CCP Deck

Question 1

From where can you access AWS Budgets, AWS Cost Explorer, and the AWS Cost & Usage Report?

Answer 1

Billing & Cost Management Dashboard

Question 2

What dashboard is the best for creating, tracking, and inspecting your budgets?

Answer 2

The AWS Budgets Dashboard

Question 3

What two AWS services allow you to send alerts if you’re at your the limit of a specified amount or projected to exceed the specified amount?

Answer 3

CloudWatch and AWS Budgets

Question 4

What AWS service allows you to view and analyze your AWS costs and usage?

Answer 4

AWS Cost Explorer

Question 5

If you need a monthly or daily break down of your usage, what AWS service would you use?

Answer 5

AWS Cost Explorer

Question 6

If you need to see EC2 running hours costs and usage, what AWS service would you use?

Answer 6

AWS Cost Explorer

Question 7

If you need to see your Reserved Instance utilization and coverage, what AWS service would you use?

Answer 7

AWS Cost Explorer

Question 8

If you need to see your Savings Plan reports, what AWS service would you use?

Answer 8

AWS Cost Explorer

Question 9

If you gauge how your current costs are matching up to your expected costs or if you want to see how your projected spending vs your planned spending, what AWS tool would you use?

Answer 9

AWS Budgets

Question 10

What AWS service allows you to see trends to help you understand your cost?

Answer 10

AWS Cost Explorer

Question 11

How many months prior does AWS Cost Explorer let you view data?

Answer 11

13 months

Question 12

How many months in advance can AWS Cost Explorer help you project your costs?

Answer 12

3 months

Question 13

What AWS tool will give you insight on EC2 rightsizing and reservation purchases?

Answer 13

AWS Cost Explorer

Question 14

What AWS tool can you use to plan and set a limit on costs?

Answer 14

AWS Budgets

Question 15

What AWS tool can you use to see actual costs and usage?

Answer 15

AWS Cost Explorer

Question 16

What AWS tool gives you the most detailed information about your AWS cost and usage in a CSV file and places that report inside an S3 bucket?

Answer 16

AWS Cost and Usage Report

Question 17

What AWS tool allows you to compare the cost of running applications in an on-premises or traditional hosting environment to running the applications with AWS?

Answer 17

AWS Total Cost of Ownership (TCO) Calculator

Question 18

What AWS tool provides a detailed set of reports you can use for executive presentations when you want to demonstrate the difference in costs between on-premise infrastructure costs vs AWS cloud costs?

Answer 18

AWS Total Cost of Ownership (TCO) Calculator

Question 19

What AWS tool can you use to estimate your monthly bill with a per-service cost breakdown, as well as an aggregate monthly estimate.

Answer 19

AWS Simple Monthly Calculator

Question 20

What AWS tool gives you a calculator to see a sample estimation and breakdown of costs for common solutions, like a website or media application?

Answer 20

AWS Simple Monthly Calculator

Question 21

What AWS tool is a free account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage?

Answer 21

AWS Organizations

Question 22

True or false: With consolidated billing, you can apply unused reservations from one account to another account’s EC2 instance usage.

Answer 22

True. With consolidated billing, you can apply unused reservations from one account to another account’s EC2 instance usage.

Question 23

What is an organizational unit?

What AWS service allows you to group accounts into organizational units?

Answer 23

An organizational unit is multiple AWS grouped into one.

AWS Organizations

Question 24

What AWS service allows you to create service control policies (SCPs) that centrally allow or deny access to specified AWS services at the OU or individual account level?

Answer 24

AWS Organizations

Question 25

What AWS service would you use to automate the creation and management of new accounts?

Answer 25

AWS Organizations

Question 26

What AWS service allows companies to combine service usage across accounts to share volume pricing discounts, Reserved Instance discounts, and Savings Plans?

Answer 26

AWS Organizations

Question 27

What AWS service allows companies to simplify the billing process by setting up a single payment method for all AWS accounts in their organization?

Answer 27

AWS Organizations

Question 28

What is the master account and what does it allow you to do?

Answer 28

The AWS account you use to create your organization
and create other accounts in your organization, invite and manage invitations for other accounts, and remove accounts from your organization.

Question 29

What are member accounts?

Answer 29

Accounts that are part of an organization. An account that is not the master.

Question 30

How many organizations can a member belong to at a time?

Answer 30

A member can belong to one organization at a time

Question 31

What account can use service control policies (SCPs) to allow or deny access to AWS services for individual AWS accounts or for groups of accounts in an OU?

Answer 31

The master account of an organization

Question 32

Where are the specified actions from a SCP are applied?

Answer 32

To all AWS Identity and Access Management (IAM) users, groups, and roles for an account, including the AWS account root user.

Question 33

Why does the AWS Organizations service provide consolidated billing?

Answer 33

So that you can track the combined costs of all the linked accounts in your organization

Question 34

Who receives the consolidated bill?

Answer 34

The master account

Question 35

Can having multiple accounts consolidated into one enable you to reach utilization discounts faster than each account would reach individually?

Answer 35

Yes. You can combine service usage from multiple accounts into a single invoice.

Question 36

If you have an organization set up and one of the accounts has unused reserved instances and another one of your accounts needs those instances, can you allow the use of those instances without any additional cost?

Answer 36

Yes. You can apply unused reserved instances from one account to another account’s instance usage

Question 37

What AWS services cab be to used analyze costs and create budgets for all of the linked accounts in the organization in one place?

Answer 37

AWS Cost Management services allow organizations to analyze costs and create budgets for all of the linked accounts in the organization in one place.

Question 38

What support plan can we expect to provide the following:

Customer service for billing questions
Support forums
Service health checks
Documentation, whitepapers, and best-practice guides

Answer 38

A Basic support plan

Question 39

What support plan can help with account and billing questions and service limit increases?

Answer 39

A Basic support plan

Question 40

What support plan can we expect to provide the following:

Best-practice guidance
Client-side diagnostic tools
Building-block architecture support

Answer 40

A Developer support plan

Question 41

What support is recommended for early development, experimenting, or testing in AWS?

Answer 41

A Developer support plan

Question 42

What support plan can we expect to provide the following:

Use-case guidance
IAM for controlling individuals’ access to AWS Support
Full AWS Trusted Advisor
An API for interacting with Support Center and Trusted Advisor
Third-party software support

Answer 42

A Business support plan

Question 43

What support plan can we expect to provide the following:

Application architecture guidance
Infrastructure event management
Technical account manager (TAM)
White-glove case routing
Management business reviews

Answer 43

An Enterprise support plan

Question 44

What support plan is recommended for running production workloads in AWS?

Answer 44

A Business support plan

Question 45

What support plan is recommended for running the business and mission-critical workloads in AWS?

Answer 45

An Enterprise support plan

Question 46

What are the 5 Case Severity Levels?

Answer 46

The 5 Case Severity Levels are:

Critical
Urgent
High
Normal
Low

Question 47

What does the Critical Case Severity Levels mean?

Answer 47

Your business is at risk. The critical functions of your application are unavailable.

Question 48

What does the Urgent Case Severity Levels mean?

Answer 48

Your business is significantly impacted. The important functions of your application are unavailable.

Question 49

What does the High Case Severity Levels mean?

Answer 49

Important functions of your application are impaired or degraded.

Question 50

What does the Normal Case Severity Levels mean?

Answer 50

Noncritical functions of your application are behaving abnormally, or you have a time-sensitive development question.

Question 51

What does the Low Case Severity Levels mean?

Answer 51

You have a general development question, or you want to request a feature.

Question 52

What support plan DOES NOT offer any case support?

Answer 52

The Basic Support Plan does not offer any case support.

