AWS S3 Quiz 1


You can access the quiz at Link to Quiz and get all questions by printing the page.


AWS S3 Quiz 1

Question 1: Which of the following S3 Object Lock configuration allows you to prevent an object or its versions from being overwritten or deleted indefinitely and gives you the ability to remove it manually?

     Option 1: Retention Governance Mode
     Option 2: Retention Compliance Mode
     Option 3: Legal Hold

Answer: Option 3: Legal Hold
Reference

Question 2: You suspect that some of your employees try to access files in an S3 bucket that they don’t have access to. How can you verify this is indeed the case without them noticing?

     Option 1: Enable S3 Access Logs and analyze them using Athena.
     Option 2: Restirct their IAM policies and look at CloudTail logs.
     Option 3: Use a bucket policy.

Answer: Option 1: Enable S3 Access Logs and analyze them using Athena.
Reference

Question 3: You have a website that loads files from an S3 bucket. When you try the URL of the files directly in your Chrome browser it works, but when the website you’re visiting tries to load these files it doesn’t. What’s the problem?

     Option 1: The Bucket policy is wrong
     Option 2: The IAM policy is wrong
     Option 3: CORS is wrong
     Option 4: Encryption is wrong

Answer: Option 3: CORS is wrong
Reference

Question 4: You have a 25 GB file that you’re trying to upload to S3 but you’re getting errors. What is a possible solution for this?

     Option 1: The file size limit on S3 is 5GB
     Option 2: Update your bucket policy to allow the larger file
     Option 3: Use Multi-Part upload when uploading files larger than 5GB
     Option 4: Encrypt the file.

Answer: Option 3: Use Multi-Part upload when uploading files larger than 5GB
Reference

Question 5: You have enabled versioning in your S3 bucket which already contains a lot of files. Which version will the existing files have?

     Option 1: 1
     Option 2: 0
     Option 3: -1
     Option 4: null

Answer: Option 4: null
Reference

Question 6: You’re getting errors while trying to create a new S3 bucket named ‘dev’. You’re using a new AWS Account with no S3 buckets created before. What is a possible cause for this?

     Option 1: You’re missing IAM permissions to create an S3 bucket.
     Option 2: S3 bucket names must be globally unique and ‘dev’ is already taken.

Answer: Option 2: S3 bucket names must be globally unique and ‘dev’ is already taken.
Reference

Question 7: While you’re uploading large files to an S3 bucket using Multi-part Upload, there are a lot of unfinished parts stored in the S3 bucket due to network issues. You are not using these unfinished parts and they cost you money. What is the best approach to remove these unfinished parts?

     Option 1: Use AWS Lambda to loop on each old/unfinished part and delete them.
     Option 2: Request AWS Support to help you delete old/unfinished parts.
     Option 3: Use an S3 Lifecycle Policy to automate old/unfinished parts deletion.

Answer: Option 3: Use an S3 Lifecycle Policy to automate old/unfinished parts deletion.
Reference

Question 8: You want the content of an S3 bucket to be fully available in different AWS Regions. That will help your team perform data analysis at the lowest latency and cost possible. What S3 feature should you use?

     Option 1: Amazon CloudFront Distributions
     Option 2: S3 Versioning
     Option 3: S3 Static Website Hosting
     Option 4: S3 Replicaiton

Answer: Option 4: S3 Replicaiton
Reference

Question 9: Your client wants to make sure that file encryption is happening in S3, but he wants to fully manage the encryption keys and never store them in AWS. You recommend him to use ……………………….

     Option 1: SSE-S3
     Option 2: SSE-KMS
     Option 3: SSE-C
     Option 4: Client-Side Encryption

Answer: Option 3: SSE-C
Reference

Question 10: You are looking to get recommendations for S3 Lifecycle Rules. How can you analyze the optimal number of days to move objects between different storage tiers?

     Option 1: S3 Inventory
     Option 2: S3 Analytics
     Option 3: S3 Lifecycle Rules Advisor

Answer: Option 2: S3 Analytics
Reference

Question 11: How can you be notified when there’s an object uploaded to your S3 bucket?

