Rebirth SAA-C01 Software 2021

NEW QUESTION 1
Which of the following services allows you root access (i.e. you can login using SSH)?

• A. Elastic Load Balancer
• B. Elastic Map Reduce
• C. Elasticache
• D. RDS

Answer: B

Explanation:

NEW QUESTION 2
An online gaming site asked you if you can deploy a database that is a fast, highly scalable NoSQL database service in AWS for a new site that he wants to build. Which database should you recommend?

• A. Amazon DynamoDB
• B. Amazon RDS
• C. Amazon Redshift
• D. Amazon SimpleDB

Answer: A

Explanation:
Amazon DynamoDB is ideal for database applications that require very low latency and predictable performance at any scale but don't need complex querying capabilities like joins or transactions. Amazon DynamoDB is a fully-managed NoSQL database service that offers high performance, predictable throughput and low cost. It is easy to set up, operate, and scale. With Amazon DynamoDB, you can start small, specify the throughput and storage you need, and easily scale your capacity requirements on the fly. Amazon DynamoDB automatically partitions data over a number of servers to meet your request capacity. In addition, DynamoDB automatically replicates your data synchronously across multiple Availability Zones within an AWS Region to ensure high-availability and data durability.

NEW QUESTION 3
A customer’s security team requires the logging of all network access attempts to Amazon EC2 instances in their production VPC on AWS.
Which configuration will meet the security team’s requirement?

• A. Enable CloudTrail for the production VPC.
• B. Enable VPC Flow Logs for the production VPC.
• C. Enable both CloudTrail and VPC Flow Logs for the production VPC.
• D. Enable both CloudTrail and VPC Flow Logs for the AWS account.

Answer: B

NEW QUESTION 4
Through which of the following interfaces is AWS Identity and Access Management available?
A) AWS Management Console
B) Command line interface (CLI)
C) IAM Query API
D) Existing libraries

• A. Only through Command line interface (CLI)
• B. A, B and C
• C. A and C
• D. All of the above

Answer: D

Explanation:
Accessing IAM:
1 - AWS Management Console 2 - AWS Command Line Tools
3 - AWS SDKs (i.e. Existing libraries) 4 - IAM HTTPS API
http://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html#intro-accessing

NEW QUESTION 5
An instance is launched into a VPC subnet with the network ACL configured to allow all inbound traffic and deny all outbound traffic. The instance's security group is configured to allow SSH from any IP address and deny all outbound traffic. What changes need to be made to allow SSH access to the instance?

• A. The outbound security group needs to be modified to allow outbound traffic.
• B. The outbound network ACL needs to be modified to allow outbound traffic.
• C. Nothing, it can be accessed from any IP address using SSH.
• D. Both the outbound security group and outbound network ACL need to be modified to allow outbound traffic.

Answer: B

Explanation:
Need to open TCP Port 1024-65535 at Outbound Rules
"Allows outbound responses to the remote computer. Network ACLs are stateless, therefore this rule is required to allow response traffic for inbound requests." http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html

NEW QUESTION 6
After setting up a Virtual Private Cloud (VPC) network, a more experienced cloud engineer suggests that to achieve low network latency and high network throughput you should look into setting up a placement group. You know nothing about this, but begin to do some research about it and are especially curious about its limitations. Which of the below statements is wrong in describing the limitations of a placement group?

• A. Although launching multiple instance types into a placement group is possible, this reduces the likelihood that the required capacity will be available for your launch to succeed.
• B. A placement group can span multiple Availability Zones.
• C. You can't move an existing instance into a placement group.
• D. A placement group can span peered VPCs

Answer: B

Explanation:
A placement group is a logical grouping of instances within a single Availability Zone. Using placement groups enables applications to participate in a low-latency, 10 Gbps network. Placement groups are recommended for applications that benefit from low network latency, high network throughput, or both. To provide the lowest latency, and the highest packet-per-second network performance for your placement group, choose an instance type that supports enhanced networking.
Placement groups have the following limitations:
The name you specify for a placement group a name must be unique within your AWS account.
A placement group can't span multiple Availability Zones.
Although launching multiple instance types into a placement group is possible, this reduces the likelihood that the required capacity will be available for your launch to succeed. We recommend using the same instance type for all instances in a placement group.
You can't merge placement groups. Instead, you must terminate the instances in one placement group, and then relaunch those instances into the other placement group. A placement group can span peered VPCs; however, you will not get full-bisection bandwidth between instances in peered VPCs. For more information about VPC peering connections, see VPC Peering in the Amazon VPC User Guide.
You can't move an existing instance into a placement group. You can create an AMI from your existing instance, and then launch a new instance from the AMI into a placement group.

