In [1]:
import numpy as np
import random
from termcolor import colored

def read_a_file(file_path: str) -> dict:
    doc = dict()
    with open(file_path, 'r') as f:
        for line in f:
            if line.startswith('Q'):
                choices = []
                # Add to be a key
                q = line[4:].strip()
            elif line.startswith('- [x]'):
                # Add a correct choice to a dict of choices
                choices.append([line[5:].strip(), True])

            elif line.startswith('- ['):
                # Add a wrong choice to a dict of choices
                choices.append([line[5:].strip(), False])

            # Detect a blank line
            elif line in ['\n', '\r\n']:
                # Shuffle choices
                np.random.shuffle(choices)
                # Add them to be a set of question and choices
                doc[q] = np.array(choices)
    f.close()
    return doc

In [2]:
def create_a_nicer_file(filename: str, doc: dict):
    '''
    This is to create a nicer Q&A file name from doc, of dict type
    '''
    num = 1
    with open(str(filename), 'w') as f:
        for question, answers in doc.items():
            f.write(f'Q{num}. {question}\n')
            num += 1
            for answer in answers:
                if answer[1] == 'True':
                    f.write(f'- [x] {answer[0]}\n')
                else:
                    f.write(f'- [ ] {answer[0]}\n')
            f.write('\n')
    f.close()

In [3]:
def make_flash_cards(doc):
    '''
    This is to create flash cards containing questions and ONLY ONE correct answer in a group of multiple choices
    '''
    # Shuffle questions
    doc = list(doc.items())
    random.shuffle(doc)
    doc = dict(doc)
    correct = 0
    index_q = 1
    for q, c in doc.items():
        print(colored(f'Q{index_q}. {q}', 'blue'))
        index_q += 1
        for index, choice in enumerate(c, 1):
            print(colored(f'{index}. {choice[0]}', 'magenta'))
            if choice[1] == 'True':
                correct_answer = choice[0]
    #     Promt user to type the answer choice number
        user_choice = int(input('Enter the answer number: '))
        while user_choice > len(c):
            user_choice = int(input('Enter the answer number: '))
        if c[user_choice - 1][1] == 'True':
            print('Correct')
            correct += 1
        else:
            print(colored('WRONG! The answer should be: ', 'yellow'), end='')
            print(colored(correct_answer, 'red'))
        print()
    print(f'You passed with: {correct * 100 / len(doc):.2f}%')

In [4]:
doc = read_a_file('Q&A.txt')
make_flash_cards(doc)

[34mQ1. A group of developers for a startup company store their source code and binary files on a shared open-source repository platform which is publicly accessible over the internet. They have embarked on a new project in which their client requires high confidentiality and security on all development assets. What AWS service can the developers use to meet the requirement?[0m
[35m1. AWS CodeCommit[0m
[35m2. AWS Lambda[0m
[35m3. AWS CodeStar[0m
[35m4. AWS CodeDeploy[0m


Enter the answer number:  1


Correct

[34mQ2. What privilege is specific to the AWS root account, and cannot be granted to another IAM user on the account?[0m
[35m1. Create a new hosted zone in Route 53.[0m
[35m2. Modify the billing details.[0m
[35m3. Revoke the Administrator Access role or grant it to another IAM user.[0m
[35m4. Delete the AWS account.[0m


Enter the answer number:  4


Correct

[34mQ3. What is the best practice for creating a highly available PostgreSQL database in RDS that can sustain the loss of a single AWS region?[0m
[35m1. Verify that your instance is configured for Multi-AZ support. Database changes will be automatically synced to another region in the event of a failure and RDS will automatically select a new master until the regional failure is resolved.[0m
[35m2. Create Read Replicas in other AWS regions. Ensure read operations against the database occur on an available Read Replica, and send write operations to another region if you need to promote a Read Replica to a standalone database if the master is down.[0m
[35m3. PostgreSQL cannot be replicated across regions. Restore the database backups from an S3 bucket and repoint your database connections to the new instance.[0m
[35m4. Create Read Replicas in other AWS regions. You can designate a new master database from any of the read replicas until the regional failure is resolved.

Enter the answer number:  2


Correct

[34mQ4. A file-sharing service uses Amazon S3 to store files uploaded by users. Files are accessed with random frequency, popular ones are downloaded every day whilst others not so often and some rarely. What is the most cost-effective Amazon S3 object storage class to implement?[0m
[35m1. Amazon S3 Glacier[0m
[35m2. Amazon S3 Intelligent-Tiering[0m
[35m3. Amazon S3 Standard[0m
[35m4. Amazon S3 One Zone-Infrequently Accessed[0m