Because the basic support plan does not offer case support, it does not offer any support response type or time.

Question 53

What is the expected response time for the Developer Support plan and what case severity levels does it offer a response for?

Answer 53

The expected response time for a Developer Support plan is:

Normal Case Severity: 12 hours or less
Low Case Severity: 24 hours or less

Only during business hours

Question 54

What is the expected response time for the Business Support plan and what case severity levels does it offer a response for?

Answer 54

The expected response time for a Business Support plan is:

Urgent Case severity: 1 hour or less
High Case Severity: 4 hours or less
Normal Case Severity: 12 hours or less
Low Case Severity: 24 hours or less

24/7 support

Question 55

What is the expected response time for an Enterprise Support plan and what case severity levels does it offer a response for?

Answer 55

The expected response time for an Enterprise Support plan is:

Critical Case severity: 15 minutes or less
Urgent Case severity: 1 hour or less
High Case Severity: 4 hours or less
Normal Case Severity: 12 hours or less
Low Case Severity: 24 hours or less

24/7 support

Question 56

Who is designated as your primary point of contact for Enterprise support plans?

Answer 56

AWS Enterprise Support has technical account managers (TAMs) as primary points of contact.

Question 57

Who is the billing and account expert who provides quick and efficient analysis on billing and account issues?

Answer 57

Support Concierge

Question 58

Which of the following is the lowest-level support plan that offers case support?

Answer 58

The Developer Support Plan is the lowest-level support plan that offers case support.

Question 59

What network connect you to consulting and technology businesses that can help you achieve your AWS business goals without having to rely on internal knowledge?

Answer 59

The AWS Partner Network (APN)

Question 60

What can APN Consulting Partners help you with?

Answer 60

APN Consulting Partners can help you:

Design
Architect
Build
Migrate
Manage

Question 61

What do APN Technology Partners help you with?

Answer 61

APN Technology Partners provide hardware, connectivity services, and software solutions that are hosted on, or integrated with, the AWS Cloud.

Question 62

Where can you find, test, buy, and immediately start using software that runs on AWS?

Answer 62

AWS Marketplace

Question 63

What are AWS Quick Starts?

Answer 63

Automated reference deployments for workloads on the AWS Cloud

Question 64

A digital catalog with thousands of software listings from independent software vendors is also known as?

Answer 64

AWS Marketplace

Question 65

What is a good way to describe AWS Quick Starts?

Answer 65

Automated reference deployments that launch, configure, and run the AWS services required to deploy a specific workload on AWS.

Question 66

True or false: Cloud terms and conditions are the same as IT hardware terms and conditions.

Answer 66

False

Question 67

Cloud pricing fluctuates based on

Answer 67

Market pricing

Question 68

To take advantage of the dynamic and competitive pricing, customers should allow for flexibility in their procurement strategy?

Answer 68

True

Question 69

What are the 6 perspectives of the Cloud Adoption Framework?

Answer 69

1. Business Perspective
2. People Perspective
3. Governance Perspective
4. Platform Perspective
5. Security Perspective
6. Operations Perspective

Question 70

What does the Business Perspective of the CAF ensure?

Answer 70

The Business Perspective ensures IT is aligned with business needs and that IT investments are linked to key business results.

Ensure that your business strategies and goals align with your IT strategies and goals.

Question 71

What perspective of the CAF is used to create a business case for cloud adoption and prioritization?

Answer 71

The Business Perspective

Question 72

What is the AWS Cloud Adoption Framework (CAF?)

Answer 72

A framework to build a customized solution for your organization

Question 73

Who does the AWS Cloud Adoption Framework suggest you involve in the planning for cloud adoption?

Answer 73

The relevant stakeholders in the process.

Question 74

What is a good way to describe the AWS Cloud Adoption Framework?

Answer 74

Guidance and best practices to help you identify gaps in skills and processes when preparing to migrate to the cloud

Question 75

What does the AWS Application Discovery Service do?

Answer 75

Automatically collect detailed information about your current application dependencies and utilization.

Question 76

What does the Migration Hub provide?

Answer 76

Progress updates across multiple migrations.

Use it to identify and troubleshoot issues.

Reduce the overall time and effort spent on migration.

Question 77

What can quickly rehost machines from multiple source platforms to AWS”?

Answer 77

Cloud Endure

Question 78

What relocates applications virtualized on VMware Cloud Foundation-based environments to the AWS Cloud?

Answer 78

VMware Cloud on AWS

Question 79

What are two common AWS migration solutions?

Answer 79

AWS Database Migration Services and AWS Snowball Edge

Question 80

What does the AWS Database Migration Services (AWS DMS) help you do?

Answer 80

The DMS helps you migrate databases to AWS quickly and securely.

Question 81

When migrating a database with DMS, does the source database go down?

Answer 81

No. The source database remains fully intact during migration with DMS.

Question 82

With DMS, can you migrate to and from most widely used on-premises commercial and open-source databases?

Answer 82

Yes.

Question 83

With DMS, can you perform homogenous migrations, such as Oracle to Oracle?

Answer 83

Yes, homogenous migrations are possible with DMS.

Question 84

With DMS, can you perform heterogeneous migrations between different database platforms, such as Microsoft SQL Server to Amazon Aurora?

Answer 84

Yes, heterogeneous migrations are possible with DMS.

Question 85

What service is better suited for data warehouses?

Answer 85

Amazon Redshift

Question 86

What physical device provisioned by AWS allows you to transfer data much faster and more cost-effective than transferring that data over the Internet?

Answer 86

AWS Snowball Edge

Question 87

What common challenges with large-scale data transfers does the AWS Snowball Edge help with?

Answer 87

High network costs
Long transfer times
Security concerns

Question 88

Modernize development for rapid innovation

Answer 88

Replace your overly complex applications with microservices that deploy and scale independently.

Question 89

Analyze your data faster for deeper insights

Answer 89

Use machine learning and analytics tools to help you make data-driven decisions, deepen your customer relationships, and reduce business risk.

Question 90

What do you need to clearly articulate are to be equipped to drive innovation in the cloud:

Answer 90

The current state
Where you want to end up
The problems you are trying to solve

Question 91

What does serverless mean in AWS?

Answer 91

Applications that don’t require you to provision, maintain, or administer servers. You don’t need to worry about fault tolerance and availability. AWS handles those capabilities for you.

Question 92

What is a service that you can use to develop serverless applications

Answer 92

AWS Lambda

Question 93

Amazon Transcribe

Answer 93

You can convert speech to text

Question 94

Amazon Comprehend

Answer 94

Discover patterns

Question 95

Amazon Fraud Detector

Answer 95

Identify potentially fraudulent online activities

Question 96

Amazon SageMaker

Answer 96

Remove the heavy lifting from the process and empower you to build, train, and deploy ML models quickly.

Question 97

What can you do to modernize your organization for rapid innovation?

Answer 97

Replace monolithic apps with microservices

Question 98

What does machine learning (ML) allow you to do?

Answer 98

Analyze data, solve complex problems, and predict outcomes before they happen

Question 99

What can you do with AWS Identity and Access Management?

Answer 99

Create and manage AWS users and groups, and use permissions to allow or deny their access to AWS resources.

Question 100

What is an AWS Region?

Answer 100

Each AWS Region is a separate geographic area with at least two isolated locations known as Availability Zones.

Question 101

What are the four options to pay for Amazon EC2 instances?

Answer 101

On-demand
Spot
Reserved instance
Dedicated host

Question 102

What are the five pillars of a well-architected framework?

Answer 102

Operational excellence
Security
Reliability
Performance efficiency
Cost optimization

Question 103

How does CloudFront deliver data, videos, applications, and API’s?

