AWS Cloud Practitioner
Which AWS service of tool helps to centrally manage billing and allow controlled access to resources across AWS accounts? A. AWS Identity and Access Management (IAM) B. AWS Organizations C. Cost Explorer D. AWS Budgets
B. AWS Organizations
A developer wants to deploy an application on a container-based service. The service must automatically provision and manage the backend instances. The service must provision only the necessary resources.Which AWS service will meet these requirements? A. Amazon EC2 B. Amazon Lightsail C. Amazon Elastic Kubernetes Service (Amazon EKS) D. AWS Fargate
D. AWS Fargate
Which AWS service can be used to encrypt data at rest? A. Amazon GuardDuty B. AWS Shield C. AWS Security Hub D. AWS Key Management Service (AWS KMS)
D. AWS Key Management Service (AWS KMS)
A user has been granted permission to change their own IAM user password.Which AWS services can the user use to change the password? (Choose two.) A. AWS Command Line Interface (AWS CLI) B. AWS Key Management Service (AWS KMS) C. AWS Management Console D. AWS Resource Access Manager (AWS RAM) E. AWS Secrets Manager
A. AWS Command Line Interface (AWS CLI) C. AWS Management Console
A company uses Amazon EC2 instances to run its web application. The company uses On-Demand Instances and Spot Instances. The company needs to visualize its monthly spending on both types of instances.Which AWS service or feature will meet this requirement? A. AWS Cost Explorer B. AWS Budgets C. Amazon CloudWatch D. AWS Cost Categories
A. AWS Cost Explorer
Which service enables customers to audit API calls in their AWS accounts? A. AWS CloudTrail B. AWS Trusted Advisor C. Amazon Inspector D. AWS X-Ray
A. AWS CloudTrail
Which AWS service provides intelligent recommendations to improve code quality and identify an application's most expensive lines of code? A. Amazon CodeGuru B. AWS CodeStar C. AWS CodeCommit D. AWS CodeDeploy
A. Amazon CodeGuru
A company needs to implement identity management for a fleet of mobile apps that are running in the AWS Cloud.Which AWS service will meet this requirement? A. Amazon Cognito B. AWS Security Hub C. AWS Shield D. AWS WAF
A. Amazon Cognito
Which AWS service or tool can a company use to visualize, understand, and manage AWS spending and usage over time? A. AWS Trusted Advisor B. Amazon CloudWatch C. Cost Explorer D. AWS Budgets
C. Cost Explorer
A company has a set of databases that are stored on premises. The company wants to bring its existing Microsoft SQL Server licenses when the company moves the databases to run on Amazon EC2 instances.Which EC2 instance purchasing option should the company use to meet these requirements? A. Dedicated Instances B. Reserved Instances C. Dedicated Hosts D. Spot Instances
C. Dedicated Hosts
According to the AWS shared responsibility model, what responsibility does a customer have when using Amazon RDS to host a database? A. Manage connections to the database B. Install Microsoft SQL Server C. Design encryption-at-rest strategies D. Apply minor database patches
C. Design encryption-at-rest strategies
Which AWS service or tool can a company set up to send notifications that a custom spending threshold has been reached or exceeded? A. AWS Budgets B. AWS Trusted Advisor C. AWS CloudTrail D. AWS Support
A. AWS Budgets
A company needs to install an application in a Docker container.Which AWS service eliminates the need to provision and manage the container hosts? A. AWS Fargate B. Amazon FSx for Windows File Server C. Amazon Elastic Container Service (Amazon ECS) D. Amazon EC2
A. AWS Fargate
Which AWS services are serverless? (Choose two.) A. AWS Fargate B. Amazon Managed Streaming for Apache Kafka C. Amazon EMR D. Amazon S3 E. Amazon EC2
A. AWS Fargate D. Amazon S3
A company that has multiple business units wants to centrally manage and govern its AWS Cloud environments. The company wants to automate the creation ofAWS accounts, apply service control policies (SCPs), and simplify billing processes.Which AWS service or tool should the company use to meet these requirements? A. AWS Organizations B. Cost Explorer C. AWS Budgets D. AWS Trusted Advisor
A. AWS Organizations
A company runs its workloads on premises. The company wants to forecast the cost of running a large application on AWS.Which AWS service or tool can the company use to obtain this information? A. AWS Pricing Calculator B. AWS Budgets C. AWS Trusted Advisor D. Cost Explorer
A. AWS Pricing Calculator
Which AWS service helps protect against DDoS attacks? A. AWS Shield B. Amazon Inspector C. Amazon GuardDuty D. Amazon Detective
A. AWS Shield
A company is moving its office and must establish an encrypted connection to AWS.Which AWS service will help meet this requirement? A. AWS VPN B. Amazon Route 53 C. Amazon API Gateway D. Amazon Connect
A. AWS VPN
Which AWS service contains built-in engines to protect web applications that run in the cloud from SQL injection attacks and cross-site scripting? A. AWS WAF B. AWS Shield Advanced C. Amazon GuardDuty D. Amazon Detective
A. AWS WAF
In which ways does the AWS Cloud offer lower total cost of ownership (TCO) of computing resources than on-premises data centers? (Choose two.) A. AWS replaces upfront capital expenditures with pay-as-you-go costs. B. AWS is designed for high availability, which eliminates user downtime. C. AWS eliminates the need for on-premises IT staff. D. AWS uses economies of scale to continually reduce prices. E. AWS offers a single pricing model for Amazon EC2 instances.
A. AWS replaces upfront capital expenditures with pay-as-you-go costs. D. AWS uses economies of scale to continually reduce prices.
Which of the following are included in AWS Enterprise Support? (Choose two.) A. AWS technical account manager (TAM) B. AWS partner-led support C. AWS Professional Services D. Support of third-party software integration to AWS E. 5-minute response time for critical issues
A. AWS technical account manager (TAM) D. Support of third-party software integration to AWS
A company has a workload that will run continuously for 1 year. The workload cannot tolerate service interruptions.Which Amazon EC2 purchasing option will be MOST cost-effective? A. All Upfront Reserved Instances B. Partial Upfront Reserved Instances C. Dedicated Instances D. On-Demand Instances
A. All Upfront Reserved Instances
A retail company needs to build a highly available architecture for a new ecommerce platform. The company is using only AWS services that replicate data across multiple Availability Zones.Which AWS services should the company use to meet this requirement? (Choose two.) A. Amazon EC2 B. Amazon Elastic Block Store (Amazon EBS) C. Amazon Aurora D. Amazon DynamoDB E. Amazon Redshift
A. Amazon EC2 B. Amazon Elastic Block Store (Amazon EBS)
A company is creating a document that defines the operating system patch routine for all the company's systems.Which AWS resources should the company include in this document? (Choose two.) A. Amazon EC2 instances B. AWS Lambda functions C. AWS Fargate tasks D. Amazon RDS instances E. Amazon Elastic Container Service (Amazon ECS) instances
A. Amazon EC2 instances D. Amazon RDS instances
A company wants to convert video files and audio files from their source format into a format that will play on smartphones, tablets, and web browsers.Which AWS service will meet these requirements? A. Amazon Elastic Transcoder B. Amazon Comprehend C. AWS Glue D. Amazon Rekognition
A. Amazon Elastic Transcoder
Which AWS service monitors AWS accounts for security threats? A. Amazon GuardDuty B. AWS Secrets Manager C. Amazon Cognito D. AWS Certificate Manager (ACM)
A. Amazon GuardDuty
Which of the following are AWS compute services? (Choose two.) A. Amazon Lightsail B. AWS Systems Manager C. AWS CloudFormation D. AWS Batch E. Amazon Inspector
A. Amazon Lightsail D. AWS Batch
Which AWS service can be used to turn text into lifelike speech? A. Amazon Polly B. Amazon Kendra C. Amazon Rekognition D. Amazon Connect
A. Amazon Polly
Which AWS service is used to host static websites? A. Amazon S3 B. Amazon Elastic Block Store (Amazon EBS) C. AWS CloudFormation D. Amazon Elastic File System (Amazon EFS)
A. Amazon S3
Which AWS service or feature is used to send both text and email messages from distributed applications? A. Amazon Simple Notification Service (Amazon SNS) B. Amazon Simple Email Service (Amazon SES) C. Amazon CloudWatch alerts D. Amazon Simple Queue Service (Amazon SQS)
A. Amazon Simple Notification Service (Amazon SNS)
Which AWS service enables the decoupling and scaling of applications? A. Amazon Simple Queue Service (Amazon SQS) B. AWS Outposts C. Amazon S3 D. Amazon Simple Email Service (Amazon SES)
A. Amazon Simple Queue Service (Amazon SQS)
A company needs to simultaneously process hundreds of requests from different users.Which combination of AWS services should the company use to build an operationally efficient solution? A. Amazon Simple Queue Service (Amazon SQS) and AWS Lambda B. AWS Data Pipeline and Amazon EC2 C. Amazon Kinesis and Amazon Athena D. AWS Amplify and AWS AppSync
A. Amazon Simple Queue Service (Amazon SQS) and AWS Lambda
A company deployed an application on an Amazon EC2 instance. The application ran as expected for 6 months in the past week, users have reported latency issues. A system administrator found that the CPU utilization was at 100% during business hours. The company wants a scalable solution to meet demand.Which AWS service or feature should the company use to handle the load for its application during periods of high demand? A. Auto Scaling groups B. AWS Global Accelerator C. Amazon Route 53 D. An Elastic IP address
A. Auto Scaling groups
Which controls are shared under the AWS shared responsibility model? (Choose two.) A. Awareness and training B. Patching of Amazon RDS C. Configuration management D. Physical and environmental controls E. Service and communications protection or security
A. Awareness and training C. Configuration management
An online company was running a workload on premises and was struggling to launch new products and features. After migrating the workload to AWS, the company can quickly launch products and features and can scale its infrastructure as required.Which AWS Cloud value proposition does this scenario describe? A. Business agility B. High availability C. Security D. Centralized auditing
A. Business agility
Which tasks require use of the AWS account root user? (Choose two.) A. Changing an AWS Support plan B. Modifying an Amazon EC2 instance type C. Grouping resources in AWS Systems Manager D. Running applications in Amazon Elastic Kubernetes Service (Amazon EKS) E. Closing an AWS account
A. Changing an AWS Support plan E. Closing an AWS account
Which of the following is a benefit of moving from an on-premises data center to the AWS Cloud? A. Compute instances can be launched and terminated as needed to optimize costs. B. Compute costs can be viewed in the AWS Billing and Cost Management console. C. Users retain full administrative access to their compute instances. D. Users can optimize costs by permanently running enough instances at peak load.
A. Compute instances can be launched and terminated as needed to optimize costs.
Which of the following actions are controlled with AWS Identity and Access Management (IAM)? (Choose two.) A. Control access to AWS service APIs and to other specific resources. B. Provide intelligent threat detection and continuous monitoring. C. Protect the AWS environment using multi-factor authentication (MFA). D. Grant users access to AWS data centers. E. Provide firewall protection for applications from common web attacks.
A. Control access to AWS service APIs and to other specific resources. C. Protect the AWS environment using multi-factor authentication (MFA).
