AWS Cloud Practioner

Question 1

When storing sensitive company data in Amazon S3, which security best practices should customers follow?

Answer 1

Enable S3 server-side encryption on S3 bucket.

Question 2

What benefits does Amazon EC2 provide overusing non-cloud servers? (Select TWO.)

Answer 2

• Inexpensive

- Elastic web-scale computing

Question 3

Which tool enables you to visualize your usage patterns over time and to identify your underlying cost drivers?

Answer 3

• AWS Cost Explorer

Question 4

AWS Trusted Advisor provides real-time guidance on what characteristics of an AWS account? (Select TWO.)

Answer 4

• Security best practices

- Cost optimization

Question 5

Which of the following statements is correct in relation to consolidated billing? (Select TWO.) #2

Answer 5

• The paying account is independent and cannot access resources of other accounts.
• One bill is provided per AWS organization

Question 6

Which types of pricing policies does AWS offer? (Select TWO.)

Answer 6

• Save when you reserve

- Pay-as-you-go

Question 7

Which Amazon S3 storage classes should be used for storing data for long time periods when immediate access is not required at the LOWEST cost? (Select TWO.)

Answer 7

• Amazon S3 Glacier

- Amazon S3 Glacier Deep Archive

Question 8

What method can you use to take a backup of an Amazon EC2 instance using AWS tools?

Answer 8

• Take a snapshot to capture the point-in-time state of the instance

Question 9

Which benefit of the AWS Cloud eliminates the need for users to try estimating future infrastructure usage?

Answer 9

• Elasticity of the AWS Cloud

Question 10

Which service allows you to automatically expand and shrink your application in response to demand?

Answer 10

• Amazon EC2 Auto Scaling

Question 11

Which AWS service is primarily used for software version control?

Answer 11

• AWS CodeCommit

Question 12

What benefits are provided by Amazon CloudFront? (Select TWO.) #2

Answer 12

• Content is cached at Edge Locations for fast distribution to customers
• Built-in Distributed Denial of Service (DDoS) attack protection

Question 13

Which service can be used to help you to migrate databases to AWS quickly and securely?

Answer 13

• AWS Database Migration Service (DMS)

Question 14

A company recently took up an Enterprise-level AWS Support plan and has a question relating to their AWS account. Who is the primary point of contact they should direct the question to?

Answer 14

• AWS Concierge Support team

Question 15

Which AWS service can be used to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PC?

Answer 15

• Elastic Transcoder

Question 16

A company would like to maximize their potential volume and Reserved Instance discounts across multiple accounts and also apply service control policies on member accounts. Which service or tool can they use to gain these benefits?

Answer 16

• AWS Organizations

Question 17

Which feature of Amazon Rekognition can assist with saving time?

Answer 17

• Identification of objects in images and videos

Question 18

What is the most cost-effective support plan that should be selected to provide at most a 1-hour response time for a production system failure?

Answer 18

• Business

Question 19

Which benefits can an organization achieve by deploying AWS Global Accelerator? (Select TWO.)

Answer 19

• Improves the availability of applications on AWS

- Decreased latency to reach applications deployed on AWS

Question 20

What advantages do you get from using the AWS cloud? (Select TWO.) #2

Answer 20

• Stop guessing about capacity

- Trade capital expense for variable expense

Question 21

What can you use to quickly connect your office securely to your Amazon VPC?

Answer 21

• AWS managed VPN

Question 22

Which of the following is a principle of good AWS Cloud architecture design?

Answer 22

• Implement loose coupling

Question 23

Under the AWS shared responsibility model what is the customer responsible for? (Select TWO.)

Answer 23

• Configuration of security groups

- Encryption of customer data

Question 24

Which feature of AWS allows you to deploy a new application for which the requirements may change over time?

Answer 24

• Elasticity

Question 25

A company plans to deploy a global commercial application on Amazon EC2 instances. The deployment solution should be designed with the highest redundancy and fault tolerance. Based on this situation, how should the EC2 instances be deployed?

Answer 25

• Across multiple Availability Zones in two AWS Regions

Question 26

Which services can be used for asynchronous integration between application components? (Select TWO.)

Answer 26

• Amazon SQS

- AWS Step Functions

Question 27

Which services are involved in reducing application latency and increasing performance for end users? (Select TWO.)

Answer 27

• Amazon CloudFront

- Amazon ElastiCache

Question 28

Which AWS service is used to enable multi-factor authentication?

Answer 28

• AWS IAM

Question 29

Which AWS service can an organization use to automate operational tasks on EC2 instances using existing Chef cookbooks?

Answer 29

• AWS OpsWorks

Question 30

What are two ways that moving to an AWS cloud can benefit an organization? (Select TWO.)

Answer 30

• Stop guessing about capacity

- Increase speed and agility

Question 31

When a customer deploys a database on Amazon RDS, what is the customer responsible for?

