AWS Certified Cloud Practitioner Study Guide
Question 150 Which of the following can be used to manage identities in AWS? A. AWS Config B. AWS IAM C. AWS Trusted Advisor D. AWS
Answer: B AWS IAM
Question 192 You want to take a snapshot of an EC2 Instance and create a new instance out of it. In AWS what is this snapshot equivalent to? A. EBS Volumes B. AMI C. EC2 Snapshot D. EBS Snapshot
Answer: B AMI
Question 121 A company is planning to migrate their existing services to the AWS Cloud. Which of the following would help them do a cost benefit analysis of moving to the AWS Cloud? A. AWS TCO calculator B. AWS Config C. AWS Cost Explorer D. AWS Consolidating billing
Answer: A. AWS TCO calculator
Question 128 Which of the following are services where you don't need to manage the underlying infrastructure? Choose 2 answers from the options given below: A. DynamoDB B. EC2 C. Simple Storage Service D. AWS Auto Scaling
Answer: A. DynamoDB C. Simple Storage Service
Question 153 When working on the costing for on-demand EC2 instances, which of the following are attributes which determine the costing of the EC2 Instance? Choose 3 answers from the options given below: A. Instance Type B. AMI Type C. Region D. Edge location
Answer: A. Instance Type B. AMI Type C. Region
Question 149 In AWS, which security aspects are the customer's responsibility? Choose 4 answers from the options given below: A. Security Group and ACL (Access Control List) settings B. Decommissioning storage devices C. Patch management on the EC2 instance's operating system D. Life-cycle management of IAM credentials E. Controlling physical access to compute resources F. Encryption of EBS (Elastic Block Storage) volumes
Answer: A. Security Group and ACL (Access Control List) settings C. Patch management on the EC2 instance's operating system D. Life-cycle management of IAM credentials F. Encryption of EBS (Elastic Block Storage) volumes
Question 189 Which of the following are attributes of the costs for using the Simple Storage Service? Choose 2 answers from the options given below: A. The storage class used for the objects stored. B. Number of S3 buckets C. The total size in gigabytes of all objects stored. D. Using encryption in S3
Answer: A. The storage class used for the objects stored C. The total size in gigabytes of all objects stored
Question 103 You have a set of EC2 Instances hosted on the AWS Cloud. The EC2 Instances are hosting a web application. If you get a DDos attack from the internet, which of the following can help in reducing the overall threat to your EC2 Instances? Choose 2 answers from the options given below: A. Usage of Security Groups B. Usage of AWS Config C. Usage of Network Access Control Lists D. Usage of the Internet gateway
Answer: A. Usage of Security Groups C. Usage of Network Access Control Lists
Question 36 Which of the following can be used to protect EC2 Instances hosted in AWS? Choose 2 answers from the options given below: A. Usage of Security Groups B. Usage of AMI's C. Usage of Network Access Control Lists D. Usage of the Internet gateway
Answer: A. Usage of Security Groups C. Usage of Network Access Control Lists
Question 155 What are characteristics of Amazon S3? Choose 2 answers from the options given below: A. S3 allows you to store objects of virtually unlimited size. B. S3 allows you to store unlimited amounts of data. C. S3 should be used to host a relational database. D. Objects are directly accessible via a URL.
Answer: B S3 allows you to store unlimited amounts of data. D Objects are directly accessible via a URL.
Question 186 Which of the following items allow an application deployed on an EC2 instance to write data to S3 in a secure manner? A. AWS IAM Users B. AWS IAM Roles C. AWS IAM Groups D. AWS IAM Permissions
Answer: B. AWS IAM Roles
Question 161 Which of the following is an AWS managed database service provides processing power that is up to 5X faster than a traditional MySQL database? A. MariaDB B. Aurora C. PostgreSQL D. DynamoDB
Answer: B. Aurora
Question 114 Which of the following features of AWS RDS allows for offloading reads of the database? A. Cross region replication B. Creating Read Replicas C. Using snapshots D. Using Multi-AZ feature
Answer: B. Creating Read Replicas
Question 47 Which of the following are advantages of having infrastructure hosted on the AWS Cloud? Choose 2 answers from the options given below. A. Having complete control over the physical infrastructure B. Having the pay as you go model C. No upfront costs D. Having no need to worry about security
Answer: B. Having the pay as you go model C. No upfront costs
Question 165 AWS provides a storage option known as Amazon Glacier. What is this AWS service designed for? Please specify 2 correct options: A. Cached session data B. Infrequently accessed data C. Data archives D. Active database storage
Answer: B. Infrequently accessed data C. Data archives
Question 104 Your company currently uses VM Templates to spin up virtual machines on their on-premise infrastructure. Which of the following can be used in a similar way to spin up EC2 instances on the AWS Cloud? A. EBS Volumes B. EBS Snapshots C. Amazon Machines Images D. Amazon VMware
Answer: C. Amazon Machines Images
Question 118 Which of the following statements are FALSE when it comes to elasticity? Choose 2 answers from the options given below A. Diverting traffic to instances based on the demand B. Diverting traffic to instances with the least load C. Diverting traffic across multiple regions D. Diverting traffic to instances with higher capacity
Answer: C. Diverting traffic across multiple regions D. Diverting traffic to instances with higher capacity
Question 85 Which of the following security requirements are managed by AWS? Select 3 answers from the options given below: A. Password Policies B. User permissions C. Physical security D. Disk disposal E. Hardware patching
Answer: C. Physical security D. Disk disposal E. Hardware patching
Question 125 Which of the following can be used to view one bill when you have multiple AWS Accounts? A. Consolidating billing B. Combined Billing C. Cost Explorer D. IAM
Answer: A. Consolidating Billing
Question 156 What is the AWS service provided which provides a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability? A. AWS RDS B. DynamoDB C. Oracle RDS D. Elastic Map Reduce
Answer: B. DynamoDB
Question 175 Which AWS service uses Edge Locations for content caching? A. AWS SNS B. AWS SQS C. AWS CloudFront D. AWS Inspector
Answer: C. AWS CloudFront
Question 133 Which one of the following features is normally present in all of AWS Support plans? A. 24*7 access to customer support B. Access to all features in the Trusted Advisor C. A technical Account Manager D. A dedicated support person
Answer: A 24*7 access to customer support
Question 113 Your company wants to move an existing Oracle database to the AWS Cloud. Which of the following services can help facilitate this move? A. AWS Database Migration Service B. AWS VM Migration Service C. AWS Inspector D. AWS Trusted Advisor
Answer: A AWS Database Migration Service
Question 154 A company wants to utilize AWS storage. For them low storage cost is paramount, the data is rarely retrieved, and data retrieval times of several hours are acceptable for them. What is the best storage option to use? A. AWS Glacier B. AWS S3 Reduced Redundancy Storage C. EBS backed storage connected to EC2 D. AWS Cloud Front
Answer: A AWS Glacier
Question 183 Which of the following options of AWS RDS allows for AWS to failover to a secondary database in case the primary one fails? A. AWS Multi-AZ B. AWS Failover C. AWS Secondary D. AWS Standby
Answer: A AWS Multi-AZ
Question 123 You have a set of developers that need to use .Net to call AWS Services. Which of the following tools can be used to achieve this purpose? A. AWS SDK B. AWS Console C. AWS CLI D. AWS IAM
Answer: A AWS SDK
Question 141 Which services allow the customer to retain full administrative privileges of the underlying virtual infrastructure? A. Amazon EC2 B. Amazon S3 C. Amazon Lambda D. Amazon DynamoDB
Answer: A Amazon EC2
Question 108 Which of the following storage options provides the option of Lifecycle policies that can be used to move objects to archive storage? A. Amazon S3 B. Amazon Glacier C. Amazon Storage Gateway D. Amazon EBS
Answer: A Amazon S3
Question 167 There is a requirement to move a 10 TB data warehouse to the AWS cloud. Which of the following is an ideal service which can be used to move this amount of data to the AWS Cloud? A. Amazon Snowball B. Amazon Direct Connect C. Amazon S3 MultiPart Upload D. Amazon S3 Connector
Answer: A Amazon Snowball
Question 117 A company currently has an application which consist of a .Net layer which connects to a MySQL database. They now want to move this application onto AWS. They want to make use of all AWS features such as high availability and automated backups. Which of the following would be an ideal database in AWS to migrate to for this requirement? A. Aurora B. DynamoDB C. An EC2 instance with MySQL installed. D. An EC2 instance with Aurora installed.
