Cloud Practitioner Exam Questions
What architectural best practice aims to reduce the interdependencies between services?
Loose Coupling
A user deploys an Amazon Aurora database instance in multiple Availability Zones. This strategy involves which pillar of the AWS Well-Architected Framework?
Reliability
You have been running an on-demand Amazon EC2 instance running Linux for 4hrs, 5 minutes and 6 seconds. How much time will you be billed for?
4hrs, 5mins, and 6 seconds
A company has deployed several relational databases on Amazon RDS. Every month, the database software vendor releases new security patches that need to be applied to the database. What is the MOST efficient way to apply the security patches?
Enable automatic patching for the instances using the Amazon RDS console
When designing a VPC, what is the purpose of an Internet Gateway?
Enables Internet communications for instances in public subnets
Which of the following security operations tasks must be performed by AWS customers? (Select TWO.)
Enabling multi-factor authentication (MFA) for privileged users. Installing security updates on EC2 instances.
Under the AWS shared responsibility model what is AWS responsible for? (Select TWO.)
Physical security of the data center Replacement and disposal of disk drives
What is an Edge location?
A content delivery network (CDN) endpoint for CloudFront
Which type of AWS Storage Gateway can be used to backup data with popular backup software?
Gateway Virtual Tape Library
What are the names of two types of AWS Storage Gateway? (Select TWO.)
Tape Gateway File Gateway
To reduce the price of your Amazon EC2 instances, which term lengths are available for reserved instances? (Select TWO.)
1 year- 3 years
Which HTTP code indicates a successful upload of an object to Amazon S3?
200
You need to connect your company's on-premise network into AWS and would like to establish an AWS managed VPN service. Which of the following configuration items needs to be setup on the Amazon VPC side of the connection?
A Virtual Private Gateway
What is a Resource Group?
A collection of resources that share one or more tags
What can be assigned to an IAM user? (Select TWO.)
A password for access to the management console. An access key ID and secret access key
Which of the following must be used together to gain programmatic access to an AWS account? (Select TWO.)
A secret access key An access key ID
Which of the following are accurate descriptions of AWS IAM users and groups? (Select TWO.)
A user can be a member of multiple groups Groups can contain users only and cannot be nested
Which AWS program can help an organization to design, build, and manage their workloads on AWS?
APN Consulting Partners
Which AWS components aid in the construction of fault-tolerant applications? (Select TWO.)
AMIs Elastic IP addresses
What is the name of the online, self-service portal that AWS provides to enable customers to view reports and, such as PCI reports, and accept agreements?
AWS Artifact
Which AWS service provides on-demand downloads of AWS security and compliance reports?
AWS Artifact
Which resource should you use to access AWS security and compliance reports?
AWS Artifact
Which tool can be used to create alerts when the actual or forecasted cost of AWS services exceed a certain threshold?
AWS Budgets
A developer needs a way to automatically provision a collection of AWS resources. Which AWS service is primarily used for deploying infrastructure as code?
AWS CloudFormation
An architect wants to find a tool for consistently deploying the same resources through a templated configuration. What AWS service can be used?
AWS CloudFormation
Which AWS tools can be used for automation? (Select TWO.)
AWS CloudFormation AWS Elastic Beanstalk
Which AWS services can be used as infrastructure automation tools? (Select TWO.)
AWS CloudFormation AWS OpsWorks
Which AWS service helps customers meet corporate, contractual, and regulatory compliance requirements for data security by using dedicated hardware appliances within the AWS Cloud?
AWS CloudHSM
Which AWS service uses a highly secure hardware storage device to store encryption keys?
AWS CloudHSM
Which service can an organization use to track API activity within their account?
AWS CloudTrail
For which services does Amazon not charge customers? (Select TWO.)
AWS Cloudformation Amazon VPC
Which service records API activity on your account and delivers log files to an Amazon S3 bucket?
AWS Cloudtrail
Which AWS service is primarily used for software version control?
AWS CodeCommit
Which team is available to support AWS customers on an Enterprise support plan with account issues?
AWS Concierge
Which AWS service allows you to automate the evaluation of recorded configurations against desired configuration?
AWS Config
Which service can be used to manage configuration versions?
AWS Config
Which tool enables you to visualize your usage patterns over time and to identify your underlying cost drivers?
AWS Cost Explorer
Your company has recently migrated to AWS. How can your CTO monitor the organization's costs?
AWS Cost Explorer
Which service can be used to help you to migrate databases to AWS quickly and securely?
AWS Database Migration Service (DMS)
A company needs a consistent and dedicated connection between AWS resources and an on-premise system. Which AWS service can fulfil this requirement?
AWS Direct Connect
A company plans to create a hybrid cloud architecture. What technology will allow them to create a hybrid cloud?
AWS Direct Connect
An organization has an on-premises cloud and accesses their AWS Cloud over the Internet. How can they create a private hybrid cloud connection that avoids the internet?
AWS Direct Connect
Which AWS services can be used to connect the AWS Cloud and on-premises resources? (Select TWO.)
AWS Direct Connect AWS Managed VPN
How can a company connect from their on-premises network to VPCs in multiple regions using private connections?
AWS Direct Connect Gateway
A user has limited knowledge of AWS services, but wants to quickly deploy a scalable Node.js application in an Amazon VPC. Which service should be used to deploy the application?
AWS Elastic Beanstalk
Which service provides the ability to simply upload applications and have AWS handle the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring?
AWS Elastic Beanstalk
With which service can a developer upload code using a ZIP or WAR file and have the service handle the end-to-end deployment of the resources?
AWS Elastic Beanstalk
Which AWS service can be used to run Docker containers?
AWS Fargate
Which AWS service can be used to load data from Amazon S3, transform it, and move it to another destination?
