This presentation about "AWS interview questions" will take you through some of the most popular questions that you face in an AWS interview. Cloud computing is quickly becoming the norm among enterprises that want more flexibility, greater efficiencies, lower costs, and improved disaster recovery. AWS is by far the dominant provider, with 40% of the market share and $14 billion in revenue projected for 2017. That’s not only good news for Amazon’s bottom line. It’s also good news for yours if you’re moving into the field as an AWS Solution Architect Associate. If that’s the career move you’re making, and you’re preparing for an AWS Solution Architect job interview, then this is a video for you. Here are some of the most common AWS interview questions and answers that can help you while you prepare for Amazon web services related roles in the industry. Learn and get a deeper understanding of these questions to set you apart from the crowd in this booming cloud industry. This AWS certification training is designed to help you gain in-depth understanding of Amazon Web Services (AWS) architectural principles and services. You will learn how cloud computing is redefining the rules of IT architecture and how to design, plan, and scale AWS Cloud implementations with best practices recommended by Amazon. The AWS Cloud platform powers hundreds of thousands of businesses in 190 countries, and AWS certified solution architects take home about $126,000 per year. This AWS certification course will help you learn the key concepts, latest trends, and best practices for working with the AWS architecture – and become industry-ready aws certified solutions architect to help you qualify for a position as a high-quality AWS professional. The course begins with an overview of the AWS platform before diving into its individual elements: IAM, VPC, EC2, EBS, ELB, CDN, S3, EIP, KMS, Route 53, RDS, Glacier, Snowball, Cloudfront, Dynamo DB, Redshift, Auto Scaling, Cloudwatch, Elastic Cache, CloudTrail, and Security. Those who complete the course will be able to: 1. Formulate solution plans and provide guidance on AWS architectural best practices 2. Design and deploy scalable, highly available, and fault tolerant systems on AWS 3. Identify the lift and shift of an existing on-premises application to AWS 4. Decipher the ingress and egress of data to and from AWS 5. Select the appropriate AWS service based on data, compute, database, or security requirements 6. Estimate AWS costs and identify cost control mechanisms This AWS course is recommended for for professionals who want to pursue a career in Cloud computing or develop Cloud applications with AWS. You’ll become an asset to any organization, helping leverage best practices around advanced cloud based solutions and migrate existing workloads to the cloud. Learn more at https://www.simplilearn.com/cloud-computing/aws-solution-architect-associate-training

2. 1 Define and explain the 3 basic types of cloud services and the AWS products that
are built based on them.

3. 1
AWS has three basic types of cloud services:
Compute Storage Networking
Define and explain the 3 basic types of cloud services and the AWS products that
are built based on them.

4. 1
Compute
Compute domain helps in the following
aspects:
• To run any application
• Control and manage server functions such
as scaling and deployment
• Run event-initiated stateless applications
EC2 Lambda
Auto-scaling Lightsail
Elastic Beanstalk
Define and explain the 3 basic types of cloud services and the AWS products that
are built based on them.

5. 1
Storage
Storage domain helps in the following
aspects:
• It holds all the information which the
applications use
• They additionally support archival
compliance requirements
• Object, file and block storage are the
popular storage services
S3
Elastic File System
Glacier
Elastic Block Storage
Define and explain the 3 basic types of cloud services and the AWS products that
are built based on them.

6. 1
Networking
Networking domain helps in the following
aspects:
• To control and manage the connectivity
requirements for various AWS services
• You can select your own IP address range
and also accelerate the delivery of your
content
VPC CloudFront
Route53
Define and explain the 3 basic types of cloud services and the AWS products that
are built based on them.