Answer: A Aurora
Question 187 What are the four levels of AWS Premium Support? A. Basic, Developer, Business, Enterprise B. Basic, Startup, Business, Enterprise C. Free, Bronze, Silver, Gold D. All support is free
Answer: A Basic, Developer, Business, Enterprise
Question 194 Which of the following concepts is used when you want to manage the bills for multiple accounts under one master account? A. Consolidated Billing B. Combined Billing C. Cost Explorer D. IAM
Answer: A Consolidating billing
Question 184 What service from AWS can help manage the costs for all resources in AWS? A. Cost Explorer B. Cost Allocation Tags C. AWS Consolidated billing D. Payment History
Answer: A Cost Explorer
Question 132 You are exploring what services AWS has off-hand. You have a large number of data sets that need to be processed. Which of the following services can help fulfil this requirement? A. EMR B. S3 C. Glacier D. Storage gateway
Answer: A EMR
Question 151 Which of the following is a best practice when working with permissions in AWS? A. Ensure the least privilege access is used B. Use the root account credentials C. Don't use IAM users and groups D. Ensure the highest privilege access is used
Answer: A Ensure the least privilege access is used
Question 193 There is a requirement for hosting a set of servers in the Cloud for a short period of 3 months. Which of the following types of instances should be chosen to be cost effective? A. On-Demand B. Spot Instances C. No Upfront costs Reserved D. Partial Upfront costs Reserved
Answer: A On-Demand
Question 172 Which of these is a document that provides a formal statement of one or more permissions? A. Policy B. Permission C. Role D. Resource
Answer: A Policy
Question 178 What is the service provided by AWS that lets you host Domain Name systems? Please choose on answer from the options below. A. Route 53 B. VPC C. Direct Connect D. VPN
Answer: A Route 53
Question 173 What acts as a firewall that controls the traffic allowed to reach one or more instances? A. Security group B. ACL C. IAM D. IAM
Answer: A Security group
Question 177 You have a distributed application that periodically processes large volumes of data across multiple Amazon EC2 Instances. The application is designed to recover gracefully from Amazon EC2 instance failures. You are required to accomplish this task in the most cost-effective way. Which of the following will meet your requirements? A. Spot Instances B. Reserved instances C. Dedicated instances D. On-Demand instances
Answer: A Spot Instance
Question 182 What does Amazon EC2 provide? A. Virtual servers in the Cloud. B. A platform to run code (Java, PHP, Python), paying on an hourly basis. C. Computer Clusters in the Cloud. D. Physical servers remotely managed by the customer.
Answer: A Virtual servers in the Cloud
Question 174 Which of the following are benefits of the AWS's Relational Database Service (RDS)? Choose the 2 correct answers from the options below: A. Automated patches and backups B. You can resize the capacity accordingly C. It allows you to store unstructured data D. It allows you to store NoSQL data
Answer: A, B Automated patches and backups, You can resize the capacity accordingly
Question 126 Your company is planning to host a large ecommerce application on the AWS Cloud. One of their major concerns is Internet attacks such as DDos attacks. Which of the following services can help mitigate this concern? Choose 2 answers from the options given below: A. CloudFront B. AWS Shield C. AWS EC2 D. AWS Config
Answer: A, B CloudFront, AWS Shield
Question 107 Which of the following are features of an edge location? Choose 3 answers from the options given below: A. Distribute content to users B. Cache common responses C. Distribute load across multiple resources D. Used in conjunction with the CloudFront service
Answer: A, B, D Distribute content to users, Cache common responses, Used in conjunction with the CloudFront service
Question 95 Which of the following is a fully managed NoSQL database service available in AWS? A. AWS DynamoDB B. AWS RDS C. AWS Redshift D. AWS MongoDB
Answer: A. AWS DynamoDB
Question 91 Which AWS Cloud service helps in quick deployment of resources which can make use of different programming languages such as .Net and Java? A. AWS Elastic Beanstalk B. AWS Elastic Compute Cloud (Amazon EC2) C. AWS VPC D. AWS SQS
Answer: A. AWS Elastic Beanstalk
Question 88 Which of the following needs a user name and password to access AWS resources? A. AWS Management Console B. AWS Application Programming Interface (API) C. AWS Software Development Kit (SDK) D. AWS CLI
Answer: A. AWS Management Console
Question 58 Which of the following can be used to call AWS services from programming languages? A. AWS SDK B. AWS Console C. AWS CLI D. AWS IAM
Answer: A. AWS SDK
Question 120 Which of the following services relates the concept of "scaling up resources based on demand"? A. Auto Scaling B. Elastic Load Balancer C. VPC D. Subnet
Answer: A. Auto Scaling
Question 8 What is the value of having AWS Cloud services accessible through an Application Programming Interface (API)? A. Cloud resources can be managed programmatically B. AWS infrastructure use will always be cost-optimized C. All application testing is managed by AWS D. Customer-owned, on-premises infrastructure becomes programmable
Answer: A. Cloud resources can be managed programmatically
Question 101 When giving permission to users via the AWS Identity and Access Management tool, which of the following principles should be applied when granting permissions? A. Principle of least privilege B. Principle of greatest privilege C. Principle of most privilege D. Principle of lower privilege
Answer: A. Principle of least privilege
Question 160 Which of the below AWS services allows you to base the number of resources on the demand of the application or users? A. AWS EC2 B. AWS Autoscaling C. AWS ELB D. AWS Inspector
Answer: B AWS Autoscaling
Question 163 Which of the following services helps in governance, compliance, and risk auditing in AWS? A. AWS Config B. AWS CloudTrail C. AWS CloudWatch D. AWS SNS
Answer: B AWS CloudTrail
Question 105 Which of the below cannot be used to get data onto Amazon Glacier? A. AWS Glacier API B. AWS Console C. AWS Glacier SDK D. AWS S3 Lifecycle policies
Answer: B AWS Console
Question 130 Which of the following services allows you to analyze EC2 Instances against pre-defined security templates to check for vulnerabilities? A. AWS Trusted Advisor B. AWS Inspector C. AWS WAF D. AWS Shield
Answer: B AWS Inspector
Question 145 Which of the following is a serverless compute offering from AWS? A. AWS EC2 B. AWS Lambda C. AWS SNS D. AWS SQS
Answer: B AWS Lambda
Question 190 If you want to develop an application in Java, which of the following tools would you use? A. AWS PowerShell B. AWS SDK C. AWS CLI D. AWS Console
Answer: B AWS SDK
