AWS Practitioner Cert Practice Exam
An ELB instance is configured with the default HealthCheck and Response Timeout intervals as 30 seconds and 5 seconds respectively. How long will it take for an instance within a target group to be labelled as OutOfService, if it goes down a second after the latest HealthCheck? ]A. 34 seconds ]B. 30 seconds ]C. 35 seconds ]D. 4 seconds
A. 34 seconds Correct Answer - A Since the health check runs every 30 seconds and the instance goes down one second into the cycle, it means 29 seconds will lapse before a new health check is run. Additionally, it will take 5 more seconds of the ELB instance probing the instance that is down, upon getting no response, it would then fail the health check. Therefore, 29 + 5 seconds = 34 seconds.
During an organisation's information systems audit, the administrator is requested to provide a dossier of security and compliance reports as well as online service agreements that exist between the organisation and AWS. Which service can they utilize to acquire this information? A. AWS Artifact B. AWS Resource Center C. AWS Service Catalog D. AWS Directory Service
A. AWS Artifact Correct Answer - A AWS Artifact is a comprehensive resource center for access to AWS' auditor issued reports as well as security and compliance documentation from several renowned independent standards organisations.
In the AWS Billing and Management service, which tool can provide usage-based forecasts of estimated billing costs and usage for the coming months? ]A. AWS Cost Explorer ]B. AWS Bills ]C. AWS Reports ]D. Cost & Usage Reports
A. AWS Cost Explorer Correct Answer - A AWS Cost Explorer can create user-defined, custom forecasts for future usage patterns.
A company wants to utilize aws storage. For them low storage cost is paramount, the data is rarely retrieved, and data retrieval times of several hours are acceptable for them. What is the best storage option to use? ]A. AWS Glacier ]B. AWS S3 Reduced Redundancy Storage ]C. EBS backed storage connected to EC2 ]D. AWS CloudFront
A. AWS Glacier Answer - A Amazon Glacier is a storage service optimized for infrequently used data, or "cold data." The service provides durable and extremely low-cost storage with security features for data archiving and backup. With Amazon Glacier, you can store your data cost effectively for months, years, or even decades
Which of the following Amazon Web Services can be referred to as a serverless service? (Select three). A. AWS Lambda B. Elastic Load Balancing C. Amazon SNS D. Amazon DynamoDB
A. AWS Lambda C. Amazon SNS D. Amazon DynamoDB The correct answers are A,C and D. The serverless concept refers to the ability to leverage compute processing functions without the infrastructure overhead. AWS Lambda is a serverless online code scripting platform within AWS that allows the user to write, edit and run code functions in various languages including JSON. These functions can be triggered to call or invoke other AWS applications in the user's build. AWS Cloud9 is a serverless online integrated development environment (IDE) used to author, edit, run debug code of various languages.
Your company is planning to use the AWS Cloud. But there is a management decision that resources need to split department wise. And the decision is tending towards managing multiple AWS accounts. Which of the following would help in effective management and also provide an efficient costing model. ]A. AWS Organizations ]B. Amazon Dev Pay ]C. AWS Trusted Advisor ]D. AWS Cost Explore
A. AWS Organizations Correct Answer - B The use cases mentioned in the scenario have unstructured data in common, therefore, the most appropriate attribute of Amazon DynamoDB is its flexible data model and single-digit millisecond latency.
Your development team is planning to host a development environment on the cloud. This consists of EC2 and RDS instances. This environment will probably only be required for 2 months. Which types of instances would you use for this purpose? ]A. On-Demand ]B. Spot ]C. Reserved ]D. Dedicated Hosts
A. On-Demand Answer - A The best and cost effective option would be to use On-Demand Instances. The AWS documentation gives the following additional information on On-Demand EC2 Instances With On-Demand instances you only pay for EC2 instances you use. The use of On-Demand instances frees you from the costs and complexities of planning, purchasing, and maintaining hardware and transforms what are commonly large fixed costs into much smaller variable costs
Which statements regarding VPC Peering is accurate? Select TWO. A. Two VPCs in different AWS Regions and under separate AWS Accounts can share traffic between each other. B. In order for VPC Peering to work each VPC should have a public subnet. C. In VPC Peering, it is possible for traffic from one VPC to traverse through a transit VPC in order to reach a third VPC. D. Traffic between VPC peers in different AWS Regions is not encrypted by default. E. VPC Peering can be used to replicate data to geographically distinct locations for fault-tolerance, disaster recovery and redundancy
A. Two VPCs in different AWS Regions and under separate AWS Accounts can share traffic between each other. E. VPC Peering can be used to replicate data to geographically distinct locations for fault-tolerance, disaster recovery and redundancy Correct Answer - A, E VPC Peering can be established between VPCs in different AWS Regions and in separate AWS Accounts. The logical networks still use the same common AWS backbone network infrastructure to communicate. By utilizing this infrastructure, VPC Peering makes it possible to securely store mission-critical data to geographically distinct locations for fault-tolerance, disaster recovery and redundancy.