Which AWS service or feature can a company use to determine which business unit is using specific AWS resources? A. Cost allocation tags B. Key pairs C. Amazon Inspector D. AWS Trusted Advisor
A. Cost allocation tags
An ecommerce company has migrated its IT infrastructure from an on-premises data center to the AWS Cloud.Which cost is the company's direct responsibility? A. Cost of application software licenses B. Cost of the hardware infrastructure on AWS C. Cost of power for the AWS servers D. Cost of physical security for the AWS data center
A. Cost of application software licenses
A retail company is migrating its IT infrastructure applications from on premises to the AWS Cloud.Which costs will the company eliminate with this migration? (Choose two.) A. Cost of data center operations B. Cost of application licensing C. Cost of marketing campaigns D. Cost of physical server hardware E. Cost of network management
A. Cost of data center operations D. Cost of physical server hardware
A company hosts an application on an Amazon EC2 instance. The EC2 instance needs to access several AWS resources, including Amazon S3 and AmazonDynamoDB.What is the MOST operationally efficient solution to delegate permissions? A. Create an IAM role with the required permissions. Attach the role to the EC2 instance. B. Create an IAM user and use its access key and secret access key in the application. C. Create an IAM user and use its access key and secret access key to create a CLI profile in the EC2 instance D. Create an IAM role with the required permissions. Attach the role to the administrative IAM user.
A. Create an IAM role with the required permissions. Attach the role to the EC2 instance.
Under the AWS shared responsibility model, which task is the customer's responsibility when managing AWS Lambda functions? A. Creating versions of Lambda functions B. Maintaining server and operating systems C. Scaling Lambda resources according to demand D. Updating the Lambda runtime environment
A. Creating versions of Lambda functions
Which of the following is an advantage that users experience when they move on-premises workloads to the AWS Cloud? A. Elimination of expenses for running and maintaining data centers B. Price discounts that are identical to discounts from hardware providers C. Distribution of all operational controls to AWS D. Elimination of operational expenses
A. Elimination of expenses for running and maintaining data centers
Which task does AWS perform automatically? A. Encrypt data that is stored in Amazon DynamoDB. B. Patch Amazon EC2 instances. C. Encrypt user network traffic. D. Create TLS certificates for users' websites.
A. Encrypt data that is stored in Amazon DynamoDB.
A company's web application requires AWS credentials and authorizations to use an AWS service.Which IAM entity should the company use as best practice? A. IAM role B. IAM user C. IAM group D. IAM multi-factor authentication (MFA)
A. IAM role
Which of the following are benefits of Amazon EC2 Auto Scaling? (Choose two.) A. Improved health and availability of applications B. Reduced network latency C. Optimized performance and costs D. Automated snapshots of data E. Cross-Region Replication
A. Improved health and availability of applications C. Optimized performance and costs
Which of the following are economic advantages of the AWS Cloud? (Choose two.) A. Increased workforce productivity B. Decreased need to encrypt user data C. Manual compliance audits D. Simplified total cost of ownership (TCO) accounting E. Faster product launches
A. Increased workforce productivity D. Simplified total cost of ownership (TCO) accounting
How does consolidated billing help reduce costs for a company that has multiple AWS accounts? A. It aggregates usage across accounts so that the company can reach volume discount thresholds sooner. B. It offers an additional 5% discount on purchases of All Upfront Reserved Instances. C. It provides a simplified billing invoice that the company can process more quickly than a standard invoice. D. It gives AWS resellers the ability to bill their customers for usage.
A. It aggregates usage across accounts so that the company can reach volume discount thresholds sooner.
A large organization has a single AWS account.What are the advantages of reconfiguring the single account into multiple AWS accounts? (Choose two.) A. It allows for administrative isolation between different workloads. B. Discounts can be applied on a quarterly basis by submitting cases in the AWS Management Console. C. Transitioning objects from Amazon S3 to Amazon S3 Glacier in separate AWS accounts will be less expensive. D. Having multiple accounts reduces the risks associated with malicious activity targeted at a single account. E. Amazon QuickSight offers access to a cost tool that provides application-specific recommendations for environments running in multiple accounts.
A. It allows for administrative isolation between different workloads. D. Having multiple accounts reduces the risks associated with malicious activity targeted at a single account.
Which task is a customer's responsibility, according to the AWS shared responsibility model? A. Management of the guest operating systems B. Maintenance of the configuration of infrastructure devices C. Management of the host operating systems and virtualization D. Maintenance of the software that powers Availability Zones
A. Management of the guest operating systems
A company needs to run an application on Amazon EC2 instances. The instances cannot be interrupted at any time. The company needs an instance purchasing option that requires no long-term commitment or upfront payment.Which instance purchasing option will meet these requirements MOST cost-effectively? A. On-Demand Instances B. Spot Instances C. Dedicated Hosts D. Reserved Instances
A. On-Demand Instances
Which of the following are benefits of migrating to the AWS Cloud? (Choose two.) A. Operational resilience B. Discounts for products on Amazon.com C. Business agility D. Business excellence E. Increased staff retention
A. Operational resilience C. Business agility
Which benefits does a company gain when the company moves from on-premises IT architecture to the AWS Cloud? (Choose two.) A. Reduced or eliminated tasks for hardware troubleshooting, capacity planning, and procurement B. Elimination of the need for trained IT staff C. Automatic security configuration of all applications that are migrated to the cloud D. Elimination of the need for disaster recovery planning E. Faster deployment of new features and applications
A. Reduced or eliminated tasks for hardware troubleshooting, capacity planning, and procurement E. Faster deployment of new features and applications
Which of the following are shared controls that apply to both AWS and the customer, according to the AWS shared responsibility model? (Choose two.) A. Resource configuration management B. Network data integrity C. Employee awareness and training D. Physical and environmental security E. Replacement and disposal of disk drives
A. Resource configuration management C. Employee awareness and training
Using AWS Config to record, audit, and evaluate changes to AWS resources to enable traceability is an example of which AWS Well-Architected Framework pillar? A. Security B. Operational excellence C. Performance efficiency D. Cost optimization
A. Security
A company has multiple applications and is now building a new multi-tier application. The company will host the new application on Amazon EC2 instances. The company wants the network routing and traffic between the various applications to follow the security principle of least privilege.Which AWS service or feature should the company use to enforce this principle? A. Security groups B. AWS Shield C. AWS Global Accelerator D. AWS Direct Connect gateway
A. Security groups
Which AWS service or feature gives a company the ability to control incoming traffic and outgoing traffic for Amazon EC2 instances? A. Security groups B. Amazon Route 53 C. AWS Direct Connect D. Amazon VPC
A. Security groups
Which duties are the responsibility of a company that is using AWS Lambda? (Choose two.) A. Security inside of code B. Selection of CPU resources C. Patching of operating system D. Writing and updating of code E. Security of underlying infrastructure
A. Security inside of code D. Writing and updating of code
A company wants a cost-effective option when running its applications in an Amazon EC2 instance for short time periods. The applications can be interrupted.Which EC2 instance type will meet these requirements? A. Spot Instances B. On-Demand Instances C. Reserved Instances D. Dedicated Instances
A. Spot Instances
A company needs an Amazon EC2 instance for a rightsized database server that must run constantly for 1 year.Which EC2 instance purchasing option will meet these requirements MOST cost-effectively? A. Standard Reserved Instance B. Convertible Reserved Instance C. On-Demand Instance D. Spot Instance
A. Standard Reserved Instance
A company has a database server that is always running. The company hosts the server on Amazon EC2 instances. The instance sizes are suitable for the workload. The workload will run for 1 year.Which EC2 instance purchasing option will meet these requirements MOST cost-effectively? A. Standard Reserved Instances B. On-Demand Instances C. Spot Instances D. Convertible Reserved Instances
A. Standard Reserved Instances
Who can create and manage access keys for an AWS account root user? A. The AWS account owner B. An IAM user that has administrator permissions C. IAM users within a designated group D. An IAM user that has the required role
A. The AWS account owner
A company is using the AWS Free Tier for several AWS services for an application.What will happen if the Free Tier usage period expires or if the application use exceeds the Free Tier usage limits? A. The company will be charged the standard pay-as-you-go service rates for the usage that exceeds the Free Tier usage. B. AWS Support will contact the company to set up standard service charges. C. The company will be charged for the services it consumed during the Free Tier period, plus additional charges for service consumption after the Free Tier period. D. The company's AWS account will be frozen and can be restarted after a payment plan is established.
A. The company will be charged the standard pay-as-you-go service rates for the usage that exceeds the Free Tier usage.
What information is found on an AWS Identity and Access Management (IAM) credential report? (Choose two.) A. The date and time when an IAM user's password was last used to sign in to the AWS Management Console. B. The type of multi-factor authentication (MFA) device assigned to an IAM user. C. The User-Agent browser identifier for each IAM user currently logged in. D. Whether multi-factor authentication (MFA) has been enabled for an IAM user. E. The number of incorrect login attempts by each IAM user in the previous 30 days.
A. The date and time when an IAM user's password was last used to sign in to the AWS Management Console. D. Whether multi-factor authentication (MFA) has been enabled for an IAM user.
A company plans to create a data lake that uses Amazon S3.Which factor will have the MOST effect on cost? A. The selection of S3 storage tiers B. Charges to transfer existing data into Amazon S3 C. The addition of S3 bucket policies D. S3 ingest fees for each request
A. The selection of S3 storage tiers
Which of the following are features of network ACLs as they are used in the AWS Cloud? (Choose two.) A. They are stateless. B. They are stateful. C. They evaluate all rules before allowing traffic. D. They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic. E. They operate at the instance level.
A. They are stateless. D. They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic.
A company is considering a migration from on premises to the AWS Cloud. The company's IT team needs to offload support of the workload.What should the IT team do to accomplish this goal? A. Use AWS Managed Services to provision, run, and support the company infrastructure. B. Build hardware refreshes into the operational calendar to ensure availability. C. Use Amazon Elastic Container Service (Amazon ECS) on Amazon EC2 instances. D. Overprovision compute capacity for seasonal events and traffic spikes to prevent downtime.
A. Use AWS Managed Services to provision, run, and support the company infrastructure.
A company launched an Amazon EC2 instance with the latest Amazon Linux 2 Amazon Machine Image (AMI).Which actions can a system administrator take to connect to the EC2 instance? (Choose two.) A. Use Amazon EC2 Instance Connect. B. Use a Remote Desktop Protocol (RDP) connection. C. Use AWS Batch D. Use AWS Systems Manager Session Manager. E. Use Amazon Connect
A. Use Amazon EC2 Instance Connect. D. Use AWS Systems Manager Session Manager.
A company needs to label its AWS resources so that the company can categorize and track costs.What should the company do to meet this requirement? A. Use cost allocation tags. B. Use AWS Identity and Access Management (IAM). C. Use AWS Organizations. D. Use the AWS Cost Management coverage report.
A. Use cost allocation tags.
Which of the following is an advantage that the AWS Cloud provides to users? A. Users eliminate the need to guess about infrastructure capacity requirements. B. Users decrease their variable costs by maintaining sole ownership of IT hardware. C. Users maintain control of underlying IT infrastructure hardware. D. Users maintain control of operating systems for managed services.