Enter the answer number:  2


Correct

[34mQ5. When launching an EC2 instance with an instance type that supports instance storage, what use case is best for instance storage?[0m
[35m1. Use the instance storage to handle files uploaded by your users. Since it is more secure than an EBS volume, you can isolate any malicious files from infecting your server.[0m
[35m2. Instance storage is a deprecated option for storage and should not be used.[0m
[35m3. Instance storage is faster than EBS volumes, so install the root of the operating system on this volume to speed up server performance.[0m
[35m4. Use the instance storage to serve temporary files that require low I/O latency.[0m


Enter the answer number:  4


Correct

[34mQ6. On a social media website, creative content goes viral for a few days and then rapidly declines in popularity and views thereafter. Which storage class and configuration option would you choose for a cost-effective storage?[0m
[35m1. Amazon S3 Standard with object versioning[0m
[35m2. Amazon S3 Standard with lifecycle policies[0m
[35m3. Amazon Elastic File Store (EFS)[0m
[35m4. Amazon S3 Intelligent-Tiering[0m


Enter the answer number:  2


Correct

[34mQ7. When designing a serverless web application using Lambda, what key concept must you factor into your design?[0m
[35m1. Lambda only allows you to write functions in JavaScript.[0m
[35m2. Lambda is stateless, so it won't remember who a user is in between requests.[0m
[35m3. Lambda does not use servers, so it can only return the same request to every user.[0m
[35m4. Serverless web applications run within the web browser of the user, so you will need to store any data the user changes directly in a database.[0m


Enter the answer number:  2


Correct

[34mQ8. You have several on-premise servers and would like to store your offsite backups on AWS. What fully managed backup service can you use to ship your backups to AWS?[0m
[35m1. Use the RDS console to force a reboot of the database instance so that the primary server becomes the master server again.[0m
[35m2. Sync files directly to S3 with the AWS CLI.[0m
[35m3. Windows Server 2016 supports S3 as a target when using storage replicas.[0m
[35m4. Use Storage Gateway.[0m


Enter the answer number:  4


Correct

[34mQ9. As your web application grows and your application monitoring needs become more complex, which additional log monitoring service should you NOT consider?[0m
[35m1. New Relic[0m
[35m2. PRTG[0m
[35m3. ELK stack: Elasticsearch, Loggly, and Kibana[0m
[35m4. Datadog[0m


Enter the answer number:  2


Correct

[34mQ10. In Amazon S3, what is the difference between lifecycle policies and intelligent tiering?[0m
[35m1. Lifecycle policies cannot be configured to permanently delete objects from an S3 bucket whilst intelligent tiering can do so if versioning is turned on.[0m
[35m2. When transitioning objects into different storage classes, intelligent tiering is automatic whilst lifecycle policies have to be manually triggered.[0m
[35m3. Intelligent tiering is an object storage class which is not dependant on access patterns, it uses a pre-configured transition rule.[0m
[35m4. Lifecycle policies are not dependant on access patterns as is the case with intelligent tiering, instead they are pre-configured with a transition rule.[0m


Enter the answer number:  2


[33mWRONG! The answer should be: [0m[31mLifecycle policies are not dependant on access patterns as is the case with intelligent tiering, instead they are pre-configured with a transition rule.[0m

[34mQ11. Select which use case scenario best suits the implementation of an Amazon RDS database instance over a NoSQL/non-relational database.[0m
[35m1. Where datasets are constantly evolving and cannot be confined to a static data schema[0m
[35m2. Where vertical scaling of the databaseâ€™s resources is not permissible and is seldom necessary.[0m
[35m3. In an organisation whose datasets are dynamic and document-based[0m
[35m4. In an organisation where only a finite number of processes query the database in predictable and well-structured Schemas.[0m


Enter the answer number:  4


Correct

[34mQ12. An administrator would like to efficiently automate the replication and deployment of a specific software configuration existent on one EC2 instance onto four hundred others. Which AWS service is BEST suited for this implementation?[0m
[35m1. AWS OpsWorks[0m
[35m2. AWS Launch Configuration[0m
[35m3. AWS Beanstalk[0m
[35m4. AWS Auto-scaling[0m


Enter the answer number:  1


Correct

[34mQ13. What is the best-suited file storage option for use when an administrator is looking to deploy shared file access, linux-based workloads which will require up to petabytes of data stores?[0m
[35m1. AWS Snowball[0m
[35m2. Amazon EFS[0m
[35m3. Amazon S3[0m
[35m4. Amazon EBS[0m


Enter the answer number:  2


Correct

[34mQ14. What does a VPC do?[0m
[35m1. creates a secure tunnel between two networks[0m
[35m2. creates a private network that is completely isolated from the public internet.[0m
[35m3. creates a cloud-based network to interconnect a set of virtual servers and appliances[0m
[35m4. creates a shared storage plane for application data to be shared across multiple instances.[0m


