AWS
Delete the access keys of the AWS account root user
After initial login, what does AWS recommend as the best practice for the AWS account root user?
Basic monitoring, which is free, Detailed monitoring, which has an additional cost
Amazon CloudWatch supports which types of monitoring plans? (Choose two)
Scheduled Reserved Instances
If your project requires you to run monthly reports that iterate through very large amounts of data, which Amazon EC2 purchasing option should you consider?
a fundamental data element
In Amazon DynamoDB, an attribute is ______
Only in the perimeter
In a physical data center, security is typically considered in what area?
Which AWS services are used with the content, In which country content is stored
In the Shared Responsibility Model, which of the following are examples of "security in the cloud?"
a. Security of the cloud
In the shared responsibility model, AWS is responsible for providing what? (Select the best answer.) a. Security of the cloud b. Security to the cloud c. Security for the cloud d. Security in the cloud
1. Information Security, 2. Risk Management, 3. Control Environment
The AWS Risk and Compliance Programs is made up of which of the following components?
worldwide across all AWS accounts
The name of an S3 bucket must be unique _________.
c, e (Inbound data transfer, Data transfer between services within the same region)
There is no charge for which of the following? a. Compute b. Storage c. Inbound data transfer d. Outbound data transfer e. Data transfer between services within the same region
FALSE
True or False? AWS IAM is appropriate for OS and application authentication.
FALSE
True or False? AWS Key Management Service (AWS KMS) enables you to assess, audit, and evaluate the configurations of your AWS resources.
True
True or False? AWS Organizations enables you to consolidate multiple AWS accounts so that you centrally manage them.
FALSE
True or False? AWS is responsible for the security of everything above the hypervisor layer.
True
True or False? AWS owns and maintains the network-connected hardware required for application services, while you provision and use what you need.
True
True or False? Amazon RDS automatically patches the database software and backs up your database, storing the backups for a user-defined retention period and enabling point-in-time recovery
True
True or False? Availability Zones within a Region are connected through low-latency links.
FALSE
True or False? By default, all data stored in S3 is viewable by the public.
FALSE
True or False? Cloud computing provides a simple way to access servers, storage, databases, and a broad set of application services over the Internet. You own the network connected hardware required for these services and Amazon Web Services provisions what you need.
FALSE
True or False? Edge locations are only located in the same general area as Regions.
True
True or False? Networking, storage, compute, and databases are examples of service categories that AWS offers
FALSE
True or False? Private subnets have direct access to the Internet.
True
True or False? S3 is an object storage suitable for the storage of 'flat' files like Word documents, photos, etc.
True
True or False? Using IAM Groups is the recommended way to manage IAM users' permissions by job function.
True
True or False? You can launch multiple instances of different types from a single AMI when launching an EC2 instance.
b. AWS edge locations
Which component of AWS global infrastructure does Amazon CloudFront use to ensure low latency delivery?(Select the best answer) a. AWS regions b. AWS edge location c. AWS availability zone d. Amazon virtual private cloud (amazon vpc)
1. Democratize advanced technologies, 2. Serverless architecture
Which design principles are recommended when considering performance efficiency? (Choose two)
Elastic Load Balancing, Auto Scaling
Which of the following AWS tools help your application scale up or down based on demand? (Choose two)
Rotate credentials regularly., Monitor activity in your AWS account.
Which of the following are AWS IAM best practices? (Choose two)
AWS uses multi-factor access control systems., You retain complete control and ownership of your data region.
Which of the following are advantages of AWS Cloud security? (Choose two)
Define fine-grained access rights., Manage access to AWS resources.
Which of the following are best practices to secure your account using AWS Identity and Access Management (IAM)?
1. Enforces a minimum number of running Amazon EC2 instances, 2. Launches instances from a specified Amazon Machine Image (AMI), 3. Responds to changing conditions by adding or terminating Amazon Elastic Compute (Amazon EC2) instances
Which of the following are characteristics of the Auto Scaling service on AWS?
Amazon EBS volumes can be encrypted transparently to workloads on the attached instance. , Data stored on Amazon EBS is automatically replicated within an Availability Zone.
Which of the following are features of Amazon Elastic Block Store (Amazon EBS)?
AWS regions
Which of the following are geographic areas that host two or more Availability Zones?
