Question 1: Monthly billing for Lambda is based on what?
- A: Number of uploaded functions in the AWS account per region
- B: Number of uploaded functions in the AWS account per region plus the execution time in minutes
- C: Execution request and the time is rounded to the nearest 100 ms
- D: Execution request and time is rounded to the nearest 1 second
Question 2: Which is a compulsory section in the CloudFormation template?
- A: Outputs and Resources
- B: Resources
- C: Parameters and Outputs
- D: None of the above
Question 3: If an EC2 instance with an instance store volume is stopped or terminated, any data on the instance store volume is lost:
- A: True
- B: False
Question 4: Which of the following statements is true about AWS regions and AZs?
- A: Every region is independent, consists of at least two or more AZs, and AZs within regions are interconnected through low-latency dedicated networks
- B: Each region is independent and has only one AZ
- C: You can create as many AZs as required from the AWS console
- D: Regions and AZs are only required when hosting legacy applications on the cloud
Question 5: Is it possible to stop an RDS instance?
- A: Yes, it is possible to stop for a maximum of 7 days when it is in single AZ
- B: Yes, it is possible to stop for any duration of time when it is in single AZ
- C: Yes, it is possible to stop for a maximum of 7 days when it is in multi-AZ
- D: Yes, it is possible to stop for any duration of time when it is in multi-AZ
Question 6: Which of the following statements are true? (Select 2)
- A: A group can contain many users, and a user can belong to multiple groups
- B: Groups can't be nested; they can contain only users, not other groups
- C: Both users and groups can be nested
- D: Groups can be nested but users cannot be nested
Question 7: What is the maximum size of an item in a DynamoDB table?
- A: 400 Bytes
- B: 400 KB
- C: 400 MB
- D: 400 GB
Question 8: Which of the following statements is true?
- A: NACL applies at the EC2 level and security groups apply at the network level
- B: Security groups apply at the EC2 level and NACL at the network level
- C: It can be implemented interchangeably depending on the project's requirements
- D: None of the above
Question 9: Which of the following AWS services supports infrastructure as a code?
- A: CloudFront
- B: CloudFormation
- C: CodeCommit
- D: None of the above
Question 10: When an RDS instance is configured in multi-AZ, what happens when the primary instance fails?
- A: The standby replica database automatically becomes the primary database
- B: You need to manually failover control from the primary database to the secondary database in a different AZ
- C: Automatically CNAME pointing to the primary database instance changes to the standby database instance
- D: All of the above
Question 11: An organization, Example Inc, runs their website on Amazon S3, which is named https://www.example.com
. They have kept their corporate images in a separate S3 bucket which is accessed on endpoint: https://s3-us-east1.amazonaws.com/examplecorpimages
. While testing the website, Example Inc found that the images are blocked by the browser. In this scenario, what should the company do to resolve the issue so that the images are not blocked by the browser?
- A: Make the
examplecorpimages
bucket where the images are stored public - B: Enable versioning on the
examplecorpimages
bucket - C: Create CORS configuration on the
examplecorpimages
bucket for allowing cross-origin requests - D: You can't do anything as S3 does not allow you to host images in different buckets
Question 12: Which encryption method is supported by AWS EC2 and S3 by default?
- A: 256-bit Advanced Encryption Standard (AES-256)
- B: RSA
- C: 128-bit AES
- D: DES
Question 13: What is the purpose of the cfn-init
helper script in CloudFormation?
- A: Installs and configures applications and packages on EC2
- B: Sends a signal to CloudFormation when the EC2 instance is successfully created
- C: Detects changes in resource metadata and runs user-specified actions when a change is detected
- D: All of the above
Question 14: A Load balancer can span across:
- A: Multiple AZs
- B: Multiple regions
- C: Multiple AZs and optionally multiple regions
- D: Depends on the region
Question 15: AWS IAM is:
- A: Region-independent and free to use
- B: Region-dependent and free to use
- C: Region-dependent and the charges vary from region to region
- D: None of the above
Question 16: Which of the following CloudFormation template sections match a key to a corresponding value?
- A: Transform
- B: Mappings
- C: Metadata
- D: Conditions
Question 17: Which of the following statements is true?
- A: VPC can span across multiple regions
- B: VPC can span across multiple AZs
- C: VPC can span across multiple AZs and multiple regions
- D: VPC spans across AZs and optionally across regions
Question18: What happens when the password policy is changed or newly implemented?
- A: It is implemented immediately, but takes effect the next time an IAM user attempts to change the password
- B: It forces all the AWS IAM users whose passwords do not comply with the new password policy to change their passwords immediately
- C: It can be configured to apply only to a few IAM users
- D: None of the above
Question 19: Billing alerts are triggered by which AWS service?
- A: AWS Billing dashboard
- B: CloudWatch
- C: SES/SNS/SQS
- D: All of the above
Question 20: What is true about Elasticity?
- A: Elasticity refers to the provisioning of news resources to match an increase in demand
- B: Elasticity refers to automatically provisioning and deprovisioning resources to match the workload demand
- C: Elasticity refers to the deprovisioning of resources due to a decrease in demand
- D: None of the above
Question 21: How do you move/transfer an EC2 instance from one region to another?
- A: It is not possible to move an EC2 instance from one region to another
- B: It can be done only by a root user
- C: Shut down the EC2, then take the AMI and copy it in another region to launch the new EC2 instance from the AMI
- D: Raise a support request with AWS
- E: None of the above
Question 22: Which of the following services are recommended for transferring petabytes ofdata between an on-premises data center and AWS?
- A: Snowball or Snowmobile
- B: S3 Transfer Accelerator
- C: S3 multipart upload
- D: S3 Import/Export
- E: Direct Connect
Question 23: RRS stands for what?
