediaConvert\xa0 \xa0 </p>', '<p>Data Pipeline</p>', '<p>Elastic Transcoder</p>', '<p>Rekognition</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231895, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['c'], 'question_plain': 'You are undertaking a project to make some audio and video files that your company uses for onboarding new staff members available via a mobile application. You are looking for a cost-effective way to convert the files from their current formats into formats that are compatible with smartphones and tablets. The files are currently stored in an S3 bucket.What AWS service can help with converting the files?'}, {'_class': 'assessment', 'original_assessment_id': 4869650, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>There are no additional charges for using Regional Edge Caches</li> \t<li>You can write to regional edge caches too</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> \t<li><a href="https://aws.amazon.com/about-aws/whats-new/2016/11/announcing-regional-edge-caches-for-amazon-cloudfront/">https://aws.amazon.com/about-aws/whats-new/2016/11/announcing-regional-edge-caches-for-amazon-cloudfront/</a></li> </ul>', 'question': '<p>A company uses CloudFront to provide low-latency access to cached files. An Architect is considering the implications of using CloudFront Regional Edge Caches. Which statements are correct in relation to this service? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Regional Edge Caches are enabled by default for CloudFront Distributions\xa0 \xa0 </p>', '<p>There are additional charges for using Regional Edge Caches\xa0 \xa0 </p>', '<p>Regional Edge Caches have larger cache-width than any individual edge location, so your objects remain in cache longer at these locations\xa0 \xa0 </p>', '<p>Regional Edge Caches are read-only\xa0 \xa0 </p>', '<p>Distributions must be updated to use Regional Edge Caches\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231897, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'c'], 'question_plain': 'A company uses CloudFront to provide low-latency access to cached files. An Architect is considering the implications of using CloudFront Regional Edge Caches. Which statements are correct in relation to this service? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869654, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CRR is an Amazon S3 feature that automatically replicates data across AWS Regions</li> \t<li>With CRR, every object uploaded to an S3 bucket is automatically replicated to a destination bucket in a different AWS Region that you choose</li> \t<li>AMIs that are backed by EBS snapshots can be copied between regions</li> \t<li>You cannot modify an ASG launch configuration, you must create a new launch configuration and specify the copied AMI</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>The company you work for has a presence across multiple AWS regions. As part of disaster recovery planning you are formulating a solution to provide a regional DR capability for an application running on a fleet of Amazon EC2 instances that are provisioned by an Auto Scaling Group (ASG). The applications are stateless and read and write data to an S3 bucket. You would like to utilize the current AMI used by the ASG as it has some customizations made to it.</p><p>What are the steps you might take to enable a regional DR capability for this application? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Enable cross region replication on the S3 bucket and specify a destination bucket in the DR region\xa0 \xa0 </p>', '<p>Enable multi-AZ for the S3 bucket to enable synchronous replication to the DR region\xa0 \xa0 </p>', '<p>Modify the permissions of the AMI so it can be used across multiple regions\xa0 \xa0 </p>', '<p>Copy the AMI to the DR region and create a new launch configuration for the ASG that uses the AMI\xa0 \xa0 </p>', '<p>Modify the launch configuration for the ASG in the DR region and specify the AMI\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231899, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'd'], 'question_plain': 'The company you work for has a presence across multiple AWS regions. As part of disaster recovery planning you are formulating a solution to provide a regional DR capability for an application running on a fleet of Amazon EC2 instances that are provisioned by an Auto Scaling Group (ASG). The applications are stateless and read and write data to an S3 bucket. You would like to utilize the current AMI used by the ASG as it has some customizations made to it.What are the steps you might take to enable a regional DR capability for this application? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869658, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>RAID 0 = 0 striping – data is written across multiple disks and increases performance but no redundancy</li> \t<li>RAID 1 = 1 mirroring – creates 2 copies of the data but does not increase performance, only redundancy</li> \t<li>SSD, Provisioned IOPS – I01 provides higher performance than General Purpose SSD (GP2) and you can specify the IOPS required up to 50 IOPS per GB and a maximum of 32000 IOPS</li> \t<li>RDS read replicas cannot be created from EC2 instances</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>An application hosted in your VPC uses an EC2 instance with a MySQL DB running on it. The database uses a single 1TB General Purpose SSD (GP2) EBS volume. Recently it has been noticed that the database is not performing well and you need to improve the read performance. What are two possible ways this can be achieved? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Add multiple EBS volumes in a RAID 1 array\xa0 \xa0 </p>', '<p>Add multiple EBS volumes in a RAID 0 array\xa0 \xa0 </p>', '<p>Add an RDS read replica in another AZ\xa0 \xa0 </p>', '<p>Use a provisioned IOPS volume and specify the number of I/O operations required\xa0 \xa0 </p>', '<p>Create an active/passive cluster using MySQL\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231901, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b', 'd'], 'question_plain': 'An application hosted in your VPC uses an EC2 instance with a MySQL DB running on it. The database uses a single 1TB General Purpose SSD (GP2) EBS volume. Recently it has been noticed that the database is not performing well and you need to improve the read performance. What are two possible ways this can be achieved? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869662, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>For capturing IAM/user identity information in logs configure AWS CloudTrail Data Events (does not audit the bucket operations required in the question)</li> \t<li>Amazon S3 event notifications can be sent in response to actions in Amazon S3 like PUTs, POSTs, COPYs, or DELETEs</li> \t<li>Amazon S3 event notifications enable you to run workflows, send alerts, or perform other actions in response to changes in your objects stored in S3</li> \t<li>Access auditing can be configured by configuring an Amazon S3 bucket to create access log records for all requests made against it</li> \t<li>Each access log record provides details about a single access request, such as the <strong>requester, bucket name, request time, request action, response status, and an error code</strong>, if relevant</li> \t<li>CloudWatch metrics do not include the bucket operations specified in the question</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html">https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html</a></li> </ul>', 'question': '<p>Your company is reviewing their information security processes. One of the items that came out of a recent audit is that there is insufficient data recorded about requests made to a few S3 buckets. The security team requires an audit trail for operations on the S3 buckets that includes the requester, bucket name, request time, request action, and response status.</p><p>Which action would you take to enable this logging?</p>', 'relatedLectureIds': '', 'answers': ['<p>Create a CloudTrail trail that audits S3 bucket operations\xa0 \xa0 </p>', '<p>Enable S3 event notifications for the specific actions and setup an SNS notification\xa0 \xa0 </p>', '<p>Enable server access logging for the S3 buckets to save access logs to a specified destination bucket\xa0 \xa0 </p>', '<p>Create a CloudWatch metric that monitors the S3 bucket operations and triggers an alarm\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231903, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['c'], 'question_plain': 'Your company is reviewing their information security processes. One of the items that came out of a recent audit is that there is insufficient data recorded about requests made to a few S3 buckets. The security team requires an audit trail for operations on the S3 buckets that includes the requester, bucket name, request time, request action, and response status.Which action would you take to enable this logging?'}, {'_class': 'assessment', 'original_assessment_id': 4869668, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>DynamoDB charges: <ul> \t<li>DynamoDB is more cost effective for read heavy workloads</li> \t<li>Priced based on provisioned throughput (read/write) regardless of whether you use it or not</li> \t<li>Write throughput per hour for every 10 units</li> \t<li>Read throughput per hour for every 50 units</li> \t<li>Indexed data storage</li> \t<li>Internet data transfer (outside of a region)</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>A colleague has asked you some questions about how AWS charge for DynamoDB. He is interested in knowing what type of workload DynamoDB is best suited for in relation to cost and how AWS\xa0charges for DynamoDB? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>DynamoDB is more cost effective for read heavy workloads\xa0 \xa0 </p>', '<p>DynamoDB is more cost effective for write heavy workloads\xa0 \xa0 </p>', '<p>Priced based on provisioned throughput (read/write) regardless of whether you use it or not\xa0 \xa0 </p>', '<p>You provision for expected throughput but are only charged for what you use\xa0 \xa0 </p>', '<p>DynamoDB scales automatically and you are charged for what you use\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231905, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'c'], 'question_plain': 'A colleague has asked you some questions about how AWS charge for DynamoDB. He is interested in knowing what type of workload DynamoDB is best suited for in relation to cost and how AWS\xa0charges for DynamoDB? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869678, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>DynamoDB Streams help you to keep a list of item level changes or provide a list of item level changes that have taken place in the last 24hrs</li> \t<li>Amazon DynamoDB is integrated with AWS Lambda so that you can create triggers—pieces of code that automatically respond to events in DynamoDB Streams</li> \t<li>If you enable DynamoDB Streams on a table, you can associate the stream ARN with a Lambda function that you write</li> \t<li>Immediately after an item in the table is modified, a new record appears in the table\'s stream</li> \t<li>AWS Lambda polls the stream and invokes your Lambda function synchronously when it detects new stream records</li> \t<li>An event source mapping identifies a poll-based event source for a Lambda function. It can be either an Amazon Kinesis or DynamoDB stream</li> \t<li>AWS Lambda invokes the specified function when records are posted to the event source</li> \t<li>Event sources maintain the mapping configuration except for stream-based services (e.g. DynamoDB, Kinesis) for which the configuration is made on the Lambda side and Lambda performs the polling</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> \t<li><a href="https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Streams.Lambda.html">https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Streams.Lambda.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. One of your clients runs an application that write data to a DynamoDB table. The client has asked how they can implement a function that runs code in response to item level changes that take place in the DynamoDB table. What would you suggest to the client?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Enable server access logging and create an event source mapping between AWS Lambda and the S3 bucket to which the logs are written\xa0 \xa0 </p>', '<p>Enable DynamoDB Streams and create an event source mapping between AWS Lambda and the relevant stream\xa0 \xa0 </p>', '<p>Create a local secondary index that records item level changes and write some custom code that responds to updates to the index\xa0 \xa0 </p>', '<p>Use Kinesis Data Streams and configure DynamoDB as a producer\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231907, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. One of your clients runs an application that write data to a DynamoDB table. The client has asked how they can implement a function that runs code in response to item level changes that take place in the DynamoDB table. What would you suggest to the client?'}, {'_class': 'assessment', 'original_assessment_id': 4869680, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ElastiCache is a web service that makes it easy to deploy and run Memcached or Redis protocol-compliant server nodes in the cloud</li> \t<li>The in-memory caching provided by ElastiCache can be used to significantly improve latency and throughput for many read-heavy application workloads or compute-intensive workloads</li> \t<li>Memcached</li> \t<li>- Not persistent</li> \t<li>- Cannot be used as a data store</li> \t<li>- Supports large nodes with multiple cores or threads</li> \t<li>- Scales out and in, by adding and removing nodes</li> \t<li>Redis</li> \t<li>- Data is persistent</li> \t<li>- Can be used as a datastore</li> \t<li>- Not multi-threaded</li> \t<li>- Scales by adding shards, not nodes</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/</a></li> </ul>', 'question': '<p>Your company is starting to use AWS to host new web-based applications. A new two-tier application will be deployed that provides customers with access to data records. It is important that the application is highly responsive and retrieval times are optimized. You’re looking for a persistent data store that can provide the required performance. From the list below what AWS service would you recommend for this requirement?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>ElastiCache with the Memcached engine\xa0 \xa0 </p>', '<p>ElastiCache with the Redis engine\xa0 \xa0 </p>', '<p>Kinesis Data Streams\xa0 \xa0 </p>', '<p>RDS in a multi-AZ configuration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231909, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'Your company is starting to use AWS to host new web-based applications. A new two-tier application will be deployed that provides customers with access to data records. It is important that the application is highly responsive and retrieval times are optimized. You’re looking for a persistent data store that can provide the required performance. From the list below what AWS service would you recommend for this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 4869682, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS CloudFormation StackSets extends the functionality of stacks by enabling you to create, update, or delete stacks across multiple accounts and regions with a single operation</li> \t<li>Using an administrator account, you define and manage an AWS CloudFormation template, and use the template as the basis for provisioning stacks into selected target accounts across specified regions</li> \t<li>An administrator account is the AWS account in which you create stack sets</li> \t<li>A stack set is managed by signing in to the AWS administrator account in which it was created</li> \t<li>A target account is the account into which you create, update, or delete one or more stacks in your stack set</li> \t<li>Before you can use a stack set to create stacks in a target account, you must set up a trust relationship between the administrator and target accounts</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. A client from a large multinational corporation is working on a deployment of a significant amount of resources into AWS. The client would like to be able to deploy resources across multiple AWS accounts and regions using a single toolset and template. You have been asked to suggest a toolset that can provide this functionality?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use a CloudFormation template that creates a stack and specify the logical IDs of each account and region\xa0 \xa0 </p>', '<p>Use a CloudFormation StackSet and specify the target accounts and regions in which the stacks will be created\xa0 \xa0 </p>', '<p>Use a third-party product such as Terraform that has support for multiple AWS accounts and regions\xa0 \xa0 </p>', '<p>This cannot be done, use separate CloudFormation templates per AWS account and region\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231911, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. A client from a large multinational corporation is working on a deployment of a significant amount of resources into AWS. The client would like to be able to deploy resources across multiple AWS accounts and regions using a single toolset and template. You have been asked to suggest a toolset that can provide this functionality?'}, {'_class': 'assessment', 'original_assessment_id': 4869684, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Active Directory Service for Microsoft Active Directory is the best choice if you have more than 5000 users and/or need a trust relationship set up</li> \t<li>Simple AD:</li> \t<li>- An inexpensive Active Directory-compatible service with common directory features</li> \t<li>- Standalone, fully managed, directory on the AWS cloud</li> \t<li>- Simple AD is generally the least expensive option</li> \t<li>- Best choice for less than 5000 users and don’t need advanced AD features</li> \t<li>Amazon Cognito is an authentication service for web and mobile apps</li> \t<li>AWS Single Sign-On (SSO) is a cloud SSO service that makes it easy to centrally manage SSO access to multiple AWS accounts and business applications</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/</a></li> </ul>', 'question': '<p>Your client is looking for fully managed directory service in the AWS cloud. The service should provide an inexpensive Active Directory-compatible service with common directory features. The client is a medium sized organization with 4000 users. As the client has a very limited budget it is important to select a cost-effective solution.</p><p>What would you suggest?</p>', 'relatedLectureIds': '', 'answers': ['<p>AWS Active Directory Service for Microsoft Active Directory\xa0 \xa0 </p>', '<p>AWS Simple AD\xa0 \xa0 </p>', '<p>Amazon Cognito\xa0 \xa0 </p>', '<p>AWS Single Sign-On\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231913, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'Your client is looking for fully managed directory service in the AWS cloud. The service should provide an inexpensive Active Directory-compatible service with common directory features. The client is a medium sized organization with 4000 users. As the client has a very limited budget it is important to select a cost-effective solution.What would you suggest?'}, {'_class': 'assessment', 'original_assessment_id': 4869686, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Kinesis Data Firehose is the easiest way to load streaming data into data stores and analytics tools</li> \t<li>Captures, transforms, and loads streaming data</li> \t<li>Enables near real-time analytics with existing business intelligence tools and dashboards</li> \t<li>Firehose can invoke an AWS Lambda function to transform incoming data before delivering it to a destination</li> \t<li>For Amazon Redshift destinations, streaming data is delivered to your S3 bucket first</li> \t<li>Kinesis Data Firehose then issues an Amazon Redshift COPY command to load data from your S3 bucket to your Amazon Redshift cluster</li> \t<li>If data transformation is enabled, you can optionally back up source data to another Amazon S3 bucket</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> </ul>', 'question': '<p>You have been asked to implement a solution for capturing, transforming and loading streaming data into an Amazon RedShift cluster. The solution will capture data from Amazon Kinesis Data Streams. Which AWS services would you utilize in this scenario? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Kinesis Data Firehose for capturing the data and loading it into RedShift\xa0 \xa0 </p>', '<p>Kinesis Video Streams for capturing the data and loading it into RedShift\xa0 \xa0 </p>', '<p>EMR for transforming the data\xa0 \xa0 </p>', '<p>Lambda for transforming the data\xa0 \xa0 </p>', '<p>AWS Data Pipeline for transforming the data\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231915, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'd'], 'question_plain': 'You have been asked to implement a solution for capturing, transforming and loading streaming data into an Amazon RedShift cluster. The solution will capture data from Amazon Kinesis Data Streams. Which AWS services would you utilize in this scenario? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869688, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Out of the options in the list, DynamoDB requires the least operational overhead as there are no backups, maintenance period, software updates etc. to deal with</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>You are creating a design for a web-based application that will be based on a web front-end based on EC2 instances and a database back-end. This application is a low priority and you do not want to incur costs in general day to day management. What AWS database service can you use that will require the least operational overhead?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>RDS</p>', '<p>RedShift</p>', '<p>EMR</p>', '<p>DynamoDB</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231917, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['d'], 'question_plain': 'You are creating a design for a web-based application that will be based on a web front-end based on EC2 instances and a database back-end. This application is a low priority and you do not want to incur costs in general day to day management. What AWS database service can you use that will require the least operational overhead?'}, {'_class': 'assessment', 'original_assessment_id': 4869690, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EFS:</li> \t<li>- EFS is elastic and grows and shrinks as you add and remove data</li> \t<li>- Can concurrently connect 1 to 1000s of EC2 instances, from multiple AZs</li> \t<li>- A file system can be accessed concurrently from all AZs in the region where it is located</li> \t<li>- Throughput can be 10+ GB per second</li> \t<li>EBS volumes cannot be accessed by multiple instances</li> \t<li>S3 is an object store, not a file system and does not store data across multiple AZs (S3 is stored across multiple facilities in the region)</li> \t<li>Storage Gateway is used for on-premises storage management</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/</a></li> </ul>', 'question': '<p>A new Big Data application you are developing will use hundreds of EC2 instances to write data to a shared file system. The file system must be stored redundantly across multiple AZs within a region and allow the EC2 instances to concurrently access the file system. The required throughput is multiple GB per second.</p><p>From the options presented which storage solution can deliver these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon EBS using multiple volumes in a RAID 0 configuration\xa0 \xa0 </p>', '<p>Amazon EFS\xa0 \xa0 </p>', '<p>Amazon S3\xa0 \xa0 </p>', '<p>Amazon Storage Gateway\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231919, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'A new Big Data application you are developing will use hundreds of EC2 instances to write data to a shared file system. The file system must be stored redundantly across multiple AZs within a region and allow the EC2 instances to concurrently access the file system. The required throughput is multiple GB per second.From the options presented which storage solution can deliver these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 4869696, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Corrections: <ul> \t<li>Single-node clusters do not support data replication</li> \t<li>Manual backups are not automatically deleted when you delete a cluster</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/</a></li> </ul>', 'question': '<p>A company has deployed Amazon RedShift for performing analytics on user data. When using Amazon RedShift, which of the following statements are correct in relation to availability and durability? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>RedShift always keeps three copies of your data\xa0 \xa0 </p>', '<p>Single-node clusters support data replication\xa0 \xa0 </p>', '<p>RedShift provides continuous/incremental backups\xa0 \xa0 </p>', '<p>RedShift always keeps five copies of your data\xa0 \xa0 </p>', '<p>Manual backups are automatically deleted when you delete a cluster\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231921, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'c'], 'question_plain': 'A company has deployed Amazon RedShift for performing analytics on user data. When using Amazon RedShift, which of the following statements are correct in relation to availability and durability? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869704, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You create a cluster subnet group if you are provisioning your cluster in your virtual private cloud (VPC)</li> \t<li>A cluster subnet group allows you to specify a set of subnets in your VPC</li> \t<li>When provisioning a cluster you provide the subnet group and Amazon Redshift creates the cluster on one of the subnets in the group</li> \t<li>A DB Subnet Group is used by RDS</li> \t<li>A Subnet Group is used by ElastiCache</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/</a></li> \t<li><a href="https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-cluster-subnet-groups.html">https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-cluster-subnet-groups.html</a></li> </ul>', 'question': '<p>You are planning to launch a RedShift cluster for processing and analyzing a large amount of data.\xa0 The RedShift cluster will be deployed into a VPC with multiple subnets. Which construct is used when provisioning the cluster to allow you to specify a set of subnets in the VPC that the cluster will be deployed into?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>DB Subnet Group\xa0 \xa0 </p>', '<p>Subnet Group\xa0 \xa0 </p>', '<p>Availability Zone (AZ)\xa0 \xa0 </p>', '<p>Cluster Subnet Group\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231923, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['d'], 'question_plain': 'You are planning to launch a RedShift cluster for processing and analyzing a large amount of data.\xa0 The RedShift cluster will be deployed into a VPC with multiple subnets. Which construct is used when provisioning the cluster to allow you to specify a set of subnets in the VPC that the cluster will be deployed into?'}, {'_class': 'assessment', 'original_assessment_id': 4869706, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Enabling public read access does not restrict the content to authorized consumers</li> \t<li>The second option is bogus as hash tags are not a CloudFront authentication mechanism</li> \t<li>S3 pre-signed URLs can be used to provide temporary access to a specific object to those who do not have AWS credentials. This is the best option</li> \t<li>The last option is also bogus as Security Groups do not apply to S3 buckets</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>There is a temporary need to share some video files that are stored in a private S3 bucket. The consumers do not have AWS accounts and you need to ensure that only authorized consumers can access the files. What is the best way to enable this access?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Enable public read access for the S3 bucket\xa0 \xa0 </p>', '<p>Use CloudFront to distribute the files using authorization hash tags\xa0 \xa0 </p>', '<p>Generate a pre-signed URL and distribute it to the consumers\xa0 \xa0 </p>', '<p>Configure an allow rule in the Security Group for the IP addresses of the consumers\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231925, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['c'], 'question_plain': 'There is a temporary need to share some video files that are stored in a private S3 bucket. The consumers do not have AWS accounts and you need to ensure that only authorized consumers can access the files. What is the best way to enable this access?'}, {'_class': 'assessment', 'original_assessment_id': 4869710, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Basic monitoring sends EC2 metrics to CloudWatch about ASG instances every 5 minutes</li> \t<li>Detailed can be enabled and sends metrics every 1 minute (chargeable)</li> \t<li>When the launch configuration is created from the CLI detailed monitoring of EC2 instances is enabled by default</li> \t<li>When you enable Auto Scaling group metrics, Auto Scaling sends sampled data to CloudWatch every minute</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>A Solutions Architect is deploying an Auto Scaling Group (ASG) and needs to determine what CloudWatch monitoring option to use. Which of the statements below would assist the Architect in making his decision? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Basic monitoring is enabled by default if the ASG is created from the console\xa0 \xa0 </p>', '<p>Detailed monitoring is enabled by default if the ASG is created from the CLI\xa0 \xa0 </p>', '<p>Basic monitoring is enabled by default if the ASG is created from the CLI\xa0 \xa0 </p>', '<p>Detailed monitoring is chargeable and must always be manually enabled\xa0 \xa0 </p>', '<p>Detailed monitoring is free and can be manually enabled\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231927, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'b'], 'question_plain': 'A Solutions Architect is deploying an Auto Scaling Group (ASG) and needs to determine what CloudWatch monitoring option to use. Which of the statements below would assist the Architect in making his decision? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5928872, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Storing the file in an S3 bucket is cost-efficient, and using S3 event notifications to invoke a Lambda function works well for this unpredictable workload and is cost-efficient</li> \t<li>Kinesis data streams consumers run on EC2 instances (not Lambda)</li> \t<li>An SQS stream could be used to store the file but may not be cost-efficient for an unpredictable workload, using a fleet of EC2 instances for processing is also not cost efficient</li> \t<li>Storing the file in an EBS volume and using EC2 instances for processing is not cost efficient</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html">https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html</a></li> </ul>', 'question': '<p>An application you are designing receives and processes files. The files are typically around 4GB in size and the application extracts metadata from the files which typically takes a few seconds for each file. The pattern of updates is highly dynamic with times of little activity and then multiple uploads within a short period of time.</p><p>What architecture will address this workload the most cost efficiently?</p>', 'relatedLectureIds': '', 'answers': ['<p>Upload files into an S3 bucket, and use the Amazon S3 event notification to invoke a Lambda function to extract the metadata\xa0 \xa0 </p>', '<p>Place the files in an SQS queue, and use a fleet of EC2 instances to extract the metadata</p>', '<p>Store the file in an EBS volume which can then be accessed by another EC2 instance for processing\xa0 \xa0 </p>', '<p>Use a Kinesis data stream to store the file, and use Lambda for processing\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231929, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a'], 'question_plain': 'An application you are designing receives and processes files. The files are typically around 4GB in size and the application extracts metadata from the files which typically takes a few seconds for each file. The pattern of updates is highly dynamic with times of little activity and then multiple uploads within a short period of time.What architecture will address this workload the most cost efficiently?'}, {'_class': 'assessment', 'original_assessment_id': 5928878, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Device Farm is an app testing service that lets you test and interact with your Android, iOS, and web apps on many devices at once, or reproduce issues on a device in real time</li> \t<li>Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. It is not used for testing</li> \t<li>Amazon WorkSpaces is a managed, secure cloud desktop service</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/device-farm/">https://aws.amazon.com/device-farm/</a></li> </ul>', 'question': '<p>A Solutions Architect is developing a mobile web app that will provide access to health related data. The web apps will be tested on Android and iOS devices. The Architect needs to run tests on multiple devices simultaneously and to be able to reproduce issues, and record logs and performance data to ensure quality before release.</p><p>What AWS service can be used for these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>AWS Cognito\xa0 \xa0 </p>', '<p>AWS Device Farm\xa0 \xa0 </p>', '<p>AWS Workspaces\xa0 \xa0 </p>', '<p>Amazon Appstream 2.0\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231931, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': 'A Solutions Architect is developing a mobile web app that will provide access to health related data. The web apps will be tested on Android and iOS devices. The Architect needs to run tests on multiple devices simultaneously and to be able to reproduce issues, and record logs and performance data to ensure quality before release.What AWS service can be used for these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 5928888, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>There is no lifecycle policy available for EBS or EFS</li> \t<li>With S3 you can create a lifecycle action using the "expiration action element" which expires objects (deletes them) at the specified time</li> \t<li>S3 lifecycle actions apply to any storage class, including Glacier, however Glacier would not allow immediate download</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': "<p>A Solutions Architect is designing a highly-scalable system to track records. Records must remain available for immediate download for three months, and then the records must be deleted. </p><p>What's the most appropriate decision for this use case?</p>", 'relatedLectureIds': '', 'answers': ['<p>Store the files on Amazon EBS, and create a lifecycle policy to remove the files after three months\xa0 \xa0 </p>', '<p>Store the files on Amazon S3, and create a lifecycle policy to remove the files after three months\xa0 \xa0 </p>', '<p>Store the files on Amazon Glacier, and create a lifecycle policy to remove the files after three months\xa0 \xa0 </p>', '<p>Store the files on Amazon EFS, and create a lifecycle policy to remove the files after three months\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231933, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b'], 'question_plain': "A Solutions Architect is designing a highly-scalable system to track records. Records must remain available for immediate download for three months, and then the records must be deleted. What's the most appropriate decision for this use case?"}, {'_class': 'assessment', 'original_assessment_id': 5928890, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CloudFront is ideal for caching static content such as the files in this scenario and would increase performance</li> \t<li>Moving the files to EBS would not make accessing the files easier or improve performance</li> \t<li>Reducing the file size of the images may result in better retrieval times, however CloudFront would still be the preferable option</li> \t<li>Using Spot EC2 instances may reduce EC2 costs but it won\'t improve user experience</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> </ul>', 'question': '<p>A Solutions Architect is responsible for a web application that runs on EC2 instances that sit behind an Application Load Balancer (ALB). Auto Scaling is used to launch instances across 3 Availability Zones. The web application serves large image files and these are stored on an Amazon EFS file system. Users have experienced delays in retrieving the files and the Architect has been asked to improve the user experience.</p><p>What should the Architect do to improve user experience?</p>', 'relatedLectureIds': '', 'answers': ['<p>Move the digital assets to EBS\xa0 \xa0 </p>', '<p>Reduce the file size of the images\xa0 \xa0 </p>', '<p>Cache static content using CloudFront\xa0 \xa0 </p>', '<p>Use Spot instances\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231935, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['c'], 'question_plain': 'A Solutions Architect is responsible for a web application that runs on EC2 instances that sit behind an Application Load Balancer (ALB). Auto Scaling is used to launch instances across 3 Availability Zones. The web application serves large image files and these are stored on an Amazon EFS file system. Users have experienced delays in retrieving the files and the Architect has been asked to improve the user experience.What should the Architect do to improve user experience?'}, {'_class': 'assessment', 'original_assessment_id': 5928892, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon S3 offers versioning. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily recover from both unintended user actions and application failures</li> \t<li>Amazon EBS, EFS, and CloudFront do not offer versioning</li> </ul> <strong>References:</strong> <ul></ul> <ul> \t<li><a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html">https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>A Solutions Architect is developing a solution for a new document-sharing application. One of the functional requirements for the solution is to have an ability to roll back to previous versions of files and recover deleted documents.</p><p>\xa0What storage solution would fulfil these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon S3\xa0 \xa0 </p>', '<p>Amazon\xa0EFS</p>', '<p>Amazon EC2 Instance Store</p>', '<p>Amazon CloudFront</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231937, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a'], 'question_plain': 'A Solutions Architect is developing a solution for a new document-sharing application. One of the functional requirements for the solution is to have an ability to roll back to previous versions of files and recover deleted documents.\xa0What storage solution would fulfil these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 5928894, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>S3 event notifications triggering a Lambda function is completely serverless and cost-effective</li> \t<li>AWS Glue can trigger ETL jobs that will transform that data and load it into a data store such as S3</li> \t<li>Kinesis Data Streams is used for processing data, rather than extracting and transforming it. The Kinesis consumers are EC2 instances which are not as cost-effective as serverless solutions</li> \t<li>AWS Data Pipeline can be used to automate the movement and transformation of data, it relies on other services to actually transform the data</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html">https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html</a></li> \t<li><a href="https://aws.amazon.com/glue/">https://aws.amazon.com/glue/</a></li> </ul>', 'question': '<p>A Solutions Architect needs to transform data that is being uploaded into S3. The uploads happen sporadically and the transformation should be triggered by an event. The transformed data should then be loaded into a target data store.</p><p>What services would be used to deliver this solution in the MOST cost-effective manner? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Configure a CloudWatch alarm to send a notification to CloudFormation when data is uploaded\xa0 \xa0 </p>', '<p>Configure S3 event notifications to trigger a Lambda function when data is uploaded and use the Lambda function to trigger the ETL job\xa0 \xa0 </p>', '<p>Configure CloudFormation to provision a Kinesis data stream to transform the data and load it into S3\xa0 \xa0 </p>', '<p>Use AWS Glue to extract, transform and load the data into the target data store\xa0 \xa0 </p>', '<p>Configure CloudFormation to provision AWS Data Pipeline to transform the data\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231939, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['b', 'd'], 'question_plain': 'A Solutions Architect needs to transform data that is being uploaded into S3. The uploads happen sporadically and the transformation should be triggered by an event. The transformed data should then be loaded into a target data store.What services would be used to deliver this solution in the MOST cost-effective manner? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5928910, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The AWS KMS API can be used for encrypting data keys (envelope encryption)</li> \t<li>AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources</li> \t<li>The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users)</li> \t<li>IAM access keys are used for signing programmatic requests you make to AWS</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/kms/latest/APIReference/Welcome.html">https://docs.aws.amazon.com/kms/latest/APIReference/Welcome.html</a></li> </ul>', 'question': '<p>A Solutions Architect is developing an encryption solution. The solution requires that data keys are encrypted using envelope protection before they are written to disk. </p><p>Which solution option can assist with this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>AWS KMS API\xa0 \xa0 </p>', '<p>AWS Certificate Manager\xa0 \xa0 </p>', '<p>API Gateway with STS</p>', '<p>IAM Access Key\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231941, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a'], 'question_plain': 'A Solutions Architect is developing an encryption solution. The solution requires that data keys are encrypted using envelope protection before they are written to disk. Which solution option can assist with this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 5928912, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run</li> \t<li>Amazon RedShift is used for analytics but cannot analyze data in S3</li> \t<li>AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. It is not used for analyzing data in S3</li> \t<li>AWS Data Pipeline is a web service that helps you reliably process and move data between different AWS compute and storage services, as well as on-premises data sources, at specified intervals</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/athena/">https://aws.amazon.com/athena/</a></li> </ul>', 'question': '<p>A Solutions Architect has been asked to suggest a solution for analyzing data in in S3 using standard SQL queries. The solution should use a serverless technology.\xa0</p><p>Which AWS service can the Architect use?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon Athena\xa0 \xa0 </p>', '<p>Amazon RedShift\xa0 \xa0 </p>', '<p>AWS Glue\xa0 \xa0 </p>', '<p>AWS Data Pipeline\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231943, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a'], 'question_plain': 'A Solutions Architect has been asked to suggest a solution for analyzing data in in S3 using standard SQL queries. The solution should use a serverless technology.\xa0Which AWS service can the Architect use?'}, {'_class': 'assessment', 'original_assessment_id': 5928924, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Athena also allows you to easily query encrypted data stored in Amazon S3 and write encrypted results back to your S3 bucket. Both, server-side encryption and client-side encryption are supported</li> \t<li>With IAM policies, you can grant IAM users fine-grained control to your S3 buckets, and is preferable to using bucket ACLs</li> \t<li>AWS Glue is an ETL service and is not used for querying and analyzing data in S3</li> \t<li>The AWS KMS API can be used for encryption purposes, however it cannot perform analytics so is not suitable</li> </ul> <strong>References:</strong><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/"></a> <ul> \t<li><a href="https://aws.amazon.com/athena/">https://aws.amazon.com/athena/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>An application you manage stores encrypted data in S3 buckets. You need to be able to query the encrypted data using SQL queries and write the encrypted results back the S3 bucket. As the data is sensitive you need to implement fine-grained control over access to the S3 bucket.</p><p>What combination of services represent the BEST options support these requirements? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use Athena for querying the data and writing the results back to the bucket\xa0 \xa0 </p>', '<p>Use IAM policies to restrict access to the bucket\xa0 \xa0 </p>', '<p>Use bucket ACLs to restrict access to the bucket\xa0 \xa0 </p>', '<p>Use AWS Glue to extract the data, analyze it, and load it back to the S3 bucket\xa0 \xa0 </p>', '<p>Use the AWS KMS API to query the encrypted data, and the S3 API for writing the results\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231945, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:23:41Z', 'created': '2018-11-26T03:23:41Z', 'correct_response': ['a', 'b'], 'question_plain': 'An application you manage stores encrypted data in S3 buckets. You need to be able to query the encrypted data using SQL queries and write the encrypted results back the S3 bucket. As the data is sensitive you need to implement fine-grained control over access to the S3 bucket.What combination of services represent the BEST options support these requirements? (choose 2)'}], 'next': None, 'count': 65, 'previous': None}, 'type': 'practice-test'}, {'title': 'AWS Certified Solutions Architect - Associate: Test 2', 'quiz_data': {'results': [{'_class': 'assessment', 'original_assessment_id': 4839252, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The in-memory caching provided by ElastiCache can be used to significantly improve latency and throughput for many read-heavy application workloads or compute-intensive workloads</li> \t<li>ElastiCache can be used for storing session state</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/</a></li> </ul>', 'question': '<p>You are designing a web application that requires high performance and consistent user experience. Which AWS service would be best suited to storing transient session state data?</p>', 'relatedLectureIds': '', 'answers': ['<p>ElastiCache</p>', '<p>RDS</p>', '<p>Auto Scaling</p>', '<p>RedShift</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231961, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a'], 'question_plain': 'You are designing a web application that requires high performance and consistent user experience. Which AWS service would be best suited to storing transient session state data?'}, {'_class': 'assessment', 'original_assessment_id': 4839270, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Dynamo DB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability</li> \t<li>Push button scaling means that you can scale the DB at any time without incurring downtime</li> \t<li>Amazon DynamoDB stores three geographically distributed replicas of each table to enable high availability and data durability</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>A new mobile application that your company is deploying will be hosted on AWS. The users of the application will use mobile devices to upload small amounts of data on a frequent basis. It is expected that the number of users connecting each day could be over 1 million. The data that is uploaded must be stored in a durable and persistent data store. The data store must also be highly available and easily scalable.</p><p>Which AWS services would you use?</p>', 'relatedLectureIds': '', 'answers': ['<p>RedShift</p>', '<p>Kinesis</p>', '<p>RDS</p>', '<p>DynamoDB</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231963, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['d'], 'question_plain': 'A new mobile application that your company is deploying will be hosted on AWS. The users of the application will use mobile devices to upload small amounts of data on a frequent basis. It is expected that the number of users connecting each day could be over 1 million. The data that is uploaded must be stored in a durable and persistent data store. The data store must also be highly available and easily scalable.Which AWS services would you use?'}, {'_class': 'assessment', 'original_assessment_id': 4839288, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Queues can be either standard or first-in-first-out (FIFO)</li> \t<li>Standard queues provide a loose-FIFO capability that attempts to preserve the order of messages</li> \t<li>Standard queues provide at-least-once delivery, which means that each message is delivered at least once</li> \t<li>FIFO (first-in-first-out) queues preserve the exact order in which messages are sent and received</li> \t<li>FIFO queues are available in limited regions currently</li> \t<li>If you use a FIFO queue, you don’t have to place sequencing information in your message</li> \t<li>FIFO queues provide exactly-once processing, which means that each message is delivered once and remains available until a consumer processes it and deletes it</li> </ul>', 'question': '<p>As a Solutions Architect for Digital Cloud Guru you are designing an online shopping application for a new client. The application will be composed of distributed, decoupled components to ensure that the failure of a single component does not affect the availability of the application.</p><p>You will be using SQS as the message queueing service and the client has stipulated that the messages related to customer orders must be processed in the order that they were submitted in the online application. The client expects that the peak rate of transactions will not exceed 140 transactions a second.</p><p>What will you explain to the client?</p>', 'relatedLectureIds': '', 'answers': ['<p>This is not possible with SQS as you cannot control the order in the queue\xa0 \xa0 </p>', '<p>The only way this can be achieved is by configuring the applications to process messages from the queue in the right order based on timestamps\xa0 \xa0 </p>', '<p>This can be achieved by using a FIFO queue which will guarantee the order of messages\xa0 \xa0 </p>', '<p>This is fine, standard SQS queues can guarantee the order of the messages\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231965, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c'], 'question_plain': 'As a Solutions Architect for Digital Cloud Guru you are designing an online shopping application for a new client. The application will be composed of distributed, decoupled components to ensure that the failure of a single component does not affect the availability of the application.You will be using SQS as the message queueing service and the client has stipulated that the messages related to customer orders must be processed in the order that they were submitted in the online application. The client expects that the peak rate of transactions will not exceed 140 transactions a second.What will you explain to the client?'}, {'_class': 'assessment', 'original_assessment_id': 4839306, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for specialized needs</li> \t<li>Kinesis Data Streams enables real-time processing of streaming big data</li> \t<li>Kinesis Data Streams is useful for rapidly moving data off data producers and then continuously processing the data</li> \t<li>Kinesis Data Streams stores data for later processing by applications (key difference with Firehose which delivers data directly to AWS services)</li> \t<li>Consumers can store their results using an AWS service such as Amazon DynamoDB, Amazon Redshift, or Amazon S3</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> </ul>', 'question': '<p>Your client has a requirement to process a large number of log files that will be ingested from a number of application nodes. The data needs to be processed in real-time and the output will then be stored in an Amazon S3 bucket.</p><p>Which AWS service can assist with this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>SQS\xa0</p>', '<p>Kinesis Data Streams</p>', '<p>API\xa0Gateway</p>', '<p>SNS</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231967, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'Your client has a requirement to process a large number of log files that will be ingested from a number of application nodes. The data needs to be processed in real-time and the output will then be stored in an Amazon S3 bucket.Which AWS service can assist with this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 4839346, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Multi-AZ RDS creates a replica in another AZ and synchronously replicates to it (DR only)</li> \t<li>Read replicas are used for read heavy DBs and replication is asynchronous</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>Your company runs a two-tier application on the AWS cloud that is composed of a web front-end and an RDS database. The web front-end uses multiple EC2 instances in multiple Availability Zones (AZ) in an Auto Scaling group behind an Elastic Load Balancer. Your manager is concerned about a single point of failure in the RDS database layer.</p><p>What would be the most effective approach to minimizing the risk of an AZ failure causing an outage to your database layer?</p>', 'relatedLectureIds': '', 'answers': ['<p>Take a snapshot of the database\xa0 \xa0 </p>', '<p>Increase the DB instance size\xa0 \xa0 </p>', '<p>Create a Read Replica of the RDS DB instance in another AZ\xa0 \xa0 </p>', '<p>Enable Multi-AZ for the RDS DB instance\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231969, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['d'], 'question_plain': 'Your company runs a two-tier application on the AWS cloud that is composed of a web front-end and an RDS database. The web front-end uses multiple EC2 instances in multiple Availability Zones (AZ) in an Auto Scaling group behind an Elastic Load Balancer. Your manager is concerned about a single point of failure in the RDS database layer.What would be the most effective approach to minimizing the risk of an AZ failure causing an outage to your database layer?'}, {'_class': 'assessment', 'original_assessment_id': 4839560, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Auto Scaling can perform rebalancing when it finds that the number of instances across AZs is not balanced</li> \t<li>Auto Scaling rebalances by launching new EC2 instances in the AZs that have fewer instances first, only then will it start terminating instances in AZs that had more instances</li> \t<li>Auto Scaling may go over the maximum number of instances by 10% temporarily for the purposes of rebalancing</li> \t<li>An imbalance may occur due to:</li> \t<li>- Manually removing AZs/subnets from the configuration</li> \t<li>- Manually terminating EC2 instances</li> \t<li>- EC2 capacity issues</li> \t<li>- Spot price is reached</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>Another systems administrator in your company created an Auto Scaling group that is configured to ensure that four EC2 instances are available at a minimum at all times. The settings he selected on the Auto Scaling group are a minimum group size of four instances and a maximum group size of six instances.</p><p>Your colleague has asked your assistance in trying to understand if Auto Scaling will allow him to terminate instances in the Auto Scaling group and what the effect would be if it does.</p><p>What advice would you give to your colleague?</p>', 'relatedLectureIds': '', 'answers': ['<p>Auto Scaling will not allow him to terminate an EC2 instance, because there are currently four provisioned instances and the minimum is set to four\xa0 \xa0 </p>', '<p>He would need to reduce the minimum group size setting to be able to terminate any instances\xa0 \xa0 </p>', '<p>This should be allowed, and Auto Scaling will launch additional instances to compensate for the ones that were terminated\xa0 \xa0 </p>', '<p>This can only be done via the command line\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231971, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c'], 'question_plain': 'Another systems administrator in your company created an Auto Scaling group that is configured to ensure that four EC2 instances are available at a minimum at all times. The settings he selected on the Auto Scaling group are a minimum group size of four instances and a maximum group size of six instances.Your colleague has asked your assistance in trying to understand if Auto Scaling will allow him to terminate instances in the Auto Scaling group and what the effect would be if it does.What advice would you give to your colleague?'}, {'_class': 'assessment', 'original_assessment_id': 4839756, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>These are the limits unless you request a higher amount:</li> \t<li>US East (N. Virginia) Region:</li> \t<li>- Per table – 40,000 read capacity units and 40,000 write capacity units</li> \t<li>- Per account – 80,000 read capacity units and 80,000 write capacity units</li> \t<li>All Other Regions:</li> \t<li>- Per table – 10,000 read capacity units and 10,000 write capacity units</li> \t<li>- Per account – 20,000 read capacity units and 20,000 write capacity units</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>Your client is running an individual DynamoDB table in the Asia Pacific (Tokyo) region. As the client’s business is expanding the load on the table is increasing and you’ve have been asked what limitations you may come up against in terms of write throughput to the single table?</p><p>What advice would you give to your client?</p>', 'relatedLectureIds': '', 'answers': ['<p>40,000 write capacity units is the limitation per AWS account\xa0 \xa0 </p>', '<p>80,000 write capacity units is the maximum supported write throughput\xa0 \xa0 </p>', '<p>10,000 write capacity units is the default per table, but you can request a service limit increase\xa0 \xa0 </p>', '<p>10,000 write capacity units is the maximum supported for an individual table\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231973, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c'], 'question_plain': 'Your client is running an individual DynamoDB table in the Asia Pacific (Tokyo) region. As the client’s business is expanding the load on the table is increasing and you’ve have been asked what limitations you may come up against in terms of write throughput to the single table?What advice would you give to your client?'}, {'_class': 'assessment', 'original_assessment_id': 4839792, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>A task definition is required to run Docker containers in Amazon ECS</li> \t<li>You can specify the IAM role the task should use for permissions</li> \t<li>You can only apply one IAM role to a Task Definition</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> </ul>', 'question': '<p>You would like to grant additional permissions to an individual ECS application container on an ECS cluster that you have deployed. You would like to do this without granting additional permissions to the other containers that are running on the cluster.</p><p>How can you achieve this?</p>', 'relatedLectureIds': '', 'answers': ['<p>You cannot implement granular permissions with ECS containers\xa0 \xa0 </p>', '<p>In the same Task Definition, specify a separate Task Role for the application container\xa0 \xa0 </p>', '<p>Create a separate Task Definition for the application container that uses a different Task Role\xa0 \xa0 </p>', '<p>Use EC2 instances instead as you can assign different IAM roles on each instance\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231975, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c'], 'question_plain': 'You would like to grant additional permissions to an individual ECS application container on an ECS cluster that you have deployed. You would like to do this without granting additional permissions to the other containers that are running on the cluster.How can you achieve this?'}, {'_class': 'assessment', 'original_assessment_id': 4839828, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CloudFront and ELB support Perfect Forward Secrecy which creates a new private key for each SSL session</li> \t<li>Perfect Forward Secrecy (PFS)\xa0provides additional safeguards against the eavesdropping of encrypted data, through the use of a unique random session key</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>The Perfect Forward Secrecy (PFS) security feature uses a derived session key to provide additional safeguards against the eavesdropping of encrypted data. Which two AWS services support PFS? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>EC2</p>', '<p>EBS</p>', '<p>CloudFront</p>', '<p>Auto Scaling</p>', '<p>Elastic Load Balancing</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231977, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c', 'e'], 'question_plain': 'The Perfect Forward Secrecy (PFS) security feature uses a derived session key to provide additional safeguards against the eavesdropping of encrypted data. Which two AWS services support PFS? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4839876, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS CloudFormation is a service that gives developers and businesses an easy way to create a collection of related AWS resources and provision them in an orderly and predictable fashion</li> \t<li>AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/</a></li> </ul>', 'question': '<p>Your client is looking for a way to use standard templates for describing and provisioning their infrastructure resources on AWS. Which AWS service can be used in this scenario?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Simple Workflow Service (SWF)\xa0 \xa0 </p>', '<p>CloudFormation</p>', '<p>Auto Scaling</p>', '<p>Elastic Beanstalk</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231979, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'Your client is looking for a way to use standard templates for describing and provisioning their infrastructure resources on AWS. Which AWS service can be used in this scenario?'}, {'_class': 'assessment', 'original_assessment_id': 4839944, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>There is no standard metric for memory usage on EC2 instances</li> \t<li>Use the AWS website link above for a comprehensive list of the metrics that are collected</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ec2-metricscollected.html">https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ec2-metricscollected.html</a></li> </ul>', 'question': '<p>You are creating an operational dashboard in CloudWatch for a number of EC2 instances running in your VPC. Which one of the following metrics will not be available by default?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Memory usage</p>', '<p>Disk read operations</p>', '<p>Network in and out</p>', '<p>CPU\xa0utilization</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231981, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a'], 'question_plain': 'You are creating an operational dashboard in CloudWatch for a number of EC2 instances running in your VPC. Which one of the following metrics will not be available by default?'}, {'_class': 'assessment', 'original_assessment_id': 4839996, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can access Amazon EMR by using the AWS Management Console, Command Line Tools, SDKs, or the EMR API</li> \t<li>With EMR you have access to the underlying operating system (you can SSH in)</li> \t<li>With EC2 you have full control at the operating system layer</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-emr/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-emr/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>Your company SysOps practices involve running scripts within the Linux operating systems of your applications. Which of the following AWS services allow you to access the underlying operating system? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon RDS</p>', '<p>Amazon EMR</p>', '<p>Amazon DynamoDB</p>', '<p>Amazon EC2</p>', '<p>AWS\xa0Lambda</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231983, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b', 'd'], 'question_plain': 'Your company SysOps practices involve running scripts within the Linux operating systems of your applications. Which of the following AWS services allow you to access the underlying operating system? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4840118, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EBS volume data is replicated across multiple servers in an AZ</li> \t<li>EBS volumes must be in the same AZ as the instances they are attached to</li> \t<li>Snapshots are stored on S3</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> </ul>', 'question': '<p>You are considering the security and durability of your data that is stored in Amazon EBS volumes. Which of the statements below is true?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>EBS volumes are replicated within their Availability Zone (AZ) to protect you from component failure\xa0 \xa0 </p>', '<p>EBS volumes are replicated across AZs to protect you from loss of access to an individual AZ\xa0 \xa0 </p>', '<p>EBS volumes are backed by Amazon S3 which replicates data across multiple facilities within a region\xa0 \xa0 </p>', '<p>You can define the number of AZs to replicate your data to via the API\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231985, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a'], 'question_plain': 'You are considering the security and durability of your data that is stored in Amazon EBS volumes. Which of the statements below is true?'}, {'_class': 'assessment', 'original_assessment_id': 4840172, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EFS is a fully-managed service that makes it easy to set up and scale file storage in the Amazon Cloud</li> \t<li>EFS uses the NFSv4.1 protocol</li> \t<li>EFS is elastic and grows and shrinks as you add and remove data</li> \t<li>Can concurrently connect 1 to 1000s of EC2 instances, from multiple AZs</li> \t<li>A file system can be accessed concurrently from all AZs in the region where it is located</li> \t<li>Amazon EFS is designed to burst to allow high throughput levels for periods of time</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/</a></li> </ul>', 'question': '<p>Your company runs a two-tier application that uses web front-ends running on EC2 instances across multiple AZs. The back-end is an RDS multi-AZ database instance. The front-end servers host a Content Management System (CMS) application that stores files that users upload in attached EBS storage. You don’t like having the uploaded files distributed across multiple EBS volumes and are concerned that this solution is not scalable.</p><p>You would like to design a solution for storing the files that are uploaded to your EC2 instances that can achieve high levels of aggregate throughput and IOPS. The solution must scale automatically, and provide consistent low latencies. You also need to be able to mount the storage to the EC2 instances across multiple AZs within the region.</p><p>Which AWS service would meet your needs?</p>', 'relatedLectureIds': '', 'answers': ['<p>Create an S3 bucket and use this as the storage location for the application\xa0 \xa0 </p>', '<p>Use the Amazon Elastic File System\xa0 \xa0 </p>', '<p>Use ElastiCache\xa0 \xa0 </p>', '<p>Store the files in the RDS database\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231987, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'Your company runs a two-tier application that uses web front-ends running on EC2 instances across multiple AZs. The back-end is an RDS multi-AZ database instance. The front-end servers host a Content Management System (CMS) application that stores files that users upload in attached EBS storage. You don’t like having the uploaded files distributed across multiple EBS volumes and are concerned that this solution is not scalable.You would like to design a solution for storing the files that are uploaded to your EC2 instances that can achieve high levels of aggregate throughput and IOPS. The solution must scale automatically, and provide consistent low latencies. You also need to be able to mount the storage to the EC2 instances across multiple AZs within the region.Which AWS service would meet your needs?'}, {'_class': 'assessment', 'original_assessment_id': 4840234, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AMIs are regional. You can only launch an AMI from the region in which it is stored. However, you can copy AMI’s to other regions using the console, command line, or the API</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>You work as a Solutions Architect at Digital Cloud Guru. You are working on a disaster recovery solution that allows you to bring up your applications in another AWS region. Some of your applications run on EC2 instances and have proprietary software configurations with embedded licenses. You need to create duplicate copies of your EC2 instances in the other region.</p><p>What would be the best way to do this? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Create snapshots of the EBS volumes attached to the instances\xa0 \xa0 </p>', '<p>Copy the snapshots to the other region\xa0 \xa0 </p>', '<p>Create an AMI of each EC2 instance and copy the AMIs to the other region</p>', '<p>Create new EC2 instances from the snapshot\xa0 \xa0 </p>', '<p>Create new EC2 instances from the AMIs\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231989, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c', 'e'], 'question_plain': 'You work as a Solutions Architect at Digital Cloud Guru. You are working on a disaster recovery solution that allows you to bring up your applications in another AWS region. Some of your applications run on EC2 instances and have proprietary software configurations with embedded licenses. You need to create duplicate copies of your EC2 instances in the other region.What would be the best way to do this? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4840288, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon VPC lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual network that you define</li> \t<li>Subnets are created within availability zones (AZs)</li> \t<li>Each subnet must reside entirely within one Availability Zone and cannot span zones</li> \t<li>Availability Zones are distinct locations that are engineered to be isolated from failures in other Availability Zones</li> \t<li>Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses</li> \t<li>Amazon EC2 Auto Scaling helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>You would like to create a highly available web application that serves static content using multiple On-Demand EC2 instances.</p><p>Which of the following AWS services will help you to achieve this? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Multiple Availability Zones\xa0 \xa0 </p>', '<p>Amazon S3 and CloudFront</p>', '<p>Elastic Load Balancer and Auto Scaling</p>', '<p>DynamoDB\xa0and ElastiCache\xa0 \xa0 </p>', '<p>Direct Connect </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231991, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'c'], 'question_plain': 'You would like to create a highly available web application that serves static content using multiple On-Demand EC2 instances.Which of the following AWS services will help you to achieve this? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4840360, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon EC2 Auto Scaling helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application</li> \t<li>Simple scaling adjusts the group size (up or down) in response to an alarm</li> \t<li>Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses</li> \t<li>Amazon DynamoDB stores three geographically distributed replicas of each table to enable high availability and data durability</li> \t<li>Elasticache Memcached cannot be used as a persistent datastore and does not support replication across AZs</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru and you’re reviewing a customer’s design for a two-tier application with a stateless web front-end running on EC2 and a database back-end running on DynamoDB. The current design consists of a single EC2 web server that connects to the DynamoDB table to store session state data.</p><p>The customer has requested that the data is stored across multiple geographic locations for high availability and durability and the web front-end should be fault tolerant and able to scale automatically in times of high load.</p><p>What changes will you recommend to the client? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Add another compute in another Availability Zone and use Route 53 to distribute traffic using Round Robin\xa0 \xa0 </p>', '<p>Setup an Auto Scaling Group across multiple Availability Zones configured to run multiple EC2 instances across zones and use simple scaling to increase the group size during periods of high utilization\xa0 \xa0 </p>', '<p>Launch an Elastic Load Balancer and attach it to the Auto Scaling Group\xa0 \xa0 </p>', '<p>Use RDS database in a Multi-AZ configuration to add high availability\xa0 \xa0 </p>', '<p>Use Elasticache Memcached for the datastore to gain high availability across AZs</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231993, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b', 'c'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru and you’re reviewing a customer’s design for a two-tier application with a stateless web front-end running on EC2 and a database back-end running on DynamoDB. The current design consists of a single EC2 web server that connects to the DynamoDB table to store session state data.The customer has requested that the data is stored across multiple geographic locations for high availability and durability and the web front-end should be fault tolerant and able to scale automatically in times of high load.What changes will you recommend to the client? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4840420, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Multi-AZ RDS creates a replica in another AZ and synchronously replicates to it (DR only)</li> \t<li>Multi-AZ deployments for the MySQL, MariaDB, Oracle and PostgreSQL engines utilize synchronous physical replication</li> \t<li>Multi-AZ deployments for the SQL Server engine use synchronous logical replication (SQL Server-native Mirroring technology)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>A Solutions Architect requires a highly available database that can deliver an extremely low RPO. Which of the following configurations uses synchronous replication?</p>', 'relatedLectureIds': '', 'answers': ['<p>RDS Read Replica across AWS regions\xa0 \xa0 </p>', '<p>DynamoDB Read Replica\xa0 \xa0 </p>', '<p>RDS DB instance using a Multi-AZ configuration\xa0 \xa0 </p>', '<p>EBS volume synchronization\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231995, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c'], 'question_plain': 'A Solutions Architect requires a highly available database that can deliver an extremely low RPO. Which of the following configurations uses synchronous replication?'}, {'_class': 'assessment', 'original_assessment_id': 4840478, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EC2 Launch Type allows you to run containers on EC2 instances that you manage</li> \t<li>Fargate Launch Type is a serverless infrastructure managed by AWS</li> \t<li>Fargate only supports container images hosted on Elastic Container Registry (ECR) or Docker Hub</li> \t<li>Private repositories are only supported by the EC2 Launch Type</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> </ul>', 'question': '<p>The development team in your company has created a new application that you plan to deploy on AWS which runs multiple components in Docker containers. You would prefer to use AWS managed infrastructure for running the containers as you do not want to manage EC2 instances.</p><p>Which of the below solution options would deliver these requirements? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use the Elastic Container Service (ECS) with the EC2 Launch Type\xa0 \xa0 </p>', '<p>Use the Elastic Container Service (ECS) with the Fargate Launch Type\xa0 \xa0 </p>', '<p>Put your container images in a private repository\xa0 \xa0 </p>', '<p>Put your container images in the Elastic Container Registry (ECR)\xa0 \xa0 </p>', '<p>Use CloudFront to deploy Docker on EC2\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231997, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b', 'd'], 'question_plain': 'The development team in your company has created a new application that you plan to deploy on AWS which runs multiple components in Docker containers. You would prefer to use AWS managed infrastructure for running the containers as you do not want to manage EC2 instances.Which of the below solution options would deliver these requirements? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4840534, 'related_lectures': [], 'prompt': {'explanation': '<strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>You would like to host a static website for digitalcloud.guru on AWS. You will be using Route 53 to direct traffic to the website. Which of the below steps would help you achieve your objectives? (Choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Create an S3 bucket named digitalcloud.guru\xa0 \xa0 </p>', '<p>Use any existing S3 bucket that has public read access enabled\xa0 \xa0 </p>', '<p>Create a “CNAME” record that points to the S3 bucket\xa0 \xa0 </p>', '<p>Create an “Alias” record that points to the S3 bucket\xa0 \xa0 </p>', '<p>Create an "SRV" record that points to the S3 bucket\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231999, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'd'], 'question_plain': 'You would like to host a static website for digitalcloud.guru on AWS. You will be using Route 53 to direct traffic to the website. Which of the below steps would help you achieve your objectives? (Choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4840594, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Lambda lets you run code as functions without provisioning or managing servers</li> \t<li>Code is invoked using API calls made using AWS SDKs</li> \t<li>Lambda assumes an IAM role when it executes the function</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/</a></li> </ul>', 'question': '<p>You are looking for a service that can run code in response to events that occur in services such as S3, DynamoDB and Kinesis Streams. The code should be invoked through API calls using AWS SDKs and assume an IAM role when it is executed. You do not want to manage infrastructure or pay any usage fees when the code is not running.