NEW QUESTION 7
A web-startup runs its very successful social news application on Amazon EC2 with an Elastic Load Balancer, an Auto-Scaling group of Java/Tomcat application-servers, and DynamoDB as data store. The main web-application best runs on m2 x large instances since it is highly memory- bound Each new deployment requires semi-automated creation and testing of a new AMI for the application servers which takes quite a while ana is therefore only done once per week.
Recently, a new chat feature has been implemented in nodejs and wails to be integrated in the architecture. First tests show that the new component is CPU bound Because the company has some experience with using Chef, they decided to streamline the deployment process and use AWS Ops Works as an application life cycle tool to simplify management of the application and reduce the deployment cycles.
What configuration in AWS Ops Works is necessary to integrate the new chat module in the most cost-efficient and filexible way?

• A. Create one AWS OpsWorks stack, create one AWS Ops Works layer, create one custom recipe
• B. Create one AWS OpsWorks stack create two AWS Ops Works layers create one custom recipe
• C. Create two AWS OpsWorks stacks create two AWS Ops Works layers create one custom recipe
• D. Create two AWS OpsWorks stacks create two AWS Ops Works layers create two custom recipe

Answer: B

Explanation:
You only need one stack to contain two layers:
– one layer for the Java/Tomcat instances
– one layer for DynamoDB
You’d only need one custom recipe because the only OpsWorks Lifecycle Event that would be involved in rolling out the new chat feature would be “Deploy”. (Or you could implement it in “Setup” if you choose to make including the chat app a new baseline standard for your instances in that layer. But even then, you’d only have one custom recipe because there would be no need to customize the “Deploy” event to install the chat app if you already installed out the chat app in “Setup”.) So you’d need a custom recipe for that one lifecycle event. And it would only be used for the “Deploy” lifecycle event on the app layer, not on the DB layer

NEW QUESTION 8
What is the time period with which metric data is sent to CloudWatch when detailed monitoring is enabled on an Amazon EC2 instance?

• A. 15 minutes
• B. 5 minutes
• C. 1 minute
• D. 45 seconds

Answer: C

Explanation:
By default, Amazon EC2 metric data is automatically sent to CloudWatch in 5-minute periods. However, you can, enable detailed monitoring on an Amazon EC2 instance, which sends data to CloudWatch in 1-minute periods

NEW QUESTION 9
In Amazon RDS, which of the following provides enhanced availability and durability for Database (DB) Instances, making them to be a natural fit for production database workloads?

• A. Placement Groups
• B. Multi-Option Group deployment
• C. Multi-AZ deployment
• D. Multi-VPC deployment

Answer: C

Explanation:
Amazon RDS Multi-AZ deployments provide enhanced availability and durability for Database (DB) Instances, making them a natural fit for production database workloads. When you provision a Multi- AZ DB Instance, Amazon RDS automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). Each AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. http://aws.amazon.com/rds/multi-az/

NEW QUESTION 10
A customer has a single 3-TB volume on-premises that is used to hold a large repository of images
and print layout files. This repository is growing at 500 GB a year and must be presented as a single logical volume. The customer is becoming increasingly constrained with their local storage capacity and wants an off-site backup of this data, while maintaining low-latency access to their frequently accessed data. Which AWS Storage Gateway configuration meets the customer requirements?

• A. Gateway-Cached volumes with snapshots scheduled to Amazon S3
• B. Gateway-Stored volumes with snapshots scheduled to Amazon S3
• C. Gateway-Virtual Tape Library with snapshots to Amazon S3
• D. Gateway-Virtual Tape Library with snapshots to Amazon Glacier

Answer: A

NEW QUESTION 11
What is the minimum charge for the data transferred between Amazon RDS and Amazon EC2 Instances in the same Availability Zone?

• A. USD 0.10 per GB
• B. No charg
• C. It is free.
• D. USD 0.02 per GB
• E. USD 0.01 per GB

Answer: B

Explanation:
For data transferred between an Amazon EC2 instance and Amazon RDS DB Instance in different Availability Zones of the same Region, there is no Data Transfer charge for traffic in or out of the
Amazon RDS DB Instance. References:

NEW QUESTION 12
A large real-estate brokerage is exploring the option or adding a cost-effective location based alert to their existing mobile application. The application backend infrastructure currently runs on AWS Users who opt in to this service will receive alerts on their mobile device regarding real-estate otters in proximity to their location. For the alerts to be relevant delivery time needs to be in the low minute count the existing mobile app has 5 million users across the us. Which one of the following architectural suggestions would you make to the customer?