AWS Glue
Which AWS service can be used to prepare and load data for analytics using an extract, transform and load (ETL) process?
AWS Glue
Which AWS service is used to enable multi-factor authentication?
AWS IAM
Which service can be used to assign a policy to a group?
AWS IAM
Which tools can you use to manage identities in IAM? (choose 2
AWS Management Consol. AWS Command Line Tools
A company needs protection from distributed denial of service (DDoS) attacks on its website and assistance from AWS experts during such events. Which AWS managed service will meet these requirements?
AWS Shield Advanced
Which AWS security tool uses an agent installed in EC2 instances and assesses applications for vulnerabilities and deviations from best practices?
AWS Inspector
Which AWS service lets connected devices easily and securely interact with cloud applications and other devices?
AWS IoT Core
Which AWS service gives you centralized control over the encryption keys used to protect your data?
AWS KMS
Which services are involved with security? (Select TWO.)
AWS KMS AWS CloudHSM
Which AWS service can be used to generate encryption keys that can be used to encrypt data? (Select TWO.)
AWS Key Management Service (AWS KMS) AWS CIoudHSM
Which AWS service is known as a "serverless" service and runs code as functions triggered by events?
AWS Lambda
Which AWS service is part of the suite of "serverless" services and runs code as functions?
AWS Lambda
Which AWS service is suitable for an event-driven workload?
AWS Lambda
Which AWS services form the app-facing services of the AWS serverless infrastructure? (Select TWO.)
AWS Lambda
Which service allows you to run code as functions without needing to provision or manage servers?
AWS Lambda
Which service runs your application code only when needed without needing to run servers?
AWS Lambda
A Cloud Practitioner wants to build an application stack that will be highly elastic. What AWS services can be used that don't require you to make any capacity decisions upfront? (Select TWO.)
AWS Lambda Amazon S3
Which AWS service can an organization use to automate operational tasks on EC2 instances using existing Chef cookbooks?
AWS OpsWorks
Which AWS service lets you use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments?
AWS OpsWorks
Which AWS service should a Cloud Practitioner use to automate configuration management using Puppet?
AWS OpsWorks
Which AWS service or feature helps restrict the AWS service, resources, and individual API actions the users and roles in each member account can access?
AWS Organizations
Which AWS service provides a quick and automated way to create and manage AWS accounts?
AWS Organizations
Which service can be used to easily create multiple accounts?
AWS Organizations
A company would like to maximize their potential volume and reserved instance discounts across multiple accounts and also apply service control policies on member accounts. Which service or tool can they use to gain these benefits?
AWS Orgs
Which AWS dashboard displays relevant and timely information to help users manage events in progress, and provides proactive notifications to help plan for scheduled activities?
AWS Personal Health Dashboard
Which service provides alerts and remediation guidance when AWS is experiencing events that may impact you?
AWS Personal Health Dashboard
A Cloud Practitioner needs to rapidly deploy a popular IT solution and start using it immediately. What should the Cloud Practitioner use?
AWS Quick Start reference deployments
A Cloud Practitioner is developing a disaster recovery plan and intends to replicate data between multiple geographic areas. Which of the following meets these requirements?
AWS Regions
Which tool can be used to create and manage a selection of AWS services that are approved for use on AWS?
AWS Service Catalog
Which AWS services are associated with Edge Locations? (Select TWO.)
AWS Shield Amazon CloudFront
Which service can be used to cost-effectively move exabytes of data into AWS?
AWS Snowmobile
Which AWS service makes it easy to coordinate the components of distributed applications as a series of steps in a visual workflow?
AWS Step Functions
Which AWS hybrid storage service enables a user's on-premises applications to seamlessly use AWS Cloud storage?
AWS Storage Gateway
Which AWS service enables hybrid cloud storage between on-premises and the AWS Cloud?
AWS Storage Gateway
Which service allows an organization to view operational data from multiple AWS services through a unified user interface and automate operational tasks?
AWS Systems Manager
An architect needs to compare the cost of deploying an on-premise web server and an EC2 instance on the AWS cloud. Which tool can be used to assist the architect?
AWS TCO Calculator
What tool provides real time guidance to help you provision your resources following best practices in the areas of cost optimization, performance, security and fault tolerance?
AWS Trusted Advisor
Which AWS service can assist with providing recommended actions on cost optimization?
AWS Trusted Advisor
Which tool can be used to provide real time guidance on provisioning resources following AWS best practices?
AWS Trusted Advisor
You are concerned that you may be getting close to some of the default service limits for several AWS services. What AWS tool can be used to display current usage and limits?
AWS Trusted Advisor
What are two ways of connecting to an Amazon VPC from an on-premise data center? (Select TWO.)
AWS VPN CloudHub AWS Direct Connect
A web application running on AWS has been received malicious requests from the same set of IP addresses. Which AWS service can help secure the application and block the malicious traffic?
AWS WAF
Which AWS service protects against common exploits that could compromise application availability, compromise security or consume excessive resources?
AWS WAF
Which statement is correct in relation to the AWS Shared Responsibility Model?
AWS are responsible for the security of regions and availability zones
What can you use to quickly connect your office securely to your Amazon VPC?
AWS managed VPN
Which of the following are advantages of the AWS Cloud? (Select TWO.)
AWS manages the maintenance of the cloud infrastructure. AWS manages capacity planning for physical servers
An Elastic IP Address can be remapped between EC2 instances across which boundaries?
AZ
The AWS global infrastructure is composed of? (Select TWO.)
AZ Regions
What advantages does the AWS cloud provide in relation to cost? (Select TWO.)
Ability to turn off resources and not pay for them. Fine-grained billing
Which feature of AWS IAM enables you to identify unnecessary permissions that have been assigned to users?
