Amazon AWS – SA Exam

Back to Exams Page.

1. For a project purpose, an EC2 instance has been launched. However, because of some issues, the instance has been terminated. Where we can find the reason for termination?

It is not possible to find the details after the instance is terminated

The user can get information from the AWS console by checking the instance description under the State transition reason label

The user can get information from the AWS console by checking the instance description under the Instance Termination reason label

The user can get information from the AWS console by checking the instance description under the Instance Status Change reason label

Question 1 of 50

2. We have created an EBS volume of 10 GB and attached it to a running instance. We are now accessing it for the first time. Which of the below options is true for first time EBS access?

The volume will show a loss of the IOPS performance

The volume will show a size of 8 GB

The volume will be blank

If the EBS is mounted, it will ask the user to create a file system

Question 2 of 50

3. In a company, there are multiple IAM users, but all these IAM users should have access to AWS IT resources from an internal network not from an outside network. How can that setup can be achieved?

Create an IAM policy with VPC, and allow a secure gateway between the organization and AWS Console

Create an IAM policy with a condition that denies access when the IP address range is not from the organization

Create an IAM policy with the security group, and use that security group for AWS console login

Configure the EC2 instance security group that allows traffic only from the organization’s IP range

Question 3 of 50

4. Identify the statement that is not true with respect to the limitations of IAM.

The organization can create 100 groups per AWS account

One AWS account can have a maximum of 5000 IAM users

One IAM user can be a part of a maximum of five groups

One AWS account can have 250 roles

Question 4 of 50

5. For a project, five hours uptime or running time of the instance is sufficient. How can we reduce the cost of the instance?

The user should use the AWS low utilized RI

The user should use the AWS high utilized RI

The user should not use RI; instead, only go with on-demand pricing

The user should use the AWS medium utilized RI

Question 5 of 50

6. For a project, the team lead has created an Auto Scaling group. However, the group failed to launch a single instance for more than 24 hours. What is the reason behind this?

Auto Scaling will suspend the scaling process

The Auto Scaling group will be terminated automatically

Auto Scaling will start an instance in a separate region

Auto Scaling will keep trying to launch the instance for 72 hours

Question 6 of 50

7. Users are unable to connect running EC2 instance using SSH. The error was ‘connection time out error.’ Which of the below mentioned options is not a possible reason for rejection?

The private key used to launch the instance is not correct

The access key to connect to the instance is wrong

The security group is not configured properly

The instance CPU is heavily loaded

Question 7 of 50

8. In a project, there are two EBS backed EC2 instances in the US-East-1a region. However, the team member is trying to change the EC2 instance zone without shutdown. Which option best suits this situation?

Stop one of the instances and change the availability zone

It is not possible to change the zone of an instance after it is launched

From the AWS EC2 console, select the Actions – > Change zones and specify the new zone

The zone can only be modified using the AWS CLI

Question 8 of 50

9. An EBS backed EC2 instance is currently running. Identify the difference while performing the restart or stop/start options on that instance.

Every restart or start/stop will be charged as a separate hour

Restart will be charged extra only once, while every stop/start will be charged as a separate hour

Every restart is charged by AWS as a separate hour, while multiple start/stop actions during a single hour will be counted as a single hour

A restart will not be charged for an extra hour, while every stop/start will be charged as a separate hour

Question 9 of 50

10. We have one subnet with CIDR 20.0.0.0/16 in this VPC. Then, the user tries to create another subnet with the same VPC for CIDR 20.0.0.1/24. What is the best statement here?

The second subnet will be created

The VPC will modify the first subnet CIDR automatically to allow the second subnet IP range

It is not possible to create a subnet with the same CIDR as the VPC

It will throw a CIDR overlaps error

Question 10 of 50

11. We have a S3 bucket with name ‘cloudtest’ created by root owner and given permission to everyone to upload the objects. The root owner wants to manage the permission of those objects by the person who uploaded. Which is the easiest way to achieve this?

The root account should create the IAM users and provide them with the permission to upload content to the bucket

The root account should use ACL with the bucket to allow everyone to upload the object

The root account owner should create a bucket policy that allows the IAM users to upload the object

The root account owner should create the bucket policy that allows the other account owners to set the object policy of that bucket

Question 11 of 50

12. Is it possible to change the EC2 instance type?

No, you have only what you started with

Yes, but you first need to create an AMI

Yes, while it’s in a stop state

Yes, anytime

Question 12 of 50

13. To understand the sticky session algorithm of ELB, place the steps in the right order, assuming the cookie is present.