7. What is the relation between Availability Zone and Region?
2

8. What is the relation between Availability Zone and Region?
2
 Each AWS Region has multiple
isolated locations known as
Availability Zones
 All availability zones inside one region
are isolated from one another in terms
of failure
 AWS Region is a separate
geographic area
 E.g. US-West 1 (N. California),
Asia South (Mumbai)
Availability
Zones
AWS Region

9. What is auto-scaling?
3

10. What is auto-scaling?
3
 Auto-scaling in AWS allows you to configure and automatically provision and
launch new instances whenever the demand increases
 Auto-scaling allows automatic increase or decrease of resource capacity as per
the needs
 Businesses need not worry continuously about managing the capacity of
resources
 Auto-scaling is one of the most appealing reasons to choose AWS
Scalability – Auto-scaling
Auto-scaling helps to automatically adjust the
capacity as per your needs

11. 4 What is geo targeting and how do you setup geo targeting in CloudFront?

12. 4 What is geo targeting and how do you setup geo targeting in CloudFront?
Geo targeting is a concept where you can show
personalized content to your audience based on their
geographic location without changing the URL
AWS allows you to send customized content through
CloudFront
Amazon CloudFront connects with other members of the AWS family of
services to deliver content to end users at high speed and with low latency

13. 4 What is geo targeting and how do you setup geo targeting in CloudFront?
Amazon CloudFront will now detect the country where
your viewer is located and forward the country code to
your origin server so that you can personalize content for
that viewer without changing the URL
CloudFront will detect the user’s country and pass along
their country code to you in the CloudFront-Viewer-
Country header

14. What are the steps involved in a CloudFormation solution?
5

15. What are the steps involved in a CloudFormation solution?
1
Create or use existing
CloudFormation template
using JSON/YAML format
5

16. What are the steps involved in a CloudFormation solution?
1
2
Create or use existing
CloudFormation template
using JSON/YAML format
Save your code template
locally or in S3 bucket
5

17. What are the steps involved in a CloudFormation solution?
1
2
3
Create or use existing
CloudFormation template
using JSON/YAML format
Save your code template
locally or in S3 bucket
Use AWS
CloudFormation to create
a stack on your template
5

18. What are the steps involved in a CloudFormation solution?
AWS CloudFormation
constructs and configures your
stack resources that you have
specified in your template
1
2
3
4
Create or use existing
CloudFormation template
using JSON/YAML format
Save your code template
locally or in S3 bucket
Use AWS
CloudFormation to create
a stack on your template
5

19. 6 How do you upgrade or downgrade a system with near zero downtime?

20. 6 How do you upgrade or downgrade a system with near zero downtime?
We can upgrade or downgrade a system with near zero downtime using the following steps of migration:
Open EC2 console

21. 6 How do you upgrade or downgrade a system with near zero downtime?
We can upgrade or downgrade a system with near zero downtime using the following steps of migration:
Open EC2 console
OS
Choose Operating
System AMI

22. 6 How do you upgrade or downgrade a system with near zero downtime?
We can upgrade or downgrade a system with near zero downtime using the following steps of migration:
Open EC2 console
OS
Choose Operating
System AMI
Launch an instance with
new instance type
(capacity)

23. 6 How do you upgrade or downgrade a system with near zero downtime?
We can upgrade or downgrade a system with near zero downtime using the following steps of migration:
Open EC2 console
OS
Choose Operating
System AMI
Install all updatesLaunch an instance with
new instance type
(capacity)

24. 6 How do you upgrade or downgrade a system with near zero downtime?
We can upgrade or downgrade a system with near zero downtime using the following steps of migration:
Open EC2 console
OS
Choose Operating
System AMI
Install all updates Install applicationsLaunch an instance with
new instance type
(capacity)

25. 6 How do you upgrade or downgrade a system with near zero downtime?
We can upgrade or downgrade a system with near zero downtime using the following steps of migration:
Open EC2 console
OS
Choose Operating
System AMI
Install all updates Install applicationsLaunch an instance with
new instance type
(capacity)
Test the instance

26. 6 How do you upgrade or downgrade a system with near zero downtime?
We can upgrade or downgrade a system with near zero downtime using the following steps of migration:
Open EC2 console
OS
Choose Operating
System AMI
Install all updates Install applications
Deploy the new instance
and replace the older
instance
Test the instance
Launch an instance with
new instance type
(capacity)

27. 6 How do you upgrade or downgrade a system with near zero downtime?
We can upgrade or downgrade a system with near zero downtime using the following steps of migration:
Open EC2 console
OS
Choose Operating
System AMI
Install all updates Install applications
Deploy the new instance
and replace the older
instance
Test the instance
Launch an instance with
new instance type
(capacity)
Migration is
complete with
zero downtime

28. 7 What are all the tools and techniques you can use in AWS to identify and correct if you
are paying more than you should be?