A. Users eliminate the need to guess about infrastructure capacity requirements.
Which AWS service or tool can be used to capture information about inbound and outbound traffic in an Amazon VPC? A. VPC Flow Logs B. Amazon Inspector C. VPC endpoint services D. NAT gateway
A. VPC Flow Logs
Why is an AWS Well-Architected review a critical part of the cloud design process? A. A Well-Architected review is mandatory before a workload can run on AWS. B. A Well-Architected review helps identify design gaps and helps evaluate design decisions and related documents. C. A Well-Architected review is an audit mechanism that is a part of requirements for service level agreements. D. A Well-Architected review eliminates the need for ongoing auditing and compliance tests.
B. A Well-Architected review helps identify design gaps and helps evaluate design decisions and related documents.
What is an AWS Region? A. A broad set of global, cloud-based products that include compute, storage, and databases B. A physical location around the world where data centers are clustered C. One or more discrete data centers with redundant power, networking, and connectivity D. A service that developers use to build applications that deliver latencies of single-digit milliseconds to users
B. A physical location around the world where data centers are clustered
What does the AWS Concierge Support team provide? A. A technical expert dedicated to the user B. A primary point of contact for AWS Billing and AWS Support C. A partner to help provide scaling guidance for an event launch D. A dedicated AWS staff member who reviews the user's application architecture
B. A primary point of contact for AWS Billing and AWS Support
What is the LEAST expensive AWS Support plan that contains a full set of AWS Trusted Advisor best practice checks? A. AWS Enterprise Support B. AWS Business Support C. AWS Developer Support D. AWS Basic Support
B. AWS Business Support
A user wants to deploy a service to the AWS Cloud by using infrastructure-as-code (IaC) principles.Which AWS service can be used to meet this requirement? A. AWS Systems Manager B. AWS CloudFormation C. AWS CodeCommit D. AWS Config
B. AWS CloudFormation
A company needs to identify the last time that a specific user accessed the AWS Management Console.Which AWS service will provide this information? A. Amazon Cognito B. AWS CloudTrail C. Amazon Inspector D. Amazon GuardDuty
B. AWS CloudTrail
A company wants to set up an entire development and continuous delivery toolchain for coding, building, testing, and deploying code.Which AWS service will meet these requirements? A. Amazon CodeGuru B. AWS CodeStar C. AWS CodeCommit D. AWS CodeDeploy
B. AWS CodeStar
A company with AWS Enterprise Support needs help understanding its monthly AWS bill and wants to implement billing best practices.Which AWS tool or resource is available to accomplish these goals? A. Resource tagging B. AWS Concierge Support team C. AWS Abuse team D. AWS Support
B. AWS Concierge Support team
A company wants to migrate its workloads to AWS, but it lacks expertise in AWS Cloud computing.Which AWS service or feature will help the company with its migration? A. AWS Trusted Advisor B. AWS Consulting Partners C. AWS Artifacts D. AWS Managed Services
B. AWS Consulting Partners
A company is starting to build its infrastructure in the AWS Cloud. The company wants access to technical support during business hours. The company also wants general architectural guidance as teams build and test new applications.Which AWS Support plan will meet these requirements at the LOWEST cost? A. AWS Basic Support B. AWS Developer Support C. AWS Business Support D. AWS Enterprise Support
B. AWS Developer Support
A company needs to deploy applications in the AWS Cloud as quickly as possible. The company also needs to minimize the complexity that is related to the management of AWS resources.Which AWS service should the company use to meet these requirements? A. AWS Config B. AWS Elastic Beanstalk C. Amazon EC2 D. Amazon Personalize
B. AWS Elastic Beanstalk
A company wants the ability to quickly upload its applications to the AWS Cloud without needing to provision underlying resources.Which AWS service will meet these requirements? A. AWS CloudFormation B. AWS Elastic Beanstalk C. AWS CodeDeploy D. AWS CodeCommit
B. AWS Elastic Beanstalk
A company has a complex AWS architecture. The company needs assistance from a dedicated technical professional who can suggest strategies regarding incidents, trade-offs, support, and risk management.Which AWS Support plan will provide the required support? A. AWS Business Support B. AWS Enterprise Support C. AWS Developer Support D. AWS Basic Support
B. AWS Enterprise Support
A company wants to run production workloads on AWS. The company needs concierge service, a designated AWS technical account manager (TAM), and technical support that is available 24 hours a day, 7 days a week.Which AWS Support plan will meet these requirements? A. AWS Basic Support B. AWS Enterprise Support C. AWS Business Support D. AWS Developer Support
B. AWS Enterprise Support
A company manages global applications that require static IP addresses.Which AWS service would enable the company to improve the availability and performance of its applications? A. Amazon CloudFront B. AWS Global Accelerator C. Amazon S3 Transfer Acceleration D. Amazon API Gateway
B. AWS Global Accelerator
Which AWS service uses edge locations? A. Amazon Aurora B. AWS Global Accelerator C. Amazon Connect D. AWS Outposts
B. AWS Global Accelerator
Which of the following is a managed AWS service that is used specifically for extract, transform, and load (ETL) data? A. Amazon Athena B. AWS Glue C. Amazon S3 D. AWS Snowball Edge
B. AWS Glue
Which AWS service or feature checks access policies and offers actionable recommendations to help users set secure and functional policies? A. AWS Systems Manager B. AWS IAM Access Analyzer C. AWS Trusted Advisor D. Amazon GuardDuty
B. AWS IAM Access Analyzer
Which documentation does AWS Artifact provide? A. Amazon EC2 terms and conditions B. AWS ISO certifications C. A history of a company's AWS spending D. A list of previous-generation Amazon EC2 instance types
B. AWS ISO certifications
Which AWS service is always provided at no charge? A. Amazon S3 B. AWS Identity and Access Management (IAM) C. Elastic Load Balancers D. AWS WAF
B. AWS Identity and Access Management (IAM)
Which AWS service should a company use to organize, characterize, and search large numbers of images? A. Amazon Transcribe B. Amazon Rekognition C. Amazon Aurora D. Amazon QuickSight
B. Amazon Rekognition
A company wants to migrate a critical application to AWS. The application has a short runtime. The application is invoked by changes in data or by shifts in system state. The company needs a compute solution that maximizes operational efficiency and minimizes the cost of running the application.Which AWS solution should the company use to meet these requirements? A. Amazon EC2 On-Demand Instances B. AWS Lambda C. Amazon EC2 Reserved Instances D. Amazon EC2 Spot Instances
B. AWS Lambda
Which of the following is a component of the AWS Global Infrastructure? A. Amazon Alexa B. AWS Regions C. Amazon Lightsail D. AWS Organizations
B. AWS Regions
A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access.What should the company use to access instances remotely instead of opening inbound SSH ports and managing SSH keys? A. EC2 key pairs B. AWS Systems Manager Session Manager C. AWS Identity and Access Management (IAM) D. Network ACLs
B. AWS Systems Manager Session Manager
A large enterprise with multiple VPCs in several AWS Regions around the world needs to connect and centrally manage network connectivity between its VPCs.Which AWS service or feature meets these requirements? A. AWS Direct Connect B. AWS Transit Gateway C. AWS Site-to-Site VPN D. VPC endpoints
B. AWS Transit Gateway
A retail company has recently migrated its website to AWS. The company wants to ensure that it is protected from SQL injection attacks. The website uses anApplication Load Balancer to distribute traffic to multiple Amazon EC2 instances.Which AWS service or feature can be used to create a custom rule that blocks SQL injection attacks? A. Security groups B. AWS WAF C. Network ACLs D. AWS Shield
B. AWS WAF
Which statements explain the business value of migration to the AWS Cloud? (Choose two.) A. The migration of enterprise applications to the AWS Cloud makes these applications automatically available on mobile devices. B. AWS availability and security provide the ability to improve service level agreements (SLAs) while reducing risk and unplanned downtime. C. Companies that migrate to the AWS Cloud eliminate the need to plan for high availability and disaster recovery. D. Companies that migrate to the AWS Cloud reduce IT costs related to infrastructure, freeing budget for reinvestment in other areas. E. Applications are modernized because migration to the AWS Cloud requires companies to rearchitect and rewrite all enterprise applications.
B. AWS availability and security provide the ability to improve service level agreements (SLAs) while reducing risk and unplanned downtime. D. Companies that migrate to the AWS Cloud reduce IT costs related to infrastructure, freeing budget for reinvestment in other areas.
Which of the following are advantages of the AWS Cloud? (Choose two.) A. AWS management of user-owned infrastructure B. Ability to quickly change required capacity C. High economies of scale D. Increased deployment time to market E. Increased fixed expenses
B. Ability to quickly change required capacity C. High economies of scale
Which of the following is a benefit of decoupling an AWS Cloud architecture? A. Reduced latency B. Ability to upgrade components independently C. Decreased costs D. Fewer components to manage
B. Ability to upgrade components independently
A development team wants to publish and manage web services that provide REST APIs.Which AWS service will meet this requirement? A. AWS App Mesh B. Amazon API Gateway C. Amazon CloudFront D. AWS Cloud Map
B. Amazon API Gateway
A company wants to use the AWS Cloud to provide secure access to desktop applications that are running in a fully managed environment.Which AWS service should the company use to meet this requirement? A. Amazon S3 B. Amazon AppStream 2.0 C. AWS AppSync D. AWS Outposts
B. Amazon AppStream 2.0
Which AWS services make use of global edge locations? (Choose two.) A. AWS Fargate B. Amazon CloudFront C. AWS Global Accelerator D. AWS Wavelength E. Amazon VPC
B. Amazon CloudFront C. AWS Global Accelerator
Which AWS services can use AWS WAF to protect against common web exploitations? (Choose two.) A. Amazon Route 53 B. Amazon CloudFront C. AWS Transfer Family D. AWS Site-to-Site VPN E. Amazon API Gateway
B. Amazon CloudFront E. Amazon API Gateway
A user needs to quickly deploy a non-relational database on AWS. The user does not want to manage the underlying hardware or the database software.Which AWS service can be used to accomplish this? A. Amazon RDS B. Amazon DynamoDB C. Amazon Aurora D. Amazon Redshift
B. Amazon DynamoDB
A company would like to host its MySQL databases on AWS and maintain full control over the operating system, database installation, and configuration.Which AWS service should the company use to host the databases? A. Amazon RDS B. Amazon EC2 C. Amazon DynamoDB D. Amazon Aurora
B. Amazon EC2
Which type of AWS storage is ephemeral and is deleted when an Amazon EC2 instance is stopped or terminated? A. Amazon Elastic Block Store (Amazon EBS) B. Amazon EC2 instance store C. Amazon Elastic File System (Amazon EFS) D. Amazon S3
B. Amazon EC2 instance store
Which AWS service provides storage that can be mounted across multiple Amazon EC2 instances? A. Amazon WorkSpaces B. Amazon Elastic File System (Amazon EFS) C. AWS Database Migration Service (AWS DMS) D. AWS Snowball Edge
B. Amazon Elastic File System (Amazon EFS)
A company wants to migrate a small website and database quickly from on-premises infrastructure to the AWS Cloud. The company has limited operational knowledge to perform the migration.Which AWS service supports this use case? A. Amazon EC2 B. Amazon Lightsail C. Amazon S3 D. AWS Lambda
B. Amazon Lightsail
Which AWS service uses machine learning to help discover, monitor, and protect sensitive data that is stored in Amazon S3 buckets? A. AWS Shield B. Amazon Macie C. AWS Network Firewall D. Amazon Cognito
B. Amazon Macie
Which AWS service supports the creation of visual reports from AWS Cost and Usage Report data? A. Amazon Athena B. Amazon QuickSight C. Amazon CloudWatch D. AWS Organizations
B. Amazon QuickSight
Which AWS services should a company use to read and write data that changes frequently? (Choose two.) A. Amazon S3 Glacier B. Amazon RDS C. AWS Snowball D. Amazon Redshift E. Amazon Elastic File System (Amazon EFS)
B. Amazon RDS E. Amazon Elastic File System (Amazon EFS)
A company is migrating its public website to AWS. The company wants to host the domain name for the website on AWS.Which AWS service should the company use to meet this requirement? A. AWS Lambda B. Amazon Route 53 C. Amazon CloudFront D. AWS Direct Connect
B. Amazon Route 53
Which AWS service provides domain registration, DNS routing, and service health checks? A. AWS Direct Connect B. Amazon Route 53 C. Amazon CloudFront D. Amazon API Gateway
B. Amazon Route 53
A bank needs to store recordings of calls made to its contact center for 6 years. The recordings must be accessible within 48 hours from the time they are requested.Which AWS service will provide a secure and cost-effective solution for retaining these files? A. Amazon DynamoDB B. Amazon S3 Glacier C. Amazon Connect D. Amazon ElastiCache
B. Amazon S3 Glacier
Which of the following describes some of the core functionality of Amazon S3? A. Amazon S3 is a high-performance block storage service that is designed for use with Amazon EC2. B. Amazon S3 is an object storage service that provides high-level performance, security, scalability, and data availability. C. Amazon S3 is a fully managed, highly reliable, and scalable file storage system that is accessible over the industry-standard SMB protocol. D. Amazon S3 is a scalable, fully managed elastic NFS for use with AWS Cloud services and on-premises resources.
