AWS Certified Cloud Practitioner: Test 6 Flashcards
Which AWS service provides the ability to detect inadvertent data leaks of personally identifiable information (PII) and user credential data? A.Amazon GuardDuty B.Amazon macie C.Amazon Inspector D.AWS Shield
B.Amazon macie
Explanation:
Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in Amazon S3.
Macie applies machine learning and pattern matching techniques to the Amazon S3 buckets you select to identify and alert you to sensitive data, such as personally identifiable information (PII).
CORRECT: “Amazon Macie” is the correct answer.
INCORRECT: “Amazon GuardDuty” is incorrect. This is a service that analyzes your resources using anomaly detection and machine learning. It does not detect personally identifiable information.
INCORRECT: “Amazon Inspector” is incorrect. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. It does not detect personally identifiable information.
INCORRECT: “AWS Shield” is incorrect. This service is involved with protecting your resources of distributed denial of service (DDoS) attacks.
To reduce cost, which of the following services support reservations? (Select TWO.) A.Amazon RedShift B.Amazon ElasticCache C.Amazon S3 D.Amazon CloudFormation E.AWS BeanStalk
A.Amazon RedShift
B.Amazon ElasticCache
Explanation:
Amazon ElastiCache and Amazon Redshift both support reserved nodes. Reservations can be used to gain a large discount from the on-demand rate in exchange for the commitment to a contract for 1 or 3 years.
CORRECT: “Amazon ElastiCache” is a correct answer.
CORRECT: “Amazon RedShift” is also a correct answer.
INCORRECT: “Amazon CloudFormation” is incorrect as you do not pay for CloudFormation.
INCORRECT: “AWS Elastic Beanstalk” is incorrect as you do not pay for Elastic Beanstalk.
INCORRECT: “Amazon S3” is incorrect as you pay for usage and cannot reserve capacity.
How can a company configure automatic, asynchronous copying of objects in Amazon S3 buckets across regions?
A.This is done by default by AWS
B.Using cross- region replication
C.Using lifecycle actions
D.By configuring multi-master replication
B.Using cross- region replication
Explanation:
Cross-region replication (CRR) enables automatic, asynchronous copying of objects across buckets in different AWS Regions. Buckets configured for cross-region replication can be owned by the same AWS account or by different account
CORRECT: “Using cross-region replication” is the correct answer.
INCORRECT: “This is done by default by AWS” is incorrect as this is not true.
INCORRECT: “By configuring multi-master replication” is incorrect. Multi-master replication is not something you can do with Amazon S3 (Amazon Aurora has this feature).
INCORRECT: “Using lifecycle actions” is incorrect. Lifecycle actions cannot be configured to move to another storage class in a different region.
Which of the following acts as a virtual firewall at the Amazon EC2 instance level to control traffic for one or more instances? A.Route table B.Network Access Control Lists (ACL) C.Security groups D.Virtual Private Gateways (VPG)
C.Security groups
Explanation:
A security group is an instance-level firewall that can be used to control traffic the that reaches (ingress/inbound) and is sent out from (egress/outbound) your EC2 instances. Rules are created for inbound or outbound traffic. A security group can be attached to multiple EC2 instances.
CORRECT: “Security groups” is the correct answer.
INCORRECT: “Network Access Control Lists (ACL)” is incorrect as this is subnet-level firewall. You do not attach a Network ACL to an instance, you attach it to a subnet.
INCORRECT: “Virtual private gateways (VPG)” is incorrect. A VPG is the Amazon side of an AWS Managed VPN.
INCORRECT: “Route table” is incorrect as this is not a firewall but a table of routes for directing traffic between subnets within a VPC.
A startup eCommerce company needs to quickly deliver new website features in an iterative manner, minimizing the time to market.
Which AWS Cloud feature allows this? A.Agility B.High availability C.Reliability D.Elasticity
A.Agility
Explanation:
In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes.
This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.
CORRECT: “Agility” is the correct answer.
INCORRECT: “High availability” is incorrect as this is associated with increased resilience, not agility.
INCORRECT: “Elasticity” is incorrect as this associated with the ability to adjust to demand and reduce the need to guess capacity requirements.
