AWS Certified Solutions Architect – Associate 2022 Latest Questions And Answers

Document Content and Description Below

AWS Certified Solutions Architect – Associate 2022 Latest Questions And Answers Account and Services Layer - Answer- Represents how users create, access, and manage an AWS account and its serv... ices. root user - Answer- The login created when an AWS account is first created and that has full administrative rights and access to every part of the account. IAM user - Answer- A login created in IAM with varying degrees of access to the AWS account controlled with IAM Policies. application programming interface (API) - Answer- A set of subroutine definitions, communication protocols, and tools for interacting with a service. What are the account connection tools? - Answer- AWS Management Console, AWS CLI, AWS SDK AWS Management Console - Answer- A web-based graphical user interface, which uses API calls, for accessing and administering AWS resources. AWS Command Line Interface (CLI) - Answer- A text-based interface for accessing and administering AWS resources through API calls. AWS Software Development Kit (SDK) - Answer- Integrates AWS Services with custom applications through API calls written in a variety of languages. Physical and Networking Layer - Answer- Represents the global infrastructure of AWS in terms of where resources are physically located and how data flows through the network. Region - Answer- An autonomous collection of Availability Zones that are in geographical proximity and share high-speed connections between each other. What influences the choice of region? - Answer- Proximity to users or administrators for low latency, data sovereignty regulations, service availability, and price. Availability Zone - Answer- The foundation of AWS's approach to high availability and fault tolerance consisting of groups of data centers that are linked together but physically isolated so that an outage impacting one data center does not impact another. data center - Answer- The physical building housing the servers and other hardware running AWS. Edge Location - Answer- One of over 100 data centers located around the world designed to provide low latency access to content hosted on AWS. Which services are available at an Edge Location? - Answer- Route 53, CloudFront, AWS Shield, AWS WAF, Lambda@Edge, S3 Transfer, API Gateway. Regional Edge Cache - Answer- Where CloudFront stores content that has been ejected from an Edge Location so that it does not have to go back to the origin for it. high availability - Answer- Architecture that continues to remain available to end users in the event of a component or systems failure. fault tolerance - Answer- Architecture that not only remains available during an outage but suffers no degradation in performance. scalability - Answer- The ability of a system to easily increase in size and capacity in a cost-effective way. vertical scaling - Answer- Increasing the capacity of a single instance or server. horizontal scaling - Answer- Increasing the number of instances or servers. elasticity - Answer- The ease of a system's ability to change or adapt not only scaling up but scaling down. cost efficient - Answer- Making the trade-offs required to make a system as inexpensive as possible while meeting all functional requirements. secure - Answer- Following the proper guidelines and practices to protect a system at every layer. Shared Responsibility Model - Answer- AWS is responsible for security of the cloud (global infrastructure and foundation services) and customers are responsible for security in the cloud (virtual environment, data, and applications). Identity and Access Management (IAM) - Answer- Manages AWS users, groups, and roles and their access to AWS accounts and services. What are common uses of IAM? - Answer- Managing users, groups, roles, IAM Access Policies, API keys, password policies, and MFA requirements. What access does a new IAM user have? - Answer- None. There is an implicit deny rule set on all new IAM users. What scope does IAM have? - Answer- Global. IAM permissions apply to all zones. What are best practices for IAM? - Answer- Delete the root access keys. Activate MFA on the root user. Create and use an IAM user with Admin privileges instead of the root user. Create individual IAM users. Use groups to assign permissions. Follow the Principle of Least Privilege. Apply an IAM password policy. IAM policy - Answer- A JSON document that formally states one or more permissions. administrator access - Answer- Full access to all AWS resources. power user access - Answer- Full access to all AWS resources except for user and group management. read-only access - Answer- Can only view AWS resources. Amazon Resource Name (ARN) - Answer- The unique identifier for AWS resources. What tools are available for creating custom policies? - Answer- Visual editor and JSON editor. AWS policy - Answer- A standalone policy that is created and administered by AWS. customer managed policy - Answer- A standalone policy that is created and administered by a user. inline policy - Answer- A policy that is an inherent part of a user, group, or role. IAM group - Answer- Allows for assigning IAM permission policies to more than one user at a time. IAM role - Answer- Something that another entity can assume and in doing so acquire temporary permissions. What kind of entities can assume an IAM role? - Answer- AWS services, AWS accounts, IAM users, IAM groups, IAM roles, and federated users. Why must roles be used? - Answer- Policies cannot be attached to AWS services. trust policy - Answer- Defines the entities that have permission to assume an IAM role. How long until an IAM role's permissions expire? - Answer- Between 15 minutes and 12 hours. cross-account access - Answer- Granting an AWS account permissions within another AWS account through IAM roles. API access key - Answer- Used to sign programmatic requests to AWS from AWS CLI, Tools for Windows PowerShell, AWS SDKs, and direct HTTP calls using the APIs for individual AWS services. Continues.... [Show More]

Last updated: 1 year ago

Preview 1 out of 32 pages