</p><p>Which AWS service would be useful to you?</p>', 'relatedLectureIds': '', 'answers': ['<p>EMR</p>', '<p>Lambda</p>', '<p>SQS</p>', '<p>RedShift</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232001, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'You are looking for a service that can run code in response to events that occur in services such as S3, DynamoDB and Kinesis Streams. The code should be invoked through API calls using AWS SDKs and assume an IAM role when it is executed. You do not want to manage infrastructure or pay any usage fees when the code is not running.Which AWS service would be useful to you?'}, {'_class': 'assessment', 'original_assessment_id': 4840762, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Active Directory Service for Microsoft Active Directory is the best choice if you have more than 5000 users and/or need a trust relationship set up</li> \t<li>There are two editions of AWS Directory Service for AD:</li> \t<li>- Standard for up to 5000 users and 30,000 directory objects</li> \t<li>- Enterprise for large organizations up to 50,000 objects</li> \t<li>AWS Simple AD does not support trust relationships with other domains</li> \t<li>AD Connector supports two sizes:</li> \t<li>- Small – designed for organizations up to 500 users</li> \t<li>- Large – designed for organizations up to 5000 users</li> \t<li>Amazon Cognito is used for mobile and web app authentication</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. Your client’s company is growing and now has over 10,000 users. The client would like to start deploying services into the AWS Cloud including AWS Workspaces. The client expects there to be a large take-up of AWS services across their user base and would like to use their existing Microsoft Active Directory identity source for authentication. The client does not want to replicate account credentials into the AWS cloud.</p><p>You have been tasked with designing the identity, authorization and access solution for the customer. What AWS services would you include in your design? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use the Enterprise Edition of AWS Directory Service for Microsoft Active Directory\xa0 \xa0 </p>', '<p>Use a Large AWS Simple AD\xa0 \xa0 </p>', '<p>Use a Large AWS AD Connector\xa0 \xa0 </p>', '<p>Setup trust relationships to extend authentication from the on-premises Microsoft Active Directory into the AWS cloud\xa0 \xa0 </p>', '<p>Use an AWS Cognito user pool\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232003, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'd'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. Your client’s company is growing and now has over 10,000 users. The client would like to start deploying services into the AWS Cloud including AWS Workspaces. The client expects there to be a large take-up of AWS services across their user base and would like to use their existing Microsoft Active Directory identity source for authentication. The client does not want to replicate account credentials into the AWS cloud.You have been tasked with designing the identity, authorization and access solution for the customer. What AWS services would you include in your design? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4840822, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Kinesis Data Firehose is the easiest way to load streaming data into data stores and analytics tools</li> \t<li>Captures, transforms, and loads streaming data</li> \t<li>Can invoke a Lambda function to transform data before delivering it to destinations</li> \t<li>Firehose Destinations include:</li> \t<li>- Amazon S3</li> \t<li>- Amazon Redshift</li> \t<li>- Amazon Elasticsearch Service</li> \t<li>- Splunk</li> \t<li>For Splunk destinations, streaming data is delivered to Splunk, and it can optionally be backed up to your S3 bucket concurrently</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> </ul>', 'question': '<p>Your client needs to find the easiest way to load streaming data into data stores and analytics tools. The data will be captured, transformed, and loaded into Splunk. The transformation will be performed by a Lambda function so the service must support this integration. The client has also requested that a backup of the data is saved into an S3 bucket along with logging data.</p><p>Which AWS service would the client be able to use to achieve these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>Kinesis Data Firehose\xa0 \xa0 </p>', '<p>Kinesis Data Analytics</p>', '<p>RedShift</p>', '<p>Kinesis Data Streams</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232005, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a'], 'question_plain': 'Your client needs to find the easiest way to load streaming data into data stores and analytics tools. The data will be captured, transformed, and loaded into Splunk. The transformation will be performed by a Lambda function so the service must support this integration. The client has also requested that a backup of the data is saved into an S3 bucket along with logging data.Which AWS service would the client be able to use to achieve these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 4840880, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can transfer domains to Route 53 only if the Top Level Domain (TLD) is supported</li> \t<li>You cannot automatically register EC2 instances with private hosted zones (would need to be scripted)</li> \t<li>Route 53 can be used to route Internet traffic for domains registered with another domain registrar (any domain)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>A company is planning moving their DNS records to AWS as part of a major migration to the cloud. Which statements are true about Amazon Route 53?\xa0(choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>You can transfer domains to Route 53 even if the Top-Level Domain (TLD) is unsupported\xa0 \xa0 </p>', '<p>You cannot automatically register EC2 instances with private hosted zones\xa0 \xa0 </p>', '<p>You can automatically register EC2 instances with private hosted zones\xa0 \xa0 </p>', '<p>Route 53 can be used to route Internet traffic for domains registered with another domain registrar\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232007, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b', 'd'], 'question_plain': 'A company is planning moving their DNS records to AWS as part of a major migration to the cloud. Which statements are true about Amazon Route 53?\xa0(choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4840948, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li lang="en-AU">ElastiCache is a web service that makes it easy to deploy and run Memcached or Redis protocol-compliant server nodes in\xa0the cloud</li> \t<li lang="en-AU">The in-memory caching provided by ElastiCache can be used to significantly improve latency and throughput for many read-heavy application workloads or compute-intensive workloads</li> \t<li lang="en-AU">Best for scenarios where the DB load is based on Online Analytics Processing (OLAP) transactions</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>Your manager has asked you to explain how Amazon ElastiCache may assist with the company’s plans to improve the performance of database queries.</p><p>Which of the below statements is a valid description of the benefits of Amazon ElastiCache? (Choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>ElastiCache is best suited for scenarios where the data base load type is OLTP\xa0 \xa0 </p>', '<p>ElastiCache nodes can be accessed directly from the Internet and EC2 instances in other regions, which allows you to improve response times for queries over long distances\xa0 \xa0 </p>', '<p>ElastiCache is a web service that makes it easy to deploy and run Memcached or Redis protocol-compliant server nodes in the cloud\xa0 \xa0 </p>', '<p>ElastiCache can form clusters using a mixture of Memcached and Redis caching engines, allowing you to take advantage of the best features of each caching engine\xa0 \xa0 </p>', '<p>The in-memory caching provided by ElastiCache can be used to significantly improve latency and throughput for many read-heavy application workloads or compute-intensive workloads\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232009, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c', 'e'], 'question_plain': 'Your manager has asked you to explain how Amazon ElastiCache may assist with the company’s plans to improve the performance of database queries.Which of the below statements is a valid description of the benefits of Amazon ElastiCache? (Choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4841012, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Auto Scaling can perform rebalancing when it finds that the number of instances across AZs is not balanced</li> \t<li>Auto Scaling rebalances by launching new EC2 instances in the AZs that have fewer instances first, only then will it start terminating instances in AZs that had more instances</li> \t<li>An imbalance may occur due to:</li> \t<li>- Manually removing AZs/subnets from the configuration</li> \t<li>- Manually terminating EC2 instances</li> \t<li>- EC2 capacity issues</li> \t<li>- Spot price is reached</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>You created a new Auto Scaling Group (ASG) with two subnets across AZ1 and AZ2 in your VPC. You set the minimum size to 6 instances. After creating the ASG you noticed that all EC2 instances were launched in AZ1 due to limited capacity of the required instance family within AZ2. You’re concerned about the imbalance of resources. What would be the expected behavior of Auto Scaling once the capacity constraints are resolved in AZ2?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The ASG will launch three additional EC2 instances in AZ2 and keep the six in AZ1\xa0 \xa0 </p>', '<p>The ASG will try to rebalance by first creating three new instances in AZ2 and then terminating three instances in AZ1\xa0 \xa0 </p>', '<p>The ASG will launch six additional EC2 instances in AZ2\xa0 \xa0 </p>', '<p>The ASG will not do anything until the next scaling event\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232011, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'You created a new Auto Scaling Group (ASG) with two subnets across AZ1 and AZ2 in your VPC. You set the minimum size to 6 instances. After creating the ASG you noticed that all EC2 instances were launched in AZ1 due to limited capacity of the required instance family within AZ2. You’re concerned about the imbalance of resources. What would be the expected behavior of Auto Scaling once the capacity constraints are resolved in AZ2?'}, {'_class': 'assessment', 'original_assessment_id': 4841076, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud</li> \t<li>This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services</li> \t<li>The customer is responsible for security of the resources they provision</li> \t<li>Customer responsibilities include operating system, network and firewall configuration, identity and access management, and customer data</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/compliance/shared-responsibility-model/">https://aws.amazon.com/compliance/shared-responsibility-model/</a></li> </ul>', 'question': '<p>As the Chief Security Officer (CSO) of a large banking organization you are reviewing your security policy for the usage of public cloud services. A key assessment criteria when comparing public cloud services against maintaining applications on-premise, is the split of responsibilities between AWS, as the service provider, and your company, as the customer.</p><p>According to the AWS Shared Responsibility Model, which of the following would be responsibilities of the service provider? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Operating system, network and firewall configuration\xa0 \xa0 </p>', '<p>Physical networking infrastructure\xa0 \xa0 </p>', '<p>Identity and Access Management\xa0 \xa0 </p>', '<p>Customer data\xa0 \xa0 </p>', '<p>Availability Zones\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232013, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b', 'e'], 'question_plain': 'As the Chief Security Officer (CSO) of a large banking organization you are reviewing your security policy for the usage of public cloud services. A key assessment criteria when comparing public cloud services against maintaining applications on-premise, is the split of responsibilities between AWS, as the service provider, and your company, as the customer.According to the AWS Shared Responsibility Model, which of the following would be responsibilities of the service provider? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4841204, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Availability Zones are distinct locations that are engineered to be isolated from failures in other Availability Zones</li> \t<li>Availability Zones are connected with low latency, high throughput, and highly redundant networking</li> \t<li>With EC2 you have full control at the operating system layer</li> \t<li>RDS is a fully managed service and you do not have access to the underlying EC2 instance (no root access)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> \t<li></li> </ul>', 'question': '<p>As a Solutions Architect at Digital Cloud Guru you are helping a client to design a multi-tier web application architecture. The client has requested that the architecture provide low-latency connectivity between all servers and be resilient across multiple locations. They would also like to use their existing Microsoft SQL licenses for the database tier. The client needs to maintain the ability to access the operating systems of all servers for the installation of monitoring software.</p><p>How would you recommend the database tier is deployed?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon EC2 instances with Microsoft SQL Server and data replication within an AZ\xa0 \xa0 </p>', '<p>Amazon EC2 instances with Microsoft SQL Server and data replication between two different AZs\xa0 \xa0 </p>', '<p>Amazon RDS with Microsoft SQL Server\xa0 \xa0 </p>', '<p>Amazon RDS with Microsoft SQL Server in a Multi-AZ configuration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232015, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'As a Solutions Architect at Digital Cloud Guru you are helping a client to design a multi-tier web application architecture. The client has requested that the architecture provide low-latency connectivity between all servers and be resilient across multiple locations. They would also like to use their existing Microsoft SQL licenses for the database tier. The client needs to maintain the ability to access the operating systems of all servers for the installation of monitoring software.How would you recommend the database tier is deployed?'}, {'_class': 'assessment', 'original_assessment_id': 4841260, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Can control ingress and egress traffic</li> \t<li>Can only assign permit rules in a security group, cannot assign deny rules</li> \t<li>All rules are evaluated until a permit is encountered or continues until the implicit deny</li> \t<li>Security groups are stateful</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You have been asked to review the security posture of your EC2 instances in AWS. When reviewing security groups, which rule types do you need to inspect? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Inbound</p>', '<p>Deny</p>', '<p>Outbound</p>', '<p>Stateful</p>', '<p>Stateless</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232017, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'c'], 'question_plain': 'You have been asked to review the security posture of your EC2 instances in AWS. When reviewing security groups, which rule types do you need to inspect? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4841328, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Corrections: <ul> \t<li>By default an instance only has a private IP address</li> \t<li>A private IPx4 address is not reachable over the Internet</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html</a></li> </ul>', 'question': "<p>A Solutions Architect is reviewing the IP addressing strategy for the company's resources in the AWS Cloud. Which of the statements below are correct regarding private IP addresses? (choose 2)\xa0 \xa0 </p>", 'relatedLectureIds': '', 'answers': ['<p> By default, an instance has a primary and secondary private IP address\xa0 \xa0 </p>', '<p>Secondary private IP addresses cannot be reassigned from one instance to another\xa0 \xa0 </p>', '<p>For instances launched in EC2-Classic, the private IPv4 address is released when the instance is stopped or terminated\xa0 \xa0 </p>', '<p>For instances launched in a VPC, a private IPv4 address remains associated with the network interface when the instance is stopped and restarted\xa0 \xa0 </p>', "<p>A private IPv4 address is an IP address that's reachable over the Internet\xa0 \xa0 </p>"], 'feedbacks': ['', '', '', '', '']}, 'id': 6232019, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c', 'd'], 'question_plain': "A Solutions Architect is reviewing the IP addressing strategy for the company's resources in the AWS Cloud. Which of the statements below are correct regarding private IP addresses? (choose 2)"}, {'_class': 'assessment', 'original_assessment_id': 4841410, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Corrections: <ul> \t<li>You cannot manually associate or disassociate a public IP address from your instance</li> \t<li>When you launch an instance in EC2-Classic, we automatically assign a public IP address to the instance from the EC2-Classic public IPv4 address pool. You cannot modify this behavior</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html</a></li> </ul>', 'question': "<p>A Solutions Architect is reviewing the IP addressing strategy for the company's resources in the AWS Cloud. Which of the statements below are correct regarding public IP addresses? (choose 2)</p>", 'relatedLectureIds': '', 'answers': ['<p>When you launch an instance in EC2-Classic, a public IP address is automatically assigned to the instance from the EC2-Classic public IPv4 address pool\xa0 \xa0 </p>', '<p>When you launch an instance into a VPC, your subnet has an attribute that determines whether instances launched into that subnet receive a public IP address from the EC2-VPC public IPv4 address pool\xa0 \xa0 </p>', '<p>You can manually associate or disassociate a public IP address from your instance\xa0 \xa0 </p>', "<p>The public IP address for your instance is retained when it's stopped or terminated\xa0 \xa0 </p>", '<p>You can modify whether an instance receives a public IP or not in EC2-Classic\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232021, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'b'], 'question_plain': "A Solutions Architect is reviewing the IP addressing strategy for the company's resources in the AWS Cloud. Which of the statements below are correct regarding public IP addresses? (choose 2)"}, {'_class': 'assessment', 'original_assessment_id': 4841480, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>API Gateway can scale to any level of traffic received by an API</li> \t<li>API Gateway scales up to the default throttling limit of 10,000 requests per second, and can burst past that up to 5,000 RPS</li> \t<li>Throttling is used to protect back-end instances from traffic spikes</li> \t<li>Lambda uses continuous scaling – scales out not up</li> \t<li>Lambda scales concurrently executing functions up to your default limit (1000)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. A client of yours is using API Gateway for accepting and processing a large number of API calls to AWS Lambda. The client’s business is rapidly growing and he is therefore expecting a large increase in traffic to his API Gateway and AWS Lambda services. </p><p>The client has asked for advice on ensuring the services can scale without any reduction in performance. What advice would you give to the client? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>API Gateway scales up to the default throttling limit, with some additional burst capacity available</p>', '<p>API Gateway can only scale up to the fixed throttling limits</p>', '<p>AWS Lambda automatically scales up by using larger instance sizes for your functions\xa0 \xa0 </p>', '<p>AWS Lambda scales concurrently executing functions up to your default limit</p>', '<p>API Gateway scales manually through the assignment of provisioned throughput\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232023, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'd'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. A client of yours is using API Gateway for accepting and processing a large number of API calls to AWS Lambda. The client’s business is rapidly growing and he is therefore expecting a large increase in traffic to his API Gateway and AWS Lambda services. The client has asked for advice on ensuring the services can scale without any reduction in performance. What advice would you give to the client? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4841536, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>A cluster placement group is a logical grouping of instances within a single Availability Zone</li> \t<li>Cluster placement groups are recommended for applications that benefit from low network latency, high network throughput, or both, and if the majority of the network traffic is between the instances in the group</li> \t<li>A spread placement group is a group of instances that are each placed on distinct underlying hardware</li> \t<li>Spread placement groups are recommended for applications that have a small number of critical instances that should be kept separate from each other</li> \t<li>Launching instances in a spread placement group reduces the risk of simultaneous failures that might occur when instances share the same underlying hardware</li> \t<li>Using a single instance on each dedicated host would be extremely expensive so option 3 is incorrect</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html</a></li> </ul>', 'question': '<p>An application that you will be deploying in your VPC requires 14 EC2 instances that must be placed on distinct underlying hardware to reduce the impact of the failure of a hardware node. The instances will use varying instance types. What configuration will cater to these requirements taking cost-effectiveness into account?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use a Cluster Placement Group within a single AZ\xa0 \xa0 </p>', '<p>Use a Spread Placement Group across two AZs\xa0 \xa0 </p>', '<p>Use dedicated hosts and deploy each instance on a dedicated host\xa0 \xa0 </p>', '<p>You cannot control which nodes your instances are placed on\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232025, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'An application that you will be deploying in your VPC requires 14 EC2 instances that must be placed on distinct underlying hardware to reduce the impact of the failure of a hardware node. The instances will use varying instance types. What configuration will cater to these requirements taking cost-effectiveness into account?'}, {'_class': 'assessment', 'original_assessment_id': 4841600, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can specify whether Amazon EC2 should hibernate, stop, or terminate Spot Instances when they are interrupted</li> \t<li>You can choose the interruption behavior that meets your needs</li> \t<li>The default is to terminate Spot Instances when they are interrupted</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html</a></li> </ul>', 'question': '<p>You have launched a Spot instance on EC2 for working on an application development project. In the event of an interruption what are the possible behaviors that can be configured? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Restart</p>', '<p>Hibernate</p>', '<p>Stop</p>', '<p>Save</p>', '<p>Pause</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232027, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b', 'c'], 'question_plain': 'You have launched a Spot instance on EC2 for working on an application development project. In the event of an interruption what are the possible behaviors that can be configured? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4841698, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ELB does not support client certificate authentication (API Gateway does support this)</li> \t<li>The EC2 instance Security Group is the wrong place to implement the allow rule</li> \t<li>The ELB Security group is the correct place to implement the allow rule</li> \t<li>Another method that would work would be to configure the ELB to forward the X-Forwarded-For header. For this to work you would need a method of filtering on the EC2 instance/application</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You are deploying a two-tier web application within your VPC. The application consists of multiple EC2 instances and an Internet-facing Elastic Load Balancer (ELB). The application will be used by a small number of users with fixed public IP addresses and you need to control access so only these users can access the application.</p><p>What would be the BEST methods of applying these controls? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Configure certificates on the clients and use client certificate authentication on the ELB</p>', '<p>Configure the EC2 instance’s Security Group to allow traffic from only the specific IP sources\xa0 \xa0 </p>', '<p>Configure the ELB Security Group to allow traffic from only the specific IP sources\xa0 \xa0 </p>', '<p>Configure the ELB to send the X-Forwarded-For header and configure the EC2 instances to filter traffic based on the source IP information in the header\xa0 \xa0 </p>', '<p>Configure the local firewall on each EC2 instance to only allow traffic from the specific IP sources\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232029, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c', 'd'], 'question_plain': 'You are deploying a two-tier web application within your VPC. The application consists of multiple EC2 instances and an Internet-facing Elastic Load Balancer (ELB). The application will be used by a small number of users with fixed public IP addresses and you need to control access so only these users can access the application.What would be the BEST methods of applying these controls? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4839108, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Instances can be assigned to IAM roles which configures them with credentials to access AWS resources</li> \t<li>You can attach an IAM role to an instance at launch time or at any time after\xa0by using the AWS CLI, SDK, or the EC2 console</li> \t<li>IAM roles can be attached, modified, or replaced at any time</li> \t<li>Only one IAM role can be attached to an EC2 instance at a time</li> \t<li>IAM uses values from the request context to check for matching policies and determine whether to allow or deny the request</li> \t<li>IAM policies are stored in IAM as JSON documents and specify the permissions that are allowed or denied</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>An EC2 instance that you manage has an IAM role attached to it that provides it with access to Amazon S3 for saving log data to a bucket. A change in the application architecture means that you now need to provide the additional ability for the application to securely make API requests to Amazon API Gateway.</p><p>Which two methods could you use to resolve this challenge? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Create an IAM role with a policy granting permissions to Amazon API Gateway and add it to the EC2 instance as an additional IAM role\xa0 \xa0 </p>', '<p>You cannot modify the IAM role assigned to an EC2 instance after it has been launched. You’ll need to recreate the EC2 instance and assign a new IAM role\xa0 \xa0 </p>', '<p>Create a new IAM role with multiple IAM policies attached that grants access to Amazon S3 and Amazon API Gateway, and replace the existing IAM role that is attached to the EC2 instance\xa0 \xa0 </p>', '<p>Add an IAM policy to the existing IAM role that the EC2 instance is using granting permissions to access Amazon API Gateway\xa0 \xa0 </p>', '<p>Delegate access to the EC2 instance from the API Gateway management console\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231947, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c', 'd'], 'question_plain': 'An EC2 instance that you manage has an IAM role attached to it that provides it with access to Amazon S3 for saving log data to a bucket. A change in the application architecture means that you now need to provide the additional ability for the application to securely make API requests to Amazon API Gateway.Which two methods could you use to resolve this challenge? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4839118, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Target groups are a logical grouping of targets (EC2 instances or ECS)</li> \t<li>A single target can be in multiple target groups</li> \t<li>Only one protocol and one port can be defined per target group</li> \t<li>ALB can route requests based on the content of the request in the host field: host-based or path-based</li> \t<li>Path-based is URL based routing e.g. example.com/images, example.com/app1</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You are using an Application Load Balancer (ALB) for distributing traffic for a number of application servers running on EC2 instances. The configuration consists of a single ALB with a single target group. The front-end listeners are receiving traffic for digitalcloud.guru on port 443 (SSL/TLS) and the back-end listeners are receiving traffic on port 80 (HTTP).</p><p>You will be installing a new application component on one of the application servers in the existing target group that will process data sent to digitalcloud.guru/orders. The application component will listen on HTTP port 8080 for this traffic.</p><p>What configuration changes do you need to make to implement this solution update? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Create a new target group and add the EC2 instance to it. Define the protocol as HTTP and the port as 8080\xa0 \xa0 </p>', '<p>Add an additional port to the existing target group and set it to 8080\xa0 \xa0 </p>', '<p>Add a new rule to the existing front-end listener with a Path condition. Set the path condition to /orders and add an action that forwards traffic to the new target group\xa0 \xa0 </p>', '<p>Add an additional front-end listener that listens on port 443 and set a path condition to process traffic destined to the path /orders\xa0 \xa0 </p>', '<p>Add a new rule to the existing front-end listener with a Host condition. Set the host condition to /orders and add an action that forwards traffic to the new target group\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231949, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'c'], 'question_plain': 'You are using an Application Load Balancer (ALB) for distributing traffic for a number of application servers running on EC2 instances. The configuration consists of a single ALB with a single target group. The front-end listeners are receiving traffic for digitalcloud.guru on port 443 (SSL/TLS) and the back-end listeners are receiving traffic on port 80 (HTTP).You will be installing a new application component on one of the application servers in the existing target group that will process data sent to digitalcloud.guru/orders. The application component will listen on HTTP port 8080 for this traffic.What configuration changes do you need to make to implement this solution update? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4839136, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The ECS container agent allows container instances to connect to the cluster</li> \t<li>The container agent runs on each infrastructure resource on an ECS cluster</li> \t<li>The ECS container agent is included in the Amazon ECS optimized AMI and can also be installed on any EC2 instance that supports the ECS specification (only supported on EC2 instances)</li> \t<li>The ECS container agent is available for Linux and Windows</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> </ul>', 'question': '<p>You have been tasked with building an ECS cluster using the EC2 launch type and need to ensure container instances can connect to the cluster. A colleague informed you that you must ensure the ECS container agent is installed on your EC2 instances. You have selected to use the Amazon ECS-optimized AMI.</p><p>Which of the statements below are correct? (Choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>The Amazon ECS container agent is included in the Amazon ECS-optimized AMI\xa0 \xa0 </p>', '<p>The Amazon ECS container agent is installed on the AWS managed infrastructure used for tasks using the EC2 launch type so you don’t need to do anything\xa0 \xa0 </p>', '<p>You can install the ECS container agent on any Amazon EC2 instance that supports the Amazon ECS specification\xa0 \xa0 </p>', '<p>You can only install the ECS container agent on Linux instances\xa0 \xa0 </p>', '<p>The Amazon ECS container agent must be installed for all AMIs\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231951, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'c'], 'question_plain': 'You have been tasked with building an ECS cluster using the EC2 launch type and need to ensure container instances can connect to the cluster. A colleague informed you that you must ensure the ECS container agent is installed on your EC2 instances. You have selected to use the Amazon ECS-optimized AMI.Which of the statements below are correct? (Choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4839152, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EC2 status checks are performed every minute and each returns a pass or a fail status</li> \t<li>If all checks pass, the overall status of the instance is OK</li> \t<li>If one or more checks fail, the overall status is impaired</li> \t<li>System status checks detect (StatusCheckFailed_System) problems with your instance that require AWS involvement to repair</li> \t<li>Instance status checks (StatusCheckFailed_Instance) detect problems that require your involvement to repair</li> \t<li>The action to recover the instance is only supported on specific instance types and can be used only with StatusCheckFailed_System</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>The operations team in your company are looking for a method to automatically respond to failed system status check alarms that are being received from an EC2 instance. The system in question is experiencing intermittent problems with its operating system software.</p><p>Which two steps will help you to automate the resolution of the operating system software issues? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Create a CloudWatch alarm that monitors the “StatusCheckFailed_System” metric\xa0 \xa0 </p>', '<p>Create a CloudWatch alarm that monitors the “StatusCheckFailed_Instance” metric\xa0 \xa0 </p>', '<p>Configure an EC2 action that recovers the instance\xa0 \xa0 </p>', '<p>Configure an EC2 action that reboots the instance\xa0 \xa0 </p>', '<p>Configure an EC2 action that terminates the instance\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231953, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b', 'd'], 'question_plain': 'The operations team in your company are looking for a method to automatically respond to failed system status check alarms that are being received from an EC2 instance. The system in question is experiencing intermittent problems with its operating system software.Which two steps will help you to automate the resolution of the operating system software issues? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4839172, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AD Connector is a directory gateway for redirecting directory requests to your on-premise Active Directory</li> \t<li>AD Connector eliminates the need for directory synchronization and the cost and complexity of hosting a federation infrastructure</li> \t<li>AD Connector connects your existing on-premise AD to AWS</li> \t<li>Best choice when you want to use an existing Active Directory with AWS services</li> \t<li>AD Connector comes in two sizes:</li> \t<li>- Small – designed for organizations up to 500 users</li> \t<li>- Large – designed for organizations up to 5000 users</li> \t<li>Active Directory Service for Microsoft Active Directory is the best choice if you have more than 5000 users and/or need a trust relationship set up</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/</a></li> </ul>', 'question': '<p>You work as an Enterprise Architect for Digital Cloud Guru which employs 1500 people. The company is growing at around 5% per annum. The company strategy is to increasingly adopt AWS cloud services. There is an existing Microsoft Active Directory (AD) service that is used as the on-premise identity and access management system. You want to avoid synchronizing your directory into the AWS cloud or adding permissions to resources in another AD domain.\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Install a Microsoft Active Directory Domain Controller on AWS and add it into your existing on-premise domain\xa0 \xa0 </p>', '<p>Launch an AWS Active Directory Service for Microsoft Active Directory and setup trust relationships with your on-premise domain\xa0 \xa0 </p>', '<p>Use a large AWS Simple AD in AWS\xa0 \xa0 </p>', '<p>Launch a large AWS Directory Service AD Connector to proxy all authentication back to your on-premise AD service for authentication\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231955, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['d'], 'question_plain': 'You work as an Enterprise Architect for Digital Cloud Guru which employs 1500 people. The company is growing at around 5% per annum. The company strategy is to increasingly adopt AWS cloud services. There is an existing Microsoft Active Directory (AD) service that is used as the on-premise identity and access management system. You want to avoid synchronizing your directory into the AWS cloud or adding permissions to resources in another AD domain.'}, {'_class': 'assessment', 'original_assessment_id': 4839194, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Direct Connect is a network service that provides an alternative to using the Internet to connect customers’ on premise sites to AWS</li> \t<li>Benefits of Direct Connect include:</li> \t<li>- Reduce cost when using large volumes of traffic</li> \t<li>- Increase reliability (predictable performance)</li> \t<li>- Increase bandwidth (predictable bandwidth)</li> \t<li>- Decrease latency</li> \t<li>From Direct Connect you can connect to all AZs within the region</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/aws-direct-connect/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/aws-direct-connect/</a></li> </ul>', 'question': '<p>You are a Solutions Architect for a systems integrator. Your client is growing their presence in the AWS cloud and has applications and services running in a VPC across multiple availability zones within a region. The client has a requirement to build an operational dashboard within their on-premise data center within the next few months. The dashboard will show near real time statistics and therefore must be connected over a low latency, high performance network.</p><p>What would be the best solution for this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use redundant VPN connections to two VGW routers in the region, this should give you access to the infrastructure in all AZs\xa0 \xa0 </p>', '<p>Order multiple AWS Direct Connect connections that will be connected to multiple AZs\xa0 \xa0 </p>', '<p>Order a single AWS Direct Connect connection to connect to the client’s VPC. This will provide access to all AZs within the region\xa0 \xa0 </p>', '<p>You cannot connect to multiple AZs from a single location\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6231957, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c'], 'question_plain': 'You are a Solutions Architect for a systems integrator. Your client is growing their presence in the AWS cloud and has applications and services running in a VPC across multiple availability zones within a region. The client has a requirement to build an operational dashboard within their on-premise data center within the next few months. The dashboard will show near real time statistics and therefore must be connected over a low latency, high performance network.What would be the best solution for this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 4839218, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Trails can be enabled per region or a trail can be applied to all region</li> \t<li>CloudTrail log files are encrypted using S3 Server Side Encryption (SSE)</li> \t<li>Can also enable encryption SSE KMS for additional security</li> \t<li>A single KMS key can be used to encrypt log files for trails applied to all regions</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudtrail/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudtrail/</a></li> </ul>', 'question': '<p>The security team in your company is defining new policies for enabling security analysis, resource change tracking, and compliance auditing. They would like to gain visibility into user activity by recording API calls made within the company’s AWS account. The information that is logged must be encrypted. This requirement applies to all AWS regions in which your company has services running.</p><p>How will you implement this request? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Create a CloudTrail trail and apply it to all regions\xa0 \xa0 </p>', '<p>Create a CloudTrail trail in each region in which you have services\xa0 \xa0 </p>', '<p>Enable encryption with a single KMS key\xa0 \xa0 </p>', '<p>Enable encryption with multiple KMS keys\xa0 \xa0 </p>', '<p>Use CloudWatch to monitor API calls\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6231959, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'c'], 'question_plain': 'The security team in your company is defining new policies for enabling security analysis, resource change tracking, and compliance auditing. They would like to gain visibility into user activity by recording API calls made within the company’s AWS account. The information that is logged must be encrypted. This requirement applies to all AWS regions in which your company has services running.How will you implement this request? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4841746, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can enable Instance Protection to protect a specific instance in an ASG from a scale in action</li> \t<li>Moving the Hadoop Node to another ASG would work but is impractical and would incur service interruption</li> \t<li>EC2 has a feature called “termination protection” not “Deletion Protection”</li> \t<li>The “DeleteOnTermination” value relates to EBS volumes not EC2 instances</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> \t<li><a href="https://aws.amazon.com/blogs/aws/new-instance-protection-for-auto-scaling/">https://aws.amazon.com/blogs/aws/new-instance-protection-for-auto-scaling/</a></li> </ul>', 'question': '<p>You are running a Hadoop cluster on EC2 instances in your VPC. The EC2 instances are launched by an Auto Scaling Group (ASG) and you have configured the ASG to scale out and in as demand changes. One of the instances in the group is the Hadoop Master Node and you need to ensure that it is not terminated when your ASG processes a scale in action.</p><p>What is the best way this can be achieved without interrupting services?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use the Instance Protection feature to set scale in protection for the Hadoop Master Node\xa0 \xa0 </p>', '<p>Move the Hadoop Master Node to another ASG that has the minimum and maximum instance settings set to 1\xa0 \xa0 </p>', '<p>Enable Deletion Protection for the EC2 instance\xa0 \xa0 </p>', '<p>Change the DeleteOnTermination value for the EC2 instance\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232031, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a'], 'question_plain': 'You are running a Hadoop cluster on EC2 instances in your VPC. The EC2 instances are launched by an Auto Scaling Group (ASG) and you have configured the ASG to scale out and in as demand changes. One of the instances in the group is the Hadoop Master Node and you need to ensure that it is not terminated when your ASG processes a scale in action.What is the best way this can be achieved without interrupting services?'}, {'_class': 'assessment', 'original_assessment_id': 4841808, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can encrypt your Amazon RDS instances and snapshots at rest by enabling the encryption option for your Amazon RDS DB instance</li> \t<li>Data that is encrypted at rest includes the underlying storage for a DB instance, its automated backups, Read Replicas, and snapshots</li> \t<li>A Read Replica of an Amazon RDS encrypted instance is also encrypted using the same key as the master instance when both are in the same region</li> \t<li>If the master and Read Replica are in different regions, you encrypt using the encryption key for that region</li> \t<li>You can create an encrypted Read Replica of an unencrypted DB instance, but you can\'t create an unencrypted Read Replica of an encrypted DB instance</li> \t<li>Using an ELB in front of RDS DB is not possible so this is a bogus answer</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a><a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html">https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html</a></li> </ul>', 'question': '<p>Your company is opening a new office in the Asia Pacific region. Users in the new office will need to read data from an RDS database that is hosted in the U.S. To improve performance, you are planning to implement a Read Replica of the database in the Asia Pacific region. However, your Chief Security Officer (CSO) has explained to you that the company policy dictates that all data that leaves the U.S must be encrypted at rest. The master RDS DB is not currently encrypted.</p><p>What options are available to you? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>You can encrypt the master RDS DB and also have an encrypted Read Replica that is encrypted with a different key\xa0 \xa0 </p>', '<p>You can encrypt the master RDS DB and also have an encrypted Read Replica that is encrypted with the same key\xa0 \xa0 </p>', '<p>You can leave the master RDS DB unencrypted and encrypt the Read Replica\xa0 \xa0 </p>', '<p>You can use an encrypted EBS volume for the Read Replica\xa0 \xa0 </p>', '<p>You can use an ELB to provide an encrypted transport layer in front of the RDS DB\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232033, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'c'], 'question_plain': 'Your company is opening a new office in the Asia Pacific region. Users in the new office will need to read data from an RDS database that is hosted in the U.S. To improve performance, you are planning to implement a Read Replica of the database in the Asia Pacific region. However, your Chief Security Officer (CSO) has explained to you that the company policy dictates that all data that leaves the U.S must be encrypted at rest. The master RDS DB is not currently encrypted.What options are available to you? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4841900, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>SSE-S3 – Server Side Encryption with S3 managed keys</li> \t<li>- Each object is encrypted with a unique key</li> \t<li>- Encryption key is encrypted with a master key</li> \t<li>- AWS regularly rotate the master key</li> \t<li>- Uses AES 256</li> \t<li>SSE-KMS – Server Side Encryption with AWS KMS keys</li> \t<li>- KMS uses Customer Master Keys (CMKs) to encrypt</li> \t<li>- Can use the automatically created CMK key</li> \t<li>- OR you can select your own key (gives you control for management of keys)</li> \t<li>- An envelope key protects your keys</li> \t<li>- Chargeable</li> \t<li>SSE-C – Server Side Encryption with client provided keys</li> \t<li>- Client manages the keys, S3 manages encryption</li> \t<li>- AWS does not store the encryption keys</li> \t<li>- If keys are lost data cannot be decrypted</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>A company is moving a large amount of sensitive data to the cloud. Data will be moved to Amazon S3 and the Solutions Architects are concerned about encryption and management of keys.</p><p>Which of the statements below is correct regarding the SSE-KMS option? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>KMS uses customer master keys (CMKs)\xa0 \xa0 </p>', '<p>KMS uses customer provided keys (CPKs)\xa0 \xa0 </p>', '<p>Keys are managed through Amazon S3\xa0 \xa0 </p>', '<p>Auditable master keys can be created, rotated, and disabled from the IAM console\xa0 \xa0 </p>', '<p>Data is encrypted on the client side and then transferred in an encrypted state\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232035, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'd'], 'question_plain': 'A company is moving a large amount of sensitive data to the cloud. Data will be moved to Amazon S3 and the Solutions Architects are concerned about encryption and management of keys.Which of the statements below is correct regarding the SSE-KMS option? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4841960, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Backing up the data and then deleting it is not the best solution when much of the data is accessed regularly</li> \t<li>A Storage Gateway Volume Gateway in cached mode will store the entire dataset on S3 and a cache of the most frequently accessed data is cached on-site</li> \t<li>The S3 copy command doesn’t help here as the data is not in S3</li> \t<li>You cannot archive straight into Glacier, you must store data on S3 first. Also, archiving is not the best solution to this problem</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/aws-storage-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/aws-storage-gateway/</a></li> </ul>', 'question': '<p>One of your clients has asked you for some advice on an issue they are facing regarding storage. The client uses an on-premise block based storage array which is getting close to capacity. The client would like to maintain a configuration where reads/writes to a subset of frequently accessed data are performed on-premise whilst also alleviating the local capacity issues by migrating data into the AWS\xa0cloud. What would you suggest as the BEST solution to the client’s current problems?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Implement a Storage Gateway Virtual Tape Library, backup the data and then delete the data from the array\xa0 \xa0 </p>', '<p>Implement a Storage Gateway Volume Gateway in cached mode\xa0 \xa0 </p>', '<p>Use S3 copy command to copy data into the AWS cloud\xa0 \xa0 </p>', '<p>Archive data that is not accessed regularly straight into Glacier\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232037, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'One of your clients has asked you for some advice on an issue they are facing regarding storage. The client uses an on-premise block based storage array which is getting close to capacity. The client would like to maintain a configuration where reads/writes to a subset of frequently accessed data are performed on-premise whilst also alleviating the local capacity issues by migrating data into the AWS\xa0cloud. What would you suggest as the BEST solution to the client’s current problems?'}, {'_class': 'assessment', 'original_assessment_id': 4842050, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Please note that though this is an incomplete solution. Sometimes in the exam you\'ll be offered solutions that are incomplete or for which you have to make assumptions. You\'ll also sometimes be offered multiple correct responses and have to choose the best or most cost-effective option</li> \t<li>The full list of route tables entries required for this solution are:</li> \t<li>-\xa0Destination 172.16.0.0/16 and target Local in VPC A</li> \t<li>-\xa0Destination 10.0.0.0/16 and target pcx-11112222 in VPC A</li> \t<li>-\xa0Destination 10.0.0.0/16 and target Local in VPC B</li> \t<li>-\xa0Destination 172.16.0.0/16 and target pcx.11112222 in VPC B</li> \t<li>Refer to the URL below for more details around this scenario</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/peering-configurations-full-access.html">https://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/peering-configurations-full-access.html</a></li> </ul>', 'question': '<p>There are two business units in your company that each have their own VPC. A company restructure has resulted in the need to work together more closely and you would like to configure VPC peering between the two VPCs. VPC A has a CIDR block of 172.16.0.0/16 and VPC B has a CIDR block of 10.0.0.0/16. You have created a VPC peering connection with the ID: pcx-11112222.</p><p>Which of the entries below should be added to the route table to allow full access to the entire CIDR block of the VPC peer? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Destination 10.0.0.0/16 and target pcx-11112222 in VPC A\xa0 \xa0 </p>', '<p>Destination 10.0.0.0/16 and target pcx-11112222 in VPC B\xa0 \xa0 </p>', '<p>Destination 0.0.0.0/0 and target Local in VPC A and VPC B</p>', '<p>Destination 172.16.0.0/16 and target pcx.11112222 in VPC A </p>', '<p>Destination 172.16.0.0/16 and target pcx.11112222 in VPC B\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232039, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a', 'e'], 'question_plain': 'There are two business units in your company that each have their own VPC. A company restructure has resulted in the need to work together more closely and you would like to configure VPC peering between the two VPCs. VPC A has a CIDR block of 172.16.0.0/16 and VPC B has a CIDR block of 10.0.0.0/16. You have created a VPC peering connection with the ID: pcx-11112222.Which of the entries below should be added to the route table to allow full access to the entire CIDR block of the VPC peer? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4842130, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Snapshots of encrypted volumes are encrypted automatically</li> \t<li>To share an encrypted snapshot you must encrypt it in the source account with a custom CMK key and then share the key with the target account</li> \t<li>You do not need to store the CMK key in CloudHSM</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You have taken a snapshot of an encrypted EBS volume and would like to share the snapshot with another AWS account. Which statements are true about sharing snapshots of encrypted EBS volumes? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>You must store the CMK key in CloudHSM and delegate access to the other AWS account</p>', '<p>Snapshots of encrypted volumes are unencrypted\xa0 \xa0 </p>', '<p>You must obtain an encryption key from the target AWS account for encrypting the snapshot\xa0 \xa0 </p>', '<p>A custom CMK key must be used for encryption if you want to share the snapshot\xa0 \xa0 </p>', '<p>You must share the CMK key as well as the snapshot with the other AWS account\xa0 \xa0 </p>', '<p>You must store the CMK key in CloudHSM and delegate access to the other AWS account\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '', '']}, 'id': 6232041, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['d', 'e'], 'question_plain': 'You have taken a snapshot of an encrypted EBS volume and would like to share the snapshot with another AWS account. Which statements are true about sharing snapshots of encrypted EBS volumes? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4842180, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>There is a soft limit of 20 On-demand or 20 reserved instances per region by default</li> \t<li>There are 32 possible hosts in a /27 subnet</li> \t<li>AWS reserve the first 4 and last 1 IP address. ELB requires 8 addresses within your subnet</li> \t<li>That leaves 19 addresses available</li> \t<li>There are 16 EC2 instances so a capacity increase of 50% would bring the total up to 24 instances which exceeds the address space and the default account limit for On-Demand instances</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>A colleague recently deployed a two-tier web application into a subnet using a test account. The subnet has an IP address block of 10.0.5.0/27 and he launched an Auto Scaling Group (ASG) with a desired capacity of 8 web servers. Another ASG has 6 application servers and two database servers and both ASGs are behind a single ALB with multiple target groups. All instances are On-Demand instances. Your colleague attempted to test a simulated in increase in capacity requirements of 50% and not all instances were able to launch successfully.</p><p>What would be the best explanations for the failure to launch the extra instances? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>The ASG is waiting for the health check grace period to expire, it might have been set at a high value\xa0 \xa0 </p>', '<p>AWS impose a soft limit of 20 instances per region for an account, you have exceeded this number\xa0 \xa0 </p>', '<p>There are insufficient IP addresses in the subnet range to allow for the EC2 instances, the AWS reserved addresses, and the ELB IP address requirements\xa0 \xa0 </p>', '<p>The IP address block overlaps with another subnet in the VPC\xa0 \xa0 </p>', '<p>There are insufficient resources available in the Availability Zone\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232043, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b', 'c'], 'question_plain': 'A colleague recently deployed a two-tier web application into a subnet using a test account. The subnet has an IP address block of 10.0.5.0/27 and he launched an Auto Scaling Group (ASG) with a desired capacity of 8 web servers. Another ASG has 6 application servers and two database servers and both ASGs are behind a single ALB with multiple target groups. All instances are On-Demand instances. Your colleague attempted to test a simulated in increase in capacity requirements of 50% and not all instances were able to launch successfully.What would be the best explanations for the failure to launch the extra instances? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4842246, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Cross-zone load balancing is enabled on the ALB by default. Also, if it was disabled the ALB would send traffic equally to each AZ configured regardless of the number of hosts in each AZ so some traffic would still get through</li> \t<li>Internet facing ELB:</li> \t<li>- ELB nodes have public IPs</li> \t<li>- Routes traffic to the private IP addresses of the EC2 instances</li> \t<li><strong>- Need one public subnet in each AZ where the ELB is defined</strong></li> \t<li>The ASG would automatically register new instances with the ALB</li> \t<li>Health checks are unlikely to be the issue here</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You have deployed a highly available web application across two AZs. The application uses an Auto Scaling Group (ASG) and an Application Load Balancer (ALB) to distribute connections between the EC2 instances that make up the web front-end. The load has increased and the ASG has launched new instances in both AZs, however you noticed that the ALB is only distributing traffic to the EC2 instances in one AZ.</p><p>From the options below, what is the most likely cause of the issue?</p>', 'relatedLectureIds': '', 'answers': ['<p>Cross-zone load balancing is not enabled on the ALB\xa0 \xa0 </p>', '<p>The ALB does not have a public subnet defined in both AZs\xa0 \xa0 </p>', '<p>The ASG has not registered the new instances with the ALB\xa0 \xa0 </p>', '<p>The EC2 instances in one AZ are not passing their health checks\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232045, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'You have deployed a highly available web application across two AZs. The application uses an Auto Scaling Group (ASG) and an Application Load Balancer (ALB) to distribute connections between the EC2 instances that make up the web front-end. The load has increased and the ASG has launched new instances in both AZs, however you noticed that the ALB is only distributing traffic to the EC2 instances in one AZ.From the options below, what is the most likely cause of the issue?'}, {'_class': 'assessment', 'original_assessment_id': 4842332, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Network ACL’s function at the subnet level</li> \t<li>With NACLs you can have permit and deny rules</li> \t<li>Network ACLs contain a numbered list of rules that are evaluated in order from the lowest number until the explicit deny</li> \t<li>All rules are not evaluated before making a decision (security groups do this), they are evaluated in order until a permit or deny is encountered</li> \t<li>Network ACLs only apply to traffic that is ingress or egress to the subnet not to traffic within the subnet</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>A Solutions Architect is creating a new VPC and is creating a security group and network ACL design. Which of the statements below are true regarding network ACLs? (choose 2)\xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Network ACLs operate at the instance level\xa0 \xa0 </p>', '<p>With Network ACLs you can only create allow rules</p>', '<p>Network ACLs contain a numbered list of rules that are evaluated in order from the lowest number until the explicit deny\xa0 \xa0 </p>', '<p>With Network ACLs all rules are evaluated until a permit is encountered or continues until the implicit deny\xa0 \xa0 </p>', '<p>Network ACLs only apply to traffic that is ingress or egress to the subnet not to traffic within the subnet\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232047, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c', 'e'], 'question_plain': 'A Solutions Architect is creating a new VPC and is creating a security group and network ACL design. Which of the statements below are true regarding network ACLs? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4842396, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Latency based routing would direct users to the closest region but geolocation allows you to configure settings based on specified attributes rather than just latency (distance)</li> \t<li>Geolocation provides:</li> \t<li>- Caters to different users in different countries and different languages</li> \t<li>- Contains users within a particular geography and offers them a customized version of the workload based on their specific needs</li> \t<li>- Geolocation can be used for localizing content and presenting some or all of your website in the language of your users</li> \t<li>- Can also protect distribution rights</li> \t<li>Multi-value answers are used for responding to DNS queries with up to eight healthy records selected at random</li> \t<li>CloudFront can cache content but would not provide the personalization features requested</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. One of your clients has a global presence and their web application runs out of multiple AWS regions. The client wants to personalize the experience for the customers in different parts of the world so they receive a customized application interface in the users’ language. The client has created the customized web applications and need to ensure customers are directed to the correct application based on their location.</p><p>How can this be achieved?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use Route 53 with a latency based routing policy that will direct users to the closest region\xa0 \xa0 </p>', '<p>Use Route 53 with a geolocation routing policy that directs users based on their geographical location\xa0 \xa0 </p>', '<p>Use Route 53 with a multi-value answer routing policy that presents multiple options to the users\xa0 \xa0 </p>', '<p>Use CloudFront to cache the content in edge locations\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232049, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. One of your clients has a global presence and their web application runs out of multiple AWS regions. The client wants to personalize the experience for the customers in different parts of the world so they receive a customized application interface in the users’ language. The client has created the customized web applications and need to ensure customers are directed to the correct application based on their location.How can this be achieved?'}, {'_class': 'assessment', 'original_assessment_id': 4842446, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>An origin is the origin of the files that the CDN will distribute</li> \t<li>Origins can be either an S3 bucket, an EC2 instance, and Elastic Load Balancer, or Route 53 – can also be external (non-AWS)</li> \t<li>When using Amazon S3 as an origin you place all of your objects within the bucket</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> </ul>', 'question': '<p>You are looking for a method to distribute onboarding videos to your company’s numerous remote workers around the world. The training videos are located in an S3 bucket that is not publicly accessible. Which of the options below would allow you to share the videos?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use ElastiCache and attach the S3 bucket as a cache origin\xa0 \xa0 </p>', '<p>Use CloudFront and use a custom origin pointing to an EC2 instance\xa0 \xa0 </p>', '<p>Use a Route 53 Alias record the points to the S3 bucket\xa0 \xa0 </p>', '<p>Use CloudFront and set the S3 bucket as an origin\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232051, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['d'], 'question_plain': 'You are looking for a method to distribute onboarding videos to your company’s numerous remote workers around the world. The training videos are located in an S3 bucket that is not publicly accessible. Which of the options below would allow you to share the videos?'}, {'_class': 'assessment', 'original_assessment_id': 4842506, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Sticky Sessions with ALB: <ul> \t<li>Session stickiness uses cookies and ensures a client is bound to an individual back-end instance for the duration of the cookie lifetime</li> \t<li>ALB supports load balancer-generated cookies only</li> \t<li>The name of the cookie is AWSALB</li> \t<li>The contents of these cookies are encrypted using a rotating key</li> \t<li>You cannot decrypt or modify load balancer-generated cookies</li> \t<li>Sticky sessions are enabled at the target group level</li> \t<li>You can also set the duration for the stickiness of the load balancer-generated cookie, in seconds</li> \t<li>WebSockets connections are inherently sticky (following the upgrade process)</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>An application you manage uses and Elastic Load Balancer (ELB) and you need to enable session affinity. You are using the Application Load Balancer type and need to understand how the sticky sessions feature works.\xa0Which of the statements below are correct in relation to sticky sessions? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Cookies can be inserted by the application or by the load balancer when configured\xa0 \xa0 </p>', '<p>With application-inserted cookies if the back-end instance becomes unhealthy, new requests will be routed by the load balancer normally\xa0 \xa0 </p>', '<p>ALB supports load balancer-generated cookies only\xa0 \xa0 </p>', '<p>Sticky sessions are enabled at the target group level\xa0 \xa0 </p>', '<p>The name of the cookie is AWSSTICKY</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232053, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['c', 'd'], 'question_plain': 'An application you manage uses and Elastic Load Balancer (ELB) and you need to enable session affinity. You are using the Application Load Balancer type and need to understand how the sticky sessions feature works.\xa0Which of the statements below are correct in relation to sticky sessions? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4842546, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The best option is to create multiple queues and configure the application to place orders onto a specific queue based on the level of service. You then configure the back-end instances to poll these queues in order or priority so they pick up the higher priority jobs first</li> \t<li>Option 2 is incorrect as creating a mixture of queue types is not the best way to separate the messages and there is nothing in this option that explains how the messages would be picked up in the right order</li> \t<li>Option 3 is incorrect as standard queues offer best-effort ordering so there’s no guarantee that the messages would be picked up in the correct order</li> \t<li>The last option is bogus as the options here don’t help you at all</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/</a></li> </ul>', 'question': '<p>A client is in the design phase of developing an application that will process orders for their online ticketing system. The application will use a number of front-end EC2 instances that pick-up orders and place them in a queue for processing by another set of back-end EC2 instances. The client will have multiple options for customers to choose the level of service they want to pay for. The client has asked how he can design the application to process the orders in a prioritized way based on the level of service the customer has chosen\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Create multiple SQS queues, configure the front-end application to place orders onto a specific queue based on the level of service requested and configure the back-end instances to sequentially poll the queues in order of priority\xa0 \xa0 </p>', '<p>Create a combination of FIFO queues and Standard queues and configure the applications to place messages into the relevant queue based on priority\xa0 \xa0 </p>', '<p>Create a single SQS queue, configure the front-end application to place orders on the queue in order of priority and configure the back-end instances to poll the queue and pick up messages in the order they are presented\xa0 \xa0 </p>', '<p>Create multiple SQS queues, configure exactly-once processing and set the maximum visibility timeout to 12 hours\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232055, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:49Z', 'created': '2018-11-26T03:26:49Z', 'correct_response': ['a'], 'question_plain': 'A client is in the design phase of developing an application that will process orders for their online ticketing system. The application will use a number of front-end EC2 instances that pick-up orders and place them in a queue for processing by another set of back-end EC2 instances. The client will have multiple options for customers to choose the level of service they want to pay for. The client has asked how he can design the application to process the orders in a prioritized way based on the level of service the customer has chosen'}, {'_class': 'assessment', 'original_assessment_id': 4842604, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can take a snapshot, launch an instance in the destination AZ. Stop the instance, detach its root volume, create a volume from the snapshot you took and attach it to the instance. However, this is not the best option</li> \t<li>The easiest and recommended option is to create an AMI (image) from the instance and launch an instance from the AMI in the other AZ. AMIs are backed by snapshots which in turn are backed by S3 so the data is available from any AZ within the region</li> \t<li>There’s no way to move an EC2 instance from the management console</li> \t<li>You cannot perform a copy operation to move the instance</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://aws.amazon.com/premiumsupport/knowledge-center/move-ec2-instance/">https://aws.amazon.com/premiumsupport/knowledge-center/move-ec2-instance/</a></li> </ul>', 'question': '<p>An EBS-backed EC2 instance has been configured with some proprietary software that uses an embedded license. You need to move the EC2 instance to another Availability Zone (AZ) within the region. How can this be accomplished? Choose the best answer.\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Take a snapshot of the instance. Create a new EC2 instance and perform a restore from the snapshot\xa0 \xa0 </p>', '<p>Create an image from the instance. Launch an instance from the AMI in the destination AZ\xa0 \xa0 </p>', '<p>Use the AWS Management Console to select a different AZ for the existing instance\xa0 \xa0 </p>', '<p>Perform a copy operation to move the EC2 instance to the destination AZ\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232057, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['b'], 'question_plain': 'An EBS-backed EC2 instance has been configured with some proprietary software that uses an embedded license. You need to move the EC2 instance to another Availability Zone (AZ) within the region. How can this be accomplished? Choose the best answer.'}, {'_class': 'assessment', 'original_assessment_id': 4842662, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You cannot create a deny rule with a security group</li> \t<li>You cannot use the route table to create security rules</li> \t<li>NAT Gateways are used for allowing instances in private subnets to access the Internet, they do not provide any inbound services</li> \t<li>Network ACLs can be used to apply deny rules to lists of specific IP addresses</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>A member of the security team in your organization has brought an issue to your attention. External monitoring tools have noticed some suspicious traffic coming from a small number of identified public IP addresses. The traffic is destined for multiple resources in your VPC. What would be the easiest way to temporarily block traffic from the IP addresses to any resources in your VPC?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Add a rule in each Security Group that is associated with the affected resources that denies traffic from the identified IP addresses\xa0 \xa0 </p>', '<p>Add a rule in the VPC route table that denies access to the VPC from the identified IP addresses\xa0 \xa0 </p>', '<p>Add a rule to the Network ACL to deny traffic from the identified IP addresses. Ensure all subnets are associated with the Network ACL\xa0 \xa0 </p>', '<p>Configure the NAT Gateway to deny traffic from the identified IP addresses\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232059, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['c'], 'question_plain': 'A member of the security team in your organization has brought an issue to your attention. External monitoring tools have noticed some suspicious traffic coming from a small number of identified public IP addresses. The traffic is destined for multiple resources in your VPC. What would be the easiest way to temporarily block traffic from the IP addresses to any resources in your VPC?'}, {'_class': 'assessment', 'original_assessment_id': 4842798, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>According to the latest information, AWS no longer require random prefixes as they have improved S3 so that it can scale to higher throughput and per prefix</li> \t<li>Caution is required as the exam may not yet reflect these changes</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/about-aws/whats-new/2018/07/amazon-s3-announces-increased-request-rate-performance/">https://aws.amazon.com/about-aws/whats-new/2018/07/amazon-s3-announces-increased-request-rate-performance/</a></li> </ul>', 'question': '<p>You are designing a solution for an application that will read and write large amounts of data to S3. You are expecting high throughput that may exceed 1000 requests per second and need the performance of S3 to scale. What is AWS’s current advice for designing your S3 storage strategy to ensure fast performance?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use a random prefix on objects to improve performance\xa0 \xa0 </p>', '<p>There is no longer a need to use random prefixes as S3 scales per prefix and the performance required is well within the S3 performance limitations\xa0 \xa0 </p>', '<p>You must use CloudFront for caching objects at this scale as S3 cannot provide this level of performance\xa0 \xa0 </p>', '<p>Enable an object cache on S3 to ensure performance at this scale\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232061, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['b'], 'question_plain': 'You are designing a solution for an application that will read and write large amounts of data to S3. You are expecting high throughput that may exceed 1000 requests per second and need the performance of S3 to scale. What is AWS’s current advice for designing your S3 storage strategy to ensure fast performance?'}, {'_class': 'assessment', 'original_assessment_id': 4842862, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>IAM is universal (global) and does not apply to regions</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. One of your clients is expanding their operations into multiple AWS regions around the world. The client has requested some advice on how to leverage their existing AWS Identity and Access Management (IAM) configuration in other AWS regions. What advice would you give to your client?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>IAM is a global service and the client can use users, groups, roles, and policies in any AWS region\xa0 \xa0 </p>', '<p>IAM is a regional service and the client will need to copy the configuration items required across to other AWS regions\xa0 \xa0 </p>', '<p>The client will need to create a VPC peering configuration with each remote AWS region and then allow IAM access across regions\xa0 \xa0 </p>', '<p>The client can use Amazon Cognito to create a single sign-on configuration across multiple AWS regions\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232063, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['a'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. One of your clients is expanding their operations into multiple AWS regions around the world. The client has requested some advice on how to leverage their existing AWS Identity and Access Management (IAM) configuration in other AWS regions. What advice would you give to your client?'