AWS CCP Sample Questions

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which AWS service provides a low cost storage option for archival and long-term backup? A. Glacier B. S3 C. EBS D. CloudFront

A

Which service would you use to send alerts based on Amazon CloudWatch alarms? A. Amazon Simple Notification Service (SNS) B. AWS CloudTrail C. AWS Trusted Advisor D. Amazon Route 53

A

A company is working on a project that involves converting images from .png to .jpg format. Thousands of images have to be converted but time is not an issue and continuous processing is not required. Which type of EC2 buying option would be most cost-effective? A. spot B. on-demand C. reserved D. dedicated

A 1. spot instances are granted per a bid; if the spot price goes above your bid then you will lose access to the instance 2. spot instances used if there CAN be interruptions in the processing

Which of the following is a durable key-value store? A. Simple Storage Service B. Simple Query Service C. Simple Workflow Service D. Simple Notification Service

A Amazon S3 is a key-value store designed to store as many objects as you want

Can I move a reserved instance from one region to another? A. no B. only if moving to GovCloud C. yes D. only if moved to US East

A NO, a reserved instance is associated with a specific region which is fixed for the duration of its reservation

What does Amazon SQS provide? A. An asynchronous message queue service B. Simply Query Server, managed directly by AWS C. A synchronous message queue service D. None

A SQS is a reliable, scalable web service that gives access to message queues that store messages awaiting processing, or those in transit between computers

Which of the following are benefits of AWS Organizations? Choose 2: A. centrally manage access policies across multiple AWS accounts B. automate AWS account creation and management C. analyze cost across all AWS accounts D. provide technical help for issues in the account

A & B Group accounts together and apply policies to the group Automate creation of new accounts through APIs Simplify payment methods Cost Explorer is used to analyze costs across accounts

Why would a company decide to use AWS over an on-prem DC? Choose 2. A. high availability (HA) infrastructure B. elastic resources based on demand C. free, unlimited storage D. fail proof infrastructure

A & B data storage is definitely not free nothing is fail proof; however, AWS infrastructure and its services provide for fault tolerance

Which of the two notification endpoints or clients does Amazon SNS support? A. email B. CloudFront C. FTP D. SMS E. SNMP

A & D

In what use cases would somebody use ElastiCache? Choose 2: A. improve performance of their web application B. NoSQL database C. use Edge locations to cache content D. in-memory data store service E. relational database

A & D ElastiCache improves web application performance by allowing the retrieval of information from in-memory cache instead of disk-based databases

In what circumstances would someone want to use ElastiCache? Choose 2: A. they need in-memory data store service B. they need to use edge locations to cache content C. they need a NoSQL database option D. they need to improve the performance of their web application

A & D ElastiCache is a web services that makes it easy to deploy, operate and scale in-memory cache in the Cloud. Offers better web application performance as information is retrieved quickly from in-memory cache rather than from slower, disk-based databases.

Which services belong to the Compute services? Choose 2: A. Lambda B. EC2 C. S3 D. IAM E. Inspector

A, B Compute services include: EC2 ECS Lightsail Batch Elastic Beanstalk Lambda Auto Scaling

A company is building a web application on AWS. They want to make sure it is highly available to their customers. What infrastructure components of the cloud allow them to accomplish this goal? Choose 2: A. Regions B. Data Locations C. Availability Zones D. Regional Zones E. Data Centers

A, C

Which features are available exclusively for Enterprise support plan? A. Technical Account Manager B. Technical Lead C. Solution Architect D. Business Relationship Manager

A, C Enterprise support plan offers: dedicated TAM Well-Architected review Solution Architects

Which of the following are benefits of RDS? Choose 2: A. resizable capacity B. use of NoSQL database service C. automated patches and backups D. best method for storing unstructured data

A, C RDS is a managed service offering for relational databases (THINK: SQL) so AMAZON handles the infrastructure, patches and the backups

Which AWS features can be used to control network traffic to the resources within a VPC? Choose 2: A. Security groups B. Shield C. NACLs D. WAF E. Inspector

A, C security groups and network access control lists allow you to control inbound and outbound network access to and from your instances

Which of the following are valid SNS delivery transports? A. HTTP B. UDP C. SMS D. DynamoDB E. named pipes

A, C valid transports for SNS: HTTP/S post email/email-JSON SQS SMS

Which AWS services belong to the Storage services? Choose 2: A. EBS B. CloudFront C. IAM D. DynamoDB E. Storage Gateway

A, E AWS provides the storage services: S3 EBS EFS Glacier Storage Gateway

If you want details about how to create, manage and attach IAM access policies to users, in which resource should you look? A. How-to-Help B. Service Documentation C. Whitepapers D. None

