AWS Certified Cloud Practitioner Study Guide
Question 2 Which of the following services uses AWS edge locations? A. Amazon Virtual Private Cloud (Amazon VPC) B. Amazon CloudFront C. Amazon Elastic Compute Cloud (Amazon EC2) D. AWS Storage Gateway
Amazon CloudFront
Question 1 Which AWS services can be used to store files? Choose 2 answers from the options given below A. Amazon CloudWatch B. Amazon Simple Storage Service (Amazon S3) C. Amazon Elastic Block Store (Amazon EBS) D. AWS Config E. Amazon Athena
Amazon Simple Storage Service (Amazon S3)
Question 71 Your company is planning on moving to the AWS Cloud. Once the movement to the Cloud is complete, they want to ensure that the right security settings are put in place. Which of the below tools can assist with security compliance. Choose 2 answers from the options given below: A. AWS Inspector B. AWS Trusted Advisor C. AWS Support D. AWS Kinesis
Answer: A. AWS Inspector B. AWS Trusted Advisor
Question 38 You are developing and planning on deploying an application onto the AWS Cloud. This application needs to be PCI Compliantr. Which of the below steps would you carry out to ensure the compliance is met for the application. Choose 2 answers from the following: A. Choose AWS services which are PCI Compliant B. Ensure the right steps are taken during application development for PCI Compliance C. Ensure the AWS Services are made PCI Compliant D. Do an audit after the deployment of the application for PCI Compliance
Answer: A. Choose AWS services which are PCI Compliant B. Ensure the right steps are taken during application development for PCI Compliance
Question 53 Which of the following statements are TRUE when it comes to elasticity. Choose 2 answers from the options given below: A. Diverting traffic to instances based on the demand B. Diverting traffic to instances with the least load C. Diverting traffic across multiple regions D. Diverting traffic to instances with higher capacity
Answer: A. Diverting traffic to instances based on the demand B. Diverting traffic to instances with the least load
Question 36 Which of the following can be used to protect EC2 Instances hosted in AWS? Choose 2 answers from the options given below: A. Usage of Security Groups B. Usage of AMI's C. Usage of Network Access Control Lists D. Usage of the Internet gateway
Answer: A. Usage of Security Groups C. Usage of Network Access Control Lists
Question 13 Where can a customer go to get more detail about Amazon Elastic Compute Cloud (Amazon EC2) billing activity that took place 3 month ago? A. Amazon EC2 dashboard B. AWS Cost and Usage reports C. AWS Trusted Advisor dashboard D. AWS Cloud Trail logs stored in Amazon Simple Storage Service (Amazon S3)
Answer: B. AWS Cost and Usage reports
Question 47 Which of the following are advantages of having infrastructure hosted on the AWS Cloud? Choose 2 answers from the options given below. A. Having complete control over the physical infrastructure B. Having the pay as you go model C. No upfront costs D. Having no need to worry about security
Answer: B. Having the pay as you go model C. No upfront costs
Question 80 Which of the following is the responsibility of AWS according to the Shared Security Model? Choose 3 answers from the options given below: A. Managing AWS Identity and Access Management (IAM) B. Securing edge locations C. Monitoring physical device security D. Implementing service organization Control (SOC) standards
Answer: B. Securing edge locations C. Monitoring physical device security D. Implementing service organization Control (SOC) standards
Question 34 What best describes the "Principal of Least Privilege"? Choose the correct answer from the options given below A. All users should have the same baseline permissions granted to them to use basic AWS services B. Users should be granted permission to access only resources they need to do their assigned job C. Users should submit all access requests in writing so that there is a paper trail of who needs access to different AWS resources D. Users should always have a little more access granted to them then they need, just in case they end up needed it in the future
Answer: B. Users should be granted permission to access only resources they need to do their assigned job
Question 85 Which of the following security requirements are managed by AWS? Select 3 answers from the options given below: A. Password Policies B. User permissions C. Physical security D. Disk disposal E. Hardware patching
