SET 1: PRACTICE QUESTIONS, ANSWERS & EXPLANATIONS
Which AWS service is primarily used for software version control? 1: AWS CodeCommit 2: AWS CodeStar 3: AWS Cloud9 4: AWS CodeDeploy
1: AWS CodeCommit
Which AWS service can an organization use to automate operational tasks on EC2 instances using existing Chef cookbooks? 1: AWS OpsWorks 2: AWS Service Catalog 3: AWS Config 4: AWS CodeDeploy
1: AWS OpsWorks
Which of the following is a method of backup available in the AWS cloud? 1: Amazon EBS Snapshots 2: Availability Zones 3: Amazon EFS File Systems 4: Amazon Route 53 Alias Record
1: Amazon EBS Snapshots
Which service supports the resolution of public domain names to IP addresses or AWS resources? 1: Amazon Route 53 2: Amazon CloudFront 3: Amazon SNS 4: Hosted Zones
1: Amazon Route 53
Which services can be used for asynchronous integration between application components? (Select TWO) 1: Amazon SQS 2: AWS Step Functions 3: Amazon EC2 Auto Scaling 4: AWS CloudFormation 5: AWS Route 53
1: Amazon SQS 2: AWS Step Functions
For which services does Amazon not charge customers? (Select TWO) 1: Amazon VPC 2: Amazon EBS 3: Amazon CloudFormation 4: Amazon S3 5: Amazon SNS
1: Amazon VPC 3: Amazon CloudFormation
What considerations are there when choosing which region to use? (Select TWO) 1: Data sovereignty 2: Available storage capacity 3: Latency 4: Pricing in local currency 5: Available compute capacity
1: Data sovereignty 3: Latency
Which AWS service can be used to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PC? 1: Elastic Transcoder 2: Elastic Beanstalk 3: Elastic Load Balancer 4: Auto Scaling
1: Elastic Transcoder
Which of the following are features of Amazon CloudWatch? (Select TWO) 1: It is used to gain system-wide visibility into resource utilization 2: It records an account activity and service events from most AWS services 3: It is used for auditing of API calls 4: It can be accessed via API, command-line interface, AWS SDKs, and the AWS Management Console 5: It provides visibility into user activity by recording actions taken on your account
1: It is used to gain system-wide visibility into resource utilization 4: It can be accessed via API, command-line interface, AWS SDKs, and the AWS Management Console
Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted? 1: On-Demand 2: Reserved 3: Spot 4: Dedicated Instance
1: On-Demand
Under the shared responsibility model, what are examples of shared controls? (Select TWO) 1: Patch management 2: Storage system patching 3: Physical and environmental 4: Configuration management 5: Service and Communications Protection
1: Patch management 4: Configuration management
Which types of pricing policies does AWS offer? (Select TWO) 1: Pay-as-you-go 2: Enterprise license agreement (ELA) 3: Non-peak hour discounts 4: Global usage discounts 5: Save when you reserve
1: Pay-as-you-go 5: Save when you reserve
Which of the following statements is correct in relation to consolidated billing? (Select TWO) 1: Paying accounts are independent and cannot access resources of other accounts 2: Used to consolidate billing across organizations 3: One bill is provided per AWS organization 4: Volume pricing discounts cannot be applied to resources 5: Only available to Enterprise customers
1: Paying accounts are independent and cannot access resources of other accounts 3: One bill is provided per AWS organization
The AWS global infrastructure is composed of? (Select TWO) 1: Regions 2: Clusters 3: Fault Zones 4: Availability Zones 5: IP subnets
1: Regions 4: Availability Zones
What is the scope of a VPC within a region? 1: Spans all Availability Zones within the region 2: Spans all Availability Zones globally 3: At least 2 subnets per region 4: At least 2 data centers per region
1: Spans all Availability Zones within the region
Which items can be configured from within the VPC management console? (Select TWO) 1: Subnets 2: Regions 3: Load Balancing 4: Auto Scaling 5: Security Groups
1: Subnets 5: Security Groups
What strategy can assist with allocating metadata to AWS resources for cost tracking and visibility? 1: Tagging 2: Labelling 3: Access Control 4: Categorizing
1: Tagging
