AWS Cloud Practitioner Practice Exam 2
A startup is looking for 24x7 phone based technical support for its AWS account. Which of the following is the MOST cost-effective AWS support plan for this use-case? AWS Enterprise Support AWS Developer Support AWS Business Support AWS Enterprise On-Ramp Support
AWS Business Support
Due to regulatory and compliance reasons, an organization is supposed to use a hardware device for any data encryption operations in the cloud. Which AWS service can be used to meet this compliance requirement? AWS Trusted Advisor AWS CloudHSM AWS Secrets Manager AWS Key Management Service (AWS KMS)
AWS CloudHSM
An organization has a complex IT architecture involving a lot of system dependencies and it wants to track the history of changes to each resource. Which AWS service will help the organization track the history of configuration changes for all the resources? AWS CloudFormation AWS Service Catalog AWS CloudTrail AWS Config
AWS Config
A data analytics company stores its data on Amazon Simple Storage Service (Amazon S3) and wants to do SQL based analysis on this data with minimum effort. As a Cloud Practitioner, which of the following AWS services will you suggest for this use case? Amazon Aurora Amazon Redshift Amazon Athena Amazon DynamoDB
Amazon Athena
Which of the following AWS services are global in scope? (Select two) Amazon Elastic Compute Cloud (Amazon EC2) Amazon Simple Storage Service (Amazon S3) AWS Identity and Access Management (AWS IAM) Amazon CloudFront Amazon Relational Database Service (Amazon RDS)
Amazon CloudFront AWS Identity and Access Management (AWS IAM)
An e-commerce company wants to store data from a recommendation engine in a database. As a Cloud Practitioner, which AWS service would you recommend to provide this functionality with the LEAST operational overhead for any scale? Amazon DynamoDB Amazon Neptune Amazon Simple Storage Service (Amazon S3) Amazon Relational Database Service (Amazon RDS)
Amazon Dynamo DB
Which of the following AWS services allows a database to have flexible schema and supports document data models? Amazon Relational Database Service (Amazon RDS) Amazon Redshift Amazon Aurora Amazon DynamoDB
Amazon DynamoDB
A company wants a fully managed, flexible, and scalable file storage system, with low latency access, for its Windows-based applications. Which AWS service is the right choice for the company? Amazon Elastic File System (Amazon EFS) Amazon FSx for Windows File Server Amazon FSx for Lustre Amazon Elastic Block Storage (Amazon EBS)
Amazon FSx for Windows File Server
An e-commerce company wants to assess its applications deployed on Amazon Elastic Compute Cloud (Amazon EC2) instances for vulnerabilities and deviations from AWS best practices. Which AWS service can be used to facilitate this? AWS Trusted Advisor Amazon Inspector AWS Secrets Manager AWS CloudHSM
Amazon Inspector
A company is using a message broker service on its on-premises application and wants to move this messaging functionality to AWS Cloud. Which of the following AWS services is the right choice to move the existing functionality easily? Amazon Kinesis Data Streams Amazon MQ Amazon Simple Queue Service (Amazon SQS) Amazon Simple Notification Service (Amazon SNS)
Amazon MQ
What is the primary benefit of deploying an Amazon RDS Multi-AZ database with one standby? Amazon RDS Multi-AZ improves database performance for read-heavy workloads Amazon RDS Multi-AZ protects the database from a regional failure Amazon RDS Multi-AZ enhances database availability Amazon RDS Multi-AZ reduces database usage costs
Amazon RDS Multi-AZ enhances database availability
Which of the following AWS services comes under the Software as a Service (SaaS) Cloud Computing Type? AWS Elastic Beanstalk Elastic Load Balancing (ELB) Amazon Elastic Compute Cloud (Amazon EC2) Amazon Rekognition
Amazon Rekognition
The engineering team at an IT company wants to monitor the CPU utilization for its fleet of Amazon Elastic Compute Cloud (Amazon EC2) instances and send an email to the administrator if the utilization exceeds 80%. As a Cloud Practitioner, which AWS services would you recommend to build this solution? (Select two) AWS CloudTrail Amazon Simple Notification Service (SNS) AWS Lambda Amazon Simple Queue Service (SQS) Amazon CloudWatch
Amazon Simple Notification Service (SNS) Amazon CloudWatch
As per the AWS Shared Responsibility Model, which of the following is a responsibility of AWS from a security and compliance point of view? Edge Location Management Customer Data Identity and Access Management Server-side Encryption (SSE)
Edge Location Management
Which Amazon Route 53 routing policy would you use to improve the performance for your customers by routing the requests to the AWS endpoint that provides the fastest experience? Latency-based routing Failover routing Weighted routing Simple routing
