AWS EXAM SET 2

Question 1

A company wants to launch a Microsoft SQL Server database in AWS. The database instance should only be managed by the company’s DBA and must be accessible via RDP. A standard license for SQL Server is required but the company is not yet sure how much CPU and memory to allocate to the database.

Which option gives the most convenience and flexibility to determine the best database size while still being cost-effective?

Answer 1

Use a Windows Server with SQL Server Standard bundled AMI so you won’t need to buy and manage your own license.

Question 2

A leading company wants to ensure that its cloud services are consistently delivered at the agreed-upon level of its business stakeholders. The company is considering using the AWS Cloud Adoption Framework (AWS CAF) to guide its cloud operations.

Which capabilities within the AWS CAF’s Operations perspective would be most helpful for the company?

Answer 2

Performance and Capacity Management

Question 3

Which of the following will allow you to create a data warehouse in AWS for your business intelligence needs?

Answer 3

Amazon Redshift

Question 4

A customer currently has a Basic support plan and they are planning to use the Infrastructure Event Management, Well-Architected Reviews and Operations Reviews features in AWS. What should they do in order to access these features in the most cost-effective manner?

Answer 4

Upgrade to Enterprise support plan.

Question 5

What is the best type of instance purchasing option to choose if you will run an EC2 instance for 3 months to perform a job that is uninterruptible?

Answer 5

On-Demand Instance

Question 6

You are permitted to conduct security assessments and penetration testing without prior approval against which AWS resources? (Select TWO.)

Answer 6

Amazon Aurora
Amazon RDS

Question 7

A customer is building a cloud architecture in AWS which should scale horizontally or vertically in order to automatically adjust capacity and maintain steady, predictable performance at the lowest possible cost. Which of the following statements are true regarding horizontal and vertical scaling? (Select TWO.)

Answer 7

1. Adding more EC2 instances to your resource pool is an example of Horizontal Scaling
2. Upgrading to a higher EC2 instance type is an example of Vertical Scaling

Question 8

The IT Security team of your company needs to conduct a vulnerability analysis on your application servers to ensure that the EC2 instances comply with the annual security IT audit. You need to set up an automated security assessment service to improve the security and compliance of your applications. The solution should automatically assess applications for exposure, vulnerabilities, and deviations from the AWS best practices.

Which of the following options would you implement to satisfy this requirement?

Answer 8

AWS Inspector

Question 9

Which of the following cloud best practices reinforces the use of the Service-Oriented Architecture (SOA) design principle?

Answer 9

Decouple your components.

Question 10

Which of the following is best suited for load balancing Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLS) traffic and has the capability of handling millions of requests per second while maintaining ultra-low latencies?

Answer 10

Network Load Balancer

Question 11

Which of the following is the benefit of using Amazon Relational Database Service (Amazon RDS) over traditional database management?

Answer 11

Lower administrative burden through automatic software patching and maintenance of the underlying operating system

Question 12

Which of the following is the most cost-effective payment option when you purchase either a Standard or Convertible Reserved Instance for a 1-year term?

Answer 12

All Upfront

Question 13

A customer needs to retrieve the instance ID, instance profile permissions, and kernel information of their EC2 instance for an app that is running within the same instance. Where can the customer find this information?

Answer 13

Instance metadata

Question 14

Which among the services below can you use to test and troubleshoot IAM and resource-based policies?

Answer 14

IAM Policy Simulator

Question 15

Which service allows you to add powerful visual analysis feature to your applications that enables you to search, verify, and organize millions of images?

Answer 15

Amazon Rekognition

Question 16

Which of the following services are part of the AWS serverless platform that does not require provisioning, maintaining, and administering servers for backend components? (Select TWO.)

Answer 16

1. Amazon API Gateway
2. Lambda@Edge

Question 17

A customer has a number of on-demand instances running simultaneously to serve customer transactions. Occasionally, most of these instances do not perform any tasks when demand is low. What is a good cost optimization strategy to implement for this case?

Answer 17

Implement an auto scaling group to control the number of running instances at a time

Question 18

A space agency is using Amazon S3 to store their high-resolution satellite images and videos everyday. Which of the following should they do to minimize the upload time?