29. 7 What are all the tools and techniques you can use in AWS to identify and correct if you
are paying more than you should be?
1. Top Free Tier Services Table
• This is a dashboard of the Billing and Cost Management console
• This table shows the free tier usage limit for your top five most-used free tier
services
Top Free Tier
Services Table
1

30. 7 What are all the tools and techniques you can use in AWS to identify and correct if you
are paying more than you should be?
2. Cost Explorer
• This allows you to view and analyze costs
• You can view costs for the last 13 months
• You can also get cost forecast for the coming 3 months
Cost Explorer
2

31. 7 What are all the tools and techniques you can use in AWS to identify and correct if you
are paying more than you should be?
3. AWS Budgets
• Here, you can plan your service usage, service costs and instance reservations
• You can view the following:AWS Budgets
3
o Is your current plan meeting your budget?
o Usage details

32. 7 What are all the tools and techniques you can use in AWS to identify and correct if you
are paying more than you should be?
AWS Budgets
3
Here is a screenshot of the AWS Budgets Dashboard

33. 7 What are all the tools and techniques you can use in AWS to identify and correct if you
are paying more than you should be?
4. Cost Allocation Tags
• You can assign a label to every AWS resource
• Each tag has a key and a value
• You can organize your resources and cost allocation tags to keep a track of your AWS
costs
Cost Allocation
Tags
4

34. 7 What are all the tools and techniques you can use in AWS to identify and correct if you
are paying more than you should be?
Here is a screenshot of the Cost Allocation Tags
Cost Allocation
Tags
4

35. 8 Are there any other alternate tools to log into the Cloud environment other than
CONSOLE?

36. 8 Are there any other alternate tools to log into the Cloud environment other than
CONSOLE?
The following tools can be used to log into the Cloud environment:
1 32 4
Putty
AWS CLI
for Linux
AWS CLI for
Windows
AWS CLI for
Windows CMD
Eclipse
5 6
AWS SDK

37. 9 What services can be used to create a centralized logging solution?

38. 9 What services can be used to create a centralized logging solution?
 Log management helps organizations to track a relationship between operational, security and change
management events
 It also helps you to understand the infrastructure
 We can create a centralized logging solution using the following:
Amazon Elastic SearchAmazon CloudWatch
Logs
Amazon Kinesis
Firehose
Amazon S3

39. 9 What services can be used to create a centralized logging solution?
Source: https://aws.amazon.com/answers/logging/centralized-logging/
Here is a diagram showing
the centralized logging
architecture you can
deploy

40. 9 What services can be used to create a centralized logging solution?
Source: https://aws.amazon.com/answers/logging/centralized-logging/
Here is a diagram showing
the centralized logging
architecture you can
deploy
Step 1
Primary template deploys an
Amazon Elastic Search (ES)
domain along with two Availability
Zones of VPC network

41. 9 What services can be used to create a centralized logging solution?
Source: https://aws.amazon.com/answers/logging/centralized-logging/
Here is a diagram showing
the centralized logging
architecture you can
deploy
Step 2
Two instances with proxy serve
as an additional layer of security
to restrict access to Amazon ES
dashboard

42. 9 What services can be used to create a centralized logging solution?
Source: https://aws.amazon.com/answers/logging/centralized-logging/
Here is a diagram showing
the centralized logging
architecture you can
deploy
Step 3
A custom Lambda function is
used to load the data from
CloudWatch to an ES domain

43. 9 What services can be used to create a centralized logging solution?
Source: https://aws.amazon.com/answers/logging/centralized-logging/
Here is a diagram showing
the centralized logging
architecture you can
deploy
Step 4
Only those user requests from
approved IP addresses will be
allowed access to the Kibana UI
using customer-defined
credentials

44. What are the native AWS Security logging capabilities?
10

45.  Every service in AWS provides metrics or log files to provide insight on how that service is operating
 The following provide the AWS service-specific log recommendations:
AWS CloudTrail AWS Config AWS CloudFront AWS Redshift
AWS RDS AWS VPC S3 S3
10 What are the native AWS Security logging capabilities?

