AWS Machine Learning Specialty Exam Questions with
100% Verified Answers Latest 2025
Amazon S3
Service that allows people to store objects (files) in buckets
("directories")
T/F: Buckets in Amazon S3 must have a globally unique name.
True
T/F: Objects (files) have a Key, which is the FULL path (e.g.,
<my_bucket>/my_file.txt)
True
T/F: The max object size in Amazon S3 is 5TB.
True
T/F: Object tags (key/value pairs) can be used in Amazon S3 for
security and classification purposes.
True
T/F: Amazon S3 supports any file format for objects.
True
Amazon S3 Partitioning
Pattern for speeding up range queries
Amazon S3 Standard - General Purpose
Designed for frequently accessed data (more than once a month) with
millisecond access
Amazon S3 Standard-Infrequent Access
Used for data that is less frequently accessed but requires rapid
access when needed; use cases include disaster recovery and backups.
Amazon S3 One Zone-Infrequent Access
Used for data that is less frequently accessed but requires rapid
access when needed; data is lost when the AZ is destroyed.
Amazon S3 Glacier Instant Retrieval
,AWS Machine Learning Specialty Exam Questions with
100% Verified Answers Latest 2025
Low-cost object storage meant for archiving / backup;
• Provides millisecond retrieval and is good for data accessed once a
quarter
Amazon S3 Glacier Flexible Retrieval
Low-cost object storage meant for archiving / backup with different
retrieval options:
• Expedited (1 to 5 minutes), Standard (3 to 5 hours), Bulk (5 to 12
hours) - free
• Minimum storage duration of 90 days
Amazon S3 Glacier Deep Archive
Lowest-cost object storage class ideal for archiving / backup
• Able to retrieve objects within 12 hours
Amazon S3 Intelligent Tiering
Storage classes that allows you to move data between storage classes
based on usage for a small monthly monitoring and auto-tiering fee
Durability
Represents how many times an object could be lost by Amazon S3
Example: If you store 10,000,000 objects with Amazon S3, you can on
average expect to incur a loss of a single object once every 10,000
years.
Availability
Measures how readily available a service is
Example: S3 Standard has 99.99% availability = not available 53 minutes
a year.
T/F: The durability is the same for all storage classes in Amazon S3.
True
,AWS Machine Learning Specialty Exam Questions with
100% Verified Answers Latest 2025
Amazon S3 Lifecycle Rules
Set of rules that define actions that Amazon S3 applies to a group of
objects
Two types of Amazon S3 Lifecycle Rules
• Transition Actions - Configuring objects to transition to another
storage class
• Expiration Actions - Configuring objects to expire (delete) after
some time
Amazon S3 Analytics - Storage Class Analysis
• Help you decide when to transition objects to
the right storage class
• Recommendations for Standard and Standard IA
T/F: Amazon S3 Analytics - Storage Class Analysis works for One-Zone IA
and Glacier.
False
T/F: IAM Policies are known as user-based security.
True
T/F: Bucket Policies are known as resource-based security.
True
Security Options in Amazon S3
• User-Based (e.g., IAM Policies)
• Resource-Based (e.g., Bucket Policies)
• Encryption (e.g., Encryption Keys)
Amazon S3 Bucket Policies
JSON-based policies with statements specifying resources, effect,
actions, and principal
Bucket settings for Block Public Access
, AWS Machine Learning Specialty Exam Questions with
100% Verified Answers Latest 2025
• These settings were created to prevent company data leaks
• If you know your bucket should never be public, leave these on
• Can be set at the account level
Amazon S3 Object Encryption Options
• Server-Side Encryption with Amazon S3-Managed Keys
• Server-Side Encryption with KMS Keys stored in AWS KMS
• Server-Side Encryption with Customer-Provided Keys
• Client-Side Encryption
Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)
Object encryption using keys handled, managed, and owned by AWS
Server-Side Encryption with KMS Keys (SSE-KMS)
Object encryption using keys handled and managed by AWS KMS (Key
Management Service)
SSE-KMS Limitation
• If you use SSE-KMS, you may be impacted by the KMS limits
• When you upload, it calls the GenerateDataKey KMS API
• When you download, it calls the Decrypt KMS API
• Count towards the KMS quota per second
(5500, 10000, 30000 req/s based on region)
• You can request a quota increase using the Service Quotas Console
Server-Side Encryption with Customer-Provided Keys (SSE-C)
Object encryption using keys fully managed by the customer outside of
AWS
Client-Side Encryption
100% Verified Answers Latest 2025
Amazon S3
Service that allows people to store objects (files) in buckets
("directories")
T/F: Buckets in Amazon S3 must have a globally unique name.