Access Advisor
Which authentication method is used to authenticate programmatic calls to AWS services?
Access keys
When using Amazon IAM, what authentication methods are available to use? (Select TWO.)
Access keys Server certificates
The AWS Identity and Access Management (IAM) service can be used to manage which objects? (Select TWO.)
Access policies Roles
How can you deploy your EC2 instances so that if a single data center fails you still have instances available?
Across Availability Zones
A company plans to deploy a global commercial application on Amazon EC2 instances. The deployment solution should be designed with the highest redundancy and fault tolerance. Based on this situation, how should the EC2 instances be deployed?
Across multiple Availability Zones in two AWS Regions
How can a company separate costs for storage, Amazon EC2, Amazon S3, and other AWS services by department?
Add department-specific tags to each resource
Which configuration changes are associated with scaling horizontally? (Select TWO.)
Adding additional EC2 instances through Auto Scaling Adding additional hard drives to a storage array
A startup eCommerce company needs to quickly deliver new website features in an iterative manner, minimizing the time to market. Which AWS Cloud feature allows this?
Agility
What are the benefits of using the AWS Managed Services? (Select TWO.)
Alignment with ITIL processes Baseline integration with ITSM tools
How does the consolidated billing feature of AWS Organizations treat Reserved Instances that were purchased by another account in the organization?
All accounts in the organization are treated as one account so any account can receive the hourly cost benefit
Which AWS support plans provide 24×7 access to customer service?
All plans
Which pricing options are available when using Amazon EC2 Reserved Instances? (Select TWO.)
All upfront Partial upfront
Which service can be added to a database to provide improved performance for some requests?
Amazon ElastiCache
Which AWS service does API Gateway integrate with to enable users from around the world to achieve the lowest possible latency for API requests and responses?
Amazon CloudFront
Which service can be used to improve performance for users around the world?
Amazon CloudFront
A cloud practitioner needs to decrease application latency and increase performance for globally distributed users. Which services can assist? (Select TWO.)
Amazon CloudFront Amazon S3
Which service provides visibility into user activity by recording actions taken on your account?
Amazon CloudTrail
Which AWS service should be used to create a billing alarm?
Amazon CloudWatch
Which service can be used to track the CPU usage of an EC2 instance?
Amazon CloudWatch
Which service can you use to monitor, store and access log files generated by EC2 instances and on-premises servers?
Amazon CloudWatch Logs
Which AWS feature of Amazon EC2 allows an administrator to create a standardized image that can be used for launching new instances?
Amazon Machine Image
Which AWS service lets you add user sign up, sign-in and access control to web and mobile apps?
Amazon Cognito
What type of database is fully managed and can be scaled without incurring downtime?
Amazon DynamoDB
Which AWS database service is schema-less and can be scaled dynamically without incurring downtime?
Amazon DynamoDB
Which database allows you to scale at the push of a button without incurring any downtime?
Amazon DynamoDB
To gain greater discounts, which services can be reserved? (Select TWO.)
Amazon DynamoDB Amazon RedShift
Assuming you have configured them correctly, which AWS services can scale automatically without intervention? (Select TWO.)
Amazon DynamoDB Amazon S3
Which DynamoDB feature provides in-memory acceleration to tables that result in significant performance improvements?
Amazon DynamoDB Accelerator (DAX)
Which service is used for caching data?
Amazon DynamoDB DAX
Which services allow you to store files on AWS? (Select TWO.)
Amazon EBS Amazon EFS
Which of the following is a method of backup available in the AWS cloud?
Amazon EBS Snapshots
Which AWS technology can be referred to as a "virtual hard disk in the cloud"?
Amazon EBS volume
Which AWS service can you use to install a third-party database?
Amazon EC2
Which AWS service provides elastic web-scale cloud computing allowing you to deploy operating system instances?
Amazon EC2
Which Compute service should be used for running a Linux operating system upon which you will install custom software?
Amazon EC2
Which service allows you to automatically expand and shrink your application in response to demand?
Amazon EC2 Auto Scaling
You need to ensure you have the right amount of compute available to service demand. Which AWS service can automatically scale the number of EC2 instances for your application?
Amazon EC2 Auto Scaling
Which AWS service allows you to connect to storage from on-premise servers using standard file protocols?
Amazon EFS
Which storage service allows you to connect multiple EC2 instances concurrently using file-level protocols?
Amazon EFS
Which storage type can be mounted using the NFS protocol to many EC2 instances simultaneously?
Amazon EFS
To reduce cost, which of the following services support reservations? (Select TWO.)
Amazon ElastiCache Amazon RedShift
Which AWS storage technology can be considered a "virtual hard disk in the cloud"?
Amazon Elastic Block Storage (EBS) volume
Which service is used introduce fault tolerance into an application architecture?
Amazon Elastic Load Balancing
Which service provides a way to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PCs?
Amazon Elastic Transcoder
Which of the below is a fully managed Amazon search service based on open source software?
Amazon Elasticsearch
Which AWS service is designed to be used for operational analytics?
Amazon Elasticsearch Service
A security operations engineer needs to implement threat detection and monitoring for malicious or unauthorized behavior. Which service should be used?
Amazon GuardDuty
A user needs an automated security assessment report that will identify unintended network access to Amazon EC2 instances and vulnerabilities on those instances. Which AWS service will provide this assessment report?
Amazon Inspector
Which AWS service provides preconfigured virtual private servers (instances) that include everything required to deploy an application or create a database?
Amazon Lightsail
Which service can you use to provision a preconfigured server with little to no AWS experience?
Amazon Lightsail
Which AWS service provides the ability to detect inadvertent data leaks of personally identifiable information (PII) and user credential data?
