Storage Services

Storage Services Quiz

Quiz

Question 1 of 31 (0 answered)

Question 1

Which storage service should you choose if you need a boot volume for an EC2 instance?

Amazon EBS Amazon EFS Amazon S3 Amazon Glacier

✓

Correct!

Amazon EBS (Elastic Block Store) is designed for block storage and is the appropriate choice for EC2 boot volumes. EBS volumes behave like raw, unformatted block devices that can be formatted with a file system.

✗

Incorrect

Think about which service provides block-level storage that can be attached to a single EC2 instance.

Question 2

Which of the following are characteristics of EBS gp3 volumes?

Baseline performance of 3,000 IOPS Can be configured up to 16,000 IOPS Throughput of 125 MB/s baseline Lower cost than gp2 Maximum size of 64 TiB

✓

Correct!

EBS gp3 volumes offer baseline performance of 3,000 IOPS and 125 MB/s throughput, can be configured up to 16,000 IOPS and 1,000 MB/s, have lower cost than gp2, and support sizes from 1 GiB to 16 TiB (not 64 TiB).

✗

Incorrect

Review the gp3 specifications in the EBS Volume Types section.

Question 3

EBS snapshots are full backups of the entire EBS volume every time a snapshot is created.

True False

✓

Correct!

EBS snapshots are incremental backups. Only the first snapshot is a full backup; subsequent snapshots only store the changes (blocks that have been modified) since the previous snapshot, making them space-efficient.

✗

Incorrect

Consider how AWS optimizes storage costs for multiple snapshots of the same volume.

Question 4

What is the key difference between EFS Regional (Standard) and EFS One Zone file systems?

Regional supports NFSv4, One Zone supports NFSv3 Regional replicates data across multiple AZs, One Zone stores data in a single AZ Regional is faster than One Zone One Zone cannot use mount targets

✓

Correct!

The key difference is availability and redundancy: EFS Regional replicates data across multiple Availability Zones (≥3 AZs) for high availability, while EFS One Zone stores data in a single AZ at a lower cost but with single-AZ failure risk.

✗

Incorrect

Think about the ‘Regional’ and ‘One Zone’ naming and what it implies about data placement.

Question 5

EFS mount targets require one mount target per _____ and use port _____ for NFS communication.

✓

Correct!

EFS architecture requires one mount target per Availability Zone, and NFS communication occurs over port 2049, which must be allowed in security groups.

✗

Incorrect

EFS architecture requires one mount target per Availability Zone, and NFS communication occurs over port 2049, which must be allowed in security groups.

The first blank relates to AWS regional architecture, the second is the standard NFS port number.

Question 6

Given this EFS mounting command, what protocol version is being used?

sudo mount -t nfs4 -o nfsvers=4.1 \
  fs-12345678.efs.us-east-1.amazonaws.com:/ /mnt/efs

What will this code output?

NFSv3 NFSv4.1 NFSv4.0 NFSv2

✓

Correct!

The command explicitly specifies nfsvers=4.1, which indicates NFSv4.1 is being used. EFS supports NFSv4 protocol for file sharing.

✗

Incorrect

The command explicitly specifies nfsvers=4.1, which indicates NFSv4.1 is being used. EFS supports NFSv4 protocol for file sharing.

Look at the -o option parameters in the mount command.

Question 7

What is an EFS Access Point and when should you use it?

EFS Access Point is an application-specific entry point into an EFS file system that enforces POSIX user/group identity and root directory.

When to use:

Multi-tenant SaaS applications requiring data isolation
Container workloads (ECS, EKS) with shared storage
Lambda functions accessing EFS
Enforcing separation between different applications

Benefits:

Each application sees only its own directory
Simplified IAM-based access control
Automatic directory creation with correct permissions

Did you get it right?

✓

Correct!

✗

Incorrect

Question 8

Arrange these S3 storage classes from MOST expensive (storage cost per GB) to LEAST expensive:

Drag to arrange from highest to lowest storage cost

⋮⋮ S3 Express One Zone

⋮⋮ S3 Standard

⋮⋮ S3 Standard-IA

⋮⋮ S3 Glacier Instant Retrieval

⋮⋮ S3 Glacier Deep Archive

✓

Correct!

Storage costs decrease as access frequency decreases: S3 Express One Zone (highest performance) → S3 Standard → S3 Standard-IA → S3 Glacier Instant Retrieval → S3 Glacier Deep Archive (lowest cost for rarely accessed data).

