{"id":8981,"date":"2020-01-18T06:39:02","date_gmt":"2020-01-18T06:39:02","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=8981"},"modified":"2021-11-13T10:27:56","modified_gmt":"2021-11-13T10:27:56","slug":"aws-interview-questions-and-answer-part-29","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/aws-interview-questions-and-answer-part-29\/","title":{"rendered":"AWS Interview Questions and Answer Part \u2013 29"},"content":{"rendered":"\n<p><strong>What security feature ensures no compromise of session keys during operation?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Perfect forward secrecy (Ans)<\/strong><\/li><li>Sticky sessions<\/li><li>Server order preference<\/li><li>SSL offload<\/li><\/ul>\n\n\n\n<p><strong>When EBS volumes are created, who has access?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>All power users<\/li><li><strong>The AWS account that created the volume (Ans)<\/strong><\/li><li>All tenant administrators<\/li><li>By default any IAM user<\/li><\/ul>\n\n\n\n<p><strong>What is the benefit of nesting IAM groups at AWS?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Nested groups override any default group listings.<\/li><li>Nested group members have easier access to more resources.<\/li><li><strong>IAM groups can&#8217;t be nested. (Ans)<\/strong><\/li><li>Allowing users to belong to multiple groups.<\/li><\/ul>\n\n\n\n<p><strong>To control access to storage what type of policy should be deployed?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>In-line<\/li><li>Tag based<\/li><li><strong>Resource-based (Ans)<\/strong><\/li><li>Managed policy<\/li><\/ul>\n\n\n\n<p><strong>What network component cannot be changed on an instance?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>The default network interface (eth0) (Ans)<\/strong><\/li><li>The Mac address<\/li><li>The public IPv4 address<\/li><li>The primary IPv4 address<\/li><\/ul>\n\n\n\n<p><strong>What is the key feature of an elastic network interface?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Elastic network interfaces increase bandwidth and decrease latency.<\/li><li>Elastic network interfaces provide automatic failover.<\/li><li>Elastic network interfaces provide a static public IP address.<\/li><li><strong>When an elastic network interface moves to a new instance, network traffic is redirected automatically. (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>How can you effectively monitor your load balancer operation?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Deploying AWS Config<\/li><li>Creating health checks via Route 53<\/li><li>Reviewing CloudTrail reports<\/li><li><strong>Using CloudWatch metrics (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>When designing IAM goals for AWS deployments access to resources should be granted based on what criteria?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Access granted based on least privilege (Ans)<\/strong><\/li><li>Access granted based on administrative requirements<\/li><li>Access granted based on application types<\/li><li>Access granted based on corporate privileges currently deployed on site<\/li><\/ul>\n\n\n\n<p><strong>What key component is required to access the AWS management console?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>A valid password (Ans)<\/strong><\/li><li>Install the AWS management console add-in<\/li><li>An identity and access management policy<\/li><li>An access key<\/li><\/ul>\n\n\n\n<p><strong>When is IAM policy checked?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Every time access as requested (Ans)<\/strong><\/li><li>Every 12 hours<\/li><li>On a need for access basis<\/li><li>Every 15 minutes<\/li><\/ul>\n\n\n\n<p><strong>What two types of hosts are supported by the application load balancer?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Layer 7 Applications<\/li><li><strong>Both instances and containers (Ans)<\/strong><\/li><li>IAM groups and target groups<\/li><li>Both Linux and Windows instances<\/li><\/ul>\n\n\n\n<p><strong>What is the definition of a VPC at AWS?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Isolated network within the AWS cloud (Ans)<\/strong><\/li><li>Flat virtual network shared by all AWS customers<\/li><li>Software defined network with predefined address ranges<\/li><li>Software defined network hosted by a single availability zone<\/li><\/ul>\n\n\n\n<p><strong>What key cloud feature does Route 53 integrate with at AWS?