Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Aws Questions > Aws Practice 1 > Flashcards

Aws Practice 1 Flashcards

1
Q

A website has a global customer base and users have reported poor performance when connecting to the site.

Which AWS service will improve the customer experience by reducing latency?

-Amazon EC2 Auto Scaling
-AWS Direct Connect
-Amazon CloudFront
-Amazon ElastiCache

A

-Amazon CloudFront

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following are valid benefits of using the AWS Cloud? (Select TWO.)

-Fast provisioning of IT resources.
-Outsource all operational risk.
-Outsource all application development to AWS.
-Total control over data center infrastructure.
-Ability to go global quickly.

A

-Fast provisioning of IT resources.
-Ability to go global quickly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An Amazon Virtual Private Cloud (VPC) can include multiple:

-AWS Regions.
-Edge locations.
-Internet gateways.
-Availability Zones.

A

-Availability Zones.

An Amazon VPC includes multiple Availability Zones. Within a VPC you can create subnets in each AZ that is available in the Region and distribute your resources across these subnets for high availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following represents a value proposition for using the AWS Cloud?

-AWS provides full access to their data centers.
-AWS is responsible for securing your applications.
-It is not necessary to enter into long term contracts.
-Customers can request specialized hardware.

A

It is not necessary to enter into long term contracts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A company needs to publish messages to a thousands of subscribers simultaneously using a push mechanism.

Which AWS service should the company use?

-Amazon Simple Workflow Service (SWF)
-AWS Step Functions
-Amazon Simple Notification Service (Amazon SNS)
-Amazon Simple Queue Service (Amazon SQS)

A

Amazon Simple Notification Service (Amazon SNS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A company needs to publish messages to a thousands of subscribers simultaneously using a push mechanism.

Which AWS service should the company use?

-Amazon Simple Queue Service (Amazon SQS)
-AWS Step Functions
-Amazon Simple Notification Service (Amazon SNS)
-Amazon Simple Workflow Service (SWF)

A

Amazon Simple Notification Service (Amazon SNS)

Amazon SNS is a publisher/subscriber notification service that uses a push mechanism to publish messages to multiple subscribers. Amazon SNS enables you to send messages or notifications directly to users with SMS text messages to over 200 countries, mobile push on Apple, Android, and other platforms or email (SMTP).

SQS is a message queue service used for decoupling applications.
SWF is a workflow orchestration service, not a messaging service.
SWF is a workflow orchestration service, not a messaging service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AWS are able to continually reduce their pricing due to:

-Economies of scale.
-Pay-as-you go pricing.
-Elastic compute services.
-Compute savings plans.

A

-Economies of scale.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An application uses a PostgreSQL database running on a single Amazon EC2 instance. A Cloud Practitioner has been asked to increase the availability of the database so there is automatic recovery in the case of a failure.

Which tasks can the Cloud Practitioner take to meet this requirement?

-Configure EC2 Auto Recovery to move the instance to another Region.
-Migrate the database to Amazon RDS and enable the Multi-AZ feature.
-Set the DeleteOnTermination value to false for the EBS root volume.
-Configure an Elastic Load Balancer in front of the EC2 instance.

A

-Migrate the database to Amazon RDS and enable the Multi-AZ feature.

Moving the database to Amazon RDS means that the database can take advantage of the built-in Multi-AZ feature. This feature creates a standby instance in another Availability Zone and synchronously replicates to it. In the event of a failure that affects the primary database an automatic failover can occur and the database will become functional on the standby instance.

The auto recovery feature of EC2 automatically moves the instance to another host, not to another Region.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which AWS service can a company use to discover and protect sensitive data that is stored in Amazon S3 buckets.

-Amazon Macie
-Amazon Detective
-AWS Policy Generator
-Amazon GuardDuty

A

Amazon Macie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When running applications in the AWS Cloud, which common tasks can AWS manage on behalf of their customers? (Select TWO.)

