AWS Cloud Practitioner Exam
What type of internal Amazon user can be created to mimic a service, application, or person that has access to AWS resources?
IAM user
You want to monitor service limits related to Elastic IP addresses that are being used, active snapshots, and EBS volumes. Which service would you use?
AWS Trusted Advisor
Which of the following AWS offers falls under the AWS free Tier and will never expire?
25 read capacity units, 25 GB of storage capacity and 25 units of write capacity using a DynamoDB
What is the total number of Virtual Private Clouds (VPCs) you can have within an individual region?
5
You are working on the development of multiple applications. Each application is in a different stage of the software development lifecycle process. You plan on implementing the development of these applications within AWS infrastructure and need an automated approach for building, testing, and deploying these applications. You also want to be able to see the big picture from a development perspective and to establish a consistent release plan as changes occur. What AWS resource can meet these requirements?
AWS CodePipeline
Your boss wants you to run a report where you can see the monthly cost breakdown by AWS service and potential future costs. Which tool would you use to see this type of report?
AWS Cost Explorer
What is an Amazon solution for creating a logical private connection between a remote network and an Amazon VPC?
AWS Direct Connect
Which of these will you use to achieve regulatory compliance on AWS by enforcing encryption for data at rest and in transit?
AWS IAM
You work for a large hospital as a Sysops administrator. You need to grant an outside user temporary access to an EC2 instance that you created within your VPC environment. You need to restrict access to a specific user, aws user_carl, and then you want to limit their access to AWS Certification Manager (ACM). Which type of policy would best meet this requirement?
AWS Inline Policy
Which of these services allow you to use serverless computing for a Web backend processing application?
AWS Lambda
You need to configure a new AWS deployment for your company. For this, you need to get an estimate on the possible amount you will have to pay for making this new deployment. Which of these will you utilize for this?
AWS Pricing Calculator
You need to determine the costs for moving from your current on premise system to a viable AWS Cloud solution. Which of the following options would you use for creating a hierarchical estimate of costs which are grouped by the various sections of your organization's architecture?
AWS Pricing Calculator
You need expert guidance on how your company needs to meet security and compliance requirements and implement best practices while making a migration to the AWS Cloud. Which resource would you use to best suit this need?
AWS Security Competency Partners
What is the purpose behind configuring dynamic architectures for growth and elasticity on AMS?
AWS usage should be focused on building applications spread across multiple availability zones and regions
Which two tasks can you complete using AWS Artifact? Choose two
Access agreements made with AWS, Locate AWS compliance reports
You are a sysops engineer for a company that manages the distribution of music for a large record label. Music is downloaded all across North America. Certain areas geographically download large amount of music as compared to other less populated areas. However, you are seeing a trend of customers complaining about the time it takes to download their music. What would be the most cost efficient solution?
Amazon CloudFront
What AWS database is considered serverless and provides a NoSQL database with millisecond latency?
Amazon DynamoDB
What type of storage option is a regional service that gives you the ability to store and manage files within the AWS Cloud?
Amazon EFS
What Amazon resource implements security vulnerability assessments by improving the compliance and security of an application within an Amazon EC2 environment?
Amazon Inspector
You work for a company that has several AWS resources which consists of seven Amazon EC2 Instances that support several back-end databases. You are under constant pressure from the security dept. to make sure that these EC2 instances comply with the company's best security practices and stay within the company's strict compliance rules. Which of the following Amazon resources would you use to meet this requirement?
Amazon Inspector
As it relates to the shared responsibility model, which security option is the customer's responsibility?
Amazon Machine Images (AMIs)
Which service allows you to create and manage several different types of databases within the cloud?
Amazon RDS
If you wanted to route internet traffic to your specific domain, what AWS resource should you use?
Amazon Route 53
Your manager tells you to find and Amazon cloud solution that has scalable object-level storage with a durability level of 99.9999999%, while having frequent access to data. What should you choose?
Amazon S3
How would you respond to your boss if he asked you the difference between Amazon Simple Storage Service (Amazon S3) and Elastic Block Storage (EBS)? Choose all that apply
Amazon S3 uses buckets to store objects, The objects that are stored within and Amazon S3 bucket hold both metadata and data
Which of these statements correctly defines an Availability Zone?
