AWS Cloud Practitioner Essentials

Question 1

Is Amazon Elastic Compute Cloud (Amazon EC2) a physical server, or Virtual

Answer 1

Virtual

Question 2

What is is a highly scalable, fast, container management service that you can use to run, stop, and manage Docker containers on a cluster of EC2 instances.

Answer 2

Amazon Elastic Container Service (Amazon ECS)

Question 3

The process of converting data into a standard format that a service such as Amazon S3 can recognize.

Answer 3

Canonicalization

Question 4

Covered over a 1-year or 3-year term

Answer 4

EC2 instances

Question 5

Type of instances are more well suited for batch processing workloads than general purpose instances.

Answer 5

Compute optimized

Question 6

Instances that are more ideal for workloads that process large datasets in memory, such as high-performance databases.

Answer 6

Memory optimized

Question 7

EC2 instances in different Availability Zones or different instance types

Answer 7

Convertible Reserved Instances:

Question 8

Suppose that you have an application with tightly coupled components. These components might include databases, servers, the user interface, business logic, and so on. This type of architecture can be considered a

Answer 8

monolithic application

Question 9

publish/subscribe service&raquo_space; Message board

Answer 9

Amazon Simple Notification Service (Amazon SNS)

Question 10

An application sends messages into a queue. A user or service retrieves a message from the queue, processes it, and then deletes it from the queue.

Answer 10

Amazon Simple Queue Service (Amazon SQS).

Question 11

AWS service that automatically distributes incoming application traffic across multiple resources, such as Amazon EC2 instances.

Answer 11

Elastic Load Balancing

Question 12

is a service that lets you run code without needing to provision or manage servers.

Answer 12

AWS Lambda

Question 13

open-source software that enables you to deploy and manage containerized applications at scale.

Answer 13

Kubernetes

Question 14

fully managed service that you can use to run Kubernetes on AWS.

Answer 14

Amazon Elastic Kubernetes Service (Amazon EKS)

Question 15

a fully isolated portion of the AWS global infrastructure

Answer 15

Availability Zone

Question 16

is a geographical area that contains AWS resources.

Answer 16

Region

Question 17

consists of three or more Availability Zones.

Answer 17

Region

Question 18

a data center that an AWS service uses to perform service-specific operations.

Answer 18

edge location

Question 19

uses to store cached copies of your content closer to your customers for faster delivery.

Answer 19

Amazon CloudFront

Question 20

a service that you can use to run AWS infrastructure, services, and tools in your own on-premises data center in a hybrid approach.

Answer 20

AWS Outposts

Question 21

is a web-based interface; great for learning and visual, not great for automation

Answer 21

AWS Management Console

Question 22

enables you to control multiple AWS services directly from the command line; automate actions for AWS services and applications through scripts.

Answer 22

AWS Command Line Interface (AWS CLI).

Question 23

make it easier for you to use AWS services through an API designed for your programming language or platform.

Answer 23

SDKs

Question 24

you provide code and configuration settings, and this deploys the resources necessary to perform tasks

Answer 24

AWS Elastic Beanstalk

Question 25

Treat your infrastructure as code.

Answer 25

AWS CloudFormation; Template&raquo_space; API&raquo_space; automated processes for global deploy

Question 26

A networking service that you can use to establish boundaries around your AWS resources

Answer 26

Amazon Virtual Private Cloud (Amazon VPC)(opens in a new tab)

Question 27

a section of a VPC that can contain resources such as Amazon EC2 instances, and control access permissions

Answer 27

Subnet

Question 28

a connection between a VPC and the internet

Answer 28

Internet Gateway

Question 29

To access private resources in a VPC, you can use a

Answer 29

virtual private gateway

Question 30

Customer website is an example of …

Answer 30

Public subnet

Question 31

Isolate PII Databases are an example of …

Answer 31

Private subnet

Question 32

Create a VPN connection between the VPC and the internal corporate network.

