AWS Cloud Practitioner Essentials
Which action can a person perform in Amazon CloudFront? Provision resources by using programming languages or a text file. Deliver content to customers through a global network of edge locations. Run infrastructure in a hybrid cloud approach. Provision an isolated section of the AWS Cloud to launch resources in a virtual network that a person defines.
The correct response is Deliver content to customers through a global network of edge locations. Amazon CloudFront is a content delivery service. It uses a network of edge locations to cache content and deliver content to customers all over the world. When content is cached, it is stored locally as a copy. This content might be video files, photos, webpages, and so on.
Which statement best describes AWS Marketplace? A resource that can answer questions about best practices and assist with troubleshooting issues A resource that provides guidance, architectural reviews, and ongoing communication with companies as they plan, deploy, and optimize their applications An online tool that inspects an AWS environment and provides real-time guidance in accordance with AWS best practices A digital catalog that includes thousands of software listings from independent software vendors
The correct response option is A digital catalog that includes thousands of listings from independent software vendors. Businesses can use AWS Marketplace to find, test, and buy software that runs on AWS.
Which statement best describes an Availability Zone? A site that Amazon CloudFront uses to cache copies of content for faster delivery to users at any location The server from which Amazon CloudFront gets files A fully isolated portion of the AWS global infrastructure A separate geographical location with multiple locations that are isolated from each other
The correct response option is A fully isolated portion of the AWS global infrastructure. An Availability Zone is a single data center or a group of data centers within a Region. Availability Zones are located tens of miles apart from each other. This helps them to provide interconnectivity to support the services and applications that run within a Region.
Which statement best describes Elastic Load Balancing? A service that distributes incoming traffic across multiple targets, such as Amazon EC2 instances A service that provides data for monitoring applications, optimize resource utilization, and respond to system-wide performance changes A service that monitors applications and automatically adds or removes capacity from resource groups in response to changing demand A service that provides the capability to create, manage, and scale a distributed in-memory or cache environment in the cloud
The correct response option is A service that distributes incoming traffic across multiple targets, such as Amazon EC2 instances.
Which statement best describes Amazon GuardDuty? A service that provides intelligent threat detection for AWS infrastructure and resources A service that checks applications for security vulnerabilities and deviations from security best practices A service that monitors network requests for web applications A service that helps protect applications against distributed denial-of-service (DDoS) attacks
The correct response option is A service that provides intelligent threat detection for your AWS infrastructure and resources. AWS GuardDuty identifies threats by continually monitoring the network activity and account behavior within an AWS environment.
Which service provides review details for user activities and API calls that have occurred within an AWS environment? AWS Trusted Advisor Amazon Inspector Amazon CloudWatch AWS CloudTrail
The correct response option is AWS CloudTrail. With CloudTrail, a person can view a complete history of user activity and API calls for their applications and resources. Events are typically updated in CloudTrail within 15 minutes after an API call was made. A person can filter events by specifying the time and date that an API call occurred, the user who requested the action, the type of resource that was involved in the API call, and more.
Which tool provides automation actions for AWS services and applications through scripts? AWS Command Line Interface AWS Snowball Amazon Redshift Amazon QLDB
The correct response option is AWS Command Line Interface. The AWS Command Line Interface (AWS CLI) provides the capability to control multiple AWS services directly from the command line within one tool. For example, a person can use commands to start an Amazon EC2 instance, connect an Amazon EC2 instance to a specific Auto Scaling group, and more. The AWS CLI is available for users on Windows, macOS, and Linux.
Which tool provides the capability to visualize, understand, and manage AWS costs and usage over time? AWS Artifact AWS Cost Explorer AWS Budgets AWS Pricing Calculator
The correct response option is AWS Cost Explorer. With AWS Cost Explorer, businesses can quickly create custom reports to analyze their AWS cost and usage data.
Which component or service establishes a dedicated private connection between an on-premises data center and virtual private cloud (VPC)? Virtual private gateway Amazon CloudFront Internet gateway AWS Direct Connect
The correct response option is AWS Direct Connect. AWS Direct Connect is a service that establishes a dedicated private connection between an on-premises data center and VPC. The private connection that AWS Direct Connect provides helps reduce network costs and increase the amount of bandwidth that can travel through a network.
