AWS S3 Quiz 3


You can access the quiz at Link to Quiz and get all questions by printing the page.


AWS S3 Quiz 3

Question 1: An organization is consolidating data in S3, and data scientists need access to this data for initial exploration. They are well versed in SQL and would prefer to access the data in S3 using SQL. Which of these options provides the lowest cost without requiring to provision any servers?

     Option 1: Athena
     Option 2: Redshift Spectrum
     Option 3: EMR Hive
     Option 4: EMR Spark


Answer: Option 1: Athena
Reference

Question 2: A game developer is planning to use S3 to store important game statistics for each user. The traffic could reach 1000s of GET and PUT requests per second with millions of users. Which of these key naming conventions would scale to support the traffic?

     Option 1: /userID/gametitle/stats.txt
     Option 2: /gametitle/userID/stats.txt
     Option 3: /year/month/userID/stats.txt
     Option 4: /month/year/userID/stats.txt


Answer: Option 1: /userID/gametitle/stats.txt
Reference

Question 3: You need to preserve the object versions for an undetermined amount of time. Which option would you use?

     Option 1: Object Lock Legal Hold
     Option 2: Object Lock Retention Period in Governance mode
     Option 3: Object Lock Retention Period in Compliance mode


Answer: Option 1: Object Lock Legal Hold
Reference

Question 4: A client updated an existing object in S3, and another client immediately attempted to read the object. Which consistency model does S3 guarantee for updates?

     Option 1: Eventual Consistency
     Option 2: Read-After-Write-Consistency


Answer: Option 2: Read-After-Write-Consistency
Reference

Question 5: You are testing the Object Lock features and their interaction with existing life cycle policies. You want to ensure the object versions are not removed from the bucket by existing life cycle policies. What capability would you use to test this configuration?

     Option 1: Configure Object Lock retention period of one year in Governance Mode for each object
     Option 2: Configure Object Lock retention period for one year in Compliance Mode for each object


Answer: Option 1: Configure Object Lock retention period of one year in Governance Mode for each object
Reference

Question 6: Which AWS service would you use to verify the overall health of your data lake?

     Option 1: CloudTrail
     Option 2: IAM
     Option 3: CloudWatch
     Option 4: Autoscaling


Answer: Option 3: CloudWatch
Reference

Question 7: An organization requires encrypting files before they are stored in physical media in S3. The key needs to be accessible only for authorized users. The master key needs to be maintained in a tamper-resistant infrastructure and automatically rotated every year. Which of these options meet the security objectives while minimizing the ownership cost?

     Option 1: SSE-S3
     Option 2: SSE-KMS Customer Master Key
     Option 3: SSE-C
     Option 4: Client-Side Encryption


Answer: Option 2: SSE-KMS Customer Master Key
Reference

Question 8: A social media application needs to store 1000s of objects. The average size of each object is 20 KB size, and it needs to be immediately accessible when needed. The older objects are accessed less frequently. What storage would be suitable for this requirement at the lowest cost?

     Option 1: Glacier Instant Retrieval
     Option 2: One Zone IA
     Option 3: Standard
     Option 4: Standard IA
     Option 5: Glacier Flexible Retrieval


Answer: Option 3: Standard
Reference

Question 9: What design feature of S3 protects from data corruption due to hardware issues?

     Option 1: Cross-Region Replication
     Option 2: Versioning
     Option 3: Server-Side Encryption
     Option 4: Durability


Answer: Option 4: Durability
Reference

Question 10: Your department got a legal hold notice from the company’s legal department to preserve all the evidence and documents in the S3 bucket. The data should be protected from modification and deletion for three years. All buckets currently have lifecycle policies that automatically purge data at varying intervals. What would you do?

     Option 1: Put a Deny All resource-based policy on the S3 bucket
     Option 2: Put an Object Lock legal hold on all the buckets
     Option 3: Configure Object Lock retention period of three years in Governance Mode for each object
     Option 4: Configure Object Lock retention period of three years in Compliance Mode for each object


Answer: Option 4: Configure Object Lock retention period of three years in Compliance Mode for each object
Reference

Question 11: You are planning to use S3 for maintaining all images and scripts that are needed for a web application. During testing, you can view the images and scripts in S3 from an unauthenticated browser. However, when you access the web application, the browser is unable to load the picture and script. What issue might be causing this?

     Option 1: Cross Origin Resource Sharing is not configured in S3
     Option 2: S3 bucket is not public
     Option 3: Use Pre-signed URL to grant access to the resource.
     Option 4: Use Secure FTP for file transfer.


Answer: Option 1: Cross Origin Resource Sharing is not configured in S3
Reference

Question 12: What feature can you use to protect the data in S3 Data Lake if someone accidentally makes the S3 Bucket public?

     Option 1: S3 Server-Side Encryption with Default Keys
     Option 2: S3 Server-Side Encryption with Customer Master Keys


Answer: Option 2: S3 Server-Side Encryption with Customer Master Keys
Reference

Question 13: A sports broadcaster has a collection of current and historical videos that must be immediately accessible when needed. The access pattern is unclear, and storage should transparently handle availability zone failures. What S3 storage class meets the requirement while reducing the storage cost?

