Amazon Web Services (AWS) - Set #6

Powered by Techhyme.com

You have a total of 130 minutes to finish the practice test of AWS Certified SysOps Administrator to test your knowledge.

1. Your application has been having some availability issues lately due to server issues on the backend. You want to ensure that when an instance becomes unhealthy, there is an automated response that ensures your users are only routed to healthy instances. Which service could provide this ability?
  • A. Auto Scaling groups
  • B. Elastic Load Balancer
  • C. Launch configuration
  • D. Amazon CloudWatch
Answer - B
Explanation - An Elastic Load Balancer will stop sending traffic to an unhealthy Amazon EC2 instance. Auto Scaling groups are a way to ensure that you can self-heal should an issue occur, but they do not stop routing traffic to affected instances. A launch configuration isn’t a service; it is how you configure an Auto Scaling group. Amazon CloudWatch can be used to alarm on unhealthy instances but doesn’t actually perform remediation directly.
2. You have noticed that when your elastic load balancer removes an unhealthy instance, customers call in and complain, stating that they had to repeat their actions. This is negatively impacting sales. What is the best way to manage this?
  • A. Make the application stateless.
  • B. Enable sticky sessions on the load balancer.
  • C. Use Route 53 to handle the routing instead.
  • D. Reboot unhealthy instances.
Answer - A
Explanation - When you make the application stateless (i.e., using Amazon DynamoDB or Amazon Elasticache to track session state), your customers will not be impacted if your elastic load balancer stops routing traffic to an unhealthy instance. Enabling sticky sessions ensures that a customer stays with the instance they were connected with. This would not improve customer experience. While Route 53 does provide health checks, it would not solve the issue of the customer sessions being dropped when an instance became unhealthy. Rebooting an unhealthy instance may make it healthy again but will still impact customer experience.
3. There are two services that make it simple to convert an application to stateless because they can be used to track session state. Which AWS services can be used in this way? (Choose two.)
  • A. DynamoDB
  • B. Amazon RDS
  • C. Elasticache
  • D. Amazon Redshift
Answer - A, C
Explanation - DynamoDB and Elasticache are perfect solutions for tracking user state. Amazon RDS would not be a good solution for tracking session state, and Redshift is a data warehousing solution.
4. You need to be able to store data in multiple regions. You like that S3 makes it easy to encrypt and apply lifecycles. Will S3 be able to store data across multiple regions?
  • A. Yes, but only regions on the same continent.
  • B. No, S3 can’t replicate data across regions.
  • C. Yes, S3 natively replicates data across regions.
  • D. Yes, cross-region replication.
Answer - D
Explanation - S3 will be able to meet your needs. You can enable cross-region replication on any bucket that you want to have replicate to another region for high availability.
5. You currently have one customer gateway set up attached to a virtual private gateway in AWS. You are concerned that the connection is not highly available. How would you ensure that your connection into AWS is highly available?
  • A. Create another virtual private gateway and another customer gateway.
  • B. Create another customer gateway and enable dynamic routing.
  • C. Create another virtual private gateway and enable dynamic routing.
  • D. You can’t make a VPN connection highly available in AWS.
Answer - B
Explanation - Since the virtual private gateway is already highly available and supports two VPN endpoints, it makessense to create another customer gateway and to enable dynamic routing.
6. You want to use Amazon SQS to send messages for your application as you want to take advantage of the queuing functionality. The messages on average are 512 KB. Is Amazon SQS a good fit?
  • A. Yes, it can handle messages up to 1 MB.
  • B. Yes, it can handle messages up to 512 KB.
  • C. No, it can’t handle messages over 256 KB.
  • D. Yes, it can handle messages up to 256 MB.
Answer - C
Explanation - Since Amazon SQS can handle a maximum message size of 256 KB, it would not be a good solution in this case.
7. You want to use Amazon SQS to send messages for your application as you want to take advantage of the queuing functionality. The messages on average are 64 KB. Is Amazon SQS a good fit?
