Amazon Cloud Practitioner Quiz Questions

How would you best describe "event-driven" in AWS Lambda?

"Event-driven" in Lambda means that functions are invoked when needed. They are triggered.

Where can you find a third party's AMI so you can use it to launch your EC2 Instance?

AWS Marketplace AMIs

According to the Shared Responsibility Model, who is responsible for protecting hardware?

AWS is responsible for protecting hardware. AWS is responsible for "Security OF the Cloud". AWS is also responsible for the infrastructure that runs all services in the AWS Cloud, etc.

What are Objects NOT composed of? Key Value Access Keys Metadata

Access Keys

What are AMIs NOT used for? Add your own software license Add your own configuration Add your own operating-system Add you own IP address

Add you own IP address

Which AWS database is fully serverless and has SQL capabilities?

Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.

You need to set up metrics monitoring for every service in AWS. Which service would you use? Cloudtrail Xray Cloudwatch Personal Health Dashboard

Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, and set alarms.

What is offered with the Enterprise Support Plan?

Business Plan + Access to Technical Account Manager Concierge Support Team Infrastructure Event Management & Operations Review Response within 15 minutes

You should use Amazon Transcribe to turn text into lifelike speech using deep learning. True or False?

False Amazon Transcribe is an AWS service that makes it easy for customers to convert speech-to-text. Amazon Polly is a service that turns text into lifelike speech.

You can perform any kind of penetration testing on any AWS service without prior approval. True or False?

False Penetration Testing is allowed without prior approval on 8 services. DDoS, port flooding and protocol flooding are examples of prohibited activities.

Which AWS offered Load Balancer should you use to handle hundreds of thousands of connections with low latency? Application Load Balancer Network Load Balancer Elastic Load Balancer

Network Load Balancer A Network Load Balancer can handle millions of requests per second with low-latency. It operates at Layer 4, and is best-suited for load-balancing TCP, UDP, and TLS traffic with ultra high-performance.

Which of the following is an exabytes-scale data moving service in or out of AWS? Snowball Snowball Edge Snowmobile

Snowmobile is used to move exabytes of data in or out of AWS (1 EB=1,000 PBs=1,000,000 TBs).

What are edge locations in AWS?

point of presence for AWS to deliver low latency content

CloudFront pricing is the same in every geographic region. True or False?

False

Which AWS service offers easy horizontal scaling of compute capacity?

Auto Scaling Groups

What is offered with the Basic Support Plan? (3)

24x7 access to customer service 7 core Trusted advisor checks Personal Health Dashboard

How long can you reserve an EC2 Reserved Instance?

1 or 3 years

What is an EBS Snapshot?

A backup of your EBS Volume at a point in time

How would you describe Amazon CloudWatch Logs?

A single, highly scalable service that centralizes logs from all of your systems, applications, and AWS services that you use

Which of the following is NOT an AWS Partner Network (APN) type? APN Technology Partners APN Service Partners APN Consulting Partners APN Training Partners

APN Services Partners

A company needs to run thousands of jobs but would like to NOT manage the compute resources. What service can it use?

AWS Batch enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS. AWS Batch dynamically provisions the optimal quantity and type of compute resources (e.g., CPU or memory-optimized instances) based on the volume and specific resource requirements of the batch jobs submitted.

What can you use to get alerts when your costs and usage are exceeding or are forecasted to exceed your budgeting Amount? Cloudwatch Billing Alarms Budgets Cost and Usage Reports Billing Dashboard

AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount. Difference with CloudWatch Billing Alarms: CloudWatch Billing Alarms only send alerts when your costs and usage are exceeding your budget, not when it is forecasted to exceed your budget, while AWS Budgets does both.

Which of the following allows you to deploy any AWS Infrastructure as a Code? Elastic Beanstalk OpsWorks Cloud Formation Systems Manager

AWS CloudFormation provides a common language for you to model and provision AWS and third party application resources in your cloud environment. It allows you to deploy Infrastructure as a Code.

What is called the declaration of the AWS resources that make up a stack?

AWS CloudFormation templates are JSON or YAML-formatted text files. They are declarations of the AWS resources that make up a stack.

Which service allows you to inspect, audit, and record events and API calls made within your AWS account? Xray Cloudwatch Cloudtrail

AWS CloudTrail is a web service that records activity made on your account and delivers log files to your Amazon S3 bucket. AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account.

