AWS Cloud Exam 1
After you move to the AWS Cloud, you want to ensure that the right security settings are put in place.Which online tool can assist in security compliance?
AWS Trusted Advisor
Which option is the Amazon Web Services (AWS) customer responsible for under the AWS Shared responsibility model?
Security group configuration, client-side data
Which of the following is not one of the four areas of the Performance Efficiency pillar of the AWS Well-Architected Framework?
Tranceability
Economies of scale can result from ____
having hundreds of thousands of customers aggregate in the cloud
Which of the following services is a serverless compute service in AWS?
AWS Lambda
The AWS Well-Architected Framework is organized into how many pillars?
5
Which is the correct term for the process of verifying a user's identity as a developer?
Authentication
You can run applications and workloads from a region closer to the end users to ____ latency
Decrease
Which of the following are NOT benefits of AWS Cloud Computing?
High latency, multiple procurement cycles
What is the pricing model that enables AWS customers to pay for resources on an as-needed basis?
Pay as you go
In Amazon DynamoDB, an attribute is________.
a fundamental data element
In Amazon DynamoDB, what does the query operation enable you to do?
All of the above
What should you consider when choosing database type?
All of the above
A company has an application, which consists of a .NET layer that connects to a MySQL database. They want to move this application on to AWS and use AWS features such as high availability and automated backups. Which of the following would be an ideal database for this use case
Amazon Aurora
Which of the following services can help you conflict important metrics from Amazon Relational Database Service (Amazon RDS) and Amazon Elastic Compute Cloud (Amazon EC2) instances?
Amazon CloudTrail
If you are developing an application that requires a database with extremely fast performance, fast scalability, and flexibility in the database schema, which service would you consider?
Amazon DynamoDB
You are designing an ecommerce web application that will scale to hundreds of thousands of concurrent users, Which database technology is best suited to hold the session state in this example?
Amazon DynamoDB
Which of the following is a compute service?
Amazon EC2
Which of the following AWS tools help your application scale up or down based on demand?
Amazon EC2 Auto Scaling Elastic Load Balancing
Which of the following must be specified when launching a new Amazon Elastic Cloud Compute EC2 windows instance?
Amazon EC2 instance type Amazon Machine Image (AMI) *AWS assigns the EC2 instance ID as part of the launch process and the administrator password, which is encrypted via the public key. The instance type defines the virtual hardware and the AMI defines the initial software state. Both must be specified on launch.
Why is AWS more economical than traditional data centers for applications with varying compute workloads?
Amazon EC2 instances can be launched on-demand when needed.
Which AWS Lambda configuration setting might be a developer use to manage function errors when configuring an Amazon Simple Notification Service (Amazon SNS) topic as the event source for a Lambda function? (SELECT TWO) 1. State machines 2. File Systems 3. Destinations 4. Virtual private cloud 5. Asynchronous invocations
3. Destinations 5. Asynchronous invocations
Which actions require permissions that are defined in the AWS Lambda execution role? (Select TWO) 1. A Lambda function writes to an Amazon DynamoDB table. 2. An object that is written to an Amazon Simple Storage Service (Amazon S3) bucket initiates invocation of a Lambda function. 3. Lambda polls an Amazon Simple Queue Service (Amazon SQS) queue for messages that initiate invocation of a Lambda function. 4. An Amazon API Gateway GET route initiates invocation of a Lambda function. 5. A message that is posted to an Amazon Simple Notification Service (Amazon SNS) topic initiates invocation of Lambda function.
A Lambda function writes to an Amazon DynamoDB table Lambda polls an Amazon Simple Queue Service (Amazon SQS) queue for messages that initiate invocation of a Lambda function.
Which of these statements about Availability Zones is NOT true?
A data center can be used for more than one availability zone
Which of the following must be configured on an Elastic Load Balancing load balancer to expect incoming traffic
A listener
Which of the following is an optional security control that can be applied at the subnet layer of a VPC?
A network ACL is an optional security control that can be applied at the subnet layer of a VPC
What is true about Regions?
A region is a physical location that has multiple availability zones, each region is located in a separate geographic area
Which of the following can be used to protect Amazon Elastic Compute Cloud (Amazon EC2) instances hosted in AWS?
A security group acts as a virtual firewall for your instance to control inbound and outbound traffic.
What is included in an Amazon Machine Image (AMI)?
A template for the root volume for the instance Launch permissions that control which AWS accounts can use the AMI to launch instances A block device mapping that specifies the volumes to attach to the instance when it's launched All of the above.