Question 171 You have a Web application hosted in an EC2 Instance that needs to send notifications based on events. Which of the below services can assist in sending notifications? A. AWS SES B. AWS SNS C. AWS SQS D. AWS EC2
Answer: B AWS SNS
Question 147 To predict the cost of moving resources from on-premise to the cloud, which of the following can be used: A. AWS Inspector B. AWS TCO C. AWS WAF D. AWS Trusted Advisor
Answer: B AWS TCO
Question 146 Which of the following allows you to carve out a portion of the AWS Cloud? A. AWS Subnets B. AWS VPC C. AWS Regions D. AWS Availability Zones
Answer: B AWS VPC
Question 158 A company is deploying a 2-tier, highly available web application to AWS. Which service provides durable storage for static content while utilizing lower overall CPU resources for the web tier? A. Amazon EBS volume B. Amazon S3 C. Amazon EC2 instance store D. Amazon RDS instance
Answer: B Amazon S3
Question 168 What is the key difference between an availability zone and an edge location? A. An availability zone is a grouping of AWS resources in a specific region; an edge location is a specific resource within the AWS region B. An availability zone is an Amazon resource within an AWS region, whereas an edge location will deliver cached content to the closest location to reduce latency C. Edge locations are used as control stations for AWS resources D. None of the above
Answer: B An availability zone is an Amazon resource within an AWS region, whereas an edge location will deliver cached content to the closest location to reduce latency
Question 170 In AWS billing what option can be used to ensure costs can be reduced if you have multiple accounts? A. Combined billing B. Consolidated billing C. Costs are automatically reduced for multiple accounts by AWS. D. It is not possible to reduce costs with multiple accounts
Answer: B Consolidating billing
Question 188 A company does not want to manage their database. Which of the following services is a fully managed NoSQL database provided by AWS? A. AWS RDS B. DynamoDB C. Oracle RDS D. Elastic Map Reduce
Answer: B DynamoDB
Question 179 What is the service provided by AWS that allows developers to easily deploy and manage applications on the cloud? Please choose on answer from the options below. A. CloudFormation B. Elastic Beanstalk C. Opswork D. Container service
Answer: B Elastic Beanstalk
Question 119 Which of the following services relates the concept of "Distributing traffic to multiple EC2 Instances"? A. AutoScaling B. Elastic Load Balancer C. VPC D. Subnets
Answer: B Elastic Load Balancer
Question 124 You have an EC2 Instance in development that interacts with the Simple Storage Service. The EC2 Instance is going to be promoted to the production environment. Which of the following features should be used for secure communication between the EC2 Instance and the Simple Storage Service? A. IAM Users B. IAM Roles C. IAM Groups D. IAM policies
Answer: B IAM Roles
Question 110 There is a requirement hosting a set of servers in the Cloud for a short period of 6 months. Which of the following types of instances should be chosen to be cost effective? A. Spot Instances B. On-Demand C. No Upfront costs Reserved D. Partial Upfront costs Reserved
Answer: B On-Demand
Question 137 You have 2 accounts in your AWS account, one for Dev and the other for QA. All are part of Consolidated Billing. The master account has purchase 3 reserved instances. The Dev department is currently using 2 reserved instances. The QA team is planning on using 3 instances. What is the pricing tier of the instances that can be used by the QA Team? A. No Reserved and 3 on-demand B. One Reserved and 2 on-demand C. Two Reserved and 1 on-demand D. Three Reserved and no on-demand
Answer: B One Reserved and 2 on-demand (The unused RI and two new OD)
Question 122 Which of the following does AWS perform on its customer's behalf for EBS volumes to make it less prone to failure? A. Replication of the volume across Availability Zones B. Replication of the volume in the same Availability Zone C. Replication of the volume across Regions D. Replication of the volume across Edge locations
Answer: B Replication of the volume in the same Availability Zone
Question 191 Which of the following services helps provide a connection from on-premise infrastructure to resources hosted in the AWS Cloud? Choose 2 answers from the options given below: A. AWS VPC B. AWS VPN C. AWS Direct Connect D. AWS Subnets
Answer: B, C AWS VPN, AWS Direct Connect
Question 138 Which of the following are right principles when designing cloud-based systems? Choose 2 answers from the options below: A. Build Tightly-coupled components B. Build loosely-coupled components C. Assume everything will fail D. Use as many services as possible
Answer: B, C Build loosely-coupled components, Assume everything will fail
Question 112 When working with the AWS Cloud which of the following are headaches you don't need to worry about? Choose 2 answers from the options given below. A. Having complete control over the physical infrastructure, so you don't need to worry about what AWS is doing. B. Having the pay as you go model, so you don't need to worry if you are burning costs for non-running resources. C. No Upfront costs D. Having no need to worry about security
Answer: B, C Having the pay as you go model, so you don't need to worry if you are burning costs for non-running resources, No Upfront costs
Question 109 Which of the following features of Amazon RDS allows for better availability of databases. Choose 2 answers from the options given below: A. VPC Peering B. Multi-AZ C. Read Replicas D. Multi-Region
Answer: B, C Multi-AZ, Read Replicas
Question 14 Who has control of the data in an AWS account? A. AWS Support Team B. AWS Account Owner C. AWS Security Team D. AWS Technical Account Manager (TAM)
Answer: B. AWS Account Owner
Question 49 Which of the following features of RDS allows for data redundancy across regions? A. Cross region replication B. Creating Read Replica's C. Using snapshots D. Using Multi-AZ feature
Answer: B. Creating Read Replica's
Question 86 Which of the following terms relate to "creating systems that scale to the required capacity based on changes in demand"? A. Disaster Recovery B. Elasticity C. Decoupling D. Aggregation
Answer: B. Elasticity
Question 176 A company wants to create standard templates for deployment of their Infrastructure. Which AWS service can be used in this regard? A. Amazon Simple Workflow Service B. AWS Elastic Beanstalk C. AWS CloudFormation D. AWS OpsWorks
Answer: C AWS CloudFormation
Question 142 Which of the following AWS services should you use to migrate an existing database to AWS? A. AWS Lambda B. AWS Storage gateway C. AWS DMS D. AWS Snowball
Answer: C AWS DMS
Question 159 Which AWS service allows for distribution of incoming application traffic across multiple EC2 instances? A. AWS EC2 B. AWS Autoscaling C. AWS ELB D. AWS Inspector