Which statement below is incorrect in relation to Network ACLs? 1: They operate at the Availability Zone level 2: They support allow and deny rules 3: They are stateless 4: They process rules in order
1: They operate at the Availability Zone level
What advantages do you get from using the AWS cloud? (Select TWO) 1: Trade capital expense for variable expense 2: Stop guessing about capacity 3: Increased capital expenditure 4: Gain greater control of the infrastructure layer 5: Comply with all local security compliance programs
1: Trade capital expense for variable expense 2: Stop guessing about capacity
Which service records API activity on your account and delivers log files to an Amazon S3 bucket? 1: Amazon CloudWatch 2: Amazon S3 Event Notifications 3: AWS CloudTrail 4: Amazon CloudWatch Logs
3: AWS CloudTrail
Which tool enables you to visualize your usage patterns over time and to identify your underlying cost drivers? 1: AWS Simple Monthly Calculator 2: Total Cost of Ownership (TCO) Calculator 3: AWS Cost Explorer 4: AWS Budgets
3: AWS Cost Explorer
Which service can be used to help you to migrate databases to AWS quickly and securely? 1: AWS Key Management Service (KMS) 2: AWS Server Management Service (SMS) 3: AWS Database Migration Service (DMS) 4: AWS DataSync
3: AWS Database Migration Service (DMS)
A company plans to create a hybrid cloud architecture. What technology will allow them to create a hybrid cloud? 1: VPC Peering 2: Internet Gateway 3: AWS Direct Connect 4: Elastic Network Interface
3: AWS Direct Connect
Which service allows you to run code as functions without needing to provision or manage servers? 1: Amazon EC2 2: AWS CodeDeploy 3: AWS Lambda 4: Amazon EKS
3: AWS Lambda
Which storage service allows you to connect multiple EC2 instances concurrently using file-level protocols? 1: Amazon S3 2: Amazon EBS 3: Amazon EFS 4: Amazon Glacier
3: Amazon EFS
Which of the statements below is accurate regarding Amazon S3 buckets? (Select TWO) 1: Bucket names must be unique regionally 2: Buckets are replicated globally 3: Bucket names must be unique globally 4: Buckets are region-specific 5: Buckets can contain other buckets
3: Bucket names must be unique globally 4: Buckets are region-specific
What is the most cost-effective support plan that should be selected to provide at least a 1-hour response time for a production system failure? 1: Basic 2: Developer 3: Business 4: Enterprise
3: Business
Under the AWS shared responsibility model what is the customer responsible for? (Select TWO) 1: Physical security of the data center 2: Replacement and disposal of disk drives 3: Configuration of security groups 4: Patch management of infrastructure 5: Encryption of customer data
3: Configuration of security groups 5: Encryption of customer data
How can an organization compare the cost of running applications in an on-premise or colocation environment against the AWS cloud? 1: AWS Budgets 2: AWS Simple Monthly Calculator 3: TCO Calculator 4: AWS Cost Explorer
3: TCO Calculator
Which statement below is incorrect in relation to Security Groups? 1: They operate at the instance level 2: They support allow rules only 3: They are stateless 4: They evaluate all rules before making a decision
3: They are stateless
What can you use to quickly connect your office securely to your Amazon VPC? 1: Route Table 2: Internet Gateway 3: Direct Connect 4: AWS managed VPN
4: AWS managed VPN
Which service can be used to track the CPU usage of an EC2 instance? 1: Amazon CloudTrail 2: Amazon CloudFront 3: Amazon CloudFormation 4: Amazon CloudWatch
4: Amazon CloudWatch
Which AWS service allows you to connect to storage from on-premise servers using standard file protocols? 1: Amazon S3 2: Amazon EBS 3: Amazon Glacier 4: Amazon EFS
4: Amazon EFS
Which AWS support plan should you use if you need a response time of < 15 minutes for a business-critical system failure? 1: Basic 2: Developer 3: Business 4: Enterprise
4: Enterprise
What architectural best practice aims to reduce the interdependencies between services? 1: Services, Not Servers 2: Removing Single Points of Failure 3: Automation 4: Loose Coupling
4: Loose Coupling
