AWS Test

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which feature does Amazon FSx for Windows File Server provide? A. Fully managed Windows file servers B. Microsoft AD server for Windows file servers C. Backup solution for on-premises Windows file servers D. Amazon management agent for Windows file server

A. Fully managed Windows file servers

Which use cases indicate that a non-relational database might be a better solution than a relational database? (Select TWO). A. Horizontal scaling for massive data volume B. ACID compliance for all database transactions C. Data with unpredictable attributes D. Strong read-after-write consistency E. High availability and fault tolerance

A. Horizontal scaling for massive data volume C. Data with unpredictable attributes

What does AWS Direct Connect provide? A. A dedicated network connection from an on-premises network to AWS that uses 802.1q. B. A private telecommunications circuit from an on-premises network direct into AWS that uses Point-to-Point Protocol. C. An encrypted tunnel that connects an on-premises network to AWS over the internet. D. An extension of the AWS Cloud into customer data centers that uses AWS hardware installed on premises

A. A dedicated network connection from an on-premises network to AWS that uses 802.1q.

What is a Amazon DynamoDB Accelerator (DAX)? A. A fully managed, high available, in-memory cache for DynamoDB B. A feature of DynamoDB that automatically adjusts read/write capacity to handle load C. A fully managed, highly available cache that is backed by DynamoDB D. A feature of DynamoDB that enables fast lookup of items by using secondary keys

A. A fully managed, high available, in-memory cache for DynamoDB

What is caching? A. A high-speed data storage layer B. A way to store passwords C. A global network for content distribution D. An in-memory database

A. A high-speed data storage layer

A company wants to deploy their simple website in AWS. It consists of HTML, server-side PHP code, and client-side JavaScript code. The website must be highly available to a global audience. What can you create that will provide the simplest method to bring the sit online quickly? A. A load-balanced environment in AWS Elastic Beanstalk B. An Amazon S3 bucked with static web hosting C. An AWS CloudFormation stack that deploys a highly available architecture in a VPC D. An AWS OpsWorks stack that deploys a highly available architecture in a VPC

A. A load-balanced environment in AWS Elastic Beanstalk

Which techniques should you use to secure an Amazon DynamoDB? (Select THREE). A. AWS IAM policies to define access at the table, row and column levels B. Security groups to control network access to individual instances C. An Amazon VPC gateway endpoint to prevent traffic from traversing the internet D. A VGW to filter traffic from restricted networks E. A VPC to provide instance isolation and firewall protection F. Encryption to protect sensitive data

A. AWS IAM policies to define access at the table, row and column levels C. An Amazon VPC gateway endpoint to prevent traffic from traversing the internet F. Encryption to protect sensitive data

Because of a natural disaster, a company moved a secondary data center to a temporary facility with internet connectivity. It needs a secure connection to the company's VPC that must be operational as soon as possible. The data center will move again in 2 weeks. Which option meets the requirements? A. AWS Site-to-Site VPN. B. AWS Direct Connect. C. VPC peering. D. VPC endpoints.

A. AWS Site-to-Site VPN.

Which attributes are reasons to choose Amazon Elastic Compute Cloud (Amazon EC2)? (Select TWO). A. Ability to run any type of workload B. Ability to run serverless applications C. AWS management of operating system patches D. AWS management of operating system security E. Complete control of computing resources

A. Ability to run any type of workload E. Complete control of computing resources

A company must build a highly available website that uses server-side scripts to serve dynamic HTML. Which solution provides the highest availability for the least cost and complexity? A. An Auto Scaling group launches Amazon EC2 instances, which are served by an Application Load Balancer. DNS name resolution points to the load balancer. B. Amazon S3 hosts the website. DNS name resolution points to the S3 bucket. C. An Auto Scaling group launches Amazon EC2 instances, which are served by an Application Load Balancer. Amazon Route 53 uses latency-based routing. D. A second web server is deployed in another Region. Amazon Route 53 uses failover routing for disaster recovery (DR).

A. An Auto Scaling group launches Amazon EC2 instances, which are served by an Application Load Balancer. DNS name resolution points to the load balancer.

How can you grant the same level of permissions to multiple users within an account? A. Apply an AWS IAM policy to an IAM group. B. Apply an AWS IAM policy to an IAM role. C. Create a resource-based policy. D. Create an organization in AWS Organizations

A. Apply an AWS IAM policy to an IAM group.

A company's security administrator requires that EC2 instances in a specific subnet must connect to Amazon DynamoDB through a VPC endpoint. The company's network standards require that the infrastructure support high availability. Which action meets these architecture requirements without adding another subnet? A. Associate a single VPC endpoint with the subnet. B. Associate two VPC endpoints with the subnet. C. Associate two VPC endpoints with the subnet and use Elastic Load Balancing. D. Associate VPC endpoints using an Auto Scaling group that is connected to Elastic Load Balancing.

