High Quality Amazon-Web-Services SAA-C01 Preparation Online

Our pass rate is high to 98.9% and the similarity percentage between our SAA-C01 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Amazon-Web-Services SAA-C01 exam in just one try? I am currently studying for the Amazon-Web-Services SAA-C01 exam. Latest Amazon-Web-Services SAA-C01 Test exam practice questions and answers, Try Amazon-Web-Services SAA-C01 Brain Dumps First.

Online Amazon-Web-Services SAA-C01 free dumps demo Below:

Page: 1 / 24
Total 288 questions Full Exam Access
Question 1
When an EC2 instance that is backed by an S3-based AMI is terminated, what happens to the data on the root volume?
My answer: -
Reference answer: D
Reference analysis:

Using the legacy S3 based AMIs, either of the above terminates the instance and you lose all local and ephemeral storage (boot disk and /mnt) forever. Hope you remembered to save the important stuff elsewhere.

Question 2
Which route must be added to your routing table in order to allow connections to the Internet from your subnet?
My answer: -
Reference answer: A
Reference analysis:

None

Question 3
You have just discovered that you can upload your objects to Amazon S3 using Multipart Upload API. You start to test it out but are unsure of the benefits that it would provide. Which of the following is not a benefit of using multipart uploads?
My answer: -
Reference answer: D
Reference analysis:

Multipart upload in Amazon S3 allows you to upload a single object as a set of parts. Each part is a contiguous portion of the object\'s data. You can upload these object parts independently and in any order. If transmission of any part fails, you can re-transmit that part without affecting other parts. After all parts of your object are uploaded, Amazon S3 assembles these parts and creates the object. In general, when your object size reaches 100 MB, you should consider using multipart uploads instead of uploading the object in a single operation.
Using multipart upload provides the following advantages:
Improved throughput--You can upload parts in parallel to improve throughput. Quick recovery from any network issues--Smaller part size minimizes the impact of restarting a failed upload due to a network error.
Pause and resume object uploads--You can upload object parts over time. Once you initiate a multipart upload there is no expiry; you must explicitly complete or abort the multipart upload. Begin an upload before you know the final object size--You can upload an object as you are creating it.

Question 4
In Route 53, what does a Hosted Zone refer to?
My answer: -
Reference answer: B
Reference analysis:

A Hosted Zone refers to a selection of resource record sets hosted by Route 53.

Question 5
Company has three AWS accounts. They have created separate IAM users within each account. Company wants a single IAM login URL such as https://company.signin.aws.amazon.com/console/
for use by IAM users in all three accounts. How can this be achieved?
My answer: -
Reference answer: D
Reference analysis:

Users can create an alias for they accounts, but the alias should be unique to the account. For example, the alias "company" can be assigned to only one account. If a user wants the URL of the
AWS IAM sign-in page to have a company name instead of the AWS account ID, he can create an alias for his AWS account ID.
http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html

Question 6
A/An ____ acts as a firewall that controls the traffic allowed to reach one or more instances.
My answer: -
Reference answer: A
Reference analysis:

A security group acts as a virtual firewall that controls the traffic for one or more instances. http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html

Question 7
While creating an EC2 snapshot using the API, which Action should I be using?
My answer: -
Reference answer: D
Reference analysis:

None

Question 8
Your system recently experienced down time during the troubleshooting process. You found that a new administrator mistakenly terminated several production EC2 instances.
Which of the following strategies will help prevent a similar situation in the future? The administrator still must be able to:
- launch, start stop, and terminate development resources.
- launch and start production instances.
My answer: -
Reference answer: B
Reference analysis:

Working with volumes
When an API action requires a caller to specify multiple resources, you must create a policy statement that allows users to access all required resources. If you need to use a Condition element with one or more of these resources, you must create multiple statements as shown in this example. The following policy allows users to attach volumes with the tag "volume_user=iam-user-name" to
instances with the tag "department=dev", and to detach those volumes from those instances. If you attach this policy to an IAM group, the aws:username policy variable gives each IAM user in the group permission to attach or detach volumes from the instances with a tag named volume_user that has his or her IAM user name as a value.
\"SAA-C01
Launching instances (RunInstances)
The RunInstances API action launches one or more instances. RunInstances requires an AMI and creates an instance; and users can specify a key pair and security group in the request. Launching into EC2-VPC requires a subnet, and creates a network interface. Launching from an Amazon EBS-backed AMI creates a volume. Therefore, the user must have permission to use these Amazon EC2
resources. The caller can also configure the instance using optional parameters to RunInstances, such as the instance type and a subnet. You can create a policy statement that requires users to specify an optional parameter, or restricts users to particular values for a parameter. The examples in this section demonstrate some of the many possible ways that you can control the configuration of an instance that a user can launch.
Note that by default, users don\'t have permission to describe, start, stop, or terminate the resulting instances. One way to grant the users permission to manage the resulting instances is to create a specific tag for each instance, and then create a statement that enables them to manage instances with that tag. For more information, see 2: Working with instances.
/a. AMI
The following policy allows users to launch instances using only the AMIs that have the specified tag, "department=dev", associated with them. The users can\'t launch instances using other AMIs because the Condition element of the first statement requires that users specify an AMI that has this tag. The users also can\'t launch into a subnet, as the policy does not grant permissions for the subnet and network interface resources. They can, however, launch into EC2-Classic. The second statement uses a wildcard to enable users to create instance resources, and requires users to specify the key pair project_keypair and the security group sg-1a2b3c4d. Users are still able to launch instances without a key pair.
\"SAA-C01
Alternatively, the following policy allows users to launch instances using only the specified AMIs, ami-9e1670f7 and ami-45cf5c3c. The users can\'t launch an instance using other AMIs (unless another statement grants the users permission to do so), and the users can\'t launch an instance into a subnet.
\"SAA-C01
Alternatively, the following policy allows users to launch instances from all AMIs owned by Amazon. The Condition element of the first statement tests whether ec2:Owner is amazon. The users can\'t launch an instance using other AMIs (unless another statement grants the users permission to do so). The users are able to launch an instance into a subnet.
\"SAA-C01
/b. Instance type
The following policy allows users to launch instances using only the t2.micro or t2.small instance type, which you might do to control costs. The users can\'t launch larger instances because the Condition element of the first statement tests whether ec2:InstanceType is either t2.micro or t2.small.
\"SAA-C01
Alternatively, you can create a policy that denies users permission to launch any instances except t2.micro and t2.small instance types.
\"SAA-C01
/c. Subnet
The following policy allows users to launch instances using only the specified subnet, subnet- 12345678. The group can\'t launch instances into any another subnet (unless another statement grants the users permission to do so). Users are still able to launch instances into EC2-Classic.
\"SAA-C01
Alternatively, you could create a policy that denies users permission to launch an instance into any other subnet. The statement does this by denying permission to create a network interface, except where subnet subnet-12345678 is specified. This denial overrides any other policies that are created to allow launching instances into other subnets. Users are still able to launch instances into EC2- Classic.
\"SAA-C01
https://aws.amazon.com/blogs/security/resource-level-permissions-for-ec2-controllingmanagement- access-on-specific-instances/
*August 2016 Update* One way to work around this is to use a combination of an Amazon CloudWatch Events rule and AWS Lambda to tag newly created instances.

Question 9
A popular e-commerce application runs on AWS. The application encounters performance issues. The database is unable to handle the amount of queries and load during peak times. The database is running on the RDS Aurora engine on the largest instance size available.
What should an administrator do to improve performance?
My answer: -
Reference answer: C
Reference analysis:

None

Question 10
Reserved Instances are available for Multi-AZ Deployments.
My answer: -
Reference answer: B
Reference analysis:

None

Question 11
A customer is leveraging Amazon Simple Storage Service in eu-west-1 to store static content for a web-based property. The customer is storing objects using the Standard Storage class. Where are the customers objects replicated?
My answer: -
Reference answer: C
Reference analysis:

Objects stored in a region never leave the region unless you explicitly transfer them to another region. For example, objects stored in the EU (Ireland) region never leave it. http://docs.aws.amazon.com/AmazonS3/latest/dev/Introduction.html#Regions

Question 12
You are signed in as root user on your account but there is an Amazon S3 bucket under your account that you cannot access. What is a possible reason for this?
My answer: -
Reference answer: A
Reference analysis:

With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users can access.
In some cases, you might have an IAM user with full access to IAM and Amazon S3. If the IAM user assigns a bucket policy to an Amazon S3 bucket and doesn\'t specify the root user as a principal, the root user is denied access to that bucket. However, as the root user, you can still access the bucket by modifying the bucket policy to allow root user access.

Question 13
Can a user get a notification of each instance start / terminate configured with Auto Scaling?
My answer: -
Reference answer: C
Reference analysis:

The user can get notifications using SNS if he has configured the notifications while creating the Auto Scaling group.