46. AWS CloudTrail
10 What are the native AWS Security logging capabilities?
 AWS CloudTrail provides a history of AWS API calls for every
account
 You can perform security analysis, resource change tracking and
compliance auditing of your AWS environment
 It delivers log files to a designated S3 bucket every 5 minutes
 It can be configured to send notifications via AWS SNS when new
logs are delivered

47. AWS Config
10 What are the native AWS Security logging capabilities?
 AWS Config provides an AWS inventory which includes configuration
history, configuration change notification and relationships between
AWS resources
 It provides a timeline of resource configuration change for specific
services
 It records the cumulative changes if many changes are made within a
short period of time
 It can also be configured to send notifications via AWS SNS when
new logs are delivered

48. What is DDoS attack and what services can minimize DDoS attacks?
11

49. What is DDoS attack and what services can minimize DDoS attacks?
A DDoS attack is an attempt to make a website or an application unavailable to other genuine end users. This
is achieved by hackers using various methods that completely consume a network and its resources
We can minimize DDoS attacks using the following services:
AWS Shield AWS WAF Amazon Route53 CloudFront ELB VPC
11

50. What is DDoS attack and what services can minimize DDoS attacks?
We can minimize DDoS attacks using the below architecture where a TCP or UDP
based application
11
Source: https://aws.amazon.com/answers/networking/aws-ddos-attack-mitigation/

51. You are trying to provision a service in a particular region but you are not seeing the
service in that region? Why? How to fix it?12

52. You are trying to provision a service in a particular region but you are not seeing the
service in that region? Why? How to fix it?12
 As of now, not all services are available
in all regions. This is because of the high
infrastructure and maintenance costs
 Here is a short snippet of the available
regions for various services

53. You are trying to provision a service in a particular region but you are not seeing the
service in that region? Why? How to fix it?12

54. You are trying to provision a service in a particular region but you are not seeing the
service in that region? Why? How to fix it?
You can go around this problem by switching
your service to another region where its
support is available
12

55. How do you setup a system to monitor website metrics in real-time in AWS?
13

56. How do you setup a system to monitor website metrics in real-time in AWS?
 CloudWatch events helps us to monitor application status of various
AWS services and custom events
 Using CloudWatch we can monitor:
1. State changes in Amazon EC2
2. Auto-scaling lifecycle events
3. Scheduled events
4. AWS API calls
5. Console sign-in eventsAWS CloudWatch
13

57. How do you setup a system to monitor website metrics in real-time in AWS?
 CloudWatch has a conditional
statement that maps an incoming
event to its target
 A target is a resource such as
Lambda or SNS
13
Source: https://aws.amazon.com/blogs/security/how-to-use-amazon-cloudwatch-events-to-monitor-application-health/
“HealthStatus”:
“Yellow”
AppDebugger
function
“HealthStatus”:
“Red”
ReportInspection
queue
Troubleshooting
instances
RedHealth
notifier
Notify operations
team
“HealthStatus”:
“Red”
AppInstancesN
AppInstances…
AppInstances1

58. How do you setup a system to monitor website metrics in real-time in AWS?
 If HealthStatus is Yellow, a
Lambda function is invoked called
SampleAppDebugger
 If HealthStatus is Red, it is
published either to Amazon SQS or
SNS
13
Source: https://aws.amazon.com/blogs/security/how-to-use-amazon-cloudwatch-events-to-monitor-application-health/
“HealthStatus”:
“Yellow”
AppDebugger
function
“HealthStatus”:
“Red”
ReportInspection
queue
Troubleshooting
instances
RedHealth
notifier
Notify operations
team
“HealthStatus”:
“Red”
AppInstancesN
AppInstances…
AppInstances1