Latency-based routing
Which AWS service would you use to send alerts when the costs for your AWS account exceed your budgeted amount? AWS Budgets AWS Organizations AWS Cost Explorer AWS Pricing Calculator
AWS Budgets
Which policy describes prohibited uses of the web services offered by Amazon Web Services? AWS Applicable Use Policy AWS Trusted Advisor AWS Acceptable Use Policy AWS Fair Use Policy
AWS Acceptable Use Policy
Which AWS technology/service helps you to scale your resources to match supply with demand while still keeping your cloud solution cost-effective? AWS Auto Scaling AWS Cost Explorer AWS CloudFormation AWS OpsWorks
AWS Auto Scaling
Which of the following AWS services are always free to use (Select two)? Amazon DynamoDB Amazon Simple Storage Service (Amazon S3) Amazon Elastic Compute Cloud (Amazon EC2) AWS Identity and Access Management (AWS IAM) AWS Auto Scaling
AWS Auto Scaling AWS Identity and Access Management (AWS IAM)
A developer has written a simple web application in PHP and he wants to just upload his code to AWS Cloud and have AWS handle the deployment automatically but still wants access to the underlying operating system for further enhancements. As a Cloud Practioner, which of the following AWS services would you recommend for this use-case? AWS Elastic Beanstalk AWS CloudFormation Amazon Elastic Container Service (Amazon ECS) Amazon Elastic Compute Cloud (Amazon EC2)
AWS Elastic Beanstalk
Which AWS support plan provides access to a designated Technical Account Manager (TAM)? AWS Business Support AWS Enterprise Support AWS Developer Support AWS Enterprise On-Ramp Support
AWS Enterprise Support
Which AWS service helps with global application availability and performance using the AWS global network? Amazon CloudFront Elastic Load Balancing (ELB) AWS Global Accelerator Amazon Route 53
AWS Global Accelerator
Which service gives a personalized view of the status of the AWS services that are part of your Cloud architecture so that you can quickly assess the impact on your business when AWS service(s) are experiencing issues? Amazon CloudWatch AWS Health - Service Health Dashboard AWS Health - Your Account Health Dashboard Amazon Inspector
AWS Health - Your Account Health Dashboard
Which AWS service publishes up-to-the-minute information on the general status and availability of all AWS services in all the Regions of AWS Cloud? AWS Health Dashboard - Your account health Amazon CloudWatch AWS CloudFormation AWS Health Dashboard - service health
AWS Health Dashboard - service health
Which of the following AWS services is essential for implementing security of resources in AWS Cloud? AWS Shield Amazon CloudWatch AWS Web Application Firewall (AWS WAF) AWS Identity and Access Management (IAM)
AWS Identity and Access Management (IAM)
An IT company wants to run a log backup process every Monday at 2 AM. The usual runtime of the process is 5 minutes. As a Cloud Practitioner, which AWS services would you recommend to build a serverless solution for this use-case? (Select two) AWS Step Function AWS Lambda AWS Systems Manager Amazon Elastic Compute Cloud (Amazon EC2) Amazon Eventbridge
AWS Lambda Amazon Eventbridge
Which of the following statements are true about AWS Lambda? (Select two) AWS Lambda lets you run code without provisioning or managing servers AWS Lambda provides access to the underlying operating system to control its behavior through code You pay for the compute time you consume for AWS Lambda AWS Lambda allows you to install databases on the underlying serverless Operating System AWS Lambda allows you to orchestrate and manage Docker containers to facilitate complex containerized applications on AWS
AWS Lambda lets you run code without provisioning or managing servers You pay for the compute time you consume for AWS Lambda
A gaming company is looking at a technology/service that can deliver a consistent low-latency gameplay to ensure a great user experience for end-users in various locations. Which AWS technology/service will provide the necessary low-latency access to the end-users? AWS Wavelength AWS Local Zones AWS Direct Connect AWS Edge Locations
AWS Local Zones
Which AWS service enables users to find, buy, and immediately start using software solutions in their AWS environment? AWS OpsWorks AWS Marketplace AWS Config AWS Systems Manager
AWS Marketplace
A retail company has multiple AWS accounts for each of its departments. Which of the following AWS services can be used to set up consolidated billing and a single payment method for these AWS accounts? AWS Cost Explorer AWS Budgets AWS Secrets Manager AWS Organizations
AWS Organizations
