(from linux academy - Operation Exellence Pillar) You are designing a VPC for a small application. It will operate in a private subnet and needs internet access to software updates and other communications with internet IPs. Your security team is happy that there are no restrictions in the application server's internet access. Which AWS products are needed to allow this solution. The priority is using the least amount of services. Assume the EC2 instance and any NACL's, routes, and Security groups are included implicitly.

VPC, Subnets, Route Table(s), Nat Gateway, and Internet Gateway.

VPC, Subnets, Route Tables, VPC Peering, and Virtual Private Gateway

VPC, Subnets, Route Table(s), and NAT Gateway

VPC, Subnets, Route Table(s), and Internet Gateway

(from linux academy - Operation Exellence Pillar) Which of the following AWS storage services are able to be natively mounted as mount points on a Linux system.

Glacier, Instance Store, and EBS

Instance Store, EBS, S3, Glacier, and EFS

(from linux academy - Operation Exellence Pillar) You run a single instance application on an EC2 instance in AWS. Your architecture teams are looking to make changes and convert the application to operate on multiple servers. The app runs on Linux and currently accesses millions of flat file data files in the /data/... folder structure. This database is stored on an EBS volume attached to the EC2 instance. How can this be moved to work on multiple servers, with as little application changes as possible? What product would you suggest?

Use EBS to mount the existing volume on all the new instances.

(from linux academy - Operation Exellence Pillar) You business has two EC2 instances, one is located in us-east, the other in us-west. You want to allow both machines to communicate with each other. Instances in either VPC need to be able to communicate with each other as if they are within the same network. What solution would you recommend?

Configure an inter-region VPC peer between the VPCs and allow communications using the private IP addresses of the instances.

Configure a Hardware VPC VPN between the VPC in us-east-1 and the VPC in us-west-1.

Communication between VPCs in different regions is not possible with AWS.

Ensure that each VPC has a IGW attached and each machine has a public IP address. Configure communications between those public IP addresses.

(from linux academy - Operation Exellence Pillar) What steps are required to allow an EC2 instance to access the internet while being as secure as possible? Assume all security rules/ACL's and subnets are in place already. (Choose all that apply)

Create a default route from the EC2 instance's subnet to the NAT Gateway.

Attach an internet gateway to the VPC.

Create a default route from the NAT gateway's subnet to the Internet Gateway.

Provide the instance with a Public or Elastic IP address.

(from linux academy - Reliability pillar) Your businesses risk team has asked you to add additional resiliency to a critical business application. The application uses RDS and the MySQL engine and is based in us-east-1. The risk team would like to protect the application against an AZ failure and region issues, and wants to do it in a way which is as cost effective as possible. What two options could you suggest?

Enable Multi-AZ mode in two AZs to protect against an AZ failure within the us-east-1 region.

Add one or more read replicas in other regions.

Enable Multi-AZ mode in three AZs to protect against an AZ failure within the us-east-1 region

Add one or more read replicas in us-east-1.

Enable Multi-AZ mode, but select the cross region option to allow synchronous replication to another global region.

(from linux academy - Reliability pillar) Which of the following services or service features are natively highly available in a region and can cope with a AZ failure without itself failing. (Choose all that apply)

Software VPN (Open VPN running on EC2)

(from linux academy - Reliability pillar) What happens if you reboot an instance store-backed EC2 instance with a Public IP?

The instance remains in the running state.

The instance store volume is wiped.

The Public IP changes and the instance store volume is wiped.

(from linux academy - Reliability pillar) You have designed a small VPC deployment for a highly-available web application. The VPC is in a Three Availability Zone region, and you have created nine subnets. Three are private (one per AZ), three are public (one per AZ), and three are database subnets (one per AZ). You have provisioned the three web servers in the public subnets, three application servers in the private subnets, and a three-node Aurora cluster. How many load balancers do you need to create, and in what subnets should they be placed, to ensure each tier is highly available?

2 - One placed in the public subnets, the other in the private

9 - One placed in each subnet in each tier

2 - One placed in the private subnet, the other placed in the DB subnet

(from linux academy - Reliability pillar) Why does stopping and starting an instance usually fix a System Status Check error?

