201-299

Question 1

Users are reporting latency when connecting to a website with a global customer base.
Which AWS service will improve the customer experience by reducing latency?

• Amazon CloudFront
• AWS Direct Connect
• Amazon EC2 Auto Scaling
• AWS Transit Gateway

Answer 1

Amazon CloudFront

Question 2

What does the AWS Simple Monthly Calculator do?

• Compares on-premises costs to colocation environments
• Estimates monthly billing based on projected usage
• Estimates power consumption at existing data centers
• Estimates CPU utilization

Answer 2

Estimates monthly billing based on projected usage

Question 3

A company has different AWS accounts for production and development resources
Which AWS service provides billing for all AWS accounts consolidated into a single payment method?

• Amazon Connect
• Cost Explorer
• AWS Trusted Advisor
• AWS Organizations

Answer 3

AWS Organizations

Question 4

When a company provisions web servers in multiple AWS Regions, what is being increased?

• Coupling
• Availability
• Security
• Durability

Answer 4

Availability

Question 5

Which AWS service is used to provide encryption for Amazon EBS?

• AWS Certificate Manager
• AWS Systems Manager
• AWS KMS
• AWS Config

Answer 5

AWS KMS

Question 6

A Cloud Practitioner needs a consistent and dedicated connection between AWS resources and an on premises system
Which AWS service can fulfill this requirement?

AWS Direct Connect
AWS VPN

Amazon Connect
AWS Data Pipeline

Answer 6

Amazon Connect

Question 7

Which Amazon S3 storage class is optimized to provide access to data with lower resiliency requirements, but rapid access when needed, such as duplicate backups?

• Amazon S3 Standard
• Amazon S3 Glacier Deep Archive
• Amazon S3 One Zone Infrequent Access
• Amazon S3 Glacier

Answer 7

Amazon S3 Standard

Question 8

As part of the AWS shared responsibility model, which of the following operational controls do users fully inherit from AWS?

• Security management of data center
• Patch management
• Configuration management
• User and access management

Answer 8

User and access management

Question 9

How can a company isolate the costs of production and non-production workloads on AWS?

• Create identity and Access Management (IAM) roles for production and non-production workloads
• Use different accounts for production and non-production expenses.
• Use Amazon EC2 for non-production workloads and other services for production workloads.
• Use Amazon CloudWatch to monitor the use of services

Answer 9

Use different accounts for production and non-production expenses.

Question 10

A company is releasing a business-critical application

Before the release, the company needs strategic planning assistance from AWS. During the release, it needs infrastructure event management and real-time Support

How can these requirements be met?

• Access AWS Trusted Advisor
• Contact the AWS Partner Network (APN).
• Sign up for AWS Enterprise Support
• Contact AWS Professional Services

Answer 10

Contact AWS Professional Services

Question 11

Which components are required to build a successful site-to-site VPN connection on AWS?
(Select TWO.)

• Internet gateway
• NAT gateway
• Customer gateway
• Transit gateway
• Virtual private gateway

Answer 11

Customer gateway

Virtual private gateway

Question 12

Which AWS services can be used to provide network connectivity between an on-premises network and a VPC?

• Amazon Route 53
• AWS Direct Connect
• AWS Data Pipeline AWS VPN
• Amazon Connect

Answer 12

AWS Direct Connect

Question 13

An application runs on multiple Amazon EC2 instances that access a shared file system simultaneously
Which AWS storage service should be used?

• Amazon EBS
• Amazon EFS
• Amazon S3
• AWS Artifact

Answer 13

Amazon EFS

Question 14

Which AWS services can be used to move data from on-premises data centers to AWS? (Select TWO.)

• AWS Snowball
• AWS Lambda
• Amazon ElastiCache
• AWS Database Migration Service (AWS DMS)
• Amazon API Gateway

Answer 14

AWS Snowball

Amazon ElastiCache

Question 15

A company is running an eCommerce application hosted in Europe. To decrease latency for users who access the website from other parts of the world, the company would like to cache frequently accessed static content closer to the users
Which AWS service will support these requirements?

• Amazon ElastiCache
• Amazon CloudFront
• Amazon Elastic File System (Amazon EFS)
• Amazon Elastic Block Store (Amazon EBS)

Answer 15

Amazon Elastic File System (Amazon EFS)

Question 16

A company’s application running on Amazon EC2 is designed to use an Auto Scaling group to dynamically add or remove instances as demand increases or decreases. This is an example of which AWS Cloud architectural principle?