Answer: C. Physical security D. Disk disposal E. Hardware patching
Question 73 Which of the following services can provide a complete audit trail of all AWS services used within an account? A. AWS Trusted Advisor B. Amazon EC2 instance usage report C. Amazon CloudWatch D. AWS Cloud Trail logs
Answer: D. AWS Cloud Trail logs
Question 44 There is a requirement to host a database server for a minimum period of one year. Which of the following would result in the least cost? A. Spot Instances B. On-Demand C. No Upfront costs Reserved D. Partial Upfront costs Reserved
Answer: D. Partial Upfront costs Reserved
Question 95 Which of the following is a fully managed NoSQL database service available in AWS? A. AWS DynamoDB B. AWS RDS C. AWS Redshift D. AWS MongoDB
Answer: A. AWS DynamoDB
Question 91 Which AWS Cloud service helps in quick deployment of resources which can make use of different programming languages such as .Net and Java? A. AWS Elastic Beanstalk B. AWS Elastic Compute Cloud (Amazon EC2) C. AWS VPC D. AWS SQS
Answer: A. AWS Elastic Beanstalk
Question 39 Which of the below can be used to get data onto Amazon Glacier? Choose 3 answers from the options given below: A. AWS Glacier API B. AWS Console C. AWS Glacier SDK D. AWS S3 Lifecycle policies
Answer: A. AWS Glacier API, C. AWS Glacier SDK, D. AWS S3 Lifecycle policies
Question 23 Which AWS Cloud service is used to turn on Multi-Factor Authentication (MFA)? A. AWS Identity and Access Management (IAM) B. Amazon Elastic Compute Cloud (Amazon EC2) C. AWS Config D. Amazon Inspector
Answer: A. AWS Identity and Access Management (IAM)
Question 20 What AWS feature enables a user to manage services through a web-based user interface? A. AWS Management Console B. AWS Application Programming Interface (API) C. AWS Software Development Kit (SDK) D. Amazon CloudWatch
Answer: A. AWS Management Console
Question 88 Which of the following needs a user name and password to access AWS resources? A. AWS Management Console B. AWS Application Programming Interface (API) C. AWS Software Development Kit (SDK) D. AWS CLI
Answer: A. AWS Management Console
Question 58 Which of the following can be used to call AWS services from programming languages? A. AWS SDK B. AWS Console C. AWS CLI D. AWS IAM
Answer: A. AWS SDK
Question 56 Which of the following is used to derive the costs for moving artefacts from on-premise to AWS? A. AWS TCO calculator B. AWS Config C. AWS Cost Explorer D. AWS Consolidating billing
Answer: A. AWS TCO calculator
Question 89 Your company is planning to use the AWS Cloud, but there is a management decision that resources need to split department-wise, and the decision is tending towards managing multiple AWS accounts. Which of the following would help in effective management, and also provide an efficient costing model? A. AWS organizations B. Amazon Dev Pay C. AWS Trusted Advisor D. AWS Cost Explorer
Answer: A. AWS organizations
Question 11 Which AWS service automates infrastructure provisioning and administrative tasks for an analytical data warehouse? A. Amazon Redshift B. Amazon DynamoDB C. Amazon ElastiCache D. Amazon Aurora
Answer: A. Amazon Redshift
Question 79 Which of the following services is a fully managed, petabyte-scale data warehouse service in the AWS cloud? A. Amazon Redshift B. Amazon DynamoDB C. Amazon ElastiCache D. Amazon Aurora
Answer: A. Amazon Redshift
Question 7 Which service should an administrator use to register a new domain name with AWS? A. Amazon Route 53 B. Amazon Cloud Fron C. Elastic Load Balancing D. Amazon Virtual Private Cloud (Amazon VPC)
Answer: A. Amazon Route 53
Question 74 Which of the following service is most useful when a Disaster Recovery method is triggered in AWS? A. Amazon Route 53 B. Amazon SNS C. Amazon SQS D. Amazon Inspector
Answer: A. Amazon Route 53
Question 43 There is a requirement for storage of objects. The objects should be able to be downloaded via a URL. Which storage option would you choose? A. Amazon S3 B. Amazon Glacier C. Amazon Storage Gateway D. Amazon EBS
Answer: A. Amazon S3
Question 22 How can the AWS Management Console be secured against unauthorized access? A. Apply Multi-Factor Authentication (MFA) B. Set up a secondary password C. Request root access privileges D. Disable AWS console access