Enter the answer number:  3


Correct

[34mQ15. Application Load Balancer can route traffic to several different target groups based upon several conditions. Which of these use cases is not supported by Application Load Balancer?[0m
[35m1. Source IPs matching 192.0.2.0/24 on a listener port of 1433 can be routed to a target group for an RDS for SQL Server cluster.[0m
[35m2. A request with a HTTP header of X-Requested-With: staging can be routed to a target group for an ECS service in your staging environment.[0m
[35m3. A path of /signup* can be routed to a target group for a Lambda function that processes new user registrations.[0m
[35m4. An Http POST query string of ? action=createuser can be routed to a target group for an ECS service.[0m


Enter the answer number:  4


Correct

[34mQ16. You have a Linux EC2 instance that is not responding to requests and you can not connect to it via SSH. Using the EC2 console, you issued a command to stop the instance, but for the past 10 minutes the instance has been in the "stopping" state. What is the next step you should take?[0m
[35m1. Issue another stop action via the EC2 console, and choose the option to forcefully stop the instance.[0m
[35m2. Edit the instance properties and increase the instance size.[0m
[35m3. Contact AWS support. Any further actions could corrupt the file system.[0m
[35m4. Create an AMI image of the instance, and choose the option to take the image without restarting the instance.[0m


Enter the answer number:  4


[33mWRONG! The answer should be: [0m[31mIssue another stop action via the EC2 console, and choose the option to forcefully stop the instance.[0m

[34mQ17. If a set of servers are located within a private subnet of your VPC, how can you connect those servers to on-premise servers?[0m
[35m1. Install a OpenVPN server on an instance that is located within the subnet with an elastic IP.[0m
[35m2. All of these options can establish a connection to a private subnet.[0m
[35m3. Establish a connection with AWS Direct Connect.[0m
[35m4. Use the AWS Client VPN.[0m


Enter the answer number:  2


Correct

[34mQ18. You have a large amount of files on your network-attached storage array that must be archived and maintained for a period of 10 years due to industry regulations. This data will be infrequently accessed but must be kept What is the best AWS service for storing this data?[0m
[35m1. Snowball[0m
[35m2. EFS[0m
[35m3. S3 Glacier[0m
[35m4. OEBS[0m


Enter the answer number:  3


Correct

[34mQ19. You are running Docker containers on ECS. What is the most important metric to monitor?[0m
[35m1. The running container count for each service from within CloudWatch.[0m
[35m2. The memory consumption of each EC2 instance in your cluster from within CloudWatch.[0m
[35m3. The instance health of each EC2 instance in your cluster from within CloudWatch.[0m
[35m4. Monitor the EC2 service dashboard. Watch for posted outages to the ECS service.[0m


Enter the answer number:  2


Correct

[34mQ20. When using an ECS cluster with EC2 instances, what maintenance tasks should you perform on the EC2s?[0m
[35m1. Refresh the cluster with instances built from the latest ECS AMI.[0m
[35m2. The instances created by ECS do not have patches that need to be applied; however, you should make sure your containers contain any important security updates.[0m
[35m3. ECS clusters do not use EC2 instances.[0m
[35m4. You should not directly manipulate the EC2 instances created by ECS. AWS will automatically update these instances.[0m


Enter the answer number:  1


[33mWRONG! The answer should be: [0m[31mThe memory consumption of each EC2 instance in your cluster from within CloudWatch.[0m

[34mQ21. You need a schemaless database. Which Amazon database service provides that solution?[0m
[35m1. DynamoDB[0m
[35m2. Aurora[0m
[35m3. Redshift[0m
[35m4. ORDS[0m


Enter the answer number:  1


Correct

[34mQ22. You are hosting an application configured to stream media to its clients on TCP ports 3380-3384, 3386-3388, and 3390. The Inbound tab below shows three incoming security group policies attached to this instance. Which policy should you use?[0m
[35m1. The first security group rule allows all traffic into this instance. Exposing your entire instance to the whole internet leaves the server open to various attacks of the other services running on different port numbers.[0m
[35m2. There are no recommendations to make.[0m
[35m3. Verify that the AWS account owners actually control the entire CIDR C block for 12.228.11.0-255 and these are secured IPs for RDP access into this instance.[0m
[35m4. The rule that exposes TCP ports 3380-3390 would also publicly expose port 3389 (RDP) to the entire internet. Write separate rules to only expose the needed ports.[0m


Enter the answer number:  4


Correct

[34mQ23. How do you architect a solution for an SQL Server database to be replicated across AWS regions in an active-active architecture?[0m
[35m1. Use RDS for SQL Server 2016 or 2017 Enterprise Edition. Enable Multi-AZ support and select the Mirroring/Always On option. Select another region for the mirroring option.[0m
[35m2. Use RDS for SQL Server and create the same instance in two different regions. Use Database Migration Service to keep each database in sync.[0m
[35m3. Use a VPN or VPC peering to establish a connection between the VPCs in each region. Install SQL Server Enterprise Edition on EC2 instances in each region and configure an Always On availability group.[0m
[35m4. You can not set up an active-active architecture for SQL Server that spans geographic regions.[0m


