AWS Certified Cloud Practitioner Practice Test #2
A data analytics company stores its data on Amazon Simple Storage Service (S3) and wants to do SQL based analysis on this data with minimum effort. As a cloud practitioner, which of the following AWS services will you suggest for this use case? - Amazon DynamoDB - Amazon Aurora - Amazon Athena - Amazon Redshift
Amazon Athena
An e-commerce company wants to store data from a recommendation engine in a database. As a Cloud Practitioner, which AWS service would you recommend to provide this functionality with the LEAST operational overhead for any scale? - Amazon Relational Database Service (RDS) - Amazon Neptune - Amazon DynamoDB - Amazon Simple Storage Service (S3)
Amazon DynamoDB - key-value and document database that delivers sub-millisecond performance at any scale
Which of the following AWS services allows a database to have flexible schema and supports document data models? - Amazon Redshift - Amazon DynamoDB - Amazon Aurora - Amazon Relational Database Service (RDS)
Amazon DynamoDB ..... noSQL database that supports key-value and document data models
An e-commerce company wants to assess its applications deployed on Amazon Elastic Compute Cloud (EC2) instances for vulnerabilities and deviations from AWS best practices. Which AWS service can be used to facilitate this? - AWS Secrets Manager - AWS CloudHSM - AWS Trusted Advisor - Amazon Inspector
Amazon Inspector
What are the fundamental drivers of cost with AWS Cloud? - Compute, databases, and outbound data transfer - Compute, storage, and inbound data transfer - Compute, databases, and inbound data transfer - Compute, storage, and outbound data transfer
Compute, Storage, and Outbound Data Transfer
According to the AWS shared responsibility model, which of the following are responsibilities of the customer for Amazon RDS? - Applying patches to the underlying OS - Applying patches to the Amazon Relational Database Service (RDS) - Database encryption - Managing the underlying server hardware on which Amazon RDS runs
Database encryption
As per the AWS shared responsibility model, which of the following is a responsibility of AWS from a security and compliance point of view? - Server-side Encryption (SSE) - Customer Data - Edge Location Management - Identity and Access Management
Edge location management
Which characteristic of Cloud Computing imparts the ability to acquire resources as you need and release when you no longer need them? - Reliability - Elasticity - Resiliency - Durability
Elasticity
The AWS Cloud Adoption Framework (AWS CAF) recommends four iterative and incremental cloud transformation phases. Which cloud transformation journey phase of the AWS Cloud Adoption Framework (AWS CAF) focusses on demonstrating how the cloud will help accelerate your business outcomes? - Launch - Envision - Scale - Align
Envision
Which Amazon Route 53 routing policy would you use to improve the performance for your customers by routing the requests to the AWS endpoint that provides the fastest experience? - Failover routing - Simple routing - Latency-based routing - Weighted routing
Latency-based routing
What foundational capability under the operations perspective is part of the AWS Cloud Adoption Framework (AWS CAF)? - Platform engineering - Performance and capacity management - Application portfolio management - Vulnerability management
Performance and capacity management
Which of the following statements is INCORRECT about AWS auto scaling? - You can automatically deploy AWS Shield when a DDoS attack is detected - You can scale out and add more Amazon EC2 instances to match an increase in demand as well as scale in and remove Amazon EC2 instances to match a reduced demand - You can automatically remove unhealthy instances - You can automatically register new instances to a load balancer
You can automatically deploy AWS Shield when a DDoS attack is detected
Multi-AZ is an example of which of the following? - scale out - scale up - high availability - performance efficiency
high availability - can withstand some measure of degradation while still remaining available
As per the AWS Shared Responsibility Model, which of the following is a responsibility of the customer from a security and compliance point of view? - Patching/ fixing flaws within the AWS infrastructure - Managing patches of the guest operating system on Amazon EC2 - AZ infrastructure management - Configuration management for AWS global infrastructure
managing patches of the guest operating system on Amazon Elastic Compute Cloud (EC2)
