Stephane Maarek AWS CLOUD PRACTITIONER COURSE EXAM QUESTIONS
AWS cloudformation
A Cloud Practitioner would like to deploy identical resources across all regions and accounts using templates while estimating costs. Which AWS service can assist with this task?
AWS Systems Manager
A Cloud Practitioner would like to get operational insights of its resources to quickly identify any issues that might impact applications using those resources. Which AWS service can help with this task?
Use AWS organizations to manage AWS accounts of all units and then share the reserved EC2 instances amongst all units
A company uses reserved EC2 instances across multiple units with each unit having its own AWS account. However, some of the units under-utilize their reserved instances while other units need more reserved instances. As a Cloud Practitioner, which of the following would you recommend as the most cost-optimal solution?
EFS Amazon EFS is a file storage service for use with Amazon EC2. Amazon EFS provides a file system interface, file system access semantics, and concurrently-accessible storage for up to thousands of Amazon EC2 instances. Amazon EFS uses the Network File System protocol.
A data analytics company is running a proprietary batch analytics application on AWS and wants to use a storage service which would be accessed by hundreds of EC2 instances simultaneously to append data to existing files. As a Cloud Practitioner, which AWS service would you suggest for this use-case?
AWS OpsWorks AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers. OpsWorks lets you use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments.
A developer would like to automate operations on his on-premises environment using Chef and Puppet. Which AWS service can help with this task?
CloudTrail
A financial services company wants to ensure that its AWS account activity meets the governance, compliance and auditing norms. As a Cloud Practitioner, which AWS service would you recommend for this use-case?
AWS pricing calculator
A financial services company wants to migrate from its on-premises data center to AWS Cloud. As a Cloud Practitioner, which AWS service would you recommend so that the company can compare the cost of running their IT infrastructure on-premises vs AWS Cloud?
Virtual MFA device A software app that runs on a phone or other device and emulates a physical device. The device generates a six-digit numeric code based upon a time-synchronized one-time password algorithm. ie: google authenticator
A financial services enterprise plans to enable Multi-Factor Authentication (MFA) for its employees. For ease of travel, they prefer not to use any physical devices to implement MFA. Which of the below options is best suited for this use case?
AWS Local Zones
A gaming company is looking at a technology/service that can deliver a consistent low-latency gameplay to ensure a great user experience for end-users in various locations. Which AWS technology/service will provide the necessary low-latency access to the end-users?
60 seconds There is a one-minute minimum charge for Linux based EC2 instances, so this is the correct option.
An intern at an IT company provisioned a Linux based On-demand EC2 instance with per-second billing but terminated it within 30 seconds as he wanted to provision another instance type. What is the duration for which the instance would be charged?
hybrid deployment
An organization deploys its IT infrastructure in a combination of its on-premises data center along with AWS Cloud. How would you categorize this deployment model?
VPC Peering A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them privately. Instances in either VPC can communicate with each other as if they are within the same network.
An organization maintains a separate Virtual Private Cloud (VPC) for each of its business units. Two units need to privately share data. Which is the most optimal way of privately sharing data between the two VPCs?
-Amazon S3 Glacier -AWS Storage Gateway
Data encryption is automatically enabled for which of the following AWS services? (Select two)? -Amazon S3 Glacier -AWS Storage Gateway -Amazon EBS volumes -Amazon Redshift -Amazon EFS drives
AWS Cloud HSM
Due to regulatory and compliance reasons, an organization is supposed to use a hardware device for any data encryption operations in the cloud. Which AWS service can be used to meet this compliance requirement?
High Availability A system that is available is capable of delivering the designed functionality at a given point in time. Highly available systems are those that can withstand some measure of degradation while still remaining available.
Multi AZ (Availability Zone) deployment is an example of which of the following?
AWS X-Ray With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors.
The DevOps team at an e-commerce company is trying to debug performance issues for its serverless application built using a microservices architecture. As a Cloud Practitioner, which AWS service would you recommend addressing this use-case?
Multi AZ enhances database availibility
What is the primary benefit of deploying an RDS database in a Multi-AZ configuration?
Read Replica improves database scalability Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud.
What is the primary benefit of deploying an RDS database in a Read Replica configuration?
Weighted routing policy Weighted routing lets you associate multiple resources with a single domain name (example.com) or subdomain name (acme.example.com) and choose how much traffic is routed to each resource
Which AWS Route 53 routing policy would you use to route traffic to multiple resources and also choose how much traffic is routed to each resource?
AWS CodeDeploy AWS CodeDeploy is a service that automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises.