✗

Incorrect

Question 9

You have data that you need to access quarterly but require millisecond retrieval time when accessed. Which S3 storage class is most appropriate?

S3 Standard S3 Standard-IA S3 Glacier Instant Retrieval S3 Glacier Flexible Retrieval

✓

Correct!

S3 Glacier Instant Retrieval is designed for data accessed rarely (quarterly) but requires millisecond retrieval time when accessed. S3 Standard and Standard-IA are for more frequent access, while Glacier Flexible requires minutes to hours for retrieval.

✗

Incorrect

The question emphasizes both ‘quarterly access’ and ‘millisecond retrieval’ - find the storage class that meets both requirements.

Question 10

Which statements are true about S3 Versioning?

Once enabled, versioning can only be suspended, not disabled Each version has a unique Version ID Deleting an object creates a delete marker All versions are automatically deleted when a delete marker is created You can retrieve any previous version by specifying its Version ID

✓

Correct!

S3 Versioning, once enabled, can only be suspended (not fully disabled). Each version gets a unique ID. Deleting creates a delete marker but preserves all versions. You can retrieve any version by its ID. Versions are NOT automatically deleted - they remain preserved.

✗

Incorrect

Remember that versioning is designed to protect data, not delete it.

Question 11

S3 Lifecycle Policies automatically move objects between storage classes based on how frequently they are accessed.

True False

✓

Correct!

S3 Lifecycle Policies are TIME-based, not access-based. They transition objects based on object age (days since creation), regardless of access patterns. S3 Intelligent-Tiering is the service that uses access patterns to optimize storage class.

✗

Incorrect

Consider the difference between Lifecycle Policies and Intelligent-Tiering discussed in the content.

Question 12

What is the minimum storage duration for objects stored in S3 Glacier Deep Archive before you can delete them without incurring additional charges?

30 days 90 days 180 days 365 days

✓

Correct!

S3 Glacier Deep Archive has a minimum storage duration of 180 days (6 months). If you delete objects before this period, you are still charged for the full 180 days.

✗

Incorrect

S3 Glacier Deep Archive has a minimum storage duration of 180 days (6 months). If you delete objects before this period, you are still charged for the full 180 days.

Deep Archive has the longest minimum duration among all storage classes.

Question 13

Complete the AWS CLI command to enable S3 Object Lock on a new bucket:

Fill in the missing parameter

aws s3api create-bucket \
  --bucket my-locked-bucket \
  --_____________________

Your answer:

✓

Correct!

The parameter --object-lock-enabled-for-bucket must be specified at bucket creation time to enable Object Lock. It cannot be enabled on existing buckets.

✗

Incorrect

The parameter --object-lock-enabled-for-bucket must be specified at bucket creation time to enable Object Lock. It cannot be enabled on existing buckets.

Question 14

In S3 Object Lock, what is the key difference between Governance mode and Compliance mode?

Governance mode is cheaper than Compliance mode Governance mode allows users with special permissions to override retention, Compliance mode does not Compliance mode supports longer retention periods Governance mode only works with S3 Standard storage class

✓

Correct!

The key difference is that Governance mode allows users with s3:BypassGovernanceRetention permission to delete objects or shorten retention periods, while Compliance mode provides immutable protection - no one (not even root) can delete the object during the retention period.

✗

Incorrect

Think about the level of protection and who can override it.

Question 15

Explain the difference between S3 Replication and S3 Backup (Versioning + Lifecycle)

S3 Replication:

Real-time/near real-time copying of objects
Keeps destination in sync with source
Deletes in source can replicate to destination (if configured)
Purpose: Availability, performance, compliance

S3 Backup (Versioning + Lifecycle):

Point-in-time snapshots of object versions
Retains historical versions over time
Protects against accidental deletion (versions preserved)
Purpose: Data recovery, compliance, audit trail

Best Practice: Use BOTH - replication for availability/performance, versioning for backup/recovery.

Did you get it right?

✓

Correct!

✗

Incorrect

Question 16

S3 Batch Operations can process billions of objects with a single API request and provides automatic retry mechanisms for failed operations.

True False

✓

Correct!

S3 Batch Operations is designed for large-scale operations and can process billions of objects with a single request. It includes built-in retry mechanisms, progress tracking, and generates completion reports.

✗

Incorrect

Consider the purpose and capabilities of Batch Operations discussed in the content.

Question 17

Which operations can be performed using S3 Batch Operations?

Copy objects to a different bucket Invoke Lambda function on each object Restore objects from Glacier Apply Object Lock retention settings Modify EC2 instance storage

✓

Correct!

