AWS Cloud Practitioner Exam Questions

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Distributing workloads across multiple Availability Zones supports which cloud architecture design principle? Implement automation. Design for agility. Design for failure. Implement elasticity

Implement automation

True or False: If you create a Classic Load Balancer via the AWS Management Console, cross-Availability Zone load balancing is enabled by default.

True

True or False: Using IAM Groups is the recommended way to manage IAM users' permissions by job function.

True

True or False: With DynamoDB, you can specify the amount of throughput you need for read and write operations.

True

Which of the following are key components of Amazon Glacier?

Vault Access Policy Archive (NOT BUCKET)

True or False: Auto Scaling allows you to add or remove EC2 instances from your EC2 fleet based on conditions you specify.

True

True or False: By default, all subnets within a VPC can communicate with each other.

True

The AWS Web Application Firewall can go down to which of the following OSI layers? 7 6 5 4

7 (WAF operates down to Layer 7)

Which of the following best describes an AWS Region?

A distinct location within a geographic area designed to provide high availability to a specific geography.

Which of the following best describes a Resource Group? A resource group is a collection of resources that are deployed in the same Availability Zone. A resource group is a collection of resources of the same type (EC2, S3, etc.) that are deployed in the same Availability Zone. A resource group is a collection of resources of the same type (EC2, S3, etc.) that share one or more tags or portions of tags. A resource group is a collection of resources that share one or more tags (or portions of tags.)

A resource group is a collection of resources that share one or more tags (or portions of tags.)

Which of the following best describes EBS?

A virtual hard-disk in the cloud

Where can a customer find information about prohibited actions on AWS infrastructure? AWS Trusted Advisor AWS Identity and Access Management (IAM) AWS Billing Console AWS Acceptable Use Policy

AWS Acceptable Use Policy

The use of what AWS feature or service allows companies to track and categorize spending on a detailed level? Cost allocation tags Consolidated billing AWS Budgets AWS Marketplace

AWS Budgets

Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated? Amazon CloudWatch AWS CloudTrail AWS X-Ray AWS Identity and Access Management (AWS IAM)

AWS CloudTrail

You are an AWS Enterprise customer with questions about billing and your overall AWS account. Which of the following AWS support personnel should you contact?

AWS Concierge

Which of the following AWS services should you use to migrate an existing database to AWS?

AWS DMS

Which AWS service would simplify migration of a database to AWS? AWS Storage Gateway AWS Database Migration Service (AWS DMS) Amazon Elastic Compute Cloud (Amazon EC2) Amazon AppStream 2.0

AWS Database Migration Service (AWS DMS)

Which of the following are valid access types for an IAM user? Emergency access via Identity Access Management (IAM) AWS Management Console access Using the AWS Software Developers Kit Security Group access via the AWS command line Programmatic access via the command line

AWS Management Console access Using the AWS Software Developers Kit Programmatic access via the command line

Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment? AWS Config AWS OpsWorks AWS SDK AWS Marketplace

AWS Marketplace

A customer would like to design and build a new workload on AWS Cloud but does not have the AWS related software technical expertise in-house. Which of the following AWS programs can a customer take advantage of to achieve that outcome? AWS Partner Network Technology Partners AWS Marketplace AWS Partner Network Consulting Partners AWS Service Catalog

AWS Partner Network Consulting Partners

As an IT support center team member, you begin receiving calls from users about problems they're experiencing with your company's AWS-based point-of-sale system. You want to begin your investigation by checking with AWS for any service alerts they may be communicating. Which AWS tool will you give you the information you seek?

AWS Personal Health Dashboard

Which of the following AWS services gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources, alerting you and providing remediation guidance when AWS is experiencing events that my affect you?

AWS Personal Health Dashboard

What AWS team assists customers with accelerating cloud adoption through paid engagements in any of several specialty practice areas? AWS Enterprise Support AWS Solutions Architects AWS Professional Services AWS Account Managers

AWS Professional Services

Which of the following are Migration services? AWS Snowball AWS OpsWorks AWS Application Discovery Service AWS Config

AWS Snowball AWS Application Discovery Service

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? AWS Regions AWS edge locations AWS Availability Zones Amazon Virtual Private Cloud (Amazon VPC)

AWS edge locations

Which of the following are criteria affecting your billing for RDS? Additional storage Data transfer in Number of requests Clock hours of server time Standby time

Additional storage Number of requests Clock hours of server time

Which of the following is not database service? Amazon Aurora Amazon Redshift Amazon EBS Amazon Neptune

Amazon EBS

Which AWS services can host a Microsoft SQL Server database? (Select TWO.) Amazon EC2 Amazon Relational Database Service (Amazon RDS) Amazon Aurora Amazon Redshift Amazon S3

Amazon EC2 Amazon Relational Database Service (Amazon RDS)

Why is AWS more economical than traditional data centers for applications with varying compute workloads? Amazon Elastic Compute Cloud (Amazon EC2) costs are billed on a monthly basis. Customers retain full administrative access to their Amazon EC2 instances. Amazon EC2 instances can be launched on-demand when needed. Customers can permanently run enough instances to handle peak workloads.

