AWS Knowledge Checks
Edge locations are only located in the same general area as regions. *
False
AWS Organizations enables you to consolidate multiple AWS accounts so that you can centrally manage them.
True
As AWS grows, the cost of doing business is reduced and savings are passed back to the customer with lower pricing. What is this optimization called? * Matching supply and demand. EC2 Right-Sizing. Economies of scale. Expenditure awareness.
Economies of scale
In the shared responsibility model, AWS is responsible for providing what? Security to the cloud. Security for the cloud. Security of the cloud. Security in the cloud.
Security of the cloud.
Which of these is not a cloud deployment model? Software as a service. Infrastructure as a service. System Administration as a service. Platform as a service.
System Administration as a service
With Amazon Virtual Private Cloud (Amazon VPC), what is the maximum size IP address range you can have in a VPC? * /16. /24. /30. /28.
/16.
With Amazon Virtual Private Cloud (Amazon VPC), what is the smallest size subnet you can have in a VPC? * /26. /24. /30. /28.
/28
You are a solutions architect who works at a large retail company that is migrating its existing infrastructure to AWS. You recommend that they use a custom VPC. When you create a VPC, you assign it to an IPv4 Classless Inter-Domain Routing (CIDR) block of 10.0.1.0/24 (which has 256 total IP addresses). How many IP addresses are available? 251 246 256 250
251. The subnet has 256 IP Addresses but only 251 are available because 5 are reserved
Which of these statments about Availability Zones is not true? Availability Zones are designed for fault isolation. A data center can be used for more than one Availability Zone. Availability Zones are made up of one or more data centers. Availability Zones are connected to each other using high-speed private links.
A data center can be used for more than one Availability Zone.
What happens when you use Amazon Virtual Private Cloud (Amazon VPC) to create a new VPC? A main route table is created by default. An internet gateway is created by default. Three subnets are created by default: One for each Availability Zone. Three subnets are created by default in one Availability Zone.
A main route table is created by default.
Which of these are ways to access AWS Core services? (Choose three) AWS Command Line Interface (AWS CLI). Software Development Kits (SDKs). Technical Support Calls. AWS Marketplace. AWS Management Console.
AWS Command Line Interface (AWS CLI) Software Development Kits (SDKs) AWS Managment Console
Where can a customer go to get more details about Amazon Elastic Compute Cloud (Amazon EC2) billing activityu that took place three months ago? AWS Cost Explorer. AWS Cloudtrail logs stored in Amazon Simple Storage Service (AWS S3). AWS Trusted Advisor dashboard. Amazon EC2 Dashboard.
AWS Cost Explorer
Which component of AWS Global Infrastuure does Amazon CloudFront use to ensure low-latency delivery? AWS Regions. AWS Edge Location. Amazon Virtual Private Cloud (Amazon VPC). AWS Availability Zones.
AWS Edge Location.
Which component of the AWS Global Infrastructure does Amazon CloudFront use to ensure low-latency delivery? AWS Edge Locations. AWS Availability Zone. Amazon Virtual Private Cloud (Amazon VPC). AWS Regions.
AWS Edge Locations
When creating an AWS Identity and Access Management (IAM) policy, what are the two types of access that can be granted to a user? (Choose two) AWS Management Console Access. Administrative Root Access. Programmatic Access. Institutional Access Authorized Access
AWS Management Console Access. Programmatic Access.
Which of the following are geographic areas that host two or more Availability Zones? Compute Zones. AWS Regions. Edge Locations. AWS Origins.
AWS Regions
What are the advantages of cloud computing over computing on-premises? Avoid large capital purchases. Use On-Demand capacity. Go global in minutes. Increase speed and agility. All of the above.
All of the above
Which of the following is a compute service? Amazon Cloudfront. Amazon VPC. Amazon EC2. Amazon Redshift. Amazon S3.
Amazon EC2
Which AWS networking service enables a company to create a virtual network within AWS? AWS Direct Connect. Amazon Route 53. AWS Config. Amazon Virtual Private Cloud.
Amazon Virtual Private Cloud.
What are the four support plans offered by AWS Support? Basic, Developer, Business, Enterprise. Basic, Startup, Business, Enterprise. Free, Bronze, Silver, Gold. All support is free.
Basic, Developer, Business, Enterprise
Which of the following should be done by the AWS account root user? Secure access for applications. Integrate with other AWS Services . Change granular permissions. Change the AWS Support plan.
Change the AWS Support plan.
You can run applications and workloads from a region closer to the end-users to ____ latency. Increase. Decrease.
Decrease
After initial login, what does AWS recommend as the best practice for the AWS account root user? Delete the access keys of the AWS account root user. Revoke all permissions on the AWS account root user. Delete the AWS account root user. Restrict permission on the AWS account root user.
Delete the access keys of the AWS account root user.
What is true about Regions? (Choose two) Each region is located in a separate geographic area. All regions are located in one specific geographic area A region is a physical location that has multiple Availability zones. They are the physical locations of your customers.
Each regions is located in a separate geographic area. A region is a physical location that has multiple Availability zones.
