Amazon Amazon Certifications SAP-C01 Questions & Answers

• Question 561:

  A user is creating a snapshot of an EBS volume. Which of the below statements is incorrect in relation to the creation of an EBS snapshot?

  A. Its incremental

  B. It is a point in time backup of the EBS volume

  C. It can be used to create an AMI

  D. It is stored in the same AZ as the volume

  Correct Answer: D

  The EBS snapshots are a point in time backup of the EBS volume. It is an incremental snapshot, but is always specific to the region and never specific to a single AZ. Hence the statement "It is stored in the same AZ as the volume" is incorrect.

  Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html

• Question 562:

  Which of the following is true of Amazon EBS encryption keys?

  A. Amazon EBS encryption uses the Customer Master Key (CMK) to create an AWS Key Management Service (AWS KMS) master key.

  B. Amazon EBS encryption uses the EBS Magnetic key to create an AWS Key Management Service (AWS KMS) master key.

  C. Amazon EBS encryption uses the EBS Magnetic key to create a Customer Master Key (CMK).

  D. Amazon EBS encryption uses the AWS Key Management Service (AWS KMS) master key to create a Customer Master Key (CMK).

  Correct Answer: D

  Amazon EBS encryption uses AWS Key Management Service (AWS KMS) master keys when creating encrypted volumes and any snapshots created from your encrypted volumes.

  Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html

• Question 563:

  Which of the following rules must be added to a mount target security group to access Amazon Elastic File System (EFS) from an on-premises server?

  A. Configure an NFS proxy between Amazon EFS and the on-premises server to route traffic.

  B. Set up a Point-To-Point Tunneling Protocol Server (PPTP) to allow secure connection.

  C. Permit secure traffic to the Kerberos port 88 from the on-premises server.

  D. Allow inbound traffic to the Network File System (NFS) port (2049) from the on-premises server.

  Correct Answer: D

  By mounting an Amazon EFS file system on an on-premises server, on-premises data can be migrated into the AWS Cloud. Any one of the mount targets in your VPC can be used as long as the subnet of the mount target is reachable by using the AWS Direct Connect connection. To access Amazon EFS from an on-premises server, a rule must be added to the mount target security group to allow inbound traffic to the NFS port (2049) from the on-premises server.

  Reference: http://docs.aws.amazon.com/efs/latest/ug/how-it-works.html

• Question 564:

  You have custom Network File System (NFS) client settings for your Amazon Elastic File System (EFS). It takes up to three seconds for an Amazon Elastic Compute Cloud (EC2) instance to see a write operation performed on a file system from another Amazon EC2 instance.

  Which of the following actions should you take to solve the custom NFS settings from causing delays in the write operation?

  A. Unmount and remount the file system with the noac option to disable attribute caching.

  B. Reduce the number of active users that have files open simultaneously on the instances.

  C. Verify that the IP address of the specified mount target is valid.

  D. Run the write operation from a different user ID on the same Amazon EC2 instance.

  Correct Answer: A

  When you set up custom NFS client settings, it takes up to three seconds for an Amazon EC2 instance to see a write operation being performed on a file system from another Amazon EC2 instance. To solve this issue, you must unmount and remount your file system with the noac option to disable attribute caching if the NFS client on the Amazon EC2 instance that is reading the data has attribute caching activated. Attribute cache can also be cleared on demand by using a programming language that is compatible with the NFS procedures. To do this, you must send an ACCESS procedure request immediately before a read request.

  Reference: http://docs.aws.amazon.com/efs/latest/ug/troubleshooting.html#custom-nfs-settings-write-delays

• Question 565:

  Amazon Elastic File System (EFS) provides information about the space used for an object by using the space _ used attribute of the Network File System Version 4.1 (NFSv4.1). The attribute includes the object's current metered data size and not the metadata size. Which of the following utilities will you use to measure the amount of disk that is used of a file?