Answer: A. Apply Multi-Factor Authentication (MFA)
Question 52 Which of the following is a compatible MySQL database which also can grow in storage size on its own? A. Aurora B. DynamoDB C. RDS Microsoft SQL Server D. RDS MySQL
Answer: A. Aurora
Question 76 When designing a system, you use the principle of "design for failure and nothing will fail". Which of the following services/features of AWS can assist in supporting this design principle? Choose 3 answers from the options given below: A. Availability Zones B. Regions C. Elastic Load Balancer D. Pay as you go
Answer: A. Availability Zones, B. Regions, C. Elastic Load Balancer
Question 8 What is the value of having AWS Cloud services accessible through an Application Programming Interface (API)? A. Cloud resources can be managed programmatically B. AWS infrastructure use will always be cost-optimized C. All application testing is managed by AWS D. Customer-owned, on-premises infrastructure becomes programmable
Answer: A. Cloud resources can be managed programmatically
Question 61 Which of the following helps in DDos protection? Choose 2 answers from the options given below A. CloudFront B. AWS Shield C. AWS EC2 D. AWS Config
Answer: A. CloudFront, B. AWS Shield
Question 60 Which of the following are 2 ways AWS provides to link accounts? A. Consolidated Billing B. AWS Organizations C. Cost Explorer D. IAM
Answer: A. Consolidating billing, B. AWS Organizations
Question 46 When creating security groups, which of the following is a responsibility of the customer? Choose 2 answers from the options given below: A. Giving a name and description for the security group B. Defining the rules as per the customer requirements. C. Ensure the rules are applied immediately D. Ensure the security groups are linked to the Elastic Network interface
Answer: A. Giving a name and description for the security group, B. Defining the rules as per the customer requirements.
Question 12 Which of the following is the responsibility of the AWS customer according to the Shared Security Model? A. Managing AWS Identity and Access Management (IAM) B. Securing edge locations C. Monitoring physical device security D. Implementing service organization Control (SOC) standards
Answer: A. Managing AWS Identity and Access Management (IAM)
Question 90 Which of the following can be used as an additional layer of security in addition to using a user name and password when logging into the AWS Console? A. Multi-Factor Authentication (MFA) B. Secondary password C. Root access privileges D. Secondary user name
Answer: A. Multi-Factor Authentication (MFA)
Question 17 Which of the following security requirements are managed by AWS customers? Select 2 answers from the options given below. A. Password Policies B. User permissions C. Physical security D. Disk disposal E. Hardware patching
Answer: A. Password Policies, B. User Permissions
Question 29 You are currently hosting an infrastructure and most of the EC2 instances are near 90 - 100% utilized. What is the type of EC2 instances you would utilize to ensure costs are minimized? A. Reserved instances B. On-demand instances C. Spot instances D. Regular instances
Answer: A. Reserved instances
Question 97 If there is a requirement to host EC2 Instances in the AWS Cloud wherein the utilization is guaranteed to be consistent for a long period of time, which of the following would you utilize to ensure costs are minimized? A. Reserved instances B. On-demand instances C. Spot instances D. Regular instances
Answer: A. Reserved instances
Question 25 Which of the following is a factor when calculating Total Cost of Ownership (TCO) for the AWS Cloud? A. The number of servers migrated to AWS B. The number of users migrated to AWS C. The number of passwords migrated to AWS D. The number of keys migrated to AWS
Answer: A. The number of servers migrated to AWS
Question 54 Which of the following is the concept of the Elastic load balancer? A. To distribute traffic to multiple EC2 Instances B. To scale up EC2 Instances C. To distribute traffic to AWS resources across multiple regions D. To increase the size of the EC2 Instance based on demand
Answer: A. To distribute traffic to multiple EC2 Instances
Question 55 Which of the following is the concept of Auto Scaling? A. To scale up resources based on demand B. To distribute traffic to multiple EC2 Instances C. To distribute traffic to AWS resources across multiple regions D. To increase the size of the EC2 Instance based on demand
