🚀 DevOps & SRE Certification Program 📅 Starting: 1st of Every Month 🤝 +91 8409492687 🔍 Contact@DevOpsSchool.com

Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

AWS

AWS Interview Questions and Answer Part – 29

January 18, 2020 comments off

What security feature ensures no compromise of session keys during operation?

  • Perfect forward secrecy (Ans)
  • Sticky sessions
  • Server order preference
  • SSL offload

When EBS volumes are created, who has access?

  • All power users
  • The AWS account that created the volume (Ans)
  • All tenant administrators
  • By default any IAM user

What is the benefit of nesting IAM groups at AWS?

  • Nested groups override any default group listings.
  • Nested group members have easier access to more resources.
  • IAM groups can’t be nested. (Ans)
  • Allowing users to belong to multiple groups.

To control access to storage what type of policy should be deployed?

  • In-line
  • Tag based
  • Resource-based (Ans)
  • Managed policy

What network component cannot be changed on an instance?

  • The default network interface (eth0) (Ans)
  • The Mac address
  • The public IPv4 address
  • The primary IPv4 address

What is the key feature of an elastic network interface?

  • Elastic network interfaces increase bandwidth and decrease latency.
  • Elastic network interfaces provide automatic failover.
  • Elastic network interfaces provide a static public IP address.
  • When an elastic network interface moves to a new instance, network traffic is redirected automatically. (Ans)

How can you effectively monitor your load balancer operation?

  • Deploying AWS Config
  • Creating health checks via Route 53
  • Reviewing CloudTrail reports
  • Using CloudWatch metrics (Ans)

When designing IAM goals for AWS deployments access to resources should be granted based on what criteria?

  • Access granted based on least privilege (Ans)
  • Access granted based on administrative requirements
  • Access granted based on application types
  • Access granted based on corporate privileges currently deployed on site

What key component is required to access the AWS management console?

  • A valid password (Ans)
  • Install the AWS management console add-in
  • An identity and access management policy
  • An access key

When is IAM policy checked?

  • Every time access as requested (Ans)
  • Every 12 hours
  • On a need for access basis
  • Every 15 minutes

What two types of hosts are supported by the application load balancer?

  • Layer 7 Applications
  • Both instances and containers (Ans)
  • IAM groups and target groups
  • Both Linux and Windows instances

What is the definition of a VPC at AWS?

  • Isolated network within the AWS cloud (Ans)
  • Flat virtual network shared by all AWS customers
  • Software defined network with predefined address ranges
  • Software defined network hosted by a single availability zone

What key cloud feature does Route 53 integrate with at AWS?

  • Elastic load balancer’s
  • CloudWatch
  • Health checks (Ans)
  • CloudTrail

By default how do subnets handle routing requests within a VPC?

  • Subnets within the VPC can route to each other. (Ans)
  • Custom route tables must be created from private and public roads.
  • Custom route tables must be created for all private routes.
  • Route tables are automatically created based on IP address range selected.

How do federated users gain access to AWS resources?

  • Long-term security credentials assigned to the user secret access key.
  • Permissions are attached to the IAM user or group associated with the corporate user.
  • Permissions are defined for federated users using IAM roles. (Ans)
  • Short-term security credentials assigned to the user secret access key.

What network levels can the classic ELB function up to?

  • Level 4 (Ans)
  • All network levels
  • Level 7
  • Only the application level

What is the key feature of an elastic IP address?

  • The assigned static IP address can be moved from one location to another. (Ans)
  • Elastic network addresses can be both public or private addresses.
  • The static IP address is linked to your account.
  • Can be assigned to multiple network locations at the same time.

How do you disable your root account at AWS?

  • You can’t disable your account. (Ans)
  • Set up detailed billing policies.
  • SMS Multifactor authentication
  • IAM policies

What type of networks can the classic ELB operate on?

  • On site to site VPNs only
  • Both public and private networks up to Layer 4 (Ans)
  • Only public networks up to Layer 4
  • Only private networks up to Layer 4

What is the distinctive difference between dedicated instances and dedicated hosts?

  • Single tenancy
  • Full access to the CPU cores (Ans)
  • Full access to the hardware resource
  • Physical hardware isolation

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.