An isolated part of the AWS Global Infrastructure
What is a required step for you to create a public subnet to use the internet?
Attach an Internet Gateway (IGW) to your VPC
What type of automatic monitoring is available only in 5-minute increments when monitoring a newly created EC2 instance?
Basic
What type of application could you use if you wanted to install security patches or service packs beyond the patch level from AMI?
Bootstrapping
What is the name of a Trojan or a worm that has infiltrated a fleet of EC2 instances that can be controlled by an external or remote user with malicious intent?
Botnets
Which two features are part of AWS Organizations? Choose two.
Consolidating billing for multiple accounts, Controlling permission for accounts using SCPs.
What concept is related to increasing data retrieval rates by placing viable data into a static memory buffer for future use?
Caching
Which of the following is considered a true advantage of cloud technology when decoupling from a data center?
Changing resources dynamically based on seasonal needs
You are creating an IAM policy using the visual editor from the IAM console. Which two key components will you be prompted to provide? Choose two
Choose a service, Select an action
Which AWS service would you use to improve communication with your users that are located far from your existing AWS Regions?
CloudFront
What type of abuse is caused when an Amazon EC2 server is not patched and could be infected with a virus, worm, or Trojan horse?
Compromised resource
As a sysops administrator, you need to have a fundamental understanding of the costs associated with your AWS resources. You are tasked with looking at usage reports of all the costs associated with your AWS infrastructure. You also need to review the last thirteen months with the ability to forecast costs for the next three months. What resource could you use to meet this requirement?
Cost Explorer
It is important that as you transition from your on premise system into the Amazon Cloud that you focus on savings as you design your Amazon infrastructure and as you plan for your data migration. Which AWS well architected framework pillar is focused on the logical and functional requirements and the overall refinement of the smallest price point available in a system?
Cost Optimization
Which of the following is considered a security best practice for an operating system or application?
Create a primary function for the Amazon EC2 instance, such as separating web servers from database servers
You are responsible for understanding the shared responsibility model. You need to articulate the difference between the responsibility of the customer and AWS. Under the shared responsibility model, which type of control is not considered a shared control?
Customer-specific controls
Which of these AWS support plans includes access to the concierge?
Enterprise
You need to allow your development team to efficiently package application code and its dependencies together to be used across different systems. Which of these are container orchestration tools you use on AWS?
ECS, EKS
You need to suggest key technologies your company can leverage on its AWS Cloud for it operations. Which of these AWS services can you use for block storage of data? Choose two
EFS, EBS
Which of the following statements is true regarding Elastic IP addresses (EIPs)?
EIPs have associated costs whether they are used or not.
Which two statements are true regarding AWS Regions and Availability Zones? Choose two
Each AZ has several data centers, A Region can have several AZs
What security option gives you the ability to manage permissions for several different users at one time while controlling access to specific AWS resources?
IAM group
Amazon's shared responsibility model for infrastructure services, including EC2, states that Amazon is responsible for which three security components?
Facilities, Physical security of hardware, virtualization infrastructure
In which two situations would you utilize the Amazon DynamoDB database? Choose two
For using a serverless database system, Catering to up to 45 million requests per second
You are a system operator focusing on monitoring a group of servers within the AWS infrastructure and a group of servers that are on-premises. You are tasked with monitoring metrics at the system level for both groups of servers within a universal dashboard. How would you accomplish this task? Choose Two
Install the CloudWatch agent, Configure the metrics dashboard within CloudWatch
Which of these are cost-related benefits of using a cloud deployment with AWS? Choose two
Lesser TCO, Less CapEx
For which purpose would you use an IAM credentials report?
List the status of IAM user MFA devices
Which Amazon Elastic Block Storage (EBS) storage type provides cost-effective storage for data that is typically accessed infrequently, with an IOPS of around 100?
Magnetic volumes
You need to select the correct computing options for your company's workloads. Which EC2 instance type would be the right choice for workloads that process datasets for high-performance databases?
Memory optimized
You are guiding an application development team to design a new system that needs to be high performing and resilient. Which architecture type should you implement to ensure that the failure of a single component does not bring the whole system down?