B. Amazon S3 is an object storage service that provides high-level performance, security, scalability, and data availability.
Which AWS service can be used to decouple applications? A. AWS Config B. Amazon Simple Queue Service (Amazon SQS) C. AWS Batch D. Amazon Simple Email Service (Amazon SES)
B. Amazon Simple Queue Service (Amazon SQS)
A company accepts enrollment applications on handwritten paper forms. The company uses a manual process to enter the form data into its backend systems.The company wants to automate the process by scanning the forms and capturing the enrollment data from scanned PDF files.Which AWS service should the company use to build this process? A. Amazon Rekognition B. Amazon Textract C. Amazon Transcribe D. Amazon Comprehend
B. Amazon Textract
Which of the following is the customer responsible for updating and patching, according to the AWS shared responsibility model? A. Amazon FSx for Windows File Server B. Amazon WorkSpaces virtual Windows desktop C. AWS Directory Service for Microsoft Active Directory D. Amazon RDS for Microsoft SQL Server
B. Amazon WorkSpaces virtual Windows desktop
Which design principle is included in the operational excellence pillar of the AWS Well-Architected Framework? A. Create annotated documentation. B. Anticipate failure. C. Ensure performance efficiency. D. Optimize costs.
B. Anticipate failure.
Which component of the AWS global infrastructure is made up of one or more discrete data centers that have redundant power, networking, and connectivity? A. AWS Region B. Availability Zone C. Edge location D. AWS Outposts
B. Availability Zone
Which task requires using AWS account root user credentials? A. Viewing billing information B. Changing the AWS Support plan C. Starting and stopping Amazon EC2 instances D. Opening an AWS Support case
B. Changing the AWS Support plan
Which characteristics are advantages of using the AWS Cloud? (Choose two.) A. A 100% service level agreement (SLA) for all AWS services B. Compute capacity that is adjusted on demand C. Availability of AWS Support for code development D. Enhanced security E. Increases in cost and complexity
B. Compute capacity that is adjusted on demand D. Enhanced security
A company has several departments. Each department has its own AWS accounts for its applications. The company wants all AWS costs on a single invoice to simplify payment, but the company wants to know the costs that each department is incurring.Which AWS tool or feature will provide this functionality? A. AWS Cost and Usage Reports B. Consolidated billing C. Savings Plans D. AWS Budgets
B. Consolidated billing
A company needs to graphically visualize AWS billing and usage over time. The company also needs information about its AWS monthly costs.Which AWS Billing and Cost Management tool provides this data in a graphical format? A. AWS Bills B. Cost Explorer C. AWS Cost and Usage Report D. AWS Budgets
B. Cost Explorer
A company wants to review its monthly costs of using Amazon EC2 and Amazon RDS for the past year.Which AWS service or tool provides this information? A. AWS Trusted Advisor B. Cost Explorer C. Amazon Forecast D. Amazon CloudWatch
B. Cost Explorer
A company wants to migrate its applications from its on-premises data center to a VPC in the AWS Cloud. These applications will need to access on-premises resources.Which actions will meet these requirements? (Choose two.) A. Use AWS Service Catalog to identify a list of on-premises resources that can be migrated. B. Create a VPN connection between an on-premises device and a virtual private gateway in the VPC. C. Use an Amazon CloudFront distribution and configure it to accelerate content delivery close to the on-premises resources. D. Set up an AWS Direct Connect connection between the on-premises data center and AWS. E. Use Amazon CloudFront to restrict access to static web content provided through the on-premises web servers.
B. Create a VPN connection between an on-premises device and a virtual private gateway in the VPC. D. Set up an AWS Direct Connect connection between the on-premises data center and AWS.
A company requires an isolated environment within AWS for security purposes.Which action can be taken to accomplish this? A. Create a separate Availability Zone to host the resources. B. Create a separate VPC to host the resources. C. Create a placement group to host the resources. D. Create an AWS Direct Connect connection between the company and AWS.
B. Create a separate VPC to host the resources.
A company owns per-core software licenses.Which Amazon EC2 instance purchasing option must the company use for this license type? A. Reserved Instances B. Dedicated Hosts C. Spot Instances D. Dedicated Instances
B. Dedicated Hosts
Which benefit is included with an AWS Enterprise Support plan? A. AWS Partner Network (APN) support at no cost. B. Designated support from an AWS technical account manager (TAM) C. On-site support from AWS engineers D. AWS managed compliance as code with AWS Config
B. Designated support from an AWS technical account manager (TAM)
Which AWS services or features provide disaster recovery solutions for Amazon EC2 instances? (Choose two.) A. ׀•׀¡2 Reserved Instances B. EC2 Amazon Machine Images (AMIs) C. Amazon Elastic Block Store (Amazon EBS) snapshots D. AWS Shield E. Amazon GuardDuty
B. EC2 Amazon Machine Images (AMIs) C. Amazon Elastic Block Store (Amazon EBS) snapshots
A company is using Amazon EC2 Auto Scaling to scale its Amazon EC2 instances.Which benefit of the AWS Cloud does this example illustrate? A. High availability B. Elasticity C. Reliability D. Global reach
B. Elasticity
Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity? A. Agility B. Elasticity C. Reliability D. Durability
B. Elasticity
An online retail company has seasonal sales spikes several times a year, primarily around holidays. Demand is lower at other times. The company finds it difficult to predict the increasing infrastructure demand for each season.Which advantages of moving to the AWS Cloud would MOST benefit the company? (Choose two.) A. Global footprint B. Elasticity C. AWS service quotas D. AWS shared responsibility model E. Pay-as-you-go pricing
B. Elasticity E. Pay-as-you-go pricing
Which of the following is an AWS best practice for managing an AWS account root user? A. Keep the root user password with the security team. B. Enable multi-factor authentication (MFA) for the root user. C. Create an access key for the root user. D. Keep the root user password consistent for compliance purposes.
B. Enable multi-factor authentication (MFA) for the root user.
Which of the following are aspects of the AWS shared responsibility model? (Choose two.) A. Configuration management of infrastructure devices is the customer's responsibility. B. For Amazon S3, AWS operates the infrastructure layer, the operating systems, and the platforms. C. AWS is responsible for protecting the physical cloud infrastructure. D. AWS is responsible for training the customer's employees on AWS products and services. E. For Amazon EC2, AWS is responsible for maintaining the guest operating system.
B. For Amazon S3, AWS operates the infrastructure layer, the operating systems, and the platforms. C. AWS is responsible for protecting the physical cloud infrastructure.
A company is migrating to the AWS Cloud instead of running its infrastructure on premises.Which of the following are advantages of this migration? (Choose two.) A. Elimination of the need to perform security auditing B. Increased global reach and agility C. Ability to deploy globally in minutes D. Elimination of the cost of IT staff members E. Redundancy by default for all compute services
B. Increased global reach and agility C. Ability to deploy globally in minutes
A retail company is building a new mobile app. The company is evaluating whether to build the app at an on-premises data center or in the AWS Cloud.Which of the following are benefits of building this app in the AWS Cloud? (Choose two.) A. A large, upfront capital expense and low variable expenses B. Increased speed for trying out new projects C. Complete control over the physical security of the infrastructure D. Flexibility to scale up in minutes as the application becomes popular E. Ability to pick the specific data centers that will host the application servers
B. Increased speed for trying out new projects D. Flexibility to scale up in minutes as the application becomes popular
A company has existing software licenses that it wants to bring to AWS, but the licensing model requires licensing physical cores.How can the company meet this requirement in the AWS Cloud? A. Launch an Amazon EC2 instance with default tenancy. B. Launch an Amazon EC2 instance on a Dedicated Host. C. Create an On-Demand Capacity Reservation. D. Purchase Dedicated Reserved Instances.
B. Launch an Amazon EC2 instance on a Dedicated Host.
Which of the following is an AWS Well-Architected Framework design principle for operational excellence in the AWS Cloud? A. Go global in minutes. B. Make frequent, small, reversible changes. C. Implement a strong foundation of identity and access management. D. Stop spending money on hardware infrastructure for data center operations.
B. Make frequent, small, reversible changes.
Which AWS tool or feature acts as a VPC firewall at the subnet level? A. Security group B. Network ACL C. Traffic Mirroring D. Internet gateway
B. Network ACL
Which IT controls do AWS and the customer share, according to the AWS shared responsibility model? (Choose two.) A. Physical and environmental controls B. Patch management C. Cloud awareness and training D. Zone security E. Application data encryption
B. Patch management C. Cloud awareness and training
Which task is the responsibility of the customer according to the AWS shared responsibility model? A. Maintain the security of the hardware that runs Amazon EC2 instances. B. Patch the guest operating system of Amazon EC2 instances. C. Protect the security of the AWS global infrastructure. D. Patch Amazon RDS software.