Check the cookie in the service request

ELB chooses the instance based on the load balancing algorithm

The cookie is found in the request

ELB inserts the cookie in the response

The cookie is found in the request
Check the cookie in the service request
ELB inserts the cookie in the response
ELB chooses the instance based on the load balancing algorithm

Question 13 of 50

14. There is an EBS volume. We need to backup the volume and also implement security for that snapshot.

In which way can the user create data encryption with a snapshot?

Enable server side encryption for the snapshot using S3

Use encrypted EBS volumes so that the snapshot will be encrypted by AWS

While creating a snapshot, select the snapshot with encryption

By default, the snapshot is encrypted by AWS

Question 14 of 50

15. A team member created an Auto Scaling group using CLI. How do we enable CloudWatch detailed monitoring for that group?

When the user sets an alarm on the Auto Scaling group, it automatically enables detail monitoring

Enable detail monitoring from the AWS console

By default, detailed monitoring is enabled for Auto Scaling

Auto Scaling does not support detailed monitoring

Question 15 of 50

16. Define reserved instances in AWS.

High-performance RDS instance

Upfront fee and lowered hourly rate for one or three years

Low cost EC2 instance that could be shut down anytime

Virtual machine with provisioned EBS IOPS rate

Question 16 of 50

17. There are six instances, three for production and three for testing. However, the project manager wants a particular group of IAM users to only access the test instances but not the production ones. How he can achieve this?

Define the tags on the test and production servers and add a condition to the IAM policy that allows access to specific tags

Launch the test and production instances in separate regions and allow region-wide access to the group

Create an IAM policy with a condition that allows access to only small instances

Define the IAM policy that allows access based on the instance ID

Question 17 of 50

18. Identify the process that is not performed by Auto Scaling.

Replace Unhealthy

Availability Zone Balancing

Schedule Actions

Reboot Instance

Question 18 of 50

19. For a project there are multiple EC2 instances for production and testing. How can we get separate costs for the production and testing?

It is not possible to get the AWS cost usage data of single region instances separately

The user should download the EC2 services activity report because it has the instance ID wise data

The user should use Cost Allocation Tags and AWS billing reports

The user should use Cost Distribution Metadata and AWS detailed billing

Question 19 of 50

20. There is a S3 bucket encrypted by sys admin. Identify the best statement that describes the S3 encryption functionality.

The server side encryption with the user supplied key works when versioning is enabled

The user can upload his or her own encryption key to the S3 console

The user must send an AES-128 encrypted key

The user can use the AWS console, SDK, and APIs to encrypt or decrypt the content for server side encryption with the user supplied key

Question 20 of 50

21. There is a VPC with a public subnet. We have terminated all the instances that are part of the subnet. Which statement best suits this situation?

When the user launches a new instance, the instance cannot use the same subnet

All network interfaces attached to the instances will be deleted

The subnet with which the instances were launched will be deleted

The user cannot delete the VPC since the subnet is not deleted

Question 21 of 50

22. For a project purpose, the user is trying to launch an EC2 instance, but those instances are terminated as soon as they launch. What is the reason?

The user account has reached the maximum volume limit

The AMI is missing. It is required

The user account has reached the maximum EC2 instance limit

The snapshot is corrupt

Question 22 of 50

23. We have launched an EC2 Windows instance from an instance store backed AMI. How can we convert the AMI to an EBS backed AMI?

Attach an EBS volume and use the copy command to copy all the ephermal content to the EBS Volume

Attach an EBS volume to the instance and unbundle all the AMI bundled data inside the EBS

A Windows based instance store backed AMI cannot be converted to an EBS backed AMI

It is not possible to convert an instance store backed AMI to an EBS backed AMI

Question 23 of 50

24. For a project, there is an EC2 instance launched in a subnet within VPC. However, team member forgot to provide an IP address for the instance. Which statement best suits this situation?

The user would need to create an internet gateway and then attach an elastic IP to the instance to connect from the internet

The instance will never launch if the public IP is not assigned

The user can directly attach an elastic IP to the instance

The instance will always have a public DNS attached to the instance by default

Question 24 of 50

25. What happens if the primary RDS instance in MultiAZ deployment fails?

AWS switches the endpoint to a secondary RDS instance. No additional actions from users are needed

The software changes settings to use a secondary RDS instance

RDS data is lost. The adminstrator has to restore it from a snapshot

AWS automatically recovers the RDS instance from a snapshot

Question 25 of 50

26. There is an application hosted on the EC2 instance, and it is running behind ELB. The application owner wants to ensure that the end user request will always go to the EC2 instance where the user session has been created. How can we achieve this?

