Section 18: AWS Monitoring and Audit Flashcards Preview

AWS Associate Developer Exam > Section 18: AWS Monitoring and Audit > Flashcards

Flashcards in Section 18: AWS Monitoring and Audit Deck (8)
Loading flashcards...
1
Q
We'd like to have CloudWatch Metrics for EC2 at a 1 minute rate. What should we do?
A) Enable Custom Metrics
B) enable High Resolution
C) Enable Basic Monitoring
D) Enable Detailed Monitoring
A

D) Enable Detailed Monitoring

This is a paid offering and gives you EC2 metrics at a 1 minute rate

2
Q
High Resolution Custom Metrics can have a minimum resolution of
A) 1 second
B) 10 seconds
C) 30 seconds
D) 1 minute
A

A) 1 second

3
Q

Your CloudWatch alarm is triggered and controls an ASG. The alarm should trigger 1 instance being deleted from your ASG, but your ASG has already 2 instances running and the minimum capacity is 2. What will happen?
A) One instance will be deleted and the ASG capacity and minimum will go to 1
B) The alarm will remain in “ALARM” state but never decrease the number of instances in my ASG
C) The alarm will detach from my ASG
D) The alarm will go in the OK state

A

B) The alarm will remain in “ALARM” state but never decrease the number of instances in my ASG

The number of instances in an ASG cannot go below the minimum, even if the alarm would in theory trigger an instance termination

4
Q
An Alarm on a High-Resolution Metric can be triggered as often as
A) 1 second
B) 10 seconds
C) 30 Seconds
D) 1 minute
A

B) 10 seconds

5
Q

You have made a configuration change and would like to evaluate the impact of it on the performance of your application. Which service do you use?
A) CloudWatch
B) CloudTrail

A

A) CloudWatch

CloudWatch is used to monitor the applications performance / metrics

6
Q
Someone has terminated an EC2 instance in your account last week, which was hosting a critical database. You would like to understand who did it and when, how can you achieve that?
A) Look at the CloudWatch Metrics
B) Look at the CloudWatch Alarms
C) Look at the CloudWatch Events
D) Look at CloudTrail
A

D) Look at CloudTrail

CloudTrail helps audit the API calls made within your account, so the database deletion API call will appear here (regardless if made from the console, the CLI, or an SDK)

7
Q
You would like to ensure that over time, none of your EC2 instances expose the port 84 as it is known to have vulnerabilities with the OS you are using. What can you do to monitor this?
A) Setup CloudWatch Metrics
B) Setup CloudTrail trails
C) Setup Config Rules
D) Create an AWS Lambda cron job
A

C) Setup Config Rules

8
Q

You would like to evaluate the compliance of your resource’s configurations over time. Which technology do you choose?
A) CloudWatch
B) CloudTrail
D) Config

A

D) Config