-Creating a database schema
-Application security testing
-Taking a backup of a database
-Patching database software
-Application source code auditing

A

-Taking a backup of a database
-Patching database software

With AWS managed services you can reduce your time spent performing common IT tasks. With services such as Amazon RDS, AWS will patch the database host operating system and database software and perform patch management activities.

AWS does not audit your source code. You can use Amazon CodeGuru for recommendations for improvement though.
AWS does not create your schema; this is something that’s in the customer’s control.
AWS does not perform any security testing of your applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which AWS feature can be used to launch a pre-configured Amazon Elastic Compute Cloud (EC2) instance?

-Amazon EC2 Systems Manager
-Amazon AppStream 2.0
-Amazon Machine Image (AMI)
-Amazon Elastic Block Store (EBS)

A

Amazon Machine Image (AMI)

An Amazon Machine Image (AMI) provides the information required to launch an instance. You must specify an AMI when you launch an instance. You can launch multiple instances from a single AMI when you need multiple instances with the same configuration. You can use different AMIs to launch instances when you need instances with different configurations.

EBS is block-based storage for EC2.
AWS Systems Manager gives you visibility and control of your infrastructure on AWS
Amazon AppStream 2.0 is a fully managed non-persistent application and desktop streaming service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A company must provide access to AWS resources for their employees. Which security practices should they follow? (Select TWO.)

-Create IAM policies based on least privilege principles.
-Enable multi-factor authentication for users.
-Create IAM Roles and apply them to IAM groups.
-Create IAM users in different AWS Regions.
-Disable password policies and management console access.

A

-Create IAM policies based on least privilege principles.
-Enable multi-factor authentication for users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are AWS Identity and Access Management (IAM) access keys used for?

-Enabling encryption in transit for web servers.
-Logging in to the AWS Management Console.
-Ensuring the integrity of log files.
-Making programmatic calls to AWS from AWS APIs.

A

-Making programmatic calls to AWS from AWS APIs.

Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK).

Access keys consist of two parts: an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY).

Like a user name and password, you must use both the access key ID and secret access key together to authenticate your requests. Manage your access keys as securely as you do your user name and password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following AWS services are compute services? (Select TWO.)

AWS Batch
AWS Elastic Beanstalk
Amazon Inspector
AWS CloudTrail
Amazon EFS

A

AWS Batch
AWS Elastic Beanstalk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following statements best describes the concept of agility in relation to cloud computing on AWS? (Select TWO.)

-The speed at which AWS rolls out new features.
-The ability to automatically scale capacity.
-The ability to experiment quickly.
-The elimination of wasted capacity.
-The speed at which AWS resources can be created.

A

-The ability to experiment quickly.
-The speed at which AWS resources can be created.

In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A company plans to deploy a relational database on AWS. The IT department will perform database administration. Which service should the company use?

-Amazon ElastiCache
-Amazon RedShift
-Amazon EC2
-Amazon DynamoDB

A

Amazon EC2

A self-managed relational database can be installed on Amazon EC2. When using this deployment you can choose the operating system and instance type that suits your needs and then install and manage any database software you require.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What advantages does a database administrator obtain by using the Amazon Relational Database Service (RDS)?

-RDS enables users to dynamically adjust CPU and RAM resources.
-RDS databases automatically scale based on load.
-RDS provides 99.99999999999% reliability and durability.
-RDS simplifies relational database administration tasks.

A

-RDS simplifies relational database administration tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following can an AWS customer use to launch a new ElastiCache cluster? (Select TWO.)

-AWS Systems Manager
-AWS Concierge
-AWS Data Pipeline
-AWS CloudFormation
-AWS Management Console

A

AWS CloudFormation
AWS Management Console

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A Cloud Practitioner needs to monitor a new Amazon EC2 instances CPU and network utilization. Which AWS service should be used?