Which of the following services allows you to distribute load across multiple EC2 Instances? ]A. AWS Autoscaling ]B. AWS Elastic Load Balancer ]C. AWS Regions ]D. AWS IAM
B. AWS Elastic Load Balancer Answer - B The AWS Documentation mentions the following on the ELB Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones. Elastic Load Balancing offers three types of load balancers that all feature the high availability, automatic scaling, and robust security necessary to make your applications fault tolerant.
Which of the following helps you set up a logically isolated section of your AWS cloud ? ]A. AWS Subnets ]B. AWS VPC ]C. AWS Regions ]D. AWS Availability Zones
B. AWS VPC Answer - B The AWS Documentation mentions the following Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you've defined. This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
An administrator is looking to run their cloud infrastructure along best practice guidelines by leveraging on Amazon Inspector and AWS Trusted Advisor services. Which of the following statements correctly describe how this can be done? (Select TWO) A. Running Amazon Inspector service to probe and protect cloud infrastructure from threats regularly B. Adhering to recommendations given in the main pillars of AWS Trusted Advisor, which are cost optimization, security, performance, fault-tolerance and service limits C. Regularly running Amazon Inspector service on EC2 instances to get a concise list of security vulnerabilities and exposures to attack. D. AWS Trusted Advisor will highlight pending tasks to be resolved in only performance and cost optimization best practices whilst Amazon Inspector will alert the administrator of security vulnerabilities. E. Amazon Inspector will highlight pending tasks to be resolved in only performance and cost optimization best practices whilst AWS Trusted Advisor will alert the administrator of security vulnerabilities.
B. Adhering to recommendations given in the main pillars of AWS Trusted Advisor, which are cost optimization, security, performance, fault-tolerance and service limits C. Regularly running Amazon Inspector service on EC2 instances to get a concise list of security vulnerabilities and exposures to attack. Correct Answer - B, C Amazon Inspector will assess AWS provisioned infrastructure for compliance and security vulnerabilities. AWS Trusted Advisor will provide real-time guidelines in best practice implementation and maintenance of AWS resources.
In a fully managed service such as Amazon Aurora, what are the implications of the Shared Responsibility Model? ]A. Amazon is responsible for only the physical infrastructure on which the user's data resides. ]B. Amazon is responsible for the EC2 instances, the operating system updates, patching of software and its maintenance ]C. The user is responsible for the operating system updates, patching of software and its maintenance. ]D. The user is responsible for the security of the EC2 instances on which the relational database resides.
B. Amazon is responsible for the EC2 instances, the operating system updates, patching of software and its maintenance Correct Answer - B In fully managed service such as Amazon Aurora, the user does not have access to the backend EC2 instances where the relational database resides. Backups, software updates and patches are administered by Amazon.
The firm you work for is considering migrating to AWS. They are concerned about cost and the initial investment needed. Which of the following features of AWS pricing helps lower the initial investment amount needed? Choose 3 answers from the options given below: A. The ability to choose the lowest cost vendor B. The ability to pay as you go C. No upfront costs D. Discounts for upfront payments
B. The ability to pay as you go C. No upfront costs D. Discounts for upfront payments Answer - B, C, and D The best features of moving to the AWS Cloud is: No upfront costs The ability to pay as you go where the customer only pays for the resources needed
A startup company for social media apps would like to grant freelance developers temporary access to its Lambda functions setup on AWS. These developers would be signing-in via Facebook authentication. Which service is most appropriate to use in securely granting access? A. Create user credentials using Identity Access Management, IAM B. Use Amazon Cognito for web-identity federation C. Create temporary access roles using IAM D. Use a third-party Web ID, federated access provider
B. Use Amazon Cognito for web-identity federation Correct Answer - B Amazon Cognito web identity federation service acts as a broker that allows successfully authenticated users access to AWS resources. After successful authentication on platforms such as Facebook, LinkedIn or Google - users are awarded temporary authentication code from Amazon Cognito thereby gaining temporary access.
