Cloud Practitioner Exam Right Answers Pt. 1

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

A user is planning to define his own information security management system (ISMS) for AWS. Which of the following security models should the user be familiar with to define the ISMS for AWS?

AWS Shared Responsibility Model

When processing workloads on specific Amazon EC2 instances that require a higher level of durability, and the ability for an instance to quickly retrieve the data, the recommended option is to use ______________.

Amazon EBS volumes

Which storage option is hosted by Amazon EC2 instances themselves?

Amazon Instance Store Volumes Only Instance Store Volumes are hosted by and included as part of the EC2 service itself. http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/Storage.html

Which of the following services should be used if you need low latency or frequent access to your data?

Amazon S3

What service is used to store the log files generated by CloudTrail?

Amazon S3 https://aws.amazon.com/cloudtrail/

If your AWS data must meet specific regulations such as the EU Data protection laws, what must you do?

Architect your environment to meet these security requirements https://cloudacademy.com/cloud-computing/internal-business-effects-of-the-cloud-course/business-risks.html

Which of the following is an IAM best practice?

Assign permissions to groups and add users to that group

Which choice below accurately describes the 'warm standby' disaster recovery method?

A duplicate version of only your business-critical systems that is always running, in case you need to divert your workloads to them in the event of a disaster. Warm standby is essentially ready to go with all key services running in the most minimal possible way, essentially a smaller version of the production environment. In the event of a disaster, the standby environment will be scaled up for production load quickly and easily. DNS records will be changed to route all traffic to the AWS environment. https://d1.awsstatic.com/whitepapers/aws-disaster-recovery.pdf

What is Amazon CloudFront?

A global content delivery network Amazon CloudFront is a global content delivery network (CDN) service that accelerates delivery of your websites, APIs, video content or other web assets through CDN caching. It integrates with other Amazon Web Services products to give developers and businesses an easy way to accelerate content to end users with no minimum usage commitments. https://aws.amazon.com/cloudfront/

In the most recent company meeting, your CEO focused on the fact that everyone in the organization needs to make sure that all of the infrastructure that is built is truly scalable. Which statement in reference to scalable architecture is incorrect?

A scalable architecture won't be cost effective as it grows. http://media.amazonwebservices.com/AWS_Cloud_Best_Practices.pdf

Complete the three definitions:___________ is the process of defining an identity and the verification of that identity___________ determines what resources an identity can access within a system once it has been authenticated.___________ is the method and process of how access is granted to a secure resource.

Authentication; Authorization; Access Control https://cloudacademy.com/amazon-web-services/understanding-aws-authentication-authorization-accounting-course/authentication-authorization-and-access-control.html

What does the phrase 'stop guessing capacity' mean?

Automate deployments based on performance metrics https://d1.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf

Where is an object stored in Amazon S3?

in a Bucket Every object in Amazon S3 is stored in a bucket. Before you can store data in Amazon S3, you must create a bucket.

Auto Scaling does not perform which of the following operations?

Changing instance types http://docs.aws.amazon.com/autoscaling/latest/userguide/create-lc-with-instanceID.html

Amazon _____ monitors your AWS resources and applications that you run in AWS in real time, providing you the ability to collect and track metrics as well as setup alarms to send notifications based on rules you define.

CloudWatch Amazon CloudWatch monitors your Amazon Web Services (AWS) resources and the applications you run on AWS in real time. You can use CloudWatch to collect and track metrics, which are variables you can measure for your resources and applications. CloudWatch alarms send notifications or automatically make changes to the resources you are monitoring based on rules that you define

Which of the following payment methods can be used when signing up with AWS?

Credit card http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/whatisbilling.html

What principles does AWS recommend to remove single points of failure from your design? (Choose 2 answers.)

Data replication, Detect failure There are several types of data replication that can help reduce single points of failure: synchronous, asynchronous, and quorum-based. In addition, AWS systems should be set up to detect and repair issues that could potentially cause failures automatically. The remaining choices could increase the single points of failure in a system's design. While redundancy requires additional resource costs, it helps maintain service in the event of outages. Multi-datacenter resilience (not single) is a recommended design approach in the event of larger failures, such as a natural disaster, that could affect multiple availability zones. https://d0.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf

Which statement regarding AWS regions is incorrect?

Each AWS region includes an identical number of availability zones to host EC2 instances.

AWS uses the term __________ to describe the ability to scale computing resources up and down easily, with minimal friction.

Elastic Amazon AWS is based on the concept of elasticity: it means that you can use instances and other AWS resources without any restrictions on scalability or limits on the amount of available resources. http://aws.amazon.com/ec2/

You have a general development question and you decide that you need some support from AWS. Which of the following severity levels do you think would be an appropriate choice for this issue?

Guidance

Auto Scaling provides what kind of scaling service?

Horizontal Auto Scaling adds new resources or terminates the existing resources seamlessly. Depending on the user's infrastructure, vertical scaling may involve changes to server configurations every time it scales. With horizontal scaling, Auto Scaling increases or decreases the number of instances according to the policy or the application's demand. Auto Scaling is ideally suited for applications that experience hourly, daily or weekly changes in the usage and need to automatically scale horizontally to keep up with the usage variability.

Which answer accurately describes reliability, one of the five pillars of the Well-Architected Framework?

How to maintain the stability of your environment, recover from failures, and automatically meet resource demands https://d1.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf

In regards to disaster recovery, what is a recovery point objective (RPO)?

