AWS Cloud Practitioner Study Questions
Which component or service enables you to establish a dedicated private connection between your data center and virtual private cloud (VPC)? Amazon CloudFront Internet gateway AWS Direct Connect Virtual private gateway
AWS Direct Connect
Which service is used to quickly deploy and scale applications on AWS? AWS Elastic Beanstalk AWS Snowball AWS Outposts Amazon CloudFront
AWS Elastic Beanstalk
10. With which of the following can you run code without provisioning or managing servers and pay only for the compute time consumed (there is no charge when the code is not running)? AWS Alpha AWS Beta AWS Lambda AWS Omicron
AWS Lambda
Which AWS services can be used as infrastructure automation tools? (Select TWO.) Amazon QuickSight AWS Batch AWS OpsWorks AWS CloudFormation Amazon CloudFront
AWS OpsWorks AWS CloudFormation
Which AWS service or feature can be used to restrict the individual API actions that users and roles in each member account can access? AWS IAM AWS Shield Amazon Macie AWS Organizations
AWS Organizations
Which service enables you to consolidate and manage multiple AWS accounts from a central location? AWS Identity and Access Management (IAM) AWS Key Management Service (AWS KMS) AWS Artifact AWS Organizations
AWS Organizations.
How can a company separate costs for storage, Amazon EC2, Amazon S3, and other AWS services by department? Create a separate VPC for each department Use AWS Organizations Create a separate AWS account for each department Add department-specific tags to each resource
Add department-specific tags to each resource
You want to store data in a volume that is attached to an Amazon EC2 instance. Which service should you use? Amazon Simple Storage Service (Amazon S3) AWS Lambda Amazon Elastic Block Store (Amazon EBS) Amazon ElastiCache
Amazon Elastic Block Store (Amazon EBS).
Which service is used to run containerized applications on AWS? Amazon Elastic Kubernetes Service (Amazon EKS) Amazon Aurora Amazon SageMaker Amazon Redshift
Amazon Elastic Kubernetes Service (Amazon EKS).
A company requires a dashboard for reporting when using a business intelligence solution. Which AWS service can a Cloud Practitioner use? Amazon Redshift Amazon Athena Amazon Kinesis Amazon QuickSight
Amazon QuickSight
You are running an Amazon EC2 instance and want to store data in an attached resource. Your data is temporary and will not be kept long term. Which resource should you use? Amazon S3 bucket Instance store Subnet Amazon Elastic Block Store (Amazon EBS) volume
Instance Store
Which of the following is an advantage for a company running workloads in the AWS Cloud vs on-premises? (Select TWO.) Increased productivity for application development teams. Lower overall utilization of server and storage systems. Less staff time is required to launch new workloads. Increased time to market for new application features. Higher acquisition costs to support elastic workloads.
Less staff time is required to launch new workloads. Increased productivity for application development teams.
7. Which of the following allows you to bid on spare Amazon EC2 computing capacity? Auto Scaling Reserved Instances Spot Instances Convertible Instances
Spot Instances
Which statement is TRUE for AWS Lambda? You pay only for compute time while your code is running. The first step in using AWS Lambda is provisioning a server. Before using AWS Lambda, you must prepay for your estimated compute time. To use AWS Lambda, you must configure the servers that run your code.
You pay only for compute time while your code is running.
Which statement best describes Amazon GuardDuty? A service that checks applications for security vulnerabilities and deviations from security best practices A service that lets you monitor network requests that come into your web applications A service that provides intelligent threat detection for your AWS infrastructure and resources A service that helps protect your applications against distributed denial-of-service (DDoS) attacks
A service that provides intelligent threat detection for your AWS infrastructure and resources.
