AWS ASA EXAM QUESTIONS WITH VERIFIED
ANSWERS
,AWS ASA EXAM QUESTIONS WITH VERIFIED ANSWERS
All of these are IAM components except...
a. users
b. organizations
c. roles
d. policies
e. groups -- Correct Answer ✔✔ b. organizations
IAM Users are defined on a per-region basis (T/F) -- Correct Answer ✔✔ False
IAM is a global service (encompasses all regions)
An IAM user can belong to multiple groups (T/F) -- Correct Answer ✔✔ True
You are getting started with AWS and your manager wants things to remain simple yet
secure. He wants the management of engineers to be easy, and not re-invent the wheel
every time someone joins your company. What will you do? -- Correct Answer ✔✔ I'll
create multiple IAM users and groups, assign policies to the groups. New users will be
added to the groups.
You should share your IAM credentials with colleagues if they quickly need access to
help you (T/F) -- Correct Answer ✔✔ False
Never share your IAM credentials. If your colleagues need access to AWS they'll need
their own account
You pay for an EC2 instance compute component.
a. only when its in "running" state
,b. if its "running" or "stopped" state -- Correct Answer ✔✔ a. only when its in "running"
state
You are getting a permission error exception when trying to SSH into your Linux
Instance
a. The security group is misconfigured
b. the key is missing permissions chmod 0400
c. the Linux instance is misconfigured -- Correct Answer ✔✔ b. the key is missing
permissions chmod 0400
You are getting a network timeout when trying to SSH into your EC2 instance
a. your security groups are misconfigured
b. your key is missing permissions
c. the Linux instance is misconfigured -- Correct Answer ✔✔ a. your security groups
are misconfigured
Any timeout errors (not just in SSH but also HTTP for example) means a
misconfiguration of your security groups
When a security group is created, what is the default behavior?
a. Allow all traffic inbound and allow all traffic outbound
b. Allow all traffic inbound and deny all traffic outbound
c. Deny all traffic inbound and allow all traffic outbound
d. Deny all traffic inbound and deny all traffic outbound -- Correct Answer ✔✔ c. Deny
all traffic inbound and allow all traffic outbound
Security groups can reference all of the following except:
a. IP address
b. CIDR block
c. Security Group
d. DNS name -- Correct Answer ✔✔ d. DNS name
, You quickly created an ELB and it turns out your users are complaining about the fact
that sometimes, the servers just don't work. You realize that indeed, your servers do
crash from time to time. How to protect your users from seeing these crashes?
a. Enable Stickiness
b. Enable Health Checks
c. Enable SSL Termination -- Correct Answer ✔✔ b. Enable Health Checks
Health checks ensure your ELB won't send traffic to unhealthy (crashed) instances
ap-northeast-1a is a... -- Correct Answer ✔✔ Availability Zone
(Anything that ends with a letter is an AZ)
Availability Zones are... -- Correct Answer ✔✔ in isolated data centers.
(this helps guarantee that multi AZ won't all fail at once (due to a meteorological
disaster for example).)
You want to provide startup instructions to your EC2 instances, you should be using
a. EC2 Meta Data
b. EC2 User Data
c. EC2 Startup Data -- Correct Answer ✔✔ b. EC2 User Data
EC2 Instance Type where the applicaion needs a lot of RAM [ in-memory caches] --
Correct Answer ✔✔ R
EC2 instance type where the application needs good CPU [compute / data-bases] --
Correct Answer ✔✔ C
EC2 instance type were the application is balanced (think "medium") [general / web app]
-- Correct Answer ✔✔ M
ANSWERS
,AWS ASA EXAM QUESTIONS WITH VERIFIED ANSWERS
All of these are IAM components except...
a. users
b. organizations
c. roles
d. policies
e. groups -- Correct Answer ✔✔ b. organizations
IAM Users are defined on a per-region basis (T/F) -- Correct Answer ✔✔ False
IAM is a global service (encompasses all regions)
An IAM user can belong to multiple groups (T/F) -- Correct Answer ✔✔ True
You are getting started with AWS and your manager wants things to remain simple yet
secure. He wants the management of engineers to be easy, and not re-invent the wheel
every time someone joins your company. What will you do? -- Correct Answer ✔✔ I'll
create multiple IAM users and groups, assign policies to the groups. New users will be
added to the groups.
You should share your IAM credentials with colleagues if they quickly need access to
help you (T/F) -- Correct Answer ✔✔ False
Never share your IAM credentials. If your colleagues need access to AWS they'll need
their own account
You pay for an EC2 instance compute component.
a. only when its in "running" state
,b. if its "running" or "stopped" state -- Correct Answer ✔✔ a. only when its in "running"
state
You are getting a permission error exception when trying to SSH into your Linux
Instance
a. The security group is misconfigured
b. the key is missing permissions chmod 0400
c. the Linux instance is misconfigured -- Correct Answer ✔✔ b. the key is missing
permissions chmod 0400
You are getting a network timeout when trying to SSH into your EC2 instance
a. your security groups are misconfigured
b. your key is missing permissions
c. the Linux instance is misconfigured -- Correct Answer ✔✔ a. your security groups
are misconfigured
Any timeout errors (not just in SSH but also HTTP for example) means a
misconfiguration of your security groups
When a security group is created, what is the default behavior?
a. Allow all traffic inbound and allow all traffic outbound
b. Allow all traffic inbound and deny all traffic outbound
c. Deny all traffic inbound and allow all traffic outbound
d. Deny all traffic inbound and deny all traffic outbound -- Correct Answer ✔✔ c. Deny
all traffic inbound and allow all traffic outbound
Security groups can reference all of the following except:
a. IP address
b. CIDR block
c. Security Group
d. DNS name -- Correct Answer ✔✔ d. DNS name
, You quickly created an ELB and it turns out your users are complaining about the fact
that sometimes, the servers just don't work. You realize that indeed, your servers do
crash from time to time. How to protect your users from seeing these crashes?
a. Enable Stickiness
b. Enable Health Checks
c. Enable SSL Termination -- Correct Answer ✔✔ b. Enable Health Checks
Health checks ensure your ELB won't send traffic to unhealthy (crashed) instances
ap-northeast-1a is a... -- Correct Answer ✔✔ Availability Zone
(Anything that ends with a letter is an AZ)
Availability Zones are... -- Correct Answer ✔✔ in isolated data centers.
(this helps guarantee that multi AZ won't all fail at once (due to a meteorological
disaster for example).)
You want to provide startup instructions to your EC2 instances, you should be using
a. EC2 Meta Data
b. EC2 User Data
c. EC2 Startup Data -- Correct Answer ✔✔ b. EC2 User Data
EC2 Instance Type where the applicaion needs a lot of RAM [ in-memory caches] --
Correct Answer ✔✔ R
EC2 instance type where the application needs good CPU [compute / data-bases] --
Correct Answer ✔✔ C
EC2 instance type were the application is balanced (think "medium") [general / web app]
-- Correct Answer ✔✔ M