Answer 32

Virtual private gateway

Question 33

These remember nothing and check packets that cross the subnet border each way: inbound and outbound

Answer 33

stateless packet filtering

Question 34

Stateless packet filtering always

Answer 34

checks lists

Question 35

Security groups perform _____ packet filtering.

Answer 35

Stateful

Question 36

Does not have to check lists - and deny all inbound traffic by default.

Answer 36

stateful packet filtering

Question 37

a DNS web service. It gives developers and businesses a reliable way to route end users to internet applications hosted in AWS.

Answer 37

Amazon Route 53

Question 38

register new domain names directly in

Answer 38

Amazon Route 53

Question 39

storage volumes that behave like physical hard drives.

Answer 39

Block-level storage

Question 40

provides temporary block-level storage for an Amazon EC2 instance.

Answer 40

instance store

Question 41

a service that provides block-level storage volumes that you can use with Amazon EC2 instances.

Answer 41

Amazon Elastic Block Store (Amazon EBS)

Question 42

a service that provides object-level storage in buckets

Answer 42

Amazon A3S

Question 43

an incremental backup

Answer 43

EBS snapshot

Question 44

Designed for frequently accessed data, but requires high availability when needed

Answer 44

• S3 Standard: provides high availability for objects.

Question 45

o infrequently accessed data
o has a lower storage price and higher retrieval price

Answer 45

• S3 Standard-IA

Question 46

o You want to save costs on storage.
o Can easily reproduce your data in the event of an Availability Zone failure

Answer 46

• S3 One Zone-IA: stores data in a single Availability Zone.

Question 47

o monitors objects’ access patterns.
o deal for data with unknown or changing access patterns
o Requires a small monthly monitoring and automation fee per object

Answer 47

• S3 Intelligent-Tiering

Question 48

o Can retrieve archived data within a few milliseconds

Answer 48

S3 Glacier Instant: works well for archived data that requires immediate access

Question 49

o Low-cost storage designed for data archiving
o Rretrieve objects within a few minutes to hours

Answer 49

• S3 Glacier Flexible Retrieval

Question 50

supports long-term retention and digital preservation for data that might be accessed once or twice in a year.

Answer 50

• S3 Deep Archive - 12 to 48 hours

Question 51

o requirements that must satisfy demanding performance needs by keeping data close to on-premises applications.

Answer 51

• Amazon S3 Outposts

Question 52

individual small files

Answer 52

Object Storage

Question 53

Smaller chunks, large files

Answer 53

Block Storage

Question 54

A scalable file system used with AWS Cloud services and on-premises resources.

Answer 54

Amazon Elastic File System

Question 55

use structured query language (SQL) to store and query data.

Answer 55

Relational databases

Question 56

is available on six database engines, which optimize for memory, performance, or input/output (I/O)

Answer 56

Amazon Relational Database Service (Amazon RDS)

Question 57

a service that enables you to run relational databases in the AWS Cloud.

Answer 57

Amazon Relational Database Service (Amazon RDS)

Question 58

an enterprise-class relational database

Answer 58

Amazon Aurora

Question 59

a key-value database service

Answer 59

Amazon DynamoDB

Question 60

a data warehousing service that you can use for big data analytics. understand relationships and trends across your data.

Answer 60

Amazon Redshift

Question 61

enables you to migrate relational databases, nonrelational databases, and other types of data stores.

Answer 61

AWS Database Migration Service (AWS DMS)

Question 62

is a document database service that supports MongoDB workloads.

Answer 62

Amazon DocumentDB

Question 63

a service that adds caching layers on top of your databases to help improve the read times of common requests

Answer 63

Amazon ElastiCache

Question 64

build and run applications that work with highly connected datasets, such as recommendation engines, fraud detection, and knowledge graphs.

Answer 64

Amazon Neptune, a graph database service.

Question 65

enables you to manage access to AWS services and resources securely.

