AWS Cloud Practitioner & CMIT 326 Cloud Tech

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which service would you use to send alerts based on Amazon CloudWatch alarms? A) Amazon Simple Notification Service (Amazon SNS) B) AWS CloudTrail C) AWS Trusted Advisor D) Amazon Route 53

(A) Amazon Simple Notification Service (Amazon SNS)

Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated? A) Amazon CloudWatch B) AWS CloudTrail C) AWS X-Ray D) AWS Identity and Access Management (AWS IAM)

(B) AWS CloudTrail

Which AWS service would simplify migration of a database to AWS? A) AWS Storage Gateway B) AWS Database Migration Service (AWS DMS) C) Amazon Elastic Compute Cloud (Amazon EC2) D) Amazon AppStream 2.0

(B) AWS Database Migration Service (AWS DMS)

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? A) AWS Regions B) AWS edge locations C) AWS Availability Zones D) Amazon Virtual Private Cloud (Amazon VPC)

(B) AWS edge locations

Which of the following is AWS's responsibility under the AWS shared responsibility model? A) Configuring third-party applications B) Maintaining physical hardware C) Securing application access and data D) Managing custom Amazon Machine Images (AMIs)

(B) Maintaining physical hardware

Why is AWS more economical than traditional data centers for applications with varying compute workloads? A) Amazon Elastic Compute Cloud (Amazon EC2) costs are billed on a monthly basis. B) Customers retain full administrative access to their Amazon EC2 instances. C) Amazon EC2 instances can be launched on-demand when needed. D) Customers can permanently run enough instances to handle peak workloads.

(C) Amazon EC2 instances can be launched on-demand when needed.

How would a system administrator add an additional layer of login security to a user's AWS Management Console? A) Use AWS Cloud Directory B) Audit AWS Identity and Access Management (IAM) roles C) Enable Multi-Factor Authentication D) Enable AWS CloudTrail

(C) Enable Multi-Factor Authentication

Where can a customer find information about prohibited actions on AWS infrastructure? A) AWS Trusted Advisor B) AWS Identity and Access Management (IAM) C) AWS Billing Console D) AWS Acceptable Use Policy

(D) AWS Acceptable Use Policy

Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment? A) AWS Config B) AWS OpsWorks C) AWS SDK D) AWS Marketplace

(D) AWS Marketplace

Which AWS networking service enables a company to create a virtual network within AWS? A) AWS Config B) Amazon Route 53 C) AWS Direct Connect D) Amazon Virtual Private Cloud (Amazon VPC)

(D) Amazon Virtual Private Cloud (Amazon VPC)

Which AWS Cost Management tool allows you to view the most granular data about your AWS bill

(Not Sure) AWS Cost and Usage report

How should a customer forecast the future costs for running a new web application

(Not Sure) AWS Simple Monthly Calculator, AWS Cost and Usage report

Which of the following steps should be taken by a customer when conducting penetration testing on AWS

(Not Sure) Request and wait for approval from AWS support, and then conduct testing, Request and wait for approval from the customer's internal security team, and then conduct testing

Which task is AWS responsible for in the shared responsibility model for security and compliance

(Not Sure)Encrypting data in transit, Updating Amazon EC2 host firmware

What is the benefit of using AWS managed services, such as Amazon ElastiCache and Amazon Relational Database Service (Amazon RDS)

(Not Sure)They simplify patching and updating underlying OSs.

Which of the following statements best describes AWS Trusted Advisor? a) A tool that provides you real time guidance to help you provision your resources following AWS best practices. b) A tool that helps customers estimate their monthly AWS bill more efficiently. c) A tool that estimates the cost savings when using AWS and provides a detailed set of reports. d) A tool that enables you to view and analyze your costs and usage.

(a) A tool that provides you real time guidance to help you provision your resources following AWS best practices.

Which AWS service enables you to repeatedly and predictably provision resources to power your applications? a) AWS CloudFormation b) AWS Cloud Map c) AWS CloudTrail d) Amazon CloudFront

(a) AWS CloudFormation

Which method would you use to access AWS services through an easy~to~use graphical interface? a) AWS Management Console b) Software Development Kits (AWS SDKs) c) AWS EasyLaunch d) AWS Command Line Interface (AWS CLI)

(a) AWS Management Console

You have an application composed of individual services and you need to route a request to a service based on the content of the request. What type of load balancer should you use? a) Application Load Balancer b) Classic Load Balancer c) Network Load Balancer d) VPN Load Balancer

(a) Application Load Balancer

How is storage typically priced on AWS Cloud? a) Charged per GB b) Charged per hour or second c) Charged by instance type d) Charged by speed of transfer

(a) Charged per GB

Which of the following terms refers to the power to scale computing resources up or down easily? a) Elasticity b) Economy c) Expediency d) Efficiency

(a) Elasticity

Which of the following use cases is appropriate for Amazon CloudFront? (Select Three.) a) Security and encryption b) Live on-demand video streaming c) Schema generation d) Static asset caching e) Auto Scaling f) Database backups

(a) Security and encryption (b) Live on-demand video streaming (d) Static asset caching

Which of the following statements best describes Amazon CloudFront? a) Speeds up the delivery of your content to viewers across the globe b) Provides a common language for you to describe and provision all the infrastructure resources in your cloud environment c) Provides you with data and actionable insights to monitor your applications d) Provides topics for high—throughput, push—based, many—to—many messaging

(a) Speeds up the delivery of your content to viewers across the globe

What are the benefits of using Amazon EC2 instances compared to physical servers in your infrastructure? (Select two.) a) The ability to have different storage requirements b) Pay only for the capacity you use c) Automatic automated backups d) The ability to hot-add additional RAM e) Resizable

(a) The ability to have different storage requirements (b) Pay only for the capacity you use

Which of the following AWS concepts refers to "Established best practices developed through lessons learned by working with customers"? a) Well-Architected Framework b) AWS Trusted Advisor c) Security of the Cloud d) Reference architecture

(a) Well-Architected Framework

Which of the following defines the AWS Command Line Interface (AWS CLI)? a) A suite of utilities that can be launched from a command program in Linux, macOS, or Windows. b) A systematic approach to evaluating and implementing architectures. c) Packages that enable access to AWS in a variety of programming languages. d) A rich graphical interface to a majority of the features offered by AWS.

(a)A suite of utilities that can be launched from a command program in Linux, macOS, or Windows.

Which of the following AWS services has no additional charge associated with its use? (The resources provisioned within the service may incur costs.) a) Amazon Elastic Compute Cloud (Amazon EC2) b) AWS Identity and Access Management (IAM) c) Amazon Simple Storage Service (Amazon S3) d) Amazon Elastic Block Store (Amazon EBS)

(b) AWS Identity and Access Management (IAM)

Which of the following is a responsibility of the customer according to the shared responsibility model? a) Physical security of the facilities in which the services operate b) AWS Identity and Access Management (IAM) c) Protection of the global infrastructure d) Availability of third-party audit reports

(b) AWS Identity and Access Management (IAM)

Which AWS service is a managed DDoS protection service that safeguards applications running on AWS? a) AWS Identity and Access Management b) AWS Shield c) Amazon Inspector d) Amazon CloudWatch

(b) AWS Shield

Which service sends notifications or automatically makes changes to the resources being monitored based on rules you established? a) Elastic Load Balancing b) Amazon CloudWatch c) Amazon EC2 d) Amazon Aurora

(b) Amazon CloudWatch

Which of the following instance types provides you with a significant discount compared to On—Demand Instance pricing? a) Amazon EC2 Instant Instances b) Amazon EC2 Reserved Instances c) Amazon EC2 Dedicated Instances d) Amazon EC2 Dedicated Hosts

(b) Amazon EC2 Reserved Instances

Which components of the AWS infrastructure can be described as multiple, isolated locations within one geographic area? a) S3 Buckets b) Availability Zones c) Regions d) Edge Locations

(b) Availability Zones

A company has 70 employees divided into 10 departments. The IT administrator wants to customize each department's access to AWS. Which of the following options is most appropriate? a) Create a temporary role for each employee, and revise their access as needed. b) Create an IAM group for each department, and assign IAM users to the groups. c) Create an IAM role for each department, and assign IAM users to the roles. d) Make each employee an AWS account root user.

(b) Create an IAM group for each department, and assign IAM users to the groups.

Which of the pillars of the Well—Architected Framework is defined as the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures? a) Performance efficiency b) Operational excellence c) Security d) Reliability

(b) Operational excellence

What is the first step in getting started with AWS Lambda? a) Provision EC2 instances b) Upload your code c) Deploy an OS image d) Pay for estimated compute time

(b) Upload your code

You have been tasked with distributing a newsletter that will be pushed out to administrators by email. Which of the following is the best solution? a) Store the newsletters in an Amazon Simple Storage Service (Amazon SB) bucket and distribute them with AWS Cloudtrail. b) Create a topic in Amazon Simple Notification Service (Amazon SNS) that administrators can subscribe to. c) Create a messaging queue in Amazon CloudFront. d) Route the newsletters to an Amazon ElastiCache store

(b)Create a topic in Amazon Simple Notification Service (Amazon SNS) that administrators can subscribe to.

Which of the following is a managed Distributed Denial of Service (DDoS) protection service? a) AWS Identity and Access Management (IAM) b) Amazon Inspector c) AWS Shield d) AWS Trusted Advisor

(c) AWS Shield

Your company is developing a critical application, and the security of the application is one of the top priorities. Which of the following AWS services will provide recommendations for security optimization for your infrastructure? a) Amazon Aurora b) Amazon CloudWatch c) AWS Trusted Advisor d) Amazon Inspector

(c) AWS Trusted Advisor

Which of the following tasks is the customer's responsibility when creating Amazon VPC security groups? a) Selecting an appropriate load balancing strategy for the network routers. b) Choosing the level of physical security for the network. c) Adding rules regarding inbound traffic to the security group. d) Ensuring that the security groups are linked to Amazon EC2.

(c) Adding rules regarding inbound traffic to the security group.

Which service provides persistent block storage volumes for use with Amazon EC2 instances? a) Amazon S3 b) Amazon DynamoDB c) Amazon EBS d) Amazon EFS

(c) Amazon EBS

What is Elastic Load Balancing? a) Automatically stopping traffic when targets are overloaded b) Automatically monitoring traffic to ensure that costs are kept beneath a specified threshold c) Automatically distributing traffic across multiple targets d) Automatically slowing traffic to decrease latency

(c) Automatically distributing traffic across multiple targets

You have an application composed of individual services. You need to route a request to a service based on the content of the request. Which service should you use? a) EC2 Auto Scaling b) AWS CloudTrail c) Elastic Load Balancing d) Amazon Route 53

(c) Elastic Load Balancing

Users of your services are reporting latency. With on-premises architecture you would notify your Administrator to launch another server to balance the load. How can this be automated using AWS? a) Create a new template using AWS CloudFormation. b) Enable AWS CloudTrail to monitor latency issues. c) Enable an Amazon CloudWatch alarm to trigger a scaling policy. d) Create six Amazon EC2 instances in different Availability Zones.

(c) Enable an Amazon CloudWatch alarm to trigger a scaling policy.

Which parts of the AWS infrastructure support increased resilience? a) Multiple edge locations within a region b) Multiple Regions distributed globally c) Multiple Availability Zones within a region d) Multiple AWS Direct Connect (DX) gateways within a data center

(c) Multiple Availability zones within a region

Which of the following is NOT a pillar of the AWS Well- Architected Framework? a) Cost Optimization b) Operational Excellence c) Persistence d) Security

(c) Persistence

Your web application requires temporary authorization to use AWS services. Which IAM entity should be used? a) User b) MFA c) Role d) Group

(c) Role

Which of the following examples best demonstrates the agility that cloud computing offers? a) Protect your data by centralizing your applications in one Availability Zone. b) Increase network throughput with AWS Direct Connect (DX) nodes. c) Spin up servers in minutes, and shut down servers when you don't need them. d) Quickly deploy multi—factor authentication (MFA) to multiple data centers.

(c) Spin up servers in minutes, and shut down servers when you don't need them.

Which of the following statements is true of Amazon Virtual Private Clouds (VPC)? a) Each AWS account can have only one VPC associated with it b) A VPC acts as a physical firewall for your cloud infrastructure c) You can create many subnets in a VPC, though fewer is recommended to limit complexity d) Each VPC is a private, dedicated network connection from your premises to AWS

(c) You can create many subnets in a VPC, though fewer is recommended to limit complexity

What is Amazon Route 53? a) A monitoring and management service that collects and tracks metrics b) A fast and flexible nonrelational database service for all applications that need consistent, single—digit millisecond latency at any scale c) A cloud service solution that establishes private connectivity between AWS and your data center, office, or colocation environment d) A highly available and scalable Domain Name System (DNS) web service

(d) A highly available and scalable Domain Name System (DNS) web service

Who is responsible for security of the cloud according to the shared responsibility model? a) IAM roles b) Customer c) AWS Support d) AWS

(d) AWS

Which of the following services provides you with data and actionable insights to monitor your applications, understand and respond to system—wide performance changes, optimize resource utilization, and get a unified view of operational health? a) AWS CloudTrail b) AWS Cloud9 c) AWS CloudFormation d) Amazon CloudWatch

(d) Amazon CloudWatch

Which component of the AWS global infrastructure supports the caching of content for faster access? a) Regions b) AWS Direct Connect locations c) Availability Zones d) Edge locations

(d) Edge locations

Which of the following components is included in the value proposition of the AWS Cloud? a) Physical relocation of your servers b) Fully independent development without parameters c) Informal security restrictions d) Massive economies of scale

(d) Massive economies of scale

Which of the following is a best practice for adding an additional layer of security when logging into the AWS Management Console? a) Secondary password b) Root access permissions c) Secondary user name d) Multi-factor authentication (MFA)

(d) Multi-factor authentication (MFA)

Which of the following options describes the most common AWS billing model? a) Pay in advance b) Annual billing c) Daily billing d) Pay as you go

(d) Pay as you go

Which category of services includes Amazon S3? a) Migration b) Security c) Computing d) Storage

(d) Storage

What is the maximum size IP address range you can have in an Amazon VPC? (Select the best answer).

/16

What is the maximum size IP address range you can have in an Amazon VPC? (Select the best answer).

/16

With Amazon Virtual Private Cloud (Amazon VPC), what is the maximum size IP address range you can have in a VPC? (Select the best answer.)

/16

What is the minimum size subnet you can have in an Amazon VPC? (Select the best answer).

/28

What is the minimum size subnet you can have in an Amazon VPC? (Select the best answer).

/28

With Amazon Virtual Private Cloud (Amazon VPC), what is the smallest size subnet you can have in a VPC? (Select the best answer.)

/28

How many IGWs can you attach to an Amazon VPC at any one time? (Select the best answer)

1

How many IGWs can you attach to an Amazon VPC at any one time? (Select the best answer)

1

How many Internet Gateways can you have per VPC?

1

Which of the following is NOT a pillar of the AWS Well Architected Framework? Persistence Cost Optimization Security Operational Excellence

1

You want to provide private name resolution for two VPCs using the domain name company.pri. How many private hosted zones do you need to create?

1

What speeds is AWS Direct Connect offered at by AWS? (choose 2)

1 Gbps

You are planning on purchasing a reserved instance. Which options do you have with regards to the contact length for the reserved instance? (Choose 2 answers)

1 Year and 3 Year

What are the benefits of using EC2 instances compared to physical servers in your infrastructure? Select 2 Pay only for the capacity you use The ability to have different storage requirements Automatic automated backups The ability to hot add additional RAM Resizable

1 and 2

What is the response time of urgent issues for Enterprise Support Plan customers? (Select the best answer)

1 hour or less

To reduce the price of your Amazon EC2 instances, which term lengths are available for reserved instances? (choose 2)

1 year 3 years

Which of the following use cases is appropriate for Amazon CloudFront? (Select 3)

1) Security and encryption 2) Live on-demand video streaming 3) Static asset caching

Which of the following usage will always be cost-free even after your account's Free Tier has expired? (Select TWO.)

10 GB of data retrievals from Amazon Glacier per month, 10 custom monitoring metrics and 10 alarms on Amazon CloudWatch

Which of the following is a valid CIDR for a VPC or subnet?

10.0.0.0/28

You have an Enterprise Support Plan and are experiencing a critical business system failure. What is the response time offered under this plan?

15 minutes

How long does Amazon CloudWatch keep metric data? (Select the best answer)

15 months

In most cases what is the minimum number of Availability Zones per region?

2

Which of the following statements best describes AWS Trusted Advisor? A tool that estimates the cost savings when using AWS and provides a detailed set of reports A tool that provides you real time guidance to help you provision your resources following AWS best practices A tool that enables you to view and analyze your costs and usage A tool that helps customers estimate their monthly AWS bill more efficiently

2

You are a solutions architect who works at a large retail company that is migrating its existing infrastructure to AWS. You recommend that they use a custom VPC. When you create a VPC, you assign it to an IPv4 Classless Inter-Domain Routing (CIDR) block of 10.0.1.0/24 (which has 256 total IP addresses). How many IP addresses are available? (Select the best answer.)

251

Which of the following statements best describes CloudFront? Provides you with data and actionable insights to monitor your applications Provides a common lang for you to describe and provision all the infrastructure resources in your cloud environment Speeds up the delivery of your content to viewers across the globe Provides topics for high throughput, push-based, many-to-many messaging

3

Which of the following statements is true of Amazon Virtual Private Clouds? Each AWS acct can have only 1 VPC associated with it Each VPC is a private, dedicated network connection from your premises to AWS You can create many subnets in a VPC, though fewer is recommended to limit complexity A VPC acts as a physical firewall for your cloud infrastructure

3

When retrieving data from Amazon Glacier, what is the typical time taken to make a Standard Archive available?

3 to 5 hours

You are a solutions architect working for a large retail company that is migrating its existing infrastructure to AWS. You recommend they use a custom Amazon VPC. They'll need a public subnet for their web servers and a private subnet for their databases. They require web servers and database servers be highly available, with a minimum of two web servers and two database servers each. How many subnets should you have to maintain high availability? (Select the best answer).

4

What is the maximum size of a single Amazon Glacier Archive?

40TB

You have been running an on-demand Amazon EC2 instance running Linux for 4hrs, 5 minutes and 6 seconds. How much time will you be billed for?

4hrs, 5mins, and 6 seconds

How many Elastic IP Addresses can you have per region by default?

5

On how many continents are CloudFront edge locations distributed?

6

What is the level of durability offered on Amazon S3 (Standard Class)?

99.999999999 eleven nines

How can the AWS Management Console be secured against unauthorized access? A. Apply Multi-Factor Authentication (MFA) B. Set up a secondary password C. Request root access privileges D. Disable AWS console access

A

The AWS Web Application Firewall can go down to which of the following OSI layers? A. 7 B. 6 C. 4 D. 5

A

True or False: A CloudFront Origin can be an S3 bucket, an EC2 instance, an Elastic Load Balancer, or Route 53. A. True B. False

A

True or False: A Distribution is what we call a series of Edge Locations that make up CDN. A. True B. False

A

True or False: Access Control Lists are used to make entire buckets (like one hosting an S3 website) public. A. False B. True

A

True or False: It's safer to use Access Keys than it is to use IAM roles. A. False B. True

A

True or False: S3 Transfer Acceleration uses AWS' network of Availability Zones to more quickly get your data into AWS. A. False B. True

A

True or False: S3 is object storage suitable for the storage of 'flat' files like Word documents, photos, etc. A. True B. False

A

True or False: To restrict access to an entire bucket, you use bucket control lists; and to restrict access to an individual object, you use object policies. A. False B. True

A

True or False: With AWS Organizations, you can use either just the Consolidated Billing feature, or all the offered features. A. True B. False

A

True or False: With Consolidated Billing, the Paying Account can make changes to any of the resources owned by a Linked Account. A. False B. True

A

What AWS feature enables a user to manage services through a web-based user interface? A. AWS Management Console B. AWS Application Programming interface (API) C. AWS Software Development Kit (SDK) D. Amazon CloudWatch

A

What is the pricing model that allows AWS customers to pay for resources on an as needed basis? A. Pay as you go B. Pay as you reserve C. Pay as you use D. Pay as you buy E. Pay as you own

A

What is the value of having AWS Cloud services accessible through an Application Programming interface (API)? A. Cloud resources can be managed programmatically B. AWS infrastructure use will always be cost-optimized. C. Al application testing is managed by AWS D. Customer-owned, on-premises infrastructure becomes programmable

A

Which AWS Cloud service is used to turn on Multi-Factor Authentication (MFA)? A. AWS Identity and Access Management (IAM) B. Amazon Elastic Compute Cloud (Amazon EC2) C. AWS Config D. Amazon Inspector

A

Which AWS service automates infrastructure provisioning and administrative tasks for an analytical data warehouse? A. Amazon Redshift B. Amazon DynamoDB C. Amazon ElasticCache D. Amazon Aurora

A

Which of the following AWS services can help you assess the fault-tolerance of your AWS environment? A. AWS Trusted Advisor B. AWS Inspector C. AWS WAF D. AWS Shield

A

Which of the following EC2 options is best for long-term workloads with predictable usage patterns? A. Reserved instances B. On-Demand instances C. Spot instances D. Dedicated Host

A

Which of the following Route 53 policies allow you to a) route data to a second resource if the first is unhealthy, and b) route data to resources that have better performance? A. Failover Routing and Latency-based Routing B. Failover Routing and Simple Routing C. Geoproximity Routing and Geolocation Routing D. Geolocation Routing and Latency-based Routing

A

Which of the following is NOT an advantage of cloud computing over on-premise computing? A. Pay for racking, stacking and powering servers B. Trade capital expense for variable expense C. Eliminate guessing on your infrastructure capacity needs D. Benefit from massive economies of scale increase speed and agility

A

Which of the following is a factor when calculating Total Cost of Ownership (TCO) A. The number of servers migrated to AWS B. The number of users migrated to AWS C. The number of passwords migrated to AWS D. The number of keys migrated to AWS

A

Which of the following is not a fundamental AWS charge? A. Data-in B. Storage C. Compute D. Data-out

A

Which of the following is the responsibility of the AWS customer according to the Shared Security Model? A. Managing AWS Identity and Access Management (IAM) B. Securing edge locations C. Monitoring physical device security D. Implementing Service Organization Control (SOC) standards

A

Which of the following services will help you optimize your entire AWS environment in real time following AWS best practices? A. AWS Trusted Advisor B. AWS Shield C. AWS WAF D. AWS Inspector

A

Which service should an administrator use to register a new domain name with AWS? A. Amazon Route 53 B. Amazon CloudFront C. Elastic load Balancing D. Amazon Virtual Private Cloud (Amazon VPC)

A

Which service would you use to send alerts based on Amazon CloudWatch alarms? A. Amazon Simple Notification Service (Amazon SNS) B. AWS CloudTrail C. AWS Trusted Advisor D. Amazon Route 53

A

You need to host a file in a location that's publicly accessible from anywhere in the world. Which AWS service would best meet that need? A. S3 B. EC2 C. EBS D. RDS

A

What is Amazon route 53

A DNS service

What are two differences between a virtual private network (VPN) connection and a Direct Connect connection? (Select TWO.)

A Direct Connect connection offers predictable latency because it doesn't traverse the internet. B. A VPN connection uses the internet for transport.

What is an Amazon Region?

A Geographical region comprising Amazon Availability Zones

What is true about Regions?

A Region is a physical location that has multiple Availability Zones., Each Region is located in a separate geographic area.

d

A client application requires operating system privileges on a relational database server. What is an appropriate configuration for highly available database architecture? a. A standalone Amazon EC2 instance b. Amazon RDS in a Multi-AZ configuration c. Amazon EC2 instances in a replication configuration utilizing a single Availability Zone d. Amazon EC2 instances in a replication configuration utilizing two different Availability Zones

Which of the following will encrypt your data while in transit between your office and Amazon S3?

A client-side master key

In which scenario should Amazon EC2 Spot Instances be used

A company has a number of infrequent, interruptible jobs that are currently using On-Demand Instances

Regarding Amazon Glacier, what is a Vault?(Select the best answer)

A container for storing archives

Which of these statements about Availability Zones is not true?

A data center can be used for more than one Availability Zone.

Which of these statements about Availability Zones is not true?

A data center can be used for more than one Availability zone.

Which of these statements about Availability Zones is not true? (Select the best answer) Availability Zones are made up of one or more data centers Availability zones are connected to each other using high-speed private links a data center can be used for more than one availability zone Availability zones are designed for fault isolation

A data center can be used for more than one availability zone

Which of the following are signs of a highly available application

A failure in one geographic region will trigger an automatic failover to resources in a different region,Spikes in user demand are met through automatically increasing resources.

What is Amazon Route 53

A highly available and scalable DNS web service

What is Amazon Route 53?

A highly available and scalable Domain Name System (DNS) web service.

Which of the following must be configured on an Elastic Load Balancing load balancer to except incoming traffic? (Select the best answer)

A listener

Which of the following must be configured on an Elastic Load Balancing load balancer to except incoming traffic? (Select the best answer)

A listener

What happens when you create a new Amazon VPC? (Select the best answer)

A main route table is created by default.

What happens when you create a new Amazon VPC? (Select the best answer)

A main route table is created by default.

What is Amazon CloudWatch

A metrics repository with customizable notification thresholds and channels.

How many Availability Zones should compute resources be provisioned across to achieve high availability

A minimum of two

Which of the following can be assigned to an IAM user? (choose 2)

A password for access to the management console An access key ID and secret access key

Resources in a VPC need to be able to resolve internal IP addresses for other resources in the VPC. No one outside of the VPC should be able to resolve these addresses. Which of the following Route 53 resources can help you achieve this?

A private hosted zone

What is required to enable an EC2 instance in a public subnet to access the Internet? (choose 2)

A public IP address A route to an Internet Gateway

What is true about regions?

A region is a physical location that has multiple Availability Zones, Each region is located in a separate geographic area

What is true about regions? (choose two) They are the physical locations of your customers all regions are located in one specific geographic area a region is a physical location that has multiple availability zones Physical location has multiple availability zones each region is located in a separate geographic area

A region is a physical location that has multiple Availability Zones., Each region is located in a separate geographic area

What's the difference between a security group and a network access control list (NACL)? (Select TWO.)

A security group operates at the instance level., A network access control list operates at the subnet level

Which of the following scenarios would be a good use case for AWS Organizations? (Select TWO.)

A single company with multiple AWS accounts that wants a single place to administrate everything, A company that's integrated some operations with an upstream vendor

What is the difference between a standard AWS region and a GovCloud region?

A standard AWS region can have resources deployed by any customer. GovCloud is a specific region located in the PNW area (Oregon-Washington) that meets specific FedRAMP or other controlled unclassified information security guidelines for government & restricted industry customers (federal contractors, research groups). It is otherwise functionally equivalent to the commercial AWS regions, all products in commercial are supported in Gov with additional security. The difference between the standard AWS region and a GovCloud region is the level of security and who is capable of accessing that particular region. As an ordinary citizen, you have the ability to choose which AWS region and which availability zone you want. AWS regions are open to the public and a multitude of people will be connected to the same region. A GovCloud region is used mostly by the U.S. government to deploy resources and share data. These regions are not available to the public. Unlike the AWS regions, customer access is restricted when considering the GovCloud region. You have to be a U.S. citizen in order to access the GovCloud regions.

Which of the following are true regarding subnets? (Select TWO.)

A subnet must have a CIDR that's a subset of the CIDR of the VPC in which it resides. C. A subnet spans one Availability Zone.

Which of the following defines the AWS Command Line Interface (CLI)?

A suite of utilities that are launched from a command line program in Linux, WIndows or MacOS

Which of the following defines the AWS Command Line Interface (AWS CLI)?

A suite of utilities that can be launched from a command program in Linux, macOS or Windows

Which of the following defines the AWS CLI

A suite of utilities that can be launched from a command program in Linux, macOS, or Windows

Which of the following defines the AWS CLI?

A suite of utilities that can be launched from a command program in Linux, macOS, or Windows.

You want to experiment with deploying a web server on an EC2 instance. Which two of the following resources can you include to make that work while remaining within the Free Tier? (Select TWO.)

A t2.micro instance type EC2 instance, A 30 GB solid-state Elastic Block Store (EBS) drive

What is included in an Amazon Machine Image (AMI)? (Select the best answer)

A template for the root volume for the instance, Launch permissions that control which AWS accounts can use the AMI to launch instances, A block device mapping that specifies the volumes to attach to the instance when it's launched, (All of the above)

What is the AWS Personal Health Dashboard?

A tool which provides performance and availability of AWS services used to run your deployed resources

Which of the following best describes EBS?

A virtual hard disk in the cloud

Which of the following security requirements are managed by AWS customer? (Select 2) A. Password policies B. User permissions C. Physical Security D. Disk disposal E. Hardware patching

A, B

Which of the following are steps you should take in securing your AWS account? (Choose 3) A. Use Groups to assign permissions to IAM users. B. Activate Multifactor Authentication (MFA) on your root account. C. Create individual IAM users. D. Create a Root IAM role.