An organization is planning to move its infrastructure from the on-premises datacenter to AWS Cloud. As a Cloud Practitioner, which options would you recommend so that the organization can identify the right AWS services to build solutions on AWS Cloud (Select two)? AWS Service Catalog Amazon CloudWatch AWS Organizations AWS Partner Network (APN) AWS CloudTrail
AWS Service Catalog AWS Partner Network (APN)
Which of the following options can be used to access and manage all AWS services (Select three)? AWS Software Development Kit (SDK) Amazon API Gateway AWS Secrets Manager AWS Command Line Interface (AWS CLI) AWS Systems Manager AWS Management Console
AWS Software Development Kit (SDK) AWS Command Line Interface (AWS CLI) AWS Management Console
A company's flagship application runs on a fleet of Amazon Elastic Compute Cloud (Amazon EC2) instances. As per the new policies, the system administrators are looking for the best way to provide secure shell access to Amazon Elastic Compute Cloud (Amazon EC2) instances without opening new ports or using public IP addresses. Which tool/service will help you achieve this requirement? Amazon Route 53 Amazon Inspector Amazon Elastic Compute Cloud (Amazon EC2) Instance Connect AWS Systems Manager Session Manager
AWS Systems Manager Session Manager
Which tool will help you review your workloads against current AWS best practices for cost optimization, security, and performance improvement and then obtain advice to architect them better? Amazon Inspector Amazon CloudWatch AWS Cost Explorer AWS Trusted Advisor
AWS Trusted Advisor
Which of the following solutions can you use to connect your on-premises network with AWS Cloud (Select two)? Amazon Route 53 AWS Direct Connect Internet Gateway AWS Virtual Private Network (VPN) Amazon Virtual Private Cloud (Amazon VPC)
AWS Virtual Private Network (VPN) AWS Direct Connect
A social media company wants to protect its web application from common web exploits such as SQL injection and cross-site scripting. Which of the following AWS services can be used to address this use-case? AWS CloudWatch Amazon GuardDuty AWS Web Application Firewall (AWS WAF) Amazon Inspector
AWS Web Application Firewall (AWS WAF)
An online gaming company wants to block users from certain geographies from accessing its content. Which AWS service can be used to accomplish this task? AWS Shield Security group AWS Web Application Firewall (AWS WAF) Amazon CloudWatch
AWS Web Application Firewall (AWS WAF)
Which of the following AWS services can be used to prevent Distributed Denial-of-Service (DDoS) attack? (Select three) AWS CloudHSM AWS Trusted Advisor Amazon CloudFront with Amazon Route 53 AWS Shield Amazon Inspector AWS Web Application Firewall (AWS WAF)
AWS Web Application Firewall (AWS WAF) AWS Shield Amazon CloudFront with Amazon Route 53
Which AWS service can be used to provision resources to run big data workloads on Hadoop clusters? AWS Batch Amazon Elastic Compute Cloud (Amazon EC2) AWS Step Functions Amazon EMR
Amazon EMR
AWS Compute Optimizer delivers recommendations for which of the following AWS resources? (Select two) Amazon Elastic Block Store (Amazon EBS), AWS Lambda functions AWS Lambda functions, Amazon Simple Storage Service (Amazon S3) Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon EC2 Auto Scaling groups Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon Elastic File System (Amazon EFS) Amazon Elastic File System (Amazon EFS), AWS Lambda functions
Amazon Elastic Block Store (Amazon EBS), AWS Lambda functions Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon EC2 Auto Scaling groups
Which AWS compute service provides the EASIEST way to access resizable compute capacity in the cloud with support for per-second billing and access to the underlying OS? Amazon Lightsail Amazon Elastic Compute Cloud (Amazon EC2) AWS Lambda Amazon Elastic Container Service (Amazon ECS)
Amazon Elastic Compute Cloud (Amazon EC2)
Which AWS service can be used to store, manage, and deploy Docker container images? Amazon Elastic Compute Cloud (Amazon EC2) Amazon Elastic Container Registry (Amazon ECR) AWS Lambda Amazon Elastic Container Service (Amazon ECS)
Amazon Elastic Container Registry (Amazon ECR)
Which AWS service should be used when you want to run container applications, but want to avoid the operational overhead of scaling, patching, securing, and managing servers? AWS Lambda Amazon Elastic Container Service (Amazon ECS) - EC2 launch type Amazon Elastic Container Service (Amazon ECS) - Fargate launch type Amazon Elastic Compute Cloud (Amazon EC2)
Amazon Elastic Container Service (Amazon ECS) - Fargate launch type
