Review Questions
The following questions are designed to test your understanding of this chapter’s material. For more information on how to obtain additional questions, please see this book’s introduction.
- Your development team is troubleshooting performance issues with a new distributed Docker architecture that processes product returns from your company’s e-commerce site. There are many different microservices with dependencies on each other. They cannot locate the source of the performance bottleneck and ask you to see if the delays could be network related. What AWS service would you recommend they deploy to give visibility into the application flow?
- CloudTrail
- Flow Logs
- Config
- X-Ray
- As a newly hired networking engineer, you are being tasked to document the company’s AWS deployment and record its normal operational state. What would you create to understand normal and abnormal operations?
- Flow Logs
- Baseline
- Reachability Analyzer
- CloudTrail logs
- Your company’s AWS Cloud development team members are asking for advice in analyzing the interactions between their highly distributed application migration that uses the AWS Elastic Container Service. They want insights into detecting anomalies and why it was triggering with their instrumentation. What service would you suggest they implement to meet this requirement?
- Step Functions
- X-Ray Insights
- Identity and Access Manager
- X-Ray
- You want to create an accurate assessment that you can use to predict issues before they become critical and take preemptive steps to address the out-of-range metrics. What would this be called?
- AWS Cloud Map
- Baseline
- X-Ray
- Route 53
- What metric service allows you to visualize live data of your network and share your visualizations with outside entities even if they do not have an account with AWS or are not part of your organization?
- AppFlow
- EventBridge
- CloudWatch dashboards
- Cloud Search
- Your DevSec developers have installed the X-Ray SDK on 25 macOS servers and have come to you to explain how to export the application metrics collected to the central repository. What is the next step after installing the macOS X-Ray SDK? (Select two.)
- Edit the export.conf file with the CloudWatch destination on each server
- Configure the SDK to export to a collector
- Create a Docker sidecar and edit the SDK config files to export ECS
- The SDK will automatically export all API calls to CloudTrail
- Your team has been tasked with reducing the time it takes to create new Fargate containers when the connection count reaches 130 web users. You have configured alarms to trigger adding more containers based on metric reporting. However, the e-commerce team is still complaining about containers being slow to deploy. What can you recommend to increase Fargate performance when creating new containers?
- Use standard monitoring metric reporting
- Change the monitoring type to detailed monitoring
- Configure Fargate service quota
- Enable detailed logging in the Apache web server and export the metrics to an X-Ray collector
- You have several Windows CRM servers in a collocated data center as part of your hybrid architecture. You are investigating a solution to consolidate monitoring and management into AWS. What needs to be done at the collocated data center to integrate network monitoring with AWS?
- Install AWS Inspector on the remote servers
- Enable custom detailed metrics on the CRM servers
- Install the CloudWatch agent on the CRM servers
- X-Ray Insights at the Colo gateway
- As a senior network engineer for your company, you are investigating how to consolidate global network management monitoring and alerting and are looking for a multivendor integration with a graphical dashboard, utilization metrics, including packets and bytes sent and received, packet drops, changes in the network topology including routing and up/down connection events, and alerts generated. What AWS service would you evaluate that meets your design requirements?
- Global Accelerator manager
- Transit Gateway Manager
- CloudWatch for SD-WAN
- Direct Connect
- What AWS service is used to collect values over time and display them along a graphical timeline and can be used for trend analysis and alerting?
- AppFlow
- EventBridge
- CloudWatch
- CloudSearch
- You are assisting your software development team to maximize application performance by measuring delays on microservices between Docker containers running in the us-west-2 region. What would you install to accomplish this objective?
- X-Ray traces
- VPC Reachability Analyzer
- Inspector
- CloudWatch
- What service would you use to see who made changes to your VPC configurations?
- CloudMon
- CloudWatch
- CloudTrail
- CloudTrace
- You have been asked to provide analysis on ingress firewall flow acceptance. What AWS tool automates this testing and generates findings reports?
- Flow logging
- CloudTrail
- Inspector
- X-Ray
- You have a requirement to create a dashboard that shows network utilization, packet drops, and topology changes. What service would provide this data in a graphical format?
- Global Accelerator manager
- Transit Gateway Manager
- CloudWatch for SD-WAN
- Direct Connect
- Your team received a support case about a three-tier web stack having issues connecting to the backend SQL servers from the web application servers. What is a good tool to use to begin your troubleshooting?
- CloudFront logs
- VPC Reachability Analyzer
- CloudTrail
- Metric Insights
- You need to implement an AWS managed service that performs security and vulnerability analysis and assessments for EC2 and ECR container instances, applications, network accessibility, and how security is configured for the applications on the instances. What’s the recommended AWS managed service that can accomplish this requirement?
- Inspector
- Macie
- Control Tower
- X-Ray
- The server administration team is troubleshooting a DHCP lease issue inside of the Ireland region. You have enabled flow logging in the VPC and exported the logs to an S3 bucket you created. However, after a testing session with the server admins, you look in the bucket and cannot find any data. What is the cause of this?
- There is a missing IAM role
- Kinesis Firehose does not support Flow Log streams
- DHCP data is excluded from Flow Logs
- The DHCP server is local to the availability zone, so Flow Logs would not capture the data
- You are investigating a way to implement a change management tracking tool that limits your developers to creating only 45 EC2 instances per region. What service should you deploy?
- Config
- X-Ray
- CloudWatch
- Inspector
- You are investigating deploying an AWS managed service that can scan and track vulnerabilities in your fleet of EC2 web servers. What service would meet this use case?
- X-Ray Insights
- Inspector
- CloudWatch
- Metric Insights
- What AWS managed service can you use to generate a report of all changes made to your t2.medium instances over the past 2 years?
- Redshift
- Config query engine
- EC2 analytics
- CloudTrail