AWS CCP 2

Question 1

Which AWS service gives you centralized control over the encryption keys used to protect your data?

1. AWS STS
2. AWS KMS
3. AWS DMS
4. Amazon EBS

Answer 1

2. AWS KMS

Question 2

How can a security compliance officer retrieve AWS compliance documentation such as a SOC 2 report?

1. Using AWS Artifact
2. Using AWS Trusted Advisor
3. Using AWS Inspector
4. Using the AWS Personal Health Dashboard

Answer 2

1. Using AWS Artifact

Question 3

Which items should be included in a TCO analysis comparing on-premise to AWS Cloud? (choose 2)

1. Firewall management
2. Application licensing
3. Compute hardware
4. Data center security
5. Operating system patching

Answer 3

3. Compute hardware

4. Data center security

Question 4

Which service provides visibility into user activity by recording actions taken on your account?

1. Amazon CloudWatch
2. Amazon CloudFormation
3. Amazon CloudTrail
4. Amazon CloudHSM

Answer 4

3. Amazon CloudTrail

Question 5

Which of the facts below are accurate in relation to AWS Regions? (choose 2)

1. Each region consists of 2 or more availability zones
2. Each region consists of a collection of VPCs
3. Each region is designed to be completely isolated from the other Amazon Regions
4. Regions have direct, low-latency, high throughput and redundant network connections between each other
5. Regions are Content Delivery Network (CDN) endpoints for CloudFront

Answer 5

1. Each region consists of 2 or more availability zones

3. Each region is designed to be completely isolated from the other Amazon Regions

Question 6

Which AWS service provides elastic web-scale cloud computing allowing you to deploy operating system instances?

1. Amazon EBS
2. AWS Lambda
3. Amazon RDS
4. Amazon EC2

Answer 6

4. Amazon EC2

Question 7

You need to ensure you have the right amount of compute available to service demand. Which AWS service can automatically scale the number of EC2 instances for your application?

1. Amazon Elastic Load Balancer
2. Amazon Elasticache
3. AWS Auto Scaling
4. AWS RedShift

Answer 7

3. AWS Auto Scaling

Question 8

Which configuration changes are associated with scaling vertically? (choose 2)

1. Adding additional EC2 instances through Auto Scaling
2. Adding additional hard drives to a storage array
3. Adding a larger capacity hard drive to a server
4. Distributed processing
5. Changing an EC2 instance to a type that has more CPU and RAM

Answer 8

3. Adding a larger capacity hard drive to a server

5. Changing an EC2 instance to a type that has more CPU and RAM

Question 9

What are two ways an AWS customer can reduce their monthly spend? (choose 2)

1. Turn off resources that are not being used
2. Use more power efficient instance types
3. Reserve capacity where suitable
4. Be efficient with usage of Security Groups
5. Reduce the amount of data ingress charges

Answer 9

1. Turn off resources that are not being used

3. Reserve capacity where suitable

Question 10

Which AWS services can be utilized at no cost? (choose 2)

1. Identity and Access Management (IAM)
2. Amazon VPC
3. Amazon S3
4. Amazon CloudFront 5. Amazon RedShift

Answer 10

1. Identity and Access Management (IAM)

2. Amazon VPC

Question 11

Which types of AWS resource can be launched from a Golden Image? (choose 2)

1. Amazon DynamoDB tables
2. Amazon EC2 instances
3. AWS Lambda functions
4. Amazon RDS instances
5. Amazon S3 objects

Answer 11

2. Amazon EC2 instances

4. Amazon RDS instances

Question 12

Using AWS terminology, which items can be created in an Amazon S3 bucket? (choose 2)

1. Folders
2. Files
3. Tables
4. Objects
5. Queues

Answer 12

1. Folders

4. Objects

Question 13

What are two ways of connecting to an Amazon VPC from an on-premise data center? (choose 2)

1. VPC Peering
2. Direct Connect
3. VPN CloudHub
4. Internet Gateway
5. VPC Router

Answer 13

2. Direct Connect

3. VPN CloudHub

Question 14

Which of the below is Amazon’s proprietary RDS database?

1. MariaDB
2. MySQL
3. DynamoDB
4. Aurora

Answer 14

4. Aurora

Question 15

A new user is unable to access any AWS services, what is the most likely explanation?

1. The user needs to login with a key pair
2. The services are currently unavailable
3. By default, new users are created without access to any AWS services
4. The default limit for user logons has been reached

Answer 15

3. By default, new users are created without access to any AWS services

Question 16

Which of the following compliance programs allows the AWS environment to process, maintain, and store protected health information?