Amazon EC2 instances can be launched on-demand when needed.

True or False: Data stored in Glacier is encrypted by default.

True

Your sales operations group would like to perform monthly analyses on large amounts of sales activity. They want to be able to rank the performance of different territories, product categories, and sales channels. They will use visualization tools to generate graphical representations of the data. Which AWS service will provide the best solution for storing the sales data?

Amazon Redshift

Which service stores objects, provides real-time access to those objects, and offers versioning and lifecycle capabilities? Amazon Glacier AWS Storage Gateway Amazon S3 Amazon EBS

Amazon S3

Which service would you use to send alerts based on Amazon CloudWatch alarms? Amazon Simple Notification Service (Amazon SNS) AWS CloudTrail AWS Trusted Advisor Amazon Route 53

Amazon Simple Notification Service (Amazon SNS)

Amazon VPC ________. 1. Affords you complete control of network configuration. 2. Offers several layers of security controls. 3. Allows you to build a private, virtual network in the AWS cloud. 4. Amazon VPC offers all of these features

Amazon VPC offers all of these features

Which AWS networking service enables a company to create a virtual network within AWS? AWS Config Amazon Route 53 AWS Direct Connect Amazon Virtual Private Cloud (Amazon VPC)

Amazon Virtual Private Cloud (Amazon VPC)

Which of the following Load Balancers uses Listeners, Targets, and Target Groups? Application Load Balancer Classic Load Balancer

Application Load Balancer

You use containers to host your microservices, and you need to route traffic to those applications using a single load balancer. Which of the following services should you use to accomplish this?

Application Load Balancer

Which of the following is AWS' managed database service that is up to 5X faster than a traditional MySQL database. DynamoDB MariaDB PostgreSQL Aurora

Aurora

The load on your application fluctuates by day of the week. Wednesdays have the most traffic; Saturdays have the least traffic. Which AWS service allows you to ensure you have the correct amount of compute capacity while also optimizing on a cost basis? EC2 Container Service CloudWatch Auto Scaling Trusted Advisor

Auto Scaling

You need to ensure that you have the correct number of EC2 instances available to handle the load for your application. Which AWS service should you use? Auto Scaling Elastic Load Balancer Route53 Application Load Balancer

Auto Scaling

Which of the following are components of Auto Scaling? Security Group Auto Scaling Group Resource Group Launch Configuration Auto Scaling Policy

Auto Scaling Group Launch Configuration Auto Scaling Policy

Which of the following AWS services are free to use? Elastic Beanstalk EC2 VPC Route53 EBS S3 Auto-Scaling RDS CloudFormation IAM

Auto-Scaling Elastic Beanstalk IAM CloudFormation VPC

Which AWS Load Balancer service uses a Least Outstanding Requests load distribution for HTTP requests?

Classic Load Balancer

Which of the following services helps you to faster deliver your content to your customers? CloudFront S3 Amazon Elastic File System Elastic Block Store

CloudFront

True or False: For IaaS resources, Users are responsible for the security of everything above the hypervisor layer.

True

Which of the following are components of the AWS Risk and Compliance Program? Risk Management Information Security Physical Security Identity and Access Management Security Principles Control Environment Environment Automation

Control Environment Information Security Risk Management

Which of the following are principles of sound design when it comes to performance efficiency? Mechanical empathy Have your IT staff master all new technologies. Use Serverless architectures. Deploy into multiple Regions to go global in minutes. Democratize advanced technologies.

Deploy into multiple Regions to go global in minutes. Use Serverless architectures. Democrative advanced technologies.

Which of the following support plans feature access to AWS support via email only during business hours ?

Developer

Which of the following is not a compute service? Elastic Beanstalk EC2 Lambda Elastic Block Store

Elastic Block Store

Which of the following best describes the ability to scale computing resources up or down easily, while only paying for the resources used? High Availability Fault-tolerance Scalability Elasticity

Elasticity

How would a system administrator add an additional layer of login security to a user's AWS Management Console? Use AWS Cloud Directory Audit AWS Identity and Access Management (IAM) roles Enable Multi-Factor Authentication Enable AWS CloudTrail

Enable Multi-Factor Authentication

Under the shared responsibility model, which of the following is the customer responsible for? Ensuring that disk drives are wiped after use. Ensuring that firmware is updated on hardware devices. Ensuring that data is encrypted at rest. Ensuring that network cables are category six or higher

Ensuring that data is encrypted at rest.