Which option best describes how Amazon API Gateway invokes AWS Lambda? 1. API Gateway directly invokes a function with a synchronous invocation. 2. Lambda processes API Gateway requests asynchronously and retires each request up to two times. 3. Lambda uses an event source mapping and polls API Gateway for requests 4. API Gateway directly invokes a function and retires the request until it succeeds or expires.
API Gateway directly invokes a function with a synchronous invocation.
For certain services like Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Relational Database Service (Amazon RDS), you can invest in reserved capacity. What options are available for Reserved instances?
AURI, NURI, PURI
There is an adult at your company and they need to have a big log of all access to AWS resources in the account. Which of the following services can assist in providing these details?
AWS CloudTrail
What is the service provided by AWS that enables developers to easily deploy and manage applications in the cloud?
AWS Elastic Beanstalk *Elastic Beanstalk is an AWS compute service option. It is a Platform as a Service (or PaaS) that facilitates quick deployment, scaling, and managing of your web applications and services.
Which of these are ways to access AWS core services?
AWS Management Console, AWS Command Line Interface, Software Development Kits
What AWS tool lets you explore AWS services and create an estimate for the cost of your use cases on AWS?
AWS Pricing Calculator
Which of the following are geographic areas that host two or more Availability Zones?
AWS Regions
Which statements about IAM user authentication are true?
AWS credentials to authenticate with any supported services must be provided A user name and password to authenticate to the console must be provided
Which component of the AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery?
AWS edge locations
Which of the following elements are used to create an Amazon EC2 Auto Scaling launch configuration?
Amazon Machine Image (AMI) Instance type Amazon Elastic Block Store (Amazon EBS) volumes
Which AWS Cloud service is best suited for analyzing your data by using standard structured query language (SQL) and your existing business intelligence (BI) tools
Amazon Redshift
Which service would you use to send alerts based on Amazon CloudWatch alarms?
Amazon Simple Notification Service (Amazon SNS)
Which AWS networking service enables a company to create a virtual network within AWS? (Select the best answer.)
Amazon Virtual Private Cloud enables a company to create a virtual network within AWS
Which issue might be addressed by adding provisioned concurrency to an AWS Lambda function? 1. Another Lambda function runs in the same account and Region. It sometimes spikes and consumes all available concurrency, causing the function to fail. 2. An application that uses the Lambda function responds slowly for the first few users who sign in each day. Lambda metrics show higher latency for those initial requests. 3. A legacy backend system fails intermittently when the developer connects to it. To avoid extra costs, they want to reduce the function's wait time when the backend fails. 4. The developer wants more visibility into transactions that use the Lambda function to identify bottlenecks.
An application that uses the Lambda function responds slowly for the first few users who sign in each day. Lambda metrics show higher latency for those initial requests.
Which statements are true about evaluation logic for AWS Identity and Access Management (IAM) policies? (Select TWO)
An explicit deny overrides an explicit allow By default, all requests are denied
What are the three types of load balancers that Elastic Load Balancing offers?(Choose three)
Application Load Balancer Network Load Balancer Classic Load Balancer
Which of the following is a principle when designing cloud-based systems?
Assume everything will fail
What are the advantages of cloud computing over computing on-premises?
Avoid large capital expenditures, use on demand capacity, go global in minutes, increase speed and agility
What are the four support plans offered by AWS Support?
Basic, Developer, Business, Enterprise
Which constraint CANNOT be modified? 1. Function timeout 2. Reserved concurrency 3. Burst quota 4. Regional quota
Burst quota
Which of the following use cases is appropriate for using Amazon Relational Database Service (Amazon RDS)?
Complex transactions
Where can a customer go to get more details about Amazon Elastic Compute Cloud (Amazon EC2) billing activity that took place 3 months ago?
Cost Explorer
Which suggestion is an Amazon Web Services (AWS) recommendation for securing AWS credentials for application that run on Amazon Elastic Compute Cloud (Amazon EC2) instances?
Create an AWS Identity and Access Management (IAM) ROLE and attach it to the EC2 instance
Which statement reflects best practices when granting permissions to users, groups, roles, and resources?
Create policies that follow the principle of least privilege
Which Amazon Elastic Compute Cloud EC2 feature ensures your instances will not share a physical host with instances from any other AWS customer?