Answer 65

AWS Identity and Access Management (IAM)

Question 66

Makes it easier to manage accounts with similar business or security requirements

Answer 66

group accounts into organizational units (OUs)

Question 67

affects all IAM users, groups, and roles within an account, including the AWS account root user.

Answer 67

service control policies (SCPs)

Question 68

is a service that provides on-demand access to AWS security and compliance reports and select online agreements.

Answer 68

AWS Artifact

Question 69

enables you to perform encryption operations through the use of cryptographic keys. A cryptographic key is a random string of digits used for locking (encrypting) and unlocking (decrypting) data.

Answer 69

AWS Key Management Service (AWS KMS)

Question 70

lets you monitor network requests that come into your web applications.

Answer 70

AWS WAF - a web application firewall

Question 71

is a service that provides intelligent threat detection for your AWS infrastructure and resources. It identifies threats by continuously monitoring the network activity and account behavior within your AWS environment

Answer 71

Amazon GuardDuty

Question 72

checks applications for security vulnerabilities and deviations from security best practices, such as open access to Amazon EC2 instances and installations of vulnerable software versions.

Answer 72

Amazon Inspector

Question 73

a web service that enables you to monitor and manage various metrics and configure alarm actions based on data from those metrics.

Answer 73

Amazon CloudWatch

Question 74

• Monitor your resources’ utilization and performance
• Access metrics from a single dashboard

Answer 74

CloudWatch dashboard

Question 75

• Track user activities and API requests throughout your AWS infrastructure
• Filter logs to assist with operational analysis and troubleshooting
• Not Real time – 15 minute availability
• Automatically detecting unusual account activity

Answer 75

AWS CloudTrail records API calls for your account. Auditing Tool

Page 9…

Question 76

Allows for planning what ceiling will be for spending on a particular service

Answer 76

Cost Budgets

Question 77

Allows for planning how much actual usage of a particular service you want to use

Answer 77

Usage Budgets

Question 78

Track usage of saving plans based on utilization and trigger alerts when falling under the thresold

Answer 78

Savings Plans Utilization Budgets

Question 79

Metadata assigned to AWS resources in the form of a key and value

Answer 79

Cost Allocation Tags

Question 80

How does cloud computing help companies focus on innovation?

Answer 80

Cloud provider handles routine IT Tasks

Question 81

AWS service that provides alerts about upcoming maintenance activities

Answer 81

AWS Personal Health Dashboard

Question 82

AWS DAAS - Desktop as a Service

Answer 82

WorkSpaces

Question 83

Structured in FAQ format and organized by AWS

Answer 83

Knowledge Center

Question 84

Customer or AWS responsibility? Network Infrastructure

Answer 84

AWS

Question 85

Customer or AWS responsibility? Physical Security of hardware

Answer 85

AWS

Question 86

Customer or AWS responsibility? Virtualization Infrastructure

Answer 86

AWS

Question 87

Customer or AWS responsibility? AMI - Amazon Machine Image

Answer 87

Customer

Question 88

Customer or AWS responsibility? Applications in EC2 Instances

Answer 88

Customer

Question 89

Provides storage for hybrid cloud services for access to on-prem resources.

Answer 89

AWS Storage Gateway

Question 90

What two functions can subscribe to SNS

Answer 90

Email and AWS Lambda

Question 91

AWS Program that helps the company design, build, and manage system

Answer 91

AWS Partner Network Consulting Partners

Question 92

Ability of a cloud environment to function while some portions are unavailable

Answer 92

Resiliency

Question 93

Pertains to the overall system being up of down

Answer 93

Availability

Question 94

AZs automatically replicate data across zones - T|F

Answer 94

False - distributes resources, but users must configure replication and redundancy

Question 95

AZ are connected by low-latency networks - T|F

Answer 95

True

Question 96

Service that tracks SSL and cert renewals

Answer 96

AWS Certificate Manager

Question 97

AWS tool best for integrating features into the application

Answer 97

AWS SDK

Question 98

IAAS reduces need for DC space T|F

Answer 98

True

Question 99

IAAS eliminates infra costs T|F

Answer 99

False

Question 100

Fully Managed Services reduces operational overhead and reduced capital expenses - T|F

