AWS Cloud Practitioner Exam
What is the pricing model that allows AWS customers to pay for resources on an as needed basis? A. Pay as you go B. Pay as you reserve C. Pay as you use D. Pay as you buy E. Pay as you own
A
True or False: With Consolidated Billing, the Paying Account can make changes to any of the resources owned by a Linked Account. A. False B. True
A
What AWS feature enables a user to manage services through a web-based user interface? A. AWS Management Console B. AWS Application Programming interface (API) C. AWS Software Development Kit (SDK) D. Amazon CloudWatch
A
What is the value of having AWS Cloud services accessible through an Application Programming interface (API)? A. Cloud resources can be managed programmatically B. AWS infrastructure use will always be cost-optimized. C. Al application testing is managed by AWS D. Customer-owned, on-premises infrastructure becomes programmable
A
Which AWS Cloud service is used to turn on Multi-Factor Authentication (MFA)? A. AWS Identity and Access Management (IAM) B. Amazon Elastic Compute Cloud (Amazon EC2) C. AWS Config D. Amazon Inspector
A
Which AWS service automates infrastructure provisioning and administrative tasks for an analytical data warehouse? A. Amazon Redshift B. Amazon DynamoDB C. Amazon ElasticCache D. Amazon Aurora
A
Which of the following AWS services can help you assess the fault-tolerance of your AWS environment? A. AWS Trusted Advisor B. AWS Inspector C. AWS WAF D. AWS Shield
A
Which of the following EC2 options is best for long-term workloads with predictable usage patterns? A. Reserved instances B. On-Demand instances C. Spot instances D. Dedicated Host
A
Which of the following Route 53 policies allow you to a) route data to a second resource if the first is unhealthy, and b) route data to resources that have better performance? A. Failover Routing and Latency-based Routing B. Failover Routing and Simple Routing C. Geoproximity Routing and Geolocation Routing D. Geolocation Routing and Latency-based Routing
A
Which of the following is NOT an advantage of cloud computing over on-premise computing? A. Pay for racking, stacking and powering servers B. Trade capital expense for variable expense C. Eliminate guessing on your infrastructure capacity needs D. Benefit from massive economies of scale increase speed and agility
A
Which of the following is a factor when calculating Total Cost of Ownership (TCO) A. The number of servers migrated to AWS B. The number of users migrated to AWS C. The number of passwords migrated to AWS D. The number of keys migrated to AWS
A
Which of the following is not a fundamental AWS charge? A. Data-in B. Storage C. Compute D. Data-out
A
Which of the following is the responsibility of the AWS customer according to the Shared Security Model? A. Managing AWS Identity and Access Management (IAM) B. Securing edge locations C. Monitoring physical device security D. Implementing Service Organization Control (SOC) standards
A
Which of the following services will help you optimize your entire AWS environment in real time following AWS best practices? A. AWS Trusted Advisor B. AWS Shield C. AWS WAF D. AWS Inspector
A
Which service should an administrator use to register a new domain name with AWS? A. Amazon Route 53 B. Amazon CloudFront C. Elastic load Balancing D. Amazon Virtual Private Cloud (Amazon VPC)
A
Which service would you use to send alerts based on Amazon CloudWatch alarms? A. Amazon Simple Notification Service (Amazon SNS) B. AWS CloudTrail C. AWS Trusted Advisor D. Amazon Route 53
A
You need to host a file in a location that's publicly accessible from anywhere in the world. Which AWS service would best meet that need? A. S3 B. EC2 C. EBS D. RDS
A
Which of the following security requirements are managed by AWS customer? (Select 2) A. Password policies B. User permissions C. Physical Security D. Disk disposal E. Hardware patching
A, B
Which of the following are steps you should take in securing your AWS account? (Choose 3) A. Use Groups to assign permissions to IAM users. B. Activate Multifactor Authentication (MFA) on your root account. C. Create individual IAM users. D. Create a Root IAM role.