Which of the following statements is correct regarding the AWS pricing policy for data transfer charges into or out of an AWS Region? - Only inbound data transfer is charged - Neither inbound nor outbound data transfer are charged - Only outbound data transfer is charged - Both inbound data transfer and outbound data transfer are charged
only outbound data transfer is charged
What are the different gateway types supported by AWS Storage Gateway Service? - tape gateway, file gateway, block gateway - tape gateway, object gateway, volume gateway - tape gateway, file gateway, volume gateway - object gateway, file gateway, block gateway
tape gateway, file gateway, volume gateway
An organization has a complex IT architecture involving a lot of system dependencies and it wants to track the history of changes to each resource. Which AWS service will help the organization track the history of configuration changes for all the resources? - AWS CloudFormation - AWS Service Catalog - AWS CloudTrail - AWS Config
AWS Config
A gaming company is looking at a technology/ service that can deliver a consistent low-latency gameplay to ensure a great user experience for end-users in various locations. Which AWS technology/ service will provide the necessary low-latency access to the end-users? - AWS Wavelength - AWS Local Zones - AWS Direct Connect - AWS Edge Locations
AWS Local Zones
Which AWS service enables users to find, buy, and immediately start using software solutions in their AWS environments? - AWS Marketplace - AWS OpsWorks - AWS Config - AWS Systems Manager
AWS Marketplace
A retail company has multiple AWS accounts for each of its departments. Which of the following AWS services can be used to set up consolidated billing and a single payment method for these AWS accounts? - AWS Budgets - AWS Secrets Manager - AWS Organizations - AWS Cost Explorer
AWS Organizations
An online gaming company wants to block users from certain geographies from accessing its content. Which AWS service can be used to accomplish this task? - Security group - Amazon CloudWatch - AWS Shield - AWS Web Application Firewall (AWS WAF)
AWS Web Application Firewall (AWS WAF)
Which policy describes describes prohibited uses of the web services offered by Amazon Web Services? - AWS Acceptable Use Policy - AWS Trusted Advisor - AWS Applicable Use Policy - AWS Fair Use Policy
AWS acceptable use policy
Which AWS technology/ service helps you to scale your resources to match supply with demand while still keeping your cloud solution cost-effective? - AWS OpsWorks - AWS CloudFormation - AWS Cost Explorer - AWS Auto Scaling
AWS auto scalling
Which AWS service would you use to send alerts when the costs for your AWS account exceed your budgeted amount? - AWS Cost Explorer - AWS Pricing Calculator - AWS Budgets - AWS Organizations
AWS budgets
A startup is looking for 24x7 phone-based technical support for its AWS account. Which of the following is the MOST cost-effective AWS support plan for this use-case? - AWS Enterprise Support - AWS Developer Support - AWS Enterprise On-Ramp Support - AWS Business Support
AWS business support
Which AWS service helps with global application availability and performance using the AWS global network? - Amazon CloudFront - Amazon Route 53 - AWS Global Accelerator - Elastic Load Balancing (ELB)
AWS global accelerator
Which tool will help you review your workloads against current AWS best practices for cost optimization, security, and performance improvement and then obtain advice to architect them better? - AWS Cost Explorer - AWS Trusted Advisor - Amazon CloudWatch - Amazon Inspector
AWS trusted advisor
Which of the following solutions can you use to connect your on-premises network with AWS Cloud? Select two. - Amazon Virtual Private Cloud (VPC) - AWS Direct Connect - Amazon Route 53 - Internet Gateway - AWS Virtual Private Network (VPN)
- AWS Direct Connect - AWS Virtual Private Network (VPN)
Which of the following AWS services are always free to use? Select two. - Amazon Elastic Compute Cloud (EC2) - Amazon Simple Storage Service (S3) - AWS Identity and Access Management (IAM) - AWS Auto Scaling - Amazon DynamoDB
- AWS Identity and Access Management (AWS IAM) - AWS Auto Scaling
Which of the following AWS services are global in scope? (Select two). - AWS Identity and Access Management (AWS IAM) - Amazon CloudFront - Amazon Relational Database Service (Amazon RDS) - Amazon Simple Storage Service (S3) - Amazon EC2
- AWS Identity and Access Management (AWS IAM) - Amazon CloudFront
An IT company wants to run a log backup process every Monday at 2 AM. The usual runtime of the process is 5 minutes. As a cloud practitioner, which AWS services would you recommend to build a serverless solution for this use-case? Select two. - AWS Systems Manager - AWS Lambda - Amazon Elastic Compute Cloud (EC2) - AWS Step Function - Amazon Eventbridge