How would a system administrator add an additional layer of login security to a user's AWS Management Console? Enable AWS CloudTrail. Enable multi-factor authentication. Use Amazon Cloud Directory. Audit AWS Identity and Access Management (IAM Roles).
Enable multi-factor authentication.
In the shared responsibility model, which of the following are examples of "security in the cloud"? (Choose two) Protecting the global infrastructure. Encryption of data at rest and data in transit. Physical security of the facilities in which the services operate. Compliance with compute security standards and regulations. Security group configurations.
Encryption of data at rest and data in transit Security group configurations.
AWS Key Management Service (KMS) enables the configurations of your AWS resources.
False
Cloud computing provides a simple way to access servers, storage, databases, and a broad set of application services over the internet. You own the network-connected hardware required for these services and Amazon Web Services provisions what you need.
False
Private subnets have direct access to the internet.
False
To receive the discounted rate associated with Reserved Instances, you must make a full, upfront payment for the term of the agreement.
False
Unlimited services are available with the AWS Free Tier to new AWS customers for 12 months following their AWS sign up date.
False
____ means the infrastructure has built-in component redundancy and ____ means that resources dynamically adjust to increase or decrease in capacity requirements. * No human intervention, fault-tolerant. Fault-tolerant, elastic and scalable. Fault-tolerant, no human intervention. Elastic and scalable, no human intervention. Elastic and scalable, fault-tolerant.
Fault tolerant, elastic and scalable
When are free data transfers applicable across AWS? (Choose two) Free inbound data transfer across all AWS services in all Regions. Free outbound data transfer across all AWS services in all Regions. Free inbound data transfer for Amazon Elastic Compute Cloud (EC2) instances. Free outbound data transfer between AWS services within the same region.
Free inbound data transfer for Amazon Elastic Compute Cloud (EC2) instances Free outbound data transfer between AWS services within the same region
Economies of scale result from ____? Having to invest heavily in data centers and servers. Having hundreds of thousands of customers aggregated in the cloud. Having hundreds of cloud services available over the internet. Having many different cloud providers.
Having hundreds of thousands of customers aggregated in the cloud
Which of the following are not benefits of AWS Cloud computing? (Choose two) High latency. Multiple procurement cycles. High availability. Temporary and disposable resources. Fault-tolerant databases.
High latency Multiple procurement cycles
There is no charge for which of the following? (Choose two answers) Computer. Storage. Inbound data transfer (with some exceptions). Outbound data transfer. Data transfer between services within the same AWS Region.
Inbound data transfer (with some exceptions) Data transfer between services within the same AWS Region
Which of following is an optional security control that can be applied at the subnet layer of a VPC? * Network ACL. Security group. Web application firewall Firewall.
Network ACL.
Which of the following is the responsibility of AWS under the AWS shared responsibility model? Configuring third party applications. Maintaining physical hardware. Securing application access and data. Managing custom Amazon Machine Images (AMI).
Maintaining physical hardware.
Which of the following are best practices to secure your account using AWS Identity and Access Management (IAM)? (Choose two) * Provide users with default administrative privileges. Leave unused and unnecessary users and credentials in place. Manage access to AWS resources. Avoid using IAM groups to grant the same access permissions to multiple users. Define fine grained access rights.
Manage access to AWS resources. Define fine grained access rights.
AWS highly recommends provision your compute resources across ___ availability zones All. Single. Multiple. No.
Multiple
You need to allow resources in a private subnet to access the internet. Which of the following must be present to enable this access? * Security Groups. NAT Gateway. Route Tables. Network access control lists.
NAT Gateway.
For certain services like Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Relational Database Service (Amazon RDS), you can invest in reserved capacity. What options are avaliable for Reserved Instances? (Choose three) DURI. MURI. PURI. NURI. AURI.
P.A.N. PURI NURI AURI
What is the pricing model that enables AWS customers to pay for resources on an as-needed bases? Pay as you buy. Pay as you decommission. Pay as you go. Pas as you reserve.
Pay as you go
Which of these is not a benefit of cloud computing over on-premises computing? Benefit from massive economies of scale. Eliminate guessing on your infrastructure capacity needs. Increase speed and agility. Pay for racking, stacking, and powering services. Trade capital expense for variable expense.
Pay for racking, stacking, and powering services
Which of the following can be used to protect Amazon Elastic Compute Cloud (Amazon EC2) instances in AWS? Security Group. Internet Gateway. AMI. All of the above.
Security Group.
What AWS tool compares the cost of running your application in an on-premises data center to AWS? AWS Simple Monthly Calculator. AWS Cost and Usage Report. AWS Billing Dashboard. Total Cost of Ownership (TCO) calculator.
Total Cost of Ownership (TCO) calculator
AWS offers a variety of services at no charge, for example, Amazon Virtual Private Cloud (Amazon VPC), AWS Identity and Access Management (IAM), Consolidated Billing, AWS Elastic Beanstalk, automatic scaling, AWS OpsWorks, and AWS CloudFormation. However, you might be charged for other AWS services that you use in conjunction with these services.
True
AWS owns and maintains the network-connected hardware required for application services, while you provision and use what you need.
True
Availabilty Zones within a region are connected through low-latency links.
True
Networking, storage, compute, and databases are examples of service categories that AWS offers.
True