Slide 1
Most trusted JOB oriented professional program
DevOps Certified Professional (DCP)

Take your first step into the world of DevOps with this course, which will help you to learn about the methodologies and tools used to develop, deploy, and operate high-quality software.

Slide 2
DevOps to DevSecOps – Learn the evolution
DevSecOps Certified Professional (DSOCP)

Learn to automate security into a fast-paced DevOps environment using various open-source tools and scripts.

Slide 2
Get certified in the new tech skill to rule the industry
Site Reliability Engineering (SRE) Certified Professional

A method of measuring and achieving reliability through engineering and operations work – developed by Google to manage services.

Slide 2
Master the art of DevOps
Master in DevOps Engineering (MDE)

Get enrolled for the most advanced and only course in the WORLD which can make you an expert and proficient Architect in DevOps, DevSecOps and Site Reliability Engineering (SRE) principles together.

Slide 2
Gain expertise and certified yourself
Azure DevOps Solutions Expert

Learn about the DevOps services available on Azure and how you can use them to make your workflow more efficient.

Slide 3
Learn and get certified
AWS Certified DevOps Professional

Learn about the DevOps services offered by AWS and how you can use them to make your workflow more efficient.

previous arrow
next arrow

AWS Interview Questions and Answer Part – 31

What is the definition of a managed policy?

  • Custom policy controlled by the customer
  • Deployed by the customer
  • Created and maintained by AWS (Ans)
  • Policies applied to users and groups

What’s one difference between a network access control lists and a security group?

  • Security groups can span availability zones.
  • Security groups control subnet access, and network access control lists control instance access.
  • Security groups control instance access; network access control lists manage subnet access. (Ans)
  • Security groups are stateless; network access control lists are stateful.

How can Windows instances take advantage of paravirtualization services at AWS?

  • There is PV support for network and storage drivers. (Ans)
  • Select compute optimized instances when deploying Windows.
  • Upgrade Windows instances to Windows Server 2016 Datacenter.
  • Windows instances cannot take advantage of her paravirtualization.

How are Amazon EC2 key pairs used for Windows authentication?

  • Decryption of the user logon credentials
  • Decryption of the administrator password (Ans)
  • Encryption and decryption of logon information zip file
  • Decryption of the administrators secret key

What is the purpose of the AWS security token service with regard to federated users?

  • Security credentials are provided when requested by end-users.
  • Federated users are provided with temporary security credentials. (Ans)
  • Security credentials are provided for access to AWS resources.
  • To integrate AWS Active Directory services with customers corporate Active Directory services.

How can AWS customers confirm that identity and access management security controls are verifiable?

  • Reviewing the ISO 27001 audit
  • Reviewing the SOC-2 audit
  • Reviewing the SOC-3 audit (Ans)
  • Reviewing current IAM settings

IAM policy defines what key component?

  • Compliance and integrity
  • Integrity and encryption
  • Authorization and compliance
  • Authentication and authorization (Ans)

What IAM policy choices control root account authentication?

  • IAM group policy
  • IAM policies in general
  • Multifactor authentication (Ans)
  • IAM username policy

Which of these statements best describes AWS Lambda?

  • Datastream analysis
  • Workflow orchestration for multiple tasks
  • Serverless technology for running functions (Ans)

Which of these tools can assist with designing an environment stop/start process?

  • EC2 instances
  • Service dependency map (Ans)
  • API credentials

Which of these most accurately describes the AWS CLI?

  • Compiled executables written in C# that enable end users to access the AWS service API endpoints
  • A unified single command that interfaces between the end user and the various AWS service API endpoints (Ans)
  • Downloadable java libraries that can be run as executables to access the AWS service API endpoints

Which of these is a true statement when copying an object into an S3 bucket that is owned by another account?

  • Object ownership follows the account performing the copy or upload. (Ans)
  • Object ownership is irrelevant.
  • Object ACLs are more important than object ownership.
  • Object ownership follows the bucket.

Which of these credential locations will be tested first when using the AWS CLI?

  • Instance profile credentials
  • Config file
  • Environment variables (Ans)
  • Credentials file

Which service is used to directly generate instance profile credentials, which are visible via EC2 instance metadata?

  • EC2
  • EBS
  • KMS
  • STS (Ans)

Which command line option helps restrict the amount of output when using the CLI?

  • region
  • dry-run
  • filter (Ans)
  • output

Which of these tasks can be easily performed using the AWS Console?

  • Bulk ACL creation
  • Bucket creation (Ans)
  • Intra-bucket copies

What is the meaning of the statement “The service API is a contract with the customer”?

  • The API can only be changed if all customers agree first.
  • The API can only be added to or extended, not changed or reduced in functionality. (Ans)
  • The API is never changed after initial service release.

What are the steps involved in deleting an AMI?

  • Terminate AMI, delete snapshots
  • Delete AMI
  • Deregister AMI, delete snapshots (Ans)

What is the most appropriate AWS feature for sorting EC2 instances?

  • EC2 instance type
  • Subnet
  • Metadata tags (Ans)
  • Security groups

MFA should be used for:

  • Priviledged users
  • Every IAM user
  • The root account
  • Priviledged users and the root account (Ans)
  • Every IAM group
Rajesh Kumar