AWS (1-50) Vocational training Quiz | Wayground (formerly Quizizz)

1.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company uses AWS Organizations to manage multiple AWS accounts for different departments. The management account has an Amazon S3 bucket that contains project reports. The company wants to limit access to this S3 bucket to only users of accounts within the organization in AWS Organizations. Which solution meets these requirements with the LEAST amount of operational overhead?

Add the aws PrincipalOrgID global condition key with a reference to the organization ID to the S3 bucket policy.

Create an organizational unit (OU) for each department. Add the aws:PrincipalOrgPaths global condition key to the S3 bucket policy.

Use AWS CloudTrail to monitor the CreateAccount, InviteAccountToOrganization, LeaveOrganization, and RemoveAccountFromOrganization events. Update the S3 bucket policy accordingly

Tag each user that needs access to the S3 bucket. Add the aws:PrincipalTag global condition key to the S3 bucket policy.

2.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An application runs on an Amazon EC2 instance in a VPC. The application processes logs that are stored in an Amazon S3 bucket. The EC2 instance needs to access the S3 bucket without connectivity to the internet. Which solution will provide private network connectivity to Amazon S3?

Create a gateway VPC endpoint to the S3 bucket.

Stream the logs to Amazon CloudWatch Logs. Export the logs to the S3 bucket.

Create an instance profile on Amazon EC2 to allow S3 access.

Create an Amazon API Gateway API with a private link to access the S3 endpoint.

3.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company is hosting a web application on AWS using a single Amazon EC2 instance that stores user-uploaded documents in an Amazon EBS volume. For better scalability and availability, the company duplicated the architecture and created a second EC2 instance and EBS volume in another Availability Zone, placing both behind an Application Load Balancer. After completing this change, users reported that, each time they refreshed the website, they could see one subset of their documents or the other, but never all of the documents at the same time. What should a solutions architect propose to ensure users see all of their documents at once?

Copy the data so both EBS volumes contain all the documents

Configure the Application Load Balancer to direct a user to the server with the documents

. Copy the data from both EBS volumes to Amazon EFS. Modify the application to save new documents to Amazon EFS

Configure the Application Load Balancer to send the request to both servers. Return each document from the correct server

4.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company has an application that ingests incoming messages. Dozens of other applications and microservices then quickly consume these messages. The number of messages varies drastically and sometimes increases suddenly to 100,000 each second. The company wants to decouple the solution and increase scalability. Which solution meets these requirements?

Persist the messages to Amazon Kinesis Data Analytics. Configure the consumer applications to read and process the messages.

Deploy the ingestion application on Amazon EC2 instances in an Auto Scaling group to scale the number of EC2 instances based on CPU metrics.

Write the messages to Amazon Kinesis Data Streams with a single shard. Use an AWS Lambda function to preprocess messages and store them in Amazon DynamoDB. Configure the consumer applications to read from DynamoDB to process the messages

Publish the messages to an Amazon Simple Notification Service (Amazon SNS) topic with multiple Amazon Simple Queue Service (Amazon SOS) subscriptions. Configure the consumer applications to process the messages from the queues.

5.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company is running an SMB file server in its data center. The file server stores large files that are accessed frequently for the first few days after the files are created. After 7 days the files are rarely accessed. The total data size is increasing and is close to the company's total storage capacity. A solutions architect must increase the company's available storage space without losing low-latency access to the most recently accessed files. The solutions architect must also provide file lifecycle management to avoid future storage issues. Which solution will meet these requirements?

Use AWS DataSync to copy data that is older than 7 days from the SMB file server to AWS.

Create an Amazon S3 File Gateway to extend the company's storage space. Create an S3 Lifecycle policy to transition the data to S3 Glacier Deep Archive after 7 days.

Create an Amazon FSx for Windows File Server file system to extend the company's storage space.

Install a utility on each user's computer to access Amazon S3. Create an S3 Lifecycle policy to transition the data to S3 Glacier Flexible Retrieval after 7 days.

6.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company has an application that runs on Amazon EC2 instances and uses an Amazon Aurora database. The EC2 instances connect to the database by using user names and passwords that are stored locally in a file. The company wants to minimize the operational overhead of credential management. What should a solutions architect do to accomplish this goal?

Use AWS Secrets Manager. Turn on automatic rotation.