A. Associate a single VPC endpoint with the subnet.

A group of consultants requires access to an EC2 instance from the internet, for 3 consecutive days each week. The instance is shut down the rest of the week. The VPC has internet access. How should you assign the IPv4 address to the instance to give the consultants access? A. Associate an Elastic IP with the EC2 instance B. Enable automatic address assignment for the subnet C. Enable automatic address assignment for the EC2 instance D. Assign the address in the operating system (OS) boot configuration

A. Associate an Elastic IP with the EC2 instance

You must perform a heterogenous migration from your on-premises facility to a database in a virtual private cloud (VPC). You will use AWS Snowball Edge and AWS Database Migration Service (AWS DMS). At which point do you use AWS Schema Conversion Tool (AWS SCT)? A. At the start, to extract the data from the source database into the Snowball Edge, before shipping the device. B. After extracting the data from the source database by using AWS DMS, but before shipping the Snowball Edge. C. After the data is in the VPC, but before using AWS DMS to load the data into the target database. D. After using AWS DMS to load the data into the target database in the VPC.

A. At the start, to extract the data from the source database into the Snowball Edge, before shipping the device.

How do you horizontally scale an Amazon Aurora database? A. By adding Aurora Replica instances B. By increasing the size of the buffer cache configuration C. By creating Amazon CloudWatch alarms D. By changing the instant type

A. By adding Aurora Replica instances

Systems in a secure subnet in a VPC must access a bucket in Amazon S3. Which solution stops traffic from crossing the internet? A. Create a VPC gateway endpoint for Amazon S3. B. Use a private IP address for the system. C. Use the private IP address of Amazon S3. D. Create a VPC peering connection to Amazon S3

A. Create a VPC gateway endpoint for Amazon S3.

Which option is a good way to preview changes before implementing them in AWS CloudFormation Designer? A. Create a change set B. Run Update Stack C. Run Detect Drift D. Visually inspect template

A. Create a change set

Which scenarios are good use cases for Amazon DynamoDB? (Select THREE). A. Database for serverless architectures B. Applications that require ACID transactions C. Applications that combine data from many tables D. Graph database to trace relationships between entities E. Document database for JavaScript Object Notation (JSON)-based documents F. Binary large object (BLOB) storage

A. Database for serverless architectures B. Applications that require ACID transactions E. Document database for JavaScript Object Notation (JSON)-based documents

All of the EC2 instances in a subnet can communicate with a certain IPv4 network on the internet. How should you modify the security groups or current custom network ACL to deny traffic to and from several restricted addresses in that network? A. In the network ACL, deny traffic to and from the restricted addresses. B. In the security groups, deny traffic to and from the restricted addresses. C. In the network ACL, allow traffic only to and from address ranges that exclude the restricted addresses. D. In the security groups, allow traffic only to and from addresses ranges that exclude the restricted addresses.

A. In the network ACL, deny traffic to and from the restricted addresses.

What are some reasons to use automation to provision resources? (Select TWO). A. Lack of version control with manual process B. Automation requirement for creating some resources C. Alignment with the reliability design principle D. Greater expense with manual processes E. Automation requirement for high availability

A. Lack of version control with manual process C. Alignment with the reliability design principle

Which descriptions of Amazon EC2 pricing options are correct? (Select TWO). A. On-Demand Instances enable you to pay for compute capacity by usage time, with no long-term commitments. B. Reserved Instances are physical servers that are reserved exclusively for your use. C. Savings Plans are budgeting tools that help you manage Amazon EC2 costs. D. Dedicated Hosts are servers that are dedicated to one purpose, such as a firewall. E. Spot Instances offer spare compute capacity at discounted prices, and can be interrupted

A. On-Demand Instances enable you to pay for compute capacity by usage time, with no long-term commitments. E. Spot Instances offer spare compute capacity at discounted prices, and can be interrupted

What does AWS OpsWorks do? (Select THREE). A. Provides managed Chef instances B. Automates operational tasks across AWS resources C. Provides managed Kubernetes clusters D. Automates server configuration, deployment and management E. Provides managed Puppet instances F. Automates containerized application deployment at scale

A. Provides managed Chef instances D. Automates server configuration, deployment and management E. Provides managed Puppet instances

What is a benefit of caching? A. Reduced response latency B. Load balancing the application C. Increased application reliability. D. Decreased costs

A. Reduced response latency

The AWS Well Architecture Framework has five pillars. Two of the pillars are security and operational excellence. What are the other pillars? (Select 3) A. Reliability B. Governance C. Privacy D. Performance Efficiency E. Risk Management F. Cost Optimization

A. Reliability D. Performance Efficiency F. Cost Optimization

Which role does Amazon CloudFront play in protecting against DDos attacks? A. Routes traffic through edge locations B. Controls traffic by the source IP addresses of requests C. Restricts traffic by geography to help block attacks that originate from specific countries D. Performs deep packet inspection to detect attacks

A. Routes traffic through edge locations

You detected that the demand on a fleet of Amazon EC2 instances in an Auto Scaling group increases by a set amount each day. Which type of scaling is the most appropriate for this scenario? A. Scheduled B. Dynamic C. Predictive D. Manual

A. Scheduled

How does identity federation increase security for an application that is built in AWS? A. Users can use SSO to access the application through an existing authenticated identity. B. The application can synchronize users' user names and passwords in AWS IAM with their social media accounts. C. The browser can establish a trust relationship with the application to bypass the need for MFA. D. Users can log into their IAM accounts to log into on premises systems

