AWS
CloudFront - ANSWERCDN to distribute content around the world
Which AWS service would be the best choice for long term data archival? -
ANSWERGlacier
What service connects an on-premise software appliance (or virtual machine) with cloud
based storage? - ANSWERStorage Gateway
What is an AWS region? - ANSWER- A geographical area that consists of different
availability zones
- Each region consists of 2 (or more) Availability Zones
An AWS VPC is a component of which AWS service? - ANSWERNetworking Service
What AWS service is a petabyte scale data transfer solution? - ANSWERSnowball
What service is Amazon's No-SQL database service? - ANSWERDynamoDB
Which AWS service should you consider if your company is interested in implementing
a VDI (virtual desktop infrastructure) solution to replace their local desktop
environment? - ANSWERWorkSpaces
Where would be a durable place to store flat files on the AWS platform? - ANSWERS3
(Simple Storage Service)
You need to monitor the performance of your EC2 virtual servers (including metrics
such as CPU Utilization, Disk IO etc.). What service would best suit this requirement? -
ANSWERCloudWatch
You are a digital media agency and you need to convert your media files in to different
formats to suit different devices. Which AWS service should you consider using to meet
these needs? - ANSWERElastic Transcoder
Which AWS compute service is specifically designed to assist you in processing large
data sets? - ANSWERElastic Map Reduce
What AWS service would you use primarily for data warehousing? - ANSWERRedshift
Which AWS service allows you to run code without having to worry about provisioning
any underlying resources (such as virtual machines, databases etc.)? -
ANSWERLambda
,You need to enable a way so that your system administrators can receive notifications
for events that happen on your AWS environment (such as alarms etc.), what service
should you use? - ANSWERSNS (Simple Notification Service)
You need a service to aggregate your data from multiple data sources (such as S3,
DynamoDB, RDS etc.) and then provide some business intelligence based on this data.
What AWS service would best fit? - ANSWERQuick Sight
What service would you use to migrate databases from Oracle to MySQL? -
ANSWERDMS (Database Migration Service)
What AWS service is effectively a NAS in the cloud, allowing you to connect it to
multiple EC2 instances at once? - ANSWEREFS (Elastic File System)
Which AWS service if specifically designed for developers to upload their code to and
then it will automatically handle the provisioning of those resources that are required to
host that code? - ANSWERElastic Beanstalk
You need to supply auditors with logs as to who provisions which resources on your
AWS platform. Which service would best suit this? - ANSWERCloudTrail
What AWS service is used for collating large amounts of data streamed from multiple
sources? - ANSWERKinesis
What is a VPC? - ANSWERA virtual network in the cloud, similar to something that
would be run in an on-premises datacenter
What is Amazon's highly scalable DNS service? - ANSWERRoute 53
What AWS service consists of the following database services: SQL, MySQL, MariaDB,
PostgreSQL, Aurora, Oracle? - ANSWERRDS (Relational Database Service)
You need a configuration management service to allow your system administrators to
configure and operate your web applications using Chef. Which AWS service would
best suit your needs? - ANSWEROpsworks
You need to implement an automated service that will scan your AWS environment and
tell you ways that you can improve your security as well as how to save costs. Which
service should you use? - ANSWERTrusted Advisor
You need to create new users to access AWS console and to set password rotation
policies for these new users. Which AWS service would best fit your requirements? -
ANSWERIAM (Identity Access Management)
,What is the difference between Elastic Beanstalk and CloudFormation? - ANSWER-
Elastic Beanstalk automatically handles the deployment, from capacity provisioning,
load balancing, auto-scaling to application health monitoring based on the code you
upload to it
- CloudFormation is an automated provisioning engine designed to deploy entire cloud
environments via a JSON script
What is an Availability Zone? - ANSWER- A distinct location in an AWS region
- Engineered to be isolated from failures
What is an additional way to secure IAM for both the root login and new users alike? -
ANSWERImplement MFA for all accounts
What does Power User Access allow? - ANSWERAccess to all AWS services except for
management of groups and users within IAM
In what language are policy documents written in? - ANSWERJSON
What are some features of IAM? - ANSWER- Centralized control of your AWS account
- Integrates with existing active directory account allowing single sign on
- Fine-grained access to control to AWS resources
You have a client who is considering moving to AWS services and do not yet have an
account. What is the first thing the company should do to set up an AWS account? -
ANSWERSet up an account using their company email address
You are a developer at a fast growing start up. Traditionally you have been using the
root account to log in to the AWS console but as you have taken on more staff, to
prevent dangerous mistakes you will now need to stop sharing the root account. What
should you do so that everyone can access the AWS resources? - ANSWER- Create
individual user accounts with minimum necessary rights and tell the staff to log in to the
console using the credentials provided
- Create a customized sign in link such as
yourcompany.signin.aws.amazon.com/console for your new users to use to sign in with
What is IAM? - ANSWERIAM allows you to manage users, groups and roles and their
corresponding level of access to the AWS platform
A new user has started at your work and it is your job to give them administrator access
to the AWS console. You have set them up with a user name, access key ID, secret
access key and you have generated a password for them. They are able to log in to the
, AWS console, but they cannot do anything. What should you do next? - ANSWERAdd
them to the Administrators group, where your other administrator users belonge
When you create a new user, that user:
a) Will be able to log in to the console anywhere in the world, using their access key ID
and secret access key.
