NO.1 A system admin wants to add more zones to the existing ELB.
The system admin wants to perform this activity from CLI.
Which of the below mentioned command helps the system admin to add new zones to the existing
A. elb-add-zones-for-lb
B. It is not possible to add more zones to the existing ELB
C. elb-enable-zones-for-lb
D. elb-configure-zones-for-lb
Answer: C

The user has created an Elastic Load Balancer with the availability zone and wants to add more zones
to the existing ELB. The user can do so in two ways:

NO.2 A user has launched an EC2 instance and deployed a production application in it. The user
wants to prohibit any mistakes from the production team to avoid accidental termination. How can
the user achieve this?
A. The user can set the Deletion termination flag to avoid accidental termination
B. It is not possible to avoid accidental termination
C. The usercan the set DisableApiTermination attribute to avoid accidental termination
D. The user can set the InstanceInitiatedShutdownBehavior flag to avoid accidental termination
Answer: C

It is always possible that someone can terminate an EC2 instance using the Amazon EC2 console,
command line interface or API by mistake. If the admin wants to prevent the instancefrom being
accidentally terminated, he can enable termination protection for that instance. The
DisableApiTermination attribute controls whether the instance can be terminated using the console,
CLI or API. By default, termination protection is disabled for an EC2 instance. When it is set it will not
allow the user to terminate the instance from CLI, API or the console.

NO.3 An organization is generating digital policy files which are required by the admins for
verification. Once the files are verified they may not be required in the future unless there is some
compliance issue. If the organization wants to save them in a cost effective way, which is the best
possible solution?
C. AWS Glacier
Answer: C

Amazon S3 stores objects according to their storage class. There are three major storage classes:
Standard, Reduced Redundancy and Glacier. Standard is for AWS S3 and provides veryhigh
durability.However, the costs are a little higher. Reduced redundancy is for less critical files. Glacier is
for archival and the files which are accessed infrequently. It is an extremely low-cost storage service
that provides secure and durable storage for data archiving and backup.

NO.4 A user has created a VPC with the public subnet. The user has created a security group for that
VPC. Which of the below mentioned statements is true when a security group is created?
A. It will have all the outbound traffic by default
B. It will by default allow traffic to the internet gateway
C. It can connect to the AWS services, such as S3 and RDS by default
D. It will haveall the inbound traffic by default
Answer: A

A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. AWS provides
two features the user can use to increase security in VPC: security groups and network ACLs. Security
groups work at the instance level while ACLs work at the subnet level. When a user creates a security
group with AWS VPC, by default itwill allow all the outbound traffic but block all inbound traffic.