A. Users can use SSO to access the application through an existing authenticated identity.

Where is application session data cached when using sticky sessions? A. Web server B. Web browser C. Elastic Load Balancing load balancer D. Amazon CloudFront

A. Web server

A consultant must access a large object in an S3 bucket. They need a day to access the file. Which method for granting access most closely follows AWS best practices? A. create a preassigned URL to the object that expires in 24 hours and give it to the consultant B. Enable public access on the S3 bucket. Give the object URL to the consultant. C. Copy the object to a new S3 bucket. Enable public access on the new bucket. From the new bucket, get the object URL, and give it to the consultant D. Create a user account for the consultant. Grant the user account permissions to access the S3 bucket through the AWS management console

A. create a preassigned URL to the object that expires in 24 hours and give it to the consultant

A technology company's employees log into their AWS accounts through AWS IAM users. They have administrator access and access to the root users. Which resource can prevent them from deleting the AWS CloudTrail Logs A. An IAM policy that is attached to each IAM user B. A service control policy (SCP) that is attached to the OU C. An Amazon S3 bucket policy that is attached to logging buckets D. IAM users with administrative access can override the S3 bucket policies

B. A service control policy (SCP) that is attached to the OU

A company is implementing a system to back up on-premises systems to AWS. Which network connectivity method will provide a solution with consistent performance? A. AWS Site-to-Site VPN. B. AWS Direct Connect. C. AWS peering. D. AWS endpoints.

B. AWS Direct Connect.

Which statement that compares a database service that Amazon Web Services (AWS) manages with a database on an Amazon Elastic Compute Cloud (Amazon EC2) instance is true? A. You do not need to configure backups for a database on a managed database service. B. AWS manages DB patches for a database on a managed database service. C. AWS manages operating system (OS) patches for a database on an EC2 instance. D. You do not need to configure backups for a database on an EC2 instance.

B. AWS manages DB patches for a database on a managed database service.

A company has three VPCs. VPC A, B and C have CIDR blocks that do not overlap. Both A and C have separate VPC peering connections with B. However, A cannot communicate with C. What is the simplest and most cost-effective way to enable full communication between A and C? A. Add routes to B to enable traffic between A and C through B. B. Add a peering connection between A and C, and route traffic between A and C through the peering connection. C. Link all three VPCs through a transit VPC, and route all traffic through the transit VPC. D. Create VPC endpoints in A and C for the individual hosts that need to communicate with each other.

B. Add a peering connection between A and C, and route traffic between A and C through the peering connection.

You are configuring a bastion host to access EC2 instances in a VPC. What must you do to the security groups? (Select TWO). A. Add a rule to the bastion host to deny all traffic from the internet. B. Add a rule to the bastion host to allow traffic from your source IP address. C. Add a rule to the bastion host to allow return traffic to your source IP address. D. Add a rule to the private subnet EC2 instances to allow traffic from the bastion host security group. E. Add a rule to the private subnet EC2 instances to allow return traffic to the bastion host security group.

B. Add a rule to the bastion host to allow traffic from your source IP address. D. Add a rule to the private subnet EC2 instances to allow traffic from the bastion host security group.

Which examples are good use cases for Amazon Relational Database Service (Amazon RDS)? (Select THREE). A. Thousands of distributed concurrent writes per second B. An application that requires the database to enforce syntax rules C. An application that requires complex joins of data D. A petabyte-scale data warehouse E. Running a Microsoft SQL Server in AWS F. Database for serverless architectures

B. An application that requires the database to enforce syntax rules C. An application that requires complex joins of data E. Running a Microsoft SQL Server in AWS

What is AWS Elastic Beanstalk? A. An easy-to-use cloud platform that offers you everything that you need to build an application or website, and a cost-effective, monthly plan. B. An easy-to-use service for deploying and scaling web applications and services that are developed with common web development languages and platforms. C. A serverless compute engine for containers that works with both Amazon ECS and Amazon EKS D. A set of tools and services that enable mobile and frontend web developers to build secure, scalable, full-stack applications that are powered by AWS

B. An easy-to-use service for deploying and scaling web applications and services that are developed with common web development languages and platforms.

Which actions are consistent with the operational excellence pillar of the AWS Well Architecture Framework? (select 2) A. Evaluate organizational structures and roles to identify skill gaps B. Apply software engineering principles and methodology to infrastructure as code C. Ensure operations personnel document changes to the infrastructure D. plan and manage the full lifecycle of hardware assets E. Review and improve processes and procedures on a continuous cycle

B. Apply software engineering principles and methodology to infrastructure as code E. Review and improve processes and procedures on a continuous cycle

What is the best definition of cloud architecture? A. Combining frontend and backend software and components to create highly available and scalable we services that meet the needs of an organization B. Applying cloud characteristics to a solution that uses cloud services and features to meet technical and business requirements C. Designing applications in cloud-based, shared IT infrastructure by using virtual machines and fault tolerant data stores in the cloud D. Relocation traditional on premises data centers to internet centers that a vendor manages