  • A. Yes, it can handle messages up to 1 MB.
  • B. Yes, it can handle messages up to 512 KB.
  • C. No, it can’t handle messages under 256 KB.
  • D. Yes, it can handle messages up to 256 KB.
Answer - D
Explanation - Since Amazon SQS can handle a maximum message size of 256 KB, it would be a good solution in this case.
8. You want to use Amazon SNS to send messages to your users when there is an issue with one of your Amazon EC2 instances. How big can the message be and still successfully be processed through SNS?
  • A. 512 KB
  • B. 256 KB
  • C. 512 MB
  • D. 256 MB
Answer - B
Explanation - Amazon SNS can handle messages up to 256 KB in size.
9. You want to ensure that customers are directed to the web server that has the least amount of latency for them. What is the best solution for this use case?
  • A. Elastic Load Balancing
  • B. Latency-based routing with Route 53
  • C. Geolocation routing with Route 53
  • D. Failover routing with Route 53
Answer - B
Explanation - By using latency-based routing on Route 53, you can ensure that your customers will be connected to the lowest-latency datacenter. Elastic Load Balancing won’t route based on latency. Geolocation routing will match your users with the datacenter closest to them; however, that may not be the datacenter offering the lowest latency. Failover routing doesn’t examine latency; it only offers health checks. When the primary system fails a health check, Route 53 routes traffic to the secondary system.
10. You want to ensure that customers are directed to the web server that is closest to them in terms of location. What is the best solution for this use case?
  • A. Elastic load balancing
  • B. Latency-based routing with Route 53
  • C. Geolocation routing with Route 53
  • D. Failover routing with Route 53
Answer - C
Explanation - Geolocation routing will match your users with the datacenter closest to them. Elastic load balancer won’t route based on location. Latency-based routing allows you to ensure that your customers will be connected to the lowest-latency datacenter. Failover routing doesn’t examine location; it only offers health checks. When the primary system fails a health check, Route 53 routes traffic to the secondary system.
11. You want to ensure that customers are always directed to a healthy system. You have two systems that you want to configure as a primary and a secondary. What is the best solution for this use case?
  • A. Elastic load balancing
  • B. Latency-based routing with Route 53
  • C. Geolocation routing with Route 53
  • D. Failover routing with Route 53
Answer - D
Explanation - Failover routing with Route 53 offers health checks. When the primary system fails a health check, Route 53 routes traffic to the secondary system. Elastic load balancer can do health checks; however, it is not the best choice given the desire to have a primary and a secondary system. Latency-based routing allows you to ensure that your customers will be connected to the lowest-latency datacenter but is not concerned with having a primary and a secondary system. Geolocation routing will match your users with the datacenter closest to them but is not concerned with having a primary and a secondary system.
12. You need to point Route 53 to one of your elastic load balancers. What type of DNS record should you choose?
  • A. A record
  • B. CNAME record
  • C. SRV record
  • D. Alias record
Answer - D
Explanation - An alias record can be used to point to an elastic load balancer rather than using an IP address or a domain name. A records and CNAME records are concerned with IP addresses and domain names, and SRV records tell systems where services are available.
13. Which two engines are available if you choose Elasticache to manage session state when decoupling your applications? (Choose two.)
  • A. NoSQL
  • B. RDS
  • C. Memcached
  • D. Redis
Answer - C, D
Explanation - You can choose from either Memcached or Redis for the engine when setting up Elasticache. NoSQL is a type of database, not an engine, and RDS is a relational database service offered by AWS.
14. You want to decouple your application to make it more highly available. As part of this work, you want to manage session state separately from the web servers and the load balancers. You need the solution to be highly available and able to heal itself. What is the best option?
