AWS Interview Question-7

Explain AWS Snowball.
  • AWS Snowball is a solution from Amazon Web Services that’s designed to move large amounts of data into the AWS cloud.
  • It’s done using offline data migration.
  • we create a job in the AWS Management Console.
  • This is a secure storage appliance that’s designed to be tamper proof that is used to house the data that we will then physically ship back to an AWS data center to move that data into the cloud.
  • we have to install Snowball client on an on-premises workstation that will be used to perform the copying or the transfer of the data from our on-premises environment to the Snowball appliance that you plug into your local area network.
  • You could also have multiple workstations with the Snowball client installed if you’ve got multiple snowballs and you want to increase the throughput.
  • So, a single Snowball appliance, for example, can handle between 50 and 80 terabytes of data. So, you could potentially, depending on your local network environment, fill one of those up within a single day.
  • Now, depending on your Internet connectivity, transferring that amount of data into the AWS cloud over the Internet could take months, even years in some cases. So, if you’ve got less than 10 petabytes of on-premises data, you should be using one or more AWS Snowball appliances.
  • If you’ve got more than 10 petabytes, you would be looking at using AWS Snowmobile, which is literally a shipping container full of storage appliances. So, that would be for larger organizations with very enormous data centers.
Snowball Jobs

AWS Snowball is used when you need to move large amounts of data from on-premises into the AWS cloud.

Essentially, Amazon Web Services will ship you a secured rugged storage device that you populate and then send back to the data center and they copy it into S3.

Question: When should AWS Snowball be used?

Ans- PB or TB of on-premises data that needs to be placed in AWS

Question: Which statements regarding AWS Snowball jobs are correct?

Ans – KMS can be used to protect data at rest

A shipping address must be specified

What is DNS?
  • The Domain Name Service or DNS, is a name resolution service on a TCP/IP network.
  • It is an application layer which defines how the application runs on different systems, pass the messages to each other.
  • DNS stands for Domain Name System.
  • DNS provides a mapping between the name of a host(on the network) and its address.
  • DNS is required for the functioning of the internet.
  • DNS is a service that translates the domain name into IP addresses.
  • It applies to both IP version 4 and IP version 6.
  • A DNS zone is related to a DNS domain name.Ex:
  • The DNS zone refers to the configuration of the
    • DNS records, or
    • DNS domain name and
    • The DNS server that has control over those records within that zone.

What is TTL or The time to live in DNS?

DNS TTL (time to live) is a setting that tells the DNS resolver how long to cache a query before requesting a new one. So its information is stored in the cache of the recursive or local resolver for the TTL before it reaches back out to collect new, updated details.

  • Example: If a client queries its configured DNS server to resolve a name to an IP address then a server does a successful name resolution result, it will cache it for a period of time. That period of time is called the TTL or the time to live.
  • We recommend a TTL of 24 hours (86,400 seconds). However, if you are planning to make DNS changes, you can lower the TTL to 5 minutes (300 seconds) at least 24 hours in advance of making the changes. 

Consider you need to allow inbound DNS client queries to a VPC subnet. Which port should you allow in the Network ACL rule?

Ans- 53

Question: Which type of DNS record routing rule allows sending a percentage of traffic to a specific host?

Ans – Weighted

Question: You are registering a new DNS domain through Route 53. What must you supply when registering the domain?

Ans – Contact details

Question: Which records exist automatically in a new hosted DNS zone?

Ans – NS


Question: Which of the following statements is correct? Choose two.

Security group rules have a priority number

Security groups are associated with EC2 instances

Network ACL rules have a priority number

Network ACLs are associated subnets

Ans – Network ACL rules have a priority number

Network ACLs are associated subnets

Question: You are using the AWS management console to create a new Network ACL. What must the ACL be associated with?

Ans – VPC

Question: You have created a network ACL. You now need to create ACL rules using the CLI. Which command should you use?

Ans – aws ec2 create-network-acl-entry

Question: Which PowerShell statement is used to create a Network ACL?

Ans – New-EC2NetworkAcl -VpcId

Question: Which AWS objects can Elastic IPs be associated with?

Ans – Instance

Network interface

Question: You are using the AWS management console to create a new Security Group. What must the security group be associated with?

Ans – VPC

Question: Which CLI command is used to list AWS Security Groups?

Ans – aws ec2 describe-security-groups

Question: we need to allow port 3389 traffic to pass into an EC2 instance. Which PowerShell cmdlet should we use to modify the security group associated with the instance?

Ans – Grant-EC2SecurityGroupIngress

Question: Which term best describes the role of an AWS Internet Gateway?

Ans – Pass-through

Question: You have created an Internet Gateway in VPC1, yet EC2 instances in VPC1 subnets cannot reach the Internet. What should you do?

Ans – Add a route from the subnets

Question: Which term best describes the role of an AWS NAT Gateway?

Ans – Proxy

Question: Which two items must a new NAT gateway be associated with?

Ans – Elastic IP


Question: Which type of SQS queue does not use ordered messaging?

Ans – Standard

Question: Which terms best describe the purpose of AWS Lambda?

Ans – Triggers

Data processing

Question: With Simple Notification Service, which item is a communication channel to which messages are published?

ANs – Topic

Question: Which AWS resource lends itself to application component decoupling?

Ans – SQS

Question: Which of the following are valid SQS queue types?

Ans – FIFO


Question: Why do application containers start up very quickly?

Ans – They use the underlying host OS

Question: What service does CloudFormation offer to AWS customers?

Ans – Infrastructure as code

Question: What are the valid options when deploying a CloudFormation template?

Ans – Template is ready

Use a sample template

Import JSON

Question: What is the overall purpose of Elastic Beanstalk?

Ans – Quick web app deployment

Question: Which of the following options are available when deploying ElastiCache? Choose two.

Ans – Memcached


Question: Which file formats can be used with CloudFormation templates? Choose two.

Ans – YAML


Question: Which type of source is specified when creating an Elastic Transcoder job configuration?

Ans – S3

Question: What is a fast content delivery networking (CDN) service offered by Amazon Web Services?

Ans – CloudFront

Question: What is a human and machine-readable data interchange method commonly used with IAM managed policies, S3 bucket policies, and CloudFormation infrastructure as code?

Ans – JSON