A Cloud Guru Practice Test (Missed Questions)

Question 1

Your company hosts gaming applications online and would like to deliver these apps to a worldwide audience. Which AWS service would enable delivery to users worldwide and greatly improve response times?

CloudFormation

ElastiCache

DynamoDB

CloudFront

Answer 1

CloudFront

CloudFront is a CDN that delivers data and applications globally with low latency.

Question 2

Which of the following engines are classified as relational databases on AWS? (Pick 2)

DynamoDB

Redshift

Aurora

MariaDB

Answer 2

Aurora

Aurora is a type of RDS engine on AWS.

MariaDB

MariaDB is a type of RDS engine on AWS.

Question 3

AWS purchases computing resources in large quantities at lower costs and then passes volume discounts on to their customers. Which benefit of cloud computing does this demonstrate?

Pay only when you use computing resources.

Deploy applications in multiple Regions around the world.

Eliminate guessing about your infrastructure capacity needs.

Lower pay-as-you-go prices due to massive economies of scale.

Answer 3

Lower pay-as-you-go prices due to massive economies of scale.

Customers benefit from massive economies of scale and achieve lower variable costs than they can get on their own due to volume discounts.

Question 4

Under the shared responsibility model, which of the following is an example of security of the cloud? (Pick 3)

Maintaining networking components

Applying security patches to the guest operating system

Protecting the data center infrastructure

Managing network traffic

Managing the AWS global infrastructure

Answer 4

Maintaining networking components

AWS maintains networking components: generators, uninterruptible power supply (UPS) systems, computer room air conditioning (CRAC) units, fire suppression systems, and more.

Protecting the data center infrastructure

AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.

Managing the AWS global infrastructure

AWS is responsible for the security of the cloud. AWS is responsible for its global infrastructure elements: Regions, edge locations, and Availability Zones.

Question 5

Your company has entered into a 3-year contract with a government agency. Your best option for EC2 is Reserved Instances. Which AWS feature would you use to track your Reserved Instance usage?

AWS Organizations

AWS Cost and Usage Report

Trusted Advisor

AWS CloudTrail

Answer 5

AWS Cost and Usage Report

The Cost and Usage Report contains the most comprehensive set of cost and usage data.

Question 6

You need to set up a virtual firewall for your EC2 instance. Which would you use?

Network ACL

Subnet

Security group

IAM policy

Answer 6

Security group

A security group acts as a virtual firewall for your instance to protect your EC2 instance by controlling inbound and outbound traffic.

Question 7

ElastiCache is an example of what type of AWS Services?

Database

Compute

Storage

Analytics

Answer 7

Database

ElastiCache is an in-memory cache service used to improve database performance. This means that it saves your most common queries for quicker data retrieval rather than retrieving directly from your database. As a result, it is classified as an AWS database service.

Question 8

In order to improve fault tolerance, you would like to begin using services that provide fault tolerance. Which AWS services provide automatic replication across Availability Zones? (Pick 2)

EC2

DynamoDb

VPC

S3

Answer 8

DynamoDb

DynamoDB provides this replication.

S3

S3 provides this replication.

Question 9

Which of the following is used to secure Amazon S3 buckets?

API key

Bucket access policy

Access keys

Security group

Answer 9

Bucket access policy

A bucket access policy can be attached directly to an S3 bucket to limit access to specific users.

Question 10

How would a customer create a virtual firewall for an EC2 instance?

With a security group

With a web application firewall

With AWS Shield

With an IAM group

Answer 10

With a security group

Security groups act as virtual firewalls for EC2 instances.

Question 11

Your sales operations group would like to perform monthly analyses on large amounts of sales activity. They want to be able to rank the performance of different territories, product categories, and sales channels. They will use visualization tools to generate graphical representations of the data. Which AWS service will provide the best solution for storing the sales data?