B. Applying cloud characteristics to a solution that uses cloud services and features to meet technical and business requirements

It is possible to create an NFS share on an Amazon EBS-backed Linux instance by installing and configuring an NFS server on the instance. In this way, multiple Linux systems can share the file system of that instance. Which advantages does Amazon EFS provide, compared to this solution? (Select TWO). A. Strong consistency B. Automatic scaling C. High availability D. File locking E. No need for backups

B. Automatic scaling C. High availability

Which statement about Amazon EC2 Auto Scaling is accurate? A. It requires the customer to purchase Reserved Instances. B. It can launch Amazon EC2 instances in multiple Availability Zones. C. It can launch Amazon EC2 instances, but customers must terminate instances after they are no longer needed. D. It can only launch new Amazon EC2 instances based on a schedule

B. It can launch Amazon EC2 instances in multiple Availability Zones.

How does AWS IAM evaluate a policy? A. It checks for explicit allow statements before it checks for explicit deny statements. B. It checks for explicit deny statements before it checks for explicit allow statements. C. If there is no explicit deny statement or explicit allow statement, users will have access by default. D. An explicit deny statement does not override an explicit allow statement.

B. It checks for explicit deny statements before it checks for explicit allow statements.

What does Amazon CloudFront enable? A. Bidirectional caching between users and an origin host B. Multi-tiered and regional caching of content C. Transactional processing with an in-memory database D. Automatic creation of a time-to-live value

B. Multi-tiered and regional caching of content

Which techniques should you use to secure an Amazon Relational Database Service (Amazon RDS) database? (Select THREE). A. AWS IAM policies to define access at the table, row and column levels B. Security groups to control network access to individual instances C. An Amazon VPC gateway endpoint to prevent traffic from traversing the internet D. A VGW to filter traffic from restricted networks E. A VPC to provide instance isolation and firewall protection F. Encryption to protect sensitive data

B. Security groups to control network access to individual instances E. A VPC to provide instance isolation and firewall protection F. Encryption to protect sensitive data

A small company is deciding which service to use for an enrollment system for their online training website. Choices are MySQL on Amazon EC2, MySQL in Amazon RDS and Amazon DynamoDB. Which combination of use cases suggests using Amazon RDS? (Select THREE). A. Data and transactions must be encrypted to protect personal information. B. The data is highly structured C. Student, course, and registration data are stored in many different tables. D. The enrollment system must be highly available. E. The company doesn't want to manage database patches.

B. The data is highly structured C. Student, course, and registration data are stored in many different tables. E. The company doesn't want to manage database patches.

A small game company is designing an online game, where thousands of players can create their own in-game objects. The current design uses a MySQL database in Amazon RDS to store data for player-created objects. Which use cases suggest that DynamoDB might be a better solution? (Select TWO). A. A set of common attributes that all player-created objects have B. Unpredictable attributes for player-created objects C. Large number of player-created objects, each with different attributes D. Quick search and retrieval of player-created objects E. High amount of read activity on player-created objects

B. Unpredictable attributes for player-created objects C. Large number of player-created objects, each with different attributes

Users in location A connect to an application in Region A. Users in location B connect to the same application in Region B. If the application in Region A becomes unhealthy, clients in location A must be redirected to the application in Region B. Which solution can meet this requirement? A. Use an Application Load Balancer with Amazon CloudWatch alarms. B. Use geolocation routing with failover records in Amazon Route 53 C. Use latency-based routing in Amazon Route 53 with Amazon CloudWatch alarms. D. Use geoproximity routing and a Network Load Balancer that is attached to the both Regions.

B. Use geolocation routing with failover records in Amazon Route 53

What are the main considerations that influence which AWS regions to use? (select 2) A. security and access control B. latency reduction for end users C. Protection against localized natural disasters D. application resiliency during system failures E. compliance with laws and regulations

B. latency reduction for end users E. compliance with laws and regulations

What is the AWS CloudFormation Designer? A. A source code repository for AWS CloudFormation templates B. A tool for automating deployments C. A graphical design interface for creating AWS CloudFormation templates D. A collection of reusable templates

C. A graphical design interface for creating AWS CloudFormation templates

Which definition describes a virtual private cloud (VPC)? A. A VPN in the AWS Cloud B. An extension of an on-premises network into AWS C. A logically isolated virtual network that you define in the AWS Cloud D. A fully managed service that extends the AWS Cloud to customer premises

C. A logically isolated virtual network that you define in the AWS Cloud

Several On-Demand Instances in Amazon EC2 must launch at random times and run for limited durations. They must have application and package configurations that are determined at launch time. Which solution provides the most efficient way to automatically build these instances? A. AMI B. AWS CloudFormation C. AWS OpsWorks D. AWS Elastic Beanstalk

C. AWS OpsWorks

What service helps you centrally manage billing; control access, compliance and security; and share resources across multiple AWS accounts? A. AWS IAM B. AWS Control Tower C. AWS Organisations D. AWS VPC peering

C. AWS Organisations

Which services can you use to enable identity federation for your applications that are built in AWS? (Select TWO). A. AWS WAF B. AWS KMS C. AWS STS D. AWS CloudHSM E. Amazon Cognito

C. AWS STS E. Amazon Cognito

You have a VPC with a public subnet and a secure subnet. All EC2 instances in the secure subnet must be able to communicate with specific internet addresses. How can you control traffic with a network ACL? A. Add rules to the default network ACL to allow traffic from and to allowed internet addresses. B. Add rules to the default network ACL to allow traffic from and to allowed internet addresses. Deny all other traffic. C. Add rules to the subnet custom network ACL to allow traffic from and to allowed internet addresses. D. Add rules to the subnet custom network ACL to allow traffic from and to allowed internet addresses. Deny all other traffic.