Stopping and starting an instance causes the instance to be provisioned on different AWS hardware.

Stopping and starting an instance causes the instance to change the AMI.

Stopping and starting an instance reboots the operating system.

(from linux academy - Reliability pillar) You have been asked to design an upgrade to a legacy environment running in an AWS VPC. The environment is currently using a single NAT instance running on EC2. The region the environment is in has four AZs. The VPC has eight subnets, four private (one in each AZ) and four public (one in each AZ). You have been asked to ensure the solution uses NAT gateways and that if any AZ fails, an instance in the other AZs can ALWAYS access the internet. What is the minimum number of NAT Gateways required?

4 - Each is located in a single , but different public subnet. Each private subnet is set to use the NAT gateway in the same AZ.

1 - It spans all four public subnets. All private subnets use the single NAT gateway.

2 - Each one is located in a single public subnet, but not the same one. Private subnets are set to round robin across them both.

2 - Each spans two different public subnets, with private subnets set to round robin across them both.

(from linux academy - Reliability pillar) You are designing an application with three components: an app server running on EC2, a media store running on S3, and a database running on DynamoDB. You have been asked to make sure your design allows a single AZ to fail without impacting service. Which option is correct?

S3 and DynamoDB are resilient to an AZ failure by design. Provision EC2 using a Launch Configuration and an Auto Scaling group to ensure it can cope with an AZ failure and auto-heal if needed.

No specific changes are required. EC2, S3, and DynamoDB are all region resilient and will operate fine if an AZ fails.

Edit the configuration of the EC2 instance, enable the AZ roaming option, and pick all the availability zones.

Leave EC2 set up using defaults, enable AZ replication on S3, and set up master/slave replication on DynamoDB.

(from linux academy - Reliability pillar) Your company is moving a legacy application from an on-premises data center to the cloud. The legacy application requires a static IP address hard-coded into the backend onto a single instance. What options do you have to maximize the availability of this application? (Choose 2)

Associate an Elastic IP address to an instance running the application, then enable EC2 Auto-recovery.

Associate an Elastic IP with a Network Load Balancer and target multiple instances in the AZ running the application.

Create an AMI of the instance and launch it using Auto Scaling, which will deploy the instance again if it becomes unhealthy.

Associate an Elastic IP with a CloudFront distribution that uses an EC2 instance running your application as the origin for all requests.

Do not migrate the application to the cloud until it can be converted to work with the ELB and Auto Scaling.

(from linux academy - Reliability pillar) Your company is concerned with EBS volume backups on Amazon EC2, and wants to ensure they have proper backups so that the data is durable. What solutions could you implement (choose two)?

Using CloudWatch Events, schedule a rule that calls the EC2 CreateSnapshot API.

Use a lifecycle policy for EBS Snapshots.

Write a cronjob on the server that compresses any data that needs to be backed up using gzip compression. Then use AWS CLI to copy the data into an S3 bucket for durability.

Configure Amazon Storage Gateway with EBS volumes as the data source, and store the backups on premise through the storage gateway.

(from linux academy - Security pillar) Your company has just employed ten student for one week, and it is your task to provide them with access to AWS through IAM. Your supervisor has come to you and said that he wants to be able to track these students as a group, rather than individually. Because of this, he has requested for them to all have the same login ID but completely different passwords. Which of the following is the best way to achieve this?

It isn't possible to have the same login ID for multiple IAM users of the same account.

Use Multi Factor Authentication to verify each user, and they will all be able to use the same login.

Create various groups. and add each user with the same login ID to different groups. The user can login with their own group ID

Create a separate login ID, but give each IAM user the same alias so that each one can login with their alias.

(from linux academy - Security pillar) You have an EC2 instance located in a private subnet. The instance is using an private IP Version 4 address in the 10.0.0.0/24 range and has no public IP or elastic IP attached. NACLs and Security Groups are configured to allow the needed traffic. How can you provide this instance with access to the internet for updates.

Attach an internet gateway to the VPC, provision a NAT gateway, then update routes.

Attach an internet gateway to the VPC and update routes.

Use privatelink to access AWS provided update servers.

Provision a NAT gateway into the VPC.