A, B, C

Which of the following are principles of sound cloud design? (Choose 4) A. Disposable resources B. Infrastructure as code C. Assume *everything* will fail. D. Treat your servers like pets, not cattle. E. Limit the number of 3rd-party services. F. Tightly-coupled components G. Scalability

A, B, C, G

Choose the features of Consolidated Billing. (Choose 3) A. Account charges can be tracked individually B. Multiple standalone accounts are combined and may reduce your overall bill C. Charging is based per VPC D. A single bill is issued containing the charges for all AWS Accounts

A, B, D

Which of the following AWS services should you use if you'd like to be notified when you have crossed a billing threshold? (Choose 2) A. AWS Bugdet B. Trusted Advisor C. CloudWatch D. AWS Cost Allocation

A, C

Which of the following are characteristics of cloud computing? (Choose 3) A. On-demand delivery B. Cloud charges are capital expenditures. C. Services are delivered via the Internet. D. Pay-as-you-go pricing

A, C, D

Which of the following are types of cloud computing deployments? (Choose 3) A. Hybrid cloud B. Mixed cloud C. Public cloud D. Private cloud

A, C, D

Which of the following are advantages of cloud computing? (Choose 4) A. Elasticity - you need not worry about capacity. B. Requires large amounts of capital C. Variable expense D. Increased speed and agility E. The ability to 'go global' in minutes

A, C, D, E

Which of the following is true about security groups? (Choose 2) A. Acts as a virtual firewall to control inbound and outbound traffic B. Acts as a virtual firewall to control outbound traffic only C. Acts as a virtual firewall to control inbound traffic only D. All inbound traffic is allowed and outbound traffic is denied by default E. All inbound traffic is denied and outbound traffic is allowed by default

A, D

Which of the following are NOT a benefit of AWS cloud computing? (Choose 2) A. Multiple procurement cycles B. Fault tolerant databases C. High latency D. Temporary and disposable resources E. High availability

A, E

Where is the information stored that defines an EC2 instance such as the template for the root volume, launch permissions and block device mappings?

AMI

What is AMI and what purpose does it serve?

AMI stands for Amazon Machine Image. The purpose of it is to provide information that is required to launch an instance. It is necessary that you specify which Amazon Machine Image you want when you are launching an instance.

Which Amazon namespace is used to uniquely identify AWS resources?

ARN

For certain services like Amazon EC2 and Amazon RDS, you can invest in reserved capacity. Reserved instances are available in what 3 options?

AURI, PURI, NURI

Who is responsible for security of the cloud according to the shared accountability model?

AWS

Who is responsible for security of the cloud according to the shared responsibility model

AWS

Who is responsible for security of the cloud according to the shared responsibility model?

AWS

Who manages NAT Gateway

AWS

Which service provides you with data and insights to manage your applications and respond to changes

AWS - Cloud watch

Where can a customer find information about prohibited actions on AWS infrastructure

AWS Acceptable Use Policy

Where can a customer find information about prohibited actions on AWS infrastructure? (Select the best answer)

AWS Acceptable Use Policy

Where will you find information on the limits AWS imposes on the ways you can use your account resources?

AWS Acceptable Use Policy

Where are AWS compliance documents, such as an SOC 1 report, located

AWS Artifact

Where can AWS compliance and certification reports be downloaded

AWS Artifact

Which AWS service would you use to obtain compliance reports and certificates

AWS Artifact

Which of the following services allows customers to manage their agreements with AWS

AWS Artifact

Which AWS Services enables you to run interactive SQL queries against unstructured data held in an Amazon S3 Bucket?

AWS Athena

A company complains that they are wasting a lot of money on underutilized compute resources in AWS. Which AWS feature should they use to ensure that their applications are automatically adding/removing compute capacity to closely match the required demand

AWS Auto Scaling

Which service allows you to automatically expand and shrink your application in response to demand?

AWS Auto Scaling

Which AWS service enables you to repeatedly and predictably provision resources to power your applications?

AWS Cloud Formation

What is the AWS service that enables AWS architects to manage infrastructure as code

AWS CloudFormation

Which AWS service enables you to repeatedly and predictable provision resources to power your applications?

AWS CloudFormation

Which AWS service enables you to repeatedly and predictably provision resources to power your applications

AWS CloudFormation

Which AWS service provides the ability to manage infrastructure as code

AWS CloudFormation

Which of the following can an AWS customer use to launch a new Amazon Relational Database Service (Amazon RDS) cluster

AWS CloudFormation, AWS Management Console

Which AWS service uses a highly secure hardware storage device to store encryption keys?

AWS CloudHSM

Which service can an organization use to track API activity within their account?

AWS CloudTrail

Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated

AWS CloudTrail

Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated?

AWS CloudTrail

Which service enables risk auditing by continuously monitoring and logging account activity, including user actions in the AWS Management Console and AWS SDKs

AWS CloudTrail

You have noticed that several critical Amazon EC2 instances have been terminated. Which of the following AWS services would help you determine who took this action

AWS CloudTrail

Which AWS service is primarily used for software version control

AWS Code Commit

Which AWS service is primarily used for software version control?

AWS CodeCommit

Which AWS service lets you add user sign up, sign-in and access control to web and mobile apps?

AWS Cognito

What are the three ways to access AWS core services?

AWS Command Line Interface (CLI), AWS Management Console, Software Development Kits, (SDKs)

For AWS Enterprise customers, any questions about billing and overall AWS account can be directed to which AWS support personnel?

AWS Concierge

Which team is available to support AWS customers on an Enterprise support plan with account issues?

AWS Concierge

If a customer needs to audit the change management of AWS resources, which of the following AWS services should the customer use

AWS Config

Which AWS service allows you to automate the evaluation of recorded configurations against desired configuration?

AWS Config

Which AWS service can be used to generate historical configuration change records for your AWS resources which can then be used for auditing your workloads on the AWS platform?

AWS Config

Which service can be used to manage configuration versions?

AWS Config

Which of the following helps a customer delve deep into the Amazon EC2 billing activity for the past month

AWS Cost & Usage Reports

Which tool enables you to visualize your usage patterns over time and to identify your underlying cost drivers? Which types of pricing policies does AWS offer? (choose 2)

AWS Cost Explorer

Which AWS Report gives enables you to view line items for each unique combination of AWS product, usage type, and operation that your AWS account uses?

AWS Cost and Usage Report

Which service can be used to help you to migrate databases to AWS quickly and securely?

AWS DMS

A company has decided to migrate its Oracle database to AWS. Which AWS service can help achieve this without negatively impacting the functionality of the source database

AWS Database Migration Service

Which AWS service would simplify migration of a database to AWS

AWS Database Migration Service (AWS DMS)

An organization has an on-premises cloud and accesses their AWS Cloud over the Internet. How can they create a private hybrid cloud connection?

AWS Direct Connect

What does Amazon CloudFront use to distribute content to global users with low latency

AWS Edge Locations

Which components of AWS global infrastructure does Amazon CloudFront use to ensure low latency delivery?

AWS Edge Locations

Which AWS tools can be used for automation? (choose 2)

AWS Elastic Beanstalk AWS CloudFormation

Which of the following is an AWS Region for which customer access is restricted?

AWS GovCloud

A security operations engineer needs to implement threat detection and monitoring for malicious or unauthorized behavior. Which service should be used?

AWS GuardDuty

Which AWS service is used to enable multi-factor authentication?

AWS IAM

Which service can be used to assign a policy to a group?

AWS IAM

Which of the following AWS services has no additional charge associated with its use (The resources provisioned within the service may incur costs)

AWS Identity and Access Management

Which of the following is the responsibility of the customer according to the shared responsibility model

AWS Identity and Access Management

Which of the following AWS services has no additional charge associated with its use? (The resources provisioned within the service may incur costs.)

AWS Identity and Access Management (IAM)

Which of the following is a responsibility of the customer according to the shared responsibility model?

AWS Identity and Access Management (IAM)

Which of the following is the responsibility of the customer according to the shared responsibility model?

AWS Identity and Access Management (IAM)

Which of the following can limit Amazon Simple Storage Service (Amazon S3) bucket access to specific users

AWS Identity and Access Management (IAM) policies

Which of the following can limit Amazon Storage Service (Amazon S3) bucket access to specific users

AWS Identity and Access Management (IAM) policies

Which AWS service can be installed on your EC2 Instances and run security checks on your servers to identify vulnerability?

AWS Inspector

A company wants to reduce the physical compute footprint that developers use to run code. Which service would meet that need by enabling serverless architecture

AWS Lambda

Which AWS service is known as a "serverless" service and runs code as functions triggered by events?

AWS Lambda

Which of the following services is in the category of AWS serverless platform

AWS Lambda

Which service allows you to run code as functions without needing to provision or manage servers?

AWS Lambda

What is the AWS feature that provides an additional level of security above the default authentication mechanism of usernames and passwords

AWS MFA

As an enterprise organization, which AWS Service can you use that can provision a simple and efficient means to make controlled changes to your infrastructure?

AWS Managed Service

AWS allows users to manage their resources using a web based user interface. What is the name of this interface

AWS Management Console

Which method would you use to access AWS services through an easy to use graphical interface?

AWS Management Console

Which method would you use to access AWS services through an easy-to-use graphical interface

AWS Management Console

Which method would you use to access AWS services through an easy-to-use graphical interface?

AWS Management Console

When creating an AWS Identity and Access Management (IAM) policy, what are the two types of access that can be granted to a user? (

AWS Management Console access, Programmatic access

What method would you use to access AWS through a GUI

AWS Management console

Where should a company go to search software listings from independent software vendors to find, test, buy and deploy software that runs on AWS

AWS Marketplace

Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment

AWS Marketplace

Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment? (Select the best answer)

AWS Marketplace

Which AWS service provides a single location to track the progress of application migrations across multiple AWS and partner solutions?

AWS Migration Hub

Which options does AWS make available for customers who want to learn about security in the cloud in an instructor-led setting

AWS Online Tech Talks, AWS Classroom Training

Which AWS service can an organization use to automate operational tasks on EC2 instances using existing Chef cookbooks?

AWS OpsWorks

Which AWS service lets you use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments?

AWS OpsWorks

Which of the following services could be used to deploy an application to servers running on-premises

AWS OpsWorks, AWS CodeDeploy

A company would like to maximize their potential volume and RI discounts across multiple accounts and also apply service control policies on member accounts. What can they use gain these benefits?

AWS Organizations

Which service allows a company with multiple AWS accounts to combine its usage to obtain volume discounts

AWS Organizations

Which service can be used to easily create multiple accounts?

AWS Organizations

Which service should a customer use to consolidate and centrally manage multiple AWS accounts

AWS Organizations

Which tools can you use to consolidate multiple AWS Accounts so that you can centrally manage them?

AWS Organizations

A customer would like to design and build a new workload on AWS Cloud but does not have the AWS-related software technical expertise in-house. Which of the following AWS programs can a customer take advantage of to achieve that outcome

AWS Partner Network Consulting Partners

Which AWS service provides a customized view of the health of specific AWS services that power a customer's workloads running on AWS

AWS Personal Health Dashboard

Which AWS service provides alerts when an AWS event may impact a company's AWS resources

AWS Personal Health Dashboard

What AWS team assists customers with accelerating cloud adoption through paid engagements in any of several specialty practice areas

AWS Professional Services

An administrator needs to rapidly deploy a popular IT solution and start using it immediately. Where can the administrator find assistance

AWS Quick Start reference deployments

What does AWS provide to deploy popular technologies - such as IBM MQ - on AWS with the least amount of effort and time

AWS Quick Start reference deployments

Which of the following are geographic areas that host two or more Availability Zones?

AWS Regions

What is the difference between AWS regions and Availability Zones (AZ)?

AWS Regions are a collection of data centers that are displayed as a section like us-east-1, they are physical locations. Resources have to be deployed in a region. An availability zone is a group of one or more data centers within a Region. These are logical groups of data centers (which may be located in the same complex or building), and appear to the user in AWS as us-east-1a , -1b, etc. Resources are added to a availability zone in a region when deployed, and resources that need to interact with each other should be kept in the same AZ. For fault tolerance, deploy a separate set of your resources / applications to a different zone or region.In summary - a region is made up of availability zones. Resources are deployed in an AZ inside a region.

Which of the following services provides trusted users with temporary security credentials that can control access to your AWS resources? (Select the best answer)

AWS Security Token Service (STS)

Which AWS service can you use to create a portfolio of products that will allow you to specify how and who can deploy them on AWS?

AWS Service Catalog

Which AWS service is a managed DDoS protection service that safeguards applications running on AWS?

AWS Shield

Which AWS service is a managed DDos protection service that safeguards application running on AWS

AWS Shield

Which AWS Calculator can be used to work out your monthly AWS costs for services deployed in your AWS Account?

AWS Simple Monthly Calculator

Which service can be used to cost-effectively move exabytes of data into AWS?

AWS Snowmobile

Which services are parts of the AWS serverless platform

AWS Step Functions, Amazon DynamoDB, Amazon SNS

Which AWS service enables hybrid cloud storage between on-premises and the AWS Cloud?

AWS Storage Gateway

Which service provides a hybrid storage service that enables on-premises applications to seamlessly use cloud storage

AWS Storage Gateway

Which AWS service allows you to use block-based volumes on-premise that are then asynchronously backed up to Amazon S3?

AWS Storage Gateway Volume Gateway

A company has an Enterprise Support subscription. They want quick and efficient guidance with their billing and account inquiries. Which of the following should the company use

AWS Support Concierge

Which service allows an organization to view operational data from multiple AWS services through a unified user interface and automate operational tasks?

AWS Systems Manager

What tool provides real time guidance to help you provision your resources following best practices in the areas of cost optimization, performance, security and fault tolerance?

AWS Trusted Advisor

Which of the following inspects AWS environments to find opportunities that can save money for users and also improve system performance

AWS Trusted Advisor

You are concerned that you may be getting close to some of the default service limits for several AWS services. What AWS tool can be used to display current usage and limits?

AWS Trusted Advisor

Your company is developing a critical application, and the security of the application is one of the top priorities. Which of the following AWS services will provide recommendations for security optimization for your infrastructure?

AWS Trusted Advisor

Your company is developing a critical application, and the security of the application is one of the top priorities. Which of the following AWS services will provide recommendations for security optimization for your infrastructure

AWS Trusted Advisor

Your company is developing a critical application, and the security of the application is one of the top priorities. Which of the following AWS services will provide recommendations for security optimization for your infrastructure?

AWS Trusted Advisor

Your company is developing a critical web application in AWS and the security of the application is one of the top priorities. Which of the following AWS services will provide infrastructure security optimization recommendations

AWS Trusted Advisor

Your company's IT management team is looking for an online tool to provide recommendations to save money, improve system availability and performance, and to help close security gaps. What can help the management team?

AWS Trusted Advisor

A company has moved to AWS recently. Which of the following would help them ensure that the right security settings are put in place?

AWS Trusted Advisor & Amazon Inspector

Which of the following security-related services does AWS offer

AWS Trusted Advisor security checks, Data encryption

Which AWS Security feature can be used to examine connections to your web application at layer 7 and identify and prevent any potential exploits like an SQL Injections?

AWS WAF

Hundreds of thousands of DDoS attacks are recorded every month worldwide. What does AWS provide to protect from these attacks

AWS WAF & AWS Shield

Snowball

AWS ________- this service accelerates transferring large amounts of data into and out of AWS using physical storage devices, bypassing the internet. Each device type can transport data at faster than internet speed. This transport is done by shipping the data in the devices through a regional carrier.

application discovery service

AWS __________ __________ ______________ helps systems integrators quickly and reliably plan application migration projects by automatically identifying applications running in on-premises data centers.

CodeCommit

AWS _____________ is a highly available, highly scalable managed SOURCE-CONTROL service that hosts private Git repositories.

Which statement is correct in relation to the AWS Shared Responsibility Model?

AWS are responsible for the security of regions and availability zones

Which service allows you to automatically expand and shrink your application in response to demand

AWS auto scaling

Which of the following are true of a default VPC? (Select TWO.)

AWS creates a default VPC in each region.,By default, each default VPC is available to one AWS account

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low latency delivery? (Select the best answer) AWS regions AWS edge location AWS availability zone Amazon virtual private cloud (amazon vpc)

AWS edge locations

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery

AWS edge locations

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? (Select the best answer)

AWS edge locations

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? (Select the best answer)

AWS edge locations

What can you use to quickly connect your office securely to your Amazon VPC?

AWS managed VPN

When creating an IAM policy, what are the two types of access that can be granted to a user? (Choose two)

AWS management Console Access, Programmatic Access

Amazon Relational Database Service (Amazon RDS) offers which of the following benefits over traditional database management

AWS manages the maintenance of the operating system

Which of the following is likely to be an accurate source of AWS pricing information?

AWS online documentation relating to a particular service

EC2, EMR, Elastic Beanstalk, opswork

AWS provides root or system privileges only for a limited set of services, which include (list 4)

Which of the following are geographic areas that host two or more Availability Zones? (Select the best answer) AWS regions aws origins edge locations compute zones

AWS regions

Which of the following are advantages of AWS Cloud security? (Choose two)

AWS uses multi-factor access control systems., You retain complete control and ownership of your data region.

Which of the following are advantages of AWS Cloud security? (Choose two)

AWS uses multi-factor access control systems., You retain complete control and ownership of your data region.

Which of the following is a benefit of using the AWS Cloud

Ability to focus on revenue-generating activities.

Which feature of AWS IAM enables you to identify unnecessary permissions that have been assigned to users?

Access Advisor

You wish to identify unnecessary permissions so that you can refine your IAM policies to better adhere to the principle of least privileges for your list of IAM users. Which IAM feature can you use to help you with this task?

Access Advisor

Which AWS IAM feature allows developers to access AWS services through the AWS CLI

Access keys

Which authentication method is used to authenticate programmatic calls to AWS services?

Access keys

Which of the following must an IAM user provide to interact with AWS services using the AWS Command Line Interface (AWS CLI)

Access keys

When using Amazon IAM, what authentication methods are available to use? (choose 2)

Access keys Server certificates

The IAM service can be used to manage which objects? (choose 2)

Access policies, Roles

Which of the following is not available in the Business Support Plan? (Select the best answer)

Access to Well-Architected review delivered by AWS Solution Architects

Which of the following security-related actions are available at no cost

Accessing forums, blogs, and whitepapers

According to the Shared Responsibility Model, What is the responsibility of AWS and what is the responsibility of the Customer?

According to the Shared Responsibility Model, the responsibility of AWS has to do with security of the cloud. This includes the software, hardware and AWS Global Infrastructure. AWS is in charge of the regions, availability zones, edge locations and the networking. AWS protects the infrastructure that runs all of the services offered in the AWS Cloud. According to the Shared Responsibility Model, the responsibility of the customer has to do with the security in the cloud. Based on what AWS Cloud service the customer selects, they may have to do more configuration work. If the customer uses an Amazon EC2 instance then they will be responsible for the management of the system, security groups, and any application software or utilities that are going to be installed.

Which of the following is an example of horizontal scaling in the AWS Cloud

Adding more EC2 instances to handle an increase in traffic

Which of the following tasks is the customer's responsibility when creating Amazon VPC security groups

Adding rules regarding inbound traffic to the security group

Which of the following tasks is the customer's responsibility when creating Amazon VPC security groups?

Adding rules regarding inbound traffic to the security group

Which of the following tasks is the customer's responsibility when creating Amazon VPC security groups?

Adding rules regarding inbound traffic to the security group.

Which of the following are components that determine the cost of your RDS Database Instance? (Choose 3 answers)

Additional Storage, Hours of use and Number of Requests

Which of the following IAM policies is the best choice for the admin user you create in order to replace the root user for day-to-day administration tasks?

AdministratorAccess

You have set up consolidated billing for several AWS accounts. One of the accounts has purchased a number of reserved instances for 3 years. Which of the following is true regarding this scenario

All accounts can receive the hourly cost benefit of the Reserved Instances

How does the consolidated billing feature of AWS Organizations treat Reserved Instances that were purchased by another account in the organization?

All accounts in the organization are treated as one account so any account can receive the hourly cost benefit

What are the advantages of cloud computing over on-premises? (Select the best answer) Avoid large capital purchases On-demand capacity Go global Increase speed and agility All of the above

All of the above

What is included in an Amazon Machine Image (AMI)? (Select the best answer)

All of the above

What should you consider when choosing a database type? (Select the best answer)

All of the above

In Amazon DynamoDB, what does the query operation allow you to do? (Select the best answer)

All of the above.

What are the benefits of having infrastructure hosted in AWS

All of the physical security and most of the data/network security are taken care of for you & increase speed and agility

Which support plan gives you the ability to raise a support request to query your Amazon bill?

All of them

When using AWS Organizations with consolidated billing what are two valid best practices? (choose 2)

Always enable multi-factor authentication (MFA) on the root account The paying account should be used for billing purposes only

What is the recommended best practice when assigning IAM permissions to a user?

Always use the principal of least privileges

Which AWS services are used for analytics? (choose 2)

Amazon Athena & Amazon EMR

A customer needs to run a MySQL database that easily scales. Which AWS service should they use

Amazon Aurora

A developer is planning to build a two-tier web application that has a MySQL database layer. Which of the following AWS database services would provide automated backups to his application

Amazon Aurora

_______ is up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases. (Select the best answer)

Amazon Aurora

Which AWS service enables you to repeatedly and predictably provision resources to power your applications?

Amazon CloudFormation

A company is planning to host an educational website on AWS. Their video courses will be streamed all around the world. Which of the following AWS services will help achieve high transfer speeds

Amazon CloudFront

Which AWS service does API Gateway integrate with to enable users from around the world to achieve the lowest possible latency for API requests and responses?

Amazon CloudFront

Which of the following can be described as a global content delivery network (CDN) service

Amazon CloudFront

Which service can be used to improve performance for users around the world?

Amazon CloudFront

Which AWS services are associated with Edge Locations? (choose 2)

Amazon CloudFront AWS Shield

Which services provide protection measures against distributed denial of service (DDoS) attacks? (choose 2)

Amazon CloudFront AWS WAF

Which AWS services can be used to gather information about AWS account activity

Amazon CloudFront, AWS CloudTrail

Which service records API activity on your account and delivers log files to an Amazon S3 bucket?

Amazon CloudTrail

Which of the following services provides you with data and actionable insights to monitor your applications, understand and respond to system-wide performance changes, optimize utilization, and get a unified view of operational health?

Amazon CloudWatch

Which service can be used to track the CPU usage of an EC2 instance?

Amazon CloudWatch

Which service sends notifications or automatically makes changes to the resources being monitored based on rules you established

Amazon CloudWatch

Which service sends notifications or automatically makes changes to the resources being monitored based on rules you established?

Amazon CloudWatch

You have deployed your application on multiple Amazon EC2 instances. Your customers complain that sometimes they can't reach your application. Which AWS service allows you to monitor the performance of your EC2 instances to assist in troubleshooting these issues

Amazon CloudWatch

Which services can help to automate a company's IT infrastructure? (choose 2)

Amazon CloudWatch Alarms, AWS Lambda Scheduled Events

Which of the following services provides you with the data and actionable insights to monitor your applications, understand and respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health

Amazon Cloudwatch

Which service can be used to track CPU usage and EC2 instance

Amazon Cloudwatch

Which AWS service allows companies to connect an Amazon VPC to an on-premises data center

Amazon Direct Connect

What is the AWS database service that allows you to upload data structured in key-value format

Amazon Dynamo DB

If you are developing an application that requires a database with extremely fast performance, fast scalability, and flexibility in the database schema, what should you consider? (Select the best answer)

Amazon DynamoDB

If you are developing an application that requires a database with extremely fast performance, fast scalability, and flexibility in the database schema, what should you consider? (Select the best answer)

Amazon DynamoDB

Which database allows you to scale at the push of a button without incurring any downtime?

Amazon DynamoDB

Which database service is a NoSQL type of database that is fully managed?

Amazon DynamoDB

Which of the following is a fast and reliable NoSQL database service

Amazon DynamoDB

Your company has a data store application that requires access to a NoSQL database. Which AWS database offering would best meet this requirement

Amazon DynamoDB

To gain greater discounts, which services can be reserved? (choose 2)

Amazon DynamoDB Amazon RedShift

What service provides block storage to be used with EC2

Amazon EBS

Which service provides persistent block storage volumes for use with Amazon EC2 instances

Amazon EBS

Which service provides persistent block storage volumes for use with Amazon EC2 instances?

Amazon EBS

Which service provides persistent block volumes for use with Amazon EC2 instances?

Amazon EBS

Which of the following are features of Amazon Elastic Block Store (Amazon EBS)? (Choose two)

Amazon EBS volumes can be encrypted transparently to workloads on the attached instance., Data stored on Amazon EBS is automatically replicated within an Availability Zone.

Which of the following are features of Amazon Elastic Block Store (Amazon EBS)? (Choose two)

Amazon EBS volumes can be encrypted transparently to workloads on the attached instance., Data stored on Amazon EBS is automatically replicated within an Availability Zone.

Which AWS service can abase you use to install a third party database

Amazon EC2

Which AWS service can be used to manually launch instances based on resource requirements

Amazon EC2

Which Compute service should be used for running a Linux operating system upon which you will install custom software?

Amazon EC2

Which of the following AWS Cloud services can be used to run a customer-managed relational database

Amazon EC2

Which of the following services falls under the responsibility of the customer to maintain operating system configuration, security patching, and networking

Amazon EC2

Which AWS service can you use to install a third-party database?

Amazon EC2 - All of these services are managed services except for Amazon EC2. EC2 is the only service in the list upon which you can manually install the database software of your choice

A company is migrating an application that is running non-interruptible workloads for a three-year time frame. Which pricing construct would provide the MOST cost-effective solution

Amazon EC2 Reserved Instances

Which of the following instance types provides you with a significant discount compared to On-Demand Instance pricing?

Amazon EC2 Reserved Instances

Which of the following instance types provides you with a significant discount compared to On-demand Instance pricing?

Amazon EC2 Reserved Instances

Which of the following must be specified when launching a new Amazon Elastic Compute Cloud (Amazon EC2) Windows instance? (Choose two)

Amazon EC2 instance type, Amazon Machine Image (AMI)

Why is AWS more economical than traditional data centers for applications with varying compute workloads

Amazon EC2 instances can be launched on-demand when needed

Why is AWS more economical than traditional data centers for applications with varying compute workloads? (Select the best answer)

Amazon EC2 instances can be launched on-demand when needed.

Why is AWS more economical than traditional data centers for applications with varying compute workloads? (Select the best answer)

Amazon EC2 instances can be launched on-demand when needed.

A company is considering using AWS for a self-hosted database that requires a nightly shutdown for maintenance and cost-saving purposes. Which service should the company use

Amazon EC2 with Amazon Elastic Block Store (Amazon EBS)

What core services are considered "Compute"

Amazon EC2, AWS Lambda, Auto Scaling, AWS Elastic Beanstalk, Amazon Elastic Container Registry, Amazon Elastic Container Service, Amazon Lightsail, AWS Batch

Which AWS services can host a Microsoft SQL Server database

Amazon EC2, Amazon Relational Database Service (Amazon RDS)

Which of the following instance types provides you with a significant discount compared to On-Demand Instance pricing

Amazon EC2, Reserved Instances

Which AWS Storage service enables you to grant the ability for EC2 instances and on-premise servers to access a shared file system and share a common data source, similar to a NAS storage system?

Amazon EFS

Which AWS service provides a simple and scalable shared file storage solution for use with Linux-based AWS and on-premise servers

Amazon EFS

Which storage service allows you to connect multiple EC2 instances concurrently using file-level protocols?

Amazon EFS

Which storage type can be mounted using the NFS protocol to many EC2 instances simultaneously?

Amazon EFS

Which AWS service allows you to connect to storage from on-premise servers using standard file protocols?

Amazon EFS filesystems are mounted using the NFS protocol (which is a file-level protocol)

Which AWS service can be used to process a large amount of data using the Hadoop framework?

Amazon EMR

Which AWS service allows you to connect to storage from on-premise servers using standard file protocols?

Amazon Efs

A company is deploying a new two-tier web application in AWS. Where should the most frequently accessed data be stored so that the application's response time is optimal

Amazon ElastiCache

Which service can be added to a database to provide improved performance for some requests?

Amazon ElastiCache

Which service is best for storing common database query results, which helps to alleviate database access load

Amazon ElastiCache

Which service provides the ability to simply upload applications and have AWS handle the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring?

Amazon Elastic Beanstalk

Which AWS storage technology can be considered a "virtual hard disk in the cloud"?

Amazon Elastic Block Storage (EBS) volume

Which of the following are examples of AWS-Managed Services, where AWS is responsible for the operational and maintenance burdens of running the service

Amazon Elastic MapReduce & Amazon DynamoDB

Which service provides a way to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PCs?

Amazon Elastic Transcoder

Which of the below is a fully managed Amazon search service based on open source software?

Amazon Elasticsearch

The identification process of an online financial services company requires that new users must complete an online interview with their security team. After verifying users' identities, the recorded interviews are only required in the event of a legal issue or a regulatory compliance breach. What is the most cost-effective service to store the recorded videos

Amazon Glacier

Which AWS Service stores objects as a collection in an archive file format like a tar or zip file?

Amazon Glacier

Which AWS service should be used for long-term, low-cost storage of data backups

Amazon Glacier

Which of the following can be used as a storage class for an S3 object lifecycle policy? (Choose three)

Amazon Glacier, S3 - Infrequent Access, S3 - Standard Access

Which of the following AWS services has no additional charge associated with its use? (The resources provisioned within the service may incur costs.)

Amazon Identity and Access Management (IAM)

Which service can you sue to provision a preconfigured server with little to no AWS experience

Amazon Lightsail

Which service can you use to provision a preconfigured server with little to no AWS experience?

Amazon Lightsail provides preconfigured virtual private servers (instances) that include everything required to deploy and application or create a database

Which of the following AWS features enables a user to launch a pre-configured Amazon Elastic Compute Cloud (Amazon EC2) instance

Amazon Machine Image

Which service can be used to create sophisticated, interactive graph applications?

Amazon Neptune

Which AWS database service supports complex queries and joins and is suitable for a transactional database deployment?