Amazon Macie
Which service can be used to create sophisticated, interactive graph applications?
Amazon Neptune
Which of the below AWS services supports automated backups as a default configuration?
Amazon RDS
Which AWS database service provides a fully managed data warehouse that can be analyzed using SQL tools and business intelligence tools?
Amazon RedShift
Which type of AWS database is ideally suited to analytics using SQL queries?
Amazon RedShift
Which statement best describes Amazon Route 53?
Amazon Route 53 is a highly available and scalable Domain Name System (DNS) service
Which AWS service can be used to host a static website?
Amazon S3
Which AWS service can serve a static website?
Amazon S3
Which type of storage stores objects comprised of key, value pairs?
Amazon S3
Which services are managed at a regional (rather than global) level? (Select TWO.)
Amazon S3 Amazon EC2
A company stores copies of backups on Amazon S3 and requires rapid access but low resiliency. Which storage class is optimized for these requirements?
Amazon S3 One Zone-Infrequent Access
What is the most cost-effective Amazon S3 storage tier for data that is not often accessed but requires high availability?
Amazon S3 Standard-IA
An application stores images which will be retrieved infrequently, but must be available for retrieval immediately. Which is the most cost-effective storage option that meets these requirements?
Amazon S3 Standard-Infrequent Access
Which AWS service can be used to send automated notifications to HTTP endpoints?
Amazon SNS
Which service can be used for building and integrating loosely-coupled, distributed applications?
Amazon SNS
You need to implement a hosted queue for storing messages in transit between application servers. Which service should you use?
Amazon SQS
Which services can be used for asynchronous integration between application components? (Select TWO.)
Amazon SQS AWS Step Functions
A Cloud Practitioner is creating the business process workflows associated with an order fulfilment system. Which AWS service can assist with coordinating tasks across distributed application components?
Amazon SWF
Which AWS service enables developers and data scientists to build, train, and deploy machine learning models?
Amazon SageMaker
Which AWS service is used to send both text and email messages from distributed applications?
Amazon Simple Notification Service (Amazon SNS)
Which AWS construct provides you with your own dedicated virtual network in the cloud?
Amazon VPC
Which AWS services can be utilized at no cost? (Select TWO.)
Amazon VPC Identity and Access Management (IAM)
Which of the options below are recommendations in the cost optimization pillar of the well-architected framework? (Select TWO.)
Analyze and attribute expenditure Adopt a consumption model
Which of the following are examples of horizontal scaling? (Select TWO.)
Automatic using services such as AWS Auto Scaling. Add more instances as demand increases
How can consolidated billing within AWS Organizations help lower overall monthly expenses?
By pooling usage across multiple accounts to achieve a pricing tier discount
You are evaluating AWS services that can assist with creating scalable application environments. Which of the statements below best describes the Elastic Load Balancer service?
Automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses
What types of monitoring can Amazon CloudWatch be used for? (Select TWO.)
Application performance Operational health
Which AWS Cloud design principles can help increase reliability? (Select TWO.)
Automatically recovering from failure. Testing recovery procedures
What is the best way to apply an organizational system to EC2 instances so they can be identified by descriptors such as purpose or department?
Apply tags
What technology enables compute capacity to adjust as loads change?
Auto Scaling
Which of the options below are recommendations in the security pillar of the well-architected framework? (Select TWO.)
Automate security best practices Enable traceability
According to the AWS Shared Responsibility Model, which of the following is a shared control?
Awareness and training
What is the term for describing the action of automatically running scripts on Amazon EC2 instances when launched to install software?
Bootstrapping
When instantiating compute resources, what are two techniques for using automated, repeatable processes that are fast and avoid human error? (Select TWO.)
Bootstrapping Infrastructure as code
Which type of EBS volumes can be encrypted?
Both non-root and root volumes
An application that is deployed across multiple Availability Zones could be described as:
Being highly available
What are two examples of the advantages of cloud computing? (Select TWO.)
Benefit from massive economies of scale. Increase speed and agility
What is the name for the top-level container used to hold objects within Amazon S3?
Bucket
Which of the statements below is accurate regarding Amazon S3 buckets? (Select TWO.)
Buckets names must be unique globally Buckets are region-specific
What benefits are provided by Amazon CloudFront? (Select TWO.)
Built-in Distributed Denial of Service (DDoS) attack protection Content is cached at Edge Locations for fast distribution to customers
What is the most cost-effective support plan that should be selected to provide at least a 1-hour response time for a production system failure?
Business
How does "elasticity" benefit an application design?
By automatically scaling resources based on demand
A new user is unable to access any AWS services, what is the most likely explanation?
By default new users are created without access to any AWS services
How does Amazon EC2 Auto Scaling help with resiliency?
By launching and terminating instances as needed
Which of the following are NOT features of AWS IAM? (Select TWO.)
Logon using local user accounts Charged for what you use
Which of the statements below does NOT characterize cloud computing?
Cloud computing allows you to swap variable expense for capital expense
What are the benefits of using Amazon Rekognition with image files?
Can be used to identify objects in an image
Which benefits can a company immediately realize using the AWS Cloud? (Select TWO.)
Capital expenses are replaced with variable expenses Increased agility
Which configuration changes are associated with scaling vertically? (Select TWO.)
Changing an EC2 instance to a type that has more CPU and RAM Adding a larger capacity hard drive to a server
Which service allows you to monitor and troubleshoot systems using system and application log files generated by those systems?
CloudWatch Logs
You would like to collect custom metrics from a production application every 1 minute. What type of monitoring should you use?
CloudWatch with detailed monitoring
How can an organization track resource inventory and configuration history for the purpose of security and regulatory compliance?