B

Which of the following is AWS's responsibility under the AWS shared responsibility model? A. Configuring third-party applications B. Maintaining the physical hardware C. Securing application access and data D. Managing customer Amazon Machine Images (AMIs)

B

Which of the following is Amazon's responsibility under the shared responsibility model? A. configuring third-party applications B. maintaining the hardware C. securing application access and data D. managing customer AMIs

B

Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (EC2) instance is terminated? A. Amazon CloudWatch B. AWS CloudTrail C. AWS X-Ray D. AWS IAM

B

AWS provides protection against traditional network security issues. Which attacks fall under AWS's provided protections?

DDoS (Distributed Denial of Service) man in the Middle attacks IP spoofing port scanning packet sniffing

Why is AWS more economical than traditional data centers for applications with varying compute workloads?

EC2 instances can be launched on-demand when needed scaling too

Which AWS service can help cache database results to improve web application performance?

ElastiCache

Which AWS support plan has an assigned Designated Technical Account Manager?

Enterprise support plan

Which AWS feature allows system administrators to access AWS programmatically?

CLI

An organization is generating digital policy files, which are required by the admins for verification. Once the files are verified they will not be required in the future unless there is a compliance issue. If the organization wants to save them in a cost effective way, which is the best possible solution? A. RRS B. RDS C. S3 D. Glacier

Glacier

Which deliver methods does AWS SNS support?

HTTP/S POST to a URL Email/Email-JSON SQS standard queue SMS (text message)

What does Amazon ElastiCache provide?

a managed in-memory cache service

What does SQS provide?

an asynchronous message queue service

A company has several departments with separate accounts. Which feature helps centrally manage access policies across multiple accounts? A. Organizations B. Cost Explorer C. IAM D. Inspector

A

What should you do if you believe your account has been compromised? Choose 2: A. Delete or rotate all root and IAM access keys B. Wait C. Delete your account D. Contact legal E. Delete any resources that you did not create

A, E Don't contact legal. Contact Support. All: change passwords change access keys delete any resources you did not create respond to any notifications from support

A company is planning to migrate from on-prem to AWS cloud. Which two factors should it consider for TCO calculations? A. database capacity B. power consumption C. hardware cost D. labor cost E. compute capacity and storage

A, E power/electricity, hardware and labor costs are all fronted by AWS as part of its data center consumption

Which AWS service can be used to track API event calls for security analysis and resource tracking?

AWS CloudTrail Users makes AWS API calls. CloudTrail tracks the actions of users. Use case left out in question: compliance auditing

Which AWS support plan has an Assigned Support Concierge?

AWS Enterprise it's for the fancy people

A company has several departments with separate accounts. Which feature helps centrally manage multiple accounts for scale?

AWS Organizations

Which AWS service would simplify migration of a database to AWS? A. AWS Storage Gateways B. AWS Database Migration Service (AWS DMS) C. Amazon Elastic Compute Cloud (Amazon EC2) D. Amazon AppStream 2.0

B

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? A. AWS regions B. AWS edge locations C. AWS Availability Zones (AZs) D. Amazon Virtual Private Cloud (VPC)

B

Which component of AWS global infrastructure does CloudFront use to ensure low-latency delivery? A. Regions B. Edge locations C. AZ D. VPC

B

You run a web application consisting of an ELB, an Auto Scaling Group of EC2 instances and RDS MySQL. Which security measures fall under AWS's responsibility? A. protect the instances against unsolicited access by enforcing the principle of least-privilege access B. protect against IP spoofing and packet sniffing C. assure all communications between EC2 instances and ELB is encrypted D. install latest security patches on EC2 instances

B

A company notices that 5 of their 10 buckets are no longer available in the account and have been deleted. They are unsure who deleted them and no one is taking responsibility. What should the company do to investigate? A. look at CloudWatch logs B. look at CloudTrail logs C. look at S3 logs D. look at SNS logs

B 1. CloudTrail service records AWS API calls for your account and delivers the log files to you 2. CloudWatch tracks your services but CloudTrail tracks your people

An organization has setup consolidated billing with 3 different accounts. Which of the below advantages will the organization receive in terms of billing? A. the consolidated billing does not bring any advantage B. all accounts will be charged for S3 storage by combining the total storage of each account C. EC2 instances of each account will receive some free micro instance hours D. the free usage tier for all accounts will be 3 years instead of 1

