A user has attached one RDS security group with 5 RDS instances. The user has changed the ingress rule for the security group. What will be the initial status of the ingress rule?
It is not possible to assign a single group to multiple DB instances
An organization has 500 employees. The organization wants to set up AWS access for each department. Which of the below mentioned options is a possible solution?
Create IAM roles based on the permission and assign users to each role
It is not possible to manage more than 100 IAM users with AWS
Create IAM groups based on the permission and assign IAM users to the groups
Create IAM users and provide individual permission to each
A user has created a blank EBS volume in the US-WEST-1 region. The user is unable to attach the volume to a running instance in the same region. What could be the possible reason for this?
The AZ for the instance and volume are different
The instance must be in a running state. It is required to stop the instance to attach volume
The instance has enabled the volume attach protection
A user has created an RDS instance with MySQL. The user is using the SQL client to connect with the RDS DB. The client is unable to connect to DB from his home machine. What is a possible reason for the failure?
The user has to open port 22 in the RDS security group to connect with RDS DNS
The security group is not configured to allow a request from the user`s IP on port 3306
The user has to open port 80 in the RDS security group to connect with RDS DNS
Suppose freeonlinetest (with AWS account ID xxxxxxxxxx) has created 500 IAM users for its organization's employees. freeonlinetest wants to make the AWS console login URL for all IAM users like: http://wwww.freeonlinetest.in How can this be configured?
Create an IAM hosted zone Identity for the domain freeonlinetest
It is not possible to have a personalized IAM login URL
The user needs to use Route 53 to map the freeonlinetest domain and IAM URL
Create an IAM AWS account alias with the name knowledgehut
When your team mate is detaching an EBS volume from a running instance and attaching it to a new instance, which of the below mentioned options should he follow to avoid file system damage?
Stop all the I/O of the volume before processing
Unmounts the volume first
Force Detach the volume to ensure that all the data stays intact
Knowledge Hut has placed a set of on-premise resources with an AWS Direct Connect provider. After establishing connections to a local AWS region in the US, Knowledge Hut needs to establish a low latency dedicated connection to an S3 public endpoint over the Direct Connect dedicated low latency connection. What steps need to be taken to accomplish configuring a direct connection to a public S3 endpoint?
Configure a public virtual interface to connect to a public S3 endpoint resource.
Add a BGP route as part of the on-premise router; this will route S3 related traffic to the public S3 endpoint to dedicated AWS region.
Establish a VPN connection from the VPC to the public S3 endpoint.
Configure a private virtual interface to connect to the public S3 endpoint via the Direct Connect connection.
A user has created photo editing software and hosted it on EC2. The software accepts requests from the user about the photo format and resolution and sends a message to S3 to enhance the picture accordingly. Which of the below mentioned AWS services will help make a scalable software with the AWS infrastructure in this scenario?
You have been told by your security officer of freeonlinetest that you need to give a presentation on encryption on data at rest on AWS to 50 of your co-workers. You feel like you understand this extremely well regarding data stored on AWS S3 so you aren`t too concerned, but you begin to panic a little when you realize you also probably need to talk about encryption on data stored on your databases, namely Amazon RDS. Regarding Amazon RDS encryption, which of the following statements is the truest
Encryption cannot be enabled on RDS instances unless the keys are not managed by KMS.
Encryption can be enabled on RDS instances to encrypt the underlying storage, and this will by default also encrypt snapshots as they are created. No additional configuration needs to be made on the client side for this to work.
Encryption can be enabled on RDS instances to encrypt the underlying storage, but you cannot encrypt snapshots as they are created.
Encryption can be enabled on RDS instances to encrypt the underlying storage, and this will by default also encrypt snapshots as they are created. However, some additional configuration needs to be made on the client side for this to work.
Suppose freeonlinetest is running an Amazon Redshift cluster with four nodes running 24/7/365 and expects, potentially, to add one on-demand node for one to two days once during the year. Which architecture would have the lowest possible cost for the cluster requirement?
Purchase 4 reserved nodes and rely on on-demand instances for the fifth node, if required
Purchase 2 reserved nodes and utilize 3 on-demand nodes only for peak usage times
Purchase 4 reserved nodes and bid on spot instances for the extra node usage required
Purchase 5 reserved nodes to cover all possible node usage during the year