Exam 2: 100 questions
Amazon Relational Database Service (Amazon RDS) offers which of the following benefits over traditional database management? A. AWS manages the data stored in Amazon RDS tables. B. AWS manages the maintenance of the operating system. C. AWS automatically scales up instance types on demand. D. AWS manages the database type.
B. AWS manages the maintenance of the operating system.
Which of the following is an AWS-managed compute service? A. Amazon SWF B. Amazon EC2 C. AWS Lambda D. Amazon Aurora
B. Amazon EC2
What time-savings advantage is offered with the use of Amazon Rekognition? A. Amazon Rekognition provides automatic watermarking of images. B. Amazon Rekognition provides automatic detection of objects appearing in pictures. C. Amazon Rekognition provides the ability to resize millions of images automatically. D. Amazon Rekognition uses Amazon Mechanical Turk to allow humans to bid on object detection jobs.
B. Amazon Rekognition provides automatic detection of objects appearing in pictures. Explanation:Rekognition Image is an image recognition service that detects objects, scenes, and faces; extracts text; recognizes celebrities; and identifies inappropriate content in images. It also allows you to search and compare faces. Rekognition Image is based on the same proven, highly scalable, deep learning technology developed by Amazonג€™s computer vision scientists to analyze billions of images daily for Prime Photos.Reference:https://aws.amazon.com/rekognition/faqs/
Which services are parts of the AWS serverless platform? A. Amazon EC2, Amazon S3, Amazon Athena B. Amazon Kinesis, Amazon SQS, Amazon EMR C. AWS Step Functions, Amazon DynamoDB, Amazon SNS D. Amazon Athena, Amazon Cognito, Amazon EC2
C. AWS Step Functions, Amazon DynamoDB, Amazon SNS nswer : C Explanation:AWS provides a set of fully managed services that you can use to build and run serverless applications. Serverless applications donג€™t require provisioning, maintaining, and administering servers for backend components such as compute, databases, storage, stream processing, message queueing, and more. You also no longer need to worry about ensuring application fault tolerance and availability. Instead, AWS handles all of these capabilities for you. Serverless platform includes: AWS lambda, Amazon S3, DynamoDB, API gateway, Amazon SNS, AWS step functions, Amazon kinesis and developing tools and services.Reference:https://aws.amazon.com/serverless/
Under the AWS shared responsibility model, customers are responsible for which aspects of security in the cloud? (Choose two.) A. Virtualization Management B. Hardware management C. Encryption management D. Facilities management E. Firewall management
C. Encryption management E. Firewall management Answer : CE Explanation:With the basic Cloud infrastructure secured and maintained by AWS, the responsibility for what goes into the cloud falls on you. This covers both client and server side encryption and network traffic protection, security of the operating system, network, and firewall configuration, followed by application security and identity and access management.Firewall configuration remains the responsibility of the end user, which integrates at the platform and application management level. For example, RDS utilizes security groups, which you would be responsible for configuring and implementing.Reference:https://cloudacademy.com/blog/aws-shared-responsibility-model-security/
A companyג€™s web application currently has tight dependencies on underlying components, so when one component fails the entire web application fails.Applying which AWS Cloud design principle will address the current design issue? A. Implementing elasticity, enabling the application to scale up or scale down as demand changes. B. Enabling several EC2 instances to run in parallel to achieve better performance. C. Focusing on decoupling components by isolating them and ensuring individual components can function when other components fail. D. Doubling EC2 computing resources to increase system fault tolerance.
C. Focusing on decoupling components by isolating them and ensuring individual components can function when other components fail.
According to the AWS shared responsibility model, what is the sole responsibility of AWS? A. Application security B. Edge location management C. Patch management D. Client-side data
B. Edge location management Explanation:Client-side data, application security is the sole responsibility of the customer. Patch management is a shared responsibility. That leaves us with edge location management and since this out of the control of the customer, AWS is the one responsible for it.Reference:https://aws.amazon.com/compliance/shared-responsibility-model/
Which of the following common IT tasks can AWS cover to free up company IT resources? (Choose two.) A. Patching databases software B. Testing application releases C. Backing up databases D. Creating database schema E. Running penetration tests
A. Patching databases software C. Backing up databases
Which of the following AWS services can be used to run a self-managed database? A. Amazon Route 53 B. AWS X-Ray C. AWS Snowmobile D. Amazon Elastic Compute Cloud (Amazon EC2)
D. Amazon Elastic Compute Cloud (Amazon EC2) https://severalnines.com/news/aws-users-prefer-self-managed-databases Next Question
What does it mean to grant least privilege to AWS IAM users? A. It is granting permissions to a single user only. B. It is granting permissions using AWS IAM policies only. C. It is granting AdministratorAccess policy permissions to trustworthy users. D. It is granting only the permissions required to perform a given task.
D. It is granting only the permissions required to perform a given task. Explanation:When you create IAM policies, follow the standard security advice of granting least privilege, or granting only the permissions required to perform a task.Determine what users (and roles) need to do and then craft policies that allow them to perform only those tasks.Reference:https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege
Which of the following is an important architectural design principle when designing cloud applications? A. Use multiple Availability Zones. B. Use tightly coupled components. C. Use open source software. D. Provision extra capacity.
A. Use multiple Availability Zones. Explanation:Data Center resilience is practiced through Availability Zones across data centers that reduce the impact of failures.Fault isolation improvement can be made to traditional horizontal scaling by sharding (a method of grouping instances into groups called shards, instead of sending the traffic from all users to every node like in the traditional IT structure.)Reference:https://www.botmetric.com/blog/aws-cloud-architecture-design-principles/
What feature of Amazon RDS helps to create globally redundant databases? A. Snapshots B. Automatic patching and updating C. Cross-Region read replicas D. Provisioned IOPS
C. Cross-Region read replicas https://aws.amazon.com/blogs/aws/cross-region-read-replicas-for-amazon-rds-for-mysql/ Next Question
Which of the following is a component of the shared responsibility model managed entirely by AWS? A. Patching operating system software B. Encrypting data C. Enforcing multi-factor authentication D. Auditing physical data center assets
D. Auditing physical data center assets xplanation:Of course, Amazon is responsible for auditing physical data center assets and resources since it is the property of Amazon Inc. Customers have no access to physical sites, hence they are not responsible for maintaining physical data center assets.
How does AWS MOST effectively reduce computing costs for a growing start-up company? A. It provides on-demand resources for peak usage. B. It automates the provisioning of individual developer environments. C. It automates customer relationship management. D. It implements a fixed monthly computing budget.