Which AWS service can be used to automate code deployment to EC2 instances as well as on-premises instances?
AWS Service Health Dashboard AWS Service Health Dashboard publishes most up-to-the-minute information on the status and availability of all AWS services in tabular form for all Regions that AWS is present in.
Which AWS service can be used to subscribe to an RSS feed to be notified of the status of all AWS service interruptions?
AWS trusted advisor
Which AWS service can help you analyze your infrastructure to identify unattached or underutilized EBS volumes?
AWS Cloud Formation
Which AWS service will you use to provision the same AWS infrastructure across multiple AWS accounts and regions?
Amazon DynamoDB Amazon DynamoDB is a key-value and document database that delivers single-digit millisecond performance at any scale. It's a fully managed, multi-Region, multi-master, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications. DynamoDB is schemaless. DynamoDB can manage structured or semistructured data, including JSON documents.
Which AWS service would you choose for a data processing project that needs a schemaless database?
Massive economies of scale Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing. Instead of buying, owning, and maintaining physical data centers and servers, you can access technology services, such as computing power, storage, and databases, on an as-needed basis.
Which benefit of Cloud Computing allows AWS to offer lower pay-as-you-go prices as usage from hundreds of thousands of customers is aggregated in the cloud?
Auto Scaling Auto Scaling helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application.
Which entity ensures that your application on Amazon EC2 always has the right amount of capacity to handle the current traffic demand?
AWS Cost Explorer AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time
Which of the AWS services can be used to forecast your AWS account usage and costs?
Enterprise AWS offers three different support plans to cater to each of its customers - Developer, Business, and Enterprise Support plans. A basic support plan is included for all AWS customers.
Which of the following AWS Support plans provides access to online training with self-paced labs?
U2F Security Key Universal 2nd Factor (U2F) Security Key is a device that you can plug into a USB port on your computer. U2F is an open authentication standard hosted by the FIDO Alliance. When you enable a U2F security key, you sign in by entering your credentials and then tapping the device instead of manually entering a code.
Which of the following AWS authentication mechanisms supports a Multi-Factor Authentication (MFA) device that you can plug into a USB port on your computer?
-AWS Auto Scaling -Identity and Access Management (IAM)
Which of the following AWS services are always free to use (Select two)? -Dynamo DB -Elastic Compute Cloud (EC2) -Simple Storage Service (S3) -AWS Auto Scaling -Identity and Access Management (IAM)
Aws trusted advisor Aws service quota
Which of the following AWS services are part of the AWS Foundation services for the Reliability pillar of the Well-Architected Framework in AWS Cloud? (Select two) - Aws trusted advisor - Aws service quota -Amazon cloud watch - AWS cloudtrail - AWS cloud formation
EBS & Instance Store
Which of the following AWS services offer block-level storage? (Select two) -EFS -S3 -ECS -EBS -Instance Store
S3 Glacier Deep Archive" - S3 Glacier Deep Archive is Amazon S3's lowest-cost storage class and supports long-term retention and digital preservation for data that may be accessed once or twice in a year.
Which of the following S3 storage classes takes the most time to retrieve data (also known as first byte latency)?
Increase speed and agility Stop guessing about capacity
Which of the following are advantages of using the AWS Cloud? (Select TWO) -Increase speed and agility -Limited scaling -AWS is responsible for security in the cloud -Stop guessing about capacity -Trade operational expense for capital expense
AWS is responsible for the security of the cloud For abstracted services like S3, AWS operates the infrastructure layer, the operating system and platforms
Which of the following are correct statements regarding the AWS Shared Responsibility Model? (Select two) - AWS is responsible for training AWS and customer employees on AWS products and service - AWS is responsible for the security of the cloud - Configuration management is the responsibility of the customer - for abstracted services like S3, AWS operates the infrastructure layer, the operating system and platforms
-Restrict account privileges using Service Control Policies (SCP) -Create accounts per department
Which of the following are the best practices when using AWS Organizations? (Select TWO) -Restrict account privileges using Service Control Policies (SCP) -Create accounts per department - Never use tags for billing - Disable CloudTrail on several accounts - Do not use AWS Organizations to automate AWS account creation
AWS Fargate & AWS Lambda
Which of the following are the serverless computing services offered by AWS (Select two) -AWS Fargate -Amazon Lightsail -AWS Lambda -AWS Elastic Beanstalk
AWS Fargate AWS Fargate is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS).
Which of the following is a container service of AWS?