     Option 1: Intelligent Tiering
     Option 2: One Zone IA
     Option 3: Standard
     Option 4: Standard IA
     Option 5: Glacier Flexible Retrieval


Answer: Option 1: Intelligent Tiering
Reference

Question 14: Your corporate policy requires logging all access to the objects in the S3 bucket. You plan to use the S3 access log feature to collect the logs to a secure bucket. Where will you grant permission to the log capture process in S3?

     Option 1: Bucket Policy or Bucket ACL
     Option 2: IAM Role
     Option 3: Identity-based policy
     Option 4: Object ACL


Answer: Option 1: Bucket Policy or Bucket ACL
Reference

Question 15: A company’s corporate policy mandates the storage of critical documents for five years. The average size of the files is 2 MB. When needed, the requester can wait 24 hours. What storage would you choose for this requirement that lowers the cost?

     Option 1: Standard
     Option 2: Glacier Instanct Retrieval
     Option 3: Glacier Deep Archive
     Option 4: Standard Infrequent Access
     Option 5: Glacier Flexible Retrieval


Answer: Option 3: Glacier Deep Archive
Reference

Question 16: The object lock feature is enabled at:

     Option 1: Individual Object-level
     Option 2: Bucket-level


Answer: Option 2: Bucket-level
Reference

Question 17: An organization has several types of lab equipment that collect and store data in files. These equipments are inside the private network of the organization, and the generated data files need to be stored in S3. Which one of these options can provide a reliable mechanism for continuously transferring data to the cloud?

     Option 1: Storage Gateway
     Option 2: Directly copy the files to S3 from lab equipment using S3 Command Line Tools
     Option 3: Snowball
     Option 4: Kinesis Firehose


Answer: Option 1: Storage Gateway
Reference

Question 18: An organization is using S3 for storing log data, and the content needs to be accessible only from a specific set of on-premises servers. Where would you enforce this access policy?

     Option 1: S3 Bucket Level Policy
     Option 2: IAM User Policy
     Option 3: IAM Role
     Option 4: Storage Gateway


Answer: Option 1: S3 Bucket Level Policy
Reference

Question 19: An autonomous driving startup uses S3 for storing vehicle usage log data in S3. The average size of each file is 150 MB. The last one MB of each file contains summary information, and the teams want to store the data in a search system. What is the best mechanism to extract this summary data from S3?

     Option 1: Multi-part download
     Option 2: ElastiCache to transfer data at very high rates
     Option 3: CloudFront to distribute the data to edges for fast local access
     Option 4: S3 Byte Range Fetch


Answer: Option 4: S3 Byte Range Fetch
Reference

Question 20: Your corporate policy requires encrypted storage at rest for all data stored in the S3 Data Lake. What feature can you use that would take the least effort?

     Option 1: Client-Side Encryption with key managed in KMS
     Option 2: S3 Server-Side Encryption with key managed in KMS


Answer: Option 2: S3 Server-Side Encryption with key managed in KMS
Reference

Question 21: A team is currently using the S3 Standard class for all their storage. The data in the bucket are used by different groups in the organization, and there is no clear visibility on the percentage of data accessed. What tool can you use to generate reports on the usage of data automatically?

     Option 1: S3 Access Log
     Option 2: Storage Class Analysis
     Option 3: CloudTrail
     Option 4: Intelligent Tiering


Answer: Option 2: Storage Class Analysis
Reference

Question 22: A software company’s support team needs to provide a mechanism for customers to upload log files for troubleshooting issues. Which of these options can you use for providing access to your S3 resource for customers to upload a file?

     Option 1: Use Cognito for identity federation
     Option 2: Use Storage Gateway
     Option 3: Enable public access to the bucket and limit access from a specific customer network
     Option 4: Use pre-signed URL


Answer: Option 4: Use pre-signed URL
Reference

Question 23: A company’s security team requires that all data stored in the cloud be encrypted at rest at all times using encryption keys stored on premises.Which encryption options meet these requirements? (Select TWO.)

     Option 1: Use server-side encryption with Amazon S3 managed encryption keys (SSE-S3).
     Option 2: Use server-side encryption with AWS KMS managed encryption keys (SSE-KMS).
     Option 3: Use server-side encryption with customer-provided encryption keys (SSE-C).
     Option 4: Use client-side encryption to provide at-rest encryption.
     Option 5: Use an AWS Lambda function invoked by Amazon S3 events to encrypt the data using the customer’s keys.
     Option 6: Both options 4 and 5


Answer: Option 6: Both options 4 and 5
Reference

Question 24: An analytics company is planning to offer a web analytics service to its users. The service will require that the users’ webpages include a JavaScript script that makes authenticated GET requests to the company’s Amazon S3 bucket. What must a solutions architect do to ensure that the script will successfully execute?

     Option 1: Enable cross-origin resource sharing (CORS) on the S3 bucket.
     Option 2: Enable S3 Versioning on the S3 bucket.
     Option 3: Provide the users with a signed URL for the script.
     Option 4: Configure an S3 bucket policy to allow public execute privileges.


Answer: Option 1: Enable cross-origin resource sharing (CORS) on the S3 bucket.
Reference

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post