}, {'_class': 'assessment', 'original_assessment_id': 5929076, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Query string parameters cause CloudFront to forward query strings to the origin and to cache based on the language parameter</li> \t<li>Signed URLs and Cookies provide additional control over access to content</li> \t<li>Origin access identities are used to control access to CloudFront distributions</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html">https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> </ul>', 'question': '<p>Your organization is deploying a multi-language website on the AWS Cloud. The website uses CloudFront as the front-end and the language is specified in the HTTP request:</p><p>·\xa0\xa0\xa0\xa0\xa0\xa0 http://d12345678aabbcc0.cloudfront.net/main.html?language=en</p><p>·\xa0\xa0\xa0\xa0\xa0\xa0 http://d12345678aabbcc0.cloudfront.net/main.html?language=sp</p><p>·\xa0\xa0\xa0\xa0\xa0\xa0 http://d12345678aabbcc0.cloudfront.net/main.html?language=fr</p><p>You need to configure CloudFront to deliver the cached content. What method can be used?</p>', 'relatedLectureIds': '', 'answers': ['<p>Signed URLs\xa0 \xa0 </p>', '<p>Query string parameters\xa0 \xa0 </p>', '<p>Origin Access Identity\xa0 \xa0 </p>', '<p>Signed Cookies\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232065, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['b'], 'question_plain': 'Your organization is deploying a multi-language website on the AWS Cloud. The website uses CloudFront as the front-end and the language is specified in the HTTP request:·\xa0\xa0\xa0\xa0\xa0\xa0 http://d12345678aabbcc0.cloudfront.net/main.html?language=en·\xa0\xa0\xa0\xa0\xa0\xa0 http://d12345678aabbcc0.cloudfront.net/main.html?language=sp·\xa0\xa0\xa0\xa0\xa0\xa0 http://d12345678aabbcc0.cloudfront.net/main.html?language=frYou need to configure CloudFront to deliver the cached content. What method can be used?'}, {'_class': 'assessment', 'original_assessment_id': 5929078, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>A VPC automatically comes with a modifiable default network ACL. By default, it allows all inbound and outbound IPv4 traffic. Custom network ACLs deny everything inbound and outbound by default but in this case a default network ACL is being used</li> \t<li>Inbound connections to web servers will be coming in on port 443 from the Internet so creating a security group to allow this port from 0.0.0.0/0 and applying it to the web servers will allow this traffic</li> \t<li>The MySQL DB will be listening on port 3306. Therefore, the security group that is applied to the DB servers should allow 3306 inbound from the web servers security group</li> \t<li>The DB server is listening on 3006 so creating a rule allowing 443 inbound will not help</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>A company hosts a popular web application that connects to an Amazon RDS MySQL DB instance running in a private VPC subnet that was created with default ACL settings. The web servers must be accessible only to customers on an SSL connection. The database should only be accessible to web servers in a public subnet.\xa0</p><p>Which solution meets these requirements without impacting other running applications? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ["<p>Create a network ACL on the web server's subnet, allow HTTPS port 443 inbound, and specify the source as 0.0.0.0/0\xa0 \xa0 </p>", '<p>Create a web server security group that allows HTTPS port 443 inbound traffic from Anywhere (0.0.0.0/0) and apply it to the web servers\xa0 \xa0 </p>', '<p>Create a DB server security group that allows MySQL port 3306 inbound and specify the source as a web server security group\xa0 \xa0 </p>', '<p>Create a network ACL on the DB subnet, allow MySQL port 3306 inbound for web servers, and deny all outbound traffic\xa0 \xa0 </p>', '<p>Create a DB server security group that allows the HTTPS port 443 inbound and specify the source as a web server security group\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232067, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['b', 'c'], 'question_plain': 'A company hosts a popular web application that connects to an Amazon RDS MySQL DB instance running in a private VPC subnet that was created with default ACL settings. The web servers must be accessible only to customers on an SSL connection. The database should only be accessible to web servers in a public subnet.\xa0Which solution meets these requirements without impacting other running applications? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5929082, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>IAM roles for ECS tasks enabled you to secure your infrastructure by assigning an IAM role directly to the ECS task rather than to the EC2 container instance. This means you can have one task that uses a specific IAM role for access to S3 and one task that uses an IAM role to access DynamoDB</li> \t<li>With IAM roles for EC2 instances you assign all of the IAM policies required by tasks in the cluster to the EC2 instances that host the cluster. This does not allow the secure separation requested</li> \t<li>An instance profile is a container for an IAM role that you can use to pass role information to an EC2 instance when the instance starts. Again, this does not allow the secure separation requested</li> \t<li>Network ACLs are applied at the subnet level and would not assist here</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/blogs/compute/help-secure-container-enabled-applications-with-iam-roles-for-ecs-tasks/">https://aws.amazon.com/blogs/compute/help-secure-container-enabled-applications-with-iam-roles-for-ecs-tasks/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> </ul>', 'question': '<p>A Solutions Architect is designing a shared service for hosting containers from several customers on Amazon ECS. These containers will use several AWS services. A container from one customer must not be able to access data from another customer. </p><p>Which solution should the Architect use to meet the requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>IAM roles for tasks\xa0 \xa0 </p>', '<p>IAM roles for EC2 instances\xa0 \xa0 </p>', '<p>IAM Instance Profile for EC2 instances\xa0 \xa0 </p>', '<p>Network ACLs</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232069, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['a'], 'question_plain': 'A Solutions Architect is designing a shared service for hosting containers from several customers on Amazon ECS. These containers will use several AWS services. A container from one customer must not be able to access data from another customer. Which solution should the Architect use to meet the requirements?'}, {'_class': 'assessment', 'original_assessment_id': 5929086, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache for DynamoDB that delivers up to a 10x performance improvement – from milliseconds to microseconds – even at millions of requests per second</li> \t<li>DynamoDB provides millisecond performance and is not an in-memory DB</li> \t<li>Amazon RDS is not an in-memory DB, nor does it provide microsecond performance</li> \t<li>Amazon RedShift is not an in-memory DB, nor does it provide microsecond performance</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/dynamodb/dax/">https://aws.amazon.com/dynamodb/dax/</a></li> </ul>', 'question': '<p>A developer is creating a solution for a real-time bidding application for a large retail company that allows users to bid on items of end-of-season clothing. The application is expected to be extremely popular and the back-end database should provide in-memory read performance microsecond response times.</p><p>What database solution should be deployed?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon RDS\xa0 \xa0 </p>', '<p>Amazon RedShift\xa0 \xa0 </p>', '<p>Amazon DynamoDB\xa0 \xa0 </p>', '<p>Amazon DAX\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232071, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['d'], 'question_plain': 'A developer is creating a solution for a real-time bidding application for a large retail company that allows users to bid on items of end-of-season clothing. The application is expected to be extremely popular and the back-end database should provide in-memory read performance microsecond response times.What database solution should be deployed?'}, {'_class': 'assessment', 'original_assessment_id': 5929088, 'related_lectures': [], 'prompt': {'explanation': 'ul> \t<li>Amazon RedShift Enhanced VPC routing forces all COPY and UNLOAD traffic between clusters and data repositories through a VPC</li> \t<li>Implementing an S3 VPC endpoint will allow S3 to be accessed from other AWS services without traversing the public network</li> \t<li>Amazon S3 uses the Gateway Endpoint type of VPC endpoint with which a target for a specified route is entered into the VPC route table and used for traffic destined to a supported AWS service</li> \t<li>Cluster Security Groups are used with RedShift on EC2-Classic VPCs, regular security groups are used in EC2-VPC</li> \t<li>A NAT Gateway is used to allow instances in a private subnet to access the Internet and is of no use in this situation</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html">https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>An application you manage exports data from a relational database into an S3 bucket. The data analytics team wants to import this data into a RedShift cluster in a VPC in the same account. Due to the data being sensitive the security team has instructed you to ensure that the data traverses the VPC without being routed via the public Internet.</p><p> What combination of actions would meet this requirement? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Enable Amazon RedShift Enhanced VPC routing\xa0 \xa0 </p>', '<p>Create a cluster Security Group to allow the Amazon RedShift cluster to access Amazon S3\xa0 \xa0 </p>', '<p>Create a NAT gateway in a public subnet to allows the Amazon RedShift cluster to access Amazon S3\xa0 \xa0 </p>', '<p>Set up a NAT gateway in a private subnet to allow the Amazon RedShift cluster to access Amazon S3\xa0 \xa0 </p>', '<p>Create and configure an Amazon S3 VPC endpoint\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232073, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['a', 'e'], 'question_plain': 'An application you manage exports data from a relational database into an S3 bucket. The data analytics team wants to import this data into a RedShift cluster in a VPC in the same account. Due to the data being sensitive the security team has instructed you to ensure that the data traverses the VPC without being routed via the public Internet. What combination of actions would meet this requirement? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5929220, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The cooldown period is a configurable setting for your Auto Scaling group that helps to ensure that it doesn\'t launch or terminate additional instances before the previous scaling activity takes effect so this would help. After the Auto Scaling group dynamically scales using a simple scaling policy, it waits for the cooldown period to complete before resuming scaling activities</li> \t<li>The CloudWatch Alarm Evaluation Period is the number of the most recent data points to evaluate when determining alarm state. This would help as you can increase the number of datapoints required to trigger an alarm</li> \t<li>The order in which Auto Scaling terminates instances is not the issue here, the problem is that the workload is dynamic and Auto Scaling is constantly reacting to change and launching or terminating instances</li> </ul> <strong>References:</strong> <ul> \t<li style="margin-top: 0; margin-bottom: 0; vertical-align: middle;"><a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation"><span style="font-family: Calibri; font-size: 11.0pt;" lang="en-US">https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation</span></a></li> \t<li style="margin-top: 0; margin-bottom: 0; vertical-align: middle;"><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/"><span style="font-family: Calibri; font-size: 11.0pt;" lang="en-US">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</span></a></li> </ul>', 'question': '<p>An application you manage uses Auto Scaling and a fleet of EC2 instances. You recently noticed that Auto Scaling is scaling the number of instances up and down multiple times in the same hour. You need to implement a remediation to reduce the amount of scaling events. The remediation must be cost-effective and preserve elasticity</p><p>What design changes would you implement? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Modify the Auto Scaling group cool-down timers\xa0 \xa0 </p>', '<p>Modify the Auto Scaling group termination policy to terminate the oldest instance first\xa0 \xa0 </p>', '<p>Modify the Auto Scaling group termination policy to terminate the newest instance first\xa0 \xa0 </p>', '<p>Modify the CloudWatch alarm period that triggers your Auto Scaling scale down policy\xa0 \xa0 </p>', '<p>Modify the Auto Scaling policy to use scheduled scaling actions\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232075, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:26:50Z', 'created': '2018-11-26T03:26:50Z', 'correct_response': ['a', 'd'], 'question_plain': 'An application you manage uses Auto Scaling and a fleet of EC2 instances. You recently noticed that Auto Scaling is scaling the number of instances up and down multiple times in the same hour. You need to implement a remediation to reduce the amount of scaling events. The remediation must be cost-effective and preserve elasticityWhat design changes would you implement? (choose 2)'}], 'next': None, 'count': 65, 'previous': None}, 'type': 'practice-test'}, {'title': 'AWS Certified Solutions Architect - Associate: Test 3', 'quiz_data': {'results': [{'_class': 'assessment', 'original_assessment_id': 4869124, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Each AWS Direct Connect connection can be configured with one or more virtual interfaces (VIFs)</li> \t<li>Public VIFs allow access to public services such as S3, EC2, and DynamoDB</li> \t<li>Private VIFs allow access to your VPC</li> \t<li>Must use public IP addresses on public VIFs</li> \t<li>Must use private IP addresses on private VIFs</li> \t<li>You can establish IPSec connections over public VIFs to remote regions</li> \t<li>AWS Direct Connect supports both single (IPv4) and dual stack (IPv4/IPv6) configurations on public and private VIFs</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/aws-direct-connect/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/aws-direct-connect/</a></li> </ul>', 'question': '<p>A company are moving to a hybrid cloud model and will be setting up private links between all cloud data centers. An Architect needs to determine the connectivity options available when using AWS Direct Connect when using public and private VIFs?</p><p>Which options are available to the Architect (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>You can connect to AWS services over the private VIF\xa0 \xa0 </p>', '<p>You can connect to your private VPC subnets over the public VIF\xa0 \xa0 </p>', '<p>You can connect to your private VPC subnets over the private VIF, and to Public AWS services over the public VIF\xa0 \xa0 </p>', '<p>You can substitute your internet connection at your DC with AWS’s public Internet through the use of a NAT gateway in your VPC\xa0 \xa0 </p>', '<p>Once connected to your VPC through Direct connect you can connect to all AZs within the region\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232077, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c', 'e'], 'question_plain': 'A company are moving to a hybrid cloud model and will be setting up private links between all cloud data centers. An Architect needs to determine the connectivity options available when using AWS Direct Connect when using public and private VIFs?Which options are available to the Architect (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869130, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CloudTrail is for auditing (CloudWatch is for performance monitoring)</li> \t<li>CloudTrail is about logging and saves a history of API calls for your AWS account</li> \t<li>Provides visibility into user activity by recording actions taken on your account</li> \t<li>API history enables security analysis, resource change tracking, and compliance auditing</li> \t<li>CloudTrail Logs API calls made via:</li> \t<li>- AWS Management Console</li> \t<li>- AWS SDKs</li> \t<li>- Command line tools</li> \t<li>- Higher-level AWS services (such as CloudFormation)</li> \t<li>CloudTrail records account activity and service events from most AWS services and logs the following records:</li> \t<li>- The identity of the API caller</li> \t<li>- The time of the API call</li> \t<li>- The source IP address of the API caller</li> \t<li>- The request parameters</li> \t<li>- The response elements returned by the AWS service</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudtrail/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudtrail/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru and you have been tasked with designing a new service on AWS. You need to determine which AWS services can log API calls and provide data that can be used for auditing and compliance purposes.\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon S3\xa0 \xa0 </p>', '<p>CloudTrail</p>', '<p>Kinesis</p>', '<p>CloudWatch</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232079, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru and you have been tasked with designing a new service on AWS. You need to determine which AWS services can log API calls and provide data that can be used for auditing and compliance purposes.'}, {'_class': 'assessment', 'original_assessment_id': 4869132, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS currently supports enhanced networking capabilities using SR-IOV</li> \t<li>SR-IOV provides direct access to network adapters, provides higher performance (packets-per-second) and lower latency</li> \t<li>Must launch an HVM AMI with the appropriate drivers</li> \t<li>Only available for certain instance types</li> \t<li>Only supported in VPC</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>You would like to deploy EC2 instance with enhanced networking. What are the pre-requisites for using enhanced networking? (Choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Instances must be launched from a HVM AMI\xa0 \xa0 </p>', '<p>Instances must be launched from a PV AMI\xa0 \xa0 </p>', '<p>Instances must be launched in a VPC\xa0 \xa0 </p>', '<p>Instances must be EBS backed, not Instance-store backed\xa0 \xa0 </p>', '<p>Instances must be of T2 Micro type\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232081, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a', 'c'], 'question_plain': 'You would like to deploy EC2 instance with enhanced networking. What are the pre-requisites for using enhanced networking? (Choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869136, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Snapshots capture a point-in-time state of an instance</li> \t<li>Snapshots are stored on S3</li> \t<li>To take a consistent snapshot writes must be stopped (paused) until the snapshot is complete – if not possible the volume needs to be detached, or if it’s an EBS root volume the instance must be stopped</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You have been asked to take a snapshot of a non-root EBS volume that contains sensitive corporate data. It is essential that you capture a consistent snapshot of the EBS volume without disrupting the instance operation. What is the best way to achieve this?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Take the snapshot while the EBS volume is attached and the instance is running\xa0 \xa0 </p>', '<p>Un-mount the EBS volume, take the snapshot, then re-mount it again\xa0 \xa0 </p>', '<p>Stop the instance and take the snapshot\xa0 \xa0 </p>', '<p>You can’t take a snapshot for a non-root EBS volume\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232083, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'You have been asked to take a snapshot of a non-root EBS volume that contains sensitive corporate data. It is essential that you capture a consistent snapshot of the EBS volume without disrupting the instance operation. What is the best way to achieve this?'}, {'_class': 'assessment', 'original_assessment_id': 4869138, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS recommend that you always use the default predefined security policy</li> \t<li>When choosing a custom security policy you can select the ciphers and protocols (only for CLB)</li> \t<li>Security groups and network ACLs are security controls that apply to instances and subnets</li> \t<li>AES 256 is an encryption protocol, not a policy</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You are implementing an Elastic Load Balancer (ELB)\xa0for an application that will use encrypted communications. What two types of security policies are supported by the Elastic Load Balancer for SSL negotiations between the ELB and clients? (Choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Custom security policies\xa0 \xa0 </p>', '<p>ELB predefined Security policies\xa0 \xa0 </p>', '<p>Security groups\xa0 \xa0 </p>', '<p>None of the answers are correct</p>', '<p>AES\xa0256</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232085, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a', 'b'], 'question_plain': 'You are implementing an Elastic Load Balancer (ELB)\xa0for an application that will use encrypted communications. What two types of security policies are supported by the Elastic Load Balancer for SSL negotiations between the ELB and clients? (Choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869140, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Simple Queue Service (Amazon SQS) is a web service that gives you access to message queues that store messages waiting to be processed</li> \t<li>SQS offers a reliable, highly-scalable, hosted queue for storing messages in transit between computers</li> \t<li>SQS is used for distributed/decoupled applications</li> \t<li>Can be used with RedShift, DynamoDB, EC2, ECS, RDS, S3 and Lambda</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/</a></li> </ul>', 'question': '<p>You have been asked to design a cloud-native application architecture using AWS services. What is a typical use case for SQS?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Decoupling application components to ensure that there is no dependency on the availability of a single component\xa0 \xa0 </p>', '<p>Providing fault tolerance for S3\xa0 \xa0 </p>', '<p>Co-ordination of work items between different human and non-human workers\xa0 \xa0 </p>', '<p>Sending emails to clients when a job is completed\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232087, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'You have been asked to design a cloud-native application architecture using AWS services. What is a typical use case for SQS?'}, {'_class': 'assessment', 'original_assessment_id': 4869144, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Maintenance windows are configured to allow DB instance modifications to take place such as scaling and software patching (some operations require the DB instance to be taken offline briefly)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>A critical database runs in your VPC for which availability is a concern. Which RDS DB instance events may force the DB to be taken offline during a maintenance window?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Selecting the Multi-AZ feature\xa0 \xa0 </p>', '<p>Promoting a Read Replica\xa0 \xa0 </p>', '<p>Security patching\xa0 \xa0 </p>', '<p>Updating DB parameter groups\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232089, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'A critical database runs in your VPC for which availability is a concern. Which RDS DB instance events may force the DB to be taken offline during a maintenance window?'}, {'_class': 'assessment', 'original_assessment_id': 4869148, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Dynamo DB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability</li> \t<li>Provides low read and write latency</li> \t<li>SSD based and uses limited indexing on attributes for performance</li> \t<li>DynamoDB can do 10,000/40,000 (depends on region) write or read capacity units per second</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>You are working on a database migration plan from an on-premise data center that includes a variety of databases that are being used for diverse purposes. You are trying to map each database to the correct service in AWS.</p><p>Which of the below use cases are a good fit for DynamoDB (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Complex queries and joins\xa0 \xa0 </p>', '<p>Large amounts of dynamic\xa0data that require very low latency\xa0 \xa0 </p>', '<p>Rapid ingestion of clickstream data\xa0 \xa0 </p>', '<p>Backup for on-premises Oracle DB\xa0 \xa0 </p>', '<p>Migration from a Microsoft SQL relational database\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232091, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b', 'c'], 'question_plain': 'You are working on a database migration plan from an on-premise data center that includes a variety of databases that are being used for diverse purposes. You are trying to map each database to the correct service in AWS.Which of the below use cases are a good fit for DynamoDB (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869156, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Access keys are a combination of an access key ID and a secret access key</li> \t<li>You can assign two active access keys to a user at a time</li> \t<li>These can be used to make programmatic calls to AWS when using the API in program code or at a command prompt when using the AWS CLI or the AWS PowerShell tools</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>You work for Digital Cloud Guru and have just created a number of IAM users in your AWS account. You need to ensure that the users are able to make API calls to AWS services. What else needs to be done?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Set a password for each user\xa0 \xa0 </p>', '<p>Create a set of Access Keys for the users\xa0 \xa0 </p>', '<p>Enable Multi-Factor Authentication for the users\xa0 \xa0 </p>', '<p>Create a group and add the users to it\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232093, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'You work for Digital Cloud Guru and have just created a number of IAM users in your AWS account. You need to ensure that the users are able to make API calls to AWS services. What else needs to be done?'}, {'_class': 'assessment', 'original_assessment_id': 4869158, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ENIs can be “hot attached” to running instances</li> \t<li>ENIs can be “warm-attached” when the instance is stopped</li> \t<li>ENIs can be “cold-attached” when the instance is launched</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>You need to connect some EC2 instances to the Internet using public addresses and need to attach an Elastic Network Interface (ENI). At which instance state are you able to attach an ENI to an EC2 instance? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>When the instance is running (warm attach)\xa0 \xa0 </p>', '<p>While the instance is running (hot attach)\xa0 \xa0 </p>', '<p>When the instance is stopped (warm attach)\xa0 \xa0 </p>', '<p>When the instance is terminating (hot attach)\xa0 \xa0 </p>', '<p>When the instance is launched (hot attach)\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232095, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b', 'c'], 'question_plain': 'You need to connect some EC2 instances to the Internet using public addresses and need to attach an Elastic Network Interface (ENI). At which instance state are you able to attach an ENI to an EC2 instance? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869160, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Client side – encrypted on the client side and transferred in an encrypted state</li> \t<li>Server-Side Encryption – data is encrypted by S3 before it is written to disk (data is decrypted when it is downloaded)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>A new security mandate requires that all personnel data held in the cloud is encrypted at rest. What two methods would allow you to encrypt data stored in S3 buckets at rest (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use AWS S3 server-side encryption with Key Management Service keys or Customer-provided keys\xa0 \xa0 </p>', "<p>Encrypt the data at the source using the client's CMK keys before transferring it to S3\xa0 \xa0 </p>", '<p>Make use of AWS S3 bucket policies to control access to the data at rest\xa0 \xa0 </p>', '<p>Use Multipart upload with SSL\xa0 \xa0 </p>', '<p>Use CloudHSM</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232097, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a', 'b'], 'question_plain': 'A new security mandate requires that all personnel data held in the cloud is encrypted at rest. What two methods would allow you to encrypt data stored in S3 buckets at rest (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869162, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Placement groups are a logical grouping of instances in one of the following configurations:</li> \t<li>- Cluster—clusters instances into a low-latency group in a single AZ</li> \t<li>- Spread—spreads instances across underlying hardware (can span AZs)</li> \t<li>Recommended for applications that benefit from low latency and high bandwidth</li> \t<li>Recommended to use an instance type that supports enhanced networking</li> \t<li>Instances within a placement group can communicate with each other using private or public IP addresses</li> \t<li>Best performance is achieved when using private IP addresses</li> \t<li>Using public IP addresses the performance is limited to 5Gbps or less</li> \t<li>I/O optimized instances are more geared towards storage performance than network performance</li> \t<li>Dedicated hosts might ensure close proximity of instances but would not be cost efficient</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>You have been asked to deploy a new High-Performance Computing (HPC) cluster. You need to create a design for the EC2 instances that ensures close proximity, low latency and high network throughput.</p><p>Which AWS features will help you to achieve this requirement whilst considering cost? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Launch I/O Optimized EC2 instances in one private subnet in an AZ\xa0 \xa0 </p>', '<p>Use EC2 instances with Enhanced Networking\xa0 \xa0 </p>', '<p>Use Provisioned IOPS EBS volumes\xa0 \xa0 </p>', '<p>Use Placement groups\xa0 \xa0 </p>', '<p>Use dedicated hosts\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232099, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b', 'd'], 'question_plain': 'You have been asked to deploy a new High-Performance Computing (HPC) cluster. You need to create a design for the EC2 instances that ensures close proximity, low latency and high network throughput.Which AWS features will help you to achieve this requirement whilst considering cost? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869174, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS CloudFormation is a service that gives developers and businesses an easy way to create a collection of related AWS resources and provision them in an orderly and predictable fashion</li> \t<li>CloudFormation can be used to provision a broad range of AWS resources</li> \t<li>Think of CloudFormation as deploying infrastructure as code</li> \t<li>Uses templates: <ul> \t<li>Architectural designs</li> \t<li>Create, update and delete templates</li> \t<li>Written in JSON or YAML</li> \t<li>CloudFormation determines the order of provisioning</li> \t<li>Don’t need to worry about dependencies</li> \t<li>Modify and updates templates in a controlled way (version control)</li> \t<li>Designer allows you to visualise using a drag and drop interface</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/</a></li> </ul>', 'question': '<p>Which service uses a simple text file to model and provision infrastructure resources, in an automated and secure manner?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Simple Workflow Service\xa0 \xa0 </p>', '<p>ElasticBeanstalk\xa0 \xa0 </p>', '<p>CloudFormation\xa0 \xa0 </p>', '<p>OpsWorks\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232101, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'Which service uses a simple text file to model and provision infrastructure resources, in an automated and secure manner?'}, {'_class': 'assessment', 'original_assessment_id': 4869178, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>DynamoDB can be used for storing session state</li> \t<li>Elasticache can be used for storing session state</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru and have been tasked with designing a 3-tier web application that is highly available and stateless. Which of the services below would you consider for storing the session state data? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>DynamoDB</p>', '<p>RDS</p>', '<p>ElastiCache</p>', '<p>RedShift</p>', '<p>EFS</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232103, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a', 'c'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru and have been tasked with designing a 3-tier web application that is highly available and stateless. Which of the services below would you consider for storing the session state data? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869182, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>If any health check returns an unhealthy status the instance will be terminated</li> \t<li>If connection draining is enabled, Auto Scaling waits for in-flight requests to complete or timeout before terminating instances</li> \t<li>Unlike AZ rebalancing, termination of unhealthy instances happens first, then Auto Scaling attempts to launch new instances to replace terminated instances</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>An EC2 instance in an Auto Scaling group that has been reported as unhealthy has been marked for replacement. What is the process Auto Scaling uses to replace the instance? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>If connection draining is enabled, Auto Scaling will wait for in-flight connections to complete or timeout</p>', '<p>Auto Scaling has to launch a replacement first before it can terminate the unhealthy instance\xa0 \xa0 </p>', '<p>Auto Scaling will terminate the existing instance before launching a replacement instance</p>', '<p>Auto Scaling has to perform rebalancing first, and then terminate the instance\xa0 \xa0 </p>', '<p>Auto Scaling will send a notification to the administrator\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232105, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a', 'c'], 'question_plain': 'An EC2 instance in an Auto Scaling group that has been reported as unhealthy has been marked for replacement. What is the process Auto Scaling uses to replace the instance? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869186, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Lambda lets you run code as functions without provisioning or managing servers</li> \t<li>With serverless computing, your application still runs on servers, but all the server management is done by AWS</li> \t<li>You cannot log in to the compute instances that run Lambda functions or customize the operating system or language runtime</li> \t<li>Priced based on: <ul> \t<li>Number of requests. First 1 million are free then $0.20 per 1 million</li> \t<li>Calculated from the time your code begins execution until it returns or terminates. Depends on the amount of memory allocated to a function</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/</a></li> </ul>', 'question': '<p>You have been asked to describe the benefits of using AWS Lambda compared to EC2 instances. Which of the below statements are incorrect?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>With AWS lambda, the client is responsible for launching and administering the underlying AWS compute infrastructure\xa0 \xa0 </p>', '<p>AWS Lambda scales automatically\xa0 \xa0 </p>', '<p>With AWS Lambda the customer does not have any responsibility for deploying and managing the compute infrastructure\xa0 \xa0 </p>', '<p>With AWS Lambda you only pay for what you use\xa0 \xa0 </p>', '<p>AWS Lambda runs on highly available infrastructure\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232107, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'You have been asked to describe the benefits of using AWS Lambda compared to EC2 instances. Which of the below statements are incorrect?'}, {'_class': 'assessment', 'original_assessment_id': 4869188, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and existing Business Intelligence (BI) tools</li> \t<li>RedShift is a SQL based data warehouse used for analytics applications</li> \t<li>RedShift is an Online Analytics Processing (OLAP) type of DB</li> \t<li>RedShift is used for running complex analytic queries against petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance local disks, and massively parallel query execution</li> \t<li>RedShift is ideal for processing large amounts of data for business intelligence</li> \t<li>RedShift is 10x faster than a traditional SQL DB</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/</a></li> </ul>', 'question': '<p>An application architect has requested some assistance with selecting a database for a new requirement. The database must provide high performance and scalability. The data will be structured and persistent and the DB must support complex queries using SQL and BI tools.</p><p>Which AWS service will you recommend?</p>', 'relatedLectureIds': '', 'answers': ['<p>DynamoDB</p>', '<p>RDS</p>', '<p>ElastiCache</p>', '<p>RedShift</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232109, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['d'], 'question_plain': 'An application architect has requested some assistance with selecting a database for a new requirement. The database must provide high performance and scalability. The data will be structured and persistent and the DB must support complex queries using SQL and BI tools.Which AWS service will you recommend?'}, {'_class': 'assessment', 'original_assessment_id': 4869192, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Connection draining is enabled by default and provides a period of time for existing connections to close cleanly</li> \t<li>When connection draining is in action an CLB will be in the status “InService: Instance deregistration currently in progress”</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You have an unhealthy EC2 instance attached to an ELB that is being taken out of service. While the EC2 instance is being de-registered from the ELB, which ELB feature will cause the ELB to stop sending any new requests to the EC2 instance whilst allowing in-flight sessions to complete?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>ELB connection draining\xa0 \xa0 </p>', '<p>ELB Cross zone load balancing\xa0 \xa0 </p>', '<p>ELB session affinity (sticky session)\xa0 \xa0 </p>', '<p>ELB proxy protocol\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232111, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'You have an unhealthy EC2 instance attached to an ELB that is being taken out of service. While the EC2 instance is being de-registered from the ELB, which ELB feature will cause the ELB to stop sending any new requests to the EC2 instance whilst allowing in-flight sessions to complete?'}, {'_class': 'assessment', 'original_assessment_id': 4869194, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Kinesis Data Firehose is the easiest way to load streaming data into data stores and analytics tools</li> \t<li>Firehose Destinations include: <ul> \t<li>Amazon S3</li> \t<li>Amazon Redshift</li> \t<li>Amazon Elasticsearch Service</li> \t<li>Splunk</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> </ul>', 'question': '<p>Your Business Intelligence team use SQL tools to analyze data. What would be the best solution for performing queries on structured data that is being received at a high velocity?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>EMR using Hive\xa0 \xa0 </p>', '<p>Kinesis Firehose with RDS\xa0 \xa0 </p>', '<p>EMR running Apache Spark\xa0 \xa0 </p>', '<p>Kinesis Firehose with RedShift\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232113, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['d'], 'question_plain': 'Your Business Intelligence team use SQL tools to analyze data. What would be the best solution for performing queries on structured data that is being received at a high velocity?'}, {'_class': 'assessment', 'original_assessment_id': 4869198, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for specialized needs</li> \t<li>Kinesis Data Streams enables real-time processing of streaming big data</li> \t<li>Kinesis Data Streams is useful for rapidly moving data off data producers and then continuously processing the data</li> \t<li>Kinesis Data Streams stores data for later processing by applications (key difference with Firehose which delivers data directly to AWS services)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> </ul>', 'question': '<p>A\xa0Solutions Architect is designing a solution for a financial application that will receive trading data in large volumes. What is the best solution for ingesting and processing a very large number of data streams in near real time?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>EMR\xa0 \xa0 </p>', '<p>Kinesis Firehose\xa0 \xa0 </p>', '<p>RedShift</p>', '<p>Kinesis Data Streams</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232115, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['d'], 'question_plain': 'A\xa0Solutions Architect is designing a solution for a financial application that will receive trading data in large volumes. What is the best solution for ingesting and processing a very large number of data streams in near real time?'}, {'_class': 'assessment', 'original_assessment_id': 4869204, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>X-forwarded-for for HTTP/HTTPS carries the source IP/port information</li> \t<li>X-forwarded-for only applies to L7</li> \t<li>Security groups control the ports and protocols that can reach the front-end listener</li> \t<li>Proxy protocol applies to layer 4 and is not configured on the web servers</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You run a two-tier application with a web tier that is behind an Internet-facing Elastic Load Balancer (ELB).\xa0You need to restrict access to the web tier to a specific list of public IP addresses.</p><p>What are two possible ways you can implement this requirement? (Choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Configure the VPC internet gateway to allow incoming traffic from these IP addresses\xa0 \xa0 </p>', '<p>Configure your ELB to send the X-forwarded for headers and the web servers to filter traffic based on the ELB’s “X-forwarded-for” header\xa0 \xa0 </p>', '<p>Configure the ELB security group to allow traffic only from the specific list of IPs</p>', '<p>Configure a VPC NACL to allow web traffic from the list of IPs and deny all outbound traffic\xa0 \xa0 </p>', '<p>Configure the proxy protocol on the web servers and filter traffic based on IP address\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232117, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b', 'c'], 'question_plain': 'You run a two-tier application with a web tier that is behind an Internet-facing Elastic Load Balancer (ELB).\xa0You need to restrict access to the web tier to a specific list of public IP addresses.What are two possible ways you can implement this requirement? (Choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869208, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Security groups act like a firewall at the instance level</li> \t<li>Specifically security groups operate at the network interface level</li> \t<li>Can only assign permit rules in a security group, cannot assign deny rule</li> \t<li>There is an implicit deny rule at the end of the security group</li> \t<li>All rules are evaluated until a permit is encountered or continues until the implicit deny</li> \t<li>Can control ingress and egress traffic</li> \t<li>Security groups are stateful</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>For security reasons, you need to ensure that an On-Demand EC2 instance can only be accessed from a specific public IP address (100.156.52.12) using the SSH protocol. You are configuring the Security Group of the EC2 instance, and need to configure an Inbound rule.</p><p>Which of the rules below will achieve the requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>Protocol - TCP, Port Range - 22, Source 100.156.52.12/32\xa0 \xa0 </p>', '<p>Protocol - UDP, Port Range - 22, Source 100.156.52.12/32\xa0 \xa0 </p>', '<p>Protocol - TCP, Port Range - 22, Source 100.156.52.12/0\xa0 \xa0 </p>', '<p>Protocol - UDP, Port Range - 22, Source 100.156.52.12/0\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232119, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'For security reasons, you need to ensure that an On-Demand EC2 instance can only be accessed from a specific public IP address (100.156.52.12) using the SSH protocol. You are configuring the Security Group of the EC2 instance, and need to configure an Inbound rule.Which of the rules below will achieve the requirement?'}, {'_class': 'assessment', 'original_assessment_id': 4869210, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CloudFront is a web service that gives businesses and web application developers an easy and cost-effective way to distribute content with low latency and high data transfer speeds</li> \t<li>CloudFront is a good choice for distribution of frequently accessed static content that benefits from edge delivery—like popular website images, videos, media files or software downloads</li> \t<li>An origin is the origin of the files that the CDN will distribute</li> \t<li>Origins can be either an S3 bucket, an EC2 instance, and Elastic Load Balancer, or Route53) – can also be external (non-AWS)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> </ul>', 'question': '<p>You work as a System Administrator at Digital Cloud Guru and your manager has asked you to investigate an EC2 web server hosting videos that is constantly running at over 80% CPU utilization. Which of the approaches below would you recommend to fix the issue?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Create an Elastic Load Balancer and register the EC2 instance to it\xa0 \xa0 </p>', '<p>Create a CloudFront distribution and configure the Amazon EC2 instance as the origin\xa0 \xa0 </p>', '<p>Create an Auto Scaling group from the instance using the CreateAutoScalingGroup action\xa0 \xa0 </p>', '<p>Create a Launch Configuration from the instance using the CreateLaunchConfiguration action\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232121, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'You work as a System Administrator at Digital Cloud Guru and your manager has asked you to investigate an EC2 web server hosting videos that is constantly running at over 80% CPU utilization. Which of the approaches below would you recommend to fix the issue?'}, {'_class': 'assessment', 'original_assessment_id': 4869216, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Some of the parameters you can specify in a task definition include: <ul> \t<li>Which Docker images to use with the containers in your task</li> \t<li>How much CPU and memory to use with each container</li> \t<li>Whether containers are linked together in a task</li> \t<li>The Docker networking mode to use for the containers in your task</li> \t<li>What (if any) ports from the container are mapped to the host container instances</li> \t<li>Whether the task should continue if the container finished or fails</li> \t<li>The commands the container should run when it is started</li> \t<li>Environment variables that should be passed to the container when it starts</li> \t<li>Data volumes that should be used with the containers in the task</li> \t<li>IAM role the task should use for permissions</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> </ul>', 'question': '<p>A Solutions Architect is planning to run some Docker containers on Amazon ECS. The Architect needs to define some parameters for the containers. What application parameters can be defined in an ECS task definition? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The container images to use and the repositories in which they are located\xa0 \xa0 </p>', '<p>The ports that should be opened on the container instance for your application\xa0 \xa0 </p>', '<p>The ELB node to be used to scale the task containers\xa0 \xa0 </p>', '<p>The security group rules to apply\xa0 \xa0 </p>', '<p>The application configuration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232123, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a', 'b'], 'question_plain': 'A Solutions Architect is planning to run some Docker containers on Amazon ECS. The Architect needs to define some parameters for the containers. What application parameters can be defined in an ECS task definition? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869224, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Directory service includes:</li> \t<li>- Active Directory Service for Microsoft Active Directory</li> \t<li>- Simple AD</li> \t<li>- AD Connector</li> \t<li>The Active Directory Service for Microsoft AD and AD Connector both require a VPN or Direct Connect connection</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/</a></li> </ul>', 'question': '<p>A company needs to deploy virtual desktops for its customers in an AWS VPC and would like to leverage their existing on-premise security principals. AWS Workspaces will be used as the virtual desktop solution.</p><p>Which set of AWS services and features will meet the company’s requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>A VPN connection, and AWS Directory Services\xa0 \xa0 </p>', '<p>A VPN connection, VPC NACLs and Security Groups\xa0 \xa0 </p>', '<p>AWS Directory Service and AWS IAM\xa0 \xa0 </p>', '<p>Amazon EC2, and AWS IAM\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232125, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'A company needs to deploy virtual desktops for its customers in an AWS VPC and would like to leverage their existing on-premise security principals. AWS Workspaces will be used as the virtual desktop solution.Which set of AWS services and features will meet the company’s requirements?'}, {'_class': 'assessment', 'original_assessment_id': 4869232, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AD Connector is a directory gateway for redirecting directory requests to your on-premise Active Directory</li> \t<li>AD Connector eliminates the need for directory synchronization and the cost and complexity of hosting a federation infrastructure</li> \t<li>Connects your existing on-premise AD to AWS</li> \t<li>Best choice when you want to use an existing Active Directory with AWS services</li> \t<li>Roles are created and then “assumed” by trusted entities and define a set of permissions for making AWS service requests</li> \t<li>With IAM Roles you can delegate permissions to resources for users and services without using permanent credentials (e.g. user name and password)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/</a></li> </ul>', 'question': '<p>You need to provide access to the AWS Management Console to a team of new application developers. The team members who perform the same role are assigned to a Microsoft Active Directory group and you have been asked to use Identity Federation and RBAC.</p><p>Which AWS services would you use to configure this access? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>AWS Directory Service Simple AD\xa0 \xa0 </p>', '<p>AWS Directory Service AD Connector\xa0 \xa0 </p>', '<p>AWS IAM Groups\xa0 \xa0 </p>', '<p>AWS IAM Roles\xa0 \xa0 </p>', '<p>AWS IAM Users</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232127, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b', 'd'], 'question_plain': 'You need to provide access to the AWS Management Console to a team of new application developers. The team members who perform the same role are assigned to a Microsoft Active Directory group and you have been asked to use Identity Federation and RBAC.Which AWS services would you use to configure this access? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869236, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Glacier can be used to copy or archive files. Glacier integrates with versioning to allow you to choose policies for transitioning current and previous versions to a Glacier archive</li> \t<li>You must consider multiple facts including cost and the practicality of maintaining a solution. This question has multiple correct answers so you need to choose the best options from the list</li> \t<li>CRR is an Amazon S3 feature that automatically replicates data across AWS Regions. However, there are data egress costs to consider when copying data across regions</li> \t<li>Versioning stores all versions of an object (including all writes and even if an object is deleted)</li> \t<li>Versioning protects against accidental object/data deletion or overwrites</li> \t<li>The copy operation can be used to: <ul> \t<li>Generate additional copies of objects</li> \t<li>Renaming objects</li> \t<li>Changing the copy’s storage class or encryption at rest status</li> \t<li>Move objects across AWS locations/regions</li> \t<li>Change object metadata</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>Your company stores important production data on S3 and you have been asked by your manager to ensure that data is protected from accidental deletion. What are the BEST\xa0ways to protect against accidental object deletion for data in an AWS S3 bucket? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>You do not need to do anything, by default versioning is enabled\xa0 \xa0 </p>', '<p>Use Cross Region Replication to replicate the data to an S3 bucket in another AZ\xa0 \xa0 </p>', '<p>Enable versioning on the bucket\xa0 \xa0 </p>', '<p>Use lifecycle actions to copy the data into Glacier\xa0 \xa0 </p>', '<p>Copy your objects to another bucket in the same region\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232129, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c', 'd'], 'question_plain': 'Your company stores important production data on S3 and you have been asked by your manager to ensure that data is protected from accidental deletion. What are the BEST\xa0ways to protect against accidental object deletion for data in an AWS S3 bucket? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869242, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Kinesis makes it easy to collect, process, and analyze <strong><em>real-time</em></strong>, streaming data so you can get timely insights and react quickly to new information</li> \t<li>EMR utilizes a hosted Hadoop framework running on Amazon EC2 and Amazon S3</li> \t<li>Amazon Dynamo DB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability</li> \t<li>DynamoDB provides low read and write latency</li> \t<li>Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and existing Business Intelligence (BI) tools</li> \t<li>RedShift is a SQL based data warehouse used for analytics applications</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. A client from the agricultural sector has approached you for some advice around the collection of a large volume of data from sensors they have deployed around the country. An application will collect data from over 100,000 sensors and each sensor will send around 1KB of data every minute. The data needs to be stored in a durable, low latency data store. The client also needs historical data that is over 1 year old to be moved into a data warehouse where they can perform analytics using standard SQL queries.</p><p>What combination of AWS services would you recommend to the client? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Kinesis Data Streams for data ingestion\xa0 \xa0 </p>', '<p>EMR for analytics\xa0 \xa0 </p>', '<p>DynamoDB for data ingestion\xa0 \xa0 </p>', '<p>RedShift for the analytics\xa0 \xa0 </p>', '<p>Elasticache for analytics</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232131, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c', 'd'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. A client from the agricultural sector has approached you for some advice around the collection of a large volume of data from sensors they have deployed around the country. An application will collect data from over 100,000 sensors and each sensor will send around 1KB of data every minute. The data needs to be stored in a durable, low latency data store. The client also needs historical data that is over 1 year old to be moved into a data warehouse where they can perform analytics using standard SQL queries.What combination of AWS services would you recommend to the client? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869244, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>A user pool is a user directory in Amazon Cognito</li> \t<li>With a user pool, your users can sign in to your web or mobile app through Amazon Cognito</li> \t<li>Your users can also sign in through social identity providers like Facebook or Amazon, and through SAML identity providers</li> \t<li>IAM does not add another factor of authentication - factors include something you know (e.g. password), something you have (e.g. token device), and something you are (e.g. retina scan or fingerprint)</li> \t<li>MFA ingrates with a user pool in Cognito</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html">https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html</a></li> </ul>', 'question': '<p>The development team at your company have created a new mobile application that will be used by users to access confidential data. The developers have used Amazon Cognito for authentication, authorization, and user management. Due to the sensitivity of the data, there is a requirement to add another method of authentication in addition to a username and password.</p><p>You have been asked to recommend the best solution. What is your recommendation?</p>', 'relatedLectureIds': '', 'answers': ['<p>Integrate IAM with a user pool in Cognito\xa0 \xa0 </p>', '<p>Enable multi-factor authentication (MFA) in IAM\xa0 \xa0 </p>', '<p>Integrate a third-party identity provider (IdP)\xa0 \xa0 </p>', '<p>Use multi-factor authentication (MFA) with a Cognito user pool\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232133, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['d'], 'question_plain': 'The development team at your company have created a new mobile application that will be used by users to access confidential data. The developers have used Amazon Cognito for authentication, authorization, and user management. Due to the sensitivity of the data, there is a requirement to add another method of authentication in addition to a username and password.You have been asked to recommend the best solution. What is your recommendation?'}, {'_class': 'assessment', 'original_assessment_id': 4869248, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Basic monitoring = 5 mins (free for EC2 Instances, EBS volumes, ELBs and RDS DBs)</li> \t<li>Detailed monitoring = 1 min (chargeable)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/</a></li> </ul>', 'question': '<p>A company is deploying a fleet of new EC2 instances into their VPC and are finalising the monitoring configuration. When using CloudWatch with EC2 what is the frequency of metric updates with basic monitoring?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>100 seconds</p>', '<p>30 seconds</p>', '<p>1 minute</p>', '<p>5 minutes</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232135, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['d'], 'question_plain': 'A company is deploying a fleet of new EC2 instances into their VPC and are finalising the monitoring configuration. When using CloudWatch with EC2 what is the frequency of metric updates with basic monitoring?'}, {'_class': 'assessment', 'original_assessment_id': 4869250, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CloudFormation allows you to model your infrastructure in a text file using a common language. You can then provision those resources using CloudFormation and only ever pay for the resources created</li> \t<li>CloudWatch\xa0s used to collect and track metrics, collect and monitor log files, and set alarm</li> \t<li>CloudTrail\xa0provides visibility into user activity by recording actions taken on your account</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/</a></li> </ul>', 'question': '<p>An organization is considering ways to reduce administrative overhead and automate build processes. An Architect has suggested using CloudFormation. Which of the statements below are true regarding CloudFormation? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Allows you to model your entire infrastructure in a text file\xa0 \xa0 </p>', '<p>It is used to collect and track metrics, collect and monitor log files, and set alarms\xa0 \xa0 </p>', '<p>It provides visibility into user activity by recording actions taken on your account\xa0 \xa0 </p>', '<p>It provides a common language for you to describe and provision all the infrastructure resources in your cloud environment\xa0 \xa0 </p>', '<p>You pay for CloudFormation and the AWS resources created\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232137, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a', 'd'], 'question_plain': 'An organization is considering ways to reduce administrative overhead and automate build processes. An Architect has suggested using CloudFormation. Which of the statements below are true regarding CloudFormation? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869252, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can throttle and monitor requests to protect your backend</li> \t<li>Bursting isn’t an API Gateway feature</li> \t<li>A cache can be created and specified in gigabytes (not enabled by default)</li> \t<li>Caches are provisioned for a specific stage of your APIS</li> \t<li>Caching features include customisable keys and time-to-live (TTL) in seconds for your API data which enhances response times and reduces load on back-end services</li> \t<li>CloudFront is a bogus answer as even though it does have a cache of its own it won’t help you to enhance the performance of the API Gateway cache</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> </ul>', 'question': '<p>You have implemented API Gateway and enabled a cache for a specific stage. How can you control the cache to enhance performance and reduce load on back-end services?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Configure the throttling feature\xa0 \xa0 </p>', '<p>Enable bursting\xa0 \xa0 </p>', '<p>Using time-to-live (TTL) settings\xa0 \xa0 </p>', '<p>Using CloudFront controls\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232139, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'You have implemented API Gateway and enabled a cache for a specific stage. How can you control the cache to enhance performance and reduce load on back-end services?'}, {'_class': 'assessment', 'original_assessment_id': 4869258, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>An Interface endpoint uses AWS PrivateLink and is an elastic network interface (ENI) with a private IP address that serves as an entry point for traffic destined to a supported service</li> \t<li>Using PrivateLink you can connect your VPC to supported AWS services, services hosted by other AWS accounts (VPC endpoint services), and supported AWS Marketplace partner services</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You have created an application in a VPC that uses a Network Load Balancer (NLB). The application will be offered in a service provider model for AWS principals in other accounts within the region to consume. Based on this model, what AWS service will be used to offer the service for consumption?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>IAM Role Based Access Control\xa0 \xa0 </p>', '<p>Route 53</p>', '<p>VPC Endpoint Services using AWS PrivateLink\xa0 \xa0 </p>', '<p>API Gateway\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232141, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'You have created an application in a VPC that uses a Network Load Balancer (NLB). The application will be offered in a service provider model for AWS principals in other accounts within the region to consume. Based on this model, what AWS service will be used to offer the service for consumption?'}, {'_class': 'assessment', 'original_assessment_id': 4869260, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Best practices for securing operating systems and applications include: <ul> \t<li>Disable root API access keys and secret key</li> \t<li>Restrict access to instances from limited IP ranges using Security Groups</li> \t<li>Password protect the .pem file on user machines</li> \t<li>Delete keys from the authorized_keys file on your instances when someone leaves your organization or no longer requires access</li> \t<li>Rotate credentials (DB, Access Keys)</li> \t<li>Regularly run least privilege checks using IAM user Access Advisor and IAM user Last Used Access Keys</li> \t<li>Use bastion hosts to enforce control and visibility</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://d1.awsstatic.com/whitepapers/Security/AWS_Security_Best_Practices.pdf">https://d1.awsstatic.com/whitepapers/Security/AWS_Security_Best_Practices.pdf</a></li> </ul>', 'question': '<p>You are creating a design for an internal-only AWS service that uses EC2 instances to process information on S3 and store the results in DynamoDB. You need to allow access to several developers who will be testing code and need to apply security best practices to the architecture.</p><p>Which of the security practices below are recommended? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Store the access keys and secret IDs within the application\xa0 \xa0 </p>', '<p>Disable root API access keys and secret key\xa0 \xa0 </p>', '<p>Assign an IAM user for each EC2 instance\xa0 \xa0 </p>', '<p>Use bastion hosts to enforce control and visibility\xa0 \xa0 </p>', '<p>Control user access through network ACLs\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232143, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b', 'd'], 'question_plain': 'You are creating a design for an internal-only AWS service that uses EC2 instances to process information on S3 and store the results in DynamoDB. You need to allow access to several developers who will be testing code and need to apply security best practices to the architecture.Which of the security practices below are recommended? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869266, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EFS is a fully-managed service that makes it easy to set up and scale file storage in the Amazon Cloud</li> \t<li>EFS uses the NFSv4.1 protocol</li> \t<li>Amazon EFS is designed to burst to allow high throughput levels for periods of time</li> \t<li>EFS offers the ability to encrypt data at rest and in transit</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/</a></li> </ul>', 'question': '<p>You need to create a file system that can be concurrently accessed by multiple EC2 instances within an AZ. The file system needs to support high throughput and the ability to burst. As the data that will be stored on the file system will be sensitive you need to ensure it is encrypted at rest and in transit.</p><p>What storage solution would you implement for the EC2 instances?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use the Elastic File System (EFS) and mount the file system using NFS v4.1</p>', '<p>Use the Elastic Block Store (EBS) and mount the file system at the block level\xa0 \xa0 </p>', '<p>Add EBS volumes to each EC2 instance and configure data replication\xa0 \xa0 </p>', '<p>Add EBS volumes to each EC2 instance and use an ELB to distribute data evenly between the volumes\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232145, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'You need to create a file system that can be concurrently accessed by multiple EC2 instances within an AZ. The file system needs to support high throughput and the ability to burst. As the data that will be stored on the file system will be sensitive you need to ensure it is encrypted at rest and in transit.What storage solution would you implement for the EC2 instances?'}, {'_class': 'assessment', 'original_assessment_id': 4869268, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>DynamoDB uses push button scaling in which you specify the read and write capacity units you need – it does not rely on instance sizes</li> \t<li>There are limits on the throughput you can provision by default (region specific):</li> \t<li>US East (N. Virginia) Region:</li> \t<li>- Per table – 40,000 read capacity units and 40,000 write capacity units</li> \t<li>- Per account – 80,000 read capacity units and 80,000 write capacity units</li> \t<li>All Other Regions:</li> \t<li>- Per table – 10,000 read capacity units and 10,000 write capacity units</li> \t<li>- Per account – 20,000 read capacity units and 20,000 write capacity unit</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>Your organization is considering using DynamoDB for a new application that requires elasticity and high-availability. Which of the statements below is true about DynamoDB? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>To scale DynamoDB you must increase the instance size\xa0 \xa0 </p>', '<p>Data is synchronously replicated across 3 regions</p>', '<p>When reading data from Amazon DynamoDB, users can specify whether they want the read to be eventually consistent or strongly consistent\xa0 \xa0 </p>', '<p>Supports cross-region replication which allows you to replicate across regions\xa0 \xa0 </p>', '<p>There is no default limit of the throughput you can provision\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232147, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c', 'd'], 'question_plain': 'Your organization is considering using DynamoDB for a new application that requires elasticity and high-availability. Which of the statements below is true about DynamoDB? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4869270, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Simple Queue Service (Amazon SQS) is a web service that gives you access to message queues that store messages waiting to be processed</li> \t<li>SQS offers a reliable, highly-scalable, hosted queue for storing messages in transit between computers</li> \t<li>SQS is used for distributed/decoupled applications</li> \t<li>In this circumstance SQS will reduce the risk of writes being dropped and it the best option presented</li> \t<li>RDS in a multi-AZ configuration will not help as writes are only made to the primary database</li> \t<li>Though option 3 could potentially work, it is not the best option as SQS is recommended for decoupling application components</li> \t<li>Option 4 is bogus as you cannot configure a database as a custom origin in CloudFront</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/</a></li> </ul>', 'question': '<p>There is expected to be a large increase in write intensive traffic to a website you manage that registers users onto an online learning program. You are concerned about writes to the database being dropped and need to come up with a solution to ensure this does not happen. Which of the solution options below would be the best approach to take?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Update the application to write data to an SQS queue and provision additional EC2 instances to process the data and write it to the database\xa0 \xa0 </p>', '<p>Use RDS in a multi-AZ configuration to distribute writes across AZs\xa0 \xa0 </p>', '<p>Update the application to write data to an S3 bucket and provision additional EC2 instances to process the data and write it to the database\xa0 \xa0 </p>', '<p>Use CloudFront to cache the writes and configure the database as a custom origin\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232149, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'There is expected to be a large increase in write intensive traffic to a website you manage that registers users onto an online learning program. You are concerned about writes to the database being dropped and need to come up with a solution to ensure this does not happen. Which of the solution options below would be the best approach to take?'}, {'_class': 'assessment', 'original_assessment_id': 4869272, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for specialized needs</li> \t<li>Kinesis Data Streams enables real-time processing of streaming big data</li> \t<li>Kinesis Data Streams is useful for rapidly moving data off data producers and then continuously processing the data</li> \t<li>Kinesis Data Streams architecture:</li> \t<li>- Producers continually push data to Kinesis Data Streams</li> \t<li>- Consumers process the data in real time</li> \t<li>- Consumers can store their results using an AWS service such as Amazon DynamoDB, Amazon Redshift, or Amazon S3</li> \t<li>- Kinesis Streams applications are consumers that run on EC2 instances</li> \t<li>SQS does not provide a solution for analyzing the data</li> \t<li>RedShift is a data warehouse and good for analytics on structured data. It is not used for real time ingestion</li> \t<li>EMR utilizes a hosted Hadoop framework running on Amazon EC2 and Amazon S3 and is used for processing large quantities of data. It is not suitable for this solution</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. One of your clients is an online media company that attracts a large volume of users to their website each day. The media company are interested in analyzing the user’s clickstream data so they can analyze user behavior in real-time and dynamically update advertising. This intelligent approach to advertising should help them to increase conversions.</p><p>What would you suggest as a solution to assist them with capturing and analyzing this data?</p>', 'relatedLectureIds': '', 'answers': ['<p>Update the application to write data to an SQS queue, and create an additional application component to analyze the data in the queue and update the website\xa0 \xa0 </p>', '<p>Use Kinesis Data Streams to process and analyze the clickstream data. Store the results in DynamoDB and create an application component that reads the data from the database and updates the website\xa0 \xa0 </p>', '<p>Write the data directly to RedShift and use Business Intelligence tools to analyze the data\xa0 \xa0 </p>', '<p>Use EMR to process and analyze the data in real-time and Lambda to update the website based on the results\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232151, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. One of your clients is an online media company that attracts a large volume of users to their website each day. The media company are interested in analyzing the user’s clickstream data so they can analyze user behavior in real-time and dynamically update advertising. This intelligent approach to advertising should help them to increase conversions.What would you suggest as a solution to assist them with capturing and analyzing this data?'}, {'_class': 'assessment', 'original_assessment_id': 4869288, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS WAF is a web application firewall that helps detect and block malicious web requests targeted at your web applications</li> \t<li>AWS WAF allows you to create rules that can help protect against common web exploits like SQL injection and cross-site scripting</li> \t<li>With AWS WAF you first identify the resource (either an Amazon CloudFront distribution or an Application Load Balancer) that you need to protect</li> \t<li>You then deploy the rules and filters that will best protect your applications</li> \t<li>You can deploy, create, and maintain these web security rules in the AWS Management Console or using the AWS WAF API</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/waf/details/">https://aws.amazon.com/waf/details/</a></li> </ul>', 'question': '<p>You need a service that can provide you with control over which traffic to allow or block to your web applications by defining customizable web security rules. You need to block common attack patterns, such as SQL injection and cross-site scripting, as well as creating custom rules for your own applications.</p><p>Which AWS service fits these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>Route 53\xa0 \xa0 </p>', '<p>CloudFront</p>', '<p>Security Groups</p>', '<p>AWS\xa0WAF</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232153, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['d'], 'question_plain': 'You need a service that can provide you with control over which traffic to allow or block to your web applications by defining customizable web security rules. You need to block common attack patterns, such as SQL injection and cross-site scripting, as well as creating custom rules for your own applications.Which AWS service fits these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 4869292, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The possible values are ok, impaired, warning, or insufficient-data</li> \t<li>If all checks pass, the overall status of the volume is ok</li> \t<li>If the check fails, the overall status is impaired</li> \t<li>If the status is insufficient-data, then the checks may still be taking place on your volume at the time</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumeStatus.html">https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumeStatus.html</a></li> </ul>', 'question': '<p>An EC2 status check on an EBS volume is showing as <em>insufficient-data</em>. What is the most likely explanation?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The checks require more information to be manually entered\xa0 \xa0 </p>', '<p>The checks may still be in progress on the volume\xa0 \xa0 </p>', '<p>The checks have failed on the volume\xa0 \xa0 </p>', '<p>The volume does not have enough data on it to check properly\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232155, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'An EC2 status check on an EBS volume is showing as insufficient-data. What is the most likely explanation?'