AWS Cloud Practitioner Practice questions
What is the primary benefit of deploying an RDS database in a Multi-AZ configuration?
Enhances availability
What layer is WAF
layer 7
The DevOps team at an IT company is moving 500 GB of data from an EC2 instance to an S3 bucket in the same region. Which of the following scenario captures the correct charges for this data transfer?
the company would not be charged
Which of the following statements are CORRECT regarding Security Groups and Network Access Control Lists (NACLs)? (Select two)
A security group is stateful- automatically allows the return traffic A Nacl contains a numbered list
Which AWS service can be used to automate code deployment to EC2 instances as well as on-premises instances?
AWS CodeDeploy - AWS CodeDeploy is a service that automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises. AWS CodeDeploy makes it easier for you to rapidly release new features, helps you avoid downtime during deployment, and handles the complexity of updating your applications. You can use AWS CodeDeploy to automate deployments, eliminating the need for error-prone manual operations, and the service scales with your infrastructure so you can easily deploy to one instance or thousands.
An organization has a complex IT architecture involving a lot of system dependencies and it wants to track the history of changes to each resource. Which AWS service will help the organization track the history of configuration changes for all the resources?
AWS Config
Which of the following is a hybrid storage service that allows on-premises applications to access data on AWS Cloud?
AWS Storage Gateway AWS Storage Gateway is a hybrid cloud storage service that connects your existing on-premises environments with the AWS Cloud. Customers use Storage Gateway to simplify storage management and reduce costs for key hybrid cloud storage use cases. These include moving tape backups to the cloud, reducing on-premises storage with cloud-backed file shares, providing low latency access to data in AWS for on-premises applications, as well as various migration, archiving, processing, and disaster recovery use cases.
A Cloud Practitioner would like to get operational insights of its resources to quickly identify any issues that might impact applications using those resources. Which AWS service can help with this task?
AWS Systems Manager AWS Systems Manager allows you to centralize operational data from multiple AWS services and automate tasks across your AWS resources. You can create logical groups of resources such as applications, different layers of an application stack, or production versus development environments.
An organization maintains separate VPCs for each of its departments. With expanding business, the organization now wants to connect all VPCs for better departmental collaboration. Which AWS service will help the organization tackle the issue effectively?
AWS Transit Gateway
Which of the following solutions can you use to connect your on-premises network with AWS Cloud (Select two).
AWS VPN and AWS Direct Connect
A social media company wants to protect its web application from common web exploits such as SQL injection and cross-site scripting. Which of the following AWS services can be used to address this use-case?
AWS WAF
A startup runs its proprietary application on docker containers. As a Cloud Practitioner, which AWS service would you recommend so that the startup can run containers and still have access to the underlying servers?
Amazon Elastic Container Service (Amazon ECS) - Amazon Elastic Container Service (Amazon ECS) is a highly scalable, fast, container management service that makes it easy to run, stop, and manage Docker containers on a cluster. This is not a fully managed service and you can manage the underlying servers yourself.
AWS Shield Advanced provides expanded DDoS attack protection for web applications running on which of the following resources? (Select two)
Route 53 and Global Accelerator Amazon Elastic Compute Cloud, Elastic Load Balancing (ELB), Amazon CloudFront, Amazon Route 53, AWS Global Accelerator.
A financial services company wants to ensure that its AWS account activity meets the governance, compliance and auditing norms. As a Cloud Practitioner, which AWS service would you recommend for this use-case?
AWS CloudTrail
Which AWS service can be used to automate code deployment to EC2 instances as well as on-premises instances?
AWS CodeDeploy
Which AWS service will help you install application code automatically to an Amazon EC2 instance?
AWS CodeDeploy
A multi-national company has its business-critical data stored on a fleet of Amazon EC2 instances, in various countries, configured in region-specific compliance rules. To demonstrate compliance, the company needs to submit historical configurations on a regular basis. Which AWS service is best suited for this requirement?
AWS Config
A company runs an application on a fleet of EC2 instances. The company wants to automate the traditional maintenance job of running timely assessments and checking for OS vulnerabilities. As a Cloud Practitioner, which service will you suggest for this use case?
AWS Inspector
Which of the following statements are true about AWS Lambda? (Select two)
AWS Lambda lets you run code without provisioning servers You only pay for the compute time you consume
As per the Shared Responsibility Model, Security and Compliance is a shared responsibility between AWS and the customer. Which of the following security services falls under the purview of AWS under the Shared Responsibility Model?