B 1. Consolidated billing offers volume discounts by which the charges are levied for the total storage across all accounts 2. EC2 and S3 have volume pricing tiers that give lower prices [per unit] the more the service is used

Which of the following cannot be used in EC2 to control who has access to specific instances? A. Security Groups B. IAM C. SSH keys D. Windows passwords

B 1. IAM can ONLY be used to control who has access to launch, start, stop and terminate instances 2. Once the instance is launched then IAM cannot control access to it 3. Access CAN be controlled through SSH keys for Linux, passwords for Windows and Security Groups to restrict access based on conditions such as IP address

Which feature allows system administrators to access AWS programmatically? A. CloudFormation B. SDK C. Inspector D. CodeDeploy

B 1. SDK allows users to access AWS services through languages such as Java, .Net, Ruby and Go 2. simplify using AWS services inside an application with an API tailored to the programming language or platform in use

What does Elastic Beanstalk provide? A. a scalable storage application on top of AWS B. an application container on top of AWS C. a service by this name does not exist D. a scalable cluster of EC2 instances

B A developer will upload their application and Elastic Beanstalk will automatically handle the deployment: capacity provisioning, load balancing, auto-scaling, health monitoring

With EC2, location of instances are: A. regional B. based on AZ (Availability Zone) C. global

B An instance is tied to the Availability Zone in which you launch it. The instance ID is tied to the region.

The concept of elasticity is most closely associated with which of the following? A. ELB B. Auto Scaling C. network security D. serverless computing

B Auto scaling maintains application availability and allows for automatic scaling of an EC2 instance based on user-defined conditions

What AWS service must you use if you want to configure an AWS billing alarm? A. CloudTrail B. CloudWatch C. AWS Consolidated billing D. AWS CloudMonitor

B CloudWatch is a monitoring service for AWS Cloud resources and the applications you run on them. Is used to collect and track metrics, collect and monitor log files, set alarms and react to changes in resources. Remember: CloudWatch is used to track services. CloudTrail is used to track users.

One organization has been using AWS for a few months. The finance team wants to visualize the pattern of spending. Which tool will help? A. AWS Cost Manager B. AWS Cost Explorer C. AWS CloudWatch D. AWS Consolidated Billing

B Cost Explorer is a free tool used to view charts of costs View data for the last 13 months Forecast up to the next 3 months

Which services would simplify migration of a database to AWS? A. storage gateway B. Database Migration Service (DMS) C. Elastic Compute Cloud D. AppStream 2.0

B Don't overthink this one

A company wants to design their applications for high availability. They should design each application with: A. minimum of 1 AZ B. minimum of 2 AZ C. minimum of 3 AZ D. minimum of 4 AZ

B Must be deployed within two AZs so that if one goes down then the traffic can be routed to the other

A user has deployed an application on private cloud. The user is using his own monitoring tool. Whenever there is an error, he wants the monitoring tool to notify him via SMS. Which service will help in this scenario? A. None because the user infrastructure is in a private cloud B. SNS C. SES D. SMS

B Simple Notification Service supports private and public cloud SNS supports the following transports: HTTP/S post to specific URL email/email-JSON SQS -- messages are added to the queue and then managed via API call SMS text to registered phone number

In IAM: What is web identity federation? A. use of an identity provider like Google or Facebook to become an AWS IAM user B. use of an identity provider like Google or Facebook to exchange for temporary AWS security credentials C. use of AWS IAM user tokens to log in as a Google or Facebook user D. use of AWS STS tokens to log in as a Good or Facebook user

B Users of an app will sign in using a well-known identity provider, will receive an authentication token and exchange that for temporary security credentials that map to an IAM

What benefits does Edge location provide? Choose 2: A. scalable DNS B. caching of resources C. low latency access D. isolated virtual network E. direct connect to AWS

B & C provides for resource caching in many locations customers are redirected to the location nearest them = low latency

Which AWS service can help in compliance auditing and resource change tracking for changes in resources? A. AWS XRay B. CloudTrail C. AWS Config D. Inspector E. Service catalog

B, C 1. CloudTrail gives history of your account API calls 2. AWS Config tracks existing and deleted resources, determines overall compliance against a set of rules, and presents the configuration details of a resource at any point in time

A company wants to implement best practices on AWS. Which implementation would help them "Optimize for Cost?" Choose 2: A. use reserved instances for short term adhoc requirements B. use S3 RRS storage class for reproducible objects C. use Lambda D. use on-demand instances for consistent compute E. Use S3-IA for data archival requirements

B, C 1. Reserved instances last a long time 2. on-demand instances are expensive 3. Glacier is used for archives

