Cloud Foundations

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which of the following requires a user name and password in order to access AWS services? AWS Application Programming Interface (API) AWS Software Development Kit (SDK) AWS Management Console AWS Command Line Interface (CLI)

AWS Management Console

Which of the following options of AWS RDS allows for AWS to fail over to a secondary database in case the primary one fails?

AWS Multi-AZ

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? AWS regions AWS availability zones AWS edge locations AWS VPC

AWS edge locations

Which service can help distribute Netflix's streaming video content to users around the globe? AWS Cloud Formation Amazon CloudFront AWS Elastic Beanstalk Amazon S3

Amazon CloudFront

Which service from the list below uses AWS Edge Locations? Amazon Elastic Compute Cloud (Amazon EC2) Amazon Virtual Private Cloud (Amazon VPC) Amazon CloudFront Amazon CloudWatch

Amazon CloudFront

_____________________________ is used as a global content delivery network (CDN) service in AWS. Amazon S3 AWS CloudTrail Amazon SES Amazon CloudFront

Amazon CloudFront

A company is deploying a three-tier, highly available web application. Which service provides durable storage for static content while utilizing lower CPU resources? Amazon RDS Amazon EBS Amazon S3 Amazon EC2

Amazon S3

A company is deploying a two-tier, highly available web application to AWS. Which service provides durable storage for static content whiel utilizing lower overall CPU resources for the web tier? Amazon Glacier Amazon S3 Amazon EBS Amazon EFS

Amazon S3

Which of the following storage options provides options for lifecycle policies that can be used to move objects to archive storage? Amazon Storage Gateway Amazon Elastic Block Storage (EBS) Amazon S3 Amazon Glacier

Amazon S3

You are deploying a multi-tier, highly available web application to AWS. The application needs a storage layer to store photos and videos. Which of the following services can be used as the underlying storage mechanism? Amazon EC2 instance store Amazon S3 Amazon EBS volume Amazon RDS instance

Amazon S3

You have to store objects that can be downloadable with a URL. Which storage option would you choose? Amazon Storage Gateway Amazon Glacier Amazon S3 Amazon EBS

Amazon S3

IAM "best practice" is to follow the principle of least privilege which is why IAM policies are created and applied on a region by region basis. True or False

False

IAM groups can be nested. True or False

False

IAM policies can be attached to groups and roles but not to individual users. True or False

False

IP address ranges can be changed after the VPC has been created. True of False

False

In block-level storage, the entire file is updated when a change is made to the file contents. True or False

False

On-premises High Availability is usually less expensive than a cloud High Availability solution since most on-premises costs are fixed and a one-time expense.

False

The AWS Simple Monthly Calculator can be used to estimate cost savings.

False

Typically, a TCO analysis looks at the "as is" on-premises infrastructure and compares this with the cost of the "to be" infrastructure state in the cloud and provides a comprehensive view of the total financial impact of moving to the cloud.

False

Which of the following security features is associated with a subnet in a VPC to protect against incoming traffic requests? Security groups AWS Inspector Subnet groups NACL

NACL

Which of the following is a factor when calculating the TCO?

Number of servers migrated to AWS

Organizations allow you to group multiple accounts into a consolidated bill and thereby achieve greater discounts due to higher aggregate usage.

True

Recoverability refers to the process, policies, and procedures related to restoring service after a catastrophic event.

True

Reliability is the measure of how long a resource performs its intended function and is measured in percentage of up-time.

True

Security groups are used to allow traffic either inbound or outbound and those rules can be configured for individual protocols, port numbers, and IP addresses or IP address ranges. True or False

True

The AWS pricing policy is that "you only pay for what you use" with no long-term contracts required.

True

To improve control over your AWS environment, you can use AWS Organizations to create groups of accounts, and then attach policies to a group to ensure the correct policies are applied across the accounts without requiring custom scripts and manual processes.