A company would like to maximize their potential volume and Reserved Instance discounts across multiple accounts and also apply service control policies on member accounts. Which service or tool can they use to gain these benefits? 1: AWS Budgets 2: AWS Cost Explorer 3: AWS IAM 4: AWS Organizations
: "AWS Organizations"
A company plans to deploy a global commercial application on Amazon EC2 instances. The deployment solution be designed with the highest redundancy and fault tolerance. Based on this situation, how should the EC2 instances be deployed? 1: In a single Availability Zone in one AWS Region 2: In a single Availability Zone in two AWS Regions 3: Across multiple Availability Zones in one AWS Region 4: Across multiple Availability Zones in two AWS Regions
: "Across multiple Availability Zones in two AWS Regions"
.Which service allows you to automatically expand and shrink your application in response to demand? 1: AWS ElastiCache 2: Amazon Elastic Load Balancing 3: Amazon EC2 Auto Scaling 4: Amazon DynamoDB
: "Amazon EC2 Auto Scaling"
Which service can you use to provision a preconfigured server with little to no AWS experience? 1: Amazon Elastic Beanstalk 2: AWS Lambda 3: Amazon EC2 4: Amazon LightSail
: "Amazon LightSail"
Which AWS service can you use to install a third-party database? 1: Amazon RDS 2: Amazon DynamoDB 3: Amazon EC2 4: Amazon EMR
"Amazon EC2"
Which AWS service can be used to process a large amount of data using the Hadoop framework? 1: Amazon Athena 2: Amazon Kinesis 3: AWS Glue 4: Amazon EMR
"Amazon EMR"
1: A company stores copies of backups on Amazon S3 and requires rapid access but low resiliency. Which storage class is optimized for these requirements? 1: Amazon S3 Standard 2: Amazon S3 Glacier Deep Archive 3: Amazon S3 One Zone-Infrequent Access 4: Amazon S3 Glacier
"Amazon S3 One Zone-Infrequent Access"
Which benefit of the AWS Cloud eliminates the need for users to try estimating future infrastructure usage? 1: Easy global deployments 2: Security of the AWS Cloud 3: Elasticity of the AWS Cloud 4: Economies of scale
"Elasticity of the AWS Cloud"
Which feature of AWS allows you to deploy a new application for which the requirements may change over time? 1: Elasticity 2: Fault tolerance 3: Disposable resources 4: High availability
"Elasticity"
Which feature of Amazon Rekognition can assist with saving time? 1: Identification of objects in images and videos 2: Identification of the language of text in a document 3: Adds automatic speech recognitions (ASR) to applications 4: Provides on-demand access to compliance-related information
"Identification of objects in images and videos"
Which of the following is a principle of good AWS Cloud architecture design? 1: Implement single points of failure 2: Implement loose coupling 3: Implement monolithic design 4: Implement vertical scaling
"Implement loose coupling"
What method can you use to take a backup of an Amazon EC2 instance using AWS tools? 1: Take full and incremental file-level backups using the backup console 2: Take application-consistent backups using the EC2 API 3: Use Cross Region Replication (CRR) to copy the instance to another region 4: Take a snapshot to capture the point-in-time state of the instance
"Take a snapshot to capture the point-in-time state of the instance"
Which AWS service is used to enable multi-factor authentication? 1: Amazon STS 2: AWS IAM 3: Amazon EC2 4: AWS KMS
2: AWS IAM
The AWS Identity and Access Management (IAM) service can be used to manage which objects? (Select TWO) 1: Security groups 2: Access policies 3: Roles 4: Network ACLs 5: Key pairs
2: Access policies 3: Roles
Which AWS storage technology can be considered a "virtual hard disk in the cloud"? 1: Amazon Elastic File Storage (EFS) filesystem 2: Amazon Elastic Block Storage (EBS) volume 3: Amazon S3 object 4: Amazon Glacier archive
2: Amazon Elastic Block Storage (EBS) volume
Which service can be used for building and integrating loosely-coupled, distributed applications? 1: Amazon EBS 2: Amazon SNS 3: Amazon EFS 4: Amazon RDS
2: Amazon SNS
What is the term for describing the action of automatically running scripts on Amazon EC2 instances when launched to install software? 1: Golden Images 2: Bootstrapping 3: Containerization 4: Workflow automation
