AWS Organizations

Question 1

AWS Organizations’ best feature is ___________ ________

Answer 1

• AWS Organizations’ best feature is Consolidated Billing

Question 2

AWS Organizations Policies are applied to _____ accounts or __________ ____

Answer 2

AWS Organizations Policies are applied to root accounts or Organizational Units (OUs)

Question 3

With consolidated Billing, _______ reserved EC2 instances are applied across the _____

Answer 3

With consolidated Billing, unused reserved EC2 instances are applied across the group

Question 4

Service Control Policies manage the maximum available __________

Answer 4

Service Control Policies manage the maximum available permissions

Question 5

SCPs must have all features in Organization _____

Answer 5

SCPs must have all features in Organization enabled

Question 6

SCPs can be assigned at different _____ in the _________

Answer 6

SCPs can be assigned at different points in the hierarchy

Question 7

SCPs only affect IAM _____ and _____ but do not affect _________ policies

Answer 7

SCPs only affect IAM users and roles but do not affect resources policies

Question 8

SCPs affect the ____ account and ______ accounts but do not affect any action performed by the _________ account

Answer 8

SCPs affect the root account and member accounts but do not affect any action performed by the management account

Question 9

SCPs Allow list strategy:

• No APIs are permitted anywhere unless you __________ _____ them

Answer 9

• No APIs are permitted anywhere unless you explicitly allow them

Question 10

Accounts can be migrated between organizations. To do this, you must have ____ or IAM permissions to both the member and _________ accounts

Answer 10

To do this, you must have root or IAM permissions to both the member and management accounts

Question 11

If you’re just migrating a few accounts, you can use the AWS Organizations console. But if there are many accounts to migrate use the AWS ____________ API or AWS ____

Answer 11

If you’re just migrating a few accounts, you can use the AWS Organizations console. But if there are many accounts to migrate use the AWS Organizations API or AWS CLI

Question 12

Consolidated Billing can help with cost control through volume discounts, but the number of accounts you can link is limited to

Answer 12

20 linked accounts for consolidated billing (default)

Question 13

A benefit of Consolidated Billing is a combined view of ______ incurred by all your _______

Answer 13

A benefit of Consolidated Billing is a combined view of charges incurred by all your accounts

Question 14

With Consolidated Billing Paying accounts should be used for _______ purposes ____

Answer 14

With Consolidated Billing Paying accounts should be used for billing purposes only

Question 15

What is the only way to restrict what the root account can do?

Answer 15

Service Control Policies

Question 16

How can you use AWS Organizations to Centralize all your CloudTrail Logs?

Answer 16

CloudTrail allows you to log everything into a Single AWS account.

Question 17

AWS Organization allows you to ______ workloads into separate accounts, which is a great way to add more layers of _______ and control.

Answer 17

AWS Organization allows you to isolate workloads into separate accounts which is a great way to add more layers of security and controls.

Question 18

AWS Config is great for setting standardization across ___ ____ ______

Answer 18

AWS Config is great for setting standardization across all your account.

Question 19

AWS Config will also check for compliance and automatically ________ problems using _________ documents.

Answer 19

AWS Config will also check for compliance and automatically remediate problems using automation documents.

Question 20

Which AWS feature will provide you with a history of all changes to your architecture.

Answer 20

AWS Config

Question 21

If AD is staying on-premises should you use AWS Managed Microsoft AD vs. AD Connector?

Answer 21

AD connector

Question 22

Trusted Advisor is free to use but you’ll need a _________ or _________ _________ plan to get the most useful checks it offers.

Answer 22

Trusted Advisor is free to use but you’ll need a Business or Enterprise Support plan to get the most useful checks it offers.

Question 23

Keep in mind that Trusted Advisor is only an ________ ____ it will not _____ the problem for you.

Answer 23

Keep in mind that Trusted Advisor is only an auditing tool it will not solve the problem for you.

Question 24

To solve a problem, Trusted Advisor has found use _________ to kick off a ______ ________ .

Answer 24

To solve a problem, Trusted Advisor has found use Eventbridge to kick off a Lambda function

Question 25

AWS Config will send you a notification in regards to a resource if what three scenarios?

Answer 25

AWS Config will send you a notification if a resource is created, deleted, or modified

Question 26

AWS Config allows you to see __________ between your _________ resources

Answer 26

AWS Config allows you to see relationships between your different resources

Question 27

AWS OpsWorks is a configuration management service that provides managed instances of ____ and _______

Answer 27

AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet

Question 28

AWS Resource Access Manager (RAM) allows you to share resources across: (3)

AWS ________

AWS _____________ or OUs

IAM ____ and IAM users

Answer 28

AWS Resource Access Manager (RAM) allows you to share resources across:

AWS Accounts

AWS Organizations or OUs

IAM roles and IAM users

Question 29

AWS Resource Access Manager (RAM) can be used to share which three resources?

Answer 29

VPC

EC2

Route 53

Question 30

If moving everything to the cloud which service should you use AWS Managed Microsoft AD vs. AD Connector?

Answer 30

If moving everything to the cloud use Managed Microsoft AD

Question 31

Chef and Puppet are automation platforms that allow you to use code to ________ the configurations of your _______.

Answer 31

Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers.

Question 32

AWS ___________ is a configuration management service that provides managed instances of Chef and Puppet.

Answer 32

AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet.

Question 33

OpsWorks lets you use Chef and Puppet to automate how servers are _________, ________, and _______ across your Amazon EC2 instances or on-premises

Answer 33

OpsWorks lets you use Chef and Puppet to automate how servers are configured, managed, and deployed across your Amazon EC2 instances or on-premises