Question 14
Because of the extensibility limitations of striped storage attached to Windows Server, Amazon RDS does not currently support increasing storage on a _____ DB Instance.
My answer: -
Reference answer: A
Reference analysis:

None

Question 15
An AWS customer runs a public blogging website. The site users upload two million blog entries a month. The average blog entry size is 200 KB. The access rate to blog entries drops to negligible 6 months after publication and users rarely access a blog entry 1 year after publication. Additionally,
blog entries have a high update rate during the first 3 months following publication, this drops to no updates after 6 months. The customer wants to use CloudFront to improve his user's load times. Which of the following recommendations would you make to the customer?
My answer: -
Reference answer: C
Reference analysis:

None

Question 16
You can have 1 subnet stretched across multiple availability zones.
My answer: -
Reference answer: B
Reference analysis:

None

Question 17
You are migrating an existing enterprise application to AWS. It requires standard file system access from multiple instances. It also requires high storage throughput with consistently low latencies. You are looking for a storage solution that will grow and shrink capacity automatically.
How can you accomplish this in AWS?
My answer: -
Reference answer: B
Reference analysis:

Reference https://docs.aws.amazon.com/efs/latest/ug/whatisefs.html

Question 18
Can you move a Reserved Instance from one Availability Zone to another?
My answer: -
Reference answer: A
Reference analysis:

Each Reserved Instance is associated with a specific Region, which is fixed for the lifetime of the reservation and cannot be changed. Each reservation can, however, be used in any of the available AZs within the associated Region.

Question 19
You have a Business support plan with AWS. One of your EC2 instances is running Microsoft Windows Server 2008 R2 and you are having problems with the software. Can you receive support from AWS for this software?
My answer: -
Reference answer: A
Reference analysis:

Third-party software support is available only to AWS Support customers enrolled for Business or Enterprise Support. Third-party support applies only to software running on Amazon EC2 and does not extend to assisting with on-premises software. An exception to this is a VPN tunnel configuration running supported devices for Amazon VPC.

Question 20
You have set up an S3 bucket with a number of images in it and you have decided that you want anybody to be able to access these images, even anonymous users. To accomplish this you create a bucket policy. You will need to use an Amazon S3 bucket policy that specifies a ____ in the principal element, which means anyone can access the bucket.
My answer: -
Reference answer: C
Reference analysis:

You can use the AWS Policy Generator to create a bucket policy for your Amazon S3 bucket.
You can then use the generated document to set your bucket policy by using the Amazon S3 console, by a number of third-party tools, or via your application.
You use an Amazon S3 bucket policy that specifies a wildcard (*) in the principal element, which means anyone can access the bucket. With anonymous access, anyone (including users without an AWS account) will be able to access the bucket.

Question 21
An administrator is using Amazon CloudFormation to deploy a three tier web application that consists of a web tier and application tier that will utilize Amazon DynamoDB for storage when creating the CloudFormation template which of the following would allow the application instance access to the DynamoDB tables without exposing API credentials?
My answer: -
Reference answer: C
Reference analysis:

None

Question 22
A custom network ACL that you create _____ until you add rules, and is not associated with a subnet until you explicitly associate it with one.
My answer: -
Reference answer: D
Reference analysis:

You can create a custom network ACL for your VPC. By default, a network ACL that you create blocks all inbound and outbound traffic until you add rules, and is not associated with a subnet until you explicitly associate it with one.
The default NACL that is created with your VPC allows all inbound and outbound traffic by default http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html#CreateACL

Question 23
An edge location refers to which Amazon Web Service?
My answer: -
Reference answer: C
Reference analysis:

Amazon CloudFront is a content distribution network. A content delivery network or content distribution network (CDN) is a large distributed system of servers deployed in multiple data centers across the world. The location of the data center used for CDN is called edge location. Amazon CloudFront can cache static content at each edge location. This means that your popular static content (e.g., your site\'s logo, navigational images, cascading style sheets, JavaScript code, etc.) will be available at a nearby edge location for the browsers to download with low latency and improved performance for viewers. Caching popular static content with Amazon CloudFront also helps you offload requests for such files from your origin sever? CloudFront serves the cached copy when available and only makes a request to your origin server if the edge location receiving the browser\'s request does not have a copy of the file.

Question 24
Amazon Web Services offer 3 different levels of support, which of the below are valid support levels.
My answer: -
Reference answer: B
Reference analysis:

None

Question 25
You have been tasked with creating a VPC network topology for your company. The VPC network must support both Internet-facing applications and internally-facing applications accessed only over VPN. Both Internet-facing and internally-facing applications must be able to leverage at least three AZs for high availability. At a minimum, how many subnets must you create within your VPC to accommodate these requirements?
My answer: -
Reference answer: D
Reference analysis:

None

Question 26
Amazon EC2 provides a repository of public data sets that can be seamlessly integrated into AWS cloud-based applications. What is the monthly charge for using the public data sets?
My answer: -
Reference answer: D
Reference analysis:

None

Question 27
Which of the following statements is true of tagging an Amazon EC2 resource?
My answer: -
Reference answer: C
Reference analysis:

You can assign tags only to resources that already exist. You can\'t terminate, stop, or delete a resource based solely on its tags; you must specify the resource identifier.

Page: 1 / 24
Total 288 questions Full Exam Access