INCORRECT: “Reliability” is incorrect as this does not assist with bringing features to market faster.
A company is using the AWS CLI and programmatic access of AWS resources from its on-premises network.
What is a mandatory requirement in this scenario?
A.using an Amazon EC2 key pair
B.Using an AWS Direct Connect connection
C.Using Amazon API Gateway
D.Using an AWS access key and a secret key
D.Using an AWS access key and a secret key
Explanation:
Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK).
Access keys consist of two parts: an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). Like a user name and password, you must use both the access key ID and secret access key together to authenticate your requests.
CORRECT: “Using an AWS access key and a secret key” is the correct answer.
INCORRECT: “Using an AWS Direct Connect connection” is incorrect. It is not a requirement that you use a Direct Connect connection. You can access public services via the API using the internet. For private services you can use Direct Connect, a VPN, or a bastion host.
INCORRECT: “Using Amazon API Gateway” is incorrect. You do not need API Gateway for programmatic access to the AWS API.
INCORRECT: “Using an Amazon EC2 key pair” is incorrect. A key pair is used to securely access EC2 resources and should not be confused with access keys.
Your company has recently migrated to AWS. How can your CTO monitor the organization’s costs? A.AWS CloudTrail B.AWS Simple Monthly Calculator C.AWS Cost Explorer D.AWS Consolidated billing
C.AWS Cost Explorer
Explanation:
AWS Cost Explorer – enables you to visualize your usage patterns over time and to identify your underlying cost drivers.
CORRECT: “AWS Cost Explorer” is the correct answer.
INCORRECT: “AWS CloudTrail” is incorrect. AWS CloudTrail provides a record of API activity in your account. I.e. who did what to which resource..
INCORRECT: “AWS Consolidated Billing” is incorrect. AWS Consolidated Billing is a feature of AWS Organizations that allows you to consolidate billing across multiple linked accounts and benefit from volume pricing discounts.
INCORRECT: “AWS Simple Monthly calculator” is incorrect. AWS Simple Monthly calculator – shows you how much you would pay in AWS if you move your resources.
Which AWS service is suitable for an event-driven workload? A.AWS Lambda B.Amazon Lumberyard C.AWS Elastic Beanstalk D.Amazon EC2
A.AWS Lambda
Explanation:
AWS Lambda is an event-driven service. For example you can configure an Amazon S3 bucket with event notifications that trigger an AWS Lambda function when data is uploaded to an S3 bucket.
CORRECT: “AWS Lambda” is the correct answer.
INCORRECT: “Amazon EC2” is incorrect as this is not an event-driven service.
INCORRECT: “AWS Elastic Beanstalk” is incorrect as this is not an event-driven service.
INCORRECT: “Amazon Lumberyard” is incorrect as this is a game engine service.
Which AWS security tool uses an agent installed in EC2 instances and assesses applications for vulnerabilities and deviations from best practices? A.AWS Inspector B.AWS Personal Health Dashboard C.AWS Trusted Advisor D.AWS TCO Calculator
A.AWS Inspector
Explanation:
Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Inspector automatically assesses applications for vulnerabilities or deviations from best practices. Inspector uses an agent installed on EC2 instances.
CORRECT: “AWS Inspector” is the correct answer.
INCORRECT: “AWS Trusted Advisor” is incorrect. Trusted Advisor is an online resource that helps to reduce cost, increase performance and improve security by optimizing your AWS environment.
INCORRECT: “AWS Personal Health Dashboard” is incorrect. AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you.
INCORRECT: “AWS TCO Calculator” is incorrect. The AWS TCO calculator can be used to compare the cost of running your applications in an on-premises or colocation environment to AWS.
Which type of Elastic Load Balancer operates at the TCP connection level? A. Amazon Route 53 Load Balancer B.Network Load Balancer (NLB) C.Classic Load balancer (CLB) D.Application Load Balancer (ALB)
B.Network Load Balancer (NLB)
Explanation:
A Network Load Balancer functions at the fourth layer of the Open Systems Interconnection (OSI) model. NLBs direct connections based on information at the TCP connection level.
CORRECT: “Network Load Balancer (NLB)” is the correct answer.
