AWS Cloud Practitioner Exam - Official Practice Sets
Which service would be used to send alerts based on Amazon CloudWatch alarms? A) Amazon Simple Notification Service (Amazon SNS) B) AWS CloudTrail C) AWS Trusted Advisor D) Amazon Route 53
A - Amazon SNS and Amazon CloudWatch are integrated so users can collect, view, and analyze metrics for every active SNS. Once users have configured CloudWatch for Amazon SNS, they can gain better insight into the performance of their Amazon SNS topics, push notifications, and SMS deliveries.
What happens when you use Amazon Virtual Private Cloud (Amazon VPC) to create a new VPC? A. A main route table is created by default B. Three subnets are created by default in one Availability Zone C. An internet gateway is created by default. D. Three subnets are created by default: one for each Availability Zone
A. A main route table is created by default
For certain services like Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Relational Database Service (Amazon RDS), you can invest in reserved capacity. What options are available for Reserved Instances? A. AURI B. MURI C. NURI D. PURI E. DURI
A. AURI - All Up-front Reserve Instances C. NURI - No Up-front Reserve Instances D. PURI - Partial Up-front Reserve Instances
Which AWS services or features support data replication across AWS Regions? (Select TWO.) A. Amazon S3 B. Amazon Elastic Block Store (Amazon EBS) C. Amazon EC2 instance store D. AWS Storage Gateway E. Amazon RDS
A. Amazon S3 supports Cross-Region Replication. With Cross-Region Replication, you designate a destination S3 bucket in another Region. When Cross-Region Replication is turned on, any new object that is uploaded will be replicated to the destination S3 bucket. E. You can use Amazon RDS to host relational databases on AWS. One RDS DB instance resides in a single Region. With Amazon RDS, you can create read replicas across Regions. Amazon RDS replicates any data from the primary DB instance to the read replica across Regions.
Which AWS networking service enables a company to create a virtual network within AWS? A. Amazon Virtual Private Cloud (Amazon VPC) B. AWS Direct Connect C. AWS Config D. Amazon Route 53
A. Amazon Virtual Private Cloud (Amazon VPC)
What are the four support plans offered by AWS Support? A. Basic, Developer, Business, Enterprise B. Basic, Startup, Business, Enterprise C. Free, Bronze, Silver, Gold D. All support is free
A. Basic, Developer, Business, Enterprise
A company needs to monitor and receive alerts about AWS Management Console sign-in events that involve the AWS account root user. Which AWS service can the company use to meet these requirements? A. Amazon CloudWatch B. AWS Config C. AWS Trusted Advisor D. AWS Identity and Access Management (IAM)
A. CloudWatch monitors your AWS resources and the applications that you run on AWS in real time. You can use CloudWatch to monitor and receive alerts about console sign-in events that involve the AWS account root user.
Which of the following is an advantage of consolidated billing on AWS? A. Volume pricing qualification B. Shared access permissions C. Multiple bills for each account D. Elimination of the need to tag resources
A. Consolidated billing is a feature of AWS Organizations. You can combine the usage across all accounts in your organization to share volume pricing discounts, Reserved Instance discounts, and Savings Plans. This solution can result in a lower charge compared to the use of individual standalone accounts.
Which of the following are features of Amazon Elastic Block Store (Amazon EBS)? (Choose two) A. Data stored on Amazon EBS is automatically replicated within an Availability Zone. B. Amazon EBS volumes can be encrypted transparently to workloads on the attached instance C. Amazon EBS data is automatically backed up to tape. D. Data on an Amazon EBS volume is lost when the attached instance is stopped
A. Data stored on Amazon EBS is automatically replicated within an Availability Zone. B. Amazon EBS volumes can be encrypted transparently to workloads on the attached instance
A company has an application server that runs on an Amazon EC2 instance. The application server needs to access contents within a private Amazon S3 bucket. What is the recommended approach to meet this requirement? A. Create an IAM role with the appropriate permissions. Associate the role with the EC2 instance. B. Configure a VPC peering connection to allow private communication between the EC2 instance and the S3 bucket C. Create a shared access key. Configure the EC2 instance to use the hardcoded key. D. Configure the application to read an access key from a secured source.
A. IAM roles are temporary credentials that expire. IAM roles are more secure than long-term access keys because they reduce risk if credentials are accidentally exposed.