1. Loose coupling
2. Elasticity
3. Design for failure
4. Parallelism

Answer 16

Elasticity

Question 17

The AWS Trusted Advisor checks include recommendations regarding which of the following?

(Select TWO.)

1. Information on Amazon S3 bucket permissions
2. AWS service outages
3. Multi-factor authentication enabled on the AWS account root user
4. Available software patches
5. Number of users in the account

Answer 17

Information on Amazon S3 bucket permissions

Available software patches

Question 18

What is the total amount of storage offered by Amazon S3

• 100 MB
• 5 GB OC
• 5 TB
• Unlimited

Answer 18

5 TB

Question 19

Which AWS service provides on-demand downloads of AWS security and compliance documentation?

• AWS Directory Service
• AWS Artifact
• AWS Trusted Advisor
• Amazon Inspector

Answer 19

AWS Artifact

Question 20

Which of the following are benefits of using AWS Trusted Advisor?

• Providing high-performance container orchestration
• Creating and rotating encryption keys
• Detecting underutilized resources to save costs
• Improving security by proactively monitoring the AWS environment

-Implementing enforced tagging across AWS resources

Answer 20

Detecting underutilized resources to save costs

Question 21

After migrating a workload to AWS, which associated costs must a user still manage?

• 364 of 65 Flag for Review
• Staff to manage the hardware assets
• Physical access control
• Software licenses
• Power and cooling

Answer 21

Staff to manage the hardware assets

Question 22

When is it beneficial for a company to use a Spot Instance?

• When there is flexibility in when an application needs to run.
• When there are mission-critical workloads.
• When dedicated capacity is needed.
• When an instance should not be stopped.

Answer 22

When there is flexibility in when an application needs to run.

Question 23

Which security service automatically recognizes and classifies sensitive data or intellectual property on AWS?

• Amazon GuardDuty
• Amazon Macie
• Amazon Inspector
• AWS Shield

Answer 23

Amazon Inspector

Question 24

Which AWS service provides inbound and outbound network ACLs to harden external connectivity to Amazon EC2?

• AWS IAM
• Amazon Connect
• Amazon VPC
• Amazon API Gateway

Answer 24

Amazon VPC

Question 25

A company has a 500 TB image repository that needs to be transported to AWS for processing.

Which AWS service can import this data MOST cost-effectively?

• AWS Snowball
• AWS Direct Connect
• AWS VPN
• Amazon S3

Answer 25

AWS Snowball

Question 26

Which AWS services provide a user with connectivity between the AWS Cloud and on-premises resources? (Select TWO)

• AWS VPN
• Amazon Connect
• Amazon Cognito
• AWS Direct Connect
• AWS Managed Services

Answer 26

AWS VPN

AWS Direct Connect

Question 27

Under the AWS shared responsibility model, AWS is responsible for what combination of the following? (Select TWO)

• Configuring network ACLS
• Managing physical access to AWS data centers
• Setting and maintaining Amazon S3 access permissions.
• Updating Amazon EC2 security groups
• Maintaining the hardware that constitutes the cloud

Answer 27

Managing physical access to AWS data centers

Maintaining the hardware that constitutes the cloud

Question 28

What is an Availability Zone in AWS?

• One or more physical data centers
• A completely isolated geographic location
• One or more edge locations based around the world
• A data center location with a single source of power and networking

Answer 28

One or more physical data centers

Question 29

How can an AWS user with an AWS Basic Support plan obtain technical assistance from AWS?

• AWS Senior Support Engineers
• AWSTechnical Account Managers
• AWS Trusted Advisor
• AWS Discussion Forums

Answer 29

AWS Trusted Advisor

Question 30

Which AWS service or feature provides an additional layer of protection for user name and password authentication to the AWS Management Console?

• Amazon Cloud Directory
• AWS KMS AWS Multi-Factor
• Authentication (AWS MFA)
• Amazon Cognito

Answer 30

Authentication (AWS MFA)

Question 31

Which of the following are benefits of the AWS Cloud? (Choose two.)

• Unlimited uptime
• Elasticity
• Agility
• Colocation
• Capital expenses

Answer 31

Elasticity
Agility

Question 32

Which AWS service helps identify malicious or unauthorized activities in AWS accounts and workloads?