     Option 1: S3 Select
     Option 2: S3 Access Logs
     Option 3: S3 Event Notifications
     Option 4: S3 Analytics

Answer: Option 3: S3 Event Notifications
Reference

Question 12: You have an S3 bucket that has S3 Versioning enabled. This S3 bucket has a lot of objects, and you would like to remove old object versions to reduce costs. What’s the best approach to automate the deletion of these old object versions?

     Option 1: S3 Lifecycle Rules – Transition Actoins
     Option 2: S3 Lifecycle Rules – Expiration Actions
     Option 3: S3 Access Logs

Answer: Option 2: S3 Lifecycle Rules – Expiration Actions
Reference

Question 13: For compliance reasons, your company has a policy mandate that database backups must be retained for 4 years. It shouldn’t be possible to erase them. What do you recommend?

     Option 1: Glacier Vaults with Vault Lock Policies
     Option 2: EFS network drives with restrictive Linux permissions
     Option 3: S3 with Bucket Policies

Answer: Option 1: Glacier Vaults with Vault Lock Policies
Reference

Question 14: A company you’re working for wants their data stored in S3 to be encrypted. They don’t mind the encryption keys stored and managed by AWS, but they want to maintain control over the rotation policy of the encryption keys. You recommend them to use ………………..

     Option 1: SSE-S3
     Option 2: SSE-KMS
     Option 3: SSE-C
     Option 4: Client-Side Encryption

Answer: Option 2: SSE-KMS
Reference

Question 15: You have updated an S3 bucket policy to allow IAM users to read/write files in the S3 bucket, but one of the users complain that he can’t perform a PutObject API call. What is a possible cause for this?

     Option 1: The S3 bucket policy must be wrong.
     Option 2: The user is lacking permissions.
     Option 3: The IAM user must have a explicit DENY in the attached IAM Policy.
     Option 4: You need to contact AWS Support to lift his limit.

Answer: Option 3: The IAM user must have a explicit DENY in the attached IAM Policy.
Reference

Question 16: You are looking to build an index of your files in S3, using Amazon RDS PostgreSQL. To build this index, it is necessary to read the first 250 bytes of each object in S3, which contains some metadata about the content of the file itself. There are over 100,000 files in your S3 bucket, amounting to 50 TB of data. How can you build this index efficiently?

     Option 1: Use the RDS import feature to load the data from S3 to PostgreSQL , and run a SQL query to build the index.
     Option 2: Create an application that will traverse the S3 bucket, read all the files one by one, extract the first 250 bytes, and store that information in RDS
     Option 3: Create an application that will traverse the S3 bucket, issue a Byte Range Fetch for the first 250 bytes, and store that infromation in RDS.
     Option 4: Create an application that will traverse the S3 bucket, use se Select to get first 250 bytes, and store that information in RDS.

Answer: Option 3: Create an application that will traverse the S3 bucket, issue a Byte Range Fetch for the first 250 bytes, and store that infromation in RDS.
Reference

Question 17: You have a large dataset stored on-premises that you want to upload to the S3 bucket. The dataset is divided into 10 GB files. You have good bandwidth but your Internet connection isn’t stable. What is the best way to upload this dataset to S3 and ensure that the process is fast and avoid any problems with the Internet connection?

     Option 1: Use Multi-part Upload Only.
     Option 2: Use S3 Select & Use S3 Transfer Acceleration
     Option 3: Use S3 Multi-part Upload & S3 Transfer Acceleration

Answer: Option 3: Use S3 Multi-part Upload & S3 Transfer Acceleration
Reference

Question 18: An e-commerce company has its customers and orders data stored in an S3 bucket. The company’s CEO wants to generate a report to show the list of customers and the revenue for each customer. Customer data stored in files on the S3 bucket has sensitive information that we don’t want to expose in the report. How do you recommend the report can be created without exposing sensitive information?

     Option 1: Use S3 Object Lambda to change the objects before they are retrieved by the report genertor application
     Option 2: Create another S3 bucket. Create a lambda function to process each file, remove the sensitive information, and then move them to the new S3 bucket
     Option 3: Use S3 Object Lock to lock the sensitive information from being fetched by the report generator application

Answer: Option 1: Use S3 Object Lambda to change the objects before they are retrieved by the report genertor application
Reference

Question 19: Your company does not trust AWS for the encryption process and wants it to happen on the application. You recommend them to use ………………..