Answer: A. To scale up resources based on demand
Question 78 You have a DevOps team in your current organization structure. They are keen to know if there is any service available in AWS which can be used to manage infrastructure as code. Which of the following can be met with such a requirement? A. Using AWS CloudFormation B. Using AWS Config C. Using AWS Inspector D. Using AWS Trusted Advisor
Answer: A. Using AWS CloudFormation
Question 15 The main benefit of decoupling an application is to: A. Create a tightly integrated application B. Reduce inter-dependencies so failures do not impact other components C. Enable data synchronization across the web application layer D. Have the ability to execute automated bootstrapping actions
Answer: B reduce inter-dependencies so failures do not impact other components
Question 14 Who has control of the data in an AWS account? A. AWS Support Team B. AWS Account Owner C. AWS Security Team D. AWS Technical Account Manager (TAM)
Answer: B. AWS Account Owner
Question 82 By default, who from the below roles has complete administrative control over all resources in the respective AWS account? A. AWS Support Team B. AWS Account Owner C. AWS Security Team D. AWS Technical Account Manager (TAM)
Answer: B. AWS Account Owner
Question 48 There is an external audit being carried out on your company. The IT auditor needs to have a log of all access to the AWS resources in the company's account. Which of the below services can assist in providing these details? A. AWS CloudWatch B. AWS CloudTrail C. AWS EC2 D. AWS SNS
Answer: B. AWS CloudTrail
Question 27 Which of the following is a fully managed NoSQL database service available with AWS? A. AWS RDS B. AWS DynamoDB C. AWS Redshift D. AWS MongoDB
Answer: B. AWS DynamoDB
Question 24 A disaster recovery strategy on AWS should be based on launching infrastructure in a separate: A. Subnet B. AWS Region C. AWS edge location D. Amazon Virtual Private Cloud (Amazon VPC)
Answer: B. AWS Region
Question 67 Which of the following networking component can be used to host EC2 resources in the AWS Cloud? A. AWS Trusted Advisor B. AWS VPC C. AWS Elastic Load Balancer D. AWS Autoscaling
Answer: B. AWS VPC
Question 62 Which of the following services can be used as a web application firewall in AWS? A. AWS EC2 B. AWS WAF C. AWS Firewall D. AWS Protection
Answer: B. AWS WAF
Question 66 Which of the following can be attached to EC2 Instances to store data? A. Amazon Glacier B. Amazon EBS Volumes C. Amazon EBS Snapshots D. Amazon SQS
Answer: B. Amazon EBS Volumes
Question 28 A company wants to store data that is not frequently accessed. What is the best and cost-efficient solution that should be considered? A. Amazon Storage Gateway B. Amazon Glacier C. Amazon EBS D. Amazon S3
Answer: B. Amazon Glacier
Question 96 Which of the following storage options is best when you want to store archive data? A. Amazon Storage Gateway B. Amazon Glacier C. Amazon EBS D. Amazon S3
Answer: B. Amazon Glacier
Question 100 A company is deploying a two-tier, highly available web application to AWS. The application needs a storage layer to store artifacts such as photos and videos. Which of the following services can be used as the underlying storage mechanism? A. Amazon EBS volume B. Amazon S3 C. Amazon EC2 instance store D. Amazon RDS instance
Answer: B. Amazon S3
Question 33 A company is deploying a two-tier, highly available web application to AWS. Which service provides durable storage for static content while utilizing lower Overall CPU resources for the web tier? A. Amazon EBS volume B. Amazon S3 C. Amazon EC2 instance store D. Amazon RDS instance
Answer: B. Amazon S3
Question 81 Your company has just started using the resources on the AWS Cloud. They want to get an idea on the costs being incurred so far for the resources being used. How can this be achieved? A. By going to the Amazon EC2 dashboard. Here you can see the costs of the running EC2 resources. B. By using the AWS Cost and Usage reports Explorer. Here you can see the running and forecast costs. C. By using the AWS Trusted Advisor dashboard. This dashboard will give you all the costs. D. By seeing the AWS Cloud Trail logs.
Answer: B. By using the AWS Cost and Usage reports Explorer. Here you can see the running and forecast costs.