Answer: C AWS ELB
Question 127 Which of the following services is a serverless compute service in AWS? A. AWS EC2 B. AWS Config C. AWS Lambda D. AWS Opswork
Answer: C AWS Lambda
Question 111 Which of the following from AWS can be used to transfer petabytes of data from on-premise locations to the AWS Cloud? A. AWS Import/Export B. AWS EC2 C. AWS Snowball D. AWS Transfer
Answer: C AWS Snowball
Question 180 A company is deploying a new two-tier web application in AWS. The company wants to store their most frequently used data so that the response time for the application is improved. Which AWS service provides the solution for the company's requirements? A. MySQL Installed on two Amazon EC2 Instances in a single Availability Zone B. Amazon RDS for MySQL with Multi-AZ C. Amazon ElastiCache D. Amazon DynamoDB
Answer: C Amazon ElastiCache
Question 136 What AWS service has built-in DDoS mitigation? A. CloudTrail B. EC2 C. CloudFront D. CloudWatch
Answer: C CloudFront
Question 181 If you wanted to take a backup of an EBS Volume, what would you do? A. Store the EBS volume in S3 B. Store the EBS volume in an RDS database C. Create an EBS snapshot D. Store the EBS volume in DynamoDB
Answer: C Create an EBS snapshot
Question 116 A company wants to have a database hosted on AWS. As much as possible they want to have control over the database itself. Which of the following would be an ideal option for this? A. Using the AWS DynamoDB service B. Using the AWS RDS service C. Hosting on the database on an EC2 Instance D. Using the Amazon Aurora service
Answer: C Hosting on the Database on an EC2 Instance
Question 148 What is the concept of an AWS region? A. It is a collection of Edge locations B. It is a collection of Compute capacity C. It is a geographical area divided into Availability Zones D. It is the same as an Availability zone
Answer: C It is a geographical area divided into Availability Zones
Question 115 Which of the following terms refers to another geographic location in AWS? A. Availability Zone B. Data center C. Region D. Edge location
Answer: C Region
Question 195 Which of the following is not a disaster recovery deployment technique? A. Pilot light B. Warm standby C. Single Site D. Multi-Site
Answer: C Single Site
Question 164 When using On-Demand instances in AWS, which of the following is a false statement when it comes to the costing for the Instance? A. You pay no upfront costs for the instance B. You are charged per second based on the hourly rate C. You must pay the termination fees if you terminate the instance D. You pay for much you use.
Answer: C You must pay the termination fees if you terminate the instance
Question 144 Which of the following can be used to protect against DDos attacks? Choose 2 answers from the options given below: A. AWS EC2 B. AWS ELB C. AWS Shield D. AWS Shield Advanced
Answer: C, D AWS Shield, AWS Shield Advanced
Question 135 Which of the following options would entice a company to use AWS over an on-premises data center? Choose 2 answers from the options given below: A. Having access to Free and Unlimited Storage B. Having access to Unlimited Physical servers C. Having a highly available infrastructure D. Ability to use resources on demand
Answer: C, D Having a highly available infrastructure, Ability to use resources on demand
Question 102 Which of the below mentioned services is equivalent to hosting virtual servers on an on-premise location? A. AWS IAM B. AWS Server C. AWS EC2 D. AWS Regions
Answer: C. AWS EC2
Question 30 What is the ability provided by AWS to enable fast, easy, and secure transfers of files over long distances between your client and your Amazon S3 bucket? A. File Transfer B. HTTP Transfer C. Transfer Acceleration D. S3 Acceleration
Answer: C. Transfer Acceleration
Question 157 You want to monitor the CPU utilization of an EC2 resource in AWS. Which of the below services can help in this regard? A. AWS CloudTrail B. AWS Inspector C. AWS Trusted Advisor D. AWS CloudWatch
Answer: D AWS CloudWatch
Question 162 Which of the following is AWS services allows you to build a data warehouse on the cloud? A. AWS Snowball B. AWS Storage Gateway C. AWS EMR D. AWS Redshift
Answer: D AWS Redshift
Question 139 Which of the following AWS services can assist you with cost optimization? A. AWS Shield B. AWS Inspector C. AWS WAF D. AWS Trusted Advisor
Answer: D AWS Trusted Advisor
Question 131 Which of the following storage mechanisms can be used to store messages effectively which can be used across distributed systems? A. Amazon Glacier B. Amazon EBS Volumes C. Amazon EBS Snapshots D. Amazon SQS
Answer: D Amazon SQS
Question 129 Which of the following disaster recovery deployment mechanisms has the highest downtime? A. Pilot light B. Warm standby C. Multi Site D. Backup and Restore
Answer: D Backup and Restore
Question 185 What service helps you to aggregate logs from your EC2 instance? Choose one answer from the options below: A. SQS B. S3 C. CloudTrail D. CloudWatch Logs
Answer: D CloudWatch Logs
Question 166 Which of the following is not a supported database in the AWS RDS service? A. Aurora B. MariaDB C. MySQL D. DB2
Answer: D DB2
Question 143 You have a mission-critical application which must be globally available at all times. If this is the case, which of the below deployment mechanisms would you employ? A. Deployment to multiple edge locations B. Deployment to multiple Availability Zones C. Deployment to multiple Data Centers D. Deployment to multiple Regions
Answer: D Development to multiple Regions
Question 106 Your company is planning to pay for an AWS Support plan. They have the following requirements as far as the support plan goes: • 24x7 access to Cloud Support Engineers via email, chat & phone • A response time of less than 1 hour for any critical faults Which of the following plans will suffice keeping in mind the cost factor? A. Basic B. Developer C. Business D. Enterprise
Answer: D Enterprise
Question 169 Which of the following security features is associated with a Subnet in a VPC to protect against incoming traffic requests? A. AWS Inspector B. Subnet Groups C. Security Groups D. NACL
Answer: D NACL
Question 152 What is the ability provided by AWS to enable very fast, easy, and secure transfers of files over long distances between your client and your Amazon S3 bucket? A. File Transfer B. HTTP Transfer C. S3 Acceleration D. Transfer Acceleration
Answer: D Transfer Acceleration
Question 134 You are planning to serve a web application on the AWS Platform by using EC2 Instances. Which of the below principles would you adopt to ensure that even if some of the EC2 Instances crashes, you still have a working application? A. Using a scalable system B. Using an elastic system C. Using a regional system D. Using a fault tolerant system
Answer: D Using a fault tolerant system