• Amazon Rekognition
• AWS Trusted Advisor
• Amazon GuardDuty
• Amazon CloudWatch

Answer 32

Amazon GuardDuty

Question 33

Under the shared responsibility model, which of the following tasks are the responsibility of the customer?
(Choose two.)

• Maintaining the underlying Amazon EC2 hardware.
• Managing the VPC network access control lists.
• Encrypting data in transit and at rest.
• Replacing failed hard disk drives.
• Deploying hardware in different Availability Zones

Answer 33

Managing the VPC network access control lists.

Encrypting data in transit and at rest

Question 34

When comparing AWS Cloud with on-premises Total Cost of Ownership, which expenses must be considered? (Choose two.)

• Software development
• Projectmanagement
• Storage hardware
• Physical servers
• Antivirus software license

Answer 34

Storage hardware
Physical servers

Question 35

The ability to horizontally scale Amazon EC2 instances based on demand is an example of which concept in the AWS Cloud value proposition?

• Economy of scale
• Elasticity
• High availability
• Agility

Answer 35

Economy of scale

Question 36

Which of the following benefits does the AWS Compliance program provide to AWS customers? (Choose two.)

• It verifies that hosted workloads are automatically compliant with the controls of supported compliance frameworks.
• AWS is responsible for the maintenance of common compliance framework documentation.
• It assures customers that AWS is maintaining physical security and data protection.
• It ensures the use of compliance frameworks that are being used by other cloud providers.
• It will adopt new compliance frameworks as they become relevant to customer workloads

Answer 36

It verifies that hosted workloads are automatically compliant with the controls of supported compliance frameworks.

AWS is responsible for the maintenance of common compliance framework documentation

Question 37

A company must ensure that its endpoint for a database instance remains the same after a single Availability Zone service interruption The application needs to resume database operations without the need for manual administrative intervention How can these requirements be met?

-Use multiple Amazon Route 53 routes to the standby database instance endpoint hosted on AWS Storage Gateway
-Configure Amazon RDS Multi-Availability Zone deployments with automatic failover to the standby
-Add multiple Application Load Balancers and deploy the database instance with AWS ElasticBeanstalk.
-Deploy a single Network Load Balancer to distribute incoming traffic across multiple Amazon
CloudFront origins

Answer 37

Configure Amazon RDS Multi-Availability Zone deployments with automatic failover to the standby

Question 38

Which AWS IAM feature is used to associate a set of permissions with multiple users?

Multi-factor authentication
Groups
Password policies
Access keys

Answer 38

Groups

Question 39

A user is planning to migrate an application workload to the AWS Cloud Which control becomes the responsibility of AWS once the migration is complete?

Patching the guest operating system
Maintaining physical and environmental controls
Protecting communications and maintaining zone security
Patching specific applications

Answer 39

Maintaining physical and environmental controls

Question 40

Which of the following describes the relationships among AWS Regions, Availability Zones, and edge locations? (Select TWO)

There are more AWS Regions than Availability Zones
There are more edge locations than AWS Regions

An edge location is an Availability Zone
There are more AWS Regions than edge locations
There are more availability Zones than AWS Regions

Answer 40

There are more edge locations than AWS Regions

There are more availability Zones than AWS Regions

Question 41

Which AWS service offers persistent storage for a file system?

Amazon S3
Amazon EC2 instance store
Amazon Elastic Block Store (Amazon EBS)
Amazon ElastiCache

Answer 41

Amazon Elastic Block Store (Amazon EBS)

Question 42

Within the AWS Shared responsibility model, who is responsible for security and compliance?

The customer is responsible
AWS is responsible
AWS and the customer share responsibility
AWS shares responsibility with the relevant governing body

Answer 42

AWS and the customer share responsibility

Question 43

which AWS tools automatically forecast future AWS costs?

AWS Support Center
AWS Total Cost of Ownership (TCO) Calculator
AWS Simple Monthly Calculator

Cost Explorer

Answer 43

AWS Simple Monthly Calculator

Question 44

Which AWS services can be used as infrastructure automation tools? (Select TWO.)

AWS CloudFormation
Amazon CloudFront
AWS Batch
AWS OpsWorks
Amazon QuickSight

Answer 44

AWS CloudFormation

AWS OpsWorks

Question 45

Which AWS service allows users to download security and compliance reports about the AWS infrastructure on demand?