True or False: Authentication determines which AWS services a user has access to, and Authorization allows a user access to AWS the overall AWS environment.

False

True or False: By default, all data stored in S3 is viewable by the public.

False

True or False: It's safer to use Access Keys than it is to use IAM roles.

False

True or False: For a fixed monthly rate, you can choose detailed, once-a-minute monitoring of your EC2 instances.

True

True or False: The Standard version of AWS Shield offers automated application (layer 7) traffic monitoring.

False (Only AWS Shield Advanced offers automated application layer monitoring.)

True or False: To complete the process of creating a Multi-AZ RDS instance, you must copy the primary instance to a public subnet in a second Availability Zone.

False (To complete the process of creating a Multi-AZ RDS instance, you must copy the primary instance to a private subnet. AWS generates a standby, and transactions are synchronously replicated.)

True or False: For IaaS resources, AWS is responsible for the security of everything above the hypervisor layer.

False (Users are responsible for the security of their resources in the AWS cloud including the os, patching and apps.)

True or False: It's best practice not to use IAM Roles for applications that run on EC2 instances.

False (roles should always be used)

You are using your corporate directory to grant your users access to AWS services. What is this called?

Federated Access

A software development team needs to create numerous testing environments each day based on multiple concurrent project activities. Provisioning of these environments needs to happen within minutes to ensure that project deadlines are met. The number of environments needed daily varies depending shifting priorities in business requirements. How can the team best achieve the agility they need for creating the testing environments? Leverage AWS Auto Scaling to expand and contract the testing server pool based on demand Use AWS Systems Manager Automation to provision and de-provision the testing environments Invoke AWS Lambda functions to run the test scenarios Have AWS CloudFormation provision the stacks and resources needed for the testing environments

Have AWS CloudFormation provision the stacks and resources needed for the testing environments

A purchasing department staff member is setup as an AWS user in the company's procurement AWS account. At each month-end, the staff member needs access to an application running on EC2 in the company's accounts payable AWS account to reconcile reports. Which of the following provides the most secure and operationally efficient way to give the staff member access to the accounts payable application? Create a user for the staff member in the accounts payable AWS account Have the user request temporary security credentials for the application by assuming a role Configure Active Directory integration so that you can federate the staff member's access to the accounts payable AWS account Invoke an AWS Lambda function to run the application in the accounts payable AWS account

Have the user request temporary security credentials for the application by assuming a role

Which of the following best describes a system that is always available — without the need for human intervention?

Highly Available

Your company has updated its security policies to include cloud workloads as well as those running on-premises. Your manager would like a report of which technologies will require configuration changes. Which of the following will not be included in the report because they are the responsibility of AWS? Amazon Aurora data encryption Host operating systems S3 Access Control Lists Security Group firewalls

Host operating systems

Which of the following AWS services controls Authentication and Authorization within an AWS account? Access Control Lists AWS Shield Security Groups IAM

IAM

Which of the following are components of the Security Pillar of the AWS Well-Architected Framework?

IAM Detective Controls Infrastructure protection

Which of the following are principles of sound cloud design? Disposable resources Assume *everything* will fail. Limit the number of 3rd-party services. Infrastructure as code Tightly-coupled components Treat your servers like pets, not cattle. Scalability

Infrastructure as code Assume *everything* will fail Scalability Disposable resources

Which AWS service allows you to run code without having to worry about provisioning any underlying resources (such as virtual machines, databases etc.)

Lambda

Which of the following is AWS' event-driven, serverless compute service? Lambda Elastic Beanstalk Lightsail EC2

Lambda

You have a variable and intermittent workload, so you want to use a compute service that allows you to pay only for the compute resources you use, without paying for compute time when your code isn't running. Which of the following services should you use? Lambda ECS Lightsail EC2

Lambda

An online education company has customers on four continents. They need to run software functions to customize offerings for students in various locations around the globe based on parameters that each student enters. Which AWS service will provide this capability with the highest performance efficiency?