59. What are the different types of virtualization in AWS and what are the differences
between them?14

60. What are the different types of virtualization in AWS and what are the differences
between them?14
01 02 03
Hardware Virtual
Machine (HVM)
Paravirtualization (PV) Paravirtualization on HVM
(PV on HVM)
• Fully virtualized set of hardware
• They boot by executing master
boost record in the root block
device of your image
• PV-GRUB is a special boot
loader which boots Paravirtual
AMIs
• This PV-GRUB chain loads the
kernel specified in the menu
• Paravirtual drivers on HVM help
operating systems leverage
advantages in storage and
network I/O

61. Name some AWS services which are not region specific.
15

62. Name some AWS services which are not region specific.
IAM Route 53 Web Application
Firewall
CloudFront
15

63. Name some AWS services which are not region specific.
IAM Route 53 Web Application
Firewall
CloudFront
IAM Users, Groups, Roles & Accounts can be used
globally across all regions
15

64. Name some AWS services which are not region specific.
IAM Route 53 Web Application
Firewall
CloudFront
All Route53 services are offered at AWS edge locations
and are global
15

65. Name some AWS services which are not region specific.
IAM Route 53 Web Application
Firewall
CloudFront
Web Application Firewall which protects web
applications from common web exploits are offered
at AWS edge locations and are global
15

66. Name some AWS services which are not region specific.
IAM Route 53 Web Application
Firewall
CloudFront
CloudFront is the global Content Delivery Network
(CDN) service which is offered at AWS edge
locations
15

67. What are the differences between NAT Gateways and NAT Instances?
16

68. What are the differences between NAT Gateways and NAT Instances?
Feature NAT Gateway NAT Instance
Availability High High
Bandwidth Up to 45 Gbps Depends on instance
bandwidth
Maintenance Managed by AWS Managed by you
Performance Very Good Average
Cost Number of gateways,
duration and amount of
usage
Number of instances,
duration, amount and type of
usage
Size and load Uniform As per your need
Security Groups Cannot be assigned Can be assigned
The following are the key differences between NAT Gateway and NAT Instance:
16

69. Blockchain Technology
Amazon EC2 Questions

70. What is the difference between stopping and terminating an EC2 instance?
17

71. What is the difference between stopping and terminating an EC2 instance?
Stopping an instance Terminating an instance
When you stop an instance,
it performs a normal
shutdown on the instance
and moves to a stopped
state
Here, the instance is moved
to a shutdown state and its
attached EBS volumes are
deleted unless you have set
deleteOnTermination to
‘False’
EC2
EC2
17

72. What are the different types of EC2 instances based on their costs?
18

73. What are the different types of EC2 instances based on their costs?
On-demand instance Spot instance Reserved instance
 There are three types of Amazon EC2 instances based on costs:
18

74. What are the different types of EC2 instances based on their costs?
On-demand instance
• These are EC2 instances that are purchased at a fixed rate
per hour
• These are used for applications with short-term irregular
workloads that cannot be interrupted
• These are best suited for development and testing of
applications
On-demand
instance
18

75. What are the different types of EC2 instances based on their costs?
Spot instance
• AWS allows customers to purchase unused EC2 capacity at
highly reduced rates
• Spot instances provide AWS with a flexible option to sell
extra capacity
• They are sold through a bidding process where the customer
bids a specific price per hour that he/she is willing to pay
• The price of a Spot Instance will vary based on the supply
and demand in the market
Spot instance
18

76. What are the different types of EC2 instances based on their costs?
Reserved instance
• Reserved instances are majorly used for short-term and they
provide cost savings for companies
• While purchasing Reserved instances, users can opt for no
upfront payment, partial payment or full payment upfront
• Reserved instances are available in three types: light,
medium and heavy
Reserved instance
18