Question 18 Systems applying the cloud architecture principle of elasticity will: A. Minimize storage requirements by reducing logging and auditing activities B. Create systems that scale to the required capacity based on changes in demand C. Enable AWS to automatically select the most cost-effective services D. Accelerate the design process because recovery from failure is automated, reducing the need for testing
Answer: B. Create systems that scale to the required capacity based on changes in demand
Question 57 Which of the following is the responsibility of the customer when ensuring that data on EBS volumes is left safe? A. Deleting the data when the device is destroyed B. Creating EBS snapshots C. Attaching volumes to EC2 Instances D. Creating copies of EBS Volumes
Answer: B. Creating EBS snapshots
Question 49 Which of the following features of RDS allows for data redundancy across regions? A. Cross region replication B. Creating Read Replica's C. Using snapshots D. Using Multi-AZ feature
Answer: B. Creating Read Replica's
Question 83 Your design team is planning to design an application that will be hosted on the AWS Cloud. One of their main non-functional requirements is given below. Reduce inter-dependencies so failures do not impact other components. Which of the following concepts does this requirement relate to? A. Integration B. Decoupling C. Aggregation D. Segregation
Answer: B. Decoupling
Question 92 Your company handles a crucial ecommerce application. This application needs to have an uptime of at least 99.5%. There is a decision to move the application to the AWS Cloud. Which of the following deployment strategies can help build a robust architecture for such an application? A. Deploying the application across multiple VPC's B. Deploying the application across multiple Regions C. Deploying the application across Edge locations D. Deploying the application across multiple subnets
Answer: B. Deploying the application across multiple Regions
Question 86 Which of the following terms relate to "creating systems that scale to the required capacity based on changes in demand"? A. Disaster Recovery B. Elasticity C. Decoupling D. Aggregation
Answer: B. Elasticity
Question 99 Which of the following is not a category recommendation given by the AWS Trusted Advisor? A. Security B. High Availability C. Cost Optimization D. Performance E. Fault tolerance
Answer: B. High Availability
Question 59 Which of the following is the secure way of using AWS API to call AWS services from EC2 Instances? A. IAM Users B. IAM Roles C. IAM Groups D. IAM policies
Answer: B. IAM Roles
Question 45 There is a requirement for a development and test environment for 3 months. Which would you use? A. Spot Instances B. On-Demand C. No Upfront costs Reserved D. Partial Upfront costs Reserved
Answer: B. On-Demand
Which of the following is a benefit of Amazon Elastic Compute Cloud (Amazon EC2) over physical servers? A. Automated backup B. Paying only for what you use C. The ability to choose hardware vendors D. Root /administrator access
Answer: B. Paying only for what you use
Question 87 Your company is planning to offload some of the batch processing workloads on to AWS. These jobs can be interrupted and resumed at any time. Which of the following instance types would be the most cost effective to use for this purpose? A. On-Demand B. Spot C. Full Upfront Reserved D. Partial Upfront Reserved
Answer: B. Spot
Question 93 Which of the following initiatives from AWS helps organizations reduce the overall expenditure for IT companies when they host resources on the AWS Cloud? A. They decommission older hardware B. They continually reduce the cost of cloud computing C. They use better security mechanisms, so you don't need to think about security at all D. They allow deployment of multiple resources
Answer: B. They continually reduce the cost of cloud computing
Question 64 Which of the following disaster recovery deployment mechanisms that has the lowest downtime? A. Pilot light B. Warm standby C. Backup Restore D. DevOps
Answer: B. Warm standby
Question 19 Amazon Elastic Compute Cloud (Amazon EC2) Spot instances are appropriate for which of the following workloads? A. Workloads that are only run in the morning and stopped at night B. Workloads where the availability of the Amazon EC2 instances can be flexible C. Workloads that need to run for long periods of time without interruption D. Workloads that are critical and need Amazon EC2 instances with termination protection
Answer: B. Workloads where the availability of the Amazon EC2 instances can be flexible