Amazon RDS

Which AWS managed service is used to host databases

Amazon RDS

Which of the below AWS services supports automated backups as a default configuration?

Amazon RDS

You work as an on-premises MySQL DBA. The work of database configuration, backups, patching, and DR can be time-consuming and repetitive. Your company has decided to migrate to the AWS Cloud. Which of the following can help save time on the regular database tasks so you can focus on giving users the fast performance and high availability that they need

Amazon RDS

What core services are considered "Database"

Amazon RDS, Amazon DynamoDB, Amazon Redshift, AWS Database Migration Service, Amazon ElastiCache

Which services are integrated with KMS encryption

Amazon RDS, Amazon EBS

Which services are integrated with KMS encryption? (choose 2)

Amazon RDS, Amazon EBS

Which AWS services should be used for read/write of constantly changing data

Amazon RDS, Amazon EFS

Which AWS database service provides a fully managed data warehouse that can be analyzed using SQL tools and business intelligence tools?

Amazon RedShift

A company is looking for a scalable data warehouse solution. Which of the following AWS solutions would meet the company's needs

Amazon Redshift

Which AWS Cloud service is best suited for Online Analytics Processing (OLAP)? (Select the best answer)

Amazon Redshift

You are building a data loss prevention (DLP) application that needs to read text content in images and can detect and prevent the leak of Social Security Numbers as part of your compliance requirements? Which AWS Service can help you with this?

Amazon Rekognition

Which of the following is an AWS managed Domain Name System (DNS) web service

Amazon Route 53

Which service supports the resolution of public domain names to IP addresses or AWS resources?

Amazon Route 53

Which services can be used across hybrid AWS Cloud architectures

Amazon Route 53 & Virtual Private Gateway

Identify the services that have a global (rather than regional) scope? (choose 2)

Amazon Route 53 and Amazon CloudFront have a global scope.

Identify the services that have global rather than local Scope

Amazon Route 53 and Amazon cloudfront

Which statement best describes Amazon Route 53?

Amazon Route 53 is a highly available and scalable Domain Name System (DNS) service

Which AWS services are defined as global instead of regional

Amazon Route 53, Amazon CloudFront

What is the lowest-cost, durable storage option for retaining database backups for immediate retrieval

Amazon S3

Which AWS service can serve a static website

Amazon S3

Which service provides a virtually unlimited amount of online highly durable object storage

Amazon S3

Which service provides object-level storage in AWS

Amazon S3

Which service stores objects, provides real-time access to those objects, and offers versioning and lifecycle capabilities

Amazon S3

Which of the following S3 storage classes is ideal for data with unpredictable access patterns

Amazon S3 Intelligent-Tiering

What is the most cost-effective Amazon S3 storage tier for data that is not often accessed but requires high availability?

Amazon S3 Standard-IA

Which of the following is not a benefit of Amazon S3

Amazon S3 can run any type of application or backend system

a,b,c

Amazon S3 charges: (select all that apply) a. only pay for what you actually use b. no hidden fees c. no overage charges

What type of storage (described in question 1) do EBS, EFS, and S3 use?

Amazon S3 uses object storage. Amazon EFS uses file storage. Amazon EBS uses block storage.

Which of the following AWS services can be used to serve large amounts of online video content with the lowest possible latency

Amazon S3, Amazon CloudFront

What core services are considered "Storage"

Amazon S3, Amazon EBS, Amazon CloudFront, Amazon Glacier, Amazon Elastic File System, AWS Snowball, Storage Gateway, AWS Snowmobile

Which service can be used for building and integrating loosely-coupled, distributed applications?

Amazon SNS

Which service is used to ensure that messages between software components are not lost if one or more components fail

Amazon SQS

Which services can be used for asynchronous integration between application components? (choose 2)

Amazon SQS Amazon Step Functions

Which service would you use to send alerts based on Amazon CloudWatch alarms

Amazon Simple Notification Service (Amazon SNS)

Which service would you use to send alerts based on Amazon CloudWatch alarms? (Select the best answer)

Amazon Simple Notification Service (Amazon SNS).

Which storage service can be used as a low-cost option for hosting static websites

Amazon Simple Storage Service (Amazon S3)

What is the AWS service that provides a virtual network dedicated to your AWS account

Amazon VPC

Which AWS services enables you to launch a virtual network that closely resembles a traditional network that you'd operate in your own data center?

Amazon VPC

For which services does Amazon not charge customers? (choose 2)

Amazon VPC, Amazon CloudFormation

What core services are considered "Networking"

Amazon VPC, Amazon Route S3, AWS Direct Connect, Elastic Load Balancing

Which AWS networking service enables a company to create a virtual network within AWS

Amazon Virtual Private Cloud (Amazon VPC)

Which AWS networking service enables a company to create a virtual network within AWS? (Select the best answer).

Amazon Virtual Private Cloud (Amazon VPC)

S3

Amazon ____ is storage for the internet. It provides a simple web interface that offers a highly scalable, reliable, and low latency data storage infrastructure at very low costs.

EBS

Amazon _____ allows you to create storage volumes and attach them to EC2 instances. Once attached, you can create a file system on top of these volumes, run a database, or use them in any other way you would use a block device. They are placed in a specific AZ, where they are automatically replicated to protect you from the failure of a single component.

CloudFront

Amazon ___________ can be used to deliver your entire website, including dynamic, static, streaming, and interactive content using a global network of edge locations. Requests for your content are automatically routed to the nearest edge locations, so content s delivered with the best possible performance.

CloudFront

Amazons CDN; (Content Delivery Network) which is a system of distributed servers that deliver webpages and other web content to a user based on the geographic locations of the user, the origin of the webpage, and a content delivery server.

Elastic Load Balancing health checks may be what? (Choose three)

An Amazon Elastic Compute Cloud (Amazon EC2) instance status check, A connection attempt, A ping

Elastic Load Balancing health checks may be what? (Choose three)

An Amazon Elastic Compute Cloud (Amazon EC2) instance status check, A connection attempt, A ping

What is an EC2 Instance?

An Elastic Cloud Compute instance is a virtual machine service provided by AWS. It is an IaaS service, where AWS provides the infrastructure and the client must take advantage of other tools to configure their environment.

What is the difference between an Identity-based Policy and a Resource-based Policy

An Identity-Based Policy is a JSON permission policy document that can be attached to a user, role or group of users. These types of policies control what actions an user or a role can do, which resources that have access to and under what conditions they can do them. A Resource-Based policy while it may be a JSON policy document like an Identity-Based Policy, it is different because you attach them to a resource which allows a specific permission to do their desired action. Unlike Identity-Based Policies, Resource-Based Policies are only Inline policies and not managed resources-based policies. This means that they are policies created and managed by you to be placed into a single user, group or role.

What is an Internet Gateway

An Internet gateway (IGW) is a VPC component that allows communication between instances in your VPC and the Internet.

AWS account that created it

An S3 bucket is owned by the ______________________ ______________________________.

What will you need to provide for a new IAM user you're creating who will use "programmatic access" to AWS resources?

An access key ID and secret access key

Which of the following are characteristics of Amazon S3

An object store & a durable storage system

Which of the options below are recommendations in the cost optimization pillar of the well-architected framework? (choose 2)

Analyze and attribute expenditure Analyze and attribute expenditure

Which type of Amazon Elastic Load Balancer operates at layer 7 of the OSI model only?

Application Load Balancer

You have an application composed of individual services and you need to route a request to a service based on the content of the request. What type of load balancer should you use

Application Load Balancer

You have an application composed of individual services and you need to route a request to a service based on the content of the request. What type of load balancer should you use?

Application Load Balancer

You have an application made up of individual services and you need to route a request to a service based on the content of the request. What type of balancer should you use?

Application Load Balancer

You have an application composed of individual services and you need to route a request to a service based on the content of the request. What type of load balancer should you use?

Application Load balancer

How would an AWS customer easily apply common access controls to a large set of users

Apply an IAM policy to an IAM group

What is the best way to apply an organizational system to EC2 instances so they can be identified by descriptors such as purpose or department?

Apply tags

What's the most efficient method for managing permissions for multiple IAM users

Assign users requiring similar permissions to IAM groups

Which AWS services are used for analytics

Athena and EMR

Which of the following is a component of the shared responsibility model managed entirely by AWS

Auditing physical data center assets

What technology enables compute capacity to adjust as loads change

Auto Scaling

How does Auto Scaling balance capacity?

Auto Scaling automatically balances EC2 instances across zones when you configure multiple zones in your Auto Scaling group settings

Which AWS feature can enable you to provision a required number of EC2 Instances and automatically launch new instances based on traffic and CPU utilization triggers?

Auto-scaling

Which of the options below are recommendations in the security pillar of the well-architected framework? (choose 2)

Automate security best practices Enable traceability

Which of the below is a best-practice when designing solutions on AWS

Automate wherever possible to make architectural experimentation easier

Which of the following tools are available to ensure you won't accidentally run past your Free Tier limit and incur unwanted costs? (Select TWO.)

Automated email alerts when activity approaches the Free Tier limits B. The Top Free Tier Services by Usage section on the Billing & Cost Management Dashboard

What is Elastic Load Balancing

Automatically distributing traffic across multiple targets

What is Elastic Load Balancing?

Automatically distributing traffic across multiple targets

What is Elastic Load Balancing?

Automatically distributing traffic across multiple targets.

Which of the below options are related to the reliability of AWS

Automatically provisioning new resources to meet demand & ability to recover quickly from failures

Which of the following components of the AWS Global Infrastructure consists of one or more discrete data centers interconnected through low latency links

Availability Zone

Which AWS feature should a customer leverage to achieve high availability of an application

Availability Zones

The principle "design for failure and nothing will fail" is very important when designing your AWS Cloud architecture. Which of the following would help adhere to this principle?

Availability Zones & AWS Elastic Load Balancer

Which components of the AWS infrastructure can be described as multiple, isolated locations within one geographic area

Availability zones

What are the advantages of cloud computing over on-premises?

Avoid large capital purchases, on-demand capacity, go global in minutes, increase speed and agility

What are the advantages of cloud computing over computing on premises

Avoid large capital purchases, use on demand capacity, go global in minutes, increase speed and agility

Which of the following is a shared control between the customer and AWS

Awareness and training

A disaster recovery strategy on AWS should be based on launching infrastructure in a separate A. Subnet B. AWS Region C. AWS edge location D. Amazon Virtual Private Cloud (Amazon VPC)

B

Amazon Elastic Compute Cloud (Amazon EC2) Spot instances are appropriate for which of the following workloads? A. Workloads that are only run in the morning and stopped at night B. Workloads where the availability of the Amazon EC2 instances can be flexible C. Workloads that need to run for long periods of time without interruption D. Workloads that are critical and need Amazon EC2 instances with termination protection

B

Amazon Lightsail is an example of which of the following? A. Infrastructure as a Service B. Platform as a Service C. Software as a Service D. Functions as a Service

B

Systems applying the cloud architecture principle of elasticity will A. Minimize storage requirements by reducing logging and auditing activities B. Create systems that scale to the required capacity based on changes in demand C. Enable AWS to automatically select the most cost-effective services D. Accelerate the design process because recovery from failure is automated, reducing the need for testing

B

The main benefit of decoupling an application is to A. Create a tightly integrated application B. Reduce inter-dependencies so failures do not impact other components C. Enable data synchronization across the web application layer D. Have the ability to execute automated bootstrapping actions

B

True or False: Both you and a friend can have an S3 bucket called 'mytestbucket'. A. True B. False

B

True or False: Identity Access Management (IAM) is a Regional service. A. True B. False

B

True or False: Objects stored in S3 are stored in a single, central location within AWS. A. True B. False

B

True or False: S3 can be used to host a dynamic website, like one that runs on a LAMP stack. A. True B. False

B

True or False: Security in the cloud is the responsibility of AWS. A. True B. False

B

True or False: The Standard version of AWS Shield offers automated application (layer 7) traffic monitoring. A. True B. False

B

True or False: There are more Regions than there are Availability Zones. A. True B. False

B

What AWS tool utilizes edge location to cache content and reduce latency> A. EC2 Instances B. AWS CloudFront C. EBS storage D. RDS E. VPCs

B

Which AWS service allows you to run code without having to worry about provisioning any underlying resources (such as virtual machines, databases etc.) A. EC2 B. Lambda C. DynamoDB D. EC2 Container Service

B

Which AWS service would simplify migration of a database to AWS? A. AWS Storage Gateway B. AWS Database Migration Service (AWS DMS) C. Amazon Elastic Compute Cloud (Amazon EC2) D. Amazon AppStream 2.0

B

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? A. AWS Regions B. AWS edge locations C. AWS Availability Zones D. Amazon Virtual Private Cloud (Amazon VPC)

B

Which native AWS service will act as a file system mounted on an S3 bucket? A. Amazon Elastic File System B. AWS Storage Gateway C. Amazon S3 D. Amazon Elastic Block Store

B

Which of the following AWS Support levels offers the assistance of a Technical Account Manager? A. Elite B. Enterprise C. Business D. Developer

B

Which of the following Compliance guarantees attests to the fact that the AWS Platform has met the standard required for the secure storage of medical records in the US? A. HITECH B. HIPPA C. GLBA D. FERPA

B

Which of the following EC2 instance types will realize a savings over time in exchange for a contracted term-of-service? A. On-demand instances B. Reserved instances C. Spot instances D. Discount instances

B

Which of the following are not valid CloudFormation template sections? A. Outputs B. Options C. Parameters D. Resources

B

Which of the following best describes a Resource Group? A. A resource group is a collection of resources that are deployed in the same AWS Region. B. A resource group is a collection of resources that share one or more tags (or portions of tags.) C. A resource group is a collection of resources of the same type (EC2, S3, etc.) that are deployed in the same Availability Zone. D. A resource group is a collection of resources of the same type (EC2, S3, etc.) that share one or more tags or portions of tags.

B

Which of the following is AWS's responsibility under the AWS shared responsibility model? A. Configuring third-party applications B. Maintaining physical hardware C. Securing application access and data D. Managing custom Amazon Machine Images (AMIs)

B

Which of the following is a benefit of Amazon Elastic Compute Cloud (Amazon EC2) over physical servers? A. Automated backup B. Paying only for what you use C. The ability to choose hardware vendors D. Root/administrator access

B

Which of the following services uses AWS edge locations? A. Amazon Virtual Private Cloud (Amazon VPC) B. Amazon CloudFront C. Amazon Elastic Compute Cloud (Amazon EC2) D. AWS Storage Gateway

B

Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated? A. Amazon CloudWatch B. AWS CloudTrail C. AWS X-Ray D. AWS Identity and Access Management (AWS IAM)

B

Who has control of the data in an AWS account? A. AWS Support Team B. AWS Account Owner C. AWS Security Team D. AWS Technical Account Manager (TAM)

B

You need to implement an automated service that will scan your AWS environment with the goal of both improving security and reducing costs. Which service should you use? A. Config Rules B. Trusted Advisor C. Service Catalog D. CloudTrail

B

You need to use an AWS service to assess the security and compliance of your EC2 instances. Which of the following services should you use? A. AWS Trusted Advisor B. AWS Inspector C. AWS Shield D. AWS WAF

B

Which AWS services can be used to store files? (Select Two) A. Amazon CloudWatch B. Amazon Simple Storage Service (Amazon S3) C. Amazon Elastic Block Store (Amazon EBS) D. AWS config E. Amazon Athena

B, C

Which of the following are Support Levels offered by AWS? (Choose 3) A. Individual B. Business C. Developer D. Start-up E. Basic

B, C, E

Which of the following are AWS compute services? (Choose 2) A. SNS B. Lambda C. EBS D. EC2

B, D

Which of the following are advantages of AWS cloud security? (Choose 2) A. AWS retains complete control and ownership of your data region B. You retain complete control and ownership of your data region C. AWS infrastructure security auditing is periodic and manual D. AWS uses multi-factor access control systems E. AWS uses single-factor access control systems

B, D

Which of the following are valid EC2 pricing options? (Choose 2) A. Enterprise B. On-Demand C. Stop D. Reserved

B, D

Which of the following support plans features unlimited (customer-side) contacts and unlimited support cases? (Choose 2) A. Basic B. Enterprise C. Developer D. Business

B, D

Which of the following are valid access types for an IAM user? (Choose 3) A. Emergency access via Identity Access Management (IAM) B. Using the AWS Software Developers Kit C. Security Group access via the AWS command line D. Programmatic access via the command line E. AWS Management Console access

B, D, E

Which of the following AWS tools help your application scale up or down based on demand? (Choose 2) A. AWS CloudFormation B. Auto Scaling C. Auto Availability Zones D. Agile Load Balancing E. Elastic Load Balancing

B, E

Amazon CloudWatch supports which types of monitoring plans? (Choose two)

Basic monitoring, which is free, Detailed monitoring, which has an additional cost

What are the four support plans offered by AWS Support? (Select the best answer.)

Basic, Developer, Business, Enterprise

If NACLs offer the ability to block and deny traffic, why do we need security groups?

Because Security Groups protect instances within a Subnet

Why is it that most AWS resources are tied to a single region

Because those resources are run on a physical device, and that device must live somewhere

Which of the following are the primary reasons for choosing a specific region when deciding where to deploy your application? (Choose 2 answers)

Being able to deploy your application that enables you to achieve data sovereignty and being able to deploy your application that offers the lowest network latency

What are two examples of the advantages of cloud computing? (choose 2)

Benefit from massive economies of scale Increase speed and agility

Which is the best place to get a quick summary of this month's spend for your account?

Billing & Cost Management Dashboard

When instantiating compute resources, what are two techniques for using automated, repeatable processes that are fast and avoid human error? (choose 2)

Bootstrapping, Infrastructure as code

Which of the statements below is accurate regarding Amazon S3 buckets? (choose 2)

Bucket names must be unique globally, Buckets are region-specific

Which two options are available to grant permissions in Amazon S3, both at the bucket level and individual file level? (Choose 2 answers)

Bucket policies and Access Control Lists

What benefits are provided by Amazon CloudFront? (choose 2)

Built-in DDoS attack protection, Content is cached at Edge locations for fast distribution to customers

What is the most cost-effective support plan that should be selected to provide at least a 1-hour response time for a production system failure?

Business

Which is the MINIMUM AWS Support plan that allows for one-hour target response time for support cases

Business

Which is the MINIMUM AWS Support plan that provides technical support through phone calls

Business

What are the characteristics of the Developer Support Plan? (Choose two)

Business hours access to Cloud Support Associates via email, One primary contact may open a case

What are the four support plans offered by AWS? (Choose four)

Business, Enterprise, Basic, Developer

What are the four support plans offered by AWS? (Choose four)

Business, Enterprise, Basic, Developer

One of the most important AWS best-practices to follow is the cloud architecture principle of elasticity. How does following this principle improve your architecture's design

By automatically provisioning the required AWS resource based on changes in demand

How does "elasticity" benefit an application design?

By automatically scaling resources based on demand

How does Amazon EC2 Auto Scaling help with resiliency?

By launching and terminating instances as needed

How can you view the distribution of AWS spending in one of your AWS accounts

By using Cost Explorer

By default, what is the maximum number of Linked Accounts per Paying Account under Consolidated Billing? A. 10 B. 50 C. 20 D. 100

C

How would a system administrator add an additional layer of login security to a user's AWS Management Console? A. Use AWS Cloud Directory B. Audit AWS Identity and Access Management (IAM) roles C. Enable Multi-Factor Authentication D. Enable AWS CloudTrail

C

In which of the following is CloudFront content cached? A. Availability Zone B. Region C. Edge Location D. Data Center

C

There are at least _______ Availability Zones per AWS Region. A. 3 B. 4 C. 2 D. 1

C

Under the Shared Responsibility model, for which of the following does AWS not assume responsibility? A. Hypervisors B. Networking C. Customer data D. Physical security of AWS facilities

C

Which AWS service is specifically designed to assist you in processing large data sets? A. AWS Big Data Processing B. EC2 C. EMR D. ElastiCache

C

Which AWS service provides infrastructure security optimization recommendations? A. AWS Price List Application Programming interface (API) B. Reserved instances C. AWS Trusted Advisor D. Amazon Elastic Compute Cloud (Amazon EC2) Spot Fleet

C

Which of the following AWS Support levels offers 24x7 support via phone or chat? A. Developer B. Basic C. Business D. Individual

C

Which of the following AWS services can assist you with cost optimization? A. AWS WAF B. AWS Inspector C. AWS Trusted Advisor D. AWS Shield

C

Which of the following best describes Availability Zones? A. Two zones containing compute resources that are designed to automatically maintain synchronized copies of each other's data. B. A Content Distribution Network used to deliver content to users. C. Distinct locations from within an AWS region that are engineered to be isolated from failures. D. Restricted areas designed specifically for the creation of Virtual Private Clouds.

C

Which of the following data archival services is extremely inexpensive, but has a several hour data-retrieval window? A. S3-1Zone-IA B. S3-IA C. Glacier D. S3 E. S3-RRS

C

Which of the following examples supports the cloud design principle "design for failure and nothing will fail?" A. Adding an elastic load balancer in front of a single B. Amazon Elastic Compute Cloud (Amazon EC2) instance B. Creating and deploying the most cost-effective solution C. Deploying an application in multiple Availability Zones D. Using Amazon CloudWatch alerts to monitor performance

C

Which of the following is AWS' managed DDoS protection service? A. AWS WAF B. Security Groups C. AWS Shield D. Access Control Lists

C

Which of the following is AWS' managed database service that is up to 5X faster than a traditional MySQL database. A. MariaDB B. PostgreSQL C. Aurora D. DynamoDB

C

Which of the following is NOT an AWS region? A. Oregon B. Ireland C. Moscow D. Frankfurt E. Virginia

C

Which of the following is correct? A. # of Availability Zones > # of Regions > # of Edge Locations B.# of Availability Zones > # of Edge Locations > # of Regions C. # of Edge Locations > # of Availability Zones > # of Regions D. # of Regions > # of Availability Zones > # of Edge Locations

C

Which of the following is the document used to grant permissions to users, groups, and roles? A. Paradigm B. Passbook C. Policy D. Protocol

C

Which of the following support plans features a < 4-hour response time in the event of an impaired production system? A. Developer B. Basic C. Business D. Individual

C

Which of the following support plans features access to AWS Support during business hours via email? A. Enterprise B. Business C. Developer D. Basic

C

Which of the following support services do all accounts receive as standard? A. 24/7 support via phone and chat B. Technical support C. Billing support D. Technical Account Manager

C

Which service allows for the collection and tracking of metrics for AWS services? A. Amazon CloudFront B. Amazon CloudSearch C. Amazon CloudWatch D. Amazon Machine Learning (Amazon ML)

C

Why is AWS more economical than traditional data centers for applications with varying compute workloads? A. Amazon Elastic Compute Cloud (Amazon EC2) costs are billed on a monthly basis. B. Customers retain full administrative access to their Amazon EC2 instances. C. Amazon EC2 instances can be launched on-demand when needed. D).Customers can permanently run enough instances to handle peak workloads.

C

Which of the following are criteria affecting your billing for RDS? (Choose 3) A. Standby time B. Data transfer in C. Additional storage D. Number of requests E. Clock hours of server time

C, D, E

Which of the following statements are true about Availability Zones? (Choose 2) A. A single zone equals a single data center B. Multiple zones are physically connected on the same grid C. Multiple zones are connected by low latency network links D. Multiple zones will fail if one zone fails E. A single zone can span multiple data centers

C, E

What text format does the credential report use?

CSV

What are the benefits of using Amazon Rekognition with image files?

Can be used to identify objects in an image

Which of the following are included in AWS Assurance Programs? (Choose two)

Certification/Attestations, Laws, regulations, and privacy

Which of the following are included in AWS Assurance Programs? (Choose two)

Certification/Attestations, Laws, regulations, and privacy

How is storage typically priced on AWS Cloud

Charged per GB

How is storage typically priced on AWS Cloud?

Charged per GB

What are the three types of load balancers that ELB offers? (Choose three)

Classic Load Balancer, Network Load Balancer, Application Load Balancer

What are the three types of load balancers that ELB offers? (Choose three)

Classic Load Balancer, Network Load Balancer, Application Load Balancer

Cloud Deployment Model "All-In"

Cloud based application that is fully deployed in the cloud and all parts of the application run in the cloud.

In order to meet ITSM and Compliance you decide to use the AWS Service Catalog service to ensure your IT teams can only launch preapproved products. What AWS service can you use to build a new product comprising of a Linux EC2 Instance and ensure that your users can only choose specific instance type during the launch?

CloudFormation

Which AWS service enables you to create standard hardened server configuration as a template which you can deploy for production workloads?

CloudFormation

You work for a high profile organization that runs applications and stores sensitive data in a VPC in the AWS Cloud. You need an encryption service that will enable you to generate, store and manage your encryption keys, and one which is FIPS 140-2 Level 3 complaint Which AWS service can you use for this?

CloudHSM

You would like to know who terminated one of your EC2 Instances using API calls. Which AWS Service can you use to determine this?

CloudTrail

You would like to collect custom metrics from a production application every 1 minute. What type of monitoring should you use?

CloudWatch with detailed monitoring

Your EC2 Instances come with a monitoring feature that only offers basic metrics. Which service should you enable to get access to more metrics?

CloudWatch with detailed monitoring

Which of the following are valid ways for a customer to interact with AWS services

Command line interface, Software Development Kits

What are the 4 configurable resources for each instance type?

Compute (CPU/GPU) Storage Network Memory

Select two examples of the AWS shared controls

Configuration Management & Patch Management

Under the AWS shared responsibility model what is the customer responsible for? (choose 2)

Configuration of security groups, Encryption of customer data

How can an organization track resource inventory and configuration history for the purpose of security and regulatory compliance?

Configure AWS Config with the resource types

Auto Scaling automatically balances EC2 instances across zones when you configure multiple zones in your Auto Scaling group settings

Configure Multi-AZ

You want to reduce the dependency on the single database and improve I/O performance which includes reducing the read traffic. Which AWS database configuration can you implement to help you achieve this objective?

Configure Read Replicas

Under the shared responsibility model, which of the following is the AWS' responsibility

Configuring infrastructure devices

You have discovered that some AWS resources are being used in malicious activities that could compromise your data. What should you do

Contact the AWS Abuse team

An organization has decided to reserve EC2 compute capacity for three years in order to get more discounts. Their application workloads are likely to change during this time period. What is the EC2 Reserved Instance (RI) type that will allow them to modify the reservation whenever they need to

Convertible RI's

Which of the Reserved Instance (RI) pricing models can change the attributes of the RI as long as the exchange results in the creation of RIs of equal or greater value

Convertible RIs

You are planning on purchasing a Reserved EC2 Instance. Which of the following classes of Reserved Instances are available? (Choose 2 answers)

Convertible and Standard

Your company has multiple branch offices and you have just created a new AMI for an EC2 Instance that your IT colleagues in branch offices need to use. What is the quickest way to make the AMI available to them?

Copy the AMI to the other regions

Which AWS Service provides historical cost associated with an EC2 Instance usage?

Cost Explorer

Which of these tools lets you design graphs within the browser interface to track your account spending?

Cost Explorer

What is the main difference between the goals of Cost Explorer and of cost and usage reports?

Cost Explorer displays visualizations of high-level historical and current account costs, while cost and usage reports generate granular usage reports in CSV format.

The use of what AWS feature or service allows companies to track and categorize spending on a detailed level

Cost allocation tags

Which AWS tools assist with estimating costs

Cost allocation tags, AWS Simple Monthly Calculator, AWS Total Cost of Ownership (TCO) Calculator

What should you do in order to keep the data on EBS volumes safe? (Choose two)

Create EBS snapshots & Ensure that EBS data is encrypted at rest

You are configuring AWS Organizations with multiple OUs for departments such as Operations and Development. There is a Test/Dev Account attached to the Developers OU, and you want to ensure that they are only able to configure certain AWS Services like RDS and Lambda. Which method can you use to restrict the Development Team to only performing certain actions?

Create Policies

You've been tasked with distributing a newsletter that will be pushed out to administrators by email. Which of the following is the best solution?

Create a topic in Amazon Simple Notification Service (Amazon SNS that Administrators can subscribe to

You have been tasked with distributing a newsletter that will be pushed out to administrators by email. Which of the following is the best solution?

Create a topic in Amazon Simple Notification Service (Amazon SNS) that administrators can subscribe to.

You have been tasked with distributing a newsletter that will be pushed out to administration by email. Which of the following is the best solution

Create a topic in Amazon Simple Notification Service that administrators can subscribe to

You have been tasked with distributing a newsletter that will be pushed out to administrators by email. Which of the following is the best solution?

Create a topic in SNS for people to subscribe to.

An organization has multiple AWS accounts and uses a mixture of on-demand and reserved instances. One account has a considerable amount of unused reserved instances. How can the organization reduce their costs? (choose 2)

Create an AWS Organization configuration linking the accounts Setup consolidated billing between the accounts

If each department within a company has its own AWS account, what is one way to enable consolidated billing

Create an AWS Organization from the payer account and invite the other accounts to join

A company has 70 employees divided into 10 departments. The IT administrator wants to customize each department's access to AWS. Which of the following options is most appropriate

Create an IAM group for each department, and assign IAM users to the groups

IT has 70 employees over 10 departments what is the best way to customize each departments access?

Create an IAM group for each department, and assign IAM users to the groups

A company has 70 employees divided into 10 departments. The IT Administrator wants to customize each department's access to AWS. Which of the following options is the most appropriate?

Create an IAM group for each department, and assign IAM users to the groups.