A fleet of Amazon EC2 instances spread across different Availability Zones (AZ) needs to access, edit and share file-based data stored centrally on a system. As a Cloud Practitioner, which AWS service would you recommend for this use-case? EC2 Instance Store Amazon Elastic File System (Amazon EFS) Amazon Simple Storage Service (Amazon S3) Amazon Elastic Block Store (Amazon EBS)
Amazon Elastic File System (Amazon EFS)
Which of the following is the correct statement regarding the AWS Storage services? Amazon Simple Storage Service (Amazon S3) is object based storage, Amazon Elastic Block Store (Amazon EBS) is block based storage and Amazon Elastic File System (Amazon EFS) is file based storage Amazon Simple Storage Service (Amazon S3) is block based storage, Amazon Elastic Block Store (Amazon EBS) is object based storage and Amazon Elastic File System (Amazon EFS) is file based storage Amazon Simple Storage Service (Amazon S3) is object based storage, Amazon Elastic Block Store (Amazon EBS) is file based storage and Amazon Elastic File System (Amazon EFS) is block based storage Amazon Simple Storage Service (Amazon S3) is file based storage, Amazon Elastic Block Store (Amazon EBS) is block based storage and Amazon Elastic File System (Amazon EFS) is object based storage
Amazon Simple Storage Service (Amazon S3) is object based storage, Amazon Elastic Block Store (Amazon EBS) is block based storage and Amazon Elastic File System (Amazon EFS) is file based storage
A customer has created a VPC and a subnet within AWS Cloud. Which of the following statements is correct? A subnet spans all of the Availability Zones (AZ) in the Region whereas an Amazon Virtual Private Cloud (Amazon VPC) spans only one Availability Zone (AZ) in the Region Both the Amazon Virtual Private Cloud (Amazon VPC) and the subnet span all of the Availability Zones (AZ) in the Region Both the Amazon Virtual Private Cloud (Amazon VPC) and the subnet span only one Availability Zone (AZ) in the Region An Amazon Virtual Private Cloud (Amazon VPC) spans all of the Availability Zones (AZ) in the Region whereas a subnet spans only one Availability Zone (AZ) in the Region
An Amazon Virtual Private Cloud (Amazon VPC) spans all of the Availability Zones (AZ) in the Region whereas a subnet spans only one Availability Zone (AZ) in the Region
What are the fundamental drivers of cost with AWS Cloud? Compute, Storage and Outbound Data Transfer Compute, Storage and Inbound Data Transfer Compute, Databases and Inbound Data Transfer Compute, Databases and Outbound Data Transfer
Compute, Storage and Outbound Data Transfer
According to the AWS Shared Responsibility Model, which of the following are responsibilities of the customer for Amazon RDS? Database encryption Managing the underlying server hardware on which Amazon Relational Database Service (Amazon RDS) runs Applying patches to the Amazon Relational Database Service (Amazon RDS) database Applying patches to the underlying OS
Database encryption
Which of the following are examples of Horizontal Scalability (aka Elasticity)? (Select two) Elastic Load Balancing (ELB) Read Replicas in Amazon Relational Database Service (Amazon RDS) Modify a Database instance to higher CPU and RAM Add a bigger CPU to a computer Modify an EC2 instance type from t2.nano to u-12tb1.metal
Elastic Load Balancing (ELB) Read Replicas in Amazon Relational Database Service (Amazon RDS)
Which characteristic of Cloud Computing imparts the ability to acquire resources as you need and release when you no longer need them? Durability Resiliency Elasticity Reliability
Elasticity
The AWS Cloud Adoption Framework (AWS CAF) recommends four iterative and incremental cloud transformation phases. Which cloud transformation journey phase of the AWS Cloud Adoption Framework (AWS CAF) focuses on demonstrating how the cloud will help accelerate your business outcomes? Launch Scale Envision Align
Envision
Multi-AZ deployment is an example of which of the following? High Availability Performance Efficiency Scale out Scale up
High Availability
An organization deploys its IT infrastructure in a combination of its on-premises data center along with AWS Cloud. How would you categorize this deployment model? Private deployment Cloud deployment Hybrid deployment Mixed deployment
Hybrid deployment
Access Key ID and Secret Access Key are tied to which of the following AWS Identity and Access Management (AWS IAM) entities? IAM Policy IAM User IAM User Group IAM Role
IAM User
Which of the following statements are correct about the AWS root user account? (Select two) Root user account password cannot be changed once it is set It is highly recommended to enable Multi-Factor Authentication (MFA) for root user account Root user credentials should only be shared with managers requiring administrative responsibilities to complete their jobs Root user account gets unrestricted permissions when the account is created, but these can be restricted using IAM policies Root user access credentials are the email address and password used to create the AWS account