True

Which of the following scenarios would be most appropriate Amazon Elastic Compute Cloud (EC2) Spot instances? Workloads that are critical and need Amazon EC2 instances with termination protection. Workloads that are only run in the morning and stopped at night. Workloads where the availability of the Amazon EC2 instances can be flexible. Workloads that need to run for long periods of time without interruption.

Workloads where the availability of the Amazon EC2 instances can be flexible.

The principle of __________________ should be applied when granting user permissions through the AWS Identity and Access Management (IAM) tool. lower privilege least privilege greatest privilege most privilege

least privilege

AWS Core Services include which of the following (select all that apply)? networking analytics storage database

networking storage database

Which of the following are the responsibility of AWS (choose all that apply)?

physical security of data centers intrusion detection instance isolation

The main benefit of decoupling an application is to:

reduce inter-dependencies

An Availability Zone is a geographic location within the AWS global infrastructure. True or False

False

Which of the following is a fully managed, petabyte scale data warehouse service in the AWS cloud? Amazon Aurora Amazon DyamoDB Amazon Redshift Amazon ElastiCache

Amazon Redshift

EC2 instance patching and database application patching are the responsibility of AWS True or False

False

What is the concept of an AWS Region?

A geographical area divided into AZs

EC2 instances use NTFS permissions to control traffic to and from instances. True or False

False

Each Availability Zone is made up of two or more data centers. True or False

False

You have two accounts in your AWS account, one for the DEV team and the other for the QA team. All are part of consolidated billing. The master account has purchased three reserved instances. The DEV team currently uses two reserved instances. The QA team is planning to use three instances of the same instance type. What is the pricing tier of the instances that can be used by the QA team?

1 reserved and 2 on demand

Which of the following is normally present in all of the AWS support plans?

24/7 access to Customer Service

When working on the costing for on-demand EC2 instances, which of the following are attributes that determine the cost of the instance? Choose all that apply.

AMI type Instance type Region

AWS Organizations allow you to (choose all that apply):

AUTOMATE AWS ACCOUNT CREATION AND MANAGEMENT CENTRALLY MANAGE POLICIES ACROSS MULTIPLE AWS ACCOUNTS CONFIGURE AWS SERVICES ACROSS MULTIPLE ACCOUNTS CONSOLIDATE BILLING ACROSS MULTIPLE AWS ACCOUNTS GOVERN ACCESS TO AWS SERVICES, RESOURCES, AND REGIONS

According to the shared security model, who is responsible for security of the cloud?

AWS

Who is responsible for data security in an AWS account? AWS Security Team AWS Support Team AWS Technical Account Manager AWS Account Owner

AWS Account Owner

There is an external audit being carried out on your company. The auditor needs to have a log of all access to the AWS resources in the company's account. Which service can help provide this information? AWS CloudTrail AWS CloudWatch AWS SNS AWS SQS

AWS CloudTrail

Which of the following services helps in governance, compliance, and risk auditing? AWS Cloudtrail AWS Cloudwatch AWS SNS AWS Config

AWS Cloudtrail

Which of the following CANNOT be used to get data onto Amazon Glacier? AWS Console AWS S3 lifecycle policies AWS Glacier API AWS Glacier SDK

AWS Console

You cannot use which of the following to transfer data onto Amazon Glacier? AWS Glacier SDK AWS S3 lifecycle policies AWS Console AWS Glacier API

AWS Console

Which tool helps you forecast your AWS spending? Choose the best answer.

AWS Cost Explorer

Which of the following services can a customer use to obtain detail about Amazon Elastic Compute Cloud (EC2) billing activity that took place 3 months ago?