Configure AWS Config with the resource types
Which AWS service or feature allows a company to receive a single monthly AWS bill when using multiple AWS accounts?
Consolidated billing
What are two benefits of using AWS Lambda? (Select TWO.)
Continuous scaling (scale out) No servers to manage
Which of the following are valid types of Reserved Instance? (Select TWO.)
Convertible RI Scheduled RI
The AWS Cost Management tools give users the ability to do which of the following? (Select TWO.)
Create budgets and receive notifications if current or forecasted usage exceeds the budgets. Break down AWS costs by day, service, and linked AWS account
Which of the following are AWS recommended best practices in relation to IAM? (Select TWO.)
Create individual IAM users Enable MFA for all users
To connect an on-premises network to an Amazon VPC using an Amazon Managed VPN connection, which components are required? (Select TWO.)
Customer Gateway Virtual Private Gateway
Under the AWS Shared Responsibility Model, who is responsible for what? (Select TWO.)
Customers are responsible for networking traffic protection. AWS are responsible for networking infrastructure
The AWS acceptable use policy for penetration testing allows?
Customers to carry out security assessments or penetration tests against their AWS infrastructure without prior approval for selected services
How can a company facilitate the sharing of data over private connections between two accounts they own within a region?
Create a VPC peering connection
What is the easiest way to store a backup of an EBS volume on Amazon S3?
Create a snapshot of the volume
Under the AWS shared responsibility model what is the customer responsible for? (Select TWO.)
Encryption of customer data Configuration of security groups
Which items should be included in a TCO analysis comparing on-premise to AWS Cloud? (Select TWO.)
Data center security Compute hardware
What charges are applicable to Amazon S3 Standard storage class? (Select TWO.)
Data egress Per GB/month storage fee
Under the AWS shared responsibility model, what are the customer's responsibilities? (Select TWO.)
Data integrity authentication. Security of data in transit
Which statement is true in relation to data stored within an AWS Region?
Data is not replicated outside of a region unless you configure it
Which AWS service can be used to process a large amount of data using the Hadoop framework?
EMR (Elastic Map Reduce)
What considerations are there when choosing which region to use? (Select TWO.)
Data sovereignty Latency
What are the charges for using Amazon Glacier? (Select TWO.)
Data storage Retrieval requests
Which Amazon EC2 pricing model should be used to comply with per-core software license requirements?
Dedicated Hosts
Which of the following Amazon EC2 pricing models allows customers to use existing server-bound software licenses?
Dedicated Hosts
Which of the following are architectural best practices for the AWS Cloud? (Select TWO.)
Deploy into multiple Availability Zones. Design for fault tolerance
Which of the following is an architectural best practice recommended by AWS?
Design for failure
Which AWS support plan provides email only support by Cloud Support Associates?
Developer
Which support plan is the lowest cost option that allows unlimited cases to be open?
Developer
Which type of connection should be used to connect an on-premises data center with the AWS cloud that is high speed, low latency and does not use the Internet?
Direct Connect
Which of the following services does Amazon Route 53 provide? (Select TWO.)
Domain registration Domain Name Service (DNS)
In addition to DNS services, what other services does Amazon Route 53 provide? (Select TWO.)
Domain registration Traffic flow
Which statements are true about Amazon EBS volumes? (Select TWO.)
EBS volumes must be in the same AZ as the instances they are attached to You can attach multiple EBS volumes to an instance
Which service allows an organization to bring their own licensing on host hardware that is physically isolated from other AWS accounts?
EC2 Dedicated Hosts
Which of the facts below are accurate in relation to AWS Regions? (Select TWO.)
Each region is designed to be completely isolated from the other Amazon Regions. Each region consists of 2 or more availability zones.
Which of the following descriptions is incorrect in relation to the design of Availability Zones?
Each subnet in a VPC is mapped to all AZs in the region
What is the name of the AWS managed Docker registry service used by the Amazon Elastic Container Service (ECS)?
Elastic Container Registry
Which AWS network element allows you to assign a static IPv4 address to an EC2 instance?
Elastic IP
Which AWS service can be used to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PC?
Elastic Transcoder
What benefits does Amazon EC2 provide over using non-cloud servers? (Select TWO.)
Elastic web-scale computing Inexpensive
Which feature of AWS allows you to deploy a new application for which the requirements may change over time?
Elastically
The ability to horizontally scale Amazon EC2 instances based on demand is an example of which concept?
Elasticity
Which of the below is an example of an architectural benefit of moving to the cloud?
Elasticity
Which benefit of the AWS Cloud eliminates the need for users to try estimating future infrastructure usage?
Elasticity of the AWS Cloud
Which of the below are components that can be configured in the VPC section of the AWS management console? (Select TWO.)
Endpoints Subnet
Under the shared responsibility model, which of the following tasks are the responsibility of the AWS customer? (Select TWO.)
Ensuring that users have received security training in the use of AWS services. Ensuring that application data is encrypted at rest
Which AWS Support plan provides access to architectural and operational reviews, as well as 24/7 access to Cloud Support Engineers through email, online chat, and phone?
Enterprise
Which AWS support plan comes with a Technical Account Manager (TAM)?
Enterprise
Which AWS support plan should you use if you need a response time of < 15 minutes for a business-critical system failure?
Enterprise
Which AWS support plans provide support via email, chat and phone? (Select TWO.)
Enterprise Business
What can a Cloud Practitioner use the AWS Total Cost of Ownership (TCO) Calculator for?
Estimate savings when comparing the AWS Cloud to an on-premises environment
How are AWS Lambda functions triggered?
Events
Which AWS Glacier data access option retrieves data from an archive in 1-5 minutes?
Expedited
Which of the following need to be included in a total cost of ownership (TCO) analysis? (Select TWO.)
