aws tests

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

How often does Amazon CloudWatch report metrics for AWS WAF?

1 minute

Which two of the four Amazon S3 storage classes listed below charge a per GB retrieval fee? (Choose 2 answers)

1) Amazon S3 Standard-IA 2) Amazon S3 Glacier Storage

What two options does RDS offer to backup information stored on DB instances? (Choose 2 answers)

1) Automated backup 2) DB snapshots

What principles does AWS recommend to remove single points of failure from your design? (Choose 2 answers.)

1) Data replication 2) Detect failure

Which Amazon EC2 purchase options involve selecting host hardware as well as your instance operating system, memory and compute specifications? (Choose 2 options)

1) Dedicated Instances 2) Dedicated Host Instances

How is Key Management Service (KMS) priced?

1) Per customer master key 2) the number of requests received per month.

To ensure secure services, AWS offers shared responsibility models for each of the different type of services that they offer which you need to be aware of. Which of the following services are the responsibility of AWS? (Choose 3 answers)

1) Virtualization infrastructure 2) Network infrastructure 3) Physical security of hardware 4) NOT OPERATING SYSTEM

What statements below regarding AWS pricing is true? (Choose 2 answers)

1) You can pay less for a service when you reserve it in advance. 2) Discounted rates are available for high volume service usage.

The billing process for Amazon EC2 instances was updated as of October 2, 2017. Which of the following statements is true regarding how you pay for Amazon EC2 instances? (Choose 2 answers)

1) You can pay per hour or per second, depending on the instance AMI's operating system. 2) You can pay per hour or per second, depending on the method of purchasing your instances.

What choices below are benefits of using AWS-managed services instead of user-managed services? (Choose 2 answers.)

1) reduced complexity 2) reduced administration

How far into the future can AWS Cost Explorer forecast spending for your account?

12 months

What does the concept of "redundancy" mean in regards to designing AWS cloud systems?

A design where multiple resources perform the same task

Which choice below accurately describes the 'warm standby' disaster recovery method?

A duplicate version of only your business-critical systems that is always running, in case you need to divert your workloads to them in the event of a disaster.

Which of the following is AWS Glacier best used for?

A durable storage for data archives and backup

What is the Total Cost of Ownership (TCO) calculator?

A free service that allows you to compare the cost of AWS with an on-premise data center.

What is Amazon CloudFront?

A global content delivery network

What does Amazon ElastiCache provide?

A managed in-memory cache service

Which of the following best defines the AWS Key Management Service?

A managed service that makes it easy for you to create and control the encryption keys used to encrypt your data

Which of the following best describes a forecast in AWS billing account using Cost Explorer?

A prediction of your AWS usage for up to the next three months

In the most recent company meeting, your CEO focused on the fact that everyone in the organization needs to make sure that all of the infrastructure that is built is truly scalable. Which statement in reference to scalable architecture is incorrect?

A scalable architecture won't be cost effective as it grows. - this is wrong

What is a "rule" in the context of Amazon Inspector?

A security check that the AWS agent performs during an assessment run

What is AWS Budgets?

A service that allows you to set specific spending and usage limits for AWS services

What choice below accurately describes the 'pilot light' disaster recovery method?

A very small replica of only your business-critical systems that is always running in another region, in case you need to divert your workloads there in the event of a disaster.

When does the billing process for an Amazon EC2 instance begin?

AMI boot sequence is initiated.

_______ gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion.

AWS CloudFormation

Amazon CloudWatch can also integrate with other AWS services that provide similar monitoring features. What other AWS offering can CloudWatch integrate with to provide monitoring of API calls as well as perform aggregation of CloudWatch log(s)?

AWS CloudTrail

Which statement is true about AWS Config and regions?

AWS Config is a region-specific service, meaning it has to be configured in every region you wish to use it.

An organization has been using AWS for a few months. The finance team wants to visualize the pattern of AWS spending. Which of the below AWS tools will help for this requirement?