Answer 103

Through edge locations.

Question 104

What does CloudTrail do within your AWS infrastructure?

Answer 104

Monitors and logs account activity.

Question 105

What does ElastiCache store? and where?

Answer 105

Ephemeral data and in-memory.

Question 106

What is ElastiCache ideal for?

Answer 106

Improving the performance of data-intensive apps

Question 107

Spinning up servers and shutting them down as needed is an example of what?

Answer 107

The agility that cloud computing can offer.

Question 108

You have been tasked with distributing a newsletter that will be pushed out to administrators by email. What is a way to get this done?

Answer 108

Create a topic in Amazon Simple Notification Service (Amazon SNS) that administrators can subscribe to.

Question 109

Which component of the AWS infrastructure supports caching of content for faster access?

Answer 109

Edge locations

Question 110

Who’s responsibility is AWS Identity and Access Management (IAM) in the shared business model?

Answer 110

IAM is the customer’s responsibility in the shared business model.

Question 111

A company has 70 employees divided into 10 departments. The IT administrator wants to customize each department’s access to AWS. What is an efficient way of administering the right permissions?

Answer 111

Create an IAM group for each department, assign IAM users to the group.

Question 112

Which service sends notifications or automatically makes changes to the resources being monitored based on rules you established?

Answer 112

CloudWatch

Question 113

What are 3 good uses cases for CloudFront?

Answer 113

Static Asset Caching
Live On-Demand video streaming
Security and Encryption

Question 114

How is storage typically priced on AWS?

Answer 114

Per GB

Question 115

What is the most common billing model?

Answer 115

Pay as you go

Question 116

Which AWS service is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS?

Answer 116

AWS Shield

Question 117

Which AWS Cost Management Service can be configured to send you an alert when one of your services is forecasted to exceed a specified cost?

Answer 117

AWS budgets

Question 118

What is the best way to describe AWS artifact?

Answer 118

A service that provides on-demand access to compliance reports and managing AWS agreements

Question 119

What is the best way to describe the purpose of penetration testing?

Answer 119

Discovering vulnerabilities within your applications and resources

Question 120

What is a denial-of-service (DoS) attack?

Answer 120

A deliberate attempt to make your website or application unavailable to users

Question 121

How can you best describe the Amazon Inspector?

Answer 121

As a service that automates vulnerability assessments

Question 122

Can you prioritize the actions to take on security and compliance issues within the Security Hub?

Answer 122

yes

Question 123

True or false: Multi-factor authentication (MFA) is enabled by default for AWS accounts.

Answer 123

False

Question 124

Can you determine who created an S3 policy 30 days ago with AWS CloudTrail?

Answer 124

Yes

Question 125

What can you create and implement with the AWS Security Hub?

Answer 125

Rules to filter network traffic

Question 126

According to the shared responsibility model, which of the following is the responsibility of AWS?

Answer 126

Protecting AWS’s global infrastructure

Question 127

True or false: Based on the shared responsibility model, customers are responsible for controlling access to their content stored in AWS.

Answer 127

True

Question 128

Deploying and configuring your infrastructure as code a function of the AWS CloudFormation?

Answer 128

Yes

Question 129

Is examining permissions and providing security recommendations a feature of AWS Trusted Advisor?

Answer 129

Yes

Question 130

You have an application composed of individual services. You need to route a request to a service based on the content of the request. Which type of load balancer should you use?

Answer 130

Application Load Balancer

Question 131

True or false: Network Load Balancers route connections to targets based on IP protocol data.

Answer 131

True

Question 132

Which of the following best describes how Amazon SNS works?

Answer 132

Messages are posted to a topic and then distributed to services and users who subscribe to that topic.

Question 133

True or false: Amazon SQS FIFO queues process messages in the order they are sent.

Answer 133

True

Question 134

When should I use Amazon EFS vs. Amazon S3 vs. Amazon Elastic Block Store (EBS)?

Answer 134

Amazon EFS is a file storage service for use with Amazon EC2. Amazon EFS provides a file system interface, file system access semantics (such as strong consistency and file locking), and concurrently-accessible storage for up to thousands of Amazon EC2 instances.

Amazon EBS is a block-level storage service for use with Amazon EC2. Amazon EBS can deliver performance for workloads that require the lowest latency access to data from a single EC2 instance.

Amazon S3 is an object storage service. Amazon S3 makes data available through an Internet API that can be accessed anywhere.

Question 135

When should I use Amazon EC2 Auto Scaling vs. AWS Auto Scaling?

Answer 135

You should use AWS Auto Scaling to manage to scale for multiple resources across multiple services.

You should use EC2 Auto Scaling if you only need to scale Amazon EC2 Auto Scaling groups, or if you are only interested in maintaining the health of your EC2 fleet.

Question 136

What is cloud computing?

Answer 136

IT resources that work on pay-as-you-go models, meaning that you only pay for the resources that you’re using.

Question 137

What are the 3 cloud computing models?

Answer 137

Cloud
Hybrid
On-premise or private cloud

Question 138

What are the 3 values that influence agility?

Answer 138

Speed
Culture of innovation
Experimentation

Question 139

What is the CLOUD computing model?

Answer 139

A full cloud deployment. Every aspect of your application is on the cloud. Applications can either be developed on the cloud or migrated from an on-premise environment.

Question 140

What are some advantages of cloud computing?

Answer 140

Scaling. You may add more resources or reduce the number of resources seamlessly.

Reduces the overhead costs procuring your own infrastructure and maintaining it

With AWS’s global presence, you can strategically place your data closer to your customers to reduce latency.

Question 141

What is the HYBRID computing model?

Answer 141

The hybrid computing model allows for a company with an on-premise data center to work in the cloud.

Question 142

What are some of the benefits of the hybrid model?

Answer 142

We can economically store large amounts of data

Use cloud-native services like databases or record archiving

Move data closer to your customers

Backup data away from the on-premise site to promote continuity in case of an outage or disaster on the on-premise site.

Question 143

What is the ON-PREMISE computing model?

Answer 143

The on-premise model relates to companies that have their own data centers.

This model doesn’t allow for any of the benefits of the cloud. Companies must normally bear the burden of procuring enough resources, deployments, employees, and the cost of all just mentioned.

Question 144

Do I have to use all of AWS’s services if I want to be a customer?

Answer 144

No. Services can be procured as standalone or combos.

Question 145

How is AWS spread out globally?

Answer 145

AWS has something called REGIONS across the world.

Those regions contain AVAILABILITY ZONES

Those availability zones are then spread out throughout the area to promote durability and availability.

Question 146

What is an Availability Zone?

Answer 146

An availability zone is a cluster of isolated data centers that promote wider reach, low latency, and business continuity.

Question 147

How many Availability Zones can a REGION contain?

Answer 147

A region can contain 6 availability zones.

Question 148

Can Availability Zones belong to more than one region?

Answer 148

No. Availability zones cannot belong to more than one region.

Question 149

What does AWS define as Durability?

Answer 149

The chance that you will be able to retrieve an object from its storage.

Think: how sure am I that my object will be there?

Question 150

What does AWS define as Availability?

Answer 150

The percentage of uptime for objects to be retrieved.

Think: I need my object right now. Can AWS guarantee that their network will give me access right now?

Question 151

How do data isolated data centers help promote business continuity, durability, and availability?

Answer 151

The separation of physical data center locations gives peace of mind that if one center has an outage or is damaged because of a natural disaster or system failures, your services can be picked up by another center.

Question 152

Does our choice of the region affect which services we can procure?

Answer 152

Yes. Not all regions offer all of AWS’s services. In fact, there is only one region that houses ALL the services AWS offers.