Answer 18

Use the Multipart upload API

Question 19

When a company uses AWS and decouple from their on-premises data center, they will be able to have which of the following benefits? (Select TWO.)

Answer 19

1. Decrease your TCO.
2. Reduce time to market.

Question 20

Which of the following provides software solutions that are either hosted on or integrated with the AWS platform which may include Independent Software Vendors (ISVs), SaaS, PaaS, developer tools, management, and security vendors?

Answer 20

AWS Partner Network Technology Partners

Question 21

Which of the following are the characteristics of Amazon EC2 Convertible Reserved Instances? (Select TWO.)

Answer 21

1. Has the capability to change the attributes of the RI as long as the exchange results in the creation of Reserved Instances of equal or greater value
2. Allows the change of instance family, operating system, tenancy, and payment option

Question 22

Which of the following is not required when launching an EBS-backed EC2 instance?

Answer 22

Elastic IP address

Question 23

Which of the following should you use to automatically transfer your infrequently accessed data in your S3 bucket to a more cost-effective storage class?

Answer 23

Amazon S3 Lifecycle Policy

Question 24

In compliance with the Sarbanes-Oxley Act (SOX) federal law, a US-based company is required to provide SOC 1 and SOC 2 reports of their cloud resources. Where are these AWS compliance documents located?

Answer 24

AWS Artifact

Question 25

Which of the following is a fully managed database in AWS that can be used to store JSON documents?

Answer 25

Amazon DynamoDB

Question 26

Which of the following are the best practices that can help secure your AWS resources using the AWS Identity and Access Management (IAM) service? (Select TWO.)

Answer 26

1. Lock away your AWS account root user access keys.
2. Grant least privilege.

Question 27

An insurance company plans to use AWS to visually create, run, and monitor ETL workflows. Which of the following services would you recommend?

Answer 27

AWS Glue Studio

Question 28

Which of the following are defined as global services in AWS? (Select TWO.)

Answer 28

1. Amazon CloudFront
2. AWS Identity and Access Management

Question 29

What is the most secure way to provide applications temporary access to your AWS resources?

Answer 29

Create an IAM role and have the application assume the role

Question 30

A company plans to migrate their on-premises MySQL database to Amazon RDS. Which AWS service should they use for this task?

Answer 30

AWS Database Migration Service (AWS DMS)

Question 31

Which of the following AWS Cost Management tools enable you to forecast future costs and usage of your AWS resources based on your past consumption?

Answer 31

Cost Explorer

Question 32

Which of the following is one of the benefits of migrating your systems from an on-premises data center to AWS Cloud?

Answer 32

Enables the customer to focus on business activities rather than on the heavy lifting of racking, stacking, and powering servers

Question 33

In the AWS Shared Responsibility Model, whose responsibility is it to patch the host operating system of an Amazon EC2 instance?

Answer 33

AWS

Question 34

Which of the following should you use if you need to provide temporary AWS credentials for users who have been authenticated via their social media logins as well as for guest users who do not require any authentication?

Answer 34

Amazon Cognito Identity Pool

Question 35

Which of the following is true regarding the Business support plan in AWS?

Answer 35

Provides a 1-hour response time support if your production system goes down

Question 36

In Amazon EC2, which pricing construct adjusts its price based on supply and demand of EC2 instances?

Answer 36

Spot Instance

Question 37

Which is a fully-managed source control service that allows you to host Git-based repositories and enable code collaboration for your team via pull requests, branching, and merging?

Answer 37

AWS CodeCommit

Question 38

Which of the following is used to enable instances in the public subnet to connect to the public Internet?

Answer 38

Internet Gateway

Question 39

A company needs to troubleshoot an issue on their serverless application which is composed of an API Gateway, Lambda function, and a DynamoDB database. Which service should they use to trace user requests as they travel through their entire application?

Answer 39

AWS X-Ray

Question 40

Which of the following AWS service enables customers to analyze, investigate, and identify the root cause of potential security issues or suspicious activities in their AWS environment?

Answer 40

Amazon Detective

Question 41

What services will help you create a highly available and scalable web app in the cloud? (Select TWO.)