Answer 31

• Controlling network access through security groups

Question 32

Under the AWS shared responsibility model, what are the customer’s responsibilities? (Select TWO.) #2

Answer 32

• Data integrity Authentication

- Security of data in transit

Question 33

Which service allows you to run code as functions without needing to provision or manage servers?

Answer 33

• AWS Lambda

Question 34

Which of the following types of recommendation does AWS Trusted Advisor provide? (Select TWO.)

Answer 34

• Cost optimization

- Performance

Question 35

Which items can be configured from within the VPC management console? (Select TWO.)

Answer 35

• Subnets

- Security Groups

Question 36

What strategy can assist with allocating metadata to AWS resources for cost tracking and visibility?

Answer 36

• Tagging

Question 37

Which service can be used to track the CPU usage of an EC2 instance?

Answer 37

• Amazon Cloudwatch

Question 38

Which AWS services can be used to connect the AWS Cloud and on-premises resources? (Select TWO.)

Answer 38

• AWS Direct Connect

- AWS Managed VPN

Question 39

An AWS customer wishes to purchase unused Amazon EC2 capacity at a discounted rate. Which pricing plan should they choose?

Answer 39

• Spot Instances

Question 40

Under the shared responsibility model, what are examples of shared controls? (Select TWO.)

Answer 40

• Configuration Management

- Patch Management

Question 41

Which service supports the resolution of public domain names to IP addresses or AWS resources?

Answer 41

• Amazon Route 53

Question 42

Which AWS storage technology can be considered a “virtual hard disk in the cloud”?

Answer 42

• Amazon Elastic Block Storage (EBS) volume

Question 43

Which service can be used for building and integrating loosely-coupled, distributed applications?

Answer 43

• Amazon SNS

Question 44

Which service records API activity on your account and delivers log files to an Amazon S3 bucket?

Answer 44

• AWS CloudTrail

Question 45

Which AWS service allows you to connect to storage from on-premise servers using standard file protocols?

Answer 45

• Amazon EFS

Question 46

What advantages does deploying Amazon CloudFront provide? (Select TWO.)

Answer 46

• Reduced latency

- Improved performance for end users

Question 47

A company stores copies of backups on Amazon S3 and requires rapid access but low resiliency. Which storage class is optimized for these requirements?

Answer 47

• Amazon S3 One Zone-Infrequent Access

Question 48

What is the scope of a VPC within a region?

Answer 48

• Spans all Availability Zones within the region

Question 49

For which services does Amazon not charge customers? (Select TWO.)

theres two of these

Answer 49

• AWS CloudFormation

- Amazon VPC

Question 50

Which AWS service can be used to generate encryption keys that can be used to encrypt data? (Select TWO.)

Answer 50

• AWS CloudHSM

- AWS Key Management Service (AWS KMS)

Question 51

Which AWS service can you use to install a third-party database?

Answer 51

• Amazon EC2

Question 52

Which feature can you use to grant read/write access to an Amazon S3 bucket?

Answer 52

• IAM Policy

Question 53

Which service can you use to provision a preconfigured server with little to no AWS experience?

Answer 53

• Amazon LightSail

Question 54

Which storage service allows you to connect multiple EC2 instances concurrently using file-level protocols?

Answer 54

• Amazon EFS

Question 55

What considerations are there when choosing which region to use? (Select TWO.)

Answer 55

• Data Sovereignty

- Latency

Question 56

How does AWS assist organizations’ with their capacity requirements?

Answer 56

• You don’t need to guess capacity needs

Question 57

Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted?

Answer 57

• On-Demand

Question 58

What is the most cost-effective EC2 pricing option to use for a non-critical overnight workload?

Answer 58

• Spot

Question 59

The AWS global infrastructure is composed of? (Select TWO.)

Answer 59

• Regions

- Availability Zones

Question 60

A Cloud Practitioner needs to decide which Amazon S3 storage class to use for storing copies of backup data. The storage must provide rapid access when needed but resiliency can be low. Which storage class is most suitable?

Answer 60

• Amazon S3 One Zone-IA

Question 61

Which AWS support plan should you use if you need a response time of < 15 minutes for a business-critical system failure?

Answer 61

• Enterprise

Question 62

What architectural best practice aims to reduce the interdependencies between services?

Answer 62

• Loose Coupling

Question 63

What can you use to quickly connect your office securely to your Amazon VPC?

Answer 63

• AWS managed VPN

Question 64

Which benefits can an organization achieve by deploying AWS Global Accelerator? (Select TWO.)

Answer 64

• Improves the availability of applications on AWS

- Decreased latency to reach applications deployed on AWS

Question 65

Which service supports the resolution of public domain names to IP addresses or AWS resources?