AWS Cost Explorer

_____ is a useful and powerful tool within Billing and Cost Management. It allows you to view historical billing information in a graphical format giving you greater insight to your AWS spend.

AWS Cost Explorer

With _______________ you can transfer your business critical data directly from your datacenter, office, or colocation environment to and from AWS bypassing your Internet Service Provider and removing network congestion.

AWS Direct Connect

Which statement about AWS Direct Connect is correct?

AWS Direct Connect does not involve the Internet and uses dedicated, private network connections between your intranet and Amazon VPC.

When using __________, you simply upload your application code, and the service handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring.

AWS Elastic Beanstalk

You are reviewing AWS Elastic Beanstalk and considering how it can support versions of an application. Which statement below is correct?

AWS Elastic Beanstalk allows you to run multiple versions of an application at the same time.

Which other AWS service can you use to enable greater security of your CloudTrail log files?

AWS Key Management Service (KMS)

Which AWS service does AWS WAF primarily use to aid with automation?

AWS Lambda

A user is planning to define his own information security management system (ISMS) for AWS. Which of the following security models should the user be familiar with to define the ISMS for AWS?

AWS Shared Responsibility Model

A user has developed an application that requires sending data to a NoSQL database. The user wants to decouple the process so that the application keeps processing and sending data, but does not wait for database acknowledgement. Which of the below mentioned applications helps in this scenario?

AWS Simple Queue Service

In AWS, who owns the controls for cloud-deployed infrastructure?

AWS controls the physical components of the technology. A customer owns and controls everything else, including control over connection points and transmissions.

You have sensitive data stored on AWS that is no longer needed, and you intend to delete it. When you ask AWS to delete the data in the cloud, what is the standard procedure they'll follow?

AWS does not decommission the underlying physical media; instead, the storage blocks are marked as unallocated.

To ensure that resources are distributed across a region's Availability Zones, what does AWS do?

AWS independently maps Availability Zones to identifiers for each account.

___________ are predefined, out-of-the-box policies that grant permissions for common use cases to eliminate the need to determine what permissions are needed.

AWS managed policies

Your customers are concerned about the security of their sensitive data and their inquiry asks about what happens to old storage devices on AWS. What would be the best answer to this question?

AWS uses the techniques detailed in DoD 5220.22-M to destroy data as part of the decommissioning process.

You are implementing Amazon CloudWatch for monitoring of your AWS infrastructure. What can you use within CloudWatch to take actions such as sending a notification to an SNS topic or an Auto Scaling policy?

Alarm

AWS WAF requires which other AWS service to deploy a security solution?

Amazon CloudFront - NOT CloudWatch

AWS Lambda monitors Lambda functions and reports metrics through which Amazon service?

Amazon CloudWatch

Which of the following is true of Amazon CloudWatch?

Amazon CloudWatch monitors Amazon Web Services (AWS) resources and the applications that run on AWS in real-time.

When processing workloads on specific Amazon EC2 instances that require a higher level of durability, and the ability for an instance to quickly retrieve the data, the recommended storage option is to use ______________.

Amazon EBS volumes

When using Amazon Glacier's standard retrieval option, which of the following statements is correct?

Amazon Glacier takes 3-5 hours to retrieve data.

What AWS service could be used for assessment of security compliance and active auditing of EC2 instances on a regular basis?

Amazon Inspector

Which storage option is hosted by Amazon EC2 instances themselves?

Amazon Instance Store Volumes

Which of the following statements is true of automation in RDS?

Amazon RDS automatically performs backups and patches the database software that powers your DB Instance.

What service is used to store the log files generated by CloudTrail?

Amazon S3

Which of the following services should be used if you need low latency or frequent access to your data?

Amazon S3

When using Amazon's CloudTrail, which service is used to publish a notification?

Amazon Simple Notification Service

Which service is used by default to store the CloudTrail log files?

Amazon Simple Storage Service (S3)

There are many access control methods on AWS to build network segments. Which choice below defines an isolated network for each workload or organizational entity?