-AWS Systems Manager
-AWS CloudTrail
-Amazon CloudWatch
-Amazon Inspector

A

-Amazon CloudWatch

Amazon CloudWatch is a performance monitoring service. AWS services send metrics about their utilization to CloudWatch which collects the metrics. You can then view the results in CloudWatch and configure alarms.

CloudTrail is used for auditing, not performance monitoring.
Inspector is an automated security service.
Systems Manager is used for managing EC2 instances such as installing patches and software.

References:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A company is deploying a new web application in a single AWS Region that will be used by users globally.

Which AWS services will assist with lowering latency and improving transfer speeds for the global users? (Select TWO.)

-AWS Snowcone
-Amazon CloudFront
-AWS Transit Gateway
-AWS Global Accelerator
-AWS Direct Connect

A

Amazon CloudFront
AWS Global Accelerator

Amazon CloudFront is a content delivery network (CDN) that caches content around the world for lower latency access. AWS Global Accelerator enables access to your application by leveraging the same Edge Locations as CloudFront and routing connections across the AWS global network.

Both of these services assist with lowering latency and improving transfer speeds for users who are distributed around the world.

“AWS Transit Gateway” is incorrect. This service is used for optimizing the network topology of interconnected VPCs and on-premises networks.

AWS Snowcone” is incorrect. Snowcone is used as an edge device for transferring data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How does the AWS cloud increase the speed and agility of execution for customers? (Select TWO.)

-Fast provisioning of resources
-Secured data centers
-Private connections to data centers
-Scalable compute capacity
-Lower cost of deployment

A

-Fast provisioning of resources
-Scalable compute capacity

The ability to quickly provision resources on AWS is a good example of speed and agility. On AWS the resources are readily available and can be deployed extremely quickly. Scalable compute capacity is another example as it gives you the agility to easily reconfigure your resources with more or less capacity as is required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A website has a global customer base and users have reported poor performance when connecting to the site.

Which AWS service will improve the customer experience by reducing latency?

-Amazon CloudFront
-Amazon EC2 Auto Scaling
-AWS Direct Connect
-Amazon ElastiCache

A

Amazon CloudFront

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A company is planning to deploy an application with a relational database on AWS. The application layer requires access to the database instance’s operating system in order to run scripts.

The company prefer to keep management overhead to a minimum. Which deployment should be used for the database?

-Amazon RDS
-Amazon DynamoDB
-Amazon EC2
-Amazon S3

A

-Amazon EC2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A Cloud Practitioner anticipates an increase in application traffic at a future date and time when a sales event will take place. How can the Cloud Practitioner configure Amazon EC2 Auto Scaling to ensure the right number of Amazon EC2 instances are available ahead of the event?

-Configure a scheduled scaling policy.
-Configure a step scaling policy.
-Configure a target tracking scaling policy.
-Configure predictive scaling.

A

Configure a scheduled scaling policy.

“Configure predictive scaling” is incorrect. Predictive scaling uses daily and weekly trends to determine when to scale. In this case the Cloud Practitioner knows about the event that will require more resources.

“Configure a target tracking scaling policy” is incorrect. This policy will cause the ASG to attempt to keep resource utilization at the target value.
“Configure a step scaling policy” is incorrect. Step scaling will launch resources in response to demand, this will not ensure the resource are ready at the right time as there will be a delay.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A company plans to use reserved instances to get discounted pricing for Amazon EC2 instances. The company may need to change the EC2 instance type during the one year period.

Which instance purchasing option is the MOST cost-effective for this use case?

-Convertible Reserved Instances
-Standard Reserved Instances
-Zonal Reserved Instances
-Regional Reserved Instances

A

-Convertible Reserved Instances

A convertible reserved instance enables you to exchange one or more Convertible Reserved Instances for another Convertible Reserved Instance with a different configuration, including instance family, operating system, and tenancy.