Answer 65

• Amazon Route 53

Question 66

A new user is unable to access any AWS services, what is the most likely explanation?

Answer 66

• By default, new users are created without access to any AWS services

Question 67

What features does Amazon RDS provide to deliver scalability, availability and durability? (Select TWO.)

Answer 67

• Read Replicas

- Multi-AZ

Question 68

Which of the following are AWS recommended best practices in relation to IAM? (Select TWO.)

Answer 68

• Create individual IAM users

- Enable MFA for all users

Question 69

Which AWS support plans provide support via email, chat and phone? (Select TWO.)

Answer 69

• Business

- Enterprise

Question 70

Which services are managed at a regional (rather than global) level? (Select TWO.)

Answer 70

• Amazon EC2

- Amazon S3

Question 71

Which AWS service should a Cloud Practitioner use to automate configuration management using Puppet?

Answer 71

• AWS OpsWorks

Question 72

A manager needs to keep a check on his AWS spend. How can the manager setup alarms that notify him when his bill reaches a certain amount?

Answer 72

• Using Amazon CloudWatch

Question 73

How can an organization assess application for vulnerabilities and deviations from best practice?

Answer 73

• Use AWS Inspector

Question 74

Which service can a Cloud Practitioner use to configure custom cost and usage limits and enable alerts for when defined thresholds are exceeded?

Answer 74

• AWS Budgets

Question 75

Which AWS service can be used to host a static website?

Answer 75

• Amazon S3

Question 76

Which AWS service can be used to load data from Amazon S3, transform it, and move it to another destination?

Answer 76

• AWS Glue

Question 77

What are two ways of connecting to an Amazon VPC from an on-premise data center? (Select TWO.)

Answer 77

• AWS VPN CloudHub

Question 78

Which AWS services can be utilized at no cost? (Select TWO.)

Answer 78

• Identity and Access Management

- AmazonVPC

Question 79

Which of the following security operations tasks must be performed by AWS customers? (Select TWO.)

Answer 79

• Installing security updates on EC2 instances

- Enabling MFA for privileged users

Question 80

Which AWS dashboard displays relevant and timely information to help users manage events in progress, and provides proactive notifications to help plan for scheduled activities?

Answer 80

• AWS Personal Health Dashboard

Question 81

Which of the following compliance programs allows the AWS environment to process, maintain, and store protected health information?

Answer 81

• HIPPA

Question 82

Which AWS service protects against common exploits that could compromise application availability, compromise security or consume excessive resources?

Answer 82

• AWS WAF

Question 83

Which AWS service provides elastic web-scale cloud computing allowing you to deploy operating system instances?

Answer 83

• Amazon EC2

Question 84

Which Amazon EC2 pricing model should be avoided if a workload cannot accept interruption if capacity becomes temporarily unavailable?

Answer 84

• Spot Instances

Question 85

Which of the following are valid types of Reserved Instance? (Select TWO.)

Answer 85

• Convertible RI

- Scheduled RI

Question 86

Which AWS-managed service can be used to process vast amounts of data using a hosted Hadoop framework?

Answer 86

• Amazon EMR

Question 87

How should an organization deploy an application running on multiple EC2 instances to ensure that a power failure does not cause an application outage?

Answer 87

• Launch the EC2 instances into different Availability Zones

Question 88

A Cloud Practitioner wants to configure the AWS CLI for programmatic access to AWS services. Which credential components are required? (Select TWO.)

Answer 88

• An access key ID

- A secret access key

Question 89

What can a Cloud Practitioner do with the AWS Cost Management tools? (Select TWO.)

Answer 89

• Visualize AWS cost by day, service and linked AWS account

- Create budgets and receive notification if current of forecasted

Question 90

An application stores images which will be retrieved infrequently, but must be available for retrieval immediately. Which is the most cost-effective storage option that meets these requirements?

Answer 90

• Amazon S3 Standard-Infrequent Access

Question 91

Which of the statements below is correct in relation to Consolidated Billing? (Select TWO.)

Answer 91

• receive a single bill for multiple accounts

- combine usage and share volume pricing discounts

Question 92

What are the names of two types of AWS Storage Gateway? (Select TWO.)

Answer 92

• File Gateway

- Gateway Virtual Tape Library

Question 93

Amazon S3 is typically used for which of the following use cases? (Select TWO.)

Answer 93

• Host a static website

- Media hosting

Question 94

What type of database is fully managed and can be scaled without incurring downtime?

Answer 94

• Amazon Dynamo DB

Question 95

Which configuration changes are associated with scaling horizontally? (Select TWO.)

Answer 95

• Adding additional hard drives to a storage array

- Adding additional EC2 instances through Auto Scaling

Question 96

Which AWS service gives you centralized control over the encryption keys used to protect your data?