Use AWS Systems Manager Parameter Store. Turn on automatic rotation

Create an Amazon S3 bucket to store objects that are encrypted with an AWS Key Management Service (AWS KMS) encryption key. Migrate the credential file to the S3 bucket. Point the application to the S3 bucket.

Create an encrypted Amazon Elastic Block Store (Amazon EBS) volume for each EC2 instance. Attach the new EBS volume to each EC2 instance. Migrate the credential file to the new EBS volume. Point the application to the new EBS volume.

7.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company performs monthly maintenance on its AWS infrastructure. During these maintenance activities, the company needs to rotate the credentials for its Amazon RDS for MySQL databases across multiple AWS Regions. Which solution will meet these requirements with the LEAST operational overhead?

Store the credentials as secrets in AWS Secrets Manager. Use multi-Region secret replication for the required Regions. Configure Secrets Manager to rotate the secrets on a schedule.

Store the credentials as secrets in AWS Systems Manager by creating a secure string parameter. Use multiRegion secret replication for the required Regions. Configure Systems Manager to rotate the secrets on a schedule.

Store the credentials in an Amazon S3 bucket that has server-side encryption (SSE) enabled. Use Amazon EventBridge (Amazon CloudWatch Events) to invoke an AWS Lambda function to rotate the credentials.

Encrypt the credentials as secrets by using AWS Key Management Service (AWS KMS) multi-Region customer managed keys. Store the secrets in an Amazon DynamoDB global table. Use an AWS Lambda function to retrieve the secrets from DynamoDB. Use the RDS API to rotate the secrets.

8.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company recently migrated to AWS and wants to implement a solution to protect the traffic that flows in and out of the production VPC. The company had an inspection server in its on-premises data center. The inspection server performed specific operations such as traffic flow inspection and traffic filtering. The company wants to have the same functionalities in the AWS Cloud. Which solution will meet these requirements?

Use Amazon GuardDuty for traffic inspection and traffic filtering in the production VPC

Use Traffic Mirroring to mirror traffic from the production VPC for traffic inspection and filtering.

Use AWS Network Firewall to create the required rules for traffic inspection and traffic filtering for the production VPC.

Use AWS Firewall Manager to create the required rules for traffic inspection and traffic filtering for the production VPC.

9.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company is implementing a new business application. The application runs on two Amazon EC2 instances and uses an Amazon S3 bucket for document storage. A solutions architect needs to ensure that the EC2 instances can access the S3 bucket. What should the solutions architect do to meet this requirement?

Create an IAM role that grants access to the S3 bucket. Attach the role to the EC2 instances

Create an IAM policy that grants access to the S3 bucket. Attach the policy to the EC2 instances.

. Create an IAM group that grants access to the S3 bucket. Attach the group to the EC2 instances.

Create an IAM user that grants access to the S3 bucket. Attach the user account to the EC2 instances.

10.

MULTIPLE SELECT QUESTION

45 sec • 1 pt

An application development team is designing a microservice that will convert large images to smaller, compressed images. When a user uploads an image through the web interface, the microservice should store the image in an Amazon S3 bucket, process and compress the image with an AWS Lambda function, and store the image in its compressed form in a different S3 bucket. A solutions architect needs to design a solution that uses durable, stateless components to process the images automatically. Which combination of actions will meet these requirements? (Choose two.)

Create an Amazon Simple Queue Service (Amazon SQS) queue. Configure the S3 bucket to send a notification to the SQS queue when an image is uploaded to the S3 bucket.

Configure the Lambda function to use the Amazon Simple Queue Service (Amazon SQS) queue as the invocation source. When the SQS message is successfully processed, delete the message in the queue.

Configure the Lambda function to monitor the S3 bucket for new uploads. When an uploaded image is detected, write the file name to a text file in memory and use the text file to keep track of the images that were processed.

Launch an Amazon EC2 instance to monitor an Amazon Simple Queue Service (Amazon SQS) queue. When items are added to the queue, log the file name in a text file on the EC2 instance and invoke the Lambda function

Configure an Amazon EventBridge (Amazon CloudWatch Events) event to monitor the S3 bucket. When an image is uploaded, send an alert to an Amazon ample Notification Service (Amazon SNS) topic with the application owner's email address for further processing.

Create a free account and access millions of resources

Popular Resources on Wayground