AWS Academy Cloud Foundations Knowledge Check
In the shared responsibility model, AWS is responsible for providing what? (Select the best answer) A. Security in the Cloud B. Security for the Cloud C. Security of the Cloud D. Security to the Cloud
C
What is the pricing model that enables AWS customers to pay on a needed basis? A. Pay as you reserve B. Pay as you decommission C. Pay as you go D. Pay as you buy
C
Where can a customer go to get more details about Amazon Elastic Compute Cloud (Amazon EC2) billing activity that took the place 3 months ago? A. AWS Trusted Advisor dashboard B. Amazon EC2 dashboard C. AWS Cost Explorer D. AWS Cost Explore E. AWS CloudTrail logs stored in Amazon Simple Storage Service (S3)
C
Which of the following are geographic areas that host two or more availability zones? (select the best answer) A. AWS Origins B. Edge locations C. AWS Regions D. Compute Zones
C
AWS Organizations enables you to consolidate multiple AWS accounts so that you centrally manage them. A. True B. False
A
Edge locations are only located in the same general are as regions A. True B. False
B
What are the advantages of cloud computing over computing? A. Void large capital purchases B. Go global in minutes C. Use on-demand capacity D. Increase speed and agility E. all of the above
E
Which of the following is a compute service? (Select the best answer) A. Amazon CloudFront B. Amazon Redshift C. Amazon S3 D. Amazon VPC E. Amazon EC2
E
AWS highly recommends provisioning your compute resources across _______ Availability Zones. A. multiple B. all C. single D. limited
A
AWS offers some services at no charge, such as Amazon Virtual Private Cloud, AWS Identity, and Access Management, Consolidated Billing, AWS Elastic Beanstalk, automatic Scaling, AWS OpsWorks, and AWS CloudFormation. However, you might be charged for other AWS services that you use in conjunction with these services. A. True B. False
A
Availability Zones within a Region are connected through low-latency links. A. True B. False
A
How would a system administrator add an additional layer of login security to a user's AWS management console? A. Enable multi-factor authentication B. User Amazon Cloud Directory C. Audit AWS Identity and Access Management (IAM) roles D. Enable AWS CloudTtrail
A
Networking, storage compute, and databases are examples of service categories that AWS offers. A. True B. False
A
What are the four support plans offered by AWS Support? (select the best answer) A. Basic, Developer, Business, Enterprise B. Free, Bronze, Silver, Gold C. Basic, Startup, Business, Enterprise D. All support is free
A
Which AWS networking service enables a company to create a virtual network within AWS? A.Amazon Virtual Private Cloud (VPC) B. Amazon Route 53 C. AWS Direct Connect D. AWS Config
A
Which of the following should be done by the AWS account root user? (Select the best answer) A. Change the AWS support plan B. Change granular permissions C. Integrate with other AWS services D. Secure access to applications
A
With Amazon Virtual Private Cloud (VPC), what is the maximum size IP address range you can have in a VPC? A. /16 B. /24 C. /30 D. /26
A
With Amazon Virtual Private Cloud (VPC), what is the smallest size subnet you can have in a VPC? A. /28 B. /24 C. /26 D. /30
A
You need to allow resources in a private subnet to access internet. Which of the following must be present to enable this access? A. NAT Gateway B. Network Access List C. Security groups D. Route Table
A
What are benefits of using AWS organizations ? A. Simplifies automating account creation and management by using APIs B. Provides the ability to create groups of accounts and then attach policies to a group C. Provides the ability to create an unlimited number of nested organizational units (OUs) to support your desired structure D. Prevents any restrictions from being put on the root user that is associated with the main organization in an account E. Replaces existing AWS identity and Access Management (IAM) policies with service control policies (SCPs), which are simpler to manage
AB
Which of the following are best practices to secure your account using AWS Identity and Access Management (IAM) (choose two) A. Define fine-grained access rights B. Leave unused and unnecessary users and credentials in place C. Avoid using IAM groups to gran the same access permissions to multiple users D. Manage access to AWS resources E. Provide users with default administrative privileges
AD
Which of these are ways to access AWS core services ? A. AWS Management Console B. Technical support calls C. AWS Marketplace D. AWS Command Line Interface (CLI) E. Software Development Kits (SDKs)
ADE
AWS Key Management Service (KMS) enables you to assess, audit, and evaluate the configurations of your AWS resources A. True B. False
B
After initial login, what does AWS recommend as the best practice for the AWS account root user? A. Revoke all permissions on the AWS account root user B. Delete the access keys of the AWS account root user C. Restrict permission on the AWS account root user D. Delete the AWS account root user
B
Private subnets have direct access to the internet. A. True B. False
B
True or False? AWS owns and maintains the network-connected hardware required for application services, while you provision and use what you need. A. False B. True
B
True or False? Cloud Computing provides a simple way to access servers, storage, databases, and a broad set of application services over the internet. You own the network-connected hardware required for these services and Amazon Web Services provisions what you need. A. True B. False
B
True or false? To receive the discounted rate associated with Reserved Instances, you must make a full, upfront payment for the term of the agreement A. True B. False
B
Unlimited services are available with the AWS Free Tier to new AWS customers for 12 months following their AWS sign-up date. A. True B. False
B
What AWS tool lets your explore AWS services and create an estimate for the cost of your used cases on AWS? (Select the best answer) A. AWS Cost and Usage Report B. AWS Pricing Calculator C. AWS Budgets D. AWS Billing Dashboard
B
What happens when you use Amazon Virtual Private Cloud (VPC) to create a new VPC? A. An internet gateway is created by default B. A main route table is created by default C. Three subnets are created by default: one for each Availability Zone D. Three subnets are created by default in one Availability Zone
B
Which component of AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery? A. AWS Regions B. AWS edge locations C. AWS Availability Zones D. Amazon Virtual Private Cloud (VPC)
B
Which of the following is an optional security control that can be applied at the subnet layer of a VPC A. Firewall B. Network ACL C. Security group D. Web application firewall
B
Which statement is true about the pricing model on AWS? (Select the best answer). A. Outbound charges are free up to a per-account limit. B. Storage is typically charged per gigabyte. C. In most cases, there is a per gigabyte charge for inbound data transfer. D. Compute is typically charged as a monthly fee based on instances type.
