Your customers are concerned about S3 storage limitations on some key buckets they are creating. Why should they not be concerned about this?

Your customers are concerned about S3 storage limitations on some key buckets they are creating. Why should they not be concerned about this?

• There is no limit to the amount of storage for S3.
• They can always create additional buckets.
• There is a bucket maximum size, but there is no limit on the number of buckets.
• AWS can offload additional storage to Dropbox if Dropbox is hosted on AWS.

Explanation

Remember, there is a limit on the number of buckets you can create, and there is a limit to the size of an object, but when taken as a whole - there is no limit to the amount of data you can store in S3.

An Amazon S3 bucket is owned by the AWS account that created it. Bucket ownership is not transferable to another account.

When you create a bucket, you choose its name and the AWS Region to create it in. After you create a bucket, you can't change its name or Region.

When naming a bucket, choose a name that is relevant to you or your business. Avoid using names associated with others. For example, you should avoid using AWS or Amazon in your bucket name.

By default, you can create up to 100 buckets in each of your AWS accounts. If you need additional buckets, you can increase your account bucket limit to a maximum of 1,000 buckets by submitting a service limit increase. There is no difference in performance whether you use many buckets or just a few.

Source

https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html

Read More

Which of the following AWS products cannot be used by CloudWatch to trigger alarms?

Which of the following AWS products cannot be used by CloudWatch to trigger alarms?

• Auto Scaling
• CloudSearch
• EC2
• Elastic Load Balancing

Explanation

CloudWatch uses information from Auto Scaling, Elastic Load Balancing, and EC2 instances to trigger alarms, but it does not use CloudSearch.

Amazon CloudWatch monitors your Amazon Web Services (AWS) resources and the applications you run on AWS in real time. You can use CloudWatch to collect and track metrics, which are variables you can measure for your resources and applications.

The CloudWatch home page automatically displays metrics about every AWS service you use. You can additionally create custom dashboards to display metrics about your custom applications, and display custom collections of metrics that you choose.

You can create alarms that watch metrics and send notifications or automatically make changes to the resources you are monitoring when a threshold is breached. For example, you can monitor the CPU usage and disk reads and writes of your Amazon EC2 instances and then use that data to determine whether you should launch additional instances to handle increased load. You can also use this data to stop under-used instances to save money.

With CloudWatch, you gain system-wide visibility into resource utilization, application performance, and operational health.

Source

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html

Read More

What does AWS use when you copy an instance store–backed AMI to a different region?

What does AWS use when you copy an instance store–backed AMI to a different region?

• EFS
• EBS
• S3
• Glacier

Explanation

When you copy an instance store–backed Amazon Machine Image (AMI) to a region, you create an Amazon S3 bucket for the AMIs copied to that region. All instance store–backed AMIs that you copy to that region are stored in this bucket. The bucket names have the format amis-for-account-in-region-hash (for example, amis-for-123456789012-in-us-east-2-yhjmxvp6).

You can copy an Amazon Machine Image (AMI) within or across AWS Regions. You can copy both Amazon EBS-backed AMIs and instance-store-backed AMIs. You can copy AMIs with encrypted snapshots and also change encryption status during the copy process. You can copy AMIs that are shared with you.

Copying a source AMI results in an identical but distinct target AMI with its own unique identifier. You can change or deregister the source AMI with no effect on the target AMI. The reverse is also true.

With an Amazon EBS-backed AMI, each of its backing snapshots is copied to an identical but distinct target snapshot. If you copy an AMI to a new Region, the snapshots are complete (non-incremental) copies. If you encrypt unencrypted backing snapshots or encrypt them to a new KMS key, the snapshots are complete (non-incremental) copies. Subsequent copy operations of an AMI result in incremental copies of the backing snapshots.

Source

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html

Read More

Which of the following methods is a valid way to encrypt an existing EBS volume?

Which of the following methods is a valid way to encrypt an existing EBS volume?

• Mark the volume as encrypted in the management console
• Export the volume with the encryption flag set
• Create a snapshot of the unencrypted volume, copy the snapshot and encrypt it, and restore the snapshot to a new EBS volume
• None of the above; EBS volumes do not support encryption

Explanation

There is no direct way to encrypt an unencrypted EBS volume. You can use the encryption property of a snapshot, however, in order to encrypt the volume in an indirect way.

Use Amazon EBS encryption as a straight-forward encryption solution for your EBS resources associated with your EC2 instances. With Amazon EBS encryption, you aren't required to build, maintain, and secure your own key management infrastructure. Amazon EBS encryption uses AWS KMS keys when creating encrypted volumes and snapshots.

Encryption operations occur on the servers that host EC2 instances, ensuring the security of both data-at-rest and data-in-transit between an instance and its attached EBS storage.

Source

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html

Read More

What type of queue is available in all regions with SQS?

What type of queue is available in all regions with SQS?

• First-in, first-out delivery
• High throughput
• Limited throughput
• Exactly-once processing

Explanation

The high throughput queue is available in all regions.

Amazon SQS stores all message queues and messages within a single, highly-available AWS region with multiple redundant Availability Zones (AZs), so that no single computer, network, or AZ failure can make messages inaccessible.