(from linux academy - Security pillar) You are an EC2 administrator. You create an EC2 instance, and attach an EBS volume. Two weeks later, your supervisor informs you that the data on the EBS volume must be encrypted. What must you do to encrypt the existing EBS volume?

It is not possible to encrypt an existing EBS volume. You can take a snapshot of the unencrypted volume. Once the snapshot is taken, copy the snapshot and enable encryption on the copy so that the target snapshot is encrypted. Once the target snapshot is created, you can attach a new encrypted volume to the EC2 instance, and restore the encrypted snapshot to a new volume.

In the EC2 Dashboard, select the EBS volume, and under Actions select the Encrypt volume option.

You can enable encryption on a volume by changing the volume type to an instance store volume. Instance store volumes are automatically encrypted.

It is not possible to encrypt an existing EBS volume. You must delete the existing volume and all existing data will be lost. You will have to recreate the data on the new encrypted volume.

(from linux academy - Security pillar) Your CRM application running on EC2 needs to store and retrieve contract documents in an S3 bucket. How can your application get these permissions?

Create an IAM role with a suitable permissions policy, and a trust policy specifying the EC2 service.

EC2 instances automatically have access to S3 buckets.

Embed the developer’s access keys into the application code.

Create a bucket policy and grant read and write permissions to the ARN for your application.

(from linux academy - Security pillar) You are about to create an AWS Lambda function, and need to give it the permissions to access Amazon S3. How do you best perform this (pick the best approach)

Create an IAM role, assign a policy to the role, and set the Lambda function to use the role

Create an IAM user, create access keys, and enter them into your function code.

Store the credentials inside an S3 bucket and have the Lambda function retrieve them upon execution

Create an IAM user, set the username and password in the Lambda function authentication options, and then set the method to interactive

(from linux academy - Security pillar) You have been asked to advise a junior colleague how to explicitly deny traffic from an EC2 instance to a specific remote internet FQDN. What advice would you give?

Implement a proxy service in the VPC, adjust route tables, and use the proxy server to deny access to the remote hostname.

Use a security group attached to the VPC and explicitly deny traffic to the FQDN.

Use a security group attached to the instance and explicitly deny traffic to the FQDN.

Use a NACL on the subnet that the EC2 instance is on, and deny traffic from the EC2 instance to the FQDN.

(from linux academy - Security pillar) One of your environments utilizes DynamoDB as a database. You need to ensure that it can only be accessed by a select number of people using specific IP addresses. What design changes do you suggest?

Configure a group of IAM users (for each level of access) for the people who need access. Give those groups access to the DynamoDB operations they need, but add a condition to the policy so that it has to match the specific IP address.

Create a security group, add allow rules for the IPs who need access, and attach the SG to DynamoDB

Create an isolated VPC that is not connected to the internet, provision a private DynamoDB instance in the VPC, and allow those "select people" to connect to the VPC using a VPN.

Using the AWS console or CLI, edit the table(s) requiring the restrictions, set the default security to Deny , and add the IPs they'll be coming in from.

(from linux academy - Security pillar) Multiple directors in your company have opened AWS accounts. The Chief Security Officer has expressed a concern that accounts may be using unapproved AWS services and wants your advice. What would you recommend?

Create a root account as the Master in AWS Organizations, and have each account join your organization. Then apply Service Control Policies to the child accounts.

Create a new Account. Contact AWS Support and have them move all IAM Users into the new Account.

Create a Lambda function to delete the IAM users in each account.

Create a CloudTrail trail to monitor the API calls in each account.

(from linux academy - Security pillar) You are the system administrator for your company's AWS account, and it has approximately 200 IAM users. Your company has just introduced a new policy that will change the access for 50 of the IAM users to have unlimited access to S3 buckets. How can you implement this effectively so that there is no need to apply the policy at the individual user level?

Create an IAM group, add the 50 users, and apply the policy to group

Create a new role and add each user to the IAM role.

Create a policy and apply it to multiple users using a JSON script.

Create an S3 bucket policy with unlimited access which includes each user's AWS account ID.