B
You are a solutions architect who works at a large retail company that is migrating its existing infrastructure to AWS. You recommend that they use a custom VPC. When you create a VPC, you assign it to an IPv4 Classless Inter-domain Routing (CIDR) block of 10.0.1.0/24 (which has 256 total IP addresses. How many IP addresses are available? A. 246 B. 251 C. 256 D. 250
B
You can run applications and workloads from a Region closer to the end users to ____ latency. A. Increase B. Decrease
B
What is true about regions (choose two) A. They are the physical locations of your customers B. Each Region is located in a separate geographic area C. A region is a physical location that has multiple availability zones D. All Regions are located in one specific geographic area.
BC
In the shared responsibility model, which of the following are examples of "security in the cloud". (choose two) A. Protecting the global infrastructure B. Encryption of data at rest and data in transit C. Physical security of the facilities in which the services operate D. Security group configurations E. Compliance with compute security standards and regulations
BD
When creating an AWS Identity and Access Management (IAM) policy, what are the two types of access that can be granted to a user? (choose two) A. Authorized access B. Programmatic access C. Institutional access D. Administrative root access E. AWS Management Console Access
BE
Which of the following is the responsibility of AWS under the AWS shared responsibility model? (select the best answer) A. Configuring third-party applications B. Managing custom Amazon Machine Images (AMIs) C. Maintaining physical hardware D. Security application access and data
C
Which of these is not a benefit of cloud computing over on-premises computing? A. Trade capital expense for variable expense B. Benefit from massive economies of scale C. Pay for racking, stacking, and powering servers D. Increase speed and agility E. Eliminate guessing on your infrastructure capacity needs
C
Which of these statements about Availability Zones in NOT true. A. Availability Zones are designed for fault isolation B. Availability Zones are connected to each other using high-speed private links. C. A data center can be used for more than one Availability Zones D. Availability Zones are made up of one or more data centers
C
For certain services like Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Relational Database Service (Amazon RDS), you can invest in reserved capacity. What options are available for Reserved Instances? A. DURI B. MURI C. AURI D. NURI E. PURI
CDE
Which of the following can be used to protect Amazon Elastic Compute Cloud (EC2) instance hosted in AWS? A. Internet Gateway B. AMI C. None of these D. Security group
D
Which of these is not a cloud computing model ? A. Platform as a service B. Infrastructure as a service C. Software as a services D. system administration as a service
D
Which of the following are not benefits of AWS Cloud computing? A. Temporary and disposable resources B. Fault-tolerant databases C. High availability D. High Latency E. Multiple procurement cycles
DE
As AWS grows, the cost of doing business is reduced and savings are passed back to the customer with lower pricing. what is this optimization called? (select the best answer) A. EC2 right Sizing B. Matching supply and demand C. Expenditure awareness D. Economies of scale
D
Economics of Scale result from_______ A. having many different cloud providers B. having hundreds of cloud services available over the internet C. having to invest heavily in data centers and servers D. having hundreds of thousands of customers aggregated in the cloud
D
Which Component of the AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery? (select the best answer) A. AWS Regions B. AWS Availability Zones C. Amazon Virtual Private Cloud (Amazon VPC) D. AWS edge locations
D
________ means the infrastructure has build-in component redundancy and _______ means that resources dynamically adjust to increases or decreases in capacity requirements. A. Fault tolerant, no human intervention B. Elastic and scalable, no human intervention C. Elastic and scalable, fault tolerant D. No human intervention, fault tolerant E. Fault tolerant, elastic and scalableB
E