Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

AWS

AWS Interview Questions and Answer Part – 30

January 18, 2020 comments off

If resources at AWS have been created by a no other account, what feature can be enabled to share access to resources?

  • Cross Account Access (Ans)
  • Creating additional accounts for access to the required resources
  • Enabling consolidated billing
  • IAM role policies
  • Administrative IAM policies linked to required resources

Where can details be reviewed regarding user passwords?

  • Review CloudWatch alerts
  • Viewing the Credential Report (Ans)
  • Through the properties of the users account
  • Analysis of CloudTrail reports

What types of subnets can be chosen within your VPC?

  • Public and hybrid subnets
  • Private subnets
  • Both public and private subnets can be created. (Ans)
  • Hybrid subnets

In front of what does the Web Application Firewall sit?

  • ALB and S3
  • S3 and ALB
  • EC2 and S3
  • ALB and CF (Ans)

What is the benefit of deploying an in-line policy?

  • If the principles deleted, the policy is still deployed.
  • Maintain a strict one to one relationship between the policy and selected principal. (Ans)
  • In-line policies are created for the customer by AWS.
  • In-line policies can be deployed to multiple identities at the same time.

To access resources or users outside of AWS what must be attached to your subnet?

  • Defined network access control lists
  • Security groups
  • Elastic IP addresses
  • A gateway device (Ans)

What is the purpose of elastic load-balancing?

  • Balancing the storage load on the elastic file system
  • Balancing performance of Web servers
  • Distribution of incoming traffic across multiple instances (Ans)
  • Scaling instances up or down based on demand

What type of network must a dedicated instance be deployed on?

  • In a VPC (Ans)
  • Private only
  • Public only
  • In a Classic EC2 network

What is the secret access key used for at AWS?

  • Authentication to the AWS console
  • Access to resources through automation (Ans)
  • Authentication using the CLI
  • Developing using the SDK

When an EBS snapshot is shared, who can alter the original snapshot?

  • Shared snapshots cannot be altered. (Ans)
  • Only the root user of the account
  • IAM policy defines access rules for snapshots.
  • Any administrator account

What security tool should be used to create a second access key?

  • Use the create-access-key command
  • Run the Access Advisor
  • Using CloudTrail reports
  • The IAM Console (Ans)

Where is Route 53 located in the AWS ecosystem?

  • Region
  • Availability zone
  • Edge location (Ans)
  • Hybrid location

What types of permissions does and IAM policy control?

  • Explicit disallow
  • Implicit access
  • Implicit disallow
  • Explicit access
  • Allow or deny (Ans)

What common LDAP service is used in federating corporate users to AWS?

  • AWS directory services (Ans)
  • Google authenticator
  • Open ID
  • SAML 2.0

What is AWS Shield?

  • EC2 firewall
  • Edge firewall
  • A DDos protection service (Ans)
  • Network layer protection

What happens if you find your instant size is inadequate for your needs?

  • Use commandline tools to scale instance size up or down.
  • Restore from backup to new instance type.
  • Shut down the instance, change instance type, and restart the instance. (Ans)
  • Instances must be rebuilt from scratch to change size.

What happens when storage and memory resources are discarded?

  • Open a ticket with AWS support to clean discarded resources.
  • Storage is automatically reset and memory is automatically scrubbed. (Ans)
  • Storage is scrubbed, and memory is reset automatically.
  • Both storage and memory resources are cleaned upon request only.

When authenticating against an EC2 Instance what IAM policies are required?

  • Role-based policy
  • Logging onto an EC2 instance is not controlled by IAM policy (Ans)
  • Access-based policy
  • Group-based policy

Name the four common elements in an IAM policy.

  • Username, resources, principal, and actions
  • Security principles, assigned actions, effect, and resources
  • Resources, core effects, mandated actions, and principles
  • Resources, actions, effect, and principal (Ans)
DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.