That region is the US EAST: N. Virginia region.

Question 153

What are some factors to consider when selecting the right region?

Answer 153

We want to optimize and reduce latency
- Where are your customers?

costs

Regulatory requirements

Question 154

What is the Shared Responsibility Model?

Answer 154

A symbiotic relationship between AWS and the cloud customer.

When you use AWS services, you and AWS share the responsibility of maintaining security and compliance

Question 155

What are the foundation services that AWS is responsible for in the Shared Responsibility Model?

Answer 155

Compute

Storage

Database

Network

Question 156

What are the global infrastructure services that AWS is responsible for in the Shared Responsibility Model?

Answer 156

Regions

Availability Zones

Edge Locations

Question 157

Are networks, facilities, hardware, operational software, like host OS’s and virtualization the responsibility of the customer or AWS in the Shared Responsibility Model?

Answer 157

AWS is responsible for these.

Question 158

What is AWS’s number one priority in the Shared Responsibility Model?

Answer 158

The global infrastructure.

Question 159

Who is responsible for customer data in the Shared Responsibility Model?

Answer 159

The customer is responsible for customer data.

Question 160

Who is responsible for how the platform, services, and Identity and Access Management is used on AWS in the Shared Responsibility Model?

Answer 160

The customer is responsible for how they use the platform, the services they procure, and who they allow to access their data in the Shared Responsibility Model.

Question 161

Who is responsible for the OS, network, and firewall configurations in the Shared Responsibility Model?

Answer 161

The customer is responsible for how they use the OS, their network settings and configurations, and their firewall configurations in the Shared Responsibility Model.

Question 162

Who is responsible for customer data encryption and data integrity authentication in the Shared Responsibility Model?

Answer 162

The customer is responsible for protecting their data and its integrity in the Shared Responsibility Model.

Question 163

Who is responsible for Server-Side Data encryption on the file system and the data in the Shared Responsibility Model?

Answer 163

The customer is responsible for Server-Side Data encryption on the file system and the data in the Shared Responsibility Model.

Question 164

Who is responsible for Network Traffic Protection (encryption/integrity/Identity) in the Shared Responsibility Model?

Answer 164

The customer is responsible for Network Traffic Protection (encryption/integrity/Identity) in the Shared Responsibility Model.

Question 165

Who is in charge of the content and securing the content put on AWS?

Answer 165

The customer is in charge of the content and securing the content put on AWS.

Question 166

Who decides what country in which the content is stored?

Answer 166

The customer decides what country to store its content on.

Question 167

Who decides the format and structure of your content, along with whether it is masked, anonymized, or encrypted?

Answer 167

The customer decides the format and structure of your content, along with whether it is masked, anonymized, or encrypted.

Question 168

Who controls who has access to content and how those access rights are managed?

Answer 168

The customer has control over access and who has the right to access content on AWS.

Question 169

What location is a location that caches popular content (widely used content) to promote low latency?

Answer 169

Edge locations caches popular content (widely used content) to promote low latency

Question 170

What two AWS services do edge locations caches popular content for? (Who do they serve)

Answer 170

Edge locations cache popular content for AWS CloudFront Delivery Network and Route 53.

Question 171

An incoming request gets routed to the nearest ___ location.

Answer 171

Edge location

Question 172

What type of cache holds content that isn’t popular enough to be considered ‘frequently used’ but is also requested enough to not want to fetch from the database?

Answer 172

The regional cache holds content that is not popular enough for edge locations, but relevant enough to not want to pull from the database.

Question 173

What is a consistent approach for designing and evaluating architectures through design and principle?

Answer 173

The AWS Well-Architected Framework is a consistent approach for designing and evaluating architectures through design and principle.

Question 174

What framework helps build secure, high performing, resilient, and efficient cloud-native infrastructure?

Answer 174

The AWS Well-Architected Framework helps build secure, high performing, resilient, and efficient cloud-native infrastructure

Question 175

What does Operational Excellence encompass in the AWS Well-Architected Framework?

Answer 175

Operational Excellence encompasses running and monitoring systems to deliver business value

Operational Excellence encompasses continually improve processes and procedures.

Question 176

What does Reliability encompass in the AWS Well-Architected Framework?

Answer 176

Reliability encompasses recovering from infrastructure or service disruptions

Reliability encompasses dynamically acquiring computing resources to meet demand

Question 177

What does Performance Efficiency encompass in the AWS Well-Architected Framework?

Answer 177

Performance Efficiency encompasses the use of computing resources to efficiently meet system requirements.

Performance Efficiency encompasses maintaining efficiency as demand rises.

Question 178

What does Cost Optimization encompass in the AWS Well-Architected Framework?

Answer 178

Cost Optimization encompasses running the system and delivering value at the lowest possible cost.

Cost Optimization encompasses avoiding unnecessary costs.

Cost Optimization encompasses analyzing spending over a period of time.

Cost Optimization encompasses meeting the business needs without overspending.

Question 179

What tool asks a series of questions about your architecture and promotes best practice suggestions?

Answer 179

The Aws Well-Architected Tool asks a series of questions about your architecture and promotes best practice suggestions

Question 180

What tool aides in reliability, security, efficiency, and cost-effectiveness?

Answer 180

The Aws Well-Architected Tool aides in reliability, security, efficiency, and cost-effectiveness.

Question 181

What are the AWS service types?

Answer 181

The AWS Service Types are:

Infrastructure as a Service (IaaS)

Platform as a Service (PaaS)

Software as a Service (SaaS)

Serverless Computing

Question 182

What are common Infrastructure as a Service (IaaS) services on AWS?

Answer 182

Virtual Private Cloud (VPC)

EC2

EBS

Question 183

What are the common Platform as a Service (PaaS) services on AWS?

Answer 183

RDS
EMR
ElasticSearch

Question 184

What are the common Serverless Computing services on AWS?

Answer 184

S3

Lambda

DynamoDB

SNS

Question 185

What does Infrastructure as a Service (IaaS) offer?

Answer 185

IaaS allows the customer to launch and manages the Linux servers themselves.

Question 186

What does Platform as a Service (PaaS) offer?

Answer 186

PaaS services hand over the infrastructure reigns to AWS. AWS is fully in charge of handling the servers and the operating systems.

Question 187

What does Software as a Service (SaaS) offer?

Answer 187

SaaS is a complete product owned by Amazon that normally runs on a browser.

Question 188

What does Serverless Computing offer?

Answer 188

Serverless computing allows applications to be built and run without worrying servers

Question 189

What is considered the core of Serverless Computing?

Answer 189

The core of Serverless Computing is AWS Lambda

Question 190

Who manages the infrastructure of Serverless Computing?

Answer 190

Aws manages everything in Serverless Computing

Question 191

What is a description of AWS Compute Services?

Answer 191

Compute services are the processing power needed to run your application. The AWS compute portfolio provides tools to develop, deploy, run, and scale your applications in the AWS Cloud.

Question 192

What is a description of AWS Storage Services?

Answer 192

These services hold the information used by your applications. They provide reliable, scalable, and secure options to store, transmit, and back up your data.

Question 193

What is a description of AWS Database Services?

Answer 193

Database services range from relational databases that are easy to set up and operate, to NoSQL databases built for higher demand and low latency.

Question 194

What is a description of AWS Analytics Services?

Answer 194

Analytics services enable you to transform raw data into meaningful information. They help you collect, visualize, and analyze your data to get the answers you need to run your business.

Question 195

What is a description of AWS Cost Management Services?

Answer 195

Use these services to access information about your costs and usage, organize your costs across business lines, understand cost drivers and usage trends, set budgets, and optimize your AWS usage

Question 196

What AWS Compute Service allows for resizable capacity because it is designed to make scaling easy?