With standard RIs you cannot change the instance type but you can change the instance size.
Regional RIs apply to instance usage within any AZ in a specified Region.
Zonal RIs apply to instance usage within a specific AZ within an AWS Region.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

A company has multiple AWS accounts and is using AWS Organizations with consolidated billing. Which advantages will they benefit from? (Select TWO.)

-They may benefit from lower unit pricing for aggregated usage.
-They will be automatically enrolled in a business support plan.
-They will receive a fixed discount for all usage across accounts.
-The default service limits in all accounts will be increased.
-They will receive one bill for the accounts in the Organization.

A

-They may benefit from lower unit pricing for aggregated usage.
-They will receive one bill for the accounts in the Organization.

You can use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts. With consolidated billing you get:

-One bill for multiple accounts.

-Easy tracking or charges across accounts.

-Combined usage across accounts and sharing of volume pricing discounts, reserved instance discounts and savings plans.

-No extra fee.

27
Q

A large company is interested in avoiding long-term contracts and moving from fixed costs to variable costs.

What is the value proposition of AWS for this company?

-Automated cost optimization
-Pay-as-you-go pricing
-Economies of scale
-Volume pricing discounts

A

Pay-as-you-go pricing

28
Q

A company is deploying a MySQL database on AWS. The database must easily scale and have automatic backup enabled.

Which AWS service should the company use?

-Amazon Athena
-Amazon DynamoDB
-Amazon Aurora
- Amazon DocumentDB

A

Amazon Aurora

Amazon Aurora is a relational database that is compatible with MySQL and PostgreSQL database engines. Aurora is extremely fast and scales up to 128 TB. You can also deploy replicas for read scaling within and across Regions. Aurora also offers automated backups.

“Amazon Athena” is incorrect. Athena is used for querying data in Amazon S3 using SQL.
“Amazon DocumentDB” is incorrect. DocumentDB is a NoSQL database that supports document data structures.

29
Q

A customer needs to determine Total Cost of Ownership (TCO) for a workload that requires physical isolation. Which hosting model should be accounted for?

-On-Demand Instances
-Spot Instances
-Reserved Instances
-Dedicated Hosts

A

-Dedicated Hosts

30
Q

A company is deploying an application in the AWS Cloud. How can they secure the application? (Select TWO.)

-Configure public access for the AWS services used by the application.
-Limit access privileges according to the principal of least privilege.
-Provide full admin access to developer and operations staff.
-Enable encryption for the application data at rest.
-Enable monitoring by turning off encryption for data in transit.

A

-Limit access privileges according to the principal of least privilege.

-Enable encryption for the application data at rest.

31
Q

A user is planning to launch three EC2 instances behind a single Elastic Load Balancer. The deployment should be highly available. How should the user achieve this?

-Launch the instances as EC2 Spot Instances in the same AWS Region and the same Availability Zone.
-Launch the instances as EC2 Reserved Instances in the same AWS Region, but in different Availability Zones.
-Launch the instances across multiple Availability Zones in a single AWS Region.
-Launch the instances in multiple AWS Regions, and use Elastic IP addresses.

A

-Launch the instances across multiple Availability Zones in a single AWS Region.

To make the deployment highly available the user should launch the instances across multiple Availability Zones in a single AWS Region. Elastic Load Balancers can only serve targets in a single Region so it is not possible to deploy across Regions.

32
Q

A Cloud Practitioner requires point-in-time recovery (PITR) for an Amazon DynamoDB table. Who is responsible for configuring and performing backups?

-AWS is responsible for configuring and the user is responsible for performing backups.
-The customer is responsible for configuring and AWS is responsible for performing backups.
-The customer is responsible for both tasks.
-AWS is responsible for both tasks.

A

The customer is responsible for configuring and AWS is responsible for performing backups.

Point-in-time recovery (PITR) provides continuous backups of your DynamoDB table data. When enabled, DynamoDB maintains incremental backups of your table for the last 35 days until you explicitly turn it off. It is a customer responsibility to enable PITR on and AWS is responsible for actually performing the backups.

