According to the AWS shared responsibility model, what responsibility does a customer have when using Amazon RDS to host a database?
Manage connections to the database
Install Microsoft SQL Server
Design encryption-at-rest strategies
Apply minor database patches
Answer is Manage connections to the database
Amazon RDS encrypts your databases using keys you manage with the AWS Key Management Service (KMS). On a database instance running with Amazon RDS encryption, data stored at rest in the underlying storage is encrypted, as are its automated backups, read replicas, and snapshots. Amazon RDS encryption uses the industry standard AES-256 encryption algorithm to encrypt your data on the server that hosts your Amazon RDS instance.
Designing an encryption strategy means building the strategy from scratch (including choosing the best-fit encryption algorithm for that strategy), as mentioned before, selecting a one is different from design/create a new one.
Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?
Agility
Elasticity
Reliability
Durability
Answer is Elasticity
Elasticity and Agility are pretty much the same thing but Elasticity is for resources (like CPU) and Agility is for services (EC2). Elasticity helps reduce the instance if underutilised.
Question 43
Which characteristics are advantages of using the AWS Cloud? (Choose two.)
A 100% service level agreement (SLA) for all AWS services
Compute capacity that is adjusted on demand
Availability of AWS Support for code development
Enhanced security
Increases in cost and complexity
Answers are;
B. Compute capacity that is adjusted on demand
D. Enhanced security
A company wants to eliminate the need to guess infrastructure capacity before deployments. The company also wants to spend its budget on cloud resources only as the company uses the resources.
Which advantage of the AWS Cloud matches the company's requirements?
Reliability
Global reach
Economies of scale
Pay-as-you-go pricing
Answer is Pay-as-you-go pricing
Trade fixed expense for variable expense – Instead of having to invest heavily in data centers and servers before you know how you’re going to use them, you can pay only when you consume computing resources, and pay only for how much you consume.
An online retail company has seasonal sales spikes several times a year, primarily around holidays. Demand is lower at other times. The company finds it difficult to predict the increasing infrastructure demand for each season.
Which advantages of moving to the AWS Cloud would MOST benefit the company? (Choose two.)
Global footprint
Elasticity
AWS service quotas
AWS shared responsibility model
Pay-as-you-go pricing
Answers are;
B. Elasticity
E. Pay-as-you-go pricing
Which of the following is a recommended design principle for AWS Cloud architecture?
Design tightly coupled components.
Build a single application component that can handle all the application functionality.
Make large changes on fewer iterations to reduce chances of failure.
Avoid monolithic architecture by segmenting workloads.
Answer is Avoid monolithic architecture by segmenting workloads.
There are various AWS services that enable
you to build applications that adopt a decoupled architecture design. This enables you to
move away from traditional monolithic design in favor of the more modern microservice
architectures.
Which of the following are Amazon Virtual Private Cloud (Amazon VPC) resources?
Objects; access control lists (ACLs)
Subnets; internet gateways
Access policies; buckets
Groups; roles
Answer is Subnets; internet gateways
Components of Amazon VPC
- A Virtual Private Cloud: A logically isolated virtual network in the AWS cloud. You define a VPC’s IP address space from the ranges you select.
- Subnet: A segment of a VPC’s IP address range where you can place groups of isolated resources.
- Internet Gateway: The Amazon VPC side of a connection to the public Internet.
- NAT Gateway: A highly available, managed Network Address Translation (NAT) service for your resources in a private subnet to access the Internet.
- Route Table: A route table contains a set of rules, called routes, that are used to determine where network traffic from your subnet or gateway is directed.
- DNS Hostname: The Amazon DNS server resolves a public DNS hostname to the public IPv4 address of the instance outside the network of the instance.
- CIDR: Classless Inter-Domain Routing
Which design principle is included in the operational excellence pillar of the AWS Well-Architected Framework?
Create annotated documentation.
Anticipate failure.
Ensure performance efficiency.
Optimize costs.
Answer is Anticipate failure.
AWS Well-Architected Framework:
1. Perform operations as code
2. Make frequent, small, reversible changes
3. Refine operations procedures frequently 4. Anticipate failure
5. Learn from all operational failures
Anticipate failure: Perform 'pre-mortem' exercises to identify potential sources of failure so that they can be removed or mitigated. Test your failure scenarios and validate your understanding of their impact. Test your response procedures to ensure they are effective and that teams are familiar with their process. Set up regular game days to test workload and team responses to simulated events.
Which of the following is the customer responsible for updating and patching, according to the AWS shared responsibility model?
Amazon FSx for Windows File Server
Amazon WorkSpaces virtual Windows desktop
AWS Directory Service for Microsoft Active Directory
Amazon RDS for Microsoft SQL Server
Answer is Amazon WorkSpaces virtual Windows desktop
We recommend that you regularly patch, update, and secure the operating system and applications on your WorkSpaces. You can configure your WorkSpaces to be updated by WorkSpaces during a regular maintenance window or you can update them yourself.