AWS Cost and Usage reports

Which of the following services is equivalent to hosting virtual servers in an on-premises location? AWS regions AWS EC2 AWS Glacier AWS Lambda

AWS EC2

Which AWS Cloud service helps with quick deployment of resources and can make use of different programming languages? AWS VPC AWS Elastic Compute Cloud (Amazon EC2) AWS Elastic Beanstalk AWS SQS

AWS Elastic Beanstalk

Which service helps with quick deployment of resources that can make use of different programming languages such as Java and .NET? AWS EC2 AWS Elastic Beanstalk AWS VPC AWS SQS

AWS Elastic Beanstalk

Which of the following can be used to import data into Amazon Glacier? Choose all that apply. AWS Glacier SDK AWS S3 Lifecycle Policies AWS Console AWS Glacier API

AWS Glacier SDK AWS S3 Lifecycle Policies AWS Glacier API

Which AWS service is used to turn on MFA? Amazon EC2 AWS IAM AWS Config Amazon Inspector

AWS IAM

________________________ is a service where administrators create and modify AWS user permissions. AWS Identity and Access Management (1AM) AWS Key Management Service CAWS KMS) AWS Trusted Advisor AWS Cloud Trail

AWS Identity and Access Management (1AM)

Which of the following is a serverless compute service offered by AWS? AWS S3 AWS SQS AWS EC2 AWS Lambda

AWS Lambda

Which AWS feature provides you with a web-based user interface to manage services? AWS Management Console AWS Application Programming Interface (API) AWS Software Development Kit (SDK) AWS CloudTrail

AWS Management Console

Which of the following AWS services will allow you to build a data warehouse in the cloud? Amazon Glacier AWS Snowball AWS Aurora AWS Redshift

AWS Redshift

Which of the following can be used to protect against DDoS attacks? Choose all that apply. AWS EC2 AWS ELB AWS Shield AWS Shield Advanced

AWS Shield AWS Shield Advanced

Your company has to move its 10TB data warehouse to AWS. Which of the following is an ideal service to move this amount of data? AWS Direct Connect AWS Snowmobile AWS S3 Connector AWS Snowball

AWS Snowball

Which of the following is used to estimate the costs for moving resources from on-premises to the AWS Cloud?

AWS TCO Calculator

You need to compare the cost of running resources in an on-premises environment or in a co-location environment with AWS. Which of the following options can be used to estimate savings?

AWS TCO Calculator

Which AWS service provides security optimization recommendations for infrastructure? AWS Config Amazon CloudWatch AWS Trusted Advisor AWS Trusted Partner

AWS Trusted Advisor

Which of the following can assist you with cost optimization?

AWS Trusted Advisor

Which of the following network components can be used to host EC2 instances? AWS Trusted Advisor AWS edge locations AWS VPC AWS AMIs

AWS VPC

Which of the following allows you to carve out a portion of the AWS cloud?

AWS VPCs

Which AWS services can be used to store files? Choose all that apply. Amazon EBS AWS Config CloudWatch Amazon Athena Amazon S3

Amazon EBS Amazon S3

Which services allow the customer to retain full administrative control of the virtual infrastructure? Amazon Lambda Amazon DynamoDB Amazon S3 Amazon EC2

Amazon EC2

_____________________ can be used as a component of the AWS CloudFront service to distribute content to users across the globe. Amazon Regions Amazon VPC Amazon Edge locations Amazon Availability Zones

Amazon Edge locations

A company is deploying a new two-tier web application. The company wants to store their most frequently used data so that the response time for the application is improved. Which AWS service provides the BEST solution? Amazon RDS for MySQL with multiple AZ MySQL installed on two EC2 instances in a single AZ Amazon DynamoDB Amazon ElastiCache

Amazon ElastiCache

A company wants to store files that are not frequently accessed. What is the most cost-effective method?

Amazon Glacier

You currently use virtual machine templates to spin up virtual machines on your company's on-premises network. Which of the following can be used in a similar way to spin up EC2 instances in AWS? Amazon VMWare Amazon Machine Images (AMIs) EBS volumes EBS snapshots

Amazon Machine Images (AMIs)

Which AWS services can be used to store files? (choose 2) Amazon Simple Storage Service (Amazon S3) AWS Storage Gateway AWS Config Amazon Elastic Block Store (Amazon EBS)

Amazon Simple Storage Service (Amazon S3) Amazon Elastic Block Store (Amazon EBS)

What is the key difference between an Availability Zone and an Edge Location?