33
Q

A Cloud Practitioner needs a tool that can assist with viewing and managing AWS costs and usage over time. Which tool should the Cloud Practitioner use?

-AWS Cost Explorer
-AWS Organizations
-Amazon Inspector
-AWS Budgets

A

AWS Cost Explorer

AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. AWS Cost Explorer provides you with a set of default reports that you can use as the starting place for your analysis. From there, use the filtering and grouping capabilities to dive deeper into your cost and usage data and generate custom insights.

AWS Budgets allows you to set custom budgets to track your cost and usage from the simplest to the most complex use cases.
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS
AWS Organizations allows you to organize accounts, create accounts programmatically, and leverage consolidated billing.

34
Q

Which tasks can a user complete using the AWS Cost Management tools? (Select TWO.)

-Create budgets and receive notifications if current or forecasted usage exceeds the budgets.
-Launch either EC2 Spot instances or On-Demand instances based on the current pricing.
-Automatically terminate AWS resources if budget thresholds are exceeded.
-Move data stored in Amazon S3 Standard to an archiving storage class to reduce cost.
-Delete all of your AWS resources with a single click.

A

-Create budgets and receive notifications if current or forecasted usage exceeds the budgets

-Automatically terminate AWS resources if budget thresholds are exceeded.

35
Q

A user needs to identify underutilized Amazon EC2 instances to reduce costs.

Which AWS service or feature will meet this requirement?

-AWS Cost Explorer
-AWS Trusted Advisor
-AWS Health Dashboard
-AWS CodeBuild

A

AWS Trusted Advisor

36
Q

A company is designing a new a service that must align with the operational excellence pillar of the AWS Well-Architected Framework.

Which design principles should the company follow? (Select TWO.)

-Anticipate failure.
-Make large-scale changes.
-Create static operational procedures.
-Perform operations as code.
-Perform manual operations.

A

Anticipate failure.
Perform operations as code.

AWS Well-Architected helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads. There are 5 pillars and under the operational excellence pillar the following best practices are recommended:

Perform operations as code

Make frequent, small, reversible changes

Refine operations procedures frequently

Anticipate failure

Learn from all operational failures

37
Q

A user needs to identify underutilized Amazon EC2 instances to reduce costs.

Which AWS service or feature will meet this requirement?

-AWS CodeBuild
-AWS Trusted Advisor
-AWS Cost Explorer
-AWS Health Dashboard

A

AWS Trusted Advisor

AWS Trusted Advisor offers a rich set of best practice checks and recommendations across five categories: cost optimization, security, fault tolerance, performance, and service limits.

38
Q

A Cloud Practitioner is developing a new application and wishes to integrate features of AWS services directly into the application.

Which of the following is the BEST tool for this purpose?

-AWS CodePipeline
-AWS Software Development Kit (AWS CDK)
-AWS CodeDeploy
-AWS Command Line Interface (CLI)

A

AWS Software Development Kit

39
Q

Which design principles are enabled by the AWS Cloud to improve the operation of workloads? (Select TWO.)

-Minimize platform design
-Loose coupling
-Customized hardware
-Remove single points of failure
-Minimum viable product

A

-Loose coupling
-Remove single points of failure

Loose coupling is when you break systems down into smaller components that are loosely coupled together. This reduces interdependencies between systems components. This is achieved in the cloud using messages buses, notification and messaging services.

Removing single points of failure ensures fault tolerance and high availability. This is easily achieved in the cloud as the architecture and features of the cloud support the implementation of highly available and fault tolerant systems.

40
Q

According to the AWS shared responsibility model, which of the following is a responsibility of AWS?

-Updating security group rules to enable connectivity.
-Updating the firmware on the underlying EC2 hosts.
-Patching software running on Amazon EC2 instances.
-Configuring network ACLs to block malicious attacks.

