CSAA Free Test
CSAA Free Test
CSAA Free Test
State Finished
Marks 13/20
Result
Please select :
A. Amazon S3
B. Amazon EBS
C. Amazon EFS
Answer – A
Amazon S3 is a perfect storage layer for storing documents and other types of objects.
Amazon S3 also has an option for versioning as shown below. Versioning is on the bucket level and can
be used to recover prior versions of an object.
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 1/20
10/31/2018 CSAA Free Test
For more information on Amazon S3, please visit the following URL:
https://aws.amazon.com/s3/
Your company is planning on hosting an e-commerce application on the AWS Cloud. There is a
requirement for sessions to be always maintained for users. Which of the following can be used
for storing session data?
Choose 3 answers from the options given below.
Please select :
A. CloudWatch
B. DynamoDB
D. ElastiCache
E. Storage Gateway
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 2/20
10/31/2018 CSAA Free Test
Answer - B, C, and D
DynamoDB and ElastiCache are perfect options for storing session data.
Amazon DynamoDB is a fast and exible NoSQL database service for all applications that need
consistent, single-digit millisecond latency at any scale. It is a fully managed cloud database and
supports both document and key-value store models. Its exible data model, reliable performance, and
automatic scaling of throughput capacity makes it a great t for mobile, web, gaming, ad tech, IoT, and
many other applications.
For more information on AWS DynamoDB, please visit the following URL:
https://aws.amazon.com/dynamodb/
ElastiCache is a web service that makes it easy to set up, manage, and scale a distributed in-memory
data store or cache environment in the cloud. It provides a high-performance, scalable, and cost-
e ective caching solution, while removing the complexity associated with deploying and managing a
distributed cache environment.
For more information on AWS ElastiCache, please visit the following URL:
https://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/WhatIs.html
https://aws.amazon.com/caching/session-management/
A company needs to have their data stored on AWS. The initial size of data would be around 500
GB, with overall growth expected to go into 80TB over the next couple of months. The solution
must also be durable.
Which of the following would be an ideal storage option to use for such a requirement?
Please select :
A. DynamoDB
B. Amazon S3
C. Amazon Aurora
D. Amazon Redshift
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 3/20
10/31/2018 CSAA Free Test
Amazon S3 is object storage built to store and retrieve any amount of data from anywhere – web sites
and mobile apps, corporate applications, and data from IoT sensors or devices. It is designed to deliver
99.999999999% durability, and stores data for millions of applications used by market leaders in every
industry. S3 provides comprehensive security and compliance capabilities that meet even the most
stringent regulatory requirements. It gives customers exibility in the way they manage data for cost
optimization, access control, and compliance. S3 provides query-in-place functionality, allowing you to
run powerful analytics directly on your data at rest in S3.
For more information on AWS S3, please visit the following URL:
https://docs.aws.amazon.com/AmazonS3/latest/dev/Introduction.html
Please select :
A. EBS Provisioned IOPS SSD
Answer – A
Since there is a high performance requirement with high IOPS needed, one needs to opt for EBS
Provisioned IOPS SSD.
The below snapshot from the AWS Documentation mentions the need for using Provisioned IOPS for
better IOPS performance in database-based applications.
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 4/20
10/31/2018 CSAA Free Test
For more information on AWS EBS Volume types, please visit the following URL:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html
A company is planning to use AWS Simple Storage Service for hosting their project documents.
At the end of the project, the documents need to be moved to archival storage. Which of the
following implementation steps would ensure the documents are managed accordingly?
What feature will enable this requirement?
Please select :
A. Adding a bucket policy on the S3 bucket
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 5/20
10/31/2018 CSAA Free Test
Answer – B
Lifecycle con guration enables you to specify the lifecycle management of objects in a bucket. The
con guration is a set of one or more rules, where each rule de nes an action for Amazon S3 to apply to
a group of objects. These actions can be classi ed as follows:
Transition actions – In which you de ne when objects transition to another storage class. For
example, you may choose to transition objects to the STANDARD_IA (IA, for infrequent access) storage
class 30 days after creation, or archive objects to the GLACIER storage class one year after creation.