Amazon VPC

Which of the following AWS services can be used to define a Virtual Network that closely resembles a traditional data center?

Amazon VPC

What is the Personal Health Dashboard?

An AWS account dashboard that shows how AWS service issues may affect systems connected with your AWS account.

Which of the following statements is true of an Auto Scaling group?

An Auto Scaling group cannot span multiple regions.

What is an AWS edge location?

An edge location is a data center used for Amazon CloudFront.

What does an "endpoint" refer to in AWS?

An endpoint is a URL that is the entry point for a web service.

Which of the following is specifically an AWS security best practice?

Applying the principle of least privilege

If your AWS data must meet specific regulations such as the EU Data protection laws, what must you do?

Architect your environment to meet these security requirements

Which of the following is an IAM best practice?

Assign permissions to groups and add users to that group

Complete the three definitions:___________ is the process of defining an identity and the verification of that identity___________ determines what resources an identity can access within a system once it has been authenticated.___________ is the method and process of how access is granted to a secure resource.

Authentication; Authorization; Access Control

_______ is the process in which a system you have authenticated to establishes what you can access and at what level?

Authorization

A user wants to build a fault-tolerant, highly available application. Which AWS services are designed to specifically increase fault tolerance and high availability when integrated into an application's design?

Auto Scaling and Elastic Load Balancing

What does the phrase 'stop guessing capacity' mean?

Automate deployments based on performance metrics

Spot instances are ideally designed for which purpose below?

Backend processing jobs that can withstand interruptions

Which disaster recovery method generally has the highest RTO and RPO, but requires the least cost, in terms of resources, to restore service?

Backup and restore

Which of the choices below best describes what Auto Scaling is well suited for?

Both for applications that have stable demand patterns and that experience hourly, daily, or weekly variability in usage.

Your manager asks you to change your company's AWS Support level to include use-case guidance (what AWS products, features, and services to use to best support your specific needs) and third-party software support. Which support plan is most cost-effective option offering this service?

Business-level support plan

Auto Scaling does not perform which of the following operations?

Changing instance types

Which of the following statements best describes a key difference between Elastic Beanstalk and CloudFormation?

CloudFormation offers more potential for customization than Elastic Beanstalk, because you can actually design and script yourself.

Amazon _____ monitors your AWS resources and applications that you run in AWS in real time, providing you the ability to collect and track metrics as well as setup alarms to send notifications based on rules you define.

CloudWatch

Amazon _____ provides you the ability to easily add user sign-up/sign-in to your apps along with permission management, in addition to enabling data storage on user devices.

Cognito

Which of the following payment methods can be used when signing up with AWS?

Credit card

How can AWS Snow Family provide its data migration service?

Data is sent via a physical appliance sent to you by AWS.

What specific type of budgets cannot be created using AWS budgets?

Data transfer

Which statement regarding AWS regions is incorrect?

Each AWS region includes an identical number of availability zones to host EC2 instances.

Which of the following statements is true of Amazon S3?

Each object can contain up to 5 TB of data.

AWS uses the term __________ to describe the ability to scale computing resources up and down easily, with minimal friction.

Elastic

Amazon ____ provides durable storage volumes you can attach to a running instance and which persist beyond the life of the instance.

Elastic Block Store

All AWS customers automatically have around-the-clock access to certain features. Which of the following is not one of those?

Email response

Your company wants you to ensure that AWS provides management business reviews as part of its support plan. Which of the following support levels should you choose to make sure that this is included?

Enterprise-level Support

Serverless computing falls under which category of cloud computing services?

Function as a Service

You have a general development question and you decide that you need some support from AWS. Which of the following severity levels do you think would be an approriate choice for this issue?

Guidance

Auto Scaling provides what kind of scaling service?

Horizontal

Which answer accurately describes reliability, one of the five pillars of the Well-Architected Framework?

How to maintain the stability of your environment, recover from failures, and automatically meet resource demands

Which statement about IAM users is false?