Enter the answer number:  1


Correct

[34mQ24. Which use case would warrant the cost-effective implementation of Amazon EC2 Reserved Instances with Spot Instances in the same build?[0m
[35m1. One that has a constantly predictable workload with brief unpredictable spikes[0m
[35m2. One that has a predictable workload over a long time horizon with prolonged and unpredictable spikes.[0m
[35m3. A build that has sudden unpredictable workload spikes but for a short time horizon[0m
[35m4. One in which there is a predictable resource demand over a long time horizon[0m


Enter the answer number:  1


Correct

[34mQ25. Your web application is getting a suspicious amount of bad requests from foreign IP addresses. Your business is operating in only a few countries and you would like to block any other traffic. What is the best practice for limiting access to your web application by country?[0m
[35m1. Use CloudTrail to monitor the IP addresses of the bad requests. Use Lambda to add these IP addresses to an Application Load Balancer rule that blocks the IPs.[0m
[35m2. Host the front end of your website in CloudFront and configure a geo restriction on the distribution.[0m
[35m3. Use Web Application Firewall and create a geo match condition to drop all requests from countries that aren't on your allow list.[0m
[35m4. Use Application Load Balancer to create a new routing rule that looks at source IP address. Add an IP block for the countries that have access.[0m


Enter the answer number:  3


Correct

[34mQ26. You have four front-end web servers behind a load balancer, which use NFS to access another EC2 instance that resizes and stores images for the front-end application. What security group policies should be assigned to these servers?[0m
[35m1. Assign Elastic IPs to all of the instances and create a group that allows all traffic to pass between each of the five[0m
[35m2. Create a security group that allows inbound HTTP and HTTPS traffic from all IP addresses and apply this to the web servers. Create a second security group for the NFS filestore that allows outbound NFS traffic to the private IP range of the front-end web servers.[0m
[35m3. Front-end web servers should allow HTTPS. Assign another group to all of the instances that allows all traffic to pass between instances using that group.[0m
[35m4. Create a security group that allows inbound NFS, HTTP, and HTTPS traffic from all IP addresses. Apply this group to all of the servers.[0m


Enter the answer number:  3


Correct

[34mQ27. An organisation utilizes a software suite, that consists of a multitude of underlying microservices hosted on the cloud. The application is frequently giving runtime errors. Which service will help in the troubleshooting process?[0m
[35m1. AWS X-Ray[0m
[35m2. Amazon Elasticsearch Service[0m
[35m3. AWS CloudWatch[0m
[35m4. AWS CloudTrail[0m


Enter the answer number:  1


Correct

[34mQ28. An administrator noticed a consistent spike in processor and memory activity on the organizationâ€™s web servers that host a large web application, this was after installing Secure Socket Layer/Transport Layer Security (SSL/TLS) for security. This increased activity degraded the web applicationâ€™s responsiveness. What is the best-practice solution to resolve the situation?[0m
[35m1. Migrate the web application onto m4.4xlarge EC2 instances with robust compute, processing and networking capability.[0m
[35m2. Create an auto-scaling group that scales out as traffic to the web application cluster increases.[0m
[35m3. Create a custom AWS CloudWatch metric to monitor the instance resources, by writing a script in the AWS Command Line Interface (AWS CLI).[0m
[35m4. Offload the SSL/TLS from running locally to AWS CloudHSM.[0m


Enter the answer number:  4


Correct

[34mQ29. What AWS services can help you automate your development pipeline for continuous integration and continuous deployment?[0m
[35m1. CodeBuild[0m
[35m2. CodePipeline[0m
[35m3. all of these answers[0m
[35m4. CodeDeploy[0m


Enter the answer number:  3


Correct

[34mQ30. Which communication channel does SNS not support natively?[0m
[35m1. push notification[0m
[35m2. automated phone call[0m
[35m3. OSMS text message[0m
[35m4. email[0m


Enter the answer number:  2


Correct

[34mQ31. You are creating a DynamoDB table to store all movies that have been released since 1938. Your application will allow users to search by movie title and see the details of that film. Given the sample below showing the movie data that you will be importing, what is the best set of keys to apply to this table?[0m
[35m1. The primary key should be created as a completely unique value, such a sequential numerical list of movie IDs. The partition key should be title field for fast lookup.[0m
[35m2. The primary key should be the title field and the partition key should be the genres field.[0m
[35m3. The primary key should be a composite key comprised of a partition key on the title field and a sort key on the year field.[0m
[35m4. The primary key should be a partition key of the title field.[0m


Enter the answer number:  1


Correct

[34mQ32. What service can host your Docker containers?[0m
[35m1. Lightsail[0m
[35m2. All of these services can host a Docker container.[0m
[35m3. Elastic Compute Cloud (EC2)[0m
[35m4. Elastic Container Service (ECS)[0m