Amazon Aurora

Amazon DynamoDB

Amazon Redshift

Amazon ElastiCache

Answer 11

Amazon Redshift

Amazon Redshift provides the best solution for performing queries based on a predefined set of dimensions. Redshift organizes data for high performance based on user-specified distribution schemes. Amazon ElastiCache provides in-memory performance, but no data organization assistance. Amazon Aurora and Amazon DynamoDB are good solutions, but Redshift’s columnar storage gives it the edge.

Question 12

A user uses CloudFormation to deploy infrastructure to multiple Regions. This multi-Region deployment strategy involves which pillar of the AWS Well-Architected Framework?

Operational Excellence

Security

Reliability

Performance Efficiency

Answer 12

Performance Efficiency

This Performance Efficiency pillar focuses on the effective use of resources to meet demand.

Question 13

You need to host a file in a location that is publicly accessible from anywhere in the world. Which AWS service would meet that need at the lowest cost?

EBS

S3

RDS

EC2

Answer 13

S3

With S3, objects can be accessed from anywhere in the world via a public URL. An RDS instance is used for hosting databases. An EBS Volume requires an EC2 instance to be accessible and would be more expensive than using S3.

Question 14

A developer is building a new application and is given the option to deploy the application on-premises or to the AWS Cloud. What benefits does the AWS Cloud provide over an on-premises deployment? (Pick 3)

Automatic Multi-AZ deployment of databases to enhance availability

Ability to pay-as-you-go without upfront contracts or long-term commitments

Ability to grow and shrink computing capacity based on demand

Automatic distribution of applications across Regions for higher availability

Ability to focus on building the application instead of managing servers

Answer 14

Ability to pay-as-you-go without upfront contracts or long-term commitments

You pay only when you access it and only for what you use, which allows you to spread costs over time since there are no huge upfront investments.

Ability to grow and shrink computing capacity based on demand

Elasticity allows the developer to match the supply of resources with changing workload demands.

Ability to focus on building the application instead of managing servers

If the developer uses a serverless architecture (for example, one that includes Lambda), the developer will not have to worry about managing servers or the underlying infrastructure.

Question 15

When considering common cloud computing models, which model is Amazon Elastic Compute Cloud (AWS EC2) an example of?

FaaS (Function as a Service)

Platform as a Service (PaaS)

Software as a Service (SaaS)

Infrastructure as a Service (IaaS)

Answer 15

Infrastructure as a Service (IaaS)

IaaS includes the fundamental building blocks that can be rented from AWS. AWS manages the infrastructure and provides you a virtual machine that you can use however you’d like to meet your business requirements.

Question 16

Upon attempting to create an additional S3 bucket, you realize you have reached your S3 bucket limit in your AWS account. You anticipate creating even more S3 buckets in the future for your photos and documents. Which of the following is the quickest solution?

Consolidate files into half of the S3 buckets and delete the empty ones.

Submit a service limit increase.

Delete the S3 buckets you barely use.

Simply create the S3 bucket; AWS will automatically override the bucket limit.

Answer 16

Submit a service limit increase.

The key word here is “quickest,” and the fastest option is to request a service limit increase at the AWS Support Center.

Question 17

An auditor is conducting an audit of your IT operations for compliance. The auditor requests visibility to logs of event history across your AWS-based employee expense system infrastructure. Which AWS service will record and provide you the information you need?

AWS CloudWatch Logs

AWS Compliance Manager

AWS CloudTrail

AWS Systems Manager

Answer 17

AWS CloudTrail

AWS CloudTrail provides visibility to API call activity for AWS infrastructure and other services. AWS Cloudwatch Logs might be part of a centralized logging solution, but all API event information will come from CloudTrail. AWS Systems Manager can process EC2 logs only, and AWS Compliance Manager is not a service offered by AWS.

Question 18

Which of the following is AWS’ data warehousing service?

EMR

Redshift

S3 Big Data

Snowball

Answer 18

Redshift

Redshift is AWS’ data warehousing service.

Question 19

Which following statement is true of newly created security groups with their default rules?

New security groups allow only outbound traffic and block all incoming traffic.

New security groups block both incoming and outbound traffic.

New security groups block outbound traffic and allow all incoming traffic.