- AWS Lambda run code w/o provisioning servers - Amazon Eventbridge Service that provides real-time access to changes in data without writing code
Which of the following statements are true about AWS Lambda? Select two. - AWS Lambda lets you run code without provisioning or managing servers - AWS Lambda allows you to install databases on the underlying serverless Operating System - You pay for the compute time you consume for AWS Lambda - AWS Lambda provides access to the underlying operating system to control its behavior through code
- AWS Lambda lets you run code without provisioning or managing servers - You pay for the compute time you consume for AWS Lambda
An organization is planning to move its infrastructure from the on-premises datacenter to AWS Cloud. as a Cloud Practitioner, which operations would you recommend so that the organization can identify the right AWS services to build solutions on AWS Cloud? Select two. - Amazon CloudWatch - AWS Service Catalog - AWS Partner Network (APN) - AWS Organizations - AWS CloudTrail
- AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS - AWS Partner Network (APN) Global partner program for technology and consulting businesses that leverage Amazon Web Services to build solutions and services for customers
Which of the following options can be used to access and manage all AWS services? Select three. - AWS software development kit (SDK) - AWS command line interface (CLI) - Amazon API gateway - AWS secrets manager -AWS systems manager - AWS management console
- AWS Software Development Kit (SDK) - AWS Command Line Interface (AWS CLI) - AWS Management Console
Which of the following AWS services can be used to prevent Distributed Denial-of-Service (DDoS) attack? Select three. - AWS Web Application Firewall (AWS WAF) - AWS Shield - Amazon Inspector - AWS Trusted Advisor - Amazon CloudFront with Amazon Route 53 - AWS CloudHSM
- AWS WEb Application Firewall (AWS WAF) - AWS Shield - Amazon CloudFront with Amazon Route 53
Which of the following is the correct statement regarding the AWS Storage services? - S3 is object-based storage, elastic block store (EBS) is file-based storage, elastic file system (EFS) is block-based storage - S3 is file-based, EBS is block-based, EFS is object-based - S3 is object-based, EBS is block-based, EFS is file-based S3 is block-based, EBS is object-based, EFS is file-based
- Amazon S3 is object based storage - Amazon EBS is block based storage - Amazon Elastic File System (EFS) is file based storage
AWS Compute Optimizer delivers recommendations for which of the following AWS resources? Select two. - Amazon EC2 instances, Amazon Elastic File System (EFS) - AWS Lambda functions, Amazon S3 - Amazon Elastic File System (EFS), AWS Lambda functions - Amazon Elastic Block Store (EBS), AWS Lambda functions - Amazon Elastic Compute Cloud (EC2) instances, Amazon EC2 Auto Scaling groups
- Amazon elastic block store (EBS) - AWS lambda functions
The engineering team at an IT company wants to monitor the CPU utilization for its fleet of Amazon Elastic Compute Cloud (EC2) instances and send an email to the administrator if the utilization exceeds 80%. As a cloud practitioner, which AWS services would you recommend to build this solution? Select two. - Amazon Simple Queue Service (SQS) - AWS Lambda - AWS CloudTrail - Amazon Simple Notification Service (SNS) - Amazon CloudWatch
- Amazon simple notification notification service (SNS) - Amazon CloudWatch
Which of the following statements are correct about the AWS root user account? Select two. - Root user credentials should only be shared with managers requiring administrative responsibilities to complete their jobs - Root user account password cannot be changed once it is set - Root user account gets unrestricted permissions when the account is created, but these can be restricted using IAM policies - It is highly recommended to enable Multi-Factor Authentication (MFA) for root user account - Root user access credentials are the email address and password used to create the AWS account
- It is highly recommended to enable Multi-Factor Authentication (MFA) for root user account - Root user access credentials are the email address and password used to create the AWS account
Which of the following use-cases IS NOT supported by Amazon Rekognition? - Label objects in a photo - Quickly resize photos to create thumbnails - detect text in a photo - identify person in a photo
- Quickly resize photos to create thumbnails - Supported by Rekognition: label objects in a photo, detect text in a photo, identify person in a photo