1. ISO 27001
2. PCI DSS
3. HIPAA
4. SOC 1

Answer 16

3. HIPAA

Question 17

Which of the following services does Amazon Route 53 provide? (choose 2)

1. Domain registration
2. Route tables
3. Domain Name Service (DNS)
4. Auto Scaling
5. Load balancing

Answer 17

1. Domain registration

3. Domain Name Service (DNS)

Question 18

Which file format is used to write AWS Identity and Access Management (IAM) policies?

1. DOC
2. XML
3. JBOD
4. JSON

Answer 18

4. JSON

Question 19

Which of the following are valid types of Reserved Instance? (choose 2)

1. Convertible RI
2. Discounted RI
3. Scheduled RI
4. Long-Term RI
5. Special RI

Answer 19

1. Convertible RI

3. Scheduled RI

Question 20

At what level is a Network ACL applied?

1. Instance level
2. Region level
3. Availability Zone level
4. Subnet level

Answer 20

4. Subnet level

Question 21

An architect needs to compare the cost of deploying an on-premise web server and an EC2 instance on the AWS cloud. Which tool can be used to assist the architect?

1. AWS Cost Explorer
2. AWS Budgets
3. AWS TCO Calculator
4. AWS Simple Monthly Calculator

Answer 21

3. AWS TCO Calculator

Question 22

Which AWS service provides preconfigured virtual private servers (instances) that include everything required to deploy an application or create a database?

1. AWS CloudFormation
2. Amazon Lightsail
3. Amazon ECS
4. AWS Lambda

Answer 22

2. Amazon Lightsail

Question 23

Which AWS service protects against common exploits that could compromise application availability, compromise security or consume excessive resources?

1. AWS WAF
2. AWS Shield
3. Security Group
4. Network ACL

Answer 23

1. AWS WAF

Question 24

A Solutions Architect is launching a new EC2 instance that will be a web- server. Which EBS volume type provides a good balancer of price and performance and can be used as a system boot volume?

1. Cold HDD (sc1)
2. Throughput Optimized (st1)
3. General Purpose (gp2)
4. Provisioned IOPS (io1)

Answer 24

3. General Purpose (gp2)

Question 25

Which Amazon S3 storage tier provides does not include a data retrieval fee and has an availability SLA of 99.99%?

1. S3 Standard
2. S3 Standard-IA
3. S3 One Zone-IA
4. Amazon Glacier

Answer 25

1. S3 Standard

Question 26

An organization would like to run managed desktops on the AWS cloud using the Windows 10 operating system. Which service can deliver these requirements?

1. Amazon EC2
2. Amazon Workspaces
3. Amazon SWF
4. Amazon does not provide desktop services

Answer 26

2. Amazon Workspaces

Question 27

How can an organization assess applications for vulnerabilities and deviations from best practice?

1. Use AWS Artifact
2. Use AWS Inspector
3. Use AWS Shield
4. Use AWS WAF

Answer 27

2. Use AWS Inspector

Question 28

Which of the following is NOT one of the five AWS Trusted Advisor categories?

1. Cost Optimization
2. Performance
3. Security
4. Application transformation

Answer 28

4. Application transformation

Question 29

A company is planning to migrate some resources into the cloud. What factors need to be considered when determining the cost of the AWS Cloud? (choose 2)

1. The number of VPCs created
2. The number of servers migrated into EC2
3. The number of IAM users created
4. The amount of egress data per month
5. The amount of ingress data per month

Answer 29

2. The number of servers migrated into EC2

4. The amount of egress data per month

Question 30

What features does Amazon RDS provide to deliver scalability, availability and durability? (choose 2)

1. Multi-AZ
2. Read Replicas
3. DB mirroring
4. Clustering
5. Multi-Subnet

Answer 30

1. Multi-AZ

2. Read Replicas

Question 31

Which of the following are AWS recommended best practices in relation to IAM? (choose 2)

1. Assign permissions to users
2. Create individual IAM users
3. Embed access keys in application code
4. Enable MFA for all users
5. Grant least privilege

Answer 31

2. Create individual IAM users

5. Grant least privilege

Question 32

What is an example of using loose coupling when designing an information system?

1. Synchronous replication
2. Proprietary interfaces
3. DNS name usage
4. Monolithic application architecture

Answer 32

3. DNS name usage

Question 33

An architect wants to find a tool for consistently deploying the same resources through a templated configuration. Which AWS service can be used?