Which AWS managed service allows to automate software deployments to a hybrid mix of EC2 Instances and On-Premises servers? Code Deploy Cloud Formation Elastic Beanstalk Code Star

AWS CodeDeploy is a service that automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises.

You want to record configurations and changes over time. Which service allows you to do this? Config Inspector GuardDuty Secrets Manager

AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.

You would like to migrate databases to AWS while still being able to use the database during the migration. What service allows you to do this? Elastic MapReduce (EMR) Database Migration Service (DMS) AWS Storage Gateway Snowball

AWS Database Migration Service helps you migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database.

A company would like to use their on-premises Microsoft Active Directory to connect to its AWS resources. Which service can it use? Directory services single sign on direct connect cognito

AWS Directory Service makes it easy for you to setup and run directories in the AWS cloud, or connect your AWS resources with an existing on-premises Microsoft Active Directory.

Which AWS service provides alerts and remediation guidance when AWS is experiencing events that may impact you? Service Health Dashboard CloudWatch Personal Health Dashboard CloudTrail

AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you.

AWS Regions are composed of? Two or more Edge Locations One or more discrete data centers Two or more Availability Zones

AWS Regions consist of multiple, isolated, and physically separate Availability Zones within a geographic area.

A company would like to centrally manage access to multiple AWS accounts and business applications. Which service can it use? Organizations Cognito Directory Service Single Sign on (SSO)

AWS SSO is an AWS service that enables you to makes it easy to centrally manage access to multiple AWS accounts and business applications and provide users with single sign-on access to all their assigned accounts and applications from one place.

What hybrid AWS service is used to allow on-premises servers to seamlessly use the AWS Cloud at the storage layer? Elastic Block Store Snowball S3 Storage Gateway

AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage.

You need a unified user interface that gives you visibility, control, and patching capabilities for your EC2 Instances on AWS, as well as for servers running in your on-premises data centers. Which service should you use? Storage Gateway OpsWorks Elastic Container Service Systems Managers

AWS Systems Manager AWS Systems Manager gives you visibility and control of your infrastructure on AWS. It is used for patching systems at scale.

A company would like recommendations regarding their performance, security, and fault tolerance. What can it use? Inspector Config Trusted Advisor Technical Account Manager

AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices, including performance, security, and fault tolerance, but also cost optimization and service limits.

Which AWS service helps developers analyze and debug production as well as distributed applications? Cloudwatch Xray Service Health Dashboard Cloudtrail

AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture.

According to the Shared Responsibility Model, who is responsible for Patch Management?

AWS and the customer AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications. Shared Controls also includes Configuration Management, and Awareness and Training.

A research team would like to group articles by topics using Natural Language Processing (NLP). Which service should they use? Translate Comprehend Lex Rekognition

Amazon Comprehend is a natural language processing (NLP) service that uses machine learning to find meaning and insights in text.

How can you create Hadoop clusters to analyze and process a vast amount of data? EMR Athena EC2 Instances Redshift

Amazon EMR is a web service that enables businesses, researchers, data analysts, and developers to easily and cost-effectively process vast amounts of data. EMR helps creating Hadoop clusters (Big Data) to analyze and process vast amount of data

Which in-memory AWS database can you use to reduce the load off databases and has high performance, low latency? Redshift ElasticCache RDS DynamoDB

Amazon ElastiCache is a web service that makes it easy to deploy and run Memcached or Redis protocol-compliant server nodes in the cloud. ElastiCache caches are in-memory databases with high performance, low latency. They help reduce load off databases for read intensive workloads.

Which S3 Storage Class is the most cost-effective for archiving data with no retrieval time requirement? Amazon Glacier Amazon Glacier Deep Archive Amazon S3 Standard-Infrequent Access Amazon S3 Intelligent Tiering

Amazon Glacier Deep Archive Amazon Glacier Deep Archive is the most cost-effective option if you want to archive data and do not have a retrieval time requirement. You can retrieve data in 12 or 48 hours.

Which service is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads? KMS WAF Inspector Guard Duty

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads.

A company would like to implement a chatbot that will convert speech-to-text and recognize the customers' intentions. What service should you use? Transcribe Rekognition Connect Lex

Amazon Lex is a service for building conversational interfaces into any application using voice and text. Lex provides the advanced deep learning functionalities of automatic speech recognition (ASR) for converting speech to text, and natural language understanding (NLU) to recognize the intent of the text, to enable you to build applications with highly engaging user experiences and lifelike conversational interactions.