It is the acceptable amount of data loss measured in time. The recovery point objective (RPO) is the amount of acceptable data loss measured in time. For example, a transactional business cannot afford a great deal of data loss, so its RPO is likely less than one hour because an hour is a great expense in terms of data loss. However, for a more isolated website with minimal customer interaction, an RPO of a day may be acceptable because this represents a tolerable amount of data loss. https://d1.awsstatic.com/whitepapers/Storage/Backup_and_Recovery_Approaches_Using_AWS.pdf

When using the AWS Billing and Cost Management console dashboard, you can check various graphs that show different breakdowns of your AWS usage. Which of the following graphs can you check on your dashboard?

Month-to-Date Spend by Service; Month-to-Date Top Services by Spend; Spend Summary

Which of the following traditional disaster recovery methods runs your site in AWS as well as on your existing on-site infrastructure, in an active-active configuration?

Multi-site solution

Are generators and cooling equipment shared across Availability Zones?

No Each Availability Zone is engineered to be isolated from failures in other Availability Zones and to provide inexpensive, low-latency network connectivity to other zones in the same region. By launching instances in separate Availability Zones, you can protect your applications from the failure of a single location.

Which statement about Auto Scaling is false?

One auto scaling group can launch instances in different regions. Auto Scaling provides an option to scale up and scale down based on certain conditions or triggers from CloudWatch. A user can configure such that one auto scaling group can launch instances across availability zones, but it cannot span across regions. http://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/as-dg.pdf

Important functions of an organization's application are impaired or degraded, and you can't work around the problem, but the overall business is not affected. You decide that you need some support from AWS. You have an Enterprise Support Plan with AWS. Which of the following severity levels do you think would be an appropriate choice for this issue?

Production system impaired

One way to save on the cost of running instances in Amazon EC2 is to make use of ____ instances, which enable you to bid on unused EC2 instances, provided your workloads can withstand potential interruptions.

Spot Spot instances enable you to bid on unused EC2 instances, which can lower your Amazon EC2 costs significantly. The price (per-second or per-hour) for a Spot instance (of each instance type in each Availability Zone) is set by Amazon EC2, and fluctuates depending on the supply of and demand for Spot instances. Your Spot instance runs whenever your bid exceeds the current market price. Spot instances are a cost-effective choice if you can be flexible about when your applications run and if your applications can be interrupted.

You have a time-sensitive development question and you decide that you need some support from AWS. Which of the following severity levels will be an appropriate choice for you to resolve the issue?

System impaired

What does the AWS best practice "designing for failure" mean?

To design systems to anticipate failure and recover automatically Designing for failure essentially means adopting Murphy's Law into your design, that what can go wrong will go wrong. Design your infrastructure to respond to potential outages of multiple kinds with an automated recovery process in place.

Which service below is not directly related to traceability?

Trusted Advisor Traceability is the ability to audit, monitor and log your environment, and is key to establish automated responses to events. AWS Config is directly related to auditing and compliance, CloudTrail to logging, and CloudWatch to monitoring. Trusted Advisor is related to the implementation of security best practices, but is not related to tracing the cause of specific incidents in AWS. https://d1.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf

A user is uploading a backup of data to S3 Glacier for the purpose of disaster recovery (DR). The data stored in S3 Glacier is part of a larger data recovery plan that involves other AWS services. There is a relatively small set of data (100 MB) that needs to be restored immediately when a DR plan is executed, and the organization is planning RTO of 1 hour. Assuming the data size meets the requirements for any of the given retrieval options below, which S3 Glacier data retrieval option would you plan in a DR situation?

Use Expedited Retrievals with Provisioned Capacity There are three retrieval options with Amazon S3 Glacier: Expedited — There are two types of Expedited retrievals: On-Demand and Provisioned. On-Demand requests are similar to EC2 On-Demand instances and are available most of the time. Provisioned requests are guaranteed to be available when you need them, which is recommended for a DR plan. Standard — Standard retrievals allow you to access any of your archives within several hours. Bulk — Bulk retrievals are Amazon S3 Glacier's lowest-cost retrieval option, which you can use to retrieve large amounts, even petabytes, of data inexpensively in a day. Bulk retrievals typically complete within 5-12 hours.

Which of the following is true of the security of your origin server in Amazon Cloudfront?

You are responsible for ensuring the security of your origin server.

What is the meaning of pay-as-you-go, when related to Amazon Web Services?

You have no upfront costs, but rather pay on a monthly basis, based on usage.

Which of the following is not a benefit of AWS cloud computing?

increase workload consistency The only choice listed that is not a direct benefit of AWS cloud computing is improved system workload/traffic consistency. In fact, the inconsistent nature of many online applications and business systems is a reason why cloud computing can be beneficial to many companies. The other choices listed are all established benefits listed by AWS.

Unlike an IAM user, an IAM role ____.

is not associated with a specific person An IAM user is an identity within your AWS account that has specific custom permissions; e.g., permissions to create a cache cluster in ElastiCache. An IAM role is another IAM identity you can create in your account that has specific permissions. However, unlike an IAM user, an IAM role is not associated with a specific person.

What AWS cloud characteristic makes a resource almost immediately available to allocate when and where you need it?

on-demand resourcing On-demand resourcing provides you with the ability to provision resources within seconds and minutes, instead of days or weeks that it may take within an on-premise environment, especially if you had to order the additional hardware first. For example, if you had a server in AWS and its CPU utilization was steadily increasing with demand, you would be able to deploy a second server, which would be ready within minutes to take some of the load off of the first. https://d0.awsstatic.com/whitepapers/aws-overview.pdf

Network Access Control Lists (NACLs) are _______.

stateless Network ACLs are stateless; responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa).

In Amazon EC2, if you no longer wish to be charged for your instance, you must ______ the instance to avoid being billed for additional time.

stop or terminate https://aws.amazon.com/ec2/faqs/


Set pelajaran terkait

ap world history period 4 questions and answers

View Set

Health- Chapter 5 (pages 135-162)

View Set

Cost Accounting Exam 2 - Dr. Long

View Set