Expiration actions – In which you specify when the objects expire. Then, Amazon S3 deletes the
expired objects on your behalf.
For more information on AWS S3 Lifecycle policies, please visit the following URL:
https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html
The correct answer is: Con guring lifecycle con guration rules on the S3 bucket
Your company is planning on developing a new application. Your development team needs a
quick environment setup in AWS using NGINX as the underlying web server environment.
Which of the following services can be used to quickly provision such an environment? Select all
that apply.
Please select :
A. AWS EC2
C. AWS SQS
D. AWS ELB
Answer – A & B
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 6/20
10/31/2018 CSAA Free Test
NGINX is an open source software for web serving, reverse proxying, caching, load balancing etc. It
Whizlabs
complements the load balancing capabilities Learning
of Amazon Center
ELB and ALB by adding support for multiple
HTTP, HTTP/2, and SSL/TLS services, content-based routing rules, caching, Auto Scaling support, and
tra c management policies.
NGINX can be hosted on an EC2 instance through a series of clear steps- Launch an EC2 instance
through console, SSH into the instance and use the command yum install -y nginx to install nginx. Also,
make sure that it is con gured to restart automatically after a reboot.
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/java-tomcat-platform.html#java-tomcat-proxy
The below snippet from AWS Documentation shows the server available for Web server environments
that can be created via Elastic Beanstalk. The server shows that nginx servers can be provisioned via the
Elastic Beanstalk service.
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 7/20
10/31/2018 CSAA Free Test
For more information on the supported platforms for AWS Elastic Beanstalk, please visit the following
URL: Whizlabs Learning Center
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html
A company is planning on a Facebook-type application where users will upload videos and
images. These are going to be stored in S3. There is a concern that there could be an
overwhelming number of read and write requests on the S3 bucket.
Which of the following could be an implementation step to help ensure optimal performance on
the underlying S3 storage bucket?
Please select :
A. Use a sequential ID for the pre x
Answer – B
This recommendation for increasing performance if you have a high request rate in S3 is given in the
AWS documentation.
For more information on S3 performance considerations, please visit the following URL:
https://docs.aws.amazon.com/AmazonS3/latest/dev/request-rate-perf-considerations.html
The correct answer is: Use a hexadecimal hash for the pre x
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 8/20
10/31/2018 CSAA Free Test
A company has a set of resources hosted in a VPC on the AWS Cloud. The IT Security department
has now mandated that all IP tra c from all network interfaces in the VPC be monitored. Which
of the following would help su ce this requirement?
Please select :
A. Trusted Advisor
D. Use CloudTrail
Answer – B
VPC Flow Logs is a feature that enables you to capture information about the IP tra c going to and
from network interfaces in your VPC. Flow log data is stored using Amazon CloudWatch Logs. After
you've created a ow log, you can view and retrieve its data in Amazon CloudWatch Logs.
For more information on VPC Flow Logs, please visit the following URL:
https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/ ow-logs.html
A company has a requirement to implement block level storage. Each storage device will store
around 100 GB of data. Which of the following can be used to ful ll this requirement?
Please select :
A. AWS EBS Volumes
B. AWS S3
C. AWS Glacier
D. AWS EFS
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 9/20
10/31/2018 CSAA Free Test
Answer - A
Whizlabs
For block level storage, you need to consider Learning
EBS Volumes. Center
Options B and C are incorrect since they provide object level storage.
For more information on EBS volumes, please visit the following URL:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html
An application consists of EC2 Instances placed in di erent Availability Zones. The EC2 Instances
sit behind an application load balancer. The EC2 Instances are managed via an Auto Scaling
Group. There is a NAT Instance which is used for the EC2 Instances to download updates from
the Internet.