Question 26 Which AWS service is used to as a global content delivery network (CDN) service in AWS? A. Amazon SES B. Amazon CloudTrail C. Amazon CloudFront D. Amazon S3
Answer: C Amazon CloudFront
Question 75 Which of the following can be used to work with AWS services in a programmatic manner? A. AWS PowerShell B. AWS Bash C. AWS CLI D. AWS Console
Answer: C. AWS CLI
Question 98 Which of the following services helps provide a dedicate connection from on-premise infrastructure to resources hosted in the AWS Cloud? A. AWS VPC B. AWS VPN C. AWS Direct Connect D. AWS Subnets
Answer: C. AWS Direct Connect
Question 35 Which of the below mentioned services can be used to host virtual servers in the AWS Cloud? A. AWS IAM B. AWS Server C. AWS EC2 D. AWS Regions
Answer: C. AWS EC2
Question 4 Which AWS service provides infrastructure security optimization recommendations? A. AWS Price List Application Programming Interface (API) B. Reserved Instances C. AWS Trusted Advisor D. Amazon Elastic Compute Cloud (Amazon EC2) SpotFleet
Answer: C. AWS Trusted Advisor
Question 94 You are planning on deploying a video-based application onto the AWS Cloud. These videos will be accessed by users across the world. Which of the below services can help stream the content in an efficient manner to the users across the globe? A. Amazon SES B. Amazon CloudTrail C. Amazon CloudFront D. Amazon S3
Answer: C. Amazon CloudFront
Question 5 Which service allows for the collection and tracking of metrics for AWS services? A. Amazon CloudFront B. Amazon CloudSearch C. Amazon CloudWatch D. Amazon Machine Learning (Amazon ML)
Answer: C. Amazon CloudWatch
Question 72 There is a requirement to collect important metrics from AWS RDS and EC2 Instances. Which of the following services can help fulfil this requirement? A. Amazon CloudFront B. Amazon CloudSearch C. Amazon CloudWatch D. Amazon Config
Answer: C. Amazon CloudWatch
Question 37 You work for a company that is planning on using the AWS EC2 service. They currently create golden images of their deployed operating system. Which of the following correspond to a golden image in AWS? A. EBS Volumes B. EBS Snapshots C. Amazon Machines Images D. EC2 Copies
Answer: C. Amazon Machines Images
Question 65 Which of the following services in AWS allows for object level storage on the cloud? A. Amazon EBS B. Amazon Storage gateway C. Amazon S3 D. Amazon SQS
Answer: C. Amazon S3
Question 9 Which of the following examples supports the cloud design principle "design for failure and nothing will fail''? A. Adding an elastic load balancer in front of a single Amazon Elastic Compute Cloud (Amazon EC2) instance B. Creating and deploying the most cost-effective solution C. Deploying an application in multiple Availability Zones D. Using Amazon CloudWatch alerts to monitor performance
Answer: C. Deploying an application in multiple Availability Zones
Question 84 Which of the following can be used to increase the fault tolerance of an application? A. Deploying resources across multiple edge locations B. Deploying resources across multiple VPC's C. Deploying resources across multiple Availability Zones D. Deploying resources across multiple AWS Accounts
Answer: C. Deploying resources across multiple Availability Zones
Question 42 Which of the following is NOT a feature of an edge location do? A. Distribute content to users B. Cache common responses C. Distribute load across multiple resources D. Used in conjunction with the CloudFront service
Answer: C. Distribute load across multiple resources
Question 51 A company wants to host a self-managed database in AWS. How would you ideally implement this solution? A. Using the AWS DynamoDB service B. Using the AWS RDS service C. Hosting a database on an EC2 Instance D. Using the Amazon Aurora service
Answer: C. Hosting a database on an EC2 Instance
Question 50 Your company has a set of EC2 Instances hosted in AWS. There is a requirement to create snapshots from the EBS volumes attached to these EC2 Instances in another geographical location. As per this requirement, where would you create the snapshots? A. In another Availability Zone B. In another data center C. In another Region D. In another Edge location
Answer: C. In another Region
Question 32 The Trusted Advisor service provides insight regarding which four categories of an AWS account? A. Security, fault tolerance, high availability, and connectivity B. Security, access control, high availability, and performance C. Performance, cost optimization, security, and fault tolerance D. Performance, cost optimization, access control, and connectivity