High availability Fault tolerance
Which of the following options are the benefits of using AWS Elastic Load Balancing (ELB)? (Select TWO) -High availability -Fault tolerance -Agility -Less Costly -Storage
Track configuration changes
Which of the following options is NOT a feature of Amazon Inspector?
It is a platform as a service (PaaS) which allows you deploy and scale web applications and services
Which of the following statements is the MOST accurate when describing AWS Elastic Beanstalk?
Operational Excellence The AWS Well-Architected Framework helps you understand the pros and cons of decisions you make while building systems on AWS. By using the Framework you will learn architectural best practices for designing and operating reliable, secure, efficient, and cost-effective systems in the cloud. It provides a way for you to consistently measure your architectures against best practices and identify areas for improvement.
Which pillar of the AWS Well-Architected Framework recommends maintaining infrastructure as code?
AWS Acceptable Use Policy The Acceptable Use Policy describes prohibited uses of the web services offered by Amazon Web Services, Inc. and its affiliates (the "Services") and the website located at http://aws.amazon.com (the "AWS Site"). This policy is present at https://aws.amazon.com/aup/ and is updated on a need basis by AWS.
Which policy describes prohibited uses of the web services offered by Amazon Web Services?
AWS Personal Health Dashboard AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you.
Which service gives a personalized view of the status of the AWS services that are part of your Cloud architecture so that you can quickly assess the impact on your business when AWS service(s) are experiencing issues?
Amazon DynamoDB with global table DynamoDB is a fully managed, serverless, key-value NoSQL database designed to run high-performance applications at any scale. DynamoDB offers built-in security, continuous backups, automated multi-region replication, in-memory caching, and data export tools.
A company wants to improve the resiliency of its flagship application so it wants to move from its traditional database system to a managed AWS database service to support active-active configuration in both the East and West US AWS regions. The active-active configuration with cross-region support is the prime criteria for any database solution that the company considers. Which AWS database service is the right fit for this requirement?
purchase EC2 reserved instances Set up Auto Scaling groups to align the number of instances with demand
A company would like to optimize Amazon EC2 costs. Which of the following actions can help with this task? (Select TWO) - Build Its own servers - purchase EC2 reserved instances - vertically scale the EC2 instances - Opt for a higher AWS support plan - Set up Auto Scaling groups to align the number of instances with demand
Create tags for each department You can assign metadata to your AWS resources in the form of tags. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
A company would like to separate cost for AWS services by the department for cost allocation. Which of the following is the simplest way to achieve this task?
AWS Systems Manager Session Manager AWS SSM Session Manager is a fully-managed service that provides you with an interactive browser-based shell and CLI experience. It helps provide secure and auditable instance management without the need to open inbound ports, maintain bastion hosts, and manage SSH keys. Session Manager helps to enable compliance with corporate policies that require controlled access to instances, increase security and auditability of access to the instances while providing simplicity and cross-platform instance access to end-users.
A company's flagship application runs on a fleet of Amazon EC2 instances. As per the new policies, the system administrators are looking for the best way to provide secure shell access to AWS EC2 instances without opening new ports or using public IP addresses. Which tool/service will help you achieve this requirement?
AWS Single Sign-on (SSO)
A corporation would like to have a central user portal to log in to third-party business applications as well as accounts managed under AWS Organizations. As a Cloud Practitioner, which AWS service would you use for this task?
Penetration Testing
A cyber-security agency uses AWS Cloud and wants to carry out security assessments on their own AWS infrastructure without any prior approval from AWS. Which of the following describes/facilitates this practice?
AWS Trusted Advisor AWS Cost Explorer
An IT company is on a cost-optimization spree and wants to identify all EC2 instances that are under-utilized. Which AWS services can be used off-the-shelf to address this use-case without needing any manual configurations? (Select two) -AWS Trusted Advisor -AWS Cost Explorer -AWS Cost and Usage Reports -Amazon CloudWatch -AWS Budgets
-CloudWatch -Lambda
An IT company wants to run a log backup process every Monday at 2 AM. The usual runtime of the process is 5 minutes. As a Cloud Practitioner, which AWS services would you recommend to build a serverless solution for this use-case? (Select two) -CloudWatch -Lambda -Systems Manager -EC2 Instance -Step Function
Use CloudWatch Logs for both the EC2 instance and the on-premises servers You can use Amazon CloudWatch Logs to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS CloudTrail, Route 53, and other sources such as on-premises servers.
An IT company has a hybrid cloud architecture and it wants to centralize the server logs for its EC2 instances and on-premises servers. Which of the following is the MOST effective for this use-case?