}, {'_class': 'assessment', 'original_assessment_id': 4869294, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The only service that would allow you to continue to use the same tools is OpsWorks</li> \t<li>AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet</li> \t<li>OpsWorks lets you use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments</li> \t<li>OpsWorks is an automation platform that transforms infrastructure into code</li> \t<li>Automates how applications are configured, deployed and managed</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-opsworks/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-opsworks/</a></li> \t<li><a href="https://docs.aws.amazon.com/opsworks/latest/userguide/welcome.html">https://docs.aws.amazon.com/opsworks/latest/userguide/welcome.html</a></li> </ul>', 'question': '<p>Your company currently uses Puppet Enterprise for infrastructure and application management. You are looking to move some of your infrastructure onto AWS and would like to continue to use the same tools in the cloud. What AWS service provides a fully managed configuration management service that is compatible with Puppet Enterprise?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Elastic Beanstalk\xa0 \xa0 </p>', '<p>CloudFormation</p>', '<p>OpsWorks</p>', '<p>CloudTrail</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232157, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'Your company currently uses Puppet Enterprise for infrastructure and application management. You are looking to move some of your infrastructure onto AWS and would like to continue to use the same tools in the cloud. What AWS service provides a fully managed configuration management service that is compatible with Puppet Enterprise?'}, {'_class': 'assessment', 'original_assessment_id': 4869296, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Environment variables for Lambda functions enable you to dynamically pass settings to your function code and libraries, without making changes to your code</li> \t<li>Environment variables are key-value pairs that you create and modify as part of your function configuration, using either the AWS Lambda Console, the AWS Lambda CLI or the AWS Lambda SD</li> \t<li>You can use environment variables to help libraries know what directory to install files in, where to store outputs, store connection and logging settings, and more</li> \t<li>When you deploy your Lambda function, all the environment variables you\'ve specified are encrypted by default after, but not during, the deployment process. They are then decrypted automatically by AWS Lambda when the function is invoked</li> \t<li>If you need to store sensitive information in an environment variable, we strongly suggest you encrypt that information before deploying your Lambda function</li> \t<li>The Lambda console makes that easier for you by providing encryption helpers that leverage AWS Key Management Service to store that sensitive information as Ciphertext</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/</a></li> \t<li><a href="https://docs.aws.amazon.com/lambda/latest/dg/env_variables.html">https://docs.aws.amazon.com/lambda/latest/dg/env_variables.html</a></li> </ul>', 'question': '<p>You are developing an application that uses Lambda functions. You need to store some sensitive data that includes credentials for accessing the database tier. You are planning to store this data as environment variables within Lambda. How can you ensure this sensitive information is properly secured?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>There is no need to make any changes as all environment variables are encrypted by default with AWS Lambda\xa0 \xa0 </p>', '<p>Use encryption helpers that leverage AWS Key Management Service to store the sensitive information as Ciphertext\xa0 \xa0 </p>', '<p>Store the environment variables in an encrypted DynamoDB table and configure Lambda to retrieve them as required\xa0 \xa0 </p>', '<p>This cannot be done, only the environment variables that relate to the Lambda function itself can be encrypted\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232159, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'You are developing an application that uses Lambda functions. You need to store some sensitive data that includes credentials for accessing the database tier. You are planning to store this data as environment variables within Lambda. How can you ensure this sensitive information is properly secured?'}, {'_class': 'assessment', 'original_assessment_id': 4869300, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ELBs are not responsible for terminating EC2 instances. Auto Scaling can terminate instances that fail health checks</li> \t<li>The default behavior is that the ELB will simply stop sending traffic to the instance that failed the health check</li> \t<li>ELB does not send instructions to the ASG, the ASG has its own health checks and can also use ELB health checks to determine the status of instances</li> \t<li>ELB does not update Route 53 records</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You have a three-tier web application running on AWS that utilizes Route 53, ELB, Auto Scaling and RDS. One of the EC2 instances that is registered against the ELB fails a health check. What actions will the ELB take in this circumstance?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The ELB will terminate the instance that failed the health check\xa0 \xa0 </p>', '<p>The ELB will stop sending traffic to the instance that failed the health check\xa0 \xa0 </p>', '<p>The ELB will instruct Auto Scaling to terminate the instance and launch a replacement\xa0 \xa0 </p>', '<p>The ELB will update Route 53 by removing any references to the instance\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232161, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'You have a three-tier web application running on AWS that utilizes Route 53, ELB, Auto Scaling and RDS. One of the EC2 instances that is registered against the ELB fails a health check. What actions will the ELB take in this circumstance?'}, {'_class': 'assessment', 'original_assessment_id': 4869306, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Basic monitoring = 5 mins (free for EC2 Instances, EBS volumes, ELBs and RDS DBs)</li> \t<li>Detailed monitoring = 1 min (chargeable)</li> \t<li>Enterprise and Business are support plans not CloudWatch monitoring types</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/</a></li> </ul>', 'question': '<p>CloudWatch automatically provides data including metrics and volume status checks for EBS volumes. There are two types of monitoring available, which type provides data in 5-minute intervals at no charge?</p><p>What type of monitoring for Amazon EBS volumes is free and available automatically in 5-minute periods?</p>', 'relatedLectureIds': '', 'answers': ['<p>Enterprise</p>', '<p>Business</p>', '<p>Basic</p>', '<p>Detailed</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232163, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'CloudWatch automatically provides data including metrics and volume status checks for EBS volumes. There are two types of monitoring available, which type provides data in 5-minute intervals at no charge?What type of monitoring for Amazon EBS volumes is free and available automatically in 5-minute periods?'}, {'_class': 'assessment', 'original_assessment_id': 4869312, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Network ACL’s function at the subnet level</li> \t<li>Route tables are not firewalls</li> \t<li>Security groups act like a firewall at the instance level</li> \t<li>Specifically, security groups operate at the network interface level</li> \t<li>AWS WAF is a web application firewall and does not work at the instance level</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You are planning to deploy a number of EC2 instances in your VPC. The EC2 instances will be deployed across several subnets and multiple AZs. What AWS feature can act as an instance-level firewall to control traffic between your EC2 instances?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Network ACL\xa0 \xa0 </p>', '<p>Route table</p>', '<p>Security Group</p>', '<p>AWS\xa0WAF</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232165, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'You are planning to deploy a number of EC2 instances in your VPC. The EC2 instances will be deployed across several subnets and multiple AZs. What AWS feature can act as an instance-level firewall to control traffic between your EC2 instances?'}, {'_class': 'assessment', 'original_assessment_id': 4869356, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for IAM users or for users that you authenticate (federated users)</li> \t<li>If your identity store is not compatible with SAML 2.0, then you can build a custom identity broker application to perform a similar function</li> \t<li>The broker application authenticates users, requests temporary credentials for users from AWS, and then provides them to the user to access AWS resources</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> \t<li><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_common-scenarios_federated-users.html">https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_common-scenarios_federated-users.html</a></li> </ul>', 'question': '<p>Your company has an on-premise LDAP directory service. As part of a gradual migration into AWS you would like to integrate the LDAP directory with AWS’s Identity and Access Management (IAM) solutions so that existing users can authenticate against AWS services.</p><p>What method would you suggest using to enable this integration?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use AWS Simple AD and create a trust relationship with IAM\xa0 \xa0 </p>', '<p>Develop an on-premise custom identity provider (IdP) and use the AWS Security Token Service (STS) to provide temporary security credentials\xa0 \xa0 </p>', '<p>Create a policy in IAM that references users in the on-premise LDAP directory\xa0 \xa0 </p>', '<p>Use SAML to develop a direct integration from the on-premise LDAP directory to the relevant AWS services\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232167, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'Your company has an on-premise LDAP directory service. As part of a gradual migration into AWS you would like to integrate the LDAP directory with AWS’s Identity and Access Management (IAM) solutions so that existing users can authenticate against AWS services.What method would you suggest using to enable this integration?'}, {'_class': 'assessment', 'original_assessment_id': 4869358, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EBS is mounted as a block device not a file system</li> \t<li>S3 is object storage</li> \t<li>EFS is a fully-managed service that makes it easy to set up and scale file storage in the Amazon Cloud</li> \t<li>EFS is good for big data and analytics, media processing workflows, content management, web serving, home directories etc.</li> \t<li>EFS uses the NFSv4.1 protocol which is a protocol for mounting fil systems (similar to Microsoft’s SMB)</li> \t<li>DynamoDB is a fully managed NoSQL database</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/</a></li> </ul>', 'question': '<p>You have been asked to recommend the best AWS storage solution for a client. The client requires a storage solution that provide a mounted file system for a Big Data and Analytics application. The client’s requirements include high throughput, low latency, read-after-write consistency and the ability to burst up to multiple GB/s for short periods of time.</p><p>Which AWS service can meet this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>EBS</p>', '<p>S3</p>', '<p>EFS</p>', '<p>DynamoDB</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232169, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'You have been asked to recommend the best AWS storage solution for a client. The client requires a storage solution that provide a mounted file system for a Big Data and Analytics application. The client’s requirements include high throughput, low latency, read-after-write consistency and the ability to burst up to multiple GB/s for short periods of time.Which AWS service can meet this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 4869362, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>This is simply about numbers. You need 6 EC2 instances to be running even in the case of an AZ failure. The questions asks for the “optimum” solution so you don’t want to over provision</li> \t<li>In the event of a single AZ failing (assuming an even spread of instances) we would have:</li> \t<li>Option 1 leaves 12 instances running which is too many</li> \t<li>Option 2 leaves 6 instances running so it is the correct answer</li> \t<li>Option 3 leaves 4 instances running which is too few</li> \t<li>Option 4 leaves 9 instances running which is too may</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You are putting together a design for a three-tier web application. The application tier requires a minimum of 6 EC2 instances to be running at all times. You need to provide fault tolerance to ensure that the failure of a single Availability Zone (AZ) will not affect application performance.</p><p>Which of the options below is the optimum solution to fulfil these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>Create an ASG with 18 instances spread across 3 AZs behind an ELB\xa0 \xa0 </p>', '<p>Create an ASG with 9 instances spread across 3 AZs behind an ELB\xa0 \xa0 </p>', '<p>Create an ASG with 6 instances spread across 3 AZs behind an ELB\xa0 \xa0 </p>', '<p>Create an ASG with 12 instances spread across 4 AZs behind an ELB\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232171, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'You are putting together a design for a three-tier web application. The application tier requires a minimum of 6 EC2 instances to be running at all times. You need to provide fault tolerance to ensure that the failure of a single Availability Zone (AZ) will not affect application performance.Which of the options below is the optimum solution to fulfil these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 4869366, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The AWS Storage Gateway service enables hybrid storage between on-premises environments and the AWS Cloud</li> \t<li>It provides low-latency performance by caching frequently accessed data on premises, while storing data securely and durably in Amazon cloud storage services</li> \t<li>AWS Storage Gateway supports three storage interfaces: file, volume, and tape</li> \t<li>File:</li> \t<li>- File gateway provides a virtual on-premises file server, which enables you to store and retrieve files as objects in Amazon S3</li> \t<li>- File gateway offers SMB or NFS-based access to data in Amazon S3 with local caching <strong>-- the question asks for an iSCSI (block) storage solution so a file gateway is not the right solution</strong></li> \t<li>Volume:</li> \t<li>- The volume gateway represents the family of gateways that support block-based volumes, previously referred to as gateway-cached and gateway-stored modes</li> \t<li>- Block storage – iSCSI based <strong>– the volume gateway is the correct solution choice as it provides iSCSI (block) storage which is compatible with the existing configuration</strong></li> \t<li>Tape:</li> \t<li>- Used for backup with popular backup software</li> \t<li>- Each gateway is preconfigured with a media changer and tape drives. Supported by NetBackup, Backup Exec, Veeam etc.</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/aws-storage-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/aws-storage-gateway/</a></li> </ul>', 'question': '<p>You are a Solutions Architect for an insurance company. An application you manage is used to store photos and video files that relate to insurance claims. The application writes data using the iSCSI protocol to a storage array. The array currently holds 10TB of data and is approaching capacity.</p><p>Your manager has instructed you that he will not approve further capital expenditure for on-premises infrastructure. Therefore, you are planning to migrate data into the cloud. How can you move data into the cloud whilst retaining low-latency access to frequently accessed data on-premise using the iSCSI protocol?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use an AWS Storage Gateway File Gateway in cached volume mode\xa0 \xa0 </p>', '<p>Use an AWS Storage Gateway Virtual Tape Library\xa0 \xa0 </p>', '<p>Use an AWS Storage Gateway Volume Gateway in cached volume mode\xa0 \xa0 </p>', '<p>Use an AWS Storage Gateway Volume Gateway in stored volume mode\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232173, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'You are a Solutions Architect for an insurance company. An application you manage is used to store photos and video files that relate to insurance claims. The application writes data using the iSCSI protocol to a storage array. The array currently holds 10TB of data and is approaching capacity.Your manager has instructed you that he will not approve further capital expenditure for on-premises infrastructure. Therefore, you are planning to migrate data into the cloud. How can you move data into the cloud whilst retaining low-latency access to frequently accessed data on-premise using the iSCSI protocol?'}, {'_class': 'assessment', 'original_assessment_id': 4869372, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ElastiCache is a web service that makes it easy to deploy and run Memcached or Redis protocol-compliant server nodes in the cloud</li> \t<li>The in-memory caching provided by ElastiCache can be used to significantly improve latency and throughput for many read-heavy application workloads or compute-intensive workloads</li> \t<li>Memcached</li> \t<li>- Not persistent</li> \t<li>- Cannot be used as a data store</li> \t<li>- Supports large nodes with multiple cores or threads</li> \t<li>- Scales out and in, by adding and removing nodes</li> \t<li>Redis</li> \t<li>- Data is persistent</li> \t<li>- Can be used as a datastore</li> \t<li>- Not multi-threaded</li> \t<li>- Scales by adding shards, not nodes</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/SelectEngine.html">https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/SelectEngine.html</a></li> </ul>', 'question': '<p>A major upcoming sales event is likely to result in heavy read traffic to a web application your company manages. As the Solutions Architect you have been asked for advice on how best to protect the database tier from the heavy load and ensure the user experience is not impacted. </p><p>The web application owner has also requested that the design be fault tolerant. The current configuration consists of a web application behind an ELB that uses Auto Scaling and an RDS MySQL database running in a multi-AZ configuration. As the database load is highly changeable the solution should allow elasticity by adding and removing nodes as required and should also be multi-threaded.</p><p>What recommendations would you make?</p>', 'relatedLectureIds': '', 'answers': ['<p>Deploy an ElastiCache Memcached cluster in both AZs in which the RDS database is deployed\xa0 \xa0 </p>', '<p>Deploy an ElastiCache Memcached cluster in multi-AZ mode in the same AZs as RDS\xa0 \xa0 </p>', '<p>Deploy an ElastiCache Redis cluster with cluster mode disabled and multi-AZ with automatic failover\xa0 \xa0 </p>', '<p>Deploy an ElastiCache Redis cluster with cluster mode enabled and multi-AZ with automatic failover\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232175, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'A major upcoming sales event is likely to result in heavy read traffic to a web application your company manages. As the Solutions Architect you have been asked for advice on how best to protect the database tier from the heavy load and ensure the user experience is not impacted. The web application owner has also requested that the design be fault tolerant. The current configuration consists of a web application behind an ELB that uses Auto Scaling and an RDS MySQL database running in a multi-AZ configuration. As the database load is highly changeable the solution should allow elasticity by adding and removing nodes as required and should also be multi-threaded.What recommendations would you make?'}, {'_class': 'assessment', 'original_assessment_id': 5929364, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Both a NAT gateway and an Internet gateway offer redundancy however the NAT gateway is limited to 45 Gbps whereas the IGW does not impose any limits</li> \t<li>A VPC endpoint is used to access public services from a VPC without traversing the Internet</li> \t<li>NAT instances are EC2 instances that are used, in a similar way to NAT gateways, by instances in private subnets to access the Internet. However they are not redundant and are limited in bandwidth</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>A Solutions Architect is determining the best method for provisioning Internet connectivity for a data-processing application that will pull large amounts of data from an object storage system via the Internet. The solution must be redundant and have no constraints on bandwidth.</p><p>Which option satisfies these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use a NAT Gateway\xa0 \xa0 \xa0</p>', '<p>Create a VPC endpoint\xa0 \xa0 </p>', '<p>Attach an Internet Gateway\xa0 \xa0 </p>', '<p>Deploy NAT Instances in a public subnet\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232177, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'A Solutions Architect is determining the best method for provisioning Internet connectivity for a data-processing application that will pull large amounts of data from an object storage system via the Internet. The solution must be redundant and have no constraints on bandwidth.Which option satisfies these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 5929366, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache for DynamoDB that delivers up to a 10x performance improvement – from milliseconds to microseconds – even at millions of requests per second</li> \t<li>It is possible to use ElastiCache in front of DynamoDB, however this is not a supported architecture</li> \t<li>DynamoDB is not a supported origin for CloudFront</li> \t<li>Reducing the number of Scan operations on DynamoDB may improve performance but will not reduce latency to microseconds</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/dynamodb/dax/">https://aws.amazon.com/dynamodb/dax/</a></li> </ul>', 'question': '<p>A Solutions Architect has been asked to improve the performance of a DynamoDB table. Latency is currently a few milliseconds and this needs to be reduced to microseconds whilst also scaling to millions of requests per second.</p><p>What is the BEST architecture to support this?</p>', 'relatedLectureIds': '', 'answers': ['<p>Create a DynamoDB Accelerator (DAX) cluster\xa0 \xa0 </p>', '<p>Create an ElastiCache Redis cluster\xa0 \xa0 </p>', '<p>Use CloudFront to cache the content\xa0 \xa0 </p>', '<p>Reduce the number of Scan operations\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232179, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'A Solutions Architect has been asked to improve the performance of a DynamoDB table. Latency is currently a few milliseconds and this needs to be reduced to microseconds whilst also scaling to millions of requests per second.What is the BEST architecture to support this?'}, {'_class': 'assessment', 'original_assessment_id': 5929368, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>A web application using RDS is a good fit as it includes multiple services and Elastic Beanstalk is an orchestration engine</li> \t<li>A data lake would not be a good fit for Elastic Beanstalk</li> \t<li>A Long running worker process is a good Elastic Beanstalk use case where it manages an SQS queue - again this is an example of multiple services being orchestrated</li> \t<li>Content caching would be a good use case for CloudFront</li> \t<li>A management task run occasionally might be a good fit for AWS Systems Manager Automation</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-elastic-beanstalk/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-elastic-beanstalk/</a></li> \t<li><a href="https://aws.amazon.com/elasticbeanstalk/faqs/">https://aws.amazon.com/elasticbeanstalk/faqs/</a></li> </ul>', 'question': '<p>For which of the following workloads should a Solutions Architect consider using Elastic Beanstalk? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>A web application using Amazon RDS\xa0 \xa0 </p>', '<p>A data lake\xa0 \xa0 </p>', '<p>A long running worker process\xa0 \xa0 </p>', '<p>Caching content for Internet-based delivery\xa0 \xa0 </p>', '<p>A management task run occasionally\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232181, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a', 'c'], 'question_plain': 'For which of the following workloads should a Solutions Architect consider using Elastic Beanstalk? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5929370, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EFS provides a highly-available data store with consistent low latencies and elasticity to scale as required</li> \t<li>RedShift is a data warehouse that is used for analyzing data using SQL</li> \t<li>DynamoDB is a low latency, highly available NoSQL DB. You can store JSON files up to 400KB in size in a DynamoDB table</li> \t<li>CloudFormation is an orchestration tool and does not help with storing documents</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/</a></li> </ul>', 'question': '<p>A Solutions Architect is developing an application that will store and index large (>1 MB) JSON files. The data store must be highly available and latency must be consistently low even during times of heavy usage. </p><p>Which service should the Architect use?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon EFS\xa0 \xa0 </p>', '<p>Amazon RedShift\xa0 \xa0 </p>', '<p>DynamoDB\xa0 \xa0 </p>', '<p>AWS CloudFormation\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232183, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'A Solutions Architect is developing an application that will store and index large (>1 MB) JSON files. The data store must be highly available and latency must be consistently low even during times of heavy usage. Which service should the Architect use?'}, {'_class': 'assessment', 'original_assessment_id': 5929372, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Security Token Service (STS) is used for requesting temporary credentials</li> \t<li>Amazon Simple Queue Service (SQS) is a message queue used for decoupling application components</li> \t<li>Lambda is a serverless service that runs code in response to events/triggers</li> \t<li>Amazon Simple Notification Service (SNS) is a web service that makes it easy to set up, operate, and send notifications from\xa0the cloud</li> \t<li>SNS supports notifications over multiple transports including HTTP/HTTPS, Email/Email-JSON, SQS and SMS</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sns/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sns/</a></li> </ul>', 'question': '<p>A Solutions Architect is designing a web page for event registrations, and needs a managed service to send a text message to users every time users sign up for an event.</p><p>Which AWS service should the Architect use to achieve this?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon STS\xa0 \xa0 </p>', '<p>Amazon SQS\xa0 \xa0 </p>', '<p>AWS\xa0Lambda\xa0 \xa0 </p>', '<p>Amazon SNS\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232185, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['d'], 'question_plain': 'A Solutions Architect is designing a web page for event registrations, and needs a managed service to send a text message to users every time users sign up for an event.Which AWS service should the Architect use to achieve this?'}, {'_class': 'assessment', 'original_assessment_id': 5929374, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>This is a simple mathematical problem. Take note that the question asks that 6 instances must be available in the event that ANY SINGLE AZ becomes unavailable. There are only 2 options that fulfil these criteria</li> </ul> <strong>References:</strong> <ul></ul> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You have an application running in us-west-2 that requires six EC2 instances running at all times.\xa0</p><p>With three Availability Zones available in that region (ap-southeast-2a, ap-southeast-2b, and ap-southeast-2c), which of the following deployments provides fault tolerance if any single Availability Zone in ap-southeast-2 becomes unavailable? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>2 EC2 instances in ap-southeast-2a, 2 EC2 instances in ap-southeast-2b, 2 EC2 instances in ap-southeast-2c\xa0 \xa0 </p>', '<p>3 EC2 instances in ap-southeast-2a, 3 EC2 instances in ap-southeast-2b, no EC2 instances in ap-southeast-2c\xa0 \xa0 </p>', '<p>4 EC2 instances in ap-southeast-2a, 2 EC2 instances in ap-southeast-2b, 2 EC2 instances in ap-southeast-2c\xa0 \xa0 </p>', '<p>6 EC2 instances in ap-southeast-2a, 6 EC2 instances in ap-southeast-2b, no EC2 instances in ap-southeast-2c\xa0 \xa0 </p>', '<p>3 EC2 instances in ap-southeast-2a, 3 EC2 instances in ap-southeast-2b, 3 EC2 instances in ap-southeast-2c\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232187, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['d', 'e'], 'question_plain': 'You have an application running in us-west-2 that requires six EC2 instances running at all times.\xa0With three Availability Zones available in that region (ap-southeast-2a, ap-southeast-2b, and ap-southeast-2c), which of the following deployments provides fault tolerance if any single Availability Zone in ap-southeast-2 becomes unavailable? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5929376, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Expedited retrieval enables access to data in 1-5 minutes</li> \t<li>Bulk retrievals allow cost-effective access to significant amounts of data in 5-12 hours</li> \t<li>Standard retrievals typically complete in 3-5 hours</li> \t<li>Vault Lock allows you to easily deploy and enforce compliance controls on individual Glacier vaults via a lockable policy (Vault Lock policy)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> \t<li><a href="https://docs.aws.amazon.com/amazonglacier/latest/dev/downloading-an-archive-two-steps.html">https://docs.aws.amazon.com/amazonglacier/latest/dev/downloading-an-archive-two-steps.html</a></li> </ul>', 'question': '<p>A Solutions Architect is designing a solution to store and archive corporate documents, and has determined that Amazon Glacier is the right solution. Data must be delivered within 10 minutes of a retrieval request. </p><p>Which features in Amazon Glacier can help meet this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>Vault Lock\xa0 \xa0 </p>', '<p>Expedited retrieval</p>', '<p>Bulk retrieval</p>', '<p>Standard retrieval</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232189, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'A Solutions Architect is designing a solution to store and archive corporate documents, and has determined that Amazon Glacier is the right solution. Data must be delivered within 10 minutes of a retrieval request. Which features in Amazon Glacier can help meet this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 5929378, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>An Amazon Elastic Block Store (EBS) volume can only be attached to a single instance and cannot be shared</li> \t<li>Amazon Elastic File Service (EFS) allows concurrent access from many EC2 instances and is mounted over NFS which is a file-level protocol</li> \t<li>Amazon S3 is an object storage system that is accessed via REST API not file-level protocols. It cannot be attached to EC2 instances</li> \t<li>An EC2 instance store is an ephemeral storage volume that is local to the server on which the instances runs and is not persistent. It is accessed via block protocols and also cannot be shared between instances</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/</a></li> </ul>', 'question': '<p>You are designing a solution on AWS that requires a file storage layer that can be shared between multiple EC2 instances. The storage should be highly-available and should scale easily.</p><p>Which AWS service can be used for this design?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon EBS\xa0 \xa0 </p>', '<p>Amazon EFS</p>', '<p>Amazon S3</p>', '<p>Amazon EC2 instance store</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232191, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'You are designing a solution on AWS that requires a file storage layer that can be shared between multiple EC2 instances. The storage should be highly-available and should scale easily.Which AWS service can be used for this design?'}, {'_class': 'assessment', 'original_assessment_id': 5929382, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>It is an AWS best practice not to store API credentials within applications, on file systems or on instances (such as in metadata).</li> \t<li>Always use IAM roles when you can</li> </ul> <strong>References:</strong><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/"></a> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>You are deploying an application on Amazon EC2 that must call AWS APIs.</p><p>\xa0What method of securely passing credentials to the application should you use?</p>', 'relatedLectureIds': '', 'answers': ['<p>Store the API credentials on the instance using instance metadata</p>', '<p>Store API credentials as an object in Amazon S3\xa0 \xa0 </p>', '<p>Assign IAM roles to the EC2 instances\xa0 \xa0 </p>', '<p>Embed the API credentials into your application files\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232193, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['c'], 'question_plain': 'You are deploying an application on Amazon EC2 that must call AWS APIs.\xa0What method of securely passing credentials to the application should you use?'}, {'_class': 'assessment', 'original_assessment_id': 5929384, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Provisioned IOPS SSD provides high performance at a higher cost</li> \t<li>Throughput Optimized HDD is the most cost-effective storage option and for a small DB with low traffic volumes it may be sufficient</li> \t<li>AWS recommend using General Purpose SSD rather than Throughput Optimized HDD but it is more expensive</li> \t<li>The Amazon Elastic File System (EFS) is not an ideal storage solution for a database</li> </ul> <strong>References:</strong><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/"></a> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>A Solutions Architect is migrating a small relational database into AWS. The database will run on an EC2 instance and the DB size is around 200 GB. The database is infrequently used with small amounts of requests spread across the day. The DB is a low priority and the Architect needs to lower the cost of the solution.</p><p>\xa0What is the MOST cost-effective storage type?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon EBS Provisioned IOPS SSD\xa0 \xa0 </p>', '<p>Amazon EBS Throughput Optimized HDD\xa0 \xa0 </p>', '<p>Amazon EBS General Purpose SSD\xa0 \xa0 </p>', '<p>Amazon EFS\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232195, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'A Solutions Architect is migrating a small relational database into AWS. The database will run on an EC2 instance and the DB size is around 200 GB. The database is infrequently used with small amounts of requests spread across the day. The DB is a low priority and the Architect needs to lower the cost of the solution.\xa0What is the MOST cost-effective storage type?'}, {'_class': 'assessment', 'original_assessment_id': 5929386, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Aurora databases can scale up to 64 TB and Aurora replicas features millisecond latency</li> \t<li>All other RDS engines have a limit of 16 TiB maximum DB size and asynchronous replication typically takes seconds</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html">https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html</a></li> </ul>', 'question': '<p>A company is migrating an on-premises 10 TB MySQL database to AWS. The company expects the database to quadruple in size and the business requirement is that replicate lag must be kept under 100 milliseconds.</p><p>Which Amazon RDS engine meets these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>MySQL\xa0 \xa0 </p>', '<p>Microsoft SQL Server\xa0 \xa0 </p>', '<p>Oracle\xa0 \xa0 </p>', '<p>Amazon Aurora\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232197, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['d'], 'question_plain': 'A company is migrating an on-premises 10 TB MySQL database to AWS. The company expects the database to quadruple in size and the business requirement is that replicate lag must be kept under 100 milliseconds.Which Amazon RDS engine meets these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 5929388, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts</li> \t<li>Elastic Beanstalk is a PaaS service that helps you to build and manage web applications</li> \t<li>AWS OpsWorks is a configuration management service that helps you build and operate highly dynamic applications, and propagate changes instantly</li> \t<li>AWS CodeDeploy is a deployment service that automates application deployments to Amazon EC2 instances, on-premises instances, or serverless Lambda functions</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/</a></li> </ul>', 'question': '<p>A systems integration company that helps customers migrate into AWS repeatedly build large, standardized architectures using several AWS services. The Solutions Architects have documented the architectural blueprints for these solutions and are looking for a method of automating the provisioning of the resources.</p><p>Which AWS service would satisfy this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>Elastic Beanstalk\xa0 \xa0 </p>', '<p>AWS CloudFormation\xa0 \xa0 </p>', '<p>AWS OpsWorks\xa0 \xa0 </p>', '<p>AWS CodeDeploy\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232199, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'A systems integration company that helps customers migrate into AWS repeatedly build large, standardized architectures using several AWS services. The Solutions Architects have documented the architectural blueprints for these solutions and are looking for a method of automating the provisioning of the resources.Which AWS service would satisfy this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 5929390, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Glacier with expedited retrievals is fast (1-5 minutes) but not immediate</li> \t<li>Amazon S3 Standard-Infrequent Access is the most cost-effective choice</li> \t<li>Amazon EFS is a high performance file system and not ideally suited to this scenario, it is also not the most cost-effective option</li> \t<li>Amazon S3 Standard provides immediate retrieval but is not less cost-effective compared to Standard-Infrequent access</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>A company runs a service on AWS to provide offsite backups for images on laptops and phones. The solution must support millions of customers, with thousands of images per customer. Images will be retrieved infrequently, but must be available for retrieval immediately.</p><p>Which is the MOST cost-effective storage option that meets these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon Glacier with expedited retrievals\xa0 \xa0 </p>', '<p>Amazon S3 Standard-Infrequent Access\xa0 \xa0 </p>', '<p>Amazon EFS\xa0 \xa0 </p>', '<p>Amazon S3 Standard\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232201, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['b'], 'question_plain': 'A company runs a service on AWS to provide offsite backups for images on laptops and phones. The solution must support millions of customers, with thousands of images per customer. Images will be retrieved infrequently, but must be available for retrieval immediately.Which is the MOST cost-effective storage option that meets these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 5929392, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon RedShift uses columnar storage and is used for analyzing data using business intelligence tools (SQL)</li> \t<li>Amazon RDS is more suited to OLTP workloads rather than analytics workloads</li> \t<li>Amazon ElastiCache is an in-memory caching service</li> \t<li>Amazon Dynamo DB is a fully managed NoSQL database\xa0service</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/</a></li> </ul>', 'question': '<p>A company is generating large datasets with millions of rows that must be summarized by column. Existing business intelligence tools will be used to build daily reports.</p><p>\xa0Which storage service meets the requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon RedShift\xa0 \xa0 </p>', '<p>Amazon RDS\xa0 \xa0 </p>', '<p>Amazon ElastiCache\xa0 \xa0 </p>', '<p>Amazon DynamoDB\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232203, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'A company is generating large datasets with millions of rows that must be summarized by column. Existing business intelligence tools will be used to build daily reports.\xa0Which storage service meets the requirements?'}, {'_class': 'assessment', 'original_assessment_id': 5929396, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EBS snapshots are stored in S3 and are therefore replicated across multiple locations</li> \t<li>Enabling volume encryption would not increase resiliency</li> \t<li>Instance stores are ephemeral (non-persistent) data stores so would not add any resilience</li> \t<li>Mirroring data would provide resilience however both volumes would need to be mounted to the EC2 instance within the same AZ so you are not getting the redundancy required</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>An application currently stores all data on Amazon EBS volumes. All EBS volumes must be backed up durably across multiple Availability Zones. </p><p>\xa0What is the MOST resilient way to back up volumes?</p>', 'relatedLectureIds': '', 'answers': ['<p>Take regular EBS snapshots\xa0 \xa0 </p>', '<p>Enable EBS volume encryption\xa0 \xa0 </p>', '<p>Create a script to copy data to an EC2 instance store\xa0 \xa0 </p>', '<p>Mirror data across two EBS volumes\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232205, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:21Z', 'created': '2018-11-26T03:27:21Z', 'correct_response': ['a'], 'question_plain': 'An application currently stores all data on Amazon EBS volumes. All EBS volumes must be backed up durably across multiple Availability Zones. \xa0What is the MOST resilient way to back up volumes?'}], 'next': None, 'count': 65, 'previous': None}, 'type': 'practice-test'}, {'title': 'AWS Certified Solutions Architect - Associate: Test 4', 'quiz_data': {'results': [{'_class': 'assessment', 'original_assessment_id': 4871098, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li lang="en-AU">Logical IDs are used to reference resources within the template</li> \t<li lang="en-AU"><span>Physical IDs identify resources outside of AWS CloudFormation templates, but only after the resources have been created</span></li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/</a></li> </ul>', 'question': '<p>You are creating a CloudFormation template that will provision a new EC2 instance and new EBS volume. What do you need to specify to associate the block store with the instance?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Both the EC2 logical ID and the EBS logical ID\xa0 \xa0 </p>', '<p>The EC2 logical ID\xa0 \xa0 </p>', '<p>Both the EC2 physical ID and the EBS physical ID\xa0 \xa0 </p>', '<p>The EC2 physical ID\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261207, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a'], 'question_plain': 'You are creating a CloudFormation template that will provision a new EC2 instance and new EBS volume. What do you need to specify to associate the block store with the instance?'}, {'_class': 'assessment', 'original_assessment_id': 4871100, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Policies are documents that define permissions and can be applied to users, groups and roles</li> \t<li>Policy documents are written in JSON (key value pair that consists of an attribute and a value)</li> \t<li><span>Within an IAM policy you can grant either programmatic access or AWS Management Console access to Amazon S3 resources</span></li> \t<li>Key pairs are used for access to EC2 instances; a bucket policy would not assist with access control with EC2 and granting management console access will not assist the application which is making API calls to the services</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>An application you are designing will gather data from a website hosted on an EC2 instance and write the data to an S3 bucket. The application will use API calls to interact with the EC2 instance and S3 bucket.</p><p>What strategy would you implement for access control? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Create an IAM policy\xa0 \xa0 </p>', '<p>Grant programmatic access\xa0 \xa0 </p>', '<p>Create a bucket policy\xa0 \xa0 </p>', '<p>Grant AWS Management Console access\xa0 \xa0 </p>', '<p>Ue key pairs</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261209, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'b'], 'question_plain': 'An application you are designing will gather data from a website hosted on an EC2 instance and write the data to an S3 bucket. The application will use API calls to interact with the EC2 instance and S3 bucket.What strategy would you implement for access control? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4871270, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for IAM users or for users that you authenticate (federated users)</li> \t<li>Steps are: <ol> \t<li>Verify that the user is authenticated by your local identity system</li> \t<li>Call the AWS Security Token Service (AWS STS) AssumeRole or GetFederationToken API operations to obtain temporary security credentials for the user</li> \t<li>Call the AWS federation endpoint and supply the temporary security credentials to request a sign-in token</li> \t<li>Construct a URL for the console that includes the token</li> \t<li>Give the URL to the user or invoke the URL on the user\'s behalf</li> </ol> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> \t<li><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html">https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html</a></li> </ul>', 'question': "<p>You are a Developer working for Digital Cloud Guru. You are planning to write some code that creates a URL that lets users who sign in to your organization's network securely access the AWS Management Console. The URL will include a sign-in token that you get from AWS that authenticates the user to AWS. You are using Microsoft Active Directory Federation Services as your identity provider (IdP) which is compatible with SAML 2.0.</p><p>Which of the steps below will you need to include when developing your custom identity broker? (choose 2)</p>", 'relatedLectureIds': '', 'answers': ['<p>Call the AWS Security Token Service (AWS STS) AssumeRole or GetFederationToken API operations to obtain temporary security credentials for the user\xa0 \xa0 </p>', '<p>Generate a pre-signed URL programmatically using the AWS SDK for Java or the AWS SDK for .NET\xa0 \xa0 </p>', '<p>Call the AWS federation endpoint and supply the temporary security credentials to request a sign-in token\xa0 \xa0 </p>', '<p>Delegate access to the IdP through the "Configure Provider" wizard in the IAM console\xa0 \xa0 </p>', '<p>Assume an IAM Role through the console or programmatically with the AWS CLI, Tools for Windows PowerShell or API\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261211, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'c'], 'question_plain': "You are a Developer working for Digital Cloud Guru. You are planning to write some code that creates a URL that lets users who sign in to your organization's network securely access the AWS Management Console. The URL will include a sign-in token that you get from AWS that authenticates the user to AWS. You are using Microsoft Active Directory Federation Services as your identity provider (IdP) which is compatible with SAML 2.0.Which of the steps below will you need to include when developing your custom identity broker? (choose 2)"}, {'_class': 'assessment', 'original_assessment_id': 4871278, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ENIs can be “hot attached” to running instances</li> \t<li>ENIs can be “warm-attached” when the instance is stopped</li> \t<li>ENIs can be “cold-attached” when the instance is launched</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>A Solutions Architect needs to attach an Elastic Network Interface (ENI) to an EC2 instance. This can be performed when the instance is in different states. What state does “warm attach” refer to?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Attaching an ENI to an instance when it is stopped\xa0 \xa0 </p>', '<p>Attaching an ENI to an instance during the launch process\xa0 \xa0 </p>', '<p>Attaching an ENI to an instance when it is running\xa0 \xa0 </p>', '<p>Attaching an ENI to an instance when it is idle\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261213, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a'], 'question_plain': 'A Solutions Architect needs to attach an Elastic Network Interface (ENI) to an EC2 instance. This can be performed when the instance is in different states. What state does “warm attach” refer to?'}, {'_class': 'assessment', 'original_assessment_id': 4871288, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for IAM users or for users that you authenticate (federated users)</li> \t<li>Federation (typically AD) <ul> \t<li>Uses SAML 2.0</li> \t<li>Grants temporary access based on the users AD credentials</li> \t<li>Does not need to be a user in IAM</li> \t<li>Single sign-on allows users to login to the AWS console without assigning IAM credentials</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>You have been asked to come up with a solution for providing single sign-on to the existing users in your company who are consuming on-premise web applications.</p><p>Which product combinations would help you to achieve this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use your on-premise LDAP directory with IAM\xa0 \xa0 </p>', '<p>Use IAM and MFA\xa0 \xa0 </p>', '<p>Use the AWS Secure Token Service (STS) and SAML\xa0 \xa0 </p>', '<p>Use IAM and Amazon Cognito\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261215, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['c'], 'question_plain': 'You have been asked to come up with a solution for providing single sign-on to the existing users in your company who are consuming on-premise web applications.Which product combinations would help you to achieve this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 4871296, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Multi-AZ RDS creates a replica in another AZ and synchronously replicates to it (DR only)</li> \t<li>A failover may be triggered in the following circumstances:</li> \t<li>Loss of primary AZ or primary DB instance failure <ul> \t<li>Loss of network connectivity on primary</li> \t<li>Compute (EC2) unit failure on primary</li> \t<li>Storage (EBS) unit failure on primary</li> \t<li>The primary DB instance is changed</li> \t<li>Patching of the OS on the primary DB instance</li> \t<li>Manual failover (reboot with failover selected on primary)</li> </ul> </li> \t<li>During failover RDS automatically updates configuration (including DNS endpoint) to use the second node</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>You have an Amazon RDS Multi-AZ deployment across two availability zones. An outage of the availability zone in which the primary RDS DB instance is running occurs. What actions will take place in this circumstance? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The primary DB instance will switch over automatically to the standby replica\xa0 \xa0 </p>', '<p>Due to the loss of network connectivity the process to switch to the standby replica cannot take place\xa0 \xa0 </p>', '<p>The failover mechanism automatically changes the DNS record of the DB instance to point to the standby DB instance\xa0 \xa0 </p>', '<p>A manual failover of the DB instance will need to be initiated using Reboot with failover\xa0 \xa0 </p>', '<p>A failover will take place once the connection draining timer has expired\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261217, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'c'], 'question_plain': 'You have an Amazon RDS Multi-AZ deployment across two availability zones. An outage of the availability zone in which the primary RDS DB instance is running occurs. What actions will take place in this circumstance? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4871344, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Serverless services include (but not limited to): <ul> \t<li>API Gateway</li> \t<li>Lambda</li> \t<li>S3</li> \t<li>DynamoDB</li> \t<li>SNS</li> \t<li>SQS</li> \t<li>Kinesis</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/serverless/">https://aws.amazon.com/serverless/</a></li> </ul>', 'question': '<p>Your manager is interested in reducing operational overhead and cost and heard about “serverless” computing at a conference he recently attended. He has asked you if AWS provide any services that the company can leverage. Which services from the list below would you tell him about? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>API Gateway\xa0 \xa0 </p>', '<p>EC2</p>', '<p>Lambda</p>', '<p>EMR</p>', '<p>ECS</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261219, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'c'], 'question_plain': 'Your manager is interested in reducing operational overhead and cost and heard about “serverless” computing at a conference he recently attended. He has asked you if AWS provide any services that the company can leverage. Which services from the list below would you tell him about? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4871354, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Snapshots capture a point-in-time state of an instance</li> \t<li>Snapshots are stored on S3</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You would like to store a backup of an Amazon EBS volume on Amazon S3. What is the easiest way of achieving this?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Create a snapshot of the volume\xa0 \xa0 </p>', '<p>Write a custom script to automatically copy your data to an S3 bucket\xa0 \xa0 </p>', '<p>You don’t need to do anything, EBS volumes are automatically backed up by default\xa0 \xa0 </p>', '<p>Use SWF to automatically create a backup of your EBS volumes and then upload them to an S3 bucket\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261221, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a'], 'question_plain': 'You would like to store a backup of an Amazon EBS volume on Amazon S3. What is the easiest way of achieving this?'}, {'_class': 'assessment', 'original_assessment_id': 4871404, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet</li> \t<li>AWS OpsWorks for Chef Automate is a fully-managed configuration management service that hosts Chef Automate, a suite of automation tools from Chef for configuration management, compliance and security, and continuous deployment</li> \t<li>OpsWorks for Chef Automate is completely compatible with tooling and cookbooks from the Chef community and automatically registers new nodes with your Chef server</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-opsworks/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-opsworks/</a></li> </ul>', 'question': '<p>Your Systems Administrators currently use Chef for configuration management of on-premise servers. Which AWS service will provide a fully-managed configuration management service that will allow you to use your existing Chef cookbooks?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Opsworks Stacks\xa0 \xa0 </p>', '<p>Elastic Beanstalk\xa0 \xa0 </p>', '<p>OpsWorks for Chef Automate\xa0 \xa0 </p>', '<p>CloudFormation\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261223, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['c'], 'question_plain': 'Your Systems Administrators currently use Chef for configuration management of on-premise servers. Which AWS service will provide a fully-managed configuration management service that will allow you to use your existing Chef cookbooks?'}, {'_class': 'assessment', 'original_assessment_id': 4871414, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>DynamoDB can throttle requests that exceed the provisioned throughput for a table</li> \t<li>When a request is throttled it fails with an HTTP 400 code (Bad Request) and a ProvisionedThroughputExceeded exception</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>An Amazon CloudWatch alarm recently notified you that the load on a DynamoDB table you are running is getting close to the provisioned capacity for writes. The DynamoDB table is part of a two-tier customer-facing application. You are concerned about what will happen if the limit is reached but need to wait for approval to increase the WriteCapacityUnits value assigned to the table.</p><p>What will happen if the limit for the provisioned capacity for writes is reached?</p>', 'relatedLectureIds': '', 'answers': ['<p>DynamoDB scales automatically so there’s no need to worry\xa0 \xa0 </p>', '<p>The requests will be throttled, and fail with an HTTP 400 code (Bad Request) and a ProvisionedThroughputExceededException\xa0 \xa0 </p>', '<p>The requests will be throttled, and fail with an HTTP 503 code (Service Unavailable)\xa0 \xa0 </p>', '<p>The requests will succeed, and an HTTP 200 status code will be returned\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261225, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b'], 'question_plain': 'An Amazon CloudWatch alarm recently notified you that the load on a DynamoDB table you are running is getting close to the provisioned capacity for writes. The DynamoDB table is part of a two-tier customer-facing application. You are concerned about what will happen if the limit is reached but need to wait for approval to increase the WriteCapacityUnits value assigned to the table.What will happen if the limit for the provisioned capacity for writes is reached?'}, {'_class': 'assessment', 'original_assessment_id': 4871424, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can securely upload/download your data to Amazon S3 via SSL endpoints using the HTTPS protocol (In Transit – SSL/TLS)</li> \t<li>Encryption options:</li> \t<li>- Client side – encrypted on the client side and transferred in an encrypted state</li> \t<li>- Server-Side Encryption – data is encrypted by S3 before it is written to disk (data is decrypted when it is downloaded)</li> \t<li>SSE-S3 – Server Side Encryption with S3 managed keys:</li> \t<li>- Each object is encrypted with a unique key</li> \t<li>- Encryption key is encrypted with a master key</li> \t<li>- AWS regularly rotate the master key</li> \t<li>- Uses AES 256</li> \t<li>SSE-C – Server Side Encryption with client provided keys:</li> \t<li>- Client manages the keys, S3 manages encryption</li> \t<li>- AWS does not store the encryption keys</li> \t<li>- If keys are lost data cannot be decrypted</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>You work for a systems integrator running a platform that stores medical records. The government security policy mandates that patient data that contains personally identifiable information (PII) must be encrypted at all times, both at rest and in transit. You are using Amazon S3 to back up data into the AWS cloud.</p><p>How can you ensure the medical records are properly secured? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Enable Server Side Encryption with S3 managed keys on an S3 bucket using AES-256\xa0 \xa0 </p>', '<p>Enable Server Side Encryption with S3 managed keys on an S3 bucket using AES-128\xa0 \xa0 </p>', '<p>Upload the data using CloudFront with an EC2 origin\xa0 \xa0 </p>', '<p>Attach an encrypted EBS volume to an EC2 instance\xa0 \xa0 </p>', '<p>Before uploading the data to S3 over HTTPS, encrypt the data locally using your own encryption keys\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261227, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'e'], 'question_plain': 'You work for a systems integrator running a platform that stores medical records. The government security policy mandates that patient data that contains personally identifiable information (PII) must be encrypted at all times, both at rest and in transit. You are using Amazon S3 to back up data into the AWS cloud.How can you ensure the medical records are properly secured? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4871434, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Groups are collections of users and have policies attached to them</li> \t<li>A group is not an identity and cannot be identified as a principal in an IAM policy</li> \t<li>Use groups to assign permissions to users</li> \t<li>Use the principal of least privilege when assigning permissions</li> \t<li>You cannot nest groups (groups within groups)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>Your manager has asked you to explain the benefits of using IAM groups. Which of the below statements are valid benefits? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>You can restrict access to the subnets in your VPC\xa0 \xa0 </p>', '<p>Groups let you specify permissions for multiple users, which can make it easier to manage the permissions for those users\xa0 \xa0 </p>', '<p>Provide the ability to create custom permission policies\xa0 \xa0 </p>', '<p>Enables you to attach IAM permission policies to more than one user at a time\xa0 \xa0 </p>', '<p>Provide the ability to nest groups to create an organizational hierarchy\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261229, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b', 'd'], 'question_plain': 'Your manager has asked you to explain the benefits of using IAM groups. Which of the below statements are valid benefits? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872002, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>IAM can be used to control access at the container level using IAM roles</li> \t<li>The container agent makes calls to the ECS API on your behalf through the applied IAM roles and policies</li> \t<li>You need to apply IAM roles to container instances before they are launched (EC2 launch type)</li> \t<li>AWS recommend limiting the permissions that are assigned to the container instance’s IAM roles</li> \t<li>Assign extra permissions to tasks through separate IAM roles (IAM Roles for Tasks)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> </ul>', 'question': '<p>An issue has been raised to you whereby a client is concerned about the permissions assigned to his containerized applications. The containers are using the EC2 launch type. The current configuration uses the container instance’s IAM roles for assigning permissions to the containerized applications.</p><p>The client has asked if it’s possible to implement more granular permissions so that some applications can be assigned more restrictive permissions?</p>', 'relatedLectureIds': '', 'answers': ['<p>This cannot be changed as IAM roles can only be linked to container instances\xa0 \xa0 </p>', '<p>This can be achieved using IAM roles for tasks, and splitting the containers according to the permissions required to different task definition profiles\xa0 \xa0 </p>', '<p>This can be achieved by configuring a resource-based policy for each application\xa0 \xa0 </p>', '<p>This can only be achieved using the Fargate launch type\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261231, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b'], 'question_plain': 'An issue has been raised to you whereby a client is concerned about the permissions assigned to his containerized applications. The containers are using the EC2 launch type. The current configuration uses the container instance’s IAM roles for assigning permissions to the containerized applications.The client has asked if it’s possible to implement more granular permissions so that some applications can be assigned more restrictive permissions?'}, {'_class': 'assessment', 'original_assessment_id': 4872012, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>There is no additional charge for AWS CloudFormation</li> \t<li>You pay for AWS resources (such as Amazon EC2 instances, Elastic Load Balancing load balancers, etc.) created using AWS CloudFormation in the same manner as if you created them manually</li> \t<li>You only pay for what you use, as you use it; there are no minimum fees and no required upfront commitments</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/</a></li> </ul>', 'question': '<p>You are designing solutions that will utilize CloudFormation templates and your manager has asked how much extra will it cost to use CloudFormation to deploy resources?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>There is no additional charge for AWS CloudFormation, you only pay for the AWS resources that are created\xa0 \xa0 </p>', '<p>Amazon charge a flat fee for each time you use CloudFormation\xa0 \xa0 </p>', '<p>CloudFormation is charged per hour of usage\xa0 \xa0 </p>', '<p>The cost is based on the size of the template\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261233, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a'], 'question_plain': 'You are designing solutions that will utilize CloudFormation templates and your manager has asked how much extra will it cost to use CloudFormation to deploy resources?'}, {'_class': 'assessment', 'original_assessment_id': 4872022, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>When you create a VPC, you must specify an IPv4 CIDR block for the VPC</li> \t<li>The allowed block size is between a /16 netmask (65,536 IP addresses) and /28 netmask (16 IP addresses)</li> \t<li>The CIDR block must not overlap with any existing CIDR block that\'s associated with the VPC</li> \t<li>A /27 subnet mask provides 32 addresses</li> \t<li>The first four IP addresses and the last IP address in each subnet CIDR block are not available for you to use, and cannot be assigned to an instance</li> \t<li>The following list shows total addresses for different subnet masks: /32 = 1 ; /31 = 2 ; /30 = 4 ; /29 = 8 ; /28 = 16 ; /27 = 32</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>In your AWS VPC, you need to add a new subnet that will allow you to host a total of 20 EC2 instances.</p><p>Which of the following IPv4 CIDR blocks can you use for this scenario?</p>', 'relatedLectureIds': '', 'answers': ['<p>172.0.0.0/27\xa0 \xa0 </p>', '<p>172.0.0.0/28</p>', '<p>172.0.0.0/29\xa0 \xa0 </p>', '<p>172.0.0.0/30\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261235, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a'], 'question_plain': 'In your AWS VPC, you need to add a new subnet that will allow you to host a total of 20 EC2 instances.Which of the following IPv4 CIDR blocks can you use for this scenario?'}, {'_class': 'assessment', 'original_assessment_id': 4872038, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>If any health check returns an unhealthy status the instance will be terminated</li> \t<li>Unlike AZ rebalancing, termination of unhealthy instances happens first, then Auto Scaling attempts to launch new instances to replace terminated instances</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>There is a problem with an EC2 instance that was launched by AWS Auto Scaling. The EC2 status checks have reported that the instance is “Impaired”. What action will AWS Auto Scaling take?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>It will launch a new instance immediately and then mark the impaired one for replacement\xa0 \xa0 </p>', '<p>Auto Scaling will wait for 300 seconds to give the instance a chance to recover\xa0 \xa0 </p>', '<p>It will mark the instance for termination, terminate it, and then launch a replacement\xa0 \xa0 </p>', '<p>Auto Scaling performs its own status checks and does not integrate with EC2 status checks\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261237, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['c'], 'question_plain': 'There is a problem with an EC2 instance that was launched by AWS Auto Scaling. The EC2 status checks have reported that the instance is “Impaired”. What action will AWS Auto Scaling take?'}, {'_class': 'assessment', 'original_assessment_id': 4872046, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>All EBS types support encryption</li> \t<li>All instance families now support encryption</li> \t<li>To encrypt a volume or snapshot you need an encryption key, these are customer managed keys (CMK) and they are managed by the AWS Key Management Service (KMS)</li> \t<li>S3 encryption options: <ul> \t<li>Client side – encrypted on the client side and transferred in an encrypted state</li> \t<li>Server-Side Encryption – data is encrypted by S3 before it is written to disk (data is decrypted when it is downloaded)</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru and have been assigned the task of moving some sensitive documents into the AWS cloud. You need to ensure that the security of the documents is maintained. Which AWS features can help ensure that the sensitive documents are secured on the AWS cloud? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>EBS encryption with Customer Managed Keys\xa0 \xa0 </p>', '<p>S3 Server-Side Encryption\xa0 \xa0 </p>', '<p>IAM Access Policy\xa0 \xa0 </p>', '<p>EBS snapshots\xa0 \xa0 </p>', '<p>S3 cross region replication\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261239, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'b'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru and have been assigned the task of moving some sensitive documents into the AWS cloud. You need to ensure that the security of the documents is maintained. Which AWS features can help ensure that the sensitive documents are secured on the AWS cloud? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872052, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Subnets are created within availability zones (AZs)</li> \t<li>Can create private, public or VPN subnets</li> \t<li>Subnets map 1:1 to AZs and cannot span AZs</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You have created a VPC with private and public subnets and will be deploying a new mySQL database server running on an EC2 instance. Which subnet should you deploy the database server into?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The public subnet\xa0 \xa0 </p>', '<p>The private subnet\xa0 \xa0 </p>', '<p>It doesn’t matter\xa0 \xa0 </p>', '<p>The subnet that is mapped to the primary AZ in the region\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261241, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b'], 'question_plain': 'You have created a VPC with private and public subnets and will be deploying a new mySQL database server running on an EC2 instance. Which subnet should you deploy the database server into?'}, {'_class': 'assessment', 'original_assessment_id': 4872128, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>A tag is a label that you assign to an AWS resource</li> \t<li>Each tag consists of a key and an optional value, both of which you define</li> \t<li>Tags enable you to categorize your AWS resources in different ways, for example, by purpose, owner, or environment</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>You are creating a series of environments within a single VPC. You need to implement a system of categorization that allows for identification of EC2 resources by business unit, owner, or environment.</p><p>Which AWS feature allows you to do this?</p>', 'relatedLectureIds': '', 'answers': ['<p>Metadata\xa0 \xa0 </p>', '<p>Parameters\xa0 \xa0 </p>', '<p>Tags\xa0 \xa0 </p>', '<p>Custom filters\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261243, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['c'], 'question_plain': 'You are creating a series of environments within a single VPC. You need to implement a system of categorization that allows for identification of EC2 resources by business unit, owner, or environment.Which AWS feature allows you to do this?'}, {'_class': 'assessment', 'original_assessment_id': 4872134, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Multi-AZ RDS creates a replica in another AZ and synchronously replicates to it (DR only)</li> \t<li>You cannot choose which AZ in the region will be chosen to create the standby DB instance</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>To increase the resiliency of your RDS DB instance, you decided to enable Multi-AZ. Where will the new standby RDS instance be created?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>In another subnet within the same AZ\xa0 \xa0 </p>', '<p>In the same AWS Region but in a different AZ for high availability\xa0 \xa0 </p>', '<p>In a different AWS Region to protect against Region failures\xa0 \xa0 </p>', '<p>You must specify the location when configuring Multi-AZ\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261245, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b'], 'question_plain': 'To increase the resiliency of your RDS DB instance, you decided to enable Multi-AZ. Where will the new standby RDS instance be created?'}, {'_class': 'assessment', 'original_assessment_id': 4872174, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>By default Eth0 is the only Elastic Network Interface (ENI) created with an EC2 instance when launched</li> \t<li>You can add additional interfaces to EC2 instances (number dependent on instances family/type)</li> \t<li>Default interfaces are terminated with instance termination</li> \t<li>Manually added interfaces are not terminated by default</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>You created a second ENI (eth1) interface when launching an EC2 instance. You would like to terminate the instance and have not made any changes.</p><p>What will happen to the attached ENIs?</p>', 'relatedLectureIds': '', 'answers': ['<p>eth1 will persist but eth0 will be terminated\xa0 \xa0 </p>', '<p>eth1 will be terminated, but eth0 will persist\xa0 \xa0 </p>', '<p>Both eth0 and eth1 will be terminated with the instance\xa0 \xa0 </p>', '<p>Both eth0 and eth1 will persist\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261247, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a'], 'question_plain': 'You created a second ENI (eth1) interface when launching an EC2 instance. You would like to terminate the instance and have not made any changes.What will happen to the attached ENIs?'}, {'_class': 'assessment', 'original_assessment_id': 4872178, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can suspend and then resume one or more of the scaling processes for your Auto Scaling group.</li> \t<li>This can be useful when you want to investigate a configuration problem or other issue with your web application and then make changes to your application, without invoking the scaling processes</li> \t<li>You can manually move an instance from an ASG and put it in the standby state</li> \t<li>Instances in standby state are still managed by Auto Scaling, are charged as normal, and do not count towards available EC2 instance for workload/application use</li> \t<li>Auto scaling does not perform health checks on instances in the standby state</li> \t<li>Standby state can be used for performing updates/changes/troubleshooting etc. without health checks being performed or replacement instances being launched</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>An EC2 instance in an Auto Scaling Group is having some issues that are causing the ASG to launch new instances based on the dynamic scaling policy. You need to troubleshoot the EC2 instance and prevent the ASG from launching new instances temporarily.</p><p>What is the best method to accomplish this? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Disable the dynamic scaling policy\xa0 \xa0 </p>', '<p>Suspend the scaling processes responsible for launching new instances\xa0 \xa0 </p>', '<p>Place the EC2 instance that is experiencing issues into the Standby state\xa0 \xa0 </p>', '<p>Remove the EC2 instance from the Target Group\xa0 \xa0 </p>', '<p>Disable the launch configuration associated with the EC2 instance\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261249, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b', 'c'], 'question_plain': 'An EC2 instance in an Auto Scaling Group is having some issues that are causing the ASG to launch new instances based on the dynamic scaling policy. You need to troubleshoot the EC2 instance and prevent the ASG from launching new instances temporarily.What is the best method to accomplish this? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872182, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Failover to a secondary IP address</li> \t<li>Associated with a health check</li> \t<li>Used for active-passive</li> \t<li>Routes only when the resource is healthy</li> \t<li>Can be used with ELB</li> \t<li>When used with Alias records set Evaluate Target Health to "Yes" and do not use health checks</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>You are putting together a design for a web-facing application. The application will be run on EC2 instances behind ELBs in multiple regions in an active/passive configuration. The website address the application runs on is digitalcloud.guru. You will be using Route 53 to perform DNS resolution for the application.</p><p>How would you configure Route 53 in this scenario based on AWS best practices? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use a Failover Routing Policy\xa0 \xa0 </p>', '<p>Use a Weighted Routing Policy\xa0 \xa0 </p>', '<p>Connect the ELBs using Alias records\xa0 \xa0 </p>', '<p>Connect the ELBs using CNAME records\xa0 \xa0 </p>', '<p>Set Associate with Health Check to “Yes”\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261251, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'c'], 'question_plain': 'You are putting together a design for a web-facing application. The application will be run on EC2 instances behind ELBs in multiple regions in an active/passive configuration. The website address the application runs on is digitalcloud.guru. You will be using Route 53 to perform DNS resolution for the application.How would you configure Route 53 in this scenario based on AWS best practices? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872190, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>An Alias record can be used for resolving apex or naked domain names (e.g. example.com)</li> \t<li>A CNAME record can’t be used for resolving apex or naked domain names</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>You are configuring Route 53 for a customer’s website. Their web servers are behind an Internet-facing ELB. What record set would you create to point the customer’s DNS zone apex record at the ELB?