S3 Batch Operations supports: copying objects, invoking Lambda functions, restoring from Glacier, applying Object Lock, replacing ACLs/tags, and more. It does NOT interact with EC2 storage - that’s EBS.

✗

Incorrect

All correct answers relate to S3 object management operations.

Question 18

What is the primary difference between S3 Server Access Logs and AWS CloudTrail for S3 monitoring?

Access Logs are real-time, CloudTrail has hours of delay Access Logs track every object request with best-effort delivery, CloudTrail tracks API calls with guaranteed delivery CloudTrail is free, Access Logs have per-request charges Access Logs only work with S3 Standard storage class

✓

Correct!

S3 Server Access Logs provide detailed records of every object-level request (GET, PUT, DELETE) with best-effort delivery and hours of delay. CloudTrail tracks API calls (management and data events) with typically 15-minute delivery and guaranteed logging. They serve different purposes - use both for comprehensive monitoring.

✗

Incorrect

Consider the scope (what each service tracks) and delivery guarantees.

Question 19

When using S3 Intelligent-Tiering, AWS charges a small _____ fee per 1000 objects but does NOT charge _____ fees when objects are accessed.

✓

Correct!

S3 Intelligent-Tiering charges a small monitoring fee (~$0.0025 per 1000 objects) to track access patterns, but unlike manual tier selections (Standard-IA, Glacier), it does not charge retrieval fees when objects are accessed.

✗

Incorrect

Think about the cost trade-offs of automated optimization versus manual tier selection.

Question 20

You need to ensure that financial records cannot be deleted or modified for 7 years to meet SEC Rule 17a-4 compliance. Which combination of S3 features should you use?

S3 Versioning + Lifecycle Policy with 7-year expiration S3 Object Lock in Governance mode with 7-year retention S3 Object Lock in Compliance mode with 7-year retention S3 Glacier Deep Archive with 7-year minimum storage duration

✓

Correct!

SEC Rule 17a-4 requires immutable, WORM (Write Once Read Many) storage. S3 Object Lock in Compliance mode provides guaranteed immutability - no one (including root) can delete or modify objects during the retention period. Governance mode can be overridden, and storage class alone doesn’t prevent deletion.

✗

Incorrect

Look for the option that provides guaranteed immutability without any override capability.

Question 21

Arrange these steps in the correct order for using S3 Batch Operations:

Order the workflow from start to finish

⋮⋮ Create manifest (list of objects)

⋮⋮ Create batch job with operation type

⋮⋮ Review AWS cost estimate and confirm

⋮⋮ AWS executes job and generates completion report

✓

Correct!

The S3 Batch Operations workflow: 1) Create manifest listing objects to process, 2) Create batch job specifying the operation, 3) Review scope/cost estimate and confirm, 4) AWS executes with automatic retries and generates a completion report.

✗

Incorrect

Question 22

Which EBS volume type would be most appropriate for a mission-critical database requiring up to 256,000 IOPS with 99.999% durability?

gp3 (General Purpose SSD) io2 Block Express (Provisioned IOPS SSD) st1 (Throughput Optimized HDD) sc1 (Cold HDD)

✓

Correct!

io2 Block Express is designed for mission-critical databases with highest performance needs. It supports up to 256,000 IOPS, 4,000 MB/s throughput, and provides 99.999% durability. gp3 maxes out at 16,000 IOPS, and HDD types are not suitable for IOPS-intensive workloads.

✗

Incorrect

Focus on the IOPS requirement (256,000) and durability (99.999%) specifications.

Question 23

When you delete an S3 object in a versioned bucket, the object is permanently deleted and cannot be recovered.

True False

✓

Correct!

In a versioned bucket, deleting an object creates a delete marker, which makes the object appear deleted but preserves all previous versions. You can recover the object by deleting the delete marker or accessing specific version IDs directly.

✗

Incorrect

Remember that versioning is designed to protect against data loss.

Question 24

Which statements are true about EFS Data Protection features?

EFS integrates with AWS Backup for automated backup policies EFS Replication provides continuous automatic replication across regions The destination replica is read-only during replication Encryption at rest can be enabled or disabled at any time Encryption in transit uses TLS 1.2 and requires amazon-efs-utils

✓

Correct!

EFS supports AWS Backup integration, continuous cross-region replication with read-only destinations, and TLS 1.2 encryption in transit via amazon-efs-utils. However, encryption at rest must be enabled at file system creation and cannot be disabled once enabled.