B. Patch the guest operating system of Amazon EC2 instances.
An online retail company wants to migrate its on-premises workload to AWS. The company needs to automatically handle a seasonal workload increase in a cost- effective manner.Which AWS Cloud features will help the company meet this requirement? (Choose two.) A. Cross-Region workload deployment B. Pay-as-you-go pricing C. Built-in AWS CloudTrail audit capabilities D. Auto Scaling policies E. Centralized logging
B. Pay-as-you-go pricing D. Auto Scaling policies
A company is planning to replace its physical on-premises compute servers with AWS serverless compute services. The company wants to be able to take advantage of advanced technologies quickly after the migration.Which pillar of the AWS Well-Architected Framework does this plan represent? A. Security B. Performance efficiency C. Operational excellence D. Reliability
B. Performance efficiency
A company wants to ensure that two Amazon EC2 instances are in separate data centers with minimal communication latency between the data centers.How can the company meet this requirement? A. Place the EC2 instances in two separate AWS Regions connected with a VPC peering connection. B. Place the EC2 instances in two separate Availability Zones within the same AWS Region. C. Place one EC2 instance on premises and the other in an AWS Region. Then connect them by using an AWS VPN connection. D. Place both EC2 instances in a placement group for dedicated bandwidth.
B. Place the EC2 instances in two separate Availability Zones within the same AWS Region.
A web application is hosted on AWS using an Elastic Load Balancer, multiple Amazon EC2 instances, and Amazon RDS.Which security measures fall under the responsibility of AWS? (Choose two.) A. Running a virus scan on EC2 instances B. Protecting against IP spoofing and packet sniffing C. Installing the latest security patches on the RDS instance D. Encrypting communication between the EC2 instances and the Elastic Load Balancer E. Configuring a security group and a network access control list (NACL) for EC2 instances
B. Protecting against IP spoofing and packet sniffing C. Installing the latest security patches on the RDS instance
Which pillar of the AWS Well-Architected Framework refers to the ability of a system to recover from infrastructure or service disruptions and dynamically acquire computing resources to meet demand? A. Security B. Reliability C. Performance efficiency D. Cost optimization
B. Reliability
A company is launching an application in the AWS Cloud. The application will use Amazon S3 storage. A large team of researchers will have shared access to the data. The company must be able to recover data that is accidentally overwritten or deleted.Which S3 feature should the company turn on to meet this requirement? A. Server access logging B. S3 Versioning C. S3 Lifecycle rules D. Encryption in transit and at rest
B. S3 Versioning
A company is launching an ecommerce application that must always be available. The application will run on Amazon EC2 instances continuously for the next12 months.What is the MOST cost-effective instance purchasing option that meets these requirements? A. Spot Instances B. Savings Plans C. Dedicated Hosts D. On-Demand Instances
B. Savings Plans
A company has a single Amazon EC2 instance. The company wants to adopt a highly available architecture.What can the company do to meet this requirement? A. Scale vertically to a larger EC2 instance size. B. Scale horizontally across multiple Availability Zones. C. Purchase an EC2 Dedicated Instance. D. Change the EC2 instance family to a compute optimized instance.
B. Scale horizontally across multiple Availability Zones.
A company recently deployed an Amazon RDS instance in its VPC. The company needs to implement a stateful firewall to limit traffic to the private corporate network.Which AWS service or feature should the company use to limit network traffic directly to its RDS instance? A. Network ACLs B. Security groups C. AWS WAF D. Amazon GuardDuty
B. Security groups
Which of the following acts as an instance-level firewall to control inbound and outbound access? A. Network access control list B. Security groups C. AWS Trusted Advisor D. Virtual private gateways
B. Security groups
A company wants to migrate its on-premises Microsoft SQL Server database server to the AWS Cloud. The company has decided to use Amazon EC2 instances to run this database.Which of the following is the company responsible for managing, according to the AWS shared responsibility model? A. EC2 hypervisor B. Security patching of the guest operating system C. Network connectivity of the host server D. Uptime service level agreement (SLA) for the EC2 instances
B. Security patching of the guest operating system
Which AWS service or tool should a company use to centrally request and track service limit increases? A. AWS Config B. Service Quotas C. AWS Service Catalog D. AWS Budgets
B. Service Quotas
A global media company uses AWS Organizations to manage multiple AWS accounts.Which AWS service or feature can the company use to limit the access to AWS services for member accounts? A. AWS Identity and Access Management (IAM) B. Service control policies (SCPs) C. Organizational units (OUs) D. Access control lists (ACLs)
B. Service control policies (SCPs)
Which of the following are Amazon Virtual Private Cloud (Amazon VPC) resources? A. Objects; access control lists (ACLs) B. Subnets; internet gateways C. Access policies; buckets D. Groups; roles
B. Subnets; internet gateways
A user is storing objects in Amazon S3. The user needs to restrict access to the objects to meet compliance obligations.What should the user do to meet this requirement? A. Use AWS Secrets Manager. B. Tag the objects in the S3 bucket. C. Use security groups. D. Use network ACLs.
B. Tag the objects in the S3 bucket.
How does the AWS Cloud pricing model differ from the traditional on-premises storage pricing model? A. AWS resources do not incur costs B. There are no infrastructure operating costs C. There are no upfront cost commitments D. There are no software licensing costs
B. There are no infrastructure operating costs
What is the purpose of having an internet gateway within a VPC? A. To create a VPN connection to the VPC B. To allow communication between the VPC and the internet C. To impose bandwidth constraints on internet traffic D. To load balance traffic from the internet across Amazon EC2 instances
B. To allow communication between the VPC and the internet
Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Choose two.) A. Patch the Amazon EC2 guest operating system. B. Upgrade the firmware of the network infrastructure. C. Apply password rotation for IAM users. D. Maintain the physical security of edge locations. E. Maintain least privilege access to the root user account.
B. Upgrade the firmware of the network infrastructure. D. Maintain the physical security of edge locations.
A company's IT team is managing MySQL database server clusters. The IT team has to patch the database and take backup snapshots of the data in the clusters.The company wants to move this workload to AWS so that these tasks will be completed automatically.What should the company do to meet these requirements? A. Deploy MySQL database server clusters on Amazon EC2 instances. B. Use Amazon RDS with a MySQL database. C. Use an AWS CloudFormation template to deploy MySQL database servers on Amazon EC2 instances. D. Migrate all the MySQL database data to Amazon S3.
B. Use Amazon RDS with a MySQL database.
Which action will provide documentation to help a company evaluate whether its use of the AWS Cloud is compliant with local regulatory standards? A. Running Amazon GuardDuty B. Using AWS Artifact C. Creating an AWS Support ticket D. Evaluating AWS CloudTrail logs
B. Using AWS Artifact
A company needs to establish a connection between two VPCs. The VPCs are located in two different AWS Regions. The company wants to use the existing infrastructure of the VPCs for this connection.Which AWS service or feature can be used to establish this connection? A. AWS Client VPN B. VPC peering C. AWS Direct Connect D. VPC endpoints
B. VPC peering
Which of the following are components of an AWS Site-to-Site VPN connection? (Choose two.) A. AWS Storage Gateway B. Virtual private gateway C. NAT gateway D. Customer gateway E. Internet gateway
B. Virtual private gateway D. Customer gateway
In which situations should a company create an IAM user instead of an IAM role? (Choose two.) A. When an application that runs on Amazon EC2 instances requires access to other AWS services B. When the company creates AWS access credentials for individuals C. When the company creates an application that runs on a mobile phone that makes requests to AWS D. When the company needs to add users to IAM groups E. When users are authenticated in the corporate network and want to be able to use AWS without having to sign in a second time
B. When the company creates AWS access credentials for individuals D. When the company needs to add users to IAM groups
A company discovered unauthorized access to resources in its on-premises data center. Upon investigation, the company found that the requests originated from a resource hosted on AWS.Which AWS team should the company contact to report this issue? A. AWS Customer Service team B. AWS Sales team C. AWS Abuse team D. AWS Technical Support team
C. AWS Abuse team
Which AWS service allows users to download security and compliance reports about the AWS infrastructure on demand? A. Amazon GuardDuty B. AWS Security Hub C. AWS Artifact D. AWS Shield
C. AWS Artifact
A company wants to run production workloads on AWS. The company wants access to technical support from engineers 24 hours a day, 7 days a week. The company also wants access to the AWS Health API and contextual architectural guidance for business use cases. The company has a strong IT support team and does not need concierge support.Which AWS Support plan will meet these requirements at the LOWEST cost? A. AWS Basic Support B. AWS Developer Support C. AWS Business Support D. AWS Enterprise Support
C. AWS Business Support Most Voted
A company wants to host a private version control system for its application code in the AWS Cloud.Which AWS service should the company use to meet this requirement? A. AWS CodePipeline B. AWS CodeStar C. AWS CodeCommit D. AWS CodeDeploy
C. AWS CodeCommit
A developer is working on enhancing applications at AWS. The developer needs a service that can securely host GitHub-based code, repositories, and version controls.Which AWS service should the developer use? A. AWS CodeStar B. Amazon CodeGuru C. AWS CodeCommit D. AWS CodePipeline
C. AWS CodeCommit
A company needs to build an application that uses AWS services. The application will be delivered to residents in European Counties. The company must abide by regional regulatory requirements.Which AWS service or program should the company use to determine which AWS services meet the regional requirements? A. AWS Audit Manager B. AWS Shield C. AWS Compliance Program D. AWS Artifact
C. AWS Compliance Program
Which AWS service should be used to migrate a company's on-premises MySQL database to Amazon RDS? A. AWS Direct Connect B. AWS Server Migration Service (AWS SMS) C. AWS Database Migration Service (AWS DMS) D. AWS Schema Conversion Tool (AWS SCT)
C. AWS Database Migration Service (AWS DMS)
A company is generating large sets of critical data in its on-premises data center. The company needs to securely transfer the data to AWS for processing. These transfers must occur daily over a dedicated connection.Which AWS service should the company use to meet these requirements? A. AWS Backup B. AWS DataSync C. AWS Direct Connect D. AWS Snowball
C. AWS Direct Connect
Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload? A. Amazon Route 53 B. Amazon Macie C. AWS Direct Connect D. AWS PrivateLink
C. AWS Direct Connect
A company wants to improve the overall availability and performance of its applications that are hosted on AWS.Which AWS service should the company use? A. Amazon Connect B. Amazon Lightsail C. AWS Global Accelerator D. AWS Storage Gateway
C. AWS Global Accelerator
Which AWS service or feature identifies whether an Amazon S3 bucket or an IAM role has been shared with an external entity? A. AWS Service Catalog B. AWS Systems Manager C. AWS IAM Access Analyzer D. AWS Organizations
C. AWS IAM Access Analyzer
Which AWS service is used to provide encryption for Amazon EBS? A. AWS Certificate Manager B. AWS Systems Manager C. AWS KMS D. AWS Config
C. AWS KMS
Service control policies (SCPs) manage permissions for which of the following? A. Availability Zones B. AWS Regions C. AWS Organizations D. Edge locations
C. AWS Organizations