A. It provides on-demand resources for peak usage. Explanation:You can continue to optimize your spend and keep your development costs low by making sure you revisit your architecture often, to adjust to your startup growth.Manage your cost further by leveraging different options such as S3 CloudFront for caching & offloading to reduce cost of EC2 computing, as well as Elastic LoadBalancing which prepares you for massive scale, high reliability and uninterrupted growth. Another way to keep costs down is to use AWS Identity and AccessManagement solutions (IAM) to manage governance of your cost drivers effectively and by the right teams.Reference:https://aws.amazon.com/startups/lean/
Which Amazon EC2 pricing model is the MOST cost efficient for an uninterruptible workload that runs once a year for 24 hours? A. On-Demand Instances B. Reserved Instances C. Spot Instances D. Dedicated Instances
A. On-Demand Instances Explanation:With On-Demand instances, you pay for compute capacity by the hour or the second depending on which instances you run. No longer-term commitments or upfront payments are needed. You can increase or decrease your compute capacity depending on the demands of your application and only pay the specified per hourly rates for the instance you use.Reference:https://aws.amazon.com/ec2/pricing/
How do customers benefit from Amazonג€™s massive economies of scale? A. Periodic price reductions as the result of Amazonג€™s operational efficiencies B. New Amazon EC2 instance types providing the latest hardware C. The ability to scale up and down when needed D. Increased reliability in the underlying hardware of Amazon EC2 instances
A. Periodic price reductions as the result of Amazonג€™s operational efficiencies
Which scenarios represent the concept of elasticity on AWS? (Choose two.) A. Scaling the number of Amazon EC2 instances based on traffic. B. Resizing Amazon RDS instances as business needs change. C. Automatically directing traffic to less-utilized Amazon EC2 instances. D. Using AWS compliance documents to accelerate the compliance process. E. Having the ability to create and govern environments using code.
A. Scaling the number of Amazon EC2 instances based on traffic. B. Resizing Amazon RDS instances as business needs change. https://wa.aws.amazon.com/wat.concept.elasticity.en.html Next Question
As part of the AWS shared responsibility model, which of the following operational controls do users fully inherit from AWS? A. Security management of data center B. Patch management C. Configuration management D. User and access management
A. Security management of data center https://aws.amazon.com/compliance/shared-responsibility-model/ Next Question
Which of the following services provides on-demand access to AWS compliance reports? A. AWS IAM B. AWS Artifact C. Amazon GuardDuty D. AWS KMS
B. AWS Artifact Answer : B Explanation:AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWSג€™ security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment CardIndustry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls. Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the Nondisclosure Agreement(NDA).Reference:https://aws.amazon.com/artifact/
Which AWS service can a customer use to set up an alert notification when the account is approaching a particular dollar amount? A. AWS Cost and Usage reports B. AWS Budgets C. AWS Cost Explorer D. AWS Trusted Advisor
B. AWS Budgets https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html Next Question
A director has been tasked with investigating hybrid cloud architecture. The company currently accesses AWS over the public internet.Which service will facilitate private hybrid connectivity? A. Amazon Virtual Private Cloud (Amazon VPC) NAT Gateway B. AWS Direct Connect C. Amazon Simple Storage Service (Amazon S3) Transfer Acceleration D. AWS Web Application Firewall (AWS WAF)
B. AWS Direct Connect Explanation:Amazon VPC provides multiple network connectivity options for you to leverage depending on your current network designs and requirements. These connectivity options include leveraging either the internet or an AWS Direct Connect connection as the network backbone and terminating the connection into either AWS or user-managed network endpoints. Additionally, with AWS, you can choose how network routing is delivered between Amazon VPC and your networks, leveraging either AWS or user-managed network equipment and routes.Reference:https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/introduction.html
Which of the following can a customer use to enable single sign-on (SSO) to the AWS Console? A. Amazon Connect B. AWS Directory Service C. Amazon Pinpoint D. Amazon Rekognition
B. AWS Directory Service Answer : B Explanation:Single sign-on only works when used on a computer that is joined to the AWS Directory Service directory. It cannot be used on computers that are not joined to the directory.Reference:https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_single_sign_on.html
Which options does AWS make available for customers who want to learn about security in the cloud in an instructor-led setting? (Choose two.) A. AWS Trusted Advisor B. AWS Online Tech Talks C. AWS Blog D. AWS Forums E. AWS Classroom Training
B. AWS Online Tech Talks E. AWS Classroom Training
A company has multiple AWS accounts and wants to simplify and consolidate its billing process.Which AWS service will achieve this? A. AWS Cost and Usage Reports B. AWS Organizations C. AWS Cost Explorer D. AWS Budgets
B. AWS Organizations Explanation:You can use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts or multiple Amazon InternetServices Pvt. Ltd (AISPL) accounts. Every organization in AWS Organizations has a master (payer) account that pays the charges of all the member (linked) accounts.Reference:https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/consolidated-billing.html
What will help a company perform a cost benefit analysis of migrating to the AWS Cloud? A. Cost Explorer B. AWS Total Cost of Ownership (TCO) Calculator C. AWS Simple Monthly Calculator D. AWS Trusted Advisor
B. AWS Total Cost of Ownership (TCO) Calculator Explanation:AWS TCO calculators allow you to estimate the cost savings when using AWS and provide a detailed set of reports that can be used in executive presentations.The calculators also give you the option to modify assumptions that best meet your business needs.Reference:https://aws.amazon.com/tco-calculator/
A company is considering migrating its applications to AWS. The company wants to compare the cost of running the workload on-premises to running the equivalent workload on the AWS platform.Which tool can be used to perform this comparison? A. AWS Simple Monthly Calculator B. AWS Total Cost of Ownership (TCO) Calculator C. AWS Billing and Cost Management console D. Cost Explorer
B. AWS Total Cost of Ownership (TCO) Calculator Explanation:TCO calculator compare the cost of running your applications in an on-premises or colocation environment to AWS.Reference:https://awstcocalculator.com
Which managed AWS service provides real-time guidance on AWS security best practices? A. AWS X-Ray B. AWS Trusted Advisor C. Amazon CloudWatch D. AWS Systems Manager
B. AWS Trusted Advisor Answer : B Explanation:AWS offers premium services such as AWS Trusted Advisor, which provides real-time guidance to help you reduce cost, increase performance, and improve security.Reference:https://www.ibm.com/downloads/cas/2N40X4PQ
Why should a company choose AWS instead of a traditional data center? A. AWS provides users with full control over the underlying resources. B. AWS does not require long-term contracts and provides a pay-as-you-go model. C. AWS offers edge locations in every country, supporting global reach. D. AWS has no limits on the number of resources that can be created.
