AWS Cloud Practitioner-Interview Question-3

131) Are IAM Groups specify permissions for a collection of users, which can make it easier to manage the permissions for those users?

Ans:-Yes. IAM Groups specify permissions for a collection of users, which can make it easier to manage the permissions for those users.

132) An IAM group is a collection of IAM users. Groups let you specify permissions for single user, which can make it easier to manage the permissions for that user. Is it true or false?


133) An IAM group is a collection of IAM users. Groups let you specify permissions for multiple users, which can make it easier to manage the permissions for those users.IAM is a feature of your AWS account

offered at no additional charge. You will be charged only for use of other AWS services by your users. Is it true or false?

Ans:- True

134) You have developed an application and it is getting overloaded because of heavy workload. You would like to increase the capacity of an rds application for read heavy workloads. How would you do this?

Ans:-Add read replicas with multiple connection strings and use Route 53 Multivalue Answer Routing.

135) You have an EBS volume which also the root device attached to a running EC2 instance. What do you need to do to enable you to detach it?

Ans:- We can stop the instance then can detach that.

136) Your company ABC has a backup policy that requires data to be accessible within seconds for the first 6 months and archived with up to a day to access after 6 months. What is the best solution?

Ans:- We can use standard S3 for the first six months and then archive to Glacier after 6 months using a lifecycle policy.

137) You have developed an application that requires coordination between serverless and server based distributed applications. You would like to implement this as a state machine. What AWS service would you use?
Ans:-AWS Step Functions

138) You have created one S3 bucket. You have enabled server side encryption on an S3 bucket. How do you decrypt objects?

Ans:-S3 automatically decrypts objects when you download them.

139) What AWS service can you use to log API calls to SQS?

140) AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs. Is it true or false?

141) Your users keep forgetting the account ID for logging in to the console. How can you help them?
Ans:-create account alias

142) In software field , every technology will have some tool to manage billing. Same way What is the AWS service will you use if you want to get alert when you cross a certain bill threshold ?


143) Consider we have an application in project which sends push messages to mobile devices. Which service should we use?

144) CloudWatch free monitoring for EC2 is at __ intervals.
Ans:- 5 minute

145) You can use Amazon __ to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances
Ans:-CloudWatch Logs

146) Which service used to retrieve the associated log data
CloudTrail Logs

147) Can we connect to EC2 Windows instance using SSH?

148) Spot Instances run until either you terminate them or the Spot Price increases above your bid price.

149) An EC2 security group acts as a firewall that controls the traffic allowed to reach one or more instances.

150) You have an application that requires ad-hoc data mining and analytics of manufacturing data. What is best suited for this application?

151) AWS _ is a serverless compute service that runs your code in response to events and automatically manages the underlying compute resources for you.

152) When Multi-AZ is enabled on RDS, the standby replica instance will be located in a different region.

153) Amazon S3 bucket names are globally unique, regardless of the AWS region in which you create the bucket.

154) Security groups in a VPC specify which traffic is allowed to or from an Amazon EC2 instance.

155) Which of the following are benefits of AWS’s Relational Database Service (RDS)?

Ans:- Automated patches and backups

156) What AWS storage class should be used for long-term, archival storage?


157) You have a very critical application which your organization simply can’t afford to have it down. What is the architecture strategy you would use to prepare to be used for the application ?

Ans:-Use Multi-Region based architectures

158) In an AWS Shared Responsibility model, which of the following is not the responsibility of AWS ?

Ans:-Data of the customer

159) Which AWS services should be used for read/write of constantly changing data?

Ans:-Amazon RDS

160) A customer needs to run a MySQL database that easily scales.Which AWS service should they use?

Ans:-Amazon Aurora

161) Which of the following components of the AWS Global Infrastructure consists of one or more discrete data centers interconnected through low latency links?

Ans:-Availability Zone

162) Which of the following is a shared control between the customer and AWS?

Ans:-Awareness and training

163) How many Availability Zones should compute resources be provisioned across to achieve high availability?

Ans:-A minimum of two

164) One of the advantages to moving infrastructure from an on-premises data center to the AWS Cloud is:

Ans:-it allows the business to focus on business activities.

165) Alex is running a web application and he is seeing very changing traffic workloads. Few hours a day traffic is very high however for rest of the day traffic is less. In order to handle high traffic, Alex is running big servers however they remain under utilized most of the day and it is increasing the cost as well. Which AWS feature can john utilize to add and remove server capacity based on traffic workload ?


166) What is the lowest-cost, durable storage option for retaining database backups for immediate retrieval?

Ans:-Amazon S3

167) Which AWS IAM feature allows developers to access AWS services through the AWS CLI?

Ans:-Access keys

168) What is not a feature of RDS (excluding Aurora)?

Ans:-automated scaling

167) Which of the following is a fast and reliable NoSQL database service?

Ans:-Amazon DynamoDB

168) Which among the below endpoints are supported by SNS?


169) How can we ensure SQS messages are delivered in order or not?
add them to the queue in order

Ans – use a FIFO queue

170) Manager of your organization wants to see what exactly each user is doing in AWS account. What is the service that you can use to achieve this scenerio ?


171) What is Amazon DynamoDB?

Ans:-NoSQL database

173) What is a CloudFormation stack?
Ans:-a collection of AWS resources that you can manage as a single unit

176) What is AWS’s serverless compute service?


177) What is a CloudFormation stack?
Ans:-a collection of AWS resources that you can manage as a single unit

178) In Project, You are lead and have responsibility of auditing as well. You notice that six of your 12 S3 buckets are no longer available in your account, and you assume that they have been deleted. You are unsure who may have deleted them, and no one is taking responsibility. Which AWS service will help you investigate ?


179) What is not a security best practice?
Ans:-difficult root access password

180) What is the main benefit on why some one might choose an on-Demand EC2 instance?

Ans:-You can create, start, stop, and terminate them at any time.

181) We would like to decouple your application components from demand. What service would be used?

182) If you are using an on-demand EC2 instance, how are you being charged for it?

Ans:-You are charged per second, based on an hourly rate, and there are no termination fees.

183) What does Amazon CloudFront use to distribute content to global users with low latency?

Correct Answer: AWS Edge Locations

184) Consider you are working in an Cloud based organization that has decided to reserve EC2 compute capacity for four years to get more discounts. Their application workloads are likely to change during this time period. What is the EC2 Reserved Instance (RI) type that allows them to change the attributes of the RI whenever they need?

Correct Answer: Convertible RIs

185) With Amazon EC2, you don’t have to pay any start-up or termination fees.
Is it True or False?
Correct Answer: True

186) The S3 Intelligent-Tiering storage class is designed to optimize costs by automatically moving data to the most cost-effective access tier, without performance impact or operational overhead. Is it true or false?

Correct Answer: True

187) John is working in cloudvikas company. In his company, one team is developing a critical web application in AWS and the security of the application is one of the top priorities. Which of the following AWS services will provide infrastructure security optimization recommendations?
AWS Trusted Advisor
AWS Management Console
Correct Answer: AWS Trusted Advisor

190) Consider a cloud based company is currently using the Enterprise Support plan. They want quick and efficient guidance with their billing and account inquiries. Which of the following included services could assist them?

Correct Answer: AWS Support Concierge