A company is operating several factories where it builds products. The company needs the ability to process data, store data, and run applications with local system interdependencies that require low latency.Which AWS service should the company use to meet these requirements? A. AWS IoT Greengrass B. AWS Lambda C. AWS Outposts D. AWS Snowball Edge
C. AWS Outposts
A company wants to deploy some of its resources in the AWS Cloud. To meet regulatory requirements, the data must remain local and on premises. There must be low latency between AWS and the company resources.Which AWS service or feature can be used to meet these requirements? A. AWS Local Zones B. Availability Zones C. AWS Outposts D. AWS Wavelength Zones
C. AWS Outposts
Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co- location environments, or on-premises facilities? A. AWS Snowmobile B. AWS Local Zones C. AWS Outposts D. AWS Fargate
C. AWS Outposts
A company wants to limit its employees' AWS access to a portfolio of predefined AWS resources.Which AWS solution should the company use to meet this requirement? A. AWS Config B. AWS software development kits (SDKs) C. AWS Service Catalog D. AWS AppSync
C. AWS Service Catalog
Which AWS service will help protect applications running on AWS from DDoS attacks? A. Amazon GuardDuty B. AWS WAF C. AWS Shield D. Amazon Inspector
C. AWS Shield Most Voted
Which AWS services or tools are designed to protect a workload from SQL injections, cross-site scripting, and DDoS attacks? (Choose two.) A. VPC endpoint B. Virtual private gateway C. AWS Shield Standard D. AWS Config E. AWS WAF
C. AWS Shield Standard E. AWS WAF
A company is migrating to Amazon S3. The company needs to transfer 60 TB of data from an on-premises data center to AWS within 10 days.Which AWS service should the company use to accomplish this migration? A. Amazon S3 Glacier B. AWS Database Migration Service (AWS DMS) C. AWS Snowball D. AWS Direct Connect
C. AWS Snowball
A pharmaceutical company operates its infrastructure in a single AWS Region. The company has thousands of VPCs in a various AWS accounts that it wants to interconnect.Which AWS service or feature should the company use to help simplify management and reduce operational costs? A. VPC endpoint B. AWS Direct Connect C. AWS Transit Gateway D. VPC peering
C. AWS Transit Gateway
A company needs to evaluate its AWS environment and provide best practice recommendations in five categories: cost, performance, service limits, fault tolerance, and security.Which AWS service can the company use to meet these requirements? A. AWS Shield B. AWS WAF C. AWS Trusted Advisor D. AWS Service Catalog
C. AWS Trusted Advisor
A company is preparing to launch a new web store that is expected to receive high traffic for an upcoming event. The web store runs only on AWS, and the company has an AWS Enterprise Support plan.Which AWS resource will provide guidance about how the company should scale its architecture and operational support during the event? A. AWS Abuse team B. The designated AWS technical account manager (TAM) C. AWS infrastructure event management D. AWS Professional Services
C. AWS infrastructure event management
A company needs to deliver new website features quickly in an iterative manner to minimize the time to market.Which AWS Cloud concept does this requirement represent? A. Reliability B. Elasticity C. Agility D. High availability
C. Agility
A company's on-premises application deployment cycle was 3-4 weeks. After migrating to the AWS Cloud, the company can deploy the application in 2-3 days.Which benefit has this company experienced by moving to the AWS Cloud? A. Elasticity B. Flexibility C. Agility D. Resilience
C. Agility
Which AWS service should be used to monitor Amazon EC2 instances for CPU and network utilization? A. Amazon Inspector B. AWS CloudTrail C. Amazon CloudWatch D. AWS Config
C. Amazon CloudWatch
A company needs to set up user authentication for a new application. Users must be able to sign in directly with a user name and password, or through a third- party provider.Which AWS service should the company use to meet these requirements? A. AWS Single Sign-On B. AWS Signer C. Amazon Cognito D. AWS Directory Service
C. Amazon Cognito
A company wants to perform sentiment analysis on customer service email messages that it receives. The company wants to identify whether the customer service engagement was positive or negative.Which AWS service should the company use to perform this analysis? A. Amazon Textract B. Amazon Translate C. Amazon Comprehend D. Amazon Rekognition
C. Amazon Comprehend
A company is developing a new Node.js application. The application must have a scalable NoSQL database to meet increasing demand as the popularity of the application grows.Which AWS service will meet the requirements for the database? A. Amazon Aurora Serverless B. Amazon ElastiCache C. Amazon DynamoDB D. Amazon Redshift
C. Amazon DynamoDB
Which of the following is an AWS key-value database offering consistent single-digit millisecond performance at any scale? A. Amazon RDS B. Amazon Aurora C. Amazon DynamoDB D. Amazon Redshift
C. Amazon DynamoDB
Which AWS service can a company use to store and manage Docker images? A. Amazon DynamoDB B. Amazon Kinesis Data Streams C. Amazon Elastic Container Registry (Amazon ECR) D. Amazon Elastic File System (Amazon EFS)
C. Amazon Elastic Container Registry (Amazon ECR)
A company wants to implement threat detection on its AWS infrastructure. However, the company does not want to deploy additional software.Which AWS service should the company use to meet these requirements? A. Amazon VPC B. Amazon EC2 C. Amazon GuardDuty D. AWS Direct Connect
C. Amazon GuardDuty
Which AWS service provides threat detection by monitoring for malicious activities and unauthorized actions to protect AWS accounts, workloads, and data that is stored in Amazon S3? A. AWS Shield B. AWS Firewall Manager C. Amazon GuardDuty D. Amazon Inspector
C. Amazon GuardDuty
A company wants to analyze streaming user data and respond to customer queries in real time.Which AWS service can meet these requirements? A. Amazon QuickSight B. Amazon Redshift C. Amazon Kinesis Data Analytics D. AWS Data Pipeline
C. Amazon Kinesis Data Analytics
Which AWS services use cloud-native storage that provides replication across multiple Availability Zones by default? (Choose two.) A. Amazon ElastiCache B. Amazon RDS for Oracle C. Amazon Neptune D. Amazon DocumentDB (with MongoDB compatibility) E. Amazon Redshift
C. Amazon Neptune D. Amazon DocumentDB (with MongoDB compatibility)
Which AWS services are managed database services? (Choose two.) A. Amazon Elastic Block Store (Amazon EBS) B. Amazon S3 C. Amazon RDS D. Amazon Elastic File System (Amazon EFS) E. Amazon DynamoDB
C. Amazon RDS E. Amazon DynamoDB
A company needs to deploy a PostgreSQL database into Amazon RDS. The database must be highly available and fault tolerant.Which AWS solution should the company use to meet these requirements? A. Amazon RDS with a single Availability Zone B. Amazon RDS snapshots C. Amazon RDS with multiple Availability Zones D. AWS Database Migration Service (AWS DMS)
C. Amazon RDS with multiple Availability Zones
A company needs to set up a petabyte-scale data warehouse in the AWS Cloud.Which AWS service will meet this requirement? A. Amazon DynamoDB B. Amazon RDS C. Amazon Redshift D. Amazon ElastiCache
C. Amazon Redshift
A company has a social media platform in which users upload and share photos with other users. The company wants to identify and remove inappropriate photos. The company has no machine learning (ML) scientists and must build this detection capability with no ML expertise.Which AWS service should the company use to build this capability? A. Amazon SageMaker B. Amazon Textract C. Amazon Rekognition D. Amazon Comprehend
C. Amazon Rekognition
Which AWS service can help a company detect an outage of its website servers and redirect users to alternate servers? A. Amazon CloudFront B. Amazon GuardDuty C. Amazon Route 53 D. AWS Trusted Advisor
C. Amazon Route 53
Which AWS service is a highly available and scalable DNS web service? A. Amazon VPC B. Amazon CloudFront C. Amazon Route 53 D. Amazon Connect
C. Amazon Route 53
Which of the following describes AWS Local Zones? A. A cluster of data centers in one geographic location B. A site used by Amazon CloudFront to cache frequently accessed content C. An extension of an AWS Region to more granular locations D. One or more data centers with redundant power and networking
C. An extension of an AWS Region to more granular locations
A company has refined its workload to use specific AWS services to improve efficiency and reduce cost.Which best practice for cost governance does this example show? A. Resource controls B. Cost allocation C. Architecture optimization D. Tagging enforcement
C. Architecture optimization
What is the primary use case for Amazon GuardDuty? A. Prevention of DDoS attacks B. Protection against SQL injection attacks C. Automatic monitoring for threats to AWS workloads D. Automatic provisioning of AWS resources
C. Automatic monitoring for threats to AWS workloads
Which disaster recovery option is the LEAST expensive? A. Warm standby B. Multisite C. Backup and restore D. Pilot light
C. Backup and restore
A company wants to expand from one AWS Region into a second AWS Region.What does the company need to do to expand into the second Region? A. Contact an AWS account manager to sign a new contract. B. Move an Availability Zone to the second Region. C. Begin to deploy resources in the second Region. D. Download the AWS Management Console for the second Region.
C. Begin to deploy resources in the second Region.
A user is comparing purchase options for an application that runs on Amazon EC2 and Amazon RDS. The application cannot sustain any interruption. The application experiences a predictable amount of usage, including some seasonal spikes that last only a few weeks at a time. It is not possible to modify the application.Which purchase option meets these requirements MOST cost-effectively? A. Review the AWS Marketplace and buy Partial Upfront Reserved Instances to cover the predicted and seasonal load. B. Buy Reserved Instances for the predicted amount of usage throughout the year. Allow any seasonal usage to run on Spot Instances. C. Buy Reserved Instances for the predicted amount of usage throughout the year. Allow any seasonal usage to run at an On-Demand rate. D. Buy Reserved Instances to cover all potential usage that results from the seasonal usage.
C. Buy Reserved Instances for the predicted amount of usage throughout the year. Allow any seasonal usage to run at an On-Demand rate.
A company needs to design an AWS disaster recovery plan to cover multiple geographic areas.Which action will meet this requirement? A. Configure multiple AWS accounts. B. Configure the architecture across multiple Availability Zones in an AWS Region. C. Configure the architecture across multiple AWS Regions. D. Configure the architecture among many edge locations.
C. Configure the architecture across multiple AWS Regions.
Which AWS Organizations feature can be used to track charges across multiple accounts and report the combined cost? A. Service control policies (SCPs) B. Cost Explorer C. Consolidated billing D. AWS Identity and Access Management (IAM)
C. Consolidated billing
AWS has the ability to achieve lower pay-as-you-go pricing by aggregating usage across hundreds of thousands of users.This describes which advantage of the AWS Cloud? A. Launch globally in minutes B. Increase speed and agility C. High economies of scale D. No guessing about compute capacity
C. High economies of scale
What is a benefit of moving to the AWS Cloud in terms of improving time to market? A. Decreased deployment speed B. Increased application security C. Increased business agility D. Increased backup capabilities
C. Increased business agility
Which task is an AWS responsibility when a workload is running in Amazon RDS? A. Creating the database table B. Updating the database schema C. Installing the database engine D. Dropping the database records
C. Installing the database engine
What type of database is Amazon DynamoDB? A. In-memory B. Relational C. Key-value D. Graph
C. Key-value
A company is designing its AWS workloads so that components can be updated regularly and so that changes can be made in small, reversible increments.Which pillar of the AWS Well-Architected Framework does this design support? A. Security B. Performance efficiency C. Operational excellence D. Reliability
C. Operational excellence
Which task is the responsibility of AWS, according to the AWS shared responsibility model? A. Apply guest operating system patches to Amazon EC2 instances. B. Provide monitoring of human resources information management (HRIM) systems. C. Perform automated backups of Amazon RDS instances. D. Optimize the costs of running AWS services.