✗

Incorrect

One statement about encryption at rest is incorrect - consider when encryption settings can be changed.

Question 25

Based on this Lifecycle Policy configuration, when will an object uploaded on January 1st be transitioned to Glacier?

{
  "Transitions": [
    {
      "Days": 30,
      "StorageClass": "STANDARD_IA"
    },
    {
      "Days": 90,
      "StorageClass": "GLACIER"
    }
  ]
}

What will this code output?

January 31st (30 days later) March 1st (60 days later) April 1st (90 days later) April 30th (120 days later)

✓

Correct!

The ‘Days’ parameter in Lifecycle Policies is counted from object creation. An object uploaded January 1st will transition to GLACIER on Day 90, which is April 1st (90 days after January 1st).

✗

Incorrect

The ‘Days’ parameter in Lifecycle Policies is counted from object creation. An object uploaded January 1st will transition to GLACIER on Day 90, which is April 1st (90 days after January 1st).

Days are counted from the object upload date, and transitions happen at the specified day count, not as a sequence of transitions.

Question 26

What happens when you enable S3 Transfer Acceleration on a bucket?

Objects are automatically compressed before upload Uploads use CloudFront edge locations for faster transfer over long distances Your bucket is replicated to all AWS regions The bucket storage class is changed to S3 Express One Zone

✓

Correct!

S3 Transfer Acceleration uses CloudFront’s globally distributed edge locations to accelerate uploads to S3, especially beneficial for uploads over long distances. It doesn’t compress data, replicate buckets, or change storage classes.

✗

Incorrect

Think about how AWS’s edge network infrastructure can speed up data transfers.

Question 27

When should you use S3 Lifecycle Policies versus S3 Intelligent-Tiering?

Use S3 Lifecycle Policies when:

You have predictable access patterns
Data naturally ages (logs, backups)
Compliance requires specific retention periods
You know when data becomes less valuable
Example: “Move logs to IA after 30 days, Glacier after 90 days”

Use S3 Intelligent-Tiering when:

Access patterns are unknown or unpredictable
Data usage changes over time
You want “set it and forget it” optimization
Mixed workloads (some hot, some cold)
Example: Data lakes, user-generated content

Can use BOTH: Lifecycle to move to Intelligent-Tiering after known active period, then let AWS optimize long-term storage.

Did you get it right?

✓

Correct!

✗

Incorrect

Question 28

S3 Legal Hold and S3 Object Lock retention periods are the same feature with different names.

True False

✓

Correct!

Legal Hold and retention periods are distinct features. Retention periods have a fixed duration and expire automatically. Legal Hold has no expiration date (indefinite) and must be manually removed. They work independently - an object can have both, and Legal Hold can be applied with or without a retention period.

✗

Incorrect

Consider the duration characteristics and use cases (compliance vs. litigation) discussed in the content.

Question 29

Which AWS service should you use to automate the creation, retention, and deletion of EBS snapshots?

AWS Lambda with EventBridge Amazon Data Lifecycle Manager AWS Config Rules S3 Lifecycle Policies

✓

Correct!

Amazon Data Lifecycle Manager (DLM) is purpose-built for automating EBS snapshot and AMI lifecycle management with policy-based automation, including creation schedules, retention rules, and automatic deletion.

✗

Incorrect

Look for the AWS-native service specifically designed for EBS snapshot automation.

Question 30

Which factors should you consider when choosing an S3 storage class?

How often you need to access the data How quickly you need retrieval when accessed Whether you can tolerate single-AZ risk The size of individual objects The color scheme of your AWS console

✓

Correct!

The three key factors for choosing S3 storage class are: access frequency (how often), retrieval speed (how fast), and availability requirements (single-AZ vs multi-AZ). Object size is less critical for storage class selection, and console appearance is irrelevant.

✗

Incorrect

The content explicitly lists three key factors at the beginning of the S3 Storage Classes section.

Question 31

S3 uses _____ storage architecture where objects are identified by unique _____ within a bucket, and folders are simulated using key _____.

✓

Correct!

S3 is a flat storage system (no real directory hierarchy). Objects are identified by unique keys, and folder-like structures are simulated using key prefixes (e.g., ‘images/photo1.jpg’ where ‘images/’ is the prefix).

✗

Incorrect

Think about how S3’s object storage model differs from traditional file systems.

Quiz Results

Score

0/0

Accuracy

Right

Wrong

Skipped

Last updated on January 6, 2026

Identity and Access Management