• A. The mobile application will submit its location to a web service endpoint utilizing Elastic Load Balancing and EC2 instances: DynamoDB will be used to store and retrieve relevant otters EC2 instances will communicate with mobile earners/device providers to push alerts back to mobile application.
• B. Use AWS DirectConnect or VPN to establish connectivity with mobile carriers EC2 instances will receive the mobile applications ' location through carrier connection: ROS will be used to store and relevant relevant offers EC2 instances will communicate with mobile carriers to push alerts back to the mobile application
• C. The mobile application will send device location using SQ
• D. EC2 instances will retrieve the relevant others from DynamoDB AWS Mobile Push will be used to send offers to the mobile application
• E. The mobile application will send device location using AWS Mobile Push EC2 instances will retrieve the relevant offers from DynamoDB EC2 instances will communicate with mobilecarriers/device providers to push alerts back to the mobile applicatio

Answer: A

Explanation:
AWS using SQS to store the message from mobile apps,and using AWS Mobile Push to send offers to mobile apps.

NEW QUESTION 13
You have an EC2 Security Group with several running EC2 instances. You change the Security Group rules to allow inbound traffic on a new port and protocol, and launch several new instances in the same Security Group. The new rules apply:

• A. Immediately to all instances in the security group.
• B. Immediately to the new instances only.
• C. Immediately to the new instances, but old instances must be stopped and restarted before the new rules apply.
• D. To all instances, but it may take several minutes for old instances to see the changes.

Answer: A

Explanation:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html#vpc-securitygroups

NEW QUESTION 14
Can a 'user' be associated with multiple AWS accounts?

• A. No
• B. Yes

Answer: A

NEW QUESTION 15
You require the ability to analyze a large amount of data, which is stored on Amazon S3 using Amazon Elastic Map Reduce. You are using the cc2 8x large Instance type, whose CPUs are mostly idle during processing. Which of the below would be the most cost efficient way to reduce the runtime of the job?

• A. Create smaller files on Amazon S3.
• B. Add additional cc2 8x large instances by introducing a task group.
• C. Use smaller instances that have higher aggregate I/O performance.
• D. Create fewer, larger files on Amazon S3.

Answer: C

NEW QUESTION 16
While creating an Amazon RDS DB, your first task is to set up a DB that controls what IP addresses or EC2 instances have access to your DB Instance.

• A. Security Pool
• B. Secure Zone
• C. Security Token Pool
• D. Security Group

Answer: D

NEW QUESTION 17
Provisioned IOPS Costs: you are charged for the IOPS and storage whether or not you use them in a given month.

• A. FALSE
• B. TRUE

Answer: B

Explanation:
Volume storage for EBS Provisioned IOPS SSD (io1) volumes is charged by the amount you provision in GB per month, until you release the storage. With Provisioned IOPS SSD (io1) volumes, you are also charged by the amount you provision in IOPS (input/output operations per second) multiplied by the percentage of days you provision for the month. For example, if you provision a volume with
1000 IOPS, and keep this volume for 15 days in a 30 day month, then in a Region that charges $0.10 per provisioned IOPS-month, you would be charged $50 for the IOPS that you provision ($0.10 per provisioned IOPS-month * 1000 IOPS provisioned * 15 days/30). You will be charged for the IOPS provisioned on a volume even when the volume is detached from an instance.

NEW QUESTION 18
Which of the following size ranges is true of Individual Amazon S3 objects?

• A. 5 gigabytes to 5 terabytes
• B. 0 bytes to 5 terabytes
• C. 100 megabytes to 5 gigabytes
• D. 1 byte to 5 gigabytes

Answer: B

Explanation:
The total volume of data and number of objects you can store are unlimited. Individual Amazon S3 objects can range in size from 0 bytes to 5 terabytes.
https://aws.amazon.com/s3/faqs/

NEW QUESTION 19
Does AWS offer any web-based graphic user interface to access and manage EC2 instances?

• A. Yes, the AWS Application Clusters.
• B. No, you can only use the available software development kits.
• C. Yes, the AWS Management Console.
• D. No, you can only use the command line interfac

Answer: C

Explanation:
You can access and manage Amazon Web Services through a simple and intuitive web-based user interface known as the AWS Management Console.
http://aws.amazon.com/console/

NEW QUESTION 20
You need to set up a security certificate for a client's e-commerce website as it will use the HTTPS protocol. Which of the below AWS services do you need to access to manage your SSL server certificate?