Facility equipment installation Data center security costs
When performing a total cost of ownership (TCO) analysis between on-premises and the AWS Cloud, which factors are only relevant to on-premises deployments? (Select TWO.)
Facility operations costs. Hardware procurement teams
Under the AWS shared responsibility model, which of the following is an example of security in the AWS Cloud?
Firewall configuration
Using AWS terminology, which items can be created in an Amazon S3 bucket? (Select TWO.)
Folders Objects
Which AWS IAM best practice recommends applying the minimum permissions necessary to perform a task when creating IAM policies?
Grant least privilege
Your manager has asked you to explain the benefits of using IAM groups. Which of the below statements are valid benefits? (Select TWO.)
Groups let you specify permissions for multiple users, which can make it easier to manage the permissions for those users. Enables you to attach IAM permission policies to more than one user at a time
Which of the following compliance programs allows the AWS environment to process, maintain, and store protected health information?
HIPAA
What are the primary benefits of using AWS Elastic Load Balancing? (Select TWO.)
High availability Elasticity
Which of the following acts as a virtual firewall at the Amazon EC2 instance level to control traffic for one or more instances?
Security groups
Which type of scaling does Amazon EC2 Auto Scaling provide?
Horizontal
Which IAM entity can be used for assigning permissions to multiple users?
IAM Group
Which feature can you use to grant read/write access to an Amazon S3 bucket?
IAM Policy
Which IAM entity can be used for assigning permissions to AWS services?
IAM Role
hich IAM entity is associated with an access key ID and secret access key?
IAM User
Your organization has offices around the world and some employees travel between offices. How should their accounts be setup?
IAM is a global service, just create the users in one place
Which feature of Amazon Rekognition can assist with saving time?
Identification of objects in images and videos
Which of the following is a principle of good AWS Cloud architecture design?
Implement loose coupling
What advantages does deploying Amazon CloudFront provide? (Select TWO.)
Improved performance for end users Reduced latency
What is a specific benefit of an Enterprise Support plan?
Included Technical Account Manager
Which of the following statements are correct about the benefits of AWS Direct Connect? (Select TWO.)
Increased bandwidth (predictable bandwidth) Increased reliability (predictable performance)
What is an example of scaling vertically?
Increasing the instance size with Amazon RDS
Which cloud computing model gives the IT department the highest level of flexibility and management control?
Infrastructure as a Service (IaaS)
Under the AWS Shared Responsibility Model, which of the following is the customer NOT responsible for?
Installing firmware updates on host servers
Which of the following security related activities are AWS customers responsible for? (Select TWO.)
Installing patches on Windows operating systems. Implementing IAM password policies
What is the difference between an EBS volume and an Instance store?
Instance store volumes are ephemeral whereas EBS volumes are persistent storage
Your manager has asked you to explain some of the security features available in the AWS cloud. How can you describe the function of Amazon CloudHSM?
It can be used to generate, use and manage encryption keys in the cloud
Which of the following are features of Amazon CloudWatch? (Select TWO.)
It is used to gain system-wide visibility into resource utilization. It can be accessed via API, command-line interface, AWS SDKs, and the AWS Management Console.
Which of the following statements about AWS's pay-as-you-go pricing model is correct?
It results in reduced capital expenditures
What is the scope of an Amazon Virtual Private Cloud (VPC)?
It spans all Availability Zones within a region
Where do Amazon Identity and Access Management (IAM) accounts need to be created for a global organization?
Just create them once, as IAM is a global service
What does an organization need to do to move to another AWS region?
Just start deploying resources in the additional region
How should an organization deploy an application running on multiple EC2 instances to ensure that a power failure does not cause an application outage?
Launch the EC2 instances into different Availability Zones
Which feature of Amazon S3 enables you to create rules to control the transfer of objects between different storage classes?
Lifecycle management
Which of the options below are recommendations in the reliability pillar of the well-architected framework? (Select TWO.)
Manage change in automation Automatically recover from failure
Amazon S3 is typically used for which of the following use cases? (Select TWO.)
Media hosting Host a static website
How can a database administrator reduce operational overhead for a MySQL database?
Migrate the database onto an Amazon RDS instance
What are the benefits of using IAM roles for applications that run on EC2 instances? (Select TWO.)
More secure than storing access keys within applications. It is easier to manage IAM roles
What features does Amazon RDS provide to deliver scalability, availability and durability? (Select TWO.)
Multi-AZ Read Replicas
Where can resources be launched when configuring Amazon EC2 Auto Scaling?
Multiple AZs within a region
Which Amazon RDS deployment type is best used to enable fault tolerance in the event of the failure of an availability zone?
Multiple Availability Zones
Which type of Elastic Load Balancer operates at the TCP connection level?
NLB Network Load Balancer
Which type of security control can be used to deny network access from a specific IP address?
Network ACL
Which AWS security service provides a firewall at the subnet level within a VPC?
Network Access Control List
What does an organization need to do in Amazon IAM to enable user access to services being launched in new region?
Nothing, IAM is global
What feature of Amazon S3 enables you to set rules to automatically transfer objects between different storage classes at defined time intervals?
Object Lifecycle Management
What are two components of Amazon S3? (Select TWO.)
Objects Buckets
Where are Amazon EBS snapshots stored?
On Amazon S3
Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted?
On demand
Which Amazon EC2 billing option gives you low cost, maximum flexibility, no upfront costs or commitment, and you only pay for what you use?
On-Demand Instances
What are two correct statements about AWS Organizations with consolidated billing? (Select TWO.)
One bill provided for multiple accounts. Volume pricing discounts applied across multiple accounts
What is an availability zone composed of?