Which service provides the capability to quickly deploy and scale applications on AWS? AWS Snowball Correctly unselected AWS Outposts Correctly unselected Amazon CloudFront Correctly unselected AWS Elastic Beanstalk
The correct response option is AWS Elastic Beanstalk. Businesses upload their application, and Elastic Beanstalk automatically handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring.
Which service consolidates and manages multiple AWS accounts from a central location? AWS Key Management Service (AWS KMS) AWS Identity and Access Management (IAM) AWS Artifact AWS Organizations
The correct response option is AWS Organizations. In AWS Organizations, businesses centrally control permissions for their accounts by using service control policies (SCPs). Additionally, businesses can use the consolidated billing feature in AWS Organizations to combine usage and receive a single bill for multiple AWS accounts.
Which service is used to transfer up to 100 PB of data to AWS? AWS DeepRacer AWS Snowmobile Amazon CloudFront Amazon Neptune
The correct response option is AWS Snowmobile. AWS Snowmobile is a service that is used for transferring up to 100 PB of data to AWS. Each Snowmobile is a 45-foot long shipping container that is pulled by a semi-trailer truck.
Which service builds the workflows that are required for human review of machine learning predictions? Amazon Aurora Amazon Augmented AI Amazon Textract Amazon Lex
The correct response option is Amazon Augmented AI. Amazon Augmented AI (Amazon A2I) provides built-in human review workflows for common machine learning use cases, such as content moderation and text extraction from documents. With Amazon A2I, a person can also create their own workflows for machine learning models built on Amazon SageMaker or any other tools.
An application developer wants to store data in a key-value database. Which service should they use? Amazon RDS Amazon Aurora Amazon DynamoDB Amazon DocumentDB
The correct response option is Amazon DynamoDB. Amazon DynamoDB is a key-value database service. A key-value database might include data pairs such as "Name: John Doe," "Address: 123 Any Street," and "City: Anytown". In a key-value database, you can add or remove attributes from items in the table at any time. Additionally, not every item in the table has to have the same attributes.
A cloud engineer wants to store data in a volume that is attached to an Amazon EC2 instance. Which service should they use? AWS Lambda Amazon Elastic Block Store (Amazon EBS) Amazon Simple Storage Service (Amazon S3) Amazon ElastiCache
The correct response option is Amazon Elastic Block Store (Amazon EBS). Amazon EBS provides block-level storage volumes for Amazon EC2 instances. If a person stops or terminates an Amazon EC2 instance, all the data on the attached EBS volume remains available.
Which service runs containerized applications on AWS? Amazon Elastic Kubernetes Service (Amazon EKS) Amazon Redshift Amazon SageMaker Amazon Aurora
The correct response option is Amazon Elastic Kubernetes Service (Amazon EKS). Amazon EKS is a fully managed service that runs Kubernetes on AWS. Kubernetes is open-source software that deploys and manages containerized applications at scale.
A cloud architect wants Amazon S3 to monitor object access patterns. Which storage class should they use? Amazon S3 Standard-IA Amazon S3 Glacier Flexible Retrieval Amazon S3 One Zone-IA Amazon S3 Intelligent-Tiering
The correct response option is Amazon S3 Intelligent-Tiering. In the Amazon S3 Intelligent-Tiering storage class, Amazon S3 monitors object access patterns. If an object has not been accessed for 30 consecutive days, Amazon S3 automatically moves it to the infrequent access tier, Amazon S3 Standard-IA. If an object is accessed in the infrequent access tier, Amazon S3 automatically moves it to the frequent access tier, Amazon S3 Standard.
An application developer wants to send and receive messages between distributed application components. Which service should they use? Amazon Simple Queue Service (Amazon SQS) AWS Snowball Amazon Route 53 Amazon ElastiCache
The correct response option is Amazon Simple Queue Service (Amazon SQS). Amazon SQS is a message queuing service. Using Amazon SQS, an application developer can send, store, and receive messages between software components at any volume size, without losing messages or requiring other services to be available. In Amazon SQS, an application sends messages into a queue. A user or service retrieves a message from the queue, processes it, and then deletes it from the queue.
Which statement is TRUE for AWS Lambda? To use AWS Lambda, businesses must configure the servers that run their code. The first step in using AWS Lambda is provisioning a server. Businesses pay only for compute time while their code is running. Before using AWS Lambda, a business must prepay for their estimated compute time.