A company has 70 employees divided into 10 departments. The IT administrator wants to customize each department's access to AWS. Which of the following options is most appropriate?

Create an IAM group for each department, and assign IAM users to the groups.

What does KMS use to encrypt objects stored on your AWS account?

Customer master key

The AWS acceptable use policy for penetration testing allows?

Customers to carry out security assessments or penetration tests against their AWS infrastructure without prior approval for selected services

A company needs to know which user was responsible for terminating several critical Amazon Elastic Compute Cloud (Amazon EC2) instances. A. AWS Trusted Advisor B. Amazon EC2 instance usage report C. Amazon CloudWatch D. AWS CloudTrail logs

D

How does an edge location help end users? A. Increases latency B. Reduces power consumption C. Increases storage D. Reduces latency E. Reduces scaling

D

IAM policies are written using ________. A. SGML B. XML C. SAML D. JSON

D

What is the number one reason customers are switching to cloud computing? A. Automation B. Overprovisioning C. Finite infrastructure D. Agility E. Instant Configuration

D

Where can a customer find information about prohibited actions on AWS infrastructure? A. AWS Trusted Advisor B. AWS Identity and Access Management (IAM) C. AWS Billing Console D. AWS Acceptable Use Policy

D

Where can a customer go to get more detail about Amazon Elastic Cloud (Amazon EC2) billing activity that took place 3 months ago? A. Amazon EC2 dashboard B. AWS Cost and Usage reports C. AWS Trusted Advisor dashboard D. AWs CloudTrail logs stored in Amazon Simple Storage Service (Amazon S3)

D

Which AWS networking service enables a company to create a virtual network within AWS? A. AWS Config B. Amazon Route 53 C. AWS Direct Connect D. Amazon Virtual Private Cloud (Amazon VPC)

D

Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment? A. AWS Config B. AWS OpsWorks C. AWS SDK D. AWS Marketplace

D

Which of the following AWS services should you use to migrate an existing database to AWS? A. Route 53 B. Storage Gateway C. SNS D. DMS

D

Which of the following Compliance certifications attests to the security of the AWS platform regarding credit card transactions? A. SOC 1 B. ISO 27001 C. SOC 2 D. PCI DSS Level 1

D

Which of the following best describes EBS? A. A managed database service B. A NoSQL database service C. A bitcoin-mining service D. A virtual hard-disk in the cloud

D

Which of the following best describes an AWS Region? A. A collection of data centers that is spread evenly around a specific continent. B. A console that gives you a quick, global picture of your cloud computing environment. C. A collection of databases that can only be accessed from a specific geographic region. D. A distinct location within a geographic area designed to provide high availability to a specific geography.

D

Which of the following is AWS' Data Warehousing service? A. Elastic Map Reduce B. Snowball C. S3 Big Data D. Redshift

D

Which of the following is a benefit of running an application across two Availability Zones? A. Performance is improved over running in a single Availability Zone B. It is more secure than running in a single Availability Zone C. It significantly reduces the total cost of ownership versus running in a single Availability Zone D. It increases the availability of an application compared to running in a single Availability Zone

D

Which of the following is not a feature of AWS Organizations? A. Grouping all of your AWS accounts into Organisational Units (OUs) as part of a hierarchy B. Hierarchical based control over groups of IAM users and roles, within multiple Accounts C. AWS accounts which are members of an Organization can have the benefit of Consolidated Billing D. Granular configuration of Security Groups within a VPC

D

Which service allows an administrator to create and modify AWS user Permissions? A. AWS Config B. AWS CloudTrail C. AWS Key Management Service (AWS KMS) D. AWS Identity and Access Management (IAM)

D

Which tool can display the distribution of AWS spending? A. AWS Organizations B. Amazon DevPay C. AWS Trusted Advisor D. AWS Cost Explorer

D

You have a mission-critical application which must be globally available at all times. Which deployment strategy should you follow? A. Multi-VPC in two AWS Regions B. Deploy to all Availability Zones in your home region. C. Multi-Availability Zone D. Multi-Region

D

You have a project that will require 90 hours of computing time. There is no deadline, and the work can be stopped and restarted without adverse effect. Which of the following computing options offers the most cost-effective solution? A. Reserved instances B. On-demand instances C. ECS instances D. Spot instances

D

Your Development team uses four on-demand EC2 instances and your QA team has 5 reserved instances, only three of which are being used. Assuming all AWS accounts are under a single AWS Organization, how will the Development team's instances be billed? A. The pricing for the reserved instances will shift from QA to Dev. B. All the Dev team's instances will be billed at the on-demand rate. C. All the Dev instances will be billed at the reserved instance rate. D. The Dev team will be billed for two instances at on-demand prices and two instances at the reserved instance price.

D

What is true about Regions? (Choose 2) A. All regions are located in one specific geographic area B. Resources are replicated across all regions by default C. Physical location of your customers D. Physical location with multiple availability zones E. Each region is located in separate geographic area

D, E

Which of the following AWS services are free to use? (Choose 5) A. EC2 B. RDS C. S3 D. CloudFormation E. Elastic Beanstalk F. Route53 G. Auto-Scaling H. VPC I. EBS J. IAM

D, E, G, H, J

You are setting an AWS CloudFront distribution for a new video sharing web application. Your CFO would like to know the costs associated with using CloudFront. Which of the following is NOT required to estimate the cost of CloudFront?

Data Transfer In

Which of the following characteristics are you charged for when using the AWS Cloud? (Choose 3 answers)

Data Transfer Out, Compute and Storage

Which of the following characteristics are you charged for when using the AWS Cloud? (Choose 3 answers)

Data Transfer Out, Storage and Compute

What costs are included when comparing AWS Total Cost of Ownership (TCO) with on-premises TCO

Data center security

What is the AWS customer responsible for according to the AWS shared responsibility model

Data encryption

Which statement is true in relation to data stored within an AWS Region?

Data is not replicated outside of a region unless you configure it

What should you consider when choosing a database type? (Select the best answer)

Data size, Data access period, Query frequency, Highly available (All of the above)

What considerations are there when choosing which region to use? (choose 2)

Data sovereignty and latency

What considerations are there when choosing which region to use

Data sovereignty, latency

What are the fundamental charges for an Amazon EC2 instance? (choose 2)

Data storage Server uptime

There is no charge for which of the following? (Choose two answers.)

Data transfer between services within the same AWS Region, Inbound data transfer (with some exceptions)

There is no charge for which of the following? (Choose two) Compute Storage Inbound data transfer Outbound data transfer Data transfer between services within the same region

Data transfer between services within the same region, Inbound data transfer

What type of AWS data transfer is free for Amazon S3? (Choose two) Inbound data transfer from internet to S3 Outbound data transfer from S3 to CloudFront Outbound data transfer from S3 to all regions Outbound data transfer from S3 to internet

Data transfer between services within the same region, Inbound data transfer

Which AWS services can you use to migrate an existing database to AWS?

Database Migration Service (DMS)

What is an example of agility in the AWS Cloud

Decreased acquisition time for new compute resources

When performing a cost analysis that supports physical isolation of a customer workload, which compute hosting model should be accounted for in the Total Cost of Ownership (TCO)

Dedicated Hosts

Which of the following Amazon EC2 pricing models allow customers to use existing server-bound software licenses

Dedicated Hosts

You wish to deploy EC2 Instances in the Amazon AWS Cloud and utilize your own Microsoft Volume Licenses. Which EC2 pricing option allows you to use your existing server licenses?

Dedicated Hosts

Which Amazon Elastic Compute Cloud (Amazon EC2) feature ensures your instances will not share a physical host with instances from any other AWS customer? (Select the best answer)

Dedicated Instances

Which Amazon Elastic Compute Cloud (Amazon EC2) feature ensures your instances will not share a physical host with instances from any other AWS customer? (Select the best answer)

Dedicated Instances

Which of the following does not contribute significantly to the operational value of a large cloud provider like AWS?

Deep experience in the retail sphere

Which of the following are best practices to secure your account using AWS Identity and Access Management (IAM)?

Define fine-grained access rights., Manage access to AWS resources.

After initial login, what does AWS recommend as the best practice for the AWS Account Root User? (Select the best answer)

Delete root user access keys

After initial login, what does AWS recommend as the best practice for the AWS account root user?

Delete the access keys of the AWS account root user

What can AWS edge locations be used for

Delivering content closer to users, Reducing traffic on the server by caching responses

Which of the options below are recommendations in the performance efficiency pillar of the well-architected framework? (choose 2)

Democratize advanced technologies Use serverless architectures

Which design principles are recommended when considering performance efficiency? (Choose two)

Democratize advanced technologies, Serverless architecture

A company has developed an eCommerce web application in AWS. What should they do to ensure that the application has the highest level of availability

Deploy the application across multiple Regions and Availability Zones

Distributing workloads across multiple Availability Zones support which cloud architecture design principle

Design for failure

Which of the following is an architectural best practice recommended by AWS?

Design for failure

Which of the following are architectural best practices for the AWS Cloud? (choose 2)

Design for fault tolerance Deploy into multiple Availability Zones

Which of the following services further increases your EC2 Instances costs? (Choose 2 answers)

Detailed Monitoring and Use of Elastic Load Balancers

What does the AWS Personal Health Dashboard provide?

Detailed troubleshooting guidance to address AWS events impacting your resources & personalized view of AWS service health

When configuring new IAM Users, which two Access Types are available on the AWS Management Console? (Choose 2 answers)

Direct Access and Remote Access

A company plans to create a hybrid cloud architecture. What technology will allow them to create a hybrid cloud?

Direct Connect

Which type of connection should be used to connect an on-premises data center with the AWS cloud that is high speed, low latency and does not use the Internet?

Direct Connect

Which of the following core services are offered by Amazon Route53? (Choose 4 answers)

Domain Registration, Availability Monitoring, DNS Management and Traffic Management

To ensure the security of your AWS account, what are two AWS best practices for managing access keys? (choose 2)

Don't generate an access key for the root account user Where possible, use IAM roles with temporary security credentials

Which Amazon Database solution offers high levels of scalability and high availability, and does not need complex joins or transactions?

DynamoDB

availability zone

EBS Volumes are attached to EC2 instances, and launched in the same __________ _________

What are the differences between EBS, EFS, and S3?

EBS is only accessible from one EC2 instance in an AWS region, but EFS is better because a file can be accessed from a variety of regions and instances. S3 is better because it can store and retrieve unlimited amounts of data. It is beneficial because of how many files it can store.Amazon Elastic Block Store (Amazon EBS)A persistent & mountable storage system that can be added to an EC2 instance. One EBS volume can be attached to one instance in the same availability zone. Amazon Simple Storage Service (Amazon S3)S3 is a persistent storage solution that makes every file an object and is given an accessible URL Amazon Elastic File System (Amazon EFS)EFS is a shared file system that many EC2 instances can mount and use at the same time.

What is EBS and what purpose does it serve for the EC2?

EBS stands for Amazon Elastic Block Storage. The purpose of EBS is to serve as the primary data drives for EC2 instances.

Which types of root storage devices are available for Amazon EC2 instances? (choose 2)

EBS volume Instance Store

Which of the following statements are correct about Elastic Block Store (EBS) volumes? (choose 2)

EBS volumes must be in the same AZ as the instance they are attached to, You can attach multiple EBS volumes to an instance

Which of the following are valid origins for a CloudFront distribution?

EC2 instance B. A public S3 bucket

dedicated hosts

EC2 pricing that is useful for; - useful for regulatory requirements that may not support multi-tenant virtualization - great for licensing which does not support multi-tenancy or cloud deployments

spot pricing

EC2 pricing useful for; - applications tat have flexible start and end times - applications that are only feasible at very low compute prices

FIGHTDRMCPXZ

EC2 types Acronym (remember this and will be able to identify a random instance type that tester may try to put on the test)

internet gateway

EIPs cannot be used on instances in subnets configured to use a NAT gateway or a NAT instance to access the internet, but they can be used on instances in subnets configured to route their traffic directly to the ________ _________

In order to implement best practices when dealing with a "Single Point of Failure," you should aim to build as much automation as possible in both detecting and reacting to failure. Which of the following AWS services would help? (Choose two)

ELB & Auto Scaling

What do you gain from setting up consolidated billing for five different AWS accounts under another master account

Each AWS account gets volume discounts

What is a Subnet

Each subnet resides entirely within one Availability Zone and cannot span zones. If a subnet's traffic is routed to an Internet Gateway, the subnet is known as a public subnet. If a subnet does not have a route to the Internet gateway, the subnet is known as a private subnet.

As AWS grows, the cost of doing business is reduced and savings are passed back to the customer with lower pricing. What is this optimization called? (Select the best answer.)

Economies of scale

As AWS grows, the general cost of doing business is reduced and savings are passed back to the customer in the form of lower pricing. What is this optimization called?

Economies of scale

As AWS grows, the general cost of doing business is reduced and savings are passed back to the customer in the form of lower pricing. What is this optimization called? (Select the best answer) Economies of Scope Economies of optimization economies of labor economies of scale

Economies of scale

Which component of the AWS global infrastructure supports the caching of content for faster access

Edge Locations

Which component of the AWS global infrastructure supports the caching of content for faster access?

Edge Locations

Which component of the AWS global infrastructure supports the caching of content for faster access?

Edge locations

Which AWS Services enables you to quickly deploy and manage applications in the AWS Cloud without worrying about the infrastructure that runs those applications?

Elastic Beanstalk

Which AWS service enables you to assign a static public IP Address that will not change if the EC2 Instance reboots?

Elastic IP

Which Amazon EC2 feature provides a static IPv4 public IP address that does not change when the instance is rebooted?

Elastic IP

Automatically distributing traffic across multiple targets

Elastic Load Balancing

Which of the following services will automatically scale with an expected increase in web traffic

Elastic Load Balancing

You have an application composed of individual services. You need to route a request to a service based on the content of the request. What service should you use?

Elastic Load Balancing

Which of the following AWS tools help your application scale up or down based on demand? (Choose two)

Elastic Load Balancing, Auto Scaling

Which AWS service can be used to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PC?

Elastic Transcoder

Which AWS service enables you to transcode media files into multiple different formats?

Elastic Transcoder

Which AWS feature will reduce the customer's total cost of ownership (TCO)

Elastic computing

What benefits does Amazon EC2 provide over using non-cloud servers? (choose 2)

Elastic web-scale computing, Inexpensive

redis and memcached

Elasticache supports 2 open source in-memory caching engines called __________________ _____________ ____________

What refers to the power to scale computing resources up or down easily?

Elasticity

Which feature of AWS allows you to deploy a new application for which the requirements may change over time?

Elasticity

Which of the below is an example of an architectural benefit of moving to the cloud?

Elasticity

what feature of AWS allows you to deploy a new application for which the requirements may change over time

Elasticity

Which AWS characteristics make AWS cost effective for a workload with dynamic user demand

Elasticity and Pay-as-you-go pricing.

Which of the following should you do to secure your AWS root user? (Select TW

Enable MFA. D. Create a strong password

Which of the following is a recommended best practice to add an additional layer of security for your Amazon AWS Root Account?

Enable Mult-Factor Authentication

How would a system administrator add an additional layer of login security to a user's AWS Management Console? (Select the best answer)

Enable Multi-Factor Authentication

How would a system administrator adds an additional layer of login security to a user's AWS Management Console

Enable Multi-Factor Authentication

Which of the following is best practice for adding an additional layer of security when logging into the AWS management console?

Enable Multi-Factor Authentication

Users of your services are reporting latency. With on-premises architecture you would notify your Administrator to launch another server to balance the load. How can this be automated in AWS?

Enable an Amazon CloudWatch alarm to trigger a scaling policy

Users of your services are reporting latency. With on-premises architecture you would notify your Administrator to launch another server to balance the load. How can this be automated using AWS

Enable an Amazon CloudWatch alarm to trigger a scaling policy

Users of your services are reporting latency. With on-premises architecture you would notify your Administrator to launch another server to balance the load. How can this be automated using AWS?

Enable an Amazon CloudWatch alarm to trigger a scaling policy

Users of your services are reporting latency. With on-premises architecture you would notify your Administrator to launch another server to balance the load. How can this be automated using AWS?

Enable an Amazon CloudWatch alarm to trigger a scaling policy.

Under the AWS shared responsibility model, which of the following activities are the customer's responsibility

Encrypting data on the client-side, Configuring Network Access Control Lists (ACL)

In the shared responsibility model, which of the following are examples of "security in the cloud"?

Encryption of data at rest and data in transit, Security group configurations

Which of the following types of Route 53 health checks works by making a test connection to a TCP port?

Endpoint

Which of the below are components that can be configured in the VPC section of the AWS management console? (choose 2)

Endpoints Subnet

Which of the following are characteristics of the Auto Scaling service on AWS? (Choose three)

Enforces a minimum number of running Amazon EC2 instances, Launches instances from a specified Amazon Machine Image (AMI), Responds to changing conditions by adding or terminating Amazon Elastic Compute (Amazon EC2) instances

Which of the following are characteristics of the Auto Scaling service on AWS? (Choose three)

Enforces a minimum number of running Amazon EC2 instances, Launches instances from a specified Amazon Machine Image (AMI), Responds to changing conditions by adding or terminating Amazon Elastic Compute (Amazon EC2) instances

Which is a recommended pattern for designing a highly available architecture on AWS

Ensure that the application is designed to accommodate failure of any single component.

Under the shared responsibility model, which of the following tasks are the responsibility of the AWS customer

Ensuring that application data is encrypted at rest, Ensuring that users have received security training in the use of AWS services

Under the shared responsibility model, which of the following is the customer responsible for

Ensuring that data is encrypted at rest

Which AWS support plan comes with a Technical Account Manager (TAM)?

Enterprise

Which AWS support plan includes a dedicated Technical Account Manager

Enterprise

Which AWS support plan should you use if you need a response time of < 15 minutes for a business-critical system failure?

Enterprise

Which is the minimum AWS Support plan that includes Infrastructure Event Management without additional costs

Enterprise

Which of the following AWS Support levels includes the assistance of a Technical Account Manager (TAM)? (Select the best answer)

Enterprise Support

Which of the following AWS Support levels includes the assistance of a Technical Account Manager (TAM)? (Select the best answer)

Enterprise Support

Which of the AWS Support levels offers 24 x 7 support via phone or chat? (Choose two)

Enterprise Support, Business Support

Which statement below is incorrect in relation to Security Groups?

Evaluate all rules

What does the IAM policy simulator do? (Select the best answer)

Evaluates the policies you choose and determines the effective permissions for each of the actions you specify.

What does the IAM policy simulator do? (Select the best answer)

Evaluates the policies you choose and determines the effective permissions for each of the actions you specify.

How are AWS Lambda functions triggered?

Events

Which of the following AWS resources cannot be encrypted using KMS

Existing AWS Elastic Block Store volumes

How does the metered payment model make many benefits of cloud computing possible? (Select TWO.)

Experiments with multiple configuration options are now cost-effective,Full-stack applications are possible without the need to invest in capital expenses

Which of the following need to be included in a total cost of ownership (TCO) analysis? (choose 2)

Facility equipment installation Data center security costs

Your company has a primary production website in US and a DR Site in Sydney. You need to configure DNS such that if your primary site becomes unavailable, you can fail DNS over to the secondary site. Which DNS routing policy can you configure to achieve this?

Failover Routing

Access Control Lists are used to make entire buckets (like one hosting an S3 website) public. (Select the best answer)

False

Access Control Lists are used to make entire buckets (like one hosting an S3 website) public. (Select the best answer)

False

True or False? AWS IAM is appropriate for OS and application authentication.

False

True or False? AWS is responsible for the security of everything above the hypervisor layer.

False

True or False? Private subnets have direct access to the Internet.

False

True or False? The Access Key and Secret Access Key are used to log into the AWS Management Console.

False

True or False? AWS IAM is appropriate for OS and application authentication.

False

True or False? AWS is responsible for the security of everything above the hypervisor layer.

False

True or False? By default, all data stored in S3 is viewable by the public.

False

True or False? Cloud computing provides a simple way to access servers, storage, databases, and a broad set of application services over the Internet. You own the network connected hardware required for these services and Amazon Web Services provisions what you need.

False

True or False? Cloud computing provides a simple way to access servers, storage, databases, and a broad set of application services over the internet. You own the network connected hardware required for theses services ans Amazon Web Services provisions what you need.

False

True or False? Edge locations are only located in the same general area as regions.

False

True or False? Private subnets have direct access to the Internet.

False

True or False? The Access Key and Secret Access Key are used to log into the AWS Management Console.

False

True or False? To receive the discounted rate associated with Reserved Instances, you must make a full, up-front payment for the term of the agreement.

False

True or False? Unlimited services are available via the free tier to new AWS customers for 12 months following their AWS sign-up date?

False

True or false? To receive the discounted rate associated with Reserved Instances, you must make a full, up-front payment for the term of the agreement. (Select the best answer)

False

True or false? Unlimited services are available via the free tier to new AWS customers for 12 months following their AWS sign-up date. (Select the best answer)

False

When running your database instance as a Multi-AZ deployment, you can use the standby for read or write operations. (True or false)

False

Security Groups can specify deny rules

False, only allow statements are allowed

Security groups are stateless

False, they are stateful

Security Groups operate at subnet level?

False, they operate at an instance level

You can attach a single EBS volume to multiple EC2 Instances (True or false)

False, you can only attach an EBS volume to one instance at a time

Network ACLs are NOT stateless. True or False?

False: they are stateless

Which of the following are direct benefits of server virtualization

Fast resource provisioning and launching,Efficient (high-density) use of resources

Which of the following are the categories of AWS Trusted Advisor

Fault Tolerance, Performance

Which five categories does Amazon Trusted Advisor report on to showcase if your workloads have been designed, deployed and are running in accordance with best practices? (Choose 5 answers)

Fault Tolerance, Security, Service Limits, Cost Optimization and Performance

....... means the infrastructure has built in component redundancy and ......... means that resources dynamically adjust to increase or decrease in capacity requirements.

Fault Tolerant, Elastic/Scalable

What is defined as the ability for a system to remain operational even if some of the components of that system fail? (Select the best answer)

Fault tolerance

What is defined as the ability for a system to remain operational even if some of the components of that system fail? (Select the best answer)

Fault tolerance

_____ means the infrastructure has built in component redundancy and ______ means that resources dynamically adjust to increases or decreases in capacity requirements. No human intervention, fault tolerant Fault tolerant, no human intervention Elastic and scalable, fault tolerant elastic and scalable, no human intervention fault tolerant, elastic and scalable

Fault tolerant, elastic and scalable

What are the differences between File, Block, and Object Storage?

File Storage allows for files to be organized and arranged in a hierarchy structure. This allows for it to be easiest for the user to access these files. This is advantageous because the files can be shared and collaborated on, but File Storage is disadvantageous because there is a limit on the how much the data to grow. Block Storage divides data into blocks which can be stored for efficiency. This is beneficial because it is faster to access your data and can be retrieved from a variety of areas. It is not beneficial because there is a limitation to how much data can be split into blocks, and it is more expensive than others. Object Storage helps manage data and it helps allow for massive amounts of data to be stored. It is advantageous because it is highly accessible and users can instate policies to help reinforce data.

a,b

For managed services like Amazon DynamoDB, what are the security related tasks that AWS is responsible for? (choose 2) a. install antivirus software b. disaster recovery c. Create the required access policies d. protect credentials e. logging dynamoDB Operations.

Which of the following Simple Monthly Calculator selections will likely have an impact on most other configuration choices on the page? (Select TWO.)

Free Usage Tier D. Choose Region

When are free data transfers applicable across AWS? (Choose two.)

Free outbound data transfer between AWS services within the same Region, Free inbound data transfer for Amazon Elastic Compute Cloud (Amazon EC2) instances

When are free data transfers applicable across AWS? (Choose two) Free inbound data transfer across all amazon web services in all regions free outbound data transfer across all amazon web services in all regions free inbound data transfer for EC2 instances free outbound data transfer between amazon web services within the same region

Free outbound data transfer between Amazon Web Services within the same region, Free inbound data transfer for EC2 instances

Which type of AWS Storage Gateway can be used to backup data with popular backup software?

Gateway Virtual Tape Library

hat are the differences between the 5 EC2 Instance types (General Purpose, Compute Optimized, Memory Optimized, Accelerated Optimized, & Storage Optimized)?

General Purpose instances provide a balance of compute, memory and networking resources and can be used for a variety of diverse workloads. These are preferred when applications use these resources, such as in a web server or a code repository. Compute Optimized instances are ideal for compute bound applications that benefit from high performance processors. These instances are best for batch processing workloads, media transcoding, high performance web servers and other applications that require intense and rigorous computation. Memory Optimized instances are designed to deliver fast performance for workloads that process large data sets in memory. Accelerated Optimized Computing instances use hardware accelerators to perform functions, which includes graphics processing or data pattern matching. This is more efficient than software running on CPUs. Storage Optimized instances are designed for workloads that require access to large data sets on local storage. This is beneficial because they can deliver numerous low-latency, random I/O operations per second to applications.

You run an IT blog website that has millions of visitors throughout the month. You wish to improve the performance of the website which has been distributed across several regions with multiple EC2 instances running behind Elastic Load Balancers. You wish to configure your Route53 routing policies such that users' requests from Europe are redirected to the European EC2 instances and users' requests from the US are redirected to the US EC2 instances. What type of routing policy can help you achieve this objective?

Geo-location Routing

You want to store archive data that goes back 7 years. You will rarely access this data except in special circumstances. Which storage service is ideal for this requirement?

Glacier

The AWS Cloud's multiple Regions are an example of:

Global infrastructure

Which feature of the AWS Cloud will support an international company's requirement for low latency to all of its customers

Global reach

Which of the following are considered primary advantages of cloud computing? (Choose 2 answers)

Go Global in minutes and Trade capital expense for variable expense

In architecting for the cloud, it is recommended that you design disposable resources instead of trying to build fixed servers. Which two components enable you to achieve the former?

Golden Images and Bootstrapping

You have just created a bucket and uploaded a file. When you view the properties of the file, you notice there is a web URL associated with the file. However, clicking the link gives you an "Access Denied" message. What could be wrong?

Grant Public read access to the file for Everyone

Which of the following security measures to protect access to an AWS account

Grant least privilege access to IAM users, Activate multi-factor authentication (MFA) for privileged users

When performing a total cost of ownership (TCO) analysis between on-premises and the AWS Cloud, which factors are only relevant to on-premises deployments? (choose 2)

Hardware procurement teams Facility operations costs

A characteristic of edge locations is that they:

Help lower latency and improve performance for users.

Which of the following are not benefits of AWS Cloud computing? (Choose two) High-availability High-latency Multiple procurement cycles Temporary and disposable resources Fault-tolerant databases

High-latency, Multiple procurement cycles

What advantages do NAT Gateways have over NAT Instances? (choose 2)

Highly available within each AZ Managed for you by AWS

Which of the following best describes a system that is always available, without the need for human intervention? (Select the best answer)

Highly-available

Which of the following best describes a system that is always available, without the need for human intervention? (Select the best answer)

Highly-available

Your business has a requirement to expand their IT Infrastructure in a very short space of time, and you have decided to migrate some of their web servers to the Amazon AWS Cloud. You will continue to host your sensitive file servers on your datacentre. Which type of cloud computing deployment will suit your business needs?

Hybrid

Your organization is looking to expand into the cloud for their web presence and development and test environments. Production systems will remain on-premises. What cloud computing deployment model will best suit the organization?

Hybrid

Which type of cloud deployment enables customers to leverage the benefits of the public cloud and co-existing with on-premises infrastructure?

Hybrid Cloud

Web servers running on Amazon EC2 access a legacy application running in a corporate data center. What term would describe this model

Hybrid architecture

Which IAM entity can be used for assigning permissions to multiple users?

IAM Group

An organization has a large number of technical employees who operate their AWS Cloud infrastructure. What does AWS provide to help organize them in teams and then assign the appropriate permissions for each team

IAM Groups

Which feature can you use to grant read/write access to an Amazon S3 bucket?

IAM Policy

Which IAM entity can be used for assigning permissions to AWS services?

IAM Role

Which IAM service can you use to grant temporary credentials to an AWS service with the necessary permissions?

IAM Roles

You need to grant your EC2 Instances the ability to upload and download images from an S3 bucket. Which IAM feature enables you to grant your EC2 instances the ability to access Amazon S3?

IAM Roles

Which IAM entity is associated with an access key ID and secret access key?

IAM User

Roles

IAM ________ are a secure way to grant permissions to entities that you trust.

global

IAM is _________, you do not specify a region when dealing with IAM. when you create a user or group, this is created globally.

Your colleague informs you that he wishes to set up Amazon IAM users based on the geographical regions of your company's branch offices. He logs onto the AWS IAM Console and tries to select the London Region but finds that all regions have been greyed out. What is preventing him from setting up IAM on a region by region basis?

IAM is globally based hence you cannot select a specific region. Its effects are global across your AWS Account

JSON

IAM policy documents are written in ______ format

Which of the following Identity and Access Management (IAM) entities is associated with an access key ID and secret access key when using AWS Command Line Interface (AWS CLI)

IAM user

Which of the following services in a VPC grants you Internet Access for the VPC?

IGW

You wish to migrate your on-premise tape backup solution to the AWS Storage Gateway Platform. Which protocol can help you mount these virtual tapes for your backup application?

ISCI

Which industry standards & best practice does the AWS Managed Service offering comply with?

ITIL

Which feature of Amazon Rekognition can assist with saving time?

Identification of objects in images and videos

What is the primary function of the AWS IAM service

Identity and access management

You wish to design a web solution platform such that you can offer high availability and fault tolerance. To that effect, you have decided to host multiple webservers running your website. How can you distribute traffic to your web servers so that the load is evenly spread across the web servers and ensure high availability in case a particular server fails?