Certification/Attestations, Laws, regulations, and privacy
Which of the following are included in AWS Assurance Programs? (Choose two)
b & c (High-latency, Multiple procurement cycle)
Which of the following are not benefits of AWS Cloud computing? (Choose two) a. High-availability b. High-latency c. Multiple procurement cycles d. Temporary and disposable resources e. Fault-tolerant databases
Launch configuration, Minimum size
Which of the following are required elements of an Auto Scaling group? (Choose two)
Meet compliance requirements, Secure global infrastructure
Which of the following are some of the security benefits that AWS offers? (Choose two)
Amazon Glacier, S3 - Infrequent Access, S3 - Standard Access
Which of the following can be used as a storage class for an S3 object lifecycle policy?
Sends traffic to healthy instances
Which of the following is NOT a characteristic of the Auto Scaling service on AWS?
Platform as a service
Which of the following is an example of Amazon Lightsail?
Traceability
Which of the following is not one of the four areas of the performance efficiency pillar?
Maintaining physical hardware
Which of the following is the responsibility of AWS under the AWS shared responsibility model?
a listener
Which of the following must be configured on an Elastic Load Balancing load balancer to except incoming traffic?
Amazon EC2 instance type, Amazon Machine Image (AMI)
Which of the following must be specified when launching a new Amazon Elastic Compute Cloud (Amazon EC2) Windows instance? (Choose two)
1. Leverage Auto Scaling to recover from failed instances., 2. Launch the web server instance across multiple Availability Zones.
Which of the following options will help increase the availability of a web server farm? (Choose two)
AWS Security Token Service (STS)
Which of the following services provides trusted users with temporary security credentials that can control access to your AWS resources?
multiple
AWS highly recommends provisioning your compute resources across _______ Availability Zones.
d. Economies of scale
As AWS grows, the general cost of doing business is reduced and savings are passed back to the customer in the form of lower pricing. What is this optimization called? (Select the best answer) a. Economies of Scope b. Economies of optimization c. Economies of labor d. Economies of scale
a. having hundreds of thousands of customers aggregated in the cloud
Economies of scale results from ______. (Select the best answer) a. having hundreds of thousands of customers aggregated in the cloud b. having hundreds of cloud services available over the internet c. having to invest heavily in data centers and servers d. having many different cloud providers
An Amazon Elastic Compute Cloud (Amazon EC2) instance status check, A connection attempt, A ping
Elastic Load Balancing health checks may be what? (Choose three)
15 months
How long does Amazon CloudWatch keep metric data?
enable MFA (multi-factor authentication)
How would a system administrator add an additional layer of login security to a user's AWS Management Console? (Select the best answer.)
A container for storing archives.
Regarding Amazon Glacier, what is a Vault?
in multiple availability zones within the same region
S3 replicates all objects ______.
True
True or false? AWS offers a variety of services at no charge. For example, Amazon Virtual Private Cloud, AWS Identity and Access Management, Consolidated Billing, AWS Elastic Beanstalk, AWS Auto Scaling, AWS Ops Works and AWS Cloud Formation. Although there is no charge for these services, there may be charges associated with other AWS services used in conjunction with these services.
FALSE
True or false? To receive the discounted rate associated with Reserved Instances, you must make a full, up-front payment for the term of the agreement.
FALSE
True or false? Unlimited services are available via the free tier to new AWS customers for 12 months following their AWS sign-up date.
b. Total cost of ownership
What AWS tool compares the cost of running your application in an on-premises data center to AWS? (Select the best answer) a. Total Cost of Operation calculator b. Total cost of ownership c. Total cost of products d. Total cost of application
e. All of the above
What are the advantages of cloud computing over on-premises?(Select the best answer) a. Avoid large capital purchases b. On-demand capacity c. Go global d. Increase speed and agility e. All of the above
Basic, Developer, Business, Enterprise
What are the four support plans offered by AWS Support?
1. Launch Configuration Name, 2. Instance type, 3. Amazon Machine Image (AMI)
What are the minimum elements required to create an Auto Scaling launch configuration?
Classic Load Balancer, Network Load Balancer, Application Load Balancer
What are the three types of load balancers that ELB offers? (Choose three)
AWS Command Line Interface (CLI), AWS Management Console, Software Development Kits, (SDKs)
What are the three ways to access AWS core services?
Evaluates the policies you choose and determines the effective permissions for each of the actions you specify.
What does the IAM policy simulator do?
A main route table is created by default.
What happens when you create a new Amazon VPC?