AmazonGuardDuty
AWS Security Hub
AWS Artifact
AWS Shield

Answer 45

AWS Security Hub

Question 46

Which method helps to optimize costs for users moving to the AWS Cloud?

Paying only for what is used
Purchasing hardware before it is needed

Manually provisioning cloud resources
Purchasing for the maximum possible load

Answer 46

Paying only for what is used

Question 47

When building a cloud Total Cost of Ownership (TCO) model, which cost elements should be considered for workloads running on AWS? (Select Two.)

Compute costs
Facilities costs
Storage costs
Data transfer costs
Network infrastructure costs
Hardware lifecycle costs

Answer 47

Compute costs

Network infrastructure costs

Question 48

Which of the following can a customer use to enable single sign-on (SSO) to the AWS Console?

Amazon Connect
AWS Directory Service
Amazon Pinpoint
Amazon Rekognition

Answer 48

AWS Directory Service

Question 49

What is the purpose of the AWS Storage Gateway?

it ensures on-premises data storage is 99.999999999% durable.
It transports petabytes of data to and from AWS.
It connects to multiple Amazon EC2 instances.
it connects on-premises data storage to the AWS Cloud

Answer 49

it connects on-premises data storage to the AWS Cloud

Question 50

What are the benefits of using the AWS Cloud for companies with customers in many countries around the world? (Select TWO.)

• Companies can deploy applications in multiple AWS Regions to reduce latency.
• Amazon Translate automatically translates third-party website interfaces into multiple languages
• Amazon CloudFront has multiple edge locations around the world to reduce latency
• Amazon Comprehend allows users to build applications that can respond to user requests in many languages.
• Elastic Load Balancing can distribute application web traffic to multiple AWS Regions around the world, which reduces latency

Answer 50

Companies can deploy applications in multiple AWS Regions to reduce latency.

Elastic Load Balancing can distribute application web traffic to multiple AWS Regions around the
world, which reduces latency

Question 51

A company operating in the AWS Cloud requires separate invoices for specific environments, such as development, testing, and production How can this be achieved?

• Use multiple AWS accounts.
• Use resource tagging
• Use multiple VPCs.
• Use Cost Explorer

Answer 51

Use resource tagging

Question 52

A company is planning to launch a new steady-state workload on AWS that must be
accessible 24 hours a day, 7 days a week.
What is the MOST cost-effective Amazon EC2 pricing option?

• On-Demand Instances
• Spot Instances
• Reserved Instances
• Dedicated Hosts

Answer 52

On-Demand Instances

Question 53

Which AWS tool is used to compare the cost of running an application on-premises to
running the application in the AWS Cloud?

A) AWS Trusted Advisor
B) AWS Simple Monthly Calculator
C) AWS Total Cost of Ownership (TCO)Calculator
D) Cost Explorer

Answer 53

AWS Total Cost of Ownership (TCO)Calculator

Question 54

Which of the following services provides on-demand access to AWS compliance reports?

• AWS IAM
• AWS Artifact
• Amazon GuardDuty

-AWS KMS

Answer 54

AWS Artifact

Question 55

To use the AWS CLI, users are required to generate:

• a password policy.
• an access/secret key.
• a managed policy.
• an API key

Answer 55

an access/secret key.

Question 56

Which service is an AWS-managed Hadoop framework that makes it easy, fast, and cost-effective to process large amounts of data across dynamically scalable Amazon EC2 instances?

• Amazon EMR
• Amazon EC2
• AWS Elastic Beanstalk
• Amazon Redshift

Answer 56

Amazon EMR

Question 57

How does AWS charge for AWS Lambda usage once the free tier has been exceeded? (Select TWO)

• By the time it takes for the Lambda function to execute.
• By the number of versions of a specific Lambda function.
• By the number of requests made for a given Lambda function.
• By the programming language that is used for the Lambda function
• By the total number of Lambda functions in an AWS account

Answer 57

By the time it takes for the Lambda function to execute.

By the number of requests made for a given Lambda function

Question 58

Which of the following automatically distributes application traffic across multiple targets,
such as Amazon EC2 instances or containers?