New security groups allow both incoming and outbound traffic.

Answer 19

New security groups allow only outbound traffic and block all incoming traffic.

By default, new security groups start with only an outbound rule to allow all traffic to leave the instances. You must add rules to enable any inbound traffic.

Question 20

An organization needs to run a MySQL relational database on AWS. They plan to hire their own database administrators to manage their databases, including taking backups, using replication, and clustering. Which option provides the customer the control and flexibility needed?

Open a case with AWS Support to have them assist the database administrators with the installation of the MySQL database.

Install the MySQL database directly on an EC2 instance.

Use Systems Manager to install the MySQL database directly to on-premises servers.

Use the Amazon Relational Database Service (RDS) to launch the MySQL database.

Answer 20

Install the MySQL database directly on an EC2 instance.

Installing the database directly to EC2 gives the customer complete control over the database and its management.

Question 21

How can a customer on the Developer Support plan open a system impaired support case?

Contact the Support Concierge team via phone.

Open a technical support case via chat.

Contact the Technical Account Manager (TAM) via chat.

Open a technical support case via email.

Answer 21

Open a technical support case via email.

Customers on the Developer Support plan can submit support cases for account and billing questions, service limit increases, and technical support cases via email only.

Question 22

Which of the following AWS services controls authentication and authorization within an AWS account?

Security groups

Access control lists

IAM

AWS Shield

Answer 22

IAM

IAM (Identity and Access Management) controls authentication and authorization within an AWS account.

Question 23

A development team wants to gain full observability into the health of their applications and instances in order to provide the best service level to users of their applications. Which services can help them monitor the health of their applications and instances? (Pick 3)

Simple Notification Service (SNS)

Route 53

Elastic Load Balancing

Elastic Beanstalk

CloudTrail

Answer 23

Route 53

Route 53 can be used to configure DNS health checks to route traffic to healthy endpoints or to monitor the health of your applications.

Elastic Load Balancing

Load balancers monitor the health of EC2 instances and route the traffic to only instances that are in a healthy state.

Elastic Beanstalk

Elastic Beanstalk monitors application health via a health dashboard.

Question 24

A healthcare agency needs to store certain patient information for up to 10 years. To save cost, they want to archive this data to cheaper storage. The data needs to be retrieved within 12 hours. Which is the cheapest option?

Redshift

S3 Standard-IA

Glacier Deep Archive

Glacier

Answer 24

Glacier Deep Archive

Glacier Deep Archive meets the requirement and is the cheapest option.

Question 25

Which of the below are TRUE statements when it comes to data security in AWS? (Pick 3)

AWS is responsible for the security of the hardware the data resides on.

AWS is responsible for managing who can access the data.

AWS is responsible for the security of the software that manages the data.

The customer is responsible for the security of the hardware the data resides on.

The customer is responsible for managing who can access the data.

The customer is responsible for the security of the software that runs AWS Cloud services.

Answer 25

AWS is responsible for the security of the hardware the data resides on.

Under the Shared Responsibility Model, AWS takes responsibility for managing all the hardware (including access, patching, and other maintenance) and software required to deliver the service — which includes security. The customer is responsible for who can access the data itself.

AWS is responsible for the security of the software that manages the data.

Under the Shared Responsibility Model, AWS takes responsibility for managing all the hardware (including access, patching, and other maintenance) and software required to deliver the service — which includes security. The customer is responsible for who can access the data itself.

The customer is responsible for managing who can access the data.

Under the Shared Responsibility Model, AWS takes responsibility for managing all the hardware (including access, patching, and other maintenance) and software required to deliver the service — which includes security. The customer is responsible for who can access the data itself.

Question 26

You need to visualize, understand, and identify trends for future charges, as well as manage your AWS costs and usage over time. Which AWS tool would you use?

Amazon CloudWatch

Trusted Advisor

AWS Cost and Usage Report

AWS Cost Explorer

Answer 26

AWS Cost Explorer

Cost Explorer allows you to visualize and forecast your costs and usage over time.