AWS EXAM SET 2 Flashcards

1
Q

A company wants to launch a Microsoft SQL Server database in AWS. The database instance should only be managed by the company’s DBA and must be accessible via RDP. A standard license for SQL Server is required but the company is not yet sure how much CPU and memory to allocate to the database.

Which option gives the most convenience and flexibility to determine the best database size while still being cost-effective?

A

Use a Windows Server with SQL Server Standard bundled AMI so you won’t need to buy and manage your own license.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A leading company wants to ensure that its cloud services are consistently delivered at the agreed-upon level of its business stakeholders. The company is considering using the AWS Cloud Adoption Framework (AWS CAF) to guide its cloud operations.

Which capabilities within the AWS CAF’s Operations perspective would be most helpful for the company?

A

Performance and Capacity Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following will allow you to create a data warehouse in AWS for your business intelligence needs?

A

Amazon Redshift

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A customer currently has a Basic support plan and they are planning to use the Infrastructure Event Management, Well-Architected Reviews and Operations Reviews features in AWS. What should they do in order to access these features in the most cost-effective manner?

A

Upgrade to Enterprise support plan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the best type of instance purchasing option to choose if you will run an EC2 instance for 3 months to perform a job that is uninterruptible?

A

On-Demand Instance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You are permitted to conduct security assessments and penetration testing without prior approval against which AWS resources? (Select TWO.)

A

Amazon Aurora
Amazon RDS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A customer is building a cloud architecture in AWS which should scale horizontally or vertically in order to automatically adjust capacity and maintain steady, predictable performance at the lowest possible cost. Which of the following statements are true regarding horizontal and vertical scaling? (Select TWO.)

A
  1. Adding more EC2 instances to your resource pool is an example of Horizontal Scaling
  2. Upgrading to a higher EC2 instance type is an example of Vertical Scaling
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The IT Security team of your company needs to conduct a vulnerability analysis on your application servers to ensure that the EC2 instances comply with the annual security IT audit. You need to set up an automated security assessment service to improve the security and compliance of your applications. The solution should automatically assess applications for exposure, vulnerabilities, and deviations from the AWS best practices.

Which of the following options would you implement to satisfy this requirement?

A

AWS Inspector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following cloud best practices reinforces the use of the Service-Oriented Architecture (SOA) design principle?

A

Decouple your components.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is best suited for load balancing Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLS) traffic and has the capability of handling millions of requests per second while maintaining ultra-low latencies?

A

Network Load Balancer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following is the benefit of using Amazon Relational Database Service (Amazon RDS) over traditional database management?

A

Lower administrative burden through automatic software patching and maintenance of the underlying operating system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is the most cost-effective payment option when you purchase either a Standard or Convertible Reserved Instance for a 1-year term?

A

All Upfront

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A customer needs to retrieve the instance ID, instance profile permissions, and kernel information of their EC2 instance for an app that is running within the same instance. Where can the customer find this information?

A

Instance metadata

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which among the services below can you use to test and troubleshoot IAM and resource-based policies?

A

IAM Policy Simulator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which service allows you to add powerful visual analysis feature to your applications that enables you to search, verify, and organize millions of images?

A

Amazon Rekognition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following services are part of the AWS serverless platform that does not require provisioning, maintaining, and administering servers for backend components? (Select TWO.)

A
  1. Amazon API Gateway
  2. Lambda@Edge
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A customer has a number of on-demand instances running simultaneously to serve customer transactions. Occasionally, most of these instances do not perform any tasks when demand is low. What is a good cost optimization strategy to implement for this case?

A

Implement an auto scaling group to control the number of running instances at a time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A space agency is using Amazon S3 to store their high-resolution satellite images and videos everyday. Which of the following should they do to minimize the upload time?

A

Use the Multipart upload API

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

When a company uses AWS and decouple from their on-premises data center, they will be able to have which of the following benefits? (Select TWO.)

A
  1. Decrease your TCO.
  2. Reduce time to market.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following provides software solutions that are either hosted on or integrated with the AWS platform which may include Independent Software Vendors (ISVs), SaaS, PaaS, developer tools, management, and security vendors?

A

AWS Partner Network Technology Partners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following are the characteristics of Amazon EC2 Convertible Reserved Instances? (Select TWO.)

A
  1. Has the capability to change the attributes of the RI as long as the exchange results in the creation of Reserved Instances of equal or greater value
  2. Allows the change of instance family, operating system, tenancy, and payment option
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of the following is not required when launching an EBS-backed EC2 instance?

A

Elastic IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the following should you use to automatically transfer your infrequently accessed data in your S3 bucket to a more cost-effective storage class?

A

Amazon S3 Lifecycle Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

In compliance with the Sarbanes-Oxley Act (SOX) federal law, a US-based company is required to provide SOC 1 and SOC 2 reports of their cloud resources. Where are these AWS compliance documents located?

A

AWS Artifact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which of the following is a fully managed database in AWS that can be used to store JSON documents?

A

Amazon DynamoDB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which of the following are the best practices that can help secure your AWS resources using the AWS Identity and Access Management (IAM) service? (Select TWO.)

A
  1. Lock away your AWS account root user access keys.
  2. Grant least privilege.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

An insurance company plans to use AWS to visually create, run, and monitor ETL workflows. Which of the following services would you recommend?

A

AWS Glue Studio

28
Q

Which of the following are defined as global services in AWS? (Select TWO.)

A
  1. Amazon CloudFront
  2. AWS Identity and Access Management
29
Q

What is the most secure way to provide applications temporary access to your AWS resources?

A

Create an IAM role and have the application assume the role

30
Q

A company plans to migrate their on-premises MySQL database to Amazon RDS. Which AWS service should they use for this task?