A

-Updating the firmware on the underlying EC2 hosts.

41
Q

An Amazon Virtual Private Cloud (VPC) can include multiple:

-AWS Regions.
-Edge locations.
-Internet gateways.
-Availability Zones.

A

An Amazon VPC includes multiple Availability Zones. Within a VPC you can create subnets in each AZ that is available in the Region and distribute your resources across these subnets for high availability.

42
Q

Which of the following is a sole responsibility of AWS?
-Patch management
-Customer data access controls
-Application deployment
-Availability Zone management

A

-Availability Zone management

43
Q

An application uses a PostgreSQL database running on a single Amazon EC2 instance. A Cloud Practitioner has been asked to increase the availability of the database so there is automatic recovery in the case of a failure.

Which tasks can the Cloud Practitioner take to meet this requirement?

-Set the DeleteOnTermination value to false for the EBS root volume.
-Configure EC2 Auto Recovery to move the instance to another Region.
-Configure an Elastic Load Balancer in front of the EC2 instance.
-Migrate the database to Amazon RDS and enable the Multi-AZ feature.

A

Migrate the database to Amazon RDS and enable the Multi-AZ feature.

44
Q

Which of the following will help a user determine if they need to request an Amazon EC2 service limit increase?

-Amazon RDS
-AWS Trusted Advisor
-AWS Cost Explorer
-AWS Health Dashboard

A

AWS Trusted Advisor

AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices. Trusted Advisor checks help optimize your AWS infrastructure, improve security and performance, reduce your overall costs, and monitor service limits.

45
Q

Which AWS service or feature can assist with protecting a website that is hosted outside of AWS?

-Amazon VPC route tables
-AWS Web Application Firewall (WAF)
-Amazon EC2 security groups
-Amazon VPC network ACLs

A

-AWS Web Application Firewall (WAF)

AWS WAF can be used to protect on-premises resources if they are deployed behind an Application Load Balancer (ALB). In this scenario the on-premises website servers are added to a target group by IP address. The ALB has a WAF WebACL attached to it and distributes connections to the on-premises website.

46
Q

Which resource should a new user on AWS use to get help with deploying popular technologies based on AWS best practices, including architecture and deployment instructions?

-AWS CloudFormation
-AWS Quick Starts
-AWS Config
-AWS Artifact

A

AWS Quick

Quick Starts are built by Amazon Web Services (AWS) solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability. These accelerators reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately.

Each Quick Start includes AWS CloudFormation templates that automate the deployment and a guide that discusses the architecture and provides step-by-step deployment instructions.

CloudFormation is used to deploy infrastructure from templates, the Quick Starts use CloudFormation.
Artifact provides on-demand access to AWS security and compliance reports.
Config is a service used for compliance relating the configuration of AWS resources.

47
Q

A company is launching a new website which is expected to have highly variable levels of traffic. The website will run on Amazon EC2 and must be highly available.

What is the MOST cost-effective approach?

-Create an Amazon EC2 Auto Scaling group and configure an Elastic Load Balancer.
-Determine the highest expected traffic and use an appropriate instance type.
-Use the AWS CLI to launch and terminate Amazon EC2 instances to match demand.
-Launch the website using an Amazon EC2 instance running on a dedicated host.

A

-Create an Amazon EC2 Auto Scaling group and configure an Elastic Load Balancer.

The most cost-effective approach for ensuring the website is highly available on Amazon EC2 instances is to use an Auto Scaling group. This will ensure that the appropriate number of instances is always available to service the demand. An Elastic Load Balancer can be placed in front of the instances to distribute incoming connections.

48
Q

A company has many underutilized compute resources on-premises. Which AWS Cloud feature will help resolve this issue?

-Fault tolerance
-Elasticity
-High availability
-Global deployment

A

Elasticity

49
Q

Which AWS services can a company use to gather information about activity in their AWS account? (Select TWO.)