C. Perform automated backups of Amazon RDS instances.
Which controls does the customer fully inherit from AWS in the AWS shared responsibility model? A. Patch management controls B. Awareness and training controls C. Physical and environmental controls D. Configuration management controls
C. Physical and environmental controls
A company wants to increase its ability to recover its infrastructure in the case of a natural disaster.Which pillar of the AWS Well-Architected Framework does this ability represent? A. Cost optimization B. Performance efficiency C. Reliability D. Security
C. Reliability
A company wants to use Amazon S3 to store its legacy data. The data is rarely accessed. However, the data is critical and cannot be recreated. The data needs to be available for retrieval within seconds.Which S3 storage class meets these requirements MOST cost-effectively? A. S3 Standard B. S3 One Zone-Infrequent Access (S3 One Zone-IA) C. S3 Standard-Infrequent Access (S3 Standard-IA) D. S3 Glacier
C. S3 Standard-Infrequent Access (S3 Standard-IA)
Which of the following is a way to use Amazon EC2 Auto Scaling groups to scale capacity in the AWS Cloud? A. Scale the number of EC2 instances in or out automatically, based on demand. B. Use serverless EC2 instances. C. Scale the size of EC2 instances up or down automatically, based on demand. D. Transfer unused CPU resources between EC2 instances.
C. Scale the size of EC2 instances up or down automatically, based on demand.
Which design principle is achieved by following the reliability pillar of the AWS Well-Architected Framework? A. Vertical scaling B. Manual failure recovery C. Testing recovery procedures D. Changing infrastructure manually
C. Testing recovery procedures
Which of the following is a cloud benefit that AWS offers to its users? A. The ability to configure AWS data center hypervisors B. The ability to purchase hardware in advance of increased traffic C. The ability to deploy to AWS on a global scale D. Compliance audits for user IT environments
C. The ability to deploy to AWS on a global scale
Which of the following are characteristics of a serverless application that runs in the AWS Cloud? (Choose two.) A. Users must manually configure Amazon EC2 instances. B. Users have a choice of operating systems. C. The application has built-in fault tolerance. D. Users can run Amazon EC2 Spot Instances. E. The application can scale based on demand.
C. The application has built-in fault tolerance. E. The application can scale based on demand.
Which of the following is a characteristic of the AWS account root user? A. The root user is the only user that can be configured with multi-factor authentication (MFA). B. The root user is the only user that can access the AWS Management Console. C. The root user is the first sign-in identity that is available when an AWS account is created. D. The root user has a password that cannot be changed.
C. The root user is the first sign-in identity that is available when an AWS account is created.
A user needs to determine whether an Amazon EC2 instance's security groups were modified in the last month.How can the user see if a change was made? A. Use Amazon EC2 to see if the security group was changed. B. Use AWS Identity and Access Management (IAM) to see which user or role changed the security group. C. Use AWS CloudTrail to see if the security group was changed. D. Use Amazon CloudWatch to see if the security group was changed.
C. Use AWS CloudTrail to see if the security group was changed.
A global company is building a simple time-tracking mobile app. The app needs to operate globally and must store collected data in a database. Data must be accessible from the AWS Region that is closest to the user.What should the company do to meet these data storage requirements with the LEAST amount of operational overhead? A. Use Amazon EC2 in multiple Regions to host separate databases B. Use Amazon RDS cross-Region replication C. Use Amazon DynamoDB global tables D. Use AWS Database Migration Service (AWS DMS)
C. Use Amazon DynamoDB global tables
A company stores configuration files in an Amazon S3 bucket. These configuration files must be accessed by applications that are running on Amazon EC2 instances.According to AWS security best practices, how should the company grant permissions to allow the applications for access the S3 bucket? A. Use the AWS account root user access keys. B. Use the AWS access key ID and the EC2 secret access key. C. Use an IAM role with the necessary permissions. D. Activate multi-factor authentication (MFA) and versioning on the S3 bucket.
C. Use an IAM role with the necessary permissions.
Which of the following are advantages of moving to the AWS Cloud? (Choose two.) A. Users can implement all AWS services in seconds. B. AWS assumes all responsibility for the security of infrastructure and applications. C. Users experience increased speed and agility. D. Users benefit from massive economies of scale. E. Users can move hardware from their data center to the AWS Cloud.
C. Users experience increased speed and agility. D. Users benefit from massive economies of scale.
A company wants to secure its consumer web application by using SSL/TLS to encrypt traffic.Which AWS service can the company use to meet this goal? A. AWS WAF B. AWS Shield C. Amazon VPC D. AWS Certificate Manager (ACM)
D. AWS Certificate Manager (ACM)
Which AWS service tracks API calls and user activity? A. AWS Organizations B. AWS Config C. Amazon CloudWatch D. AWS CloudTrail
D. AWS CloudTrail
A company needs to report on events that involve the specific AWS services that the company uses.Which AWS service or resource can the company use with Amazon CloudWatch to meet this requirement? A. Amazon Inspector B. AWS Personal Health Dashboard C. AWS Trusted Advisor D. AWS CloudTrail logs
D. AWS CloudTrail logs
Which AWS service, feature, or tool uses machine learning to continuously monitor cost and usage for unusual cloud spending? A. Amazon Lookout for Metrics B. AWS Budgets C. Amazon CloudWatch D. AWS Cost Anomaly Detection
D. AWS Cost Anomaly Detection
A company needs to generate reports that can break down cloud costs by product, by company-defined tags, and by hour, day, and month.Which AWS tool should the company use to meet these requirements? A. Reserved Instance utilization and coverage reports B. Savings Plans utilization reports C. AWS Budgets reports D. AWS Cost and Usage Reports
D. AWS Cost and Usage Reports
What is the scope of a VPC within the AWS network? A. A VPC can span all Availability Zones globally. B. A VPC must span at least two subnets in each AWS Region. C. A VPC must span at least two edge locations in each AWS Region. D. A VPC can span all Availability Zones within an AWS Region.
D. A VPC can span all Availability Zones within an AWS Region.
A company wants to migrate to AWS and use the same security software it uses on premises. The security software vendor offers its security software as a service on AWS.Where can the company purchase the security solution? A. AWS Partner Solutions Finder B. AWS Support Center C. AWS Management Console D. AWS Marketplace
D. AWS Marketplace
A large company has multiple departments. Each department has its own AWS account. Each department has purchased Amazon EC2 Reserved Instances.Some departments do not use all the Reserved Instances that they purchased, and other departments need more Reserved Instances than they purchased.The company needs to manage the AWS accounts for all the departments so that the departments can share the Reserved Instances.Which AWS service or tool should the company use to meet these requirements? A. AWS Systems Manager B. Cost Explorer C. AWS Trusted Advisor D. AWS Organizations
D. AWS Organizations
A user is able to set up a master payer account to view consolidated billing reports through: A. AWS Budgets. B. Amazon Macie. C. Amazon QuickSight. D. AWS Organizations.
D. AWS Organizations.
A manufacturing company has a critical application that runs at a remote site that has a slow internet connection. The company wants to migrate the workload toAWS. The application is sensitive to latency and interruptions in connectivity. The company wants a solution that can host this application with minimum latency.Which AWS service or feature should the company use to meet these requirements? A. Availability Zones B. AWS Local Zones C. AWS Wavelength D. AWS Outposts
D. AWS Outposts
A company is planning an infrastructure deployment to the AWS Cloud. Before the deployment, the company wants a cost estimate for running the infrastructure.Which AWS service or feature can provide this information? A. Cost Explorer B. AWS Trusted Advisor C. AWS Cost and Usage Report D. AWS Pricing Calculator
D. AWS Pricing Calculator
A company plans to launch an application that will run in multiple locations within the United States. The company needs to identify the two AWS Regions where the application can operate at the lowest price.Which AWS service or feature should the company use to determine the Regions that offer the lowest price? A. Cost Explorer B. AWS Budgets C. AWS Trusted Advisor D. AWS Pricing Calculator
D. AWS Pricing Calculator
A company has a fleet of cargo ships. The cargo ships have sensors that collect data at sea, where there is intermittent or no internet connectivity. The company needs to collect, format, and process the data at sea and move the data to AWS later.Which AWS service should the company use to meet these requirements? A. AWS IoT Core B. Amazon Lightsail C. AWS Storage Gateway D. AWS Snowball Edge
D. AWS Snowball Edge
A company has a physical tape library to store data backups. The tape library is running out of space. The company needs to extend the tape library's capacity to the AWS Cloud.Which AWS service should the company use to meet this requirement? A. Amazon Elastic Block Store (Amazon EBS) B. Amazon S3 C. Amazon Elastic File System (Amazon EFS) D. AWS Storage Gateway
D. AWS Storage Gateway
A company has a serverless application that includes an Amazon API Gateway API, an AWS Lambda function, and an Amazon DynamoDB database.Which AWS service can the company use to trace user requests as they move through the application's components? A. AWS CloudTrail B. Amazon CloudWatch C. Amazon Inspector D. AWS X-Ray
D. AWS X-Ray
Which AWS service provides the capability to view end-to-end performance metrics and troubleshoot distributed applications? A. AWS Cloud9 B. AWS CodeStar C. AWS Cloud Map D. AWS X-Ray
D. AWS X-Ray
Who has the responsibility to patch the host operating system of an Amazon EC2 instance, according to the AWS shared responsibility model? A. Both AWS and the customer B. The customer only C. The EC2 hardware manufacturer D. AWS only
D. AWS only
Which AWS service or feature allows users to connect with and deploy AWS services programmatically? A. AWS Management Console B. AWS Cloud9 C. AWS CodePipeline D. AWS software development kits (SDKs)
D. AWS software development kits (SDKs)
After selecting an Amazon EC2 Dedicated Host reservation, which pricing option would provide the largest discount? A. No upfront payment B. Hourly on-demand payment C. Partial upfront payment D. All upfront payment
D. All upfront payment
A company is planning to run a global marketing application in the AWS Cloud. The application will feature videos that can be viewed by users. The company must ensure that all users can view these videos with low latency.Which AWS service should the company use to meet this requirement? A. AWS Auto Scaling B. Amazon Kinesis Video Streams C. Elastic Load Balancing D. Amazon CloudFront
D. Amazon CloudFront
Which AWS service monitors CPU utilization on Amazon EC2 instances? A. AWS CloudTrail B. Amazon Inspector C. AWS Config D. Amazon CloudWatch
D. Amazon CloudWatch
Which AWS service provides a feature that can be used to proactively monitor and plan for the service quotas of AWS resources? A. AWS CloudTrail B. AWS Personal Health Dashboard C. AWS Trusted Advisor D. Amazon CloudWatch
D. Amazon CloudWatch
An ecommerce company wants to use Amazon EC2 Auto Scaling to add and remove EC2 instances based on CPU utilization.Which AWS service or feature can initiate an Amazon EC2 Auto Scaling action to achieve this goal? A. Amazon Simple Queue Service (Amazon SQS) B. Amazon Simple Notification Service (Amazon SNS) C. AWS Systems Manager D. Amazon CloudWatch alarm
D. Amazon CloudWatch alarm
A company is developing a mobile app that needs a high-performance NoSQL database.Which AWS services could the company use for this database? (Choose two.) A. Amazon Aurora B. Amazon RDS C. Amazon Redshift D. Amazon DocumentDB (with MongoDB compatibility) E. Amazon DynamoDB