Source

https://aws.amazon.com/sqs/features/

Read More

Your IT group maintains an application on AWS to provide development and testing platforms for your developers. Currently each environment consists of an m1.small EC2 instance. Your developers report to your group performance degradation as they increase network load in the test environment. How would you mitigate these performance issues in the test environment?

Your IT group maintains an application on AWS to provide development and testing platforms for your developers. Currently each environment consists of an m1.small EC2 instance. Your developers report to your group performance degradation as they increase network load in the test environment. How would you mitigate these performance issues in the test environment?

• Upgrade the m1.small to a larger instance type.
• Add an additional ENI to the test instance.
• Use the EBS optimized option to offload EBS traffic.
• Configure Amazon CloudWatch to provision more network bandwidth when network utilization exceeds 80 percent.

Explanation

Note that the EBS optimized option is not available for this EC2 instance.

An Amazon EBS-optimized instance uses an optimized configuration stack and provides additional, dedicated capacity for Amazon EBS I/O. This optimization provides the best performance for your EBS volumes by minimizing contention between Amazon EBS I/O and other traffic from your instance

Source

https://docs.aws.amazon.com/prescriptive-guidance/latest/sql-server-ec2-best-practices/ebs-optimize.html

Read More

You have a customer expecting massive IOPS needs (15,000 IOPS) in a critical business application. What type of storage should you consider?

 You have a customer expecting massive IOPS needs (15,000 IOPS) in a critical business application. What type of storage should you consider?

• SSD
• Provisioned IOPS
• Turbo IOPS
• Optimized networking

Explanation

Provisioned IOPS can support up to 20,000 IOPS.

Provisioned IOPS volumes, backed by solid-state drives (SSDs), are the highest performance Elastic Block Store (EBS) storage volumes designed for your critical, IOPS-intensive and throughput-intensive workloads that require low latency.

Source 

https://aws.amazon.com/ebs/provisioned-iops/#:~:text=Provisioned%20IOPS%20volumes%2C%20backed%20by,workloads%20that%20require%20low%20latency

Read More

Your company maintains part of its services in a local data center and part in the AWS cloud. Which of the following cloud types best describes your company’s cloud implementation?

Your company maintains part of its services in a local data center and part in the AWS cloud. Which of the following cloud types best describes your company’s cloud implementation?

• Private
• Hybrid
• Public
• Community 

Explanation

A hybrid cloud is a cloud computing environment that uses a mix of on-premises, private cloud and third-party, public cloud services, with orchestration between the two platforms.

AWS Storage Gateway is a set of hybrid cloud storage services that provide on-premises applications with access to virtually unlimited cloud storage.

Read More

Your engineer is concerned about high CPU utilization on several of your EC2 instances. What service should you use to monitor this?

Your engineer is concerned about high CPU utilization on several of your EC2 instances. What service should you use to monitor this?

• Service Catalog
• CloudWatch
• Trusted Advisor
• Config

Explanation

CloudWatch is the primary monitoring tool in AWS.

Amazon CloudWatch monitors your Amazon Web Services (AWS) resources and the applications you run on AWS in real time. You can use CloudWatch to collect and track metrics, which are variables you can measure for your resources and applications.

CloudWatch enables you to monitor your complete stack (applications, infrastructure, network, and services) and use alarms, logs, and events data to take automated actions and reduce mean time to resolution (MTTR). This frees up important resources and allows you to focus on building applications and business value.

Read More

____ is the type of billing used in for AWS?

 ____ is the type of billing used in for AWS?

• Pay-as-you-terminate
• Pay-for-reservations
• Pay-as-you-go
• Pay-as-you-estimate

Explanation

AWS uses a pay-as-you-go pricing model.

AWS offers you a pay-as-you-go approach for pricing for the vast majority of our cloud services. With AWS you pay only for the individual services you need, for as long as you use them, and without requiring long-term contracts or complex licensing.

There are three fundamental drivers of cost with AWS: compute, storage, and outbound data transfer.

Read More

Which would not be considered a major benefit of IaaS?

Which would not be considered a major benefit of IaaS?

• Eliminating security concerns
• Reducing CapEx
• Increasing speed and agility
• Leveraging AWS expertise

Explanation

Even when you engage in Infrastructure as a Service (IaaS)with AWS, you are still responsible for aspects of securing the infrastructure.

Read More

What is the default duration of time that CloudFront will keep files at Edge Locations?

What is the default duration of time that CloudFront will keep files at Edge Locations?

• 6 hours
• 12 hours
• 24 hours
• 48 hours

Explanation

By default, if no cache control header is set, each Edge Location checks for an updated version of your file whenever it receives a request more than 24 hours after the previous time it checked the origin for changes to that file. This is called the “expiration period.” You can set this expiration period to be as short as 0 seconds or as long as you’d like by setting the cache control headers on your files in your origin. Amazon CloudFront uses these cache control headers to determine how frequently it needs to check the origin for an updated version of the file. For an expiration period set to 0 seconds, Amazon CloudFront will revalidate every request with the origin server. If your files don’t change very often, it is best practice to set a long expiration period and implement a versioning system to manage updates to your files.

Read More