Answer 100

True - does not automate code or backups

Question 101

Relational DB? DynamoDB

Answer 101

No

Question 102

Relational DB? MariaDB

Answer 102

Yes, RDS

Question 103

Relational DB? Oracle

Answer 103

Yes, RDS

Question 104

Relational DB? PostgreSQL

Answer 104

Yes, RDS

Question 105

Global in Nature (not region based)

Answer 105

CloudFront and IAM

Question 106

Cloud Based Data warehouse solution

Answer 106

RedShift

Question 107

Allows replacing hardcoding authentication information in code with an API call

Answer 107

AWS Secrets Manager

Question 108

Name two benefits of deploying a relational DB on Amazon RDS

Answer 108

Provides automatic backups and software patching

Question 109

How do you restrict access to the application for different users?

Answer 109

Configure ENIs aka multiple network interfaces with separate IP addresses and security groups

Question 110

Customer or AWS responsibility? Encryption on S3 bucket

Answer 110

Customer

Question 111

It is best practice to use service accounts and grant least privilage to manage access (T|F)

Answer 111

True

Question 112

Bucket names must be globally unique and can only exist in one region (T|F)

Answer 112

True

Question 113

A developer is planning to build a two-tier web application that has a MySQL database layer. Which of the following AWS database services would provide automated backups for the application?
A. A MySQL database installed on an EC2 instance.
B. Amazon Aurora.
C. Amazon DynamoDB.
D. Amazon Neptune.

Answer 113

Amazon Aurora

Question 114

helps a customer view the Amazon EC2 billing activity for the past month?

Answer 114

AWS Cost & Usage Reports.

Question 115

A company is deploying a new two-tier web application in AWS. Where should the most frequently accessed data be stored so that the application’s response time is optimal?

Answer 115

Amazon ElastiCache.

Question 116

You want to run a questionnaire application for only one day (without interruption), which Amazon EC2 purchase option should you use?

Answer 116

On-demand instances.

Question 117

What can be described as a global content delivery network (CDN) service?

Answer 117

Amazon CloudFront.

Question 118

Which security service automatically recognizes and classifies sensitive data or intellectual property on AWS?

Answer 118

Amazon Macie

Question 119

service that provides intelligent threat detection for your AWS infrastructure and resources. It identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.

Answer 119

Amazon GuardDuty

Question 120

automatically perform actions if the value of your metric has gone above or below a predefined threshold.

Answer 120

Alarms

Question 121

feature enables you to access all the metrics for your resources from a single location.

Answer 121

CloudWatch dashboard

Question 122

a web service that inspects your AWS environment and provides real-time recommendations in accordance with AWS best practices.

Answer 122

AWS Trusted Advisor

Question 123

predicted AWS usage will incur by the end of the month

Answer 123

AWS Budgets - updates three times a day

Question 124

a tool that lets you visualize, understand, and manage your AWS costs and usage over time.
- 12 months historical spending

Answer 124

AWS Cost Explorer

Question 125

Support plans include all AWS Trusted Advisor

Answer 125

Business, Enterprise On-Ramp, and Enterprise Support. Developer does not.

Question 126

Organizes guidance into six areas of focus, called Perspectives. Each Perspective addresses distinct responsibilities.

Answer 126

AWS Cloud Adoption Framework (AWS CAF) In general, the Business, People, and Governance Perspectives focus on business capabilities, whereas the Platform, Security, and Operations Perspectives focus on technical capabilities.

Question 127

helps you to move from a model that separates business and IT strategies into a business model that integrates IT strategy.

Answer 127

Business Perspective

Question 128

helps Human Resources (HR) employees prepare their teams for cloud adoption by updating organizational processes and staff skills to include cloud-based competencies.

Answer 128

People Perspective

Question 129

focuses on the skills and processes to align IT strategy with business strategy. This ensures that you maximize the business value and minimize risks.