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Create a PTR record pointing to the DNS name of the load balancer\xa0 \xa0 </p>', '<p>Create an A record pointing to the DNS name of the load balancer\xa0 \xa0 </p>', '<p>Create an A record that is an Alias, and select the ELB DNS as a target\xa0 \xa0 </p>', '<p>Create a CNAME record that is an Alias, and select the ELB DNS as a target\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261253, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['c'], 'question_plain': 'You are configuring Route 53 for a customer’s website. Their web servers are behind an Internet-facing ELB. What record set would you create to point the customer’s DNS zone apex record at the ELB?'}, {'_class': 'assessment', 'original_assessment_id': 4872404, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Bucket names cannot be changed after they have been created</li> \t<li>For better performance, lower latency and lower costs create the bucket closer to your clients</li> \t<li>An S3 bucket is region specific</li> \t<li>S3 is a universal namespace so names must be unique globally</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>You are a Solutions Architect for Digital Cloud Guru. A client is migrating a large amount of data that their customers access onto the AWS cloud. The client is located in Australia and most of their customers will be accessing the data from within Australia. The customer has asked you for some advice about S3 buckets.</p><p>Which of the following statements would be good advice? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Buckets can be renamed after they have been created\xa0 \xa0 </p>', '<p>To reduce latency and improve performance, create the buckets in the Asia Pacific (Sydney) region\xa0 \xa0 </p>', '<p>S3 is a global service so it doesn’t matter where you create your buckets\xa0 \xa0 </p>', '<p>S3 is a universal namespace so bucket names must be unique globally\xa0 \xa0 </p>', '<p>S3 buckets have a limit on the number of objects you can store in them\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261255, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b', 'd'], 'question_plain': 'You are a Solutions Architect for Digital Cloud Guru. A client is migrating a large amount of data that their customers access onto the AWS cloud. The client is located in Australia and most of their customers will be accessing the data from within Australia. The customer has asked you for some advice about S3 buckets.Which of the following statements would be good advice? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872410, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The following are a few reasons why an instance might immediately terminate: <ul> \t<li>You\'ve reached your EBS volume limit</li> \t<li>An EBS snapshot is corrupt</li> \t<li>The root EBS volume is encrypted and you do not have permissions to access the KMS key for decryption</li> \t<li>The instance store-backed AMI that you used to launch the instance is missing a required part (an image.part.xx file)</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/troubleshooting-launch.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/troubleshooting-launch.html</a></li> </ul>', 'question': '<p>You just attempted to restart a stopped EC2 instance and it immediately changed from a pending state to a terminated state. What are the most likely explanations? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ["<p>You've reached your EBS volume limit\xa0 \xa0 </p>", '<p>An EBS snapshot is corrupt\xa0 \xa0 </p>', '<p>AWS does not currently have enough available On-Demand capacity to service your request\xa0 \xa0 </p>', '<p>You have reached the limit on the number of instances that you can launch in a region\xa0 \xa0 </p>', '<p>The AMI is unsupported\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261257, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'b'], 'question_plain': 'You just attempted to restart a stopped EC2 instance and it immediately changed from a pending state to a terminated state. What are the most likely explanations? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872418, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>SSD, General Purpose – GP2: <ul> \t<li>3 IOPS per GB up to 10,000 IOPS</li> \t<li>Burst up to 3000 IOPS for volumes >= 334GB)</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You need to create an EBS volume to mount to an existing EC2 instance for an application that will be writing structured data to the volume. The application vendor suggests that the performance of the disk should be up to 3 IOPS per GB. You expect the capacity of the volume to grow to 2TB.</p><p>Taking into account cost effectiveness, which EBS volume type would you select?</p>', 'relatedLectureIds': '', 'answers': ['<p>General Purpose (GP2)\xa0 \xa0 </p>', '<p>Provisioned IOPS (IO1)\xa0 \xa0 </p>', '<p>Cold HDD (SC1)\xa0 \xa0 </p>', '<p>Throughput Optimized HDD (ST1)\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261259, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a'], 'question_plain': 'You need to create an EBS volume to mount to an existing EC2 instance for an application that will be writing structured data to the volume. The application vendor suggests that the performance of the disk should be up to 3 IOPS per GB. You expect the capacity of the volume to grow to 2TB.Taking into account cost effectiveness, which EBS volume type would you select?'}, {'_class': 'assessment', 'original_assessment_id': 4872424, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Spot facts: <ul> \t<li>Bid price</li> \t<li>Charged by the hour unless AWS terminates in which case the hour is free</li> \t<li>Flexible start and end times</li> \t<li>Grid computing and HPC</li> \t<li>Very low hourly compute cost</li> \t<li>Cannot use encrypted volumes</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>An application that you manage uses a combination of Reserved and On-Demand instances to handle typical load. The application involves performing analytics on a set of data and you need to temporarily deploy a large number of EC2 instances. You only need these instances to be available for a short period of time until the analytics job is completed.</p><p>What would be the MOST cost-effective choice of EC2 instance type to use for this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use Reserved instances\xa0 \xa0 </p>', '<p>Use On-Demand instances\xa0 \xa0 </p>', '<p>Use Spot instances\xa0 \xa0 </p>', '<p>Use dedicated hosts\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261261, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['c'], 'question_plain': 'An application that you manage uses a combination of Reserved and On-Demand instances to handle typical load. The application involves performing analytics on a set of data and you need to temporarily deploy a large number of EC2 instances. You only need these instances to be available for a short period of time until the analytics job is completed.What would be the MOST cost-effective choice of EC2 instance type to use for this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 4872428, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>On an EBS-backed instance, the default action is for the root EBS volume to be deleted upon termination</li> \t<li>EBS volumes can be detached and reattached to other EC2 instances</li> \t<li>Instance store volumes cannot be detached and reattached to other EC2 instances</li> \t<li>When rebooting the instances for both types data will not be lost</li> \t<li>By default, root volumes for both types will be deleted on termination unless you configured otherwise</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You are discussing EC2 with a colleague and need to describe the differences between EBS-backed instances and Instance store-backed instances. Which of the statements below would be valid descriptions? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>On an EBS-backed instance, the default action is for the root EBS volume to be deleted upon termination\xa0 \xa0 </p>', '<p>EBS volumes can be detached and reattached to other EC2 instances\xa0 \xa0 </p>', '<p>Instance store volumes can be detached and reattached to other EC2 instances\xa0 \xa0 </p>', '<p>For both types of volume rebooting the instances will result in data loss\xa0 \xa0 </p>', '<p>By default, root volumes for both types will be retained on termination unless you configured otherwise\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261263, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'b'], 'question_plain': 'You are discussing EC2 with a colleague and need to describe the differences between EBS-backed instances and Instance store-backed instances. Which of the statements below would be valid descriptions? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872434, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CloudWatch – every 1 minute:</li> \t<li>- ELB service only sends information when requests are active</li> \t<li>- Can be used to trigger SNS notifications</li> \t<li>Access Logs:</li> \t<li>- Disabled by default</li> \t<li>- Includes information about the clients (not included in CloudWatch metrics)</li> \t<li>- Can identify requester, IP, request type etc.</li> \t<li>- Can be optionally stored and retained in S3</li> \t<li>CloudTrail:</li> \t<li>- Can be used to capture API calls to the ELB</li> \t<li>- Can be stored in an S3 bucket</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>An important application you manage uses an Elastic Load Balancer (ELB) to distribute incoming requests amongst a fleet of EC2 instances. You need to ensure any operational issues are identified. </p><p>Which of the statements below are correct about monitoring of an ELB? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Information is sent to CloudWatch every minute if there are active requests\xa0 \xa0 </p>', '<p>Access logs can identify requester, IP, and request type\xa0 \xa0 </p>', '<p>Access logs are enabled by default\xa0 \xa0 </p>', '<p>CloudWatch metrics can be logged to an S3 bucket\xa0 \xa0 </p>', '<p>CloudTrail can be used to capture application logs\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261265, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'b'], 'question_plain': 'An important application you manage uses an Elastic Load Balancer (ELB) to distribute incoming requests amongst a fleet of EC2 instances. You need to ensure any operational issues are identified. Which of the statements below are correct about monitoring of an ELB? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872438, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ALB allows containers to use dynamic host port mapping so that multiple tasks from the same service are allowed on the same container host – the CLB and NLB do not offer this</li> \t<li>ALB can route requests based on the content of the request in the host field: host-based or path-based</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You are building a new Elastic Container Service (ECS) cluster. The ECS instances are running the EC2 launch type and you would like to enable load balancing to distributed connections to the tasks running on the cluster. You would like the mapping of ports to be performed dynamically and will need to route to different groups of servers based on the path in the requested URL. Which AWS service would you choose to fulfil these requirements?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Classic Load Balancer\xa0 \xa0 </p>', '<p>Network Load Balancer\xa0 \xa0 </p>', '<p>Application Load Balancer\xa0 \xa0 </p>', '<p>ECS Services\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261267, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['c'], 'question_plain': 'You are building a new Elastic Container Service (ECS) cluster. The ECS instances are running the EC2 launch type and you would like to enable load balancing to distributed connections to the tasks running on the cluster. You would like the mapping of ports to be performed dynamically and will need to route to different groups of servers based on the path in the requested URL. Which AWS service would you choose to fulfil these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 4872446, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>A bastion host can be used to access instances in private subnets but is not required for instances in public subnets</li> \t<li>A public IP is required for accessing an instance remotely</li> \t<li>The security groups and network ACLs must be configured to allow the SSH traffic on port 22</li> \t<li>An internet gateway is required for a public subnet and the route table associated with the subnet must have the internet gateway configured</li> \t<li>A NAT Gateway allows instances in private subnets to access the Internet, it is not used for remote access</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You need to connect from your office to a Linux instance that is running in your VPC using the Internet. Which of the following items are required to enable this access? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>A bastion host\xa0 \xa0 </p>', '<p>A Public or Elastic IP address on the EC2 instance\xa0 \xa0 </p>', '<p>An IPSec VPN</p>', '<p>An Internet Gateway attached to the VPC and a route table attached to the public subnet pointing to it\xa0 </p>', '<p>A NAT Gateway\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261269, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b', 'd'], 'question_plain': 'You need to connect from your office to a Linux instance that is running in your VPC using the Internet. Which of the following items are required to enable this access? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872452, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The only application services here are API Gateway and Lambda and these are considered to be serverless services</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/serverless/">https://aws.amazon.com/serverless/</a></li> </ul>', 'question': '<p>A Solutions Architect is creating a design for a multi-tiered serverless application. Which two services form the application facing services from the AWS serverless infrastructure? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>API Gateway\xa0 \xa0 </p>', '<p>Elastic Load Balancer\xa0 \xa0 </p>', '<p>AWS Cognito\xa0 \xa0 </p>', '<p>AWS Lambda\xa0 \xa0 </p>', '<p>Amazon ECS</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261271, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'd'], 'question_plain': 'A Solutions Architect is creating a design for a multi-tiered serverless application. Which two services form the application facing services from the AWS serverless infrastructure? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872462, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Auto Scaling can be configured to send an SNS email when:</li> \t<li>- An instance is launched</li> \t<li>- An instance is terminated</li> \t<li>- An instance fails to launch</li> \t<li>- An instance fails to terminate</li> \t<li>Auto Scaling can perform rebalancing when it finds that the number of instances across AZs is not balanced</li> \t<li>Auto Scaling rebalances by launching new EC2 instances in the AZs that have fewer instances first, only then will it start terminating instances in AZs that had more instances</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>An application you manage in your VPC uses an Auto Scaling Group that spans 3 AZs and there are currently 4 EC2 instances running in the group. What actions will Auto Scaling take, by default, if it needs to terminate an EC2 instance? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Wait for the cooldown period and then terminate the instance that has been running the longest\xa0 \xa0 </p>', '<p>Send an SNS notification, (if configured)\xa0 </p>', '<p>Terminate the instance with the least active network connections. If multiple instances meet this criterion, one will be randomly selected\xa0 \xa0 </p>', '<p>Randomly select one of the 3 AZs, and then terminate an instance in that AZ\xa0 \xa0 </p>', '<p>Terminate an instance in the AZ which currently has 2 running EC2 instances\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261273, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b', 'e'], 'question_plain': 'An application you manage in your VPC uses an Auto Scaling Group that spans 3 AZs and there are currently 4 EC2 instances running in the group. What actions will Auto Scaling take, by default, if it needs to terminate an EC2 instance? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872466, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Spot pricing provides: <ul> \t<li>Charged by the hour unless AWS terminates in which case the hour is free</li> \t<li>Flexible start and end times</li> \t<li>Good for grid computing and HPC</li> \t<li>Very low hourly compute cost</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>You need to run a non-production batch process that will use several EC2 instances. The process can be interrupted and restarted without issue. What EC2 pricing model would be best for this workload?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Reserved instances\xa0 \xa0 </p>', '<p>Spot instances\xa0 \xa0 </p>', '<p>On-demand instances\xa0 \xa0 </p>', '<p>Flexible instances\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261275, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b'], 'question_plain': 'You need to run a non-production batch process that will use several EC2 instances. The process can be interrupted and restarted without issue. What EC2 pricing model would be best for this workload?'}, {'_class': 'assessment', 'original_assessment_id': 4872470, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The cooldown period is a configurable setting for your Auto Scaling group that helps to ensure that it doesn\'t launch or terminate additional instances before the previous scaling activity takes effect</li> \t<li>The default cooldown period is applied when you create your Auto Scaling group</li> \t<li>The default value is 300 seconds</li> \t<li>You can configure the default cooldown period when you create the Auto Scaling group, using the AWS Management Console, the create-auto-scaling-group command (AWS CLI), or the CreateAutoScalingGroup API operation</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> \t<li><a href="https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html">https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html</a></li> </ul>', 'question': '<p>You manage an application that uses Auto Scaling. Recently there have been incidents of multiple scaling events in an hour and you are looking at methods of stabilising the Auto Scaling Group. Select the statements below that are correct with regards to the Auto Scaling cooldown period? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>It ensures that the Auto Scaling group does not launch or terminate additional EC2 instances before the previous scaling activity takes effect\xa0 \xa0 </p>', '<p>It ensures that before the Auto Scaling group scales out, the EC2 instances can apply system updates\xa0 \xa0 </p>', '<p>It ensures that the Auto Scaling group terminates the EC2 instances that are least busy\xa0 \xa0 </p>', '<p>The default value is 300 seconds\xa0 \xa0 </p>', '<p>The default value is 600 seconds\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261277, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['a', 'd'], 'question_plain': 'You manage an application that uses Auto Scaling. Recently there have been incidents of multiple scaling events in an hour and you are looking at methods of stabilising the Auto Scaling Group. Select the statements below that are correct with regards to the Auto Scaling cooldown period? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872474, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ECS Clusters are a logical grouping of container instances the you can place tasks on</li> \t<li>A default cluster is created but you can then create multiple clusters to separate resources</li> \t<li>ECS allows the definition of a specified number (desired count) of tasks to run in the cluster</li> \t<li>Clusters can contain tasks using the Fargate and EC2 launch type</li> \t<li>Each container instance may only be part of one cluster at a time</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> </ul>', 'question': '<p>A new application you are deploying uses Docker containers. You are creating a design for an ECS cluster to host the application. Which statements about ECS clusters are correct? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>ECS Clusters are a logical grouping of container instances the you can place tasks on\xa0 \xa0 </p>', '<p>Clusters can contain tasks using the Fargate and EC2 launch type\xa0 \xa0 </p>', '<p>Each container instance may be part of multiple clusters at a time\xa0 \xa0 </p>', '<p>Clusters are AZ specific\xa0 \xa0 </p>', '<p>Clusters can contain a single container instance type\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261279, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['a', 'b'], 'question_plain': 'A new application you are deploying uses Docker containers. You are creating a design for an ECS cluster to host the application. Which statements about ECS clusters are correct? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872600, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon VPC lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual network that you define</li> \t<li>Analogous to having your own DC inside AWS</li> \t<li>Provides complete control over the virtual networking environment including selection of IP ranges, creation of subnets, and configuration of route tables and gateways</li> \t<li>A VPC is logically isolated from other VPCs on AWS</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. A new client who has not used cloud computing has asked you to explain how AWS works. The client wants to know what service is provided that will provide a virtual network infrastructure that loosely resembles a traditional data center but has the capacity to scale more easily?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Elastic Load Balancing\xa0 \xa0 </p>', '<p>Elastic Compute Cloud\xa0 \xa0 </p>', '<p>Direct Connect\xa0 \xa0 </p>', '<p>Virtual Private Cloud\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261281, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['d'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. A new client who has not used cloud computing has asked you to explain how AWS works. The client wants to know what service is provided that will provide a virtual network infrastructure that loosely resembles a traditional data center but has the capacity to scale more easily?'}, {'_class': 'assessment', 'original_assessment_id': 4872610, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Read replicas are used for read heavy DBs and replication is asynchronous</li> \t<li>Read replicas are for workload sharing and offloading</li> \t<li>Read replicas are created from a snapshot of the master instance</li> \t<li>Must have automated backups enabled on the primary (retention period > 0)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>One of the applications you manage on RDS uses the MySQL DB and has been suffering from performance issues. You would like to setup a reporting process that will perform queries on the database but you’re concerned that the extra load will further impact the performance of the DB and may lead to poor customer experience.</p><p>What would be the best course of action to take so you can implement the reporting process?</p>', 'relatedLectureIds': '', 'answers': ['<p>Deploy a Read Replica to setup a secondary read-only database instance\xa0 \xa0 </p>', '<p>Deploy a Read Replica to setup a secondary read and write database instance\xa0 \xa0 </p>', '<p>Configure Multi-AZ to setup a secondary database instance in another Availability Zone\xa0 \xa0 </p>', '<p>Configure Multi-AZ to setup a secondary database instance in another region\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261283, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['a'], 'question_plain': 'One of the applications you manage on RDS uses the MySQL DB and has been suffering from performance issues. You would like to setup a reporting process that will perform queries on the database but you’re concerned that the extra load will further impact the performance of the DB and may lead to poor customer experience.What would be the best course of action to take so you can implement the reporting process?'}, {'_class': 'assessment', 'original_assessment_id': 4872618, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CloudFront distributes traffic across multiple edge locations and filters requests to ensure that only valid HTTP(S) requests will be forwarded to backend hosts. CloudFront also supports geoblocking, which you can use to prevent requests from particular geographic locations from being served</li> \t<li>ELB automatically distributes incoming application traffic across multiple targets, such as Amazon Elastic Compute Cloud (Amazon EC2) instances, containers, and IP addresses, and multiple Availability Zones, which minimizes the risk of overloading a single resource</li> \t<li>ELB, like CloudFront, only supports valid TCP requests, so DDoS attacks such as UDP and SYN floods are not able to reach EC2 instances</li> \t<li>ELB also offers a single point of management and can serve as a line of defense between the internet and your backend, private EC2 instances</li> \t<li>Auto Scaling helps to maintain a desired count of EC2 instances running at all times and setting a high maximum number of instances allows your fleet to grow and absorb some of the impact of the attack</li> \t<li>RDS supports several scenarios for deploying DB instances in private and public facing configurations</li> \t<li>CloudWatch can be used to setup alerts for when metrics reach unusual levels. High network in traffic may indicate a DDoS attack</li> \t<li>Encrypting EBS volumes does not help in a DDoS attack as the attack is targeted at reducing availability rather than compromising data</li> \t<li>Spot instances may reduce the cost (depending on the current Spot price) however the questions asks us to focus on availability not cost</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> \t<li><a href="https://aws.amazon.com/answers/networking/aws-ddos-attack-mitigation/">https://aws.amazon.com/answers/networking/aws-ddos-attack-mitigation/</a></li> \t<li><a href="https://docs.aws.amazon.com/waf/latest/developerguide/tutorials-ddos-cross-service.html">https://docs.aws.amazon.com/waf/latest/developerguide/tutorials-ddos-cross-service.html</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.Scenarios.html">https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.Scenarios.html</a></li> </ul>', 'question': '<p>You are putting together the design for a new retail website for a high-profile company. The company has previously been the victim of targeted distributed denial-of-service (DDoS) attacks and have requested that you ensure the design includes mitigation techniques. </p><p>Which of the following are the BEST techniques to help ensure the availability of the services is not compromized in an attack? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use Spot instances to reduce the cost impact in case of attack\xa0 \xa0 </p>', '<p>CloudFront for distributing both static and dynamic content\xa0 \xa0 </p>', '<p>Use Placement Groups to ensure high bandwidth and low latency</p>', '<p>Configure Auto Scaling with a high maximum number of instances to ensure it can scale accordingly\xa0 \xa0 </p>', '<p>Use encryption on your EBS volumes</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261285, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b', 'd'], 'question_plain': 'You are putting together the design for a new retail website for a high-profile company. The company has previously been the victim of targeted distributed denial-of-service (DDoS) attacks and have requested that you ensure the design includes mitigation techniques. Which of the following are the BEST techniques to help ensure the availability of the services is not compromized in an attack? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872626, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Simple Workflow Service (SWF) is a web service that makes it easy to coordinate work across distributed application components</li> \t<li>SWF enables applications for a range of use cases, including media processing, web application back-ends, business process workflows, and analytics pipelines, to be designed as a coordination of tasks</li> \t<li>Amazon Simple Queue Service (Amazon SQS) is a web service that gives you access to message queues that store messages waiting to be processed</li> \t<li>SQS offers a reliable, highly-scalable, hosted queue for storing messages in transit between computers</li> \t<li>SQS is used for distributed/decoupled applications</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-swf/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-swf/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/</a></li> </ul>', 'question': '<p>One of your clients is a financial organization that has a large presence in AWS and also has a number of their own data centers. The client has requested a recommended high-level hosting architecture for a distributed application that will utilize decoupled components.</p><p>The application will make use of application servers running on AWS EC2 instances and in the client’s own data centers. What AWS application integration services could you use to support interaction between the application servers?</p><p>Which of the following options are valid? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>VPC</p>', '<p>SWF</p>', '<p>SNS</p>', '<p>SQS</p>', '<p>DynamoDB</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261287, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b', 'd'], 'question_plain': 'One of your clients is a financial organization that has a large presence in AWS and also has a number of their own data centers. The client has requested a recommended high-level hosting architecture for a distributed application that will utilize decoupled components.The application will make use of application servers running on AWS EC2 instances and in the client’s own data centers. What AWS application integration services could you use to support interaction between the application servers?Which of the following options are valid? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872628, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Simple Workflow Service (SWF) is a web service that makes it easy to coordinate work across distributed application components</li> \t<li>SWF enables applications for a range of use cases, including media processing, web application back-ends, business process workflows, and analytics pipelines, to be designed as a coordination of tasks</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-swf/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-swf/</a></li> </ul>', 'question': '<p>You’re trying to explain to a colleague typical use cases where you can use the Simple Workflow Service (SWF). Which of the scenarios below would be valid? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Sending notifications via SMS when an EC2 instance reaches a certain threshold\xa0 \xa0 </p>', '<p>Managing a multi-step and multi-decision checkout process for a mobile application\xa0 \xa0 </p>', '<p>Providing a reliable, highly-scalable, hosted queue for storing messages in transit between EC2 instances\xa0 \xa0 </p>', '<p>For web applications that require content delivery networks\xa0 \xa0 </p>', '<p>Coordinating business process workflows across distributed application components\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261289, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b', 'e'], 'question_plain': 'You’re trying to explain to a colleague typical use cases where you can use the Simple Workflow Service (SWF). Which of the scenarios below would be valid? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872632, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You cannot enable read replicas or multi-AZ using MySQL, you would need RDS</li> \t<li>Migrating to RDS would entail a major change to the architecture</li> \t<li>In this example it will be easier to use the native HA features of MySQL than to migrated to RDS</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>A membership website your company manages has become quite popular and is gaining members quickly. The website currently runs on EC2 instances with one web server instance and one DB instance running MySQL. You are concerned about the lack of high-availability in the current architecture. What can you do to easily enable HA without making major changes to the architecture?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Create a Read Replica in another AZ\xa0 \xa0 </p>', '<p>Enable Multi-AZ for the MySQL instance\xa0 \xa0 </p>', '<p>Install MySQL on an EC2 instance in the same AZ and enable replication\xa0 \xa0 </p>', '<p>Install MySQL on an EC2 instance in another AZ and enable replication\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261291, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['d'], 'question_plain': 'A membership website your company manages has become quite popular and is gaining members quickly. The website currently runs on EC2 instances with one web server instance and one DB instance running MySQL. You are concerned about the lack of high-availability in the current architecture. What can you do to easily enable HA without making major changes to the architecture?'}, {'_class': 'assessment', 'original_assessment_id': 4872644, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can throttle and monitor requests to protect your backend</li> \t<li>Resiliency through throttling rules based on the number of requests per second for each HTTP method (GET, PUT)</li> \t<li>Throttling can be configured at multiple levels including Global and Service Call</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> </ul>', 'question': '<p>One of your clients is a banking regulator and they run an application that provides auditing information to the general public using AWS Lambda and API Gateway. A Royal Commission has exposed some suspect lending practices and this has been picked up by the media and raised concern amongst the general public. With some major upcoming announcements expected you’re concerned about traffic spikes hitting the client’s application.</p><p>How can you protect the backend systems from traffic spikes?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use ElastiCache as the front-end to cache frequent queries\xa0 \xa0 </p>', '<p>Use a CloudFront Edge Cache\xa0 \xa0 </p>', '<p>Enable throttling limits and result caching in API Gateway\xa0 \xa0 </p>', '<p>Put the APIs in an S3 bucket and publish as a static website using CloudFront\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261293, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['c'], 'question_plain': 'One of your clients is a banking regulator and they run an application that provides auditing information to the general public using AWS Lambda and API Gateway. A Royal Commission has exposed some suspect lending practices and this has been picked up by the media and raised concern amongst the general public. With some major upcoming announcements expected you’re concerned about traffic spikes hitting the client’s application.How can you protect the backend systems from traffic spikes?'}, {'_class': 'assessment', 'original_assessment_id': 4872648, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Snapshots capture a point-in-time state of an instance</li> \t<li>Snapshots are stored on S3</li> \t<li>Does not provide granular backup (not a replacement for backup software)</li> \t<li>The EB CLI is a command line interface for Elastic Beanstalk that provides interactive commands that simplify creating, updating and monitoring environments from a local repository</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> \t<li><a href="https://docs.aws.amazon.com/cli/latest/reference/ec2/create-snapshot.html">https://docs.aws.amazon.com/cli/latest/reference/ec2/create-snapshot.html</a></li> \t<li><a href="https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb-cli3.html">https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb-cli3.html</a></li> </ul>', 'question': '<p>You would like to implement an automated method of periodically backing up the EBS volumes in your VPC.\xa0What steps can you can take to automatically backup EBS Volumes?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Create a scheduled job and run the AWS CLI command “create-snapshot” with the various options to take backups of the EBS volumes\xa0 \xa0 </p>', '<p>Create a scheduled job and run the AWS CLI command “create-backup” with the various options to take backups of the EBS volumes\xa0 \xa0 </p>', '<p>Configure EBS volume replication to create a backup on S3\xa0 \xa0 </p>', '<p>Use an EBS-lifecycle policy to take a snapshot of the EBS volumes\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261295, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['a'], 'question_plain': 'You would like to implement an automated method of periodically backing up the EBS volumes in your VPC.\xa0What steps can you can take to automatically backup EBS Volumes?'}, {'_class': 'assessment', 'original_assessment_id': 4872658, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Proxy protocol for TCP/SSL carries the source (client) IP/port information</li> \t<li>The Proxy Protocol header helps you identify the IP address of a client when you have a load balancer that uses TCP for back-end connection</li> \t<li>Ensure the client doesn’t go through a proxy or there will be multiple proxy headers</li> \t<li>Proxy protocol only applies to L4</li> \t<li>X-forwarded-for only applies to L7</li> \t<li>Back end listener must be TCP for Proxy protocol</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> \t<li><a href="https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/using-elb-listenerconfig-quickref.html">https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/using-elb-listenerconfig-quickref.html</a></li> </ul>', 'question': '<p>An application has been deployed in a private subnet within your VPC and an ELB will be used to accept incoming connections. You need to setup the configuration for the listeners on the ELB. </p><p>When using a Classic Load Balancer, which of the following combinations of listeners support the proxy protocol? (choose 2)\xa0 \xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Front-End – TCP & Back-End – TCP\xa0 \xa0 </p>', '<p>Front-End – SSL & Back-End – SSL\xa0 \xa0 </p>', '<p>Front-End – SSL & Back-End - TCP\xa0 \xa0 </p>', '<p>Front-End – TCP & Back-End SSL\xa0 \xa0 </p>', '<p>Front-End – HTTP & Back-End SSL\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261297, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['a', 'c'], 'question_plain': 'An application has been deployed in a private subnet within your VPC and an ELB will be used to accept incoming connections. You need to setup the configuration for the listeners on the ELB. When using a Classic Load Balancer, which of the following combinations of listeners support the proxy protocol? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872668, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Access Logs on ELB:</li> \t<li>- Disabled by default</li> \t<li>- Includes information about the clients (not included in CloudWatch metrics)</li> \t<li>- Can identify requester, IP, request type etc.</li> \t<li>- Can be optionally stored and retained in S3</li> \t<li>Amazon EMR is a web service that enables businesses, researchers, data analysts, and developers to easily and cost-effectively process vast amounts of data</li> \t<li>EMR utilizes a hosted Hadoop framework running on Amazon EC2 and Amazon S3</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-emr/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-emr/</a></li> </ul>', 'question': '<p>An application you run on AWS uses an ELB to distribute connections between EC2 instances. You need to record information on the requester, IP, and request type for connections made to the ELB. You will also need to perform some analysis on the log files, which AWS services and configuration options can be used to collect and then analyze the logs? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Enable Access Logs on the ELB and store the log files on S3\xa0 \xa0 </p>', '<p>Update the application to use DynamoDB for storing log files\xa0 \xa0 </p>', '<p>Enable Access Logs on the EC2 instances and store the log files on S3\xa0 \xa0 </p>', '<p>Use EMR for analyzing the log files\xa0 \xa0 </p>', '<p>Use Elastic Transcoder to analyze the log files\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261299, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['a', 'd'], 'question_plain': 'An application you run on AWS uses an ELB to distribute connections between EC2 instances. You need to record information on the requester, IP, and request type for connections made to the ELB. You will also need to perform some analysis on the log files, which AWS services and configuration options can be used to collect and then analyze the logs? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4872808, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>RDS read replicas are available for MySQL, PostgreSQL, MariaDB and Aurora (no SQL Server or Oracle)</li> \t<li>Two types of replication: Aurora replica (up to 15), My SQL Read Replica (up to 5)</li> \t<li>Automatic failover is available for Aurora replicas only</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Aurora.Replication.html">https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Aurora.Replication.html</a></li> </ul>', 'question': '<p>A new application you are designing will store data in an Amazon Aurora MySQL DB. You are looking for a way to enable failover for the Aurora DB in the case of a regional outage. How can this be achieved?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Take a manual backup of the Aurora DB and copy it to another region\xa0 \xa0 </p>', '<p>Enable Multi-AZ for the Aurora DB\xa0 \xa0 </p>', '<p>Create a cross-region Aurora Replica\xa0 \xa0 </p>', '<p>Create an EBS backup of the Aurora volumes and use cross-region replication to copy the snapshot\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261301, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['c'], 'question_plain': 'A new application you are designing will store data in an Amazon Aurora MySQL DB. You are looking for a way to enable failover for the Aurora DB in the case of a regional outage. How can this be achieved?'}, {'_class': 'assessment', 'original_assessment_id': 4872940, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can throttle and monitor requests to protect your backend</li> \t<li>Resiliency through throttling rules based on the number of requests per second for each HTTP method (GET, PUT)</li> \t<li>Throttling can be configured at multiple levels including Global and Service Call</li> \t<li>When request submissions exceed the steady-state request rate and burst limits, API Gateway fails the limit-exceeding requests and returns 429 Too Many Requests error responses to the client</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> \t<li><a href="https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html">https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html</a></li> </ul>', 'question': '<p>When using throttling controls with API Gateway what happens when request submissions exceed the steady-state request rate and burst limits?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The requests will be buffered in a cache until the load reduces\xa0 \xa0 </p>', '<p>API Gateway fails the limit-exceeding requests and returns “429 Too Many Requests” error responses to the client\xa0 \xa0 </p>', '<p>API Gateway fails the limit-exceeding requests and returns “500 Internal Server Error” error responses to the client\xa0 \xa0 </p>', '<p>API Gateway drops the requests and does not return a response to the client\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261303, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b'], 'question_plain': 'When using throttling controls with API Gateway what happens when request submissions exceed the steady-state request rate and burst limits?'}, {'_class': 'assessment', 'original_assessment_id': 4872952, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Proxy protocol for TCP/SSL carries the source (client) IP/port information</li> \t<li>The Proxy Protocol header helps you identify the IP address of a client when you have a load balancer that uses TCP for back-end connections</li> \t<li>Ensure the client doesn’t go through a proxy or there will be multiple proxy headers</li> \t<li>Also need to ensure the EC2 instance’s TCP stack can process the extra information</li> \t<li>Back end listeners must be configured for TCP</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> \t<li><a href="https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/using-elb-listenerconfig-quickref.html">https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/using-elb-listenerconfig-quickref.html</a></li> </ul>', 'question': '<p>You need to record connection information from clients using an ELB. When enabling the Proxy Protocol with an ELB to carry connection information from the source requesting the connection, what prerequisites apply? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Confirm that your load balancer is using HTTPS listeners\xa0 \xa0 </p>', '<p>Confirm that your load balancer is not behind a proxy server with Proxy Protocol enabled\xa0 \xa0 </p>', '<p>Confirm that your instances are on-demand instances\xa0 </p>', '<p>Confirm that your load balancer is configured to include the X-Forwarded-For request header\xa0 \xa0 </p>', '<p>Confirm that your back-end listeners are configured for TCP and front-end listeners are configured for TCP\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261305, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b', 'e'], 'question_plain': 'You need to record connection information from clients using an ELB. When enabling the Proxy Protocol with an ELB to carry connection information from the source requesting the connection, what prerequisites apply? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4873092, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>When you resize an instance, you must select an instance type that is compatible with the configuration of the instance</li> \t<li>You must stop your Amazon EBS–backed instance before you can change its instance type</li> \t<li>You can suspend and then resume one or more of the scaling processes for your Auto Scaling group</li> \t<li>Suspending scaling processes can be useful when you want to investigate a configuration problem or other issue with your web application and then make changes to your application, without invoking the scaling processes</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html</a></li> </ul>', 'question': '<p>An Auto Scaling Group in which you have four EC2 instances running is becoming heavily loaded. The instances are using the m4.large instance type and the CPUs are hitting 80%. Due to licensing constraints you don’t want to add additional instances to the ASG so you are planning to upgrade to the m4.xlarge instance type instead. You need to make the change immediately but don’t want to terminate the existing instances.</p><p>How can you perform the change without causing the ASG to launch new instances? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Stop each instance and change its instance type. Start the instance again\xa0 \xa0 </p>', '<p>Create a new launch configuration with the new instance type specified\xa0 \xa0 </p>', '<p>On the ASG suspend the Auto Scaling process until you have completed the change\xa0 \xa0 </p>', '<p>Edit the existing launch configuration and specify the new instance type\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261307, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['a', 'c'], 'question_plain': 'An Auto Scaling Group in which you have four EC2 instances running is becoming heavily loaded. The instances are using the m4.large instance type and the CPUs are hitting 80%. Due to licensing constraints you don’t want to add additional instances to the ASG so you are planning to upgrade to the m4.xlarge instance type instead. You need to make the change immediately but don’t want to terminate the existing instances.How can you perform the change without causing the ASG to launch new instances? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4870972, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li lang="en-AU">AWS recommend that you use the AWS SDKs to make programmatic API calls to IAM</li> \t<li lang="en-AU">However, you can also use the IAM Query API to make direct calls to the IAM web service</li> \t<li lang="en-AU">An access key ID and secret access key must be used for authentication when using the Query API</li> \t<li lang="en-AU">OpenID Connect is a provider for connecting external directories</li> \t<li lang="en-AU">API gateway is a separate service for accepting and processing API calls</li> \t<li lang="en-AU">An IAM role is not used for authentication to the Query API</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>A developer is writing some code and wants to work programmatically with IAM. Which feature of IAM allows you direct access to the IAM web service using HTTPS to call service actions and what is the method of authentication that must be used? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Query API\xa0 \xa0 </p>', '<p>API Gateway\xa0 \xa0 </p>', '<p>Access key ID and secret access key\xa0 \xa0 </p>', '<p>IAM role\xa0 \xa0 </p>', '<p>OpenID\xa0Connect</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261191, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a', 'c'], 'question_plain': 'A developer is writing some code and wants to work programmatically with IAM. Which feature of IAM allows you direct access to the IAM web service using HTTPS to call service actions and what is the method of authentication that must be used? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4870976, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li lang="en-AU"><span>Amazon Simple Queue Service (Amazon SQS) is a web service that gives you access to\xa0</span>message queues<span>\xa0that store messages waiting to be processed</span></li> \t<li lang="en-AU"><span>SQS offers a reliable, highly-scalable, hosted queue for storing messages in transit between computers</span></li> \t<li lang="en-AU">SQS is used for distributed/decoupled applications</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/</a></li> </ul>', 'question': '<p>One of your clients is experiencing an issue whereby their Auto Scaling Group is not scaling fast enough to keep up with periods of peak load. The result is that some requests that are coming through to the applications are being lost.</p><p>What is the most cost-effective way to avoid losing requests?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use Spot instances to take some of the load\xa0 \xa0 </p>', '<p>Use an Elastic Load Balancer\xa0 \xa0 </p>', '<p>Use larger EC2 instance sizes\xa0 \xa0 </p>', '<p>Decouple the application components by using an SQS queue\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261193, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['d'], 'question_plain': 'One of your clients is experiencing an issue whereby their Auto Scaling Group is not scaling fast enough to keep up with periods of peak load. The result is that some requests that are coming through to the applications are being lost.What is the most cost-effective way to avoid losing requests?'}, {'_class': 'assessment', 'original_assessment_id': 4870978, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li><span>Single region inter-VPC routing</span></li> \t<li lang="en-AU">Cannot have overlapping CIDR ranges</li> \t<li lang="en-AU">Cannot do transitive peering</li> \t<li lang="en-AU"><span>Must update route tables to configure routing</span></li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You are a Solutions Architect for a pharmaceutical company. The company uses a strict process for release automation that involves building and testing services in 3 separate VPCs. A peering topology is configured with VPC-A peered with VPC-B and VPC-B peered with VPC-C. The development team wants to modify the process so that they can release code directly from VPC-A to VPC-C.</p><p>How can this be accomplished?</p>', 'relatedLectureIds': '', 'answers': ['<p>Update VPC-As route table with an entry using the VPC peering as a target\xa0 \xa0 </p>', '<p>Create a new VPC peering connection between VPC-A and VPC-C\xa0 \xa0 </p>', '<p>Update VPC-Bs route table with peering targets for VPC-A and VPC-C and enable route propagation\xa0 \xa0 </p>', '<p>Update the CIDR blocks to match to enable inter-VPC routing\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261195, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect for a pharmaceutical company. The company uses a strict process for release automation that involves building and testing services in 3 separate VPCs. A peering topology is configured with VPC-A peered with VPC-B and VPC-B peered with VPC-C. The development team wants to modify the process so that they can release code directly from VPC-A to VPC-C.How can this be accomplished?'}, {'_class': 'assessment', 'original_assessment_id': 4870980, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Without cross-zone load balancing enabled, the NLB will distributed traffic 50/50 between AZs. As there are an odd number of instances across the two AZs some instances will not receive any traffic.</li> \t<li><span>NLB operates at the connection level (Layer 4), routing connections to targets – Amazon EC2 instances, containers and IP addresses based on IP protocol data</span></li> \t<li><span>NLB is architected to handle millions of requests/sec, sudden volatile traffic patterns and provides extremely low latencies</span></li> \t<li><span>NLB supports both network and application target health checks</span></li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You recently noticed that your Network Load Balancer (NLB) in one of your VPCs is not distributing traffic evenly between EC2 instances in your AZs. There are an odd number of EC2 instances spread across two AZs. The NLB is configured with a TCP listener on port 80 and is using active health checks.</p><p>What is the most likely problem?</p>', 'relatedLectureIds': '', 'answers': ['<p>Health checks are failing in one AZ due to latency\xa0 \xa0 </p>', '<p>There is no HTTP listener\xa0 \xa0 </p>', '<p>Cross-zone load balancing is disabled\xa0 \xa0 </p>', '<p>NLB can only load balance within a single AZ\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261197, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['c'], 'question_plain': 'You recently noticed that your Network Load Balancer (NLB) in one of your VPCs is not distributing traffic evenly between EC2 instances in your AZs. There are an odd number of EC2 instances spread across two AZs. The NLB is configured with a TCP listener on port 80 and is using active health checks.What is the most likely problem?'}, {'_class': 'assessment', 'original_assessment_id': 4870982, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>SSD, General Purpose - GP2</li> \t<li><span>- Baseline of 3 IOPS per GiB with a minimum of 100 IOPS</span></li> \t<li>- Burst up to 3000 IOPS for volumes >= 334GB)</li> \t<li>SSD, Provisioned IOPS - I01</li> \t<li>- More than 10,000 IOPS</li> \t<li>- Up to 32000 IOPS per volume</li> \t<li>- Up to 50 IOPS per GiB</li> \t<li>HDD, Throughput Optimized - (ST1):</li> \t<li>- Throughput measured in MB/s, and includes the ability to burst up to 250 MB/s per TB, with a baseline throughput of 40 MB/s per TB and a maximum throughput of 500 MB/s per volume</li> \t<li>HDD, Cold - (SC1):</li> \t<li>- Lowest cost storage - cannot be a boot volume</li> \t<li>- These volumes can burst up to 80 MB/s per TB, with a baseline throughput of 12 MB/s per TB and a maximum throughput of 250 MB/s per volume</li> \t<li>HDD, Magnetic - Standard - cheap, infrequently accessed storage - lowest cost storage that can be a boot volume</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You are designing the disk configuration for an EC2 instance. The instance will be running an application that requires heavy read/write IOPS. You need to provision a single volume that is 500 GiB in size and needs to support 20,000 IOPS.</p><p>What EBS volume type will you select?</p>', 'relatedLectureIds': '', 'answers': ['<p>EBS General Purpose SSD\xa0 \xa0 </p>', '<p>EBS Provisioned IOPS SSD\xa0 \xa0 </p>', '<p>EBS Throughput Optimized HDD\xa0 \xa0 </p>', '<p>EBS General Purpose SSD in a RAID 1 configuration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261199, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['b'], 'question_plain': 'You are designing the disk configuration for an EC2 instance. The instance will be running an application that requires heavy read/write IOPS. You need to provision a single volume that is 500 GiB in size and needs to support 20,000 IOPS.What EBS volume type will you select?'}, {'_class': 'assessment', 'original_assessment_id': 4871088, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li><span>You are limited to running up to a total of 20 On-Demand instances across the instance family, purchasing 20 Reserved Instances, and requesting Spot Instances per your dynamic spot limit</span><span>\xa0per region (by default)</span></li> \t<li>You are limited to an aggregate of 100 TiB of PIOPS volumes per region</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You have a requirement to perform a large-scale testing operation that will assess the ability of your application to scale. You are planning on deploying a large number of c3.2xlarge instances with several PIOPS EBS volumes attached to each. You need to ensure you don’t run into any problems with service limits. What are the service limits you need to be aware of in this situation?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>20 On-Demand EC2 instances and 100 TiB of aggregate PIOPS volume storage per region\xa0 \xa0 </p>', '<p>20 On-Demand EC2 instances and 100 PIOPS volumes per region\xa0 \xa0 </p>', '<p>20 On-Demand EC2 instances and 100 TiB of aggregate PIOPS volume storage per account\xa0 \xa0 </p>', '<p>20 On-Demand EC2 instances and 100 PIOPS volumes per account\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261201, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['a'], 'question_plain': 'You have a requirement to perform a large-scale testing operation that will assess the ability of your application to scale. You are planning on deploying a large number of c3.2xlarge instances with several PIOPS EBS volumes attached to each. You need to ensure you don’t run into any problems with service limits. What are the service limits you need to be aware of in this situation?'}, {'_class': 'assessment', 'original_assessment_id': 4871090, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ELB nodes have public IPs</li> \t<li>Routes traffic to the private IP addresses of the EC2 instances</li> \t<li>Need one public subnet in each AZ where the ELB is defined</li> \t<li>Attaching an Internet gateway (which is done at the VPC level, not the subnet level) or a NAT gateway will not assist as these are both used for outbound communications which is not the goal here</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You have created a new VPC and setup an Auto Scaling Group to maintain a desired count of 2 EC2 instances. The security team has requested that the EC2 instances be located in a private subnet. To distribute load, you have to also setup an Internet-facing Application Load Balancer (ALB).</p><p>With your security team’s wishes in mind what else needs to be done to get this configuration to work? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Attach an Internet Gateway to the private subnets\xa0 \xa0 </p>', '<p>Associate both the private and public subnets with the ALB\xa0 \xa0 </p>', '<p>For each private subnet create a corresponding public subnet in the same AZ\xa0 \xa0 </p>', '<p>Associate the public subnets with the ALB\xa0 \xa0 </p>', '<p>Add a NAT gateway to the private subnet\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261203, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:29Z', 'correct_response': ['c', 'd'], 'question_plain': 'You have created a new VPC and setup an Auto Scaling Group to maintain a desired count of 2 EC2 instances. The security team has requested that the EC2 instances be located in a private subnet. To distribute load, you have to also setup an Internet-facing Application Load Balancer (ALB).With your security team’s wishes in mind what else needs to be done to get this configuration to work? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995134, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>When you create a new subnet, it is automatically associated with the main route table. Therefore, the EC2 instance will not have a route to the Internet. The Architect should associate the new subnet with the custom route table</li> \t<li>NAT Gateways are used for connecting EC2 instances in private subnets to the Internet. This is a valid reason for a private subnet to not have connectivity, however in this case the Architect is attempting to use an Internet Gateway</li> \t<li>Subnets are always associated to a route table when created</li> \t<li>Internet Gateways are highly-available so it\'s unlikely that IGW connectivity is the issue</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html">https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html</a></li> </ul>\xa0', 'question': '<p>A Solutions Architect has setup a VPC with a public subnet and a VPN-only subnet. The public subnet is associated with a custom route table that has a route to an Internet Gateway. The VPN-only subnet is associated with the main route table and has a route to a virtual private gateway.</p><p>\xa0The Architect has created a new subnet in the VPC and launched an EC2 instance in it. However, the instance cannot connect to the Internet. What is the MOST likely reason?</p>', 'relatedLectureIds': '', 'answers': ['<p>There is no NAT Gateway available in the new subnet so Internet connectivity is not possible</p>', '<p>The subnet has been automatically associated with the main route table which does not have a route to the Internet\xa0 \xa0 </p>', '<p>The new subnet has not been associated with a route table\xa0 \xa0 </p>', '<p>The Internet Gateway is experiencing connectivity problems\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261309, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b'], 'question_plain': 'A Solutions Architect has setup a VPC with a public subnet and a VPN-only subnet. The public subnet is associated with a custom route table that has a route to an Internet Gateway. The VPN-only subnet is associated with the main route table and has a route to a virtual private gateway.\xa0The Architect has created a new subnet in the VPC and launched an EC2 instance in it. However, the instance cannot connect to the Internet. What is the MOST likely reason?'}, {'_class': 'assessment', 'original_assessment_id': 5995142, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Using the default termination policy, when there are even number of instances in multiple AZs, Auto Scaling will first select the instances with the oldest launch configuration, and if multiple instances share the oldest launch configuration, AS then selects the instances that are closest to the next billing hour</li> </ul> <strong>References:</strong><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/"></a> <ul> \t<li><a href="https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html">https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html</a></li> </ul>\xa0', 'question': '<p>An Auto Scaling group is configured with the default termination policy. The group spans multiple Availability Zones and each AZ has the same number of instances running. </p><p>\xa0A scale in event needs to take place, what is the first step in evaluating which instances to terminate?</p>', 'relatedLectureIds': '', 'answers': ['<p>Select instances that are closest to the next billing hour\xa0 \xa0 </p>', '<p>Select instances randomly\xa0 \xa0 </p>', '<p>Select instances that use the oldest launch configuration\xa0 \xa0 </p>', '<p>Select the newest instance in the group\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261311, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['c'], 'question_plain': 'An Auto Scaling group is configured with the default termination policy. The group spans multiple Availability Zones and each AZ has the same number of instances running. \xa0A scale in event needs to take place, what is the first step in evaluating which instances to terminate?'}, {'_class': 'assessment', 'original_assessment_id': 5995144, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Performing in-place queries on a data lake allows you to run sophisticated analytics queries directly on the data in S3 without having to load it into a data warehouse</li> \t<li>You can use both Athena and Redshift Spectrum against the same data assets. You would typically use Athena for ad hoc data discovery and SQL querying, and then use Redshift Spectrum for more complex queries and scenarios where a large number of data lake users want to run concurrent BI and reporting workloads</li> \t<li>AWS Lambda is a serverless technology for running functions, it is not the best solution for running analytics queries</li> \t<li>AWS Glue is an ETL service</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/aws-technical-content/latest/building-data-lakes/in-place-querying.html">https://docs.aws.amazon.com/aws-technical-content/latest/building-data-lakes/in-place-querying.html</a></li> \t<li><a href="https://aws.amazon.com/redshift/">https://aws.amazon.com/redshift/</a></li> \t<li><a href="https://aws.amazon.com/athena/">https://aws.amazon.com/athena/</a></li> </ul>', 'question': '<p>Your organization has a data lake on S3 and you need to find a solution for performing in-place queries of the data assets in the data lake. The requirement is to perform both data discovery and SQL querying, and complex queries from a large number of concurrent users using BI tools.</p><p>\xa0What is the BEST combination of AWS services to use in this situation? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>AWS Lambda for the complex queries\xa0 \xa0 </p>', '<p>Amazon Athena for the ad hoc SQL querying\xa0 \xa0 </p>', '<p>RedShift Spectrum for the complex queries\xa0 \xa0 </p>', '<p>AWS Glue for the ad hoc SQL querying</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261313, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b', 'c'], 'question_plain': 'Your organization has a data lake on S3 and you need to find a solution for performing in-place queries of the data assets in the data lake. The requirement is to perform both data discovery and SQL querying, and complex queries from a large number of concurrent users using BI tools.\xa0What is the BEST combination of AWS services to use in this situation? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995146, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Launch templates enable you to store launch parameters so that you do not have to specify them every time you launch an instance. When you launch an instance using the Amazon EC2 console, an AWS SDK, or a command line tool, you can specify the launch template to use</li> \t<li>Launch Configurations are used with Auto Scaling Groups</li> \t<li>Run Command automates common administrative tasks, and lets you perform ad hoc configuration changes at scale</li> \t<li>You can launch or start instances in a<em>placement group</em>, which determines how instances are placed on underlying hardware</li> </ul> <strong>References:</strong><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/"></a> <ul> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html</a></li> </ul>', 'question': '<p>You regularly launch EC2 instances manually from the console and want to streamline the process to reduce administrative overhead. What feature of EC2 allows you to store settings such as AMI ID, instance type, key pairs and Security Groups? </p>', 'relatedLectureIds': '', 'answers': ['<p>Launch Configurations\xa0 \xa0 </p>', '<p>Launch Templates\xa0 \xa0 </p>', '<p>Run Command\xa0 \xa0 </p>', '<p>Placement Groups\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261315, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b'], 'question_plain': 'You regularly launch EC2 instances manually from the console and want to streamline the process to reduce administrative overhead. What feature of EC2 allows you to store settings such as AMI ID, instance type, key pairs and Security Groups?'}, {'_class': 'assessment', 'original_assessment_id': 5995156, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Simple Workflow Service (SWF) is a web service that makes it easy to coordinate work across distributed application components. SWF enables applications for a range of use cases, including media processing, web application back-ends, business process workflows, and analytics pipelines, to be designed as a coordination of tasks</li> \t<li>Amazon Security Token Service (STS) is used for requesting temporary credentials</li> \t<li>Amazon Simple Queue Service (SQS) is a message queue used for decoupling application components</li> \t<li>Amazon Simple Notification Service (SNS) is a web service that makes it easy to set up, operate, and send notifications from\xa0the cloud</li> \t<li>SNS supports notifications over multiple transports including HTTP/HTTPS, Email/Email-JSON, SQS and SMS</li> </ul> <strong>References:</strong><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudtrail/"></a> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-swf/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-swf/</a></li> </ul>\xa0', 'question': '<p>A Solutions Architect is creating the business process workflows associated with an order fulfilment system. What AWS service can assist with coordinating tasks across distributed application components?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon STS\xa0 \xa0 </p>', '<p>Amazon SQS\xa0 \xa0 </p>', '<p>Amazon SWF\xa0 \xa0 </p>', '<p>Amazon SNS\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261317, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['c'], 'question_plain': 'A Solutions Architect is creating the business process workflows associated with an order fulfilment system. What AWS service can assist with coordinating tasks across distributed application components?'}, {'_class': 'assessment', 'original_assessment_id': 5995166, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li style="list-style-type: none;"> <ul> \t<li>With an identity pool, users can obtain temporary AWS credentials to access AWS services, such as Amazon S3 and DynamoDB</li> \t<li>A user pool is a user directory in Amazon Cognito. With a user pool, users can sign in to web or mobile apps through Amazon Cognito, or federate through a third-party identity provider (IdP)</li> \t<li>SAML Identity Providers are supported IDPs for identity pools but cannot be used for gaining temporary credentials for AWS services</li> \t<li>Key pairs are used in Amazon EC2 for access to instances</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>A health club is developing a mobile fitness app that allows customers to upload statistics and view their progress. Amazon Cognito is being used for authentication, authorization and user management and users will sign-in with Facebook IDs.</p><p>\xa0In order to securely store data in DynamoDB, the design should use temporary AWS credentials. What feature of Amazon Cognito is used to obtain temporary credentials to access AWS services?</p>', 'relatedLectureIds': '', 'answers': ['<p>User Pools\xa0 \xa0 </p>', '<p>Identity Pools</p>', '<p>SAML Identity Providers\xa0 \xa0 </p>', '<p>Key Pairs\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6261319, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-27T20:11:35Z', 'created': '2018-11-27T20:11:30Z', 'correct_response': ['b'], 'question_plain': 'A health club is developing a mobile fitness app that allows customers to upload statistics and view their progress. Amazon Cognito is being used for authentication, authorization and user management and users will sign-in with Facebook IDs.\xa0In order to securely store data in DynamoDB, the design should use temporary AWS credentials. What feature of Amazon Cognito is used to obtain temporary credentials to access AWS services?'}, {'_class': 'assessment', 'original_assessment_id': 0, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li style="margin-top: 0; margin-bottom: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;" lang="en-US">NAT gateways are managed</span><span style="font-family: Calibri; font-size: 11.0pt;" lang="en-AU">\xa0</span><span style="font-weight: bold; font-family: Roboto; font-size: 11.25pt; color: #3c4858; background: white;" lang="en-AU">for</span><span style="font-family: Calibri; font-size: 11.0pt;" lang="en-AU">\xa0you by AWS. </span><span style="font-family: Calibri; font-size: 11.0pt;" lang="en-US">NAT gateways are highly available in each AZ into which they are deployed. They are not associated with any security groups and can scale automatically up to 45Gbps</span></li> \t<li style="margin-top: 0; margin-bottom: 0; vertical-align: middle;"><span style="font-family: Roboto; font-size: 11.25pt; color: #3c4858; background: white;" lang="en-US">NAT instances are managed\xa0</span><span style="font-weight: bold; font-family: Roboto; font-size: 11.25pt; color: #3c4858; background: white;" lang="en-AU">by</span><span style="font-family: Roboto; font-size: 11.25pt; color: #3c4858; background: white;" lang="en-US">\xa0you. They must be scaled manually and do not provide HA. NAT Instances can be used as bastion hosts and can be assigned to security groups</span></li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>A Solutions Architect is considering the best approach to enabling Internet access for EC2 instances in a private subnet What advantages do NAT Gateways have over NAT Instances? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Can be assigned to security groups</p>', '<p>Can be used as a bastion host</p>', '<p>Managed for you by AWS</p>', '<p>Highly available within each AZ</p>', '<p>Can be scaled up manually</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6261323, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-27T20:13:34Z', 'created': '2018-11-27T20:13:34Z', 'correct_response': ['c', 'd'], 'question_plain': 'A Solutions Architect is considering the best approach to enabling Internet access for EC2 instances in a private subnet What advantages do NAT Gateways have over NAT Instances? (choose 2)'}], 'next': None, 'count': 65, 'previous': None}, 'type': 'practice-test'}, {'title': 'AWS Certified Solutions Architect - Associate: Test 5', 'quiz_data': {'results': [{'_class': 'assessment', 'original_assessment_id': 4873776, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Multi-factor authentication (MFA) can be enabled/enforced for the AWS account and for individual users under the account</li> \t<li>MFA uses an authentication device that continually generates random, six-digit, single-use authentication codes</li> \t<li>If your AWS account root user multi-factor authentication (MFA) device is lost, damaged, or not working, you can sign in using alternative methods of authentication</li> \t<li>This means that if you can\'t sign in with your MFA device, you can sign in by verifying your identity using the email and phone that are registered with your account</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> \t<li><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_lost-or-broken.html">https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_lost-or-broken.html</a></li> </ul>', 'question': '<p>According to AWS best practices you setup multi-factor authentication (MFA) for your root account and configured it to work with Google Authenticator on your smart phone. Unfortunately, your smart phone has been lost. What are the options available to access your account?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Get a user with administrative privileges in your AWS account to deactivate the MFA device assigned to the root account\xa0 \xa0 </p>', '<p>On the AWS sign-in with authentication device web page, choose to sign in using alternative factors of authentication and use the verification email and code to sign in\xa0 \xa0 </p>', '<p>You will need to contact AWS support to request that the MFA device is deactivated and have your password reset</p>', '<p>Unfortunately, you will no longer be able to access this account as the root user\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232337, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:49Z', 'created': '2018-11-26T03:27:49Z', 'correct_response': ['b'], 'question_plain': 'According to AWS best practices you setup multi-factor authentication (MFA) for your root account and configured it to work with Google Authenticator on your smart phone. Unfortunately, your smart phone has been lost. What are the options available to access your account?'}, {'_class': 'assessment', 'original_assessment_id': 4873786, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>An Amazon EC2 Dedicated Host is a physical server with EC2 instance capacity fully dedicated to your use. Dedicated Hosts can help you address compliance requirements and reduce costs by allowing you to use your existing server-bound software licenses</li> \t<li>Dedicated Instances are Amazon EC2 instances that run in a VPC on hardware that\'s dedicated to a single customer. Your Dedicated instances are physically isolated at the host hardware level from instances that belong to other AWS accounts. Dedicated instances may share hardware with other instances from the same AWS account that are not Dedicated instances</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://aws.amazon.com/ec2/dedicated-hosts/">https://aws.amazon.com/ec2/dedicated-hosts/</a></li> \t<li><a href="https://aws.amazon.com/ec2/purchasing-options/dedicated-instances/">https://aws.amazon.com/ec2/purchasing-options/dedicated-instances/</a></li> </ul>', 'question': '<p>A colleague has asked you to describe the difference between EC2 Dedicated Hosts and Dedicated Instances. Which of the statements below are accurate descriptions?