     Option 1: SSE-S3
     Option 2: SSE-KMS
     Option 3: SSE-C
     Option 4: Client-Side Encryption

Answer: Option 4: Client-Side Encryption
Reference

Question 20: A company is preparing for compliance and regulatory review on its infrastructure on AWS. Currently, they have their files stored on S3 buckets that are not encrypted, which must be encrypted as required for compliance and regulatory review. Which S3 feature allows them to encrypt all files in their S3 buckets in the most efficient and cost-effective way?

     Option 1: S3 Access Points
     Option 2: S3 Cross-Region Replication
     Option 3: S3 Batch Operations
     Option 4: S3 Lifecycle Rules

Answer: Option 3: S3 Batch Operations
Reference

Question 21: A company has its data and files stored on some S3 buckets. Some of these files need to be kept for a predefined period of time and protected from being overwritten and deletion according to company compliance policy. Which S3 feature helps you in doing this?

     Option 1: S3 Object Lock – Retention Governance Mode
     Option 2: S3 Versioning
     Option 3: S3 Object Lock – Retention Compliance Mode
     Option 4: S3 Glacier Vault Lock

Answer: Option 3: S3 Object Lock – Retention Compliance Mode
Reference

Question 22: You are looking to provide temporary URLs to a growing list of federated users to allow them to perform a file upload on your S3 bucket to a specific location. What should you use?

     Option 1: S3 CORS
     Option 2: S3 Pre-Signed URL
     Option 3: S3 Bucket Policies

Answer: Option 2: S3 Pre-Signed URL
Reference

Question 23: You would like to retrieve a subset of your dataset stored in S3 with the .csv format. You would like to retrieve a month of data and only 3 columns out of 10, to minimize compute and network costs. What should you use?

     Option 1: S3 Analytics
     Option 2: S3 Access Logs
     Option 3: S3 Select
     Option 4: S3 Inventory

Answer: Option 3: S3 Select
Reference

Question 24: You would like all your files in an S3 bucket to be encrypted by default. What is the optimal way of achieving this?

     Option 1: Use a bucket policy that forces HTTPS connections.
     Option 2: Enable Default Encryption
     Option 3: Enable versioning

Answer: Option 2: Enable Default Encryption
Reference

Question 25: You have 3 S3 buckets. One source bucket A, and two destination buckets B and C in different AWS Regions. You want to replicate objects from bucket A to both bucket B and C. How would you achieve this?

     Option 1: Configure replication from bucket A to bucket B, then from bucket A to Bucket C
     Option 2: Configure replication from bucket A to bucket B, then from bucket B to Bucket C
     Option 3: Configure replication from bucket A to bucket C, then from bucket C to Bucket B

Answer: Option 1: Configure replication from bucket A to bucket B, then from bucket A to Bucket C
Reference

Question 26: How can you automate the transition of S3 objects between their different tiers?

     Option 1: AWS Lambda
     Option 2: CloudWatch Events
     Option 3: S3 Lifecycle Rules

Answer: Option 3: S3 Lifecycle Rules
Reference

Question 27: You have enabled versioning and want to be extra careful when it comes to deleting files on an S3 bucket. What should you enable to prevent accidental permanent deletions?

     Option 1: Use a bucket policy
     Option 2: Use MFA Delete
     Option 3: Encrypt the files
     Option 4: Disable versioning

Answer: Option 2: Use MFA Delete
Reference

Question 28: Which of the following is NOT a Glacier Flexible retrieval mode?

     Option 1: Instant(10 seconds)
     Option 2: Expedited(1-5 minutes)
     Option 3: Stadar(3-5 hours)
     Option 4: Bulk(5-12 hours)

Answer: Option 1: Instant(10 seconds)
Reference

Question 29: Which of the following is NOT a Glacier Deep Archive retrieval mode?

     Option 1: Expedited (1 – 5 minutes)
     Option 2: Standard(12 hours)
     Option 3: Bulk(48 hours)

Answer: Option 1: Expedited (1 – 5 minutes)
Reference

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post