2: Bootstrapping
What benefits are provided by Amazon CloudFront? (Select TWO) 1: Allows you to register domain names 2: Built-in Distributed Denial of Service (DDoS) attack protection 3: Used to enable private subnet instances to access the Internet 4: Content is cached at Edge Locations for fast distribution to customers 5: Provides a worldwide distributed DNS service
2: Built-in Distributed Denial of Service (DDoS) attack protection 4: Content is cached at Edge Locations for fast distribution to customers
What benefits does Amazon EC2 provide over using non-cloud servers? (Select TWO) 1: Complete control of the hypervisor layer 2: Elastic web-scale computing 3: Inexpensive 4: Fault tolerance 5: High-availability with an SLA of 99.999%
2: Elastic web-scale computing 3: Inexpensive
Which feature can you use to grant read/write access to an Amazon S3 bucket? 1: IAM Role 2: IAM Policy 3: IAM Group 4: IAM User
2: IAM Policy
What are two ways that moving to an AWS cloud can benefit an organization? (Select TWO) 1: Switch to a CAPEX model 2: Increase speed and agility 3: Stop guessing about capacity 4: Depreciate assets over a longer timeframe 5: Gain greater control of data center security
2: Increase speed and agility 3: Stop guessing about capacity
59. Question What is an availability zone composed of? 1: One or more regions 2: One or more data centers in a location 3: A collection of edge locations 4: A collection of VPCs
2: One or more data centers in a location
What advantages does deploying Amazon CloudFront provide? (Select TWO) 1: A private network link to the AWS cloud 2: Reduced latency 3: Automated deployment of resources 4: Improved performance for end-users 5: Provides serverless compute services
2: Reduced latency 4: Improved performance for end users
What is the most cost-effective EC2 pricing option to use for a non-critical overnight workload? 1: On-Demand 2: Spot 3: Reserved Instance 4: Dedicated Host
2: Spot
How does AWS assist organizations' with their capacity requirements? 1: With AWS you only pay for what you use 2: You don't need to guess your capacity needs 3: You don't own the infrastructure 4: With AWS you don't pay for data centers
2: You don't need to guess your capacity needs
Which of the following are accurate descriptions of AWS IAM users and groups? (Select TWO) 1: Groups can be nested and can contain other groups 2: A user can be a member of multiple groups 3: Groups can contain users only and cannot be nested 4: A user can only be a member of a single group at one a time 5: All new users are automatically added to a default group
CORRECT: "A user can be a member of multiple groups" is a correct answer. CORRECT: "Groups can contain users only and cannot be nested" is also a correct answer.
Which AWS service can be used to generate encryption keys that can be used to encrypt data? (Select TWO) 1: Amazon Macie 2: AWS Certificate Manager 3: AWS Key Management Service (AWS KMS) 4: AWS Secrets Manager 5: AWS CIoudHSM
CORRECT: "AWS Key Management Service (AWS KMS)" is a correct answer. CORRECT: "AWS CIoudHSM" is also a correct answer.
Which AWS services can be used to connect the AWS Cloud and on-premises resources? (Select TWO) 1: AWS Managed VPN 2: Amazon Connect 3: Amazon CloudHSM 4: AWS Direct Connect 5: AWS Managed Services
CORRECT: "AWS Managed VPN" is a correct answer. CORRECT: "AWS Direct Connect" is also a correct answer.
When instantiating compute resources, what are two techniques for using automated, repeatable processes that are fast and avoid human error? (Select TWO) 1: Snapshotting 2: Bootstrapping 3: Fault tolerance 4: Infrastructure as code 5: Performance monitoring
CORRECT: "Bootstrapping" is a correct answer. CORRECT: "Infrastructure as code" is also a correct answer
1. Question Under the AWS shared responsibility model, what are the customer's responsibilities? (Select TWO) 1: Physical and environmental security 2: Physical network devices including firewalls 3: Storage device decommissioning 4: Security of data in transit 5: Data integrity authentication
CORRECT: "Security of data in transit" CORRECT: "Data integrity authentication"