1. AWS Elastic Beanstalk
2. AWS CodeBuild
3. AWS CodeDeploy
4. AWS CloudFormation

Answer 33

4. AWS CloudFormation

Question 34

Which of the following security operations tasks must be performed by AWS customers? (choose 2)

1. Collecting syslog messages from physical firewalls
2. Issuing data center access keycards
3. Installing security updates on EC2 instances
4. Enabling multi-factor authentication (MFA) for privileged users
5. Installing security updates for server firmware

Answer 34

3. Installing security updates on EC2 instances

4. Enabling multi-factor authentication (MFA) for privileged users

Question 35

At which layers of the OSI model do the different types of Elastic Load Balancers operate? (choose 2)

1. Network Load Balancer at layer 4
2. Classic Load Balancer at layer 3
3. Application Load Balancer at layer 7
4. Network Load Balancer at layer 3
5. Application Load Balancer at layer 4

Answer 35

1. Network Load Balancer at layer 4

3. Application Load Balancer at layer 7

Question 36

Which AWS service can be used to host a static website?

1. Amazon S3
2. Amazon EBS
3. AWS Lambda
4. Amazon EFS

Answer 36

1. Amazon S3

Question 37

What type of storage is provided by Amazon EBS?

1. Block
2. File
3. Object
4. Relational

Answer 37

1. Block

Question 38

What type of database is fully managed and can be scaled without incurring downtime?

1. Amazon RDS
2. Amazon S3
3. Amazon DynamoDB
4. Amazon ElastiCache

Answer 38

3. Amazon DynamoDB

Question 39

A manager needs to keep a check on his AWS spend. How can the manager setup alarms that notify him when his bill reaches a certain amount?

1. Using CloudWatch
2. Using AWS Trusted Advisor
3. Using CloudTrail
4. By notifying AWS support

Answer 39

1. Using CloudWatch

Question 40

Which AWS support plans provide support via email, chat and phone? (choose 2)

1. Basic
2. Developer
3. Business
4. Enterprise
5. Global

Answer 40

3. Business

4. Enterprise

Question 41

Which of the following services allow root level access to the operating system? (choose 2)

1. Amazon ElastiCache
2. Amazon EC2
3. Amazon SQS
4. Amazon EMR
5. Amazon SWF

Answer 41

2. Amazon EC2

4. Amazon EMR

Question 42

You need to implement a hosted queue for storing messages in transit between application servers. Which service should you use?

1. Amazon SWF
2. Amazon SNS
3. Amazon SQS
4. Amazon DynamoDB

Answer 42

3. Amazon SQS

Question 43

Which configuration changes are associated with scaling horizontally? (choose 2)

1. Adding additional EC2 instances through Auto Scaling
2. Adding a larger capacity hard drive to a server
3. Changing the DB instance class on an RDS DB
4. Adding additional hard drives to a storage array
5. Changing an EC2 instance to a type that has more CPU and RAM

Answer 43

1. Adding additional EC2 instances through Auto Scaling

4. Adding additional hard drives to a storage array

Question 44

Which AWS construct provides you with your own dedicated virtual network in the cloud?

1. Amazon Workspaces
2. Amazon EC2
3. Amazon IAM
4. Amazon VPC

Answer 44

4. Amazon VPC

Question 45

Which AWS network element allows you to assign a static IPv4 address to an EC2 instance?

1. Public IP
2. Elastic IP
3. Static IP
4. Dynamic IP

Answer 45

2. Elastic IP

Question 46

An architect is creating a scalable application using AWS Auto Scaling. What needs to be created to enable a working configuration? (choose 2)

1. Create a listener
2. Create an Auto Scaling group
3. Create a launch configuration
4. Create a target group
5. Create a listener rule

Answer 46

2. Create an Auto Scaling group

3. Create a launch configuration

Question 47

A Solutions Architect is designing an application stack that will be highly elastic. What AWS services can be used that don’t require you to make any capacity decisions upfront? (choose 2)

1. AWS Lambda
2. Amazon EC2
3. Amazon S3
4. Amazon RDS
5. DynamoDB

Answer 47

1. AWS Lambda

3. Amazon S3

Question 48

Which AWS service can assist with coordinating tasks across distributed application components?

1. Amazon STS
2. Amazon SQS
3. Amazon SWF
4. Amazon SNS

Answer 48

3. Amazon SWF

Question 49

What kinds of routing policies are available in Amazon Route 53? (choose 2)

1. Simple
2. Failback
3. Fault tolerant
4. Latency
5. Shortest Path First

Answer 49

1. Simple

4. Latency

Question 50

An application stores images which will be retrieved infrequently, but must be available for retrieval immediately. Which is the most cost-effective storage option that meets these requirements?