It is highly recommended to enable Multi-Factor Authentication (MFA) for root user account Root user access credentials are the email address and password used to create the AWS account
As per the AWS Shared Responsibility Model, which of the following is a responsibility of the customer from a security and compliance point of view? Configuration management for AWS global infrastructure Patching/fixing flaws within the AWS infrastructure Managing patches of the guest operating system on Amazon Elastic Compute Cloud (Amazon EC2) Availability Zone (AZ) infrastructure management
Managing patches of the guest operating system on Amazon Elastic Compute Cloud (Amazon EC2)
Which Amazon Elastic Compute Cloud (Amazon EC2) pricing model is the most cost-effective and flexible with no requirement for a long term resource commitment or upfront payment but still guarantees that instance would not be interrupted? Spot Instance Dedicated Host Reserved Instance (RI) On-demand Instance
On-demand Instance
Which of the following statement is correct regarding the AWS pricing policy for data transfer charges into or out of an AWS Region? Both inbound data transfer and outbound data transfer are charged Only outbound data transfer is charged Only inbound data transfer is charged Neither inbound nor outbound data transfer are charged
Only outbound data transfer is charged
What foundational capability under the operations perspective is part of the AWS Cloud Adoption Framework (AWS CAF)? Platform engineering Application portfolio management Performance and capacity management Vulnerability management
Performance and capacity management
Which of the following use-cases is NOT supported by Amazon Rekognition? Quickly resize photos to create thumbnails Identify person in a photo Detect text in a photo Label objects in a photo
Quickly resize photos to create thumbnails
The AWS Well-Architected Framework provides guidance on building cloud based applications using AWS best practices. Which of the following options are the pillars mentioned in the AWS Well-Architected Framework? (Select two) Reliability Cost Optimization Scalability Availability Elasticity
Reliability Cost Optimization
Which of the following statement is correct for a Security Group and a Network Access Control List (Network ACL)? Security Group acts as a firewall at the Availability Zone (AZ) level whereas Network Access Control List (Network ACL) acts as a firewall at the VPC level Security Group acts as a firewall at the instance level whereas Network Access Control List (Network ACL) acts as a firewall at the subnet level Security Group acts as a firewall at the VPC level whereas Network Access Control List (Network ACL) acts as a firewall at the Availability Zone (AZ) level Security Group acts as a firewall at the subnet level whereas Network Access Control List (Network ACL) acts as a firewall at the instance level
Security Group acts as a firewall at the instance level whereas Network Access Control List (Network ACL) acts as a firewall at the subnet level
What are the different gateway types supported by AWS Storage Gateway service? Tape Gateway, File Gateway and Block Gateway Tape Gateway, Object Gateway and Volume Gateway Tape Gateway, File Gateway and Volume Gateway Object Gateway, File Gateway and Block Gateway
Tape Gateway, File Gateway and Volume Gateway
A photo sharing web application wants to store thumbnails of user-uploaded images on Amazon Simple Storage Service (Amazon S3). The thumbnails are rarely used but need to be immediately accessible from the web application. The thumbnails can be regenerated easily if they are lost. Which is the most cost-effective way to store these thumbnails on Amazon Simple Storage Service (Amazon S3)? Use Amazon S3 Standard to store the thumbnails Use Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) to store the thumbnails Use Amazon S3 Standard-Infrequent Access (S3 Standard-IA) to store the thumbnails Use Amazon S3 Glacier Flexible Retrieval to store the thumbnails
Use Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) to store the thumbnails
Which of the following statements is INCORRECT about AWS Auto Scaling? You can automatically deploy AWS Shield when a DDoS attack is detected You can scale out and add more Amazon Elastic Compute Cloud (Amazon EC2) instances to match an increase in demand as well as scale in and remove Amazon Elastic Compute Cloud (Amazon EC2) instances to match a reduced demand You can automatically remove unhealthy instances You can automatically register new instances to a load balancer
You can automatically deploy AWS Shield when a DDoS attack is detected