True
T/F: Objects (files) have a Key, which is the FULL path (e.g.,
<my_bucket>/my_file.txt)
True
T/F: The max object size in Amazon S3 is 5TB.
True
T/F: Object tags (key/value pairs) can be used in Amazon S3 for
security and classification purposes.
True
T/F: Amazon S3 supports any file format for objects.
True
Amazon S3 Partitioning
Pattern for speeding up range queries
Amazon S3 Standard - General Purpose
Designed for frequently accessed data (more than once a month) with
millisecond access
Amazon S3 Standard-Infrequent Access
Used for data that is less frequently accessed but requires rapid
access when needed; use cases include disaster recovery and backups.
Amazon S3 One Zone-Infrequent Access
Used for data that is less frequently accessed but requires rapid
access when needed; data is lost when the AZ is destroyed.
Amazon S3 Glacier Instant Retrieval
,AWS Machine Learning Specialty Exam Questions with
100% Verified Answers Latest 2025
Low-cost object storage meant for archiving / backup;
• Provides millisecond retrieval and is good for data accessed once a
quarter
Amazon S3 Glacier Flexible Retrieval
Low-cost object storage meant for archiving / backup with different
retrieval options:
• Expedited (1 to 5 minutes), Standard (3 to 5 hours), Bulk (5 to 12
hours) - free
• Minimum storage duration of 90 days
Amazon S3 Glacier Deep Archive
Lowest-cost object storage class ideal for archiving / backup
• Able to retrieve objects within 12 hours
Amazon S3 Intelligent Tiering
Storage classes that allows you to move data between storage classes
based on usage for a small monthly monitoring and auto-tiering fee
Durability
Represents how many times an object could be lost by Amazon S3
Example: If you store 10,000,000 objects with Amazon S3, you can on
average expect to incur a loss of a single object once every 10,000
years.
Availability
Measures how readily available a service is
Example: S3 Standard has 99.99% availability = not available 53 minutes
a year.
T/F: The durability is the same for all storage classes in Amazon S3.
True
,AWS Machine Learning Specialty Exam Questions with
100% Verified Answers Latest 2025
Amazon S3 Lifecycle Rules
Set of rules that define actions that Amazon S3 applies to a group of
objects
Two types of Amazon S3 Lifecycle Rules
• Transition Actions - Configuring objects to transition to another
storage class
• Expiration Actions - Configuring objects to expire (delete) after
some time
Amazon S3 Analytics - Storage Class Analysis
• Help you decide when to transition objects to
the right storage class
• Recommendations for Standard and Standard IA
T/F: Amazon S3 Analytics - Storage Class Analysis works for One-Zone IA
and Glacier.
False
T/F: IAM Policies are known as user-based security.
True
T/F: Bucket Policies are known as resource-based security.
True
Security Options in Amazon S3
• User-Based (e.g., IAM Policies)
• Resource-Based (e.g., Bucket Policies)
• Encryption (e.g., Encryption Keys)
Amazon S3 Bucket Policies
JSON-based policies with statements specifying resources, effect,
actions, and principal
Bucket settings for Block Public Access
, AWS Machine Learning Specialty Exam Questions with
100% Verified Answers Latest 2025
• These settings were created to prevent company data leaks
• If you know your bucket should never be public, leave these on
• Can be set at the account level
Amazon S3 Object Encryption Options
• Server-Side Encryption with Amazon S3-Managed Keys
• Server-Side Encryption with KMS Keys stored in AWS KMS
• Server-Side Encryption with Customer-Provided Keys
• Client-Side Encryption
Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)
Object encryption using keys handled, managed, and owned by AWS
Server-Side Encryption with KMS Keys (SSE-KMS)
Object encryption using keys handled and managed by AWS KMS (Key
Management Service)
SSE-KMS Limitation
• If you use SSE-KMS, you may be impacted by the KMS limits
• When you upload, it calls the GenerateDataKey KMS API
• When you download, it calls the Decrypt KMS API
• Count towards the KMS quota per second
(5500, 10000, 30000 req/s based on region)
• You can request a quota increase using the Service Quotas Console
Server-Side Encryption with Customer-Provided Keys (SSE-C)
Object encryption using keys fully managed by the customer outside of
AWS
Client-Side Encryption