Which of the following are NOT benefits of AWS Cloud computing? (Choose two) A. Multiple procurement cycles B. High availability C. High latency D. Temporary and disposable resources E. Fault-tolerant databases
A. Multiple procurement cycles C. High latency
Which of the following can be used as a storage class for an S3 object lifecycle policy? (Choose three) A. S3 - Standard Access B. AWS Storage Gateway C. S3 - Infrequent Access D. Simple Storage Service Glacier E. S3 - Reduced Redundancy Storage F. Amazon Dynamo DB
A. S3 - Standard Access C. S3 - Infrequent Access D. Simple Storage Service Glacier
In the shared responsibility model, AWS is responsible for providing what? A. Security of the cloud B. Security to the cloud C. Security for the cloud D. Security in the cloud
A. Security of the cloud
What AWS tool lets you explore AWS services and create an estimate for the cost of your use cases on AWS? A. AWS Pricing Calculator B. AWS Budgets C. AWS Cost and Usage Report D. AWS Billing Dashboard
A. The AWS Pricing Calculator lets you model your solutions before building them, explore the price points and calculations behind your estimate, and find the available instance types and contract terms that meet your needs.
Which of the following are advantages of the AWS Cloud? (Select TWO.) A. AWS manages the maintenance of the cloud infrastructure B. AWS manages the security of applications built on AWS. C. AWS manages capacity planning for physical servers. D. AWS manages the development of applications on AWS. E. AWS manages cost planning for virtual servers.
A. This solution is an example of security "of" the cloud. AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services. C. This solution is an example of security "of" the cloud. Capacity planning of the cloud is an inherited control from AWS. AWS purchases additional servers as needed, based on overall customer demand.
9. True or False? When you create a bucket in Amazon S3, it is associated with a specific AWS Region. A. True B. False
A. True
True or False? Amazon Simple Storage Service (Amazon S3) is an object storage suitable for the storage of flat files like Microsoft Word documents, photos, etc. A. True B. False
A. True
True or False? Availability Zones within a Region are connected through low-latency links A. True B. False
A. True
True or False? Networking, storage, compute, and databases are examples of service categories that AWS offers. A. True B. False
A. True
Which recommendations are included in the AWS Trusted Advisor checks? (Select TWO.) A. Amazon S3 bucket permissions B. AWS service outages for services C. Multi-factor authentication (MFA) use on the AWS account root user D. Available software patches for Amazon EC2 instances E. Number of users in the account
A. Trusted Advisor checks for S3 bucket permissions in Amazon S3 with open access permissions. Bucket permissions that grant list access to everyone can result in higher than expected charges if objects in the bucket are listed by unintended users at a high frequency. Bucket permissions that grant upload and delete access to all users create potential security vulnerabilities by allowing anyone to add, modify, or remove items in a bucket. This Trusted Advisor check examines explicit bucket permissions and associated bucket policies that might override the bucket permissions. C. Trusted Advisor checks the root account and warns if MFA is not enabled.
A company requires physical isolation of its Amazon EC2 instances from the instances of other customers. Which instance purchasing option meets this requirement? A. Dedicated Hosts B. Reserved Instances C. On-Demand Instances D. Spot Instances
A. With Dedicated Hosts, a physical server is dedicated for your use. Dedicated Hosts provide visibility and the option to control how you place your instances on an isolated, physical server.
The name of an S3 bucket must be unique ______. A. worldwide across all AWS accounts B. within a Region C. across all your AWS accounts D. within your AWS account
A. worldwide across all AWS accounts
Which service can identify the user that made the API call when an Amazon EC2 instance is terminated? A) AWS Trusted Advisor B) AWS CloudTrail C) AWS X-Ray D) AWS Identity and Access Management (AWS IAM)
B - AWS CloudTrail helps users enable governance, compliance, and operational and risk auditing of their AWS accounts. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface (CLI), and AWS SDKs and APIs.
Which AWS service would simplify the migration of a database to AWS? A) AWS Storage Gateway B) AWS Database Migration Service (AWS DMS) C) Amazon EC2 D) Amazon AppStream 2.0
B - AWS DMS helps users migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. AWS DMS can migrate data to and from most widely used commercial and open-source databases.