Enter the answer number:  2


Correct

[34mQ33. An administrator would like to prepare a report that will be presented to the auditing team. The report is meant to depict that the organisationsâ€™ cloud infrastructure has followed the widely accepted industry standards of deployment, maintenance and monitoring. Which tool can they use to assist them?[0m
[35m1. AWS CloudTrail[0m
[35m2. AWS Total Cost of Ownership[0m
[35m3. AWS Trusted Advisor[0m
[35m4. AWS Organisations[0m


Enter the answer number:  1


Correct

[34mQ34. You have an application using a 100 GB MySQL database that you are migrating into AWS. What should you consider when deciding between whether to host the database on RDS for MySQL or Aurora?[0m
[35m1. ease of maintenance vs. granularity of control[0m
[35m2. all of these answers[0m
[35m3. cost[0m
[35m4. the current storage engine used by the application, such as InnoDB or MyISAM[0m


Enter the answer number:  2


Correct

[34mQ35. A developer would like to automate the installation, updating of a set of applications on a series of EC2 instances and on-premise servers. Which is the most appropriate service to use to achieve this requirement?[0m
[35m1. AWS CodeDeploy[0m
[35m2. AWS CodeBuild[0m
[35m3. AWS CloudFormation[0m
[35m4. AWS CodeCommit[0m


Enter the answer number:  4


[33mWRONG! The answer should be: [0m[31mAWS CodeDeploy[0m

[34mQ36. A principle of DevOps is to view infrastructure as code. Which AWS service allows you to script your AWS infrastructure?[0m
[35m1. AWS Config[0m
[35m2. CloudFormation[0m
[35m3. AWS Service Catalog[0m
[35m4. CloudTrail[0m


Enter the answer number:  1


[33mWRONG! The answer should be: [0m[31mCloudFormation[0m

[34mQ37. What does it cost to launch an EC2 instance from the AWS Marketplace?[0m
[35m1. You can only launch images that were created by other users on your AWS account, so you pay only for the instance size you select and the S3 storage costs for the base image.[0m
[35m2. All images in the AWS Marketplace incur additional hourly fees in addition to the charges from the instance size you select.[0m
[35m3. Each image has its own pricing that could either be free, or include charges for software licensing costs. You will also pay for the instance the image runs on[0m
[35m4. All images in the AWS Marketplace contain only open-source software with no additional fees and are created by other AWS users. You will pay only for the instance size you select.[0m


Enter the answer number:  3


Correct

[34mQ38. Can you lose the public IP address associated with your EC2 instance?[0m
[35m1. No, you will never lose the public IP address for your instance.[0m
[35m2. Yes, you can lose it if you reboot the instance.[0m
[35m3. Yes, you can lose it when you edit the instance properties and release the IP address.[0m
[35m4. Yes, you can lose it if you stop and start the instance.[0m


Enter the answer number:  4


Correct

[34mQ39. A business analyst would like to move away from creating complex database queries and static spreadsheets when generating regular reports for high-level management. They would like to dynamically publish insightful, graphically appealing reports with interactive dashboards. Which service can they use to accomplish this?[0m
[35m1. Amazon QuickSight[0m
[35m2. Business intelligence on Amazon Redshift[0m
[35m3. Amazon Athena integrated with Amazon Glue[0m
[35m4. Amazon CloudWatch dashboards[0m


Enter the answer number:  1


Correct

[34mQ40. You created a Windows EC2 instance with a public IP address and installed SQL Server. When attempting to connect to SQL Server from SQL Server Enterprise Manager on your local computer, the Windows EC2 instance is unable to establish a connection to the server. What is the first thing you should check?[0m
[35m1. Check the policies within Windows Firewall.[0m
[35m2. Verify that the assigned security groups allow TCP port 1433 traffic from your current IP address.[0m
[35m3. Verify that you are connecting to the instance using a user that is not sa.[0m
[35m4. Check the routing tables for the VPC.[0m


Enter the answer number:  2


Correct

[34mQ41. You have 14 on-premise web servers, 4 database servers, 6 servers using GIS software, 3 file servers, and 4 development servers. What considerations should you take into account when migrating these servers into AWS?[0m
[35m1. AWS does not have a way to separate billing for compute costs, so you will need to design a way to split the budget between departments.[0m
[35m2. New AWS accounts are limited to 20 on-demand EC2 instances. Submit a request to increase your rate limits before starting a migration.[0m


Enter the answer number:  2


Correct

[34mQ42. In the S3 console, underneath the Access column, what does the public badge next to the bucket name indicate?[0m
[35m1. Objects within this bucket can be made public, if the ACL on that object is set to allow everyone access. Private buckets do not allow you to set public permissions on any object.[0m
[35m2. Some objects within this bucket are assigned public access. Verify that any publicly shared objects within this bucket contain no sensitive data.[0m
[35m3. All objects within this bucket are writable, which means that the public internet has the ability to upload any file directly to your S3 bucket. Your S3 bucket could be used to serve malware.[0m
[35m4. All objects within this bucket are assigned public access and could be readable or writable by anyone on the internet. Ensure no sensitive data is being publicly shared within this bucket.[0m