B. AWS does not require long-term contracts and provides a pay-as-you-go model. Explanation:AWS offers you a pay-as-you-go approach for pricing for over 160 cloud services. With AWS you pay only for the individual services you need, for as long as you use them, and without requiring long-term contracts or complex licensing. AWS pricing is similar to how you pay for utilities like water and electricity. You only pay for the services you consume, and once you stop using them, there are no additional costs or termination fees.Reference:https://aws.amazon.com/pricing/
Which of the following benefits does the AWS Compliance program provide to AWS customers? (Choose two.) A. It verifies that hosted workloads are automatically compliant with the controls of supported compliance frameworks. B. AWS is responsible for the maintenance of common compliance framework documentation. C. It assures customers that AWS is maintaining physical security and data protection. D. It ensures the use of compliance frameworks that are being used by other cloud providers. E. It will adopt new compliance frameworks as they become relevant to customer workloads.
B. AWS is responsible for the maintenance of common compliance framework documentation. C. It assures customers that AWS is maintaining physical security and data protection.
How is asset management on AWS easier than asset management in a physical data center? A. AWS provides a Configuration Management Database that users can maintain. B. AWS performs infrastructure discovery scans on the customerג€™s behalf. C. Amazon EC2 automatically generates an asset report and places it in the customerג€™s specified Amazon S3 bucket. D. Users can gather asset metadata reliably with a few API calls.
B. AWS performs infrastructure discovery scans on the customerג€™s behalf. Explanation:AWS assets are centrally managed through an inventory management system that stores and tracks owner, location, status, maintenance, and descriptive information for AWS-owned assets. Following procurement, assets are scanned and tracked, and assets undergoing maintenance are checked and monitored for ownership, status, and resolution.Reference:https://aws.amazon.com/compliance/data-center/controls/
Which of the following is an AWS Well-Architected Framework design principle related to reliability? A. Deployment to a single Availability Zone B. Ability to recover from failure C. Design for cost optimization D. Perform operations as code
B. Ability to recover from failure
What exclusive benefit is provided to users with Enterprise Support? A. Access to a Technical Project Manager B. Access to a Technical Account Manager C. Access to a Cloud Support Engineer D. Access to a Solutions Architect
B. Access to a Technical Account Manager https://aws.amazon.com/premiumsupport/plans/enterprise/ Next Question
What is the MINIMUM AWS Support plan that provides designated Technical Account Managers? A. Enterprise B. Business C. Developer D. Basic
A. Enterprise https://aws.amazon.com/premiumsupport/plans/ Next Question
Which of the following features can be configured through the Amazon Virtual Private Cloud (Amazon VPC) Dashboard? (Choose two.) A. Amazon CloudFront distributions B. Amazon Route 53 C. Security Groups D. Subnets E. Elastic Load Balancing
C. Security Groups D. Subnets Explanation:Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.You can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your web servers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.Reference:https://aws.amazon.com/vpc/
When comparing AWS Cloud with on-premises Total Cost of Ownership, which expenses must be considered? (Choose two.) A. Software development B. Project management C. Storage hardware D. Physical servers E. Antivirus software license
C. Storage hardware D. Physical servers https://aws.amazon.com/blogs/aws/the-new-aws-tco-calculator/ Next Question
What is a responsibility of AWS in the shared responsibility model? A. Updating the network ACLs to block traffic to vulnerable ports. B. Patching operating systems running on Amazon EC2 instances. C. Updating the firmware on the underlying EC2 hosts. D. Updating the security group rules to block traffic to the vulnerable ports.
C. Updating the firmware on the underlying EC2 hosts. https://cloudacademy.com/blog/aws-shared-responsibility-model-security/ Next Question
Using AWS Identity and Access Management (IAM) to grant access only to the resources needed to perform a task is a concept known as: A. restricted access. B. as-needed access. C. least privilege access. D. token access.
C. least privilege access. Explanation:When you create IAM policies, follow the standard security advice of granting least privilege, or granting only the permissions required to perform a task.Determine what users (and roles) need to do and then craft policies that allow them to perform only those tasks.Reference:https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
One benefit of On-Demand Amazon Elastic Compute Cloud (Amazon EC2) pricing is: A. the ability to bid for a lower hourly cost. B. paying a daily rate regardless of time used. C. paying only for time used. D. pre-paying for instances and paying a lower hourly rate.
C. paying only for time used. Explanation:On-Demand Capacity Reservations are priced exactly the same as their equivalent (On-Demand) instance usage. If a Capacity Reservation is fully utilized, you only pay for instance usage and nothing towards the Capacity Reservation. If a Capacity Reservation is partially utilized, you pay for the instance usage and for the unused portion of the Capacity Reservation.Reference:https://aws.amazon.com/ec2/pricing/on-demand/
What AWS service would be used to centrally manage AWS access across multiple accounts? A. AWS Service Catalog B. AWS Config C. AWS Trusted Advisor D. AWS Organizations
D. AWS Organizations Explanation:To improve control over your AWS environment, you can use AWS Organizations to create groups of accounts, and then attach policies to a group to ensure the correct policies are applied across the accounts without requiring custom scripts and manual processes.Reference:https://aws.amazon.com/organizations/
An administrator needs to rapidly deploy a popular IT solution and start using it immediately.Where can the administrator find assistance? A. AWS Well-Architected Framework documentation B. Amazon CloudFront C. AWS CodeCommit D. AWS Quick Start reference deployments
D. AWS Quick Start reference deployments Explanation:Quick Starts are built by AWS solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability. These accelerators reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately.Reference:https://aws.amazon.com/quickstart/?quickstart-all.sort-by=item.additionalFields.updateDate&quickstart-all.sort-order=desc
Which AWS service provides a secure, fast, and cost-effective way to migrate or transport exabyte-scale datasets into AWS? A. AWS Batch B. AWS Snowball C. AWS Migration Hub D. AWS Snowmobile
D. AWS Snowmobile Explanation:AWS Snowmobile is an exabyte-scale data transfer service that can move extremely large amounts of data to AWS in a fast, secure, and cost-effective manner.You can transfer up to 100PB per Snowmobile, a 45-foot long ruggedized shipping container, pulled by a semi-trailer truck. Snowmobile makes it easy to move massive volumes of data to the cloud, including video libraries, image repositories, or even a complete data center migration. All data is encrypted with 256-bit encryption and you can manage your encryption keys with AWS Key Management Service (AWS KMS). Snowmobile includes GPS tracking, alarm monitoring,24/7 video surveillance and an optional escort security vehicle while in transit.Reference:https://aws.amazon.com/about-aws/whats-new/2016/11/move-exabyte-scale-data-sets-with-aws-snowmobile/
A startup is working on a new application that needs to go to market quickly. The application requirements may need to be adjusted in the near future.Which of the following is a characteristic of the AWS Cloud that would meet this specific need? A. Elasticity B. Reliability C. Performance D. Agility
