A Cloud Guru Practice Test (Missed Questions) Flashcards
Which of the following is AWS’ data warehousing service?
EMR
Redshift
S3 Big Data
Snowball
Redshift
Redshift is AWS’ data warehousing service.
A user uses CloudFormation to deploy infrastructure to multiple Regions. This multi-Region deployment strategy involves which pillar of the AWS Well-Architected Framework?
Operational Excellence
Security
Reliability
Performance Efficiency
Performance Efficiency
This Performance Efficiency pillar focuses on the effective use of resources to meet demand.
Which of the following is used to secure Amazon S3 buckets?
API key
Bucket access policy
Access keys
Security group
Bucket access policy
A bucket access policy can be attached directly to an S3 bucket to limit access to specific users.
How would a customer create a virtual firewall for an EC2 instance?
With a security group
With a web application firewall
With AWS Shield
With an IAM group
With a security group
Security groups act as virtual firewalls for EC2 instances.
Under the shared responsibility model, which of the following is an example of security of the cloud? (Pick 3)
Maintaining networking components
Applying security patches to the guest operating system
Protecting the data center infrastructure
Managing network traffic
Managing the AWS global infrastructure
Maintaining networking components
AWS maintains networking components: generators, uninterruptible power supply (UPS) systems, computer room air conditioning (CRAC) units, fire suppression systems, and more.
Protecting the data center infrastructure
AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.
Managing the AWS global infrastructure
AWS is responsible for the security of the cloud. AWS is responsible for its global infrastructure elements: Regions, edge locations, and Availability Zones.
You need to visualize, understand, and identify trends for future charges, as well as manage your AWS costs and usage over time. Which AWS tool would you use?
Amazon CloudWatch
Trusted Advisor
AWS Cost and Usage Report
AWS Cost Explorer
AWS Cost Explorer
Cost Explorer allows you to visualize and forecast your costs and usage over time.
You need to host a file in a location that is publicly accessible from anywhere in the world. Which AWS service would meet that need at the lowest cost?
EBS
S3
RDS
EC2
S3
With S3, objects can be accessed from anywhere in the world via a public URL. An RDS instance is used for hosting databases. An EBS Volume requires an EC2 instance to be accessible and would be more expensive than using S3.
Which of the following AWS services controls authentication and authorization within an AWS account?
Security groups
Access control lists
IAM
AWS Shield
IAM
IAM (Identity and Access Management) controls authentication and authorization within an AWS account.
Which of the below are TRUE statements when it comes to data security in AWS? (Pick 3)
AWS is responsible for the security of the hardware the data resides on.
AWS is responsible for managing who can access the data.
AWS is responsible for the security of the software that manages the data.
The customer is responsible for the security of the hardware the data resides on.
The customer is responsible for managing who can access the data.
The customer is responsible for the security of the software that runs AWS Cloud services.
AWS is responsible for the security of the hardware the data resides on.
Under the Shared Responsibility Model, AWS takes responsibility for managing all the hardware (including access, patching, and other maintenance) and software required to deliver the service — which includes security. The customer is responsible for who can access the data itself.
AWS is responsible for the security of the software that manages the data.
Under the Shared Responsibility Model, AWS takes responsibility for managing all the hardware (including access, patching, and other maintenance) and software required to deliver the service — which includes security. The customer is responsible for who can access the data itself.
The customer is responsible for managing who can access the data.
Under the Shared Responsibility Model, AWS takes responsibility for managing all the hardware (including access, patching, and other maintenance) and software required to deliver the service — which includes security. The customer is responsible for who can access the data itself.
Upon attempting to create an additional S3 bucket, you realize you have reached your S3 bucket limit in your AWS account. You anticipate creating even more S3 buckets in the future for your photos and documents. Which of the following is the quickest solution?
Consolidate files into half of the S3 buckets and delete the empty ones.
Submit a service limit increase.
Delete the S3 buckets you barely use.
Simply create the S3 bucket; AWS will automatically override the bucket limit.
Submit a service limit increase.
The key word here is “quickest,” and the fastest option is to request a service limit increase at the AWS Support Center.
A healthcare agency needs to store certain patient information for up to 10 years. To save cost, they want to archive this data to cheaper storage. The data needs to be retrieved within 12 hours. Which is the cheapest option?
Redshift
S3 Standard-IA
Glacier Deep Archive
Glacier
Glacier Deep Archive
Glacier Deep Archive meets the requirement and is the cheapest option.
A development team wants to gain full observability into the health of their applications and instances in order to provide the best service level to users of their applications. Which services can help them monitor the health of their applications and instances?
Simple Notification Service (SNS)
Route 53
Elastic Load Balancing
Elastic Beanstalk
CloudTrail
Route 53
Route 53 can be used to configure DNS health checks to route traffic to healthy endpoints or to monitor the health of your applications.
Elastic Load Balancing
Load balancers monitor the health of EC2 instances and route the traffic to only instances that are in a healthy state.
Elastic Beanstalk
Elastic Beanstalk monitors application health via a health dashboard.
In order to improve fault tolerance, you would like to begin using services that provide fault tolerance. Which AWS services provide automatic replication across Availability Zones? (Pick 2)
EC2
DynamoDb
VPC
S3
DynamoDb
DynamoDB provides this replication.
S3
S3 provides this replication.
How can a customer on the Developer Support plan open a system impaired support case?
Contact the Support Concierge team via phone.
Open a technical support case via chat.
Contact the Technical Account Manager (TAM) via chat.
Open a technical support case via email.
Open a technical support case via email.