  • A. Amazon RDS
  • B. Amazon Redshift
  • C. Amazon Elasticache
  • D. PostgreSQL
Answer - C
Explanation - Amazon Elasticache is a highly available service and can self-heal. When it detects a node that has failed, it will automatically replace that node. Amazon RDS is Amazon’s managed relational database offering. Redshift is a data warehousing solution, and PostgreSQL is a relational database. Of these options, only Elasticache will work well for managing session state.
15. You have some code that needs to run when a certain event happens. This has historically been hosted on a single server, and recently the server went down. You have been asked to choose the most cost-effective option to make this highly available. What should you choose?
  • A. Put the code into AWS Lambda.
  • B. Build another Amazon EC2 instance.
  • C. Use Elastic Beanstalk to deploy another EC2 instance.
  • D. Create an elastic load balancer.
Answer - A
Explanation - AWS Lambda is highly available and is the most cost-effective solution as you only get charged when the code is executed. While building another EC2 instance could make it highly available, it is not the most costeffective option. Elastic Beanstalk is highly available; however, you are still paying for an additional Amazon EC2 instance, which is not the most cost-effective option. An elastic load balancer could potentially make this more highly available, but you would still need to build another Amazon EC2 instance.
16. You have a Lambda function in the us-east-1 region and you want to also use the function in the us-east-2 region. Can you use the same function or would you need to re-create it?
  • A. Yes, you can use the same function.
  • B. Yes, but you will need to share the function.
  • C. No, you will need to create the function in the other region.
  • D. No, you can’t use the same function.
Answer - C
Explanation - You can’t use the same function because AWS Lambda is based on region. You can, however, copy the function to the other region.
17. You have found that you have an AWS Lambda function that occasionally hangs and runs for a very long time. As you are charged for the compute the function takes up, what is the best solution to ensure that the function does not run indefinitely?
  • A. Set a lockout value.
  • B. Set a timeout value.
  • C. Create a CloudWatch monitor.
  • D. Manually stop the function.
Answer - B
Explanation - You can set the timeout value to something reasonable for your code to execute, such as, for instance, 5 minutes (300 seconds). This way the function will be terminated after 5 minutes. There is no such thing as a lockout value. Creating a CloudWatch monitor wouldn’t solve the issue at hand. Manually stopping the function would work, but it is not very efficient, and chances are the function would run for longer than necessary.
18. You are building out your new infrastructure in AWS. You have already created your VPC and need to create subnets to support a three-tier application model. You want to ensure that subnets are built with high availability in mind. How should you accomplish this? (Choose two.)
  • A. Have at least two subnets for each tier.
  • B. Have one subnet for each tier.
  • C. Allow AWS to choose the availability zone.
  • D. Choose different availability zones for each subnet.
Answer - A, D
Explanation - The best way to build in high availability to your network is to ensure that there are at least two subnets for each tier and choose different availability zones for each subnet.
19. You need a highly available method for systems in one of your subnets to reach the Internet. They should also be accessible from the Internet. Which AWS component would meet this requirement?
  • A. VPN gateway
  • B. NAT gateway
  • C. NAT instance
  • D. Internet gateway
Answer - D
Explanation - An Internet gateway when attached to a subnet allows inbound/outbound traffic and is a highly available service. A VPN gateway wouldn’t allow for direct traffic to and from the Internet. A NAT gateway or NAT instance would allow outbound traffic but not inbound traffic.
20. You need to ensure that your Amazon EC2 instances can reach out to the Internet for patches but you don’t want to allow inbound traffic. How can you meet this need while maintaining high availability?
  • A. Create a NAT instance in two availability zones.
  • B. Create a NAT gateway in two availability zones.
  • C. Create two customer gateways and one virtual private gateway.
  • D. Create one customer gateway and two virtual private gateways.
Answer - B
Explanation - The best solution is to create a NAT gateway in two availability zones as the NAT gateway is naturally highly available. If you use a NAT instance, you are still introducing a point of failure because the instance is not natively highly available. You would not use a customer gateway or virtual private gateway for this as they do not provide a direct connection out to the Internet.
