The Elastic IP is deleted along with the Amazon EC2 instance.
D. You cannot delete an Amazon EC2 instance with an Elastic IP associated with it. You must remove or delete the Elastic IP first.
18. You are using Amazon CloudFront to serve static content to your users. What would be the best way to control access to the content?
A. Create an Amazon Simple Service (Amazon S3) bucket policy using AWS Identity and Management (IAM) as the mechanism to control access.
B. Have your application create and distribute either signed URLs or signed cookies.
C. Use the LIST Distribution API within Amazon CloudFront.
D. Use Origin Access Identity (OAI) to secure access to content in Amazon CloudFront.
19. You are looking to encrypt your Amazon DynamoDB table. How would you do this?
A. In the Amazon DynamoDB console, turn on server-side encryption.
B. Via the AWS CLI, turn on server-side encryption.
C. Use client-side encryption, as Amazon DynamoDB does not support server-side encryption.
D. Enable Transparent Data Encryption (TDE).
20. You are part of a team which is rebuilding your company’s monolithic web application. The team plans on using a tiered architecture. One of the primary goals is to be able to use Auto Scaling to add and remove Amazon Elastic Compute Cloud (Amazon EC2) instances on demand. To this end, you need to get user state data off of individual instances. Which of the following AWS cloud services will provide you with a shared data store that is highly durable and has low latency?
A. Amazon DynamoDB
B. Amazon EC2 Instance Storage
C. Amazon Relational Database Service (Amazon RDS)
D. Amazon Simple Storage Service (Amazon S3)
21. Your company maintains an application that has a home-grown messaging cluster. You want to avoid maintaining this legacy cluster, and you need to migrate to an AWS service that provides this functionality. What service do you set up?
A. AWS X-Ray
B. Amazon CloudFront
C. Amazon Elasticsearch
D. Amazon Simple Queue Service (Amazon SQS)
22. You need to create an Amazon Virtual Private Cloud (Amazon VPC) that will allow you to use AWS Direct Connect. Which of the following combinations will allow you to use AWS Direct Connect but also prevent connectivity to the Internet?
A. You are not able to do so. If you have an AWS Direct Connect connection, by default, you have a connection to the Internet.
B. Create a VPC with both an Internet Gateway (IGW) and a VPN Gateway.
C. Create a VPC with an AWS Direct Connect Gateway.
D. Create a VPC with a VPN Gateway.
23. You have 10 Amazon Elastic Compute Cloud (Amazon EC2) instances behind a classic load balancer. What do you need to do to ensure that traffic is routed only to healthy instances?
A. Terminate the unhealthy instances.
B. Enable cross-zone load balancing on your load balancer.
C. Turn on health checks, and the load balancer will send traffic to the healthy instances.
D. Nothing. The load balancer will terminate the unhealthy instances.
24. You have noticed that your Auto Scaling group has scaled up to its maximum size. How can you be notified when your Auto Scaling group scales out and scales in?
A. Have your Auto Scaling group send messages to Amazon Simple Queue Service (Amazon SQS). Periodically check the queue for your Auto Scaling messages.
B. Configure an Amazon Simple Notification Service (Amazon SNS) topic with an SMS subscription to your phone number.
C. Configure an Amazon Simple Notification Service (Amazon SNS) topic with an AWS Lambda function that sends an email.
D. Periodically query the Auto Scaling group to check the desired capacity.
25. You are given a project to implement a High Performance Computing (HPC) workload for your R&D department. The workload takes tasks one-by-one, and it is tolerant of a node in the cluster failing. Each task runs for approximately one hour. Which of the following AWS cloud services is best suited for your workload from a cost-effectiveness standpoint?
A. Amazon Elastic Compute Cloud (Amazon EC2) Spot
B. Amazon EC2 on-demand instances
C. Amazon Elastic Compute Cloud (Amazon EC2) reserved instances
D. AWS Lambda
Answers to the Assessment Test
1. C. Instance Status monitors the software and hardware of your individual instance. The other items listed are issues that affect the underlying AWS hardware.
2. B. The route table in the Public Subnet has a route pointing to the IGW. IGWs are associated with VPCs, not with subnets. Elastic Load Balancers can be in both the Public Subnet and the Private Subnet.
3. A. By default, the load balancer distributes traffic evenly across the Availability Zones that you enable for your load balancer. To distribute traffic evenly across all registered instances in all enabled Availability Zones, enable cross-zone load balancing on your load balancer. However, it is still recommended that you maintain approximately equivalent numbers of instances in each Availability Zone for better fault tolerance.
4. C. If you don’t specify a preferred maintenance window when you create the DB instance or DB cluster, then Amazon RDS assigns a 30-minute maintenance window on a randomly selected day of the week.
5. A. You are responsible for security in the cloud, which includes configuring and applying Security Groups to resources running within the customer’s account.
6. C. Amazon Simple Storage Service (Amazon S3) provides a low-cost method of storing objects in a highly available and durable manner.
7. D. You can choose up to a maximum of 16 TB per Amazon EBS volume, so you must create a RAID array of multiple volumes to achieve the IOPS being sought.
8. A. User data is run at boot time and can be used to install software. The other answers listed are examples of metadata, which is associated with the Amazon EC2 instance and can be accessed via the Amazon EC2 metadata service.
9. C. Subnets of a VPC have to be in the same address space as the VPC itself.
10. C. You can use scaling policies to increase or decrease the number of running Amazon EC2 instances in your group automatically to meet changing conditions. When the scaling policy is in effect, the Auto Scaling group adjusts the desired capacity of the group and launches or terminates the instances as needed. If you manually scale or scale on a schedule, you must adjust the desired capacity of the group