IAM users must belong to at least one group. - FALSE

Which service model allows you to configure and customize your environment from the ground up?

Infrastructure as a Service (IaaS)

How does installing the Amazon Inspector Agent on EC2 instances affect instance performance?

Inspector agent has minimal effect on the performance of EC2 instances only during assessment run process.

Which of the following statements best describes Amazon Cognito?

It is a simple user-data synchronization and identity service that helps you securely manage and synchronize app data for your users across their mobile devices.

In regards to disaster recovery, what is a recovery point objective (RPO)?

It is the acceptable amount of data loss measured in time.

Which description of a Recovery Time Objective (RTO) is correct?

It is the maximum acceptable amount of time a system can be offline.

What is a benefit of using federated access?

It minimizes the amount of administration required within IAM.

Key Management Service (KMS) is used to manage encryption keys in your AWS environment. How can you audit the changes made on KMS?

KMS has full audit and compliance integration with CloudTrail; this is where you can audit all changes performed on KMS.

Which statement is correct about AWS Key Management Service (KMS)?

KMS is a managed service from AWS that enables you to easily manage and maintain encryption Keys.

Which of the following tasks can AWS Config help you accomplish?

Manage and maintain compliance

In AWS, when is Developer-level tier technical support available?

Monday - Friday 8am to 6pm in the customer time zone

Which AWS disaster recovery method has the lowest RTO and RPO, but the highest cost required to maintain resources?

Multi-site

Which of the following traditional disaster recovery methods runs your site in AWS as well as on your existing on-site infrastructure, in an active-active configuration?

Multi-site solution

Which of the following choices correctly describes how EC2 instances can be launched from an AMI?

Multiple EC2 instances can be launched from a single AMI.

Can ELB load balancers span across multiple regions?

No, but load balancers can span across Availability Zones in the same region.

Amazon EC2 instances bill some instances with a Linux operating system at a per-second rate, and other instances with a Linux operating system at a per-hour rate. Which statement regarding Amazon EC2 instance billing rates is correct?

On-Demand instances are billed per second, and Dedicated Instances are billed per hour.

Which statement about Auto Scaling is false?

One auto scaling group can launch instances in different regions.

Which of the following describes operational excellence, one of the five pillars of the AWS's Well-Architected Framework?

Prepare, operate, and evolve

Important functions of your application are unavailable. You cannot work around the problem, and your business is significantly impacted. You decide that you need support from AWS. Which of the following severity levels do you think would be an appropriate choice for this issue?

Production system down

Important functions of an organization's application are impaired or degraded, and you can't work around the problem, but the overall business is not affected. You decide that you need some support from AWS. You have an Enterprise Support Plan with AWS. Which of the following severity levels do you think would be an appropriate choice for this issue?

Production system impaired

Which of the following is not a pillar of the Well-Architected Framework developed by AWS?

Profitability

You are viewing your AWS resources but can only see the resources tied to the region you've specified. What is the reason for this?

Regions are isolated and AWS does not replicate resources across regions automatically

Which purchase options are available for RDS DB instances?

Reserved Instances

Which statement is true about AWS WAF rules?

Rules are executed in the order they appear in the Web ACL.

AWS Simple Queue Service

SQS provides a simple and cost-effective way to decouple the components of an application.

An organization has launched a large EC2 instance from an EBS-backed AMI. The organization wants to ensure that even when this instance is terminated, all the critical data will be saved. How can they ensure the EBS volume persists after the instance is terminated?

Set the volume's DeleteOnTermination flag to 'False'

One way to save on the cost of running instances in Amazon EC2 is to make use of ____ instances, which enable you to bid on unused EC2 instances, provided your workloads can withstand potential interruptions.

Spot

Why does AWS recommend using stateless cloud applications, when possible?

Stateless applications enable more scalability and resilience in each application layer.

You have a time-sensitive development question and you decide that you need some support from AWS. Which of the following severity levels will be an appropriate choice for you to resolve the issue?

System impaired - development question

What does Amazon CloudFormation provide?

