AWS Certified Cloud Practitioner Practice Exam (3) Flashcards
Which AWS Service is used to manage user permissions?
A.Security Groups
B.Amazon ECS
C.AWS IAM
D.AWS Support
C.AWS IAM
Explanation:
AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow or deny their access to AWS resources.
The other options are incorrect:
“Amazon ECS” is incorrect. Amazon ECS is used to run containerized applications on AWS.
“Security Groups” is incorrect. Security Groups is not an AWS service. Security Groups is a networking feature that allows customers to control instance traffic.
“AWS Support” is incorrect. AWS Support is not an AWS service. The AWS Support team cannot modify user permissions on customer’s behalf. It is the responsibility of the customer to manage all access permissions.
Which support plan includes AWS Support Concierge Service?
A.Business Support
B.Standard Support
C.Enterprise Support
D.Premium Support
C.Enterprise Support
Explanation:
Explanation
The AWS Support Concierge Service is available only for the Enterprise plan subscribers.
When running a workload in AWS, the customer is NOT responsible for: (Select TWO)
A.Reserving capacity B.Data center operations C.Infrastructure security D.Running penetration tests E.Auditing and regulatory compliance
B.Data center operations
C.Infrastructure security
Explanation
AWS is responsible for the infrastructure security and all data center operations such as racking, stacking, and powering servers, so customers can focus on revenue generating activities rather than on IT infrastructure.
The other options are incorrect:
“Reserving capacity” is incorrect. Amazon does not perform reservations for a customer; capacity reservation is a customer action.
“Running penetration tests” is incorrect. Penetration testing is the practice of testing a network or web application to find security vulnerabilities that an attacker could exploit. Penetration testing is the responsibility of the customer.
“Auditing and regulatory compliance” is incorrect. There are many services on AWS to use for auditing and compliance such as AWS CloudTrail, AWS Config and Amazon Inspector. However, these services must be configured by the customer, not by AWS.
Why would an organization decide to use AWS over an on-premises data center? (Choose TWO) A.Elastic resources B.Cost savings C.On-site visits for auditing D.Free commercial software licenses E.Free technical support
A.Elastic resources
B.Cost savings
Explanation:
AWS continues to lower the cost of cloud computing for its customers. AWS recently lowered prices again for compute, storage, caching, and database services for all customers, making everything from web apps to big data on AWS even more cost-effective and widening the TCO gap with traditional infrastructure.
Elasticity is a system’s ability to monitor user demand and automatically increase and decrease deployed resources accordingly. Elasticity is one of the most important advantages of AWS. The purpose of elasticity is to match the resources allocated with actual amount of resources needed at any given point in time. This ensures that you are only paying for the resources you actually need.
The other options are incorrect:
“Free technical support” is incorrect. Technical support is not free in AWS. Technical Support requires subscription to an AWS Support Plan.
“On-site visits for auditing” is incorrect. AWS does not allow on-site visits to its datacenters under any circumstances.
“Free commercial software licenses” is incorrect. Neither AWS nor on-premises datacenters provide free commercial software licenses. However, AWS allows you to pay for these licenses as-you-go. For example, using license included windows instances allows you access to fully compliant Microsoft software licenses bundled with Amazon EC2 or Amazon RDS instances and pay for them as you go with no upfront costs or long-term investments.
What is one benefit and one drawback of buying a reserved EC2 instance? (Select TWO)
A.Reserved instances require at least a one-year pricing commitment
B.There is no additional charge for using dedicated instances
C.Reserved Instances are best suited for periodic workloads
D.Instances can be shut down by AWS at any time with no notification
E.Reserved instances provide a significant discount compared to on-demand instances
A.Reserved instances require at least a one-year pricing commitment
E.Reserved instances provide a significant discount compared to on-demand instances
Explanation:
Amazon EC2 Reserved Instances (RI) provide a significant discount (up to 75%) compared to On-Demand pricing. Reserved instances can be purchased for a 1-year or 3-year term so you are committing to pay for them throughout this time period even if you don’t use them.
The other options are incorrect:
“Reserved instances are best suited for periodic workloads” is incorrect. Reserved instances are not suitable for periodic workloads. You should use On-Demand instances instead.
“There is no additional charge for using dedicated instances” is incorrect. Dedicated instances are a different EC2 option.
“Instances can be shut down by AWS at any time with no notification” is incorrect. AWS can interrupt Spot Instances ;not reserved instances. Spot Instances can be shut down by AWS when the Spot price exceeds the maximum price, when the demand for Spot Instances rises, or when the supply of Spot Instances decreases.
TYMO Cloud Corp is looking forward to migrating their entire on-premises data center to AWS. What tool can they use to perform a cost-benefit analysis of moving to the AWS Cloud?
A.AWS TCO Calculator
B.AWS Budgets
C.AWS Simply Monthly Calculator
D.AWS Cost Explorer
A.AWS TCO Calculator
Explanation:
The AWS TCO (Total Cost of Ownership) Calculator is a free tool that provides directional guidance on possible realized savings when deploying AWS. This tool is built on an underlying calculation model, that generates a fair assessment of value that a customer may achieve given the data provided by the user which includes the number of servers migrated to AWS, the server type, the number of processors and so on.
The other options are incorrect:
“AWS Simple Monthly Calculator” is incorrect. The AWS Simple Monthly Calculator helps customers estimate their monthly AWS bill based on their expected usage.
“AWS Cost Explorer” is incorrect. Cost Explorer is a tool that enables you to view and analyze your current AWS costs and usage.
“AWS Budgets” is incorrect. AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount.
What are the benefits of implementing a tagging strategy for AWS resources? (Choose TWO)
A.Track API calls in your AWS account
B.Quickly identify deleted resources and their metadata
C.Quickly identify software solutions on AWS
D.Track AWS spending across multiple resources
E.Quickly identify resources that belong to a specific project
D.Track AWS spending across multiple resources
E.Quickly identify resources that belong to a specific project
Explanation
Amazon Web Services (AWS) allows customers to assign metadata to their AWS resources in the form of tags. Each tag is a simple label consisting of a customer-defined key and an optional value that can make it easier to manage, search for, and filter resources. Although there are no inherent types of tags, they enable customers to categorize resources by purpose, owner, environment, or other criteria. An effective tagging strategy will give you improved visibility and monitoring, help you create accurate chargeback/showback models, and get more granular and precise insights into usage and spend by applications and teams.
The other options are incorrect:
“Track API calls in your AWS account” is incorrect. AWS CloudTrail is the service that can be used to track API calls in your AWS account.
“Quickly identify deleted resources and their metadata” is incorrect. You cannot use tags to find deleted resources. Also, once you delete a resource, all its metadata will be deleted with it.
“Quickly identify software solutions on AWS” is incorrect. The AWS marketplace is the service that allows you to search for software solutions on AWS.
Which AWS Service creates a virtual network in AWS?
A.AWS VPN
B.Amazon VPS
C.Amazon VPC
D.AWS Direct Connect
C.Amazon VPC
Explanation:
Amazon Virtual Private Cloud (Amazon VPC) is the service that allows a customer to create a virtual network for their resources in an isolated section of the AWS cloud.
The other options are incorrect:
“AWS VPN” is incorrect. Amazon Virtual Private Network (AWS VPN) allows you to establish a secure and private tunnel from your network or device to the AWS global network.
“AWS Direct Connect” is incorrect. AWS Direct Connect allows you to establish a dedicated network connection from your premises to AWS.
“Amazon VPS” is incorrect. A virtual private server (VPS) is a Lightsail instance that lives in the AWS Cloud. You can use your Lightsail instances to store data, run code, and build web-based applications or websites.
What does AWS Service Catalog provide?
A.It enables customers to explore the different catalogs of AWS services
B.It simplifies organizing and governing commonly deployed IT services
C.It enables customers to quickly find descriptions and use cases for AWS services
D.It allows provisioning of cloud infrastructure using code
B.It simplifies organizing and governing commonly deployed IT services
Explanation:
AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures. AWS Service Catalog allows you to centrally manage commonly deployed IT services, and helps you achieve consistent governance and meet your compliance requirements, while enabling users to quickly deploy only the approved IT services they need.
The other options are incorrect:
“It enables customers to explore the different catalogs of AWS services” is incorrect. AWS Service Catalog doesn’t contain catalogs by default. Each customer creates their own service catalog.
“It enables customers to quickly find descriptions and use cases for AWS services” is incorrect. You can find description and use cases for any service by visiting the landing page of the service (or the related documentation).
“It allows provisioning of cloud infrastructure using code” is incorrect. AWS CloudFormation is the service that allows you to use code to model and provision all your cloud infrastructure resources.
What is the minimum level of AWS support that provides 24x7 access to technical support engineers via phone and chat?
A.Business Support
B.Enterprise Support
C.Basic Support
D.Developer Support
A.Business Support
Explanation:
Each of the Business and Enterprise support plans provide 24x7 access to technical support engineers via phone, email, and chat. The Business Support Plan is less expensive than the Enterprise Support Plan. Therefore, the correct answer is Business.
The other options are incorrect:
“Basic Support” is incorrect. The technical support is not available for the Basic support plan.
“Developer Support” is incorrect. Developer support plan provides business hours access to technical support associates via email only.
Which of the following are use cases for Amazon S3? (Choose TWO)
A.A media store for the CloudFront service
B.Processing data streams at any scale
C.Cost-effective database and log storage
D.Hosting websites that require sustained high CPU utilization
E.Hosting static websites
A.A media store for the CloudFront service
E.Hosting static websites
Explanation:
You can host a static website on Amazon Simple Storage Service (Amazon S3). On a static website, individual webpages include static content. They might also contain client-side scripts. To host a static website, you configure an Amazon S3 bucket for website hosting, allow public read access, and then upload your website content to the bucket. By contrast, a dynamic website relies on server-side processing, including server-side scripts such as PHP, JSP, or ASP.NET. Amazon S3 does not support server-side scripting. Amazon Web Services (AWS) also has resources for hosting dynamic websites such as Amazon EC2.
Amazon S3 is an excellent storage facility for your media assets. It is infinitely scalable, has built-in redundancy, and is available to you on a pay-as-you-go basis. For example, if you want to deliver or stream video files to your global users, all you need to do is to put your content in an S3 bucket and create a CloudFront distribution that points to the bucket. Your user’s video player will use CloudFront URLs to request the video file. The request will be directed to the best edge location, based on the user’s location. The Amazon Cloudfront Content Delivery Network (CDN) will serve the video from its cache, fetching it from the S3 bucket if it has not already been cached. The CDN caches content at the edge locations for consistent, low-latency, high-throughput video delivery.
The other options are incorrect:
“Cost-effective database and log storage” is incorrect. Amazon S3 can be used to store log files, images, videos (or any static content), but not databases. Databases and dynamic websites require block-level storage (such as EBS). S3 is an object-level storage, not Block-level storage. Object-level storage has limited I/O and is therefore ill-suited for use as a database store.
“Hosting websites that require sustained high CPU utilization” is incorrect. S3 can only be used to host static websites.
“Processing data streams at any scale” is incorrect. S3 is not a compute service
Which of the below are responsibilities of the customer when using Amazon EC2? (Choose TWO)
A.Setup and operation of managed databases
B.Protecting sensitive data
C.Installing and configuring third-party software
D.Maintaining consistent hardware components
E.Patching of the underlying infrastructure
B.Protecting sensitive data
C.Installing and configuring third-party software
Explanation
Amazon EC2 requires the customer to perform all of the necessary security configuration and management tasks. When customers deploy Amazon EC2 instances, they are responsible for management of custom Amazon Machine Images, management of the guest operating systems (including updates and security patches), securing application access and data, installing and configuring third-party applications or utilities, and the configuration of the AWS-provided firewall (called a security group) on each instance.
The other options are incorrect:
“Patching of the underlying infrastructure” is incorrect. AWS is responsible for patching the underlying infrastructure. The customer is responsible for patching the operating system and any software or application run on EC2.
“Setup and operation of managed databases” is incorrect.
AWS customers have two options to host their databases on AWS:
1- Using a managed database:
AWS Customers can use managed databases such as Amazon RDS and Amazon DynamoDB to host their databases. In this case, AWS is responsible for performing all database management tasks such as hardware provisioning, patching, setup, configuration, backups, or recovery.
2- Installing a database software on Amazon EC2:
Instead of using a managed database, AWS customers can install any database software they want on Amazon EC2 and host their databases. In this case, AWS customers are responsible for performing all of the necessary configuration and management tasks.
“Maintaining consistent hardware components” is incorrect. AWS is responsible for maintaining consistency of all hardware components.
What is AWS Lambda?
A.An AWS Service that deploys containerized applications
B.A fully managed non-relational database service
C.An AWS Service that allows customers to run code without provisioning or managing servers
D.An AWS Service that provides object storage
C.An AWS Service that allows customers to run code without provisioning or managing servers
Explanation:
AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume - there is no charge when your code is not running. With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Just upload your code and Lambda takes care of everything required to run and scale your code with high availability.
“An AWS Service that provides object storage” is incorrect. Amazon S3 is the service that provides object storage.
“An AWS Service that deploys containerized applications to Amazon EC2 instances” is incorrect. This statement describes the Amazon Elastic Container Service (ECS) service. Amazon ECS is a container management service that allows customers to easily run containerized applications on a managed cluster of Amazon EC2 instances.
“A fully managed non-relational database service” is incorrect. Amazon DynamoDB is the AWS fully managed non-relational database service.
AWS recommends some practices to help organizations avoid unexpected charges on their bill. Which of the following is NOT one of these practices?
A.Releasing unused Elastic IPs after terminating an EC2 instance
B.Deleting unused Elastic Load Balancers
C.Deleting unused EBS volumes after terminating an EC2 instance
D.Deleting unused AutoScaling launch configuration
D.Deleting unused AutoScaling launch configuration
Explanation:
“Deleting unused AutoScaling launch configuration” will not help, and thus is the correct choice. The AutoScaling launch configuration does not incur any charges. Thus, it will not make any difference whether it is deleted or not.
AWS will charge the user once the AWS resource is allocated (even if it is not used). Thus, it is advised that once the user's work is completed they should:
1- Delete all Elastic Load Balancers.
2- Terminate all unused EC2 instances.
3- Delete the attached EBS volumes that they don’t need.
4- Release any unused Elastic IPs.
Additional information:
Some services automatically restart resources after terminating them without notifying you, and as a result, you get unexpected charges on your bill.
Examples of these services:
1- Elastic Beanstalk:
Elastic Beanstalk is designed to ensure that all the resources that you need are running, which means that it automatically relaunches any service that you stop. If you need to permanently delete those resources you must terminate your Elastic Beanstalk environment before you terminate resources that Elastic Beanstalk has created.
2- AWS OpsWorks:
If you use the AWS OpsWorks environment to create AWS resources, you must use AWS OpsWorks to terminate those resources or AWS OpsWorks will restart them. For example, if you use AWS OpsWorks to create an Amazon EC2 instance, but then stop it by using the Amazon EC2 console, the AWS OpsWorks auto-healing feature categorizes the instance as failed and restarts it.
Which design principles relate to performance efficiency in AWS? (Choose TWO)
A.Build multi-region architectures to better serve global customers
B.Enable audit logging
C.Use serverless architectures
D.Implement strong Identity and Access Controls
E.Apply security at all layers
A.Build multi-region architectures to better serve global customers
C.Use serverless architectures
Explanation:
There are five design principles for performance efficiency in the cloud:
1- Democratize advanced technologies: Technologies that are difficult to implement can become easier to consume by pushing that knowledge and complexity into the cloud vendor’s domain. Rather than having your IT team learns how to host and run a new technology, they can simply consume it as a service. For example, NoSQL databases, media transcoding, and machine learning are all technologies that require expertise that is not evenly dispersed across the technical community. In the cloud, these technologies become services that your team can consume while focusing on product development rather than resource provisioning and management.
2- Go global in minutes: Easily deploy your system in multiple Regions around the world with just a few clicks. This allows you to provide lower latency and a better experience for your customers at minimal cost.
3- Use serverless architectures: In the cloud, serverless architectures remove the need for you to run and maintain servers to carry out traditional compute activities. For example, storage services can act as static websites, removing the need for web servers, and event services can host your code for you. This not only removes the operational burden of managing these servers, but also can lower transactional costs because these managed services operate at cloud scale.
4- Experiment more often: With virtual and automatable resources, you can quickly carry out comparative testing using different types of instances, storage, or configurations.
5- Mechanical sympathy: Use the technology approach that aligns best to what you are trying to achieve. For example, consider data access patterns when selecting database or storage approaches.
Other options presented are related to security not performance.
Why do many startup companies prefer AWS over traditional on-premises solutions? (Choose TWO)
A.Using AWS, they can reduce time-to-market by focusing on business activities rather than on building and managing data centers
B.Using AWS allows companies to replace large capital expenditures with low variable costs
C.AWS allows them to pay later when their business succeed
D.AWS removes the need to invest in operational expenditures
E.AWS can build complete data centers faster than other Cloud provider
A.Using AWS, they can reduce time-to-market by focusing on business activities rather than on building and managing data centers
B.Using AWS allows companies to replace large capital expenditures with low variable costs
Explanation
Instead of building and managing data centers, AWS provides startups, enterprises, and government agencies all the services they need to quickly build their business and grow faster. AWS has significantly more services, and more features within those services, than any other cloud provider – from infrastructure technologies like compute, storage, and databases –to emerging technologies, such as machine learning and artificial intelligence, data lakes and analytics, and Internet of Things. This makes it faster, easier, and more cost effective to build nearly anything they can imagine.
Capital expenditures (CapEx) are a company's major, long-term expenses. Examples of CAPEX include physical assets such as buildings, equipment, and machinery. Instead of having to invest heavily in these Capital expenditures (e.g. physical data centers and servers) before it is known they will be used, companies can pay only when consuming AWS resources, and pay only for how much they consume. In brief, AWS replaces their investments in large capital expenditures (CAPEX) with low variable "pay-as-you-go" costs.
The other options are incorrect:
“AWS can build complete data centers faster than any other Cloud provider” is incorrect. AWS does not build out physical data centers for customers, only for itself. AWS is a Cloud Computing provider.
“AWS removes the need to invest in operational expenditure” is incorrect. Operating expenses (OpEx) are a company’s day-to-day expenses. Examples of OPEX include employee salaries, rent, utilities, and property taxes. With AWS, Startups can reduce (not remove) their day to day operating expense (OpEx) costs.
“AWS allows them to pay later when their business succeed” is incorrect. AWS does not offer a “pay later” option for its customers. AWS provides three payment models: “Pay-as-you-go”, “Save when you reserve” and “Pay less by using more”.
Which of the following AWS Services helps with planning application migration to the AWS Cloud?
A.AWS Application Discovery Service
B.AWS DMS
C.AWS Snowball Migration Service
D.AWS Migration Hub
A.AWS Application Discovery Service
Explanation:
AWS Application Discovery Service helps systems integrators quickly and reliably plan application migration projects by automatically identifying applications running in on-premises data centers, their associated dependencies, and their performance profiles. Planning data center migrations can involve thousands of workloads that are often deeply interdependent. Application discovery and dependency mapping are important early first steps in the migration process, but these tasks are difficult to perform at scale due to the lack of automated tools. AWS Application Discovery Service automatically collects configuration and usage data from servers, storage, and networking equipment to develop a list of applications, how they perform, and how they are interdependent. This information helps reduce the complexity and time in planning your cloud migration.
The other options are incorrect:
“AWS Migration Hub” is incorrect. AWS Migration Hub provides a single location to track the progress of application migrations across multiple AWS and partner solutions.
“AWS Snowball Migration Service” is incorrect. Snowball is a petabyte-scale data transport solution that uses secure devices to transfer large amounts of data into and out of the AWS Cloud.
“AWS DMS” is incorrect. AWS Database Migration Service (DMS) is used to migrate your data to and from most widely used commercial and open-source databases. AWS DMS supports homogeneous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle or Microsoft SQL Server to Amazon Aurora.
A developer needs to set up an SSL security certificate for a client’s eCommerce website in order to use the HTTPS protocol. Which of the following AWS services can be used to deploy the required SSL server certificates? (Choose TWO)
A.AWS Directory Service B.Amazon Route 53 C.AWS ACM D.AWS Identity & Access management E.AWS Data Pipeline
C.AWS ACM
D.AWS Identity & Access management
Explanation
To enable HTTPS connections to your website or application in AWS, you need an SSL/TLS server certificate. You can use a server certificate provided by AWS Certificate Manager (ACM) or one that you obtained from an external provider. You can use ACM or IAM to store and deploy server certificates. Use IAM as a certificate manager only when you must support HTTPS connections in a region that is not supported by ACM. IAM supports deploying server certificates in all regions, but you must obtain your certificate from an external provider for use with AWS. Amazon Route 53 is used to register domain names or use your own domain name to route your end users to Internet applications. Route 53 is not responsible for creating SSL certifications.
The other options are incorrect:
AWS Directory Service is incorrect. AWS Directory Service is a managed Microsoft Active Directory in the AWS Cloud. Customers can use it to manage users and groups, provide single sign-on (SSO) to applications and services, as well as create and apply group policies.
Note: What is Single sign-on (SSO)? Single sign-on (SSO) enables a company’s employees to sign in to AWS using their existing corporate Microsoft Active Directory credentials.
Amazon Route 53 is incorrect. Amazon Route 53 can be used for registering domain names, routing end users to Internet applications, configuring DNS health checks to route traffic to healthy endpoints, managing traffic globally through a variety of routing types etc.
AWS Data Pipeline is incorrect. AWS Data Pipeline is a web service that helps you reliably process and move data between different AWS compute and storage services, as well as on-premises data sources. AWS Data Pipeline integrates with on-premise and cloud-based storage systems to allow developers to use their data when they need it, where they want it, and in the required format.
App development companies move their business to AWS to reduce time-to-market and improve customer satisfaction, what are the AWS automation tools that help them deploy their applications faster? (Choose TWO) A.AWS CloudFormation B.AWS Elastic Beanstalk C.Amazon Macie D.AWS Migration Hub E.AWS IAM
A.AWS CloudFormation
B.AWS Elastic Beanstalk
Explanation:
AWS Elastic Beanstalk makes it easier for developers to quickly deploy and manage applications in the AWS Cloud. Developers simply upload their application, and Elastic Beanstalk automatically handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring.
AWS CloudFormation automates and simplifies the task of repeatedly and predictably creating groups of related resources that power your applications. Creating and interconnecting all resources your application needs to run is now as simple as creating a single EC2 or RDS instance.
The other options are incorrect.
“Amazon Macie” is incorrect. Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides you with dashboards and alerts that give visibility into how this data is being accessed or moved.
“AWS IAM” is incorrect. AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
“AWS Migration Hub” is incorrect. AWS Migration Hub is used to track the progress of application migrations to AWS.
A company has a large amount of data to be archived. What is the most cost-effective AWS storage service to use?
A.Amazon EDS
B.Amazon EBS
C.Amazon S3 Standard
D.Amazon Glacier
D.Amazon Glacier
Explanation:
Amazon Glacier is a secure, durable, and extremely low-cost cloud storage service for data archiving and long-term backup. It is designed to deliver 99.999999999% durability, and provides comprehensive security and compliance capabilities that can help meet even the most stringent regulatory requirements.
The other options are incorrect:
Amazon EFS is incorrect. Amazon Elastic File System (Amazon EFS) is not a cost effective solution for data archiving. Amazon EFS is a file level storage service that is designed to provide massively parallel shared access to thousands of Amazon EC2 instances, enabling your applications to achieve high levels of aggregate throughput and IOPS with consistently low latencies.
Amazon EBS is incorrect. Amazon EBS is not a cost-effective solution for data archiving. Amazon EBS provides block level storage volumes for use with Amazon EC2 and RDS instances.