D. Agility Explanation:Agile is a time boxed, iterative approach to software delivery that builds software incrementally from the start of the project, instead of trying to deliver it all at once near the end.Reference:http://www.agilenutshell.com
Which of the following services is a MySQL-compatible database that automatically grows storage as needed? A. Amazon Elastic Compute Cloud (Amazon EC2) B. Amazon Relational Database Service (Amazon RDS) for MySQL C. Amazon Lightsail D. Amazon Aurora
D. Amazon Aurora Explanation:Amazon Aurora is a relational database service that combines the speed and availability of high-end commercial databases with the simplicity and cost- effectiveness of open source databases. The MySQL-compatible edition of Aurora delivers up to 5X the throughput of standard MySQL running on the same hardware, and enables existing MySQL applications and tools to run without requiring modification.Amazon Aurora will automatically grow the size of your database volume as your database storage needs grow. Your volume will grow in increments of 10 GB up to a maximum of 64 TB. You don't need to provision excess storage for your database to handle future growth.Reference:https://aws.amazon.com/rds/aurora/mysql-features/
Which feature adds elasticity to Amazon EC2 instances to handle the changing demand for workloads? A. Resource groups B. Lifecycle policies C. Application Load Balancer D. Amazon EC2 Auto Scaling
D. Amazon EC2 Auto Scaling Explanation:Support for monitoring the health of each service independently, as health checks are defined at the target group level and many CloudWatch metrics are reported at the target group level. Attaching a target group to an Auto Scaling group enables you to scale each service dynamically based on demand.Reference:https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html
What are the multiple, isolated locations within an AWS Region that are connected by low-latency networks called? A. AWS Direct Connects B. Amazon VPCs C. Edge locations D. Availability Zones
D. Availability Zones Explanation:Each Region is completely independent. Each Availability Zone is isolated, but the Availability Zones in a Region are connected through low-latency links. A LocalZone is an AWS infrastructure deployment that places select services closer to your end users. A Local Zone is an extension of a Region that is in a different location from your Region. It provides a high-bandwidth backbone to the AWS infrastructure and is ideal for latency-sensitive applications, for example machine learning.Reference:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
Which of the following is an important architectural principle when designing cloud applications? A. Store data and backups in the same region. B. Design tightly coupled system components. C. Avoid multi-threading. D. Design for failure.
D. Design for failure. Explanation:There are six design principles for operational excellence in the cloud: ✑ Perform operations as code ✑ Annotate documentation ✑ Make frequent, small, reversible changesRefine operations procedures frequently ✑ Anticipate failure✑ Learn from all operational failuresReference:https://aws.amazon.com/blogs/apn/the-5-pillars-of-the-aws-well-architected-framework/
Which AWS Support plan provides a full set of AWS Trusted Advisor checks? A. Business and Developer Support B. Business and Basic Support C. Enterprise and Developer Support D. Enterprise and Business Support
D. Enterprise and Business Support
Which disaster recovery scenario offers the lowest probability of down time? A. Backup and restore B. Pilot light C. Warm standby D. Multi-site active-active
D. Multi-site active-active Answer : D Explanation: ✑ Backup and Restore: a simple, straightforward, cost-effective method that backs up and restores data as needed. Keep in mind that because none of your data is on standby, this method, while cheap, can be quite time-consuming .✑ Pilot Light: This method keeps critical applications and data at the ready so that it can be quickly retrieved if needed. ✑ Warm Standby: This method keeps a duplicate version of your businessג€™ core elements running on standby at all times, which makes for a little downtime and an almost seamless transition .✑ Multi-Site Solution: Also known as a Hot Standby, this method fully replicates your companyג€™s data/applications between two or more active locations and splits your traffic/usage between them. If a disaster strikes, everything is simply rerouted to the unaffected area, which means youג€™ll suffer almost zero downtime. However, by running two separate environments simultaneously, you will obviously incur much higher costs.Reference:https://cloudranger.com/best-practices-aws-disaster-recovery-planning/
Which solution provides the FASTEST application response times to frequently accessed data to users in multiple AWS Regions? A. AWS CloudTrail across multiple Availability Zones B. Amazon CloudFront to edge locations C. AWS CloudFormation in multiple regions D. A virtual private gateway over AWS Direct Connect
B. Amazon CloudFront to edge locations Explanation:You can deliver content and decrease end-user latency of your web application using Amazon CloudFront. CloudFront speeds up content delivery by leveraging its global network of data centers, known as edge locations, to reduce delivery time by caching your content close to your end users. CloudFront fetches your content from an origin, such as an Amazon S3 bucket, an Amazon EC2 instance, an Amazon Elastic Load Balancing load balancer or your own web server, when it's not already in an edge location. CloudFront can be used to deliver your entire website or application, including dynamic, static, streaming, and interactive content.Reference:https://aws.amazon.com/getting-started/tutorials/deliver-content-faster/
Which of the following services falls under the responsibility of the customer to maintain operating system configuration, security patching, and networking? A. Amazon RDS B. Amazon EC2 C. Amazon ElastiCache D. AWS Fargate
B. Amazon EC2 Answer : B Explanation:The customer is responsible for managing, support, patching and control of the guest operating system and AWS services provided like EC2.Reference:https://www.whizlabs.com/blog/aws-security-shared-responsibility/
Which type of AWS storage is ephemeral and is deleted when an instance is stopped or terminated? A. Amazon EBS B. Amazon EC2 instance store C. Amazon EFS D. Amazon S3 Expose Correct Answer
B. Amazon EC2 instance store Explanation:When you stop or terminate an instance, every block of storage in the instance store is reset. Therefore, your data cannot be accessed through the instance store of another instance.Reference:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html
Which AWS feature should a customer leverage to achieve high availability of an application? A. AWS Direct Connect B. Availability Zones C. Data centers D. Amazon Virtual Private Cloud (Amazon VPC)
B. Availability ZonesAnswer : B Explanation:This is to achieve High Availability for any web application (in this case SwiftCode) deployed in AWS. The following features will be present: ✑ High availability across multiple instances/multiple availability zones ✑ Auto Scaling of instances (scale up and scale down) based on number of requests coming in ✑ Additional Security to the instances/database that are in production ✑ No impact to end users during newer version of code deployment ✑ No Impact during patching the instancesReference:https://betsol.com/2018/01/how-to-make-high-availability-web-applications-on-amazon-web-services/
Which methods can be used to identify AWS costs by departments? (Choose two.) A. Enable multi-factor authentication for the AWS account root user. B. Create separate accounts for each department. C. Use Reserved Instances whenever possible. D. Use tags to associate each instance with a particular department. E. Pay bills using purchase orders.