Which S3 Storage Class is suitable for less frequently accessed data, but with rapid access when needed, while keeping a high durability and allowing an Availability Zone failure?

Amazon S3 Standard-Infrequent Access allow you to store infrequently accessed data, with rapid access when needed, has a high durability, and is stored in several Availability Zones to avoid data loss in case of a disaster. It can be used to store data for disaster recovery, backups, etc.

You need to enable fast, easy, and secure transfers of files over long distances on S3. Which service would you use? AWS Global Accelerator S3 Transfer Acceleration S3 Cross-Region Replication

Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket. Transfer Acceleration takes advantage of Amazon CloudFront's globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path.

What are IAM roles?

An IAM entity that defines a set of permissions for making AWS service requests, that will be used by AWS services

What can you use to handle quickly and automatically the changing load on your websites and applications by adding compute resources? An Elastic Load Balancer A bigger instance type An auto scaling group health checks on your EC2 instances

An auto scaling group An Auto Scaling Group (ASG) can automatically and quickly scale-in and scale-out to match the changing load on your applications and websites.

Which Load Balancer is best suited for HTTP/HTTPS load balancing traffic? Network Load Balancer Classic Load Balancer Elastic Load Balancer Application Load Balancer

Application load balancer Application Load Balancers are used for HTTP and HTTPS load balancing. They are the best-suited for this kind of traffic.

What is the main purpose of High Availability in the Cloud? Increase scalability Application thriving even in case of a disaster Access on computers and smartphones Handle greater loads by launching EC2 instances based on the demand

Application thriving even in disaster High Availability means applications running at least in two AZs to survive a data center loss.

Where can you find on-demand access to AWS compliance documentation and AWS agreements? Artifact Personal Health Dashboard Secrets Manager Shared Responsibility Model

Artifact

Under the shared responsibility model, what is the customer responsible for in IAM? Infrastructure security Compliance validation Configuration and vulnerability analysis Assigning users proper IAM Policies

Assigning users proper IAM Policies

Which relational database is a proprietary technology from AWS and is cloud-optimized?

Athena

Which of the following statements is NOT a feature of Load Balancers? Do regular health checks on your instances Spread load across multiple downstream instances Handle failures of downstream instances Back-end auto scaling

Back end autoscaling Load Balancers cannot help with back-end autoscaling. You should use Auto Scaling Groups.

What is offered with the Developer Support Plan? (4)

Basic Plan + Business hour email access to cloud support 1 primary contact 12-24 hrs to be contacted

Which of the following options is NOT a vertical scaling limit? Downtime Higher cost Capacity limitation Better fault tolerance

Better fault tolerance This is an advantage of horizontal scaling.

Where are objects stored in Amazon S3?

Buckets

Which AWS service is the key to Operational Excellence? CloudFormation EC2 OpsWork CodeDeploy

CloudFormation is a key service to Operational Excellence as it prepares, operates, and evolves, but also performs operations as code.

If a resource is deleted in AWS, which service should you use to investigate first? Cloudtrail Cloudwatch logs Personal Health Dashboard

CloudTrail can record the history of events/API calls made within you AWS account, which will help determine who or what deleted the resource. You should investigate it first.

A company just created a new mobile application and wants to add a simple and secure user sign-up, sign-in, and access control. What AWS service can it use? IAM Cognito Directory Services Single Sign on

Cognito

What are the 3 pricing fundamentals of the AWS Cloud?

Compute, Storage, and data transfer out of the AWS Cloud

Which of the following is NOT an EC2 Instance Purchasing Option? Spot Instances Reserved Instances On-demand Instances Connect Instances

Connect Instances

A company would like to choose the best Savings Plan and forecast its cost in the next 3 months. Which AWS service can help? Cost and Usage Reports Budgets Cost Explorer Forecast

Cost Explorer can be used to forecast usage up to 3 months based on the previous usage. It can also be used to choose an optimal Savings Plan. Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time.

AWS Cost Explorer and AWS Trusted Advisor are services examples of which Well-Architected Framework pillar? Security Operational Excellence Cost Optimization Performance Efficiency

Cost optimization

Which of the following is NOT a pricing factor in S3? Storage class Data transfer into S3 Objects size Types of requests

Data transfer into S3

Which principle is mainly applied when using Amazon SQS or Amazon SNS? Scalability Automation Decouple your applications

Decouple your applications When using SQS or SNS, you apply the "decouple your applications" principle. This means that IT systems should be designed in a way that reduces interdependencies—a change or a failure in one component should not cascade to other components.