Templates to deploy AWS resources

How does AWS define cloud computing?

The on-demand delivery of IT resources through a cloud services platform via the Internet with pay-as-you-go pricing.

In regards to disaster recovery, what is the recovery time objective (RTO)?

The time it takes after a disruption to restore a system back to its desired service level.

Which of the following is true of CloudWatch alarms?

They automatically make changes to the resources monitored based on rules defined.

What types of identities do Amazon Cognito identity pools support?

They support both authenticated and unauthenticated identities.

What does AWS design concept of "loose coupling" mean?

To design a system that minimizes interdependencies

What does the AWS best practice "designing for failure" mean?

To design systems to anticipate failure and recover automatically

With the regard to Amazon EC2 instances, what is the function of key pairs?

To encrypt the login information for Linux and Windows EC2 instances, and then decrypt the same information allowing you to authenticate into the instance.

Why is each Amazon region designed to be completely isolated from other Amazon regions?

To maximize fault tolerance and stability

What is one function of an AWS Snowball?

To transfer petabyte-scale data into and out of the AWS cloud

Which service below is not directly related to traceability?

Trusted Advisor

A user has archived data to Amazon S3 Glacier. How much data can the user restore from Glacier for free every month?

Up to 10 GB per month

Your company wants to understand where cost is coming from in the company's production AWS account. There are a number of applications and services running at any given time. Without expending too much initial development time, how best can you give the business a good understanding of which applications cost the most per month to operate?

Use AWS Cost Allocation Tagging for all resources which support it. Use the Cost Explorer to analyze costs throughout the month.

A user is uploading a backup of data to S3 Glacier as part of a disaster recovery plan. The data stored in S3 Glacier is part of a larger data recovery plan that involves other AWS services. There is a relatively small set of data (100 MB) that needs to be restored immediately when a disaster recovery plan is executed, and the organization is planning a recovery time objective (RTO) of 1 hour. Assuming the data size meets the requirements for any of the given retrieval options below, which S3 Glacier data retrieval option would you plan in the event of a disaster?

Use Expedited Retrievals with Provisioned Capacity

How can a user host EC2 instances on AWS physical hardware that is completely separate from any other AWS accounts?

Use dedicated instances

You have recently purchased some reserved instances and are unsure if they are being used. Which of the following is a possible way to check this?

Via the Reserved Instance utilization report

Which of the following is a feature available exclusively for Enterprise-level support?

White-glove case routing

Can Amazon RDS manage synchronous data replication across Availability Zones?

Yes

Will I be charged when an Amazon RDS DB instance is idle?

Yes, you will be charged.

Which of the following is true of the security of your origin server in Amazon Cloudfront?

You are responsible for ensuring the security of your origin server.

You have been asked to perform some penetration testing on your company's AWS infrastructure. However, you are not sure who is responsible for this. Which statement describing the AWS policy regarding penetration testing is correct?

You can always perform pentration testing with no prior AWS approval.

Which choice is correct regarding changing the security groups for instances in a VPC?

You can change an instance's security groups anytime after the instance is launched.

What is the meaning of pay-as-you-go, when related to Amazon Web Services?

You have no upfront costs, but rather pay on a monthly basis, based on usage.

What statement about pricing for EC2 On-Demand instances is correct?

You pay only for the time you use instances, with no long-term commitments or up-front payments.

You want to copy an Amazon Machine Image (AMI) to a different region. What should you ensure prior to copying the AMI?

You should ensure that the contents of the source AMI are updated to support running in a different region.

Auto Scaling provides which of the following benefits for your application?

Your application gains better fault tolerance.