77. How to setup SSH agent forwarding so that you do not have to copy the key every time
you login?19

78. How to setup SSH agent forwarding so that you do not have to copy the key every time
you login?
Follow the below steps to setup SSH agent forwarding:
1. Go to your PuTTY Configuration
2. Go to the category SSH -> Auth
3. Enable SSH agent forwarding to your instance
19

79. What are Solaris and AIX operating systems? Are they available with AWS?
20

80. What are Solaris and AIX operating systems? Are they available with AWS?
 No, both Solaris and AIX are not available with AWS
Solaris uses SPARC processor architecture
which is not supported in public cloud currently.
Linux and Windows uses x86 processors
AIX runs only on Power CPU and not on Intel.
Hence, you cannot build AIX instances in EC2, at
least until AWS does not propose power machines
20

81. How do you configure CloudWatch to recover an EC2 instance?
21

82. How do you configure CloudWatch to recover an EC2 instance?
 You can create an Alarm using Amazon
CloudWatch
 In this Alarm, go to Define Alarm -> Actions tab
 Select the “Recover this instance” option
CloudWatch
21

83. What are the common and different types for AMI designs?
22

84. What are the common and different types for AMI designs?
Fully Baked AMI JeOS AMI Hybrid AMI
22

85. What are the common and different types for AMI designs?
22

86. What are the common and different types for AMI designs?
Fully Baked AMI
• These AMIs are the simplest to
deploy and provide the fastest
launch times
• This is best suited for small AWS
deployments as it can be
expensive and cumbersome to
setup
22

87. What are the common and different types for AMI designs?
Fully Baked AMI
• These AMIs are the simplest to
deploy and provide the fastest
launch times
• This is best suited for small AWS
deployments as it can be
expensive and cumbersome to
setup
Just Enough Operating System
AMI
• This has a minimal operating
system that is fully functional
system at its launch
• They offer the most flexibility
during deployment and highest
levels of portability
• Here, the configuration agent
downloads, installs and
configures all the required
software during deployment
22

88. What are the common and different types for AMI designs?
Fully Baked AMI
• These AMIs are the simplest to
deploy and provide the fastest
launch times
• This is best suited for small AWS
deployments as it can be
expensive and cumbersome to
setup
Just Enough Operating System
AMI
• This combines a minimal
operating system with a
configuration management
system that builds a fully
functional system at its launch
• They offer the most flexibility
during deployment and highest
levels of portability
• Here, the configuration agent
downloads, installs, configures
and installs all the required
software during deployment
Hybrid AMI
• Hybrid AMIs fall in between the
fully baked and JeOS options
• These AMIs have a partially
baked generic infrastructure on
top of which you can install
required software based on your
requirement
• Frameworks, J2EE and Tomcat
run during runtime and help to
create role specific AMIs
22

89. How can you recover/ login to an EC2 instance to which you lost the key?
23

90. How can you recover/ login to an EC2 instance to which you lost the key?
Follow the below steps to recover or login to an EC2 instance to which you
have lost the key:
Step 1: Verify that the EC2Config service is running
Step 2: Detach the root volume from the instance
Step 3: Attach the volume to a temporary instance
Step 4: Modify the configuration file
Step 5: Restart the original instance
EC2 Instance
23

91. Blockchain Technology
S3 Questions

92. What are some key differences between AWS S3 and EBS?
24

93. What are some key differences between AWS S3 and EBS?
Feature AWS S3 AWS EBS
Paradigm Object Store Filesystem
Performance Fast Superfast
Redundancy Across data centers Within a data center
Security Using public or private key Can be used only with EC2
24

94. How do you allow access to a user to a certain bucket?
25

95. How do you allow access to a user to a certain bucket?
We will follow the following four steps to allow access to a certain
bucket:
Step 1: Categorize your instances
Step 2: Define how authorized users can (or can’t) manage specific
servers
Step 3: Lock down your tags
Step 4: Attach your policies to IAM users
AWS S3 Bucket
25

96. How can you monitor S3 cross region replication to ensure consistency without actually
checking the bucket?26

97. How can you monitor S3 cross region replication to ensure consistency without actually
checking the bucket?
Cross-Region Replication Monitor
(CRR Monitor) application is used to
monitor the replication status of your
Amazon S3 objects
Source: https://aws.amazon.com/answers/infrastructure-management/crr-monitor
26

98. Blockchain Technology
VPC Questions

99. 27 VPC is not resolving the server through DNS. What might be the issue and how can
you fix it?