Which of the following is a bottleneck in the architecture?
Please select :
A. The EC2 Instances
B. The ELB
Answer – C
Since there is only one NAT instance, this is a bottleneck for the architecture. For high availability,
launch NAT instances in multiple Availability Zones and make it a part of an Auto Scaling Group.
For more information on NAT Instances, please visit the following URL:
https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 10/20
10/31/2018 CSAA Free Test
A development team wants to deploy a complete serverless application on the AWS Cloud. This
Whizlabs Learning Center
application will be invoked by users across the globe. Which of the following services would be
an ideal component in such an architecture?
Choose 2 services from the options given below.
Please select :
A. AWS Lambda
B. API Gateway
C. AWS RDS
D. AWS EC2
Answer – A and B
AWS Lambda is the serverless compute component provided by AWS. One can easily place their running
code on this service.
And then, the API gateway can be used as an invocation point for the AWS Lambda function.
For more information on AWS Lambda, please visit the following URL:
https://docs.aws.amazon.com/lambda/latest/dg/welcome.html
For more information on AWS API gateway, please visit the following URL:
https://aws.amazon.com/api-gateway/
A company has decided to use Amazon Glacier to store all of their archived documents. The
management has now issued an update that documents stored in Glacier need to be accessed
within a time span of 20 minutes for an IT audit requirement. Which of the following would allow
for documents stored in Amazon Glacier to be accessed within the required time frame after the
retrieval request?
Please select :
A. Vault Lock
B. Expedited retrieval
C. Bulk retrieval
D. Standard retrieval
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 11/20
10/31/2018 CSAA Free Test
Expedited retrievals allow you to quickly access your data when occasional urgent requests for a subset
of archives are required.
For more information on AWS Glacier Retrieval, please visit the following URL:
https://docs.aws.amazon.com/amazonglacier/latest/dev/downloading-an-archive-two-steps.html
An application is hosted on EC2 Instances. There is a promotional campaign due to start in two
weeks for the application. There is a mandate from the management to ensure that no
performance problems are encountered due to tra c growth during this time.
What action must be taken on the Auto Scaling Group to ensure this requirement can be
ful lled?
Please select :
A. Con gure step scaling for the Auto Scaling Group.
Answer – B
If you are scaling based on a metric that is a utilization metric that increases or decreases proportionally
to the number of instances in the Auto Scaling group, we recommend that you use a target tracking
scaling policy instead.
In Target tracking scaling policies you select a prede ned metric or con gure a customized metric, and
set a target value. EC2 Auto Scaling creates and manages the CloudWatch alarms that trigger the
scaling policy and calculates the scaling adjustment based on the metric and the target value. The
scaling policy adds or removes capacity as required to keep the metric at, or close to, the speci ed
target value.
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 12/20
10/31/2018 CSAA Free Test
Scheduled scaling works better when you can predict the load changes and also when you know how
Whizlabs
long you need to run. Here in our scenario we justLearning Center
know that there will be a heavy tra c during the
campaign period (period is not speci ed) but not sure about the actual tra c. Don't have any history to
predict it either.
https://docs.aws.amazon.com/autoscaling/ec2/userguide/schedule_time.html
https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html
https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-target-tracking.html
Note:
In this particular question, Dynamic Scaling is most appropriate solution than scheduled Scaling.
In the question we are mentioning that a marketing campaign will start within the next 2 weeks. We
haven't mentioned that how long it is going to run. So if we go for Scheduled scaling we don't know how
long we are going to run. So we cannot specify the Start time or End time.
More over scheduled scaling works better when you can predict the load changes. Here in our scenario
we just know that there will be a heavy tra c during the campaign period but not sure about the actual
tra c. Don't have any history to predict it either.