9) Which service would be used to send alerts based on Amazon CloudWatch alarms? A) Amazon Simple Notification Service (Amazon SNS) B) AWS CloudTrail C) AWS Trusted Advisor D) Amazon Route 53
A) Amazon Simple Notification Service (Amazon SNS)
Your company wants to move an existing Oracle database to the AWS Cloud. Which of the following services can help facilitate this move? A. AWS Database Migration Service B. AWS VM Migration Service C. AWS Inspector D. AWS Trusted Advisor
A. AWS Database Migration Service
A company has a website that delivers static content from an Amazon S3 bucket to users from around the world. Which AWS service will deliver the content with low latency? AWS Elastic Beanstalk AWS Lambda AWS Global Accelerator Amazon CloudFront
AWS CloudFront
Which service enables you to review details for user activities and API calls that have occurred within your AWS environment? Amazon CloudWatch Amazon Inspector AWS Trusted Advisor AWS CloudTrail
AWS Cloudtrail
Which tool is used to automate actions for AWS services and applications through scripts? AWS Snowball Amazon Redshift AWS Command Line Interface Amazon QLDB
AWS Command Line Interface
Which tool enables you to visualize, understand, and manage your AWS costs and usage over time? AWS Pricing Calculator AWS Artifact AWS Budgets AWS Cost Explorer
AWS Cost Explorer
A company needs protection from distributed denial of service (DDoS) attacks on its website and assistance from AWS experts during such events. Which AWS managed service will meet these requirements? AWS Shield Advanced Amazon GuardDuty AWS Firewall Manager AWS Web Application Firewall
AWS Shield Advanced
Which service is used to transfer up to 100 PB of data to AWS? Amazon Neptune Amazon CloudFront AWS DeepRacer AWS Snowmobile
AWS Snowmobile
Which service enables you to build the workflows that are required for human review of machine learning predictions? Amazon Lex Amazon Augmented AI Amazon Textract Amazon Aurora
Amazon Augmented AI
You want to store data in a key-value database. Which service should you use? Amazon DynamoDB Amazon Aurora Amazon RDS Amazon DocumentDB
Amazon DynamoDB.
A company needs to publish messages to a thousands of subscribers simultaneously using a push mechanism. Which AWS service should the company use? AWS Step Functions Amazon Simple Notification Service (Amazon SNS) Amazon Simple Workflow Service (SWF) Amazon Simple Queue Service (Amazon SQS)
Amazon Simple Notification Service (Amazon SNS)
You want to send and receive messages between distributed application components. Which service should you use? Amazon Simple Queue Service (Amazon SQS) Amazon ElastiCache Amazon Route 53 AWS Snowball
Amazon Simple Queue Service (Amazon SQS).
According to the shared responsibility model, which security-related task is the responsibility of the customer? Maintaining physical networking configuration. Securing servers and racks at AWS data centers. Maintaining firewall configurations at a hardware level. Maintaining server-side encryption.
Maintaining server-side encryption.
Which tasks are the responsibilities of AWS? (Select TWO.) Configuring security groups on Amazon EC2 instances Creating IAM users and groups Configuring AWS infrastructure devices Training company employees on how to use AWS services Maintaining virtualization infrastructure
Maintaining virtualization infrastructure Configuring AWS infrastructure devices
4. With which pricing model do you pay for compute capacity by the hour with no required minimum commitments? Starter Package Limited Determinant On-Demand Instances Reserved Instances
On-Demand Instances
A user has an AWS account with a Business-level AWS Support plan and needs assistance with handling a production service disruption. Which action should the user take? Contact the dedicated Technical Account Manager Open a business-critical system down support case Open a production system down support case Contact the dedicated AWS Concierge Support team
Open a production system down support case
Which Perspective of the AWS Cloud Adoption Framework focuses on recovering IT workloads to meet the requirements of your business stakeholders? Business Perspective People Perspective Governance Perspective Operations Perspective
Operations Perspective.
Trusted Advisor category includes checks for your service limits and overutilized instances? Fault Tolerance Performance Cost Optimization Security
Performance
Which pillar of the AWS Well-Architected Framework focuses on using computing resources in ways that meet system requirements?
Performance Efficiency
Which migration strategy involves changing how an application is architected and developed, typically by using cloud-native features? Rehosting Replatforming Repurchasing Refactoring
Refactoring.
What does RDS stand for?