C. Add rules to the subnet custom network ACL to allow traffic from and to allowed internet addresses.

You want to quickly set up a secure implementation of an Amazon FSx for Windows File Server that follows AWS best practices. Which solution should you use? A. An AMI on AWS Marketplace B. AWS CloudFormation Designer C. An AWS Quick Start D. An AWS CloudFormation template that you downloaded from the internet

C. An AWS Quick Start

Which combination of actions enables direct internet access for IPv4 hosts in a VPC? (Select THREE). A. Enabling DNS resolution for the VPC B. Configuring the VPC domain name in a DHCP options set C. Configuring hosts to have or obtain an internet-routable address D. Creating a default route that points to the virtual private gateway E. Creating a route for 0.0.0.0/0 that points to the internet gateway F. Configuring security groups and network ACLs to permit internet traffic

C. Configuring hosts to have or obtain an internet-routable address E. Creating a route for 0.0.0.0/0 that points to the internet gateway F. Configuring security groups and network ACLs to permit internet traffic

A team of developers needs access to several services and resources in a VPC for 9 months. How can you use AWS IAM to enable access for them? A. Create a IAM user for the developer team and attach the required IAM policies. B. Create a IAM user for each developer, and attach the required IAM policies to each IAM user. C. Create a IAM user for each developer, put them all in an IAM group, and attach the required IAM policies to the IAM group. D. Create a single IAM user for the developer team, place it in an IAM group, and attach the required IAM policies to the IAM group

C. Create a IAM user for each developer, put them all in an IAM group, and attach the required IAM policies to the IAM group.

You have created an AWS account for your own personal development and testing. You want your account to stay within the AWS Free Tier and not to generate unexpected costs. Which approach will work and requires the least effort? A. Log into the AWS Management Console each month and check your billing dashboard. B. Create a service control policy (SCP) to restrict all services that are not included in the AWS Free Tier. C. Create an Amazon CloudWatch alarm to send you an email message when the account billing exceeds $0. D. Create an Amazon CloudWatch metric to monitor account billing and limit it to $0

C. Create an Amazon CloudWatch alarm to send you an email message when the account billing exceeds $0.

Which actions are best practices for designing a VPC? (Select THREE). A. Match the size of the VPC CIDR block to the number of hosts that are required for a workload. B. Use the same CIDR block as your on-premises network. C. Divide the VPC network range evenly across all Availability Zones available. D. Create one subnet per Availability Zone for each group of hosts that have unique routing requirements. E. Reserve some address space for future use.

C. Divide the VPC network range evenly across all Availability Zones available. D. Create one subnet per Availability Zone for each group of hosts that have unique routing requirements. E. Reserve some address space for future use.

Which statement describes IAM users? A. IAM users are used to control access to a specific AWS resource. B. IAM user names can represent a collection of individuals. C. Every IAM user for an account must have a unique name. D. Every IAM user name is unique across AWS accounts.

C. Every IAM user for an account must have a unique name.

How does Amazon DynamoDB perform automatic scaling? A. It adds and removes database instances in response to changes in traffic. B. It adds read replicas in response to increased read demand. C. It adjusts the provisioned throughput capacity in response to traffic patterns. D. It changes the instance type in response to changes in processing load.

C. It adjusts the provisioned throughput capacity in response to traffic patterns.

How does Amazon CloudFront use edge locations? A. It caches all content from an origin distribution at the edge location, and delivers the content to clients through the fastest edge location. B. It caches local content at the edge locations. It delivers the cached content to clients through the edge location that requires the fewest network hops to reach those clients. C. It caches frequently accessed content at the edge locations. It delivers the cached content to clients through the edge location with the lowest latency to those clients. D. It caches Regional data at Regional edge locations, and delivers the content to clients through their Regional edge locations.

C. It caches frequently accessed content at the edge locations. It delivers the cached content to clients through the edge location with the lowest latency to those clients.