A, B, C
Which of the following are principles of sound cloud design? (Choose 4) A. Disposable resources B. Infrastructure as code C. Assume *everything* will fail. D. Treat your servers like pets, not cattle. E. Limit the number of 3rd-party services. F. Tightly-coupled components G. Scalability
A, B, C, G
Choose the features of Consolidated Billing. (Choose 3) A. Account charges can be tracked individually B. Multiple standalone accounts are combined and may reduce your overall bill C. Charging is based per VPC D. A single bill is issued containing the charges for all AWS Accounts
A, B, D
Which of the following AWS services should you use if you'd like to be notified when you have crossed a billing threshold? (Choose 2) A. AWS Bugdet B. Trusted Advisor C. CloudWatch D. AWS Cost Allocation
A, C
Which of the following are characteristics of cloud computing? (Choose 3) A. On-demand delivery B. Cloud charges are capital expenditures. C. Services are delivered via the Internet. D. Pay-as-you-go pricing
A, C, D
Which of the following are types of cloud computing deployments? (Choose 3) A. Hybrid cloud B. Mixed cloud C. Public cloud D. Private cloud
A, C, D
Which of the following are advantages of cloud computing? (Choose 4) A. Elasticity - you need not worry about capacity. B. Requires large amounts of capital C. Variable expense D. Increased speed and agility E. The ability to 'go global' in minutes
A, C, D, E
Which of the following is true about security groups? (Choose 2) A. Acts as a virtual firewall to control inbound and outbound traffic B. Acts as a virtual firewall to control outbound traffic only C. Acts as a virtual firewall to control inbound traffic only D. All inbound traffic is allowed and outbound traffic is denied by default E. All inbound traffic is denied and outbound traffic is allowed by default
A, D
Which of the following are NOT a benefit of AWS cloud computing? (Choose 2) A. Multiple procurement cycles B. Fault tolerant databases C. High latency D. Temporary and disposable resources E. High availability
A, E
A disaster recovery strategy on AWS should be based on launching infrastructure in a separate A. Subnet B. AWS Region C. AWS edge location D. Amazon Virtual Private Cloud (Amazon VPC)
B
Amazon Elastic Compute Cloud (Amazon EC2) Spot instances are appropriate for which of the following workloads? A. Workloads that are only run in the morning and stopped at night B. Workloads where the availability of the Amazon EC2 instances can be flexible C. Workloads that need to run for long periods of time without interruption D. Workloads that are critical and need Amazon EC2 instances with termination protection
B
Amazon Lightsail is an example of which of the following? A. Infrastructure as a Service B. Platform as a Service C. Software as a Service D. Functions as a Service
B
Which of the following is AWS's responsibility under the AWS shared responsibility model? A. Configuring third-party applications B. Maintaining physical hardware C. Securing application access and data D. Managing custom Amazon Machine Images (AMIs)
B
Which of the following is a benefit of Amazon Elastic Compute Cloud (Amazon EC2) over physical servers? A. Automated backup B. Paying only for what you use C. The ability to choose hardware vendors D. Root/administrator access
B
Which of the following services uses AWS edge locations? A. Amazon Virtual Private Cloud (Amazon VPC) B. Amazon CloudFront C. Amazon Elastic Compute Cloud (Amazon EC2) D. AWS Storage Gateway
B
Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated? A. Amazon CloudWatch B. AWS CloudTrail C. AWS X-Ray D. AWS Identity and Access Management (AWS IAM)
B
Who has control of the data in an AWS account? A. AWS Support Team B. AWS Account Owner C. AWS Security Team D. AWS Technical Account Manager (TAM)
B
You need to implement an automated service that will scan your AWS environment with the goal of both improving security and reducing costs. Which service should you use? A. Config Rules B. Trusted Advisor C. Service Catalog D. CloudTrail
B
You need to use an AWS service to assess the security and compliance of your EC2 instances. Which of the following services should you use? A. AWS Trusted Advisor B. AWS Inspector C. AWS Shield D. AWS WAF
B
What is true about Regions? (Choose 2) A. All regions are located in one specific geographic area B. Resources are replicated across all regions by default C. Physical location of your customers D. Physical location with multiple availability zones E. Each region is located in separate geographic area
D;E
Which of the following is AWS' managed database service that is up to 5X faster than a traditional MySQL database. A. MariaDB B. PostgreSQL C. Aurora D. DynamoDB
C
Which of the following is NOT an AWS region? A. Oregon B. Ireland C. Moscow D. Frankfurt E. Virginia
C
Which of the following is correct? A. # of Availability Zones > # of Regions > # of Edge Locations B.# of Availability Zones > # of Edge Locations > # of Regions C. # of Edge Locations > # of Availability Zones > # of Regions D. # of Regions > # of Availability Zones > # of Edge Locations
C
Which of the following is the document used to grant permissions to users, groups, and roles? A. Paradigm B. Passbook C. Policy D. Protocol
C
Which of the following support plans features a < 4-hour response time in the event of an impaired production system? A. Developer B. Basic C. Business D. Individual