Question 140 Which of the following is the amount of storage that can be stored in the Simple Storage service? A. 1 TB B. 5 TB C. 1 PB D. Virtually unlimited storage
Answer: D Virtually unlimited storage
Question 38 You are developing and planning on deploying an application onto the AWS Cloud. This application needs to be PCI Compliantr. Which of the below steps would you carry out to ensure the compliance is met for the application. Choose 2 answers from the following: A. Choose AWS services which are PCI Compliant B. Ensure the right steps are taken during application development for PCI Compliance C. Ensure the AWS Services are made PCI Compliant D. Do an audit after the deployment of the application for PCI Compliance
Answer: A. Choose AWS services which are PCI Compliant B. Ensure the right steps are taken during application development for PCI Compliance
Question 53 Which of the following statements are TRUE when it comes to elasticity. Choose 2 answers from the options given below: A. Diverting traffic to instances based on the demand B. Diverting traffic to instances with the least load C. Diverting traffic across multiple regions D. Diverting traffic to instances with higher capacity
Answer: A. Diverting traffic to instances based on the demand B. Diverting traffic to instances with the least load
Question 34 What best describes the "Principal of Least Privilege"? Choose the correct answer from the options given below A. All users should have the same baseline permissions granted to them to use basic AWS services B. Users should be granted permission to access only resources they need to do their assigned job C. Users should submit all access requests in writing so that there is a paper trail of who needs access to different AWS resources D. Users should always have a little more access granted to them then they need, just in case they end up needed it in the future
Answer: B. Users should be granted permission to access only resources they need to do their assigned job
Question 73 Which of the following services can provide a complete audit trail of all AWS services used within an account? A. AWS Trusted Advisor B. Amazon EC2 instance usage report C. Amazon CloudWatch D. AWS Cloud Trail logs
Answer: D. AWS Cloud Trail logs
Question 44 There is a requirement to host a database server for a minimum period of one year. Which of the following would result in the least cost? A. Spot Instances B. On-Demand C. No Upfront costs Reserved D. Partial Upfront costs Reserved
Answer: D. Partial Upfront costs Reserved
Question 39 Which of the below can be used to get data onto Amazon Glacier? Choose 3 answers from the options given below: A. AWS Glacier API B. AWS Console C. AWS Glacier SDK D. AWS S3 Lifecycle policies
Answer: A. AWS Glacier API, C. AWS Glacier SDK, D. AWS S3 Lifecycle policies
Question 23 Which AWS Cloud service is used to turn on Multi-Factor Authentication (MFA)? A. AWS Identity and Access Management (IAM) B. Amazon Elastic Compute Cloud (Amazon EC2) C. AWS Config D. Amazon Inspector
Answer: A. AWS Identity and Access Management (IAM)
Question 20 What AWS feature enables a user to manage services through a web-based user interface? A. AWS Management Console B. AWS Application Programming Interface (API) C. AWS Software Development Kit (SDK) D. Amazon CloudWatch
Answer: A. AWS Management Console
Question 56 Which of the following is used to derive the costs for moving artefacts from on-premise to AWS? A. AWS TCO calculator B. AWS Config C. AWS Cost Explorer D. AWS Consolidating billing
Answer: A. AWS TCO calculator
Question 89 Your company is planning to use the AWS Cloud, but there is a management decision that resources need to split department-wise, and the decision is tending towards managing multiple AWS accounts. Which of the following would help in effective management, and also provide an efficient costing model? A. AWS organizations B. Amazon Dev Pay C. AWS Trusted Advisor D. AWS Cost Explorer
Answer: A. AWS organizations
Question 11 Which AWS service automates infrastructure provisioning and administrative tasks for an analytical data warehouse? A. Amazon Redshift B. Amazon DynamoDB C. Amazon ElastiCache D. Amazon Aurora
Answer: A. Amazon Redshift
Question 79 Which of the following services is a fully managed, petabyte-scale data warehouse service in the AWS cloud? A. Amazon Redshift B. Amazon DynamoDB C. Amazon ElastiCache D. Amazon Aurora
Answer: A. Amazon Redshift
Question 7 Which service should an administrator use to register a new domain name with AWS? A. Amazon Route 53 B. Amazon Cloud Fron C. Elastic Load Balancing D. Amazon Virtual Private Cloud (Amazon VPC)
Answer: A. Amazon Route 53
Question 74 Which of the following service is most useful when a Disaster Recovery method is triggered in AWS? A. Amazon Route 53 B. Amazon SNS C. Amazon SQS D. Amazon Inspector
Answer: A. Amazon Route 53
Question 43 There is a requirement for storage of objects. The objects should be able to be downloaded via a URL. Which storage option would you choose? A. Amazon S3 B. Amazon Glacier C. Amazon Storage Gateway D. Amazon EBS
Answer: A. Amazon S3
Question 22 How can the AWS Management Console be secured against unauthorized access? A. Apply Multi-Factor Authentication (MFA) B. Set up a secondary password C. Request root access privileges D. Disable AWS console access
Answer: A. Apply Multi-Factor Authentication (MFA)
Question 52 Which of the following is a compatible MySQL database which also can grow in storage size on its own? A. Aurora B. DynamoDB C. RDS Microsoft SQL Server D. RDS MySQL
Answer: A. Aurora
Question 76 When designing a system, you use the principle of "design for failure and nothing will fail". Which of the following services/features of AWS can assist in supporting this design principle? Choose 3 answers from the options given below: A. Availability Zones B. Regions C. Elastic Load Balancer D. Pay as you go
Answer: A. Availability Zones, B. Regions, C. Elastic Load Balancer
Question 61 Which of the following helps in DDos protection? Choose 2 answers from the options given below A. CloudFront B. AWS Shield C. AWS EC2 D. AWS Config
Answer: A. CloudFront, B. AWS Shield
Question 60 Which of the following are 2 ways AWS provides to link accounts? A. Consolidated Billing B. AWS Organizations C. Cost Explorer D. IAM
Answer: A. Consolidating billing, B. AWS Organizations
Question 46 When creating security groups, which of the following is a responsibility of the customer? Choose 2 answers from the options given below: A. Giving a name and description for the security group B. Defining the rules as per the customer requirements. C. Ensure the rules are applied immediately D. Ensure the security groups are linked to the Elastic Network interface
Answer: A. Giving a name and description for the security group, B. Defining the rules as per the customer requirements.