Enable ELB cookie setup

Enable ELB connection draining

Enable ELB cross zone load balancing

Enable ELB sticky session

Question 26 of 50

27. A team member is trying to connect to a running EC2 instance using SSH, but he gets an ‘Unprotected Private Key File error’. What is the reason for this error?

The user has provided the wrong user name for the OS login

The public key file has the wrong permission

The ppk file used for SSH is read only

The private key file has the wrong file permission

Question 27 of 50

28. There is an ELB with Sticky session enabled. The user wants to manage a cookie by an application, but not by ELB. What will happen when the server instance, which is bound to a cookie, crashes?

ELB will throw an error due to cookie unavailability

The response will have a cookie, but stickiness will be deleted

The session will not be sticky until a new cookie is inserted

The session will be sticky, and ELB will route requests to another server as ELB keeps replicating the Cookie

Question 28 of 50

29. We have created a security group for VPC in public subnet. Which statements are true in the creation of the security group?

It can connect to the AWS services, such as S3 and RDS, by default

It will, by default, allow traffic to the internet gateway

It will have all the outbound traffic by default

It will have all the inbound traffic by default

Question 29 of 50

30. We have a VPC with a subnet and security group. An EC2 instance has been attached to the subnet with a public IP. The internet gateway is also there, but the user is still unable to access the EC2 instance. What is the reason?

The internet gateway is not configured with the route table

The internet gateway is not configured with the security group

The outbound traffic on the security group is disabled

The private IP is not present

Question 30 of 50

31. A Windows based EC2 instance was created recently, and it has some issues, so we need to check the logs. When we check the instance console output from the AWS console, what will it display?

The Windows instance does not support the console output

The last three system events’ log errors

The last 10 system event log errors

All the event logs since instance boot

Question 31 of 50

32. There is one application that should be scaled up at 6 am and scale down by 7 pm using Auto Scaling. How can the user implement this?

The user should set up the scaling policy to scale up and down based on the CloudWatch alarms

The user should set up a batch process that launches the EC2 instance at a specific time

The user should increase the desired capacity at 8 AM and decrease it by 7 PM manually

The user should set up scheduled actions to scale up or down at a specific time

Question 32 of 50

33. Identify the options that are not advantages of Multi AZ feature of RDS.

Region outage

A manual failover of the DB instance using Reboot with failover option

Availability zone outage

When the user changes the DB instance’s server type

Question 33 of 50

34. We have an ELB with Auto Scaling. Which of the below options from ELB helps the user to stop sending new requests traffic from the load balancer to the EC2 instance when the instance is being deregistered while continuing in-flight requests?

ELB sticky session

ELB connection draining

ELB deregistration check

ELB auto registration Off

Question 34 of 50

35. For Auto Scaling, the minimum capacity is 2, and the desired capacity is 2. However, the user terminated the existing instance with the below command:

as-terminate-instance-in-auto-scaling-group –decrement-desired-capacity

What is the possible outcome?

An error is thrown

The instance is terminated, and the desired capacity is updated to 1

The instance is terminated, and the desired capacity and minimum size are updated to 1

The instance is terminated, and a new instance is not launched

Question 35 of 50

36. We have enabled termination protection on an EC2 instance and selected the option instance initiated shutdown behavior to terminate. What will happen to the instance If we shut it down?

It will not allow the user to shutdown the instance from the OS

It will terminate the instance

The OS will shut down, but the instance will not be terminated due to protection

It is not possible to set the termination protection when an instance initiated shutdown is set to Terminate

Question 36 of 50

37. An EC2 instance launched from an instance store backed AMI. If we restart the instance, what will happen to the internal data?

It is not possible to restart an instance launched from an instance store backed AMI

All data will be erased, and the ephermal storage is released

All the data will be erased, but the ephermal storage will stay connected

The data is preserved

Question 37 of 50

38. Starry shared an EC2 AMI created in eu-west-1 region from her account to Stephen. After that, Starry copied the same AMI to eu-central-1 region. Can Stephen access the AMI in eu-central-1 region?

