AWS Practice Questions

Question 1

With Amazon S3, Standard Storage is designed to provide 99.999999999 percent durability and what percent availability?

Answer 1

99.99% availability of objects over a given year.

Question 2

With HTTP and HTTPS traffic, what feature of an Application Load Balancer can be used to bind a user’s session to a specific instance?

Answer 2

Sticky Sessions

Question 3

With which pricing model do you pay for compute capacity by the hour with no required minimum commitments?

Answer 3

On-Demand Instances

Question 4

Your web application requires temporary authorization to use AWS services. Which IAM entity should be used?

Answer 4

Role

Question 5

What is Amazon Inspector?

Answer 5

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices.

Question 6

What is AWS Shield?

Answer 6

AWS Shield is a security service that protects web applications hosted on the Amazon Web Services public cloud against distributed denial of service (DDoS) attacks.

Question 7

What is the difference between AWS Shield Standard vs AWS Shield Advnaced?

Answer 7

Higher level of protection, features, and benefits. For example, with Advanced, the user has access the Amazon 24 hour DDos response team.

Question 8

What is Standard-Infrequent 99.9999999999% durability’s availability?

Answer 8

99.99%

Question 9

What are the pillars of the Well-Architected Framework?

Answer 9

CORPS

Cost Optimization
Operational Excellence
Performance Efficiency
Reliability
Security

Question 10

Which of the pillars of the Well-Architected framework is defined as the ability to run an monitor systems to deliver business value and to continually improve supporting processes and procedures?

Answer 10

Operational excellence

Question 11

Which of the pillars of the Well-Architected framework is defined as the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies.

Answer 11

Security

Question 12

Which of the pillars of the Well-Architected framework is defined as the ability to of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues.

Answer 12

Reliability

Question 13

Which of the pillars of the Well-Architected framework is defined as the ability to use computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve.

Answer 13

Performance Efficiency

Question 14

Which of the pillars of the Well-Architected framework is defined as the abilityto avoid or eliminate unneeded cost or suboptimal resources.

Answer 14

Cost optimization

Question 15

What are the AWS Assurance/Compliance 3 Major Categories?

Answer 15

Certifications/Attestations

Laws, Regulations, and Privacy

Alignments/Frameworks

Question 16

What are the major AWS Compliance Certifications to be aware of?

Answer 16

ISO 27001

PCI DSS Level 1

SOC 1

SOC 2

SOC 3

Question 17

A _____ _____ is a check to see if your AWS infrastructure meets a given compliance standard. (I;E - even though AWS itself might, your infrastructure or application may not)

Answer 17

Gap Audit

Question 18

What are the Important Compliance Laws, Regulations and Privacies (AWS adheres to these)?

Answer 18

HIPAA - Standard required to store health information

Question 19

What are the most importan Compliance Alignments and Frameworks (AWS adheres to these)?

Answer 19

G-Cloud UK - Required for hosting government customers

Question 20

What does “AWS Manages security of the cloud, security in the cloud is the responsibility of the customer.” mean?

Answer 20

Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks, no differently than they would in an on-site datacenter.

Question 21

What is WAF?

Answer 21

Web Application Firewall

Protects from common web exploits that could

affect availability

compromise security

consume excessive resources

Question 22

What is the difference between using Elastic Load Balancers with security groups as security vs using a WAF?

Answer 22

ELB/Security Groups secure protocols and ports (Layer 4)

WAF - Can actually read the data being sent (Layer 7)

Question 23

What is AWS Shield?

Answer 23

Managed DDoS protection

safeguards web apps

always-on detection

enacts inline mitigations

Question 24

What are the two tiers of AWS Shield?

Answer 24

Standard - free and comes by default

Advanced $3K/month

Question 25

What is AWS Inspector?

Answer 25

Automated Security Assessment Audits for vulnerabilities or deviation from best practices Produces a lined report ordered by criticality Installed on your EC2 instances

Question 26

What is AWS Trusted Advisor?