• AWS Application Discovery Service
• AWS Resource Groups
• AWS Auto Scaling
• Elastic LoadBalancing

Answer 58

Elastic LoadBalancing

Question 59

Which AWS service or feature allows the user to manage cross-region application traffic?

• Amazon AppStream 2.0
• Amazon VPC
• Elastic Load Balancer
• AmazonRoute 53

Answer 59

Amazon VPC

Question 60

A company has multiple AWS accounts within AWS Organizations and wants to apply the Amazon EC2 Reserved instances benefit to a single account only
Which action should be taken?

• Purchase the Reserved Instances from master payer account and turn off Reserved Instance sharing.
• Enable billing alerts in the AWS Billing and Cost Management console
• Purchase the Reserved instances in individual linked accounts and turn off Reserved Instance sharing from the payer level
• Enable Reserved Instance sharing in the AWS Billing and Cost Management console

Answer 60

Purchase the Reserved instances in individual linked accounts and turn off Reserved
Instance sharing from the payer level

Question 61

Which of the following acts as a virtual firewall at the Amazon EC2 instance level to control traffic for one or more instances?

• Access keys
• Virtual private gateways
• Security groups
• Access Control Lists (ACL)

Answer 61

Security groups

Question 62

Which of the following are benefits of AWS Global Accelerator? (SelectTWO)

• Reduced cost to run services on AWS
• Improved availability of applications deployed on AWS
• Higher durability of data stored on AWS
• Decreased latency to reach applications deployed on AWS

-Higher security of data stored on AWS

Answer 62

Improved availability of applications deployed on AWS

Decreased latency to reach applications deployed on AWS

Question 63

An ecommerce company anticipates a huge increase in web traffic for two very popular upcoming shopping holidays
Which AWS service or feature can be configured to dynamically adjust resources to meet this change in demand?

• AWS Cloud Trail
• Amazon EC2 Auto Scaling
• Amazon Forecast
• AWS Config

Answer 63

Amazon EC2 Auto Scaling

Question 64

What does the Amazon S3 Intelligent-Tiering storage class offer?

-Paymentflexibility by reserving storage capacity
-Long-term retention of data by copying the data to an encrypted Amazon Elastic Block Store
(Amazon EBS) volume
-Automatic cost savings by moving objects between tiers based on access pattern changes
-Secure, durable, and lowest cost storage for data archival

Answer 64

Automatic cost savings by moving objects between tiers based on access pattern changes

Question 65

Which of the following can be used a second factor within the AWS Management Console for
AWS Multi-Factor Authentication (AWS MFA)?

-AWS IAM password

• AWS Certificate Manager certificate
• U2F security key token
• Access key or secret key

Answer 65

U2F security key token

Question 66

AWS CloudFormation is designed to help the user:

• model and provision resources
• update application code,
• set up data lakes
• create reports for billing

Answer 66

model and provision resources

Question 67

The pay-as-you-go pricing model for AWS services:

• reduces capital expenditures.
• requires payment up front for AWS services
• is relevant only for Amazon EC2, Amazon S3, and Amazon RDS.
• reduces operational expenditures.

Answer 67

reduces operational expenditures.

Question 68

Which AWS dashboard displays relevant and timely information to help users manage events in progress, and provides proactive notifications to help plan for scheduled activities?

• AWS Service Health Dashboard
• AWS Personal Health Dashboard
• AWS Trusted Advisor dashboard
• Amazon CloudWatch dashboard

Answer 68

AWS Personal Health Dashboard

Question 69

Amazon Route 53 enables users to:

• encrypt data in transit.
• register DNS domain names
• generate and manage SSL certificates OD.
• establish a dedicated network connection to AWS

Answer 69

register DNS domain names

Question 70

Which AWS tools or services can be used to list all AWS Lambda functions running in an
account? (Select TWO)

• AWS CLI
• AWS CloudFormation
• AWS CloudTrail
• Amazon Cloud Directory

Answer 70

AWS CLI

AWS CloudTrail

Question 71

Which AWS service can run a managed PostgreSQL database that provides online transaction processing (OLTP)?

• Amazon DynamoDB
• Amazon Athena
• Amazon RDS
• Amazon EMR

Answer 71

Amazon RDS

Question 72

What are the multiple, isolated locations within an AWS Region that are connected by low-latency networks called?

• AWS Direct Connects
• Amazon VPCs
• Edge locations
• Availability Zones

Answer 72

Availability Zones

Question 73

A company wants to expand its content delivery network infrastructure
Which AWS service should be used?