Answer 196

Elastic Compute Cloud (Amazon EC2) was designed to make scaling easy.

Question 197

What AWS Compute Service allows for servers to be booted or terminated in minutes. Allowing for up-scaling or down-scaling to be made easy.

Answer 197

Elastic Compute Cloud (Amazon EC2) allows for servers to be booted or terminated in minutes

Question 198

What AWS Compute Service requires Amazon Elastic Block Service (EBS) or Amazon Elastic File Service (EFS) because it only provides ephemeral storage?

Answer 198

Elastic Compute Cloud (Amazon EC2) requires Amazon Elastic Block Service (EBS) or Amazon Elastic File Service (EFS) for more permanent storage.

Question 199

What AWS Compute Service can you use to deploy your Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker based code on servers like: Apache, Nginx, Passenger, and IIS?

Answer 199

AWS Elastic Beanstalk allows for applications to be deployed on familiar servers

Question 200

What AWS service is a serverless computing engine for containers that works with both Amazon Elastic Container Services (ECS) and Amazon Elastic Kubernetes Service (EKS)?

Answer 200

AWS Fargate works with both Amazon Elastic Container Services (ECS) and Amazon Elastic Kubernetes Service (EKS).

Question 201

What AWS service helps improve security through application isolation by design

Answer 201

AWS Fargate improve security through application isolation

Question 202

What AWS service is ideal for microservices architecture applications, batch processing, machine learning applications, and migrating on-premise applications to the cloud?

Answer 202

AWS Fargate

Question 203

What AWS service lets you run code without provisioning or managing servers

Answer 203

AWS Lambda

Question 204

What AWS service allows you to set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app?

Answer 204

AWS Lambda

Question 205

What auto-scaling service provides features to manage your fleet EC2 instances help maintain the health and availability of your fleet?

Answer 205

Amazon EC2 Auto Scaling

Question 206

What auto-scaling service allows you to automatically add or remove EC2 instances according to conditions you define?

Answer 206

Amazon EC2 Auto Scaling

Question 207

What auto-scaling service provides predictive scaling features of EC2 Auto Scaling to add or remove EC2 instances?

Answer 207

Amazon EC2 Auto Scaling

Question 208

In reference to Amazon EC2 Auto Scaling, what is dynamic scaling, and what is predictive scaling? Can both of these scaling features be used to scale faster?

Answer 208

Dynamic scaling responds to changing demand

Predictive scaling automatically schedules the right number of EC2 instances based on predicted demand

Yes

Question 209

What AWS service is perfect for developers, small businesses, students, and other users who need a simple virtual private server (VPS) solution.

Answer 209

Amazon LightSail (AWS Managed)

Question 210

What AWS service is a container manager for Docker containers?

What AWS Compute Service do these containers work on?

Answer 210

Amazon Elastic Container

The containers will run on a managed cluster of EC2 servers

Question 211

What AWS service allows you to deploy and manage containerized apps at scale with Kubernetes?

Answer 211

Amazon Elastic Kubernetes

Question 212

What AWS Storage service allows you to store objects in ‘Buckets’ and allows you to access these objects anywhere on the internet?

Answer 212

Amazon Simple Storage Service (Amazon S3)

Question 213

What type of access can you allow or restrict on AWS S3 objects in a bucket?

Answer 213

You can control who accesses, creates, deletes, and retrieves objects from a bucket

Question 214

What are the popular uses cases for AWS S3 storage?

Answer 214

websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics

Question 215

What AWS Storage service was designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction-intensive workloads?

Answer 215

Amazon Elastic Block Store (Amazon EBS)

Question 216

What AWS Storage service allows for the rapid changing of volume type?

Answer 216

Amazon Elastic Block Store (Amazon EBS)

Question 217

Where are EBS volumes automatically backed up?

Answer 217

Within its own availability zone.

Question 218

If you’re using EBS and you want to set up a lifecycle rule to automatically backup your volumes while ensuring geographic protection of your data and business continuity, what AWS storage service would you use to back up EBS volumes?

Answer 218

Amazon s3

Question 219

What are the cheapest storage options on AWS?

Answer 219

S3 Glacier Deep Archive is the cheapest storage option on AWS

Question 220

What AWS services are low-cost Amazon S3 based cloud storage classes for data archiving and long-term backup?

Answer 220

Amazon S3 Glacier & S3 Glacier Deep Archive

Question 221

What are the 3 retrieval options for Amazon S3 Glacier archives?

Answer 221

Expedited
Standard
Bulk

Question 222

What are the access speeds for Expedited Retrievals?

Answer 222

Expedited retrievals typically return data in 1-5 minutes, and are great for Active Archive use cases.

Question 223

What are the access speeds for Standard Retrievals?

Answer 223

Standard retrievals typically complete between 3-5 hours and work well for less time-sensitive needs like backup data, media editing, or long-term analytics.

Question 224

What are the access speeds for Bulk Retrievals?

Answer 224

Bulk retrievals are the lowest-cost retrieval option, returning large amounts of data within 5-12 hrs.

Question 225

What are the S3 Glacier Deep Archive retrieval options?

Answer 225

Bulk - where you can retrieve petabytes of data within 48 hours

Question 226

Which glacier service should you use if you want to only access your data once or twice a yr?

Answer 226

S3 Glacier Deep Archive

Question 227

What S3 storage type is good for general purposes?

Answer 227

Amazon S3 Standard (S3 Standard)

Question 228

What S3 storage type is good for Ideal for long-lived data with access patterns that are unknown or unpredictable?

Answer 228

Amazon S3 Intelligent-Tiering (S3 Intelligent-Tiering)

Question 229

What S3 storage type automatically moves objects between two access tiers based on changing access patterns?

Answer 229

Amazon S3 Intelligent-Tiering (S3 Intelligent-Tiering)

Question 230

What S3 storage is good for data that is accessed less frequently but requires rapid access when needed?

Answer 230

Amazon S3 Standard-Infrequent Access (S3 Standard-IA)

Question 231

What S3 storage is good for data that is infrequently accessed and requires rapid access when needed but does not require the availability and resilience of S3 Standard or S3 Standard-IA?

Answer 231

Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)

Question 232

What S3 storage is good for backup copies or easily recreatable data?

Answer 232

Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)

Question 233

What is one S3 storage type that runs the risk of losing your data in case of zone destruction?

Answer 233

Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)

Question 234

What S3 storage is good for low-cost storage ideal for data archiving but does not produce real-time access to data?

Answer 234

Amazon S3 Glacier

Question 235

What S3 storage offers the lowest-cost storage class designed for long-term data retention (7 to 10 years or longer)?

Answer 235

Amazon S3 Glacier Deep Archive

Question 236

What are the individual areas inside of your VPC?

These individual areas can have different levels of access that allow you to either make a subnet public or private

Answer 236

Subnets

Question 237

What allows you to provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define?

Answer 237

The Virtual Private Cloud (VPC)

Question 238

Can you select your own IP address range for your VPC?

Answer 238

Yes, you select your own IP address range for your VPC

Question 239

Can you create your own subnets within your VPC?

Answer 239

Yes, you can create your own subnets within your VPC.

Question 240

Can you configure the route tables and network gateways of your VPC?

Answer 240

Yes, you configure the route tables and network gateways of your VPC.

Question 241

Can you configure public and private subnets within your VPC?

Answer 241

Yes, you can create a public-facing subnet for your web servers that have access to the internet.

You can also place your backend systems, such as databases or application servers, in a private-facing subnet with no internet access

Question 242

What layers of security are offered for the VPC?