(from linux academy - Security pillar) You operate a commercial stock images website with millions of images. Watermarked preview images are available via an EC2 instance application. Full resolution versions are stored on an EBS volume. The EBS volume is attached to the EC2 instance and delivered by the application. You have been asked to find a cheaper solution that can scale. Which option is the most suitable.

Move the images to S3 and Use pre-signed URL's

Move the images to S3 and add read permissions for everyone .

Move the images to S3 and enable FTP read support.

Add a storage optimized EBS volume to the EC2 instance.

(from linux academy - Security pillar) Your information security officer has asked for modifications to an application running on an EC2 instance, to ensure that it uses regular key rotation for its interaction with AWS. What is the key point to let her know?

The application is running on an EC2 instance and uses an instance role. Key rotation is automatic and handled by IAM/STS.

The application is running on an EC2 instance, and uses the IAM username and password of a service account to log in to AWS. The account options can be modified to enable key rotation.

The application is running on an EC2 instance and uses the access keys of an IAM user. The account options can be modified to enable key rotation.

The application is running on an EC2 instance, and uses the access keys of an IAM user. Key rotation is automatic with this configuration

(from linux academy - Performance Efficiency pillar) Your autoscaling group launches instances that use provisioned IOPS EBS secondary data volumes. They are in a RAID 0 configuration, and serve 20TB of files. Whenever new instances are added to the group, they perform very slowly compared to the already running instances. What is the most likely problem?

The EBS volumes containing the files are created from snapshots.

The EBS volumes have run out of credits.

The EBS volumes are being encrypted.

The Elastic Network Interface takes several minutes to provide full network throughput capacity

(from linux academy - Performance Efficiency pillar) You've been asked to upgrade an old AWS environment (T series EC2 instances) which is suffering from slow internet throughput. Which option below represents a potential solution?

Replace the NAT instance in the VPC with a NAT Gateway.

Add a virtual private gateway to the VPC.

Change the NAT instance from T2 large to T2 medium.

Enable enhanced networking on the Nat instance.

Add another internet gateway to the VPC, for a total of two, which will provide twice the current internet throughput.

(from linux academy - Performance Efficiency pillar) Which of the following is true regarding S3 Request Rate Performance?

Amazon S3 provides at least 5,500 requests per second to retrieve data

Amazon S3 provides at least 3,500 requests per second to add data

You MUST randomize object prefixes to achieve faster performance

You should avoid sequential naming patterns in S3 object naming to achieve faster performance.

(from linux academy - Performance Efficiency pillar) You have been asked to design some scaling upgrades on a legacy web application which utilises a MySQL RDS instance. The application is suffering from increasing reports of performance issues during peak periods. The application is used for archival information storage, where data is reviewed constantly and very rarely updated. Which option provides the best possibility of performance improvements for the least cost?

Add RDS read replicas, and adjust the application to move a percentage of reads to the read replica.

Upgrade the application server instance and the DB instance, picking a size four to eight times the size, to allow for ongoing growth.

Enable Multi-AZ. This adds a second read/write instance, and has the benefit of adding resiliency for no extra cost.

Add additional read/write nodes to the MySQL cluster, picking disks with read performance preference.

(from linux academy - Performance Efficiency pillar) You are the solutions architect for a busy photo management website. Your business receives about 200 high resolution photo uploads per minute, and you store these in an S3 bucket. The business wants to do some analysis on all uploaded photos, then store the metadata in DynamoDB. They have asked you to suggest the cheapest option that can scale as the business grows.

Create a Lambda function that is capable of processing metadata, so that when a new object is uploaded to S3, the Lambda function will be invoked. The data from processing will then be uploaded into DynamoDB.

Use Data Pipeline to constantly scan S3, and run an EMR cluster to perform the analysis.

Create an EC2 instance running the AWS CLI. Have it constantly poll the S3 Bucket, listing the objects in there, then locating new images and processing them all before terminating.

Create a Lambda function which is capable of processing metadata. Scheduled it to run once a minute, listing the objects in the S3 bucket, locating new images and processing them all before terminating.

(from linux academy - Performance Efficiency pillar) An application that retrieves data from an external web site is running on a single M5 large instance with a private IP. During peak loads, users report very long delays and timeouts. CloudWatch reports the CPU usage never climbs above 60%. What could be causing the issue?