An AZ is an isolated location within a region, whereas an edge location will deliver cached content to the closest location to reduce latency

How can you protect your AWS account against unauthorized access? Request root level access Set up a secondary password Apply MFA Disable the AWS Console

Apply MFA

Each customer's Virtual Private Cloud (VPC) is physically isolated from every other customer's VPC. True or False

False

A company needs to know which user was responsible for terminating several critical EC2 instances. Where can the customer find this information? Trusted Advisor CloudTrail logs EC2 Instance Usage Report CloudWatch

CloudTrail logs

You need to collect important metrics from AWS RDS and EC2 instances. Which of the following can help you meet this requirement? CloudWatch CloudFront AWS Config CloudTrail

CloudWatch

Which of the following are ways that allow you to link accounts? Choose all that apply.

Consolidated Billing AWS Organizations

In AWS billing, what option can be used to ensure that costs can be reduced if you have multiple accounts?

Consolidated billing

Which of the following concepts is used when you want to manage the bills for multiple accounts under one master account?

Consolidated billing

Where can a customer go to find out more information about EC2 billing activity that happened 3 months ago?

Cost and Usage Reports

Which service can help manage the cost for all AWS resources? Choose the BEST answer.

Cost explorer

If you wanted to backup an EBS volume, what would you do? Choose the BEST answer.

Create an EBS snapshot

Which of the following is the responsibility of the customer when ensuring that data on EBS volumes is kept safe? Attaching volumes to EC2 instances Creating copies of EBS volumes Creating EBS snapshots Deleting the data when the physical device is destroyed

Creating EBS snapshots

When creating security groups, which of the following are the responsibility of the customer? Choose all that apply. Ensure the rules are applied immediately Defining the rules as per the customer requirements Giving a name and description for the security group Ensure the security groups are linked to the Elastic Network Interface

Defining the rules as per the customer requirements Giving a name and description for the security group

You have a mission critical application which must be globally available 24/7/365. Which deployment method is the BEST solution?

Deploy to multiple regions

Which of the following examples supports AWS's Architecting for the Cloud best practice principle: "Design for failure and nothing will fail?"

Deploying an application in multiple AZs

Choose the AWS services that provide storage (select all that apply): EBS S3 IAM EFS AMI RDS Glacier EC2

EBS S3 EFS Glacier

Which of the following can be attached to an EC2 instance to store data? EBS volumes Amazon Redshift Amazon S3 EBS snapshots

EBS volumes

Which of the following can be used to distribute content to users across the globe? Edge Locations Availability Zones Regions VPCs

Edge Locations

What service allows developers to easily deploy and manage applications in the cloud? Container service Elastic Beanstalk CloudFormation OpsWork

Elastic Beanstalk

"Elastic" refers to the fact that if properly configured, you can increase or decrease the amount of RAM required by an application automatically, according to the current demands on that application. True or False

False

AWS Free Tier accounts are good for one year, only for new accounts, and allow access to all AWS services.

False

AWS enables and controls data replication across multiple Regions. True or False

False

AWS maintains cold data centers in each Region to anticipate major failures. True or False

False

AWS provides High Availability through the use of isolated, redundant data centers, multiple Regions within each Availability Zone, and the use of fault-tolerant services. True or False

False

Allowing the customer to adapt to changing business needs and focus on infrastructure are key benefits of the AWS pricing model.

False

Amazon EFS uses mount points to connect EFS with EC2 instances and works in a single Availability Zone within a Region. True or False

False

An AMI (Amazon Machine Image) includes a template for the root volume of the instance, launch permissions that control which AWS accounts can use the AMI to launch instances, and a block device mapping that specifies the volumes to attach to the instance when it's launched. All AMIs are based on Microsoft Windows X86 operating systems. True or False

False

According to AWS, what is the benefit of elasticity?