Which of the following is an AWS responsibility under the AWS shared responsibility model? A) Configuring third-party applications B) Maintaining physical hardware C) Securing application access and data D) Managing guest operating systems
B - Maintaining physical hardware is an AWS responsibility under the AWS shared responsibility model.
Which component of the AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? A) AWS Regions B) Edge locations C) Availability Zones D) Virtual Private Cloud (VPC)
B - To deliver content to users with lower latency, Amazon CloudFront uses a global network of points of presence (edge locations and regional edge caches) worldwide.
With Amazon Virtual Private Cloud (Amazon VPC), what is the maximum size IP address range you can have in a VPC? A. /30 B. /16 C. /24 D. /28
B. /16
You are a solutions architect who works at a large retail company that is migrating its existing infrastructure to AWS. You recommend that they use a custom VPC. When you create a VPC, you assign it to an IPv4 Classless Inter-Domain Routing (CIDR) block of 10.0.1.0/24 (which has 256 total IP address). How many IP address are available? A. 250 B. 251 C. 246 D. 256
B. 251
What is true about Regions? (Choose two.) A. They are physical locations of your customers. B. A Region is a physical location that has multiple Availability Zones. C. All Regions are located in one specific geographic area. D. Each Region is located in a separate geographic area.
B. A Region is a physical location that has multiple Availability Zones. D. Each Region is located in a separate geographic area.
Which aspect of AWS infrastructure provides global deployment of compute and storage? A. Multiple Availability Zones in an AWS Region B. Multiple AWS Regions C. Tags D. Resource groups
B. A Region is a physical location where there are clusters of AWS data centers. AWS offers many different Regions where you can deploy infrastructure around the world. With the use of multiple Regions, you can achieve a global deployment of compute, storage, and databases.
Where can a customer go to get more details about Amazon Elastic Compute Cloud (Amazon EC2) billing activity that took place 3 months ago? A. Amazon EC2 dashboard B. AWS Cost Explorer C. AWS Trusted Advisor dashboard D. AWS CloudsTrail logs stored in Amazon Simple Storage Service (Amazon S3)
B. AWS Cost Explorer
What is the service provided by AWS that enables developers to easily deploy and manage applications in the cloud? A. Amazon Elastic Container Service B. AWS Elastic Beanstalk C. AWS Opswork D. AWS CloudFormation
B. AWS Elastic Beanstalk is an AWS compute service option. It is a Platform as a Service (or PaaS) that facilitates quick deployment, scaling and managing of your web applications and services.
Which of the following services is a serverless compute service in AWS? A. AWS Config B. AWS Lambda C. AWS OpsWorks D. Amazon EC2
B. AWS Lambda
Which of the following are geographic areas that host two or more Availability Zones? A. AWS Origins B. AWS Regions C. Compute zones D. Edge locations
B. AWS Regions
Which component of AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery? A. Amazon Virtual Private Cloud (Amazon VPC) B. AWS edge locations C. AWS Regions D. AWS Availability Zones
B. AWS edge locations
Which component of the AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery? A. AWS Regions B. AWS edge locations C. AWS Availability Zones D. Amazon Virtual Private Cloud (Amazon VPC)
B. AWS edge locations
Which of the following must be specified when launching a new Amazon Elastic Compute Cloud (Amazon EC2) Windows instance? (Choose two) A. The Amazon EC2 instance ID B. Amazon Machine Image (AMI) C. Password for the administrator account D. Amazon EC2 instance type
B. Amazon Machine Image (AMI) D. Amazon EC2 instance type
As AWS grows, the cost of doing business is reduced and savings are passed back to the customer with lower pricing. What is this optimization called? A. Expenditure awareness B. Economies of scale C. Matching supply and demand D. EC2 Right Sizing
B. Economies of scale
True of False? By default, all data stored in Amazon S3 is viewable by the public. A. True B. False
B. False
True or False? Containers contain an entire operating system. A. True B. False
B. False
True or False? Edge locations are only located in the same general area as Regions. A. True B. False
B. False
Economies of scale result from _____? A. Having many different cloud providers B. Having hundreds of thousands of customers aggregated in the cloud C. Having hundreds of cloud services available over the internet D. Having to invest heavily in data centers and servers
B. Having hundreds of thousands of customers aggregated in the cloud
Which of the following is the responsibility of AWS under the AWS shared responsibility model? A. Configuring third-party applications B. Maintaining physical hardware C. Security application access and data D. Managing custom Amazon Machine Images (AMIs)
B. Maintaining physical hardware
You need to allow resources in a private subnet to access the internet. Which of the following must be present to enable this access? A. Security groups B. NAT gateway C. Network access control lists D. Route tables
B. NAT gateway
What is the pricing model that enables AWS customers to pay for resources on an as-needed basis? A. Pay as you decommission B. Pay as you go C. Pay as you buy D. Pay as you reserve
B. Pay as you go
Which of these is NOT a benefit of cloud computing over on-premises computing? A. Increase speed and agility B. Pay for racking, stacking, and powering servers C. Eliminate guessing on your infrastructure capacity needs D. Trade capital expense for variable expense E. Benefit from massive economies of scale.