AWS Shield standard
Which AWS service can help you analyze your infrastructure to identify unattached or underutilized EBS volumes?
AWS Trusted Advisor
Which of the following AWS services are part of the AWS Foundation services for the Reliability pillar of the Well-Architected Framework in AWS Cloud? (Select two)
AWS Trusted Advisor and IAM
Which of the following AWS services allows a database to have flexible schema and supports document data models?
Amazon DynamoDB
Which AWS service can be used as an in-memory database with high-performance and low latency?
Amazon Elasticashe
An e-commerce company wants to assess its applications for vulnerabilities and deviations from AWS best practices. Which AWS service can be used to facilitate this?
Amazon Inspector
Data encryption is automatically enabled for which of the following AWS services? (Select two)?
Amazon S3 Glacier & AWS storage gateway
Which of the following is correct regarding the AWS RDS service?
Can use read replicas for improved read performance and disaster recovery
Which AWS service can be used to create a Content Distribution Network (CDN) on AWS Cloud?
CloudFront
Which of the following AWS services has encryption enabled by default?
CloudTrail Logs
An IT company is on a cost-optimization spree and wants to identify all EC2 instances that are under-utilized. Which AWS services can be used to address this use-case? (Select two)
Cost Explorer and Trusted Advisor
An e-commerce company uses AWS Cloud and would like to receive separate invoices for development and production environments. As a Cloud Practioner, which of the following solutions would you recommend for this use-case?
Create separate AWS accounts
Which of the following can you use to run a bootstrap script while launching an EC2 instance?
EC2 Instance user data
Which of the following entities can be used to connect to an EC2 server from a Mac OS, Windows or Linux based computer via a browser-based client?
EC2 instance connect
Which of the following AWS services support reservations to optimize costs? (Select three)
EC2, RDS, DynamoDB
Which of the following AWS storage services can be directly used with on-premises systems?
EFS
As per the AWS shared responsibility model, which of the following is a responsibility of AWS from a security and compliance point of view?
Edge location management
A startup runs its proprietary application on docker containers. As a Cloud Practitioner, which AWS service would you recommend so that the startup can run containers and still have access to the underlying servers?
Elastic Container Service (ECS)
Which of the following AWS Support plans provides access to online training with self-paced labs?
Enterprise
Which AWS Route 53 routing policy would you use when you want to route your traffic in an active-passive configuration?
Failover Routing
Which of the following entities should be used for an Amazon EC2 Instance to access a DynamoDB table?
IAM Role
Which pillar of the AWS Well-Architected Framework recommends maintaining infrastructure as code?
Operational Excellence
A cyber-security agency uses AWS Cloud and wants to carry out security assessments on their own AWS infrastructure without any prior approval from AWS. Which of the following describes/facilitates this practice?
Penetration testing
Which of the following is a benefit of using AWS managed services such as Amazon RDS?
Performance is better than manually managed
An AWS hardware failure has impacted one of your EBS volumes. Which AWS service will alert you of the affected resources and provide a remedial action?
Personal Health dashboard
Which of the following statements are CORRECT regarding AWS Global Accelerator? (Select two)
Provide static IP adresses to act as a fixed entry point for applications and is a good fit for non HTTP use cases
What is the primary benefit of deploying an RDS database in a Read Replica configuration?
Read Replica improves database scalability Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. Read Replicas allow you to create read-only copies that are synchronized with your master database. Read Replicas are used for improved read performance. You can also place your read replica in a different AWS Region closer to your users for better performance. Read Replicas are an example of horizontal scaling of resources.
AWS Trusted Advisor can provide alerts on which of the following common security misconfigurations? (Select two)?
When you allow public access to S3 buckets when you don't turn on user activity logging
A media company uploads its media (audio and video) files to a centralized S3 bucket from geographically dispersed locations. Which of the following solutions can the company use to optimize transfer speeds?
s3 transfer acceleration
Compared to the On-demand prices, what is the highest possible discount offered for reserved instances?
72
Which of the following are components of an AWS Site-to-Site VPN? (Select two)
customer and virtual private VPN
Which AWS service will help you receive alerts when the reservation utilization falls below the defined threshold?
AWS Budgets
Which AWS service can be used to set up billing alarms to monitor estimated charges on your AWS account?
