AWS Cloud Practioner Flashcards
When storing sensitive company data in Amazon S3, which security best practices should customers follow?
Enable S3 server-side encryption on S3 bucket.
What benefits does Amazon EC2 provide overusing non-cloud servers? (Select TWO.)
- Inexpensive
- Elastic web-scale computing
Which tool enables you to visualize your usage patterns over time and to identify your underlying cost drivers?
- AWS Cost Explorer
AWS Trusted Advisor provides real-time guidance on what characteristics of an AWS account? (Select TWO.)
- Security best practices
- Cost optimization
Which of the following statements is correct in relation to consolidated billing? (Select TWO.) #2
- The paying account is independent and cannot access resources of other accounts.
- One bill is provided per AWS organization
Which types of pricing policies does AWS offer? (Select TWO.)
- Save when you reserve
- Pay-as-you-go
Which Amazon S3 storage classes should be used for storing data for long time periods when immediate access is not required at the LOWEST cost? (Select TWO.)
- Amazon S3 Glacier
- Amazon S3 Glacier Deep Archive
What method can you use to take a backup of an Amazon EC2 instance using AWS tools?
- Take a snapshot to capture the point-in-time state of the instance
Which benefit of the AWS Cloud eliminates the need for users to try estimating future infrastructure usage?
- Elasticity of the AWS Cloud
Which service allows you to automatically expand and shrink your application in response to demand?
- Amazon EC2 Auto Scaling
Which AWS service is primarily used for software version control?
- AWS CodeCommit
What benefits are provided by Amazon CloudFront? (Select TWO.) #2
- Content is cached at Edge Locations for fast distribution to customers
- Built-in Distributed Denial of Service (DDoS) attack protection
Which service can be used to help you to migrate databases to AWS quickly and securely?
- AWS Database Migration Service (DMS)
A company recently took up an Enterprise-level AWS Support plan and has a question relating to their AWS account. Who is the primary point of contact they should direct the question to?
- AWS Concierge Support team
Which AWS service can be used to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PC?
- Elastic Transcoder
A company would like to maximize their potential volume and Reserved Instance discounts across multiple accounts and also apply service control policies on member accounts. Which service or tool can they use to gain these benefits?
- AWS Organizations
Which feature of Amazon Rekognition can assist with saving time?
- Identification of objects in images and videos
What is the most cost-effective support plan that should be selected to provide at most a 1-hour response time for a production system failure?
- Business
Which benefits can an organization achieve by deploying AWS Global Accelerator? (Select TWO.)
- Improves the availability of applications on AWS
- Decreased latency to reach applications deployed on AWS
What advantages do you get from using the AWS cloud? (Select TWO.) #2
- Stop guessing about capacity
- Trade capital expense for variable expense
What can you use to quickly connect your office securely to your Amazon VPC?
- AWS managed VPN
Which of the following is a principle of good AWS Cloud architecture design?
- Implement loose coupling
Under the AWS shared responsibility model what is the customer responsible for? (Select TWO.)
- Configuration of security groups
- Encryption of customer data
Which feature of AWS allows you to deploy a new application for which the requirements may change over time?
- Elasticity
A company plans to deploy a global commercial application on Amazon EC2 instances. The deployment solution should be designed with the highest redundancy and fault tolerance. Based on this situation, how should the EC2 instances be deployed?
- Across multiple Availability Zones in two AWS Regions
Which services can be used for asynchronous integration between application components? (Select TWO.)
- Amazon SQS
- AWS Step Functions
Which services are involved in reducing application latency and increasing performance for end users? (Select TWO.)
- Amazon CloudFront
- Amazon ElastiCache
Which AWS service is used to enable multi-factor authentication?
- AWS IAM
Which AWS service can an organization use to automate operational tasks on EC2 instances using existing Chef cookbooks?
- AWS OpsWorks
What are two ways that moving to an AWS cloud can benefit an organization? (Select TWO.)