B. Pay for racking, stacking, and powering servers
What are benefits of using AWS Organizations? (Choose two) A. Replaces existing AWS Identity and access Management (IAM) policies with service control policies (SCPs), which are simpler to manage B. Provides the ability to create groups of accounts and then attach policies to a group C. Provides the ability to create an unlimited number of nested organizational units (OUs) to support your desired structure D. Simplifies automating account creation and management by using APIs E. Prevents any restrictions from being put on the root user that is associated with the main organization in an account
B. Provides the ability to create groups of accounts and then attach policies to a group D. Simplifies automating account creation and management by using APIs
If your project requires monthly reports that iterate through very large amounts of data, which Amazon Elastic Compute Cloud (Amazon EC2) purchasing option should you consider? A. Spot Instances B. Scheduled Reserved Instances C. Dedicated Hosts D. On-Demand Instances
B. Scheduled Reserved Instances
Which of the following can be used to protect Amazon Elastic Compute Cloud (Amazon EC2) instances hosted in AWS? A. All of the above B. Security group C. Internet Gateway D. AMI
B. Security group
Which statement is true about the pricing model on AWS? A. In most cases, there is a per gigabyte charge for inbound data transfer. B. Storage is typically charged per gigabyte. C. Compute is typically charged as a monthly fee based on instance type. D. Outbound charges are free up to a per account limit.
B. Storage is typically charged per gigabyte.
Which security-related services or features does AWS offer? (Select TWO.) A. Complete PCI compliance for customer applications that run on AWS B. AWS Trusted Advisor security checks C. Data encryption D. Automated penetration testing E. Amazon S3 copyrighted content detection
B. Trusted Advisor draws upon best practices learned from serving hundreds of thousands of AWS customers. These best practices include security checks. C. Many AWS services support data encryption, including Amazon Elastic Block Store (Amazon EBS) and Amazon S3.
Which of the following are benefits of the AWS Cloud? (Select TWO.) A. Companies need increased IT staff B. Capital expenses are replaced with variable expenses C. Customers receive the same monthly bill regardless of which resources they use D. Companies gain increased agility E. AWS holds responsibility for security in the cloud
B. With the AWS Cloud, you benefit from Amazon's global purchasing of compute resources. You do not need to invest heavily in data centers. D. With the AWS Cloud, you make IT resources available to developers in minutes instead of weeks. The result is reduced cost and time for development, which increases agility.
You can run applications and workloads from a Region closer to the end users to ____ latency. A. increase B. decrease
B. decrease
You can use Amazon Elastic File System (Amazon EFS) to: A. provide simple, scalable, elastic file storage for use only within AWS B. implement storage for Amazon EC2 instances that multiple virtual machines can access at the same time. C. host a robust CDN to deliver entire web sites with dynamic, static, and streaming content. D. generate user-specific content.