Which TWO statements best describe the AWS Personal Health Dashboard. A. A concise representation of the general status of AWS services B. User-specific view on the availability and performance of AWS services underlying their AWS resources. C. A service that prompts the user with alerts and notifications on AWS scheduled activities, pending issues, and planned changes. D. A minute-by-minute update of system outages and service errors on the AWS global infrastructure E. A rolling log of all service interruptions across the AWS network, records of incidencies persistent for a year
B. User-specific view on the availability and performance of AWS services underlying their AWS resources. C. A service that prompts the user with alerts and notifications on AWS scheduled activities, pending issues, and planned changes. Correct Answer - B, C The Personal Health Dashboard is a tool that shows the status of AWS services that are running user-specific resources. It is a graphical representation that sends alerts, notifications of any personal pending issues, planned changes and scheduled activities.
You have an application developed in .NET. This applications works with the S3 buckets in a particular region. The application is hosted on an EC2 Instance. Which of the following should ideally be used to ensure that the EC2 Instance has the appropriate access to the S3 buckets? ]A. AWS Users ]B. AWS Groups ]C. AWS IAM Roles ]D. AWS IAM Policies
C. AWS IAM Roles Answer - C The AWS Documentation mentions the following You can use roles to delegate access to users, applications, or services that don't normally have access to your AWS resources.
A website for an international sports governing body would like to serve its content to viewers from different parts of the world in their vernacular language. Which is the most suitable service that will allow different language versions of the same website to be served, according to where in the world the browser is viewing from. ]A. Amazon CloudFront ]B. Content Delivery Network (CDN) ]C. Amazon Lightsail ]D. Amazon Route 53
D. Amazon Route 53 Correct Answer - D In Amazon Route 53, the geolocation routing policy allows for different resources to serve content based on the origin of the request. This in turn makes it possible in the scenario for different versions of the website to be served.
A cloud solutions architect needs to execute urgent mission-critical tasks on the AWS Management console, but has left their Windows-based machine at home. What secure option can be used to administer these tasks on the cloud infrastructure given that only non-graphical user interface (non-GUI), Linux-based machines are readily available? A. Share the AWS Management console credentials with the person at home over the phone, so they can execute on the cloud solutions architect behalf B. Use third-party remote desktop software to access the Windows-based machine at home from the non-GUI workstations and administer the necessary tasks C. Use Secure Shell (SSH) to securely connect to the Windows-based machine from one of the non-GUI Linux-based machines then log onto the AWS Management console D. Install and run AWS CLI on one of the non-GUI Linux-based machines, in a shell environment such as bash, the cloud solutions architect can access ALL services just as they could from a Windows-based machine.
D. Install and run AWS CLI on one of the non-GUI Linux-based machines, in a shell environment such as bash, the cloud solutions architect can access ALL services just as they could from a Windows-based machine. Correct Answer - D AWS Command Line Interface (AWS CLI) is an open source tool that enables access and interaction with AWS services using commands in the command-line shell. With minimal configuration the cloud solutions architect would start using the functionality equivalent to that provided by the browser-based AWS Management Console from the command prompt in a terminal program such as bash.
Why does it take between 24 to 48 hours for changes made to a hosted zone in Amazon Route53 to reflect globally? ]A. AWS Name Servers need between 24 to 48 hours to create record sets, update their respective values and process changes. ]B. DNS resolvers around the world can only reflect the changes in their cache after the Time To Live (TTL) has expired, it is 24 hours by default. ]C. AWS Name Servers around the world update their cache in tandem, it takes between 24 hours to 48 hours for the process to complete. ]D. If changes to the hosted zone are made in the same AWS Region as the DNS resolver, it can take between 6 to 12 hours.
]B. DNS resolvers around the world can only reflect the changes in their cache after the Time To Live (TTL) has expired, it is 24 hours by default Correct Answer - B Generally, DNS resolvers query for changes every 86400 seconds, which means DNS resolver cache is stagnant for up to 24 hours. This can be changed, but the widely accepted time is 24 hours.
Why is Amazon DynamoDB service best-suited for implementation in mobile, Internet of Things (IoT) and gaming applications? ]A. DynamoDB is a fully-managed database instance with no infrastructure overheads ]B. DynamoDB has a flexible data model and single-digit millisecond latency ]C. Whilst in operation, DynamoDB instances are spread across at least three geographically distinct centers, AWS Regions ]D. DynamoDB supports eventual and strongly consistent reads
]B. DynamoDB has a flexible data model and single-digit millisecond latency Correct Answer - B The use cases mentioned in the scenario have unstructured data in common, therefore, the most appropriate attribute of Amazon DynamoDB is its flexible data model and single-digit millisecond latency.