Implement an Elastic Load Balancer

A solution that is able to support growth in users, traffic, or data size with no drop in performance aligns with which cloud architecture principle

Implement elasticity

Adjusting compute capacity dynamically to reduce cost is an implementation of which AWS cloud best practice?

Implement elasticity

When architecting cloud applications, which of the following are a key design principle

Implement elasticity

Which design principles for cloud architecture are recommended when re-architecting a large monolithic application

Implement loose coupling, Design for scalability.

Which of the following is an AWS Cloud architecture design principle

Implement loose coupling.

Which of the following security related activities are AWS customers responsible for? (choose 2)

Implementing IAM password policies Installing patches on Windows operating systems

Which of the following security actions are performed by customers of AWS? (Choose 2 Answers)

Implementing password Policies and Patching Windows OS

Which tools enable you to create IAM policies? (Choose 3 answers)

Import a Managed Policy, Visual Editor and JSON Scripting

logging

In S3, ________ enables you to track requests for access to your bucet.

name

In S3, the key is the ___________ of the object

temporary security credentials (temporary access keys and a security token)

In addition to creating IAM users with their own access keys, IAM also enables you to grant _________ ________ ________ to any IAM user to enable them to access your AWS services and resources.

You want to create a backup of your data in another geographical location. Where should you create this backup

In another Region

There is no charge for which of the following?

Inbound data transfers, Data transfer between services within the same region.

What is a specific benefit of an Enterprise Support plan?

Included Technical Account Manager

What are two ways that moving to an AWS cloud can benefit an organization? (choose 2)

Increase speed and agility, stop guessing about capacity

Which of the following statements are correct about the benefits of AWS Direct Connect? (choose 2)

Increased bandwidth (predictable bandwidth) Increased reliability (predictable performance)

What is the number one reason businesses are switching to cloud computing?

Increased speed and agility

What is the number one reason businesses are switching to cloud computing? Finite infrastructure Instant configuration Increased speed and agility Over-provisioning Automation

Increased speed and agility

The AWS Risk and Compliance Programs is made up of which of the following components? (Choose three)

Information Security, Risk Management, Control Environment

A company is introducing a new product to their customers, and is expecting a surge in traffic to their web application. As part of their Enterprise Support plan, which of the following provides the company with architectural and scaling guidance

Infrastructure Event Management

What is the difference between the three Cloud Service Models -- IaaS, PaaS, and SaaS?

Infrastructure as a Service is where the "hardware resources" are managed by the provider, and the customer must provision the resources, provide the OS image, application, etc. Platform as a Service is where the operating system and environment are also managed by the provider, to where the customer needs to only install their own applications to interact with data. Software as a Service is the most common for retail consumers, where the provider manages all backend aspects, and the customer is able to log in and interact with their data directly - no install or setup required.

What is the difference between an EBS volume and an Instance store?

Instance store volumes are ephemeral whereas EBS volumes are persistent storage

What is an AWS IAM instance profile? (Select the best answer)

Is a container for an IAM role that you can use to pass role information to an EC2 instance when the instance starts

What is an AWS IAM instance profile? (Select the best answer)

Is a container for an IAM role that you can use to pass role information to an EC2 instance when the instance starts

no

Is there a charge for in-bound data transfer across all AWS services in all regions?

One of the advantages to moving infrastructure from an on-premises data center to the AWS Cloud is:

It allows the business to focus on business activities.

What are the most significant architectural benefits of the way AWS designed its regions? (Select TWO.)

It can make applications available to end users with lower latency. C. It can make applications more compliant with local regulations

Which of the following is true of a new security group

It contains an outbound rule allowing access to any IP address.

Which statement best describes Elastic Load Balancing

It distributes incoming application traffic across one or more Amazon EC2 instances.

How does AWS shorten the time to provision IT resources

It provides the ability to programmatically provision existing resources

What is one of the advantages of the Amazon Relational Database Service (Amazon RDS)

It simplifies relational database administration tasks

What is the scope of an Amazon Virtual Private Cloud (VPC)?

It spans all Availability Zones within a region

Which of the following is true of a VPC peering connection?

It's a private connection between two VPCs.

IAM policies are written in?

JSON

Which two file formats are used when creating CloudFormation templates? (Choose 2 answers).

JSON and YAML

What does an organization need to do to move to another AWS region?

Just start deploying resources in the additional region

What do Amazon S3 objects consist of? (choose 2)

Key Value

What are the minimum elements required to create an Auto Scaling launch configuration? (Choose three)

Launch Configuration Name, Instance type, Amazon Machine Image (AMI)

Which of the following are required elements of an Auto Scaling group? (Choose two)

Launch configuration, Minimum size

You want to improve the resilience of your EC2 web server. Which of the following is the most effective and efficient approach?

Launch parallel, load-balanced instances in multiple Availability Zones within a single AWS Region.

Which of the following options will help increase the availability of a web server farm? (Choose two)

Leverage Auto Scaling to recover from failed instances., Launch the web server instance across multiple Availability Zones.

Which of the following options will help increase the availability of a web server farm? (Choose two)

Leverage Auto Scaling to recover from failed instances., Launch the web server instance across multiple Availability Zones.

Which Amazon S3 service can you use to automatically migrate data from one storage class to another after a set number of days as a means of reducing your costs, especially where frequent instant access may not be required to that subset of data?

Lifestyle Management

Which AWS Service enables you to launch a virtual private server with preconfigured components including a virtual machine, SSD-based storage, data transfer, DNS management, and a static IP for a fixed monthly price, without the complexity of designing these components individually?

Lightsail

Which of the following use cases is appropriate for Amazon CloudFront? [3] LIne on-demand video streaming. Security and encryption. Static asset caching. Schema generation. Security and encryption. Database backups

Live on-demand video streaming Security and encryption Static asset caching

Which of the following best describes server virtualization

Logically partitioning physical compute and storage devices into multiple smaller virtual devices

Which architectural best practice aims to reduce the interdependencies between services?

Loose Coupling

Compared with costs in traditional and virtualized data centers, AWS has:

Lower variable costs and lower upfront costs.

Which of the following is a best practice for adding an additional layer of security when logging into the AWS Management Console?

MFA - multifactor authentication

Which of the following is AWS's responsibility under the AWS shared responsibility model

Maintaining physical hardware

Which of the following is AWS's responsibility under the AWS shared responsibility model?

Maintaining physical hardware

Which of the following is AWS's responsibility under the AWS shared responsibility model? (Select the best answer)

Maintaining physical hardware

Which of the following is AWS's responsibility under the AWS shared responsibility model? (Select the best answer)

Maintaining physical hardware

Which of the following is the responsibility of AWS under the AWS shared responsibility model?

Maintaining physical hardware

What can be done using IAM

Manage IAM Users and their access: You can create Users and assign them individual security credentials (access keys, passwords, and multi-factor authentication devices). You can manage permissions to control which operations a User can perform. Manage IAM Roles and their permissions: An IAM Role is similar to a User, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a Role is intended to be assumable by anyone who needs it. Manage federated users and their permissions: You can enable identity federation to allow existing users in your enterprise to access the AWS Management Console, to call AWS APIs and to access resources, without the need to create an IAM User for each identity.

Which of the options below are recommendations in the reliability pillar of the well-architected framework? (choose 2)

Manage change in automation Automatically recover from failure

What is the main purpose of Amazon Route 53?

Managing domain name registration and traffic routing

Which of the following components is included in the value proposition of the AWS Cloud

Massive economies of scale

Which of the following components is included in the value proposition of the AWS Cloud?

Massive economies of scale

Which of the following components is included with the value proposition of the AWS Cloud?

Massive economies of scale

Which is apart of the AWS cloud value proposition? Informal security restrictions. Physical relocation of your servers. Fully independent development without parameters. Massive economies of scale.

Massive economies of scale.

Which of the following are some of the security benefits that AWS offers? (Choose two)

Meet compliance requirements, Secure global infrastructure

Which of the following are some of the security benefits that AWS offers? (Choose two)

Meet compliance requirements, Secure global infrastructure

Which of the following requires a custom CloudWatch metrics to monitor?

Memory

With the "Pay as you go" pricing model, what is the billing interval for compute resources from the time you launch a resource until you terminate it? (Select the best answer)

Monthly

With the "Pay as you go" pricing model, what is the billing interval for compute resources from the time you launch a resource until you terminate it? (Select the best answer)

Monthly

A company will be moving from an on-premises data center to the AWS Cloud. What would be one financial difference after the move

Moving from upfront capital expense (capex) to variable operational expense (opex).

Which of the following is a best practice for adding an additional layer of security when logging into AWS Management Console

Multi-factor authentication (MFA)

Which of the following is a best practice for adding an additional layer of security when logging into the AWS Management Console?

Multi-factor authentication (MFA)

Where can resources be launched when configuring AWS Auto Scaling?

Multiple AZs within a region

Which parts of the AWS infrastructure support increased resilience

Multiple Availabilities Zones in within a Region

Which Amazon RDS deployment type is best used to enable fault tolerance in the event of the failure of an availability zone?

Multiple Availability Zones

Which parts of the AWS infrastructure support increased resilience?

Multiple Availability Zones within a Region

Which parts of the AWS infrastructure support increase resilience?

Multiple Availability Zones within a region

Which parts of the AWS infrastucture support increased resilience?

Multiple Availability Zones within a region

Which of the following are not benefits of cloud computing?

Multiple procurement cycles, High Latency

Which of the following Route 53 routing policies can return set of randomly ordered values?

Multivalue Answer

Which of the following database read replicas are compatible with Amazon Aurora? (Choose 2 answers)

MySQL and PostgreSQL

Which of the following Database engines are available on Amazon RDS? (Choose 4 answers)

MySQL, Microsoft SQL, Oracle, Aurora, PostgreSQL and MariaDB

You need to allow resources in a private subnet to access the internet. Which of the following must be present to enable this access? (Select the best answer).

NAT Gateway

Amazon S3 bucket names must follow as set of rules. Which of the rules below apply to Amazon S3 bucket names? (choose 2)

Names must be unique across all of AWS, Names must be 3 to 63 characters in length.

Which of the following is an optional security control that can be applied at the subnet layer of a VPC? (Select the best answer)

Network ACL

Which of the following is an optional security control that can be applied at the subnet layer of a VPC? (Select the best answer)

Network ACL

Which type of security control can be used to deny network access from a specific IP address?

Network ACL

Which type of Elastic Load Balancer operates at the connection layer (layer 4) and supports IP addresses as targets?

Network Load Balancer

Which of the following does NOT belong to the AWS Cloud Computing models

Networking as a Service (Naas)

Is it always possible to request service limit increases from AWS?

No. Some service limits are hard

You are designing an e-commerce web application that will scale to hundreds of thousands of concurrent users. Which database technology is best suited to hold the session state in this example?

NoSQL database table using Amazon DynamoDB

A Basic Support Plan allows how many support cases per month? (Select the best answer)

None

A Basic Support Plan allows how many support cases per month? (Select the best answer)

None

Which of the following is a limitation of the AWS Simple Monthly Calculator

Not all AWS services are included

It's Sunday morning and you have been called into an urgent meeting at the office. Management is upset because a few hours ago, all instances running on the company's AWS environment went offline. One of your colleagues got an email stating that the Xen Hypervisor running in the Availability zone where you host various applications had failed. Management would like to know how you could have prevented the failure of the Xen Hypervisors?

Nothing AWS is responsible for the Xen Hypervisors as part of the shared responsibility model

What does an organization need to do in Amazon IAM to enable user access to services being launched in new region?

Nothing, IAM is global

Which of the following AWS Total Cost of Ownership Calculator parameters is likely to have the greatest impact on cost?

Number of servers

Which of the following represents Alarm States for CloudWatch? (Choose 3 answers)

OK, Alarm and Insufficient Data

What type of storage is offered by Amazon S3?

Object

What are two components of Amazon S3? (choose 2)

Objects Buckets

How is data protected by default in Amazon S3?

Objects are redundantly stored on multiple devices across multiple facilities within a region

Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted?

On Demand

Which Amazon EC2 billing option gives you low cost, maximum flexibility, no upfront costs or commitment, and you only pay for what you use?

On-Demand Instances

What is the difference between the On-Demand, Reserve, Spot, and Dedicated instance purchase types? What are the default term options for a Reserve Instance?

On-Demand instance purchase types are the most expensive pricing tier. You pay for every hour that the instance is running regardless of if you are actually using it. This is beneficial for workloads that need to run for a limited time without interruption. Reserve instance purchase types are beneficial if your application has to run uninterrupted for more than a month at a time. Once you have this purchase type, it will be applied to any instance you launch in the specific AWS region. Spot instance purchase types are for workloads that do not need to run constantly and can live through shutdowns. This Is the cheapest option.Dedicated instance purchase types are kept single at the host level from instances that belong to other accounts. It is meant for a single customer and only them. The default term options for a reserved instance are one or three year terms. This can be paid upfront, partial upfront or not upfront at all. The more you pay at the beginning, the less it will cost overall.

Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted?

On-Demand is the best choice for this situation as it is the most economical option that will ensure no interruptions

You want to run a questionnaire application for only one day (without interruption), which Amazon EC2 purchase option should you use

On-demand instances

What is an availability zone composed of?

One or more data centers in a location

Which of the following is the most accurate description of an AWS Availability Zone

One or more independently powered data centers running a wide range of hardware host types

What is AWS Trusted Advisor?

Online tool that helps you configure resources to follow best practices

In a physical data center, security is typically considered in what area? (Select the best answer)

Only in the perimeter

Which statement below is incorrect in relation to Network ACLs?

Operate at the Availability Zone level

Which of the pillars of the Well-Architected Framework is defined as the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures?

Operational Excellence

Which of the pillars of the Well-Architected Framework is defined as the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures

Operational excellence

Which of the pillars of the Well-Architected Framework is defined as the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures?

Operational excellence

Which part of the well architected framework is "the ability to run and monitor systems to deliver business value and continually improving process and procedure".

Operational excellence

What types of monitoring can Amazon CloudWatch be used for? (choose 2)

Operational health Application Performance

With AWS Relational Database Service (RDS), you are responsible for which of the following?

Optimization of applications using RDS

When using Amazon RDS databases, which items are you charged for? (choose 2)

Outbound data transfer Multi AZ

What type of AWS data transfer is free for Amazon S3?

Outbound data transfer from S3 to CloudFront, Inbound data transfer from internet to S3

Which of the following is not a setting you can configure in a Cost budget

Owner (username of resource owner

Which of the following standards governs AWS-based applications processing credit card transactions?

PCI DSS

For certain services like Amazon EC2 and Amazon RDS, you can invest in reserved capacity. Reserved Instances are available in what 3 options? (Choose three) MURI DURI PURI AURI NURI

PURI, NURI, AURI

Which pricing options are available when using Amazon EC2 Reserved Instances? (choose 2)

Partial upfront All upfront

Under the shared responsibility model, which of the following is a shared control between a customer and AWS

Patch management

Under the shared responsibility model, what are examples of shared controls? (choose 2)

Patch management, Configuration management

Which of the following is the customer's responsibility under the AWS shared responsibility model

Patching Amazon EC2 instances

Which of the following common IT tasks can AWS cover to free up company IT resources

Patching databases software, Backing up databases

What is the pricing model that allows AWS customers to pay for resources on an as-needed basis? (Select the best answer) Pay as you buy Pay as you reserve Pay as you decommission Pay as you go

Pay as you go

Which of the following describes the most common AWS billing model?

Pay as you go

Which of the following options describes the most common AWS billing model

Pay as you go

Which of the following options describes the most common AWS billing model?

Pay as you go

Which of the following options describes the most common AWS billing model?

Pay as you go.

Which of these is not a primary benefit of cloud computing over on-premises computing? (Select the best answer) Trade capital expense for variable expense eliminate guessing on your infrastructure capacity needs pay for racking, stacking and powering servers Benefit from massive economies of scale increase speed and agility

Pay for racking, stacking and powering servers

Which of these is not a primary benefit of cloud computing over on-premises computing?

Pay for racking, stacking and powering servers

Which of the following is a benefit of moving to the AWS Cloud?

Pay for what you use

Which of the following is not part of the AWS pricing philosophy?

Pay less when you consume less

Which types of pricing policies does AWS offer? (choose 2)

Pay-as-you-go, Save when you reserve

Which of the following statements is correct in relation to consolidated billing? (choose 2)

Paying accounts are independent and cannot access resources of other accounts, One bill is provided per AWS organization

Which of the following is a core benefit of using AWS Cloud Computing instead of building, configuring and deploying your own physical infrastructure?

Paying only for services you use

One benefit of On-Demand Amazon Elastic Compute Cloud (Amazon EC2) pricing is:

Paying only for time used.

Which of the following is an advantage of cloud computing compared to deploying your own infrastructure on-premise?

Paying only for what you use

According to the AWS Acceptable Use Policy, which of the following statements is true regarding penetration testing of EC2 instances

Penetration testing can be performed by the customer on their own instances without prior authorization from AWS

An Amazon EC2 instance running the Amazon Linux 2 AMI is billed in what increment?

Per second

What billing timeframes are available for Amazon EC2 on-demand instances? (choose 2)

Per second Per hour

How do customers benefit from Amazon's massive economies of scale

Periodic price reductions as the result of Amazon's operational efficiencies

What constraints apply to customers when performing penetration testing? (choose 2)

Permission is required for all penetration tests, You must complete and submit the AWS Vulnerability / Penetration Testing Request Form to request authorization

What is an IAM role?

Permissions granted a trusted entity over specified AWS resources

For which auditing process does AWS have sole responsibility

Physical security

Under the AWS shared responsibility model what is AWS responsible for? (choose 2)

Physical security of the data center Replacement and disposal of disk drives

Which of the following is an example of Amazon Lightsail? (Select the best answer)

Platform as a service

Which of the following is an example of Amazon Lightsail? (Select the best answer)

Platform as a service

What is a policy in Amazon IAM?

Policies enable you to assign permissions to users, groups and roles

power user

Policy that provides full access to AWS services and resources, but does not allow management of users and groups.

Your company provides media content via the Internet to customers through a paid subscription model. You leverage Amazon CloudFront to distribute content to your customers with low latency. What approach can you use to serve this private content securely to your paid subscribers?

Provide signed Amazon CloudFront URLs to authenticated users to access the paid content.

When deploying resources using AWS CloudFormation, what are you charged for? (choose 2)

Provisioned EC2 instances Provisioned EBS volumes

What are the fundamental charges for Elastic Block Store (EBS) volumes? (choose 2)

Provisioned IOPS The amount of data storage provisioned

Which EBS Volume is suitable for applications requiring high I/O such as a NoSQL Database?

Provisioned IOPS SSD (IO1)

Which read/write capacity modes are available for DynamoDB? (choose 2)

Provisioned capacity mode On-demand capacity mode

How can you obtain a discount on your RDS database instances?

Purchase a Reserved Database instance

In Amazon DynamoDB, what does the query operation allow you to do? (Select the best answer)

Query a table using the partition key and an optional sort key filter, Query any secondary indexes that exist for a table, Efficiently retrieve items from a table or secondary table (All of the above)

Which of the following AWS services are not likely to benefit from Amazon edge locations? (Select TWO.)

RDS,Elastic Block Store (EBS)

Your company runs a website which streams Adobe Flash media content to its visitors. These are educational how-to-guides for DIY enthusiasts and you have a global audience accessing your website daily. You wish to utilize Amazon CloudFront to deliver content that caches media at different edge locations to help reduce latency. Which distribution mechanism should you use?

Real Time Messaging Protocol (RTP)

Which of the following are the features of Amazon CloudWatch Logs

Real-time monitoring, Adjustable retention

Which Amazon Database platform is most suited for Data Warehousing solutions

Redshift

What is the main benefit of designing application components that are decoupled?

Reduce dependencies between components of an application

What is the main benefit of the principle of "loose coupling"?

Reduce interdependencies so a failure in one component does not cascade to other components

Which of the following represent economic advantages of moving to the AWS cloud? (choose 2)

Reduce the need to manage infrastructure Increase efficiencies through automation

The financial benefits of using AWS are:

Reduced Total Cost of Ownership (TCO), Reduced operational expenditure (opex).

What are the benefits of using reserved instances? (choose 2)

Reduced cost Reserve capacity

What advantages does deploying Amazon CloudFront provide? (choose 2)

Reduced latency & Improved performance for end users.

Which of the following is the primary benefit of using CloudFront distributions?

Reduced latency access to your content no matter where your end users live

A customer is deploying a new application and needs to choose an AWS Region. Which of the following factors could influence the customer's decision

Reduced latency to users, Data sovereignty compliance

What is the benefit of using fully managed services compared to deploying 3rd party software on EC2?

Reduced operational overhead

What is the advantage of the AWS-recommended practice of decoupling applications?

Reduces inter-dependencies so that failures do not impact other components of the application

When you request a new virtual machine instance in EC2, your instance will automatically launch into the currently selected value of which of the following

Region

Which of the following is a correct relationship between regions, Availability Zones, and edge locations

Regions contain Availability Zones

The AWS global infrastructure is composed of? (choose 2)

Regions, Availability Zones

Which of the following will probably not affect the pricing for an AWS service?

Requests for raising the available service limit

Which of the following are requirements you can include in an IAM password policy? (Select THREE.)

Require at least one uppercase letter. B. Require at least one number., Require at least one nonalphanumeric character.

Which Amazon EC2 pricing option provides significant discounts for fixed term contracts?

Reserved instances

Which EC2 option is best for long-term workloads with predictable usage patterns? (Select the best answer)

Reserved instances

Which EC2 option is best for long-term workloads with predictable usage patterns? (Select the best answer)

Reserved instances

You need to run a production process that will use several EC2 instances and run constantly on an ongoing basis. The process cannot be interrupted or restarted without issue. What EC2 pricing model would be best for this workload?

Reserved instances

Which of the below are good use cases for a specific Amazon EC2 pricing model? (choose 2)

Reserved instances for steady state predictable usage On-demand for ad-hoc requirements that cannot be interrupted

1, 3

Reserved instances require a ___ or _____ year purchase term, so you are committing to pay for them throughout this time period even if you don't use them.

You have utilized tagging as a way of identifying resources deployed on your AWS account. You wish to consolidate all resources so that you can identify resources that belong to a specific tag. Which service can you use to do this task?

Resource Groups

Which of the following design strategies is most effective for maintaining the reliability of a cloud application?

Resource redundancy

Which statement is true regarding the AWS shared responsibility model

Responsibilities vary depending on the service used

What are the charges for using Amazon Glacier? (choose 2)

Retrieval requests Data storage

Your web app requires temp authorization to use AWS services

Role

Which of the following are AWS IAM best practices? (Choose two)

Rotate credentials regularly., Monitor activity in your AWS account.

Which of the following are AWS IAM best practices? (Choose two)

Rotate credentials regularly., Monitor activity in your AWS account.

Which of the following are the two key problems associated with using Access Key ID and Secret Access Keys when trying to grant access to AWS services? (Choose 2 answers)

Rotation of keys and Keys might get leaked and fall into the wrong hands

Which service provides DNS in the AWS cloud

Route 53

Which of the following are not globally based AWS services? (Select TWO.)

Route 53 and Cloud Front

Your web application needs four instances to support steady traffic all of the time. On the last day of the month, the traffic triples. What is the most cost-effective way to handle this pattern?

Run four Reserved Instances constantly, then add eight On-Demand Instances on the last day of each month.

Where are Amazon RDS Automated Backups Stored?

S3

S3 Glacier Deep Archive

S3 Storage type. Amazons lowest cost storage class where a retrieval time of 12 hours is acceptable.

Which feature enables fast, easy, and secure transfers of files over long distances between a client and an Amazon S3 bucket?

S3 Transfer Acceleration

Transfer acceleration

S3 _________ ___________ enables fast, easy, and secure transfers of files over long distances between your end users and an S3 bucket. Takes advantage of CloudFront's globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path

programming language neutral

S3 architecture is designed to be ________ ________ _________, using AWS suppored interfaces to store and retrieve objects.

cross region replicaton

S3 bucket configuration: _________ _________ _________ is the automatic, asynchronous copying of objects across buckets in different AWS Regions.

Eventual consistency

S3 offers __________ _________ for overwrite PUTS and DELETES in all Regions.

read after write consistency

S3 provides ________ ______ _________ _______ for PUTS of new objects in your S3 bucket in all Regions with one caveat. The caveat is that if you make a HEAD or GET request to the key name (to find if the object exists) before reating the object, S3 provides eventual consistency for Read after write.

S3 Standard

S3 storage type: 99.99% availability 11 9s % durability Stored redundantly across multiple devices in multiple facilities, and is designed to sustain the loss of 2 facilities concurrently.

S3 glacier

S3 storage type: Secure, durable, and low cost storage class or data archiving. Retrieval times configurable from minutes to hours

S3 Intelligent Tiering

S3 storage type: designed to optimize costs by automatically moving data to the most cost effective access tier, without performance impact or operational overhead.

S3-IA (infrequently accessed)

S3 storage type: for data that is accessed less frequently, but requires rapid access when needed. Lower fee than S3, but you are charged a retrieval fee.

S3 One Zone-IA

S3 storage type: for when you want a lower cost option for infrequently accessed data, but do not require the multiple AZ data resilience

Which of the following are valid third-party federated identity standards?

SAML 2.0 D. Active Directory

You need to find an item in a DynamoDB table using an attribute other than the item's primary key. Which of the following operations should you use? (Select the best answer)

Scan

You need to find an item in a DynamoDB table using an attribute other than the item's primary key. Which of the following operations should you use? (Select the best answer)

Scan

Which Amazon EC2 Reserved Instance type enables you to match your capacity reservation to predictable recurring dates and times?

Scheduled RI

If your project requires you to run monthly reports that iterate through very large amounts of data, which Amazon EC2 purchasing option should you consider?

Scheduled Reserved Instances

With the "pay as you go" pricing model, how often do you pay for compute resources from the time you launch a resource until you terminate it? (Select the best answer) Yearly quarterly monthly daily secondly and hourly

Secondly and Hourly

With the "pay as you go" pricing model, how often do you pay for compute resources from the time you launch a resource until you terminate it?

Secondly and Hourly.

What does AWS Snowball provide?

Secure transfer or large amounts of data into and out of the AWS Cloud

Which of the following tasks is the responsibility of AWS

Securing the Amazon EC2 hypervisor

Which security service only requires a rule to be created in one direction as it automatically allows return traffic?

Security Group

Which of the following features can be configured through the Amazon Virtual Private Cloud (Amazon VPC) Dashboard

Security Groups, Subnets

In the Shared Responsibility Model, AWS has responsibility of providing what? (Select the best answer)

Security of the cloud

In the Shared Responsibility Model, AWS has responsibility of providing what? (Select the best answer)

Security of the cloud

Which of the following is not a characteristic of the Auto Scaling service on AWS? (Select the best answer)

Sends traffic to healthy instances

Which of the following is not a characteristic of the Auto Scaling service on AWS? (Select the best answer)

Sends traffic to healthy instances

Which Server-Side Encryption Technology offers additional auditing features?

Server-Side Encryption using AWS Key Management Service, Managed Keys - SSE-KMS

Which of the following is one of the first places you should look when troubleshooting a failing application

Service Health Dashboard

Which of the following best describes Infrastructure as a Service products

Services that give you direct control over underlying compute and storage resources

Which of the following best describes Platform as a Service products

Services that hide infrastructure complexity behind a simple interface

Which of the following best describes Software as a Service products

Services that provide a service to end users through a public network

Which of the following represent appropriate use cases for Amazon CloudFront? (Choose 3 answers)

Serving all websites containing both static and dynamic content to users from different geographical locations A website that delivers static content such as images and videos across the globe and you wish to improve latency and speed of download Delivering premium training videos and courses to customers around the world and making them available to only paid customers

What are the security aspects that the AWS customer is responsible for? (Choose two)

Set password complexity rules & configuring network access rules

When setting up EC2 Instances, which configuration option enables you to identify the purpose of the EC2 server and better manage cost allocation?

Setting up Tags

A startup company is operating on limited funds and is extremely concerned about cost overruns. Which of the below options can be used to notify the company when their monthly AWS bill exceeds $2000

Setup a CloudWatch billing alarm that triggers an SNS notification on their email address

Which of the following is a managed Distributed Denial of Service (DDoS) protection service Trusted Advisor Amazon Inspector AWS Shield AWS Identity and Access Management (IAM)

Shield

Which of the following Route 53 routing policies doesn't use health checks

Simple

What are the three ways to access AWS core services? (choose three) Software Development Kits AWS Command line Interface AWS Management Console Calling Technical support Through AWS Marketplace

Software Development Kits (SDKs), AWS Command Line Interface (AWS CLI), AWS Management Console

Which of these are ways to access AWS core services?

Software Development Kits (SDKs), AWS Command Line Interface (AWS CLI), AWS Management Console

What is a hypervisor

Software used to administrate virtualized resources run on physical infrastructure

What is the scope of a VPC within a region?

Spans all Availability Zones within the region

Which of the following examples best demonstrates the agility that cloud computing offers

Spin up servers in minutes, and shut down servers when you don't need them

Which of the following examples best demonstrates the agility that cloud computing offers?

Spin up servers in minutes, and shut down servers when you don't need them

Which of the following examples best demonstrates the agility that cloud computing offers?

Spin up servers in minutes, and shut down servers when you don't need them.

What is the most cost-effective EC2 pricing option to use for a non-critical overnight workload?