Answer 242

security groups

network access control lists

Question 243

How many regions does your VPC exist in?

Answer 243

Your VPC exists within one region

Question 244

What is the max number of VPC’s per region?

Answer 244

There is a max of 5 VPC’s per region

Question 245

What AWS Service is a cloud-based Domain Name Service (DNS)?

Answer 245

Amazon Route 53

Question 246

What AWS Service offers these 3 main benefits:

1. You can register domain names for sites or applications
2. Route traffic to your resources configured to that domain
3. Automatically check the health of your resource

Answer 246

Amazon Route 53

Question 247

What is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds?

Answer 247

Amazon CloudFront

Question 248

What AWS service works with AWS Shield for DDoS mitigation?

Answer 248

Amazon CloudFront

Question 249

What location type does Amazon CloudFront make use of to distribute content with low latency and high data transfer rates by serving requests using a network?

Answer 249

Edge locations

Question 250

What 3 AWS storage services allow you to transfer data without any additional costs when used with CloudFront?

Answer 250

Amazon S3

Elastic Load Balancing

Amazon EC2

Question 251

What are the components of Amazon VPC?

Answer 251

• A Virtual Private Cloud
• Subnet
• Internet Gateway
• NAT Gateway
• Egress-only Internet Gateway
• VPC Endpoints
• Peering Connections
• Virtual private gateway

Question 252

What is a segment of a VPC’s IP address range where you can place groups of isolated resources?

Answer 252

Subnet

Question 253

What gateway offers a highly available managed Network Address Translation (NAT) service for your resources in a private subnet to access the Internet?

Answer 253

NAT Gateway

Question 254

Internet Gateway is the:

Answer 254

Amazon VPC side of a connection to the public Internet.

Question 255

Virtual private gateway is the:

Answer 255

Amazon VPC side of a VPN connection.

Question 256

A ___ connection enables you to route traffic via private IP addresses between two peered VPCs

Answer 256

Peering (Connection)

Question 257

What component of the VPC enables private connectivity to services hosted in AWS, from within your VPC without using an Internet Gateway, VPN, Network Address Translation (NAT) devices, or firewall proxies?

Answer 257

VPC Endpoints

Question 258

What type of gateway is a stateful gateway that provides egress only access for IPv6 traffic from the VPC to the Internet?

Answer 258

Egress-only Internet Gateway

Question 259

What is a MySQL and PostgreSQL-compatible relational database built for the cloud that is owned by Amazon and managed by RDS?

Answer 259

Amazon Aurora

Question 260

Does the Amazon Relational Database Service (Amazon RDS) work well with SQL or NoSQL databases?

Answer 260

RDS works well with SQL based databases

Question 261

What does RDS help automate?

Answer 261

Time-consuming administration tasks such as hardware provisioning, database setup, patching and backups

Question 262

Does the Amazon DynamoDB work well with SQL or NoSQL databases?

Answer 262

Works with NoSQL

Question 263

What is a key-value and document database?

Answer 263

DynamoDB

Question 264

What is a fully managed, multi-region, multi-master, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications?

Answer 264

DynamoDB

Question 265

What AWS database service can handle more than 10 trillion requests per day and can support peaks of more than 20 million requests per second?

Answer 265

DynamoDB

Question 266

What is the name of the graph database that is best for fraud detection, social networking, recommendation engines?

Answer 266

Amazon Neptune

Question 267

What is the name of the in-memory database that is best for caching, session management, gaming leaderboards, geospatial applications?

Answer 267

Amazon ElastiCache

Question 268

What is the name of the ledger database that is best for systems of record, supply chain, registrations, banking transactions?

Answer 268

Amazon Quantum Ledger Database

Question 269

What AWS service allows you to seamlessly set up, run, in-memory data stores in the cloud that allow you to build data-intensive apps or boost database performance?

Answer 269

Amazon ElastiCache

Question 270

Which cache should be used when you’re caching small and static data?

This type of cache should only be used only when were concerned with fast reads and performance.

Answer 270

MemCached

Question 271

Which cache is a NoSQL cache that supports persistence and scripting?

This type of cache also comes with in-memory data structures

Answer 271

Redis

Question 272

What type of cache should be used for:

Reads and writes
Caching
Pub/Sub
Gaming Leaderboards
Session Stores

Answer 272

Redis

Question 273

What is AWS Artifact?

Answer 273

A free service that provides on-demand access to AWS’s security and compliance reports and select online agreements.

Question 274

What are the two main sections of AWS Artifact?

Answer 274

AWS Artifact Agreements

AWS Artifact Reports

Question 275

What section of AWS Artifact allows you to review, accept, and manage agreements between you and AWS, for either an individual account or for accounts that are part of an AWS Organization?

Answer 275

AWS Artifact Agreements

Question 276

What section of AWS Artifacts provides several compliance reports from third-party auditors who have tested and verified AWS’s compliance with a variety of global, regional, and industry-specific security standards and regulations?

Answer 276

AWS Artifact Reports

Question 277

What is penetration testing?

Answer 277

Penetration testing is the process of checking a system or application for vulnerabilities by attempting to exploit them.

Question 278

What are common vulnerabilities that can be found with penetration testing?

Answer 278

Some common vulnerabilities that can be discovered through penetration testing include security misconfigurations, weak permission settings, and sensitive data exposure.

Question 279

What AWS service is a query service that makes it easy to analyze data in Amazon S3 using standard SQL?

Answer 279

Amazon Athena

Question 280

What AWS Service allows you to run ad-hoc queries using ANSI SQL, without the need to aggregate or load the data into it?

Answer 280

Amazon Athena

Question 281

Amazon Athena allows you to run ad-hoc queries using ANSI SQL, without the need to aggregate or load the data into it, using what storage service?

Answer 281

Amazon S3

Question 282

What AWS Service is a fully managed data warehouse?

Answer 282

Amazon Redshift

Question 283

What AWS Service allows you to run complex analytic queries against petabytes of structured data?

Answer 283

Amazon Redshift

Question 284

What AWS service allows you to run queries against unstructured data in Amazon S3 data lakes?

Answer 284

Amazon Redshift

Question 285

Amazon Kinesis is best for what?

Answer 285

Process streaming data at any scale

Ingesting real-time data such as video, audio, application logs, website clickstreams, and IoT telemetry data for machine learning.

Question 286

What AWS Kinesis service is best for capturing, processing, and storing video streams?

Answer 286

Kinesis Video Streams

Question 287

What AWS service makes it easy to securely stream video from connected devices to AWS for analytics, machine learning (ML), and other processing?

Answer 287

Kinesis Video Streams

Question 288

What AWS Kinesis service is best for capturing, processing, and storing data streams?

Answer 288

Amazon Kinesis Data Streams

Question 289

What AWS Kinesis service is a scalable and durable real-time data streaming service that can continuously capture gigabytes of data per second from hundreds of thousands of sources.

Answer 289

Amazon Kinesis Data Streams

Question 290

What AWS Kinesis service is best for loading data streams into AWS data stores?

Answer 290

Kinesis Data Firehose

Question 291

What AWS Kinesis service is best for analyzing data streams with SQL or Java?

Answer 291

Kinesis Data Analytics

Question 292

What AWS Cost Management tool that enables you to view and analyze your costs and usage?

Answer 292

AWS Cost Explorer

Question 293

What AWS Cost Management tool allows you to view data for up to the last 12 months and forecast how much you’re likely to spend for the next three months?

Answer 293

AWS Cost Explorer

Question 294

True or False:

You can’t disable Cost Explorer after you enable it.

Answer 294

True

Question 295

What AWS Cost Management tool is your hub for creating, tracking, and inspecting your budgets?