Question 12 Which of the following is the responsibility of the AWS customer according to the Shared Security Model? A. Managing AWS Identity and Access Management (IAM) B. Securing edge locations C. Monitoring physical device security D. Implementing service organization Control (SOC) standards
Answer: A. Managing AWS Identity and Access Management (IAM)
Question 90 Which of the following can be used as an additional layer of security in addition to using a user name and password when logging into the AWS Console? A. Multi-Factor Authentication (MFA) B. Secondary password C. Root access privileges D. Secondary user name
Answer: A. Multi-Factor Authentication (MFA)
Question 17 Which of the following security requirements are managed by AWS customers? Select 2 answers from the options given below. A. Password Policies B. User permissions C. Physical security D. Disk disposal E. Hardware patching
Answer: A. Password Policies, B. User Permissions
Question 29 You are currently hosting an infrastructure and most of the EC2 instances are near 90 - 100% utilized. What is the type of EC2 instances you would utilize to ensure costs are minimized? A. Reserved instances B. On-demand instances C. Spot instances D. Regular instances
Answer: A. Reserved instances
Question 97 If there is a requirement to host EC2 Instances in the AWS Cloud wherein the utilization is guaranteed to be consistent for a long period of time, which of the following would you utilize to ensure costs are minimized? A. Reserved instances B. On-demand instances C. Spot instances D. Regular instances
Answer: A. Reserved instances
Question 25 Which of the following is a factor when calculating Total Cost of Ownership (TCO) for the AWS Cloud? A. The number of servers migrated to AWS B. The number of users migrated to AWS C. The number of passwords migrated to AWS D. The number of keys migrated to AWS
Answer: A. The number of servers migrated to AWS
Question 54 Which of the following is the concept of the Elastic load balancer? A. To distribute traffic to multiple EC2 Instances B. To scale up EC2 Instances C. To distribute traffic to AWS resources across multiple regions D. To increase the size of the EC2 Instance based on demand
Answer: A. To distribute traffic to multiple EC2 Instances
Question 55 Which of the following is the concept of Auto Scaling? A. To scale up resources based on demand B. To distribute traffic to multiple EC2 Instances C. To distribute traffic to AWS resources across multiple regions D. To increase the size of the EC2 Instance based on demand
Answer: A. To scale up resources based on demand
Question 78 You have a DevOps team in your current organization structure. They are keen to know if there is any service available in AWS which can be used to manage infrastructure as code. Which of the following can be met with such a requirement? A. Using AWS CloudFormation B. Using AWS Config C. Using AWS Inspector D. Using AWS Trusted Advisor
Answer: A. Using AWS CloudFormation
Question 15 The main benefit of decoupling an application is to: A. Create a tightly integrated application B. Reduce inter-dependencies so failures do not impact other components C. Enable data synchronization across the web application layer D. Have the ability to execute automated bootstrapping actions
Answer: B reduce inter-dependencies so failures do not impact other components
Question 82 By default, who from the below roles has complete administrative control over all resources in the respective AWS account? A. AWS Support Team B. AWS Account Owner C. AWS Security Team D. AWS Technical Account Manager (TAM)
Answer: B. AWS Account Owner
Question 48 There is an external audit being carried out on your company. The IT auditor needs to have a log of all access to the AWS resources in the company's account. Which of the below services can assist in providing these details? A. AWS CloudWatch B. AWS CloudTrail C. AWS EC2 D. AWS SNS
Answer: B. AWS CloudTrail
Question 27 Which of the following is a fully managed NoSQL database service available with AWS? A. AWS RDS B. AWS DynamoDB C. AWS Redshift D. AWS MongoDB
Answer: B. AWS DynamoDB
Question 24 A disaster recovery strategy on AWS should be based on launching infrastructure in a separate: A. Subnet B. AWS Region C. AWS edge location D. Amazon Virtual Private Cloud (Amazon VPC)
Answer: B. AWS Region
Question 67 Which of the following networking component can be used to host EC2 resources in the AWS Cloud? A. AWS Trusted Advisor B. AWS VPC C. AWS Elastic Load Balancer D. AWS Autoscaling
Answer: B. AWS VPC
Question 62 Which of the following services can be used as a web application firewall in AWS? A. AWS EC2 B. AWS WAF C. AWS Firewall D. AWS Protection
Answer: B. AWS WAF
Question 66 Which of the following can be attached to EC2 Instances to store data? A. Amazon Glacier B. Amazon EBS Volumes C. Amazon EBS Snapshots D. Amazon SQS
Answer: B. Amazon EBS Volumes
Question 28 A company wants to store data that is not frequently accessed. What is the best and cost-efficient solution that should be considered? A. Amazon Storage Gateway B. Amazon Glacier C. Amazon EBS D. Amazon S3
Answer: B. Amazon Glacier
Question 96 Which of the following storage options is best when you want to store archive data? A. Amazon Storage Gateway B. Amazon Glacier C. Amazon EBS D. Amazon S3
Answer: B. Amazon Glacier
Question 100 A company is deploying a two-tier, highly available web application to AWS. The application needs a storage layer to store artifacts such as photos and videos. Which of the following services can be used as the underlying storage mechanism? A. Amazon EBS volume B. Amazon S3 C. Amazon EC2 instance store D. Amazon RDS instance
Answer: B. Amazon S3
Question 33 A company is deploying a two-tier, highly available web application to AWS. Which service provides durable storage for static content while utilizing lower Overall CPU resources for the web tier? A. Amazon EBS volume B. Amazon S3 C. Amazon EC2 instance store D. Amazon RDS instance
Answer: B. Amazon S3
Question 81 Your company has just started using the resources on the AWS Cloud. They want to get an idea on the costs being incurred so far for the resources being used. How can this be achieved? A. By going to the Amazon EC2 dashboard. Here you can see the costs of the running EC2 resources. B. By using the AWS Cost and Usage reports Explorer. Here you can see the running and forecast costs. C. By using the AWS Trusted Advisor dashboard. This dashboard will give you all the costs. D. By seeing the AWS Cloud Trail logs.
Answer: B. By using the AWS Cost and Usage reports Explorer. Here you can see the running and forecast costs.