Microservices-based
If you want to access the Internet from your Amazon EC2 Instance and not use a public IP address, which networking component would you use to access the Internet?
NAT Gateway
You have been managing your current production workload with several Reserved Instances for about 15 months. However, you have noticed a small and progressive increase in overall workload and want to make sure your EC2 infrastructure can handle the bandwidth to support the increased workload. What type of instance would meet this requirement?
On-Demand Instance
You are a web server administrator and you support web servers that are very busy. Your web servers are experiencing issues with high CPU and abnormal spikes in memory because of unpredictable workloads. What type of Amazon EC2 instances could you use to meet this requirement.
On-Demand Instances
Which of these is a private cloud deployment?
On-Premise
You work for a company that manages cellular phone data. The company has just started migrating their first set of applications to the AWS infrastructure. As the system administrator, you want to make sure the tech team is using AWS best practices as they migrate their credentials into AWS. Which two options will meet these requirements? Choose two.
Only grant access to resources using least privilege, Create IAM roles when you create EC2 instances
When does Amazon DynamoDB encrypt data at rest?
Only when you create a new table structure?
Which pillar of the AWS Well-Architected framework covers the capability for effective running of workloads and gaining insight into their operations?
Operational Excellence
Which of the following is a database instance type offered by Amazon RDS?
Oracle
Which form of data security is implemented by Amazon Workspaces for users when they access their remote desktop?
PCoIP
Which perspective of the AWS Cloud Adoption Framework would you use to gain knowledge on updating the skills of the company staff and all company processes?
People
You are creating a news reporting application and need a way to provide text-to-speech capabilities that has lifelike speech and can simulate accents. What would you use for this?
Polly
You work for a large company that manages electronic patient records. The primary application is configured with a load balancer that is used to evenly distribute the workload between two production EC2 instances. You are tasked with making sure the connection from the client medical facilities and the load balancer is properly secured by using the appropriate SSL security policy. What policy would you choose to accomplish this task?
Predefined Security Policy
Which of the following options would describe a location where an AWS cluster datacenter is located?
Region
Your boss wants you to find an inexpensive cloud solution that will support a production environment longer than three years that uses a Linux platform. What type of instance will meet this requirement?
Reserved instance
You are supporting an application that requires that the EC2 instance be shut down after 5:00PM every day. You want to make sure this is done automatically so you have configured the shutdown processing to use a Lambda function. For some reason, the application binaries are sporadically being corrupted and the corruption is related to the shutdown process. Which of the following components can be used to identify the faulty EC2 Instance?
Resource Tagging
When you create and manage an Amazon RDS environment, there are no setup fees and no minimums to be concerned with. Which option specifies how you would be billed?
Running time
You are instructed to create an AWS RDS database environment. At the same time, you are advised that you need to understand how you are going to be billed based on your research and design of the newly created RDS environment. As of today, your EC2 instance has been connected for 8 hours and 45 minutes. Keep in mind there are no setup fees and no minimums to be concerned with. Which billing option specifies how you would be billed?
Running time
You need to select an AWS data storage option for your company, but you are presently unsure of the access patterns of your data objects. Which would be the right storage class you should use?
S3 Intelligent-Tiering
Your company has several AWS Cloud accounts and VPCs in all of them. You need to integrate several VPCs into a much larger network. Which two connectivity options can you use for this? Choose two.
Software Site-to-Site VPN, AWS Transit Gateway
Which AWS Service would you need to use for creating a microservices-based system architecture allowing applications' components to communicate with each other?
SQS (Simple Queue Service) pulls ands pushes messages to and from the queue.
Your company wants to minimize its costs while using AWS compute resources. It is willing to commit to a consistent level of compute resource usage for the next three years. Which AWS compute option should you use for maximum cost savings?
Savings plan model
Which of the following options describes a responsibility of the decider that is used within Amazon's Simple Workflow Service (SWF)?
Schedule activity tasks and provide input data to the activity workers
You are managing several Amazon EC2 instances that you just created. You need to configure an AWS firewall to protect the traffic coming in to the application that has been installed on top of the EC2 instances. You also want to understand the shared responsibility model. What is the name of the AWS provided firewall, and who is responsible for its setup and configuration?