A workload requires high read/write access to large local datasets. Which instance types would perform best for this workload? (Select TWO). A. General purpose B. Compute optimized C. Memory optimized D. Accelerated computing E. Storage optimized

C. Memory optimized E. Storage optimized

A fleet of Amazon EC2 instances launch in an Auto Scaling group. The instances run an application that uses a custom protocol on TCP port 42000. Connections from client systems on the internet must balance across the instances. Which load balancing solution ensures the highest availability? A. Round-robin DNS B. Application Load Balancer C. Network Load Balancer D. Instance-based load balancer

C. Network Load Balancer

What are the main considerations that influence which AZ to use? (select two) A. security and access control B. latency reduction for end users C. Protection against localized natural disasters D. application resiliency during system failures E. compliance with laws and regulations

C. Protection against localized natural disasters D. application resiliency during system failures

A company wants to change some functionality of their website. They are unsure of what will happen if they make the change. Which approach most closely follows AWS best practices? A. Change the production site while it is online Use backups to undo the change. B. Change the production site during offline maintenance hours. Use backups to undo the change. C. Provision a new server and make changes to it. Use DNS to gradually migrate users to the new server. Shut down the original server after all users migrate D. Test the change on an existing development server. Change the production site during offline maintenance hours. Use backups to undo the change.

C. Provision a new server and make changes to it. Use DNS to gradually migrate users to the new server. Shut down the original server after all users migrate

A transactional workload on an Amazon EC2 instance performs high amounts of frequent read and write operations. Which Amazon EBS volume type is best for this workload? A. General purpose solid state drive (SSD) B. Cold hard disk drive (HDD) C. Provisioned IOPS solid state drive (SSD) D. Throughput optimized hard disk drive (HDD)

C. Provisioned IOPS solid state drive (SSD)

How can an application use Amazon ElastiCache to improve database read performance? (Select TWO). A. Read data from the database first and write the most frequently read data to ElastiCache. B. Direct all read requests to the database and configure it to read from ElastiCache when a cache miss occurs. C. Read data from ElastiCache first and write to ElastiCache when a cache miss occurs. D. Write data to ElastiCache whenever the application writes to the database. E. Replicate the database in ElastiCache, and direct all reads to ElastiCache and al writes to the database.

C. Read data from ElastiCache first and write to ElastiCache when a cache miss occurs. D. Write data to ElastiCache whenever the application writes to the database.

A company has three high-performance computing instances that must communicate with each other. The company would like to achieve maximum network performance between the instances. The most important requirement is that these systems do not share the same rack. Which placement strategy should they use? A. Cluster B. Partition C. Spread D. Default

C. Spread

Which types of data should you cache? A. Data that can be retrieved quickly with simple queries B. Dynamically generated web content C. Static data that is frequently accessed D. Specialized data that is needed by a subset of users

C. Static data that is frequently accessed

A system administrator must change the instance types of multiple running Amazon EC2 instances. The instances were launched with a mix of Amazon EBS-backed AMIs and instance store-backed AMIs. Which method is a valid way to change the instance type? A. Change the instance type of an Amazon EBS-backed instance without stopping it. B. Change the instance type of an instance store-backed instance without stopping it. C. Stop an Amazon EBS-backed instance, change its instance type, and start the instance. D. Stop an instance store-backed instance, change its instance type, and start the instance.

C. Stop an Amazon EBS-backed instance, change its instance type, and start the instance.

A fleet of Amazon EC2 instances are launched in an Auto Scaling group behind an Elastic Load Balancing load balancer. The EC2 instances must maintain 50 percent average CPU utilization. Which type of scaling provides the simplest way to achieve this requirement? A. Step scaling B. Simple scaling C. Target tracking scaling D. Manual scaling

C. Target tracking scaling

Which statements describe AWS IAM roles? (Select TWO) A. They are uniquely associated to an individual. B. They can only be used by accounts associated to the person who creates the role. C. They can be assumed by individuals, applications or services. D. They provide temporary security credentials E. They provide permanent security credentials

C. They can be assumed by individuals, applications or services. D. They provide temporary security credentials

A company wants to migrate their on-premises Oracle database to Amazon Aurora MySQL. Which process describes the high-level steps? A. Use AWS DMS to migrate from the Oracle database to Amazon Aurora MSQL. B. Use AWS DMS to migrate the data, and then use AWS Schema Conversion Tool to convert the schema. C. Use AWS Schema Conversion Tool to convert the schema, and then use AWS DMS to migrate the data. D. Use AWS Schema Conversion Tool to synchronously convert the schema and migrate the data.

C. Use AWS Schema Conversion Tool to convert the schema, and then use AWS DMS to migrate the data.

What are the benefits of using an Amazon Machine Image (AMI)? (Select THREE). A. Automating security group settings for instances B. Migrating data from on-premises to Amazon EC2 instances C. Using an AMI as a server backup for Amazon EC2 instances D. Selling or sharing software solutions packaged as an AMI E. Launching instances with the same configuration

C. Using an AMI as a server backup for Amazon EC2 instances D. Selling or sharing software solutions packaged as an AMI E. Launching instances with the same configuration

A company has two VPCs. VPC A has a CIDR block on 10.1.0.6/16. VPC B has a CIDR block of 10.2.0.0/16. Both VPCs belong to the same AWS account. What is the simplest way to connect the two VPCs so that they can route all traffic between them? A. AWS Site-to-Site VPN. B. AWS Direct Connect. C. VPC peering. D. VPC endpoints

C. VPC peering.

An application requires a frontend web tier of multiple servers that communicate with a backend application tier of multiple servers. Which design most closely follows Amazon Web Services best practices? A. Assign a dedicated application server and a dedicated connection to each web server B. Create multiple instances that each combine a web fronted and application backend in the same instance C. design the web tier to communication with the application tier through Elastic Load Balancing Service D. Create a full mesh framework between the web and application tiers so that each web server can communicate directly with every application server

C. design the web tier to communication with the application tier through Elastic Load Balancing Service

Which statement best describes an efficient way to deliver on-demand streaming content by using Amazon CloudFront? A. CloudFront does not work with streaming content. B. A best practice is to create separate origin servers for each Region where you serve streaming content. C. A best practice is to create distributions for each Region where you server streaming content. D. A best practice is to create video segments and store them in an Amazon S3 bucket. Then, use CloudFront to cache the segments.