Question 18 Systems applying the cloud architecture principle of elasticity will: A. Minimize storage requirements by reducing logging and auditing activities B. Create systems that scale to the required capacity based on changes in demand C. Enable AWS to automatically select the most cost-effective services D. Accelerate the design process because recovery from failure is automated, reducing the need for testing
Answer: B. Create systems that scale to the required capacity based on changes in demand
Question 57 Which of the following is the responsibility of the customer when ensuring that data on EBS volumes is left safe? A. Deleting the data when the device is destroyed B. Creating EBS snapshots C. Attaching volumes to EC2 Instances D. Creating copies of EBS Volumes
Answer: B. Creating EBS snapshots
Question 83 Your design team is planning to design an application that will be hosted on the AWS Cloud. One of their main non-functional requirements is given below. Reduce inter-dependencies so failures do not impact other components. Which of the following concepts does this requirement relate to? A. Integration B. Decoupling C. Aggregation D. Segregation
Answer: B. Decoupling
Question 92 Your company handles a crucial ecommerce application. This application needs to have an uptime of at least 99.5%. There is a decision to move the application to the AWS Cloud. Which of the following deployment strategies can help build a robust architecture for such an application? A. Deploying the application across multiple VPC's B. Deploying the application across multiple Regions C. Deploying the application across Edge locations D. Deploying the application across multiple subnets
Answer: B. Deploying the application across multiple Regions
Question 99 Which of the following is not a category recommendation given by the AWS Trusted Advisor? A. Security B. High Availability C. Cost Optimization D. Performance E. Fault tolerance
Answer: B. High Availability
Question 59 Which of the following is the secure way of using AWS API to call AWS services from EC2 Instances? A. IAM Users B. IAM Roles C. IAM Groups D. IAM policies
Answer: B. IAM Roles
Question 45 There is a requirement for a development and test environment for 3 months. Which would you use? A. Spot Instances B. On-Demand C. No Upfront costs Reserved D. Partial Upfront costs Reserved
Answer: B. On-Demand
Which of the following is a benefit of Amazon Elastic Compute Cloud (Amazon EC2) over physical servers? A. Automated backup B. Paying only for what you use C. The ability to choose hardware vendors D. Root /administrator access
Answer: B. Paying only for what you use
Question 87 Your company is planning to offload some of the batch processing workloads on to AWS. These jobs can be interrupted and resumed at any time. Which of the following instance types would be the most cost effective to use for this purpose? A. On-Demand B. Spot C. Full Upfront Reserved D. Partial Upfront Reserved
Answer: B. Spot
Question 93 Which of the following initiatives from AWS helps organizations reduce the overall expenditure for IT companies when they host resources on the AWS Cloud? A. They decommission older hardware B. They continually reduce the cost of cloud computing C. They use better security mechanisms, so you don't need to think about security at all D. They allow deployment of multiple resources
Answer: B. They continually reduce the cost of cloud computing
Question 64 Which of the following disaster recovery deployment mechanisms that has the lowest downtime? A. Pilot light B. Warm standby C. Backup Restore D. DevOps
Answer: B. Warm standby
Question 19 Amazon Elastic Compute Cloud (Amazon EC2) Spot instances are appropriate for which of the following workloads? A. Workloads that are only run in the morning and stopped at night B. Workloads where the availability of the Amazon EC2 instances can be flexible C. Workloads that need to run for long periods of time without interruption D. Workloads that are critical and need Amazon EC2 instances with termination protection
Answer: B. Workloads where the availability of the Amazon EC2 instances can be flexible
Question 26 Which AWS service is used to as a global content delivery network (CDN) service in AWS? A. Amazon SES B. Amazon CloudTrail C. Amazon CloudFront D. Amazon S3
Answer: C Amazon CloudFront
Question 75 Which of the following can be used to work with AWS services in a programmatic manner? A. AWS PowerShell B. AWS Bash C. AWS CLI D. AWS Console
Answer: C. AWS CLI
Question 98 Which of the following services helps provide a dedicate connection from on-premise infrastructure to resources hosted in the AWS Cloud? A. AWS VPC B. AWS VPN C. AWS Direct Connect D. AWS Subnets
Answer: C. AWS Direct Connect
Question 35 Which of the below mentioned services can be used to host virtual servers in the AWS Cloud? A. AWS IAM B. AWS Server C. AWS EC2 D. AWS Regions
Answer: C. AWS EC2
Question 4 Which AWS service provides infrastructure security optimization recommendations? A. AWS Price List Application Programming Interface (API) B. Reserved Instances C. AWS Trusted Advisor D. Amazon Elastic Compute Cloud (Amazon EC2) SpotFleet
Answer: C. AWS Trusted Advisor
Question 94 You are planning on deploying a video-based application onto the AWS Cloud. These videos will be accessed by users across the world. Which of the below services can help stream the content in an efficient manner to the users across the globe? A. Amazon SES B. Amazon CloudTrail C. Amazon CloudFront D. Amazon S3
Answer: C. Amazon CloudFront
Question 5 Which service allows for the collection and tracking of metrics for AWS services? A. Amazon CloudFront B. Amazon CloudSearch C. Amazon CloudWatch D. Amazon Machine Learning (Amazon ML)
Answer: C. Amazon CloudWatch
Question 72 There is a requirement to collect important metrics from AWS RDS and EC2 Instances. Which of the following services can help fulfil this requirement? A. Amazon CloudFront B. Amazon CloudSearch C. Amazon CloudWatch D. Amazon Config
Answer: C. Amazon CloudWatch
Question 37 You work for a company that is planning on using the AWS EC2 service. They currently create golden images of their deployed operating system. Which of the following correspond to a golden image in AWS? A. EBS Volumes B. EBS Snapshots C. Amazon Machines Images D. EC2 Copies
Answer: C. Amazon Machines Images
Question 9 Which of the following examples supports the cloud design principle "design for failure and nothing will fail''? A. Adding an elastic load balancer in front of a single Amazon Elastic Compute Cloud (Amazon EC2) instance B. Creating and deploying the most cost-effective solution C. Deploying an application in multiple Availability Zones D. Using Amazon CloudWatch alerts to monitor performance
Answer: C. Deploying an application in multiple Availability Zones
Question 84 Which of the following can be used to increase the fault tolerance of an application? A. Deploying resources across multiple edge locations B. Deploying resources across multiple VPC's C. Deploying resources across multiple Availability Zones D. Deploying resources across multiple AWS Accounts
Answer: C. Deploying resources across multiple Availability Zones
Question 42 Which of the following is NOT a feature of an edge location do? A. Distribute content to users B. Cache common responses C. Distribute load across multiple resources D. Used in conjunction with the CloudFront service