21. You notice that your web application is not available. When you check to see what is going on, you notice that the elastic load balancer that was servicing traffic has been deleted. How can you find out who deleted it?
  • A. AWS Systems Manager
  • B. Amazon CloudWatch
  • C. AWS CloudTrail
  • D. VPC Flow Logs
Answer - C
Explanation - AWS CloudTrail provides an audit trail for every API call. This includes the deletion of the elastic load balancer as well as who deleted it. SSM, Amazon CloudWatch, and VPC flow logs won’t give you the information you are looking for.
22. You notice that your web application is not available. When you check to see what is going on, you notice that the elastic load balancer that was servicing traffic has been deleted. What can you do to prevent this from happening again?
  • A. Choose an application load balancer and enable deletion protection.
  • B. Choose a classic load balancer and enable deletion protection.
  • C. Lock down access with IAM.
  • D. Turn on MFA Delete.
Answer - A
Explanation - Choose to rebuild with an application load balancer and enable deletion protection. Deletion protection is not available on classic load balancers. Access control through IAM is important, though the ability to delete load balancers should be pretty restricted already. MFA Delete is a function available in S3 but not elastic load balancers.
23. You need a load balancer that can route based on the content of the request that is being made as your web servers house several different services. What kind of load balancer do you need?
  • A. Classic Load Balancer
  • B. Application Load Balancer
  • C. Network Load Balancer
  • D. There isn’t a load balancer that supports this use case.
Answer - B
Explanation - Application Load Balancers can support contentbased routing, which routes based on the content in the request. Classic Load Balancers and Network Load Balancers do not have this capability.
24. You are using an application load balancer and you want to route traffic for multiple domains. What type of routing should you set up that will allow the load balancer to do what you need?
  • A. Content-based routing
  • B. Path-based routing
  • C. Host-based routing
  • D. There is no way to accomplish this type of routing.
Answer - C
Explanation - Host-based routing will allow you to route traffic based in the domain name in the request. Contentbased routing routes traffic based on the content of the request. Path-based routing will route traffic based on the URL path that is in the HTTP header.
25. You have multiple services running behind an application load balancer. You need the load balancer to route to different servers based on the URL in the HTTP request. What type of routing should you use?
  • A. Content-based routing
  • B. Path-based routing
  • C. Host-based routing
  • D. There is no way to accomplish this type of routing.
Answer - B
Explanation - Path-based routing will route traffic based on the URL path that is in the HTTP header. Host-based routing will allow you to route traffic based in the domain name in the request. Content-based routing routes traffic based on the content of the request.
26. Your web application is written in HTTP/2. You need to put it behind an elastic load balancer. What type of load balancer should you use?
  • A. Network load balancer
  • B. Classic load balancer
  • C. Application load balancer
  • D. There are no load balancers that support this use case.
Answer - C
Explanation - Of the options here, the only one that supports HTTP/2 is the application load balancer.
27. You have your website hosted in S3 because of the high availability inherent to S3. You would like to use a highly available service to cache content so that end user experience is improved. Which service would be the best fit for this use case?
  • A. AWS CloudTrail
  • B. Amazon CloudFront
  • C. Amazon CloudWatch
  • D. There isn’t a service that would work for this use case.
Answer - B
Explanation - Amazon CloudFront is the service that caches content so that it is more readily available to customers. With S3 as the origin server, your site is highly available all the way through. AWS CloudTrail and Amazon CloudWatch have nothing to do with caching; they audit API calls and monitor your environment respectively.
28. You need to throttle the number of API requests being made against your systems as they are being overwhelmed. Which highly available service is a good fit for this?
  • A. Amazon API Gateway
  • B. AWS Lambda
  • C. AWS CodePipeline
  • D. AWS CodeDeploy
Answer - A
Explanation - The Amazon API Gateway is a highly available service that is capable of throttling incoming API requests. Neither Lambda, CodePipeline, nor CodeDeploy is designed to throttle incoming requests.