Spot

Which Amazon EC2 instance pricing model can provide discounts of up to 90%

Spot Instances

Which Amazon EC2 pricing model adjusts based on supply and demand of EC2 instances

Spot Instances

You are working on a project that involves creating thumbnails of millions of images; however, consistent up time is not really an issue, and continuous processing is not required. Which type of EC2 buying option would be the most cost-effective

Spot Instances

Which of the following use cases is appropriate for Amazon CloudFront? (select three).

Static asset caching, Live On-demand video streaming, Security and Encryption

Which of the following use cases is appropriate for Amazon CloudFront

Static asset caching, Live on-demand video streaming, Security and encryption

Which of the advantages of cloud listed below is most closely addressed by the capabilities of AWS Auto Scaling?

Stop guessing about capacity

Which of the options below are recommendations in the reliability pillar of the well-architected framework? (choose 2)

Stop guessing about capacity Test recovery procedures

Which of the following are some of the six advantages of cloud computing? (Choose 3 answers)

Stop guessing about capacity, Increase speed and agility and Trade capital expense for variable expense

Which category of services include Amazon S3?

Storage

Which category of services includes Amazon S3

Storage

Which category of services includes Amazon S3?

Storage

Witch category of services includes Amazon S3?

Storage

What is the standard pricing model for Amazon S3? (Choose 3 answers)

Storage per GB, Number of Requests and Data transfer out

What can you use S3 for with your web application? (Select the best answer)

Store static content such as images, video, CSS, JavaScript, etc.

What can you use S3 for with your web application? (Select the best answer)

Store static content such as images, video, CSS, JavaScript, etc.

NACLs traffic rules and restrictions are applied to:

Subnets

Which items can be configured from within the VPC management console? (choose 2)

Subnets & Security Groups

Which of these is not a cloud deployment model?

System administration as a service

T

T/F: Bucket names must be unique globally

T

T/F: By default, new subnets in a custom VPC can communicate with each other across AZs

T

T/F: EBS Volumes are automatically replicated across Availability Zones.

T

T/F: Each EBS volume is automatically replicated within its AZ to protect you from component failure

T

T/F: Objects stored in a region never leave the region unless you explicitly transfer them to another region.

T

T/F: S3 is serverless

T

T/F: Spot prices adjust gradually based on long term supply and demand for spare EC2 capacity.

F

T/F: The AWS Free Tier for RDS is a single AZ deployment

F

T/F: Windows Server with SQL Server is currently available as a spot instance.

T

T/F: there are no outbound charges between AWS in the same region

As part of the Enterprise support plan, who is the primary point of contact for ongoing support needs

TAM

How can an organization compare the cost of running applications in an on-premise or colocation environment against the AWS cloud?

TCO Calculator

What method can you use to take a backup of an Amazon EC2 instance using AWS tools?

Take a snapshot to capture the point-in-time state of the instance

What AWS region is the most recent to launch? Name a region that is scheduled to launch in the future.

The AWS region that is the most recent to launch is Milan in Europe with a total of 3 availability zones. A region that is scheduled to launch in the future is Montreal in Canada.

Which of the following best describes scalability?

The ability of an application to automatically add preconfigured compute resources to meet increasing demand

Which of the following best describes elasticity

The ability of an application to increase or decrease compute resources to match changing demand

What are Convertible Reserved Instances (RI)?

The ability to change a Reserved Instance with different configuration, operating system and tenancy as long as the target instance is of equal or higher value

Which of the following attributes of Amazon AWS are examples of the cloud computing difference? (Choose 2 answers)

The ability to create templates of your infrastructure by converting into code for repeat deployment and Global availability and unlimited capacity

Which of the following are advantages of AWS consolidated billing

The ability to receive one bill for multiple accounts, Potential volume discounts, as usage in all accounts is combined

Which statement best describes elasticity in the cloud?

The ability to scale resources up or down and only pay for what you use

What is the AWS best practice for the Account Root User?

The best AWS practice for the Account Root User is to create individual IAM users for anyone that has to use your account and when creating an account for yourself it is important to give yourself user administration permissions and all of the work. This is important because you can change the admissions for each account that is created and you can take them away.

Which of the following most accurately describes a subnet within the AWS ecosystem

The block of IP addresses assigned for use within a single Availability Zone

What information does the IAM credential report provide?

The current state of security of your IAM users' access credentials

What is the difference between an Account Root user and IAM User

The difference between an Account Root User and IAM User is that with the Account Root User you have full access to all of the resources that are in that account and that you are only allowed to use those resources that are allowed under the account that you have. But, with the IAM User, you have the ability to safely have access to AWS services and resources for any user within that AWS Account. Under IAM you can manage access to AWS services and user permissions to allow or deny an account's access to the AWS resources.

What is the difference between an IAM Policy and an IAM Permission?

The difference between an IAM Policy and an IAM permission is that an IAM Policy is something in AWS that when associated with an account or resource, it defines what permissions are available to it. These policies define what type of permissions are required for an account. An IAM permission is something that determines if an action is allowed or denied.These permissions grant access to a specific resource in AWS.

What are the difference between the different EBS volume types?

The difference between the EBS volume types are performance characteristics and price. EBS has SSD (solid state drive) and HDD (hard disk drive) volume types. SSD is faster, but often costs more. These EBS volumes also have a "provisioned / optimized" that guarantees a specific data transfer rate over total storage.

What is the difference between the AWS Simple Monthly Calculator and the Total Cost Calculator

The difference between the two is that the AWS Total Cost Calculator allows you to compare the prices between using AWS and using the on-premises servers and databases. The AWS Simple Monthly Calculator only tells you how much it would cost for using applications and services on AWS.

Which of the following characteristics most help AWS provide such scalable services? (Select TWO.)

The enormous number of servers it operates, Its highly automated infrastructure administration systems

You are planning on launching a DynamoDB NoSQL database solution designed for your organization across all branch offices located in 6 different regions. You plan to use Global Tables to setup a fully managed, multiregion, and multimaster database that provides fast local read and write performance for massively scaled, global applications. How are you charged for writing to the database?

The number of replicated write capacity units (rWCUs)

What is the purpose of Amazon Glacier?

The purpose of Amazon Glacier is to provide a secure and long-lasting service for data archiving and long-term backup. (low cost)This is done by delivering comprehensive security and capabilities that can meet whatever you need. It is designed to protect the integrity of uploaded data and allow for anytime-anywhere recovery.

What is the difference between and what is the purpose of an IAM Group and IAM Role? and for what purpose

The purpose of a IAM Role is to define the limits of what is able to be accomplished within your AWS account. It is different from an IAM group because IAM Roles are mostly used by applications and services instead of people. The purpose of an IAM Group is to make it easier for your organization when you are adding more members to your AWS infrastructure. When using IAM groups, you are able to create someone an IAM user account and add them to a specific group and that user would automatically receive all of the permissions that are entitled to that group.

What is the purpose of a VPC and a NACL?

The purpose of a VPC is to allow you to launch Amazon Web Services into a virtual network that you have created. This virtual private cloud is only for your account. This resembles a network that would be used in your own data center. The VPC is isolated from other virtual networks in the AWS Cloud.The purpose of a NACL is to act as a firewall for directing incoming and outgoing traffic in one or more subnets. It is an optional layer of security to your VPC.

What is the purpose of the AWS Simple Monthly Calculator and the AWS TCO calculator ?

The purpose of the AWS Simple Monthly Calculator is to allow you to see the monthly cost of Amazon Web Services for you based on the applications and services that you use. You are also able to see what it will cost if you use any of the AWS resources. When using the AWS Simple Monthly Calculator, you put in the description, instances, usage and type to see how much it is going to cost you.The purpose of the AWS TCO calculator is to help you compare the on-premises costs of running your application with how much it would cost if you used AWS. By using the AWS TCO calculator you are able to see how you can save money and if it would be cheaper if you used AWS. When using the AWS TCO calculator, you plug in On-Premises and the AWS region you would use and then you put in the specific hardware configuration, type and amount of data storage you are using. Then, when you are done, you receive a report so you can see the costs for everything if you use AWS or if you use the On-Premises services.

According to the AWS Shared Responsibility Model, which of the following are responsibilities of AWS? (Select TWO.)

The security of the cloud B. Patching underlying virtualization software running in AWS data centers

Which of the following is not an included parameter in the AWS Total Cost of Ownership Calculator?

The tax implications of a cloud deployment

What are the three data retrieval options for Amazon Glacier?

The three data retrieval options for amazon glacier are expedited, standard and bulk. In expedited, it takes 1 to 5 minutes and is only 3 cents per gigabyte on the east coast. Standard retrievals is the default option and is 1 cent per gigabyte on the east coast. The bulk retrieval option is the lowest cost option and is complete in 5 to 12 hours.

What will IAM users with AWS Management Console access need to successfully log in?

Their username and password

When are free data transfers applicable across AWS?

There is free inbound data transfer for EC2 instances, free outbound data trafer between Amazon Web Services within the same region.

What is a benefit of moving an on-premises database to Amazon Relational Database Service (RDS)?

There is no need to manage operating systems

What determines the order by which subnets/AZ options are displayed in EC2 configuration dialogs

They (appear) to be displayed in random order.

What is the purpose of the Service Organization Controls (SOC) reports found on AWS Artifact?

They attest to AWS infrastructure compliance with data accountability standards like Sarbanes-Oxley.

What role can the documents provided by AWS Artifact play in your application planning? (Select TWO.)

They can help you confirm that your deployment infrastructure is compliant with regulatory standards. B. They can provide insight into various regulatory and industry standards that represent best practices.

What are Edge locations used for?

They host a CDN called CloudFront

What are the advantages of Availability Zones? (choose 2)

They provide fault isolation They are connected by low-latency network connections

Cloud Deployment Model "Hybrid"

This connects cloud resources and current infrastructure to work as one. Most commonly used to connect on-premise infrastructure to the cloud.

Cloud Deployment Model "Private Cloud" (On Premise)

This is private infrastructure owned by the company and has no ties to any cloud services. This would be a private data center.

EMR

This service enables businesses, researches, data analysts, and developers to easily and cost effectively process vast amounts of data. It uses a hosted Hadoop framework running on the web-scale infrastructure of EC2 and S3.

EC2

This service provides virtual compute resources in the cloud.

Which of the following Reserved Instance (RI) pricing models provides the highest average savings compared to On-Demand pricing

Three-year, All Upfront, Standard RI pricing

What does it mean to authenticate? what are the three type of authentication methods a user can use to connect to their AWS Cloud environment? and What does it mean to use MFA to authenticate?

To authenticate means to validate or to verify that it is you who are using the account or device. The three types of authentication methods a user can use to connect to their AWS Cloud environment are a Universal 2nd Factor, MFA-compliant Device, such as YubiKey, or a smartphone with the Authenticator app installed. When you use MFA to authenticate, it adds extra security because you have to use a second device that provides a code or credentials for you to use when you have to authenticate that it is you using the device. It requires more than one form of authentication to verify your login credentials.

What is the primary goal of autoscaling

To ensure that a predefined service level is maintained regardless of external demand or instance failures

What is the purpose of cost allocation tags

To help you identify resources for the purpose of tracking your account spending

Which of the following best describes one possible reason for AWS service limits

To prevent individual customers from accidentally launching a crippling level of resource consumption

What is the main goal for creating a Usage budget type (in AWS Budgets

To track particular categories of resource consumption

You need to compare the cost of purchasing a new on-premises NAS server with that of deploying an EFS volume in the cloud and hosting your servers in AWS. Which tool can you use to perform this comparison?

Total Cost of Ownership

What AWS tool compares the cost of running your application in an on-premises data center to AWS?

Total Cost of Ownership (TCO) Calculator

What AWS tool compares the cost of running your application in an on-premises data center to AWS? (Select the best answer.)

Total Cost of Ownership (TCO) calculator

What AWS tool compares the cost of running your application in an on-premises data center to AWS? (Select the best answer) Total Cost of Operation calculator Total cost of ownership total cost of products total cost of application

Total cost of ownership

Which of the following is not one of the four areas of the performance efficiency pillar? (Select the best answer)

Traceability

What advantages do you get from using the AWS cloud? (choose 2)

Trade capital expense for variable expense, stop guessing about capacity

In addition to DNS services, what other services does Amazon Route 53 provide? (choose 2)

Traffic flow Domain registration

True or False? S3 is an object storage suitable for the storage of 'flat' files like Word documents, photos, etc.

True

True or False? Using IAM Groups is the recommended way to manage IAM users' permissions by job function.

True

True or False? AWS offers a variety of services at no charge. For example, Amazon Virtual Private Cloud, AWS Identity and Access Management, Consolidated Billing, AWS Elastic Beanstalk, AWS Auto Scaling, AWS OpsWorks and AWS Cloud Formation. Although there is no charge for these services, there may be charges associated with other AWS services used in conjunction with these services.

True

True or False? AWS owns and maintains the network-connected hardware required for application services, while you provision and use what you need.

True

True or False? AWS owns and maintains the network-connected hardware required for application services, while you provision and use what you need. True False

True

True or False? Amazon RDS automatically patches the database software and backs up your database, storing the backups for a user-defined retention period and enabling point-in-time recovery.

True

True or False? Availability Zones within a region are connected through low-latency links.

True

True or False? Each Availability Zone is designed to be isolated from failures in other Availability Zones. True False

True

True or False? Each Availability zone is designed to be isolated from failures in other Availability zones.

True

True or False? Using IAM Groups is the recommended way to manage IAM users' permissions by job function.

True

True or False? You can launch multiple instances of different types from a single AMI when launching an EC2 instance.

True

True or false? AWS offers a variety of services at no charge. For example, Amazon Virtual Private Cloud, AWS Identity and Access Management, Consolidated Billing, AWS Elastic Beanstalk, AWS Auto Scaling, AWS OpsWorks and AWS Cloud Formation. Although there is no charge for these services, there may be charges associated with other AWS services used in conjunction with these services.

True

You can configure a Network Elastic Load Balancers with a Static Elastic IP Address. (True or false)

True

Network Access Control List apply to all instances in subnet?

True, Automatically applies to all instances in the subnets its associated with

Where can you set up Billing Alarms?

Trusted Advisor

Which AWS Service offers guidance on how you can further optimize your costs and identify areas to save money?

Trusted Advisor

Throughput Optimized HDD (ST1) (Magnetic)

Type of EBS Volume; - low cost volume designed for frequently accessed, throughput intensive workloads.

Cold HDD (SC1) (Magnetic)

Type of EBS Volume; - lowest cost volume designed for less frequently accessed workloads (file servers)

General Purpose SSD (GP2)

Type of EBS Volume; Balances price and performance for a wide variety of workloads

Provisioned IOPS SSD (IO1)

Type of EBS Volume; highest performance volume for mission critical low latency or high throughput workloads.

What is the first step in getting started with Lambda?

Upload your code

AWS Support has five different severity levels for support cases. What are they? (Choose five)

Urgent, High, Normal, Low, Critical

What is the best way for an organization to transfer hundreds of terabytes of data from their on-premise data center into Amazon S3 with limited bandwidth available?

Use AWS Snowball

You are planning on migrating 80TB of data to Amazon S3. The migration plan is scheduled to happen over the next week and you have limited Internet bandwidth of 5mbps DSL connection. How can you migrate this data into the cloud within the specified timeframe?

Use Amazon Snowball

You have set up a load balancer in front of multiple web servers in the London Region. You have been provided with the DNS names of the load balancer, but you have not been given the IP Address to create the necessary 'A' record for you to point your zone apex name, e.g. company.com to resolve to your website. As best practice, which record should you create to enable your zone apex name to resolve to your load balancer DNS name?

Use an Alias Record

According to best practices, how should an application be designed to run in the AWS Cloud

Use loosely coupled components.

Which of the following is an important architectural design principle when designing cloud applications

Use multiple Availability Zones.

A customer is using multiple AWS accounts with separate billing. How can the customer take advantage of volume discounts with minimal impact to the AWS resources

Use the consolidated billing feature from AWS Organizations.

Which of the following are features of Amazon CloudWatch? (choose 2)

Used to gain system-wide visibility into resource utilization, Can be accessed via API, command-line interface, AWS SDKs, and the AWS Management Console

Who manages NAT Instance

User

How does multi-factor authentication work?

Users authenticate using a password and also either a physical or virtual MFA device

AWS supports which of the following methods to add security to Identity and Access Management (IAM) users

Using Multi-Factor Authentication (MFA), Enforcing password strength and expiration

What approach to transcoding a large number of individual video files adheres to AWS architecture principles

Using many instances in parallel

Which of the following VPC Configuration options will enable you to host web servers being placed in a public facing subnet and back-end databases hosted in a more secure private subnet with access to your corporate datacenter over a site-to-site VPN tunnel?

VPC with Public and Private Subnets and AWS Managed VPN Access

Which of the following services are completely free on the AWS platform? (Choose 4 answers).

VPC, Elastic Beanstalk Service, CloudFormation and IAM

Which AWS S3 service can be used to help prevent accidental deletion of objects?

Versioning

Which of the following is an advantage of consolidated billing on AWS

Volume pricing qualification

You have two EC2 instances hosting a web application. You want to distribute 20 percent of traffic to one instance and 80 percent to the other. Which of the following Route 53 routing policies should you use?

Weighted

Which of the following AWS concepts refer to "Established best practices developed through lessons learned by working with customers"

Well architected framework

Which of the following AWS concepts refers to "Established best practices developed through lessons learned by working with customers"?

Well architected framework

Which of the following AWS concepts refers to "Established best practices developed through lessons learned by working with customers"?

Well-Architected Framework

Which of the following AWS concepts refers to "Established best practices developed through lessons learned by working with customers?

Well-architected framework

a,c

What are the benefits of using Amazon EC2 instances compared to physical servers in your infrastructure? (select 2) a. pay only for the capacity you use b. automatic automated backups c. the ability to have different storage requirements d. the ability to hot-add additional RAM e. resizable

pay as you go, pay for what you use, pay less as you use more, pay even less when you reserve capacity.

What is the basic pricing philosophy for AWS services?

Elasticity

What term refers to the power to scale computing resources up or down easily?

According to the AWS Shared Responsibility Model, what's the best way to define the status of the software driving an AWS managed service

Whatever the customer can control (application code and/or configuration settings) is the customer's responsibility.

Launch permissions, user defined tags, S3 bucket permissions

When copying an AMI, which of the following types of information must be manually copied to the new instance? (Choose 3) Launch permissions User defined tags user data S3 Bucket permissions

What will AWS Trusted Advisor tell you? (Choose three)

Whether or not you are using fault tolerance, Deployed resources not being used but incurring charges, How well the infrastructure is performing

What will AWS Trusted Advisor tell you? (Choose three)

Whether or not you are using fault tolerance, Deployed resources not being used but incurring charges, How well the infrastructure is performing

In the Shared Responsibility Model, which of the following are examples of "security in the cloud?" (Choose two)

Which AWS services are used with the content, In which country content is stored

In the Shared Responsibility Model, which of the following are examples of "security in the cloud?" (Choose two)

Which AWS services are used with the content, In which country content is stored

Developer

Which AWS support plan allows one contact to open unlimited cases?

Amazon VPC Elastic Beanstalk CloudFormation IAM Auto-Scaling OpsWorks

Which Amazon services are offered at no-charge? (list 6)

b,c

Which of the following URL formats does S3 support in pointing to a bucket "mynewbucket"? (Choose 2) a. http://mynewbucket.s3.aws-region.amazonaws.com b. http://s3-aws-region.amazonaws.com/mynewbucket c. http://mynewbucket.s3-aws-region.amazonaws.com d. http://s3-aws-region.amazon.com/mynewbucket

a,c

Which of the following are benefits of the AWS's Relational Database Service (RDS)? (Choose 2) a. Automated patches and backups b. it allows you to store unstructured data. c. you can resize capacity accordingly d. it allows you to store NoSQL data e. scales automatically

EC2 and RDS

Which of the following services should you implement in multiple AZs in order to achieve high availability (choose 2) DynamoDB Simple Storage Service EC2 RDS SQS

Which tool can be used to provide real time guidance on provisioning resources following AWS best practices?

Which tool can be used to provide real time guidance on provisioning resources following AWS best practices?

Which descriptions are correct regarding cloud deployment models? (choose 2)

With the public cloud the consumer organization typically incurs OPEX costs for usage With the private cloud the consumer organization typically owns and manages the infrastructure

Are Key Pairs unique to the region in which you have created them?

Yes

Are you allowed to run vulnerability testing against your AWS workloads?

Yes

Snapshots

You back up EBS volumes using __________

Region

You can choose the geographical AWS _________ where S3 will store the buckets that you create. You might choose one to optimize latency, minimize costs, or address regulatory requirements.

How can federated identities be incorporated into AWS workflows? (Select TWO.)

You can provide users authenticated through a third-party identity provider access to backend resources used by your mobile app, You can provide admins authenticated through AWS Microsoft AD with access to a Microsoft SharePoint farm running on AWS.

Which of the following are true about registering a domain name with Route 53? (Select TWO.)

You can register a domain name for a term of up to 10 years., Route 53 creates a public hosted zone for the domain.

bucket+key+version

You can think of Amazon S3 as a basic data map between _____________________ and the object itself. Every object in Amazon S3 can be uniquely addressed through the combination of the web service endpoint, bucket name, key, and optionally, a version.

IAM

You can use _______ to manage access to your S3 resources.

Which of the following is NOT correct regarding Amazon EC2 On-demand instances

You have to pay a start-up fee when launching a new instance for the first time

d

You need to add a route table that will allow connections to the internet from your subnet. Which of the following routes should you add? a. Destination: 192.168.1.258/0 --> Target: your internet gateway b. Destination: 0.0.0.0/0 --> Target: 0.0.0.0/24 c. Destination: 0.0.0.0/33 --> Target: your virtual private gateway d. Destination: 0.0.0.0/0 --> Target: your internet gateway

Your CTO wants to move to cloud. What cost advantages are there to moving to cloud?

You provision only what you need and adjust to peak load

What does the "Principle of Least Privilege" refer to

You should grant your users only the permissions they need when they need them and nothing more

Who manages NAT Instances?

You, NAT instances are managed by you.

What does the phrase 'S3 uses a unique namespace' mean?

Your bucket names must be unique on the Amazon platform and Internet

S3

____ provides developers and IT teams with secure, durable, highly scalable object storage. It is easy to use, with a simple web interface to store and retrieve any amount of data from anywhere on the web.

EC2

_____ is just a virtual server (or servers) in the cloud It reduces the time required to obtain and boot new server instances to minutes, by allowing you to quickly scale capacity, both up and down, as your computing requirements change

EBS

_____ provides customizable block storage for EC2 instances

EC2

______ is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Reduces the time required to obtain & boot new server instances to minutes.

EC2

______ is a web service that provides resizable computing capacity in the cloud.

public access

_______ ______ is granted to buckets and object through access control lists, bucket policies, or both.

Amazon S3

_______ _______ is storage for the Internet. You can use it to store and retrieve any amount of data at any time, from anywhere on the web

spot instances

_______ ________ are spare EC2 capacity that can save you up to 80% off of On-Demand prices that AWS can interrupt with a 2-minute notification. Spot uses the same underlying EC2 isntances as On-Demand and Reserved Instances, and is best suited for fault tolerant, flexible workloads.

IAM Policies

_______ ________ are used to setup permissions for users within your own Account. Unlike ACL Policies that are used for Outside of your Account. can be used to grant temporary access to users

edge location

_______ ___________ - this is the location where content will be cached. This is separate to an AWS Region/AZ

Origin

________ - this is the origin of all the files that the CDN will distribute. This can be an S3 bucket, an EC2 instance, Elastic Load Balancer, or Route53.

access control lists (ACLs)

________ ________ ________ enable you to manage access to buckets and objects. Each bucket and object has one attached to it as a subresource.

Elastic Container Registry (ECR)

________ __________ ____________ is a fully managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker images. It is integrated with ECS, simplifying your development to production workflow.

Amazon Inspector

________ ____________ is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.

Roles

________ are much more secure than using access key id's and secret access keys; and are easier to manage you can apply them to EC2 instances at any tie. When you do this, the change takes place immediately. They are universal. YOu do not need to specify what region they are in; similar to users

Objects

________ are the fundamental entities stored in S3. Consists of the ____ data and the metadata at the time it is stored.

Distribution

__________ - this is the name given to the CDN which consists of a collection of edge locations

Amazon RDS

__________ _______ makes it easy to setup, operate, and scale a relational database in the cloud. it takes away the time consuming tasks of hardware provisioning, setup, patching, and backups so you can focus on your applications.

AWS Certificate Manager (ACM)

__________ __________ ____________ handles the complexity of creating and managing public SSL/TLS certificates for your AWS based websites and applications.

Elastic Beanstalk

__________ ___________ is a service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go and Docker on web servers such as Apache, Nginx, Passenger, and IIS.

elasticache

__________ is a web service that makes it easy to deploy, operate, and scale an in-memory cache in the cloud. The service improves the performance of we applications by allowing you to retrieve information from fast, managed, in memory caches instead of relying entirely on slower disk based databases.

reduced redundancy storage (RRS)

___________ __________ ______________ is an Amazon S3 storage option that enables customers to reduce their costs by storing noncritical reproducible data at lower levels of redundancy than S3s standard storage.

Snowball

___________ is a petabyte scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud.

authentication

___________ is a process of verifying the identity of the requester trying to access an AWS product

CloudFormation

____________ provides sysadmin, network architect, and other IT personnel the ability to provision and manage stacks of AWS resources base don templates you create to model your infrastructure architecture.

What is the scope of a VPC within a region? ​ a)Spans all Availability Zones within the region ​ b)Spans all Availability Zones globally ​ c)At least 2 data centers per region ​ d)At least 2 subnets per region

a

What is the term for describing the action of automatically running scripts on Amazon EC2 instances when launched to install software? ​ a)Bootstrapping ​ b)Golden Images ​ c)Workflow automation ​ d)Containerization

a

What method can you use to take a backup of an Amazon EC2 instance using AWS tools? ​ a)Take a snapshot to capture the point-in-time state of the instance ​ b)Use Cross-Region Replication (CRR) to copy the instance to another region ​ c)Take application-consistent backups using the EC2 API ​ d)Take full and incremental file-level backups using the backup console

a

Which AWS service can be used to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PC? ​ a) Elastic Transcoder ​ b) Elastic Load Balancer ​ c) Auto Scaling ​ d) Elastic Beanstalk

a

Which service can be used for building and integrating loosely-coupled, distributed applications? ​ a)Amazon SNS ​ b)Amazon EBS ​ c)Amazon EFS ​ d)Amazon RDS

a

Which service can be used to track the CPU usage of an EC2 instance? ​ a)Amazon CloudWatch ​ b)Amazon CloudFormation ​ c)Amazon CloudFront ​ d)Amazon CloudTrail

a

Which service can you use to provision a preconfigured server with little to no AWS experience? ​ a)Amazon LightSail ​ b)AWS Lambda ​ c)Amazon Elastic Beanstalk ​ d)Amazon EC2

a

What is the difference between an AZ and a VPC?

a VPC is deployed in a region and can be available across multiple availability zones in that region. An AZ is a logical zone in a region that has some physical isolation from another AZ in the region. A VPC is logical, AZ is physical. The difference between an AZ and a VPC is that the Virtual Private Cloud contains all of the availability zones in a specific AWS region. A Virtual Private Cloud is beneficial because you are able to add one or two subnets in each availability zone. It is also beneficial because by using a VPC, you are able to add subnets to a local zone that may be closer to your end users. A local zone allows your end zones to start applications that need single digit latencies in milliseconds. By using the Virtual Private Cloud, you can use local zones which will give you faster latency speeds. Availability zones are unique locations that are made to be kept away from failures in other availability zones. They may not be as close to you as a local zone is, so choosing to use the availability zone instead of the local zone through the Virtual Private Cloud will give you slower latency speeds.

Key

a ___ is the unique identifier for an object within a bucket. Ever object in a bucket has exactly one. The combination of a bucket and this, and version ID uniquely identify each object.

bucket

a __________ is a container for objects stored in S3. Every object is contained in one.

group

a __________ is simply a place to store your users. Your users will inherit ll permissions that the group has. examples of groups might be developers, sys admins, finance, etc.

The AWS global infrastructure is composed of? (choose 2) ​ a)Regions ​ b)Availability Zones ​ c)IP subnets ​ d)Fault Zones ​ e)Clusters

a and b

Under the AWS shared responsibility model, what are the customer's responsibilities? (Select TWO.) ​ a)Data integrity authentication ​ b)Security of data in transit ​ c)Physical network devices including firewalls ​ d)Physical and environmental security ​ e)Storage device decommissioning

a and b

What are two ways that moving to an AWS cloud can benefit an organization? (choose 2) ​ a)Stop guessing about capacity ​ b)Increase speed and agility ​ c)Switch to a CAPEX model ​ d)Gain greater control of data center security ​ e)Depreciate assets over a longer timeframe

a and b

What considerations are there when choosing which region to use? (choose 2) ​ a)Data sovereignty ​ b)Latency ​ c)Available storage capacity ​ d)Available compute capacity ​ e)Pricing in local currency

a and b

Which of the following statements is correct in relation to consolidated billing? (choose 2) ​ a)One bill is provided per AWS organization ​ b)Paying accounts are independent and cannot access the resources of other accounts ​ c)Volume pricing discounts cannot be applied to resources ​ d)Only available to Enterprise customers ​ e)Used to consolidate billing across organizations

a and b

The AWS Identity and Access Management (IAM) service can be used to manage which objects? (choose 2) ​ a)Roles ​ b)Network ACLs ​ c)Access policies ​ d)Security groups ​ e)Key pairs

a and c

Which of the statements below is accurate regarding Amazon S3 buckets? (choose 2) ​ a) Bucket names must be unique globally ​ b) Buckets can contain other buckets ​ c) Bucket names must be unique regionally ​ d) Buckets are region-specific ​ e) Buckets are replicated globally

a and d

Under the AWS shared responsibility to model what is the customer responsible for? (choose 2) ​ a)Encryption of customer data ​ b)Physical security of the data center ​ c)Replacement and disposal of disk drives ​ d)Patch management of infrastructure ​ e)Configuration of security groups

a and e

c,e

a client is concerned that someone other than approved administrators is trying to gain access to the linux web app instances in their VPC. She asks what sort of network access logging can be added. Which of the following might you recommend. (choose 2) a. set up a traffic logging rule on the VPC firewall appliance and direct the log to CLoudWatch or S3 b. use event log filters to trigger alerts that are forwarded to cloudwatch. c. make use of an OS level logging tools such as iptables and log events to CloudWatch or S3. d. Set up Flow Log for the group of instances and forward them to S3. e. Set up a Flow Log for the group of instances and forward them to cloudwatch.