Answer 26

Optimization guidance for your environment for cost optimization performance security fault tolerance

Question 27

What are the two levels of AWS Trusted Advisor?

Answer 27

Core Checks and Recommendations (free) Full Trusted Advisor - Business and Enterprise only

Question 28

What is the AWS Cloud?

Answer 28

Amazon Web Services or AWS in short, is a bundled remote computing service that provides cloud computing infrastructure over the Internet with storage, bandwidth and customized support for application programming interfaces (API).

Question 29

What is the AWS Value Proposition?

Answer 29

"AIFS" Agility Speed Experimentation Innovation Elasticity Scale on demand Eliminate wasted capacity Flexibility Broad set of products Low to no cost to entry Security Amazon has acquired many certifications Shared responsibility model

Question 30

Which of the following allows you to bid on spare Amazon EC2 computing capacity?

Answer 30

Spot Instances

Question 31

With EC2 instances, which of the following is a snapshot of a particular state of that resource?

Answer 31

Golden Image

Question 32

Amazon S3 Storage Glacier is a long-term storage solution that currently starts at what rate per GB per month?

Answer 32

$0.004

Question 33

Amazon S3 Storage Glacier is a long-term storage solution that currently starts at what rate per GB per month?

Answer 33

$0.004

Question 34

Amazon EMR offers what type of managed framework to process large amounts of data across dynamically scalable Amazon EC2 instances?

Answer 34

Hadoop

Question 35

With which pricing model do you pay for compute capacity by the hour with no required minimum commitments?

Answer 35

On-Demand Instances

Question 36

Which of the following from Amazon is an interactive query service used to analyze data in Amazon S3 using standard SQL and serverless (so you pay for the queries that you run)?

Answer 36

Athena

Question 37

With which of the following can you run code without provisioning or managing servers and pay only for the compute time consumed (there is no charge when the code is not running)?

Answer 37

AWS Lambda

Question 38

Why is AWS more economical than traditional data centers for applications with varying compute workloads?

Answer 38

Amazon EC2 instances can be launched on-demand when needed.

Question 39

Which AWS service would simplify migration of a database to AWS?

Answer 39

AWS Database Migration Service (AWS DMS)

Question 40

Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment?

Answer 40

AWS Marketplace

Question 41

Which AWS networking service enables a company to create a virtual network within AWS?

Answer 41

Amazon Virtual Private Cloud (Amazon VPC)

Question 42

Which of the following is AWS's responsibility under the AWS shared responsibility model? A) Configuring third-party applications B) Maintaining physical hardware C) Securing application access and data D) Managing custom Amazon Machine Images (AMIs)

Answer 42

B

Question 43

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery? A) AWS Regions B) AWS edge locations C) AWS Availability Zones D) Amazon Virtual Private Cloud (Amazon VPC)

Answer 43

B) AWS edge locations

Question 44

How would a system administrator add an additional layer of login security to a user's AWS Management Console?

Answer 44

Enable Multi-Factor Authentication

Question 45

8) Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated? A) Amazon CloudWatch B) AWS CloudTrail C) AWS X-Ray D) AWS Identity and Access Management (AWS IAM)

Answer 45

B) AWS CloudTrail

Question 46

Which service would you use to send alerts based on Amazon CloudWatch alarms? A) Amazon Simple Notification Service (Amazon SNS) B) AWS CloudTrail C) AWS Trusted Advisor D) Amazon Route 53

Answer 46

A) Amazon Simple Notification Service (Amazon SNS)

Question 47

Where can a customer find information about prohibited actions on AWS infrastructure?

Answer 47

D) AWS Acceptable Use Policy

Question 48

What are three EC2 Spot Instances use cases?

Answer 48

Applications that have flexible start times Applications that are only feasible at very low compute prices Users with urgent computing needs for a lot of additional capacity.