Which of the following statements is NOT a feature of AWS Lambda? Integration with the whole AWS suite of services Virtual functions Automated and continuous scaling Definition of a minimum and maximum of EC2 Instances running

Definition of a minimum and maximum of EC2 Instances running

You would like to set up a NoSQL database that can scale with no downtime and can handle millions of requests per second. Which AWS database is best suited for this work?

DynamoDB

What is an EBS Volume tied to? A region A data center An edge location An availability zone

EBS Volumes are tied to only one availability zone.

Which AWS service allows you to launch Docker containers on AWS, but requires you to provision and maintain the infrastructure? ECR EC2 ECS Fargate

ECS allows you to launch Docker containers on AWS, but you must provision and maintain the infrastructure (i.e. EC2 instances).

Which EC2 Storage would you use to create a shared network file system for your EC2 Instances? EBS Volume EC2 Instance Store EBS Snapshots EFS

EFS

Which service is referred to as a Platform as a Service (PaaS)? Elastic Beanstalk OpsWorks Cloud Formation EC2

Elastic Beanstalk is a Platform as a Service (PaaS). You only manage data and applications. AWS Elastic Beanstalk makes it even easier for developers to quickly deploy and manage applications in the AWS Cloud

Where should you store your private Docker images so they can be run by ECS or Fargate? Elastic Docker Registry Elastic Docker File Registry Elastic Container Registry Elastic Private Container Registry

Elastic Container Registry (ECR) is a service where you store your Docker image so they can be run by ECS or Fargate.

What should you do to increase your root account security?

Enable MFA You want to enable MFA in order to add a layer of security, so even if your password is stolen, lost or hacked your account is not compromised.

Testing recovery procedures, stopping guessing capacity, and managing changes in automation are design principles of Performance Efficiency. True or False?

False Testing recovery procedures, stopping guessing capacity, and managing changes in automation are design principles of Reliability. Performance Efficiency design principles include: democratize advanced technologies, go global in minutes, use serverless architecture, experiment more often, mechanical sympathy.

When you reserve, the larger the upfront payment, the smaller the discount. True or False?

False. When the upfront payment is higher, the discount is bigger.

You would like a serverless service to launch Docker containers with no infrastructure to provision. Which AWS service should you use? ECS Fargate ECR Lambda

Fargate allows you to launch Docker containers on AWS, and you don't need to provision and maintain the infrastructure (=no EC2 instances to manage). It is serverless.

Which of the following is INCORRECT regarding AWS Organizations? Manage multiple AWS accounts Consolidated billing across all accounts Volume discounts from aggregated usage Faster access to aws support

Faster access to aws support

What is offered with the Business Support Plan? (5)

Full Trusted Advisor Checks 24 x 7 access by phone email and chat to Cloud engineers unlimited contacts access to infrastructure event management Prod support within 1-4 hrs

What are availability zones?

Global Infrastructure identity is composed of one or more discrete data centers with redundant power, networking, and connectivity, and are used to deploy infrastructure

You would like to use a serverless service to prepare data so it can be loaded for analytics. Which service would you use? Athena RDS Glue ElasticCache

Glue

Which of the following are design principles of Performance Efficiency? Go global in minutes & experiment more often Analyze and attribute expenditure & stop spending money on data center operations Make frequent, small, reversible changes & anticipate failure Automate security best practices & keep people away from data

Go global in minutes & experiment more often Performance Efficiency design principles include: democratize advanced technologies, go global in minutes, use serverless architecture, experiment more often, mechanical sympathy.

What principle should you apply regarding IAM Permissions?

Grant least privelege

Auto Scaling in EC2 and DynamoDB are examples of? Horizontal Scaling Vertical Scaling

Horizontal Scaling Auto Scaling in EC2 allows you to have the right number of instances to handle the application load. Auto Scaling in DynamoDB automatically adjusts read and write throughput capacity, in response to dynamically changing request volumes, with zero downtime. These are both examples of horizontal scaling.

