AWS Certified Solutions Architect - Associate (SAA-C02) Questions And Answers 2022

AWS Certified Solutions Architect - Associate (SAA-C02) Questions And Answers 2022 There are more than _____ regions, _____ availability zones, and _____ edge locations - Answer- 24 regions 77 availability zones 215 edge locations A region has a minimum of how many availability zones? - Answer- 2 All az's are within how many miles of each other? How many kilometers? - Answer60 miles 100 kilometers Define edge locations - Answer- AWS endpoints used for caching content Who is responsible for security OF the cloud? - Answer- AWS Who is responsible for security IN the cloud? - Answer- AWS customer Who is responsible for the encryption of data in AWS? - Answer- Officially, this is a shared responsibility, but customers are responsible for this where optional, and when it's not the default What is the difference between RDS, DynamoDB, and Redshift? - Answer- RDS - normal relational databases DynamoDB - noSQL database Redshift - database warehousing service What is the difference between AWS Site-to-Site VPN and AWS Direct Connect? - Answer- VPN goes over the public internet while Direct Connect uses a dedicated physical connection between the two networks What is AWS Global Accelerator? - Answer- An AWS service that uses AWS's private network, static IP addresses, and endpoint health checks to optimize a customer's AWS-hosted network What are the 5 Pillars of the AWS Well-Architected Framework? What does each mean? - Answer- 1. Operational Excellence - monitor & improve 2. Security - protect information 3. Reliability - perform operations correctly, consistently, and when called upon 4. Performance Efficiency - focus on using IT and computing resources efficiently 5. Cost Optimization - avoid unnecessary costs What are the 4 steps to secure an AWS root account? - Answer- 1. Enable MFA for the root account 2. Create admin group 3. Create admin user profiles 4. Add users to admin group Describe the basic structure of a policy document that gives full administrator access - Answer- { "Version":"", "Statement":[ { "Effect":"Allow", "Action":"*", "Resource":"*" } ] } IAM policy documents are in what format? - Answer- JSON What is PowerUserAccess policy? - Answer- A policy that provides full access to AWS, but does not allow access to manage users or groups What section of IAM allows an admin to set the password requirements for an account? - Answer- Account Settings What permissions do a new IAM user have? - Answer- By default, none What two values are needed to sign in to the CLI? - Answer- 1. Access Key ID 2. Secret Access Key What does "EAR" in a policy document stand for? - Answer- 1. Effect 2. Action 3. Resource What is the max file size for an S3 object? - Answer- 5TB How is an S3 URL formatted? - Answerhttps://<bucketName>.S3.<region>. When an object is uploaded to S3, what code will one receive if the upload is successful? - Answer- HTTP 200 code S3 has how many 9's availability and how many 9's durability? - Answer- 4 & 11 S3 data is stored in how many az's at minimum? - Answer- 3 List the 3 ways to secure data in S3 - Answer- 1. Server side encryption 2. ACL's 3. Bucket policies What type of consistency is present in S3? - Answer- Strong read after write consistency S3 work at what level of S3? - Answer- Object level Bucket policies work at what level of S3? - Answer- Bucket level How would a user scale S3? - Answer- They don't, it scales automatically What AWS service can be used for static websites? - Answer- S3 How does one disable versioning in S3? - Answer- Versioning cannot be disabled, but it can be suspended. List and describe the 5 advantages of S3 versioning. - Answer- 1. All Versions - all version of an object are maintained, even if they're overwritten or deleted 2. Backup - it's a great backup tool 3. Cannot be disabled - it can only be suspended 4. Lifecycle rules - can be integrated with lifecycle rules 5. Supports MFA - for deletion Why are some S3 objects still inaccessible after the S3 bucket has a public policy applied? - Answer- They are likely previous version of objects which have to be made public individually. How would one restore a versioned, deleted object in S3? - Answer- By deleting the delete marker What is the RTO that de marks the difference between glacier and glacier deep archive? - Answer- 12 hours What S3 storage classes DON'T have a retrieval fee? - Answer- Standard & Intelligent Tiering What is an S3 object lock? - Answer- A feature that prevents users from modifying or deleting an S3 object or objects within a bucket Continues....