Answer 129

Governance Perspective

Question 130

includes principles and patterns for implementing new solutions on the cloud, and migrating on-premises workloads to the cloud.

Answer 130

Platform Perspective

Question 131

ensures that the organization meets security objectives for visibility, auditability, control, and agility.

Answer 131

Security Perspective

Question 132

focuses on operating and recovering IT workloads to meet the requirements of your business stakeholders

Answer 132

Operations Perspective

Question 133

Name the 6 Rs of migration strategies

Answer 133

• Rehosting – Lift and Shift
• Replatforming - Or lift, tinker, and shift.
• Refactoring/re-architecting - Now, you’re writing new code. This is driven by a strong business need to add features or performance that might not be possible on prem, but now are within your reach.
• Repurchasing – This is common for companies looking to abandon legacy software vendors and get a fresh start as part of migration. – AKA moving to a different product
• Retaining – Some applications are about to be deprecated but maybe not just yet.
• Retiring - - Sometimes you just have to turn off the lights.

Question 134

a small, rugged, and secure edge computing and data transfer device.

Answer 134

AWS Snowcone - It features 2 CPUs, 4 GB of memory, and up to 14 TB of usable storage.

Question 135

You can transfer up to 100 petabytes of data per _______, a 45-foot long ruggedized shipping container, pulled by a semi trailer truck.

Answer 135

Snowmobile

Question 136

Quickly build, train, and deploy machine learning models at scale.

Answer 136

SageMaker - You do not need to follow the traditional process of manually bringing together separate tools and workflows.

Question 137

service that enables you to build conversational interfaces using voice and text.

Answer 137

• Amazon Lex, the heart of Alexa.

Question 138

machine learning service that automatically extracts text and data from scanned documents.

Answer 138

• Amazon Textract

Question 139

Amazon Q Developer is a machine learning-powered code generator that …

Answer 139

provides you with code recommendations in real time. analyzes your code and comments as you write code in your integrated development environment (IDE).

Question 140

helps you understand how to design and operate reliable, secure, efficient, and cost-effective systems in the AWS Cloud. It provides a way for you to consistently measure your architecture against best practices and design principles and identify areas for improvement.

Answer 140

AWS Well-Architected Framework

Question 141

Name the six pillars of AWS Well-Architected Framework

Answer 141

• Operational excellence: The Operational Excellence pillar includes the ability to run workloads effectively, gain insights into their operations, and continuously improve supporting processes to deliver business value.
• Security - The Security pillar includes protecting data, systems, and assets, and using cloud technologies to improve the security of your workloads.
• Reliability - focuses on the ability of a workload to consistently and correctly perform its intended functions
• Performance efficiency - The Performance Efficiency pillar focuses on using computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve.
• Cost optimization
• Sustainability

Question 142

Six advantages of cloud computing:

Answer 142

• Trade upfront expense for variable expense.
• Benefit from massive economies of scale.
• Stop guessing capacity.
• Increase speed and agility.
• Stop spending money running and maintaining data centers.
• Go global in minutes.

Question 143

Six Pillars - includes checks that review permissions and identify which AWS security features to enable.

Answer 143

Security category

Question 144

Six Pillars -includes checks for unused or idle resources that could be eliminated and provide cost savings.

Answer 144

Cost Optimization

Question 145

Six Pillars -includes checks to help improve an application’s availability and redundancy.

Answer 145

Fault Tolerance

Question 146

Six Pillars -focuses on using computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve.

Answer 146

Performance Efficiency

Question 146

Six Pillars - includes the ability to run workloads effectively, gain insights into their operations, and continuously improve supporting processes to deliver business value.

Answer 146

Operational Excellence

Question 147

Six Pillars - focuses on protecting data, systems, and assets. It also focuses on using cloud technologies to improve the security of your workloads.

Answer 147

Security pillar

Question 148

Six Pillars -

Answer 148

Reliability pillar