D. A best practice is to create video segments and store them in an Amazon S3 bucket. Then, use CloudFront to cache the segments.

What is a AWS Site-to-Site VPN? A. A service that provides SSL-encrypted links between websites in AWS. B. A solution that provides encrypted sessions between AWS and on-premises systems by using TLS. C. A service that provides the ability to access AWS and on-premises networks by using OpenVPN clients. D. A solution that provides a connection between a VPC and an on-premises network by using IPsec.

D. A solution that provides a connection between a VPC and an on-premises network by using IPsec.

A solutions architect is developing a process for handling server failures. Which process most closely follows AWS best practices? A. Operations detects a system failure. They notify the systems admin, who provisions a new server by using the AWS management Console B. Amazon CloudWatch detects a system failure. It notifies the system administrator, who provisions a new server by using the AWS Man. Console C. Operations detects a system failure. They trigger automation to provision a new server D. Amazon CloudWatch detects a system failure. It triggers automation to provision a new server.

D. Amazon CloudWatch detects a system failure. It triggers automation to provision a new server.

What is AWS CloudFormation? A. A package of all of the information that is needed to launch an Amazon EC2 instance B. A template that describes your infrastructure C. A description of best practices for designing an AWS implementation D. An AWS service that you can use to create, model and manage AWS resources

D. An AWS service that you can use to create, model and manage AWS resources

A company uses a single AWS Direct Connect connection between their on-premises network and their VPC. They want to ensure that the network connectivity is highly available by adding a backup connection. Which network connectivity method provides most cost-effective solution for the backup connection? A. Another AWS Direct Connect connection through the same Direct Connect location. B. Another AWS Direct Connect connection through a different Direct Connect location. C. An on-demand AWS Client VPN connection across the internet. D. An on-demand AWS Site-to-Site VPN connection across the internet.

D. An on-demand AWS Site-to-Site VPN connection across the internet.

How do you vertically scale an Amazon RDS database? A. By adding read replicas B. By creating dedicated read and write nodes C. By sharding the database D. By changing the instance class

D. By changing the instance class

What is the simplest way to connect 100 VPCs together? A. Create a hub-and-spoke network by using AWS VPN CloudHub. B. Chain VPCs together by using VPC peering. C. Connect each VPC to all the other VPCs by using VPC peering. D. Connect the VPCs to AWS Transit Gateway.

D. Connect the VPCs to AWS Transit Gateway.

A fleet of Amazon EC2 instances require application patches on a regular schedule. Which approach is the most efficient? A. Create a scheduled task on each instance to download patches. B. Use an Amazon CloudWatch alarm to regularly relaunch instances by using a patched AMI. C. Update the AWS CloudFormation stack. D. Create a maintenance window in the AWS Systems Manager

D. Create a maintenance window in the AWS Systems Manager

Which statement describes a resource-based policy? A. It can be applied to any AWS resource. B. It can be an AWS managed policy. C. It is attached to a user or group. D. It is always an inline policy.

D. It is always an inline policy.

A company wants to run a highly available web tier by using two EC2 instances and a load balancer. Which design is valid and provides the highest availability? A. One subnet in one Availability Zone. The subnet contains two EC2 instances. B. One subnet, which spans two Availability Zones. Each Availability Zone contains one EC2 instance. C. Two different subnets in the same Availability Zone. Each subnet contains one EC2 instance. D. Two different subnets, one per Availability Zone. Each subnet contains one EC2 instance.

D. Two different subnets, one per Availability Zone. Each subnet contains one EC2 instance.

A company stores read only data in Amazon S3. Most users are in the same country as the company headquarters. Some users are located around the world. Which design decision most closely follows AWS best practices? A. Use a bucket in the AWS region closest to the company headquarters B. Use a bucket in the AWS region that has the lowest average latency for all users C. Replicate objects across buckets in AWS regions around the world. Users access the bucket in the AWS region closest to them D. Use a bucket in the AWS region closest to the company headquarters. All users access the data through Amazon Cloudfront

D. Use a bucket in the AWS region closest to the company headquarters. All users access the data through Amazon Cloudfront

An application requires the MAC address of the host Amazon EC2 instance. The architecture uses an AWS Auto Scaling group to dynamically launch and terminate instances. Which way is best for the application to obtain the MAC address? A. Write the MAC address in the application configuration of each instance. B. Include the MAC address in the AMI that is used to launch all of the instances in the AWS Auto Scaling Group C. Include the MAC address in a custom AMI for each instance in the AWS Auto Scaling group. D. Use the user data of each instance to access the MAC address through the instance metadata.