• A. AWS Directory Service
• B. AWS Identity & Access Management
• C. AWS CloudFormation
• D. Amazon Route 53

Answer: B

Explanation:
AWS Identity and Access Management (IAM) is a web service that enables Amazon Web Services (AWS) customers to manage users and user permissions in AWS.All your SSL server certificates are managed by AWS Identity and Access management (IAM).

NEW QUESTION 21
Can an EBS volume be attached to more than one EC2 instance at the same time?

• A. No
• B. Yes.
• C. Only EC2-optimized EBS volumes.
• D. Only in read mod

Answer: A

Explanation:
EBS is network attached storage that can only be attached to one instance at a time https://aws.amazon.com/ebs/getting-started/ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html

NEW QUESTION 22
A news organization plans to migrate their 20 TB video archive to AWS. The files are rarely accessed, but when they are, a request is made in advance and a 3 to 5-hour retrieval time frame is acceptable. However, when there is a breaking news story, the editors require access to archived footage within minutes.
Which storage solution meets the needs of this organization while providing the LOWEST cost of storage?

• A. Store the archive in Amazon S3 Reduced Redundancy Storage.
• B. Store the archive in Amazon Glacier and use standard retrieval for all content.
• C. Store the archive in Amazon Glacier and pay the additional charge for expedited retrieval when needed.
• D. Store the archive in Amazon S3 with a lifecycle policy to move this to S3 Infrequent Access after 30 days.

Answer: B

NEW QUESTION 23
In EC2, what happens to the data in an instance store if an instance reboots (either intentionally or unintentionally)?

• A. Data is deleted from the instance store for security reasons.
• B. Data persists in the instance store.
• C. Data is partially present in the instance store.
• D. Data in the instance store will be los

Answer: B

Explanation:
The data in an instance store persists only during the lifetime of its associated instance. If an instance reboots (intentionally or unintentionally), data in the instance store persists. However, data on instance store volumes is lost under the following circumstances.
Failure of an underlying drive Stopping an Amazon EBS-backed instance Terminating an instance

NEW QUESTION 24
Does Amazon RDS support SSL encryption for SQL Server DB Instances?

• A. Yes, for all supported SQL Server editions
• B. No
• C. Yes, but only when the instances are in a single region
• D. No, encryption using SSL is supported only in the GovClou

Answer: A

Explanation:
Amazon RDS supports SSL encryption for SQL Server DB Instances. Using SSL, you can encrypt connections between your applications and your SQL Server DB Instances. This is available for all the
versions of Microsoft SQL Server. http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBEngine.SQLServer.html

NEW QUESTION 25
A user has hosted an application on EC2 instances. The EC2 instances are configured with ELB and Auto Scaling. The application server session time out is 2 hours. The user wants to configure connection draining to ensure that all in-flight requests are supported by ELB even though the instance is being deregistered. What time out period should the user specify for connection draining?

• A. 1 hour
• B. 30 minutes
• C. 5 minutes
• D. 2 hours

Answer: A

Explanation:
The Elastic Load Balancer connection draining feature causes the load balancer to stop sending new requests to the back-end instances when the instances are deregistering or become unhealthy, while ensuring that in-flight requests continue to be served. The user can specify a maximum time of 3600 seconds (1 hour) for the load balancer to keep the connections alive before reporting the instance as deregistered. If the user does not specify the maximum timeout period, by default, the load balancer will close the connections to the deregistering instance after 300 seconds.

NEW QUESTION 26
Multi-AZ deployment _____ supported for Microsoft SQL Server DB Instances.

• A. is not currently
• B. is as of 2013
• C. is planned to be in 2014
• D. will never be

Answer: C

NEW QUESTION 27
You can create a CloudWatch alarm that watches a single metric. The alarm performs one or more actions based on the value of the metric relative to a threshold over a number of time periods. Which of the following states is possible for the CloudWatch alarm?

• A. ERROR
• B. THRESHOLD
• C. ALERT
• D. OK

Answer: D

Explanation:
You can create a CloudWatch alarm that watches a single metric. The alarm performs one or more actions based on the value of the metric relative to a threshold over a number of time periods. The action can be an Amazon EC2 action, an Auto Scaling action, or a notification sent to an Amazon SNS topic.
An alarm has three possible states:
OK--The metric is within the defined threshold ALARM--The metric is outside of the defined threshold
INSUFFICIENT_DATA--The alarm has just started, the metric is not available, or not enough data is available for the metric to determine the alarm state http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveoperGuide/AlarmThatSendsEmail.ht ml

NEW QUESTION 28
......