AWS Interview Questions and Answer Part – 29

What security feature ensures no compromise of session keys during operation?

• Perfect forward secrecy (Ans)
• Sticky sessions
• Server order preference
• SSL offload

When EBS volumes are created, who has access?

• All power users
• The AWS account that created the volume (Ans)
• All tenant administrators
• By default any IAM user

What is the benefit of nesting IAM groups at AWS?

• Nested groups override any default group listings.
• Nested group members have easier access to more resources.
• IAM groups can’t be nested. (Ans)
• Allowing users to belong to multiple groups.

To control access to storage what type of policy should be deployed?

• In-line
• Tag based
• Resource-based (Ans)
• Managed policy

What network component cannot be changed on an instance?

• The default network interface (eth0) (Ans)
• The Mac address
• The public IPv4 address
• The primary IPv4 address

What is the key feature of an elastic network interface?

• Elastic network interfaces increase bandwidth and decrease latency.
• Elastic network interfaces provide automatic failover.
• Elastic network interfaces provide a static public IP address.
• When an elastic network interface moves to a new instance, network traffic is redirected automatically. (Ans)

How can you effectively monitor your load balancer operation?

• Deploying AWS Config
• Creating health checks via Route 53
• Reviewing CloudTrail reports
• Using CloudWatch metrics (Ans)

When designing IAM goals for AWS deployments access to resources should be granted based on what criteria?

• Access granted based on least privilege (Ans)
• Access granted based on administrative requirements
• Access granted based on application types
• Access granted based on corporate privileges currently deployed on site

What key component is required to access the AWS management console?

• A valid password (Ans)
• Install the AWS management console add-in
• An identity and access management policy
• An access key

When is IAM policy checked?

• Every time access as requested (Ans)
• Every 12 hours
• On a need for access basis
• Every 15 minutes

What two types of hosts are supported by the application load balancer?

• Layer 7 Applications
• Both instances and containers (Ans)
• IAM groups and target groups
• Both Linux and Windows instances

What is the definition of a VPC at AWS?

• Isolated network within the AWS cloud (Ans)
• Flat virtual network shared by all AWS customers
• Software defined network with predefined address ranges
• Software defined network hosted by a single availability zone

What key cloud feature does Route 53 integrate with at AWS?

• Elastic load balancer’s
• CloudWatch
• Health checks (Ans)
• CloudTrail

By default how do subnets handle routing requests within a VPC?

• Subnets within the VPC can route to each other. (Ans)
• Custom route tables must be created from private and public roads.
• Custom route tables must be created for all private routes.
• Route tables are automatically created based on IP address range selected.

How do federated users gain access to AWS resources?

• Long-term security credentials assigned to the user secret access key.
• Permissions are attached to the IAM user or group associated with the corporate user.
• Permissions are defined for federated users using IAM roles. (Ans)
• Short-term security credentials assigned to the user secret access key.

What network levels can the classic ELB function up to?

• Level 4 (Ans)
• All network levels
• Level 7
• Only the application level

What is the key feature of an elastic IP address?

• The assigned static IP address can be moved from one location to another. (Ans)
• Elastic network addresses can be both public or private addresses.
• The static IP address is linked to your account.
• Can be assigned to multiple network locations at the same time.

How do you disable your root account at AWS?

• You can’t disable your account. (Ans)
• Set up detailed billing policies.
• SMS Multifactor authentication
• IAM policies

What type of networks can the classic ELB operate on?

• On site to site VPNs only
• Both public and private networks up to Layer 4 (Ans)
• Only public networks up to Layer 4
• Only private networks up to Layer 4

What is the distinctive difference between dedicated instances and dedicated hosts?

• Single tenancy
• Full access to the CPU cores (Ans)
• Full access to the hardware resource
• Physical hardware isolation

Rajesh Kumar

I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I have worked at Cotocus. I share tech blog at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at TrueReviewNow , and SEO strategies at Wizbrand.

Do you want to learn Quantum Computing?

Please find my social handles as below;

Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at WIZBRAND

Rajesh Kumar DailyLogs