AWS CloudWatch
Which AWS service helps you define your infrastructure as code?
AWS Config
Which of the following AWS services can be used to connect a company's on-premises environment to a VPC without using the public internet?
AWS Direct connect
Which AWS compute service provides the EASIEST way to access resizable compute capacity in the cloud with support for per-second billing and access to the underlying OS?
Amazon Elastic Compute Cloud (EC2)
Which AWS Support plan provides architectural guidance contextual to your specific use-cases?
Business
Which of the following AWS Support plans provides access to Infrastructure Event Management for an additional fee?
Business
Which AWS services can be used to facilitate organizational change management, part of the Reliability pillar of AWS Well-Architected Framework? (Select three)
Config, CloudTrail, CloudWatch
Which AWS Support plan provides general architectural guidance on how services can be used for various use-cases, workloads, or applications?
Developer
Which AWS service would you choose for a data processing project to store unstructured data?
DynamoDB
Which of the following options are the benefits of using AWS Elastic Load Balancing (ELB)? (Select TWO)
High Availability and Fault Tolerance
Which of the following AWS services offer block-level storage? (Select two)
Instance Store & EBS
An online gaming company wants to block users from certain geographies from accessing its content. Which AWS services can be used to accomplish this task? (Select two)
Route 53 & AWS WAF
Once an AWS service has been provisioned, it is expected to work uninterrupted without any network or access issues. In case of any failures, the service should recover quickly. Which pillar of the AWS Well-Architected Framework caters to this ability?
Reliability
Which of the following S3 storage classes do not charge any data retrieval fee? (Select two)
S3 Standard and S3 intelligent tiering
A company needs a storage solution for a project wherein the data is accessed less frequently but needs rapid access when required. Which S3 storage class is the MOST cost-effective for the given use-case?
S3 Standard infrequent Access
A photo sharing web application wants to store thumbnails of user-uploaded images on Amazon S3. The thumbnails are rarely used but need to be immediately accessible from the web application. The thumbnails can be regenerated easily if they are lost. Which is the most cost-effective way to store these thumbnails on S3?
S3 standard Infrequent Access (one AZ)
Which AWS services can be used together to send alerts whenever the AWS account root user signs in? (Select two)
SNS and Cloudwatch
A multi-national organization has separate VPCs for each of its business units on the AWS Cloud. The organization also wants to connect its on-premises data center with all VPCs for better organization-wide collaboration. Which AWS services can be combined to build the MOST efficient solution for this use-case? (Select two)
Transit gateway and direct connect
Which of the following AWS authentication mechanisms supports a Multi-Factor Authentication (MFA) device that you can plug into a USB port on your computer?
U2F Security Key
Which AWS service would you use to create a logically isolated section of the AWS Cloud where you can launch AWS resources in your virtual network?
VPC
Which AWS service will you use to privately connect your VPC to Amazon S3?
VPC endpoint Gateway
A customer has created a VPC and a subnet within AWS Cloud. Which of the following statements is correct?
VPC spans all availability zones, subnets only span one AZ
A developer has written a simple web application in PHP and he wants to just upload his code to AWS Cloud and have AWS handle the deployment automatically but still wants access to the underlying operating system for further enhancements. As a Cloud Practioner, which of the following AWS services would you recommend for this use-case?
AWS Elastic BeanStalk
The DevOps team at an e-commerce company is trying to debug performance issues for its serverless application built using a microservices architecture. As a Cloud Practitioner, which AWS service would you recommend addressing this use-case?
AWS X-Ray - You can use AWS X-Ray to analyze and debug serverless and distributed applications such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors.
Which of the following statements is correct regarding the AWS Elastic File System (EFS) storage service?
can access EFS across many zones regions and vpcs
A research group wants to use EC2 instances to run a scientific computation application that has a fault tolerant architecture. The application needs high-performance hardware disks that provide fast I/O performance. As a Cloud Practitioner, which of the following storage options would you recommend as the MOST cost-effective solution?
Instance store
A research lab wants to optimize the caching capabilities for its scientific computations application running on EC2 instances. Which EC2 storage option is best suited for this use-case?
Instance store
Which AWS entity enables you to privately connect your VPC to an Amazon SQS queue?
Interface endpoint
Which of the following statements are true regarding Amazon Simple Storage Service (S3) (Select two)?
stores data in a flat non-hierarchical structure key-value based object service