- A: Reduced Redundancy Storage
- B: Reduced Risk Storage
- C: Reduce Resource Storage
- D: None of the above
Question 24: What can be used to provide internet connectivity to the resources residingin a private subnet?
- A: NAT instance or NAT gateway
- B: Internet gateway
- C: Virtual private gateway
- D: Elastic Load Balancer
Question 25: Which of the following statements is true for CloudWatch metrics?
- A: It can be manually deleted when the CloudWatch alarm is no longer used
- B: It cannot be manually deleted
- C: It doesn't create any metrics for any custom CloudWatch alarms
- D: All of the above
Question 26: What subnet is usually recommended for hosting a database instance in RDS?
- A: Public subnet
- B: Private subnet
- C: A and B
- D: None of the above
Question 27: What is true about IAM policies?
- A: IAM policies cannot be modified
- B: When IAM policies are changed, it immediately reflects in the privileges of all users and groups
- C: IAM policies can be changed only by the AWS root account
- D: You need to raise a support request with AWS to change IAM policies
Question 28: Which of the following AWS services is suitable for data archival?
- A: S3
- B: EMR
- C: Glacier
- D. All of the above
Question 29: What is true about deploying SSL on ELB?
- A: It is not possible
- B: It is not the best practice to deploy SSL on ELB as it may increase the load on the EC2 instance
- C: It is suggested to deploy the SSL certificate on ELB to reduce the load on the EC2 instance
- D: Use of SSL is not required with ELB, as it automatically looks after encryption and decryption
Question 30: What is true about IP addressing in AWS?
- A: You can access an EC2 instance over the internet using a private IP address
- B: The public IP address of an EC2 instance does not change when you stop an instance and restart it
- C: Private IPs can be accessed only within the VPC
- D: None of the above
Question 31: Which of the following features is supported by DynamoDB?
- A: ELB
- B: Auto Scaling
- C: A and B
- D: None of the above
Question 32: One EBS volume can be attached to?
- A: Only one EC2 instance
- B: Multiple EC2 instances
- C: Depends on the type of the EBS volume
- D: EBS cannot be attached to the EC2, it can only be attached to the RDS
Question 33: Data stored in an S3 can be accessed from?
- A: Within AWS
- B: Within the same region
- C: Within the same AZ
- D: Anywhere across the internet
Question 34: Which statement is true?
- A: Every region has at least two AZs and each AZ is isolated but inter-connected with low-latency dedicated connectivity
- B: Every region may have one or more AZs and each AZ is isolated but inter-connected with low-latency dedicated connectivity
- C: Every region has at least two AZs and each AZ is isolated but inter-connected through the internet
- D: Every region consists of only one AZ that automatically provides highly-available infrastructures
Question 35: Which of the following AWS services offer a NoSQL service?
- A: RDS
- B: Simple database
- C: EC2
- D: EMR
- E: DynamoDB
Question 36: What can be done to reduce the cost of a mission-critical production application hosted on EC2 instances?
- A: Spot instances can be used
- B: A reserved instance can be used
- C: An on-demand instance can be used
- D: None of the above
Question 37: What is the largest individual object size supported by S3?
- A: 5 GB
- B: 50 GB
- C: 5 TB
- D: Any size
Question 38: Which AWS service helps to perform log analysis and resource monitoring?
- A: EC2
- B: Lambda
- C: CloudWatch
- D: Any of the above
Question 39: What is true about indexes in DynamoDB?
- A: GSI can have a different partition key and sort key compared to its base table
- B: LSI can have a different partition key and sort key compared to its base table
- C: GSI should have the same partition key as its base table
- D: All of the above
Question 40: What happens when CloudFormation stack creation fails?
- A: It rolls back the stack and deletes any resources that have been created
- B: Skips that resource creation and continues
- C: Depends on the region in which the stack is being created
- D: None of the above
Question 41: What is session affinity in an ELB?
- A: Ensures that the ELB stops sending requests to instances that are deregistered or unhealthy, while existing connections are open
- B: It enables to carry source connection request information to the destination
- C: It enables ELB to bind a user's session to specific EC2 instances
- D: It distributes an incoming user's request evenly across registered AZs with ELB
Question 42: By default, which of the following metrics are not supported by CloudWatch?
- A: DiskRead/Write operations
- B: NetworkIn/Out
- C: CPU usage
- D: Memory free/used
Question 43: Which of the following statements is true for Lambda?
- A: Security groups and subnets can be assigned with Lambda functions
- B: Only subnets can be specified
- C: Only security group can be specified
- D: Neither security groups nor subnets can be specified
Question 44: By default, a newly-created object in S3 is what?
- A: Private and only accessible by an owner
- B: Private and only accessible by IAM users
- C: Public, anyone can access it
- D: All of the above
Question 45: Which of the following AWS services helps to use AWS storage as a local storage to the applications installed in the data centers?
- A: AWS storage gateway
- B: Direct Connect
- C: AWS Snowball
- D: None of the above
Question 46: Which of the following AWS services provides a relational database as a service?
- A: RDS
- B: DynamoDB
- C: RedShift
- D: EMR
Question 47: Which of the following queues in SQS can target messages that can't be processed (consumed) successfully?
- A: Fresh queue
- B: Broken queue
- C: Dead-letter queue
- D: All of the above
Question 48: What consistency model is used for scan operations in DynamoDB?
- A: Strongly consistent
- B: Eventually consistent
- C: Read after write consistency
- D: All of the above
Question 49: Which of the following AWS services can be used for various notification types?
- A: SES
- B: SNS
- C: SQS
- D: All of the above
Question 50: Which of the following platforms does not have in-built support on AWS Elastic Beanstalk?
- A: Java with Tomcat
- B: IIS
- C: Java SE
- D: Go
- E: C/C++
- F: Nginix