- Stop guessing about capacity
- Increase speed and agility
When a customer deploys a database on Amazon RDS, what is the customer responsible for?
- Controlling network access through security groups
Under the AWS shared responsibility model, what are the customer’s responsibilities? (Select TWO.) #2
- Data integrity Authentication
- Security of data in transit
Which service allows you to run code as functions without needing to provision or manage servers?
- AWS Lambda
Which of the following types of recommendation does AWS Trusted Advisor provide? (Select TWO.)
- Cost optimization
- Performance
Which items can be configured from within the VPC management console? (Select TWO.)
- Subnets
- Security Groups
What strategy can assist with allocating metadata to AWS resources for cost tracking and visibility?
- Tagging
Which service can be used to track the CPU usage of an EC2 instance?
- Amazon Cloudwatch
Which AWS services can be used to connect the AWS Cloud and on-premises resources? (Select TWO.)
- AWS Direct Connect
- AWS Managed VPN
An AWS customer wishes to purchase unused Amazon EC2 capacity at a discounted rate. Which pricing plan should they choose?
- Spot Instances
Under the shared responsibility model, what are examples of shared controls? (Select TWO.)
- Configuration Management
- Patch Management
Which service supports the resolution of public domain names to IP addresses or AWS resources?
- Amazon Route 53
Which AWS storage technology can be considered a “virtual hard disk in the cloud”?
- Amazon Elastic Block Storage (EBS) volume
Which service can be used for building and integrating loosely-coupled, distributed applications?
- Amazon SNS
Which service records API activity on your account and delivers log files to an Amazon S3 bucket?
- AWS CloudTrail
Which AWS service allows you to connect to storage from on-premise servers using standard file protocols?
- Amazon EFS
What advantages does deploying Amazon CloudFront provide? (Select TWO.)
- Reduced latency
- Improved performance for end users
A company stores copies of backups on Amazon S3 and requires rapid access but low resiliency. Which storage class is optimized for these requirements?
- Amazon S3 One Zone-Infrequent Access
What is the scope of a VPC within a region?
- Spans all Availability Zones within the region
For which services does Amazon not charge customers? (Select TWO.)
theres two of these
- AWS CloudFormation
- Amazon VPC
Which AWS service can be used to generate encryption keys that can be used to encrypt data? (Select TWO.)
- AWS CloudHSM
- AWS Key Management Service (AWS KMS)
Which AWS service can you use to install a third-party database?
- Amazon EC2
Which feature can you use to grant read/write access to an Amazon S3 bucket?
- IAM Policy
Which service can you use to provision a preconfigured server with little to no AWS experience?
- Amazon LightSail
Which storage service allows you to connect multiple EC2 instances concurrently using file-level protocols?
- Amazon EFS
What considerations are there when choosing which region to use? (Select TWO.)
- Data Sovereignty
- Latency
How does AWS assist organizations’ with their capacity requirements?
- You don’t need to guess capacity needs
Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted?
- On-Demand
What is the most cost-effective EC2 pricing option to use for a non-critical overnight workload?
- Spot
The AWS global infrastructure is composed of? (Select TWO.)
- Regions
- Availability Zones
A Cloud Practitioner needs to decide which Amazon S3 storage class to use for storing copies of backup data. The storage must provide rapid access when needed but resiliency can be low. Which storage class is most suitable?
- Amazon S3 One Zone-IA
Which AWS support plan should you use if you need a response time of < 15 minutes for a business-critical system failure?
- Enterprise
What architectural best practice aims to reduce the interdependencies between services?
- Loose Coupling
What can you use to quickly connect your office securely to your Amazon VPC?
- AWS managed VPN
Which benefits can an organization achieve by deploying AWS Global Accelerator? (Select TWO.)
- Improves the availability of applications on AWS
- Decreased latency to reach applications deployed on AWS
Which service supports the resolution of public domain names to IP addresses or AWS resources?
- Amazon Route 53
A new user is unable to access any AWS services, what is the most likely explanation?