B. Create separate accounts for each department. D. Use tags to associate each instance with a particular department.
What can AWS edge locations be used for? (Choose two.) A. Hosting applications B. Delivering content closer to users C. Running NoSQL database caching services D. Reducing traffic on the server by caching responses E. Sending notification messages to end users
B. Delivering content closer to users D. Reducing traffic on the server by caching responses Explanation:CloudFront delivers your content through a worldwide network of data centers called edge locations. When a user requests content that you're serving withCloudFront, the user is routed to the edge location that provides the lowest latency (time delay), so that content is delivered with the best possible performance.Reference:https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html
Which architectural principle is used when deploying an Amazon Relational Database Service (Amazon RDS) instance in Multiple Availability Zone mode? A. Implement loose coupling. B. Design for failure. C. Automate everything that can be automated. D. Use services, not servers.
B. Design for failure. Explanation:Amazon RDS Multi-AZ deployments provide enhanced availability and durability for Database (DB) Instances, making them a natural fit for production database workloads. When you provision a Multi-AZ DB Instance, Amazon RDS automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). Each AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. In case of an infrastructure failure, Amazon RDS performs an automatic failover to the standby (or to a read replica in the case of Amazon Aurora), so that you can resume database operations as soon as the failover is complete. Since the endpoint for your DB Instance remains the same after a failover, your application can resume database operation without the need for manual administrative intervention.Reference:https://aws.amazon.com/rds/details/multi-az/
Which of the following are benefits of the AWS Cloud? (Choose two.) A. Unlimited uptime B. Elasticity C. Agility D. Colocation E. Capital expenses
B. Elasticity C. Agility Explanation:The most celebrated benefit of AWS cloud is elasticity since you can expand the services when you experience more traffic.Agile developments in AWS Cloud through strategies are day by day becoming more established within the enterprises across the world. With so much improvement and call for optimization in the cloud, it is necessary that these strategies get established from the ground up within the organizations. It is highly important as already enterprises have a lot of bequest, politics and hierarchies which act as barriers in their businesses.Reference:https://www.botmetric.com/blog/evolution-agile-enterprises-aws-cloud/
Which of the following services is in the category of AWS serverless platform? A. Amazon EMR B. Elastic Load Balancing C. AWS Lambda D. AWS Mobile Hub
C. AWS Lambda Explanation:AWS provides a set of fully managed services that you can use to build and run serverless applications. Serverless applications donג€™t require provisioning, maintaining, and administering servers for backend components such as compute, databases, storage, stream processing, message queueing, and more. You also no longer need to worry about ensuring application fault tolerance and availability. Instead, AWS handles all of these capabilities for you. Serverless platform includes: AWS lambda, Amazon S3, DynamoDB, API gateway, Amazon SNS, AWS step functions, Amazon kinesis and developing tools and services.Reference:https://aws.amazon.com/serverless/
How should a customer forecast the future costs for running a new web application? A. Amazon Aurora Backtrack B. Amazon CloudWatch Billing Alarms C. AWS Simple Monthly Calculator D. AWS Cost and Usage report
C. AWS Simple Monthly Calculator Answer : C Explanation:You can use Cost explorer which is part of Cost and Usage report to forecast future costs of running an application.Reference:https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/ce-forecast.html
Which service provides a hybrid storage service that enables on-premises applications to seamlessly use cloud storage? A. Amazon Glacier B. AWS Snowball C. AWS Storage Gateway D. Amazon Elastic Block Storage (Amazon EBS)
C. AWS Storage Gateway Explanation:AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage. Customers use Storage Gateway to simplify storage management and reduce costs for key hybrid cloud storage use cases. These include moving tape backups to the cloud, reducing on-premises storage with cloud-backed file shares, providing low latency access to data in AWS for on-premises applications, as well as various migration, archiving, processing, and disaster recovery use cases.Reference:https://aws.amazon.com/storagegateway/?whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc
Which AWS hybrid storage service enables your on-premises applications to seamlessly use AWS Cloud storage through standard file-storage protocols? A. AWS Direct Connect B. AWS Snowball C. AWS Storage Gateway D. AWS Snowball Edge
C. AWS Storage Gateway Explanation:The AWS Storage Gateway service enables hybrid cloud storage between on-premises environments and the AWS Cloud. It seamlessly integrates on-premises enterprise applications and workflows with Amazonג€™s block and object cloud storage services through industry standard storage protocols. It provides low-latency performance by caching frequently accessed data on premises, while storing data securely and durably in Amazon cloud storage services. It provides an optimized data transfer mechanism and bandwidth management, which tolerates unreliable networks and minimizes the amount of data being transferred. It brings the security, manageability, durability, and scalability of AWS to existing enterprise environments through native integration with AWS encryption, identity management, monitoring, and storage services. Typical use cases include backup and archiving, disaster recovery, moving data to S3 for in-cloud workloads, and tiered storage.Reference:https://aws.amazon.com/storagegateway/faqs/
Which service is best for storing common database query results, which helps to alleviate database access load? A. Amazon Machine Learning B. Amazon SQS C. Amazon ElastiCache D. Amazon EC2 Instance Store
C. Amazon ElastiCache Explanation:Amazon ElastiCache for Redis is a great choice for implementing a highly available, distributed, and secure in-memory cache to decrease access latency, increase throughput, and ease the load off your relational or NoSQL databases and applications. ElastiCache can serve frequently requested items at sub- millisecond response times, and enables you to easily scale for higher loads without growing the costlier backend databases. Database query results caching, persistent session caching, and full-page caching are all popular examples of caching with ElastiCache for Redis.Reference:https://aws.amazon.com/products/databases/real-time-apps-elasticache-for-redis/
Which Amazon Virtual Private Cloud (Amazon VPC) feature enables users to connect two VPCs together? A. Amazon VPC endpoints B. Amazon Elastic Compute Cloud (Amazon EC2) ClassicLink C. Amazon VPC peering D. AWS Direct Connect
C. Amazon VPC peering xplanation:A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses. Instances in either VPC can communicate with each other as if they are within the same network. You can create a VPC peering connection between your own VPCs, or with a VPC in another AWS account. The VPCs can be in different regions (also known as an inter-region VPC peering connection).Reference:https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html
Which load balancer types are available with Elastic Load Balancing (ELB)? (Choose two.) A. Public load balancers with AWS Application Auto Scaling capabilities B. F5 Big-IP and Citrix NetScaler load balancers C. Classic Load Balancers D. Cross-zone load balancers with public and private IPs E. Application Load Balancers
C. Classic Load Balancers E. Application Load Balancers
Which of the following deployment models enables customers to fully trade their capital IT expenses for operational expenses? A. On-premises B. Hybrid C. Cloud D. Platform as a service
C. Cloud Explanation:The cloud allows you to trade capital expenses (such as data centers and physical servers) for variable expenses, and only pay for IT as you consume it. Plus, the variable expenses are much lower than what you would pay to do it yourself because of the economies of scale.Reference:https://aws.amazon.com/what-is-cloud-computing/
Under the AWS shared responsibility model, customer responsibilities include which one of the following? A. Securing the hardware, software, facilities, and networks that run all products and services. B. Providing certificates, reports, and other documentation directly to AWS customers under NDA. C. Configuring the operating system, network, and firewall. D. Obtaining industry certifications and independent third-party attestations.