The instance could be sending outbound requests through a NAT instance which may be undersized.

The ENI for the instance could be at maximum capacity. You need multiple ENIs to get the maximum network performance for an instance.

A larger instance is needed, to increase the CPU capacity.

The ELB may need to be resized.

(from linux academy - Performance Efficiency pillar) You've been asked to design a solution for a high volume website, and it needs to be highly available. In your proof of concept environment, you chose to use RDS using the MySQL engine. In your failover testing, you have noticed that when a failover occurs, there is sometimes data loss. It's as though the DB instance which takes over is behind the primary instance. What options do you have to resolve this?

Migrate to Aurora, which uses a higher performing shared storage architecture.

Migrate from MySQL to PostgresSQL, which offers zero-latency replication between master and slave.

Use the privatelink feature to improve the latency between the Master and Slave instances.

Create additional read replicas of the database. This will extend the capacity and allow replication to occur with less lag.

AISS - AWS SA - AWS_Pillars

KG - Professional Development

•

64 Qs

Similar activities

Fun Ride

University

•

65 Qs

Industrial Engineering

University

•

60 Qs

Output devices and their uses

9th - 11th Grade

•

60 Qs

HUT PERTAMINA 64 - FT. Tanjung Gerem

5th Grade

•

64 Qs

APT STAAR Game

6th - 10th Grade

•

69 Qs

papasa sa quiz ng earth science

11th Grade

•

61 Qs

ENTREP FINAL EXAM

University

•

62 Qs

mcyt(and other yt) god au

7th Grade - Professional Development

•

68 Qs

AISS - AWS SA - AWS_Pillars

Quiz

•

Other

•

KG - Professional Development

•

Practice Problem

•

Medium

Ian Banaag

Used 44+ times

FREE Resource

64 questions

Show all answers

MULTIPLE CHOICE QUESTION

5 mins • 1 pt

^{(from linux academy - Operation Exellence Pillar)}
You business operates in a very secure sensitive industry. You are looking at how to secure a small VPC. Your environment consists of a single S3 bucket, and an EC2 instance running in a internet connected VPC. What is the best way to lock down the environment, allowing access to S3 but keeping the environment as secure as possible?

Create an S3 VPC endpoint. Apply a policy restricting access to the S3 bucket from the VPC endpoint.

Create an S3 VPC endpoint. Apply a policy restricting access to the S3 bucket from the VPC endpoint, and remove the internet gateway. Setup a VPN Endpoint and client to securely SSH into the EC2 instance when needed.

Provision a privately addressable S3 bucket in your VPC. Migrate the contents of the public bucket and update the application. Remove the internet gateway to isolate the VPC.

Create a new security group, denying all IP's except the EC2 instance, and associate it with the S3 bucket.

MULTIPLE CHOICE QUESTION

3 mins • 1 pt

^{(from linux academy - Operation Exellence Pillar)}
Your existing custom NACL currently allows all Internet web traffic into the subnet. As part of a project implementation, you need to block IP traffic from a subnet to a specific internet IP address. How can this be accomplished?

Create a Security group, add a DENY rule to it, and attach to the subnet.

Attach a NACL to the subnet and add a DENY rule to it.

Attach a NACL to the VPC and add a DENY rule.

Create a Security group, add a DENY rule, and attach it to any resources in the subnet which need the DENY rule applied.

MULTIPLE SELECT QUESTION

1 min • 1 pt

^{(from linux academy - Operation Exellence Pillar)}
Which of the following events can be logged using CloudTrail. (Choose all that apply)

CLI Calls to the AWS Account

API Calls to the AWS Account

SSH Connections to EC2 Instances

Operations on S3 Objects

MULTIPLE CHOICE QUESTION

1 min • 1 pt

^{(from linux academy - Operation Exellence Pillar)}
You need to migrate a legacy application into AWS. It currently runs on a Linux operating system and has a requirement for iSCSI based block storage. Which AWS Service would you utilise to meet this requirement?