INCORRECT: “Application Load Balancer (ALB)” is incorrect. ALBs process traffic at the application level (layer 7) based on information in the HTTP/HTTPS headers.
INCORRECT: “Classic Load Balancer (CLB)” is incorrect. CLBs process traffic at the TCP, SSL, HTTP and HTTPS levels (layer 4 & 7).
INCORRECT: “Amazon Route 53 Load Balancer” is incorrect. There is no feature called a load balancer that is associated with Route 53. You can perform a type of load balancing using multivalue answer routing.
The AWS Cost Management tools give users the ability to do which of the following? (Select TWO.) A.Break down AWS costs by day service and linked AWS account B.Create budgets and receive notification's if current or forecasted usage exceeds the budgets C.Switch automatically to resevered instances or spot instances, whichever is most cost-effective D.Move data stored in Amazon S3 to a more cost-effective storage class E.Terminate all AWS resources automatically if budget thresholds are exceeded
A.Break down AWS costs by day service and linked AWS account
B.Create budgets and receive notification’s if current or forecasted usage exceeds the budgets
Explanation:
AWS has a set of solutions to help you with cost management and optimization. This includes services, tools, and resources to organize and track cost and usage data, enhance control through consolidated billing and access permission, enable better planning through budgeting and forecasts, and further lower cost with resources and pricing optimizations.
However, these tools do not terminate resources, manipulate resources, or make changes to pricing models.
CORRECT: “Break down AWS costs by day, service, and linked AWS account” is the correct answer.
CORRECT: “Create budgets and receive notifications if current or forecasted usage exceeds the budgets” is the correct answer.
INCORRECT: “Terminate all AWS resources automatically if budget thresholds are exceeded” is incorrect as explained above.
INCORRECT: “Switch automatically to Reserved Instances or Spot Instances, whichever is most cost-effective” is incorrect as explained above.
INCORRECT: “Move data stored in Amazon S3 to a more cost-effective storage class” is incorrect as explained above.
What methods are available for scaling an Amazon RDS database? (Select TWO.)
A.You can scale out automatically with EC2 auto scaling
B.You can scale up automatically using AWS auto scaling
C.You can scale out by implementing Elastic Load Balancing
D,You can scale up by increasing storage capacity
E.You can scale up by moving to a larger instance size
D,You can scale up by increasing storage capacity
E.You can scale up by moving to a larger instance size
Explanation:
To handle a higher load in your database, you can vertically scale up your master database with a simple push of a button. There are currently over 18 instance sizes that you can choose from when resizing your RDS MySQL, PostgreSQL, MariaDB, Oracle, or Microsoft SQL Server instance.
For Amazon Aurora, you have 5 memory-optimized instance sizes to choose from. The wide selection of instance types allows you to choose the best resource and cost for your database server.
In addition to scaling your master database vertically, you can also improve the performance of a read-heavy database by using read replicas to horizontally scale your database. RDS MySQL, PostgreSQL, and MariaDB can have up to 5 read replicas, and Amazon Aurora can have up to 15 read replicas.
CORRECT: “You can scale up by moving to a larger instance size” is a correct answer.
CORRECT: “You can scale up by increasing storage capacity” is also a correct answer.
INCORRECT: “You can scale out automatically with EC2 Auto Scaling” is incorrect. You cannot use EC2 Auto Scaling with Amazon RDS.
INCORRECT: “You can scale out by implementing Elastic Load Balancing” is incorrect. You cannot use Elastic Load Balancing with RDS.
INCORRECT: “You can scale up automatically using AWS Auto Scaling” is incorrect. You cannot use EC2 Auto Scaling or AWS (Application) Auto Scaling to automatically scale your RDS database. EC2 Auto Scaling is involved with launching additional instances (scale out) and this is not a method of scaling an RDS database. Application auto scaling is involved with automatically adjusting the assignment of resources to the database which is not supported with RDS (you can do it with DynamoDB).
Based on the shared responsibility model, which of the following security and compliance tasks is AWS responsible for?
A.Encrypting data in transit
B.Updating operating systems
C.Granting access to individuals and services
D.Updating Amazon EC2 host firmware
D.Updating Amazon EC2 host firmware
Explanation:
AWS are responsible for updating Amazon EC2 host firmware. This is considered “security of the cloud”. All other tasks are the responsibility of the customer.
CORRECT: “Updating Amazon EC2 host firmware” is the correct answer.
INCORRECT: “Granting access to individuals and services” is incorrect. This is something a customer must perform to control access to the resources they use on AWS.
INCORRECT: “Encrypting data in transit” is incorrect. Encryption at rest and in-transit is a customer responsibility.
INCORRECT: “Updating operating systems” is incorrect. Customers are responsible for patching operating systems on Amazon EC2. AWS are only responsible for the host servers.
Which AWS service can serve a static website? A.Amazon S3 B.Amazon Route 53 C.AWS X-Ray D.Amazon QuickSight
A.Amazon S3
Explanation:
You can use Amazon S3 to host a static website. On a static website, individual webpages include static content. They might also contain client-side scripts.
To host a static website on Amazon S3, you configure an Amazon S3 bucket for website hosting and then upload your website content to the bucket. When you configure a bucket as a static website, you must enable website hosting, set permissions, and create and add an index document. Depending on your website requirements, you can also configure redirects, web traffic logging, and a custom error document.
CORRECT: “Amazon S3” is the correct answer.
INCORRECT: “Amazon Route 53” is incorrect. This is an intelligent DNS service.
INCORRECT: “Amazon QuickSight” is incorrect. Amazon QuickSight is a fast, cloud-powered business intelligence service that makes it easy to deliver insights to everyone in your organization.
INCORRECT: “AWS X-Ray” is incorrect. This is used for tracing and debugging applications.
Which AWS technology can be referred to as a “virtual hard disk in the cloud”? A.Amazon EFS Filesystem B.Amazon ENI C.Amazon EBS volume D.Amazon S3 Bucket
C.Amazon EBS volume
Explanation:
An Amazon Elastic Block Store (EBS) volume is often described as a “virtual hard disk in the cloud”. EBS volumes are block-level storage volumes that are attached to EC2 instances much as you would attach a virtual hard disk to a virtual machine in a virtual infrastructure.
CORRECT: “Amazon EBS volume” is the correct answer.
INCORRECT: “Amazon EFS Filesystem” is incorrect. An Amazon EFS filesystem is a file-level storage system that is accessed using the NFS protocol. Filesystems are mounted at the file, rather than the block level and are therefore not similar to a virtual hard disk.
INCORRECT: “Amazon S3 Bucket” is incorrect. Amazon S3 is an object-level storage service and is not mounted or attached. You use a REST API over HTTPS to access objects in an object store.
INCORRECT: “Amazon ENI” is incorrect. An Amazon Elastic Network Interface is a networking construct, not a storage construct.
In which ways does AWS’ pricing model benefit organizations?
A.Reduce the cost of maintaining idle resources
B.Focus spend on capital expenditure, rather than operational expenditure
C.Eliminate licensing costs
D.Reduces the people costs of application development
A.Reduce the cost of maintaining idle resources
Explanation:
Using AWS you can provision only what you need and adjust resources automatically and elastically. This reduces the amount of resources that are sitting idle which reduces cost.
CORRECT: “Reduce the cost of maintaining idle resources” is the correct answer.
INCORRECT: “Eliminates licensing costs” is incorrect. AWS does not eliminate licensing costs or application development costs as you still need to licence and develop your application.
INCORRECT: “Focus spend on capital expenditure, rather than operational expenditure” is incorrect. AWS allows you to focus your spend on operational costs, not capital costs.
INCORRECT: “Reduces the people cost of application development” is incorrect as you still need people to develop applications.
Which AWS Cloud design principles can help increase reliability? (Select TWO.) A.Using monolithic architecture B.Adopting a consumption model C.Automatically recovering from failure D.Testing recovery procedures E.Measuring overall efficiency
C.Automatically recovering from failure
D.Testing recovery procedures
Explanation:
Recovery procedures should always be tested ahead of any outage of disaster recovery situation. This is the only way to be sure your recovery procedures are effective.
When designing systems it is also a good practice to implement automatic recovery when possible. This reduces or eliminates the operational burden and potential downtime associated with a failure of a system or application component.
CORRECT: “Testing recovery procedures” is the correct answer.
CORRECT: “Automatically recovering from failure” is the correct answer.
INCORRECT: “Using monolithic architecture” is incorrect. A monolithic architecture means you have multiple components of an application running on a single system. This results in a bigger issue if that system fails. A distributed architecture is preferred.
INCORRECT: “Measuring overall efficiency” is incorrect. Efficiency has more of a bearing on cost management than reliability.
INCORRECT: “Adopting a consumption model” is incorrect. A consumption model has benefits more aligned with cost and agility than reliability.
Under the AWS shared responsibility model, which of the following are customer responsibilities? (Select TWO.)
A.Amazon RDS instance patching
B.Network and firewall configurations
C.Physical security of data center facilities
D.Compute capacity availability
E.Setting up server side encryption on an Amazon S3 bucket
B.Network and firewall configurations
E.Setting up server side encryption on an Amazon S3 bucket
Explanation
As a customer on AWS you take responsibility for encrypting data. This includes encrypting data at rest and data in transit. Another security responsibility the customer owns is setting network and firewall configurations. For instance, you must configure Network ACLs and Security Groups, and any operating system-level firewalls on your EC2 instances.
CORRECT: “Setting up server-side encryption on an Amazon S3 bucket” is a correct answer.
CORRECT: “Network and firewall configurations” is also a correct answer.
INCORRECT: “Amazon RDS instance patching” is incorrect. With RDS you can define the maintenance window but AWS actually perform the patching for you.
INCORRECT: “Physical security of data center facilities” is incorrect as this is security of the cloud and is an AWS responsibility.
INCORRECT: “Compute capacity availability” is incorrect as this is an AWS responsibility.
Where do Amazon Identity and Access Management (IAM) accounts need to be created for a global organization?
A.Create them globally, and then replicate them regionally
B.Just create them once, as IAM is a global service
C.In each geographical area where the users are located
D.In each region where the users are located
B.Just create them once, as IAM is a global service
Explanation:
IAM is a global service so you only need to create your users once and can then use those user accounts anywhere globally. The other options are all incorrect. as you do not create IAM accounts regionally, replicate them regionally, or create them within geographical areas.
CORRECT: “Just create them once, as IAM is a global service” is the correct answer.
INCORRECT: “In each region where the users are located” is incorrect as explained above.
INCORRECT: “Create them globally, and then replicate them regionally” is incorrect as explained above.
INCORRECT: “In each geographical area where the users are located” is incorrect as explained above.
What do you need to log into the AWS console? A.Access key and secret ID B.User name and password C.Certificate D.Key pair
B.User name and password
Explanation:
You can log into the AWS console using a user name and password. You cannot log in to the AWS console using a key pair, access key & secret ID or certificate.
CORRECT: “User name and password” is the correct answer.
INCORRECT: “Key pair” is incorrect as explained above.
INCORRECT: “Access key and secret ID” is incorrect as explained above.
INCORRECT: “Certificate” is incorrect as explained above
Which of the following statements about AWS’s pay-as-you-go pricing model is correct?
A.It is relevant only for Amazon EC2, Amazon S3, and Amazon DynamoDB
B.It results in reduced capital expenditures
C.It reduces operational expenditures
D.It requires payment up front for AWS services
B.It results in reduced capital expenditures
Explanation:
The pay-as-you-go pricing model means you only pay for the services and consumption you actually use. You are charged for compute, storage and outbound data transfer. This model reduces capital expenditure as you pay a monthly bill (operational expenditure).
CORRECT: “It results in reduced capital expenditures” is the correct answer.
INCORRECT: “It requires payment up front for AWS services” is incorrect. You can pay upfront for some services such as EC2 reserved instances to get better pricing but most services are offered on a consumption basis.
INCORRECT: “It is relevant only for Amazon EC2, Amazon S3, and Amazon DynamoDB” is incorrect. This is not true most AWS services are offered on a pay-as-you-go pricing model.
INCORRECT: “It reduces operational expenditures” is incorrect. This is not true, it reduces capital expenditures.
How can a systems administrator specify a script to be run on an EC2 instance during launch? A.User Data B.AWS Config C.Metadata D.Run Command
A.User Data
Explanation:
When you launch an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts.
You can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives. User data is data that is supplied by the user at instance launch in the form of a script. User data is limited to 16KB. User data and meta data are not encrypted.
CORRECT: “User Data” is the correct answer.
INCORRECT: “Metadata” is incorrect as metadata retrieves information about the instance.
INCORRECT: “Run Command” is incorrect as this operates separately to the launch process.
INCORRECT: “AWS Config” is incorrect as this service stores configuration information relating to AWS services.
You are evaluating AWS services that can assist with creating scalable application environments. Which of the statements below best describes the Elastic Load Balancer service?
A.Automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses
B.A network service that provides an alternative to using the Internet to connect customers on-premise sites to AWS
C.Helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application
D.A highly available and scalable Domain Name System(DNS) service
A.Automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses
Explanation:
Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses.
Elastic Load Balancing provides fault tolerance for applications by automatically balancing traffic across targets – Amazon EC2 instances, containers and IP addresses – and Availability Zones while ensuring only healthy targets receive traffic.
CORRECT: “Automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses” is the correct answer.
INCORRECT: “Helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application” is incorrect as this describes EC2 Auto Scaling.
INCORRECT: “A highly available and scalable Domain Name System (DNS) service” is incorrect as this describes Amazon Route 53.
INCORRECT: “A network service that provides an alternative to using the Internet to connect customers’ on-premise sites to AWS” is incorrect as this describes AWS Direct Connect.
A web application running on AWS has been received malicious requests from the same set of IP addresses.
Which AWS service can help secure the application and block the malicious traffic? A.AWS IAM B.Amazon SNS C.Amazon GuardDuty D.AWS WAF
D.AWS WAF
Explanation:
The AWS Web Application Firewall (WAF) is used to protect web applications or APIs against common web exploits. Rules can be created that block traffic based on source IP address.
CORRECT: “AWS WAF” is the correct answer.
INCORRECT: “AWS IAM” is incorrect. The Identity and Access Management service is used for creating users, groups, roles and policies. It is not used for controlling network access.
INCORRECT: “Amazon GuardDuty” is incorrect. This is a service that analyzes your resources using anomaly detection and machine learning. It can alert and trigger other tools to take action but it is not a network firewall service.
INCORRECT: “Amazon SNS” is incorrect as this is service is used for sending notifications using a publisher/subscriber model
How can you deploy your EC2 instances so that if a single data center fails you still have instances available? A.Across VPCs B.Across subnets C.Across Availability zones D.Across regions
C.Across Availability zones
Explanation:
An AZ spans one or more data centers and each AZ is physically isolated from other AZs and connected by high speed networking. If you want to deploy a highly available application you should spread your instances across AZs and they will be resilient to the failure of a single DC
CORRECT: “Across Availability Zones” is the correct answer.
INCORRECT: “Across regions” is incorrect. You could deploy your instances across separate regions but this is not necessary to create a highly available application and introduces complexity and cost. For example you may need multiple ELBs (one per region), complex name resolution and potential data transfer charges.
INCORRECT: “Across subnets” is incorrect. Subnets are created within AZs. Therefore, if you deploy resources into multiple subnets within an AZ and a data center fails, you may lose all of your instances.
INCORRECT: “Across VPCs” is incorrect. You should deploy across AZs within a VPC.
Which AWS technology enables you to group resources that share one or more tags? A.Tag groups B.Resource groups C.Consolidation groups D.Organization groups
B.Resource groups
Explanation:
You can use resource groups to organize your AWS resources. Resource groups make it easier to manage and automate tasks on large numbers of resources at one time.
Resource groups make it easy to group resources using the tags that are assigned to them. You can group resources that share one or more tags.
CORRECT: “Resource groups” is the correct answer.
INCORRECT: “Tag groups” is incorrect as this is not a feature.
INCORRECT: “Organization groups” is incorrect as this is not a feature.
INCORRECT: “Consolidation groups” is incorrect as this is not a feature.