Relational Database Service
You want Amazon S3 to monitor your objects' access patterns. Which storage class should you use? S3 One Zone-IA S3 Intelligent-Tiering S3 Standard-IA S3 Glacier
S3 Intelligent-Tiering
In the S3 Intelligent-Tiering storage class, Amazon S3 moves objects between a frequent access tier and an infrequent access tier. Which storage classes are used for these tiers? (Select TWO.) S3 Standard-IA S3 Standard S3 One Zone-IA S3 Glacier Deep Archive S3 Glacier
S3 Standard S3 Standard-IA
A Cloud Practitioner requires point-in-time recovery (PITR) for an Amazon DynamoDB table. Who is responsible for configuring and performing backups? AWS is responsible for configuring and the user is responsible for performing backups. The customer is responsible for configuring and AWS is responsible for performing backups. AWS is responsible for both tasks. The customer is responsible for both tasks.
The customer is responsible for configuring and AWS is responsible for performing backups.
8. With EC2 instances, which of the following is a snapshot of a particular state of that resource? portrait golden image thumbnail sketch select trace
golden image
3. With HTTP and HTTPS traffic, what feature of an Application Load Balancer can be used to bind a user's session to a specific instance? sticky sessions blobs Lambda Pipermanence persistence
sticky sessions
6. Amazon S3 Storage Glacier is a long-term storage solution that currently starts at what rate per GB per month? $0.009 $0.004 $0.002 $0.001
$0.004
Network layer #?
3
Transport layer #?
4
Application layer #?
7
1. With Amazon S3, Standard Storage is designed to provide 99.999999999 percent durability and what percent availability? 99.99 99.9999 99.9 99.999
99.99
Which statement best describes AWS Marketplace? An online tool that inspects your AWS environment and provides real-time guidance in accordance with AWS best practices A digital catalog that includes thousands of software listings from independent software vendors A resource that provides guidance, architectural reviews, and ongoing communication with your company as you plan, deploy, and optimize your applications A resource that can answer questions about best practices and assist with troubleshooting issues
A digital catalog that includes thousands of listings from independent software vendors
Which statement best describes an Availability Zone? A fully isolated portion of the AWS global infrastructure The server from which Amazon CloudFront gets your files A site that Amazon CloudFront uses to cache copies of content for faster delivery to users at any location A separate geographical location with multiple locations that are isolated from each other
A separate geographical location with multiple locations that are isolated from each other
Which statement best describes Elastic Load Balancing? A service that provides data that you can use to monitor your applications, optimize resource utilization, and respond to system-wide performance changes A service that distributes incoming traffic across multiple targets, such as Amazon EC2 instances A service that monitors your applications and automatically adds or removes capacity from your resource groups in response to changing demand A service that enables you to set up, manage, and scale a distributed in-memory or cache environment in the cloud
A service that distributes incoming traffic across multiple targets, such as Amazon EC2 instances.
A website for an international sport governing body would like to serve its content to viewers from different parts of the world in their vernacular language. Which of the following services provide location-based web personalization using geolocation headers? A. Amazon CloudFront B. Amazon EC2 Instance C. Amazon Lightsail D. Amazon Route 53
A. Amazon CloudFront
A business analyst would like to move away from creating complex database queries and static spreadsheets when generating regular reports for high-level management. They would like to publish insightful, graphically appealing reports with interactive dashboards. Which service can they use to accomplish this? A. Amazon QuickSight B. Business intelligence on Amazon Redshift C. Amazon CloudWatch dashboards D. Amazon Athena integrated with Amazon Glue
A. Amazon QuickSight
An organization runs several EC2 instances inside a VPC using three subnets, one for Development, one for Test, and one for Production. The Security team has some concerns about the VPC configuration. It requires restricting communication across the EC2 instances using Security Groups. Which of the following options is true for Security Groups related to the scenario? A. You can change a Security Group associated with an instance if the instance is in the running state. B. You can change a Security Group associated with an instance if the instance is in the hibernate state. C. You can change a Security Group only if there are no instances associated to it. D. The only Security Group you can change is the Default Security Group.