C
Which of the following support plans features access to AWS Support during business hours via email? A. Enterprise B. Business C. Developer D. Basic
C
Which of the following support services do all accounts receive as standard? A. 24/7 support via phone and chat B. Technical support C. Billing support D. Technical Account Manager
C
Which service allows for the collection and tracking of metrics for AWS services? A. Amazon CloudFront B. Amazon CloudSearch C. Amazon CloudWatch D. Amazon Machine Learning (Amazon ML)
C
True or False: With AWS Organizations, you can use either just the Consolidated Billing feature, or all the offered features. A. True B. False
A
How can the AWS Management Console be secured against unauthorized access? A. Apply Multi-Factor Authentication (MFA) B. Set up a secondary password C. Request root access privileges D. Disable AWS console access
A
The AWS Web Application Firewall can go down to which of the following OSI layers? A. 7 B. 6 C. 4 D. 5
A
True or False: A CloudFront Origin can be an S3 bucket, an EC2 instance, an Elastic Load Balancer, or Route 53. A. True B. False
A
True or False: A Distribution is what we call a series of Edge Locations that make up CDN. A. True B. False
A
True or False: Access Control Lists are used to make entire buckets (like one hosting an S3 website) public. A. False B. True
A
True or False: It's safer to use Access Keys than it is to use IAM roles. A. False B. True
A
True or False: S3 Transfer Acceleration uses AWS' network of Availability Zones to more quickly get your data into AWS. A. False B. True
A
True or False: S3 is object storage suitable for the storage of 'flat' files like Word documents, photos, etc. A. True B. False
A
True or False: To restrict access to an entire bucket, you use bucket control lists; and to restrict access to an individual object, you use object policies. A. False B. True
A
Systems applying the cloud architecture principle of elasticity will A. Minimize storage requirements by reducing logging and auditing activities B. Create systems that scale to the required capacity based on changes in demand C. Enable AWS to automatically select the most cost-effective services D. Accelerate the design process because recovery from failure is automated, reducing the need for testing
B
The main benefit of decoupling an application is to A. Create a tightly integrated application B. Reduce inter-dependencies so failures do not impact other components C. Enable data synchronization across the web application layer D. Have the ability to execute automated bootstrapping actions
B
True or False: Both you and a friend can have an S3 bucket called 'mytestbucket'. A. True B. False
B
True or False: Identity Access Management (IAM) is a Regional service. A. True B. False
B
True or False: Objects stored in S3 are stored in a single, central location within AWS. A. True B. False
B
True or False: S3 can be used to host a dynamic website, like one that runs on a LAMP stack. A. True B. False
B
True or False: Security in the cloud is the responsibility of AWS. A. True B. False
B
True or False: The Standard version of AWS Shield offers automated application (layer 7) traffic monitoring. A. True B. False
B
True or False: There are more Regions than there are Availability Zones. A. True B. False
B
What AWS tool utilizes edge location to cache content and reduce latency> A. EC2 Instances B. AWS CloudFront C. EBS storage D. RDS E. VPCs
B
Which AWS service allows you to run code without having to worry about provisioning any underlying resources (such as virtual machines, databases etc.) A. EC2 B. Lambda C. DynamoDB D. EC2 Container Service
B
Which AWS service would simplify migration of a database to AWS? A. AWS Storage Gateway B. AWS Database Migration Service (AWS DMS) C. Amazon Elastic Compute Cloud (Amazon EC2) D. Amazon AppStream 2.0
B
Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? A. AWS Regions B. AWS edge locations C. AWS Availability Zones D. Amazon Virtual Private Cloud (Amazon VPC)
B
Which native AWS service will act as a file system mounted on an S3 bucket? A. Amazon Elastic File System B. AWS Storage Gateway C. Amazon S3 D. Amazon Elastic Block Store
B
Which of the following AWS Support levels offers the assistance of a Technical Account Manager? A. Elite B. Enterprise C. Business D. Developer
B
Which of the following Compliance guarantees attests to the fact that the AWS Platform has met the standard required for the secure storage of medical records in the US? A. HITECH B. HIPPA C. GLBA D. FERPA
B
Which of the following EC2 instance types will realize a savings over time in exchange for a contracted term-of-service? A. On-demand instances B. Reserved instances C. Spot instances D. Discount instances
B
Which of the following are not valid CloudFormation template sections? A. Outputs B. Options C. Parameters D. Resources
B
Which of the following best describes a Resource Group? A. A resource group is a collection of resources that are deployed in the same AWS Region. B. A resource group is a collection of resources that share one or more tags (or portions of tags.) C. A resource group is a collection of resources of the same type (EC2, S3, etc.) that are deployed in the same Availability Zone. D. A resource group is a collection of resources of the same type (EC2, S3, etc.) that share one or more tags or portions of tags.