One or more data centers in a location
Which of the following best describes an Availability Zone in the AWS Cloud?
One or more physical data centers
A user has an AWS account with a Business-level AWS Support plan and needs assistance with handling a production service disruption. Which action should the user take?
Open a production system down support case
When using Amazon RDS databases, which items are you charged for? (Select TWO.)
Outbound data transfer Multi AZ
What type of cloud computing service type do AWS Elastic Beanstalk and Amazon RDS correspond to?
PaaS
Under the shared responsibility model, what are examples of shared controls? (Select TWO.)
Patch management Configuration management
Which of the following is a benefit of moving to the AWS Cloud?
Pay for what you use
An application has highly dynamic usage patterns. Which characteristics of the AWS Cloud make it cost-effective for this type of workload? (Select TWO.)
Pay-as-you-go pricing Elasticity
Which of the following statements is correct in relation to consolidated billing? (Select TWO.)
Paying accounts are independent and cannot access resources of other accounts. One bill is provided per AWS organization.
Which of the following is an advantage of cloud computing compared to deploying your own infrastructure on-premise?
Paying only for what you use
An Amazon EC2 instance running the Amazon Linux 2 AMI is billed in what increment?
Per second
Which of the following are pillars from the five pillars of the AWS Well-Architected Framework? (Select TWO.)
Performance efficiency Operational excellence
Which of the following constitute the five pillars for the AWS Well-Architected Framework? (Select TWO.)
Performance efficiency, and cost optimization. Operational excellence, security, and reliability
Which type of Amazon RDS automated backup allows you to restore the database with a granularity of as little as 5 minutes?
Point-in-time recovery
A company has an application with users in both Australia and Germany. All the company infrastructure is currently provisioned in the Europe (Frankfurt) Region, and Australian users are experiencing high latency. What should the company do to reduce latency?
Provision resources in the Asia Pacific (Sydney) Region in Australia
Which of the following would be good reasons to move from on-premises to the AWS Cloud? (Select TWO.)
Reduce costs through easier right-sizing of workloads Improve agility and elasticity
What is the main benefit of the principle of "loose coupling"?
Reduce interdependencies so a failure in one component does not cascade to other components
In which ways does AWS' pricing model benefit organizations?
Reduce the cost of maintaining idle resources
Which of the following represent economic advantages of moving to the AWS cloud? (Select TWO.)
Reduce the need to manage infrastructure. Increase efficiencies through automation.
What are the benefits of using reserved instances? (Select TWO.)
Reduced cost Reserve capacity
To reward customers for using their services, what are two ways AWS reduce prices? (Select TWO.)
Reduced cost for reserved capacity. Volume based discounts when you use more services
What is the benefit of using fully managed services compared to deploying 3rd party software on EC2?
Reduced operational overhead
Which of the following is NOT a best practice for protecting the root user of an AWS account?
Remove administrative permissions
Which of the below is an example of optimizing for cost?
Replace an EC2 compute instance with AWS Lambda
What are two ways an AWS customer can reduce their monthly spend? (Select TWO.)
Reserve capacity where suitable Turn off resources that are not being used
Which Amazon EC2 pricing option provides significant discounts for fixed term contracts?
Reserved Instances
You need to run a production process that will use several EC2 instances and run constantly on an ongoing basis. The process cannot be interrupted or restarted without issue. What EC2 pricing model would be best for this workload?
Reserved instances
Which of the below are good use cases for a specific Amazon EC2 pricing model? (Select TWO.)
Reserved instances for steady state predictable usage. On-demand for ad-hoc requirements that cannot be interrupted.
Which AWS technology enables you to group resources that share one or more tags?
Resource groups
Which service supports the resolution of public domain names to IP addresses or AWS resources?
Route 53
Which feature enables fast, easy, and secure transfers of files over long distances between a client and an Amazon S3 bucket?
S3 Transfer Acceleration
Which of the following statements is correct about Amazon S3 cross-region replication?
S3 buckets configured for cross-region replication can be owned by a single AWS account or by different accounts
Which types of pricing policies does AWS offer? (Select TWO.)
Save when you reserve Pay-as-you-go
What are the advantages of running a database service such as Amazon RDS in the cloud versus deploying on-premise? (Select TWO.)
Scalability is improved as it is quicker to implement and there is an abundance of capacity. High availability is easier to implement due to built-in functionality for deploying read replicas and multi-AZ
Which Amazon EC2 Reserved Instance type enables you to match your capacity reservation to predictable recurring dates and times?
Scheduled RI
Which items can be configured from within the VPC management console? (Select TWO.)
Security Groups Subnets
Which of the authentication options below can be used to authenticate using AWS APIs? (Select TWO.)
Server certificates Access keys
What are the fundamental charges for an Amazon EC2 instance? (Select TWO.)
Server uptime Data storage
Which aspects of security on AWS are customer responsibilities? (Select TWO.)
Server-side encryption Setting up account password policies
Under the AWS shared responsibility model, which of the following are customer responsibilities? (Select TWO.)
Setting up server-side encryption on an Amazon S3 bucket. Network and firewall configurations
An organization has multiple AWS accounts and uses a mixture of on-demand and reserved instances. One account has a considerable amount of unused reserved instances. How can the organization reduce their costs? (Select TWO.)
Setup consolidated billing between the accounts. Create an AWS Organization configuration linking the accounts
What is the scope of a VPC within a region?
Spans all Availability Zones within the region
What is the most cost-effective EC2 pricing option to use for a non-critical overnight workload?
Spot
Which pricing model will interrupt a running Amazon EC2 instance if capacity becomes temporarily unavailable?
Spot Instances
Which Amazon EC2 pricing model is the most cost-effective for an always-up, right-sized database server running a project that will last 1 year?