b) Will be able to interact with AWS using their access key ID and secret access key,
using the API, CLI or AWS SDK's.
c) Will only be able to log in to the console in the region in which that user was created.
d) Will be able to log in to the console only after MFA is enabled on their account. -
ANSWERb) Will be able to interact with AWS using their access key ID and secret
access key, using the API, CLI or AWS SDK's.
Which of the following is NOT a component of IAM?
a) Roles
b) Users
c) Groups
d) Organizational Units - ANSWERd) Organizational Units
You have created a new AWS account for your company and you have also configured
multi-factor authentication on the root account. You are about to create your new users.
What strategy should you consider in order to ensure that there is good security on this
account.
a) Enact a strong password policy, so that your users have to change their passwords
every 45 days and must use a combination of capital and lower case letters, numbers
and special symbols for all passwords.
b) Require users to only be able to log in using biometric authentication.
c) Restrict login to the corporate network only.
d) Give all users the same password so that if they forget their passwords they can just
ask their co-workers. - ANSWERa) Enact a strong password policy, so that your users
have to change their passwords every 45 days and must use a combination of capital
and lower case letters, numbers and special symbols for all passwords.
What level of access does the "root" account have?
a) Read Only access
b) Power User access
c) Administrator Access
d) No Access - ANSWERc) Administrator Access
You are a security administrator working for a hotel chain. You have a new member of
staff who has started as a systems administrator and they will need full access to the
AWS console. You have created the user account and generated the access key id and
CloudFront - ANSWERCDN to distribute content around the world
Which AWS service would be the best choice for long term data archival? -
ANSWERGlacier
What service connects an on-premise software appliance (or virtual machine) with cloud
based storage? - ANSWERStorage Gateway
What is an AWS region? - ANSWER- A geographical area that consists of different
availability zones
- Each region consists of 2 (or more) Availability Zones
An AWS VPC is a component of which AWS service? - ANSWERNetworking Service
What AWS service is a petabyte scale data transfer solution? - ANSWERSnowball
What service is Amazon's No-SQL database service? - ANSWERDynamoDB
Which AWS service should you consider if your company is interested in implementing
a VDI (virtual desktop infrastructure) solution to replace their local desktop
environment? - ANSWERWorkSpaces
Where would be a durable place to store flat files on the AWS platform? - ANSWERS3
(Simple Storage Service)
You need to monitor the performance of your EC2 virtual servers (including metrics
such as CPU Utilization, Disk IO etc.). What service would best suit this requirement? -
ANSWERCloudWatch
You are a digital media agency and you need to convert your media files in to different
formats to suit different devices. Which AWS service should you consider using to meet
these needs? - ANSWERElastic Transcoder
Which AWS compute service is specifically designed to assist you in processing large
data sets? - ANSWERElastic Map Reduce
What AWS service would you use primarily for data warehousing? - ANSWERRedshift
Which AWS service allows you to run code without having to worry about provisioning
any underlying resources (such as virtual machines, databases etc.)? -
ANSWERLambda
,You need to enable a way so that your system administrators can receive notifications
for events that happen on your AWS environment (such as alarms etc.), what service
should you use? - ANSWERSNS (Simple Notification Service)
You need a service to aggregate your data from multiple data sources (such as S3,
DynamoDB, RDS etc.) and then provide some business intelligence based on this data.