EFS

Storage Gateway

EBS

MULTIPLE SELECT QUESTION

1 min • 1 pt

^{(from linux academy - Operation Exellence Pillar)}
Which of the following are AWS managed services that can allow host access to instances running on the respective services? (Choose all that apply)

DynamoDB

Amazon EC2

Amazon RDS

Amazon EMR

ElastiCache

MULTIPLE CHOICE QUESTION

3 mins • 1 pt

^{(from linux academy - Operation Exellence Pillar)}
You are designing a VPC to host a small application. The VPC will be connected back to your on-premises network using a VPN. An EC2 instance runs the application, and will only need to connect to the internet for software updates. You have a list of the software update DNS names. How can you restrict this within the AWS VPC?

Place the EC2 instance in a public subnet and add an internet gateway.

This restriction isn't possible using an AWS VPC.

Add an internet gateway to the VPC, and a proxy service running on a EC2 instance in a public subnet with an elastic IP.

Use the DNS filtering option on a NAT gateway to restrict internet access to just the software updates.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

^{(from linux academy - Operation Exellence Pillar)}
You've been asked to host a docker container within your AWS environment. What is the most appropriate product to use for this task?

Lambda

EC2

Opsworks

ECS

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

60 questions

Business Management Sample Technical Skills Assessment Questions

Quiz

•

9th Grade

65 questions

BILL OF EXCHANGE

Quiz

•

11th - 12th Grade

60 questions

Soal Latihan PRA - US 1 KWU kelas 12

Quiz

•

9th - 12th Grade

60 questions

SFDC Admin Practice Test 1

Quiz

•

Professional Development

60 questions

Focus on Foods Final Review

Quiz

•

KG - University

60 questions

Accounting / Komputer Akuntansi / MYOB

Quiz

•

11th - 12th Grade

59 questions

Civics - Trial Vocabulary

Quiz

•

KG - University

60 questions

ANIMASI 2D DAN 3D XIMM SMT I

Quiz

•

11th Grade

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

15 questions

4:3 Model Multiplication of Decimals by Whole Numbers

Quiz

•

5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

The Best Christmas Pageant Ever Chapters 1 & 2

Quiz

•

4th Grade

12 questions

Unit 4 Review Day

Quiz

•

3rd Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

AISS - AWS SA - AWS_Pillars

64 questions

(from linux academy - Operation Exellence Pillar)Your existing custom NACL currently allows all Internet web traffic into the subnet. As part of a project implementation, you need to block IP traffic from a subnet to a specific internet IP address. How can this be accomplished?

(from linux academy - Operation Exellence Pillar)Which of the following events can be logged using CloudTrail. (Choose all that apply)

(from linux academy - Operation Exellence Pillar)You need to migrate a legacy application into AWS. It currently runs on a Linux operating system and has a requirement for iSCSI based block storage. Which AWS Service would you utilise to meet this requirement?

(from linux academy - Operation Exellence Pillar)Which of the following are AWS managed services that can allow host access to instances running on the respective services? (Choose all that apply)

(from linux academy - Operation Exellence Pillar)You've been asked to host a docker container within your AWS environment. What is the most appropriate product to use for this task?

(from linux academy - Operation Exellence Pillar)Which of the following AWS storage services are able to be natively mounted as mount points on a Linux system.

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

^{(from linux academy - Operation Exellence Pillar)}
Your existing custom NACL currently allows all Internet web traffic into the subnet. As part of a project implementation, you need to block IP traffic from a subnet to a specific internet IP address. How can this be accomplished?

^{(from linux academy - Operation Exellence Pillar)}
Which of the following events can be logged using CloudTrail. (Choose all that apply)

^{(from linux academy - Operation Exellence Pillar)}
You need to migrate a legacy application into AWS. It currently runs on a Linux operating system and has a requirement for iSCSI based block storage. Which AWS Service would you utilise to meet this requirement?

^{(from linux academy - Operation Exellence Pillar)}
Which of the following are AWS managed services that can allow host access to instances running on the respective services? (Choose all that apply)

^{(from linux academy - Operation Exellence Pillar)}
You've been asked to host a docker container within your AWS environment. What is the most appropriate product to use for this task?

^{(from linux academy - Operation Exellence Pillar)}
Which of the following AWS storage services are able to be natively mounted as mount points on a Linux system.