-AWS CloudTrail
-AWS Trusted Advisor
-Amazon CloudFront
-Amazon CloudWatch
-Amazon Connect

A

-AWS CloudTrail
-Amazon CloudWatch

Amazon CloudWatch is a performance monitoring service. AWS services send metrics about their utilization to CloudWatch which collects the metrics. Additionally, CloudWatch collects metrics about account activity such as billing information which can also be viewed.

AWS CloudTrail is an auditing service that monitors API activity in your account. Whenever you perform any operation in the account this results in an API action and this information is recorded to create an audit trail.

CloudFront is a content delivery network (CDN).
Trusted Advisor, This service is used to assist with guidance on provisioning resources according to best practice.
Amazon Connect,This is a contact center service.

50
Q

Customers using AWS services must patch operating systems on which of the following services?

-AWS Fargate
-Amazon EC2
-AWS Lambda
-Amazon DynamoDB

A

-Amazon EC2

51
Q

What is one method of protecting against distributed denial of service (DDoS) attacks in the AWS Cloud?

-Use Amazon CloudWatch monitoring.
-Monitor the AWS Health Dashboard.
-Configure a firewall in front of resources.
-Enable AWS CloudTrail logging.

A

-Configure a firewall in front of resources.

52
Q

A company runs a batch job on an Amazon EC2 instance and it takes 6 hours to complete. The workload is expected to double in volume each month with a proportional increase in processing time.

What is the most efficient cloud architecture to address the growing workload?

-Change the Amazon EC2 volume type to a Provisioned IOPS SSD volume.
-Run the batch job on a larger Amazon EC2 instance type with more CPU.
-Run the batch workload in parallel across multiple Amazon EC2 instances.
-Run the application on a bare metal Amazon EC2 instance.

A

-Run the batch workload in parallel across multiple Amazon EC2 instances.

The most efficient option is to use multiple EC2 instances and distribute the workload across them. This is an example of horizontal scaling and will allow the workload to keep growing in size without any issue and without increasing the overall processing timeframe.

Bare metal instances are used for workloads that require access to the hardware feature set (such as Intel VT-x), for applications that need to run in non-virtualized environments for licensing or support requirements, or for customers who wish to use their own hypervisor.
Provisioned IOPS SSD volume” is incorrect. This will improve the underlying performance of the EBS volume but does not assist with processing (more CPU is needed, i.e. by spreading across instances).

53
Q

A company is migrating a monolithic application that does not scale well into the cloud and refactoring it into a microservices architecture.

Which best practice of the AWS Well-Architected Framework does this plan relate to?

-Stop spending money on undifferentiated heavy lifting.
-Implement loosely coupled services.
-Manage change in automation.
-Use multiple solutions to improve performance.

A

Implement loosely coupled services.

54
Q

According to the AWS shared responsibility model, which of the following is a responsibility of AWS?

-Configuring network ACLs to block malicious attacks.
-Patching software running on Amazon EC2 instances.
-Updating security group rules to enable connectivity.
-Updating the firmware on the underlying EC2 hosts.

A

-Updating the firmware on the underlying EC2 hosts.

AWS are responsible for updating firmware on the physical Amazon EC2 host servers. Customers are then responsible for any patching of the EC2 operating system and any installed software.

55
Q

What is the best practice for managing AWS IAM access keys?

-There is no need to manage access keys.
-Customers should rotate access keys regularly.
-AWS rotate access keys on a schedule.
-Never use access keys, always use IAM roles.

A

-Customers should rotate access keys regularly.

56
Q

What can a Cloud Practitioner use to categorize and track AWS costs by project?

-Consolidated billing
-Multiple accounts
-AWS Trusted Advisor
-Cost Allocation Tags

A

Cost Allocation Tags

57
Q

A company is deploying an application on Amazon EC2 that requires low-latency access to application components in an on-premises data center. Which AWS service or resource can the company use to extend their existing VPC to the on-premises data center?