Amazon S3 Standard is incorrect. Amazon S3 Standard is not a cost-effective solution for data archiving. Amazon S3 Standard offers high durability, availability, and performance object storage for frequently accessed data. S3 Standard use cases include: cloud applications, dynamic websites, content distribution, mobile and gaming applications, and big data analytics.
Additional information:
In S3, we can only host static websites, or static assets of a dynamic website (such as images, audio files, video files…etc).
A dynamic website relies on server-side processing and it uses server-side scripts such as PHP, JSP, or ASP.NET. Amazon S3 does not support server-side scripting and cannot be used to host dynamic websites. AWS has computing resources for hosting dynamic websites such as Amazon EC2 or Lambda.
Which of the following statements describes the AWS Cloud’s agility?
A.AWS allows you to host your applications in multiple regions around the world
B.AWS allows you to provision resources in minutes
C.AWS allows you to pay upfront to reduce costs
D.WS provides customizable hardware at the lowest possible cost
B.AWS allows you to provision resources in minutes
Explanation:
In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks (or months in some cases) to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.
In other words, instead of waiting weeks or months for hardware, you can instantly deploy new applications. Also, whether you need one virtual server or thousands, whether you need them for a few hours or 24/7, you still only pay for what you use.
The other options are incorrect:
“AWS provides customizable hardware at the lowest possible cost” is incorrect. AWS doesn’t provide customizable hardware. AWS offers cloud computing services.
“AWS allows you to pay upfront to reduce costs” is incorrect. This statement is much more related to AWS reservations, not agility.
“AWS allows you to host your applications in multiple regions around the world” is incorrect. It is true that AWS provides global infrastructure, but this statement doesn’t describe AWS’ agility.
Which of the following allows you to create new RDS instances? (Choose TWO) .AWS DMS B.AWS CodeDeploy C.AWS CloudFormation D.AWS QuickStarts E.AWS Management Console
C.AWS CloudFormation
E.AWS Management Console
Explanation
The AWS Management Console lets you create new RDS instances through a web-based user interface.
You can also use AWS CloudFormation to create new RDS instances using the CloudFormation template language.
The other options are incorrect:
AWS DMS is incorrect. AWS DMS is used to migrate databases to AWS.
AWS Quick Starts is incorrect. Quick Starts are built by AWS solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability. These accelerators reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately.
AWS CodeDeploy is incorrect. AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Fargate, AWS Lambda, and your on-premises servers.
A customer is planning to move billions of images and videos to be stored on Amazon S3. The customer has approximately one Exabyte of data to move. Which of the following AWS Services is the best choice to transfer the data to AWS?
A.S3 Transfer Acceleration
B.Snowmobile
C.Amazon VPC
D.Snowball
B.Snowmobile
Explanation:
AWS Snowmobile is an Exabyte-scale data transfer service used to move extremely large amounts of data to AWS. You can transfer up to 100 Petabytes (PB) per Snowmobile, a 45-foot long ruggedized shipping container, pulled by a semi-trailer truck. Snowmobile makes it easy to move massive volumes of data to the cloud, including video libraries, image repositories, or even a complete data center migration. At exabyte scale, transferring data with Snowmobile is more secure, fast and cost effective.
The other options are incorrect:
Amazon VPC is incorrect. Amazon VPC is used to create virtual networks in the cloud.
Snowball is incorrect. AWS Snowball is a data transport solution that accelerates moving terabytes to petabytes of data into and out of AWS using storage devices designed to be secure for physical transport. Customers can transfer up to 80 Terabytes per Snowball. In our case, the customer needs to move 1 Exabyte of data (or 1000,000 Terabytes), so it is better to use the AWS Snowmobile service.
S3 Transfer Acceleration is incorrect. Amazon S3 Transfer Acceleration is not a migration solution. Amazon S3 Transfer Acceleration enables fast transfers of files over long distances between your client and an S3 bucket. Transfer Acceleration takes advantage of Amazon CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path.
What are AWS shared controls?
A.Controls that the customer and AWS collaborate together upon to secure the infrastructure
B.Controls that are solely the responsibility of the customer based on the application they are deploying within AWS services
C.Controls that a customer inherits from AWS
D.Controls that apply to both the infrastructure layer and customer layers
D.Controls that apply to both the infrastructure layer and customer layers
Explanation:
Shared Controls are controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include:
** Patch Management – AWS is responsible for patching the underlying hosts and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.
** Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications.
** Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.
The other options are incorrect:
“Controls that are solely the responsibility of the customer based on the application they are deploying within AWS services” is incorrect because it refers to “Customer-Specific” controls.
“Controls that a customer inherits from AWS” is incorrect because it refers to “Inherited Controls”.
“Controls that the customer and AWS collaborate together upon to secure the infrastructure” is incorrect. Securing the infrastructure is the responsibility of AWS, not the customer.
Which AWS Service can be used to register a new domain name?
A.AWS KMS
B.AWS Config
C.Amazon Route 53
D.Amazon ECR
C.Amazon Route 53
Amazon Route 53 can be used for:
● Registering domain names
● DNS routing
● Configuring health checks to route traffic only to healthy endpoints
● Managing global application traffic (cross-regions) through a variety of routing types.
Amazon Route53 allows for registration of new domain names in AWS. Amazon Route 53 is a global service that provides a highly available and scalable Domain Name System (DNS) in the Cloud. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating names like www.example.com into the numeric IP addresses like 192.0.2.1 that computers use to connect to each other. Amazon Route 53 also offers health checks to monitor the health and performance of your application, as well as your web servers and other resources. Route 53 can be configured to route traffic only to the healthy endpoints to achieve greater levels of fault tolerance in your applications. Amazon Route 53 provides many routing types to help AWS Customers improve their application’s performance for a global audience. For example, Amazon Route 53 latency-based policy routes user requests to the closest AWS Region, which reduces latency and improves application performance. Amazon Route 53 also simplifies the hybrid Cloud by providing recursive DNS for your Amazon VPC and on-premises networks over AWS Direct Connect or AWS VPN.
The other options are incorrect:
“AWS KMS” is incorrect. AWS KMS is a managed service that enables you to easily encrypt your data. AWS KMS provides a highly available key storage, management, and auditing solution for you to encrypt data within your own applications and control the encryption of stored data across AWS services.
“Amazon ECR” is incorrect. Amazon Elastic Container Registry (ECR) is a Docker container registry.
“AWS Config” is incorrect. AWS Config provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance.
A company has hundreds of VPCs in multiple AWS Regions worldwide. What service does AWS offer to simplify the connection management among the VPCs?
A.AWS Transit Gateway
B.VPC Peering
C.Security Groups
D.Amazon Connect
A.AWS Transit Gateway
Explanation
AWS Transit Gateway is a network transit hub that simplifies how customers interconnect all of their VPCs, across thousands of AWS accounts and into their on-premises networks. Customers can easily and quickly connect into a single centrally-managed gateway, and rapidly growing the size of their network. Transit Gateway acts as a hub that controls how traffic is routed among all the connected networks which act like spokes. This hub and spoke model significantly simplifies management and reduces operational costs because each network only has to connect to the Transit Gateway and not to every other network. Any new VPC is simply connected to the Transit Gateway and is then automatically available to every other network that is connected to the Transit Gateway. This ease of connectivity makes it easy to scale networks as business grow.
The other options are incorrect:
“VPC Peering” is incorrect. A VPC peering connection is a networking connection between two VPCs that enables customers to route traffic between them using private IPv4 addresses or IPv6 addresses. Instances in either VPC can communicate with each other as if they are within the same network. Using VPC peering to connect hundreds of VPCs is very complex and time consuming because customers need to peer each Amazon VPC to each other manually.
With AWS Transit Gateway, each VPC only has to connect to the Transit Gateway and not to every other VPC. Customers simply connect each Amazon VPC to the AWS Transit Gateway, and the Gateway will route traffic to and from each VPC.
“Amazon Connect” is incorrect. Amazon Connect is a cloud-based contact center service that makes it easy for businesses to deliver customer service at low cost.
“Security Groups” is incorrect. Security Groups are not used to connect Amazon VPCs. Security Groups are an Amazon VPC networking feature that allows customers to control instance traffic.