What AWS service would best fit? - ANSWERQuick Sight
What service would you use to migrate databases from Oracle to MySQL? -
ANSWERDMS (Database Migration Service)
What AWS service is effectively a NAS in the cloud, allowing you to connect it to
multiple EC2 instances at once? - ANSWEREFS (Elastic File System)
Which AWS service if specifically designed for developers to upload their code to and
then it will automatically handle the provisioning of those resources that are required to
host that code? - ANSWERElastic Beanstalk
You need to supply auditors with logs as to who provisions which resources on your
AWS platform. Which service would best suit this? - ANSWERCloudTrail
What AWS service is used for collating large amounts of data streamed from multiple
sources? - ANSWERKinesis
What is a VPC? - ANSWERA virtual network in the cloud, similar to something that
would be run in an on-premises datacenter
What is Amazon's highly scalable DNS service? - ANSWERRoute 53
What AWS service consists of the following database services: SQL, MySQL, MariaDB,
PostgreSQL, Aurora, Oracle? - ANSWERRDS (Relational Database Service)
You need a configuration management service to allow your system administrators to
configure and operate your web applications using Chef. Which AWS service would
best suit your needs? - ANSWEROpsworks
You need to implement an automated service that will scan your AWS environment and
tell you ways that you can improve your security as well as how to save costs. Which
service should you use? - ANSWERTrusted Advisor
You need to create new users to access AWS console and to set password rotation
policies for these new users. Which AWS service would best fit your requirements? -
ANSWERIAM (Identity Access Management)
,What is the difference between Elastic Beanstalk and CloudFormation? - ANSWER-
Elastic Beanstalk automatically handles the deployment, from capacity provisioning,
load balancing, auto-scaling to application health monitoring based on the code you
upload to it
- CloudFormation is an automated provisioning engine designed to deploy entire cloud
environments via a JSON script
What is an Availability Zone? - ANSWER- A distinct location in an AWS region
- Engineered to be isolated from failures
What is an additional way to secure IAM for both the root login and new users alike? -
ANSWERImplement MFA for all accounts
What does Power User Access allow? - ANSWERAccess to all AWS services except for
management of groups and users within IAM
In what language are policy documents written in? - ANSWERJSON
What are some features of IAM? - ANSWER- Centralized control of your AWS account
- Integrates with existing active directory account allowing single sign on
- Fine-grained access to control to AWS resources
You have a client who is considering moving to AWS services and do not yet have an
account. What is the first thing the company should do to set up an AWS account? -
ANSWERSet up an account using their company email address
You are a developer at a fast growing start up. Traditionally you have been using the
root account to log in to the AWS console but as you have taken on more staff, to
prevent dangerous mistakes you will now need to stop sharing the root account. What
should you do so that everyone can access the AWS resources? - ANSWER- Create
individual user accounts with minimum necessary rights and tell the staff to log in to the
console using the credentials provided
- Create a customized sign in link such as
yourcompany.signin.aws.amazon.com/console for your new users to use to sign in with
What is IAM? - ANSWERIAM allows you to manage users, groups and roles and their
corresponding level of access to the AWS platform
A new user has started at your work and it is your job to give them administrator access
to the AWS console. You have set them up with a user name, access key ID, secret
access key and you have generated a password for them. They are able to log in to the
, AWS console, but they cannot do anything. What should you do next? - ANSWERAdd
them to the Administrators group, where your other administrator users belonge
When you create a new user, that user:
a) Will be able to log in to the console anywhere in the world, using their access key ID
and secret access key.
b) Will be able to interact with AWS using their access key ID and secret access key,
using the API, CLI or AWS SDK's.
c) Will only be able to log in to the console in the region in which that user was created.
d) Will be able to log in to the console only after MFA is enabled on their account. -
ANSWERb) Will be able to interact with AWS using their access key ID and secret
access key, using the API, CLI or AWS SDK's.
Which of the following is NOT a component of IAM?
a) Roles
b) Users
c) Groups
d) Organizational Units - ANSWERd) Organizational Units
You have created a new AWS account for your company and you have also configured
multi-factor authentication on the root account. You are about to create your new users.
What strategy should you consider in order to ensure that there is good security on this
account.
a) Enact a strong password policy, so that your users have to change their passwords
every 45 days and must use a combination of capital and lower case letters, numbers
and special symbols for all passwords.
b) Require users to only be able to log in using biometric authentication.
c) Restrict login to the corporate network only.
d) Give all users the same password so that if they forget their passwords they can just
ask their co-workers. - ANSWERa) Enact a strong password policy, so that your users
have to change their passwords every 45 days and must use a combination of capital
and lower case letters, numbers and special symbols for all passwords.
What level of access does the "root" account have?
a) Read Only access
b) Power User access
c) Administrator Access
d) No Access - ANSWERc) Administrator Access
You are a security administrator working for a hotel chain. You have a new member of
staff who has started as a systems administrator and they will need full access to the
AWS console. You have created the user account and generated the access key id and