A company would like to benefit from the advantages of the Public Cloud but would like to keep sensitive assets in its own infrastructure. Which deployment model should the company use? Private Cloud Public Cloud Hybrid Cloud

Hybrid Cloud Using a Hybrid Cloud deployment model allows you to benefit from the flexibility, scalability and on-demand storage access while keeping security and performance of your own infrastructure.

Which of the following services has a global scope? EC2 IAM Lambda Rekognition

IAM

Which of the following is an IAM security tool? IAM Credentials Report IAM Root Account Manager IAM Services Report IAM Security Advisor

IAM Credentials Report IAM Credentials report lists all your account's users and the status of their various credentials. The other IAM Security Tool is IAM Access Advisor. It shows the service permissions granted to a user and when those services were last accessed.

Which answer is INCORRECT regarding IAM Users? IAM Users can belong to multiple groups IAM Users don't have to belong to a group IAM Users can have policies assigned to them IAM Users access AWS with the root account credentials

IAM Users access AWS with the root account credentials

Which services are free to use in AWS? IAM, VPC, Consolidated Billing, and Elastic Beanstalk Elastic Beanstalk, Cloud Formation, Auto Scaling Groups, and Lambda SNS, SQS, IAM, VPC All services have a free tier included

IAM, VPC, Consolidated Billing, and Elastic Beanstalk These services are free to use. Be careful, the resources created in Elastic Beanstalk (as well as in CloudFormation and Auto Scaling Groups) are not free.

A company would like to automate security on EC2 instances to assess security and vulnerabilities in these instances. Which AWS service should it use? Config Trusted Advisor Inspector Systems Manager

Inspector

Which statement is CORRECT regarding EC2 Instance Store? It is not good to use as a disk to cache content It has better I/O performance, but the data is lost if the EC2 is terminated Your data is always safe with EC2 Isntance store

It has better I/O performance, but the data is lost if the EC2 is terminated EC2 Instance Store has a better I/O performance, but data is lost if: the EC2 instance is stopped or terminated, or when the underlying disk drive fails.

What are IAM policies?

JSON documents to define Users, Groups, or Roles' permissions

Which of the following services is managed by AWS and is used to manage encryption keys? CloudHSM KMS AWS Secrets Manager IAM

KMS - Key Management Service

What can you use to define actions to move S3 objects between different storage classes? Scaling Policy Bucket Policies Lifecyle Rules Replication

Lifecycle Rules can be used to define when S3 objects should be transitioned to another storage class or when objects should be deleted after some time.

A complete cloud beginner would like to create a simple application with predictable pricing. What service should this person use?

Lightsail Amazon Lightsail is designed to be the easiest way to launch and manage a virtual private server with AWS. Lightsail plans include everything you need to jumpstart your project - a virtual machine, SSD- based storage, data transfer, DNS management, and a static IP address - for a low, predictable price. It can be used to create a simple web application, a website or a dev/test environment.

What is the definition of Cloud Computing?

On-demand availability of computer system resources, especially data storage and computing power without direct active management by the user

What are the five characteristics of cloud computing?

On-demand self service Broad network access Multi-tenancy and resource pooling Rapid elasticity and scalability Measured service

You need to use Chef or Puppet. Which AWS service should you use?

OpsWorks AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet.

Which of the following services can help you manage multiple AWS accounts? IAM Directory Services Organizations Single Sign on

Organizations helps you to centrally manage billing; control access, compliance, and security; and share resources across your AWS accounts.

You are running an on-demand Linux EC2 instance, what timing is applied regarding billing? Pay per minute Pay per hour Pay per day Pay per second

Pay per second With Linux EC2 instances, you pay per second of compute capacity. There is also a minimum of 60s of use.

What is the pricing model of Cloud Computing? Discounts over time Pay-as-you-go pricing Pay once a year Flat-rate pricing

Pay-as-you-go pricing In Cloud Computing, you are only charged for what you use.

How do you get charged in AWS Lambda? Per programming language Per number of functions Per call and per duration Per inactive time

Per call and per duration In AWS Lambda, you are charged per request and compute time, that's it.

You ONLY want to manage Applications and Data. Which type of Cloud Computing model should you use? On-premises Infrastructure as a Service Software as a Service Platform as a Service

Platform as a Service In the Platform as a Service model, you only manage the data and the applications.

Which of the following databases is a managed service with SQL capability suited for Online Transaction Processing (OLTP)? DynamiDB Redshift RDS MySQL on EC2

RDS Amazon Relational Database Service (Amazon RDS) is a SQL managed service that makes it easy to set up, operate, and scale a relational database in the cloud. It is suited for OLTP workloads

Which AWS database is a data warehouse?