Answer 41

1. Amazon EC2 Auto Scaling
2. AWS ELB

Question 42

Which of the following cloud design principles supports growth in users, traffic, or data size with no drop-in performance?

Answer 42

Scalability

Question 43

Which service would you use to speed up content delivery to your customers?

Answer 43

Amazon CloudFront

Question 44

A new AWS customer needs to deploy up to 100 t3a.large EC2 instances on their recently launched VPC, which is way beyond the default service limit. What should they do so they can launch their additional instances?

Answer 44

Create a case in the AWS Support Center page and request a service limit increase.

Question 45

Which of the following policies grant the necessary permissions required to access your Amazon S3 resources? (Select TWO.)

Answer 45

1. User policies
2. Bucket policies

Question 46

A website is experiencing varying levels of traffic throughout the day and is not fully consuming server capacity all the time. Which advantage does AWS Cloud provide over traditional data centers when it comes to handling traffic load?

Answer 46

Elasticity

Question 47

A customer in North Virginia, USA is doing some drone work and collecting environmental data. Which of the following services allows him to easily obtain terabytes of data storage for use in a space-constrained environment and allows him to transfer these data to AWS?

Answer 47

AWS Snowcone.

Question 48

Which of the following tasks fall under the sole responsibility of AWS based on the shared responsibility model?

Answer 48

Physical and environmental controls

Question 49

Which of the following is a data transport solution that accelerates moving terabytes to petabytes of data into and out of AWS using appliances with on-board storage and compute capabilities?

Answer 49

AWS Snowball Edge

Question 50

Which AWS service is commonly used for streaming data in real-time?

Answer 50

Amazon Kinesis

Question 51

There is an incident with your team where an S3 object was deleted using an account without the owner’s knowledge. What can be done to prevent unauthorized deletion of your S3 objects?

Answer 51

Configure MFA delete on the S3 bucket.

Question 52

Which of the following is a valid characteristic of an IAM Group?

Answer 52

A group can contain many users, and a user can belong to multiple groups

Question 53

Which of the following actions will AWS charge you for? (Select TWO.)

Answer 53

1. Transfer of EC2 files between two AWS Regions
2. Provisioning elastic IPs and attaching them to running EC2 instances

Question 54

A startup wants to move its on-premises infrastructure to AWS. The IT Security team wants to protect all of the applications against unintended and unauthorized access as well as potential vulnerabilities.

Which of the following capability of AWS CAF’s Security perspective would be most relevant to address this concern?

Answer 54

Infrastructure Protection

Question 55

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)

Answer 55

1. Performance Efficiency
2. Sustainability

Question 56

__________ lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.

Answer 56

Amazon VPC

Question 57

Which of the following is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads?

Answer 57

Amazon GuardDuty

Question 58

Which of the following is typically used to secure your VPC subnets?

Answer 58

Network ACL

Question 59

Which of the following is the most cost-effective instance purchasing option for hosting an application which will run non-interruptible workloads for a period of three years?

Answer 59

Amazon EC2 Standard Reserved Instances

Question 60

A customer needs to establish a dedicated connection between their on-premises network and their AWS VPC that provides a more consistent network experience than Internet-based connections. Which of the following network services should they use?

Answer 60

AWS Direct Connect

Question 61

A manufacturing company has multiple AWS accounts for various departments. As the company grows, they are experiencing an increase in its AWS costs and want to optimize its expenses by taking advantage of any available discounts.

Which of the following actions below will allow you to take advantage of volume discounts in AWS?

Answer 61

Use AWS Organizations and enable the consolidated billing feature.

Question 62

Which service does AWS use to notify you when AWS is experiencing events that may impact you?

Answer 62

AWS Health.

Question 63

Which of the following statements accurately describes the AWS Shared Responsibility model?

Answer 63

AWS is responsible for securing the physical infrastructure of the cloud, while customers are responsible for securing their applications and data in the cloud.

Question 64

In AWS, which of the following is a design principle that you should implement when designing your cloud architecture?

Answer 64

Use multiple Availability Zones

Question 65

Which is a machine learning-powered security service that discovers, classifies, and protects sensitive data such as personally identifiable information (PII) or intellectual property?

Answer 65

Amazon Macie