A. You can change a Security Group associated with an instance if the instance is in the running state.
A cloud practitioner needs to migrate a 70 TB of data from an on-premises data center into the AWS Cloud. The company has a slow and unreliable internet connection. Which AWS service can the cloud practitioner leverage to transfer the data? Amazon S3 Glacier AWS Snowball AWS Storage Gateway AWS DataSync
AWS Snowball
What does APN stand for?
AWS Partner Network
A company wants to utilize AWS storage. For them, low storage cost is paramount. The data is rarely retrieved and a data retrieval time of 13-14 hours is acceptable for them. What is the best storage option to use? A. Amazon S3 Glacier B. S3 Glacier Deep Archive C. Amazon EBS volumes D. AWS CloudFront
B. S3 Glacier Deep Archive
Which actions can you perform in Amazon Route 53? (Select TWO.) Automate the deployment of workloads into your AWS environment. Access AWS security and compliance reports and select online agreements. Monitor your applications and respond to system-wide performance changes. Connect user requests to infrastructure in AWS and outside of AWS. Manage DNS records for domain names.
Connect user requests to infrastructure in AWS and outside of AWS. Manage DNS records for domain names.
9. Which of the following from Amazon is an interactive query service used to analyze data in Amazon S3 using standard SQL and serverless (so you pay for the queries that you run)? Table Ware Wolfgang Xeon Athena
Athena
8) Which service can identify the user that made the API call when an Amazon EC2 instance is terminated? A) AWS Trusted Advisor B) AWS CloudTrail C) AWS X-Ray D) AWS Identity and Access Management (AWS IAM)
B) AWS CloudTrail
Which AWS service would simplify the migration of a database to AWS? A) AWS Storage Gateway B) AWS Database Migration Service (AWS DMS) C) Amazon EC2 D) Amazon AppStream 2.0
B) AWS Database Migration Service (AWS DMS)
6) Which component of the AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? A) AWS Regions B) Edge locations C) Availability Zones D) Virtual Private Cloud (VPC)
B) Edge locations
5) Which of the following is an AWS responsibility under the AWS shared responsibility model? A) Configuring third-party applications B) Maintaining physical hardware C) Securing application access and data D) Managing guest operating systems
B) Maintaining physical hardware
Which of the following services allows you to analyze EC2 Instances against pre-defined security templates to check for vulnerabilities? A. AWS Trusted Advisor B. AWS Inspector C. AWS WAF D. AWS Shield
B. AWS Inspector
A manufacturing firm has recently migrated their application servers to the Amazon EC2 instance. The IT Manager is looking for the details of upcoming scheduled maintenance activities which AWS would be performing on AWS resources, that may impact the services on these EC2 instances. Which of the following services can alert you about the changes that can affect resources in your account? A. AWS Organizations B. AWS Personal Health Dashboard C. AWS Trusted Advisor D. AWS Service Health Dashboard
B. AWS Personal Health Dashboard
Which of the following services can be used as an application firewall in AWS? A. AWS Snowball B. AWS WAF C. AWS Firewall D. AWS Protection
B. AWS WAF
Which of the below-listed services is a region-based AWS service? A. AWS IAM B. Amazon EFS C. Amazon Route 53 D. Amazon CloudFront
B. Amazon EFS
In the shared responsibility model for infrastructure services, such as Amazon Elastic Compute Cloud, which of the below two are customers responsibility? A. Network infrastructure B. Amazon Machine Images (AMIs) C. Virtualization infrastructure D. Physical security of hardware E. Policies and configuration
B. Amazon Machine Images (AMIs) E. Policies and configuration
Which of the following is the responsibility of the customer to ensure the availability and backup of the EBS volumes? A. Delete the data and create a new EBS volume. B. Create EBS snapshots. C. Attach new volumes to EC2 Instances. D. Create copies of EBS Volumes.