In Amazon DynamoDB, an attribute is ______. (Select the best answer

a fundamental data element

In Amazon DynamoDB, an attribute is ______. (Select the best answer)

a fundamental data element

What happens when you use Amazon Virtual Private Cloud (Amazon VPC) to create a new VPC? (

a main route is made by default

What is Amazon Route 53 a. A highly available and scalable Domain Name System (DNS) web service b. A monitoring and management service that collects and tracks metrics c. A fast and flexible nonrelational database service for all applications that need consistent, single-digit millisecond latency at any scale. d. A cloud service solution that establishes private connectivity between AWS and your data center, office, or colocation environment.

a. A highly available and scalable Domain Name System (DNS) web service

Who is responsible for security of the cloud according to the shared responsibility model? a. AWS b. Customer c. AWS Support d. IAM roles

a. AWS

Which AWS service enable you to repeatedly and predictably provision resources to power your applications? a. AWS CloudFormation b. AWS Cloud Map c. AWS CloudTrail d. Amazon CloudFront

a. AWS CloudFormation

Which among the options below can you use to launch a new Amazon RDS database cluster to your VPC? (Select TWO) a. AWS CloudFormation b. AWS CodePipeline c. AWS Management Console d. AWS Concierge e. AWS Systems Manager

a. AWS CloudFormation c. AWS Management Console You can launch a new RDS database cluster using the AWS Management Console, AWS CLI, and AWS CloudFormation. The AWS Management Console provides a web-based way to administer AWS services. You can sign in to the console and create, list, and perform other tasks with AWS services for your account. These tasks might include starting and stopping Amazon EC2 instances and Amazon RDS databases, creating Amazon DynamoDB tables, creating IAM users, and so on. The AWS Command Line Interface (CLI), on the other hand, is a unified tool to manage your AWS services.

Which service should a company use to centrally manage policies and consolidate billing across multiple AWS accounts? a. AWS Organizations b. AWS Trusted Advisor c. AWS Budgets d. AWS Config

a. AWS Organizations AWS Organizations helps you centrally govern your environment as you grow and scale your workloads on AWS. Whether you are a growing startup or a large enterprise, Organizations helps you to centrally manage billing; control access, compliance, and security; and share resources across your AWS accounts.

A company is planning to launch a new system in AWS but they do not have an employee who has an AWS-related expertise. Which of the following can help the company to design, architect, build, migrate, and manage their workloads and applications on AWS? a. AWS Partner Network Consulting Partners b. AWS Partner Network Technology Partners c. AWS Marketplace d. Technical Account Management

a. AWS Partner Network Consulting Partners The AWS Partner Network (APN) is focused on helping partners build successful AWS-based businesses to drive superb customer experiences. This is accomplished by developing a global ecosystem of Partners with specialties unique to each customer's needs. There are two types of APN Partners: 1. APN Consulting Partners 2. APN Technology Partners

Your company is developing a critical application, and the security of the application is one of the top priorities. Which of the following AWS service will provide recommendations for security optimization for your infrastructure? a. AWS Trusted Advisor b. Amazon CloudWatch c. Amazon Inspector d. Amazon Aurora

a. AWS Trusted Advisor

Which of the following tasks is the customer's responsibility when creating Amazon VPC security groups? a. Adding rules regarding inbound traffic to the security group b. Choosing the level of physical security for the network c. Ensuring that the security groups are linked to Amazon EC2 d. Selecting an appropriate load balancing strategy for the network routers

a. Adding rules regarding inbound traffic to the security group

Which of the following are the things that Amazon CloudWatch Logs can accomplish? (Select TWO) a. Adjust the retention policy for each log group b. Create alarms that automatically stop, terminate, reboot, or recover your EC2 instances. c. Store your log data at absolutely no charge d. Record AWS Management Console actions and API calls e. Monitor application logs from Amazon EC2 Instances.

a. Adjust the retention policy for each log group e. Monitor application logs from Amazon EC2 Instances. You can use Amazon CloudWatch Logs to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS CloudTrail, Route 53, and other sources. CloudWatch Logs enables you to centralize the logs from all of your systems, applications, and AWS services that you use, in a single, highly scalable service

You need to host a new Microsoft SQL Server database in AWS for an urgent project. Which AWS services should you use to meet this requirement? (Select TWO) a. Amazon Relational Database Service (Amazon RDS) b. Amazon EC2 c. Amazon Redshift d. Amazon Aurora Backtrack e. Amazon Aurora

a. Amazon Relational Database Service (Amazon RDS) b. Amazon EC2 Amazon Web Services offers you the flexibility to run Microsoft SQL Server for as much or as little time as you need and select from a number of versions and editions. SQL Server on Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Elastic Block Store (Amazon EBS) gives you complete control over every setting, just like when it's installed on-premises. Amazon Relational Database Service (Amazon RDS) is a fully managed service that takes care of all the maintenance, backups, and patching for you

You have am application composed of individual services and you need to route a request to a service based on the content of the request. What type of load balancer should you use? a. Application Load Balancer b. Network Load Balancer c. Classic Load Balancer d. VPN Load Balancer

a. Application Load Balancer

_________ is one of the components of AWS Global Infrastructure which consists of one or more discrete data centers each with redundant power, networking, and connectivity, and housed in separate facilities. a. Availability Zone b. VPC c. Edge location d. AWS Region

a. Availability Zone The AWS Cloud infrastructure is built around AWS Regions and Availability Zones. An AWS Region is a physical location in the world where we have multiple Availability Zones. Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities.

How is storage typically priced on AWS Cloud? a. Charged per GB b. Charged by speed of transfer c. Charged by instance type d. Charged per hour or second

a. Charged per GB

Which of the following cloud architecture principles below is followed if you distribute your workloads across multiple Availability Zones in AWS as well as using Amazon RDS Multi-AZ? a. Design for failure b. Decouple your components c. Think parallel d. Implement elasticity

a. Design for failure

You have an application composed of individual services. You need to route a request to a service based on the content of the request. Which service would you use? a. Elastic Load Balancing b. EC2 Auto Scaling c. Amazon Route S3 d. AWS CloudTrail

a. Elastic Load Balancing

Which of the following is true on how AWS lessens the time to provision your IT resources? a. It provides various ways to programmatically provision IT resources b. It provides an AI-powered IT ticketing platform for fulfilling resource requests c. It provides express service to deliver your servers to you data centers faster d. It provides an automated system of requesting and fulfilling IT resources from third-party vendors.

a. It provides various ways to programmatically provision IT resources With the cloud, businesses no longer need to plan for and procure servers and other IT infrastructure weeks or months in advance. Instead, they can instantly spin up hundreds or thousands of servers in minutes and deliver results faster. AWS provides you various ways and tools to programmatically provision IT resources such as AWS CLI, AWS API and the web-based AWS Management Console.

Which of the following is a key financial benefit of migrating systems hosted on your on-premises data center to AWS? a. Opportunity to replace upfront capital expenses (CAPEX) with low variable costs b. Opportunity to replace upfront operational expenses (OPEX) with low variable operational expenses (OPEX) c. Opportunity to replace variable capital expenses (CAPEX) with low upfront costs. d. Opportunity to replace variable operational expenses (OPEX) with low upfront capital expenses (CAPEX)

a. Opportunity to replace upfront capital expenses (CAPEX) with low variable costs

Which Amazon EC2 instance purchasing option lets you take advantage of unused EC2 capacity in the AWS Cloud and provides up to a 90% discount compared to On-Demand prices? a. Spot Instance b. Convertible Reserved Instance c. Standard Reserved Instance d. Dedicated Host

a. Spot Instance Lets you take advantage of unused EC2 capacity in the AWS cloud. Spot Instances are available at up to a 90% discount compared to On-Demand prices.

What are the benefits of using Amazon EC2 instances compared to physical servers in your infrastructure? (Select two) a. The ability to have different storage requirements b. Resizible c. The ability to and additional RAM d. Automatic automated backups e. Pay only for the capacity you use

a. The ability to have different storage requirements e. Pay only for the capacity you use

Which of the following AWS concepts refers to "Established best practices developed through lessons learned by working with customers"? a. Well-Architected Framework b. Reference architecture c. Security of the Cloud d. AWS Trusted Advisor

a. Well-Architected Framework

Which AWS networking service enables a company to create a virtual network within AWS?

amaxon virtual private cloud

which of the following is a compute service

amazon ec2

What is a managed policy

are pre-built policies (built either by AWS or by your administrators) that can be attached to IAM Users and Groups. When the policy is updated, the changes to the policy are immediately apply against all Users and Groups that are attached to the policy.

data pipeline

aws ________ _______ is a web service that helps you reliably process and move data between different AWS compute and storage services, as well as on premises data sources. It integrates with on premise and cloud based storage systems to allow developers to use their data when they need it, where they want it, and in the required format.

Where can a customer go to get more details about Amazon Elastic Compute Cloud (Amazon EC2) billing activity that took place 3 months ago? (Select the best answer.)

aws cost explorer

Which component of AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery?

aws edge locations

Which component of the AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery? (Select the best answer.)

aws edge locations

Which of the following are geographic areas that host two or more Availability Zones? (Select the best answer.)

aws regions

A company plans to deploy a global commercial application on Amazon EC2 instances. The deployment solution be designed with the highest redundancy and fault tolerance. Based on this situation, how should the EC2 instances be deployed? ​ a)Across multiple Availability Zones in one AWS Region ​ b)Across multiple Availability Zones in two AWS Regions ​ c)In a single Availability Zone in one AWS Region ​ d)In a single Availability Zone in two AWS Regions

b

How can an organization compare the cost of running applications in an on-premise or colocation environment against the AWS cloud? ​ a)AWS Budgets ​ b)TCO Calculator ​ c)AWS Cost Explorer ​ d)AWS Simple Monthly Calculator

b

How does AWS assist organizations' with their capacity requirements? ​ a) With AWS you only pay for what you use ​ b) You don't need to guess your capacity needs ​ c)With AWS you don't pay for data centers ​ d)You don't own the infrastructure

b

What is the most cost-effective support plan that should be selected to provide at least a 1-hour response time for a production system failure? ​ a)Developer ​ b)Business ​ c)Enterprise ​ d)Basic

b

What strategy can assist with allocating metadata to AWS resources for cost tracking and visibility? ​ a)Labelling ​ b)Tagging ​ c)Access Control ​ d)Categorizing

b

Which AWS service can you use to install a third-party database? ​ a)Amazon DynamoDB ​ b)Amazon EC2 ​ c)Amazon EMR ​ d)Amazon RDS

b

Which feature of AWS allows you to deploy a new application for which the requirements may change over time? ​ a)High availability ​ b)Elasticity ​ c)Disposable resources ​ d)Fault tolerance

b

Which of the following is a principle of good AWS Cloud architecture design? ​ a)Implement single points of failure ​ b)Implement loose coupling ​ c)Implement vertical scaling ​ d)Implement monolithic design

b

Which service allows you to automatically expand and shrink your application in response to demand? ​ a)Amazon DynamoDB ​ b)Amazon EC2 Auto Scaling ​ c)AWS ElastiCache ​ d)Amazon Elastic Load Balancing

b

Which service records API activity on your account and delivers log files to an Amazon S3 bucket? ​ a)Amazon CloudWatch ​ b)AWS CloudTrail ​ c)Amazon S3 Event Notifications ​ d)Amazon CloudWatch Logs

b

Which statement below is incorrect in relation to Security Groups? ​ a)They support allow rules only ​ b)They are stateless ​ c)They operate at the instance level ​ d)They evaluate all rules before making a decision

b

Which storage service allows you to connect multiple EC2 instances concurrently using file-level protocols? ​ a)Amazon Glacier ​ b)Amazon EFS ​ c)Amazon EBS ​ d)Amazon S3

b

Which AWS services can be used to connect the AWS Cloud and on-premises resources? (Select TWO.) ​ a)Amazon CloudHSM ​ b)AWS Direct Connect ​ c)AWS Managed VPN ​ d)AWS Managed Services ​ e)Amazon Connect

b and c

Which of the following are accurate descriptions of AWS IAM users and groups? (Select TWO.) ​ a) All new users are automatically added to a default group ​ b) A user can be a member of multiple groups ​ c) A user can only be a member of a single group at one a time ​ d) Groups can contain users only and cannot be nested ​ e) Groups can be nested and can contain other groups

b and c

What advantages does deploying Amazon CloudFront provide? (choose 2) ​ a)Automated deployment of resources ​ b)Improved performance for end-users ​ c)Provides serverless compute services ​ d)Reduced latency ​ e)A private network link to the AWS cloud

b and d

Under the shared responsibility model, what are examples of shared controls? (choose 2) ​ a)Physical and environmental ​ b)Patch management ​ c)Storage system patching ​ d)Service and Communications Protection ​ e)Configuration management

b and e

What benefits does Amazon EC2 provide over using non-cloud servers? (choose 2) ​ a)Complete control of the hypervisor layer ​ b)Elastic web-scale computing ​ c)Fault tolerance ​ d)High-availability with an SLA of 99.999% ​ e)Inexpensive

b and e

Which of the following best describes what CloudWatch is? a. An automated security assessment service b. A metric repository c. An audit service that records all API calls made to your AWS account d. A rules repository

b. A metric repository

A company has hybrid cloud architecture where their on-premises data center interacts with their cloud resources in AWS. Which of the following services in AWS could you use to deploy a web application to servers running on-premises? (Select TWO) a. AWS CloudFormation b. AWS OpsWorks c. AWS Elasitc Beanstalk d. AWS Batch e. AWS CodeDeploy

b. AWS OpsWorks e. AWS CodeDeploy OpsWorks - AWS OpsWorks is a configuration management service that helps customers configure and operate applications, both on-premises and in the AWS Cloud, using Chef and Puppet. CodeDeploy - AWS CodeDeploy automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises. AWS CodeDeploy makes it easier to rapidly release new features, avoids downtime during application deployment, and handles the complexity of updating applications.

Which of the following is a managed Distribution Denial of Service (DDoS) protection service? a. AWS Trusted Advisor b. AWS Shield c. AWS Identity and Access Management d. Amazon Inspector

b. AWS Shield

Which of the following is capable of inspecting your AWS environment and makes recommendations for saving money, improving system performance and reliability, or closing security gaps? a. AWS Cost Explorer b. AWS Trusted Advisor c. AWS Inspector d. AWS Budgets

b. AWS Trusted Advisor This is an online tool that provides you real-time guidance to help you provision your resources following AWS best practices. It inspects your AWS environment and makes recommendations for saving money, improving system performance and reliability, or closing security gaps. Cost Optimization Security Fault Tolerance Performance Service Limits

Which of the following is a responsibility of the customer according to the shared responsibility model? a. Physical security of the facilities in which the services operate b. AWS identify and Access management (IAM) c. Protection of the global infrastructure d. Availability of third-party audit reports

b. AWS identify and Access management (IAM)

A company which has a basic support plan needs resources to deploy, test, and improve their AWS environment. Which of the following can they use for free? a. Technical Account Manager b. AWS online documentation, whitepapers, blogs and support forums c. AWS Support API for programmatic case management d. In-person classes with an accredited AWS instructor

b. AWS online documentation, whitepapers, blogs and support forums

Which AWS service should you use if you need to launch a highly scalable MySQL database? a. Amazon DynamoDB b. Amazon Aurora c. Amazon Redshift d. Amazon ElastiCache

b. Amazon Aurora This service is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.

Which of the following services provides you with data and actionable insights to monitor your applications, understand and respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health? a. AWS Cloud9 b. Amazon CloudWatch c. AWS CloudFormation d. AWS CloudTrail

b. Amazon CloudWatch

Which service sends notifications or automatically makes changes to the resources being monitored based on rules you established? a. Amazon EC2 b. Amazon CloudWatch c. Elastic Load Balancing d. Amazon Aurora

b. Amazon CloudWatch

Which of the following instance types provides you with a significant discount compared to On-Demand Instance pricing? a. Amazon EC2 Instant Instance b. Amazon EC2 Reserved Instance c. Amazon EC2 Dedicated Hosts d. Amazon EC2 Dedicated Instances

b. Amazon EC2 Reserved Instance

Which AWS services should you use to store rapidly changing data with low read and write latencies? (Select TWO) a. Amazon S3 b. Amazon RDS c. Amazon AppStream 2.0 d. Amazon EBS d. AWS Snowball

b. Amazon RDS d. Amazon EBS Data that must be updated very frequently might be better served by a storage solution with lower read / write latencies, such as Amazon EBS volumes, Amazon RDS or other relational databases, or Amazon DynamoDB.

What is Elastic Load Balancing? a. Automatically stopping traffic when targets get overloaded b. Automatically distributing traffic across multiple targets c. Automatically slowing traffic to decrease latency d. Automatically monitoring traffic to ensure that cost are kept beneath a specified threshold

b. Automatically distributing traffic across multiple targets

Which components of the AWS infrastructure can be described as multiple, isolated locations within on geographic area? a. S3 Buckets b. Availability Zones c. Regions d. Edge Locations

b. Availability Zones

Which of the following is an advantage of using managed services like RDS, ElastiCache, and CloudSearch in AWS? a. Simplifies all of your OS patching and backup activities to help keep your resources current and secure b. Better performance than customer-managed services such as EC2 instances. c. Automatically scales the capacity without any customer intervention d. Frees up the customer from the task of choosing and optimizing the underlying instance type and size of the service

b. Better performance than customer-managed services such as EC2 instances.

You have been tasked with distributing a newsletter that will be pushed out to administrators by email. Which of the following is the best solution? a. Route the newsletters to an Amazon ElastiCache store b. Create a topic in Amazon Simple Notification Service (Amazon SNS) that administrators can subscribe to. c. Store the letters in an Amazon S3 bucket and distribute them with AWS CloudTrail d. Create a messaging queue in Amazon CloudFront

b. Create a topic in Amazon Simple Notification Service (Amazon SNS) that administrators can subscribe to.

Which component of the AWS global infrastructure supports the caching of content for faster access? a. AWS Direct Connect locations b. Edge locations c. Availability Zones d. Regions

b. Edge locations

In AWS Trusted Advisor, which of the following options are included among the five categories being considered to analyze your AWS environment and provide the best practice recommendations? (Select TWO) a. Instance Usage b. Fault Tolerance c. Performance d. Infrastructure e. Storage Capcity

b. Fault Tolerance c. Performance This is an online tool that provides you real-time guidance to help you provision your resources following AWS best practices. It inspects your AWS environment and makes recommendations for saving money, improving system performance and reliability, or closing security gaps. Cost Optimization Security Fault Tolerance Performance Service Limits

Which of the following is a best practice for adding an additional layer of security when logging into the AWS Management Console? a. Root access permissions b. Multi-factor authentication (MFA) c. Secondary password d. Secondary user name

b. Multi-factor authentication (MFA)

Which parts of the AWS infrastructure support increased resilience? a. Multiple Regions distributed globally b. Multiple Availability Zones within a Region c. Multiple edge locations with a Region d. Multiple AWS Direct Connet (DX) gateways within a data center

b. Multiple Availability Zones within a Region

Which of the following statements is true of Amazon Virtual Private Clouds (VPC)? a. Each AWS account can have one VPC associated with in b. You can create many subnets in a VPC though fewer is recommended to limit complexity c. Each VPC is a private, dedicated network connected from you premises to AWS d. A VPC acts as a physical firewall to your cloud infrastructure

b. You can create many subnets in a VPC though fewer is recommended to limit complexity

For which services does Amazon not charge customers? (choose 2) ​ a)Amazon SNS ​ b)Amazon S3 ​ c)Amazon CloudFormation ​ d)Amazon EBS ​ e)Amazon VPC

c

What architectural best practice aims to reduce the interdependencies between services? ​ a)Removing Single Points of Failure ​ b)Automation ​ c)Loose Coupling ​ d)Services, Not Servers

c

What can you use to quickly connect your office securely to your Amazon VPC? ​ a)Direct Connect ​ b)Internet Gateway ​ c)AWS managed VPN ​ d)Route Table

c

What is an availability zone composed of? ​ a)A collection of edge locations ​ b)One or more regions ​ c)One or more data centers in a location ​ d)A collection of VPCs

c

Which AWS service allows you to connect to storage from on-premise servers using standard file protocols? ​ a)Amazon EBS ​ b)Amazon S3 ​ c)Amazon EFS ​ d)Amazon Glacier

c

Which AWS service can an organization use to automate operational tasks on EC2 instances using existing Chef cookbooks? ​ a)AWS CodeDeploy ​ b)AWS Config ​ c)AWS OpsWorks ​ d)AWS Service Catalog

c

Which AWS service is primarily used for software version control? ​ a)AWS CodeStar ​ b)AWS Cloud9 ​ c)AWS CodeCommit ​ d)AWS CodeDeploy

c

Which AWS storage technology can be considered a "virtual hard disk in the cloud"? ​ a)Amazon Glacier archive ​ b)Amazon Elastic File Storage (EFS) filesystem ​ c)Amazon Elastic Block Storage (EBS) volume ​ d)Amazon S3 object

c

Which feature can you use to grant read/write access to an Amazon S3 bucket? ​ a)IAM Group ​ b)IAM Role ​ c)IAM Policy ​ d)IAM User

c

Which feature of Amazon Rekognition can assist with saving time? ​ a)Provides on-demand access to compliance-related information ​ b)Identification of the language of text in a document ​ c)Identification of objects in images and videos ​ d)Adds automatic speech recognition (ASR) to applications

c

Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted? ​ a)Dedicated Instance ​ b)Reserved ​ c)On-Demand ​ d)Spot

c

Which service allows you to run code as functions without needing to provision or manage servers? ​ a)Amazon EKS ​ b)Amazon EC2 ​ c)AWS Lambda ​ d)AWS CodeDeploy

c

Which service can be used to help you to migrate databases to AWS quickly and securely? ​ a)AWS Key Management Service (KMS) ​ b)AWS DataSync ​ c)AWS Database Migration Service (DMS) ​ d)AWS Server Management Service (SMS)

c

Which tool enables you to visualize your usage patterns over time and to identify your underlying cost drivers? ​ a)AWS Budgets ​ b)Total Cost of Ownership (TCO) Calculator ​ c)AWS Cost Explorer ​ d)AWS Simple Monthly Calculator

c

What benefits are provided by Amazon CloudFront? (choose 2) ​ a)Used to enable private subnet instances to access the Internet ​ b)Allows you to register domain names ​ c) Built-in Distributed Denial of Service (DDoS) attack protection ​ d) Content is cached at Edge Locations for fast distribution to customers ​ e) Provides a worldwide distributed DNS service

c and d

Which types of pricing policies does AWS offer? (choose 2) ​ a)Enterprise license agreement (ELA) ​ b)Non-peak hour discounts ​ c)Pay-as-you-go ​ d)Save when you reserve ​ e)Global usage discounts

c and d

When instantiating compute resources, what are two techniques for using automated, repeatable processes that are fast and avoid human error? (choose 2) ​ a)Snapshotting ​ b)Fault tolerance ​ c)Infrastructure as code ​ d)Performance monitoring ​ e)Bootstrapping

c and e

Which AWS service can be used to generate encryption keys that can be used to encrypt data? (Select TWO.) ​ a)Amazon Macie ​ b)AWS Certificate Manager ​ c)AWS CIoudHSM ​ d)AWS Secrets Manager ​ e)AWS Key Management Service (AWS KMS)

c and e

Which services can be used for asynchronous integration between application components? (choose 2) ​ a)AWS CloudFormation ​ b)AWS Route 53 ​ c)AWS Step Functions ​ d)Amazon EC2 Auto Scaling ​ e)Amazon SQS

c and e

What is the minimum number of Availability Zones that you should set up for your Application Load Balancer in order to create a highly available architecture? a. 3 b. 1 c. 2 d. 4

c. 2 A load balancer serves as the single point of contact for clients. Clients send requests to the load balancer, and the load balancer sends them to targets, such as EC2 instances, in two or more Availability Zones. At the very minimum, you have to select at least two Availability Zones from your VPC. To configure your load balancer, you have to create target groups and then register targets with your target groups. You also create listeners to check for connection requests from clients, and listener rules to route requests from clients to the targets in one or more target groups.

Which of the following defines the AWS Command Line Interface (AWS CLI)? a. A systematic approach to evaluating and implementing architectures b. Packages that enable access to AWS in a variety of programming languages. c. A suite of utilities that can be launched from a command program in Linux, macOS, or Windows. d. A rich graphical interface to majority of the features offered by AWS.

c. A suite of utilities that can be launched from a command program in Linux, macOS, or Windows.

Which of the following statements best describes AWS Trusted Advisor? a. A tool that estimates savings when using AWS and provides a detailed set of reports b. A tool that helps customers estimate their monthly AWS bill more efficiently c. A tool the provides you real time guidance to help you provision your resources following AWS best practices. d. A tool that enables you to view and analyze your costs and usage.

c. A tool the provides you real time guidance to help you provision your resources following AWS best practices.

For security audit, a company needs to download the compliance-related documents in AWS such as ISO certifications, Payment Card Industry (PCI), and Service Organization Control (SOC) reports. Which of the following should they use to retrieve these files? a. AWS Trusted Advisor b. AWS Certificate Manager c. AWS Artifact d. AW CloudTrail

c. AWS Artifact This service is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS' security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls. Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the Nondisclosure Agreement (NDA).

Which of the following Cost Management Tools allows you to track your Amazon EC2 Reserved Instance (RI) usage and view the discounted RI rate that was charged to your resources? a. AWS Systems Manager b. AWS Budgets c. AWS Cost and Usage report d. AWS Cost Explorer

c. AWS Cost and Usage report This service is your one-stop-shop for accessing the most granular data about your AWS costs and usage. You can also load your cost and usage information into Amazon Athena, Amazon Redshift, AWS QuickSight, or a tool of your choice.

Which of the following shares a collection of offerings to help you achieve specific business outcomes related to enterprise cloud adoption through paid engagements in several specialty practice areas? a. Concierge Support b. AWS Technical Account Manager c. AWS Professional Services d. AWS Enterprise Support

c. AWS Professional Services Shares a collection of offerings to help you achieve specific outcomes related to enterprise cloud adoption. Each offering delivers a set of activities, best practices, and documentation reflecting our experience supporting hundreds of customers in their journey to the AWS Cloud. AWS Professional Services' offerings use a unique methodology based on Amazon's internal best practices to help you complete projects faster and more reliably while accounting for evolving expectations and dynamic team structures along the way. It created the AWS Cloud Adoption Framework (AWS CAF) to help organizations design and travel an accelerated path to successful cloud adoption.

A company is planning to adopt a hybrid cloud architecture with AWS. Which of the following can they use to assist them in estimating their costs? (Select TWO) a. AWS Cost Explorer b. Consolidated Billing c. AWS Simple Monthly Calculator d. Cost Allocation Tag e. AWS Total Cost of Ownership (TCO) Calculator

c. AWS Simple Monthly Calculator e. AWS Total Cost of Ownership (TCO) Calculator

Users from different parts of the globe are complaining about the slow performance of the newly launched photo-sharing website in loading their high-resolution images. Which combination of AWS services should you use to serve the files with lowest possible latency? (Select TWO) a. Amazon Glacier b. AWS Storage Gateaway c. Amazon CloudFront d. Amazon S3 e. Amazon Elastic File System

c. Amazon CloudFront d. Amazon S3 You can configure your application to deliver static content and decrease the end-user latency using Amazon S3 and Amazon CloudFront. High-resolution images, videos, and other static files can be stored in Amazon S3. CloudFront speeds up content delivery by leveraging its global network of data centers, known as edge locations, to reduce delivery time by caching your content close to your end-users. CloudFront fetches your content from an origin, such as an Amazon S3 bucket, an Amazon EC2 instance, an Amazon Elastic Load Balancing load balancer or your own web server, when it's not already in an edge location. CloudFront can be used to deliver your entire website or application, including dynamic, static, streaming, and interactive content. You can set your Amazon S3 bucket as the origin of your CloudFront web distribution.