29. You have an API made available through the Amazon API Gateway. There was a new release last night and you want to ensure that the new version of the API has not caused any issues with the availability to call and consume the API. How would you check to see the error rates for the API? (Choose two.)
  • A. AWS CloudTrail
  • B. Amazon CloudWatch
  • C. Amazon API Gateway Console
  • D. You can’t monitor error rates.
Answer - B, C
Explanation - You can monitor for error rates with Amazon CloudWatch or the Amazon API Gateway Console. AWS CloudTrail is tempting since we think of it in terms of APIs; however, we are monitoring for error rates not auditing who called what.
30. You have a simple web application and you want a simple load balancing solution that operates at layer 4. Which is the best load balancer to use?
  • A. Application load balancer
  • B. Classic load balancer
  • C. Network load balancer
  • D. There is no layer 4 load balancer.
Answer - C
Explanation - The network load balancer operates at layer 4 of the OSI model.
31. You want to use a network load balancer as you are only concerned with layer 4 traffic. You do, however, need to be able to use SNI as you are trying to make several domains highly available with the load balancer. Will you be able to use a network load balancer to make these web applications highly available?
  • A. Yes, network load balancers support SNI.
  • B. Yes, but you will need to enable SNI on the load balancer.
  • C. Yes, but only if your web servers are using Windows AMIs.
  • D. No, network load balancers do not support SNI.
Answer - D
Explanation - Network load balancers in AWS don’t support Server Name Indication (SNI).
32. You have been asked to automate the deployment of web servers in your organization to meet demand when the load increases on your existing systems. Which service would meet this need?
  • A. AWS CloudFormation
  • B. Auto Scaling groups
  • C. User data field
  • D. Amazon CloudWatch
Answer - B
Explanation - Auto Scaling groups will increase or decrease your instances and can be based on demand. AWS CloudFormation is not tied to demand and can be used to create whole environments, not just instances. The user data field can be used in conjunction with Auto Scaling groups to configure your EC2 instances but isn’t actually the process by which you scale. Amazon CloudWatch can trigger scaling events but is not what actually scales your instances either.
33. You have been asked to automate the deployment of web servers in your organization to meet demand when the load increases on your existing systems. You need to ensure that each of the EC2 instances is configured the same way each time. How would you accomplish this requirement?
  • A. AWS CloudFormation
  • B. Auto Scaling groups
  • C. User data field
  • D. Amazon CloudWatch
Answer - C
Explanation - The user data field can be used in conjunction with Auto Scaling groups to configure your EC2 instances. Auto Scaling groups will increase or decrease your instances and can be based on demand, but they don’t handle the configuration as far as the internals of the EC2 instances. AWS CloudFormation is not tied to demand and can be used to create whole environments, not just instances, though you can use user data in a CloudFormation template. Amazon CloudWatch can trigger scaling events but does not configure instances.
34. You have been asked to automate the deployment of web servers in your organization along with all of the components needed to support the web application. They must be configured identically every time. How would you accomplish this requirement?
  • A. AWS CloudFormation
  • B. Auto Scaling groups
  • C. User data field
  • D. Amazon CloudWatch
Answer - A
Explanation - AWS CloudFormation is the best solution for this requirement. You can create a CloudFormation template that can deploy the web servers along with all of their dependencies, exactly the same every time. Auto Scaling groups are not used for deploying resources; rather, they are used to scale to meet demand. The user data field can be used to configure EC2 instances when they are provisioned but does not do anything as far as dependencies outside of the instance. Amazon CloudWatch is a monitoring tool and does not perform deployments.
35. Which formats are supported for use with CloudFormation templates? (Choose two.)
  • A. JSON
  • B. JavaScript
  • C. YAML
  • D. Text
Answer - A, C
Explanation - CloudFormation templates can be written in JSON or YAML.
36. Why might you use a template parameter in a CloudFormation template?
  • A. Specify passwords at creation time.