Yes, since a copy AMI copies all private account sharing permissions

Yes, since a copy AMI copies all the permissions attached to the AMI

It is not possible to share the AMI with a specific account

No, a copy AMI does not copy the permission

Question 38 of 50

39. We have configured ELB with SSL using a security policy for secure negotiation between the client and load balancer. Which of the following security policies is supported by ELB?

Predefined Security Policy

Dynamic Security Policy

All the other options

Default Security Policy

Question 39 of 50

40. Harry has three EC2 instances inside the US-East-1a zone. Another user, Jason, launched an EC2 instance in US-East-1a zone. How can the Availability zone be best described here?

George’s and Ray’s US-East-1a region can have different availability zones

All George’s and Ray’s instances can communicate over a private IP with a minimal cost

George’s and Ray’s instances will be running in the same data center

All George’s and Ray’s instances can communicate over a private IP without any cost

Question 40 of 50

41. There is an EBS backed EC2 instance in the eu-west-1 region. A team member stopped that instance and started it again after 60 days. However, AWS throws the below error:

‘InsufficientInstanceCapacity’

What is the issue?

AWS zone mapping is changed for that user account

The user account has reached the maximum EC2 instance limit

There is some issue with the host capacity on which the instance is launched

AWS does not have sufficient capacity in that availability zone

Question 41 of 50

42. For an application, Auto Scaling has been implemented. The application owner wants to understand the Auto Scaling health check process. If the instance is unhealthy, Auto Scaling launches an instance and terminates the unhealthy instance. What is the correct order of execution?

Auto Scaling launches a new instance first and then terminates the unhealthy instance

Auto Scaling performs the launch and terminate processes in a random order

Auto Scaling launches and terminates the instances simultaneously

Auto Scaling terminates the instance first and then launches a new instance

Question 42 of 50

43. There are two subnets in VPC: One is public and the other is private. We have to install some applications for the instances in the private subnet. How can we connect instances in the private subnet to the internet?

Allow outbound traffic in the security group for port 80 to allow internet updates

Use NAT with an elastic IP

Use the internet gateway with a private IP

The private subnet can never connect to the internet

Question 43 of 50

44. is the Amazon Web Service that provides scalable storage in the cloud.

Cloud Storage Service
Amazon Simple Storage
Simple Storage Service
Super Storage Service

Question 44 of 50

45. We have an ELB with an HTTPS listener, but there is not any security policy that can help to negotiate SSL between the client and ELB. In this situation what will ELB do?

By default, ELB will select the first version of the security policy

By defaul,t ELB will select the latest version of the policy

It is not required to have a security policy since SSL is already installed

ELB creation will fail without a security policy

Question 45 of 50

46. provides a relational database in the cloud that is easy to set up, operate, and scale.

Relational Database Service
MySQL Cloud
Relational Database Cloud
DynamoDB

Question 46 of 50

47. There are three instances configured with ELB. By using which AWS service can we achieve High Availability as well as redundancy with ELB?

Auto Scaling

Route 53

AWS EMR

AWS Mechanical Turk

Question 47 of 50

48. There are two EBS backed EC2 instances launched in the US-East-1a region. How can we change the zone of one EC2 instance?

The zone can only be modified using the AWS CLI

From the AWS EC2 console, select the Actions – > Change zones and specify new zone

Stop one of the instances and change the availability zone

Create an AMI of the running instance and launch the instance in a separate AZ

Question 48 of 50

49. There is an Auto Scaling with ELB. However, because of some manual error, one of the instances was rebooted and Auto Scaling health check failed. In this situation, Auto Scaling tries to start new a instance and terminate the old instance. How can we stop the termination of the instance?

It is not possible to change the status once it is marked for replacement

Manually add that instance to the Auto Scaling group after reboot to avoid replacement

Update the Auto Scaling group to ignore the instance reboot event

Change the health of the instance to healthy using the Auto Scaling commands

Question 49 of 50

50. We have an EC2 instance launched in a public subnet with VPC. Now, we need to delete the subnet. What will be the outcome of this action?

It will delete the subnet and make the EC2 instance a part of the default subnet.

It will delete the subnet as well as terminate the instances.

It will not allow the user to delete the subnet until the instances are terminated.

The subnet can never be deleted independently; the user has to delete the VPC first.

Question 50 of 50

Amazon AWS – SA Exam

About Us

Most Popular

Members

Newsletter

Secure Site

About Us

Most Popular

Members

Newsletter

Free IT Webinar Training

Secure Site