1. Amazon Glacier with expedited retrievals
2. Amazon S3 Standard-Infrequent Access
3. Amazon EFS
4. Amazon S3 Standard

Answer 50

2. Amazon S3 Standard-Infrequent Access

Question 51

What components can be managed in the Virtual Private Cloud (VPC) management console? (choose 2)

1. Subnets
2. Elastic Load Balancers
3. Auto Scaling
4. IP CIDR
5. Snapshots

Answer 51

1. Subnets

4. IP CIDR

Question 52

Which services are managed at a regional (rather than global) level? (choose 2)

1. Amazon CloudFront
2. Amazon Route 53
3. Amazon S3
4. Amazon EC2
5. AWS IAM

Answer 52

3. Amazon S3

4. Amazon EC2

Question 53

What are the names of two types of AWS Storage Gateway? (choose 2)

1. S3 Gateway
2. File Gateway
3. Block Gateway
4. Gateway Virtual Tape Library
5. Cached Gateway

Answer 53

2. File Gateway

4. Gateway Virtual Tape Library

Question 54

To connect an on-premises network to an Amazon VPC using an Amazon Managed VPN connection, which components are required? (choose 2)

1. VPC Router
2. Virtual Private Gateway
3. NAT Instance
4. Direct Connect
5. Customer Gateway

Answer 54

2. Virtual Private Gateway

5. Customer Gateway

Question 55

Which AWS service can be used to run Docker containers?

1. AWS Lambda
2. Amazon ECR
3. Amazon ECS
4. Amazon AMI

Answer 55

3. Amazon ECS

Question 56

How can you apply metadata to an EC2 instance that categorizes it according to its purpose, owner or environment?

1. Labels
2. Tags
3. Hostname
4. Stickers

Answer 56

2. Tags

Question 57

Which tool can be used to create and manage a selection of AWS services that are approved for use on AWS?

1. AWS Service Catalog
2. AWS OpsWorks
3. Amazon Cloud Directory
4. AWS Organizations

Answer 57

1. AWS Service Catalog

Question 58

Which services are involved with security? (choose 2)

1. AWS CloudHSM
2. AWS DMS
3. AWS KMS
4. AWS SMS
5. Amazon ELB

Answer 58

1. AWS CloudHSM

3. AWS KMS

Question 59

What is a Resource Group?

1. A collection of resources within a VPC
2. A collection of resources that share one or more tags
3. A collection of services within a category
4. A collection of services within a region

Answer 59

2. A collection of resources that share one or more tags

Question 60

What are the benefits of using the AWS Managed Services? (choose 2)

1. Alignment with ITIL processes
2. Managed applications so you can focus on infrastructure
3. Baseline integration with ITSM tools
4. Designed for small businesses
5. Support for all AWS services

Answer 60

1. Alignment with ITIL processes

3. Baseline integration with ITSM tools

Question 61

Which database engines are supported by Amazon RDS? (choose 2)

1. DynamoDB
2. SQL Server
3. ElastiCache
4. Aurora
5. MongoDB

Answer 61

2. SQL Server

4. Aurora

Question 62

What categories of Amazon Machine Image (AMI) are available? (choose 2)

1. Community AMIs
2. Enterprise AMIs
3. AWS Marketplace AMIs
4. Shared AMIs
5. Partner AMIs

Answer 62

1. Community AMIs

3. AWS Marketplace AMIs

Question 63

Which statements are true about Amazon EBS volumes? (choose 2)

1. You can attach EBS volumes to multiple instances
2. EBS volumes must be in the same AZ as the instances they are attached to
3. You can attach multiple EBS volumes to an instance
4. EBS volume data is ephemeral and is lost when an instance is stopped
5. EBS volumes are object storage

Answer 63

2. EBS volumes must be in the same AZ as the instances they are attached to
3. You can attach multiple EBS volumes to an instance

Question 64

Virtual servers such as EC2 instances are examples of services delivered under which cloud model?

1. IaaS
2. PaaS
3. DBaaS
4. SaaS

Answer 64

1. IaaS

Question 65

To optimize pricing or ensure capacity is available reservations can be applied to which of the following services? (choose 2)

1. Amazon EC2
2. AWS Lambda
3. Amazon EBS
4. Amazon RDS
5. Amazon S3

Answer 65

1. Amazon EC2

4. Amazon RDS