But if we go for Dynamic Scaling and use Target tracking scaling Policy type, it Increases or
decreases the current capacity of the group based on a target value for a speci c metric. This is similar
to the way that your thermostat maintains the temperature of your home – you select a temperature
and the thermostat does the rest.
https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scale-based-on-demand.html
The correct answer is: Con gure Dynamic scaling for the Auto Scaling Group.
A company is planning on hosting an application in AWS. The application will consist of a web
layer and database layer. Both will be hosted in a VPC. The web server is created in a public
subnet and the database in a private subnet. All subnets are created with the default ACL
settings. Following are the key requirements:
a) The web servers must be accessible only to customers on an SSL connection.
b) The database should only be accessible to web servers in a public subnet.
Which solution meets these requirements without impacting other running applications?
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 13/20
10/31/2018 CSAA Free Test
Please select :
A. Create a network ACL on the web server's subnets, allow HTTPS port 443 inbound and specify
the source as 0.0.0.0/0 .
B. Create a web server security group that allows HTTPS port 443 inbound tra c from anywhere
(0.0.0.0/0) and apply it to the web servers.
C. Create a DB server security group that allows MySQL port 3306 inbound and specify the source
as the web server security group.
D. Create a network ACL on the DB subnet, allow MySQL port 3306 inbound for web servers and
deny all outbound tra c.
Answer – B and C
1) Option B: To ensure that secure tra c can ow into your web server from anywhere, you need to
allow inbound security at 443.
2) Option C: This is to ensure that tra c can ow from the database server to the web server via the
database security group.
The below snapshot from the AWS Documentation shows the rules table for security groups which
relate to the same requirements as the question:
For more information on this use case scenario, please visit the following URL:
https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html
The correct answers are: Create a web server security group that allows HTTPS port 443 inbound tra c
from anywhere (0.0.0.0/0) and apply it to the web servers., Create a DB server security group that allows
MySQL port 3306 inbound and specify the source as the web server security group.
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 14/20
10/31/2018 CSAA Free Test
Your development team has just nished developing an application on AWS. This application is
Whizlabs Learning Center
created in .NET and is hosted on an EC2 instance. The application currently accesses a
DynamoDB table and is now going to be deployed to production.
Which of the following is the ideal and most secure way for the application to access the
DynamoDB table?
Please select :
A. Pass API credentials to the instance using instance user data.
Answer - D
You can use roles to delegate access to users, applications, or services that don't normally have
access to your AWS resources.
It is not a best practice to use IAM credentials for any production based application. It is always a
good practice to use IAM Roles.
For more information on IAM Roles, please visit the following URL:
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
The correct answer is: Assign IAM roles to the EC2 Instances.
A company is planning to adopt Infrastructure as Code (IaC) since the priority from senior
management is to achieve as much automation as required.
Which of the following components would help them achieve this purpose?
Please select :
A. AWS Beanstalk
B. AWS CloudFormation
C. AWS CodeBuild
D. AWS CodeDeploy
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 15/20
10/31/2018 CSAA Free Test
Answer - B
Whizlabs
The AWS Documentation mentions the Learning
below on AWS CenterThis supplements the
CloudFormation.
requirement in the question by allowing consultants to use their architecture diagrams to construct
cloudFormation templates.
AWS CloudFormation is a service that helps you model and set up your Amazon Web Service resources
so that you can spend less time managing those resources and more time focusing on your applications
that run on AWS. All you have to do is create a template that describes all the AWS resources that you
want (Amazon EC2 instances or Amazon RDS DB instances), and AWS CloudFormation takes care of
provisioning and con guring those resources for you.
For more information on AWS CloudFormation, please visit the following URL:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html
A company has a set of EC2 Instances that store critical data on EBS Volumes. The IT Security
team has now mandated that the data on the disk needs to be encrypted.
Which of the following can be used to achieve this purpose?
Please select :
A. AWS KMS API
Answer – A
Option B is incorrect - The AWS Certi cate Manager can be used to generate SSL certi cates to encrypt
tra c in transit, but not at rest.