B. Create EBS snapshots.
According to AWS, what is the benefit of Elasticity? A. Minimize storage requirements by reducing logging and auditing activities B. Create systems that scale to the required capacity based on changes in demand C. Enable AWS to automatically select the most cost-effective services. D. Accelerate the design process because recovery from failure is automated, reducing the need for testing
B. Create systems that scale to the required capacity based on changes in demand
Your design team is planning to design an application that will be hosted on the AWS Cloud. One of their main non-functional requirements is given below:Reduce inter-dependencies so failures do not impact other components.Which of the following concepts does this requirement relate to? A. Integration B. Decoupling C. Aggregation D. Segregation
B. Decoupling
Which AWS service provides a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability? A. AWS RDS B. DynamoDB C. Oracle RDS D. Elastic Map Reduce
B. DynamoDB
Which of the following features of Amazon RDS allows for better availability of databases? Choose the answer from the options given below. A. VPC Peering B. Multi-AZ C. Read Replicas D. Data encryption
B. Multi-AZ
AWS offers two savings plans to enable more savings and flexibility for its customers, namely, compute saving plans and EC2 Instance Savings plans. Which of the below statement is FALSE regarding Saving Plans? A. Capacity Reservations are not provided with Saving Plans. B. Savings Plans are available for all the regions. C. Savings plans will apply on 'On-Demand Capacity Reservations' that customers can allocate for their needs. D. The prices for Savings Plans do not change based on the amount of hourly commitment.
B. Savings Plans are available for all the regions.
What best describes the "Principle of Least Privilege"? Choose the correct answer from the options given below. A. All users should have the same baseline permissions granted to them to use basic AWS services. B. Users should be granted permission to access only resources they need to do their assigned job. C. Users should submit all access requests in written form so that there is a paper trail of who needs access to different AWS resources. D. Users should always have a little more permission than they need.
B. Users should be granted permission to access only resources they need to do their assigned job.
Why is AWS more economical than traditional data centers for applications with varying compute workloads? A) Amazon EC2 costs are billed on a monthly basis. B) Users retain full administrative access to their Amazon EC2 instances. C) Amazon EC2 instances can be launched on demand when needed. D) Users can permanently run enough instances to handle peak workloads.
C) Amazon EC2 instances can be launched on demand when needed
7) How would a system administrator add an additional layer of login security to a user's AWS Management Console? A) Use Amazon Cloud Directory B) Audit AWS Identity and Access Management (IAM) roles C) Enable multi-factor authentication D) Enable AWS CloudTrail
C) Enable multi-factor authentication
Which of the following can be used to protect against DDoS attacks? Choose 2 answers from the options given below. A. AWS EC2 B. AWS RDS C. AWS Shield D. AWS Shield Advanced
C. AWS Shield D. AWS Shield Advanced
For which of the following AWS resources, the Customer is responsible for the infrastructure-related security configurations? A. Amazon RDS B. Amazon DynamoDB C. Amazon EC2 D. AWS Fargate
C. Amazon EC2
What is the AWS feature that enables fast, easy and secure transfers of files over long distances between your client and your Amazon S3 bucket? A. File Transfer B. HTTP Transfer C. Amazon S3 Transfer Acceleration D. S3 Acceleration
C. Amazon S3 Transfer Acceleration
Which of the following are the recommended resources to be deployed in the Amazon VPC private subnet? A. NAT Gateways B. Bastion Hosts C. Database Servers D. Internet Gateways
C. Database Servers
Which of the following LightSail Wizard allows the customers to "create a copy of the LightSail instance in EC2"? A. LightSail Backup B. LightSail Copy C. Upgrade to EC2 D. LightSail-EC2 snapshot
C. Upgrade to EC2
10) Where can a user find information about prohibited actions on the AWS infrastructure? A) AWS Trusted Advisor B) AWS Identity and Access Management (IAM) C) AWS Billing Console D) AWS Acceptable Use Policy
D) AWS Acceptable Use Policy
Which AWS offering enables users to find, buy, and immediately start using software solutions in their AWS environment? A) AWS Config B) AWS OpsWorks C) AWS SDK D) AWS Marketplace
D) AWS Marketplace
4) Which AWS networking service enables a company to create a virtual network within AWS? A) AWS Config B) Amazon Route 53 C) AWS Direct Connect D) Amazon Virtual Private Cloud (Amazon VPC)
D) Amazon Virtual Private Cloud (Amazon VPC)
A Cloud Practitioner is re-architecting a monolithic application. Which design principles for cloud architecture do AWS recommend? (Select TWO.) Implement loose coupling. Implement manual scalability. Rely on individual components. Use self-managed servers. Design for scalability.