  A. blkid utility

  B. du utility

  C. sfdisk utility

  D. pydf utility

  Correct Answer: B

  Amazon EFS reports file system sizes and sizes of objects within a file system. Using the NFSv4.1 space _ used attribute for measuring the space used for an object, it reports only the object's current metered data size and not the metadata size. There are two utilities available for measuring disk usage of a file, the du and stat utilities.

  Reference: https://docs.aws.amazon.com/efs/latest/ug/metered-sizes.html

• Question 566:

  When I/O performance is more important than fault tolerance, which of the following configurations should be used?

  A. SPAN 10

  B. RAID 1

  C. RAID 0

  D. NFS 1

  Correct Answer: C

  When I/O performance is more important than fault tolerance, the RAID 0 configuration must be used; for example, as in a heavily used database (where data replication is already set up separately).

  Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/raid-config.html

• Question 567:

  Which of the following Amazon RDS storage types is ideal for applications with light or burst I/O requirements?

  A. Both magnetic and Provisioned IOPS storage

  B. Magnetic storage

  C. Provisioned IOPS storage

  D. None of these

  Correct Answer: B

  Amazon RDS provides three storage types: magnetic, General Purpose (SSD), and Provisioned IOPS (input/output operations per second). Magnetic (Standard) storage is ideal for applications with light or burst I/O requirements.

  Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html

• Question 568:

  Your Application is not highly available, and your on-premises server cannot access the mount target because the Availability Zone (AZ) in which the mount target exists is unavailable.

  Which of the following actions is recommended?

  A. The application must implement the checkpoint logic and recreate the mount target.

  B. The application must implement the shutdown logic and delete the mount target in the AZ.

  C. The application must implement the delete logic and connect to a different mount target in the same AZ.

  D. The application must implement the restart logic and connect to a mount target in a different AZ.

  Correct Answer: D

  To make sure that there is continuous availability between your on-premises data center and your Amazon Virtual Private Cloud (VPC), it is suggested that you configure two AWS Direct Connect connections. Your application should implement restart logic and connect to a mount target in a different AZ if your application is not highly available and your on-premises server cannot access the mount target because the AZ in which the mount target exists becomes unavailable.

  Reference: http://docs.aws.amazon.com/efs/latest/ug/performance.html#performance-onpremises

• Question 569:

  A user is creating a Provisioned IOPS volume. What is the maximum ratio the user should configure between Provisioned IOPS and the volume size?

  A. 30 to 1

  B. 50 to 1

  C. 10 to 1

  D. 20 to 1

  Correct Answer: B

  Provisioned IOPS SSD (io1) volumes are designed to meet the needs of I/O-intensive workloads, particularly database workloads, that are sensitive to storage performance and consistency. An io1 volume can range in size from 4 GiB to 16 TiB and you can provision 100 up to 20,000 IOPS per volume. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. For example, a 100 GiB volume can be provisioned with up to 5,000 IOPS. Any volume 400 GiB in size or greater allows provisioning up to the 20,000 IOPS maximum.

  Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html

• Question 570:

  You want to mount an Amazon EFS file system on an Amazon EC2 instance using DNS names. Which of the following generic form of a mount target's DNS name must you use to mount the file system?

  A. availability-zone.file-system-id.efs.aws-region.amazonaws.com

  B. efs-system-id.availability-zone.file-aws-region.amazonaws.com

  C. $file-system-id.$availability-zone.$efs.aws-region.$amazonaws.com

  D. #aws-region.#availability-zone.#file-system-id.#efs.#amazonaws.com

  Correct Answer: A

  An Amazon EFS file system can be mounted on an Amazon EC2 instance using DNS names. This can be done with either a DNS name for the file system or a DNS name for the mount target. To construct the mount target's DNS name, use the following generic form: availability-zone.file-system-id.efs.aws-region.amazonaws.com

  Reference: http://docs.aws.amazon.com/efs/latest/ug/mounting-fs.html#mounting-fs-install-nfsclient