0 of 50 Questions completed
Questions:
You have already completed the quiz before. Hence you can not start it again.
You must sign in or sign up to start the quiz.
You must first complete the following:
Quiz complete. Results are being recorded.
0 of 50 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0 )
Earned Point(s): 0 of 0 , (0 )
0 Essay(s) Pending (Possible Point(s): 0 )
Categories
Not categorized
0%
AWS SYSOPS
0%
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Question 1 of 50
1 point(s)
If you configured an HTTPS listener on an ELB but you have not configured any
security policy which help to negotiate SSL between the ELB and Client. What will ELB
do in this scenario?
Question 2 of 50
1 point(s)
Chef turns infrastructure into code.
Question 3 of 50
1 point(s)
Which of the following is NOT one of the four areas of the performance efficiency
pillar?
Question 4 of 50
1 point(s)
Select the feature in S3 that helps replicates data across AWS regions. Choose an answer
from the options below
Question 5 of 50
1 point(s)
In five regions around the globe your website is hosted in 10 EC2 instances How could
you configure your site to maintain availability with minimum downtime if one of the five
regions was to lose network connectivity for an extended period?
Question 6 of 50
1 point(s)
The user requests to restore the archive after 6 months and has moved an object to
Glacier using the life cycle rules. When the restore request is completed the user accesses
that archive. Which of the below mentioned statements is not true in this condition?
Question 7 of 50
1 point(s)
A storage admin wants to encrypt all the objects stored in S3 using server side
encryption. The user does not want to use the AES 256 encryption key provided by S3.
How can the user achieve this?
Question 8 of 50
1 point(s)
. You are planning to deploy a production database to EC2 and need to choose the best
storage type. You anticipate that you will need 20,000 IOPS, and an average of 8,000 –
10,000 IOPS. What storage medium should you choose?
Question 9 of 50
1 point(s)
Which AWS-specific storage option would you set up for low cost, reliability, and
security? If a company is setting up an application that is used to share files. Because
these files are important to the sales team, the application must be highly available.
Question 10 of 50
1 point(s)
The user requests to restore the archive after 6 months and has moved an object
to Glacier using the life cycle rules. When the restore request is completed the user
accesses that archive. Which of the below mentioned statements is not true in this
condition?
Question 11 of 50
1 point(s)
If you want to optimize performance for a compute cluster that requires low internode
latency, which feature in the following list should you use?
Question 12 of 50
1 point(s)
The term pilot light is often used to describe a DR scenario in which a minimal version
of an environment is always running in the cloud
Question 13 of 50
1 point(s)
Which of the below mentioned AWS RDS logs cannot be viewed from the console for
MySQL?
Question 14 of 50
1 point(s)
Select the feature in S3 that helps replicates data across AWS regions. Choose an
answer from the options below
Question 15 of 50
1 point(s)
Which AWS-specific storage option would you set up for low cost, reliability, and
security? If a company is setting up an application that is used to share files. Because these
files are important to the sales team, the application must be highly available
Question 16 of 50
1 point(s)
to restrict access to data in S3 Which features can be used? Choose the 3 correct
answers from the options below
Question 17 of 50
1 point(s)
Which of the following are steps you should take in securing your Root AWS account?
(Choose 3)
Question 18 of 50
1 point(s)
IAM policies are written using ________.
Question 19 of 50
1 point(s)
Which of the following is AWS’ managed DDoS protection service?
Question 20 of 50
1 point(s)
You need to use an AWS service to assess the security and compliance of your EC2
instances. Which of the following services should you use?
Question 21 of 50
1 point(s)
Under the Shared Responsibility model, for which of the following does AWS not
assume responsibility?
Question 22 of 50
1 point(s)
The AWS Risk and Compliance Program is made up of which of the following
components? (Choose 3)
Question 23 of 50
1 point(s)
How would a system administrator add an additional layer of login security to a user’s
AWS Management Console?
Question 24 of 50
1 point(s)
True or False: The Standard version of AWS Shield offers automated application (layer
7) traffic monitoring.
Question 25 of 50
1 point(s)
Which of the below mentioned statements is not true with respect to the limitations
of IAM if an organization is planning to create a user with IAM. They are trying to
understand the limitations of IAM so that they can plan accordingly
Question 26 of 50
1 point(s)
If you configured an HTTPS listener on an ELB but you have not configured any
security policy which help to negotiate SSL between the ELB and Client. What will ELB
do in this scenario?