C. Configuring the operating system, network, and firewall. https://aws.amazon.com/compliance/shared-responsibility-model/ Next Question
If each department within a company has its own AWS account, what is one way to enable consolidated billing? A. Use AWS Budgets on each account to pay only to budget. B. Contact AWS Support for a monthly bill. C. Create an AWS Organization from the payer account and invite the other accounts to join. D. Put all invoices into one Amazon Simple Storage Service (Amazon S3) bucket, load data into Amazon Redshift, and then run a billing report.
C. Create an AWS Organization from the payer account and invite the other accounts to join. Answer : C Reference:https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/consolidated-billing.html
How can a user protect against AWS service disruptions if a natural disaster affects an entire geographic area? A. Deploy applications across multiple Availability Zones within an AWS Region. B. Use a hybrid cloud computing deployment model within the geographic area. C. Deploy applications across multiple AWS Regions. D. Store application artifacts using AWS Artifact and replicate them across multiple AWS Regions.
C. Deploy applications across multiple AWS Regions. Explanation:An AWS Region is a geographic location where AWS provides multiple, physically separated and isolated Availability Zones which are connected with low latency, high throughput, and highly redundant networking.Reference:https://aws.amazon.com/s3/faqs/
Which of the following tasks is the responsibility of AWS? A. Encrypting client-side data B. Configuring AWS Identity and Access Management (IAM) roles C. Securing the Amazon EC2 hypervisor D. Setting user password policies
C. Securing the Amazon EC2 hypervisor Answer : C Explanation:In EC2, the AWS IaaS offering, everything from the hypervisor layer down is AWSג€™s responsibility. A customerג€™s poorly coded applications, misconfigured operating systems, or insecure firewall settings will not affect the hypervisor, it will only affect the customerג€™s virtual machines running on that hypervisor.Reference:https://www.mindpointgroup.com/blog/the-aws-shared-responsibility-model-part-1-security-in-the-cloud/
Which of the following provides the ability to share the cost benefits of Reserved Instances across AWS accounts? A. AWS Cost Explorer between AWS accounts B. Linked accounts and consolidated billing C. Amazon Elastic Compute Cloud (Amazon EC2) Reserved Instance Utilization Report D. Amazon EC2 Instance Usage Report between AWS accounts
B. Linked accounts and consolidated billing Explanation:The way that Reserved Instance discounts apply to accounts in an organization's consolidated billing family depends on whether Reserved Instance sharing is turned on or off for the account. By default, Reserved Instance sharing for all accounts in an organization is turned on. You can change this setting by Turning OffReserved Instance Sharing for an account.The capacity reservation for a Reserved Instance applies only to the account the Reserved Instance was purchased on, regardless of whether Reserved Instance sharing is turned on or off.Reference:https://aws.amazon.com/premiumsupport/knowledge-center/ec2-ri-consolidated-billing/
Under the shared responsibility model, which of the following tasks are the responsibility of the customer? (Choose two.) A. Maintaining the underlying Amazon EC2 hardware. B. Managing the VPC network access control lists. C. Encrypting data in transit and at rest. D. Replacing failed hard disk drives. E. Deploying hardware in different Availability Zones.
B. Managing the VPC network access control lists. C. Encrypting data in transit and at rest. xplanation:The hardware related jobs is the prime responsibility of AWS. VPC network access control lists is something a customer has to do himself to secure the applications. Encrypting data in transit and at rest is a shared responsibility in which AWS plays a part. All hardware related jobs have nothing to do with the customer.Reference:https://dzone.com/articles/aws-shared-responsibility-model-cloud-security
Which of the following BEST describe the AWS pricing model? (Choose two.) A. Fixed-term B. Pay-as-you-go C. Colocation D. Planned E. Variable cost
B. Pay-as-you-go E. Variable cost
A company is considering moving its on-premises data center to AWS.What factors should be included in doing a Total Cost of Ownership (TCO) analysis? (Choose two.) A. Amazon EC2 instance availability B. Power consumption of the data center C. Labor costs to replace old servers D. Application developer time E. Database engine capacity
B. Power consumption of the data center C. Labor costs to replace old servers
Which mechanism allows developers to access AWS services from application code? A. AWS Software Development Kit B. AWS Management Console C. AWS CodePipeline D. AWS Config
A. AWS Software Development Kit https://aws.amazon.com/tools/ Next Question
Which of the following services have Distributed Denial of Service (DDoS) mitigation features? (Choose two.) A. AWS WAF B. Amazon DynamoDB C. Amazon EC2 D. Amazon CloudFront E. Amazon Inspector
A. AWS WAF D. Amazon CloudFront https://aws.amazon.com/shield/ Next Question
What can users access from AWS Artifact? A. AWS security and compliance documents B. A download of configuration management details for all AWS resources C. Training materials for AWS services D. A security assessment of the applications deployed in the AWS Cloud
A. AWS security and compliance documents Explanation:You can use AWS Artifact Reports to download AWS security and compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI), andSystem and Organization Control (SOC) reports.Reference:https://aws.amazon.com/artifact/faq/
What function do security groups serve related to Amazon Elastic Compute Cloud (Amazon EC2) instance security? A. Act as a virtual firewall for the Amazon EC2 instance. B. Secure AWS user accounts with AWS Identity and Access Management (IAM) policies. C. Provide DDoS protection with AWS Shield. D. Use Amazon CloudFront to protect the Amazon EC2 instance.
