A user has created an AWS AMI. The user wants the AMI to be available only to his friend and not anyone else. How can the user manage this?

A. Share the AMI with the community and setup the approval workflow before anyone launches it.
B. It is not possible to share the AMI with the selected user.
C. Share the AMI with a friend's AWS account ID.
D. Share the AMI with a friend's AWS login ID.

Will you be able to access EC2 snapshots using the regular Amazon S3 APIs?

A. Yes, you will be able to access using S3 APIs if you have chosen the snapshot to be stored in S3.
B. No, snapshots are only available through the Amazon EBS APIs.
C. Yes, you will be able to access them using S3 APIs as all snapshots are stored in S3.
D. No, snapshots are only available through the Amazon EC2 APIs.

While assigning a tag to an instance, which of the below mentioned options is not a valid tag key/value pair?

A. Key : "aws" Value:"aws"
B. Key: "aws:name" Value: "instanceAnswer: Aws"
C. Key: "Name :aws" Value: "instanceAnswer: Aws"
D. Key : "nameAnswer: Aws" Value:"aws:instance"

A user is accessing an EC2 instance on the SSH port for IP 10.20.30.40/32.
Which one is a secure way to configure that the instance can be accessed only from this IP?

A. In the security group, open port 22 for IP 10.20.30.40
B. In the security group, open port 22 for IP 10.20.30.0
C. In the security group, open port 22 for IP 10.20.30.40/32
D. In the security group, open port 22 for IP 10.20.30.40/0

You have a website which requires international presence and consequently you have set it up as follows. It is hosted on 30 EC2 instances. It is on in 15 regions around the globe. Each region has 2 instances. All the instances are a public hosted zone.
Which of the following is the best way to configure your site to maintain availability with minimum downtime if one of the 15 regions was to lose network connectivity for an extended period? (Choose two.)

A. Create a Route 53 Latency Based Routing Record set that resolves to an Elastic Load Balancer in each region and has the Evaluate Target Health flag set to true.
B. Create a Route 53 failover routing policy and configure an active-passive failover.
C. Create a Route 53 Failover Routing Policy and assign each resource record set a unique identifier and a relative weight.
D. Create a Route 53 Geolocation Routing Policy that resolves to an Elastic Load Balancer in each region and has the Evaluate Target Health flag set to false.

A user has configured two security groups which allow traffic as given below: 1: SecGrp1:
Inbound on port 80 for 0.0.0.0/0
Inbound on port 22 for 0.0.0.0/0 2: SecGrp2: Inbound on port 22 for 10.10.10.1/32
If both the security groups are associated with the same instance, which of the below mentioned statements is true?

A. It is not possible to have more than one security group assigned to a single instance
B. It is not possible to create the security group with conflicting rules. AWS will reject the request
C. It allows inbound traffic for everyone on both ports 22 and 80
D. It allows inbound traffic on port 22 for IP 10.10.10.1 and for everyone else on port 80

An organization hosts an app on EC2 instances which multiple developers need access to in order to perform updates. The organization plans to implement some security best practices related to instance access.
Which one of the following recommendations will not help improve its security in this way?

A. Disable the password based login for all the users. All the users should use their own keys to connect with the instance securely.
B. Create an IAM policy allowing only IAM users to connect to the EC2 instances with their own SSH key.
C. Create a procedure to revoke the access rights of the individual user when they are not required to connect to EC2 instance anymore for the purpose of application configuration.
D. Apply the latest patch of OS and always keep it updated.

In CloudFormation, if you want to map an Amazon Elastic Block Store to an Amazon EC2 instance, _________.

A. you reference the logical IDs to associate the block stores with the instance
B. you reference the physical IDs of the instance along with the resource type
C. you reference the instance IDs of the block store along with the resource properties
D. you reference the physical IDs of both the block stores and the instance

You have written a CloudFormation template that creates 1 Elastic Load Balancer fronting 2 EC2 Instances.
Which section of the template should you edit so that the DNS of the load balancer is returned upon creation of the stack?

A. Parameters
B. Outputs
C. Mappings
D. Resources

Which system is used by Amazon Machine Images paravirtual (PV) virtualization during the boot process?

A. PV-BOOT
B. PV-AMI
C. PV-WORM
D. PV-GRUB