Having the ability to scale up and scale down to meet user demand

Which of the following identities allow an application deployed on an EC2 instance to write data to S3 in a secure manner? IAM Permissions IAM Roles IAM Users IAM Groups

IAM Roles

Which of the following is the secure method when using AWS API to call AWS services from EC2 instances? IAM Policies IAM Roles IAM Users IAM Groups

IAM Roles

Which component allows a VPC to communicate out across the Internet? Network Access Control List Endpoint Route Table IGW

IGW

In a VPC, the customer has complete control over (choose all that apply): IP address ranges subnet creation route table creation security settings

IP address ranges subnet creation route table creation security settings

According to the AWS Shared Security Model, the customer is responsible for which of the following? Monitoring physical device security Securing edge locations Implementing service organization control (SOC) standards Managing AWS Identity and Access Management(IAM)

Managing AWS Identity and Access Management(IAM)

Which of the following is the responsibility of the customer according to the Shared Security Model?

Managing IAM

Which of the following is a simple best practice to secure your AWS account against unauthorized access? Multi-Factor Authentication (MFA) Disable AWS console access Request root access privileges Set up a secondary password

Multi-Factor Authentication (MFA)

There is a requirement hosting a set of servers in the cloud for a short period of 3 months. Which of the following types of instances should be chosen in order to be cost effective? Choose the BEST answer.

On-demand

There is a requirement for a development environment for the next 3 months. Which instance type would you use?

On-demand instance

Which of the following is a benefit an Amazon EC2 over on-premises physical servers?

Only pay for what you use

In AWS, which security aspects are the customer's responsibility? Choose all that apply. Patch management on the EC2 instance's operating system Decommissioning storage devices Security Group and ACL settings Life-cycle management of IAM credentials Encryption of EBS volumes Controlling physical access to compute resources

Patch management on the EC2 instance's operating system Security Group and ACL settings Life-cycle management of IAM credentials Encryption of EBS volumes

AWS manages which of the following security requirements for AWS resources according to the Shared Responsibility Model? (choose 3)

Physical security Disk disposal Hardware patching

Which of the following refers to another geographic location in AWS? Data Center Region Availability Zone Edge Location

Region

Your disaster recovery strategy should launching resources in a separate:

Region

The AWS global infrastructure can be broken down into which three elements? Regions VPCs Availability Zones Edge Locations

Regions Availability Zones Edge Locations

You need to host a database server for at least a year. Which of the following would result in the least cost?

Reserved All Upfront

Which of the following EC2 instances should you consider when most of the instances you are using are 90 - 100% utilized and you expect this to continue for at least a year to ensure minimized cost? Reserved Instances Dedicated Host Instances Spot Instances On-Demand Instances

Reserved Instances

You are currently hosting an infrastructure and most of the EC2 instances are being used 90-100% and you expect this to continue for at least a year. What type of EC2 instance would you use to ensure costs are minimized?

Reserved instances

If you need to register a new domain name, which AWS service will you use? Trusted Advisor Route 53 Cloud Formation VPC

Route 53

Which of the following is most useful when a Disaster Recovery method is triggered in AWS? Route 53 SNS Inspector SQS

Route 53

Which of the following provides fast, easy, and secure transfers of files over long distances between you and your S3 bucket? S3 Transfer Acceleration S3 Acceleration File Transfer HTTP Transfer

S3 Transfer Acceleration

Select the three models of Cloud Computing:

Saas - Software as a Service IaaS - Infrastructure as a Service PaaS - Platform as a Service

Which of the following is NOT a disaster recovery deployment technique?

Single site

A _____________ is a cost-effective instance type that can be used for jobs that can be interrupted and resumed at any time. Spot On-Demand Partial Upfront Reserved Full Upfront Reserved

Spot

You have a distributed application that periodically processes large volumes of data across multiple EC2 instances. The application is designed to recover gracefully from EC2 instance failures. You are required to accomplish this task in the most efficient manner. Which of the following BEST meets the requirements?

Spot instances

Which of the following are the costing attributes for using S3? Choose all that apply.