Answer 96

• AWS KMS (Key Management Service)

Question 97

A user needs an automated security assessment report that will identify unintended network access to Amazon EC2 instances and vulnerabilities on those instances. Which AWS service will provide this assessment report?

Answer 97

• Amazon Inspector

Question 98

How can a security compliance officer retrieve AWS compliance documentation such as a SOC 2 report?

Answer 98

• Using AWS Artifact

Question 99

Which AWS service helps customers meet corporate, contractual, and regulatory compliance requirements for data security by using dedicated hardware appliances within the AWS Cloud?

Answer 99

• AWS CloudHSM

Question 100

Which services are involved with security? (Select TWO.)

Answer 100

• AWS Cloud HSM

- AWS KMS

Question 101

Which tool can be used to create and manage a selection of AWS services that are approved for use on AWS?

Answer 101

• AWS Service Catalog

Question 102

Which benefits can a company immediately realize using the AWS Cloud? (Select TWO.)

Answer 102

• Capital expenses are replaced with variable expenses

- Increased agility

Question 103

A company needs a consistent and dedicated connection between AWS resources and an on-premise system. Which AWS service can fulfil this requirement?

Answer 103

• AWS Direct Connect

Question 104

A Cloud Practitioner wants to build an application stack that will be highly elastic. What AWS services can be used that don’t require you to make any capacity decisions upfront? (Select TWO.)

Answer 104

• Amazon S3

- AWS Lamda

Question 105

A user has limited knowledge of AWS services, but wants to quickly deploy a scalable Node.js application in an Amazon VPC. Which service should be used to deploy the application?

Answer 105

• AWS Elastic Beanstalk

Question 106

What can a Cloud Practitioner use the AWS Total Cost of Ownership (TCO) Calculator for?

Answer 106

• Estimate savings when comparing the AWS Cloud to an on-premises environment

Question 107

A company is planning to migrate some resources into the cloud. What factors need to be considered when determining the cost of the AWS Cloud? (Select TWO.)

Answer 107

• The number of servers migrated into EC2

- The amount of egress data per month

Question 108

Which AWS service is used to send both text and email messages from distributed applications?

Answer 108

• Amazon Simple Notification Service (Amazon SNS)

Question 109

Which AWS service should a Cloud Practitioner use to establish a secure network connection between an on-premises network and AWS?

Answer 109

• Virtual Private Network

Question 110

You need to ensure you have the right amount of compute available to service demand. Which AWS service can automatically scale the number of EC2 instances for your application?

Answer 110

• Amazon EC2 Auto Scaling

Question 111

Which AWS service provides preconfigured virtual private servers (instances) that include everything required to deploy an application or create a database?

Answer 111

• Amazon Lightsail

Question 112

What are two ways an AWS customer can reduce their monthly spend? (Select TWO.)

Answer 112

• Reserve capacity where suitable

- Turn off resources that are not being used

Question 113

Which AWS service or feature allows a company to receive a single monthly AWS bill when using multiple AWS accounts?

Answer 113

• Consolidated billing

Question 114

A Cloud Practitioner requires a simple method to identify if unrestricted access to resources has been allowed by security groups. Which service can the Cloud Practitioner use?

Answer 114

• AWS Trusted Advisor

Question 115

What are the benefits of using the AWS Managed Services? (Select TWO.)

Answer 115

• Baseline integration with ITSM tools

- Alignment with ITIL processes

Question 116

Which AWS construct provides you with your own dedicated virtual network in the cloud?

Answer 116

• AmazonVPC

Question 117

You need to implement a hosted queue for storing messages in transit between application servers. Which service should you use?

Answer 117

• Amazon SQS

Question 118

Which items should be included in a TCO analysis comparing on-premise to AWS Cloud? (Select TWO.)

Answer 118

• Compute hardware

- Data center security

Question 119

Which AWS service can be used to run Docker containers?

Answer 119

• Amazon ECS

Question 120

What is a Resource Group?

Answer 120

• A collection of resources that share one or more tags

Question 121

Which AWS hybrid storage service enables a user’s on-premises applications to seamlessly use AWS Cloud storage?

Answer 121

• AWS Storage Gateway

Question 122

An application has highly dynamic usage patterns. Which characteristics of the AWS Cloud make it cost-effective for this type of workload? (Select TWO.)

Answer 122

• Pay-as-you-go pricing

- Elasticity

Question 123

An eCommerce company plans to use the AWS Cloud to quickly deliver new functionality in an iterative manner, minimizing the time to market. Which feature of the AWS Cloud provides this functionality?

Answer 123

• Agility

Question 124

Which service provides visibility into user activity by recording actions taken on your account?

Answer 124

• Amazon CloudTrail

Question 125

Which of the following services does Amazon Route 53 provide? (Select TWO.)

Answer 125

• Domain registration

- Domain Name Service (DNS)