A. Act as a virtual firewall for the Amazon EC2 instance. Explanation:AWS Security Groups act like a firewall for your Amazon EC2 instances controlling both inbound and outbound traffic. When you launch an instance on AmazonEC2, you need to assign it to a particular security group.After that, you can set up ports and protocols, which remain open for users and computers over the internet.AWS Security Groups are very flexible. You can use the default security group and still customize it according to your liking (although we donג€™t recommend this practice because groups should be named according to their purpose.) Or you can create a security group that you want for your specific applications. To do this, you can write the corresponding code or use the Amazon EC2 console to make the process easier.Reference:https://www.threatstack.com/blog/aws-security-groups-what-they-are-and-how-to-get-the-most-out-of-them
A company is designing an application hosted in a single AWS Region serving end-users spread across the world. The company wants to provide the end-users low latency access to the application data.Which of the following services will help fulfill this requirement? A. Amazon CloudFront B. AWS Direct Connect C. Amazon Route 53 global DNS D. Amazon Simple Storage Service (Amazon S3) transfer acceleration
A. Amazon CloudFront Explanation:Use AWS Local Zones to deploy workloads closer to your end-users for low-latency requirements. AWS Local Zones have their own connection to the internet and support AWS Direct Connect, so resources created in the Local Zone can serve local end-users with very low-latency communications.nationReference:https://aws.amazon.com/about-aws/global-infrastructure/localzones/faqs/
Which AWS service can serve a static website? A. Amazon S3 B. Amazon Route 53 C. Amazon QuickSight D. AWS X-Ray
A. Amazon S3 Explanation:You can host a static website on Amazon Simple Storage Service (Amazon S3). On a static website, individual webpages include static content. They might also contain client-side scripts. By contrast, a dynamic website relies on server-side processing, including server-side scripts such as PHP, JSP, or ASP.NET. AmazonS3 does not support server-side scripting.Reference:https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html
When building a cloud Total Cost of Ownership (TCO) model, which cost elements should be considered for workloads running on AWS? (Choose three.) A. Compute costs B. Facilities costs C. Storage costs D. Data transfer costs E. Network infrastructure costs F. Hardware lifecycle costs
A. Compute costs C. Storage costs E. Network infrastructure costs https://aws.amazon.com/blogs/aws/the-new-aws-tco-calculator/ Next Question
When comparing AWS with on-premises Total Cost of Ownership (TCO), what costs are included? A. Data center security B. Business analysis C. Project management D. Operating system administration
A. Data center security https://www.awstcocalculator.com/Output/Load/f85bbf7e131446643911859504 Next Question
What is an advantage of using the AWS Cloud over a traditional on-premises solution? A. Users do not have to guess about future capacity needs. B. Users can utilize existing hardware contracts for purchases. C. Users can fix costs no matter what their traffic is. D. Users can avoid audits by using reports from AWS.
A. Users do not have to guess about future capacity needs. https://data-flair.training/blogs/aws-advantages/ Next Question
When is it beneficial for a company to use a Spot Instance? A. When there is flexibility in when an application needs to run. B. When there are mission-critical workloads. C. When dedicated capacity is needed. D. When an instance should not be stopped.
A. When there is flexibility in when an application needs to run. xplanation:The key to understanding spot instances is to look at the way that cloud service providers such as Amazon Web Services (AWS) operate. Cloud service providers invest in hardware resources and then release those resources (often on a per-hour basis) to subscribers. One of the problems with this business model, however, is that at any given time, there are likely to be compute resources that are not being utilized. These resources represent hardware capacity that AWS has paid for but are sitting idle, and not making AWS any money at the moment.Rather than allowing these computing resources to go to waste, AWS offers them at a substantially discounted rate, with the understanding that if someone needs those resources for running a normal EC2 instance, that instance will take priority over spot instances that are using the hardware resources at a discounted rate.In fact, spot instances will be stopped if the resources are needed elsewhere.Reference:https://awsinsider.net/articles/2017/09/25/aws-spot-instances-primer.aspx
Which AWS support plan includes a dedicated Technical Account Manager? A. Developer B. Enterprise C. Business D. Basic
Answer : B Explanation:The enterprise support plans supports technical account manager. Developer and business support plans are devoid of this facility.Reference:https://aws.amazon.com/premiumsupport/plans/
Which is the MINIMUM AWS Support plan that provides technical support through phone calls? A. Enterprise B. Business C. Developer D. Basic
Answer : B Reference:https://aws.amazon.com/premiumsupport/plans/
How can a customer increase security to AWS account logons? (Choose two.) A. Configure AWS Certificate Manager B. Enable Multi-Factor Authentication (MFA) C. Use Amazon Cognito to manage access D. Configure a strong password policy E. Enable AWS Organizations
B. Enable Multi-Factor Authentication (MFA) C. Use Amazon Cognito to manage access Explanation:Your root account should always be protected by Multi-Factor Authentication (MFA). This additional layer of security helps protect against unauthorized logins to your account by requiring two factors: something you know (a password) and something you have (for example, an MFA device). AWS supports virtual and hardware MFA devices and U2F security keys.Cognito can be used as an Identity Provider (IdP), where it stores and maintains users and credentials securely for your applications, or it can be integrated withOpenID Connect, SAML, and other popular web identity providers like Amazon.com.Using Amazon Cognito, you can generate temporary access credentials for your clients to access AWS services, eliminating the need to store long-term credentials in client applications.Reference:https://aws.amazon.com/blogs/security/guidelines-for-protecting-your-aws-account-while-using-programmatic-access/
Which of the following security measures protect access to an AWS account? (Choose two.) A. Enable AWS CloudTrail. B. Grant least privilege access to IAM users. C. Create one IAM user and share with many developers and users. D. Enable Amazon CloudFront. E. Activate multi-factor authentication (MFA) for privileged users.