The total size in GB of all objects stored The storage class for the objects being stored

AWS provides cost savings to the customer through (select all that apply):

Tiered pricing structure Multiple storage options help lower costs Savings as the amount of usage increases

A VPC can span across multiple Availability Zones. True or False

True

A user can be assigned to multiple IAM groups. True or False

True

AMIs can be used to launch new instances, copy an instance to another Availability Zone within the same Region, and copy an instance to a different AWS Region. True or False

True

AWS CloudFront provides edge locations for a business's customers to access the business's cloud-based services. True or False

True

AWS Lambda is referred to as serverless computing because it allows the customer to write and execute code that runs in response to an event. True or False

True

AWS offers three different options for reserved instances that allow the customer to save up to 75% off the cost of equivalent on-demand services. True or False

True

Amazon CloudWatch basic monitoring is available at no additional cost to monitor seven core metrics of your EC2 instances. True or False

True

Amazon EC2 instance types are optimized for different use cases and workload requirements and come in multiple sizes. True or False

True

Amazon EFS is perfect for big data and analytics, media processing workflows, content management, web serving and home directories. True or False

True

Amazon Glacier is a long-term data archiving service designed for security, durability, and an extremely low cost. True or False

True

Each VPC exists in a single Region, but customers can have multiple VPCs under a single account. True or False

True

Fault Tolerance refers to the built-in redundancy of an application's components and its ability to remain operational.

True

IAM allows the customer to manage access and authentication of their users with their AWS resources for no additional monthly charge. True or False

True

Which of the following can be used to secure EC2 instances? Choose all that apply. Usage of Security Groups Usage of the Internet Gateway Usage of Network Access Control Lists Usage of AMIs

Usage of Security Groups Usage of Network Access Control Lists

Which of the following is a feature of an Edge Location? Choose all that apply. Used in conjunction with AWS CloudFront Distribute content to users Cache common responses Distribute the workload across multiple resources

Used in conjunction with AWS CloudFront Distribute content to users Cache common responses

Which of the following networking components can be used to host EC2 resources? Trusted Advisor VPC Elastic Load Balancer Auto Scaling

VPC

What does Amazon EC2 provide?

Virtual servers in the cloud

Which of the following is the amount of storage that can be stored in Amazon S3? Virtually unlimited storage 1TB 5TB 1PB

Virtually unlimited storage

When using On-Demand instances in AWS, which of the following is false in regard to the cost of the instance:

You have to pay the termination fees if you terminate the instance

What are some characteristics of Amazon S3? Choose all that apply. S3 allows you to store objects of virtually unlimited size You only pay for what you store S3 allows you to store virtually unlimited amounts of data Objects are directly accessible via a URL

You only pay for what you store S3 allows you to store virtually unlimited amounts of data Objects are directly accessible via a URL

An AWS region can be defined as which of the following? the same thing as an Availability zone a geographical area divided into Availability Zones a collection of edge locations a collection of compute capacity

a geographical area divided into Availability Zones

Select all possible responses that correctly describe one of the six benefit of cloud computing.

eliminate guessing on capacity needs benefit from massive economies of scale

Match the terms that describe either an All-in Cloud or On Premises deployment model.

flexible capacity - All-in Cloud low upfront investment - All-in Cloud speed and agility - All-in Cloud low ongoing cost - All-in Cloud fixed capacity - On Premises large initial purchase - On Premises long procurement cycles - On Premises systems administration - On Premises

As per the AWS Acceptable Use Policy, penetration testing of EC2 instances: (Choose all that apply) require prior authorization by AWS may be performed by AWS, and will be performed by AWS upon customer request are expressly prohibited under all circumstances can be performed by the customer on their own instances

require prior authorization by AWS can be performed by the customer on their own instances


Kaugnay na mga set ng pag-aaral

Bio 310 Cell Biology Review Questions

View Set

guaranteed life insurance exam 1

View Set

7.2 Quiz THE US- ONE NATION WITH MANY REGIONS

View Set

ATI Intro to Pharm: Pain and Inflammation

View Set

Stephen F. Austin & the Empresarios of Texas

View Set