This tool enables you to create several types of budgets.

Answer 295

AWS Budgets

Question 296

What budgets can you create and track with AWS Budgets?

Answer 296

Cost budgets to monitor costs against a specified dollar amount.

Usage budgets to monitor the usage of one or more specified usage types.

Reservation budgets to track Reserved Instance utilization and coverage.

Savings Plans budgets to track Savings Plans utilization and coverage.

Question 297

What do AWS Budgets allow you to do with reserved instances?

Answer 297

RI utilization budgets – Define a utilization threshold and receive alerts when your RI usage falls below that threshold. This lets you see if your RIs are unused or under-utilized.

RI coverage budgets – Define a coverage threshold and receive alerts when the number of your instance hours that are covered by RIs fall below that threshold. This lets you see how much of your instance usage is covered by a reservation.

Question 298

What do AWS Budgets allow you to do with savings plans?

Answer 298

Savings Plans utilization budgets – Define a utilization threshold and receive alerts when the usage of your Savings Plans falls below that threshold. This lets you see if your Savings Plans are unused or under-utilized.

Savings Plans coverage budgets – Define a coverage threshold and receive alerts when your Savings Plans eligible usage that is covered by Savings Plans falls below that threshold. This lets you see how much of your instance usage is covered by Savings Plans

Question 299

What AWS Cost Management tool provides the most detailed information about your AWS costs and usage?

You can generate reports at a daily or hourly level of granularity

Answer 299

AWS Cost and Usage Report

Question 300

What AWS Management and Governance services allows you to monitor your AWS resources and the applications you run on AWS in real-time?

Answer 300

Amazon CloudWatch

Question 301

What AWS tool would you use so that you can specify which CloudWatch actions a user in your AWS Account can perform?

Answer 301

AWS Identity and Access Management (IAM)

Question 302

What AWS service would you use to send notifications (alerts) that CloudWatch would want you to send?

Answer 302

Amazon Simple Notification Service (Amazon SNS)

Question 303

What AWS service allows you to gain system-wide visibility into resource utilization, application performance, and operational health?

Answer 303

Amazon CloudWatch

Question 304

What AWS service allows you to build an environment by writing lines of code instead of using the management console to individually provision resources?

JavaScript Object Notation (JSON) or YAML Ain’t Markup Language (YAML) is used with this service.

Answer 304

AWS CloudFormation

Question 305

What AWS service allows you to build and rebuild your infrastructure and applications without having to perform manual actions or write custom scripts?

Answer 305

AWS CloudFormation

Question 306

What AWS service enables governance, compliance, operational auditing, and risk auditing of your AWS account?

Answer 306

AWS CloudTrail

Question 307

What AWS service records important information about each action taken on your account like:

The user who made the request
The services used
The actions performed
Parameters for the actions
The response elements returned by the AWS service

Answer 307

AWS CloudTrail

Question 308

Where can CloudTrail event log files can be found?

Answer 308

In specified Amazon Simple Storage Service (Amazon S3) buckets.

Question 309

AWS Trusted Advisor can provide feedback in what 5 categories?

Answer 309

1. Cost optimization
   See how you can save money on AWS by eliminating unused and idle resources or adjusting capacity.
2. Security
   Improve the security of your application by closing gaps in unrestricted ports, enabling various AWS security features, and examining your permissions.
3. Fault tolerance
   Increase the availability and redundancy of your AWS applications with recommendations for auto-scaling, health checks, multiple Availability Zones, and backup capabilities.
4. Performance
   Check your service limits and ensure you take advantage of provisioned throughput. Monitor for overutilized instances.
5. Service limits
   Check for service usage that is above 80% of the service limit. Values are based on a snapshot, so your current usage might differ. Limit and usage data can take up to 24 hours to reflect any changes.

Question 310

What catalog allows companies to catalog services that can go on the cloud?

Promotes common governance and compliance.

Answer 310

Service Catalog

Question 311

What AWS service enables you to assess, audit, and evaluate the configurations of your AWS resources?

Answer 311

AWS Config

Question 312

What AWS service is a configuration management service that provides managed instances of Chef and Puppet.

Answer 312

AWS OpsWorks

Question 313

OpsWorks lets you use Chef and Puppet to:

Answer 313

automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments.

Question 314

What is AWS OpsWorks Stacks?

Answer 314

different layers, such as load balancing, database, and application server. Within each layer, you can provision Amazon EC2 instances, enable automatic scaling, and configure your instances with Chef recipes using Chef Solo.

Question 315

True or False

AWS Database Migration Service (DMS):

Supports homogeneous migrations such as Oracle to Oracle
Supports heterogeneous migrations between different database platforms, such as Oracle or Microsoft SQL Server to Amazon Aurora

Answer 315

True

Question 316

What Migration & Transfer service is an online data transfer service that simplifies, automates, and accelerates copying large amounts of data to and from AWS storage services over the internet or AWS Direct Connect?

Answer 316

AWS DataSync

Question 317

True or False:

AWS DataSync increases the complexity and cost of online data transfer?

Answer 317

False. AWS DataSync reduces the complexity and cost of online data transfer.

Question 318

What do Storage Gateways enable?

Answer 318

hybrid storage between an on-premise environment and the cloud.

Question 319

How does a Storage Gateway promote low latency?

Answer 319

A Storage Gateway offers low latency by caching frequently used data on-premise and storing less frequently used data on the cloud.

Question 320

What AWS Service automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions

Answer 320

Elastic Load Balancer

Question 321

Does an Elastic Load Balancer work on one or multiple availability zones?

Answer 321

It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones

Question 322

What are the 3 types of Elastic Load Balancers?

Answer 322

1. Application Load Balancer
2. Network Load Balancer
3. Classic Load Balancer

Question 323

What Load Balancer is best suited for load balancing of HTTP and HTTPS traffic and provides advanced request routing targeted at the delivery of modern application architectures, including microservices and containers?

Answer 323

Application Load Balancer

Question 324

What Load Balancer is best suited for load balancing of Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLS) traffic where extreme performance is required?

Answer 324

Network Load Balancer

Question 325

What Load Balancer provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level. Classic Load Balancer is intended for applications that were built within the EC2-Classic network?

Answer 325

Classic Load Balancer

Question 326

What AWS service allows you to migrate, burst, or failover on-premises applications to the cloud?

Answer 326

Elastic Load Balancer

Question 327

What file system automatically scales as you add or remove files?

Answer 327

Elastic File System

Question 328

Amazon Elastic File System (EFS) offers two storage classes. What are they?

Answer 328

1. Standard storage class

2. Infrequent Access storage class

Question 329

Which of the Elastic File System (EFS) storage classes is better suited for active file system workloads

Answer 329

Standard storage class

Question 330

Which of the Elastic File System (EFS) storage classes is a lower cost storage class that’s cost-optimized for files not accessed every day?

Answer 330

Infrequent Access storage class

Data stored on the EFS IA storage class costs 85% less than Standard.

Question 331

Is this possible: EFS Lifecycle Management on your file system, files not accessed according to the lifecycle policy you choose will be automatically and transparently moved into EFS

Answer 331

Yes, EFS will serve files from both storage types seamlessly.

Question 332

What can be thought of like a Virtual FireWall for your instance to control inbound and outbound traffic?

Answer 332

Security Groups

Question 333

Do security groups act at the instance level or subnet level?

Answer 333

Security groups act at the instance level, not the subnet level.
Each resource can have a different set of security groups.

Question 334

True or false:

By default, all security groups allow all incoming traffic and block outgoing traffic to all IP’s

Answer 334

False.