- By default, new users are created without access to any AWS services
What features does Amazon RDS provide to deliver scalability, availability and durability? (Select TWO.)
- Read Replicas
- Multi-AZ
Which of the following are AWS recommended best practices in relation to IAM? (Select TWO.)
- Create individual IAM users
- Enable MFA for all users
Which AWS support plans provide support via email, chat and phone? (Select TWO.)
- Business
- Enterprise
Which services are managed at a regional (rather than global) level? (Select TWO.)
- Amazon EC2
- Amazon S3
Which AWS service should a Cloud Practitioner use to automate configuration management using Puppet?
- AWS OpsWorks
A manager needs to keep a check on his AWS spend. How can the manager setup alarms that notify him when his bill reaches a certain amount?
- Using Amazon CloudWatch
How can an organization assess application for vulnerabilities and deviations from best practice?
- Use AWS Inspector
Which service can a Cloud Practitioner use to configure custom cost and usage limits and enable alerts for when defined thresholds are exceeded?
- AWS Budgets
Which AWS service can be used to host a static website?
- Amazon S3
Which AWS service can be used to load data from Amazon S3, transform it, and move it to another destination?
- AWS Glue
What are two ways of connecting to an Amazon VPC from an on-premise data center? (Select TWO.)
- AWS VPN CloudHub
Which AWS services can be utilized at no cost? (Select TWO.)
- Identity and Access Management
- AmazonVPC
Which of the following security operations tasks must be performed by AWS customers? (Select TWO.)
- Installing security updates on EC2 instances
- Enabling MFA for privileged users
Which AWS dashboard displays relevant and timely information to help users manage events in progress, and provides proactive notifications to help plan for scheduled activities?
- AWS Personal Health Dashboard
Which of the following compliance programs allows the AWS environment to process, maintain, and store protected health information?
- HIPPA
Which AWS service protects against common exploits that could compromise application availability, compromise security or consume excessive resources?
- AWS WAF
Which AWS service provides elastic web-scale cloud computing allowing you to deploy operating system instances?
- Amazon EC2
Which Amazon EC2 pricing model should be avoided if a workload cannot accept interruption if capacity becomes temporarily unavailable?
- Spot Instances
Which of the following are valid types of Reserved Instance? (Select TWO.)
- Convertible RI
- Scheduled RI
Which AWS-managed service can be used to process vast amounts of data using a hosted Hadoop framework?
- Amazon EMR
How should an organization deploy an application running on multiple EC2 instances to ensure that a power failure does not cause an application outage?
- Launch the EC2 instances into different Availability Zones
A Cloud Practitioner wants to configure the AWS CLI for programmatic access to AWS services. Which credential components are required? (Select TWO.)
- An access key ID
- A secret access key
What can a Cloud Practitioner do with the AWS Cost Management tools? (Select TWO.)
- Visualize AWS cost by day, service and linked AWS account
- Create budgets and receive notification if current of forecasted
An application stores images which will be retrieved infrequently, but must be available for retrieval immediately. Which is the most cost-effective storage option that meets these requirements?
- Amazon S3 Standard-Infrequent Access
Which of the statements below is correct in relation to Consolidated Billing? (Select TWO.)
- receive a single bill for multiple accounts
- combine usage and share volume pricing discounts
What are the names of two types of AWS Storage Gateway? (Select TWO.)
- File Gateway
- Gateway Virtual Tape Library
Amazon S3 is typically used for which of the following use cases? (Select TWO.)
- Host a static website
- Media hosting
What type of database is fully managed and can be scaled without incurring downtime?
- Amazon Dynamo DB
Which configuration changes are associated with scaling horizontally? (Select TWO.)
- Adding additional hard drives to a storage array
- Adding additional EC2 instances through Auto Scaling
Which AWS service gives you centralized control over the encryption keys used to protect your data?
- AWS KMS (Key Management Service)
A user needs an automated security assessment report that will identify unintended network access to Amazon EC2 instances and vulnerabilities on those instances. Which AWS service will provide this assessment report?