Dedicated Instances
What is the effect of the following policy statement? {"Effect": "Deny","Action":["dynamodb:", "s#:" ],"NotResource": [ "arn:aws:dynamodb:region:account-number:table/pollynotes","arn:aws:s3:::polly-notes-web","arn:aws:s3:::polly-notes-mp3/*" ]}
Denies actions on DynamoDB or Amazon S3 resources except for the resources that are listed in the NotResource element
As AWS grows, the cost of doing business is reduced and savings are passed back to the customer with lowering pricing. What is the optimization called?
Economies of Scale
True or False? Edge locations are only located in the same general area as regions,
False
True or False? To receive the discounted rate associated with Reserved Instance, you must make a full, upfront payment for the term of the agreement.
False
True or False? Unlimited services are available with the AWS Free Tier to new AWS customers for 12 months following their AWS sign-up date.
False
True or False? Private subnets have direct access to the internet.
False, Private subnets do not have direct access to the internet.
True or False? Cloud computing provides a simple way to access servers, storage, databases, and a broad set of application servers over the internet. You own the network connected hardware required for these services and AWS provisions what you need.
False- you do NOT own the network connected hardware
True or false? Containers contain an entire operating system
False. *Containers are smaller than virtual machines, and do not contain an entire operating system.
What is defined as the ability for a system to remain operational even if some of the components of that system fail?
Fault Tolerance
____ means the infrastructure has built-in component redundancy and ____ means that resources dynamically adjust to increase or decrease in capacity requirements
Fault tolerant, elastic and scalable
Which of the following best describes a system that can withstand some measures of degradation, experiences minimal downtime, and requires minimal human intervention
Highly available
Which AWS Identity and Access Management resource explicitly grants or denies permissions to a user or group of users?
IAM policies
An administrator created an AWS Identity and Access Management (IAM) groups called managers within an AWS account. A ____ policy is attached to the managers group. It allows managers to read from and write to an Amazon Simple Storage Service (Amazon S3) bucket in the same AWS account. What is this type of policy?
Identity-based
You need to allow resources in a private subnet to access the internet. Which of the following must be present to enable this access? (Select the best answer.)
If you need to allow resources in a private subnet to access the internet, a NAT gateway must be present to enable this access
What is the format of AWS Identity and Access Management (IAM) polices that define the allowable API calls an entity can invoke?
Javascript Object Notation (JSON)
Which statement describes a characteristic of AWS Lambda? 1. Lambda runs code only when it is activated by an event and uses only the compute resources that are needed. 2. A developer's methods and configuration options for ensuring high availability with Lambda are similar to their approach with Amazon Elastic Compute Cloud (Amazon EC2) 3. Lambda function run in on-demand, temporary environments, and the developer controls when new environments are created or shut down. 4. A developer must write Lambda functions that use one of the runtimes that the Lambda service provides.
Lambda runs code only when it is activated by an event and uses only the compute resources that are needed
Which of the following are elements of an Auto Scaling group(Choose three)
Maximum size Desired capacity Minimum size
AWS highly recommends provisioning your compute resources across ______ availability zones
Multiple
Which of these is NOT a benefit of cloud computing over on-premises computing?
Pay for racking, stacking and powering servers
AWS Trusted Advisor provides insight regarding which five categories of an AWS account?
Performance, cost optimization, security, fault tolerance, service limits
What are the benefits of using AWS organizations?
Provides the ability to create groups of accounts and then attach policies to a group, simplifies automating account creation and management by using APIs
Which of the following is a measure of your system's ability to provide functionality when desired by the user?
Reliability
Which Amazon EC2 option is best for long-term workload with predictable usage patterns?
Reserved Instances.
Which of the following are characteristics of Amazon EC2 Auto Scaling?Choose three
Responds to changing conditions by adding or terminating instances Launches instances from a specified Amazon Machine Image (AMI) Enforces a minimum number of running Amazon EC2 instances
Your web application needs four instances to support steady traffic all of the time. On the last day of the month, the traffic triples. What is the most cost-effective way to handle this pattern?
Run four Reserved Instances constantly, then add eight On-Demand Instances on the last day of each month *Reserved Instances provide cost savings when you can commit to running instances full-time, such as to handle the base traffic. On-Demand Instances provide the flexibility to handle traffic spikes
You need to find an item in Amazon DynamoDB table using an attribute other than item's primary key. Which of the following operations should you use?
Scan
If your project requires monthly reports that iterate through very large amounts of data, which Amazon Elastic Compute Cloud EC2 purchasing option should you consider?