D. Amazon DocumentDB (with MongoDB compatibility) E. Amazon DynamoDB
A company needs steady and predictable performance from its Amazon EC2 instances at the lowest possible cost. The company also needs the ability to scale resources to ensure that it has the right resources available at the right time.Which AWS service or resource will meet these requirements? A. Amazon CloudWatch B. Application Load Balancer C. AWS Batch D. Amazon EC2 Auto Scaling
D. Amazon EC2 Auto Scaling
A company needs an AWS service that will continuously monitor the company's AWS account for suspicious activity. The service must have the ability to initiate automated actions against threats that are identified in the security findings.Which service will meet these requirements? A. AWS Trusted Advisor B. Amazon Detective C. Amazon Inspector D. Amazon GuardDuty
D. Amazon GuardDuty
A company needs an automated security assessment report that will identify unintended network access to Amazon EC2 instances. The report also must identify operating system vulnerabilities on those instances.Which AWS service or feature should the company use to meet this requirement? A. AWS Trusted Advisor B. Security groups C. Amazon Macie D. Amazon Inspector
D. Amazon Inspector
A company needs to identify personally identifiable information (PII), such as credit card numbers, from data that is stored in Amazon S3.Which AWS service should the company use to meet this requirement? A. Amazon Inspector B. AWS Shield C. Amazon GuardDuty D. Amazon Macie
D. Amazon Macie
A company needs to generate reports for business intelligence and operational analytics on petabytes of semistructured and structured data. These reports are produced from standard SQL queries on data that is in an Amazon S3 data lake.Which AWS service provides the ability to analyze this data? A. Amazon RDS B. Amazon Neptune C. Amazon DynamoDB D. Amazon Redshift
D. Amazon Redshift
A company wants to add facial identification to its user verification process on an application.Which AWS service should the company use to meet this requirement? A. Amazon Polly B. Amazon Transcribe C. Amazon Lex D. Amazon Rekognition
D. Amazon Rekognition
Which AWS services offer gateway VPC endpoints that can be used to avoid sending traffic over the internet? (Choose two.) A. Amazon Simple Notification Service (Amazon SNS) B. Amazon Simple Queue Service (Amazon SQS) C. AWS CodeBuild D. Amazon S3 E. Amazon DynamoDB
D. Amazon S3 E. Amazon DynamoDB
Which AWS service helps developers use loose coupling and reliable messaging between microservices? A. Elastic Load Balancing B. Amazon Simple Notification Service (Amazon SNS) C. Amazon CloudFront D. Amazon Simple Queue Service (Amazon SQS)
D. Amazon Simple Queue Service (Amazon SQS)
A company wants its employees to have access to virtual desktop infrastructure to securely access company-provided desktops through the employees' personal devices.Which AWS service should the company use to meet these requirements? A. Amazon AppStream 2.0 B. AWS AppSync C. Amazon FSx for Windows File Server D. Amazon WorkSpaces
D. Amazon WorkSpaces
Which of the following is a recommended design principle for AWS Cloud architecture? A. Design tightly coupled components. B. Build a single application component that can handle all the application functionality. C. Make large changes on fewer iterations to reduce chances of failure. D. Avoid monolithic architecture by segmenting workloads.
D. Avoid monolithic architecture by segmenting workloads.
A company wants to forecast future costs and usage of AWS resources based on past consumption.Which AWS service or tool will provide this forecast? A. AWS Cost and Usage Report B. Amazon Forecast C. AWS Pricing Calculator D. Cost Explorer
D. Cost Explorer
A company does not want to rely on elaborate forecasting to determine its usage of compute resources. Instead, the company wants to pay only for the resources that it uses. The company also needs the ability to increase or decrease its resource usage to meet business requirements.Which pillar of the AWS Well-Architected Framework aligns with these requirements? A. Operational excellence B. Security C. Reliability D. Cost optimization
D. Cost optimization
A company is moving multiple applications to a single AWS account. The company wants to monitor the AWS Cloud costs incurred by each application.What can the company do to meet this requirement? A. Set up invoiced billing. B. Use AWS Artifact. C. Set budgets in Cost Explorer. D. Create cost allocation tags.
D. Create cost allocation tags.
What are some advantages of using Amazon EC2 instances to host applications in the AWS Cloud instead of on premises? (Choose two.) A. EC2 includes operating system patch management. B. EC2 integrates with Amazon VPC, AWS CloudTrail, and AWS Identity and Access Management (IAM). C. EC2 has a 100% service level agreement (SLA). D. EC2 has a flexible, pay-as-you-go pricing model. E. EC2 has automatic storage cost optimization.
D. EC2 has a flexible, pay-as-you-go pricing model. E. EC2 has automatic storage cost optimization.
Which cloud computing benefit does AWS demonstrate with its ability to offer lower variable costs as a result of high purchase volumes? A. Pay-as-you-go pricing B. High availability C. Global reach D. Economies of scale
D. Economies of scale
Which approach will enhance a user's security on AWS? A. Use Multi-AZ deployments with Amazon RDS. B. Create a hybrid architecture by using AWS Direct Connect. C. Monitor application-specific information with AWS X-Ray. D. Encrypt data by using AWS Key Management Service (AWS KMS).
D. Encrypt data by using AWS Key Management Service (AWS KMS).
A company has designed its AWS Cloud infrastructure to run its workloads effectively. The company also has protocols in place to continuously improve supporting processes.Which pillar of the AWS Well-Architected Framework does this scenario represent? A. Security B. Performance efficiency C. Cost optimization D. Operational excellence
D. Operational excellence
A company is using an Amazon RDS DB instance for an application that is deployed in the AWS Cloud. The company needs regular patching of the operating system of the server where the DB instance runs.What is the company's responsibility in this situation, according to the AWS shared responsibility model? A. Open a support case to obtain administrative access to the server so that the company can patch the DB instance operating system. B. Open a support case and request that AWS patch the DB instance operating system. C. Use administrative access to the server, and apply the operating system patches during the regular maintenance window that is defined for the DB instance. D. Establish a regular maintenance window that tells AWS when to patch the DB instance operating system.
D. Establish a regular maintenance window that tells AWS when to patch the DB instance operating system.
Which AWS benefit enables users to deploy cloud infrastructure that consists of multiple geographic regions connected by a network with low latency, high throughput, and redundancy? A. Economies of scale B. Security C. Elasticity D. Global reach
D. Global reach
Which task can a user complete by using AWS Identity and Access Management (IAM)? A. Validate JSON syntax from an application configuration file. B. Analyze logs from an Amazon API Gateway call. C. Filter traffic to or from an Amazon EC2 instance. D. Grant permissions to applications that run on Amazon EC2 instances.
D. Grant permissions to applications that run on Amazon EC2 instances.
Which AWS Cloud benefit is shown by an architecture's ability to withstand failures with minimal downtime? A. Agility B. Elasticity C. Scalability D. High availability
D. High availability
Which architecture design principle describes the need to isolate failures between dependent components in the AWS Cloud? A. Use a monolithic design. B. Design for automation. C. Design for single points of failure. D. Loosely couple components.
D. Loosely couple components.
What is a benefit of using AWS serverless computing? A. Application deployment and management are not required. B. Application security will be fully managed by AWS. C. Monitoring and logging are not needed. D. Management of infrastructure is offloaded to AWS.
D. Management of infrastructure is offloaded to AWS.
Which responsibility belongs to AWS when a company hosts its databases on Amazon EC2 instances? A. Database backups B. Database software patches C. Operating system patches D. Operating system installations.
D. Operating system installations.
What are the five pillars of the AWS Well-Architected Framework? A. Encryption, documentation, speed, hybrid design, and cost optimization B. Containerization, cost margins, globalization, marketplace, and developer operations C. Network, compute, storage, security, and developer operations D. Operational excellence, reliability, performance efficiency, security, and cost optimization
D. Operational excellence, reliability, performance efficiency, security, and cost optimization
A company wants to eliminate the need to guess infrastructure capacity before deployments. The company also wants to spend its budget on cloud resources only as the company uses the resources.Which advantage of the AWS Cloud matches the company's requirements? A. Reliability B. Global reach C. Economies of scale D. Pay-as-you-go pricing
D. Pay-as-you-go pricing
A company implements an Amazon EC2 Auto Scaling policy along with an Application Load Balancer to automatically recover unhealthy applications that run onAmazon EC2 instances.Which pillar of the AWS Well-Architected Framework does this action cover? A. Security B. Performance efficiency C. Operational excellence D. Reliability
D. Reliability
A company wants to launch its workload on AWS and requires the system to automatically recover from failure.Which pillar of the AWS Well-Architected Framework includes this requirement? A. Cost optimization B. Operational excellence C. Performance efficiency D. Reliability
D. Reliability
A system automatically recovers from failure when a company launches its workload on the AWS Cloud services platform.Which pillar of the AWS Well-Architected Framework does this situation demonstrate? A. Cost optimization B. Operational excellence C. Performance efficiency D. Reliability
D. Reliability
Which AWS service or feature acts as a firewall for Amazon EC2 instances? A. Network ACL B. Elastic network interface C. Amazon VPC D. Security group
D. Security group
Which AWS service or tool is associated with an Amazon EC2 instance and acts as a virtual firewall to control inbound and outbound traffic? A. AWS WAF B. AWS Shield C. Network access control list (ACL) D. Security group
D. Security group
Which task can a company complete by using AWS Organizations? A. Track application deployment statuses globally. B. Remove unused and underutilized AWS resources across all accounts. C. Activate DDoS protection across all accounts. D. Share pre-purchased Amazon EC2 resources across accounts.
D. Share pre-purchased Amazon EC2 resources across accounts.
How does the AWS global infrastructure offer high availability and fault tolerance to its users? A. The AWS infrastructure is made up of multiple AWS Regions within various Availability Zones located in areas that have low flood risk, and are interconnected with low-latency networks and redundant power supplies. B. The AWS infrastructure consists of subnets containing various Availability Zones with multiple data centers located in the same geographic location. C. AWS allows users to choose AWS Regions and data centers so that users can select the closest data centers in different Regions. D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that are connected with low-latency networking and redundant power supplies.
D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that are connected with low-latency networking and redundant power supplies.
What is the total amount of storage offered by Amazon S3? A. 100MB B. 5 GB C. 5 TB D. Unlimited
D. Unlimited
According to the AWS shared responsibility model, which task is the customer's responsibility? A. Maintaining the infrastructure needed to run AWS Lambda B. Updating the operating system of Amazon DynamoDB instances C. Maintaining Amazon S3 infrastructure D. Updating the guest operating system on Amazon EC2 instances
D. Updating the guest operating system on Amazon EC2 instances