ACG/DCT Exam Review

Question 1

Route 53 Geolocation Routing Policy uses your geographic location to route you to the _____ region.

Answer 1

Route 53 Geolocation Routing Policy uses your geographic location to route you to the closest region.

Question 2

To remove the Spot Instances, the appropriate steps are to _____ the Spot request and then to _______ the Spot Instances.

Answer 2

To remove the Spot Instances, the appropriate steps are to cancel the Spot request and then to terminate the Spot Instances.

Question 3

A CNAME record can point to ___ DNS record hosted ________

Answer 3

A CNAME record can point to any DNS record hosted anywhere

Question 4

AWS X-Ray lets you analyze and _____ serverless applications

Answer 4

AWS X-Ray lets you analyze and debug serverless applications

Question 5

A Throughput Optimized HDD EBS volume is an HDD-backed storage device that is limited to ____ IOPS for each volume

Answer 5

A Throughput Optimized HDD EBS volume is an HDD-backed storage device that is limited to 500 IOPS for each volume

Question 6

Tape Gateway emulates ________ tape libraries, removes the cost and complexity of managing physical ______________, and provides more ________ than physical tapes.

Answer 6

Tape Gateway emulates physical tape libraries, removes the cost and complexity of managing physical infrastructure, and provides more durability than physical tapes.

Question 7

All EBS types and all instance families support _________, but there is no direct way to change the _________ state of a volume once it’s been launched.

Answer 7

All EBS types and all instance families support encryption, but there is no direct way to change the encryption state of a volume once its been launched.

Question 8

POSIX permissions allows you to ______ access from hosts by _____ and _____.

Answer 8

POSIX permissions allows you to restrict access from hosts by user and group.

Question 9

Amazon Neptune offers a fully-managed _____ database

Answer 9

Amazon Neptune offers a fully-managed Graph database

Question 10

Amazon Kinesis Data Analytics is the easiest way to _______ streaming data in real-time with standard ___

Answer 10

Amazon Kinesis Data Analytics is the easiest way to process streaming data in real-time with standard SQL

Question 11

The key difference between a pre-signed URL and a pre-signed Cookie is that pre-signed URLs are meant to share ___ file while pre-signed cookies grant access to ________ restricted files

Answer 11

The key difference between a pre-signed URL and a pre-signed Cookie is that pre-signed URLs are meant to share one file while pre-signed cookies grant access to multiple restricted files

Question 12

You can create an _____ record at the top of a zone apex, but you cannot with a _____ ​record

Answer 12

You can create an Alias record at the top of a zone apex, but you cannot with a CNAME record

Question 13

A VPC automatically comes with a default network ACL which ____ all inbound/outbound traffic. A _______ NACL _____ all traffic both inbound and outbound by default.

Answer 13

A VPC automatically comes with a default network ACL which allows all inbound/outbound traffic. A custom NACL denies all traffic both inbound and outbound by default.

Question 14

Amazon Redshift Spectrum allows you to directly run ___ queries against exabytes of unstructured data in __. No loading or ____________ of data is required.

Answer 14

Amazon Redshift Spectrum allows you to directly run SQL queries against exabytes of unstructured data in S3. No loading or transformation of data is required.

Question 15

The Pilot Light is a cost-effective disaster recovery strategy that ________ an existing application hosting environment in another AWS ______.

Answer 15

The Pilot Light is a cost-effective disaster recovery strategy that recreates an existing application hosting environment in another AWS Region.

Question 16

Pilot Light saves cost by _________ ___ most or all resources and only uses the resources during tests or when DR failover is necessary. RPO is about 10 minutes, and RTO could be _____

Answer 16

Pilot Light saves cost by turning off most or all resources and only uses the resources during tests or when DR failover is necessary. RPO is about 10 minutes, and RTO could be hours

Question 17

AWS Global Accelerator is used for ________ users of applications to local points of presence worldwide. It is not used for ________ content

Answer 17

AWS Global Accelerator is used for directing users of applications to local points of presence worldwide. It is not used for accessing content

Question 18

An Alias record can only point to Cloudfront, Elastic _______, ELB, S3 _______, or another record in the same _____ zone

Answer 18

An Alias record can only point to Cloudfront, Elastic Beanstalk, ELB, S3 website or another record in the same hosted zone

Question 19

Cloudfront Signed URLs provide more ________ over access to your content

Answer 19

Cloudfront Signed URLs provide more control over access to your content

Question 20

AWS _________ Application Model (AWS SAM) is an AWS CloudFormation extension used to package, test, and deploy _________ applications.

Answer 20

AWS Serverless Application Model (AWS SAM) is an AWS CloudFormation extension used to package, test, and deploy serverless applications.

Question 21

A launch configuration is an instance configuration template that an Auto Scaling group uses to launch ____

Answer 21

A launch configuration is an instance configuration template that an Auto Scaling group uses to launch EC2

Question 22

Amazon S3 Select is designed to help ______ and process data within an S3 _____

Answer 22

Amazon S3 Select is designed to help analyze and process data within an S3 object

Question 23

CloudFront is designed to handle _____ protocols, meanwhile, Global Accelerator is best used for both HTTP and non-HTTP protocols such as ____ and ___

Answer 23

CloudFront is designed to handle HTTP protocols, meanwhile, Global Accelerator is best used for both HTTP and non-HTTP protocols such as TCP and UDP

Question 24

When Amazon ECS uses Fargate for computing, it incurs no ____ when the application is ____.

Answer 24

When Amazon ECS uses Fargate for computing, it incurs no costs when the application is idle.

Question 25

An alias with an A and AAAA type record set can be used to _____ a DNS name to a _____ ________

Answer 25

An alias with an A and AAAA type record set can be used to point a DNS name to a Load Balancer

Question 26

Amazon Lex is a service for building ____________ interfaces into any application using voice and text.