B. implement storage for Amazon EC2 instances that multiple virtual machines can access at the same time.
Amazon S3 replicates all objects ______. A. on multiple volumes within an Availability Zone B. in multiple Availability Zones within the same Region C. across multiple Regions for higher durability D. on multiple S3 buckets
B. in multiple Availability Zones within the same Region
Amazon Elastic Block Store (Amazon EBS) is recommended when data ______ and ______. (Choose two) A. requires object-level storage B. must be quickly accessible, requiring long-term persistence C. requires an encryption solution D. needs to be stored in a different Availability Zone than the one the EC2 instance is in
B. must be quickly accessible, requiring long-term persistence C. requires an encryption solution
How would a system administrator add an additional layer of login security to a user's AWS Management Console? A) Use Amazon Cloud Directory B) Audit AWS Identity and Access Management (IAM) roles C) Enable multi-factor authentication D) Enable AWS CloudTrail
C - Multi-factor authentication (MFA) is a simple best practice that adds an extra layer of protection on top of a username and password. With MFA enabled, when a user signs in to an AWS Management Console, they will be prompted for their username and password (the first factor—what they know), as well as for an authentication code from their MFA device (the second factor—what they have). Taken together, these multiple factors provide increased security for AWS account settings and resources.
Why is AWS more economical than traditional data centers for applications with varying compute workloads? A) Amazon EC2 costs are billed on a monthly basis. B) Users retain full administrative access to their Amazon EC2 instances. C) Amazon EC2 instances can be launched on demand when needed. D) Users can permanently run enough instances to handle peak workloads.
C - The ability to launch instances on demand when needed allows users to launch and terminate instances in response to a varying workload. This is a more economical practice than purchasing enough on-premises servers to handle the peak load.
Regarding Amazon S3 Glacier, what is a Vault? A. The rules that determine who may (or may not) access archives B. An object (photos, videos, files, or documents) C. A container for storing archives D. A policy that identifies who can access content stored in Glacier
C. A container for storing archives
Which of these statements about Availability Zones is not true? A. Availability Zones are designed for fault isolation. B. Availability Zones are made up of one or more data centers C. A data center can be used or more than one Availability Zone D. Availability Zones are connected to each other using high-speed private links
C. A data center can be used or more than one Availability Zone
Which of these are ways to access AWS core services? (Choose three.) A. Technical support calls B. AWS Marketplace C. AWS Management Console D. AWS Command Line Interface (AWS CLI) E. Software Development Kits (SDKs)
C. AWS Management Console D. AWS Command Line Interface (AWS CLI) E. Software Development Kits (SDKs)
Which AWS Cloud architecture design principle supports the distribution of workloads across multiple Availability Zones? A. Implement automation B. Design for agility C. Design for failure D. Implement elasticity
C. AWS recommends that you distribute workloads across multiple Availability Zones. This distribution will ensure continuous availability of your application, even if the application is unavailable in one single Availability Zone.
Which of the following is a compute service? A. Amazon VPC B. Amazon S3 C. Amazon EC2 D. Amazon CloudFront E. Amazon Redshift
C. Amazon EC2
Which Amazon Elastic Compute Cloud (Amazon EC2) feature ensures your instances will not share a physical host with instances from any other AWS customer? A. Amazon VPC B. Placement groups C. Dedicated Instances D. Reserved Instances
C. Dedicated Instances
How would a system administrator add an additional layer of login security to a user's AWS Management Console? A. Use Amazon Cloud Directory B. Audit AWS Identity and Access Management (IAM) roles C. Enable multi-factor authentication D. Enable AWS Cloud Trail
C. Enable multi-factor authentication
________ means the infrastructure has built-in component redundancy and _______ means that resources dynamically adjust to increases or decreases in capacity requirements. A. No human intervention, fault tolerant B. Elastic and scalable, no human intervention C. Fault tolerant, elastic and scalable D. Fault tolerant, no human intervention E. Elastic and scalable, fault tolerant
C. Fault tolerant, elastic and scalable
Which of the following are best practices to secure your account using AWS Identity and Access Management (IAM)? (Choose two) A. Provide users with default administrative privileges B. Leave unused and unnecessary users and credential in place C. Manage access to AWS resources D. Avoid using IAM groups to grant the same access permissions to multiple users E. Define fine-grained access rights
C. Manage access to AWS resources E. Define fine-grained access rights
Which of the following is an optional security control that can be applied at the subnet layer of a VPC? A. Firewall B. Security group C. Network ACL D. Web application firewall
C. Network ACL
When creating an AWS Identity and Access Management (IAM) policy, what are the two types of access that can be granted to a user? (Choose two.) A. Institutional access B. Authorized access C. Programmatic access D. AWs Management Console access E. Administrative root access
C. Programmatic access D. AWs Management Console access
Which Amazon EC2 option is best for long-term workloads with predictable usage patterns? A. Spot Instances B. On-Demand Instances C. Reserved Instances
C. Reserved Instances
Your web application needs four instances to support steady traffic all of the time. On the last day of the month, the traffic triples. What is the most cost-effective way to handle this pattern? A. Run 12 Reserved Instances all of the time. B. Run four On-Demand Instances constantly, then add eight more On-Demand Instances on the last day of each month. C. Run four Reserved Instances constantly, then add eight On-Demand Instances on the last day of each month. D. Run four On-Demand Instances constantly, then add eight Reserved Instances on the last day of each month.