• Amazon S3
• Amazon CloudFront
• AWS Global Accelerator
• Amazon Route 53

Answer 73

Amazon CloudFront

Question 74

A Cloud Practitioner must determine if any security groups in an AW account have been
provisioned to allow unrestricted access for specific ports
What is the SIMPLEST way to do this?

• Review the inbound rules for each security group in the Amazon EC2 management console to check for port 0.0.0.0/0.
• Run AWS Trusted Advisor and review the findings
• Open the AWS IAM console and check the inbound rule filters for open access
• In AWS Config, create a custom rule that invokes an AWS Lambda function to review firewall rules for inbound access

Answer 74

Run AWS Trusted Advisor and review the findings

Question 75

A company is planning to launch an eCommerce site in a single AWS Region to a worldwide user base

Which AWS services will allow the company to reach users and provide low latency and high transfer speeds? (Select TWO)

• Application Load Balancer
• AWS Global Accelerator
• AWS Direct Connect
• Amazon CloudFront
• AWS Lambda

Answer 75

Amazon CloudFront
AWS Lambda

Question 76

A company must store critical business data in Amazon S3 with a backup to another
AWS Region
How can this be achieved?

• Use an Amazon CloudFront Content Delivery Network (CDN) to cache data globally
• Set up Amazon S3 cross-region replication to another AWS Region
• Configure the AWS Backup service to back up the data to another AWS Region
• Take Amazon S3 bucket snapshots and copy that data to another AWS Region

Answer 76

Set up Amazon S3 cross-region replication to another AWS Region

Question 77

Which service can be used to monitor and receive alerts for AWS account root user AWS
Management Console sign-in events?

• Amazon CloudWatch
• AWS Config
• AWS Trusted Advisor
• AWS IAM

Answer 77

Amazon CloudWatch

Question 78

Which AWS service handles the deployment details of capacity provisioning, load balancing, Auto Scaling, and application health monitoring?

AWS Config

AWS Elastic Beanstalk

Amazon Route 53

Amazon CloudFront

Answer 78

AWS Elastic Beanstalk

Question 79

What is the MOST cost-effective instance type for an application with a steady, consistent
workload that is hosted on an Amazon EC2 instance, which needs to operate for at least one year?

• Spot Instances
• Reserved Instances
• On-Demand Instances
• Dedicated Host

Answer 79

Reserved Instances

Question 80

Which AWS service helps users meet contractual and regulatory compliance requirements for data security by using dedicated hardware appliances within the AWS Cloud?

• AWS SecretsManager
• AWS CloudHSM
• AWS Key Management Service (AWS KMS),
• AWS Directory Service

Answer 80

AWS CloudHSM

Question 81

IT systems should be designed to reduce interdependencies, so that a change or failure in one component does not cascade to other components

This is an example of which principle of cloud architecture design?

• ScalabilityAWSCLOUD PRACTITIONER DUMPS
• Loose coupling
• Automation
• Automatic scaling

Answer 81

Loose coupling

Question 82

Which scenarios represent the concept of elasticity on AWS? (Choose two.)

• Scaling the number of Amazon EC2 instances based on traffic.
• Resizing Amazon RDS instances as business needs change.
• Automatically directing traffic to less-utilized Amazon EC2 instances.
• Using AWS compliance documents to accelerate the compliance process.
• Having the ability to create and govern environments using code.

Answer 82

Scaling the number of Amazon EC2 instances based on traffic.

Resizing Amazon RDS instances as business needs change.

Question 83

Which AWS service or feature can be used to monitor CPU usage?

• AWS CloudTrail
• VPC Flow Logs
• Amazon CloudWatch
• AWS Config

Answer 83

Amazon CloudWatch

Question 84

Where can users find a catalog of AWS-recognized providers of third-party security solutions?

• AWS Service Catalog
• AWS Marketplace
• AWS Quick Start
• AWS CodeDeploy

Answer 84

AWS Service Catalog

Question 85

Which of the following allows an application running on an Amazon EC2 instance to securely
write data to an Amazon S3 bucket without using long term credentials?

• Amazon Cognito
• AWS Shield
• AWS IAM role
• AWS IAM user access key

Answer 85

AWS IAM role

Question 86

What should users do if they want to install an application in geographically isolated locations?