Which statement below is correct regarding the components of the AWS Global Infrastructure? a. An edge location contains multiple AWS Regions b. An Availability Zone contains multiple AWS Regions c. An AWS Region contains multiple Availability Zones d. An Availability Zone contains edge locations

c. An AWS Region contains multiple Availability Zones

A company is using Amazon S3 to store their static media contents such as photos and videos. Which of the following should you use to provide specific users access to the bucket? a. Security Group b. SSH Key c. Bucket Policy d. Network Access Control List

c. Bucket Policy

What are the things that you can implement to improve the security of your Identity and Access Management (IAM) users? (Select TWO) a. Configure a strong password policy for your users b. Block incoming traffic via network ACL c. Enable Multi-Factor Authentication (MFA) d. Enable AWS Mobile Push Notification

c. Enable Multi-Factor Authentication (MFA)

A company is in the process of choosing the most suitable AWS Region to migrate their applications. Which of the following factors should they consider? (Select TWO) a. Potential volume discounts for the specific AWS Region b. Proximity of your end-users for on-site visits to your on-premises data center c. Enhance customer experiences by reducing latency to users d. Support country-specific data sovereignty compliance requirements

c. Enhance customer experiences by reducing latency to users d. Support country-specific data sovereignty compliance

Which of the following is true regarding Elastic Load Balancing? a. It automatically increases or decreases the number of instances as the demand of your application changes b. It translates domain names into numeric IP addresses that Amazon EC2 instances use to connect to each other. c. It distributes incoming application traffic across multiple targets such as Amazon EC2 instances, in multiple Availability Zones. d. It is a virtual server that allows you to run applications in the AWS Cloud

c. It distributes incoming application traffic across multiple targets such as Amazon EC2 instances, in multiple Availability Zones. It automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones.

Which of the following is a key design principle when running an application in AWS? a. Logical coupling b. Semantic coupling c. Loose coupling d. Tight coupling

c. Loose coupling

Which of the following is NOT a pillar of the AWS Well-Architected Framework? a. Cost Optimization b. Operational Excellence c. Persistence d. Security

c. Persistence

Your web application requires temporary authorization to use AWS services. Which IAM entity should be used? a. Group b. MFA c. Role d. User

c. Role

Which of the following statements best describes Amazon CloudFront? a. Provides topics for high-throughout, push-based, many to many messaging b. Provides a common language for you to describe and provision all the infrastructure resources in you cloud environmnet c. Speeds up the delivery of your content to viewers across the globe. d. Provides you with data and actionable insights to monitor your applications

c. Speeds up the delivery of your content to viewers across the globe.

Which of the following examples best demonstrates the agility that cloud computing offers? a. Protect your data by centralizing your applications in one Availability Zone b. Quickly deploy multi-factor authentication (MFA) to multiple data centers c. Spin up servers in minutes, and shut down servers when you don't need them. d. Increase network throughout with AWS Direct Connect (DX) nodes.

c. Spin up servers in minutes, and shut down servers when you don't need them.

Which category of services includes Amazon S3? a. Security b. Migration c. Storage d. Computing

c. Storage

Which of the following can you use to connect your on-premises data center and your cloud architecture in AWS? (Select TWO) a. VPC Peering b. NAT Gateway c. Virtual Private Gateway (VPC) d. Egress-Only Internet Gateway e. Amazon Route 53

c. Virtual Private Gateway (VPC) e. Amazon Route 53 An Amazon VPC VPN connection can link your data center (or network) to your Amazon Virtual Private Cloud (VPC). A customer gateway is the anchor on your side of that connection. It can be a physical or software appliance. The anchor on the AWS side of the VPN connection is called a virtual private gateway. Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating names like www.tutorialsdojo.com into the numeric IP addresses like 192.0.2.1 that computers use to connect to each other.

Which of the following below are the benefits of using Consolidated billing in AWS? (Select TWO) a. Consolidate together the billing and payment of both AWS accounts and Amazon Internet Service b. Consolidate using the bills from multiple AWS accounts for only $1 every month c. You get one bill for multiple accounts d. Allow member account to pay the charges of all the master accounts e. Share the volume pricing and Reserved Instance discounts by combining the usage across all accounts in the organization

c. You get one bill for multiple accounts e. Share the volume pricing and Reserved Instance discounts by combining the usage across all accounts in the organization

Which of the following should be done by the AWS account root user? (Select the best answer.)

change the aws support plan

kinesis

consuming big data is ________

what is a route table

contains a set of rules, called routes, that are used to determine where network traffic is directed. Each subnet in a VPC must be associated with a route table; the route table controls routing for the subnet.

A company plans to create a hybrid cloud architecture. What technology will allow them to create a hybrid cloud? ​ a)VPC Peering ​ b)Elastic Network Interface ​ c)Internet Gateway ​ d)AWS Direct Connect

d

A company stores copies of backups on Amazon S3 and requires rapid access but low resiliency. Which storage class is optimized for these requirements? ​ a) Amazon S3 Glacier Deep Archive ​ b) Amazon S3 Standard ​ c) Amazon S3 Glacier ​ d) Amazon S3 One Zone-Infrequent Access

d

A company would like to maximize their potential volume and Reserved Instance discounts across multiple accounts and also apply service control policies on member accounts. Which service or tool can they use to gain these benefits? ​ a)AWS Cost Explorer ​ b)AWS Budgets ​ c)AWS IAM ​ d)AWS Organizations

d

What is the most cost-effective EC2 pricing option to use for a non-critical overnight workload? a)Dedicated Host ​ b)On-Demand ​ c)Reserved Instance ​ d)Spot

d

Which AWS service can be used to process a large amount of data using the Hadoop framework? ​ a)AWS Glue ​ b)Amazon Athena ​ c)Amazon Kinesis ​ d)Amazon EMR

d

Which AWS service is used to enable multi-factor authentication? ​ a)AWS KMS ​ b)Amazon STS ​ c)Amazon EC2 ​ d)AWS IAM

d

Which AWS support plan should you use if you need a response time of < 15 minutes for a business-critical system failure? ​ a)Basic ​ b)Business ​ c)Developer ​ d)Enterprise

d

Which benefit of the AWS Cloud eliminates the need for users to try estimating future infrastructure usage? ​ a)Security of the AWS Cloud ​ b)Economies of scale ​ c)Easy global deployments ​ d)Elasticity of the AWS Cloud

d

Which of the following is a method of backup available in the AWS cloud? ​ a)Amazon EFS File Systems ​ b)Availability Zones ​ c)Amazon Route 53 Alias Record ​ d)Amazon EBS Snapshots

d

Which service supports the resolution of public domain names to IP addresses or AWS resources? ​ a)Amazon CloudFront ​ b)Amazon SNS ​ c)Hosted Zones ​ d)Amazon Route 53

d

Which statement below is incorrect in relation to Network ACLs? ​ a)They support allow and deny rules ​ b)They process rules in order ​ c)They are stateless ​ d)They operate at the Availability Zone level

d

What advantages do you get from using the AWS cloud? (choose 2) ​ a)Increased capital expenditure ​ b)Comply with all local security compliance programs ​ c)Gain greater control of the infrastructure layer ​ d)Stop guessing about capacity ​ e)Trade capital expense for variable expense

d and e

Which items can be configured from within the VPC management console? (choose 2) ​ a)Auto Scaling ​ b)Regions ​ c)Load Balancing ​ d)Subnets ​ e)Security Groups

d and e

Which of the following are features of Amazon CloudWatch? (choose 2) ​ a)It is used for auditing of API calls ​ b)It records account activity and service events from most AWS services ​ c)It provides visibility into user activity by recording actions taken on your account ​ d)It is used to gain system-wide visibility into resource utilization ​ e)It can be accessed via API, command-line interface, AWS SDKs, and the AWS Management Console

d and e

Which of the following allows you to set coverage targets and receive alerts when your utilization drops below the threshold you define? a. AWS Trusted Advisor b. AWS Cost Explorer c. Amazon CloudWatch Billing Alarms d. AWS Budgets

d. AWS Budgets AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount. You can also use AWS Budgets to set reservation utilization or coverage targets and receive alerts when your utilization drops below the threshold you define. Reservation alerts are supported for Amazon EC2, Amazon RDS, Amazon Redshift, Amazon ElastiCache, and Amazon Elasticsearch reservations.

Which of the following AWS services has no additional charge associated with its use? (The resources provisioned within the service may incur costs.) a. Amazon Elastic Computer Cloud (Amazon EC2) b. Amazon Elastic Block Store (Amazon EBS) c. Amazon Simple Storage Service (Amazon S3) d. AWS Identity and Access Management (IAM)

d. AWS Identity and Access Management (IAM)

Which method would you used to access AWS services through an easy-to-use graphical interface? a. Software Development Kits (AWS SDK) b. AWS EasyLauch c. AWS Command Line Interface (AWS CLI) d. AWS Management Console

d. AWS Management Console

Which AWS sevice is a managed DDos protection service that safeguards applications running on AWS? a. Amazon Inspector b. Amazon CloudWatch c. AWS Identity and Access Management d. AWS Shield

d. AWS Shield

"Increase speed and ______" is one of the six advantages of Cloud Computing which refers to the reduction of acquisition time for making new compute resources available to your developers from weeks to just minutes. a. Elasticity b. Reliability c. High Availability d. Agility

d. Agility There are six advantages of using Cloud Computing: 1. Trade capital expense for variable expense 2. Benefit from massive economies of scale 3. Stop guessing capacity 4. Increase speed and agility 5. Stop spending money running and maintaining data centers 6. Go global in minutes

A company is currently using an On-Demand EC2 instance for their application which they plan to migrate to a Reserved EC2 Instance to save on cost. Which of the following is the most cost-effective option if the application being hosted would be used for more than 3 years? a. All upfront Convertible Reserved Instance pricing for a 1 year term b. No upfront Standard Reserved Instance pricing for a 1 year term that is renewed every year. c. No Upfront Convertible Reserved Instance pricing for a 3 year term d. All Upfront, Standard Reserved Instance pricing for a 3 year term

d. All Upfront, Standard Reserved Instance pricing for a 3 year term

Which service provides persistent block storage volumes for use with Amazon EC2 instances? a. Amazon S3 b. Amazon EFS c. Amazon DynamoDB d. Amazon EBS

d. Amazon EBS

There is a requirement to launch a new database in AWS where the customer assumes the responsibility and management of the guest operating system, including updates and security patches. Which of the following services should the customer use? a. Amazon DocumentDB b. Amazon DynamoDB c. Amazon Aurora d. Amazon EC2

d. Amazon EC2 Since you have more control over your EC2 instance, you can install any database that you prefer and manage its guest operating system, including the required updates and security patches. You can also choose an AMI with a pre-installed database (such as PostgreSQL or MySQL) in the Amazon EC2 Dashboard to save your time. Hence, the correct answer is Amazon EC2.

Among the following services, which is the most suitable one to use to store the results of I/O-intensive SQL database queries to improve application performance? a. AWS Greengrass b. Amazon CloudFront c. Amazon DynamoDB Accelerator (DAX) d. Amazon ElasticCache

d. Amazon ElasticCache Amazon ElastiCache offers fully managed Redis and Memcached. Seamlessly deploy, run, and scale popular open source compatible in-memory data stores. With this service, you can build data-intensive apps or improve the performance of your existing apps by retrieving data from high throughput and low latency in-memory data stores. In-memory caching improves application performance by storing critical pieces of data in memory for low-latency access. Cached information may include the results of I/O-intensive database queries or the results of computationally-intensive calculations.

Which type of Elastic Load Balancer supports path-based routing, host-based routing, and bi-directional communication channels using WebSockets? a. Classic Load Balancer b. Network Load Balancer c. Both Application Load Balancer and Network Load Balancer d. Application Load Balancer

d. Application Load Balancer This is best suited for load balancing of HTTP and HTTPS traffic and provides advanced request routing targeted at the delivery of modern application architectures, including microservices and containers. Operating at the individual request level (Layer 7), Application Load Balancer routes traffic to targets within Amazon Virtual Private Cloud (Amazon VPC) based on the content of the request.

You need to launch a new EC2 Instance for a beta program which is scheduled to change its instance family, operating system and tenancy exactly 3 months after its trial period. Which type of Reserved Instance (RI) should you use? a. Zonal RI b. Standard RI c. Scheduled RI d. Convertible RI

d. Convertible RI Convertible Reserved Instances (RI) provide you with a significant discount (up to 54%) compared to On-Demand Instances and can be purchased for a 1-year or 3-year term. Purchase Convertible Reserved Instances if you need additional flexibility, such as the ability to use different instance families, operating systems, or tenancies over the Reserved Instance term.

Which of the following allows you to categorize and track your AWS costs on a detailed level? a. Amazon Aurora Backtrack b. Consolidated Billing c. AWS Budgets d. Cost Allocation tags

d. Cost Allocation tags A tag is a label that you or AWS assigns to an AWS resource. Each tag consists of a key and a value. A key can have more than one value. You can use tags to organize your resources, and cost allocation tags to track your AWS costs on a detailed level. After you activate cost allocation tags, AWS uses these tags to organize your resource costs on your cost allocation report, to make it easier for you to categorize and track your AWS costs. AWS provides two types of cost allocation tags, an AWS generated tags and user-defined tags. AWS defines, creates, and applies the AWS generated tags for you, and you define, create, and apply user-defined tags. You must activate both types of tags separately before they can appear in Cost Explorer or on a cost allocation report.

A company has 70 employees divided into 10 departments. The IT admin wants to customize each departments access to AWS. Which of the following options is most appropriate? a. Make each employee an AWS account root user. b. Create an IAM role for each department, and assign IAM users to the roles. c. Create a temporary role for each employee, and revise their access as needed. d. Create an IAM Group for ach department and assign IAM users to the groups

d. Create an IAM Group for ach department and assign IAM users to the groups

Which of the following Amazon EC2 instance purchasing options can help you address compliance requirements and reduce costs by allowing you to use your existing server-bound software licenses? a. Reserved Instance b. On-Demand Instance c. Dedicated Instance d. Dedicated Host

d. Dedicated Host

Users of your services are reporting latency. With on-premises architecture you would notify your Administrator to launch another server to balance the load. How can this be automated using AWS? a. Create six Amazon EC2 instances in different Availability Zones. b. Create a new template using AWS CloudFormation. c. Enable AWS CloudTrail to monitor latency issues. d. Enable an Amazon CloudWatch alarm to trigger a scaling policy.

d. Enable an Amazon CloudWatch alarm to trigger a scaling policy.

A company has web servers running on Amazon EC2 instances that access a RESTful API hosted on their on-premises data center. What kind of architecture is the company using? a. Software as a Service (SaaS) b. Serverless architecture c. Platform as a Service (PaaS) d. Hybrid architecture

d. Hybrid architecture Since the company has web servers running on Amazon EC2 instances that access a RESTful API hosted on their on-premises data center, they are considered to be using a hybrid cloud computing deployment model. Hence, the correct answer is Hybrid architecture

Which of the following IAM identities is associated with the access keys that are used in managing your cloud resources via the AWS Command Line Interface (AWS CLI)? a. IAM Policy b. IAM Role c. IAM Group d. IAM User

d. IAM User Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK). Access keys consist of two parts: 1. Access key ID (for example: AKIAIOSTUTORIALSDOJO) 2. Secret access key (for example: wJalrXUtnFEMI/K7MDENG/bTutorialsDojoKEY).

Which of the following components is included in the value proposition of the AWS Cloud? a. Fully independent development without parameters b. Informal security restrictions c. Physical relocation of your servers d. Massive economies of scale

d. Massive economies of scale

Which of the following is true regarding the Developer support plan in AWS? (Select TWO) a. Full access to the AWS Support API b. Recommended if you have business and /or mission critical workloads in AWS c. Has access to the full set of Trusted Advisor checks d. No access to the AWS Support API e. Limited access to the 7 Core Trusted Advisor checks

d. No access to the AWS Support API e. Limited access to the 7 Core Trusted Advisor checks

Which of the pillars of the well-Architected Framework is defined as the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures? a. Performance efficiency b. Security c. Reliability d. Operational excellence

d. Operational excellence

Which of the following options describes the most common AWS billing model? a. Annual Billing b. Pay in Advance c. Daily Billing d. Pay as you Go

d. Pay as you Go

Which among the options below is a highly available and scalable cloud Domain Name System (DNS) web service in AWS? a. Lighttail b. Active Directory Domain Service c. Rekcognition d. Route 53

d. Route 53 Is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating names like www.tutorialsdojo.com into the numeric IP addresses like 192.0.2.1 that computers use to connect to each other. Amazon Route 53 is fully compliant with IPv6 as well

Which of the following use cases is appropriate for Amazon CloudFront (Select Three) a. Schema Generation b. Database Backups c. Auto Scaling d. Static Asset Caching e. Live on-demand video streaming f. Security and encryption

d. Static Asset Caching e. Live on-demand video streaming f. Security and encryption

What is the first step in getting started with AWS Lambda? a. Pay for estimated computer time b. Deploy an OS image c. Provision EC2 instances d. Upload your code

d. Upload your code

A company is designing a new cloud architecture for its mission-critical application in AWS which must be highly-available. Which of the following is the recommended pattern to meet this requirement? a. Make sure that each component of the application is high bandwidth and low-latency network connectivity using ENI's b. Deploy an Amazon EC2 Spot Fleet with a diversified allocation strategy. c Adopt a monolithic application architecture d. Using multiple Availability Zones to ensure that the application can handle the failure of any single component.

d. Using multiple Availability Zones to ensure that the application can handle the failure of any single component.

You can run applications and workloads from a Region closer to the end users to_______ latency.

decrease

You can run applications and workloads from a region to ......... latency to end users

decrease

You can run applications and workloads from a region to _______ latency to end users. increase decrease

decrease

Resource in IAM Policy

defines the scope of entities covered by the policy rule (eg a specific Amazon S3 bucket or Amazon EC2 instance, or which means any resource*).

How would a system administrator add an additional layer of login security to a user's AWS Management Console? (Select the best answer.)

enable MFA

What is a VPC

enables you to launch Amazon Web Services (AWS) resources into a virtual network that you defined. This virtual network closely resembles a traditional network that you would operate in your own data center, with the benefits of using the scalable infrastructure of AWS. You can create a VPC that spans multiple Availability Zones.`Virtual Private Cloud

True or False? AWS Key Management Service (AWS KMS) enables you to assess, audit, and evaluate the configurations of your AWS resources.

false

True or False? Cloud computing provides a simple way to access servers, storage, databases, and a broad set of application services over the internet. You own the network-connected hardware required for these services and Amazon Web Services provisions what you need.

false

True or False? Edge locations are only located in the same general area as Regions.

false

True or False? Private subnets have direct access to the internet.

false

True or false? To receive the discounted rate associated with Reserved Instances, you must make a full, upfront payment for the term of the agreement.

false

True or false? Unlimited services are available with the AWS Free Tier to new AWS customers for 12 months following their AWS sign-up date. (Select the best answer.)

false

______ means the infrastructure has built-in component redundancy and ______ means that resources dynamically adjust to increases or decreases in capacity requirements.

fault tolerant, elastic and scalable

Economies of scale result from ____

having hundreds of thousands of customers aggregated in the cloud

Economies of scale results from ..................

having hundreds of thousands of customers aggregated in the cloud

Economies of scale results from ______. (Select the best answer) having hundreds of thousands of customers aggregated in the cloud having hundreds of cloud services available over the internet having to invest heavily in data centers and servers having many different cloud provders

having hundreds of thousands of customers aggregated in the cloud

which of the folowing are not benefits of aws cloud compuitng

high latency, multiple procurement cycles

200

how many subnets can you create per VPC?

To view all categories of instance metadata from within a running instance, which URI should you use? (Select the best answer)

http://169.254.169.254/latest/meta-data/

To view all categories of instance metadata from within a running instance, which URI should you use? (Select the best answer)

http://169.254.169.254/latest/meta-data/

Which of the following AWS documentation URLs points to the page containing an up-todate list of service limits?

https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html

You wish to migrate your on-premise tape backup solution to the AWS Storage Gateway Platform. Which protocol can help you mount these virtual tapes for your backup application?

iSCSI

value

in S3, the ________ is simply the data and is made up of a sequence of bits.

S3 replicates all objects ______. (Select the best answer)

in multiple availability zones within the same region

S3 replicates all objects ______. (Select the best answer)

in multiple availability zones within the same region

a,b

in which of the following ways can security privileges be granted to Docker Containers? (Choose 2) a. Role granted to ECS container instances b. role gratned to an ECS task c. Image in ECR d. Role granted to an ECS cluster

Which files do you need to upload at a minimum to enable an Amazon S3 bucket to be used as a static website? (Choose 2 answers)

index.html and error.html

What is an Instance

is a virtual server in the AWS Cloud. You launch an instance from an Amazon Machine Image (AMI). The AMI provides the operating system, application server, and applications for your instance.

What is IAM

is a web service that enables Amazon Web Services (AWS) customers to manage users and user permissions in AWS. With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users can access. AWs Identity and Access Management

what is amazon ec2

is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

Availability Zones within a Region are connected over low-latency links. Which of the following is a benefit of these links

make synchronous replication of your data possible

0 bytes to 5TB

minimum and max file/ object size in S3?

Approximately how many different CloudFront edge locations are there?

more than 150

AWS highly recommends provisioning your compute resources across ........ Availability zones.

multiple

AWS highly recommends provisioning your compute resources across ___ availability zones. Multiple single all no

multiple

AWS highly recommends provisioning your compute resources across _______ Availability Zones.

multiple

You need to allow resources in a private subnet to access the internet. Which of the following must be present to enable this access? (Select the best answer.)

nat gateway

Which of the following is an optional security control that can be applied at the subnet layer of a VPC?

network acl

buckets

objects in S3 are stored in __________

What is Amazon EBS

offers persistent storage for Amazon EC2 instances. Amazon EBS volumes are network-attached and persist independently from the life of an instance. Amazon EBS volumes are highly available, highly reliable volumes that can be leveraged as an Amazon EC2 instances boot partition or attached to a running Amazon EC2 instance as a standard block device.

what is an availability zone

one or more data centers in a location

From where does CloudFront retrieve content to store for caching?

origins

What is the pricing model that allows AWS costumers to pay for resources on an as-needed basis?

pay as you go

what is the pricing model that enables AWS customers to pay for resouces on an as needed basis

pay as you go

what is not a benefit of cloud computing over on premises computing

pay for racking, stacking and powering servers

what is a cloud deployment model

platforma s a service, infrastructure as a serice, software as a service

When you create a table in Amazon DynamoDB, in addition to the table name, you must specify the _____ of the table. (Select the best answer)

primary key

When you create a table in Amazon DynamoDB, in addition to the table name, you must specify the _____ of the table. (Select the best answer)

primary key

encrypted

public snapshots of __________ volumes are not supported, but you can share an encrypted snapshot with specific accounts

For certain services like Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Relational Database Service (Amazon RDS), you can invest in reserved capacity. What options are available for Reserved Instances? (Choose three.)

puri, nuri, auri,

Which of the following would be a valid endpoint your developers could use to access a particular Relational Database Service instance you're running in the Northern Virginia region

rds.us-east-1.amazonaws.com

What advantages does deploying Amazon Cloudfront provide

reduced Latency, Improved performance for end users

Amazon EBS is recommended when data _______ and _______. (Choose two)

requires an encryption solution, must be quickly accessible, requiring long-term persistence

Which CloudFront distribution type requires you to provide a media player

rtmp

Effect in IAM Policy

says whether to Allow or Deny the permissions.

Which of the following can be used to protect Amazon Elastic Compute Cloud (Amazon EC2) instances hosted in AWS?

security group

In the shared responsibility model, AWS is responsible for providing what? (Select the best answer.)

security of the cloud

a,b,c,e (cannot include uppercase or Underscores)

select all the apply to S3 bucket naming: a. Bucket names must be unique across all existing bucket names in S3. b. Bucket names must comply with DNS naming conventions c. must be atleast 3 characters long and no more than 63 characters. d. can include uppercase letters or underscores. e. Must not be formatted as an IP address

Action in IAM Policy

specifies the API calls that can be made against an AWS Service (eg cloudwatch:ListMetrics)

Which of the following SSH commands will successfully connect to an EC2 Amazon Linux instance with an IP address of 54.7.35.103 using a key named mykey.pem

ssh -i mykey.pem [email protected]

which items can be configured from within the VPC management console

subnets, security groups

Which of these is not a cloud deployment model? (Select the best answer) System administration as a service infrastructure as a service platform as a service software as a service

system administration as a service

T

t/f; EBS volumes persist beyond the life of an EC2 instance.

Which of the following EC2 services can be used without charge under the Free Tier

t2.micro EC2 instance type instances for a total of 750 hours per month

federated users

term used to describe users in your system, outside AWS.

REST API

the ______ ______ is an HTTP interface to Amazon S3. Using REST, you use standard HTTP requests to create, fetch, and delet buckets and objects

root account

the ________ _________ is the email address you used to set up your AWS account. It always has full administrator access. You should not give these account credentials away to anyone. Instead create a user for each individual within your organization. You should always secure this root account using MFA

policy

to set the permissions in a group you need to apply a ________ to that group. These consist of Java Script Object Notation (JSON). These are referred to as key value pairs.

True or False? AWS Organizations enables you to consolidate multiple AWS accounts so that you centrally manage them.

true

True or False? Availability Zones within a Region are connected through low-latency links.

true

True or False? Networking, storage, compute, and databases are examples of service categories that AWS offers.

true

True or False? S3 is an object storage suitable for the storage of 'flat' files like Word documents, photos, etc.

true

True or False? You can launch multiple instances of different types from a single AMI when launching an EC2 instance.

true

True or false? AWS offers a variety of services at no charge, for example, Amazon Virtual Private Cloud (Amazon VPC), AWS Identity and Access Management (IAM), Consolidated Billing, AWS Elastic Beanstalk, automatic scaling, AWS OpsWorks and AWS CloudFormation. However, you might be charged for other AWS services that you use in conjunction with these services.

true

true or false, aws owns and maintains the network connected hardware required for applciation services, while you provision and use what you need

true

You need to deliver content to users in the United States and Canada. Which of the following edge location options will be the most cost effective for your CloudFront distribution?

united states, canada, europe

Which of the following designations would refer to the AWS US West (Oregon) region?

us-west-2

simple AD, AD connector

use ________ ___ if you need an inexpensive Active Directory- compatible service with the common directory features. __________ ________ lets you simply connect your existing on premises active directory to AWS.

cost optimization, performance, security, fault tolerance, and service limits

what 5 high level categories of information does AWS Trusted Advisor supply?

a

what are AWS recommendations regarding root access keys? a. delete them b. save the in a secure place c. only share them with trusted people d. none of the above.

b,d

what are design principles for performance efficiency in the cloud? (Choose 2) a. implement security automation b. Use serverless architectures c. enable traceability d. go global in minutes.

compute, storage, and data transfer

what are the 3 fundamental characteristics you pay for in AWS?

Elastic IP Address

what does EIP stand for?

Identity Access Management

what does IAM Stand for?

ECR (Elastic Container Registry)

what is the most appropriate means (service) for developers to store docker container images in the AWS Cloud?

AWS Simple Monthly Calculator

what tool can be used to estimate your monthly AWS bill?

bastion

when properly configured through the use of security groups and Network ACLs, the __________ essentially acts as a bridge to your private instances via the internet.

HTTP 200 code

when you upload a file to S3, you will receive an _______ _______ _______ if the upload was successful

developer

which AWS support plan includes Business hours access to Cloud Support Associated via email (only)?

enterprise

which aws support plan includes an unlimited number of cases created b an unlimited number of contacts to aws senior cloud support engineers by phone, email, or chat 24x7

linux; T2 instance

which instance types require an HVM AMI?

What is an Inline policy

which is a policy assigned to just one User or Group. Inline Policies are typically used to apply permissions for one-off situations.

What is a Nat gateway

which is used to provide internet connectivity to EC2 instances in the private subnets.

a,d

which of the following allows you to create a new RDS instance? (choose 2) a. management console b. AWS DMS c. AWS CloudFront d. AWS CloudFormation e. Lambda

c

which of the following can be used to call AWS services from different programming languages? a. CLI b. AWS Console c. SDKs d. IAM

glacier and storage gateway

which of the following services natively encrypts data at rest within an AWS region? (choose 2) storage gateway dynamoDB CloudFront Glacier SQS

b,c

which security procedures should you perform yourself even if you are using a managed service? (choose 2) a. database patching b. SSL/TLS c. activity logging d. disaster recovery.

AWS Config

with ___ ______, you can discover existing and deleted AWS resources, determine your overall compliance against rules, and dive into configuration details of a resource at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and trouble shooting.

The name of an S3 bucket must be unique _________. (Select the best answer)

worldwide across all AWS accounts

The name of an S3 bucket must be unique _________. (Select the best answer)

worldwide across all AWS accounts

memory usage

you are a systems administrator and you need to monitor the health of your production environment. You decide to do this with CloudWatch. However, you notice that you cannot see the health of every important metric in the default dashboard. When monitoring the health of your EC2 instances, for which of the following metrics do you need to design a custom CloudWatch metric? Network in Memory Usage CPU usage disk read operations

access control lists (ACL)

you can control access to each of your buckets and objects using an ______ ______ _________.

lifecycle rules

you can define _______ _______ for objects in your bucket that have a well-defines lifecycle. For example, you can define a rule to archive objects one year after creation, or delete an object 10 years after creation.

versioning

you can use ____________ to keep multiple versions of an object in the same bucket.

a

you want to quickly deploy your .NET application on the AWS Cloud. Which of the following AWS Services can best help you? a. Elastic Beanstalk b. EC2 c. VPC d. SQS


Ensembles d'études connexes

Career Info and Exploration - edmentum

View Set

Lewis Ch 47- assessment of Endocrine (TB)

View Set

Abeka 9th grade Science (Matter and Energy) Test 10

View Set

Chapter 66: Management of Patients With Neurologic Dysfunction

View Set

Chapter 13 Review (Sociology test #3)

View Set

ABM 1041 Micro Econ - Harvey James

View Set

Ralley 1 - 1+2 circuit rouge - Col - les substantifs (deel 2)

View Set