AWS Certified Solutions Architect - Associate
(SAA-C02) Questions And Answers 2022
There are more than _____ regions, _____ availability zones, and
... [Show More] _____ edge
locations - Answer- 24 regions
77 availability zones
215 edge locations
A region has a minimum of how many availability zones? - Answer- 2
All az's are within how many miles of each other? How many kilometers? - Answer60 miles
100 kilometers
Define edge locations - Answer- AWS endpoints used for caching content
Who is responsible for security OF the cloud? - Answer- AWS
Who is responsible for security IN the cloud? - Answer- AWS customer
Who is responsible for the encryption of data in AWS? - Answer- Officially, this is a
shared responsibility, but customers are responsible for this where optional, and
when it's not the default
What is the difference between RDS, DynamoDB, and Redshift? - Answer- RDS -
normal relational databases
DynamoDB - noSQL database
Redshift - database warehousing service
What is the difference between AWS Site-to-Site VPN and AWS Direct Connect? -
Answer- VPN goes over the public internet while Direct Connect uses a dedicated
physical connection between the two networks
What is AWS Global Accelerator? - Answer- An AWS service that uses AWS's
private network, static IP addresses, and endpoint health checks to optimize a
customer's AWS-hosted network
What are the 5 Pillars of the AWS Well-Architected Framework? What does each
mean? - Answer- 1. Operational Excellence - monitor & improve
2. Security - protect information
3. Reliability - perform operations correctly, consistently, and when called upon
4. Performance Efficiency - focus on using IT and computing resources efficiently
5. Cost Optimization - avoid unnecessary costs
What are the 4 steps to secure an AWS root account? - Answer- 1. Enable MFA for
the root account
2. Create admin group
3. Create admin user profiles
4. Add users to admin group
Describe the basic structure of a policy document that gives full administrator access
- Answer- {
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":"*",
"Resource":"*"
}
]
}
IAM policy documents are in what format? - Answer- JSON
What is PowerUserAccess policy? - Answer- A policy that provides full access to
AWS, but does not allow access to manage users or groups
What section of IAM allows an admin to set the password requirements for an
account? - Answer- Account Settings
What permissions do a new IAM user have? - Answer- By default, none
What two values are needed to sign in to the CLI? - Answer- 1. Access Key ID
2. Secret Access Key
What does "EAR" in a policy document stand for? - Answer- 1. Effect
2. Action
3. Resource
What is the max file size for an S3 object? - Answer- 5TB
How is an S3 URL formatted? - Answerhttps://.S3..amazonaws.com/
When an object is uploaded to S3, what code will one receive if the upload is
successful? - Answer- HTTP 200 code
S3 has how many 9's availability and how many 9's durability? - Answer- 4 & 11
S3 data is stored in how many az's at minimum? - Answer- 3
List the 3 ways to secure data in S3 - Answer- 1. Server side encryption
2. ACL's
3. Bucket policies
What type of consistency is present in S3? - Answer- Strong read after write
consistency
S3 work at what level of S3? - Answer- Object level
Bucket policies work at what level of S3? - Answer- Bucket level
How would a user scale S3? - Answer- They don't, it scales automatically
What AWS service can be used for static websites? - Answer- S3
How does one disable versioning in S3? - Answer- Versioning cannot be disabled,
but it can be suspended.
List and describe the 5 advantages of S3 versioning. - Answer- 1. All Versions - all
version of an object are maintained, even if they're overwritten or deleted
2. Backup - it's a great backup tool
3. Cannot be disabled - it can only be suspended
4. Lifecycle rules - can be integrated with lifecycle rules
5. Supports MFA - for deletion
Why are some S3 objects still inaccessible after the S3 bucket has a public policy
applied? - Answer- They are likely previous version of objects which have to be
made public individually.
How would one restore a versioned, deleted object in S3? - Answer- By deleting the
delete marker
What is the RTO that de marks the difference between glacier and glacier deep
archive? - Answer- 12 hours
What S3 storage classes DON'T have a retrieval fee? - Answer- Standard
&
Intelligent Tiering
What is an S3 object lock? - Answer- A feature that prevents users from modifying or
deleting an S3 object or objects within a bucket
Continues.... [Show Less]