- Amazon Inspector
How can a security compliance officer retrieve AWS compliance documentation such as a SOC 2 report?
- Using AWS Artifact
Which AWS service helps customers meet corporate, contractual, and regulatory compliance requirements for data security by using dedicated hardware appliances within the AWS Cloud?
- AWS CloudHSM
Which services are involved with security? (Select TWO.)
- AWS Cloud HSM
- AWS KMS
Which tool can be used to create and manage a selection of AWS services that are approved for use on AWS?
- AWS Service Catalog
Which benefits can a company immediately realize using the AWS Cloud? (Select TWO.)
- Capital expenses are replaced with variable expenses
- Increased agility
A company needs a consistent and dedicated connection between AWS resources and an on-premise system. Which AWS service can fulfil this requirement?
- AWS Direct Connect
A Cloud Practitioner wants to build an application stack that will be highly elastic. What AWS services can be used that don’t require you to make any capacity decisions upfront? (Select TWO.)
- Amazon S3
- AWS Lamda
A user has limited knowledge of AWS services, but wants to quickly deploy a scalable Node.js application in an Amazon VPC. Which service should be used to deploy the application?
- AWS Elastic Beanstalk
What can a Cloud Practitioner use the AWS Total Cost of Ownership (TCO) Calculator for?
- Estimate savings when comparing the AWS Cloud to an on-premises environment
A company is planning to migrate some resources into the cloud. What factors need to be considered when determining the cost of the AWS Cloud? (Select TWO.)
- The number of servers migrated into EC2
- The amount of egress data per month
Which AWS service is used to send both text and email messages from distributed applications?
- Amazon Simple Notification Service (Amazon SNS)
Which AWS service should a Cloud Practitioner use to establish a secure network connection between an on-premises network and AWS?
- Virtual Private Network
You need to ensure you have the right amount of compute available to service demand. Which AWS service can automatically scale the number of EC2 instances for your application?
- Amazon EC2 Auto Scaling
Which AWS service provides preconfigured virtual private servers (instances) that include everything required to deploy an application or create a database?
- Amazon Lightsail
What are two ways an AWS customer can reduce their monthly spend? (Select TWO.)
- Reserve capacity where suitable
- Turn off resources that are not being used
Which AWS service or feature allows a company to receive a single monthly AWS bill when using multiple AWS accounts?
- Consolidated billing
A Cloud Practitioner requires a simple method to identify if unrestricted access to resources has been allowed by security groups. Which service can the Cloud Practitioner use?
- AWS Trusted Advisor
What are the benefits of using the AWS Managed Services? (Select TWO.)
- Baseline integration with ITSM tools
- Alignment with ITIL processes
Which AWS construct provides you with your own dedicated virtual network in the cloud?
- AmazonVPC
You need to implement a hosted queue for storing messages in transit between application servers. Which service should you use?
- Amazon SQS
Which items should be included in a TCO analysis comparing on-premise to AWS Cloud? (Select TWO.)
- Compute hardware
- Data center security
Which AWS service can be used to run Docker containers?
- Amazon ECS
What is a Resource Group?
- A collection of resources that share one or more tags
Which AWS hybrid storage service enables a user’s on-premises applications to seamlessly use AWS Cloud storage?
- AWS Storage Gateway
An application has highly dynamic usage patterns. Which characteristics of the AWS Cloud make it cost-effective for this type of workload? (Select TWO.)
- Pay-as-you-go pricing
- Elasticity
An eCommerce company plans to use the AWS Cloud to quickly deliver new functionality in an iterative manner, minimizing the time to market. Which feature of the AWS Cloud provides this functionality?
- Agility
Which service provides visibility into user activity by recording actions taken on your account?
- Amazon CloudTrail
Which of the following services does Amazon Route 53 provide? (Select TWO.)
- Domain registration
- Domain Name Service (DNS)