D. Use the user data of each instance to access the MAC address through the instance metadata.

Several EC2 instances launch in a VPC that has internet access. These instances should not be accessible from the internet, but they must be able to download updates from the internet. How should the instances launch A. With Elastic IP addresses, in a subnet with a default route to an internet gateway B. With public IP addresses, in a subnet with a default route to an internet gateway C. Without public IP addresses, in a subnet with a default route to an internet gateway D. Without public IP addresses, in a subnet with a default route to a NAT gateway

D. Without public IP addresses, in a subnet with a default route to a NAT gateway

Which qualities vary by AWS Region? (Select TWO.) a. Cost-effectiveness of workloads b. Data privacy c. High availability of workloads d. Service and feature availability e. Capacity for more customers

a. Cost-effectiveness of workloads d. Service and feature availability

A company is interested in using Amazon Simple Storage Service(Amazon S3) alone to host their website, instead of a traditional webserver. Which types of content does Amazon 53 support for static web hosting? (Select THREE.) a. HTML files and image files b. Client-side scripts c. Server-side scripts d. Dynamic HTML files e. Video and sound files

a. HTML files and image files b. Client-side scripts e. Video and sound files

A company must create a common place to store shared files. Whichrequirements does Amazon Simple Storage Service (Amazon 53)support? (Select TWO.) a. Recover deleted files b. Maintain different versions of files c. Lock a file so that only one person at a time can edit it d. Attach comments to files e. Compare file contents between files

a. Recover deleted files b. Maintain different versions of files

Amazon Simple Storage Service (Amazon S3) provide a good solution for which of the following use cases? a. A data warehouse for business intelligence b. An internet accessible storage location for video files that an external website accesses c. Hourly storage of frequently accessed temporary files d. A cluster for traditional Apache Spark and Apache Hadoop installations to process big data

b. An internet accessible storage location for video files that an external website accesses

A company wants to use an S3 bucket to store sensitive data. Whichactions can they take to protect their data? (Select TWO.) a. Uploading unencrypted files to Amazon S3 because Amazon S3 encrypts the files by default b. Enabling server-side encryption on the S3 bucket before uploading sensitive data c. Enabling server-side encryption on the S3 bucket after uploading sensitive data d. Using client-side encryption to protect data in transite. Using Secure File Transfer Protocol (SFTP) to connect directly to Amazon S3

b. Enabling server-side encryption on the S3 bucket before uploading sensitive data d. Using client-side encryption to protect data in transit

Which Amazon Simple Storage Service (Amazon S3) unaccelerated data transfers have an associated cost? (Select TWO.) a. IN from the internet b. OUT to the internet c. OUT to other AWS Regions d. OUT to other AWS services in the same AWS Region e. OUT to Amazon CloudFront

b. OUT to the internet c. OUT to other AWS Regions

A customer service team accesses case data daily for up to 30 days. Cases can be reopened and require immediate access for 1 year after they are closed. Which solution meets the requirements and is the most cost-efficient? a. Store all case data in S3 standard so that it is available whenever needed. b. Store case data in S3 Standard. Use a lifecycle policy to move the data into S3 Standard-Infrequent Access (S3 Standard-IA) after 30 days. c. Store case data in S3 Standard. use a lifecycle policy to move the data into Amazon S3 Glacier after 30 days. d. Store case data in S3 Intelligent-Tiering to automatically move data between tiers based on access frequency.

b. Store case data in S3 Standard. Use a lifecycle policy to move the data into S3 Standard-Infrequent Access (S3 Standard-IA) after 30 days.

A company is migrating 100 terabytes (TB) of data from their on-premises data center to Amazon Simple Storage Service (Amazon S3). The company connects to Amazon Web Services (AWS) by using a single 155 megabits per second (Mbps) internet connection. Which data transfer option is the fastest and most cost-effective? a. AWS Management Console b. Amazon S3 multipart uploads c. AWS Snowball d. AWS Snowmobile

c. AWS Snowball

Which scenarios represent a good use for Amazon Simple StorageService (Amazon S3)? (Select TWO.) a. Housing the root volume of a live operating system b. Providing a mountable file system for Linux-based workloads c. Backing up critical data d. Exposing a virtual tape library to on-premises backup systems e. Storing computation and analytics data

c. Backing up critical data e. Storing computation and analytics data

A video producer must regularly transfer several video files to Amazon Simple Storage Service (Amazon S3). The files range from 100-700 MB. The internet connection has been unreliable, causing some uploads to fail. Which solution provides the fastest, most reliable, and most cost-effective way to transfer these files to Amazon S3? a. AWS Snowmobile b. AWS Management Console c. AWS Snowball d. Amazon S3 multipart uploads

d. Amazon S3 multipart uploads


Set pelajaran terkait

CH 17: Corporations: Introduction and Operating Rules

View Set

Eyewitness Testimony and Memory Biases

View Set

Their Eyes Were Watching God - Ch. 13 Questions

View Set

Chapter 23: Nursing Care of the Child With an Alteration in Tissue Integrity/Integumentary Disorder

View Set