  • B. Specify instance type and size at creation time.
  • C. Specify IAM roles needed at creation time.
  • D. You can’t use a parameter in a CloudFormation template.
Answer - B
Explanation - One of the most common use cases for a template parameter in CloudFormation is to specify the instance type and size at the time of creation. Passwords should not be stored in plaintext in configuration files and/or templates. IAM roles will most likely be static, so there is no reason to parameterize them.
37. You are trying to use a CloudFormation template, but it keeps rolling back and deleting all of the resources it created. This template has worked for you in the past, and no changes have been made to the template or AMIs in your account. Why might this occur?
  • A. The template is trying to use an AMI that is not available in your region.
  • B. The template contains incorrect syntax.
  • C. You don’t have permissions to use the AMI in question.
  • D. You have exceeded the default number of elastic IP addresses available to you.
Answer - D
Explanation - If CloudFormation is unable to successfully create your stack, it will roll back everything that it did create. This may happen because you were out of elastic IP addresses so it could not issue one. Since the template has worked in the past and there have been no changes, the AMI should still be correct. The template has not been changed and has worked previously, so it is unlikely that the syntax is incorrect. Since you have been able to use the AMI in the past, it is unlikely that your permissions are incorrect.
38. You are using a CloudFormation template to build out your development environment. You need to ensure that your web servers do not get created until after your application servers are up. You also need to ensure that your application servers aren’t created until your RDS databases are provisioned. What can you use in the CloudFormation template to guarantee that resources will be provisioned properly?
  • A. DelayCondition
  • B. WaitCondition
  • C. SyncCondition
  • D. There is no mechanism to ensure resources are created in the right order.
Answer - B
Explanation - WaitCondition can be used to block other resources from being created until the resources they depend on are operational. DelayCondition and SyncCondition don’t exist.
39. You have 200 stacks created using CloudFormation. You are asked to create a new stack from a template that has been used successfully in the past but it is failing. Why is that?
  • A. The template has problems and that is why it is failing.
  • B. 200 is an account limit; you can’t go past it.
  • C. 200 is an account limit; however. you can request a higher limit.
  • D. You don’t have permissions to create stacks.
Answer - C
Explanation - You can have 200 stacks in any account. To go over 200, you must request a higher limit for your account with AWS. While the template certainly could have problems, the most likely issue is that you have reached the account limit of 200 stacks. While permissions could certainly be an issue, the account limit for stacks has been reached, so nobody can create stacks at the moment.
40. Your boss has asked you how many templates you can have in AWS CloudFormation. What should you tell your boss?
  • A. 100 templates
  • B. 250 templates
  • C. 500 templates
  • D. Unlimited templates
Answer - D
Explanation - While you are limited in number of stacks, there is no limitation in the number of templates.
41. Describe the relationship between templates and stacks?
  • A. Templates are instances of stacks.
  • B. Stacks are instances of templates.
  • C. Templates and stacks are the same thing.
  • D. There is no relationship between the two.
Answer - B
Explanation - A stack is an instance of a template. You can create multiple stacks from a single template.
42. The EC2 instances created in one of your CloudFormation stacks is running out of disk space. You have updated the template for future deployments but would like to fix the issue manually on the existing systems. How would you do that?
  • A. Increase the size of the disk the way you normally would.
  • B. You must use the CloudFormation API to adjust the size of a resource created in a stack.
  • C. You must redeploy the stack from the updated template to get the larger disk size.
  • D. You shouldn’t use disks; you should use S3 for storage instead.
Answer - A
Explanation - EC2 instances created by CloudFormation are just like regular EC2 instances. You can increase the disk space as you normally would. The CloudFormation API could be used to adjust the template but is not an appropriate choice to adjust the EC2 instance already in existence. You do not need to redeploy the stack from the updated template. There is no issue with using disks…S3 storage could be used but doesn’t really address the question.