A company wants to transfer petabyte scale of data to AWS for their analytics, but are constrained on their internet connectivity. Which service can help them transfer data quickly? A. enhanced uploader B. snowmobile C. snowball D. direct connect

C

How would a system administrator add an additional layer of login security to a user's AWS Management Console? A. Use AWS Cloud Directory B. Audit AWS IAM roles C. Enable Multi-Factor Authentication D. Enable AWS CloudTrail

C

What best describes penetration testing? A. testing your users' access to services B. testing an application's ability to penetrate others C. testing own network and applications for vulnerabilities D. None

C

Why is AWS more economical than traditional data centers for applications with varying computer workloads? A. Amazon EC2 costs are billed on a monthly basis B. Customer retain full administrative access to their Amazon EC2 instances C. Amazon EC2 instances can be launched on-demand when needed D. Customer can permanently run enough instances to handle peak workloads

C

What does Amazon Route 53 provide? A. a global content delivery network (CDN) B. none C. a scalable Domain Name System (DNS) D. an SSH endpoint for Amazon EC2

C Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses a reliable and cost effective way to route end users to Internet applications.

Every user you create in IAM starts with: A. partial permissions B. full permissions C. no permissions

C By default, an IAM user starts out with no permissions

A company launched a new app within a single region, but intended for global use. What service can help provide low latency access with the best possible performance on a global scale? A. Route 53 B. CloudWatch C. CloudFront D. Elastic Load Balancer (ELB)

C CloudFront uses Edge locations to redirect users to the nearest location where the data is stored which provides for low latency

You just set up an account. You want to keep monthly billing under $100 and are worried about exceeding the limit. What can you set up to be notified when billing approaches $100? A. CloudWatch billing alarm that triggers CloudTrail notification to email B. CloudTrail billing alarm that triggers SNS notification to email C. CloudWatch billing alarm that triggers SNS notification to email D. SNS billing alarm that triggers a CloudWatch notification to email

C CloudWatch handles the alarm and SNS handles the transportation of the notification to you

What does Amazon CloudFormation provide? A. the ability to setup autoscaling for EC2 instances B. None C. a templated resource creation for AWS D. a template to map network resources for AWS

C Create a template that describes all the AWS resources you want and CloudFormation will provision and configure those resources for you

From which support plan do customers get access to the support API as part of Programmatic Case Management? A. Basic B. Developer C. Business D. Basic

C Don't be fooled. All support plans at level Business and above get this.

Which S3 storage class has the lowest object availability rating of the options below? A. all have the same availability rating B. standard C. infrequent access D. reduced redundancy

C Infrequent access has an availability rating of 99.90% Standard and Reduced Redundancy tie at an availability rating of 99.99%

How would a system administrator add an additional layer of login security to a user's Management Console? A. use Cloud Directory B. Audit IAM roles C. enable MFA D. CloudTrain

C MFA offered for your account, individual IAM users and control of access to APIs

What service allows you to have your own private network in the AWS cloud? A. VCN B. VPN C. VPC D. none

C Virtual Private Cloud lets you provision a logically isolated section of the AWS cloud where you can launch resources in a virtual network that you define

Which AWS RDS feature helps a standby database takeover when the primary fails to respond? A. RDS Single-AZ B. RDS Read Replica C. RDS Multi-AZ D. RDS Standby replica

C When you provision a Multi-AZ DB instance, RDS automatically creates a primary instance and synchronously replicates the data to a standby instance in a different AZ

A company is planning to use on-demand instances for their application. How would they be charged for it? A. charged per second based on hourly rate and there is a termination fee B. charged by the hour and must pay a partial upfront fee C. charged per second based on hourly rate and no termination fee D. they must commit to a one or three-year term and pay upfront

C on-demand bills per-second based on an hourly rate, but the user only pays for what they use so unused minutes and seconds are deducted off of the bill

Which of the following does AWS provide as part of the shared responsibility model? A. EC2 instance security B. EBS volume encryption C. physical network infrastructure security D. user access control to the AWS environment

C users of AWS resources cannot touch the underlying, physical hardware so Amazon is responsible for its security

What is the difference between an AZ and an edge location? A. Edge locations are used as control stations for AWS resources B. An edge location is used as a link when building load balancing between regions C. An AZ is a grouping of AWS resources in a specific region; an edge location is a specific resource within a region D. An AZ is an Amazon resource within a region; an edge location will deliver cached content to the closest location to reduce redundancy

D

What type of block cipher does S3 offer for server side encryption? A. RC5 B. blowfish C. Triple DES D. Advanced Encryption Standard (AES)