100. VPC is not resolving the server through DNS. What might be the issue and how can
you fix it?
To enable a VPC to resolve public
IPv4 DNS hostnames to private IPv4
addresses when queried from
instances in the peer VPC, you must
modify the peering connection
27
Enable DNS hostnames
to enable a VPC to
resolve public DNS
hostnames to private
IPv4 addresses

101. How do you connect multiple sites to a VPC?
28

102. How do you connect multiple sites to a VPC?
28
If you have multiple VPN connections, you can
provide secure communication between sites
using the AWS VPN CloudHub

103. How do you connect multiple sites to a VPC?
28
If you have multiple VPN connections, you can
provide secure communication between sites
using the AWS VPN CloudHub
You can connect multiple sites to a VPC as shown
in this diagram

104. Name and explain some security products and features available in VPC.
29

105. Name and explain some security products and features available in VPC.
 Security groups — Act as a firewall for associated Amazon EC2
instances, controlling both inbound and outbound traffic at the instance
level
 Network access control lists (ACLs) — Act as a firewall for
associated subnets, controlling both inbound and outbound traffic at
the subnet level
 Flow logs — Capture information about the IP traffic going to and
from network interfaces in your VPC
Source: https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Security.html
29

106. How do you monitor Amazon VPC?
30

107. How do you monitor Amazon VPC?
You can monitor Amazon VPC using the
following:
 CloudWatch and CloudWatch Logs
 VPC Flow Logs
CloudWatchVPC
30

108. Blockchain Technology
Multiple Choice Questions

109. Suppose you are a game designer and want to develop a game with single digit
millisecond latency, which of the following databases services would you use?
31

110. Suppose you are a game designer and want to develop a game with single digit
millisecond latency, which of the following databases services would you use?
31
Amazon RDS
Amazon Snowball
Amazon Neptune
Amazon DynamoDB

111. Suppose you are a game designer and want to develop a game with single digit
millisecond latency, which of the following databases services would you use?
31
Amazon RDS
Amazon Snowball
Amazon Neptune
Amazon DynamoDB

112. If you need to perform real-time monitoring of AWS services and get actionable
insights, which service would you use?
32

113. If you need to perform real-time monitoring of AWS services and get actionable
insights, which service would you use?
32
Amazon Firewall
Manager
Amazon CloudWatch
Amazon GuardDuty
Amazon EBS

114. If you need to perform real-time monitoring of AWS services and get actionable
insights, which service would you use?
32
Amazon Firewall
Manager
Amazon CloudWatch
Amazon GuardDuty
Amazon EBS

115. As a web developer, you are developing an app especially for the mobile platform.
Which of the following lets you add user sign-up, sign-in, and access control to your
web and mobile apps quickly and easily?
33

116. As a web developer, you are developing an app especially for the mobile platform.
Which of the following lets you add user sign-up, sign-in, and access control to your
web and mobile apps quickly and easily?
33
AWS Shield
AWS Inspector
AWS Macie
Amazon Cognito

117. As a web developer, you are developing an app especially for the mobile platform.
Which of the following lets you add user sign-up, sign-in, and access control to your
web and mobile apps quickly and easily?
33
AWS Shield
AWS Inspector
AWS Macie
Amazon Cognito

118. You are a Machine Learning engineer who is on the lookout for a solution that will
discover sensitive information that your enterprise stores in AWS and then use NLP
to classify that data and provide business related insights. Which among the
following services would you choose?
34

119. You are a Machine Learning engineer who is on the lookout for a solution that will
discover sensitive information that your enterprise stores in AWS and then use NLP
to classify that data and provide business related insights. Which among the
following services would you choose?
34
AWS Firewall Manager
AWS Macie
AWS IAM
AWS CloudHSM