B
Which AWS services can be used to store files? (Select Two) A. Amazon CloudWatch B. Amazon Simple Storage Service (Amazon S3) C. Amazon Elastic Block Store (Amazon EBS) D. AWS config E. Amazon Athena
B, C
Which of the following are Support Levels offered by AWS? (Choose 3) A. Individual B. Business C. Developer D. Start-up E. Basic
B, C, E
Which of the following are AWS compute services? (Choose 2) A. SNS B. Lambda C. EBS D. EC2
B, D
Which of the following are advantages of AWS cloud security? (Choose 2) A. AWS retains complete control and ownership of your data region B. You retain complete control and ownership of your data region C. AWS infrastructure security auditing is periodic and manual D. AWS uses multi-factor access control systems E. AWS uses single-factor access control systems
B, D
Which of the following are valid EC2 pricing options? (Choose 2) A. Enterprise B. On-Demand C. Stop D. Reserved
B, D
Which of the following support plans features unlimited (customer-side) contacts and unlimited support cases? (Choose 2) A. Basic B. Enterprise C. Developer D. Business
B, D
Which of the following are valid access types for an IAM user? (Choose 3) A. Emergency access via Identity Access Management (IAM) B. Using the AWS Software Developers Kit C. Security Group access via the AWS command line D. Programmatic access via the command line E. AWS Management Console access
B, D, E
Which of the following AWS tools help your application scale up or down based on demand? (Choose 2) A. AWS CloudFormation B. Auto Scaling C. Auto Availability Zones D. Agile Load Balancing E. Elastic Load Balancing
B, E
By default, what is the maximum number of Linked Accounts per Paying Account under Consolidated Billing? A. 10 B. 50 C. 20 D. 100
C
How would a system administrator add an additional layer of login security to a user's AWS Management Console? A. Use AWS Cloud Directory B. Audit AWS Identity and Access Management (IAM) roles C. Enable Multi-Factor Authentication D. Enable AWS CloudTrail
C
In which of the following is CloudFront content cached? A. Availability Zone B. Region C. Edge Location D. Data Center
C
There are at least _______ Availability Zones per AWS Region. A. 3 B. 4 C. 2 D. 1
C
Under the Shared Responsibility model, for which of the following does AWS not assume responsibility? A. Hypervisors B. Networking C. Customer data D. Physical security of AWS facilities
C
Which AWS service is specifically designed to assist you in processing large data sets? A. AWS Big Data Processing B. EC2 C. EMR D. ElastiCache
C
Which AWS service provides infrastructure security optimization recommendations? A. AWS Price List Application Programming interface (API) B. Reserved instances C. AWS Trusted Advisor D. Amazon Elastic Compute Cloud (Amazon EC2) Spot Fleet
C
Which of the following AWS Support levels offers 24x7 support via phone or chat? A. Developer B. Basic C. Business D. Individual
C
Which of the following AWS services can assist you with cost optimization? A. AWS WAF B. AWS Inspector C. AWS Trusted Advisor D. AWS Shield
C
Which of the following best describes Availability Zones? A. Two zones containing compute resources that are designed to automatically maintain synchronized copies of each other's data. B. A Content Distribution Network used to deliver content to users. C. Distinct locations from within an AWS region that are engineered to be isolated from failures. D. Restricted areas designed specifically for the creation of Virtual Private Clouds.
C
Which of the following data archival services is extremely inexpensive, but has a several hour data-retrieval window? A. S3-1Zone-IA B. S3-IA C. Glacier D. S3 E. S3-RRS
C
Which of the following examples supports the cloud design principle "design for failure and nothing will fail?" A. Adding an elastic load balancer in front of a single B. Amazon Elastic Compute Cloud (Amazon EC2) instance B. Creating and deploying the most cost-effective solution C. Deploying an application in multiple Availability Zones D. Using Amazon CloudWatch alerts to monitor performance
C
Which of the following is AWS' managed DDoS protection service? A. AWS WAF B. Security Groups C. AWS Shield D. Access Control Lists
C
Why is AWS more economical than traditional data centers for applications with varying compute workloads? A. Amazon Elastic Compute Cloud (Amazon EC2) costs are billed on a monthly basis. B. Customers retain full administrative access to their Amazon EC2 instances. C. Amazon EC2 instances can be launched on-demand when needed. D).Customers can permanently run enough instances to handle peak workloads.