Enter the answer number:  4


Correct

[34mQ43. Which database is a NoSQL database type that can quickly store and retrieve key-value pairs?[0m
[35m1. DynamoDB[0m
[35m2. Aurora[0m
[35m3. RDS for MySQL[0m
[35m4. Neptune[0m


Enter the answer number:  1


Correct

[34mQ44. Your application is sending 50,000 emails through SES each day. Since you must maintain a low bounce rate to avoid being put on probation, what simple system do you architect to automatically process hard bounces?[0m
[35m1. Configure SES to send all bounce events to an SNS topic. Create a Lambda function that processes each hard bounce event and automatically flags that account as a bounce in your application to prevent further sending attempts.[0m
[35m2. Send all emails through SES with a custom reply-to header. Configure SES to listen for events on this email address and flag any email address that replies to this account as a bounced message and remove it from your email list.[0m
[35m3. Configure SES to no longer send to email addresses that are on your bounce list.[0m
[35m4. Configure SES to send the logs of all delivery attempts through Kinesis Firehose. Process each event and look for bounce types and remove these emails from your list.[0m


Enter the answer number:  1


Correct

[34mQ45. What's the best practice for horizontally scaling a legacy ASP.NET web application that relies on Active Directory and is currently deployed to a single Windows EC2 instance?[0m
[35m1. Horizontal scaling is not the best practice in this situation. Increase the size of the existing EC2 instance and vertically scale the application.[0m
[35m2. Launch a new EC2 with the latest version of Windows Server and install the application again. Use Application Load Balancer and sticky sessions to balance between both servers.[0m
[35m3. Use Sysprep to shut down the instance during a maintenance window. Create an AMI image and place both servers behind Application Load Balancer with sticky sessions.[0m
[35m4. Create a clone of the server using an AMI image and user Application Load Balancer to balance the traffic between both instances using sticky sessions.[0m


Enter the answer number:  3


Correct

[34mQ46. In addition to CloudFormation, you can use other orchestration tools to automate server formation and maintenance. Which tool is not an efficient choice for the orchestration of a large infrastructure?[0m
[35m1. Ansible[0m
[35m2. Vagrant[0m
[35m3. Chef[0m
[35m4. Puppet[0m


Enter the answer number:  2


Correct

[34mQ47. What can be termed as a user-defined label that has a key-value pair of variable character length. It is assigned to AWS resources as metadata for administration and management purposes?[0m
[35m1. Resource Group[0m
[35m2. Resource Flag[0m
[35m3. Resource Tag[0m
[35m4. Tag key[0m


Enter the answer number:  3


Correct

[34mQ48. You created a new Linux EC2 instance and installed PostgreSQL but you are not able to establish a connection to the server from your local computer. What steps do you take to resolve this issue?[0m
[35m1. Make sure that you are using an Elastic IP and that it is included within the `postgresql.conf` configuration file.[0m
[35m2. Create a security group rule that allows all traffic from 0.0.0.0/0. This will verify whether or not another rule is denying the traffic.[0m
[35m3. Verify that the assigned security groups allow traffic from your IP address to port 5432. Verify that PostgreSQL is configured to listen to external traffic and is bound to the public interface.[0m
[35m4. Stop and start the instance. New security group rules will only take effect after a restart.[0m


Enter the answer number:  3


Correct

[34mQ49. What in-memory caching server is not supported by ElastiCache?[0m
[35m1. Elasticsearch[0m
[35m2. Redis 3[0m
[35m3. Memcached[0m
[35m4. Redis 5[0m


Enter the answer number:  1


Correct

[34mQ50. Which feature can be used to respond to a sudden increase in web traffic?[0m
[35m1. RDS Read Replicas[0m
[35m2. AWS Shield Advanced[0m
[35m3. EC2 Auto Scaling groups[0m
[35m4. all of these answers[0m


Enter the answer number:  4


Correct

[34mQ51. Which of these is a valid restriction on the properties of a VPC?[0m
[35m1. You cannot create a CIDR block with a netmask larger than /16[0m
[35m2. You can have only 10 subnets within a VPC[0m
[35m3. You can have only 10 VPCs per region on a new AWS account[0m
[35m4. You can have only 10 internet gateways per region on a new AWS account.[0m


Enter the answer number:  1


Correct

[34mQ52. A new developer has been added to the team and you have been asked to provide access to the organization's AWS account. What is the best practice for granting access?[0m
[35m1. Create a IAM user for the new developer. Manually assign policies to the new IAM user account.[0m
[35m2. Create a IAM user for the new developer. Assign the new developer the a developer group you already created for the other developers.[0m
[35m3. Give the new developer the IAM login that is assigned to the development team. This IAM user should already include all of the policies that a developer would need.[0m
[35m4. Do not give the new developer access to the AWS console. Using the IAM user that is assigned to the development group, generate a new set of access keys and label these with the name of the developer.[0m