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>An EC2 Dedicated Host is a physical server with EC2 instance capacity fully dedicated to your use\xa0 \xa0 </p>', "<p>Dedicated Instances are EC2 instances that run in a VPC on hardware that's dedicated to a single customer\xa0 \xa0 </p>", '<p>Dedicated instances may share hardware with other instances from the same AWS account that are not Dedicated instances\xa0 \xa0 </p>', '<p>Dedicated Hosts can help you address compliance requirements and reduce costs by allowing you to use your existing server-bound software licenses\xa0 \xa0 </p>', '<p>You can configure a VPC to Dedicated tenancy which overrides the setting configured at launch\xa0 \xa0 </p>', '<p>All answers are correct</p>'], 'feedbacks': ['', '', '', '', '', '']}, 'id': 6232339, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:49Z', 'created': '2018-11-26T03:27:49Z', 'correct_response': ['f'], 'question_plain': 'A colleague has asked you to describe the difference between EC2 Dedicated Hosts and Dedicated Instances. Which of the statements below are accurate descriptions?'}, {'_class': 'assessment', 'original_assessment_id': 4873794, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EFS is a fully-managed service that makes it easy to set up and scale file storage in the Amazon Cloud</li> \t<li>EFS uses the NFSv4.1 protocol</li> \t<li>Amazon EFS is designed to burst to allow high throughput levels for periods of time</li> \t<li>EFS offers the ability to encrypt data at rest and in transit</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/</a></li> </ul>', 'question': '<p>You need to create a file system that can be concurrently accessed by multiple EC2 instances within an AZ. The file system needs to support high throughput and the ability to burst. As the data that will be stored on the file system will be sensitive you need to ensure it is encrypted at rest and in transit.</p><p>What storage solution would you implement for the EC2 instances?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use the Elastic File System (EFS) and mount the file system using NFS v4.1\xa0 \xa0 </p>', '<p>Use the Elastic Block Store (EBS) and mount the file system at the block level\xa0 \xa0 </p>', '<p>Add EBS volumes to each EC2 instance and configure data replication\xa0 \xa0 </p>', '<p>Add EBS volumes to each EC2 instance and use an ELB to distribute data evenly between the volumes\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232341, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:49Z', 'created': '2018-11-26T03:27:49Z', 'correct_response': ['a'], 'question_plain': 'You need to create a file system that can be concurrently accessed by multiple EC2 instances within an AZ. The file system needs to support high throughput and the ability to burst. As the data that will be stored on the file system will be sensitive you need to ensure it is encrypted at rest and in transit.What storage solution would you implement for the EC2 instances?'}, {'_class': 'assessment', 'original_assessment_id': 4873812, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The configuration for this scenario includes a virtual private cloud (VPC) with a public subnet and a private subnet, and a virtual private gateway to enable communication with your own network over an IPsec VPN tunnel</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario3.html">https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario3.html</a></li> </ul>', 'question': '<p>Using the VPC wizard, you have selected the option “VPC with Public and Private Subnets and Hardware VPN access”. Which of the statements below correctly describe the configuration that will be created? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>A NAT gateway will be created for the private subnet\xa0 \xa0 </p>', '<p>A peering connection will be made between the public and private subnets\xa0 \xa0 </p>', '<p>One subnet will be connected to your corporate data center using an IPSec VPN tunnel\xa0 \xa0 </p>', '<p>A virtual private gateway will be created\xa0 \xa0 </p>', '<p>A physical VPN device will be allocated to your VPC\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232343, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:49Z', 'created': '2018-11-26T03:27:49Z', 'correct_response': ['c', 'd'], 'question_plain': 'Using the VPC wizard, you have selected the option “VPC with Public and Private Subnets and Hardware VPN access”. Which of the statements below correctly describe the configuration that will be created? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4873822, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Resiliency can be implemented through throttling rules based on the number of requests per second for each HTTP method (GET, PUT)</li> \t<li>Throttling can be configured at multiple levels including Global and Service Call</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> </ul>', 'question': '<p>A new application that you rolled out recently uses API Gateway and Lambda. The application is expected to be used by a large number of customers every day. Your company is planning on running an advertising campaign that will likely result in significant hits to the application after each ad is run. You’re concerned about the impact this may have on your application and would like to put in place some controls to limit the number of requests per second that hit the application.</p><p>What controls will you implement in this situation?</p>', 'relatedLectureIds': '', 'answers': ['<p>Enable caching on the API Gateway and specify a size in gigabytes\xa0 \xa0 </p>', '<p>Implement throttling rules on the API Gateway\xa0 \xa0 </p>', '<p>API Gateway and Lambda scale automatically to handle any load so there’s no need to implement controls\xa0 \xa0 </p>', '<p>Enable Lambda continuous scaling\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232345, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:49Z', 'created': '2018-11-26T03:27:49Z', 'correct_response': ['b'], 'question_plain': 'A new application that you rolled out recently uses API Gateway and Lambda. The application is expected to be used by a large number of customers every day. Your company is planning on running an advertising campaign that will likely result in significant hits to the application after each ad is run. You’re concerned about the impact this may have on your application and would like to put in place some controls to limit the number of requests per second that hit the application.What controls will you implement in this situation?'}, {'_class': 'assessment', 'original_assessment_id': 4876456, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EBS-backed means the root volume is an EBS volume and storage is persistent</li> \t<li>Instance store-backed means the root volume is an instance store volume and storage is not persistent</li> \t<li>On an EBS-backed instance, the default action is for the root EBS volume to be deleted upon termination</li> \t<li>Instance store volumes are sometimes called Ephemeral storage (non-persistent)</li> \t<li>Instance store volumes cannot be stopped. If the underlying host fails the data will be lost</li> \t<li>Instance store volume root devices are created from AMI templates stored on S3</li> \t<li>EBS backed instances can be stopped. You will not lose the data on this instance if it is stopped (persistent)</li> \t<li>EBS volumes can be detached and reattached to other EC2 instance</li> \t<li>EBS volume root devices are launched from AMI’s that are backed by EBS snapshots</li> \t<li>Instance store volumes cannot be detached/reattached</li> \t<li>When rebooting the instances for both types data will not be lost</li> \t<li>By default both root volumes will be deleted on termination unless you configured otherwise</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>A company is deploying new services on EC2 and needs to determine which instance types to use with what type of attached storage. Which of the statements about Instance store-backed and EBS-backed instances is true?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>EBS-backed instances can be stopped and restarted\xa0 \xa0 </p>', '<p>Instance-store backed instances can be stopped and restarted\xa0 \xa0 </p>', '<p>EBS-backed instances cannot be restarted\xa0 \xa0 </p>', '<p>Instance-store backed instances can only be terminated\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232417, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a'], 'question_plain': 'A company is deploying new services on EC2 and needs to determine which instance types to use with what type of attached storage. Which of the statements about Instance store-backed and EBS-backed instances is true?'}, {'_class': 'assessment', 'original_assessment_id': 4876462, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>All EBS types support encryption</li> \t<li>All instance families now support encryption</li> \t<li>Not all instance types support encryption</li> \t<li>Snapshots of encrypted volumes are encrypted automatically</li> \t<li>EBS volumes restored from encrypted snapshots are encrypted automatically</li> \t<li>EBS volumes created from encrypted snapshots are also encrypted</li> \t<li>You can share snapshots publicly, but only if they are unencrypted</li> \t<li>You can share snapshots with other accounts, including if they are encrypted (but you must share the CMK)</li> \t<li>Data in transit between an instance and an encrypted volume is also encrypted</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You are using encrypted Amazon Elastic Block Store (EBS) volumes with your instances in EC2. A security administrator has asked how encryption works with EBS. Which statements are correct? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Encryption is supported on all Amazon EBS volume types\xa0 \xa0 </p>', '<p>You cannot mix encrypted with unencrypted volumes on an instance\xa0 \xa0 </p>', '<p>Data in transit between an instance and an encrypted volume is also encrypted\xa0 \xa0 </p>', '<p>Volumes created from encrypted snapshots are unencrypted\xa0 \xa0 </p>', '<p>Data is only encrypted at rest</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232419, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'You are using encrypted Amazon Elastic Block Store (EBS) volumes with your instances in EC2. A security administrator has asked how encryption works with EBS. Which statements are correct? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4876474, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Launch configuration is the template used to create new EC2 instances and includes parameters such as instance family, instance type, AMI, key pair and security groups</li> \t<li>You cannot edit a launch configuration once defined</li> \t<li>In this case you can create a new launch configuration that use the new AMI and any new instances that are launched by the ASG will use the new AMI</li> \t<li>Suspending scaling processes can be useful when you want to investigate a configuration problem or other issue with your web application and then make changes to your application, without invoking the scaling processes. It is not useful in this situation</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>A client has made some updates to their web application. The application uses an Auto Scaling Group to maintain a group of several EC2 instances. The application has been modified and a new AMI must be used for launching any new instances that ASG launches.</p><p>What do you need to do to add the new AMI?</p>', 'relatedLectureIds': '', 'answers': ['<p>Modify the existing launch configuration to add the new AMI\xa0 \xa0 </p>', '<p>Create a new launch configuration that uses the AMI and update the ASG to use the new launch configuration\xa0 \xa0 </p>', '<p>Create a new target group that uses a new launch configuration with the new AMI\xa0 \xa0 </p>', '<p>Suspend Auto Scaling and replace the existing AMI\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232421, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'A client has made some updates to their web application. The application uses an Auto Scaling Group to maintain a group of several EC2 instances. The application has been modified and a new AMI must be used for launching any new instances that ASG launches.What do you need to do to add the new AMI?'}, {'_class': 'assessment', 'original_assessment_id': 4876608, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Petabyte scale data transport solution for transferring data into or out of AWS</li> \t<li>Uses a secure storage device for physical transportation</li> \t<li>AWS Snowball Client is software that is installed on a local computer and is used to identify, compress, encrypt, and transfer data</li> \t<li>Uses 256-bit encryption (managed with the AWS KMS) and tamper-resistant enclosures with TPM</li> \t<li>Snowball can import to S3 or export from S3</li> \t<li>Import/export is when you send your own disks into AWS – this is being deprecated in favour of Snowball</li> \t<li>Snowball must be ordered from and returned to the same region</li> \t<li>To speed up data transfer it is recommended to run simultaneous instances of the AWS Snowball Client in multiple terminals and transfer small files as batches</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/migration/aws-snowball/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/migration/aws-snowball/</a></li> </ul>', 'question': '<p>The financial institution you are working for stores large amounts of historical transaction records. There are over 25TB of records and your manager has decided to move them into the AWS Cloud. You are planning to use Snowball as copying the data would take too long. Which of the statements below are true regarding Snowball? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Snowball can import to S3 but cannot export from S3\xa0 \xa0 </p>', '<p>Uses a secure storage device for physical transportation\xa0 \xa0 </p>', '<p>Can be used with multipart upload\xa0 \xa0 </p>', '<p>Petabyte scale data transport solution for transferring data into or out of AWS\xa0 \xa0 </p>', '<p>Snowball can be used for migration on-premise to on-premise\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232423, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b', 'd'], 'question_plain': 'The financial institution you are working for stores large amounts of historical transaction records. There are over 25TB of records and your manager has decided to move them into the AWS Cloud. You are planning to use Snowball as copying the data would take too long. Which of the statements below are true regarding Snowball? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4876622, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ElastiCache is a web service that makes it easy to deploy and run Memcached or Redis protocol-compliant server nodes in the cloud</li> \t<li>The in-memory caching provided by ElastiCache can be used to significantly improve latency and throughput for many read-heavy application workloads or compute-intensive workloads</li> \t<li>Read replicas are used for read heavy DBs and replication is asynchronous</li> \t<li>Read replicas are for workload sharing and offloading</li> \t<li>Read replicas are created from a snapshot of the master instance</li> \t<li>Moving from a relational DB to a NoSQL DB (DynamoDB) is unlikely to be a viable solution</li> \t<li>Using a larger instance size may alleviate the problems the question states that the solution should offload reads from the main DB, read replicas can do this</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>A three-tier web application that you deployed in your VPC has been experiencing heavy load on the DB tier. The DB tier uses RDS MySQL in a multi-AZ configuration. Customers have been complaining about poor response times and you have been asked to find a solution. During troubleshooting you discover that the DB tier is experiencing high read contention during peak hours of the day.</p><p>What are two possible options you could use to offload some of the read traffic from the DB to resolve the performance issues? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Deploy ElastiCache in each AZ\xa0 \xa0 </p>', '<p>Migrate to DynamoDB\xa0 \xa0 </p>', '<p>Add RDS read replicas in each AZ\xa0 \xa0 </p>', '<p>Use a larger RDS instance size\xa0 \xa0 </p>', '<p>Use an ELB to distribute load between RDS instances\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232425, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'A three-tier web application that you deployed in your VPC has been experiencing heavy load on the DB tier. The DB tier uses RDS MySQL in a multi-AZ configuration. Customers have been complaining about poor response times and you have been asked to find a solution. During troubleshooting you discover that the DB tier is experiencing high read contention during peak hours of the day.What are two possible options you could use to offload some of the read traffic from the DB to resolve the performance issues? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4876632, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon S3 is object storage built to store and retrieve any amount of data from anywhere on the Internet</li> \t<li>It’s a simple storage service that offers an extremely durable, highly available, and infinitely scalable data storage infrastructure at very low costs</li> \t<li>S3 can be used to host static websites</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>You are building a small web application running on EC2 that will be serving static content. What AWS service provides durable storage for static content and would reduce the load on the web server?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon S3\xa0 \xa0 </p>', '<p>Amazon EBS volume\xa0 \xa0 </p>', '<p>Amazon CloudFront\xa0 \xa0 </p>', '<p>Amazon RedShift\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232427, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a'], 'question_plain': 'You are building a small web application running on EC2 that will be serving static content. What AWS service provides durable storage for static content and would reduce the load on the web server?'}, {'_class': 'assessment', 'original_assessment_id': 4876648, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Public subnets are subnets that have:</li> \t<li>- “Auto-assign public IPv4 address” set to “Yes”</li> \t<li>- The subnet route table has an attached Internet Gateway</li> \t<li>A NAT Gateway is used for providing outbound Internet access for EC2 instances in private subnets</li> \t<li>Checking you can ping from another subnet does not relate to being able to access the instance remotely as it uses different protocols and a different network path</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You just created a new subnet in your VPC and have launched an EC2 instance into it. You are trying to access the EC2 instance from the Internet and cannot connect. What steps should you take to troubleshoot the issue? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Check that the instance has a public IP address\xa0 \xa0 </p>', '<p>Check that there is a NAT Gateway configured for the subnet\xa0 \xa0 </p>', '<p>Check that the route table associated with the subnet has an entry for an Internet Gateway\xa0 \xa0 </p>', '<p>Check that you can ping the instance from another subnet\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232429, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'You just created a new subnet in your VPC and have launched an EC2 instance into it. You are trying to access the EC2 instance from the Internet and cannot connect. What steps should you take to troubleshoot the issue? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4876654, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can determine which subnets Auto Scaling will launch new instances into</li> \t<li>Auto Scaling will try to distribute EC2 instances evenly across AZs</li> \t<li>ELB is not the issue here as ELB is not responsible for launching instances into subnets</li> \t<li>If the AMI was missing from the launch configuration no instances would be running</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. You have just completed the implementation of a 2-tier web application for a client. The application uses EC2 instances, ELB and Auto Scaling across two subnets. After deployment you notice that only one subnet has EC2 instances running in it. What might be the cause of this situation?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The ELB is configured as an internal-only load balancer\xa0 \xa0 </p>', '<p>The Auto Scaling Group has not been configured with multiple subnets\xa0 \xa0 </p>', '<p>Cross-zone load balancing is not enabled on the ELB\xa0 \xa0 </p>', '<p>The AMI is missing from the ASG’s launch configuration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232431, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. You have just completed the implementation of a 2-tier web application for a client. The application uses EC2 instances, ELB and Auto Scaling across two subnets. After deployment you notice that only one subnet has EC2 instances running in it. What might be the cause of this situation?'}, {'_class': 'assessment', 'original_assessment_id': 4876660, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Multi-AZ RDS creates a replica in another AZ and synchronously replicates to it (DR only)</li> \t<li>Multi-AZ deployments for the MySQL, MariaDB, Oracle and PostgreSQL engines utilize synchronous physical replication</li> \t<li>Multi-AZ deployments for the SQL Server engine use synchronous logical replication (SQL Server-native Mirroring technology)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>A client has requested a design for a fault tolerant database that can failover between AZs. You have decided to use RDS in a multi-AZ configuration. What type of replication will the primary database use to replicate to the standby instance?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Synchronous replication\xa0 \xa0 </p>', '<p>Scheduled replication\xa0 \xa0 </p>', '<p>Asynchronous replication\xa0 \xa0 </p>', '<p>Continuous replication\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232433, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a'], 'question_plain': 'A client has requested a design for a fault tolerant database that can failover between AZs. You have decided to use RDS in a multi-AZ configuration. What type of replication will the primary database use to replicate to the standby instance?'}, {'_class': 'assessment', 'original_assessment_id': 4876702, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Internet facing ELB nodes have public IPs</li> \t<li>Both types of ELB route traffic to the <strong>private</strong> IP addresses of EC2 instances</li> \t<li data-pm-slice="1 1 []">For public facing ELBs you must have one public subnet in each AZ where the ELB is defined</li> \t<li data-pm-slice="1 1 []">Internal-only load balancers <strong>do not require</strong> an Internet gateway</li> \t<li data-pm-slice="1 1 []"><span>Only 1 subnet per AZ can be enabled for each ELB</span></li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>A solutions architect is building a scalable and fault tolerant web architecture and is evaluating the benefits of the Elastic Load Balancing (ELB) service. Which statements are true regarding ELBs? (select 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Internet facing ELB nodes have public IPs\xa0 \xa0 </p>', '<p>Both types of ELB route traffic to the public IP addresses of EC2 instances\xa0 \xa0 </p>', '<p>For public facing ELBs you must have one public subnet in each AZ where the ELB is defined\xa0 \xa0 </p>', '<p>Internal-only load balancers require an Internet gateway\xa0 \xa0 </p>', '<p>Multiple subnets per AZ can be enabled for each ELB</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232435, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'A solutions architect is building a scalable and fault tolerant web architecture and is evaluating the benefits of the Elastic Load Balancing (ELB) service. Which statements are true regarding ELBs? (select 2)'}, {'_class': 'assessment', 'original_assessment_id': 4876714, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Lambda automatically monitors Lambda functions and reports metrics through CloudWatch</li> \t<li>Lambda tracks the number of requests, the latency per request, and the number of requests resulting in an error</li> \t<li>You can view the request rates and error rates using the AWS Lambda Console, the CloudWatch console, and other AWS resources</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/</a></li> </ul>', 'question': '<p>You are using CloudWatch to monitor the performance of AWS Lambda. Which metrics does Lambda track? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Latency per request\xa0 \xa0 </p>', '<p>Total number of requests\xa0 \xa0 </p>', '<p>Number of users</p>', '<p>Total number of connections\xa0 \xa0 </p>', '<p>Total number of transactions\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232437, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'b'], 'question_plain': 'You are using CloudWatch to monitor the performance of AWS Lambda. Which metrics does Lambda track? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4876726, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Permission is required for all penetration tests</li> \t<li>You must\xa0complete and submit the\xa0AWS Vulnerability / Penetration Testing Request Form to request authorization for penetration testing to or originating from any AWS resources</li> \t<li>There is a limited set of resources on which penetration testing can be performed</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/security/penetration-testing/">https://aws.amazon.com/security/penetration-testing/</a></li> </ul>', 'question': "<p>The AWS Acceptable Use Policy\xa0describes permitted and prohibited behavior on AWS and includes descriptions of prohibited security violations and network abuse. According to the policy, what is AWS's position on penetration testing?\xa0 \xa0 </p>", 'relatedLectureIds': '', 'answers': ['<p>AWS do not allow any form of penetration testing\xa0 \xa0 </p>', '<p>AWS allow penetration testing by customers on their own VPC resources\xa0 \xa0 </p>', '<p>AWS allow penetration for some resources with prior authorization\xa0 \xa0 </p>', '<p>AWS allow penetration testing for all resources\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232439, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['c'], 'question_plain': "The AWS Acceptable Use Policy\xa0describes permitted and prohibited behavior on AWS and includes descriptions of prohibited security violations and network abuse. According to the policy, what is AWS's position on penetration testing?"}, {'_class': 'assessment', 'original_assessment_id': 4876900, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can control access to smaller deployments of EC2 instances (5-10 instances at a time) by doing the following:</li> </ul> <ol> \t<li>Add a specific tag to the instances you want to grant the users or groups access to</li> \t<li>Create an IAM policy that grants access to any instances with the specific tag</li> \t<li>Attach the IAM policy to the users or groups you want to access the instance</li> </ol> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/premiumsupport/knowledge-center/iam-ec2-resource-tags/">https://aws.amazon.com/premiumsupport/knowledge-center/iam-ec2-resource-tags/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. In your VPC you have a mixture of EC2 instances in production and non-production environments. You need to devise a way to segregate access permissions to different sets of users for instances in different environments.</p><p>How can this be achieved? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Add a specific tag to the instances you want to grant the users or groups access to\xa0 \xa0 </p>', '<p>Add an environment variable to the instances using user data\xa0 \xa0 </p>', '<p>Create an IAM policy with a conditional statement that matches the environment variables\xa0 \xa0 </p>', '<p>Create an IAM policy that grants access to any instances with the specific tag\xa0 \xa0 </p>', '<p>Attach an Identity Provider (IdP) and delegate access to the instances to the relevant groups</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232441, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'd'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. In your VPC you have a mixture of EC2 instances in production and non-production environments. You need to devise a way to segregate access permissions to different sets of users for instances in different environments.How can this be achieved? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4876908, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li lang="en-AU"><span>Availability Zones are distinct locations that are engineered to be isolated from failures in other Availability Zones</span></li> \t<li lang="en-AU"><span>Availability Zones are connected with low latency, high throughput, and highly redundant networking</span></li> \t<li lang="en-AU">Subnets are created within availability zones (AZs)</li> \t<li lang="en-AU"><span>Each subnet must reside entirely within one Availability Zone and cannot span zones</span></li> </ul> <strong>References:</strong><a href="https://aws.amazon.com/premiumsupport/knowledge-center/iam-ec2-resource-tags/"></a> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html</a></li> </ul>', 'question': '<p>AWS Regions provide multiple, physically separated and isolated _____________ which are connected with low latency, high throughput, and highly redundant networking. Select the missing term from the options below.\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Subnets</p>', '<p>Facilities</p>', '<p>Edge locations</p>', '<p>Availability zones</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232443, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['d'], 'question_plain': 'AWS Regions provide multiple, physically separated and isolated _____________ which are connected with low latency, high throughput, and highly redundant networking. Select the missing term from the options below.'}, {'_class': 'assessment', 'original_assessment_id': 4876916, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li lang="en-AU"><span>AWS CloudHSM is a cloud-based hardware security module (HSM) that allows you to easily add secure key storage and high-performance crypto operations to your AWS applications</span></li> \t<li lang="en-AU"><span>CloudHSM is a managed service that automates time-consuming administrative tasks, such as hardware provisioning, software patching, high availability, and backups</span></li> \t<li lang="en-AU"><span>CloudHSM is one of several AWS services, including\xa0</span>AWS Key Management Service (KMS)<span>, which offer a high level of security for your cryptographic keys</span></li> \t<li lang="en-AU"><span>KMS provides an easy, cost-effective way to manage encryption keys on AWS that meets the security needs for the majority of customer data</span></li> </ul> <strong>References:</strong><a href="https://aws.amazon.com/premiumsupport/knowledge-center/iam-ec2-resource-tags/"></a> <ul> \t<li><a href="https://aws.amazon.com/cloudhsm/details/">https://aws.amazon.com/cloudhsm/details/</a></li> </ul>', 'question': '<p>You are using encryption with several AWS services and are looking for a solution for secure storage of the keys. Which AWS service provides a hardware-based storage solution for cryptographic keys?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>CloudHSM\xa0 \xa0 </p>', '<p>Key Management Service (KMS)\xa0 \xa0 </p>', '<p>Virtual Private Cloud (VPC)\xa0 \xa0 </p>', '<p>Public Key Infrastructure (PKI)\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232445, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a'], 'question_plain': 'You are using encryption with several AWS services and are looking for a solution for secure storage of the keys. Which AWS service provides a hardware-based storage solution for cryptographic keys?'}, {'_class': 'assessment', 'original_assessment_id': 4876922, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li lang="en-AU"><span>Trusted Advisor is an online resource to help you reduce cost, increase performance, and improve security by optimizing your AWS environment</span></li> \t<li lang="en-AU"><span>Trusted Advisor provides real time guidance to help you provision your resources following AWS best practices</span></li> \t<li lang="en-AU">AWS Trusted Advisor<span>\xa0offers a Service Limits check (in the Performance category) that displays your usage and limits for some aspects of some services</span></li> </ul> <strong>References:</strong><a href="https://aws.amazon.com/premiumsupport/knowledge-center/iam-ec2-resource-tags/"></a> <ul> \t<li><a href="https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html">https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html</a></li> </ul>', 'question': '<p>You are concerned that you may be getting close to some of the default service limits for several AWS services. What AWS tool can be used to display current usage and limits?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>AWS CloudWatch\xa0 \xa0 </p>', '<p>AWS Dashboard\xa0 \xa0 </p>', '<p>AWS Trusted Advisor\xa0 \xa0 </p>', '<p>AWS Systems Manager\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232447, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['c'], 'question_plain': 'You are concerned that you may be getting close to some of the default service limits for several AWS services. What AWS tool can be used to display current usage and limits?'}, {'_class': 'assessment', 'original_assessment_id': 4873956, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Trails can be configured to log Data events and management events: <ul> \t<li>Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations</li> \t<li>Management events: Management events provide insight into management operations that are performed on resources in your AWS account. These are also known as control plane operations. Management events can also include non-API events that occur in your account</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudtrail/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudtrail/</a></li> \t<li><a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html">https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html</a></li> </ul>', 'question': '<p>An event in CloudTrail is the record of an activity in an AWS account. What are the two types of events that can be logged in CloudTrail? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>System Events which are also known as instance level operations\xa0 \xa0 </p>', '<p>Management Events which are also known as control plane operations\xa0 \xa0 </p>', '<p>Platform Events which are also known as hardware level operations\xa0 \xa0 </p>', '<p>Data Events which are also known as data plane operations\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232347, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:49Z', 'created': '2018-11-26T03:27:49Z', 'correct_response': ['b', 'd'], 'question_plain': 'An event in CloudTrail is the record of an activity in an AWS account. What are the two types of events that can be logged in CloudTrail? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4874122, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Elastic Beanstalk can be used to quickly deploy and manage applications in the AWS Cloud</li> \t<li>Developers upload applications and Elastic Beanstalk handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring</li> \t<li>Considered a Platform as a Service (PaaS) solution</li> \t<li>Allows full control of the underlying resources</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-elastic-beanstalk/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-elastic-beanstalk/</a></li> </ul>', 'question': '<p>The application development team in your company have created a new application written in .NET. You are looking for a way to easily deploy the application whilst maintaining full control of the underlying resources.</p><p>Which PaaS service provided by AWS would suit this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>CloudFront\xa0 \xa0\xa0</p>', '<p>CloudFormation\xa0 \xa0 </p>', '<p>Elastic Beanstalk\xa0 \xa0 </p>', '<p>EC2 Placement Groups\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232349, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:49Z', 'created': '2018-11-26T03:27:49Z', 'correct_response': ['c'], 'question_plain': 'The application development team in your company have created a new application written in .NET. You are looking for a way to easily deploy the application whilst maintaining full control of the underlying resources.Which PaaS service provided by AWS would suit this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 4874360, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Multi-AZ utilizes failover and DNS endpoint updates, not read replicas</li> \t<li>Read replicas are used for read heavy DBs and replication is asynchronous</li> \t<li>You can have read replicas of read replicas for MySQL and MariaDB but not for PostgreSQL</li> \t<li>You cannot have more than four instances involved in a replication chain</li> \t<li>You can specify the AZ the read replica is deployed in</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>You would like to provide some elasticity for your RDS DB. You are considering read replicas and are evaluating the features. Which of the following statements are applicable when using RDS read replicas? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>During failover RDS automatically updates configuration (including DNS endpoint) to use the second node\xa0 \xa0 </p>', '<p>It is possible to have read-replicas of read-replicas\xa0 \xa0 </p>', '<p>You cannot have more than four instances involved in a replication chain\xa0 \xa0 </p>', '<p>Replication is synchronous\xa0 \xa0 </p>', '<p>You cannot specify the AZ the read replica is deployed in\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232351, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:49Z', 'created': '2018-11-26T03:27:49Z', 'correct_response': ['b', 'c'], 'question_plain': 'You would like to provide some elasticity for your RDS DB. You are considering read replicas and are evaluating the features. Which of the following statements are applicable when using RDS read replicas? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4874374, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The AWS blog URL above explains how to construct an IAM policy for a similar scenario</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> \t<li><a href="https://aws.amazon.com/blogs/security/writing-iam-policies-grant-access-to-user-specific-folders-in-an-amazon-s3-bucket/">https://aws.amazon.com/blogs/security/writing-iam-policies-grant-access-to-user-specific-folders-in-an-amazon-s3-bucket/</a></li> </ul>', 'question': '<p>Your company has over 2000 users and is planning to migrate data into the AWS Cloud. Some of the data is user’s home folders on an existing file share and the plan is to move this data to S3. Each user will have a folder in a shared bucket under the folder structure: <em>bucket</em>/home/%username%.</p><p>What steps do you need to take to ensure that each user can access their own home folder and no one else’s? (choose all that apply)</p>', 'relatedLectureIds': '', 'answers': ['<p>Create an IAM policy that applies object-level S3 ACLs\xa0 \xa0 </p>', '<p>Create an IAM policy that applies folder-level permissions\xa0 \xa0 </p>', '<p>Create a bucket policy that applies access permissions based on username\xa0 \xa0 </p>', '<p>Create an IAM group and attach the IAM policy\xa0 \xa0 </p>', '<p>Attach an S3 ACL sub-resource that grants access based on the %username% variable\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232353, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:49Z', 'created': '2018-11-26T03:27:49Z', 'correct_response': ['b', 'd'], 'question_plain': 'Your company has over 2000 users and is planning to migrate data into the AWS Cloud. Some of the data is user’s home folders on an existing file share and the plan is to move this data to S3. Each user will have a folder in a shared bucket under the folder structure: bucket/home/%username%.What steps do you need to take to ensure that each user can access their own home folder and no one else’s? (choose all that apply)'}, {'_class': 'assessment', 'original_assessment_id': 4874648, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>File gateway provides a virtual on-premises file server, which enables you to store and retrieve files as objects in Amazon S3</li> \t<li>Can be used for on-premises applications, and for Amazon EC2-resident applications that need file storage in S3 for object based workloads</li> \t<li>Used for flat files only, stored directly on S3</li> \t<li>File gateway offers SMB or NFS-based access to data in Amazon S3 with local caching</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/aws-storage-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/aws-storage-gateway/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. One of your customers runs an application on-premise that stores large media files. The data is mounted to different servers using either the SMB or NFS protocols. The customer is having issues with scaling the storage infrastructure on-premise and is looking for a way to offload the data set into the cloud whilst retaining a local cache for frequently accessed content.</p><p>What solution would you recommend to the customer that would allow them to offload storage to the cloud and continue to mount a local cache on-premise using the SMB and NFS protocols?</p>', 'relatedLectureIds': '', 'answers': ['<p>Establish a VPN and use the Elastic File System (EFS)\xa0 \xa0 </p>', '<p>Use the AWS Storage Gateway Volume Gateway in cached volume mode\xa0 \xa0 </p>', '<p>Create a script that migrates infrequently used data to S3 using multi-part upload\xa0 \xa0 </p>', '<p>Use the AWS Storage Gateway File Gateway\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232355, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['d'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. One of your customers runs an application on-premise that stores large media files. The data is mounted to different servers using either the SMB or NFS protocols. The customer is having issues with scaling the storage infrastructure on-premise and is looking for a way to offload the data set into the cloud whilst retaining a local cache for frequently accessed content.What solution would you recommend to the customer that would allow them to offload storage to the cloud and continue to mount a local cache on-premise using the SMB and NFS protocols?'}, {'_class': 'assessment', 'original_assessment_id': 4874660, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon EC2 Auto Scaling helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application</li> \t<li>You can attach one or more Target Groups to your ASG to include instances behind an ALB</li> \t<li>The ELBs must be in the same region</li> \t<li>Once you do this any EC2 instance existing or added by the ASG will be automatically registered with the ASG defined ELBs</li> \t<li>If adding an instance to an ASG would result in exceeding the maximum capacity of the ASG the request will fail</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>You have an existing Auto Scaling Group running with 8 EC2 instances. You have decided to attach an ELB to the ASG by connecting a Target Group. The ELB is in the same region and already has 10 EC2 instances running in the Target Group. When attempting to attach the ELB the request fails, what is the most likely cause?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>ASGs cannot be edited once defined, you would need to recreate it\xa0 \xa0 </p>', '<p>Adding the 10 EC2 instances to the ASG would exceed the maximum capacity configured\xa0 \xa0 </p>', '<p>You cannot attach running EC2 instances to an ASG\xa0 \xa0 </p>', '<p>The EC2 instances in the Target Group are in the wrong Availability Zone\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232357, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'You have an existing Auto Scaling Group running with 8 EC2 instances. You have decided to attach an ELB to the ASG by connecting a Target Group. The ELB is in the same region and already has 10 EC2 instances running in the Target Group. When attempting to attach the ELB the request fails, what is the most likely cause?'}, {'_class': 'assessment', 'original_assessment_id': 4874802, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Snapshots capture a point-in-time state of an instance</li> \t<li>If you make periodic snapshots of a volume, the snapshots are incremental, which means that only the blocks on the device that have changed after your last snapshot are saved in the new snapshot</li> \t<li>Even though snapshots are saved incrementally, the snapshot deletion process is designed so that you need to retain only the most recent snapshot in order to restore the volume</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html</a></li> </ul>', 'question': '<p>You are trying to clean up your unused EBS volumes and snapshots to save some space and cost. How many of the most recent snapshots of an EBS volume need to be maintained to guarantee that you can recreate the full EBS volume from the snapshot?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Only the most recent snapshot. Snapshots are incremental, but the deletion process will ensure that no data is lost\xa0 \xa0 </p>', '<p>The oldest snapshot, as this references data in all other snapshots\xa0 \xa0 </p>', '<p>Two snapshots, the oldest and most recent snapshots\xa0 \xa0 </p>', '<p>You must retain all snapshots as the process is incremental and therefore data is required from each snapshot\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232359, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a'], 'question_plain': 'You are trying to clean up your unused EBS volumes and snapshots to save some space and cost. How many of the most recent snapshots of an EBS volume need to be maintained to guarantee that you can recreate the full EBS volume from the snapshot?'}, {'_class': 'assessment', 'original_assessment_id': 4874938, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Instance metadata is available at http://169.254.169.254/latest/meta-data</li> \t<li>The Instance Metadata Query tool\xa0allows you to query the instance metadata without having to type out the full URI or category names</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>A Solutions Architect is conducting an audit and needs to\xa0 query several properties of EC2 instances in a VPC. What two methods are available for accessing and querying the properties of an EC2 instance such as instance ID, public keys and network interfaces? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use the EC2 Config service\xa0 \xa0 </p>', '<p>Run the command “curl http://169.254.169.254/latest/meta-data/”\xa0 \xa0 </p>', '<p>Download and run the Instance Metadata Query Tool\xa0 \xa0 </p>', '<p>Run the command “curl http://169.254.169.254/latest/dynamic/instance-identity/”\xa0 \xa0 </p>', '<p>Use the Batch command\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232361, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b', 'c'], 'question_plain': 'A Solutions Architect is conducting an audit and needs to\xa0 query several properties of EC2 instances in a VPC. What two methods are available for accessing and querying the properties of an EC2 instance such as instance ID, public keys and network interfaces? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875076, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Standard queues provide a loose-FIFO capability that attempts to preserve the order of messages</li> \t<li>Standard queues provide at-least-once delivery, which means that each message is delivered at least once</li> \t<li>FIFO (first-in-first-out) queues preserve the exact order in which messages are sent and received – note that this is not required in the question but exactly once processing is</li> \t<li>FIFO queues provide exactly-once processing, which means that each message is delivered once and remains available until a consumer processes it and deletes it</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/</a></li> </ul>', 'question': '<p>You are a developer at Digital Cloud Guru. An application stack you are building needs a message bus to decouple the application components from each other. The application will generate up to 300 messages per second without using batching. You need to ensure that a message is only delivered once and duplicates are not introduced into the queue. It is not necessary to maintain the order of the messages.</p><p>Which SQS queue type will you use:</p>', 'relatedLectureIds': '', 'answers': ['<p>Standard queues\xa0 \xa0 </p>', '<p>Long polling queues\xa0 \xa0 </p>', '<p>FIFO queues\xa0 \xa0 </p>', '<p>Auto Scaling queues\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232363, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['c'], 'question_plain': 'You are a developer at Digital Cloud Guru. An application stack you are building needs a message bus to decouple the application components from each other. The application will generate up to 300 messages per second without using batching. You need to ensure that a message is only delivered once and duplicates are not introduced into the queue. It is not necessary to maintain the order of the messages.Which SQS queue type will you use:'}, {'_class': 'assessment', 'original_assessment_id': 4875084, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Dynamo DB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability</li> \t<li>Provides two read models</li> \t<li>Eventually consistent reads (Default):</li> \t<li>- The eventual consistency option maximizes your read throughput (best read performance)</li> \t<li>- An eventually consistent read might not reflect the results of a recently completed write</li> \t<li>- Consistency across all copies reached within 1 second</li> \t<li>Strongly consistent reads:</li> \t<li>- A strongly consistent read returns a result that reflects all writes that received a successful response prior to the read (faster consistency)</li> \t<li>Stores structured data in tables, indexed by a primary key</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>You are trying to decide on the best data store to use for a new project. The requirements are that the data store is schema-less, supports strongly consistent reads, and stores data in tables, indexed by a primary key.</p><p>Which AWS data store would you use?</p>', 'relatedLectureIds': '', 'answers': ['<p>S3</p>', '<p>RDS</p>', '<p>DynamoDB</p>', '<p>RedShift</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232365, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['c'], 'question_plain': 'You are trying to decide on the best data store to use for a new project. The requirements are that the data store is schema-less, supports strongly consistent reads, and stores data in tables, indexed by a primary key.Which AWS data store would you use?'}, {'_class': 'assessment', 'original_assessment_id': 4875348, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Elastic Container Service (ECS) is a highly scalable, high performance container management service that supports Docker containers and allows you to easily run applications on a managed cluster of Amazon EC2 instances</li> \t<li>Fargate Launch Type is a serverless infrastructure managed by AWS</li> \t<li>EC2 Launch Type allows you to run containers on EC2 instances that you manage</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> </ul>', 'question': '<p>A new financial platform has been re-architected to use Docker containers in a micro-services architecture. The new architecture will be implemented on AWS and you have been asked to recommend the solution configuration. For operational reasons, it will be necessary to access the operating system of the instances on which the containers run.</p><p>Which solution delivery option will you select?</p>', 'relatedLectureIds': '', 'answers': ['<p>ECS with the EC2 launch type\xa0 \xa0 </p>', '<p>EKS with Kubernetes managed infrastructure\xa0 \xa0 </p>', '<p>ECS with the Fargate launch type\xa0 \xa0 </p>', '<p>ECS with a default cluster\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232367, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a'], 'question_plain': 'A new financial platform has been re-architected to use Docker containers in a micro-services architecture. The new architecture will be implemented on AWS and you have been asked to recommend the solution configuration. For operational reasons, it will be necessary to access the operating system of the instances on which the containers run.Which solution delivery option will you select?'}, {'_class': 'assessment', 'original_assessment_id': 4875356, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>SNS supports notifications over multiple transport protocols: <ul> \t<li>HTTP/HTTPS – subscribers specify a URL as part of the subscription registration</li> \t<li>Email/Email-JSON – messages are sent to registered addresses as email (text-based or JSON-object)</li> \t<li>SQS – users can specify an SQS standard queue as the endpoint</li> \t<li>SMS – messages are sent to registered phone numbers as SMS text messages</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sns/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sns/</a></li> </ul>', 'question': '<p>You are developing a multi-tier application that includes loosely-coupled, distributed application components and need to determine a method of sending notifications instantaneously. Using SNS which transport protocols are supported? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>FTP</p>', '<p>Email-JSON</p>', '<p>HTTPS</p>', '<p>SWF</p>', '<p>Lambda</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232369, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b', 'c'], 'question_plain': 'You are developing a multi-tier application that includes loosely-coupled, distributed application components and need to determine a method of sending notifications instantaneously. Using SNS which transport protocols are supported? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875364, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and existing Business Intelligence (BI) tools</li> \t<li>RedShift is a SQL based data warehouse used for analytics applications</li> \t<li>RedShift is an Online Analytics Processing (OLAP) type of DB</li> \t<li>RedShift is used for running complex analytic queries against petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance local disks, and massively parallel query execution</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/</a></li> </ul>', 'question': '<p>You are a Solutions Architect for Digital Cloud Guru. A client has asked for some assistance in selecting the best database for a specific requirement. The database will be used for a data warehouse solution and the data will be stored in a structured format. The client wants to run complex analytics queries using business intelligence tools.</p><p>Which AWS database service will you recommend?</p>', 'relatedLectureIds': '', 'answers': ['<p>RDS</p>', '<p>RedShift</p>', '<p>DynamoDB</p>', '<p>Aurora</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232371, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect for Digital Cloud Guru. A client has asked for some assistance in selecting the best database for a specific requirement. The database will be used for a data warehouse solution and the data will be stored in a structured format. The client wants to run complex analytics queries using business intelligence tools.Which AWS database service will you recommend?'}, {'_class': 'assessment', 'original_assessment_id': 4875380, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>To enable your Lambda function to access resources inside your private VPC, you must provide additional VPC-specific configuration information that includes VPC subnet IDs and security group IDs</li> \t<li>AWS Lambda uses this information to set up elastic network interfaces (ENIs) that enable your function</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/</a></li> \t<li><a href="https://docs.aws.amazon.com/lambda/latest/dg/vpc.html">https://docs.aws.amazon.com/lambda/latest/dg/vpc.html</a></li> </ul>', 'question': '<p>You are developing some code that uses a Lambda function and you would like to enable the function to connect to an ElastiCache cluster within a VPC that you own. What VPC-specific information must you include in your function to enable this configuration? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>VPC Subnet IDs\xa0 \xa0 </p>', '<p>VPC Route Table IDs\xa0 \xa0 </p>', '<p>VPC Logical IDs\xa0 \xa0 </p>', '<p>VPC Security Group IDs\xa0 \xa0 </p>', '<p>VPC Route Table IDs\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232373, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'd'], 'question_plain': 'You are developing some code that uses a Lambda function and you would like to enable the function to connect to an ElastiCache cluster within a VPC that you own. What VPC-specific information must you include in your function to enable this configuration? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875390, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The in-memory caching provided by ElastiCache can be used to significantly improve latency and throughput for many read-heavy application workloads or compute-intensive workloads</li> \t<li>Elasticache can be used for storing session state</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-elasticache/</a></li> </ul>', 'question': '<p>A company runs several web applications on AWS that experience a large amount of traffic. An Architect is considering using adding a caching service to one of the most popular web applications. What are two advantages of using ElastiCache? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Multi-region HA\xa0 \xa0 </p>', '<p>Caching query results for improved performance\xa0 \xa0 </p>', '<p>Can be used for storing session state data\xa0 \xa0 </p>', '<p>Decoupling application components\xa0 \xa0 </p>', '<p>Low latency network connectivity\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232375, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b', 'c'], 'question_plain': 'A company runs several web applications on AWS that experience a large amount of traffic. An Architect is considering using adding a caching service to one of the most popular web applications. What are two advantages of using ElastiCache? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875394, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Alias records are used to map resource record sets in your hosted zone to Amazon Elastic Load Balancing load balancers, Amazon CloudFront distributions, AWS Elastic Beanstalk environments, or Amazon S3 buckets that are configured as websites</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>A Solutions Architect is creating an application design with several components that will be publicly addressable. The Architect would like to use Alias records. Using Route 53 Alias records what targets can you specify? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>CloudFront distribution\xa0 \xa0 </p>', '<p>On-premise web server\xa0 \xa0 </p>', '<p>Elastic BeanStalk environment\xa0 \xa0 </p>', '<p>VPC endpoint</p>', '<p>ElastiCache cluster\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232377, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'A Solutions Architect is creating an application design with several components that will be publicly addressable. The Architect would like to use Alias records. Using Route 53 Alias records what targets can you specify? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875402, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and your Amazon S3 bucket</li> \t<li>S3 Transfer Acceleration leverages Amazon CloudFront’s globally distributed AWS Edge Locations</li> \t<li>Used to accelerate object uploads to S3 over long distances (latency)</li> \t<li>You can use multipart uploads with transfer acceleration</li> \t<li>For objects larger than 100 megabytes use the Multipart Upload capability</li> </ul> <strong>References:</strong> <ul> \t<li>https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</li> </ul>', 'question': '<p>You work as a Solutions Architect for a global travel agency. The company has numerous offices around the world and users regularly upload large data sets to a centralized data center in the in U.S. The company is moving into AWS and you have been tasked with re-architecting the application stack on AWS.</p><p>For the data storage, you would like to use the S3 object store and enable fast and secure transfer of the files over long distances using the public Internet. Many objects will be larger than 100MB.</p><p>What configuration will optimize performance and cater for large files? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use S3 bucket replication\xa0 \xa0 </p>', '<p>Use multipart upload\xa0 \xa0 </p>', '<p>Enable S3 transfer acceleration\xa0 \xa0 </p>', '<p>Use Route 53 latency based routing\xa0 \xa0 </p>', '<p>AWS Direct Connect\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232379, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b', 'c'], 'question_plain': 'You work as a Solutions Architect for a global travel agency. The company has numerous offices around the world and users regularly upload large data sets to a centralized data center in the in U.S. The company is moving into AWS and you have been tasked with re-architecting the application stack on AWS.For the data storage, you would like to use the S3 object store and enable fast and secure transfer of the files over long distances using the public Internet. Many objects will be larger than 100MB.What configuration will optimize performance and cater for large files? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875410, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>When create an RDS instance, select the option to make it publicly accessible</li> \t<li>A security group will need to be created and assigned to the RDS instance</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.Scenarios.html#USER_VPC.Scenario4">https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.Scenarios.html#USER_VPC.Scenario4</a></li> </ul>', 'question': '<p>An application running in your on-premise data center writes data to a MySQL database. You are re-architecting the application and plan to move the database layer into the AWS cloud on RDS. You plan to keep the application running in your on-premise data center.</p><p>What do you need to do to connect the application to the RDS database via the Internet? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Create a DB subnet group that is publicly accessible\xa0 \xa0 </p>', '<p>Select a public IP within the DB subnet group to assign to the RDS instance\xa0 \xa0 </p>', '<p>Choose to make the RDS instance publicly accessible and place it in a public subnet\xa0 \xa0 </p>', '<p>Create a security group allowing access from your public IP to the RDS instance and assign to the RDS instance\xa0 \xa0 </p>', '<p>Configure an NAT Gateway and attach the RDS database\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232381, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['c', 'd'], 'question_plain': 'An application running in your on-premise data center writes data to a MySQL database. You are re-architecting the application and plan to move the database layer into the AWS cloud on RDS. You plan to keep the application running in your on-premise data center.What do you need to do to connect the application to the RDS database via the Internet? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875422, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon CloudWatch uses Amazon SNS to send email</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/</a></li> </ul>', 'question': '<p>Your operations team would like to be notified if an RDS database exceeds certain metric thresholds. They have asked you how this could be automated?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Create a CloudWatch alarm and associate an SNS topic with it that sends an email notification\xa0 \xa0 </p>', '<p>Create a CloudTrail alarm and configure a notification event to send an SMS\xa0 \xa0 </p>', '<p>Setup an RDS alarm and associate an SNS topic with it that sends an email\xa0 \xa0 </p>', '<p>Create a CloudWatch alarm and associate an SQS with it that delivers a message to SES\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232383, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a'], 'question_plain': 'Your operations team would like to be notified if an RDS database exceeds certain metric thresholds. They have asked you how this could be automated?'}, {'_class': 'assessment', 'original_assessment_id': 4875548, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS CloudFormation provides two methods for updating stacks: direct update or creating and executing change sets</li> \t<li>When you directly update a stack, you submit changes and AWS CloudFormation immediately deploys them</li> \t<li>Use direct updates when you want to quickly deploy your updates</li> \t<li>With change sets, you can preview the changes AWS CloudFormation will make to your stack, and then decide whether to apply those changes</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html</a></li> </ul>', 'question': '<p>You have deployed a number of AWS resources using CloudFormation. You need to make some changes to a couple of resources within the stack and are planning how to implement the updates. Due to recent bad experiences, you’re a little concerned about what the effects of implementing updates to the resources might have on other resources in the stack.</p><p>What is the easiest way to proceed cautiously?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use OpsWorks to manage the configuration changes\xa0 \xa0 </p>', '<p>Use a direct update\xa0 \xa0 </p>', '<p>Deploy a new stack to test the changes\xa0 \xa0 </p>', '<p>Create and execute a change set\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232385, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['d'], 'question_plain': 'You have deployed a number of AWS resources using CloudFormation. You need to make some changes to a couple of resources within the stack and are planning how to implement the updates. Due to recent bad experiences, you’re a little concerned about what the effects of implementing updates to the resources might have on other resources in the stack.What is the easiest way to proceed cautiously?'}, {'_class': 'assessment', 'original_assessment_id': 4875550, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Direct Connect gateway: <ul> \t<li>Grouping of Virtual Private Gateways (VGWs) and Private Virtual Interfaces (VIFs) that belong to the same AWS account</li> \t<li>Direct Connect Gateway enables you to interface with VPCs in any AWS Region (except AWS China Region)</li> \t<li>Can share private virtual interface to interface with more than one Virtual Private Clouds (VPCs) reducing the number of BGP sessions</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/aws-direct-connect/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/aws-direct-connect/</a></li> </ul>', 'question': '<p>You work for a large multinational retail company. The company has a large presence in AWS in multiple regions. You have established a new office and need to implement a high-bandwidth, low-latency connection to multiple VPCs in multiple regions within the same account. The VPCs each have unique CIDR ranges.</p><p>What would be the optimum solution design using AWS technology? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Implement a Direct Connect connection to the closest AWS region\xa0 \xa0 </p>', '<p>Implement Direct Connect connections to each AWS region\xa0 \xa0 </p>', '<p>Create a Direct Connect gateway, and create private VIFs to each region\xa0 \xa0 </p>', '<p>Configure AWS VPN CloudHub\xa0 \xa0 </p>', '<p>Provision an MPLS network\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232387, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'You work for a large multinational retail company. The company has a large presence in AWS in multiple regions. You have established a new office and need to implement a high-bandwidth, low-latency connection to multiple VPCs in multiple regions within the same account. The VPCs each have unique CIDR ranges.What would be the optimum solution design using AWS technology? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875680, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>CloudFront is used as the public endpoint for API Gateway</li> \t<li>Provides reduced latency and distributed denial of service protection through the use of CloudFront</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> </ul>', 'question': '<p>Which AWS service does API Gateway integrate with to enable users from around the world to achieve the lowest possible latency for API requests and responses?</p>', 'relatedLectureIds': '', 'answers': ['<p>Direct Connect\xa0 \xa0 </p>', '<p>S3 Transfer Acceleration\xa0 \xa0 </p>', '<p>CloudFront\xa0 \xa0 </p>', '<p>Lambda\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232389, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['c'], 'question_plain': 'Which AWS service does API Gateway integrate with to enable users from around the world to achieve the lowest possible latency for API requests and responses?'}, {'_class': 'assessment', 'original_assessment_id': 4875684, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Unlike AZ rebalancing, termination of unhealthy instances happens first, then Auto Scaling attempts to launch new instances to replace terminated instances</li> \t<li>By default uses EC2 status checks</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>A three-tier application running in your VPC uses Auto Scaling for maintaining a desired count of EC2 instances. One of the EC2 instances just reported an EC2 Status Check status of Impaired. Once this information is reported to Auto Scaling, what action will be taken?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>A new instance will immediately be launched, then the impaired instance will be terminated\xa0 \xa0 </p>', '<p>The impaired instance will be terminated, then a replacement will be launched\xa0 \xa0 </p>', '<p>Auto Scaling waits for the health check grace period and then terminates the instance\xa0 \xa0 </p>', '<p>Auto Scaling must verify with the ELB status checks before taking any action\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232391, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'A three-tier application running in your VPC uses Auto Scaling for maintaining a desired count of EC2 instances. One of the EC2 instances just reported an EC2 Status Check status of Impaired. Once this information is reported to Auto Scaling, what action will be taken?'}, {'_class': 'assessment', 'original_assessment_id': 4875688, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You cannot share encrypted volumes created using a default CMK key</li> \t<li>You cannot change the CMK key that is used to encrypt a volume</li> \t<li>You can share encrypted snapshots with other AWS accounts using a non-default CMK key and configuring cross-account permissions to give the account access to the key, mark as private and configure the account to share with</li> \t<li>The receiving account must copy the snapshot before they can then create volumes from the snapshot</li> \t<li>It is recommended that the receiving account re-encrypt the shared and encrypted snapshot using their own CMK key</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> \t<li><a href="https://aws.amazon.com/blogs/aws/new-cross-account-copying-of-encrypted-ebs-snapshots/">https://aws.amazon.com/blogs/aws/new-cross-account-copying-of-encrypted-ebs-snapshots/</a></li> </ul>', 'question': '<p>Your company has multiple AWS accounts for each environment (Prod, Dev, Test etc.). You would like to copy an EBS snapshot from DEV to PROD. The snapshot is from an EBS volume that was encrypted with a custom key.</p><p>What steps do you need to take to share the encrypted EBS snapshot with the Prod account? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Share the custom key used to encrypt the volume\xa0 \xa0 </p>', '<p>Modify the permissions on the encrypted snapshot to share it with the Prod account\xa0 \xa0 </p>', '<p>Make a copy of the EBS volume and unencrypt the data in the process\xa0 \xa0 </p>', '<p>Create a snapshot of the unencrypted volume and share it with the Prod account\xa0 \xa0 </p>', '<p>Use CloudHSM to distribute the encryption keys use to encrypt the volume\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232393, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'b'], 'question_plain': 'Your company has multiple AWS accounts for each environment (Prod, Dev, Test etc.). You would like to copy an EBS snapshot from DEV to PROD. The snapshot is from an EBS volume that was encrypted with a custom key.What steps do you need to take to share the encrypted EBS snapshot with the Prod account? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875694, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>This is a new feature (May 2018) that is probably not in the exam yet but better to be prepared!</li> \t<li>ALB now supports authentication from OIDC compliant identity providers such as Google, Facebook and Amazon</li> \t<li>Implemented through an authentication action on a listener rule that integrates with Amazon Cognito to create user pools</li> \t<li>SAML can be used with Amazon Cognito but this is not the only option</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> \t<li><a href="https://aws.amazon.com/blogs/aws/built-in-authentication-in-alb/">https://aws.amazon.com/blogs/aws/built-in-authentication-in-alb/</a></li> </ul>', 'question': '<p>The development team in your company have created a Python application running on ECS containers with the Fargate launch type. You have created an ALB with a Target Group that routes incoming connections to the ECS-based application. The application will be used by consumers who will authenticate using federated OIDC compliant Identity Providers such as Google and Facebook. You would like to securely authenticate the users on the front-end before they access the authenticated portions of the application.</p><p>How can this be done on the ALB?</p>', 'relatedLectureIds': '', 'answers': ['<p>This cannot be done on an ALB; you’ll need to use another layer in front of the ALB\xa0 \xa0 </p>', '<p>This can be done on the ALB by creating an authentication action on a listener rule that configures an Amazon Cognito user pool with the social IdP\xa0 \xa0 </p>', '<p>The only option is to use SAML with Amazon Cognito on the ALB\xa0 \xa0 </p>', '<p>This cannot be done on an ALB; you’ll need to authenticate users on the back-end with AWS Single Sign-On (SSO) integration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232395, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'The development team in your company have created a Python application running on ECS containers with the Fargate launch type. You have created an ALB with a Target Group that routes incoming connections to the ECS-based application. The application will be used by consumers who will authenticate using federated OIDC compliant Identity Providers such as Google and Facebook. You would like to securely authenticate the users on the front-end before they access the authenticated portions of the application.How can this be done on the ALB?'}, {'_class': 'assessment', 'original_assessment_id': 4875708, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The ECS container agent is included in the Amazon ECS optimized AMI and can also be installed on any EC2 instance that supports the ECS specification (only supported on EC2 instances)</li> \t<li>Troubleshooting steps include: <ul> \t<li>Verify that the Docker daemon is running on the container instance</li> \t<li>Verify that the Docker Container daemon is running on the container instance</li> \t<li>Verify that the container agent is running on the container instance</li> \t<li>Verify that the IAM instance profile has the necessary permissions</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> \t<li><a href="https://aws.amazon.com/premiumsupport/knowledge-center/ecs-agent-disconnected/">https://aws.amazon.com/premiumsupport/knowledge-center/ecs-agent-disconnected/</a></li> </ul>', 'question': '<p>An application you manage runs a number of components using a micro-services architecture. Several ECS container instances in your ECS cluster are displaying as disconnected. The ECS instances were created from the Amazon ECS-Optimized AMI. What steps might you take to troubleshoot the issue? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Verify that the container instances have the container agent installed\xa0 \xa0 </p>', '<p>Verify that the container agent is running on the container instances\xa0 \xa0 </p>', '<p>Verify that the IAM instance profile has the necessary permissions\xa0 \xa0 </p>', '<p>Verify that the container instances are using the Fargate launch type\xa0 \xa0 </p>', '<p>Verify that the instances have the correct IAM group applied\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232397, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b', 'c'], 'question_plain': 'An application you manage runs a number of components using a micro-services architecture. Several ECS container instances in your ECS cluster are displaying as disconnected. The ECS instances were created from the Amazon ECS-Optimized AMI. What steps might you take to troubleshoot the issue? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875710, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Multi-value answer routing policy can be used for responding to DNS queries with up to eight healthy records selected at random</li> \t<li>Weighted: <ul> \t<li>Similar to simple but you can specify a weight per IP address</li> \t<li>You create records that have the same name and type and assign each record a relative weight</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>The development team at Digital Cloud Guru have created a new web-based application that will soon be launched. The application will utilize 20 EC2 instances for the web front-end. Due to concerns over latency, you will not be using an ELB but still want to load balance incoming connections across multiple EC2 instances. You will be using Route 53 for the DNS service and want to implement health checks to ensure instances are available.</p><p>What two Route 53 configuration options are available that could be individually used to ensure connections reach multiple web servers in this configuration? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use Route 53 multivalue answers to return up to 8 records with each DNS query\xa0 \xa0 </p>', '<p>Use Route 53 simple load balancing which will return records in a round robin fashion\xa0 \xa0 </p>', '<p>Use Route 53 weighted records and give equal weighting to all 20 EC2 instances\xa0 \xa0 </p>', '<p>Use Route 53 failover routing in an active-active configuration\xa0 \xa0 </p>', '<p>Use Route 53 Alias records to resolve using the zone apex\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232399, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'The development team at Digital Cloud Guru have created a new web-based application that will soon be launched. The application will utilize 20 EC2 instances for the web front-end. Due to concerns over latency, you will not be using an ELB but still want to load balance incoming connections across multiple EC2 instances. You will be using Route 53 for the DNS service and want to implement health checks to ensure instances are available.What two Route 53 configuration options are available that could be individually used to ensure connections reach multiple web servers in this configuration? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875716, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Groups are collections of users and have policies attached to them</li> \t<li>A group is not an identity and cannot be identified as a principal in an IAM policy</li> \t<li>Use groups to assign permissions to users</li> \t<li>Use the principal of least privilege when assigning permissions</li> \t<li>You cannot nest groups (groups within groups)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>A new department will begin using AWS services in your account and you need to create an authentication and authorization strategy. Select the correct statements regarding IAM groups? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>IAM groups can be used to group EC2 instances\xa0 \xa0 </p>', '<p>IAM groups can be nested up to 4 levels\xa0 \xa0 </p>', '<p>An IAM group is not an identity and cannot be identified as a principal in an IAM policy\xa0 \xa0 </p>', '<p>IAM groups can be used to assign permissions to users\xa0 \xa0 </p>', '<p>IAM groups can temporarily assume a role to take on permissions for a specific task\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232401, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['c', 'd'], 'question_plain': 'A new department will begin using AWS services in your account and you need to create an authentication and authorization strategy. Select the correct statements regarding IAM groups? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875722, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Best practices include: <ul> \t<li>Keep item sizes small</li> \t<li>If you are storing serial data in DynamoDB that will require actions based on data/time use separate tables for days, weeks, months</li> \t<li>Store more frequently and less frequently accessed data in separate tables</li> \t<li>If possible compress larger attribute values</li> \t<li>Store objects larger than 400KB in S3 and use pointers (S3 Object ID) in DynamoDB</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-dynamodb/</a></li> </ul>', 'question': '<p>There is new requirement for a database that will store a large number of records for an online store. You are evaluating the use of DynamoDB. Which of the following are AWS best practices for DynamoDB? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use large files</p>', '<p>Use for BLOB data use cases\xa0 \xa0 </p>', '<p>Store more frequently and less frequently accessed data in separate tables\xa0 \xa0 </p>', '<p>Store objects larger than 400KB in S3 and use pointers in DynamoDB\xa0 \xa0 </p>', '<p>Use separate local secondary indexes for each item\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232403, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['c', 'd'], 'question_plain': 'There is new requirement for a database that will store a large number of records for an online store. You are evaluating the use of DynamoDB. Which of the following are AWS best practices for DynamoDB? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4875726, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>An Interface endpoint uses AWS PrivateLink and is an elastic network interface (ENI) with a private IP address that serves as an entry point for traffic destined to a supported service</li> \t<li>Using PrivateLink you can connect your VPC to supported AWS services, services hosted by other AWS accounts (VPC endpoint services), and supported AWS Marketplace partner services</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You are running an application on EC2 instances in a private subnet of your VPC. You would like to connect the application to Amazon API Gateway. For security reasons, you need to ensure that no traffic traverses the Internet and need to ensure all traffic uses private IP addresses only.</p><p>How can you achieve this?</p>', 'relatedLectureIds': '', 'answers': ['<p>Create a private API using an interface VPC endpoint\xa0 \xa0 </p>', '<p>Create a public VIF on a Direct Connect connection\xa0 \xa0 </p>', '<p>Add the API gateway to the subnet the EC2 instances are located in\xa0 \xa0 </p>', '<p>Create a NAT gateway\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232405, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a'], 'question_plain': 'You are running an application on EC2 instances in a private subnet of your VPC. You would like to connect the application to Amazon API Gateway. For security reasons, you need to ensure that no traffic traverses the Internet and need to ensure all traffic uses private IP addresses only.How can you achieve this?'}, {'_class': 'assessment', 'original_assessment_id': 4876136, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>ElastiCache cannot be used as an Internet facing web front-end</li> \t<li>An origin is the origin of the files that the CDN will distribute</li> \t<li>Origins can be either an S3 bucket, an EC2 instance, and Elastic Load Balancer, or Route 53 – can also be external (non-AWS)</li> \t<li>For RTMP distributions files must be stored in an S3 bucket</li> \t<li>Placing an ELB in front of a single EC2 instance does not help to reduce load</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> </ul>', 'question': '<p>An EC2 instance on which you are running a video on demand web application has been experiencing high CPU utilization. You would like to take steps to reduce the impact on the EC2 instance and improve performance for consumers. Which of the steps below would help?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use ElastiCache as the web front-end and forward connections to EC2 for cache misses\xa0 \xa0 </p>', '<p>Create a CloudFront distribution and configure a custom origin pointing at the EC2 instance\xa0 \xa0 </p>', '<p>Create a CloudFront RTMP distribution and point it at the EC2 instance\xa0 \xa0 </p>', '<p>Create an ELB and place it in front of the EC2 instance\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232407, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'An EC2 instance on which you are running a video on demand web application has been experiencing high CPU utilization. You would like to take steps to reduce the impact on the EC2 instance and improve performance for consumers. Which of the steps below would help?'}, {'_class': 'assessment', 'original_assessment_id': 4876272, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information</li> \t<li>Kinesis Data Streams enables you to build custom applications that process or analyze streaming data for specialized needs</li> \t<li>Kinesis Data Streams enables real-time processing of streaming big data</li> \t<li>Kinesis Data Streams is useful for rapidly moving data off data producers and then continuously processing the data</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> </ul>', 'question': '<p>A Solutions Architect is creating a design for an online gambling application that will process thousands of records. Which AWS service makes it easy to collect, process, and analyze real-time, streaming data?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>S3</p>', '<p>Kinesis Data Streams</p>', '<p>RedShift</p>', '<p>EMR</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232409, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'A Solutions Architect is creating a design for an online gambling application that will process thousands of records. Which AWS service makes it easy to collect, process, and analyze real-time, streaming data?'}, {'_class': 'assessment', 'original_assessment_id': 4876406, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Multipart upload can be used to speed up uploads to S3</li> \t<li>Multipart upload uploads objects in parts independently, in parallel and in any order</li> \t<li>Performed using the S3 Multipart upload API</li> \t<li>It is recommended for objects of 100MB or larger:</li> \t<li>- Can be used for objects from 5MB up to 5TB</li> \t<li>- Must be used for objects larger than 5GB</li> \t<li>If transmission of any part fails it can be retransmitted</li> \t<li>Improves throughput</li> \t<li>Can pause and resume object uploads</li> \t<li>Can begin upload before you know the final object size</li> \t<li>Randomizing object names provides no value in this context, random prefixes are used for intensive read requests</li> \t<li>Copy is used for copying, moving and renaming objects within S3 not for uploading to S3</li> \t<li>Turning off versioning will not speed up the upload</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>An application you manage regularly uploads files from an EC2 instance to S3. The files can be a couple of GB in size and sometimes the uploads are slower than you would like resulting in poor upload times. What method can be used to increase throughput and speed things up?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Randomize the object names when uploading\xa0 \xa0 </p>', '<p>Use Amazon S3 multipart upload\xa0 \xa0 </p>', '<p>Upload the files using the S3 Copy SDK or REST API\xa0 \xa0 </p>', '<p>Turn off versioning on the destination bucket\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232411, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'An application you manage regularly uploads files from an EC2 instance to S3. The files can be a couple of GB in size and sometimes the uploads are slower than you would like resulting in poor upload times. What method can be used to increase throughput and speed things up?'}, {'_class': 'assessment', 'original_assessment_id': 4876436, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Snapshots can be taken of non-root EBS volumes while running</li> \t<li>To take consistent snapshots writes must be stopped (paused) until the snapshot is complete – if not possible the volume needs to be detached, or if it’s an EBS root volume the instance must be stopped</li> \t<li>To create a snapshot for an Amazon EBS volume that serves as a root device, you should stop the instance before taking the snapshot</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-snapshot.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-snapshot.html</a></li> </ul>', 'question': '<p>You have just initiated the creation of a snapshot of an EBS volume and the snapshot process is currently in operation. Which of the statements below is true regarding the operations that are possible while the snapshot process in running?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The volume can be used in write-only mode while the snapshot is in progress\xa0 \xa0 </p>', '<p>The volume can be used in read-only mode while the snapshot is in progress\xa0 \xa0 </p>', '<p>The volume can be used as normal while the snapshot is in progress\xa0 \xa0 </p>', '<p>The volume cannot be used until the snapshot completes\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232413, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['c'], 'question_plain': 'You have just initiated the creation of a snapshot of an EBS volume and the snapshot process is currently in operation. Which of the statements below is true regarding the operations that are possible while the snapshot process in running?'}, {'_class': 'assessment', 'original_assessment_id': 4876446, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Elastic Beanstalk can be used to quickly deploy and manage applications in the AWS Cloud</li> \t<li>Developers upload applications and Elastic Beanstalk handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring</li> \t<li>Considered a Platform as a Service (PaaS) solution</li> \t<li>Supports Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker web applications</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-elastic-beanstalk/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-elastic-beanstalk/</a></li> </ul>', 'question': '<p>The development team in your organization would like to start leveraging AWS services. They have asked you what AWS service can be used to quickly deploy and manage applications in the AWS Cloud? The developers would like the ability to simply upload applications and have AWS handle the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring. What AWS service would you recommend?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>EC2</p>', '<p>Elastic Beanstalk</p>', '<p>Auto Scaling</p>', '<p>OpsWorks</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232415, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b'], 'question_plain': 'The development team in your organization would like to start leveraging AWS services. They have asked you what AWS service can be used to quickly deploy and manage applications in the AWS Cloud? The developers would like the ability to simply upload applications and have AWS handle the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring. What AWS service would you recommend?'}, {'_class': 'assessment', 'original_assessment_id': 5995310, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>With Amazon API Gateway, you can run a fully managed REST API that integrates with Lambda to execute your business logic and includes traffic management, authorization and access control, monitoring, and API versioning</li> \t<li>AWS Step Functions orchestrates serverless workflows including coordination, state, and function chaining as well as combining long-running executions not supported within Lambda execution limits by breaking into multiple steps or by calling workers running on Amazon Elastic Compute Cloud (Amazon EC2) instances or on-premises</li> \t<li>The Amazon Elastic Container Service (ECS) is not a serverless application stack, containers run on EC2 instances</li> \t<li>AWS CloudFormation and Elastic Beanstalk are orchestrators that are used for describing and provisioning resources not actually performing workflow functions within the application</li> </ul> <strong>References:</strong><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/"></a> <ul> \t<li><a href="https://aws.amazon.com/step-functions/">https://aws.amazon.com/step-functions/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-api-gateway/</a></li> </ul>', 'question': '<p>A Solutions Architect is designing the compute layer of a serverless application. The compute layer will manage requests from external systems, orchestrate serverless workflows, and execute the business logic.</p><p>The Architect needs to select the most appropriate AWS services for these functions. Which services should be used for the compute layer? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use Amazon ECS for executing the business logic\xa0 \xa0 </p>', '<p>Use Amazon API Gateway with AWS\xa0Lambda for executing the business logic\xa0 \xa0 </p>', '<p>Use AWS CloudFormation for orchestrating serverless workflows\xa0 \xa0 </p>', '<p>Use AWS Step Functions for orchestrating serverless workflows\xa0 \xa0 </p>', '<p>Use AWS Elastic Beanstalk for executing the business logic\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232449, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['b', 'd'], 'question_plain': 'A Solutions Architect is designing the compute layer of a serverless application. The compute layer will manage requests from external systems, orchestrate serverless workflows, and execute the business logic.The Architect needs to select the most appropriate AWS services for these functions. Which services should be used for the compute layer? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995318, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>When you provision your infrastructure with AWS CloudFormation, the AWS CloudFormation template describes exactly what resources are provisioned and their settings. Because these templates are text files, you simply track differences in your templates to track changes to your infrastructure, similar to the way developers control revisions to source code. For example, you can use a version control system with your templates so that you know exactly what changes were made, who made them, and when. If at any point you need to reverse changes to your infrastructure, you can use a previous version of your template</li> \t<li>AWS Systems Manager gives you visibility and control of your infrastructure on AWS. Systems Manager provides a unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources. However, CloudFormation would be the preferred method of maintaining the state of the overall architecture</li> \t<li>AWS CodeDeploy is a deployment service that automates application deployments to Amazon EC2 instances, on-premises instances, or serverless Lambda function</li> \t<li>AWS Trusted Advisor is an online resource to help you reduce cost, increase performance, and improve security by optimizing your AWS environment, Trusted Advisor provides real time guidance to help you provision your resources following AWS best practices</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/cloudformation/resources/">https://aws.amazon.com/cloudformation/resources/</a></li> </ul>\xa0', 'question': '<p>A systems integration consultancy regularly deploys and manages multi-tiered web services for customers on AWS. The SysOps team are facing challenges in tracking changes that are made to the web services and rolling back when problems occur.</p><p>Which of the approaches below would BEST assist the SysOps team?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use AWS Systems Manager to manage all updates to the web services\xa0 \xa0 </p>', '<p>Use CodeDeploy to manage version control for the web services\xa0 \xa0 </p>', '<p>Use Trusted Advisor to record updates made to the web services\xa0 \xa0 </p>', '<p>Use CloudFormation templates to deploy and manage the web services\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232451, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['d'], 'question_plain': 'A systems integration consultancy regularly deploys and manages multi-tiered web services for customers on AWS. The SysOps team are facing challenges in tracking changes that are made to the web services and rolling back when problems occur.Which of the approaches below would BEST assist the SysOps team?'}, {'_class': 'assessment', 'original_assessment_id': 5995328, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Convert the data warehouse schema and codefrom the Oracle database running on RDS using the\xa0AWS Schema Conversion Tool\xa0(AWS SCT) then migrate data from the Oracle database to Amazon Redshift\xa0using the\xa0AWS Database Migration Service (AWS DMS)</li> \t<li>API Gateway is not used for ETL functions</li> \t<li>Log shipping, or snapshots are not supported migration methods from RDS to RedShift</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/getting-started/projects/migrate-oracle-to-amazon-redshift/">https://aws.amazon.com/getting-started/projects/migrate-oracle-to-amazon-redshift/</a></li> </ul>', 'question': '<p>A Solutions Architect needs to migrate an Oracle database running on RDS onto Amazon RedShift to improve performance and reduce cost. What combination of tasks using AWS services should be used to execute the migration? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Convert the schema using the AWS Schema Conversion Tool\xa0 \xa0 </p>', '<p>Configure API Gateway to extract, transform and load the data into RedShift\xa0 \xa0 </p>', '<p>Migrate the database using the AWS Database Migration Service (DMS)</p>', '<p>Enable log shipping from the Oracle database to RedShift\xa0 \xa0 </p>', '<p>Take a snapshot of the Oracle database and restore the snapshot onto RedShift\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232453, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'A Solutions Architect needs to migrate an Oracle database running on RDS onto Amazon RedShift to improve performance and reduce cost. What combination of tasks using AWS services should be used to execute the migration? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995338, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS supports S3 URLs in the format of <strong>https://<bucket>.s3.amazonaws.com/<object></strong> (virtual host style addressing) and <strong>https://s3-<region>.amazonaws.com/<bucket>/<object></strong></li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html">https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html</a></li> </ul>', 'question': '<p>A company is moving some unstructured data into AWS and a Solutions Architect has created a bucket named "contosocustomerdata" in the ap-southeast-2 region. </p><p>Which of the following bucket URLs would be valid for accessing the bucket? (choose 2) </p>', 'relatedLectureIds': '', 'answers': ['<p>https://contosocustomerdata.s3.amazonaws.com</p>', '<p>https://s3-ap-southeast-2.amazonaws.com/contosocustomerdata</p>', '<p>https://amazonaws.s3-ap-southeast-2.com/contosocustomerdata</p>', '<p>https://s3.amazonaws.com/contosocustomerdata</p>', '<p>https://s3-ap-southeast-2.amazonaws.com.contosocustomerdata</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232455, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'b'], 'question_plain': 'A company is moving some unstructured data into AWS and a Solutions Architect has created a bucket named "contosocustomerdata" in the ap-southeast-2 region. Which of the following bucket URLs would be valid for accessing the bucket? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995348, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Well-defined interfaces - reduce interdependencies in a system by enabling interaction only through specific, technology-agnostic interfaces (e.g. RESTful APIs). A relational database is not an example of a well-defined interface</li> \t<li>Service discovery - disparate resources must have a way of discovering each other without prior knowledge of the network topology. Usually DNS names and a method of resolution are preferred over static IP addresses which need to be hardcoded somewhere</li> \t<li>Asynchronous integration - this is another form of loose coupling where an interaction does not need an immediate response (think SQS queue or Kinesis)</li> \t<li>Graceful failure - build applications such that they handle failure in a graceful manner (reduce the impact of failure and implement retries). Auto Scaling helps to reduce the impact of failure by launching replacement instances</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/architecture/well-architected/">https://aws.amazon.com/architecture/well-architected/</a></li> </ul>', 'question': '<p>A Solutions Architect is creating a design for a multi-tiered web application. The application will use multiple AWS services and must be designed with elasticity and high-availability in mind.</p><p>What architectural best practices should be followed to reduce interdependencies between systems? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Implement asynchronous integration using Amazon SQS queues\xa0 \xa0 </p>', '<p>Implement well-defined interfaces using a relational database\xa0 \xa0 </p>', '<p>Enable graceful failure through AWS Auto Scaling\xa0 \xa0 </p>', '<p>Implement service discovery using static IP addresses</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232457, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'A Solutions Architect is creating a design for a multi-tiered web application. The application will use multiple AWS services and must be designed with elasticity and high-availability in mind.What architectural best practices should be followed to reduce interdependencies between systems? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995358, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Kinesis makes it easy to collect, process, and analyze real-time streaming data. With Amazon Kinesis Analytics, you can run standard SQL or build entire streaming applications using SQL</li> \t<li>Amazon Simple Notification Service (Amazon SNS) provides a fully managed messaging service for pub/sub patterns using asynchronous event notifications and mobile push notifications for microservices, distributed systems, and serverless applications</li> \t<li>Amazon Elastic Map Reduce runs on EC2 instances so is not serverless</li> \t<li>Amazon Simple Workflow Service is used for executing tasks not sending messages</li> \t<li>Amazon CloudTrail is used for recording API activity on your account</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sns/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sns/</a></li> </ul>', 'question': '<p>A Solutions Architect is designing the messaging and streaming layers of a serverless application. The messaging layer will manage communications between components and the streaming layer will manage real-time analysis and processing of streaming data.</p><p>The Architect needs to select the most appropriate AWS services for these functions. Which services should be used for the messaging and streaming layers? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use Amazon Kinesis for collecting, processing and analyzing real-time streaming data</p>', '<p>Use Amazon EMR for collecting, processing and analyzing real-time streaming data\xa0 \xa0 </p>', '<p>Use Amazon SNS for providing a fully managed messaging service\xa0 \xa0 </p>', '<p>Use Amazon SWF for providing a fully managed messaging service\xa0 \xa0 </p>', '<p>Use Amazon CloudTrail for collecting, processing and analyzing real-time streaming data\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232459, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'A Solutions Architect is designing the messaging and streaming layers of a serverless application. The messaging layer will manage communications between components and the streaming layer will manage real-time analysis and processing of streaming data.The Architect needs to select the most appropriate AWS services for these functions. Which services should be used for the messaging and streaming layers? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995360, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Relational databases can scale vertically (e.g. upgrading to a larger RDS DB instance)</li> \t<li>For read-heavy use cases, you can scale horizontally using read replicas</li> \t<li>There is no such thing as a Multi-Master MySQL RDS DB (there is for Aurora)</li> \t<li>You cannot scale write capacity by enabling Multi-AZ as only one DB is active and can be written to</li> \t<li>Transfer Acceleration is a feature of S3 for fast uploads of objects</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/architecture/well-architected/">https://aws.amazon.com/architecture/well-architected/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>You are creating a design for a two-tier application with a MySQL RDS back-end. The performance requirements of the database tier are hard to quantify until the application is running and you are concerned about right-sizing the database. </p><p>What methods of scaling are possible after the MySQL RDS database is deployed? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Horizontal scaling for read capacity by creating a read-replica\xa0 \xa0 </p>', '<p>Horizontal scaling for write capacity by enabling Multi-AZ\xa0 \xa0 </p>', '<p>Horizontal scaling for write capacity by enabling Multi-AZ\xa0 \xa0 </p>', '<p>Vertical scaling for read and write by choosing a larger instance size\xa0 \xa0 </p>', '<p>Vertical scaling for read and write by using Transfer Acceleration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232461, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'd'], 'question_plain': 'You are creating a design for a two-tier application with a MySQL RDS back-end. The performance requirements of the database tier are hard to quantify until the application is running and you are concerned about right-sizing the database. What methods of scaling are possible after the MySQL RDS database is deployed? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995366, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>With Kinesis Data Firehose, you only pay for the amount of data you transmit through the service, and if applicable, for data format conversion. There is no minimum fee or setup cost</li> \t<li>AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume - there is no charge when your code is not running</li> \t<li>With Amazon EC2 you need to select your instance sizes and number of instances</li> \t<li>With RDS you need to select the instance size for the DB</li> \t<li>With DynamoDB you need to specify the read/write capacity of the DB</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/</a></li> </ul>', 'question': '<p>A Solutions Architect is designing an application stack that will be highly elastic. What AWS services can be used that don’t require you to make any capacity decisions upfront? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>AWS Lambda\xa0 \xa0 </p>', '<p>Amazon EC2\xa0 \xa0 </p>', '<p>Amazon Kinesis Firehose\xa0 \xa0 </p>', '<p>Amazon RDS\xa0 \xa0 </p>', '<p>DynamoDB\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232463, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a', 'c'], 'question_plain': 'A Solutions Architect is designing an application stack that will be highly elastic. What AWS services can be used that don’t require you to make any capacity decisions upfront? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995370, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS CodeCommit is a fully-managedsource control\xa0service that hosts secure Git-based repositiories</li> \t<li>AWS CodeStar enables you to quickly develop, build, and deploy applications on AWS</li> \t<li>AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud</li> \t<li>AWS Step Functions lets you coordinate multiple AWS services into serverless workflows so you can build and update apps quickly</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/codecommit/">https://aws.amazon.com/codecommit/</a></li> </ul>', 'question': '<p>The development team in a media organization is moving their SDLC processes into the AWS Cloud. Which AWS service is primarily used for software version control?</p>', 'relatedLectureIds': '', 'answers': ['<p>CodeCommit\xa0 \xa0 </p>', '<p>CodeStar\xa0 \xa0 </p>', '<p>CloudHSM\xa0 \xa0 </p>', '<p>Step Functions\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232465, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:50Z', 'created': '2018-11-26T03:27:50Z', 'correct_response': ['a'], 'question_plain': 'The development team in a media organization is moving their SDLC processes into the AWS Cloud. Which AWS service is primarily used for software version control?'}], 'next': None, 'count': 65, 'previous': None}, 'type': 'practice-test'}, {'title': 'AWS Certified Solutions Architect - Associate: Test 6', 'quiz_data': {'results': [{'_class': 'assessment', 'original_assessment_id': 4877462, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Every IAM user starts with no permissions</li> \t<li>In other words, by default, users can do nothing, not even view their own access keys</li> \t<li>To give a user permission to do something, you can add the permission to the user (that is, attach a policy to the user)</li> \t<li>Or you can add the user to a group that has the intended permission.</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_controlling.html">https://docs.aws.amazon.com/IAM/latest/UserGuide/access_controlling.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-iam/</a></li> </ul>', 'question': '<p>You created a new IAM user account for a temporary employee who recently joined the company. The user does not have permissions to perform any actions, which statement is true about newly created users in IAM?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>They are created with no permissions\xa0 \xa0 </p>', '<p>They are created with limited permissions\xa0 \xa0 </p>', '<p>They are created with full permissions\xa0 \xa0 </p>', '<p>They are created with user privileges\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232467, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a'], 'question_plain': 'You created a new IAM user account for a temporary employee who recently joined the company. The user does not have permissions to perform any actions, which statement is true about newly created users in IAM?'}, {'_class': 'assessment', 'original_assessment_id': 4877482, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Run Command is designed to support a wide range of enterprise scenarios including installing software, running ad hoc scripts or Microsoft PowerShell commands, configuring Windows Update settings, and more</li> \t<li>Run Command can be used to implement configuration changes across Windows instances on a consistent yet ad hoc basis</li> \t<li>Run Command is accessible from the AWS Management Console, the AWS Command Line Interface (CLI), the AWS Tools for Windows PowerShell, and the AWS SDKs</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/blogs/aws/new-ec2-run-command-remote-instance-management-at-scale/">https://aws.amazon.com/blogs/aws/new-ec2-run-command-remote-instance-management-at-scale/</a></li> </ul>', 'question': '<p>You need to run a PowerShell script on a fleet of EC2 instances running Microsoft Windows. The instances have already been launched in your VPC. What tool can be run from the AWS Management Console that will run the script on all target EC2 instances?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>AWS OpsWorks\xa0 \xa0 </p>', '<p>Run Command\xa0 \xa0 </p>', '<p>AWS Config\xa0 \xa0 </p>', '<p>AWS CodeDeploy\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232469, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'You need to run a PowerShell script on a fleet of EC2 instances running Microsoft Windows. The instances have already been launched in your VPC. What tool can be run from the AWS Management Console that will run the script on all target EC2 instances?'}, {'_class': 'assessment', 'original_assessment_id': 4877486, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>All EBS types support encryption</li> \t<li>All instance families now support encryption</li> \t<li>Not all instance types support encryption</li> \t<li>There is no direct way to change the encryption state of a volume</li> \t<li>Data in transit between an instance and an encrypted volume is also encrypted</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>A security officer has requested that all data associated with a specific customer is encrypted. The data resides on Elastic Block Store (EBS) volumes. Which of the following statements about using EBS encryption are correct? (choose 2)\xa0 \xa0 \xa0</p>', 'relatedLectureIds': '', 'answers': ['<p>Not all EBS types support encryption\xa0 \xa0 </p>', '<p>All instance types support encryption\xa0 \xa0 </p>', '<p>There is no direct way to change the encryption state of a volume\xa0 \xa0 </p>', '<p>Data in transit between an instance and an encrypted volume is also encrypted\xa0 \xa0 </p>', '<p>All attached EBS volumes must share the same encryption state\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232471, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c', 'd'], 'question_plain': 'A security officer has requested that all data associated with a specific customer is encrypted. The data resides on Elastic Block Store (EBS) volumes. Which of the following statements about using EBS encryption are correct? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877496, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You create collections of EC2 instances, called Auto Scaling groups</li> \t<li>Auto Scaling is a region specific service</li> \t<li>Auto Scaling can span multiple AZs within the same AWS region</li> \t<li>Auto Scaling can be configured from the Console, CLI, SDKs and APIs</li> \t<li>There is no additional cost for Auto Scaling, you just pay for the resources (EC2 instances) provisioned</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>You are planning on using AWS Auto Scaling to ensure that you have the correct number of Amazon EC2 instances available to handle the load for your applications. Which of the following statements is correct about Auto Scaling? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Auto Scaling is a region-specific service\xa0 \xa0 </p>', '<p>Auto Scaling can span multiple AZs within the same AWS region\xa0 \xa0 </p>', '<p>You create collections of EC2 instances, called Launch groups\xa0 \xa0 </p>', '<p>Auto Scaling is charged by the hour when registered\xa0 \xa0 </p>', '<p>Auto Scaling relies on Elastic Load Balancing</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232473, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'b'], 'question_plain': 'You are planning on using AWS Auto Scaling to ensure that you have the correct number of Amazon EC2 instances available to handle the load for your applications. Which of the following statements is correct about Auto Scaling? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877498, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The visibility timeout is the amount of time a message is invisible in the queue after a reader picks up the message</li> \t<li>If a job is processed within the visibility timeout the message will be deleted</li> \t<li>If a job is not processed within the visibility timeout the message will become visible again (could be delivered twice)</li> \t<li>The maximum visibility timeout for an Amazon SQS message is 12 hours</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/</a></li> </ul>', 'question': '<p>You are using a series of Spot instances that process messages from an SQS queue and store results in a DynamoDB table. Shortly after picking up a message from the queue AWS terminated the Spot instance. The Spot instance had not finished processing the message. What will happen to the message?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The message will be lost as it would have been deleted from the queue when processed\xa0 \xa0 </p>', '<p>The message will remain in the queue and be immediately picked up by another instance\xa0 \xa0 </p>', '<p>The message will become available for processing again after the visibility timeout expires\xa0 \xa0 </p>', '<p>The results may be duplicated in DynamoDB as the message will likely be processed multiple times\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232475, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You are using a series of Spot instances that process messages from an SQS queue and store results in a DynamoDB table. Shortly after picking up a message from the queue AWS terminated the Spot instance. The Spot instance had not finished processing the message. What will happen to the message?'}, {'_class': 'assessment', 'original_assessment_id': 4877504, 'related_lectures': [], 'prompt': {'explanation': '</li> \t<li>With NACLs you can have permit and deny rules</li> \t<li>Network ACLs contain a numbered list of rules that are evaluated in order from the lowest number until the explicit deny</li> \t<li>Network ACLs have separate inbound and outbound rules and each rule can allow or deny traffic</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. One of your clients has requested some advice on how to implement security measures in their VPC. The client has recently been the victim of some hacking attempts. Fortunately, no data has been exposed at this point but the client wants to implement measures to mitigate further threats. The client has explained that the attacks always come from the same small block of IP addresses.</p><p>What would be a quick and easy measure to help prevent further attacks?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use CloudFront’s DDoS prevention features\xa0 \xa0 </p>', '<p>Create a Bastion Host restrict all connections to the Bastion Host only\xa0 \xa0 </p>', '<p>Use a Network ACL rule that denies connections from the block of IP addresses\xa0 \xa0 </p>', '<p>Use a Security Group rule that denies connections from the block of IP addresses\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232477, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. One of your clients has requested some advice on how to implement security measures in their VPC. The client has recently been the victim of some hacking attempts. Fortunately, no data has been exposed at this point but the client wants to implement measures to mitigate further threats. The client has explained that the attacks always come from the same small block of IP addresses.What would be a quick and easy measure to help prevent further attacks?'}, {'_class': 'assessment', 'original_assessment_id': 4877508, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon S3 automatically scales to high request rates</li> \t<li>For example, your application can achieve at least 3,500 PUT/POST/DELETE and 5,500 GET requests per second per prefix in a bucket. There are no limits to the number of prefixes in a bucket</li> \t<li>If your workload is mainly sending GET requests, in addition to the preceding guidelines, you should consider using Amazon CloudFront for performance optimization</li> \t<li>By integrating CloudFront with Amazon S3, you can distribute content to your users with low latency and a high data transfer rate</li> \t<li>Transfer Acceleration is used to accelerate object <strong>uploads</strong> to S3 over long distances (latency)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/request-rate-perf-considerations.html">https://docs.aws.amazon.com/AmazonS3/latest/dev/request-rate-perf-considerations.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>You need to setup a distribution method for some static files. The requests will be mainly GET requests and you are expecting a high volume of GETs often exceeding 2000 per second. The files are currently stored in an S3 bucket. According to AWS best practices, what can you do to optimize performance?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Integrate CloudFront with S3 to cache the content\xa0 \xa0 </p>', '<p>Use cross-region replication to spread the load across regions\xa0 \xa0 </p>', '<p>Use ElastiCache to cache the content\xa0 \xa0 </p>', '<p>Use S3 Transfer Acceleration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232479, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a'], 'question_plain': 'You need to setup a distribution method for some static files. The requests will be mainly GET requests and you are expecting a high volume of GETs often exceeding 2000 per second. The files are currently stored in an S3 bucket. According to AWS best practices, what can you do to optimize performance?'}, {'_class': 'assessment', 'original_assessment_id': 4877514, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The failover mechanism automatically changes the DNS record of the DB instance to point to the standby DB instance</li> \t<li>As a result, you need to re-establish any existing connections to your DB instance</li> \t<li>The time it takes for the failover to complete depends on the database activity and other conditions at the time the primary DB instance became unavailable</li> \t<li>Failover times are typically 60-120 seconds</li> \t<li>Multi-AZ does use synchronous replication but failover is not instantaneous</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html">https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>An application you manage uses RDS in a multi-AZ configuration as the database back-end. There is a failure of the primary DB instance. Which of the following statements are correct in relation to the process RDS uses to failover to the standby DB instance? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The failover mechanism automatically changes the DNS record of the DB instance to point to the standby DB instance\xa0 \xa0 </p>', '<p>Failover times are typically 60-120 seconds\xa0 \xa0 </p>', '<p>Multi-AZ uses synchronous replication; therefore, the failover is instantaneous\xa0 \xa0 </p>', '<p>The failover mechanism automatically moves the Elastic IP address of the instance to the standby DB instance\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232481, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'b'], 'question_plain': 'An application you manage uses RDS in a multi-AZ configuration as the database back-end. There is a failure of the primary DB instance. Which of the following statements are correct in relation to the process RDS uses to failover to the standby DB instance? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877520, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Bastion Hosts are used for connecting to instances in private subnets and will not assist with enabling direct connectivity to this instance</li> \t<li>The subnet CIDR block is configured automatically as part of the creation of the VPC/subnet so should not be the issue here</li> \t<li>Security Groups and Network ACLs do need to be configured to enable connectivity</li> \t<li>You do not need a VPN connection to connect to an instance in a public subnet</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You are trying to SSH into an EC2 instance running Linux but cannot connect. The EC2 instance has been launched in a public subnet with an Internet Gateway. Upon investigation you have verified that the instance has a public IP address and that the route table does reference the Internet Gateway correctly. What else needs to be checked to enable connectivity?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Check that there is a Bastion Host in the subnet and connect to it first\xa0 \xa0 </p>', '<p>Check that the subnet CIDR block is referenced properly in the route table\xa0 \xa0 </p>', '<p>Check that the Security Groups and Network ACLs have the correct rules configured\xa0 \xa0 </p>', '<p>Check that the VPN is configured correctly\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232483, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You are trying to SSH into an EC2 instance running Linux but cannot connect. The EC2 instance has been launched in a public subnet with an Internet Gateway. Upon investigation you have verified that the instance has a public IP address and that the route table does reference the Internet Gateway correctly. What else needs to be checked to enable connectivity?'}, {'_class': 'assessment', 'original_assessment_id': 4877646, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Monitoring for ALB can be performed using CloudWatch, Access Logs and CloudTrail</li> \t<li>CloudWatch</li> \t<li>- Every 1 minute:</li> \t<li>- ELB service only sends information when requests are active</li> \t<li>- Can be used to trigger SNS notifications</li> \t<li>Access Logs:</li> \t<li>- Disabled by default</li> \t<li>- Includes information about the clients (not included in CloudWatch metrics)</li> \t<li>- Can identify requester, IP, request type etc.</li> \t<li>- Can be optionally stored and retained in S3</li> \t<li>CloudTrail:</li> \t<li>- Can be used to capture API calls to the ELB</li> \t<li>- Can be stored in an S3 bucket</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. A client has asked you for some advice about how they can capture detailed information about all HTTP requests that are processed by their Internet facing Application Load Balancer (ALB). The client requires information on the requester, IP address, and request type for analyzing traffic patterns to better understand their customer base.</p><p>What would you recommend to the client?</p>', 'relatedLectureIds': '', 'answers': ['<p>Enable Access Logs and store the data on S3\xa0 \xa0 </p>', '<p>Configure metrics in CloudWatch for the ALB\xa0 \xa0 </p>', '<p>Use CloudTrail to capture all API calls made to the ALB\xa0 \xa0 </p>', '<p>Enable EC2 detailed monitoring\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232485, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. A client has asked you for some advice about how they can capture detailed information about all HTTP requests that are processed by their Internet facing Application Load Balancer (ALB). The client requires information on the requester, IP address, and request type for analyzing traffic patterns to better understand their customer base.What would you recommend to the client?'}, {'_class': 'assessment', 'original_assessment_id': 4877652, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Network Load Balancer can distribute traffic to AWS and on-premise resources using IP addresses (not Instance IDs)</li> \t<li>Application Load Balancer can distribute traffic to AWS and on-premise resources using IP addresses but cannot be used to distribute traffic in a weighted manner</li> \t<li>Route 53 weighted routing policy: <ul> \t<li>Similar to simple but you can specify a weight per IP address</li> \t<li>You create records that have the same name and type and assign each record a relative weight</li> \t<li>Numerical value that favours one IP over another</li> \t<li>Must total 100</li> \t<li>To stop sending traffic to a resource you can change the weight of the record to 0</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-route-53/</a></li> </ul>', 'question': '<p>One of your clients is transitioning their web presence into the AWS cloud. As part of the migration the client will be running a web application both on-premises and in AWS for a period of time. During the period of co-existence the client would like 80% of the traffic to hit the AWS-based web servers and 20% to be directed to the on-premises web servers.</p><p>What method can you use to distribute traffic as requested?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use a Network Load Balancer to distribute traffic based on Instance ID\xa0 \xa0 </p>', '<p>Use an Application Load Balancer to distribute traffic based on IP address\xa0 \xa0 </p>', '<p>Use Route 53 with a weighted routing policy and configure the respective weights\xa0 \xa0 </p>', '<p>Use Route 53 with a simple routing policy\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232487, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'One of your clients is transitioning their web presence into the AWS cloud. As part of the migration the client will be running a web application both on-premises and in AWS for a period of time. During the period of co-existence the client would like 80% of the traffic to hit the AWS-based web servers and 20% to be directed to the on-premises web servers.What method can you use to distribute traffic as requested?'}, {'_class': 'assessment', 'original_assessment_id': 4877658, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The optional Outputs section declares output values that you can import into other stacks (to create cross-stack references), return in response (to describe stack calls), or view on the AWS CloudFormation console</li> \t<li>For example, you can output the S3 bucket name for a stack to make the bucket easier to find</li> \t<li>Template elements include: <ul> \t<li>File format and version (mandatory)</li> \t<li>List of resources and associated configuration values (mandatory)</li> \t<li>Template parameters (optional)</li> \t<li>Output values (optional)</li> \t<li>List of data tables (optional)</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-cloudformation/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/outputs-section-structure.html">https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/outputs-section-structure.html</a></li> </ul>', 'question': '<p>You are creating a CloudFormation Stack that will create EC2 instances that will record log files to an S3 bucket. When creating the template which optional section is used to return the name of the S3 bucket?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Mappings</p>', '<p>Outputs</p>', '<p>Resources</p>', '<p>Parameters</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232489, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'You are creating a CloudFormation Stack that will create EC2 instances that will record log files to an S3 bucket. When creating the template which optional section is used to return the name of the S3 bucket?'}, {'_class': 'assessment', 'original_assessment_id': 4877660, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon does not have access to your keys or credentials and therefore has no way to recover your keys if you lose your credentials</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/cloudhsm/faqs/">https://aws.amazon.com/cloudhsm/faqs/</a></li> </ul>', 'question': '<p>Your company has started using the AWS CloudHSM for secure key storage. A recent administrative error resulted in the loss of credentials to access the CloudHSM. You need access to data that was encrypted using keys stored on the hardware security module. How can you recover the keys that are no longer accessible?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>There is no way to recover your keys if you lose your credentials\xa0 \xa0 </p>', '<p>Log a case with AWS support and they will use MFA to recover the credentials\xa0 \xa0 </p>', '<p>Restore a snapshot of the CloudHSM\xa0 \xa0 </p>', '<p>Reset the CloudHSM device and create a new set of credentials\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232491, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a'], 'question_plain': 'Your company has started using the AWS CloudHSM for secure key storage. A recent administrative error resulted in the loss of credentials to access the CloudHSM. You need access to data that was encrypted using keys stored on the hardware security module. How can you recover the keys that are no longer accessible?'}, {'_class': 'assessment', 'original_assessment_id': 4877666, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon EMR is a web service that enables businesses, researchers, data analysts, and developers to easily and cost-effectively process vast amounts of data</li> \t<li>EMR utilizes a hosted Hadoop framework running on Amazon EC2 and Amazon S3</li> \t<li>Access Logs can be enabled on ALB and configured to store data in an S3 bucket</li> \t<li>Neither Kinesis or EC2 provide a hosted Hadoop service</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-emr/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-emr/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>You have recently enabled Access Logs on your Application Load Balancer (ALB). One of your colleagues would like to process the log files using a hosted Hadoop service. What configuration changes and services can be leveraged to deliver this requirement?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Configure Access Logs to be delivered to DynamoDB and use EMR for processing the log files\xa0 \xa0 </p>', '<p>Configure Access Logs to be delivered to S3 and use Kinesis for processing the log files\xa0 \xa0 </p>', '<p>Configure Access Logs to be delivered to S3 and use EMR for processing the log files\xa0 \xa0 </p>', '<p>Configure Access Logs to be delivered to EC2 and install Hadoop for processing the log files\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232493, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You have recently enabled Access Logs on your Application Load Balancer (ALB). One of your colleagues would like to process the log files using a hosted Hadoop service. What configuration changes and services can be leveraged to deliver this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 4877674, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AD Connector is a directory gateway for redirecting directory requests to your on-premise Active Directory</li> \t<li>AD Connector eliminates the need for directory synchronization and the cost and complexity of hosting a federation infrastructure</li> \t<li>Simple AD is an inexpensive Active Directory-compatible service in the AWS cloud with common directory features</li> \t<li>Simple AD does not support trust relationships with other domains (which the client requested is avoided anyway)</li> \t<li>IAM with Multi-Factor Authentication (MFA) would not help in this scenario</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/</a></li> </ul>', 'question': '<p>A client has started using AWS and wants to provide AWS Management Console access to some of their staff. The company currently uses Active Directory on-premise and would like to continue to configure Role Based Access Control (RBAC) using the current directory service. The client would prefer to avoid complex federation infrastructure and replicating security credentials into AWS.</p><p>Which two AWS services and features can be used together to deliver the desired result? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use the AWS Directory Service Simple AD\xa0 \xa0 </p>', '<p>Use the AWS Directory Service AD Connector\xa0 \xa0 </p>', '<p>Use IAM with MFA\xa0 \xa0 </p>', '<p>Use IAM Roles\xa0 \xa0 </p>', '<p>Use AWS Cognito\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232495, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b', 'd'], 'question_plain': 'A client has started using AWS and wants to provide AWS Management Console access to some of their staff. The company currently uses Active Directory on-premise and would like to continue to configure Role Based Access Control (RBAC) using the current directory service. The client would prefer to avoid complex federation infrastructure and replicating security credentials into AWS.Which two AWS services and features can be used together to deliver the desired result? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877684, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can control who can administer your file system using IAM</li> \t<li>You can control access to files and directories with POSIX-compliant user and group-level permissions</li> \t<li>POSIX permissions allows you to restrict access from hosts by user and group</li> \t<li>EFS Security Groups act as a firewall, and the rules you add define the traffic flow</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-efs/</a></li> \t<li><a href="https://aws.amazon.com/efs/features/">https://aws.amazon.com/efs/features/</a></li> </ul>', 'question': '<p>You have implement the AWS Elastic File System (EFS) to store data that will be accessed by a large number of EC2 instances. The data is sensitive and you are working on a design for implementing security measures to protect the data. You need to ensure that network traffic is restricted correctly based on firewall rules and access from hosts is restricted by user or group.</p><p>How can this be achieved with EFS? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use EFS Security Groups to control network traffic\xa0 \xa0 </p>', '<p>Use AWS Web Application Firewall (WAF) to protect EFS\xa0 \xa0 </p>', '<p>Use POSIX permissions to control access from hosts by user or group\xa0 \xa0 </p>', '<p>Use IAM groups to control access by user or group\xa0 \xa0 </p>', '<p>Use Network ACLs to control the traffic\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232497, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'c'], 'question_plain': 'You have implement the AWS Elastic File System (EFS) to store data that will be accessed by a large number of EC2 instances. The data is sensitive and you are working on a design for implementing security measures to protect the data. You need to ensure that network traffic is restricted correctly based on firewall rules and access from hosts is restricted by user or group.How can this be achieved with EFS? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877694, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Security groups act like a firewall at the instance level</li> \t<li>Specifically security groups operate at the network interface level</li> \t<li>Can only assign permit rules in a security group, cannot assign deny rules</li> \t<li>There is an implicit deny rule at the end of the security group</li> \t<li>All rules are evaluated until a permit is encountered or continues until the implicit deny</li> \t<li>Can control ingress and egress traffic</li> \t<li>Security groups are stateful</li> \t<li>Custom security groups do not have inbound allow rules (all inbound traffic is denied by default)</li> \t<li>Default security groups do have inbound allow rules (allowing traffic from within the group)</li> \t<li>All outbound traffic is allowed by default in custom and default security groups</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You have just created a new security group in your VPC. You have not yet created any rules. Which of the statements below are correct regarding the default state of the security group? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>There is an outbound rule that allows all traffic to all IP addresses\xa0 \xa0 </p>', '<p>There are no inbound rules and traffic will be implicitly denied\xa0 \xa0 </p>', '<p>There is an inbound rule allowing traffic from the Internet to port 22 for management\xa0 \xa0 </p>', '<p>There is an outbound rule allowing traffic to the Internet Gateway\xa0 \xa0 </p>', '<p>There are is an inbound rule that allows traffic from the Internet Gateway\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232499, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'b'], 'question_plain': 'You have just created a new security group in your VPC. You have not yet created any rules. Which of the statements below are correct regarding the default state of the security group? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877700, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The Classic Load Balancer (CLB) supports health checks on HTTP, TCP, HTTPS and SSL</li> \t<li>The Application Load Balancer (ALB) only supports health checks on HTTP and HTTPS</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>An application you manage runs a series of EC2 instances with a web application behind an Application Load Balancer (ALB). You are updating the configuration with a health check and need to select the protocol to use. What options are available to you? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>HTTP</p>', '<p>SSL</p>', '<p>HTTPS</p>', '<p>TCP</p>', '<p>ICMP</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232501, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'c'], 'question_plain': 'An application you manage runs a series of EC2 instances with a web application behind an Application Load Balancer (ALB). You are updating the configuration with a health check and need to select the protocol to use. What options are available to you? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877720, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Network ACL’s function at the subnet level</li> \t<li>With NACLs you can have permit and deny rules</li> \t<li>Network ACLs have separate inbound and outbound rules and each rule can allow or deny traffic</li> \t<li>Network ACLs are stateless so responses are subject to the rules for the direction of traffic</li> \t<li>NACLs only apply to traffic that is ingress or egress to the subnet not to traffic within the subnet</li> \t<li>A VPC automatically comes with a default network ACL which allows all inbound/outbound traffic</li> \t<li>A custom NACL denies all traffic both inbound and outbound by default</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You have just created a new Network ACL in your VPC. You have not yet created any rules. Which of the statements below are correct regarding the default state of the Network ACL? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>There is a default inbound rule denying all traffic\xa0 \xa0 </p>', '<p>There is a default outbound rule allowing all traffic\xa0 \xa0 </p>', '<p>There is a default inbound rule allowing traffic from the VPC CIDR block\xa0 \xa0 </p>', '<p>There is a default outbound rule denying all traffic\xa0 \xa0 </p>', '<p>There is a default outbound rule allowing traffic to the Internet Gateway\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232503, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'd'], 'question_plain': 'You have just created a new Network ACL in your VPC. You have not yet created any rules. Which of the statements below are correct regarding the default state of the Network ACL? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877728, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can specify the instance store volumes for your instance only when you launch an instance</li> \t<li>You can\'t attach instance store volumes to an instance after you\'ve launched it</li> \t<li>You can use a block device mapping to specify additional EBS volumes when you launch your instance, or you can attach additional EBS volumes after your instance is running</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/add-instance-store-volumes.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/add-instance-store-volumes.html</a></li> </ul>', 'question': '<p>You launched an EBS-backed EC2 instance into your VPC. A requirement has come up for some high-performance ephemeral storage and so you would like to add an instance-store backed volume. How can you add the new instance store volume?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>You can specify the instance store volumes for your instance only when you launch an instance\xa0 \xa0 </p>', '<p>You can use a block device mapping to specify additional instance store volumes when you launch your instance, or you can attach additional instance store volumes after your instance is running\xa0 \xa0 </p>', '<p>You must shutdown the instance in order to be able to add the instance store volume\xa0 \xa0 </p>', '<p>You must use an Elastic Network Adapter (ENA) to add instance store volumes. First, attach an ENA, and then attach the instance store volume\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232505, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a'], 'question_plain': 'You launched an EBS-backed EC2 instance into your VPC. A requirement has come up for some high-performance ephemeral storage and so you would like to add an instance-store backed volume. How can you add the new instance store volume?'}, {'_class': 'assessment', 'original_assessment_id': 4877730, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon ECS provides a service scheduler (for long-running tasks and applications), the ability to run tasks manually (for batch jobs or single run tasks), with Amazon ECS placing tasks on your cluster for you</li> \t<li>The service scheduler is ideally suited for long running stateless services and applications</li> \t<li>Amazon ECS allows you to create your own schedulers that meet the needs of your business, or to leverage third party schedulers</li> \t<li>Blox is an open- source project that gives you more control over how your containerized applications run on Amazon ECS</li> \t<li>Blox enables you to build schedulers and integrate third-party schedulers with Amazon ECS while leveraging Amazon ECS to fully manage and scale your clusters</li> \t<li>Custom schedulers use the StartTask API operation to place tasks on specific container instances within your cluster</li> \t<li>Custom schedulers are only compatible with tasks using the EC2 launch type. If you are using the Fargate launch type for your tasks, the StartTask API does not work</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ecs/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/scheduling_tasks.html">https://docs.aws.amazon.com/AmazonECS/latest/developerguide/scheduling_tasks.html</a></li> </ul>', 'question': '<p>You are using the Elastic Container Service (ECS) to run a number of containers using the EC2 launch type. To gain more control over scheduling containers you have decided to utilize Blox to integrate a third-party scheduler. The third-party scheduler will use the StartTask API to place tasks on specific container instances. What type of ECS scheduler will you need to use to enable this configuration?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Service Scheduler\xa0 \xa0 </p>', '<p>Cron Scheduler\xa0 \xa0 </p>', '<p>ECS Scheduler\xa0 \xa0 </p>', '<p>Custom Scheduler\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232507, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['d'], 'question_plain': 'You are using the Elastic Container Service (ECS) to run a number of containers using the EC2 launch type. To gain more control over scheduling containers you have decided to utilize Blox to integrate a third-party scheduler. The third-party scheduler will use the StartTask API to place tasks on specific container instances. What type of ECS scheduler will you need to use to enable this configuration?'}, {'_class': 'assessment', 'original_assessment_id': 4877746, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Designed for durability of 99.999999999% of objects across multiple Availability Zones</li> \t<li>Data is resilient in the event of one entire Availability Zone destruction</li> \t<li>Supports SSL for data in transit and encryption of data at rest</li> \t<li>Extremely low cost design is ideal for long-term archive</li> \t<li>Lifecycle management for automatic migration of objects</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/s3/storage-classes/">https://aws.amazon.com/s3/storage-classes/</a></li> </ul>', 'question': '<p>A large quantity of data is rarely accessed and is being assessed for archival onto Amazon Glacier. Your CIO wants to understand the resilience of the service. Which of the statements below is correct about Amazon Glacier storage?\xa0(choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Provides 99.9% availability of archives\xa0 \xa0 </p>', '<p>Data is resilient in the event of one entire region destruction\xa0 \xa0 </p>', '<p>Data is resilient in the event of one entire Availability Zone destruction\xa0 \xa0 </p>', '<p>Provides 99.999999999% durability of archives\xa0 \xa0 </p>', '<p>Data is replicated globally\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232509, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c', 'd'], 'question_plain': 'A large quantity of data is rarely accessed and is being assessed for archival onto Amazon Glacier. Your CIO wants to understand the resilience of the service. Which of the statements below is correct about Amazon Glacier storage?\xa0(choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877750, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts</li> \t<li>You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives</li> \t<li>User data is data that is supplied by the user at instance launch in the form of a script</li> \t<li>User data is limited to 16KB</li> \t<li>User data and meta data are not encrypted</li> \t<li>Instance metadata is available at http://169.254.169.254/latest/meta-data</li> \t<li>The Instance Metadata Query tool allows you to query the instance metadata without having to type out the full URI or category names</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>You are planning to launch a fleet of EC2 instances running Linux. As part of the launch you would like to install some application development frameworks and custom software onto the instances. The installation will be initiated using some scripts you have written. What feature allows you to specify the scripts so you can install the software during the EC2 instance launch?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Metadata\xa0 \xa0 </p>', '<p>User data</p>', '<p>Run command</p>', '<p>AWS\xa0Config</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232511, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'You are planning to launch a fleet of EC2 instances running Linux. As part of the launch you would like to install some application development frameworks and custom software onto the instances. The installation will be initiated using some scripts you have written. What feature allows you to specify the scripts so you can install the software during the EC2 instance launch?'}, {'_class': 'assessment', 'original_assessment_id': 4877756, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Read replicas are used for read heavy DBs and replication is asynchronous</li> \t<li>Read replicas are for workload sharing and offloading</li> \t<li>Read Replicas can be within an AZ, Cross-AZ and Cross-Region</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>An RDS database is experiencing heavy read traffic. You are planning on creating read replicas. When using Amazon RDS with Read Replicas, which of the deployment options below are valid? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Within an Availability Zone\xa0 \xa0 </p>', '<p>Cross-Continent\xa0 \xa0 </p>', '<p>Cross-Availability Zone\xa0 \xa0 </p>', '<p>Cross-subnet</p>', '<p>Cross-Facility\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232513, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'c'], 'question_plain': 'An RDS database is experiencing heavy read traffic. You are planning on creating read replicas. When using Amazon RDS with Read Replicas, which of the deployment options below are valid? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877762, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>If using an ELB it is best to enable ELB health checks as otherwise EC2 status checks may show an instance as being healthy that the ELB has determined is unhealthy. In this case the instance will be removed from service by the ELB but will not be terminated by Auto Scaling</li> \t<li>Connection draining is not the correct answer as the ELB has taken the instance out of service so there are no active connections</li> \t<li>The health check grace period allows a period of time for a new instance to warm up before performing a health check</li> \t<li>More information on ASG health checks: <ul> \t<li>By default uses EC2 status checks</li> \t<li>Can also use ELB health checks and custom health checks</li> \t<li>ELB health checks are in addition to the EC2 status checks</li> \t<li>If any health check returns an unhealthy status the instance will be terminated</li> \t<li>With ELB an instance is marked as unhealthy if ELB reports it as OutOfService</li> \t<li>A healthy instance enters the InService state</li> \t<li>If an instance is marked as unhealthy it will be scheduled for replacement</li> \t<li>If connection draining is enabled, Auto Scaling waits for in-flight requests to complete or timeout before terminating instances</li> \t<li>The health check grace period allows a period of time for a new instance to warm up before performing a health check (300 seconds by default)</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>You are running an Auto Scaling Group (ASG) with an Elastic Load Balancer (ELB) and a fleet of EC2 instances. Health checks are configured on the ASG to use EC2 status checks The ELB has determined that an EC2 instance is unhealthy and has removed it from service. However, you noticed that the instance is still running and has not been terminated by the ASG. What would be an explanation for this?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The ASG is waiting for the cooldown timer to expire before terminating the instance\xa0 \xa0 </p>', '<p>Connection draining is enabled and the ASG is waiting for in-flight requests to complete\xa0 \xa0 </p>', '<p>The ELB health check type has not been selected for the ASG and so it is unaware that the instance has been determined to be unhealthy by the ELB and has been removed from service\xa0 \xa0 </p>', '<p>The health check grace period has not yet expired\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232515, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You are running an Auto Scaling Group (ASG) with an Elastic Load Balancer (ELB) and a fleet of EC2 instances. Health checks are configured on the ASG to use EC2 status checks The ELB has determined that an EC2 instance is unhealthy and has removed it from service. However, you noticed that the instance is still running and has not been terminated by the ASG. What would be an explanation for this?'}, {'_class': 'assessment', 'original_assessment_id': 4877774, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Elastic Beanstalk can be used to quickly deploy and manage applications in the AWS Cloud</li> \t<li>Developers upload applications and Elastic Beanstalk handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring</li> \t<li>Elastic Beanstalk supports applications developed in Go, Java, .NET, Node.js, PHP, Python, and Ruby, as well as different platform configurations for each language</li> \t<li>To use Elastic Beanstalk, you create an application, upload an application version in the form of an application source bundle (for example, a Java .war file) to Elastic Beanstalk, and then provide some information about the application</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-elastic-beanstalk/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-elastic-beanstalk/</a></li> \t<li><a href="https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/Welcome.html">https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/Welcome.html</a></li>', 'question': '<p>The application development team in your company have developed a Java application and saved the source code in a .war file. They would like to run the application on AWS resources and are looking for a service that can handle the \xa0\xa0\xa0 provisioning and management of the underlying resources it will run on.</p><p>What AWS service would allow the developers to upload the Java source code file and provide capacity provisioning and infrastructure management?</p>', 'relatedLectureIds': '', 'answers': ['<p>AWS CodeDeploy\xa0 \xa0 </p>', '<p>AWS Elastic Beanstalk\xa0 \xa0 </p>', '<p>AWS CloudFormation\xa0 \xa0 </p>', '<p>AWS OpsWorks\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232517, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'The application development team in your company have developed a Java application and saved the source code in a .war file. They would like to run the application on AWS resources and are looking for a service that can handle the \xa0\xa0\xa0 provisioning and management of the underlying resources it will run on.What AWS service would allow the developers to upload the Java source code file and provide capacity provisioning and infrastructure management?'}, {'_class': 'assessment', 'original_assessment_id': 4877782, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EBS optimized instances provide dedicated capacity for Amazon EBS I/O</li> \t<li>EBS optimized instances are designed for use with all EBS volume types</li> \t<li>RAID can be used to increase IOPS</li> \t<li>RAID 0 = 0 striping – data is written across multiple disks and increases performance but no redundancy</li> \t<li>RAID 1 = 1 mirroring – creates 2 copies of the data but does not increase performance, only redundancy</li> \t<li>SSD, Provisioned IOPS – I01 provides high performance with configurable IOPS</li> \t<li>HDD, Cold – (SC1) provides the lowest cost storage and low performance</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You are running a database on an EC2 instance in your VPC. The load on the DB is increasing and you have noticed that the performance has been impacted. Which of the options below would help to increase storage performance? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use EBS optimized instances\xa0 \xa0 </p>', '<p>Use a larger instance size within the instance family\xa0 \xa0 </p>', '<p>Create a RAID 1 array from multiple EBS volumes\xa0 \xa0 </p>', '<p>Use Provisioned IOPS (I01) EBS volumes\xa0 \xa0 </p>', '<p>Use HDD, Cold (SC1) EBS volumes\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232519, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'd'], 'question_plain': 'You are running a database on an EC2 instance in your VPC. The load on the DB is increasing and you have noticed that the performance has been impacted. Which of the options below would help to increase storage performance? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877788, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>RDS fully supports the InnoDB storage engine for MySQL DB instances</li> \t<li>RDS features such as Point-In-Time restore and snapshot restore require a recoverable storage engine and are supported for the InnoDB storage engine only</li> \t<li>Automated backups and snapshots are not supported for MyISAM</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html">https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>When using the MySQL database with AWS RDS, features such as Point-In-Time restore and snapshot restore require a recoverable storage engine. Which storage engine must be used to enable these features?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>MyISAM\xa0 \xa0 </p>', '<p>InnoDB\xa0 \xa0 </p>', '<p>Federated\xa0 \xa0 </p>', '<p>Memory</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232521, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'When using the MySQL database with AWS RDS, features such as Point-In-Time restore and snapshot restore require a recoverable storage engine. Which storage engine must be used to enable these features?'}, {'_class': 'assessment', 'original_assessment_id': 4877794, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>If you have an Auto Scaling group and need to change which type of monitoring is enabled for your Auto Scaling instances, you must create a new launch configuration and update the Auto Scaling group to use this launch configuration</li> \t<li>After that, the instances that the Auto Scaling group launches will use the updated monitoring type</li> \t<li>If you have CloudWatch alarms associated with your Auto Scaling group, use the put-metric-alarm command to update each alarm so that its period matches the monitoring type (300 seconds for basic monitoring and 60 seconds for detailed monitoring)</li> \t<li>If you change from detailed monitoring to basic monitoring but do not update your alarms to match the five-minute period, they continue to check for statistics every minute and might find no data available for as many as four out of every five periods</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-monitoring.html#as-group-metrics">https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-monitoring.html#as-group-metrics</a></li> </ul>', 'question': '<p>You have associated a new launch configuration to your Auto Scaling Group (ASG) which runs a fleet of EC2 instances. The new launch configuration changes monitoring from detailed to basic. There are a couple of CloudWatch alarms configured on the ASG which monitor every 60 seconds. There is a mismatch in frequency of metric reporting between these configuration settings, what will be the result?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The EC2 metrics will be updated automatically to match the frequency of the alarms and send updates every 60 seconds\xa0 \xa0 </p>', '<p>The alarm state will be immediately set to INSUFFICIENT_DATA\xa0 \xa0 </p>', '<p>If you do not update your alarms to match the five-minute period, they continue to check for statistics every minute and might find no data available for as many as four out of every five periods\xa0 \xa0 </p>', '<p>The ASG will automatically update the frequency of the alarms to 300 seconds to match the EC2 monitoring in the launch configuration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232523, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You have associated a new launch configuration to your Auto Scaling Group (ASG) which runs a fleet of EC2 instances. The new launch configuration changes monitoring from detailed to basic. There are a couple of CloudWatch alarms configured on the ASG which monitor every 60 seconds. There is a mismatch in frequency of metric reporting between these configuration settings, what will be the result?'}, {'_class': 'assessment', 'original_assessment_id': 4877800, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>The 2xlarge instance type provides more CPUs. The best answer is to use this instance type for all instances</li> \t<li>A placement group helps provide low-latency connectivity between instances and would not help here</li> \t<li>The weighted routing policy is a Route 53 feature that would not assist in this situation</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul>', 'question': '<p>One of you clients has asked for assistance with a performance issue they are experiencing. The client has a fleet of EC2 instances behind an Elastic Load Balancer (ELB) that are a mixture of c4.2xlarge instance types and c5.large instances. The load on the CPUs on the c5.large instances has been very high, often hitting 100% utilization, whereas the c4.2xlarge instances have been performing well. The client has asked for advice on the most cost effective way to resolve the performance problems?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Add more c5.large instances to spread the load more evenly\xa0 \xa0 </p>', '<p>Change the configuration to use only c4.2xlarge instance types\xa0 \xa0 </p>', '<p>Add all of the instances into a Placement Group\xa0 \xa0 </p>', '<p>Enable the weighted routing policy on the ELB and configure a higher weighting for the c4.2xlarge instances\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232525, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'One of you clients has asked for assistance with a performance issue they are experiencing. The client has a fleet of EC2 instances behind an Elastic Load Balancer (ELB) that are a mixture of c4.2xlarge instance types and c5.large instances. The load on the CPUs on the c5.large instances has been very high, often hitting 100% utilization, whereas the c4.2xlarge instances have been performing well. The client has asked for advice on the most cost effective way to resolve the performance problems?'}, {'_class': 'assessment', 'original_assessment_id': 4877822, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Short Polling:</li> \t<li>- Does not wait for messages to appear in the queue</li> \t<li>- It queries only a subset of the available servers for messages (based on weighted random execution)</li> \t<li>- Short polling is the default</li> \t<li>- ReceiveMessageWaitTime is set to 0</li> \t<li>- More requests are used, which implies higher cost</li> \t<li>Long Polling:</li> \t<li>- Uses fewer requests and reduces cost</li> \t<li>- Eliminates false empty responses by querying all servers</li> \t<li>- SQS waits until a message is available in the queue before sending a response</li> \t<li>- Requests contain at least one of the available messages up to the maximum number of messages specified in the ReceiveMessage action</li> \t<li>- Shouldn’t be used if your application expects an immediate response to receive message calls</li> \t<li>- ReceiveMessageWaitTime is set to a non-zero value (up to 20 seconds)</li> \t<li>- Same charge per million requests as short polling</li> \t<li>Changing the queue type would not assist in this situation</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/application-integration/amazon-sqs/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-long-polling.html">https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-long-polling.html</a></li> </ul>', 'question': '<p>A web application you manage receives order processing information from customers and places the messages on an SQS queue. A fleet of EC2 instances are configured to pick up the messages, process them, and store the results in a DynamoDB table. The current configuration has been resulting in a large number of empty responses to ReceiveMessage requests. You would like to update the configuration to eliminate empty responses to reduce operational overhead. How can this be done?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Configure Long Polling to eliminate empty responses by allowing Amazon SQS to wait until a message is available in a queue before sending a response\xa0 \xa0 </p>', '<p>Configure Short Polling to eliminate empty responses by reducing the length of time a connection request remains open\xa0 \xa0 </p>', '<p>Use a FIFO (first-in-first-out) queue to preserve the exact order in which messages are sent and received\xa0 \xa0 </p>', '<p>Use a Standard queue to provide at-least-once delivery, which means that each message is delivered at least once\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232527, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a'], 'question_plain': 'A web application you manage receives order processing information from customers and places the messages on an SQS queue. A fleet of EC2 instances are configured to pick up the messages, process them, and store the results in a DynamoDB table. The current configuration has been resulting in a large number of empty responses to ReceiveMessage requests. You would like to update the configuration to eliminate empty responses to reduce operational overhead. How can this be done?'}, {'_class': 'assessment', 'original_assessment_id': 4877830, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Each instance that you launch has an associated root device volume, either an Amazon EBS volume or an instance store volume</li> \t<li>You can use block device mapping to specify additional EBS volumes or instance store volumes to attach to an instance when it\'s launched</li> \t<li>You can also attach additional EBS volumes to a running instance</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You need to launch a series of EC2 instances with multiple attached volumes by modifying the block device mapping. Which block device can be specified in a block device mapping to be used with an EC2 instance? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Snapshot\xa0 \xa0 </p>', '<p>Instance store volume\xa0 \xa0 </p>', '<p>EBS volume\xa0 \xa0 </p>', '<p>EFS volume\xa0 \xa0 </p>', '<p>S3 bucket\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232529, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b', 'c'], 'question_plain': 'You need to launch a series of EC2 instances with multiple attached volumes by modifying the block device mapping. Which block device can be specified in a block device mapping to be used with an EC2 instance? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877836, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Custom security groups do not have inbound allow rules (all inbound traffic is denied by default)</li> \t<li>Default security groups do have inbound allow rules (allowing traffic from within the group)</li> \t<li>All outbound traffic is allowed by default in custom and default security groups</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>You have just created a new AWS account and selected the Asia Pacific (Sydney) region. Within the default VPC there is a default security group. What default settings are configured within this security group? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>There is an inbound rule that allows all traffic from the security group itself\xa0 \xa0 </p>', '<p>There is an inbound rule that allows all traffic from any address\xa0 \xa0 </p>', '<p>There is an outbound rule that allows all traffic to all addresses\xa0 \xa0 </p>', '<p>There is an outbound rule that allows all traffic to the security group itself\xa0 \xa0 </p>', '<p>There is an outbound rule that allows traffic to the VPC router\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232531, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'c'], 'question_plain': 'You have just created a new AWS account and selected the Asia Pacific (Sydney) region. Within the default VPC there is a default security group. What default settings are configured within this security group? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4877844, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Enhanced networking: <ul> \t<li>Enhanced networking provides higher bandwidth, higher packet-per-second (PPS) performance, and consistently lower inter-instance latencies</li> \t<li>If your packets-per-second rate appears to have reached its ceiling, you should consider moving to enhanced networking because you have likely reached the upper thresholds of the VIF driver</li> \t<li>AWS currently supports enhanced networking capabilities using SR-IOV</li> \t<li>SR-IOV provides direct access to network adapters, provides higher performance (packets-per-second) and lower latency</li> \t<li>Must launch an HVM AMI with the appropriate drivers</li> \t<li>Only available for certain instance types</li> \t<li>Only supported in VPC</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://aws.amazon.com/premiumsupport/knowledge-center/enable-configure-enhanced-networking/">https://aws.amazon.com/premiumsupport/knowledge-center/enable-configure-enhanced-networking/</a></li> </ul>', 'question': '<p>An EC2 instance you manage is generating very high packets-per-second and performance of the application stack is being impacted. You have been asked for a resolution to the issue that results in improved performance from the EC2 instance. What would you suggest?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Configure a RAID 1 array from multiple EBS volumes\xa0 \xa0 </p>', '<p>Create a placement group and put the EC2 instance in it\xa0 \xa0 </p>', '<p>Use enhanced networking\xa0 \xa0 </p>', '<p>Add multiple Elastic IP addresses to the instance\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232533, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'An EC2 instance you manage is generating very high packets-per-second and performance of the application stack is being impacted. You have been asked for a resolution to the issue that results in improved performance from the EC2 instance. What would you suggest?'}, {'_class': 'assessment', 'original_assessment_id': 4877856, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Active Directory Service for Microsoft Active Directory: <ul> \t<li>Fully managed AWS service on AWS infrastructure</li> \t<li>Best choice if you have more than 5000 users and/or need a trust relationship set up</li> \t<li>You can setup trust relationships to extend authentication from on-premises Active Directories into the AWS cloud</li> \t<li>On-premise users and groups can access resources in either domain using SSO</li> \t<li>Enterprise Edition for large organizations up to 50,000 objects</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/security-identity-compliance/aws-directory-service/</a></li> </ul>', 'question': '<p>You work as an Enterprise Architect for a global organization which employs 20,000 people. The company is growing at around 5% per annum. The company strategy is to increasingly adopt AWS cloud services. There is an existing Microsoft Active Directory (AD) service that is used as the on-premise identity and access management system. You want to enable users to authenticate using their existing identities and access AWS resources (including the AWS Management Console) using single sign-on (SSO).</p><p>How can you continue to utilize the on-premise AD for all authentication when consuming AWS cloud services?</p>', 'relatedLectureIds': '', 'answers': ['<p>Install a Microsoft Active Directory Domain Controller on AWS and add it into your existing on-premise domain\xa0 \xa0 </p>', '<p>Launch an Enterprise Edition AWS Active Directory Service for Microsoft Active Directory and setup trust relationships with your on-premise domain\xa0 \xa0 </p>', '<p>Use a large AWS Simple AD in AWS\xa0 \xa0 </p>', '<p>Launch a large AWS Directory Service AD Connector to proxy all authentication back to your on-premise AD service for authentication\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232535, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'You work as an Enterprise Architect for a global organization which employs 20,000 people. The company is growing at around 5% per annum. The company strategy is to increasingly adopt AWS cloud services. There is an existing Microsoft Active Directory (AD) service that is used as the on-premise identity and access management system. You want to enable users to authenticate using their existing identities and access AWS resources (including the AWS Management Console) using single sign-on (SSO).How can you continue to utilize the on-premise AD for all authentication when consuming AWS cloud services?'}, {'_class': 'assessment', 'original_assessment_id': 4877864, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Connection draining is enabled by default and provides a period of time for existing connections to close cleanly</li> \t<li>When connection draining is in action an CLB will be in the status “InService: Instance deregistration currently in progress”</li> \t<li>Session stickiness uses cookies and ensures a client is bound to an individual back-end instance for the duration of the cookie lifetime</li> \t<li>Deletion protection is used to protect the ELB from deletion</li> \t<li>The Proxy Protocol header helps you identify the IP address of a client when you have a load balancer that uses TCP for back-end connections</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>One of your EC2 instances that is behind an Elastic Load Balancer (ELB) is in the process of being de-registered. Which ELB feature can be used to allow existing connections to close cleanly?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Sticky Sessions\xa0 \xa0 </p>', '<p>Deletion Protection\xa0 \xa0 </p>', '<p>Connection Draining\xa0 \xa0 </p>', '<p>Proxy Protocol\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232537, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'One of your EC2 instances that is behind an Elastic Load Balancer (ELB) is in the process of being de-registered. Which ELB feature can be used to allow existing connections to close cleanly?'}, {'_class': 'assessment', 'original_assessment_id': 4878002, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Availability Zones are distinct locations that are engineered to be isolated from failures in other Availability Zones</li> \t<li>Availability Zones are connected with low latency, high throughput, and highly redundant networking</li> \t<li>With EC2 you have full control at the operating system layer</li> \t<li>RDS is a fully managed service and you do not have access to the underlying EC2 instance (no root access)</li> \t<li>Multi-AZ RDS creates a replica in another AZ and synchronously replicates to it (DR only)</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>As a Solutions Architect at Digital Cloud Guru you are helping a client to design a multi-tier web application architecture. The client has requested that the architecture provide low-latency connectivity between all servers and be resilient across multiple locations. The client uses Microsoft SQL Server for existing databases. The client does not want to manage the underlying operating system of the database.</p><p>How would you recommend the database tier is deployed?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon EC2 instances with Microsoft SQL Server and data replication within an AZ\xa0 \xa0 </p>', '<p>Amazon EC2 instances with Microsoft SQL Server and data replication between two different AZs\xa0 \xa0 </p>', '<p>Amazon RDS with Microsoft SQL Server\xa0 \xa0 </p>', '<p>Amazon RDS with Microsoft SQL Server in a Multi-AZ configuration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232539, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['d'], 'question_plain': 'As a Solutions Architect at Digital Cloud Guru you are helping a client to design a multi-tier web application architecture. The client has requested that the architecture provide low-latency connectivity between all servers and be resilient across multiple locations. The client uses Microsoft SQL Server for existing databases. The client does not want to manage the underlying operating system of the database.How would you recommend the database tier is deployed?'}, {'_class': 'assessment', 'original_assessment_id': 4878144, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Read replicas are used for read heavy DBs and replication is asynchronous</li> \t<li>Read replicas are for workload sharing and offloading</li> \t<li>Read replicas can be in another region (uses asynchronous replication)</li> \t<li>RDS with Multi-AZ is within a region only</li> \t<li>DynamoDB with Global Tables and Cross Region Replication is a multi-master database configuration</li> \t<li>EC2 instances with EBS replication is not a suitable solution</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> </ul>', 'question': '<p>You are a Solutions Architect at Digital Cloud Guru. A large multi-national client has requested a design for a multi-region database. The master database will be in the EU (Frankfurt) region and databases will be located in 4 other regions to service local read traffic. The database should be a fully managed service including the replication.</p><p>Which AWS service can deliver these requirements?</p>', 'relatedLectureIds': '', 'answers': ['<p>RDS with Multi-AZ\xa0 \xa0 </p>', '<p>RDS with cross-region Read Replicas\xa0 \xa0 </p>', '<p>DynamoDB with Global Tables and Cross Region Replication\xa0 \xa0 </p>', '<p>EC2 instances with EBS replication\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232541, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'You are a Solutions Architect at Digital Cloud Guru. A large multi-national client has requested a design for a multi-region database. The master database will be in the EU (Frankfurt) region and databases will be located in 4 other regions to service local read traffic. The database should be a fully managed service including the replication.Which AWS service can deliver these requirements?'}, {'_class': 'assessment', 'original_assessment_id': 4878148, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>With ALB and NLB IP addresses can be used to register: <ul> \t<li>Instances in a peered VPC</li> \t<li>AWS resources that are addressable by IP address and port</li> \t<li>On-premises resources linked to AWS through Direct Connect or a VPN connection</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/blogs/aws/new-application-load-balancing-via-ip-address-to-aws-on-premises-resources/">https://aws.amazon.com/blogs/aws/new-application-load-balancing-via-ip-address-to-aws-on-premises-resources/</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>One of your clients has multiple VPCs that are peered with each other. The client would like to use a single Elastic Load Balancer (ELB) to route traffic to multiple EC2 instances in peered VPCs within the same region. Is this possible?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>No, the instances that an ELB routes traffic to must be in the same VPC\xa0 \xa0 </p>', '<p>This is possible using the Classic Load Balancer (CLB) if using Instance IDs\xa0 \xa0 </p>', '<p>This is not possible with ELB, you would need to use Route 53\xa0 \xa0 </p>', '<p>This is possible using the Network Load Balancer (NLB) and Application Load Balancer (ALB) if using IP addresses as targets\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232543, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['d'], 'question_plain': 'One of your clients has multiple VPCs that are peered with each other. The client would like to use a single Elastic Load Balancer (ELB) to route traffic to multiple EC2 instances in peered VPCs within the same region. Is this possible?'}, {'_class': 'assessment', 'original_assessment_id': 4878154, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS CloudHSM is a cloud-based hardware security module (HSM) that allows you to easily add secure key storage and high-performance crypto operations to your AWS applications</li> \t<li>CloudHSM has no upfront costs and provides the ability to start and stop HSMs on-demand, allowing you to provision capacity when and where it is needed quickly and cost-effectively</li> \t<li>CloudHSM is a managed service that automates time-consuming administrative tasks, such as hardware provisioning, software patching, high availability, and backups</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/cloudhsm/details/">https://aws.amazon.com/cloudhsm/details/</a></li> </ul>', 'question': '<p>Your manager has asked you to explain some of the security features available in the AWS cloud. How can you describe the function of Amazon CloudHSM?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>It is a Public Key Infrastructure (PKI)\xa0 \xa0 </p>', '<p>It provides server-side encryption for S3 objects\xa0 \xa0 </p>', '<p>It can be used to generate, use and manage encryption keys in the cloud\xa0 \xa0 </p>', '<p>It is a firewall for use with web applications\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232545, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'Your manager has asked you to explain some of the security features available in the AWS cloud. How can you describe the function of Amazon CloudHSM?'}, {'_class': 'assessment', 'original_assessment_id': 4878162, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>In general, when your object size reaches 100 MB, you should consider using multipart uploads instead of uploading the object in a single operation</li> \t<li>The largest object that can be uploaded in a single PUT is 5 gigabytes</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html">https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> </ul>', 'question': '<p>You need to upload a large (2GB) file to an S3 bucket. What is the recommended way to upload a single large file to an S3 bucket?</p>', 'relatedLectureIds': '', 'answers': ['<p>Use Amazon Snowball\xa0 \xa0 </p>', '<p>Use a single PUT request to upload the large file\xa0 \xa0 </p>', '<p>Use Multipart Upload\xa0 \xa0 </p>', '<p>Use AWS Import/Export\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232547, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You need to upload a large (2GB) file to an S3 bucket. What is the recommended way to upload a single large file to an S3 bucket?'}, {'_class': 'assessment', 'original_assessment_id': 4878168, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>To manage your objects so that they are stored cost effectively throughout their lifecycle, configure their lifecycle</li> \t<li>A lifecycle configuration is a set of rules that define actions that Amazon S3 applies to a group of objects</li> \t<li>Transition actions define when objects transition to another storage class</li> \t<li>For example, you might choose to transition objects to the STANDARD_IA storage class 30 days after you created them, or archive objects to the GLACIER storage class one year after creating them</li> \t<li>STANDARD_IA is good for infrequently accessed data and provides faster access times than GLACIER but is more expensive so not the best option here</li> \t<li>GLACIER retrieval times: <ul> \t<li>Standard retrieval is 3-5 hours which is well within the requirements here</li> \t<li>You can use Expedited retrievals to access data in 1 – 5 minutes</li> \t<li>You can use Bulk retrievals to access up to petabytes of data in approximately 5 – 12 hours</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/storage/amazon-s3/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html">https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html</a></li> \t<li><a href="https://aws.amazon.com/about-aws/whats-new/2016/11/access-your-amazon-glacier-data-in-minutes-with-new-retrieval-options/">https://aws.amazon.com/about-aws/whats-new/2016/11/access-your-amazon-glacier-data-in-minutes-with-new-retrieval-options/</a></li> </ul>', 'question': '<p>One of the departments in your company has been generating a large amount of data on S3 and you are considering the increasing costs of hosting it. You have discussed the matter with the department head and he explained that data older than 90 days is rarely accessed but must be retained for several years. If this data does need to be accessed at least 24 hours notice will be provided.</p><p>How can you optimize the costs associated with storage of this data whilst ensuring it is accessible if required?</p>', 'relatedLectureIds': '', 'answers': ['<p>Select the older data and manually migrate it to GLACIER\xa0 \xa0 </p>', '<p>Use S3 lifecycle policies to move data to GLACIER after 90 days\xa0 \xa0 </p>', '<p>Use S3 lifecycle policies to move data to the STANDARD_IA storage class\xa0 \xa0 </p>', '<p>Implement archival software that automatically moves the data to tape\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232549, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'One of the departments in your company has been generating a large amount of data on S3 and you are considering the increasing costs of hosting it. You have discussed the matter with the department head and he explained that data older than 90 days is rarely accessed but must be retained for several years. If this data does need to be accessed at least 24 hours notice will be provided.How can you optimize the costs associated with storage of this data whilst ensuring it is accessible if required?'}, {'_class': 'assessment', 'original_assessment_id': 4878204, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Restored DBs will always be a new RDS instance with a new DNS endpoint</li> \t<li>Can restore up to the last 5 minutes</li> \t<li>You cannot restore from a DB snapshot to an existing DB – a new instance is created when you restore</li> \t<li>Only default DB parameters and security groups are restored – you must manually associate all other DB parameters and SGs</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-rds/</a></li> \t<li><a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html">https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html</a></li> </ul>', 'question': '<p>Some data has become corrupt in an RDS database you manage. You are planning to use point-in-time restore to recover the data to the last known good configuration. Which of the following statements is correct about restoring an RDS database to a specific point-in-time? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The database restore overwrites the existing database\xa0 \xa0 </p>', '<p>The default DB security group is applied to the new DB instance\xa0 \xa0 </p>', '<p>Custom DB security groups are applied to the new DB instance\xa0 \xa0 </p>', '<p>You can restore up to the last 5 minutes\xa0 \xa0 </p>', '<p>You can restore up to the last 1 minute\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232551, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b', 'd'], 'question_plain': 'Some data has become corrupt in an RDS database you manage. You are planning to use point-in-time restore to recover the data to the last known good configuration. Which of the following statements is correct about restoring an RDS database to a specific point-in-time? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4878212, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Basic monitoring sends EC2 metrics to CloudWatch about ASG instances every 5 minutes</li> \t<li>Detailed can be enabled and sends metrics every 1 minute (chargeable)</li> \t<li>When the launch configuration is created from the CLI detailed monitoring of EC2 instances is enabled by default</li> \t<li>You cannot edit a launch configuration once defined</li> \t<li>If you want to change your launch configuration you have to create a new one, make the required changes, and use that with your auto scaling groups</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>You have created an Auto Scaling Group (ASG) that has launched several EC2 instances running Linux. The ASG was created using the CLI. You want to ensure that you do not pay for monitoring. What needs to be done to ensure that monitoring is free of charge?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>The launch configuration will have been created with basic monitoring enabled which is free of charge so you do not need to do anything\xa0 \xa0 </p>', '<p>The launch configuration will have been created with detailed monitoring enabled which is chargeable. You will need to change the settings on the launch configuration\xa0 \xa0 </p>', '<p>The launch configuration will have been created with detailed monitoring enabled which is chargeable. You will need to recreate the launch configuration with basic monitoring enabled\xa0 \xa0 </p>', '<p>The launch configuration will have been created with detailed monitoring enabled which is chargeable. You will need to modify the settings on the ASG\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232553, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You have created an Auto Scaling Group (ASG) that has launched several EC2 instances running Linux. The ASG was created using the CLI. You want to ensure that you do not pay for monitoring. What needs to be done to ensure that monitoring is free of charge?'}, {'_class': 'assessment', 'original_assessment_id': 4878224, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>You can automate your serverless application’s release process using AWS CodePipeline and AWS CodeDeploy</li> \t<li>The following AWS services can be used to fully automate the deployment process: <ul> \t<li>You use CodePipeline to model, visualize, and automate the steps required to release your serverless application</li> \t<li>You use AWS CodeDeploy to gradually deploy updates to your serverless applications</li> \t<li>You use CodeBuild to build, locally test, and package your serverless application</li> \t<li>You use AWS CloudFormation to deploy your application</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-lambda/</a></li> \t<li><a href="https://docs.aws.amazon.com/lambda/latest/dg/build-pipeline.html">https://docs.aws.amazon.com/lambda/latest/dg/build-pipeline.html</a></li> </ul>', 'question': '<p>A developer is writing code for AWS Lambda and is looking to automate the release process. Which AWS services can be used to automate the release process of Lambda applications? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>AWS CodePipeline\xa0 \xa0 </p>', '<p>AWS Cognito\xa0 \xa0 </p>', '<p>AWS CodeDeploy\xa0 \xa0 </p>', '<p>AWS OpsWorks\xa0 \xa0 </p>', '<p>AWS\xa0Glue</p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232555, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'c'], 'question_plain': 'A developer is writing code for AWS Lambda and is looking to automate the release process. Which AWS services can be used to automate the release process of Lambda applications? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 4878232, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Simple – maintains a current number of instances, you can manually change the ASGs min/desired/max and attach/detach instances</li> \t<li>Scheduled – Used for predictable load changes, can be a single event or a recurring schedule</li> \t<li>Dynamic (event based) – scale in response to an event/alarm</li> \t<li>Step – configure multiple scaling steps in response to multiple alarms</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/aws-auto-scaling/</a></li> </ul>', 'question': '<p>One of the applications you manage receives a high traffic loads between 7:30am and 9:30am daily. The application uses an Auto Scaling Group (ASG) to maintain 3 EC2 instances most of the time but during the peak period requires 6 EC2 instances. How can you configure ASG to perform a regular scale-out event at 7:30am and a scale-in event at 9:30am daily to account for the peak load?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Use a Simple scaling policy\xa0 \xa0 </p>', '<p>Use a Scheduled scaling policy\xa0 \xa0 </p>', '<p>Use a Dynamic scaling policy\xa0 \xa0 </p>', '<p>Use a Step scaling policy\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232557, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'One of the applications you manage receives a high traffic loads between 7:30am and 9:30am daily. The application uses an Auto Scaling Group (ASG) to maintain 3 EC2 instances most of the time but during the peak period requires 6 EC2 instances. How can you configure ASG to perform a regular scale-out event at 7:30am and a scale-in event at 9:30am daily to account for the peak load?'}, {'_class': 'assessment', 'original_assessment_id': 4878242, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Network Load Balancer: <ul> \t<li>Operates at the connection level (Layer 4), routing connections to targets – Amazon EC2 instances, containers and IP addresses based on IP protocol data</li> \t<li>It is architected to handle millions of requests/sec, sudden volatile traffic patterns and provides extremely low latencies</li> \t<li>High throughput – designed to handle traffic as it grows and can load balance millions of requests/second</li> \t<li>Extremely low latencies for latency-sensitive applications</li> \t<li>Supports load balancing to multiple ports on an instance</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>One of your clients has requested advice on the correct choice of Elastic Load Balancer (ELB) for an application they are planning to deploy on AWS. The application requires extremely high throughput and extremely low latencies. The connections will be made using the TCP protocol and the ELB must support load balancing to multiple ports on an instance. Which ELB would you suggest the client uses?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Classic Load Balancer\xa0 \xa0 </p>', '<p>Application Load Balancer\xa0 \xa0 </p>', '<p>Network Load Balancer\xa0 \xa0 </p>', '<p>Route 53\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232559, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'One of your clients has requested advice on the correct choice of Elastic Load Balancer (ELB) for an application they are planning to deploy on AWS. The application requires extremely high throughput and extremely low latencies. The connections will be made using the TCP protocol and the ELB must support load balancing to multiple ports on an instance. Which ELB would you suggest the client uses?'}, {'_class': 'assessment', 'original_assessment_id': 4878254, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Moving logs to Glacier may save cost but the questions requests that the files are permanently deleted</li> \t<li>Object Expiration allows you to schedule removal of your objects after a defined time period</li> \t<li>Using Object Expiration rules to schedule periodic removal of objects eliminates the need to build processes to identify objects for deletion and submit delete requests to Amazon S3</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/about-aws/whats-new/2011/12/27/amazon-s3-announces-object-expiration/">https://aws.amazon.com/about-aws/whats-new/2011/12/27/amazon-s3-announces-object-expiration/</a></li> \t<li><a href="https://aws.amazon.com/about-aws/whats-new/2011/12/27/amazon-s3-announces-object-expiration/">https://aws.amazon.com/about-aws/whats-new/2011/12/27/amazon-s3-announces-object-expiration/</a></li> </ul>', 'question': '<p>Your company runs a web-based application that uses EC2 instances for the web front-end and RDS for the database back-end. The web application writes transaction log files to an S3 bucket and the quantity of files is becoming quite large. You have determined that it is acceptable to retain the most recent 60 days of log files and permanently delete the rest. What can you do to enable this to happen automatically?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Write a Ruby script that checks the age of objects and deletes any that are more than 60 days old\xa0 \xa0 </p>', '<p>Use an S3 lifecycle policy to move the log files that are more than 60 days old to the GLACIER storage class\xa0 \xa0 </p>', '<p>Use an S3 lifecycle policy with object expiration configured to automatically remove objects that are more than 60 days old\xa0 \xa0 </p>', '<p>Use an S3 bucket policy that deletes objects that are more than 60 days old\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232561, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'Your company runs a web-based application that uses EC2 instances for the web front-end and RDS for the database back-end. The web application writes transaction log files to an S3 bucket and the quantity of files is becoming quite large. You have determined that it is acceptable to retain the most recent 60 days of log files and permanently delete the rest. What can you do to enable this to happen automatically?'}, {'_class': 'assessment', 'original_assessment_id': 4878262, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Route tables determine where network traffic is directed</li> \t<li>In your route table, you must add a route for your remote network and specify the virtual private gateway as the target</li> \t<li>This enables traffic from your VPC that\'s destined for your remote network to route via the virtual private gateway and over one of the VPN tunnels</li> \t<li>You can enable route propagation for your route table to automatically propagate your network routes to the table for you</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/vpc/latest/userguide/VPC_VPN.html">https://docs.aws.amazon.com/vpc/latest/userguide/VPC_VPN.html</a></li> </ul>', 'question': '<p>You are putting together the architecture for a new VPC on AWS. Your on-premise data center will be connected to the VPC by a hardware VPN and has public and VPN-only subnets. The security team have requested that all traffic that hits the public subnets on AWS must be directed over the VPN to the corporate firewall. How can this be achieved?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Configure another VPN connection from the public subnet directly to the customer gateway\xa0 \xa0 </p>', '<p>Configure a NAT Gateway and configure all traffic to be directed via the virtual private gateway\xa0 \xa0 </p>', '<p>In the public subnet route table, add a route for your remote network and specify the virtual private gateway as the target\xa0 \xa0 </p>', '<p>In the VPN-only subnet route table, add a route that directs all Internet traffic to the virtual private gateway\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232563, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You are putting together the architecture for a new VPC on AWS. Your on-premise data center will be connected to the VPC by a hardware VPN and has public and VPN-only subnets. The security team have requested that all traffic that hits the public subnets on AWS must be directed over the VPN to the corporate firewall. How can this be achieved?'}, {'_class': 'assessment', 'original_assessment_id': 4878270, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>EBS Throughput Optimized HDD: <ul> \t<li>Frequently accessed, throughput intensive workloads with large datasets and large I/O sizes, such as MapReduce, Kafka, log processing, data warehouse, and ETL workloads</li> \t<li>Throughput measured in MB/s, and includes the ability to burst up to 250 MB/s per TB, with a baseline throughput of 40 MB/s per TB and a maximum throughput of 500 MB/s per volume</li> </ul> </li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ebs/</a></li> </ul>', 'question': '<p>You are designing the disk configuration for an EC2 instance. The instance needs to support a MapReduce process that requires high throughput for a large dataset with large I/O sizes. You need to provision the most cost-effective storage solution option.</p><p>What EBS volume type will you select?</p>', 'relatedLectureIds': '', 'answers': ['<p>EBS General Purpose SSD\xa0 \xa0 </p>', '<p>EBS Provisioned IOPS SSD\xa0 \xa0 </p>', '<p>EBS Throughput Optimized HDD\xa0 \xa0 </p>', '<p>EBS General Purpose SSD in a RAID 1 configuration\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232565, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'You are designing the disk configuration for an EC2 instance. The instance needs to support a MapReduce process that requires high throughput for a large dataset with large I/O sizes. You need to provision the most cost-effective storage solution option.What EBS volume type will you select?'}, {'_class': 'assessment', 'original_assessment_id': 4878296, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Instance metadata is data about your instance that you can use to configure or manage the running instance</li> \t<li>Instance metadata is available at http://169.254.169.254/latest/meta-data</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> \t<li><a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories</a></li> </ul>', 'question': '<p>In your VPC you have several EC2 instances that have been running for some time. You have logged into an instance and need to determine a few pieces of information including what IAM role is assigned, the instance ID and the names of the security groups that are assigned to the instance.</p><p>From the options below, what would be a source of this information?</p>', 'relatedLectureIds': '', 'answers': ['<p>Tags\xa0 \xa0 </p>', '<p>Parameters\xa0 \xa0 </p>', '<p>User data\xa0 \xa0 </p>', '<p>Metadata\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232567, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['d'], 'question_plain': 'In your VPC you have several EC2 instances that have been running for some time. You have logged into an instance and need to determine a few pieces of information including what IAM role is assigned, the instance ID and the names of the security groups that are assigned to the instance.From the options below, what would be a source of this information?'}, {'_class': 'assessment', 'original_assessment_id': 4878304, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>RIs provide you with a significant discount (up to 75%) compared to On-Demand instance pricing</li> \t<li>You have the flexibility to change families, OS types, and tenancies while benefitting from RI pricing when you use Convertible RIs</li> \t<li>In this scenario for a stable process that will run constantly on an ongoing basis RIs will be the most affordable solution</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/amazon-ec2/</a></li> </ul> <ul> \t<li><a href="https://aws.amazon.com/ec2/pricing/reserved-instances/">https://aws.amazon.com/ec2/pricing/reserved-instances/</a></li> </ul>', 'question': '<p>You need to run a production process that will use several EC2 instances and run constantly on an ongoing basis. The process cannot be interrupted or restarted without issue. What EC2 pricing model would be best for this workload?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Reserved instances\xa0 \xa0 </p>', '<p>Spot instances\xa0 \xa0 </p>', '<p>On-demand instances\xa0 \xa0 </p>', '<p>Flexible instances\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232569, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a'], 'question_plain': 'You need to run a production process that will use several EC2 instances and run constantly on an ongoing basis. The process cannot be interrupted or restarted without issue. What EC2 pricing model would be best for this workload?'}, {'_class': 'assessment', 'original_assessment_id': 4878322, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>When you launch an instance into a default VPC, we provide the instance with public and private DNS hostnames that correspond to the public IPv4 and private IPv4 addresses for the instance</li> \t<li>When you launch an instance into a nondefault VPC, we provide the instance with a private DNS hostname and we might provide a public DNS hostname, depending on the DNS attributes you specify for the VPC and if your instance has a public IPv4 address</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html">https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html</a></li> </ul>', 'question': '<p>You have launched an EC2 instance into a VPC. You need to ensure that instances have both a private and public DNS hostname. Assuming you did not change any settings during creation of the VPC, how will DNS hostnames be assigned by default? (choose 2)\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>In a default VPC instances will be assigned a public and private DNS hostname\xa0 \xa0 </p>', '<p>In a non-default VPC instances will be assigned a public and private DNS hostname\xa0 \xa0 </p>', '<p>In a default VPC instances will be assigned a private but not a public DNS hostname\xa0 \xa0 </p>', '<p>In a non-default VPC instances will be assigned a private but not a public DNS hostname\xa0 \xa0 </p>', '<p>In all VPCs instances no DNS hostnames will be assigned\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232571, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['a', 'd'], 'question_plain': 'You have launched an EC2 instance into a VPC. You need to ensure that instances have both a private and public DNS hostname. Assuming you did not change any settings during creation of the VPC, how will DNS hostnames be assigned by default? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995504, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Spot pricing may be the most economical option for a short duration over a weekend but you may have the instances terminated by AWS and there is a requirement that the servers run uninterrupted</li> \t<li>On-Demand pricing ensures that instances will not be terminated and is the most economical option</li> \t<li>Reserved pricing provides a reduced cost for a contracted period (1 or 3 years), and is not suitable for ad hoc requirements</li> \t<li>Dedicated instances run on hardware that\'s dedicated to a single customer and are more expensive than regular On-Demand instances</li> </ul> <strong>References:</strong><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/aws-opsworks/"></a> <ul> \t<li><a href="https://aws.amazon.com/ec2/pricing/">https://aws.amazon.com/ec2/pricing/</a></li> </ul>', 'question': '<p>A development team needs to run up a few lab servers on a weekend for a new project. The servers will need to run uninterrupted for a few hours. Which EC2 pricing option would be most suitable?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Spot\xa0 \xa0 </p>', '<p>Reserved</p>', '<p>On-Demand</p>', '<p>Dedicated instances</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232573, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'A development team needs to run up a few lab servers on a weekend for a new project. The servers will need to run uninterrupted for a few hours. Which EC2 pricing option would be most suitable?'}, {'_class': 'assessment', 'original_assessment_id': 5995508, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS IoT Core is a managed cloud service that lets connected devices easily and securely interact with cloud applications and other devices</li> \t<li>AWS Lambda lets you run code without provisioning or managing servers</li> \t<li>AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics</li> \t<li>AWS Database Migration Service helps you migrate databases to AWS quickly and securely</li> </ul> <strong>References:</strong><a href="https://aws.amazon.com/dynamodb/dax/"></a> <ul> \t<li><a href="https://aws.amazon.com/iot-core/">https://aws.amazon.com/iot-core/</a></li> </ul>', 'question': '<p>An organization in the agriculture sector is deploying sensors and smart devices around factory plants and fields. The devices will collect information and send it to cloud applications running on AWS. </p><p>Which AWS service will securely connect the devices to the cloud applications?</p>', 'relatedLectureIds': '', 'answers': ['<p>AWS Lambda\xa0 \xa0 </p>', '<p>AWS IoT Core\xa0 \xa0 </p>', '<p>AWS Glue\xa0 \xa0 </p>', '<p>AWS DMS\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232575, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['b'], 'question_plain': 'An organization in the agriculture sector is deploying sensors and smart devices around factory plants and fields. The devices will collect information and send it to cloud applications running on AWS. Which AWS service will securely connect the devices to the cloud applications?'}, {'_class': 'assessment', 'original_assessment_id': 5995510, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Zonal redundancy indicates that the architecture should be split across multiple Availability Zones</li> \t<li>Subnets are mapped 1:1 to AZs</li> \t<li>A public subnet should be used for the Internet-facing web servers and a separate private subnet should be used for the internal-only DB servers</li> \t<li>Therefore you need 4 subnets - 2 (for redundancy) per public/private subnet</li> </ul> <strong style="font-size: 18px;">References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-vpc/</a></li> </ul>', 'question': '<p>A Solutions Architect has created a VPC and is in the process of formulating the subnet design. The VPC will be used to host a two-tier application that will include Internet facing web servers, and internal-only DB servers. Zonal redundancy is required. </p><p>How many subnets are required to support this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>1 subnet</p>', '<p>2 subnets</p>', '<p>4 subnets</p>', '<p>6 subnets</p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232577, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['c'], 'question_plain': 'A Solutions Architect has created a VPC and is in the process of formulating the subnet design. The VPC will be used to host a two-tier application that will include Internet facing web servers, and internal-only DB servers. Zonal redundancy is required. How many subnets are required to support this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 5995512, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Serverless Application Model (AWS SAM) is an extension of AWS CloudFormation that is used to package, test, and deploy serverless applications</li> \t<li>With Amazon CloudWatch, you can access system metrics on all the AWS services you use, consolidate system and application level logs, and create business key performance indicators (KPIs) as custom metrics for your specific needs</li> \t<li>AWS Lambda is used for executing your code as functions, it is not used for packaging, testing and deployment. AWS Lambda is used with AWS SAM</li> \t<li>AWS X-Ray lets you analyze and debug serverless applications by providing distributed tracing and service maps to easily identify performance bottlenecks by visualizing a request end-to-end</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/lambda/latest/dg/serverless_app.html">https://docs.aws.amazon.com/lambda/latest/dg/serverless_app.html</a></li> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/management-tools/amazon-cloudwatch/</a></li> </ul>', 'question': '<p>A Solutions Architect is designing the system monitoring and deployment layers of a serverless application. The system monitoring layer will manage system visibility through recording logs and metrics and the deployment layer will deploy the application stack and manage workload changes through a release management process.</p><p>\xa0The Architect needs to select the most appropriate AWS services for these functions. Which services and frameworks should be used for the system monitoring and deployment layers? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Use AWS X-Ray to package, test, and deploy the serverless application stack\xa0 \xa0 </p>', '<p>Use Amazon CloudTrail for consolidating system and application logs and monitoring custom metrics\xa0 \xa0 </p>', '<p>Use AWS Lambda to package, test, and deploy the serverless application stack\xa0 \xa0 </p>', '<p>Use AWS SAM to package, test, and deploy the serverless application stack\xa0 \xa0 </p>', '<p>Use Amazon CloudWatch for consolidating system and application logs and monitoring custom metrics\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232579, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:27:59Z', 'created': '2018-11-26T03:27:59Z', 'correct_response': ['d', 'e'], 'question_plain': 'A Solutions Architect is designing the system monitoring and deployment layers of a serverless application. The system monitoring layer will manage system visibility through recording logs and metrics and the deployment layer will deploy the application stack and manage workload changes through a release management process.\xa0The Architect needs to select the most appropriate AWS services for these functions. Which services and frameworks should be used for the system monitoring and deployment layers? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995516, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>An inbound rule should be created for the relevant protocols (HTTP/HTTPS) and the source should be set to any address (0.0.0.0/0)</li> \t<li>The address 0.0.0.0/32 is incorrect as the 32 mask means an exact match is required (0.0.0.0)</li> \t<li>The outbound rule should forward the relevant protocols (HTTP/HTTPS) and the destination should be set to the web server security group</li> \t<li>Using the VPC CIDR would not be secure and you cannot specify an Internet Gateway in a security group (not that you\'d want to anyway)</li> \t<li>FYI on the web server security group you\'d want to add an Inbound rule allowing HTTP/HTTPS from the ELB security group</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/compute/elastic-load-balancing/</a></li> </ul>', 'question': '<p>A company is deploying a new two-tier web application that uses EC2 web servers and a DynamoDB database backend. An Internet facing ELB distributes connections between the web servers.</p><p>The Solutions Architect has created a security group for the web servers and needs to create a security group for the ELB. What rules should be added? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Add an Inbound rule that allows HTTP/HTTPS, and specify the source as 0.0.0.0/32\xa0 \xa0 </p>', '<p>Add an Inbound rule that allows HTTP/HTTPS, and specify the source as 0.0.0.0/0\xa0 \xa0 </p>', '<p>Add an Outbound rule that allows HTTP/HTTPS, and specify the destination as the web server security group\xa0 \xa0 \xa0</p>', '<p>Add an Outbound rule that allows HTTP/HTTPS, and specify the destination as VPC CIDR\xa0 \xa0 </p>', '<p>Add an Outbound rule that allows ALL TCP, and specify the destination as the Internet Gateway\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232581, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:28:00Z', 'created': '2018-11-26T03:28:00Z', 'correct_response': ['b', 'c'], 'question_plain': 'A company is deploying a new two-tier web application that uses EC2 web servers and a DynamoDB database backend. An Internet facing ELB distributes connections between the web servers.The Solutions Architect has created a security group for the web servers and needs to create a security group for the ELB. What rules should be added? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995520, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>AWS Batch eliminates the need to operate third-party commercial or open source batch processing solutions. There is no batch software or servers to install or manage. AWS Batch manages all the infrastructure for you, avoiding the complexities of provisioning, managing, monitoring, and scaling your batch computing jobs</li> \t<li>AWS Systems Manager gives you visibility and control of your infrastructure on AWS</li> \t<li>Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL</li> \t<li>Amazon Lex is a service for building conversational interfaces into any application using voice and text</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://aws.amazon.com/batch/">https://aws.amazon.com/batch/</a></li> </ul>', 'question': '<p>A financial services company regularly runs an analysis of the day’s transaction costs, execution reporting, and market performance. The company currently use third-party commercial software for\xa0provisioning, managing, monitoring, and scaling the computing jobs which utilize a large fleet of EC2 instances.</p><p>The company are seeking to reduce cost and utilize AWS services. Which AWS service could be used in place of the third-party software?</p>', 'relatedLectureIds': '', 'answers': ['<p>AWS Batch\xa0 \xa0 </p>', '<p>AWS Systems Manager\xa0 \xa0 </p>', '<p>Amazon Athena\xa0 \xa0 </p>', '<p>Amazon Lex\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232583, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:28:00Z', 'created': '2018-11-26T03:28:00Z', 'correct_response': ['a'], 'question_plain': 'A financial services company regularly runs an analysis of the day’s transaction costs, execution reporting, and market performance. The company currently use third-party commercial software for\xa0provisioning, managing, monitoring, and scaling the computing jobs which utilize a large fleet of EC2 instances.The company are seeking to reduce cost and utilize AWS services. Which AWS service could be used in place of the third-party software?'}, {'_class': 'assessment', 'original_assessment_id': 5995526, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>With AWS Direct Connect, you can connect to all your AWS resources in an AWS Region, transfer your business-critical data directly from your datacenter, office, or colocation environment into and from AWS, bypassing your Internet service provider and removing network congestion</li> \t<li>Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service</li> \t<li>An IPSec VPN can be used to connect to AWS however it does not bypass the ISPs or Internet</li> \t<li>Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you\'ve defined</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/aws-direct-connect/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/aws-direct-connect/</a></li> </ul>', 'question': '<p>A customer is deploying services in a hybrid cloud model. The customer has mandated that data is transferred directly between cloud data centers, bypassing ISPs. </p><p>What AWS service can be used to enable hybrid cloud connectivity?</p>', 'relatedLectureIds': '', 'answers': ['<p>IPSec VPN\xa0 \xa0 </p>', '<p>Amazon Route 53\xa0 \xa0 </p>', '<p>AWS Direct Connect\xa0 \xa0 </p>', '<p>Amazon VPC\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232585, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:28:00Z', 'created': '2018-11-26T03:28:00Z', 'correct_response': ['c'], 'question_plain': 'A customer is deploying services in a hybrid cloud model. The customer has mandated that data is transferred directly between cloud data centers, bypassing ISPs. What AWS service can be used to enable hybrid cloud connectivity?'}, {'_class': 'assessment', 'original_assessment_id': 5995530, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon EKS is AWS’ managed Kubernetes offering, which enables you to focus on building applications, while letting AWS handle managing Kubernetes and the underlying cloud infrastructure</li> \t<li>Amazon Elastic Container Service (ECS) does not use Kubernetes so it is not the most similar product</li> \t<li>AWS Lambda is a serverless service that executes code as functions</li> \t<li>AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. It is not a container platform</li> </ul> <strong>References:</strong><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/analytics/amazon-kinesis/"></a> <ul> \t<li><a href="https://aws.amazon.com/eks/">https://aws.amazon.com/eks/</a></li> </ul>', 'question': '<p>A development team are creating a Continuous Integration and Continuous Delivery (CI/CD) toolchain on the AWS cloud. The team currently use Jenkins X and Kubernetes on-premise and are looking to utilize the same services in the AWS cloud.</p><p>What AWS service can provide a managed container platform that is MOST similar to their current CI/CD toolchain?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon ECS\xa0 \xa0 </p>', '<p>Amazon EKS\xa0 \xa0 </p>', '<p>AWS Lambda\xa0 \xa0 </p>', '<p>AWS CodePipeline\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232587, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:28:00Z', 'created': '2018-11-26T03:28:00Z', 'correct_response': ['b'], 'question_plain': 'A development team are creating a Continuous Integration and Continuous Delivery (CI/CD) toolchain on the AWS cloud. The team currently use Jenkins X and Kubernetes on-premise and are looking to utilize the same services in the AWS cloud.What AWS service can provide a managed container platform that is MOST similar to their current CI/CD toolchain?'}, {'_class': 'assessment', 'original_assessment_id': 5995562, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li><em>DynamoDB auto scaling</em>uses the AWS Application Auto Scaling service to dynamically adjust provisioned throughput capacity on your behalf, in response to actual traffic patterns. This is the most efficient and cost-effective solution</li> \t<li>Manually adjusting the provisioned throughput is not efficient</li> \t<li>Using AWS Lambda to modify the provisioned throughput is possible but it would be more cost-effective to use DynamoDB Auto Scaling as there is no cost to using it</li> \t<li>DynamoDB DAX is an in-memory cache that increases the performance of DynamoDB. However, it costs money and there is no requirement to increase performance</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/AutoScaling.html">https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/AutoScaling.html</a></li> </ul>', 'question': '<p>A DynamoDB table you manage has a variable load, ranging from sustained heavy usage some days, to only having small spikes on others. The load is 80% read and 20% write. The provisioned throughput capacity has been configured to account for the heavy load to ensure throttling does not occur.</p><p>You have been asked to find a solution for saving cost. What would be the most efficient and cost-effective solution?</p>', 'relatedLectureIds': '', 'answers': ['<p>Create a DynamoDB Auto Scaling scaling policy\xa0 \xa0 </p>', '<p>Create a CloudWatch alarm that notifies you of increased/decreased load, and manually adjust the provisioned throughput\xa0 \xa0 </p>', '<p>Create a CloudWatch alarm that triggers an AWS Lambda function that adjusts the provisioned throughput\xa0 \xa0 </p>', '<p>Use DynamoDB DAX to increase the performance of the database\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232589, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:28:00Z', 'created': '2018-11-26T03:28:00Z', 'correct_response': ['a'], 'question_plain': 'A DynamoDB table you manage has a variable load, ranging from sustained heavy usage some days, to only having small spikes on others. The load is 80% read and 20% write. The provisioned throughput capacity has been configured to account for the heavy load to ensure throttling does not occur.You have been asked to find a solution for saving cost. What would be the most efficient and cost-effective solution?'}, {'_class': 'assessment', 'original_assessment_id': 5995592, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon S3 Select is designed to help analyze and process data within an object in Amazon S3 buckets, faster and cheaper. It works by providing the ability to retrieve a subset of data from an object in Amazon S3 using simple SQL expressions</li> \t<li>Amazon Redshift Spectrum allows you to directly run SQL queries against exabytes of unstructured data in Amazon S3. No loading or transformation is required</li> \t<li>Amazon Kinesis Data Streams (KDS) is a massively scalable and durable real-time data streaming service. It does not allow you to perform query-in-place operations on S3</li> \t<li>Amazon Elasticsearch Service, is a fully managed service that makes it easy for you to deploy, secure, operate, and scale Elasticsearch to search, analyze, and visualize data in real-time</li> \t<li>Amazon SWF helps developers build, run, and scale background jobs that have parallel or sequential steps</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/</a></li> \t<li><a href="https://aws.amazon.com/blogs/aws/s3-glacier-select/">https://aws.amazon.com/blogs/aws/s3-glacier-select/</a></li> \t<li><a href="https://aws.amazon.com/about-aws/whats-new/2017/11/amazon-redshift-spectrum-is-now-available-in-four-additional-aws-regions-and-enhances-query-performance-in-all-available-aws-regions/">https://aws.amazon.com/about-aws/whats-new/2017/11/amazon-redshift-spectrum-is-now-available-in-four-additional-aws-regions-and-enhances-query-performance-in-all-available-aws-regions/</a></li> </ul>', 'question': '<p>A company is investigating ways to analyze and process large amounts of data in the cloud faster, without needing to load or transform the data in a data warehouse. The data resides in Amazon S3.</p><p>Which AWS services would allow the company to query the data in place? (choose 2)</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon S3 Select\xa0 \xa0 </p>', '<p>Amazon Kinesis Data Streams\xa0 \xa0 </p>', '<p>Amazon Elasticsearch\xa0 \xa0 </p>', '<p>Amazon RedShift Spectrum\xa0 \xa0 </p>', '<p>Amazon SWF\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '', '']}, 'id': 6232591, 'section': '', 'assessment_type': 'multi-select', 'updated': '2018-11-26T03:28:00Z', 'created': '2018-11-26T03:28:00Z', 'correct_response': ['a', 'd'], 'question_plain': 'A company is investigating ways to analyze and process large amounts of data in the cloud faster, without needing to load or transform the data in a data warehouse. The data resides in Amazon S3.Which AWS services would allow the company to query the data in place? (choose 2)'}, {'_class': 'assessment', 'original_assessment_id': 5995596, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and existing Business Intelligence (BI) tools</li> \t<li>RedShift is used for running complex analytic queries against petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance local disks, and massively parallel query execution</li> \t<li>RDS is a relational database that is used for transactional workloads not analytics workloads</li> \t<li>Amazon Neptune is a new product that offers a fully-managed Graph database</li> \t<li>Amazon Kinesis Firehose processes streaming data, not data stored on S3</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/database/amazon-redshift/</a></li> </ul>', 'question': '<p>An application is generating a large amount of clickstream events data that is being stored on S3. The business need to understand customer behaviour and want to run complex analytics queries against the data.</p><p>Which AWS service can be used for this requirement?</p>', 'relatedLectureIds': '', 'answers': ['<p>Amazon Kinesis Firehose\xa0 \xa0 </p>', '<p>Amazon RDS\xa0 \xa0 </p>', '<p>Amazon Neptune\xa0 \xa0 </p>', '<p>Amazon RedShift\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232593, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:28:00Z', 'created': '2018-11-26T03:28:00Z', 'correct_response': ['d'], 'question_plain': 'An application is generating a large amount of clickstream events data that is being stored on S3. The business need to understand customer behaviour and want to run complex analytics queries against the data.Which AWS service can be used for this requirement?'}, {'_class': 'assessment', 'original_assessment_id': 5995680, 'related_lectures': [], 'prompt': {'explanation': '<ul> \t<li>Field-level encryption adds an additional layer of security on top of HTTPS that lets you protect specific data so that it is only visible to specific applications</li> \t<li>Origin access identity applies to S3 bucket origins, not web servers</li> \t<li>Object invalidation is a method to remove objects from the cache</li> \t<li>An RTMP distribution is a method of streaming media using Adobe Flash</li> </ul> <strong>References:</strong> <ul> \t<li><a href="https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/">https://digitalcloud.guru/certification-training/aws-solutions-architect-associate/networking-and-content-delivery/amazon-cloudfront/</a></li> \t<li><a href="https://aws.amazon.com/about-aws/whats-new/2017/12/introducing-field-level-encryption-on-amazon-cloudfront/">https://aws.amazon.com/about-aws/whats-new/2017/12/introducing-field-level-encryption-on-amazon-cloudfront/</a></li> </ul>', 'question': '<p>A government agency is using CloudFront for a web application that receives personally identifiable information (PII) from citizens. </p><p>What feature of CloudFront applies an extra level of encryption at CloudFront edge locations to ensure the PII data is secured end-to-end?\xa0 \xa0 </p>', 'relatedLectureIds': '', 'answers': ['<p>Object invalidation\xa0 \xa0 </p>', '<p>Field-level encryption\xa0 \xa0 </p>', '<p>Origin access identity\xa0 \xa0 </p>', '<p>RTMP distribution\xa0 \xa0 </p>'], 'feedbacks': ['', '', '', '']}, 'id': 6232595, 'section': '', 'assessment_type': 'multiple-choice', 'updated': '2018-11-26T03:28:00Z', 'created': '2018-11-26T03:28:00Z', 'correct_response': ['b'], 'question_plain': 'A government agency is using CloudFront for a web application that receives personally identifiable information (PII) from citizens. What feature of CloudFront applies an extra level of encryption at CloudFront edge locations to ensure the PII data is secured end-to-end?'}], 'next': None, 'count': 65, 'previous': None}, 'type': 'practice-test'}], 'order': '0', 'chapter': 'Exercises'}]
// console.log(json)
for (var i = 0; i < json_data.length; i++) {
$('.list-group-flush').append(
`<li class="list-group-item chapter-${json_data[i]['order']}" style="background-color:#ffffff00" ><a href='#' style="color:#ec6e6e">${json_data[i]['order']} ${json_data[i]['chapter']}</a><ul></ul></li>`
)
for (var j = 0; j < json_data[i]['quizzes'].length; j++) {
$(`.chapter-${json_data[i]['order']} > ul`).append(
`<li class="d-${i}-${j}"><a href="#" style="color:#ec6e6e">${json_data[i]['quizzes'][j]['title']}</a></li>`
)
}
}
$('.list-group-flush').on('click', 'li', function (event) {
$('.container').empty()
$(this).addClass('active')
event.preventDefault();
event.stopPropagation()
var idRe = /d-(\d{1,3})-(\d{1,3})/
id = idRe.exec($(this).attr("class"))
quizzes_data = json_data[Number(id[1])]['quizzes'][Number(id[2])]
if (quizzes_data['type'] === 'simple-quiz' || quizzes_data['type'] === 'practice-test') {
for (var i = 0; i < quizzes_data['quiz_data']['count']; i++) {
$('.container').append(
`<div class="question-list-${i} mt-4"><span><b>Question ${i}</b></span><div>${quizzes_data['quiz_data']['results'][i]['prompt']['question']}</div><div class="funkyradio"></div><div class="text-center"><button class="btn btn-primary btn-sm" id="answerBtn-${i}">Show Answer</button></div></div>`
)
for (var j = 0; j < quizzes_data['quiz_data']['results'][i]['prompt']['answers'].length; j++) {
$(`.question-list-${i} .funkyradio`).append(
`<div class="funkyradio-primary"><input type="radio" name="radio" id="radio${i}${j}"/><label for="radio${i}${j}" class="px-5 mx-1">${quizzes_data['quiz_data']['results'][i]['prompt']['answers'][j]}</label></div>`
)
}
}
$('.text-center').on('click', 'button', function (event) {
event.preventDefault();
var idRe2 = /answerBtn-(\d+)/
id2 = idRe2.exec($(this).attr('id'))[1]
$(this).html(
`Right answer is <span style="color:red;font-size:20px" class="px-1"> ${quizzes_data['quiz_data']['results'][Number(id2)]['correct_response']}</span>`
)
$(this).attr('class', 'btn btn-success btn-sm disabled')
try {
for (var k = 0; k < quizzes_data['quiz_data']['results'][Number(id2)]['prompt']['feedbacks'].length; k++) {
$(`label[for="radio${Number(id2)}${k}"]`).append(`<p class="mb-0" style="color:teal">${quizzes_data['quiz_data']['results'][Number(id2)]['prompt']['feedbacks'][k]}</p>`)
}
}
catch(err) {
console.log("This is no feedbacks in this question")
}
if (quizzes_data['quiz_data']['results'][Number(id2)]['prompt']['explanation'] != undefined){
$(this).parent().parent().append(`<div class='bg-light text-info mt-3'><p>Explanation</p>${quizzes_data['quiz_data']['results'][Number(id2)]['prompt']['explanation']}</div>`)
}
});
}
else if (quizzes_data['type'] === 'practice') {
for (var i = 0; i < quizzes_data['practice_data']['results'].length; i++) {
let key = i
$('.container').append(`<div class="questionArea-${i}"><p>${quizzes_data['practice_data']['results'][i]['body']}</p><button class="btn btn-primary btn-sm answer-${i}">Show Answer</button></div>`)
$(`.questionArea-${i}`).on('click', `.answer-${i}`, function(event) {
console.log('Not bad')
event.preventDefault();
$(this).parent().append(`<div class="mt-5 bg-light">${quizzes_data['practice_data']['results'][key]['answer']}</div>`)
})
}
}
else {
for (var i = 0; i < quizzes_data['quiz_data']['results'].length; i++) {
$('.container').append(`<div class="codingArea-${i}"><p>${quizzes_data['quiz_data']['results'][i]['prompt']['instructions']}</p><div class="preContent bg-light"><p>提示内容</p></div><button class="btn btn-primary answer-${i}">Show Answer</button></div>`)
for (var j = 0; j < quizzes_data['quiz_data']['results'][i]['prompt']["initial_files"].length; j++) {
$(".preContent").append(`<p>文件名:${quizzes_data['quiz_data']['results'][i]['prompt']["initial_files"][j]['file_name']}</p><pre>${quizzes_data['quiz_data']['results'][i]['prompt']["initial_files"][j]["content"]}</pre>`)
}
$(`.codingArea-${i}`).on('click', `.answer-${i}`, function(event) {
event.preventDefault();
$(this).parent().append(`<div class="mt-5"><pre class="bg-light">${quizzes_data['quiz_data']['results'][0]['prompt']['solution_files'][0]['content']}</pre></div>`)
});
}
}
});
});
</script>
<style type="text/css">
.sidebar-sticky {
height: 100%
}
.funkyradio div {
clear: both;
overflow: hidden;
}
.funkyradio label {
width: 100%;
border-radius: 3px;
border: 1px solid #D1D3D4;
font-weight: normal;
}
.funkyradio input[type="radio"]:empty,
.funkyradio input[type="checkbox"]:empty {
display: none;
}
.funkyradio input[type="radio"]:empty~label,
.funkyradio input[type="checkbox"]:empty~label {
position: relative;
line-height: 2.5em;
text-indent: 3.25em;
margin-top: 1em;
cursor: pointer;
-webkit-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
}
.funkyradio input[type="radio"]:empty~label:before,
.funkyradio input[type="checkbox"]:empty~label:before {
position: absolute;
display: block;
top: 0;
bottom: 0;
left: 0;
content: '';
width: 2.5em;
background: #D1D3D4;
border-radius: 3px 0 0 3px;
}
.funkyradio input[type="radio"]:hover:not(:checked)~label,
.funkyradio input[type="checkbox"]:hover:not(:checked)~label {
color: #888;
}
.funkyradio input[type="radio"]:hover:not(:checked)~label:before,
.funkyradio input[type="checkbox"]:hover:not(:checked)~label:before {
content: '\25B6';
text-indent: .9em;
color: #C2C2C2;
}
.funkyradio input[type="radio"]:checked~label,
.funkyradio input[type="checkbox"]:checked~label {
color: #777;
}
.funkyradio input[type="radio"]:checked~label:before,
.funkyradio input[type="checkbox"]:checked~label:before {
content: '\25B6';
text-indent: .9em;
color: #333;
background-color: #ccc;
}
.funkyradio input[type="radio"]:focus~label:before,
.funkyradio input[type="checkbox"]:focus~label:before {
box-shadow: 0 0 0 3px #999;
}
.funkyradio-primary input[type="radio"]:checked~label:before,
.funkyradio-primary input[type="checkbox"]:checked~label:before {
color: #fff;
background-color: #337ab7;
}
.funkyradio-success input[type="radio"]:checked~label:before,
.funkyradio-success input[type="checkbox"]:checked~label:before {
color: #fff;
background-color: #5cb85c;
}
.funkyradio-danger input[type="radio"]:checked~label:before,
.funkyradio-danger input[type="checkbox"]:checked~label:before {
color: #fff;
background-color: #d9534f;
}
</style>
</body>
</html>