S3 Glacier Deep Archive S3 Glacier Deep Archive is Amazon S3's lowest-cost storage class and supports long-term retention and digital preservation for data that may be accessed once or twice in a year. It is designed for customers — particularly those in highly-regulated industries, such as the Financial Services, Healthcare, and Public Sectors — that retain data sets for 7-10 years or longer to meet regulatory compliance requirements. S3 Glacier Deep Archive can also be used for backup and disaster recovery use cases. It has a retrieval time (first byte latency) of 12 to 48 hours.
A medical device company is looking for a durable and cost-effective way of storing their historic data. Due to compliance requirements, the data must be stored for 10 years. Which AWS Storage solution will you suggest?
APN Consulting Partner The AWS Partner Network (APN) is the global partner program for technology and consulting businesses that leverage Amazon Web Services to build solutions and services for customers.
A multi-national corporation wants to get expert professional advice on migrating to AWS and managing their applications on AWS Cloud. Which of the following entities would you recommend for this engagement?
Use S3 One-Zone Infrequent Access (One-Zone IA) to store the thumbnails
A photo sharing web application wants to store thumbnails of user-uploaded images on Amazon S3. The thumbnails are rarely used but need to be immediately accessible from the web application. The thumbnails can be regenerated easily if they are lost. Which is the most cost-effective way to store these thumbnails on S3?
Amazon Macie
A silicon valley based healthcare startup stores anonymized patient health data on Amazon S3. The CTO further wants to ensure that any sensitive data on S3 is discovered and identified to prevent any sensitive data leaks. As a Cloud Practitioner, which AWS service would you recommend addressing this use-case?
AWS Quick Starts references Quick Starts are built by AWS solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability.
A start-up would like to quickly deploy a popular technology on AWS. As a Cloud Practitioner, which AWS tool would you use for this task?
Amazon Elastic Container Service (ECS)
A startup runs its proprietary application on docker containers. As a Cloud Practitioner, which AWS service would you recommend so that the startup can run containers and still have access to the underlying servers?
Reserved Instance Reserved Instances provide you with significant savings (up to 75%) on your Amazon EC2 costs compared to On-Demand Instance pricing.
A startup wants to provision an EC2 instance for the lowest possible cost for a long-term duration but needs to make sure that the instance would never be interrupted. As a Cloud Practitioner, which of the following options would you recommend?
Use Amazon Transcribe to convert speech to text for downstream analysis. Then use Amazon Polly to convey the text results via speech
A unicorn startup is building an analytics application with support for a speech-based interface. The application will accept speech-based input from users and then convey results via speech. As a Cloud Practitioner, which solution would you recommend for the given use-case?
-Amazon EC2 instances, Amazon EC2 Auto Scaling groups -Amazon EBS volumes, AWS Lambda functions
AWS Compute Optimizer delivers recommendations for which of the following AWS resources? (Select two) - Amazon EC2 instances, Amazon EC2 Auto Scaling groups - Amazon EBS volumes, AWS Lambda functions - Amazon EC2 instances, Amazon Elastic File System (Amazon EFS) - Amazon Elastic File System (Amazon EFS), AWS Lambda functions - AWS Lambda functions, Amazon Simple Storage Service (Amazon S3)
Sell Software as a Service (SaaS) solutions to AWS customers AWS customer can buy software that has been bundled into customized AMIs by the AWS Marketplace sellers
AWS Marketplace facilitates which of the following use-cases? (Select two) -Sell Software as a Service (SaaS) solutions to AWS customers -Purchase compliance documents from third-party vendors -AWS customer can buy software that has been bundled into customized AMIs by the AWS Marketplace sellers -Buy Amazon EC2 Standard Reserved Instances -Raise request for purchasing AWS Direct Connect connection
-Volume discounts for Amazon EC2 and Amazon S3 aggregated across the member AWS accts -share the reserved ec2 instances amongst AWS accts
AWS Organizations provides which of the following benefits? (Select two) -deploy patches on ec2 instances across the member AWS accts -provision EC2 spot instances across the member AWS accts -Volume discounts for Amazon EC2 and Amazon S3 aggregated across the member AWS accts -share the reserved ec2 instances amongst AWS accts
You must use an AMI from the same region as that of the EC2 instance. The region of the AMI has no bearing on the performance of the EC2 instance
An AWS user is trying to launch an EC2 instance in a given region. What is the region-specific constraint that the Amazon Machine Image (AMI) must meet so that it can be used for this EC2 instance?