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Elastic load balancer&#8217;s<\/li><li>CloudWatch<\/li><li><strong>Health checks (Ans)<\/strong><\/li><li>CloudTrail<\/li><\/ul>\n\n\n\n<p><strong>By default how do subnets handle routing requests within a VPC?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Subnets within the VPC can route to each other. (Ans)<\/strong><\/li><li>Custom route tables must be created from private and public roads.<\/li><li>Custom route tables must be created for all private routes.<\/li><li>Route tables are automatically created based on IP address range selected.<\/li><\/ul>\n\n\n\n<p><strong>How do federated users gain access to AWS resources?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Long-term security credentials assigned to the user secret access key.<\/li><li>Permissions are attached to the IAM user or group associated with the corporate user.<\/li><li><strong>Permissions are defined for federated users using IAM roles. (Ans)<\/strong><\/li><li>Short-term security credentials assigned to the user secret access key.<\/li><\/ul>\n\n\n\n<p><strong>What network levels can the classic ELB function up to?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Level 4 (Ans)<\/strong><\/li><li>All network levels<\/li><li>Level 7<\/li><li>Only the application level<\/li><\/ul>\n\n\n\n<p><strong>What is the key feature of an elastic IP address?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>The assigned static IP address can be moved from one location to another. (Ans)<\/strong><\/li><li>Elastic network addresses can be both public or private addresses.<\/li><li>The static IP address is linked to your account.<\/li><li>Can be assigned to multiple network locations at the same time.<\/li><\/ul>\n\n\n\n<p><strong>How do you disable your root account at AWS?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>You can&#8217;t disable your account. (Ans)<\/strong><\/li><li>Set up detailed billing policies.<\/li><li>SMS Multifactor authentication<\/li><li>IAM policies<\/li><\/ul>\n\n\n\n<p><strong>What type of networks can the classic ELB operate on?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>On site to site VPNs only<\/li><li><strong>Both public and private networks up to Layer 4 (Ans)<\/strong><\/li><li>Only public networks up to Layer 4<\/li><li>Only private networks up to Layer 4<\/li><\/ul>\n\n\n\n<p><strong>What is the distinctive difference between dedicated instances and dedicated hosts?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Single tenancy<\/li><li><strong>Full access to the CPU cores (Ans)<\/strong><\/li><li>Full access to the hardware resource<\/li><li>Physical hardware isolation<\/li><\/ul>\n\n\n<div class=\"epyt-gallery\" data-currpage=\"1\" id=\"epyt_gallery_44498\"><figure class=\"wp-block-embed wp-block-embed-youtube is-type-video is-provider-youtube epyt-figure\"><div class=\"wp-block-embed__wrapper\"><iframe loading=\"lazy\"  id=\"_ytid_71844\"  width=\"760\" height=\"427\"  data-origwidth=\"760\" data-origheight=\"427\" src=\"https:\/\/www.youtube.com\/embed\/?enablejsapi=1&#038;autoplay=0&#038;cc_load_policy=0&#038;cc_lang_pref=&#038;iv_load_policy=1&#038;loop=0&#038;rel=1&#038;fs=1&#038;playsinline=0&#038;autohide=2&#038;theme=dark&#038;color=red&#038;controls=1&#038;disablekb=0&#038;\" class=\"__youtube_prefs__  no-lazyload\" title=\"YouTube player\"  data-epytgalleryid=\"epyt_gallery_44498\"  allow=\"fullscreen; accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen data-no-lazy=\"1\" data-skipgform_ajax_framebjll=\"\"><\/iframe><\/div><\/figure><div class=\"epyt-gallery-list\"><div>Sorry, there was a YouTube error.<\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>What security feature ensures no compromise of session keys during operation? Perfect forward secrecy (Ans) Sticky sessions Server order preference SSL offload When EBS volumes are created,&#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[5633],"tags":[],"class_list":["post-8981","post","type-post","status-publish","format-standard","hentry","category-aws"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/8981","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=8981"}],"version-history":[{"count":3,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/8981\/revisions"}],"predecessor-version":[{"id":25082,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/8981\/revisions\/25082"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=8981"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=8981"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=8981"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}