Online tool that helps you configure resources to follow best practices
What is AWS Trusted Advisor?
Is a container for an IAM role that you can use to pass role information to an EC2 instance when the instance starts
What is an AWS IAM instance profile?
/16
What is the maximum size IP address range you can have in an Amazon VPC?
/28
What is the minimum size subnet you can have in an Amazon VPC?
Pay as you go
What is the pricing model that allows AWS customers to pay for resourceson an as-needed basis? (Select the best answer) Pay as you buy Pay as you reserve Pay as you decommission Pay as you go
1. A Region is a physical location that has multiple Availability Zones. 2. Each Region is located in a separate geographic area.
What is true about Regions?
c, d
When are free data transfers applicable across AWS?(Choose two) a. Free inbound data transfer across all amazon web services in all regions b. Free outbound data transfer across all amazon web services in all regions c. Free inbound data transfer for EC2 instances d. Free outbound data transfer between amazon web services within the same region
AWS Management Console access, Programmatic access
When creating an AWS Identity and Access Management (IAM) policy, what are the two types of access that can be granted to a user?
primary key
When you create a table in Amazon DynamoDB, in addition to the table name, you must specify the _____ of the table.
AWS cost explorer
Where can a customer go to get more details about Amazon Elastic Compute Cloud (Amazon EC2) billing activity that took place 3 months ago?
AWS Acceptable Use Policy
Where can a user find information about prohibited actions on the AWS infrastructure?
Amazon Redshift
Which AWS Cloud service is best suited for Online Analytics Processing (OLAP)?
Amazon VPC
Which AWS networking service enables a company to create a virtual network within AWS?
Amazon Virtual Private Cloud (Amazon VPC)
Which AWS networking service enables a company to create a virtual network within AWS?
AWS Marketplace
Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment?
AWS Marketplace
Which AWS offering enables users to find, buy, and immediately start using software solutions in their AWS environment?
AWS Database Migration Service (AWS DMS)
Which AWS service would simplify the migration of a database to AWS?
Dedicated Instances
Which Amazon Elastic Compute Cloud (Amazon EC2) feature ensures your instances will not share a physical host with instances from any other AWS customer?
Reserved Instances
Which EC2 option is best for long-term workloads with predictable usage patterns?
c. Pay for racking, stacking and powering servers
Which of these is not a primary benefit of cloud computing over on-premises computing? (Select the best answer) a. Trade capital expense for variable expense b. Eliminate guessing on your infrastructure capacity needs c. Pay for racking, stacking and powering servers d. Benefit from massive economies of scale e. Increase speed and agility
AWS CloudTrail
Which service can identify the user that made the API call when an Amazon EC2 instance is terminated?
Amazon Simple Notification Service (Amazon SNS)
Which service would be used to send alerts based on Amazon CloudWatch alarms?
Amazon EC2 instances can be launched on-demand when needed.
Why is AWS more economical than traditional data centers for applications with varying compute workloads?
C) Amazon EC2 instances can be launched on demand when needed.
Why is AWS more economical than traditional data centers for applications with varying compute workloads? A) Amazon EC2 costs are billed on a monthly basis. B) Users retain full administrative access to their Amazon EC2 instances. C) Amazon EC2 instances can be launched on demand when needed. D) Users can permanently run enough instances to handle peak workloads.
Monthly
With the "Pay as you go" pricing model, what is the billing interval for compute resources from the time you launch a resource until you terminate it?
e. secondly and hourly
With the "pay as you go" pricing model, how often do you pay for compute resources from the time you launch a resource until you terminate it? (Select the best answer) a. Yearly b. quarterly c. monthly d. daily e. secondly and hourly
decrease
You can run applications and workloads from a region to _______ latency to end users. a. increase b. decrease
NAT Gateway
You need to allow resources in a private subnet to access the internet. Which of the following must be present to enable this access?
Scan
You need to find an item in a DynamoDB table using an attribute other than the item's primary key. Which of the following operations should you use?
Run four Reserved Instances constantly, then add eight On-Demand Instances on the last day of each month.
Your web application needs four instances to support steady traffic all of the time. On the last day of the month, the traffic triples. What is the most cost-effective way to handle this pattern?
Amazon Aurora
______ is up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases
Fault Tolerant, Elastic and Scalable
______ means the infrastructure has built-in component redundancy and ______ means that resources dynamically adjust to increases or decreases in capacity requirements.