Option C is incorrect - This is used for issuing tokens while using API gateway for tra c in transit.
AWS Key Management Service (AWS KMS) is a managed service that makes it easy to create and control
the encryption keys used to encrypt your data. AWS KMS is integrated with other AWS services including
Amazon Elastic Block Store (Amazon EBS), Amazon Simple Storage Service (Amazon S3), Amazon
Redshift, Amazon Elastic Transcoder, Amazon WorkMail, Amazon Relational Database Service (Amazon
RDS), and others, to make it simple to encrypt your data with encryption keys that you manage.
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 16/20
10/31/2018 CSAA Free Test
For more information on AWS KMS, please visit the following URL:
Whizlabs Learning Center
https://docs.aws.amazon.com/kms/latest/developerguide/overview.html
A company has a set of EC2 Instances that store critical data on EBS Volumes. There is a fear
from IT Supervisors that if data on the EBS Volumes is lost, then it could result in a lot of e ort to
recover the data from other sources. Which of the following would help alleviate this concern?
Please select :
A. Take regular EBS Snapshots.
Answer – A
Option D is incorrect since mirroring data across EBS Volumes is ine cient when you already have an
option for EBS Snapshots.
You can back up the data on your Amazon EBS Volumes to Amazon S3 by taking point-in-time
snapshots. Snapshots are incremental backups, which means that only the blocks on the device that
have changed after your most recent snapshot are saved. This minimizes the time required to create
the snapshot and saves on storage costs by not duplicating data. When you delete a snapshot, only the
data unique to that snapshot is removed. Each snapshot contains all of the information needed to
restore your data (from the moment when the snapshot was taken) to a new EBS volume.
For more information on AWS EBS Snapshots, please visit the following URL:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 17/20
10/31/2018 CSAA Free Test
A team is planning to host data on the AWS Cloud. Following are the key requirements:
a) Ability to store JSON documentsWhizlabs Learning Center
b) High availability and durability
Select the ideal storage mechanism that should be employed to t this requirement.
Please select :
A. Amazon EFS
B. Amazon Redshift
C. DynamoDB
D. AWS CloudFormation
Answer – C
Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable
performance with seamless scalability.
The data in DynamoDB is stored in JSON format and hence is the perfect data store for the
requirement in question.
For more information on AWS DynamoDB, please visit the following URL:
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Introduction.html
Note:
"DynamoDBMapper has a new feature that allows you to save an object as a JSON document in a
DynamoDB attribute. The mapper does the heavy work of converting the object into a JSON document
and storing it in DynamoDB. DynamoDBMapper also takes care of loading the Java object from the JSON
document when requested by the user."
https://aws.amazon.com/about-aws/whats-new/2014/10/08/amazon-dynamodb-now-supports-json-
document-data-structure-and-large-items/
https://aws.amazon.com/blogs/developer/storing-json-documents-in-amazon-dynamodb-tables/
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 18/20
10/31/2018 CSAA Free Test
A Solutions Architect is designing a shared service for hosting containers from several customers
on Amazon ECS. These containers will use several AWS services. A container from one customer
must not be able access data from another customer.
Which solution should the architect use to meet the above requirements?
Please select :
A. IAM roles for tasks
Answer – A
With IAM roles for Amazon ECS tasks, you can specify an IAM role that can be used by the containers in
a task. Applications must sign their AWS API requests with AWS credentials, and this feature provides a
strategy for managing credentials for your applications to use, similar to the way that Amazon EC2
instance pro les provide credentials to EC2 instances.
For more information on con guring IAM Roles for tasks in ECS, please visit the following URL:
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html
Company Contact us
About Us Live Chat
support@whizlabs.com
Communities Follow Us
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 19/20
10/31/2018 CSAA Free Test
Discussions
Blog Whizlabs Learning Center
https://learning.whizlabs.com/mod/quiz/review.php?attempt=1538907 20/20