Implement loose coupling. Design for scalability.
The ability to horizontally scale Amazon EC2 instances based on demand is an example of which concept? High availability Elasticity Economy of scale Agility
Elasticity
Which tasks can a user complete using the AWS Cost Management tools? (Select TWO.) Move data stored in Amazon S3 Standard to an archiving storage class to reduce cost. Create budgets and receive notifications if current or forecasted usage exceeds the budgets. Launch either EC2 Spot instances or On-Demand instances based on the current pricing. Delete all of your AWS resources with a single click. Automatically terminate AWS resources if budget thresholds are exceeded.
Create budgets and receive notifications if current or forecasted usage exceeds the budgets. Automatically terminate AWS resources if budget thresholds are exceeded.
What does CMK stand for?
Customer Master Key
A web administrator maintains several public and private web-based resources for an organisation. Which service can they use to keep track of the expiry dates of SSL/TLS certificates as well as updating and renewal? A. AWS Data Lifecycle Manager B. AWS License Manager C. AWS Firewall Manager D. AWS Certificate Manager
D. AWS Certificate Manager
Which of the following AWS services can be used to retrieve configuration changes made to AWS resources causing operational issues? A. Amazon Inspector B. AWS CloudFormation C. AWS Trusted Advisor D. AWS Config
D. AWS Config
Which tool can you use to forecast your AWS spending? A. AWS Organizations B. Amazon Dev Pay C. AWS Trusted Advisor D. AWS Cost Explorer
D. AWS Cost Explorer
Which AWS Support plan provides access to architectural and operational reviews, as well as 24/7 access to Cloud Support Engineers through email, online chat, and phone? Developer Enterprise Basic Business
Enterprise
Which Support plans include access to all AWS Trusted Advisor checks? (Select TWO.) AWS Free Tier Enterprise Business Developer Basic
Enterprise Business
Which action can you perform in Amazon CloudFront? Deliver content to customers through a global network of edge locations. Provision resources by using programming languages or a text file. Run infrastructure in a hybrid cloud approach. Provision an isolated section of the AWS Cloud to launch resources in a virtual network that you define.
Deliver content to customers through a global network of edge locations.
A manager is planning to migrate applications to the AWS Cloud and needs to obtain AWS compliance reports. How can these reports be generated? Create a support ticket with AWS Support. Download the reports from AWS Artifact. Contact the AWS Compliance team. Download the reports from AWS Secrets Manager.
Download the reports from AWS Artifact
AWS are able to continue to reduce their pricing due to: Reserved instance pricing Pay-as-you go pricing The AWS global infrastructure Economies of scale
Economies of scale
2. Amazon EMR offers what type of managed framework to process large amounts of data across dynamically scalable Amazon EC2 instances? NoSQL Hadoop Perl Mothball
Hadoop
Under the AWS shared responsibility model, which of the following is an example of security in the AWS Cloud? Firewall configuration Managing edge locations Physical security Global infrastructure
Firewall Configuration
Which of the following statements is correct about Amazon S3 cross-region replication? S3 buckets configured for cross-region replication can be owned by a single AWS account or by different accounts The source and destination S3 buckets cannot be in different AWS Regions Both source and destination S3 buckets must have versioning disabled The source S3 bucket owner must have the source and destination AWS Regions disabled for their account
S3 buckets configured for cross-region replication can be owned by a single AWS account or by different accounts
Which compute option reduces costs when you commit to a consistent amount of compute usage for a 1-year or 3-year term? Dedicated Hosts Savings Plans Reserved Instances Spot Instances
Savings Plans
Which virtual private cloud (VPC) component controls inbound and outbound traffic for Amazon EC2 instances? Internet gateway Security group Subnet Network access control list
Security Group