Standard Reserved Instances
Which of the advantages of cloud listed below is most closely addressed by the capabilities of AWS Auto Scaling?
Stop guessing about capacity
Which of the options below are recommendations in the reliability pillar of the well-architected framework? (Select TWO.)
Stop guessing about capacity Test recovery procedures
What are two ways that moving to an AWS cloud can benefit an organization? (Select TWO.)
Stop guessing about capacity Increase speed and agility
What advantages do you get from using the AWS cloud? (Select TWO.)
Stop guessing about capacity Trade capital expense for variable expense
Which of the following should be used to improve the security of access to the AWS Management Console? (Select TWO.)
Strong password policies AWS Multi-Factor Authentication (AWS MFA)
At what level is a Network ACL applied?
Subnet level
How can an organization compare the cost of running applications in an on-premise or colocation environment against the AWS cloud?
TCO Calculator
What strategy can assist with allocating metadata to AWS resources for cost tracking and visibility?
Tagging
How can you apply metadata to an EC2 instance that categorizes it according to its purpose, owner or environment?
Tags
What method can you use to take a backup of an Amazon EC2 instance using AWS tools?
Take a snapshot to capture the point-in-time state of the instance
Which statement best describes elasticity in the cloud?
The ability to scale resources up or down and only pay for what you use
What are the fundamental charges for Elastic Block Store (EBS) volumes? (Select TWO.)
The amount of data storage provisioned. Provisioned IOPS
A company is planning to migrate some resources into the cloud. What factors need to be considered when determining the cost of the AWS Cloud? (Select TWO.)
The amount of egress data per month The number of servers migrated into EC2
What information must be entered into the AWS TCO Calculator?
The number of servers in your company
When using AWS Organizations with consolidated billing what are two valid best practices? (Select TWO.)
The paying account should be used for billing purposes only Always enable multi-factor authentication (MFA) on the root account
What is a benefit of moving an on-premises database to Amazon Relational Database Service (RDS)?
There is no need to manage operating systems
Which statement below is incorrect in relation to Security Groups?
They are stateless
What are Edge locations used for?
They are used by CloudFront for caching content
Which statement below is incorrect in relation to Network ACLs?
They operate at the Availability Zone level
What are the advantages of Availability Zones? (Select TWO.)
They provide fault isolation They are connected by low-latency network connections
Based on the shared responsibility model, which of the following security and compliance tasks is AWS responsible for?
Updating Amazon EC2 host firmware
According to the AWS Well-Architected Framework, what change management steps should be taken to achieve reliability in the AWS Cloud? (Select TWO.)
Use AWS Config to generate an inventory of AWS resources. Use AWS CloudTrail to record AWS API calls into an auditable log file
How can an organization assess applications for vulnerabilities and deviations from best practice?
Use AWS Inspector
What is the best way for an organization to transfer hundreds of terabytes of data from their on-premise data center into Amazon S3 with limited bandwidth available?
Use AWS Snowball
How can an online education company ensure their video courses play with minimal latency for their users around the world?
Use Amazon CloudFront to get the content closer to users
How can a company protect their Amazon S3 data from a regional disaster?
Use Cross-Region Replication (CRR) to copy to another region
What is the most efficient way to establish network connectivity from on-premises to multiple VPCs in different AWS Regions?
Use an AWS Transit Gateway
Which of the options below are recommendations in the performance efficiency pillar of the well-architected framework? (Select TWO.)
Use serverless architectures Democratize advanced technologies
How can a systems administrator specify a script to be run on an EC2 instance during launch?
User Data
What do you need to log into the AWS console?
User name and password
How can a security compliance officer retrieve AWS compliance documentation such as a SOC 2 report?
Using AWS Artifact
A manager needs to keep a check on his AWS spend. How can the manager setup alarms that notify him when his bill reaches a certain amount?
Using Amazon CloudWatch
How can you configure Amazon Route 53 to monitor the health and performance of your application?
Using Route 53 health checks
A company is using the AWS CLI and programmatic access of AWS resources from its on-premises network. What is a mandatory requirement in this scenario?
Using an AWS access key and a secret key
How can a company configure automatic, asynchronous copying of objects in Amazon S3 buckets across regions?
Using cross-region replication
What offerings are included in the Amazon Lightsail product set? (Select TWO.)
Virtual Private Server Managed MySQL database
To ensure the security of your AWS account, what are two AWS best practices for managing access keys? (Select TWO.)
Where possible, use IAM roles with temporary security credentials. Don't generate an access key for the root account user.
How does AWS assist organizations' with their capacity requirements?
You don't need to guess your capacity needs
Which descriptions are correct regarding cloud deployment models? (Select TWO.)
With the public cloud the consumer organization typically incurs OPEX costs for usage. With the private cloud the consumer organization typically owns and manages the infrastructure.
Which of the following are advantages of using the AWS cloud computing over legacy IT? (Select TWO.)
You can bring new applications to market faster You don't need to worry about over provisioning as you can elastically scale
What is the relationship between subnets and availability zones?
You can create one or more subnets within each availability zone
What methods are available for scaling an Amazon RDS database? (Select TWO.)
You can scale up by increasing storage capacity You can scale up by moving to a larger instance size
Your CTO wants to move to cloud. What cost advantages are there to moving to cloud?
You provision only what you need and adjust to peak load
Which of the statements below is correct in relation to Consolidated Billing? (Select TWO.)
You receive a single bill for multiple accounts You can combine usage and share volume pricing discounts
What billing timeframes are available for Amazon EC2 on-demand instances? (Select TWO.)
per hour
A company wants to utilize a pay as you go cloud model for all of their applications without CAPEX costs and which is highly elastic. Which cloud delivery model will suit them best?
public