The correct response option is Businesses pay only for compute time while their code is running. AWS Lambda is a service that runs code without needing to provision or manage servers. While using AWS Lambda, businesses pay only for the compute time that they consume. They are charged only when their application code is running. With AWS Lambda, they can run code for virtually any type of application or backend service, all with zero administration.
Which Amazon EC2 pricing option reduces costs when a business makes an hourly spend commitment to an instance family and Region for a 1-year or 3-year term? EC2 Instance Savings Plans Dedicated Hosts Reserved Instances Spot Instances
The correct response option is EC2 Instance Savings Plans. EC2 Instance Savings Plans reduces compute costs by committing to a consistent hourly spend for a 1-year or 3-year term. This results in savings of up to 72% over On-Demand Instance costs. Any EC2 usage up to the commitment is charged at the discounted Savings Plan rate (for example, $10 an hour). Any EC2 usage beyond the commitment is charged at regular On-Demand Instance rates.
Which Perspective of the AWS Cloud Adoption Framework focuses on recovering IT workloads to meet the requirements of business stakeholders? People Perspective Operations Perspective Governance Perspective Business Perspective
The correct response option is Operations Perspective. The Operations Perspective of the AWS Cloud Adoption Framework also includes principles for operating in the cloud by using agile best practices.
Which pillar of the AWS Well-Architected Framework focuses on using computing resources in ways that meet system requirements? Security Reliability Performance Efficiency Operational Excellence
The correct response option is Performance Efficiency. The Performance Efficiency pillar focuses on using computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve.
Which AWS Trusted Advisor category includes checks for high-utilization EC2 instances? Performance Cost Optimization Fault Tolerance Security
The correct response option is Performance. In this category, AWS Trusted Advisor also helps improve the performance of services by providing recommendations for how to take advantage of provisioned throughput.
Which migration strategy involves changing how an application is architected and developed, typically by using cloud-native features? Refactoring Replatforming Rehosting Repurchasing
The correct response option is Refactoring.
A cloud engineer is running an Amazon EC2 instance and wants to store data in an attached resource. Their data is temporary and will not be kept long term. Which resource should they use? Instance store Amazon Elastic Block Store (Amazon EBS) volume Subnet Amazon S3 bucket
The correct response option is instance store. Instance stores are ideal for temporary data that does not need to be kept long term. When an Amazon EC2 instance is stopped or terminated, all the data that has been written to the attached instance store is deleted.
Which virtual private cloud (VPC) component controls inbound and outbound traffic for Amazon EC2 instances? Subnet Network access control list Internet gateway Security group
The correct response option is security group. A security group is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance. By default, a security group denies all inbound traffic and allows all outbound traffic. Businesses can add custom rules to configure which traffic should be allowed or denied.
Which actions can a person perform in Amazon Route 53? (Select TWO.) Manage DNS records for domain names. Monitor applications and respond to system-wide performance changes. Automate the deployment of workloads into an AWS environment. Access AWS security and compliance reports and select online agreements. Connect user requests to infrastructure in AWS and outside of AWS.
The correct two response options are: Connect user requests to infrastructure in AWS and outside of AWS. Manage DNS records for domain names. Amazon Route 53 is a DNS web service. It gives developers and businesses a reliable way to route end users to internet applications that are hosted in AWS. Additionally, businesses can transfer DNS records for existing domain names that are currently managed by other domain registrars, or register new domain names directly within Amazon Route 53.
Which tasks are the responsibilities of AWS? (Select TWO.) Configuring AWS infrastructure devices Training company employees on how to use AWS services Configuring security groups on Amazon EC2 instances Maintaining virtualization infrastructure Creating IAM users and groups
The two correct response options are: Maintaining virtualization infrastructure Configuring AWS infrastructure devices
Which Support plans include access to all AWS Trusted Advisor checks? (Select TWO.) Business Enterprise Basic Developer AWS Free Tier
The two correct response options are: Enterprise Business
In the S3 Intelligent-Tiering storage class, Amazon S3 moves objects between a frequent access tier and an infrequent access tier. Which storage classes are used for these tiers? (Select TWO.) S3 Glacier Flexible Retrieval S3 Standard-IA S3 Glacier Deep Archive S3 Standard S3 One Zone-IA
The two correct response options are: S3 Standard S3 Standard-IA