Which of the following statements is correct for a Security Group and a Network Access Control List (Network ACL)? - Security Group acts as a firewall at the VPC level whereas Network ACL acts as a firewall at the AZ level - Security Group acts as a firewall at the AZ level whereas Network ACL acts as a firewall at the VPC level - Security Group acts as a firewall at the instance level whereas Network ACL acts as a firewall at the subnet level - Security Group acts as a firewall at the subnet level whereas Network ACL acts as a firewall at the instance level
- Security Group acts as a firewall at the instance level whereas Network Access Control List (Network ACL) acts as a firewall at the subnet level
Which of the following are examples of Horizontal Scalability (aka Elasticity)? Select two. - Add a bigger CPU to a computer - Read Replicas in Amazon Relational Database Service (RDS) - Modify a database instance to higher CPU and RAM - Modify an EC2 instance type from t2.nano to u-12tb1.metal - Elastic load balancing (ELB)
- read replicas in amazon relational database services (RDS) - Elastic load balancing (ELB) - Horizontal scaling: increase capacity by adding more computers to the system
The AWS Well-Architected Framework provides guidance on building cloud based applications using AWS best practices. Which of the following options are the pillars mentioned in the AWS Well-Architected Framework? Select two. - Elasticity - Reliability - Availability - Scalability - Cost Optimization
- reliability - cost optimization
Due to regulatory and compliance reasons, an organization is supposed to use a hardware device for any data encryption operations in the cloud. Which AWS service can be used to meet this compliance requirement? - AWS Key Management Service (AWS KMS) - AWS Trusted Advisor - AWS Secrets Manager - AWS CloudHSM
AWS CloudHSM... cloud-based hardware security module (HSM) that enables you to easily generate and use your encryption keys on the AWS Cloud.
A developer has written a simple web application in PHP and he wants to just upload his code to AWS Cloud and have AWS handle the deployment automatically but still wants access to the underlying operating system or further enhancements. As a Cloud Practitioner, which of the following AWS services would you recommend for this use-case? - AWS Elastic Beanstalk - Amazon EC2 - AWS CloudFormation - Amazon Elastic Container Service (ECS)
AWS Elastic Beanstalk - for deploying and scaling web applications and services
Which AWS support plan provides access to a designated Technical Account Manager (TAM)? - AWS Business Support - AWS Developer Support - AWS Enterprise On-Ramp Support - AWS Enterprise Support
AWS Enterprise Support
Which service gives a personalized view of the status of the AWS services that are part of your Cloud architecture so that you can quickly assess the impact on your business when AWS service(s) are experiencing issues? - AWS Health- Service Health Dashboard - Amazon CloudWatch - Amazon Inspector - AWS Health- Your Account Health Dashboard
AWS Health - your account health dashboard
Which AWS service publishes up-to-the-minute information on the general status and availability of all AWS services in all the Regions of AWS cloud? - AWS health Dashboard- service health - AWS Health Dashboard- your account health - AWS CloudFormation - Amazon CloudWatch
AWS Health Dashboard- service health
Which of the following AWS services is essential for implementing security of resources in AWS Cloud? - AWS Web Application Firewall (AWS WAF) - AWS Shield - AWS Identity and Access Management (IAM) - Amazon CloudWatch
AWS Identity and Access Management (IAM)
A social media company wants to protect its web application from common web exploits such as SQL injection and cross-site scripting. Which of the following AWS services can be used to address this use-case? - Amazon Inspector - Amazon GuardDuty - AWS CloudWatch - AWS Web Application Firewall
AWS Web Application Firewall (AWS WAF)
A company's flagship application runs on a fleet of Amazon Elastic Compute Cloud (EC2) instances. As per the new policies, the system administrators are looking for the best way to provide secure shell access to Amazon Elastic Compute Cloud (EC2) instances without opening new ports or using public IP addresses. Which tool/service will help you achieve this requirement? - AWS Systems Manager Session Manager - Amazon Route 53 - Amazon Elastic Compute Cloud (EC2) - Amazon Inspector
Amazon EC2 Instance Connect
Which AWS service can be used to provision resources to run big data workloads on Hadoop clusters? - AWS Step Functions - Amazon EMR - Amazon Elastic Compute Cloud (EC2) - AWS Batch
Amazon EMR... industry-leading cloud big data platform for processing vast amounts of data using open source tools such as Hadoop, Apache Spark, etc.