• Install the application using multiple internet gateways.
• Deploy the application to an Amazon VPC.
• Deploy the application to multiple AWS Regions
• Configure the application using multiple NAT gateways

Answer 86

Deploy the application to multiple AWS Regions

Question 87

Which AWS service makes it easy to create and manage AWS users and groups, and
provide them with secure access to AWS resources at no charge?

• AWS Direct Connect
• Amazon Connect
• AWS Identity and Access Management (IAM)
• AWS Firewall Manager

Answer 87

AWS Identity and Access Management (IAM)

Question 88

Where can users find a catalog of AWS-recognized providers of third-party security solutions?

• AWS Service Catalog
• AWS Marketplace
• AWS Quick Start OD
• AWS CodeDeploy

Answer 88

AWS Service Catalog

Question 89

What is a characteristic of Amazon S3 cross-region replication?

• Both source and destination S3 buckets must have versioning disabled
• The source and destination S3 buckets cannot be in different AWS Regions
• S3 buckets configured for cross-region replication can be owned by a single AWS account or by different accounts
• The source S3 bucket owner must have the source and destination AWS Regions disabled for their account

Answer 89

S3 buckets configured for cross-region replication can be owned by a single AWS account or by different accounts

Question 90

A company wants to integrate conversational natural language chatbots into its existing
application using voice and text.
Which managed AWS service can be used for this use case?

• Amazon Lex
• Amazon Polly
• Amazon Textract
• Amazon Comprehend

Answer 90

Amazon Textract

Question 91

A user needs to launch a workload in multiple AWS environments. Each copy of the workload must have the same configuration

What is the MOST efficient way to accomplish this task?

• Launch the resources using the AWS Management Console
• Use AWS CloudFormation to launch a stack.
• Execute a custom PowerShell script to launch the workloads.
• Use AWS OpsWorks to provision the workloads.

Answer 91

Use AWS OpsWorks to provision the workloads.

Question 92

A company wants to try a third-party e-commerce solution before deciding to use it long term
Which AWS Service or tool will support this effort?

• AWS Marketplace
• AWS Partner Network (APN)
• AWS Managed Services
• AWS Service Catalog

Answer 92

AWS Marketplace

Question 93

A company with a Developer-level AWS Support plan provisioned an Amazon RDS database
and cannot connect to it.
Who should the developer contact for this level of support?

• AWS Support using a support case
• AWS Professional Services
• AWS Technical Account Manager AWS consulting partners

Answer 93

AWS Support using a support case

Question 94

Which AWS service provides a quick and automated way to create and manage AWS
accounts?

• AWS QuickSight
• Amazon Lightsail
• AWS Organizations
• Amazon Connect

Answer 94

AWS Organizations

Question 95

Why is it beneficial to use Elastic Load Balancers with applications?
They allow for the conversion from Application Load Balancers toClassic Load Balancers.

• They are capable of handling constant changes in network traffic patterns.
• They automatically adjust capacity
• They are provided at no charge to

Answer 95

They are capable of handling constant changes in network traffic patterns

Question 96

What is the purpose of a policy in AWS Identity Access Management (IAM)?

To define the run schedule of an Amazon EC2 instance
To assign permissions to a role, group, or user
To manage ports within a VPN
To manage the access keys for an IAM user

Answer 96

To assign permissions to a role, group, or user

Question 97

Which AWS Support plan offers access to self-paced labs?

Business Support
Enterprise Support
Basic Support
Developer Support

Answer 97

Enterprise Support

Question 98

A company needs an Amazon S3 bucket that cannot have any public objects due to compliance requirements
How can this be accomplished?

Enable S3 Block Public Access from the AWS Management Console
Hold a team meeting to discuss the importance of only uploading private S3 objects

Require all S3 objects to be manually approved before uploading
Create a service to monitor all S3 uploads and remove any public uploads

Answer 98

Enable S3 Block Public Access from the AWS Management Console

Question 99

Under the AWS shared responsibility model, which of the following is a customer
responsibility?

• Installing security patches for the Xen and KVM hypervisors
• Installing operating system patches for Amazon DynamoDB
• Installing operating system security patches for Amazon EC2 database
• instances Installing operating system security patches for Amazon RDS database instances

Answer 99

Installing operating system security patches for Amazon EC2 database