Lambda@Edge

Which of the following compute services is ideal if you need to run a simple website or a simple e-commerce application? Lambda EC2 Lightsail Elastic Beanstalk

Lightsail

Which of the following is AWS's responsibility under the AWS shared responsibility model? Configuring third-party applications Maintaining physical hardware Securing application access and data Managing custom Amazon Machine Images (AMIs)

Maintaining physical hardware

A mobile shopping list app needs to be able to add, delete, and update items on specific lists anytime a user desires. The backend for the app will run on Amazon EC2 instances with Auto Scaling to manage fluctuations in user demand. Many times, a user will perform maintenance on many list items in a single session. What design characteristic must be incorporated into the app for these requirements to be met? Implement session affinity Make sure the app doesn't need knowledge of previous transactions Leverage load balancing to distribute transactions to multiple nodes Use bootstrapping on the EC2 instances

Make sure the app doesn't need knowledge of previous transactions

With RDS, read-replicas are available for which of the following? MySQL Aurora Oracle MS SQLServer PostgreSQL MariaDB

MySQL Aurora Oracle PostgreSQL MariaDB

AWS VPC is a component of which of the following overall services categories?

Networking and Content Delivery

Which of the following are payment options for Reserved Instances? DURI PURI NURI AURI MURI

PURI NURI AURI (NAP)

Which of the following is a Shared Control of the AWS Shared Responsibility Model?

Patch Management

When considering the security of and AWS EC2 instance, which of the below are Users responsible for? Patching and maintenance of server hardware Physical and Environmental controls Patching and maintenance of OS & Applications Security Configuration

Patching and maintenance of OS & Applications Security Configuration

Amazon Lightsail is an example of which of the following? PaaS, FaaS, IaaS, Saas

Platform as a Service

An EC2 instance in your VPC needs which of the following for the Internet Gateway to route its traffic to the Internet? Public IP address Private IP address C-Name A-Namw

Public IP address

What happens when an RDS Master database in a Multi-AZ deployment goes down? The asynchronous replication of RDS Multi-AZ deployments means you will suffer some data loss. RDS automatically fails over to the standby, which is promoted to Master. You must use the AWS console to promote the standby to Master. You must copy the attached EBS volume to the standby.

RDS automatically fails over to the standby, which is promoted to Master.

Which of the following AWS services allows you to run complex analytic queries against petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance local disks, and massively parallel query execution.

Redshift

You need to store a collection of objects that can also be accessed from a different AWS Region. Which service should you use to do this? DynamoDB EBS S3 Elastic Container Service

S3

Which of the following are programmatic access types enabling users to interact with AWS services? SDK API CLI PHP

SDK API CLI

You need to find an item in a DynamoDB table using an attribute other than the item's primary key. Which of the following operations should you use?

Scan

For which of the following categories does AWS Trusted Advisor provide best practices and/or or checks of your AWS environment? Security Performance Availability of AWS resources Cost Optimization Right-size Fault Tolerance High-Availability

Security Performance Cost Optimization Fault Tolerance

Which of the following acts like built-in firewalls for your virtual servers? Availability Zones Route Tables Security Groups Network Access Control Lists

Security Groups

Which of the following are principles of sound design when it comes to reliability? Manage change at the individual resource level. When in doubt, over-provision. Stop guessing about your capacity requirements. Scale horizontally.

Stop guessing about your capacity requirements. Scale horizontally.

Common use cases for Amazon S3 include ________.

Storing application assets. Static web hosting.

A telecommunications company has his hired you as a consultant to develop a business case for moving its IT applications and infrastructure to AWS. The company's leadership understands the agility value of the cloud, but the finance group is not interested in shifting capital expense to operating expense due to the company's tax structure. What will you include in the business case to attempt to satisfy everyone at the company?

Suggest that the company make reserved instance purchases and capitalize them

I can interact with Glacier using ________.

The Java or .NET SDKs The AWS CLI Amazon S3 Lifecycle Policies The RESTful Glacier web service

With AWS Relational Database Service (RDS), you are responsible for which of the following? Scaling Operating system installation and patching Database backups The optimization of your application using RDS Database software installation and patching

The optimization of your application using RDS

In which order is a user granted access to AWS services? The user is Authorized, then Authenticated. The user is Authenticated, then Authorized to use AWS services.

The user is Authenticated, then Authorized to use AWS services.

True or False: A Distribution is what we call a series of Edge Locations that make up CDN.

True

True or False: AWS is responsible for the security of managed Foundation Services, such as Amazon RDS.

True

True or False: Customer responsibility for the security of services in the cloud vary by service.

True (AWS is responsible for the security of their Managed Services, and the customer is responsible for the security of applications running on services such as EC2.)

Which of the following are components of IAM? Users Roles Authenticator Permissions Groups Authorizer Access controls

Users Roles Permissions Groups

Which of the following features of an Amazon VPC can only exist in one Availability Zones at a time? a Subnet a Route Table None of these a Security Group

a Subnet


Kaugnay na mga set ng pag-aaral

Plate Tectonic, Volcano, and Earthquake Test Review!

View Set

Chapter 47: Conservation of Biodiversity

View Set

Chapter 7: Criminal Law and Cyber Crime

View Set