C
Which of the following statements are true about Availability Zones? (Choose 2) A. A single zone equals a single data center B. Multiple zones are physically connected on the same grid C. Multiple zones are connected by low latency network links D. Multiple zones will fail if one zone fails E. A single zone can span multiple data centers
C, E
Which of the following are criteria affecting your billing for RDS? (Choose 3) A. Standby time B. Data transfer in C. Additional storage D. Number of requests E. Clock hours of server time
C, D, E
A company needs to know which user was responsible for terminating several critical Amazon Elastic Compute Cloud (Amazon EC2) instances. A. AWS Trusted Advisor B. Amazon EC2 instance usage report C. Amazon CloudWatch D. AWS CloudTrail logs
D
How does an edge location help end users? A. Increases latency B. Reduces power consumption C. Increases storage D. Reduces latency E. Reduces scaling
D
IAM policies are written using ________. A. SGML B. XML C. SAML D. JSON
D
What is the number one reason customers are switching to cloud computing? A. Automation B. Overprovisioning C. Finite infrastructure D. Agility E. Instant Configuration
D
Where can a customer find information about prohibited actions on AWS infrastructure? A. AWS Trusted Advisor B. AWS Identity and Access Management (IAM) C. AWS Billing Console D. AWS Acceptable Use Policy
D
Where can a customer go to get more detail about Amazon Elastic Cloud (Amazon EC2) billing activity that took place 3 months ago? A. Amazon EC2 dashboard B. AWS Cost and Usage reports C. AWS Trusted Advisor dashboard D. AWs CloudTrail logs stored in Amazon Simple Storage Service (Amazon S3)
D
Which AWS networking service enables a company to create a virtual network within AWS? A. AWS Config B. Amazon Route 53 C. AWS Direct Connect D. Amazon Virtual Private Cloud (Amazon VPC)
D
Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment? A. AWS Config B. AWS OpsWorks C. AWS SDK D. AWS Marketplace
D
Which of the following AWS services should you use to migrate an existing database to AWS? A. Route 53 B. Storage Gateway C. SNS D. DMS
D
Which of the following Compliance certifications attests to the security of the AWS platform regarding credit card transactions? A. SOC 1 B. ISO 27001 C. SOC 2 D. PCI DSS Level 1
D
Which of the following best describes EBS? A. A managed database service B. A NoSQL database service C. A bitcoin-mining service D. A virtual hard-disk in the cloud
D
Which of the following best describes an AWS Region? A. A collection of data centers that is spread evenly around a specific continent. B. A console that gives you a quick, global picture of your cloud computing environment. C. A collection of databases that can only be accessed from a specific geographic region. D. A distinct location within a geographic area designed to provide high availability to a specific geography.
D
Which of the following is AWS' Data Warehousing service? A. Elastic Map Reduce B. Snowball C. S3 Big Data D. Redshift
D
Which of the following is a benefit of running an application across two Availability Zones? A. Performance is improved over running in a single Availability Zone B. It is more secure than running in a single Availability Zone C. It significantly reduces the total cost of ownership versus running in a single Availability Zone D. It increases the availability of an application compared to running in a single Availability Zone
D
Which of the following is not a feature of AWS Organizations? A. Grouping all of your AWS accounts into Organisational Units (OUs) as part of a hierarchy B. Hierarchical based control over groups of IAM users and roles, within multiple Accounts C. AWS accounts which are members of an Organization can have the benefit of Consolidated Billing D. Granular configuration of Security Groups within a VPC
D
Which service allows an administrator to create and modify AWS user Permissions? A. AWS Config B. AWS CloudTrail C. AWS Key Management Service (AWS KMS) D. AWS Identity and Access Management (IAM)
D
Which tool can display the distribution of AWS spending? A. AWS Organizations B. Amazon DevPay C. AWS Trusted Advisor D. AWS Cost Explorer
D
You have a mission-critical application which must be globally available at all times. Which deployment strategy should you follow? A. Multi-VPC in two AWS Regions B. Deploy to all Availability Zones in your home region. C. Multi-Availability Zone D. Multi-Region
D
You have a project that will require 90 hours of computing time. There is no deadline, and the work can be stopped and restarted without adverse effect. Which of the following computing options offers the most cost-effective solution? A. Reserved instances B. On-demand instances C. ECS instances D. Spot instances
D
Your Development team uses four on-demand EC2 instances and your QA team has 5 reserved instances, only three of which are being used. Assuming all AWS accounts are under a single AWS Organization, how will the Development team's instances be billed? A. The pricing for the reserved instances will shift from QA to Dev. B. All the Dev team's instances will be billed at the on-demand rate. C. All the Dev instances will be billed at the reserved instance rate. D. The Dev team will be billed for two instances at on-demand prices and two instances at the reserved instance price.
D
Which of the following AWS services are free to use? (Choose 5) A. EC2 B. RDS C. S3 D. CloudFormation E. Elastic Beanstalk F. Route53 G. Auto-Scaling H. VPC I. EBS J. IAM
D, E, G, H, J