Redshift

You would like to find objects, people, text, or scenes in images and videos. What AWS service should you use? Rekognition Polly Transcribe Lex

Rekognition

Which EC2 Purchasing Option should you use for an application you plan on running on a server continuously for 1 year? Reserved Instances Spot Instances On-demand Instances Convertible Instances

Reserved Instances Reserved Instances are good for long workloads. You can reserve instances for 1 or 3 years.

Which RDS pricing option is the most cost-effective if you need capacity for 3 years? On-demand Spot Instances Dedicated Instances Reserved Instances

Reserved Instances are good and more cost-effective (up to 69% discount compared to On-demand pricing, depending on the upfront) for long workloads. You can reserve instances for 1 or 3 years in RDS.

Which features are available with Route 53? Health Checks, Auto Scaling, Routing Policy, DNS Load Balancing, DNS, Domain Registration, Monitoring Domain Registration, DNS, Health Checks, DDoS Protection Domain Registration, DNS, Health Checks, Routing Policy

Route 53 features are (non exhaustive list): Domain Registration, DNS, Health Checks, Routing Policy

A developer would like to build, train, and deploy a machine learning model quickly. Which service can he use? SageMaker Polly Comprehend Transcribe

Sagemaker

Which pricing model allows you to minimize risks, predictably manage budgets and comply with long-term requirements, and is available for EC2, DynamoDB, ElastiCache, RDS, and Redshift? Pay as you go Pay less as AWS grows Pay less by using more Save when you reserve

Save when you reserve Reservations are available for EC2 Reserved Instances, DynamoDB Reserved Capacity, ElastiCache Reserved Nodes, RDS Reserved Instance, Redshift Reserved Nodes. Reservations allow you to minimize risks, predictably manage budgets and comply with long-term requirements.

Which of the following statements is NOT a reason for a global application? Decreased latency Disaster recovery Scale elastically on demand Attack protection

Scale elastically on demand

Implementing Security Groups, NACLs, KMS, or CloudTrail reflects which Well-Architected Framework Pillar? Security Reliability Cost Optimization Performance Efficiency

Security The Security pillar includes the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies.

Which network security tool can you use to control traffic in and out of EC2 Instances? Network Access Control List (NACL) Identity and Management Access (IAM) GuardDuty Security Groups

Security Groups Security Groups operate at instance level and can control traffic.

Which AWS service's ONLY role is to safeguard running applications from DDoS attacks? WAF Shield CloudFront KMS

Shield

What can you use to estimate the cost of your architecture solution? Simple Monthly Calculator/Pricing Calculator Cost and Usage Reports Total Cost of Ownership (TCO) Trusted Advisor

Simple Monthly Calculator/Pricing Calculator

Which service is a fully managed pub/sub messaging service that makes it easy to set up, operate, and send notifications from the cloud, using a push-based system?

Simple notification service (SNS)

Which service allows you to send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available, using a pull-based system?

Simple queue service (SQS)

Which of the following services is a petabyte-scale data moving service (as a fleet) in or out of AWS with computing capabilities? Snowball Snowball Edge Snowmobile

Snowball Edge is best-suited to move petabytes of data and offers computing capabilities. Be careful, it's recommended to use a fleet of Snowballs to move less than 10PBs of data. Over this quantity, it's better-suited to use Snowmobile.

Which EC2 Purchasing Option can provide the biggest discount, but is not suitable for critical jobs or databases? Scheduled Instances Convertible Instances Dedicated Hosts Spot Instances

Spot Instances Spot Instances are good for short workloads, but are less reliable.

What do Resource Groups rely on to group your resources? Labels Categories Tags Stickers

Tags You can assign metadata to your AWS resources in the form of tags. Tags can help you manage, identify, organize, search for, and filter resources.

What is the name of a central repository to store structural and operational metadata for data assets in AWS Glue? Glue Data Table Glue Data Dictionary Glue Data Catalog

The AWS Glue Data Catalog is a central repository to store structural and operational metadata for all your data assets. For a given data set, you can store its table definition, physical location, add business relevant attributes, as well as track how this data has changed over time.