C. Run four Reserved Instances constantly, then add eight On-Demand Instances on the last day of each month.
In the shared responsibility model, which of the following are examples of "security in the cloud"? (Choose two.) A. Compliance with compute security standards and regulations B. Physical security of the facilities in which the services operate C. Security group configurations D. Encryption of data at and data in transit E. Protecting the global infrastructure
C. Security group configurations D. Encryption of data at and data in transit
Which Amazon EC2 pricing model adjusts based on supply and demand of EC2 instances? A. On-Demand Instances B. Reserve Instances C. Spot Instances D. Convertible Reserved Instances
C. Spot Instances are discounted more heavily when there is more capacity available in the Availability Zones.
Which of these is NOT a cloud computing model? A. Platform as a service B. Infrastructure as a service C. System administration as a service D. Software as a service
C. System administration as a service
A company needs phone, email, and chat access 24 hours a day, 7 days a week. The response time must be less than 1 hour if a production system has a service interruption. Which AWS Support plan meets these requirements at the LOWEST cost? A. AWS Basic Support B. AWS Developer Support C. AWS Business Support D. AWS Enterprise Support
C. The Business Support plan provides phone, email, and chat access 24 hours a day, 7 days a week. The Business Support plan has a response time of less than 1 hour if a production system has a service interruption.
Which of the following describes a security best practice that can be implemented by using AWS Identity and Access Management (IAM)? A. Turn off AWS Management Console access for all users B. Generate secret keys for every IAM user C. Grant permissions to users who are required to perform a specific task only D. Store AWS credentials within Amazon EC2 instances
C. Through the security recommendation of least privilege, an IAM best practice is to grant granular permissions to users by using IAM roles.
Which AWS service can create an alarm that sends a notification when a billing threshold is exceeded? A. AWS Trusted Advisor B. AWS CouldTrail C. Amazon CloudWatch D. Amazon QuickSight
C. You can monitor your estimated AWS charges by using CloudWatch. When you enable the monitoring of estimated charges for your AWS account, the estimated charges are calculated and sent several times daily to CloudWatch as metric data.
AWS highly recommends provisioning your compute resources across ______ availability zones. A. all B. no C. multiple D. single
C. multiple
Which AWS offering enables users to find, buy, and immediately start using software solutions in their AWS environment? A) AWS Config B) AWS OpsWorks C) AWS SDK D) AWS Marketplace
D - AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that makes it easy to find, test, buy, and deploy software that runs on AWS.
Which AWS networking service enables a company to create a virtual network within AWS? A) AWS Config B) Amazon Route 53 C) AWS Direct Connect D) Amazon Virtual Private Cloud (Amazon VPC)
D - Amazon VPC lets users provision a logically isolated section of the AWS Cloud where users can launch AWS resources in a virtual network that they define.
Where can a user find information about prohibited actions on the AWS infrastructure? A) AWS Trusted Advisor B) AWS Identity and Access Management (IAM) C) AWS Billing Console D) AWS Acceptable Use Policy
D - The AWS Acceptable Use Policy provides information regarding prohibited actions on the AWS infrastructure.