Which AWS compute service provides the EASIEST way to access resizable compute capacity in the cloud with support for per-second billing and access to the underlying OS? - Amazon EC2 - Amazon Elastic Container Service (ECS) - Amazon Lightsail - AWS Lambda
Amazon Elastic Compute Cloud (EC2)
Which AWS service should be used when you want to run container applications, but want to avoid the operational overhead of scaling, patching, securing, and managing servers? - AWS Lambda - Amazon Elastic Container Service (ECS)- EC2 launch type - Amazon EC2 - Amazon Elastic Container Service (ECS)- Fargate launch type
Amazon Elastic Container Service (ECS) - Fargate launch type
A fleet of Amazon EC2 instances spread across different AZs needs to access, edit, and share file-based data stored centrally on a system. As a Cloud Practitioner, which AWS service would you recommend for this use case? - EC2 Instance Store - Amazon Elastic Block Store (Amazon EBS) - Amazon Simple Storage Service (Amazon S3) - Amazon Elastic File System (EFS)
Amazon Elastic File Sytem (EFS)
A company wants a fully managed, flexible, and scalable file storage system, with low latency access, for its Windows-based applications. Which AWS service is the right choice for the company? - Amazon FSx for Lustre - Amazon Elastic File System (EFS) - Amazon FSx for Windows File Server - Amazon Elastic Block Storage (EBS)
Amazon FSx for Windows File Server
A company is using a message broker service on its on-premises application and wants to move this messaging functionality to AWS cloud. Which of the following AWS services is the right choice to move the existing functionality easily? - Amazon Simple Queue Service (SQS) - Amazon Kinesis Data Streams - Amazon MQ - Amazon Simple Notification Service (Amazon SNS)
Amazon MQ - Managed message broker service
What is the primary benefit of deploying an Amazon RDS Multi-AZ database with one standby? - Amazon RDS Multi-AZ enhances database availability - Amazon RDS Multi-AZ reduces database usage costs - Amazon RDS Multi-AZ protects the database from a regional failure - Amazon RDS Multi-AZ improves database performance for read-heavy workloads
Amazon RDS Multi-AZ enhances database availability
Which of the following AWS services comes under the SaaS Cloud Computing Type? - Amazon EC2 - AWS Elastic Compute Cloud - Elastic Load Balancing (ELB) - Amazon Rekognition
Amazon Rekognition... use to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise.
Which AWS service can be used to store, manage, and deploy Docker container images? - Amazon Elastic Container Registry (Amazon ECR) - AWS Lambda - Amazon Elastic Compute Cloud (Amazon EC2) - Amazon Elastic Container Service (ECS)
Amazon elastic container registry (ECR)... ECS DOES NOT store and deploy docker container images!!
A customer has created a VPC and a subnet within AWS Cloud. Which of the following statements is correct? - Both the Amazon VPC and the subnet span all of the AZs in the Region - A subnet spans all of the AZs in the Region whereas a VPC spans only one AZ in the Region - Both the Amazon VPC and the subnet span only one AZ in the Region - An Amazon VPC spans all of the AZs in the Region whereas a subnet spans only one AZ in the region
An Amazon Virtual Private Cloud (Amazon VPC) spans all of the Availability Zones (AZ) in the Region whereas a subnet spans only one AZ in the Region
An organization deploys its IT infrastructure in a combination of its on-premises data center along with AWS Cloud. How would you categorize this deployment model? - Cloud deployment - Hybrid deployment - Private deployment - Mixed deployment
Hybrid deployment
Access Key ID and Secret Access Key are tied to which of the following AWS Identity and Access Management (AWS IAM) entities? - IAM Role - IAM User - IAM Policy - IAM User Group
IAM user
Which Amazon EC2 pricing model is the most cost-effective and flexible with no requirement for a long term resource commitment or upfront payment but still guarantees that instance would not be interrupted? - Reserved Instance (RI) - Dedicated Host - Spot Instance - On-demand Instance
On-demand instance - only pay for the seconds that your instances are running
A photo sharing web application wants to store thumbnails of user-uploaded images on Amazon S3. The thumbnails are rarely used but need to be immediately accessible from the web application. The thumbnails can be regenerated easily if they are lost. Which is the most cost-effective way to store these thumbnails on S3? - Use Amazon S3 Standard to store the thumbnails - Use Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) to store thumbnails - Use Amazon S3 Standard-Infrequent Access (S3 Standard IA) to store the thumbnails - Use Amazon S3 Glacier Flexible Retrieval to store the thumbnails
Use Amazon S3 One Zone-Infrequent Access (S3 One-Zone-IA) to store the thumbnails