B. Grant least privilege access to IAM users. E. Activate multi-factor authentication (MFA) for privileged users. Answer : BE Explanation:If you decided to create service accounts (that is, accounts used for programmatic access by applications running outside of the AWS environment) and generate access keys for them, you should create a dedicated service account for each use case. This will allow you to restrict the associated policy to only the permissions needed for the particular use case, limiting the blast radius if the credentials are compromised. For example, if a monitoring tool and a release management tool both require access to your AWS environment, create two separate service accounts with two separate policies that define the minimum set of permissions for each tool.Reference:https://aws.amazon.com/blogs/security/guidelines-for-protecting-your-aws-account-while-using-programmatic-access/
Which AWS IAM feature is used to associate a set of permissions with multiple users? A. Multi-factor authentication B. Groups C. Password policies D. Access keys
B. Groups Explanation:An IAM group is a collection of IAM users. You can use groups to specify permissions for a collection of users, which can make those permissions easier to manage for those users. For example, you could have a group called Admins and give that group the types of permissions that administrators typically need.Reference:https://docs.aws.amazon.com/IAM/latest/UserGuide/id.html
A solution that is able to support growth in users, traffic, or data size with no drop in performance aligns with which cloud architecture principle? A. Think parallel B. Implement elasticity C. Decouple your components D. Design for failure
B. Implement elasticity Reference:https://d1.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf
Which of the following is an AWS Cloud architecture design principle? A. Implement single points of failure. B. Implement loose coupling. C. Implement monolithic design. D. Implement vertical scaling.
B. Implement loose coupling. Explanation:Loose coupling between services can also be done through asynchronous integration. It involves one component that generates events and another that consumes them. The two components do not integrate through direct point-to-point interaction, but usually through an intermediate durable storage layer. This approach decouples the two components and introduces additional resiliency. So, for example, if a process that is reading messages from the queue fails, messages can still be added to the queue to be processed when the system recovers.Reference:https://www.botmetric.com/blog/aws-cloud-architecture-design-principles/
Which of the following can limit Amazon Simple Storage Service (Amazon S3) bucket access to specific users? A. A public and private key-pair B. Amazon Inspector C. AWS Identity and Access Management (IAM) policies D. Security Groups
C. AWS Identity and Access Management (IAM) policies Explanation:To allow users to perform S3 actions on the bucket from the VPC endpoints or IP addresses, you must explicitly grant those user-level permissions. You can grant user-level permissions on either an AWS Identity and Access Management (IAM) policy or another statement in the bucket policy.Reference:https://aws.amazon.com/premiumsupport/knowledge-center/block-s3-traffic-vpc-ip/
Which AWS services can be used to gather information about AWS account activity? (Choose two.) A. Amazon CloudFront B. AWS Cloud9 C. AWS CloudTrail D. AWS CloudHSM E. Amazon CloudWatch
C. AWS CloudTrail E. Amazon CloudWatch Answer : CE Explanation:AWS offers a solution that uses AWS CloudTrail to log account activity, Amazon Kinesis to compute and stream metrics in real-time, and Amazon DynamoDB to durably store the computed data. Metrics are calculated for create, modify, and delete API calls for more than 60 supported AWS services. The solution also features a dashboard that visualizes your account activity in real-time.Reference:https://aws.amazon.com/solutions/real-time-insights-account-activity/
What is a benefit of loose coupling as a principle of cloud architecture design? A. It facilitates low-latency request handling. B. It allows applications to have dependent workflows. C. It prevents cascading failures between different components. D. It allows companies to focus on their physical data center operations.
C. It prevents cascading failures between different components. Explanation:IT systems should ideally be designed in a way that reduces inter-dependencies. Your components need to be loosely coupled to avoid changes or failure in one of the components from affecting others.Your infrastructure also needs to have well defined interfaces that allow the various components to interact with each other only through specific, technology- agnostic interfaces. Modifying any underlying operations without affecting other components should be made possible.Reference:
How does AWS shorten the time to provision IT resources? A. It supplies an online IT ticketing platform for resource requests. B. It supports automatic code validation services. C. It provides the ability to programmatically provision existing resources. D. It automates the resource request process from a companyג€™s IT vendor list.
C. It provides the ability to programmatically provision existing resources.
A company will be moving from an on-premises data center to the AWS Cloud.What would be one financial difference after the move? A. Moving from variable operational expense (opex) to upfront capital expense (capex). B. Moving from upfront capital expense (capex) to variable capital expense (capex). C. Moving from upfront capital expense (capex) to variable operational expense (opex). D. Elimination of upfront capital expense (capex) and elimination of variable operational expense (opex).
C. Moving from upfront capital expense (capex) to variable operational expense (opex).
Which AWS service provides a self-service portal for on-demand access to AWS compliance reports? A. AWS Config B. AWS Certificate Manager C. Amazon Inspector D. AWS Artifact
D. AWS Artifact Explanation:AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWSג€™ security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment CardIndustry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls. Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the Nondisclosure Agreement(NDA).Reference:https://aws.amazon.com/artifact/
In which scenario should Amazon EC2 Spot Instances be used? A. A company wants to move its main website to AWS from an on-premises web server. B. A company has a number of application services whose Service Level Agreement (SLA) requires 99.999% uptime. C. A companyג€™s heavily used legacy database is currently running on-premises. D. A company has a number of infrequent, interruptible jobs that are currently using On-Demand Instances.
D. A company has a number of infrequent, interruptible jobs that are currently using On-Demand Instances. Answer : D 90% savings to on-demand pricing Reference:https://docs.aws.amazon.com/whitepapers/latest/cost-optimization-leveraging-ec2-spot-instances/spot-instance-interruptions.html
Which serviceג€™s PRIMARY purpose is software version control? A. Amazon CodeStar B. AWS Command Line Interface (AWS CLI) C. Amazon Cognito D. AWS CodeCommit
D. AWS CodeCommit Explanation:AWS CodeCommit is a version control service hosted by Amazon Web Services that you can use to privately store and manage assets (such as documents, source code, and binary files) in the cloud.Reference:https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html
How does AWS charge for AWS Lambda? A. Users bid on the maximum price they are willing to pay per hour. B. Users choose a 1-, 3- or 5-year upfront payment term. C. Users pay for the required permanent storage on a file system or in a database. D. Users pay based on the number of requests and consumed compute resources.
D. Users pay based on the number of requests and consumed compute resources. Explanation:AWS Lambda is charging its users by the number of requests for their functions and by the duration, which is the time the code needs to execute. When code starts running in response to an event, AWS Lambda counts a request. It will charge the total number of requests across all of the functions used. Duration is calculated by the time when your code started executing until it returns or until it is terminated, rounded up near to 100ms. The AWS Lambda pricing depends on the amount of memory that the user used to allocate to the function.Reference:https://dashbird.io/blog/aws-lambda-pricing-model-explained/
Which of the following can an AWS customer use to launch a new Amazon Relational Database Service (Amazon RDS) cluster? A. AWS Concierge B. AWS CloudFormation C. Amazon Simple Storage Service (Amazon S3) D. Amazon EC2 Auto Scaling E. AWS Management Console
E. AWS Management Console
Which is the minimum AWS Support plan that includes Infrastructure Event Management without additional costs? A. Enterprise B. Business C. Developer D. Basic
Enterprise