With Amazon Virtual Private Cloud (Amazon VPC), what is the smallest size subnet you can have in a VPC? A. /30 B. /26 C. /24 D. /28
D. /28
Which of the following is a responsibility of AWS under the AWS shared responsibility model? A. Design a customer's application for disaster recovery B. Update the guest operating systems on deployed Amazon EC2 instances C. Configure new resources with an AWS account D. Secure the physical infrastructure
D. AWS fully maintains the physical controls.
What is included in an Amazon Machine Image (AMI)? A. A template for the root volume for the instance B. Launch permissions that control which AWS accounts can use the AMI to launch instances C. A block device mapping that specifies the volumes to attach to the instance when it's launched D. All of the above
D. All of the above
Why is AWS more economical than traditional data centers for applications with varying compute workloads? A. Amazon EC2 costs are billed on a monthly basis B. Customers retain full administrative access to their Amazon EC2 instances. C. Customers can permanently run enough instances to handle peak workloads. D. Amazon EC2 instances can be launched on-demand when needed
D. Amazon EC2 instances can be launched on-demand when needed
Which AWS service provides a simple and scalable shared file storage solution for use with Linux-based Amazon EC2 instances and on-premises servers? A. AWS Managed Services (AMS) B. Amazon S3 Glacier C. Amazon Elastic Block Store (Amazon EBS) D. Amazon Elastic File System (Amazon EFS)
D. Amazon EFS provides an elastic file system that lets you share file data without the need to provision and manage storage. It can be used with AWS Cloud services and on-premises resources, and is built to scale on demand to petabytes without disrupting applications. With Amazon EFS, you can grow and shrink your file systems automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.
Which of the following should be done by the AWS account root user? A. Secure access for applications B. Integrate with other AWS services C. Change granular permissions D. Change the AWS support plan
D. Change the AWS support plan. Changing the AWS support plan can only be done by the AWS account root user.
A company is hosting a static website from a single Amazon S3 bucket. Which AWS service will achieve lower latency and high transfer speeds? A. AWS Elastic Beanstalk B. Amazon DynamoDB Accelerator (DAX) C. Amazon Route 53 D. Amazon CloudFront
D. CloudFront is a web service that speeds up the distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. Content is cached in edge locations. Content that is repeatedly accessed can be served from the edge locations instead of the source S3 bucket.
After initial login, what does AWS recommend as the best practice for the AWS Account Root User? A. Delete the AWS account root user B. Revoke all permissions on the AWS account root user C. Restrict permission on the AWS account root user D. Delete the access keys of the AWS account root user
D. Delete the access keys of the AWS account root user
A company wants a dedicated private connection to the AWS Cloud from its on-premises operations. Which AWS service or feature will provide this connection? A. AWS VPN B. AWS PrivateLink C. VPC endpoint D. AWS Direct Connect
D. Direct Connect provides a dedicated private connection from your premises to the AWS Cloud. Direct Connect is an alternative to using the internet to access AWS Cloud services.
Which AWS Cloud architecture principle states that systems should reduce interdependencies? A. Scalability B. Services, no servers C. Automation D. Loose coupling
D. Loose coupling helps isolate behavior of a component from other components that depend on it, increasing resiliency and agility. A change or a failure in one of the components should not affect the other components.
What are advantages of cloud computing over computing on-premises? A. Avoid large capital purchases B. Use on-demand capacity C. Go global in minutes D. Increase speed and agility E. All of the above
E. All of the above
True or False? AWS Key Management Service (AWS KMS) enables you to assess, audit, and evaluate the configurations of your AWS resources.
False
True or False? Private subnets have direct access to the internet.
False
True or false? To receive the discounted rate associated with Reserved Instances, you must make a full, upfront payment for the term of the agreement.
False
True or false? Unlimited services are available with AWS Free Tier to new AWS customers for 12 months following their AWS sign-up date.
False
True or False? Cloud computing provides a simple way to access servers, storage, databases, and a broad set of application services over the internet. You own the network-connected hardware required for these services and Amazon Web Services provisions what you need.
False - One of the key benefits of cloud computing is the opportunity to replace upfront capital infrastructure expenses with low variable costs that scale with your business.
True or False? AWS Organizations enables you to consolidate multiple AWS accounts so that you centrally manage them.
True
True or false? AWS offers some services at no charge, such as Amazon Virtual Private Cloud, AWS Identity and Access Management, Consolidated Billing, AWS Elastic Beanstalk, automatic scaling, AWS OpsWorks and AWS CloudFormation. However, you might be charged for other AWS services that you use in conjunction with these services.
True
True or False? AWS owns and maintains the network-connected hardware required for application services, while you provision and use what you need.
True - It's true that AWS owns and maintains the hardware, while you provision and use what you need.