Question 27 of 50
1 point(s)
A user has configured ELB with SSL using a security policy for secure negotiation
between the client and load balancer. Which of the below mentioned security policies is
supported by ELB?
Question 28 of 50
1 point(s)
A storage admin wants to encrypt all the objects stored in S3 using server side
encryption. The user does not want to use the AES 256 encryption key provided by S3.
How can the user achieve this?
Question 29 of 50
1 point(s)
An organization is trying to create various IAM users. Which of the below mentioned
options is not a valid IAM username?
Question 30 of 50
1 point(s)
The user is using server side encryption for data at rest and has enabled versioning
on an S3 bucket If the user is supplying his own keys for encryption (SSE-C), what is
recommended to the user for the purpose of security?
Question 31 of 50
1 point(s)
To restrict access to data in S3 Which features can be used? Choose the 3 correct
answers from the options below.
Question 32 of 50
1 point(s)
Which of the following is true about security groups? (Choose 2)
Question 33 of 50
1 point(s)
You need to implement an automated service that will scan your AWS environment
with the goal of both improving security and reducing costs. Which service should you use?
Question 34 of 50
1 point(s)
Which of the following cloud security controls ensures that only authorized and
authenticated users are able to access your resources?
Question 35 of 50
1 point(s)
Which of the following cloud security controls ensures that only authorized and
authenticated users are able to access your resources?
Question 36 of 50
1 point(s)
Which of the following is NOT considered a fault tolerant tool?
Question 37 of 50
1 point(s)
True or False: Identity Access Management (IAM) is a Regional service
Question 38 of 50
1 point(s)
A user has launched an instance in that subnet and has created a VPC with a public
subnet and a security group. The user is still unable to connect to the instance. The internet
gateway has also been created and attached to the route table. What can be the reason for
the error?
Question 39 of 50
1 point(s)
A user has created a VPC with public and private subnets using the VPC wizard. The
user has not launched any instance manually and is trying to delete the VPC. What will
happen in this scenario?
Question 40 of 50
1 point(s)
To send traffic to a secondary host in the event that the primary host went down
What would we need to attach to a Bastion host or NAT host for high availability? Chose
the correct answer
Question 41 of 50
1 point(s)
Which AWS-specific storage option would you set up for low cost, reliability, and
security? If a company is setting up an application that is used to share files. Because
these files are important to the sales team, the application must be highly available.
Question 42 of 50
1 point(s)
A VPC has created with two subnets: one public and one private. The user is planning
to run the patch update for the instances in the private subnet. How can the instances in
the private subnet connect to the internet?
Question 43 of 50
1 point(s)
If you want to optimize performance for a compute cluster that requires low internode
latency, which feature in the following list should you use?
Question 44 of 50
1 point(s)
To prevent an IP address block from accessing public objects in an S3 bucket Which
method can be used?
Question 45 of 50
1 point(s)
How can software determine the public and private IP addresses of the Amazon EC2
instance that it is running on?
Question 46 of 50
1 point(s)
If a user wants to understand AWS SNS. Which of the given endpoint is SNS unable
to send a notification?
Question 47 of 50
1 point(s)
If you configured an HTTPS listener on an ELB but you have not configured any
security policy which help to negotiate SSL between the ELB and Client. What will ELB
do in this scenario?
Question 48 of 50
1 point(s)
A user has created a VCP with the public and private subnets using the VCP wizard.
The VCP has CID 20.0.0.0/16. The public subnet uses CIDR 20.0.1.0/24. The user is
planning to host a web server in the public subnet with port 80 and database server in the
private subnet with port 3306.The user is configuring a security group for the public
subnet (WebSecGrp) and the private subnet (DBSecGrp). Which of the below mentioned
entries is the private subnet database security group DBSecGrp?
Question 49 of 50
1 point(s)
A user has given full access of his S3 bucket to one of the IAM users using the bucket
ACL. When the IAM user logs in to the S3 console, which actions can he perform?
Question 50 of 50
1 point(s)
A user is trying to connect to a running EC2 instance using SSH. However, the user
gets an Unprotected Private Key File error. Which of the below mentioned options can be
a possible reason for rejection?