A

AWS Database Migration Service (AWS DMS)

31
Q

Which of the following AWS Cost Management tools enable you to forecast future costs and usage of your AWS resources based on your past consumption?

A

Cost Explorer

32
Q

Which of the following is one of the benefits of migrating your systems from an on-premises data center to AWS Cloud?

A

Enables the customer to focus on business activities rather than on the heavy lifting of racking, stacking, and powering servers

33
Q

In the AWS Shared Responsibility Model, whose responsibility is it to patch the host operating system of an Amazon EC2 instance?

A

AWS

34
Q

Which of the following should you use if you need to provide temporary AWS credentials for users who have been authenticated via their social media logins as well as for guest users who do not require any authentication?

A

Amazon Cognito Identity Pool

35
Q

Which of the following is true regarding the Business support plan in AWS?

A

Provides a 1-hour response time support if your production system goes down

36
Q

In Amazon EC2, which pricing construct adjusts its price based on supply and demand of EC2 instances?

A

Spot Instance

37
Q

Which is a fully-managed source control service that allows you to host Git-based repositories and enable code collaboration for your team via pull requests, branching, and merging?

A

AWS CodeCommit

38
Q

Which of the following is used to enable instances in the public subnet to connect to the public Internet?

A

Internet Gateway

39
Q

A company needs to troubleshoot an issue on their serverless application which is composed of an API Gateway, Lambda function, and a DynamoDB database. Which service should they use to trace user requests as they travel through their entire application?

A

AWS X-Ray

40
Q

Which of the following AWS service enables customers to analyze, investigate, and identify the root cause of potential security issues or suspicious activities in their AWS environment?

A

Amazon Detective

41
Q

What services will help you create a highly available and scalable web app in the cloud? (Select TWO.)

A
  1. Amazon EC2 Auto Scaling
  2. AWS ELB
42
Q

Which of the following cloud design principles supports growth in users, traffic, or data size with no drop-in performance?

A

Scalability

43
Q

Which service would you use to speed up content delivery to your customers?

A

Amazon CloudFront

44
Q

A new AWS customer needs to deploy up to 100 t3a.large EC2 instances on their recently launched VPC, which is way beyond the default service limit. What should they do so they can launch their additional instances?

A

Create a case in the AWS Support Center page and request a service limit increase.

45
Q

Which of the following policies grant the necessary permissions required to access your Amazon S3 resources? (Select TWO.)

A
  1. User policies
  2. Bucket policies
46
Q

A website is experiencing varying levels of traffic throughout the day and is not fully consuming server capacity all the time. Which advantage does AWS Cloud provide over traditional data centers when it comes to handling traffic load?

A

Elasticity

47
Q

A customer in North Virginia, USA is doing some drone work and collecting environmental data. Which of the following services allows him to easily obtain terabytes of data storage for use in a space-constrained environment and allows him to transfer these data to AWS?

A

AWS Snowcone.

48
Q

Which of the following tasks fall under the sole responsibility of AWS based on the shared responsibility model?

A

Physical and environmental controls

49
Q

Which of the following is a data transport solution that accelerates moving terabytes to petabytes of data into and out of AWS using appliances with on-board storage and compute capabilities?

A

AWS Snowball Edge

50
Q

Which AWS service is commonly used for streaming data in real-time?

A

Amazon Kinesis

51
Q

There is an incident with your team where an S3 object was deleted using an account without the owner’s knowledge. What can be done to prevent unauthorized deletion of your S3 objects?

A

Configure MFA delete on the S3 bucket.

52
Q

Which of the following is a valid characteristic of an IAM Group?

A

A group can contain many users, and a user can belong to multiple groups

53
Q

Which of the following actions will AWS charge you for? (Select TWO.)

A
  1. Transfer of EC2 files between two AWS Regions
  2. Provisioning elastic IPs and attaching them to running EC2 instances
54
Q

A startup wants to move its on-premises infrastructure to AWS. The IT Security team wants to protect all of the applications against unintended and unauthorized access as well as potential vulnerabilities.

Which of the following capability of AWS CAF’s Security perspective would be most relevant to address this concern?

A

Infrastructure Protection

55
Q

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)

A
  1. Performance Efficiency
  2. Sustainability
56
Q

__________ lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.

A

Amazon VPC

57
Q

Which of the following is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads?

A

Amazon GuardDuty

58
Q

Which of the following is typically used to secure your VPC subnets?

A

Network ACL

59
Q

Which of the following is the most cost-effective instance purchasing option for hosting an application which will run non-interruptible workloads for a period of three years?

A

Amazon EC2 Standard Reserved Instances

60
Q

A customer needs to establish a dedicated connection between their on-premises network and their AWS VPC that provides a more consistent network experience than Internet-based connections. Which of the following network services should they use?

A

AWS Direct Connect

61
Q

A manufacturing company has multiple AWS accounts for various departments. As the company grows, they are experiencing an increase in its AWS costs and want to optimize its expenses by taking advantage of any available discounts.

Which of the following actions below will allow you to take advantage of volume discounts in AWS?

A

Use AWS Organizations and enable the consolidated billing feature.

62
Q

Which service does AWS use to notify you when AWS is experiencing events that may impact you?

A

AWS Health.

63
Q

Which of the following statements accurately describes the AWS Shared Responsibility model?

A

AWS is responsible for securing the physical infrastructure of the cloud, while customers are responsible for securing their applications and data in the cloud.

64
Q

In AWS, which of the following is a design principle that you should implement when designing your cloud architecture?

A

Use multiple Availability Zones

65
Q

Which is a machine learning-powered security service that discovers, classifies, and protects sensitive data such as personally identifiable information (PII) or intellectual property?

A

Amazon Macie