Enter the answer number:  2


Correct

[34mQ53. Which Elastic Load Balancing option supports Lambda as a target?[0m
[35m1. Application Load Balancer[0m
[35m2. Lambda can not be called directly by incoming web requests. You must use API Gateway.[0m
[35m3. Network Load Balancer[0m
[35m4. Classic Load Balancer[0m


Enter the answer number:  1


Correct

[34mQ54. What data store provides a simple and quick way of storing basic user attributes in an object-based format?[0m
[35m1. Redshift[0m
[35m2. Neptune[0m
[35m3. ORDS for Oracle[0m
[35m4. DynamoDB[0m


Enter the answer number:  4


Correct

[34mQ55. When using AWS for research and development ahead of a planned migration, how do you prevent unexpected increases or spikes in the billing?[0m
[35m1. Using the root AWS account, activate IAM access to the billing information for the account. Make sure your IAM users have the Billing FullAccessGroup policy. Then from the billing dashboard, check the accrued charges once a day.[0m
[35m2. Use the billing dashboard to create a cost budget. Input the max amount you want to be charged each month. Any charges that occur over this amount will cause AWS to automatically suspend those resources[0m
[35m3. Using the root AWS account enable Billing Alerts in the user preferences. Then use CloudWatch to create a billing alarm and set a threshold to a specific dollar amount for your estimated monthly charges.[0m
[35m4. If you are using the AWS free tier, you will have to confirm the usage of any service that goes over the AWS free tier limits.[0m


Enter the answer number:  3


Correct

[34mQ56. An administrator would like to automate the creation of new AWS accounts for the research and development department of the organisation where new workloads need to be spun-up promptly and categorized into groups. How can this be achieved efficiently?[0m
[35m1. Using the AWS API to programmatically create each account via command line interface[0m
[35m2. Use of AWS Organisations[0m
[35m3. WS Identity Access Management (IAM)[0m
[35m4. Use of AWS CloudFormation would be sufficient[0m


Enter the answer number:  2


Correct

[34mQ57. An organization has a persistently high amount of throughput, it requires connectivity with no jitter and very low latency between its on-premise infrastructure and its AWS cloud build to support live streaming and real-time services. What is the MOST appropriate solution to meet this requirement?[0m
[35m1. AWS Kinesis[0m
[35m2. AWS Direct Connect[0m
[35m3. AWS Data Streams[0m
[35m4. Kinesis Data Firehose[0m


Enter the answer number:  2


Correct

[34mQ58. Which AWS service complies with the standards outlined in Payment Card Industry Data Security Standard (PCI DSS) Level 1 for the handling and transmission of credit card data?[0m
[35m1. Simple Queue Service (SQS)[0m
[35m2. API Gateway[0m
[35m3. all of these answers[0m
[35m4. Kinesis Data Streams[0m


Enter the answer number:  3


Correct

[34mQ59. You have a Linux EC2 web server that suddenly is timing out on all HTTP requests and your SSH connection attempts are timing out. You notice that it is failing the system status check in the EC2 console. What action should you take?[0m
[35m1. Reboot the instance. This will stop and start the instance and move it to another host.[0m
[35m2. Restore the instance from the last AMI image. System status checks indicate that the filesystem on the instance is corrupted.[0m
[35m3. Stop and start the instance. This will move the instance to another host.[0m
[35m4. Contact AWS support. Failing a system status check indicates a failure in the underlying hardware and must be addressed by an AWS representative.[0m


Enter the answer number:  2


Correct

[34mQ60. You have a UDP load balancer that is created by an instance that is running an NGINX proxy. Your application performance management (APM) solution can detect failures in your load balancer instance and transfer the Elastic IP to a passive standby instance. Using the AWS CLI, which script do you program into your APM to move the Elastic IP?[0m
[35m1. D[0m
[35m2. A[0m
[35m3. C[0m
[35m4. B[0m


Enter the answer number:  2


Correct

[34mQ61. In Cost Optimization, what is referred to as EC2 Right Sizing?[0m
[35m1. It is a cost-effective solution to determine the appropriate Amazon EC2 resources such as memory, processor type and storage when provisioning an instance type.[0m
[35m2. It is a cost-saving solution that outlines the recommendations of best practice in four aspects namely cost optimization, performance, fault-tolerance and service limits.[0m
[35m3. It is a cost-saving solution that analyses data over a period of time to determine and recommend the type of Amazon EC2 instances appropriate for your workload.[0m
[35m4. It is the scaling down or scaling up of Amazon EC2 instances and instance types to meet workload demand by maintaining only the threshold resources.[0m