120. You are a Machine Learning engineer who is on the lookout for a solution that will
discover sensitive information that your enterprise stores in AWS and then use NLP
to classify that data and provide business related insights. Which among the
following services would you choose?
34
AWS Firewall Manager
AWS Macie
AWS IAM
AWS CloudHSM

121. You are the system administration in your company which is running most of its
infrastructure on AWS. You are required to track your users and keep a look on how
your users are being authenticated. You wish to create and manage AWS users and
use permissions to allow and deny their access to AWS resources. Which of the
following services suits you best?
35

122. You are the system administration in your company which is running most of its
infrastructure on AWS. You are required to track your users and keep a look on how
your users are being authenticated. You wish to create and manage AWS users and
use permissions to allow and deny their access to AWS resources. Which of the
following services suits you best?
35
AWS IAM
AWS Shield
AWS Firewall Manager
Amazon API Gateway

123. You are the system administration in your company which is running most of its
infrastructure on AWS. You are required to track your users and keep a look on how
your users are being authenticated. You wish to create and manage AWS users and
use permissions to allow and deny their access to AWS resources. Which of the
following services suits you best?
35
AWS IAM
AWS Shield
AWS Firewall Manager
Amazon API Gateway

124. If you want to allocate various private and public IP addresses in order to make them
communicate with the internet and other instances, you will use this service. Which
of the following is this service?
36

125. If you want to allocate various private and public IP addresses in order to make them
communicate with the internet and other instances, you will use this service. Which
of the following is this service?
36
Amazon Route 53
Amazon API Gateway
Amazon VPC
Amazon CloudFront

126. If you want to allocate various private and public IP addresses in order to make them
communicate with the internet and other instances, you will use this service. Which
of the following is this service?
36
Amazon Route 53
Amazon API Gateway
Amazon VPC
Amazon CloudFront

127. This service provides you with cost-efficient and resizable capacity while automating
time-consuming administration tasks
37

128. This service provides you with cost-efficient and resizable capacity while automating
time-consuming administration tasks
37
Amazon Relational
Database Service
Amazon VPC
Amazon Elasticache
Amazon Glacier

129. This service provides you with cost-efficient and resizable capacity while automating
time-consuming administration tasks
37
Amazon Relational
Database Service
Amazon VPC
Amazon Elasticache
Amazon Glacier

130. Which of the following is a means for accessing human researchers or consultants to
help solve problems on a contractual or temporary basis?
38

131. Which of the following is a means for accessing human researchers or consultants to
help solve problems on a contractual or temporary basis?
38
Amazon Elastic
MapReduce
Amazon DevPay
Amazon Mechanical
Turk
Multi-Factor
Authentication

132. Which of the following is a means for accessing human researchers or consultants to
help solve problems on a contractual or temporary basis?
38
Amazon Elastic
MapReduce
Amazon DevPay
Amazon Mechanical
Turk
Multi-Factor
Authentication

133. This service is used to make it easy to deploy, manage, and scale containerized
applications using Kubernetes on AWS. Which of the following is this AWS service?
39

134. This service is used to make it easy to deploy, manage, and scale containerized
applications using Kubernetes on AWS. Which of the following is this AWS service?
39
Amazon Elastic
Container Service
AWS Elastic Beanstalk
AWS Batch
Amazon Lightsail

135. This service is used to make it easy to deploy, manage, and scale containerized
applications using Kubernetes on AWS. Which of the following is this AWS service?
39
Amazon Elastic
Container Service
AWS Elastic Beanstalk
AWS Batch
Amazon Lightsail

136. This service lets you run code without provisioning or managing servers. Select the
correct service from the below options.
40

137. This service lets you run code without provisioning or managing servers. Select the
correct service from the below options.
40
Amazon EC2 Auto
Scaling
AWS Batch
AWS Lambda
Amazon Inspector

138. This service lets you run code without provisioning or managing servers. Select the
correct service from the below options.
40
Amazon EC2 Auto
Scaling
AWS Batch
AWS Lambda
Amazon Inspector