Answer: C. Distribute load across multiple resources
Question 51 A company wants to host a self-managed database in AWS. How would you ideally implement this solution? A. Using the AWS DynamoDB service B. Using the AWS RDS service C. Hosting a database on an EC2 Instance D. Using the Amazon Aurora service
Answer: C. Hosting a database on an EC2 Instance
Question 50 Your company has a set of EC2 Instances hosted in AWS. There is a requirement to create snapshots from the EBS volumes attached to these EC2 Instances in another geographical location. As per this requirement, where would you create the snapshots? A. In another Availability Zone B. In another data center C. In another Region D. In another Edge location
Answer: C. In another Region
Question 32 The Trusted Advisor service provides insight regarding which four categories of an AWS account? A. Security, fault tolerance, high availability, and connectivity B. Security, access control, high availability, and performance C. Performance, cost optimization, security, and fault tolerance D. Performance, cost optimization, access control, and connectivity
Answer: C. Performance, cost optimization, security, and fault tolerance
Question 70 Your company is planning to move to the AWS Cloud. You need to give a presentation on the cost perspective when moving existing resources to the AWS Cloud. When it comes to Amazon EC2, which of the following is an advantage when it comes to the cost perspective? A. Having the ability of automated backups of the EC2 instance, so that you don't need to worry about the maintenance costs. B. The ability to choose low cost AMI's to prepare the EC2 Instances C. The ability to only pay for what you use D. Ability to tag instances to reduce the overall cost
Answer: C. The ability to only pay for what you use
Question 6 A company needs to know which user was responsible for terminating several critical Amazon Elastic Compute Cloud (Amazon EC2) Instances. Where can the customer find this information? A. AWS Trusted Advisor B. Amazon EC2 instance usage report C. Amazon CloudWatch D. AWS CloudTrail logs
Answer: D. AWS CloudTrail logs
Question 21 Which tool can display the distribution of AWS spending? A. AWS organizations B. Amazon Dev Pay C. AWS Trusted Advisor D. AWS Cost Explorer
Answer: D. AWS Cost Explorer
Question 10 Which service allows an administrator to create and modify AWS user permissions? A. AWS Config B. AWS Cloud Trail C. AWS Key Management Service (AWS KMS) D. AWS Identity and Access Management (IAM)
Answer: D. AWS Identity and Access Management (IAM)
Question 77 Currently your organization has an operational team that takes care of ID management in their on-premise data center. They now also need to manage users and groups created in AWS. Which of the following AWS tools would they need to use for performing this management function? A. AWS Config B. AWS Cloud Trail C. AWS Key Management Service (AWS KMS) D. AWS Identity and Access Management (IAM)
Answer: D. AWS Identity and Access Management (IAM)
Question 68 Your company is planning to host resources in the AWS Cloud. They want to use services which can be used to decouple resources hosted on the cloud. Which of the following services can help fulfil this requirement? A. AWS EBS Volumes B. AWS EBS Snapshots C. AWS Glacier D. AWS SQS
Answer: D. AWS SQS
Question 69 Which of the following components of the CloudFront service can be used to distribute contents to users across the globe? A. Amazon VPC B. Amazon Regions C. Amazon Availability Zones D. Amazon Edge locations
Answer: D. Amazon Edge locations
Question 40 Which of the following in the AWS Support plans gives access to a Support Concierge? A. Basic B. Developer C. Business D. Enterprise
Answer: D. Enterprise
Question 41 A company is planning to use AWS to host critical resources. Most of their systems are business critical and need to have response times less than 15 minutes. Which of the following support plans should they consider? A. Basic B. Developer C. Business D. Enterprise
Answer: D. Enterprise
Question 16 Which of the following is a benefit of running an application across two Availability Zones? A. Performance is improved over running in a single Availability Zone. B. It is more secure than running in a single Availability Zone. C. It significantly reduces the total cost of ownership versus running in a single Availability Zone. D. It increases the availability of an application compared to running in a single Availability Zone.
Answer: D. It increases the availability of an application compared to running in a single Availability Zone.
Question 31 As per the AWS Acceptable Use Policy, penetration testing of EC2 instances: A. May be performed by AWS and will be performed by AWS upon customer request B. May be performed by AWS and is periodically performed by AWS C. Are expressly prohibited under all circumstances D. May be performed by the customer on their own instances with prior authorization from AWS E. May be performed by the customer on their own instances, only if performed from EC2 instances
Answer: D. May be performed by the customer on their own instances with prior authorization from AWS
Question 63 You want to add an extra layer of protection to the current authentication mechanism of user names and passwords for AWS. Which of the following can help in this regard? A. Using Password Policies B. Using a mix of user names C. Using AWS WAF D. Using MFA
Answer: D. Using MFA
Question 71 Your company is planning on moving to the AWS Cloud. Once the movement to the Cloud is complete, they want to ensure that the right security settings are put in place. Which of the below tools can assist with security compliance. Choose 2 answers from the options given below: A. AWS Inspector B. AWS Trusted Advisor C. AWS Support D. AWS Kinesis
Answer: A. AWS Inspector B. AWS Trusted Advisor
Question 13 Where can a customer go to get more detail about Amazon Elastic Compute Cloud (Amazon EC2) billing activity that took place 3 month ago? A. Amazon EC2 dashboard B. AWS Cost and Usage reports C. AWS Trusted Advisor dashboard D. AWS Cloud Trail logs stored in Amazon Simple Storage Service (Amazon S3)
Answer: B. AWS Cost and Usage reports
Question 80 Which of the following is the responsibility of AWS according to the Shared Security Model? Choose 3 answers from the options given below: A. Managing AWS Identity and Access Management (IAM) B. Securing edge locations C. Monitoring physical device security D. Implementing service organization Control (SOC) standards
Answer: B. Securing edge locations C. Monitoring physical device security D. Implementing service organization Control (SOC) standards
Question 65 Which of the following services in AWS allows for object level storage on the cloud? A. Amazon EBS B. Amazon Storage gateway C. Amazon S3 D. Amazon SQS
Answer: C. Amazon S3
Question 2 Which of the following services uses AWS edge locations? A. Amazon Virtual Private Cloud (Amazon VPC) B. Amazon CloudFront C. Amazon Elastic Compute Cloud (Amazon EC2) D. AWS Storage Gateway
B. Amazon CloudFront
Question 1 Which AWS services can be used to store files? Choose 2 answers from the options given below A. Amazon CloudWatch B. Amazon Simple Storage Service (Amazon S3) C. Amazon Elastic Block Store (Amazon EBS) D. AWS Config E. Amazon Athena
B. Amazon Simple Storage Service (Amazon S3) C. Amazon Elastic Block Store (Amazon EBS)