By default, all security groups BLOCK all incoming traffic and ALLOW outgoing traffic to all IP’s

Question 335

True or false:

With Security Groups, you can specify rules that allow but not rules that deny

Answer 335

true

Question 336

Are security groups stateful or stateless?

Answer 336

Security groups are stateful

Question 337

If your instance sends a request, a response is allowed in even if you don’t have incoming traffic enabled

If you allow inbound traffic but have not enabled outbound traffic, you can and will send a response to a received request

What are the statements above describing and why?

Answer 337

Security groups

Because they are stateful

Question 338

What be used as an optional layer of security for your VPC if the Security Groups are too permissive?

Answer 338

Network Access Control List

Question 339

At what level do the Network Access Controls (NAC) operate?

Answer 339

At the subnet level

Question 340

Since Network Access Controls (NAC) operate at the subnet level, who gets all the controls they apply?

Answer 340

All instances of all resources get these controls since they operate at the subnet level

Question 341

Network Access Controls (NAC) support:

Answer 341

both allow and deny rules

Question 342

Are Network Access Controls (NAC) stateful or stateless?

Answer 342

Stateless

Traffic in and out rules must be specified to void stateful scenarios like those listed with Security Groups

Question 343

What AWS Service allows for a private dedicated connection from your data center to AWS?

Answer 343

AWS Direct Connect

Question 344

How AWS Direct Connect bypass the need for ISP’s?

Answer 344

Direct Connect links into your internal network to a DirectConnect Location

The connection is established through a standard fiber optic cable.

One end of the cable connects to your router, the other to the DirectConnect device.

Question 345

What AWS service enables you to manage access to AWS services and resources securely?

Answer 345

AWS Identity and Access Management (IAM)

Question 346

What AWS service allows you to can create and manage AWS users, groups, and roles.

Answer 346

AWS Identity and Access Management (IAM)

Question 347

When this is enabled, a user needs to provide their username and password, followed by a security token from a device

Answer 347

Multi-factor authentication (MFA)

Question 348

What AWS service provides an automated security assessment service that helps improve the security and compliance of applications deployed on AWS?

Answer 348

Amazon Inspector

Question 349

What AWS service automatically assesses applications for exposure, vulnerabilities, and deviations from best practices.

Answer 349

Amazon Inspector

Question 350

What are the benefits of the AWS Shield Standard?

Answer 350

The network layer decides which physical path the data takes

The transport layer transmits data using transmission protocols such as TCP and UDP.

It’s Free

Question 351

WS Shield Advanced is an optional paid service that integrates with what other AWS service to distribute traffic?

Answer 351

CloudFront

Question 352

Where can you monitor all your security findings and compliance checks?

Answer 352

AWS Security Hub

Question 353

What AWS service helps to protect your web applications and APIs against common web exploits that may affect availability, security, or consume excessive resources?

Answer 353

AWS Web Application Firewall (WAF)

Question 354

The following are examples of criteria you can set in what AWS Service?

IP addresses or address ranges that requests originate from

Specific strings that appear in the request

Scripts that are likely to be malicious

Answer 354

AWS Web Application Firewall (WAF)

Question 355

What does AWS Key Management Service (KMS) enable you to do?

Answer 355

Enables you to create and control the encryption keys that are used to encrypt and protect your data.

Question 356

Reserved Instances can be purchased in what 2 commitment types?

Answer 356

either one year or three-year commitments.

Question 357

When should you use a reserved instance?

Answer 357

Reserved Instances are recommended for:

Applications with steady-state usage.

Customers who can commit to using Amazon EC2 over a 1- or 3-year term to reduce their total computing costs.

Question 358

What plan allows you to save money on Amazon EC2 and AWS Fargate usage in exchange for a commitment to a consistent amount of usage (measured in $/hour) for a 1- or 3-year term?

Answer 358

Savings Plans

Question 359

Amazon EC2 __ enables you to request spare Amazon EC2 computing capacity for up to 90% off the On-Demand price.

Answer 359

Spot Instances

Question 360

What rate do you pay for spot instances?

Answer 360

the Spot price that’s in effect for the time period your instances run

Question 361

When should spot instances be used?

Answer 361

Spot instances are recommended for:
Applications that have flexible start and end times.

Applications that are only feasible at very low compute prices.

Users with urgent computing needs for large amounts of additional capacity.

Question 362

With Amazon Amazon EC2 On-Demand pricing, how are you billed?

Answer 362

you pay for computing capacity per hour or per second depending on which instances you run.

No longer-term commitments or upfront payments are needed.

Question 363

What are EC2 On-Demand Instances are recommended for?

Answer 363

On-Demand Instances are recommended for:

Users that prefer the low cost and flexibility of Amazon EC2 without any up-front payment or long-term commitment

Business-critical applications with short-term, spiky, or unpredictable workloads

Applications being developed or tested on Amazon EC2 for the first time
Paying per second is for Linux only.

Question 364

What does AWS pricing allow you to do?

Answer 364

Adapt your business depending on need rather than forecasts along with other benefits

Question 365

What two storage services have tiered pricing?

Answer 365

S3 and EC2 have tiered pricing

Question 366

What Amazon Customer Engagement service is a Self-service contact center?

Answer 366

Connect

Question 367

What Amazon Customer Engagement service can send Email, SMS, or mobile push notifications for mass marketing to a specific set of users?

Answer 367

PinPoint

Question 368

What Amazon Customer Engagement service can also send unique messages to a specific customer?

Like an order confirmation email

Answer 368

PinPoint

Question 369

What Amazon Customer Engagement service is a cloud-based bulk email service?

Answer 369

Simple Email Service

Question 370

What AWS service eliminates the complexity and overhead associated with managing and operating message-oriented middleware?

Answer 370

Simple Queue Service

Question 371

What AWS service is used by distributed applications to exchange messages through a polling model, and can be used to decouple sending and receiving components?

Answer 371

Simple Queue Service

Question 372

Amazon SQS offers two types of message queues, what are they?

Answer 372

Standard queues
offer maximum throughput, best-effort ordering, and at-least-once delivery.

First-in, first-out (FIFO)
queues are designed to guarantee that messages are processed exactly once, in the exact order that they are sent.

Question 373

What is a Fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications?

Answer 373

Simple Notification Service

Question 374

What AWS service allows applications to send time-critical messages to multiple subscribers through a “push” mechanism, eliminating the need to periodically check or “poll” for updates?

Answer 374

Amazon SNS

Question 375

What is Amazon Simple WorkFlow Service help developers do?

Answer 375

Amazon SWF helps developers build, run, and scale background jobs that have parallel or sequential steps. You can think of Amazon SWF as a fully-managed state tracker and task coordinator

Question 376

What AWS service can you use if you require external signals to intervene in your processes, or you would like to launch child processes that return a result to a parent?

Answer 376

Simple WorkFlow Service

Question 377

What AWS service lets you write a decider program to separate activity steps from decision steps.

Answer 377

Simple WorkFlow Service

Question 378

What do AWS Step Functions let you do?

Answer 378

AWS Step Functions lets you coordinate multiple AWS services into serverless workflows so you can build and update apps quickly

Question 379

What AWS Application integration service translates your workflow into a state machine diagram that is easy to understand, easy to explain to others, and easy to change?

Answer 379

AWS Step Functions

Question 380

What AWS Application integration service you should consider using for all your new applications since it provides a more productive and agile approach to coordinating application components using visual workflows?

Answer 380

AWS Step Functions

Question 381

What is a sound design principle for building a system that is broken up into small, loosely coupled components?

Answer 381

Application integration

Question 382

What design principle suggests that components work independently so that a change or failure in one component should not cause other components to fail?

Answer 382

Application integration