Customers on the Developer Support plan can submit support cases for account and billing questions, service limit increases, and technical support cases via email only.
A developer is building a new application and is given the option to deploy the application on-premises or to the AWS Cloud. What benefits does the AWS Cloud provide over an on-premises deployment? (Pick 3)
Automatic Multi-AZ deployment of databases to enhance availability
Ability to pay-as-you-go without upfront contracts or long-term commitments
Ability to grow and shrink computing capacity based on demand
Automatic distribution of applications across Regions for higher availability
Ability to focus on building the application instead of managing servers
Ability to pay-as-you-go without upfront contracts or long-term commitments
You pay only when you access it and only for what you use, which allows you to spread costs over time since there are no huge upfront investments.
Ability to grow and shrink computing capacity based on demand
Elasticity allows the developer to match the supply of resources with changing workload demands.
Ability to focus on building the application instead of managing servers
If the developer uses a serverless architecture (for example, one that includes Lambda), the developer will not have to worry about managing servers or the underlying infrastructure.
An auditor is conducting an audit of your IT operations for compliance. The auditor requests visibility to logs of event history across your AWS-based employee expense system infrastructure. Which AWS service will record and provide you the information you need?
AWS CloudWatch Logs
AWS Compliance Manager
AWS CloudTrail
AWS Systems Manager
AWS CloudTrail
AWS CloudTrail provides visibility to API call activity for AWS infrastructure and other services. AWS Cloudwatch Logs might be part of a centralized logging solution, but all API event information will come from CloudTrail. AWS Systems Manager can process EC2 logs only, and AWS Compliance Manager is not a service offered by AWS.
Your sales operations group would like to perform monthly analyses on large amounts of sales activity. They want to be able to rank the performance of different territories, product categories, and sales channels. They will use visualization tools to generate graphical representations of the data. Which AWS service will provide the best solution for storing the sales data?
Amazon Aurora
Amazon DynamoDB
Amazon Redshift
Amazon ElastiCache
Amazon Redshift
Amazon Redshift provides the best solution for performing queries based on a predefined set of dimensions. Redshift organizes data for high performance based on user-specified distribution schemes. Amazon ElastiCache provides in-memory performance, but no data organization assistance. Amazon Aurora and Amazon DynamoDB are good solutions, but Redshift’s columnar storage gives it the edge.
AWS purchases computing resources in large quantities at lower costs and then passes volume discounts on to their customers. Which benefit of cloud computing does this demonstrate?
Pay only when you use computing resources.
Deploy applications in multiple Regions around the world.
Eliminate guessing about your infrastructure capacity needs.
Lower pay-as-you-go prices due to massive economies of scale.
Lower pay-as-you-go prices due to massive economies of scale.
Customers benefit from massive economies of scale and achieve lower variable costs than they can get on their own due to volume discounts.
Your company hosts gaming applications online and would like to deliver these apps to a worldwide audience. Which AWS service would enable delivery to users worldwide and greatly improve response times?
CloudFormation
ElastiCache
DynamoDB
CloudFront
CloudFront
CloudFront is a CDN that delivers data and applications globally with low latency.
When considering common cloud computing models, which model is Amazon Elastic Compute Cloud (AWS EC2) an example of?
FaaS (Function as a Service)
Platform as a Service (PaaS)
Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS)
IaaS includes the fundamental building blocks that can be rented from AWS. AWS manages the infrastructure and provides you a virtual machine that you can use however you’d like to meet your business requirements.
ElastiCache is an example of what type of AWS Services?
Database
Compute
Storage
Analytics
Database
ElastiCache is an in-memory cache service used to improve database performance. This means that it saves your most common queries for quicker data retrieval rather than retrieving directly from your database. As a result, it is classified as an AWS database service.
You need to set up a virtual firewall for your EC2 instance. Which would you use?
Network ACL
Subnet
Security group
IAM policy
Security group
A security group acts as a virtual firewall for your instance to protect your EC2 instance by controlling inbound and outbound traffic.
An organization needs to run a MySQL relational database on AWS. They plan to hire their own database administrators to manage their databases, including taking backups, using replication, and clustering. Which option provides the customer the control and flexibility needed?
Open a case with AWS Support to have them assist the database administrators with the installation of the MySQL database.
Install the MySQL database directly on an EC2 instance.
Use Systems Manager to install the MySQL database directly to on-premises servers.
Use the Amazon Relational Database Service (RDS) to launch the MySQL database.
Install the MySQL database directly on an EC2 instance.
Installing the database directly to EC2 gives the customer complete control over the database and its management.
Which following statement is true of newly created security groups with their default rules?
New security groups allow only outbound traffic and block all incoming traffic.
New security groups block both incoming and outbound traffic.
New security groups block outbound traffic and allow all incoming traffic.
New security groups allow both incoming and outbound traffic.
New security groups allow only outbound traffic and block all incoming traffic.
By default, new security groups start with only an outbound rule to allow all traffic to leave the instances. You must add rules to enable any inbound traffic.
Your company has entered into a 3-year contract with a government agency. Your best option for EC2 is Reserved Instances. Which AWS feature would you use to track your Reserved Instance usage?
AWS Organizations
AWS Cost and Usage Report
Trusted Advisor
AWS CloudTrail
AWS Cost and Usage Report
The Cost and Usage Report contains the most comprehensive set of cost and usage data.
Which of the following engines are classified as relational databases on AWS?
DynamoDB
Redshift
Aurora
MariaDB
Aurora
Aurora is a type of RDS engine on AWS.
MariaDB
MariaDB is a type of RDS engine on AWS.