D

Where can a customer find information about prohibited actions on AWS infrastructure? A. AWS Trusted Advisor B. AWS IAM C. AWS Billing Console D. AWS Acceptable Use Policy

D

Which AWS networking service enables a company to create a virtual network within AWS? A. AWS Config B. Amazon Route 53 C. AWS Direct Connect D. Amazon Virtual Private Cloud (VPC)

D

Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment? A. AWS Config B. AWS OpsWorks C. AWS SDK D. AWS Marketplace

D

A company wants to implement best practices on AWS. Which implementation would help to eliminate single point of failure? A. ElastiCache Memcached deployment B. RDS Single-AZ deployment C. EC2 instances on a single AZ D. ElastiCache Redis deployment

D 1. Rule out any single-AZ deployments 2. Memcached does not support replication so a downed node will result in some data loss ElastiCache Redis: supports Multi-AZ deployment with automatic failover

In AWS VPC, what is a security group? A. none B. a list of users that can access Amazon EC2 instances C. an Access Control List (ACL) for resources D. a firewall for inbound/outbound traffic, built-in around every Amazon EC2 instance

D A security group acts as a virtual firewall for an instance to control inbound and outbound traffic. When an instance is launched in a VPC, up to 5 security groups can be assigned. Security Groups act at the instance level, NOT the subnet level. Each instance in a subnet can be assigned different security groups. An instance is assigned to the default security group if a particular group is not specified at launch.

A company is performing a migration to cloud. They have a compliance requirement for application hosting on physical servers to be able to use existing server-bound licenses. Which EC2 purchase type will fulfill the requirement? A. spot B. reserved C. on-demand D. dedicated

D Dedicated hosts: allows the user to provision EC2 resources on Dedicated Hosts which are physical servers with EC2 instance capacity fully dedicated to their use; allows use of existing server-bound software licenses

You decided to change AMI for instances in your application tier that is using Auto Scaling. In which area below would you change the instance type definition? A. Auto Scaling policy B. Auto Scaling group C. Auto Scaling tags D. Auto Scaling launch configuration

D Launch configuration is a template that an Auto Scaling group uses to launch instances

A company wants to launch an application to support a one-day campaign without interruption. The instances would not be needed after 24 hours. Which EC2 instance type would fulfill the requirement? A. Reserved B. Spot C. Dedicated D. On-demand

D On-demand instances allow you to increase/decrease as needed, they charge for compute capacity per hour, and they do not have any long-term commitments

Which of the below mentioned options can be a good use case for storing content in RRS? A. storing mission critical files B. storage infrequently used logs C. storing a video file which is not reproducible D. storing image thumbnails

D Reduced Redundancy storage is used to store noncritical, reproducible data at lower redundancy levels

A user is trying to understand SNS. To which of the below end points is SNS unable to send a notification? A. Email JSON B. HTTP C. SQS D. SES

D supported transports: Email/Email JSON HTTP/HTTPS POST SMS (text) SQS (AWS service)

From Business support plan and above, how many contacts can open cases?

Unlimited contacts can open unlimited cases

A user wants to achieve High Availability (HA) with PostgreSQL DB. Which functionality helps achieve that?

Muli-AZ Multi-AZ provides an HA solution for RDS PostgreSQL.

What kind of service is provided by AWS DynamoDB?

NoSQL database supports both document and key-value stores

A company is working with a data set and they need to import it into a relational database service. Which service will help meet their needs?

RDS THINK: Rds = Relational... SQL

What does RRS stand for?

Reduced Redundancy storage Used to store noncritical, reproducible data at lower levels of redundancy than Standard storage

What does S3 stand for?

Simple Storage Service

If you have a set of frequently accessed files that are used on a daily basis and cannot be reproduced, what S3 storage class show you store them in?

Standard

Which team should you reach out to if you believe your account has been compromised?

Support team

What AWS service helps estimate the cost of using AWS versus an on-prem DC?

TCO Calculator

What does Amazon EC2 provide?

virtual servers in the Cloud EC2 = COMPUTE = servers


Kaugnay na mga set ng pag-aaral

Finance 8 Personal Finance - Ch 6 Consumer Purchasing Strategies and Wise Buying of Motor Vehicles - Focus on Personal Finance - McGraw Hill 5 edition

View Set

Prep-U Management of pt. with Chronic Pulmonary Disease ch. 24

View Set

PrepU Chapter 52: Assessment and Management of Patients with Endocrine Disorders

View Set

Human Growth and Development Final Exam

View Set

NCLEX Challenge - Culture, Spirituality, and Alternative/Complementary Modalities

View Set