Challenge - 5 Problems

🎖️

EC2 Launch Master

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ service_behavior

intermediate

2:00remaining

What happens when you launch an EC2 instance without specifying a security group?

You launch an EC2 instance but do not specify any security group. What is the default behavior regarding network access?

AThe instance is launched with the default security group of the VPC, allowing inbound traffic only from other instances in the same group.

BThe instance is launched with no security group, so all inbound and outbound traffic is blocked.

CThe instance is launched with a security group that allows all inbound and outbound traffic.

DThe instance launch fails because a security group must be specified.

Attempts:

2 left

❓ Configuration

intermediate

2:00remaining

Which option correctly specifies a user data script to install Apache on an EC2 instance at launch?

You want to launch an EC2 instance and automatically install Apache web server using user data. Which user data script is correctly formatted for Amazon Linux 2?

sudo yum update -y
sudo yum install httpd -y
sudo systemctl start httpd
sudo systemctl enable httpd

#!/bin/bash
sudo yum update -y
sudo yum install httpd -y
sudo systemctl start httpd
sudo systemctl enable httpd

#!/bin/sh
sudo apt-get update
sudo apt-get install apache2 -y
sudo systemctl start apache2
sudo systemctl enable apache2

#!/bin/bash
sudo yum update
sudo yum install httpd
sudo service httpd start
sudo chkconfig httpd on

Attempts:

2 left

❓ Architecture

advanced

2:00remaining

You want to launch an EC2 instance that is accessible only from your office IP and can access the internet for updates. Which architecture setup is correct?

Choose the correct architecture to meet these requirements:

EC2 instance accessible only from your office IP address.
Instance can access the internet to download updates.
Instance is in a private subnet.

APlace the instance in a private subnet with a NAT Gateway configured in a public subnet. Configure the security group to allow inbound traffic only from your office IP.

BPlace the instance in a public subnet with an internet gateway. Configure the security group to allow inbound traffic only from your office IP.

CPlace the instance in a private subnet with no NAT Gateway. Configure the security group to allow inbound traffic only from your office IP.

DPlace the instance in a public subnet with a NAT Gateway. Configure the security group to allow inbound traffic from anywhere.

Attempts:

2 left

❓ security

advanced

2:00remaining

What is the effect of launching an EC2 instance with an IAM role that has S3 read-only permissions?

You launch an EC2 instance and assign it an IAM role with permissions to read objects from S3 buckets. What is the expected behavior?

AThe EC2 instance cannot access S3 buckets unless AWS credentials are manually configured on the instance.

BThe EC2 instance can write to S3 buckets but cannot read objects.

CThe EC2 instance can access and read objects from S3 buckets allowed by the IAM role without needing AWS credentials on the instance.

DThe EC2 instance can access S3 buckets only if the security group allows outbound HTTP traffic.

Attempts:

2 left

✅ Best Practice

expert

2:00remaining

Which approach best ensures high availability for a web application running on EC2 instances?

You want to deploy a web application on EC2 instances with high availability and fault tolerance. Which setup follows AWS best practices?

ADeploy EC2 instances in multiple regions without a load balancer and manually distribute traffic.

BDeploy a single large EC2 instance in one Availability Zone with Elastic IP for static access.

CDeploy multiple EC2 instances in a single Availability Zone behind a Network Load Balancer without Auto Scaling.

DDeploy multiple EC2 instances across multiple Availability Zones behind an Elastic Load Balancer with Auto Scaling configured.

Attempts:

2 left