AWS

AWS Interview Questions and Answer Part – 5

January 10, 2020 comments off

Which of the following is NOT a feature of IAM?

  • Centralised control of your AWS account
  • Integrates with existing active directory account allowing single sign on
  • Fine-grained access control to AWS resources
  • Allows you to setup biometric authentication, so that no passwords are required (Ans)

AWS recommends that EC2 instances have credentials stored on them so that the instances can access other resources (such as S3 buckets).

  • True
  • False (Ans)

Which IAM entity can you use to delegate access to your AWS resources to users, groups or services?

  • IAM User
  • IAM Web Identity Federation
  • IAM Role (Ans)
  • IAM Group

In AWS, what is IAM used for?

  • Secure VPN access to AWS
  • Creating and managing users and groups, managing access to AWS services & assigning permissions to allow and deny access to AWS resources. (Ans)
  • To move large amount of data (Terrabytes) in to AWS.
  • IAM is a serverless compute platform.

What is an IAM Policy?

  • A csv file contains a users Access Key and Secret Access Key
  • A JSON document which defines one or more permissions (Ans)
  • A file containing a user’s private ssh key
  • The policy which determines how your AWS bill will be paid.

Which is the best way to enable your EC2 instance to read files in an S3 bucket?

  • Create a new IAM user and grant read access to S3. Store the user’s credentials locally on the EC2 instance and configure your application to supply the credentials with each API resquest.
  • Configure a bucket policy which grants read acess based on the EC2 instance name.
  • Create an IAM role with read access to S3 and assign the role to the EC2 instance. (Ans)
  • Create a new IAM role and grant access to S3. Store the role’s credentials locally on the EC2 instance and configure your application to supply the credentials with each API request.

Which statement best describes IAM?

  • IAM allows you to manage users, groups, and roles and their corresponding level of access to the AWS Platform. (Ans)
  • IAM allows you to manage user’s passwords only. AWS staff must create nwe users for your organization. This is done by raising a ticket.
  • IAM allows you to manage permission for AWS resources only.
  • IAM stnads for Improvised Application Management, and it allows you to deploy and manage applications in the AWS Cloud.

A HTTP 4XX code means __.

  • There has been a server side error.
  • There has been a client side error. (Ans)
  • There has been a redirection.
  • The request was successful.

To retrieve instance Metadata or Userdata, you will need to use which the following IP Addresses?

  • http://127.0.0.1
  • http://192.168.0.254
  • http://10.0.0.1
  • http://169.254.169.254 (Ans)

Which AWS service below is chargeable?

  • Autoscaling
  • Elastic Beanstalk
  • Elastic Load Balancers (Ans)
  • Cloud Formation

Which of the following best describes Amazon ECS?

  • The Elastic Container Scheduler is software that you can run and manage to orchestrate many running Docker containers.
  • The Elastic Container Service is software that you can run and manage to orchestrate many running Docker containers. (Ans)
  • The Elastic Container Scheduler is a service that manages running Docker containers on a group of your EC2 instances.
  • The Elastic Container Scheduler is a serverless system to manage running many Docker containers in a flexible and cost-effective way.
    e. The Elastic Container Services is a serverless system to manage running many Docker containers in a flexible and cost-effective way.

In order to enable encryption at rest using EC2 and Elastic Block Store, you must __.

  • Configure encryption when creation the EBS volume (Ans)
  • Configure encryption using the appropiate Operation Systems file system
  • Configure encryption using X.509 certificates
  • Mount the EBS volume in to S3 and then encrypt the bucket using a bucket poliy.

An HTTP 200 code means __.

  • The request has failed
  • The request was successful (Ans)
  • There has been a server side error
  • There has bben a client side error

An HTTP 3xx code means __.

  • The request was successful (Ans)
  • There has been a client side error
  • There has been a server side error
  • There nas been a redirection

A HTTP 5XX code means __.

  • There has been a server side error (Ans)
  • There has beeen a client side errror
  • THere has been a redirection
  • The request was a success

You have an EC2 instance that needs to know both its private IP address and its public IP address. To do this, the application needs to __.

  • Run IPCONFIG (Windows) or IFCONFIG (Linux)
  • Retrieve the instance Metadata from http://169.254.169.254/latest/meta-data/ (Ans)
  • Retrive the instance Userdata from http://169.254.196.254/latest/meta-data/
  • User the following command:\”AWS EC2 displayIP\

Individual instances are provisioned __.

  • In Regions
  • In Availability Zones (Ans)
  • Globally

The default region for an SDK is \”US-EAST-1\”.

  • True (Ans)
  • False

You are a developer for a genomics firm who are moving their infrastructure to AWS. Their environment consists of a three tier web application, a web tier, an application tier and a relational database tier. They have a seperate fleet of virtual machines that are used to access large HPC clusters on the fly. Their lab researches run multiple projects simulaneously and they will need to launch and de-commission 1,000’s of nodes on-demand while reducing the time required to complete genomic sequencing from weeks to days. In order to stay competitive they need to do this at as low cost as possible, with no long term contracts. These HPC clusters can run any time day or night and their workloads store information in S3, so the instances can be terminated at any time without any effect on the data. What is the most COST EFFECTIVE ec2 pricing model for their requirements?

  • On-demand.
  • Reserved Instances.
  • Dedicated Instances.
  • Spot Instances. (Ans)
Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)