Answer: C. Performance, cost optimization, security, and fault tolerance
Question 70 Your company is planning to move to the AWS Cloud. You need to give a presentation on the cost perspective when moving existing resources to the AWS Cloud. When it comes to Amazon EC2, which of the following is an advantage when it comes to the cost perspective? A. Having the ability of automated backups of the EC2 instance, so that you don't need to worry about the maintenance costs. B. The ability to choose low cost AMI's to prepare the EC2 Instances C. The ability to only pay for what you use D. Ability to tag instances to reduce the overall cost
Answer: C. The ability to only pay for what you use
Question 30 What is the ability provided by AWS to enable fast, easy, and secure transfers of files over long distances between your client and your Amazon S3 bucket? A. File Transfer B. HTTP Transfer C. Transfer Acceleration D. S3 Acceleration
Answer: C. Transfer Acceleration
Question 6 A company needs to know which user was responsible for terminating several critical Amazon Elastic Compute Cloud (Amazon EC2) Instances. Where can the customer find this information? A. AWS Trusted Advisor B. Amazon EC2 instance usage report C. Amazon CloudWatch D. AWS CloudTrail logs
Answer: D. AWS CloudTrail logs
Question 21 Which tool can display the distribution of AWS spending? A. AWS organizations B. Amazon Dev Pay C. AWS Trusted Advisor D. AWS Cost Explorer
Answer: D. AWS Cost Explorer
Question 10 Which service allows an administrator to create and modify AWS user permissions? A. AWS Config B. AWS Cloud Trail C. AWS Key Management Service (AWS KMS) D. AWS Identity and Access Management (IAM)
Answer: D. AWS Identity and Access Management (IAM)
Question 77 Currently your organization has an operational team that takes care of ID management in their on-premise data center. They now also need to manage users and groups created in AWS. Which of the following AWS tools would they need to use for performing this management function? A. AWS Config B. AWS Cloud Trail C. AWS Key Management Service (AWS KMS) D. AWS Identity and Access Management (IAM)
Answer: D. AWS Identity and Access Management (IAM)
Question 68 Your company is planning to host resources in the AWS Cloud. They want to use services which can be used to decouple resources hosted on the cloud. Which of the following services can help fulfil this requirement? A. AWS EBS Volumes B. AWS EBS Snapshots C. AWS Glacier D. AWS SQS
Answer: D. AWS SQS
Question 69 Which of the following components of the CloudFront service can be used to distribute contents to users across the globe? A. Amazon VPC B. Amazon Regions C. Amazon Availability Zones D. Amazon Edge locations
Answer: D. Amazon Edge locations
Question 40 Which of the following in the AWS Support plans gives access to a Support Concierge? A. Basic B. Developer C. Business D. Enterprise
Answer: D. Enterprise
Question 41 A company is planning to use AWS to host critical resources. Most of their systems are business critical and need to have response times less than 15 minutes. Which of the following support plans should they consider? A. Basic B. Developer C. Business D. Enterprise
Answer: D. Enterprise
Question 16 Which of the following is a benefit of running an application across two Availability Zones? A. Performance is improved over running in a single Availability Zone. B. It is more secure than running in a single Availability Zone. C. It significantly reduces the total cost of ownership versus running in a single Availability Zone. D. It increases the availability of an application compared to running in a single Availability Zone.
Answer: D. It increases the availability of an application compared to running in a single Availability Zone.
Question 31 As per the AWS Acceptable Use Policy, penetration testing of EC2 instances: A. May be performed by AWS and will be performed by AWS upon customer request B. May be performed by AWS and is periodically performed by AWS C. Are expressly prohibited under all circumstances D. May be performed by the customer on their own instances with prior authorization from AWS E. May be performed by the customer on their own instances, only if performed from EC2 instances
Answer: D. May be performed by the customer on their own instances with prior authorization from AWS
Question 63 You want to add an extra layer of protection to the current authentication mechanism of user names and passwords for AWS. Which of the following can help in this regard? A. Using Password Policies B. Using a mix of user names C. Using AWS WAF D. Using MFA
Answer: D. Using MFA