43. The EC2 instances created in one of your CloudFormation stacks is running out of disk space. You have updated the template for future deployments but would like to fix the issue automatically on the existing systems. How would you do that?
  • A. Increase the size of the disk the way you normally would.
  • B. Use a change set to model and execute the changes.
  • C. You must redeploy the stack from the updated template to get the larger disk size.
  • D. You shouldn’t use disks; you should use S3 for storage instead.
Answer - B
Explanation - To automatically update the EC2 instances in the stack, you can use a change set to model the change and then execute it. EC2 instances created by CloudFormation are just like regular EC2 instances; you can increase the disk space as you normally would, but this is a manual process. You do not need to redeploy the stack from the updated template. There is no issue with using disks…S3 storage could be used but doesn’t really address the question.
44. When creating a template using JSON in CloudFormation, which template section is required?
  • A. Parameters
  • B. Mappings
  • C. Format Version
  • D. Resources
Answer - D
Explanation - In CloudFormation templates, the only required section is the Resources section.
45. When creating a template using YAML in CloudFormation, which template section is required?
  • A. Conditions
  • B. Resources
  • C. Format Version
  • D. Metadata
Answer - B
Explanation - In CloudFormation templates, the only required section is the Resources section.
46. You have just been hired to be a system administrator at your organization. When you try to create a stack in CloudFormation, you receive a message saying that you don’t have the appropriate permissions. What is the likely cause?
  • A. You don’t have permissions to create stacks in CloudFormation, and your permissions will need to be fixed to continue.
  • B. You are trying to create the stack in the wrong region, and your permissions will need to be fixed to continue.
  • C. You don’t have permissions to create the underlying resources, and your permissions will need to be fixed to continue.
  • D. You need to log in as the root account to create stacks, so you will need access to the username and password.
Answer - C
Explanation - Since you are a new system administrator, the most likely cause is that you don’t have permissions to create the underlying resources, and your permissions will need to be fixed to continue. Your administrative credentials would be set in IAM, which is a global service, so being in the wrong region would not cause a permissions issue. The root account should never be used for day-to-day activities.
47. You are a new system administrator and would like a way to visualize your CloudFormation template while you build it out. What is the best way to visualize the template and gain the ability to save your template or create a stack from the same location?
  • A. Visio and AWS Management Console
  • B. Omnigraffle and AWS Management Console
  • C. You can’t do all of this from one location.
  • D. AWS CloudFormation Designer
Answer - D
Explanation - CloudFormation Designer gives you a drag-and drop environment where you can work on your templates and save and/or create stacks from them. While you could certainly use Visio or Omnigraffle to visualize how the template will work, it is not integrated with CloudFormation or the build of the template. Additionally, the answer on an AWS exam will never be a non-AWS product.
48. What is the purpose of the template in CloudFormation?
  • A. To define your resources and their settings
  • B. To define how resources should connect to services outside of the stack
  • C. To define how resources should connect to services inside of the stack
  • D. A template is an instance of a stack.
Answer - A
Explanation - CloudFormation templates are used to define the resources that you need and what their settings will be. Stacks are instances of a template, not the other way around.
49. What is the best description of a stack in CloudFormation?
  • A. A logical grouping of resources that have the same metadata
  • B. A logical grouping of resources that can be managed together as a single entity
  • C. A logical grouping of resources that operate on the same subnet
  • D. A logical grouping of resources that can be managed together as separate entities
Answer - B
Explanation - A CloudFormation stack is a logical grouping of resources that can be managed together as a single entity. The resources in a stack may or may not have the same metadata, and they certainly don’t have to exist on the same subnet.
50. To create a stack using the AWS CLI, what would you use?
  • A. aws ec2 create-stack
  • B. aws cloudformation update-stack
  • C. aws cloudformation stack-create
  • D. aws cloudformation create-stack
Answer - D
Explanation - The correct command in the CLI to create a stack would be aws cloudformation create-stack.