Which CloudWatch feature would you use to trigger notifications when a metric reaches a threshold you specify? Cloudwatch events Cloudwatch logs Cloudwatch alarms Cloudwatch triggers

The CloudWatch Alarms feature allows you to watch CloudWatch metrics and to receive notifications when the metrics fall outside of the levels (high or low thresholds) that you configure.

What defines the distribution of responsibilities for security in the AWS Cloud?

The Shared Responsibility Model

A company is not sure whether or not it is cost-effective to migrate to the AWS Cloud. Which service can help the executive board make a decision? Simple Monthly Calculator Total Cost of Ownership (TCO) Billing Dashboard Cost Explorer

The TCO calculators allow you to estimate the cost savings when using AWS and provide a detailed set of reports that can be used in executive presentations.

According to the Shared Responsibility Model, who is responsible for firewall and network configuration for EC2 Instances?

The customer The customer is responsible for firewall and network configuration. Customers are responsible for "Security IN the Cloud". It also includes server-side encryption, client-side data protection, customer data protection, etc.

Under the Shared Responsibility Model, who is responsible for operating-system patches and updates on EC2 Instances?

The customer The customer is responsible for operating-system patches and updates on EC2 Instances, as well as data security on the instances, Security Groups rules, etc.

Which of the following statements is INCORRECT regarding the definition of the term "serverless"? Serverless allows you to deploy functions as a service There are no servers You don't need to manage servers Lambda is the serverless pioneer

There are no servers Serverless does not mean that there are no servers, you just do not manage, provision and see them, but they do exist.

Which of the following is NOT an advantage of cloud computing? Trade capital expense (CAPEX) for operational expense (OPEX) Train your employees less Go global in minutes Stop spending money running and maintaining data centers

Train your employees less

Which AWS service makes it easy to convert speech-to-text? Connect Translate Transcribe Polly

Transcribe

A company would like to convert their documents in different languages, with natural and accurate wording. What should they use? Transcribe Polly Translate Word Translator

Translate

An EBS Volume is a network drive you can attach to your instances while they run, so your instances' data persist even after their termination. True or False?

True

CloudFormation and Elastic Beanstalk are free of use. True or False?

True CloudFormation and Elastic Beanstalk are free of use, but you do pay for the resources created.

EBS Volumes CANNOT be attached to multiple EC2 instances at a time. True or False?

True EBS Volumes can be attached to only one EC2 Instance, but EC2 Instances can have multiple EBS Volumes attached to them.

The Enterprise Support Plan comes with a business-critical system down response under 15 minutes and offers access to a Technical Account Manager, as well as a Concierge Support Team. True or False?

True The Enterprise Support Plan comes with a business-critical system down response under 15 minutes and offers access to a Technical Account Manager, as well as a Concierge Support Team. It is the only plan to have these features.

EBS Snapshots are added cost in GB per month. True or False?

True The added data storage by EBS Snapshots are added cost in GB per month to EBS pricing. Other EBS pricing factors are: Volume type, Provisioned storage volume, IOPS, etc.

Changing an EC2 Instance Type from a t3a.medium to a t3a.2xlarge is an example of?

Vertical Scaling Vertical scaling means increasing the size of the instance. Changing from a t3a.medium to a t3a.2xlarge is an example of size increase.

With which services does CloudFront integrate to protect against web attacks? WAF & Shield WAF & IAM IAM & Shield Security Groups & WAF

WAF & Shield You can use AWS WAF web access control lists (web ACLs) to help minimize the effects of a distributed denial of service (DDoS) attack. For additional protection against DDoS attacks, AWS also provides AWS Shield Standard and AWS Shield Advanced.

A company would like to protect its web applications from common web exploits that may affect availability, compromise security, or consume excessive resources. Which AWS service should they use? Auto Scaling Groups (ASG) Shield CloudHSM Web Application Firewall

Web Application Firewall (WAF) AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.

Which Route 53 Routing Policies would you use to route traffic to multiple resources in proportions that you specify? Simple Routing Policy Weighted Routing Policy Latency Routing Policy Failover Routing Policy

Weighted Routing Policy

Which of the following statements is INCORRECT regarding Auto Scaling Groups? replace unhealthy instances are cost-effective by running at optimal capacity automatically register new instances to a load balancer automatically changing the EC2 instances types

automatically changing the EC2 instances types Auto Scaling Groups can add or remove instances, but from the same type. They cannot change the EC2 Instances Types on the fly.

What are regions in AWS?

cluster of data centers