Enter the answer number:  3


Correct

[34mQ62. Your database is an RDS instance running SQL Server with Multi-AZ replication and you have several older .NET console utilities that perform database operations every 15 seconds. When the cluster has to switch the primary database server to the secondary AZ, the .NET utilities start to report connection failures to the database although other applications are able to access the database. How do you correct this problem?[0m
[35m1. A.NET application will retain the IP address of a connection string until the host machine is rebooted.[0m
[35m2. The server running the .NET utilities is caching the DNS lookup on the database cluster address. Flush the DNS cache of the server and force the C# utilities to open new connections to the database.[0m
[35m3. The NET utilities need to change the SQL Server endpoint in the connection strings to read from the secondary database server using a try/catch.[0m
[35m4. Use the RDS console to force a reboot of the database instanc

Enter the answer number:  3


Correct

[34mQ63. A professional educational institution maintains a dedicated web server and database cluster that hosts an exam results portal for modules undertaken by its students. The resource is idle for most of the learning cycle and becomes excessively busy when exam results are released. How can this architecture be improved to be cost-efficient?[0m
[35m1. Configure serverless architecture leveraging AWS Lambda functions[0m
[35m2. Configure AWS elastic load-balancing between the webserver and database cluster[0m
[35m3. Migrate the web servers onto Amazon EC2 Spot Instances[0m
[35m4. Configure RDS multi-availability zone for performance optimisation[0m


Enter the answer number:  1


Correct

[34mQ64. "A start-up organisation would like to instantaneously deploy a complex web and mobile application development environment, complete with the necessary resources and peripheral assets. How can this be achieved efficiently?[0m
[35m1. Making use of the AWS Serverless Application Repository to identify and deploy the resources needed for a web and mobile application development environment.[0m
[35m2. By putting together the necessary components from AWS services, starting with EC2 instances.[0m
[35m3. Creating AWS Lambda functions that will be triggered by single-button click to call the appropriate API of the respective resources and peripheral assets needed.[0m
[35m4. Using AWS Quick Starts to identify and provision the appropriate AWS CloudFormation templates[0m


Enter the answer number:  4


Correct

[34mQ65. For your AWS root account, you have generated a random password of the maximum allowed length and included special characters. Which additional steps should you take to secure your AWS root account?[0m
[35m1. Store your randomly generated password in your organizational secrets database using a service such as 1Password or LastPass, and only grant access to this secret to the DevOps team.[0m
[35m2. Create an IAM role for the account administrator with the highest privileges and do not use the root account in day-today operations. Enable two-factor authentication on the root account[0m
[35m3. Create IAM accounts for your administrators and attach the AdministratorAccess policy to their accounts. Disable the root account in the user settings.[0m
[35m4. Create an AM role for the account administrator with the highest privileges. Do not store the root password, but when the root account is needed reset the password on the root account via email confirmation and r

Enter the answer number:  2


Correct

[34mQ66. Which AWS service can be used to help generate the documentation required by various compliance standards, such as Payment Card Industry Data Security Standard (PCI DSS) Level 1 for the handling of credit card data?[0m
[35m1. Secrets Manager[0m
[35m2. DocumentDB[0m
[35m3. Print out the AWS Compliance summary and keep it with your required documentation for an audit.[0m
[35m4. Artifact[0m


Enter the answer number:  4


Correct

[34mQ67. Where is the best place to store database backups on an EC2 instance that is configured as a database server?[0m
[35m1. instance attached to the instance[0m
[35m2. an S3 bucket, synced with the database backups via a script that calls the AWS CLI[0m
[35m3. EBS volume attached to the instance[0m
[35m4. instance storage, with a script that replicates the database backups to another instance in a different availability zone.[0m


Enter the answer number:  2


Correct

[34mQ68. What is the best practice for maintaining Windows EC2 instances and applying updates?[0m
[35m1. Turn on auto update in Windows Update on each EC2 that is launched, or create your own AMI with this feature enabled and launch all of your EC2 instances from this AMI.[0m
[35m2. Use AWS Systems Manager Patch Manager to find an patch instances that require updates during a set maintenance window.[0m
[35m3. Install Window Server Update Services on your primary Active Directory controller.[0m
[35m4. Create a maintenance schedule that an employee must fill out each week confirming a visual inspection of each instance was conducted and which patches were applied.[0m


Enter the answer number:  2


Correct

[34mQ69. There is a requirement to host a database server for a minimum period of one year. Which of the following would result in the least cost?[0m
[35m1. Spot Instances[0m
[35m2. No Upfront costs Reserved[0m
[35m3. Partial Upfront costs Reserved[0m
[35m4. On-Demand[0m


Enter the answer number:  3


Correct

[34mQ70. You have a T2 EC2 instance that is critical to your infrastructure. How would you monitor the most important metric for this instance?[0m
[35m1. Turn on CloudWatch Auto Recovery and put monitors on the System Status and Instance Status checks for the instance to notify you when either is in alarm.[0m
[35m2. Use CloudWatch to put monitors on the remaining CPU credits. If you run out of CPU credit the instance will be stopped.[0m


Enter the answer number:  1


Correct

You passed with: 92.86%