In which component do users store data in Amazon Glacier, similar to an S3 bucket?

a vault

MFA is used within IAM to ________.

add an additional level of security when authenticating to your AWS account

By default, the data that is stored on an attached non-root Amazon EBS volume will persist _______.

after an instance is terminated

When you launch an instance using Amazon EC2, you must specify a geographic region in which to launch the instance, and a corresponding ____, which is an isolated location in that region where the physical hardware on which the instance will be launched is located.

availability zone

AWS Lambda provides serverless ____ technology.

backend computing

With AWS Lambda, you pay for ____.

compute time that you consume

Amazon CloudFront is a ________.

content delivery network service

Amazon Glacier is a secure, _____, and extremely low-cost cloud storage service for data archiving and long-term backup.

durable

If data is transferred between EC2 instances in different availability zones, _____.

each instance is charged for its data in and data out

In regards to AWS infrastructure, a(n) ________________ is deployed in highly populated areas to cache data and reduce latency.

edge location

Pricing is ____ consumed for EC2 instances.

either per instance-second or per instance-hour

Lambda functions and ____ are components of AWS Lambda applications.

event sources

Every API request that is captured by CloudTrail is recorded as ______ in a CloudTrail log file.

events

What is NOT a feature of Amazon Inspector?

expandable rules library allowing for custom policy rules

When scaling Amazon EC2 instances ________________, you are increasing or decreasing the number of instances in use.

horizontally

The process of authentication can be categorized into two distinct parts of information ___________________ and ____________________.

identification; verification

Where is an object stored in Amazon S3?

in a Bucket

Which of the following is not a benefit of AWS cloud computing?

increase workload consistency

What is AWS Direct Connect?

is a network service that provides an alternative to using the Internet to utilize AWS cloud services.

You can use AWS KMS customer master keys (CMKs) to encrypt ____ through AWS CloudTrail's server-side encryption, rather than using the default S3-managed keys.

log files

An AWS design best practice is to develop ___________ applications because this allows different parts of the application to be scaled independently of the others depending on demand, throughput, response times, and so on.

loosely-coupled

An organization has setup consolidated billing with 3 different AWS accounts. Which of the below mentioned advantages will organization receive in terms of the AWS pricing?

lower prices for services where volume pricing tiers are available.

What AWS cloud characteristic makes a resource almost immediately available to allocate when and where you need it?

on-demand resourcing

According to Amazon, what two types of use cases does AWS CloudTrail solve by logging API activity?

operational and security

Amazon CloudFront gets your web content from your ______ and serves it to viewers via a world-wide network.

origins

Which choice is a stated benefit of using AWS?

reduced effort to meet compliance requirements

Amazon EC2 can be deployed to multiple physical locations known as __________.

regions and availability zones

The AWS Elastic Load Balancer is a ____.

service providing fault tolerance by distributing incoming traffic across multiple AWS resources

You can use a(n) ____ to launch an Amazon EC2 instance with a configuration that Amazon may not provide itself, but which another developer has created for a specific purpose.

shared AMI

Network Access Control Lists (NACLs) are _______.

stateless

In Amazon EC2, if you no longer wish to be charged for your instance, you must ______ the instance to avoid being billed for additional time.

stop or terminate

Network ACLs in a VPC operate at the ______.

subnet level

At what level can Amazon S3 Access Control Lists (ACLs) be applied?

the bucket and object level

When scaling ________ you are altering the power of an instance, perhaps using one with greater CPU power to scale.

up and down

In order for Amazon Inspector to access your EC2 instances and collect the assessment data, ________.

you have to create an IAM role and associate it with Amazon Inspector


Ensembles d'études connexes

Patho Quiz 8 - Chs. 39, 40, &41:

View Set

Chapter 30. Personalizing the Conversation: Beethoven and the Classical Sonata

View Set

PSY1100 - Ch. 4 - States of Consciousness

View Set

Enzymregulation und Enzymkinetik Antonin | 11.12.17

View Set

FAR Part 4 Module 2 Incorrect(s)/Confusing

View Set

AP GOV UNIT 1 COLLEGE BOARD QUESTIOSN

View Set

Diagnostic Imaging Final Exam Review

View Set

Chapter 23: Occupational Safety and Health Administration (OSHA)

View Set

Chapter 45: Management of Patients with Oral and Esophageal Disorders

View Set