Security Group, and it is the customer's responsibility
What part of an Amazon Virtual Private Cloud (VPC) is considered stateful?
Security groups
Your company is evaluating the security implications of moving its data to the AWS Cloud. As per the AWS shared responsibility model, which of these are the responsibility of AWS? (Choose Two)
Security of servers running EC2 Instances, Data center security
Which two support cases can you create using AWS Support from the AWS Management Console? Choose two
Service Limit Increase, Account and Billing
You are on a security team and you need to lock down an IAM user account. Which option would you select? Choose all that apply
Set a password policy on the account, Add a condition to the policy that only grants permissions based on a specific IP address, Use MFA on the IAM user account.
You are considering the use of Elastic Load Balancing on your AWS Cloud deployment. What purpose would it serve on the cloud environment?
Splitting incoming traffic among several instances
You are working for a large data warehousing company that processes geographic data information. You support a vendor batch processing application that runs on two EC2 instances. The batch process runs for several hours and starts at 6:00am, 9:00am, and 3:00pm. The batch process aggregates the data and send it to the front-end application. This application does experience a sporadic increase in resource utilization during these times. What is the most cost effective solution for this application?
Spot Instances
You work for a company that created several production servers within Amazon's infrastructure, but costs are rising and your management has asked you to reduce the costs associated with your Amazon infrastructure. Which option below would be best?
Stopping or resizing your EC2 instances
You work for a financial services company, and you need to find a way to automatically detect and analyze handwritten notes inside of financial reports. Which AWS service should you use?
Textract
You need to find a way to achieve elasticity for your AWS system. What would you do for this?
Use Amazon EC2 Auto Scaling
The company you work for wants to cut monitoring costs down on all new EC2 instances. The goal is to display a CPU dashboard with metrics at one-minute intervals. You need to implement this request in the most efficient and cost effective manner. Which two options would you select?
Use CloudWatch to create a dashboard, Use detailed monitoring for each EC2 instance.
You are required to manage large data stores in multiple locations. Your current database technology uses an Amazon RDS-MySQL solution to manage the entire data store. The key requirement for your job role is to make sure that the database is available when there is any type of database or infrastructure failure. You also need to make sure that the backup is done efficiently and is implemented within the smallest amount of time. What feature would you use to accomplish this?
Use Multi-AZ
Your company has just hired you as an AWS resource. It is your responsibility to start working with AWS and to get multiple IT employees trained on how to properly use and support your AWS infrastructure. Who is responsible for training your IT employees?
The customer is responsible for training their IT employees
Which two activities will a database company need to pay special attention to so that it can grow its business value?
The way its data tables are built, The methods used for creating its data structures
What third party encryption software can be used to encrypt data at rest on an Amazon EBS volume for both Linux and Windows operating systems?
TrueCrypt
As your company's AWS Cloud Administrator, you have just logged in as the root user for the first time. What should you do immediately as a security best practice?
Turn on MFA for the root account
You are managing several production EC2 instances that use a public-facing subnet. You have three new employees on the east coast and twelve new employees on the west coast. You need to give all the employees access to your VPC, but each employee will need different forms of access within AWS and user account created. What is your most effective solution?
Use AWS Organizations and service control policies.
You need to migrate a MySQL database from your existing on-premise data center to an Amazon RDS database instance on the AWS Cloud. Which of these methods can you use for this? Choose two.
Using MySQL tools, Using AWS DMS
Which Amazon resource could you use to gather IP addresses for subnets classified as private within your VPC infrastructure?
VPC Flow Logs
What security requirements does Amazon recommend for securing operating systems and applications related to AMIs?
Verify least privilege checks using the IAM user access advisor on all AMIs
What kind of strategy does Amazon offer for situations regarding accidental deletion within Amazon S3?
Versioning
Which two actions can you perform using AWS Cost Explorer? Choose two
View costs of resources by tags, View your top five cost consuming resources
You are asked by the development team in your company to help them find a way to further optimize their main Web application. For this you need to know key details about requests served by the application. What will you use for this?
X-Ray
What is the main reason for using an Elastic IP address associated with your Virtual Private Cloud account?
You have the ability to move network attributes from one instance to another in one single step.