Answer 26

Amazon Lex is a service for building conversational interfaces into any application using voice and text.

Question 27

A CNAME record _______ be pointed at a domain zone ____ record like dctlabs.com

Answer 27

A CNAME record cannot be pointed at a domain zone apex record like dctlabs.com

Question 28

When you place DB instances in a _______ subnet, you add a layer of security.

Answer 28

When you place DB instances in a private subnet, you add a layer of security.

Question 29

Each NACL includes a rule whose rule number is an asterisk. This rule ensures that it’s ______ if a packet doesn’t match any of the other numbered rules. You can’t ______ or remove this rule.

Answer 29

Each NACL includes a rule whose rule number is an asterisk. This rule ensures that it’s denied if a packet doesn’t match any of the other numbered rules. You can’t modify or remove this rule.

Question 30

The way you add instances in private subnets to a public-facing ELB is to add _____ subnets in the same AZs as the ______ subnets to the ELB

Answer 30

The way you add instances in private subnets to a public-facing ELB is to add public subnets in the same AZs as the private subnets to the ELB

Question 31

An A record simply points a name to an _________.

Answer 31

An A record simply points a name to an IP address.

Question 32

Elasticache and DynamoDB can both be used to store ______ data.

Answer 32

Elasticache and DynamoDB can both be used to store session data.

Question 33

Aurora Serverless incurs no compute costs when it is _____.

Answer 33

Aurora Serverless incurs no compute costs when it is idle.

Question 34

You can add or remove rules from the _______ network ACL.

Answer 34

You can add or remove rules from the default network ACL.

Question 35

A General Purpose SSD EBS volume is limited to __,____ IOPS for each volume

Answer 35

A General Purpose SSD EBS volume is limited to 16,000 IOPS for each volume

Question 36

You can assign up to _____ security groups to an instance.

Answer 36

You can assign up to five security groups to an instance.

Question 37

CloudFront uses Edge Locations to _____ content, while Global Accelerator uses Edge Locations to ____ an optimal pathway to the _______ regional endpoint.

Answer 37

CloudFront uses Edge Locations to cache content, while Global Accelerator uses Edge Locations to find an optimal pathway to the nearest regional endpoint.

Question 38

Cloudfront Signed URLs can specify the beginning and expiration ____ and ____ for access, along with specific IPs or range or IPs

Answer 38

Cloudfront Signed URLs can specify the beginning and expiration date and time for access, along with specific IPs or range or IPs

Question 39

Amazon Elasticsearch is a fully managed service that makes it easy for you to search, analyze and _______ data in ____-____

Answer 39

Amazon Elasticsearch is a fully managed service that makes it easy for you to search, analyze, and visualize data in real-time

Question 40

To prevent direct connectivity to the EC2 instances from the internet, you can deploy your EC2 instances in a _______ subnet and have the ELB in a _______ subnet.

Answer 40

To prevent direct connectivity to the EC2 instances from the internet, you can deploy your EC2 instances in a private subnet and have the ELB in a public subnet.

Question 41

You can specify the instance store volumes for your instance only when you ______ an instance.

Answer 41

You can specify the instance store volumes for your instance only when you launch an instance.

Question 42

Origin access identity applies to _______ origins

Answer 42

Origin access identity applies to S3-bucket origins

Question 43

You can associate an AWS Direct Connect gateway with a ______ gateway when you have multiple VPCs in the same _______ or a _______ private gateway.

Answer 43

You can associate an AWS Direct Connect gateway with a transit gateway when you have multiple VPCs in the same regionor avirtual private gateway.

Question 44

You do not attach NAT gateways to VPCs; you add them to _______ subnets.

Answer 44

You do not attach NAT gateways to VPCs; you add them to public subnets.

Question 45

Route 53 Geoproximity Routing Policy routes you to the nearest resource ______ a region.

Answer 45

Route 53 Geoproximity Routing Policy route you to the nearest resource within a region.

Question 46

If your object size exceeds ___ MB, you should consider using _______ uploads instead of uploading the object in a single operation

Answer 46

If your object size exceeds 100 MB, you should consider using multipart uploads instead of uploading the object in a single operation

Question 47

Amazon GuardDuty continuously monitors your AWS accounts and workloads for __________ activity and delivers detailed security findings for visibility and __________.

Answer 47

Amazon GuardDuty continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation.

Question 48

EMR utilizes a hosted Hadoop framework running on Amazon ___ and ___.

Answer 48

EMR utilizes a hosted Hadoop framework running on Amazon EC2 and S3.

Question 49

A Provisioned IOPS SSD EBS volume provides up to __,____ IOPS for each volume.

Answer 49

A Provisioned IOPS SSD EBS volume provides up to 64,000 IOPS for each volume.

Question 50

EFS Security Groups act as a ________, and the rules you add define the ______ flow.

Answer 50

EFS Security Groups act as a firewall, and the rules you add define the traffic flow.

Question 51

Route 53 charges for queries with _____ records but not for _____ Records

Answer 51

Route 53 charges for queries with CNAME records but not for Alias Records

Question 52

S3 Transfer Acceleration is used to accelerate object ______ to S3 over ____ distances

Answer 52

S3 Transfer Acceleration is used to accelerate object uploads to S3 over long distances

Question 53

AWS Transit Gateway ______ your VPCs and on-premises networks through a central hub like a cloud ______

Answer 53

AWS Transit Gateway connects your VPCs and on-premises networks through a central hub like a cloud router

Question 54

AWS Transit Gateway puts an end to complex ________ connections since it acts as a cloud router for each new connection

Answer 54

AWS Transit Gateway puts an end to complex peering connections since it acts as a cloud router for each new connection