Scheduled Reserved Instances
Which of the following are pillars of the AWS Well-Architected Framework?(Choose three)
Security OperationalExcellence Cost Optimization
In Elastic Load Balancing, when the load balancing detects an unhealthy target, which of the following are true(Choose three)
Stops routing traffic to that target Resumes routing traffic when it detects that the target is healthy again Routes traffic to a healthy target
Which statement is true about the pricing model on AWS?
Storage is usually charged based on how many gigabytes you use
Which of these is NOT a cloud computing model?
System administration as a Service
Which statement about the function handler in an AWS Lambda function is true? 1. The function handler is the entry point that Lambda calls to start running the Lambda function. 2. The function handler method might take an event object or context object. 3. The event object provides information about the event that invoked the Lambda function. It must be predefined object that an AWS services generates. 4. The context object provides runtime information, and the developer must create a context object that matches the runtime that was selected for the function.
The function handler is the entry point that Lambda calls to start running the Lambda function
With Amazon Virtual Private Cloud (Amazon VPC), what is the maximum size IP address range you can have in a VPC? (Select the best answer.)
The maximum size IP address range you can have in a VPC is /16.
With Amazon Virtual Private Cloud (Amazon VPC), what is the smallest size subnet you can have in a VPC? (Select the best answer.)
The smallest size you can have in a VPC is /28
You are a solutions architect who works at a large retail company that is migrating its existing infrastructure to AWS. You recommend that they use a custom VPC. When you create a VPC, you assign it to an IPv4 Classless Inter-Domain Routing (CIDR) block of 10.0.1.0/24 which has 256 total IP addresses. How many IP addresses are available?
The subnet has 256 IP addresses but 5 are reserved so 251
A function's Amazon Resource Name (ARN) is as follows:arn:aws:lambda:aws-region:acct-id:function:helloworld:PRODWhich statement about this function is correct, based on its ARN? 1. This ARN will invoke the immutable PROD version of the function. 2. This ARN will invoke the version of the function that is currently associated with the PROD alias. 3. This ARN will invoke the function and include the AWS Lambda layer that is named PROD 4. This ARN will deploy the helloworld function into the PROD account.
This ARN will invoke the version of the function that is currently associated with the PROD alias.
Which component of AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery?
To ensure low-latency delivery, Amazon CloudFront uses AWS edge locations.
True of False? AWS owns and maintains the network connected hardware required for application services, while you provision and use what you need.
True
True of false? Amazon RDS automatically patches the database software and backs up your database, storing the backups for a user-defined retention period and enabling point-in-time recovery
True
True or False? AWS offers some services at no charge, such as, Amazon Virtual Private Cloud, AWS identity and access management, consolidated billing, AWS elastic beanstalk, automatic scaling, AWS OpsWorks, and AWS CloudFormation. However you might be charged for other AWS services that you use in conjunction with these services.
True
True or False? Availability Zones within a region are connected through low-latency links.
True
True/False? Networking, storage, compute and databases are examples of service categories that AWS offers.
True
A zipped deployment package including code and custom libraries is 75MB in size. Which AWS Lambda deployment option should be used? 1. Copy the code into the Lambda console editor to create and deploy the function. 2. Upload a .zip file from an integrated development environment (IDE) to load the deployment package directly into the Lambda console. 3. Upload the deployment package to an Amazon Simple Storage Service (Amazon S3) bucket, and specify the bucket name and object key on the Lambda console. 4. Upload the deployment package to an Amazon Elastic Block Store (Amazon EBS) volume, and us the File Systems configuration to reference it.
Upload the deployment package to an Amazon Simple Storage Service (Amazon S3) bucket, and specify the bucket name and object key on the Lambda console.
Which design principles are recommended when considering performance efficiency?(Choose 2)
Use serverless architecture Democratize advanced technologies
Users of a serverless application have reported errors that occur when they try to retrieve order information. Assuming that AWS X-Ray is enabled, what is the first step the developer might take in X-Ray to start troubleshooting the reported issues quickly? 1. Drill down into the most recent traces to look for errors .2. Search for metadata that is related to the users who are reporting issues. 3. Add annotations that the developer can sue to start grouping and filtering traces. 4. Use the service map to visually locate errors across the application.
Use the service map to visually locate errors across the application.
What happens when you use Amazon Virtual Private Cloud (Amazon VPC) to create a new VPC?
When you create a VPC, a route table is created by default. You must manually create subnets and an internet gateway.