-Amazon Workspaces
-Amazon Connect
-AWS Direct Connect
-AWS Outposts

A

AWS Outposts

AWS Outposts is a fully managed service that offers the same AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience. With AWS Outposts you can extend your VPC into the on-premises data center.

Amazon Connect provides a seamless omnichannel experience through a single unified contact center for voice, chat, and task management.
Direct Connect is used for creating a low-latency private connection to an on-premises data center but it cannot be used to extend the VPC.
Amazon WorkSpaces is a managed, secure Desktop-as-a-Service (DaaS) solution.

58
Q

For what purpose would a Cloud Practitioner access AWS Artifact?

-Access training materials for AWS services.
-Create a security assessment report for AWS services.
-Gain access to AWS security and compliance documents.
-Download configuration details for all AWS resources.

A

Gain access to AWS security and compliance documents.

AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS’ security and compliance reports and select online agreements.

Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls.

59
Q

A Cloud Practitioner needs to monitor a new Amazon EC2 instances CPU and network utilization. Which AWS service should be used?

-Amazon CloudWatch
-Amazon Inspector
-AWS Systems Manager
-AWS CloudTrail

A

Amazon CloudWatch

Amazon CloudWatch is a performance monitoring service. AWS services send metrics about their utilization to CloudWatch which collects the metrics. You can then view the results in CloudWatch and configure alarms.

CloudTrail is used for auditing, not performance monitoring.
Inspector is an automated security service.
Systems Manager is used for managing EC2 instances such as installing patches and software.

60
Q

Which of the following AWS features or services can be used to provide root storage volumes for Amazon EC2 instances?

-Amazon Simple Storage Service (S3)
-Amazon Elastic File System (EFS)
-Amazon Machine Image
-Amazon Elastic Block Store (EBS)

A

Amazon Elastic Block Store (EBS)

The Amazon Elastic Block Store (EBS) provides block-based storage volumes for Amazon EC2 instances. Root volumes are where the operating system is installed and can be either EBS volumes or instance store volumes.

“Amazon Elastic File System (EFS)” is incorrect. EFS volumes cannot be used for the root storage volume but can be mounted to store data.
“Amazon Simple Storage Service (S3)” is incorrect. Amazon S3 buckets cannot be attached to EC2 instances in any way, it is a service that is accessed via a REST API.
“Amazon Machine Image” is incorrect. An AMI provides the information required to launch an instance including the mapping of EBS volumes.

61
Q

Which of the following will help a user determine if they need to request an Amazon EC2 service limit increase?

-Amazon RDS
-AWS Cost Explorer
-AWS Trusted Advisor
-AWS Health Dashboard

A

-AWS Trusted Advisor

AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices. Trusted Advisor checks help optimize your AWS infrastructure, improve security and performance, reduce your overall costs, and monitor service limits.

The AWS Health dashboard shows issues or upcoming events that may impact your resources. It does not notify of service limit breaches.
Cost Explorer is used for viewing costs and will not assist with service limits.

62
Q

Which AWS service can a team use to deploy infrastructure on AWS using familiar programming languages?

AWS CodeCommit
AWS Cloud Development Kit (AWS CDK)
Amazon CodeGuru
AWS Config

A

AWS Cloud Development Kit (AWS CDK)

The AWS Cloud Development Kit (AWS CDK) is an open source software development framework to define cloud application resources using familiar programming languages. With AWS CDK you can stick to using programming languages that are familiar to you and have infrastructure deployed using AWS CloudFormation.

63
Q

Which benefits can a company gain by deploying a relational database on Amazon RDS instead of Amazon EC2? (Select TWO.)

-Root access to OS
-Software patching
-Indexing of tables
-Schema management
-Automated backups

A

-Software patching
-Automated backups

Aws Questions (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions