CCP Flashcards
What Amazon Web Services are considered global?
Amazon CloudFront
Amazon Machine Images (AMIs)
Amazon Elastic Compute Cloud (Amazon EC2)
AWS Identity and Access Management (IAM)
Amazon Route 53
CloudFront, IAM, Route 53
Which Amazon Web Service would help reduce latency on image downloads?
Amazon CloudFront
Amazon CloudWatch
Amazon Elastic Compute Cloud (Amazon EC2)
Amazon Elastic Block Store (Amazon EBS)
Amazon Simple Storage Service (Amazon S3)
CloudFront
Where should images used for websites be stored?
Amazon CloudFront Amazon DynamoDB Amazon Elastic Block Store (Amazon EBS) Amazon Glacier Amazon Simple Storage Service (Amazon S3)
Amazon Simple Storage Service (S3)
Which CLI output is the most readable by a person and would be used to show customers results of images searches?
Command
JavaScript Object Notation (JSON)
Text
Table
Table
Which CLI command should be used to check all the permissions needed to run the image archive?
–dry-run
–-filter
–output
–query
–dry–run
Which services could be used to provide notifications to customers?
Amazon Machine Images (AMIs)
Amazon Elastic Compute Cloud (Amazon EC2)
AWS Lambda
Amazon Simple Notification Service (Amazon SNS)
Amazon Lightsail
Lambda, Simple Notification Service (SNS)
What would prevent network traffic going into a database storing customer information?
AWS Identity and Access Management (IAM)
Network access control lists (network ACLs)
Security groups
All of the above
None of the above
Network Access Control Lists (ACL’s)
Who is responsible for securing financial data held by an AWS customer?
AWS AWS customer AWS customers customer Third-party application host All of the above None of the above
The AWS customer
What IP provides metadata service for all instances associated with the mobile app?
- 127.255.255
- 255.255.255
- 254.169.254
- 254.255.255
169.254.169.254
At what point does user data run when provisioning an instance?
Creation
Deployment
Initialization
Termination
Initialisation
What EC2 instance would be best practise for a customer only needing access to one region?
Dedicated Ephemeral On-Demand Reserved Spot
On-Demand
Which feature supports customers receiving real time messages without additional requests to the server being made?
Health checks Operational monitoring Request tracing Sticky sessions WebSockets
WebSockets
What failover configuration of Route 53 would support website availability for the majority of the time, even if they are unhealthy?
Active-active failover
Active-passive failover
Active-active-passive failover
Mixed failover configurations
Active-Active Failover
What 3 functions does Route 53 provide for a website?
Completes health checks of the resource to ensure it can be reached.
Configures the best route for automatic scaling to a resource.
Registers domain names.
Routes traffic to the website based on the domain name that is entered.
Hosting for the website located in different Edge Locations.
Completes health checks of the resource, registers domain names, routes traffic to website based on domain name
Which solution would be most ideal for a company wanting to minimize dependencies on cloud service provider, needing secure access only 1 day a month?
Hybrid On-premises Serverless Internet of Things (IoT) Containers
Serverless
What EC2 instance should be used with Lambda for the most economic benefit while maintaining security?
Dedicated Ephemeral On-Demand Reserved Spot
Spot
Which streaming service could be used to analyse data that can be used for future applications?
Amazon Cognito AWS Lambda Amazon Kinesis AWS OpsWorks Amazon Redshift
Kinesis
How many IAM policies support AWS Lambda authentication?
One
Two
Three
Four
Two
What DynamoDB attribute can store name-value pair collections enclosed in {}?
Binary type List type Map type Metadata tags String data
Map types
Which database solution would be most cost effective and ideal choice for storing customer personal data indefinitely?
Amazon Aurora Amazon DynamoDB Amazon ElastiCache Amazon Neptune Amazon Redshift
Aurora
Which database should be used to track monthly session data which will then be used to develop more cost efficient enhancements?
Amazon Aurora Amazon DynamoDB Amazon ElastiCache Amazon Neptune Amazon Redshift
DynamoDB
What type of network connection should be used to allow applications to securely share data between each other?
Dedicated Instances Dedicated Hosts AWS Direct Connect Internet gateway VPC peering
VPC Peering
What storage solution would be best for 24/7 random accessibility?
Amazon Elastic Block Store (Amazon EBS)
Amazon Glacier
Amazon Simple Storage Service (Amazon S3)
Amazon S3 STANDARD Infrequent Access (IA)
Amazon S3 Reduced Redundancy Storage (Amazon S3-RRS)
Standard Infrequent Access
There has suddenly been an increase in cost of Amazon S3, and a slow down for any PUT and DELETE requests, what could be the issue?
Amazon EC2 Auto Scaling has not been enabled
Cross-origin resource sharing (CORS) configuration has not been enabled
Elastic Load Balancing (ELB) has not been enabled
Versioning has been enabled
Versioning has been enabled
What step should be taken to reconfigure a storage gateway that has encountered a read and write failure but the cache disk is still useable?
Create a new gateway Delete the disk from the gateway Mount the cache disks to an ephemeral drive Reconnect the gateway Shut down the gateway
Reconnect the gateway
What are some tag restrictions?
Keys and values are case-sensitive in a tag
Maximum tags per group is 20
Tag keys can start with aws:
Tag key length between 1 – 128 Unicode characters
Tag value length maximum of 256 Unicode characters
Case sensitive
Key length has to be between 1-128
Value length has to be max 256 characters
Cannot include the characters AWS
What is the file extension of a CloudTrail log?
.aws
.gz
.log
.png
.gz
What should be done if AWS config cannot access data because of an invalid AWS IAM role?
Enable all features in AWS Organizations
Enable AWS Config in the source account
Integrate AWS Config and AWS Organizations through an application programming interface (API)
Select or create a valid IAM role
Wait out the data aggregation delay
Create / Select a new IAM role
What CloudWatch metric will provide information on the number of bytes written to all instance store volumes available to that instance?
DiskReadBytes
DiskWriteBytes
DiskReadOps
DiskWriteOps
DiskWriteBytes
What describes the sole security responsibilities of the AWS customer that can be supported with by evidence from monitoring?
Customer-stored data
Hardware and software at or below the hypervisor level
Network logins
Patch management at the infrastructure level
Resource access
Customer-stored data
Network logins
Resource access
What IAM tag and tag condition ley should be applied to control new employees ability to complete tasks based on identity?
aws:PrincipalTag/key-name
aws:RequestTag/key-name
aws:TagKeys
iam:ResourceTag/key-name
tagManager=true
aws:PrincipalTag/key-name
What is AWS trusted advisor?
A customer service which provides cloud performance monitoring and security
Which is an AWS IAM policy that is supported by tag-based conditions?
Ability to allocate costs to a user
Limit Amazon Elastic Compute Cloud (Amazon EC2) application programming interface (API) calls to only development environments
Organize resources by group
Run automated start/stop scripts during business hours only
Limit EC2 API calls to only development environments
What tags are used during automation?
Confidentiality Cost Center/Business Unit Date/Time Opt in/Opt out Version
Date / Time
Opt in / Opt out
What is the maximum number of outputs that can be declared per CloudFormation template?
80 100 200 40 60
200
What should be specified if a service role has been defined with the respective roles policy?
A template that defines a service role without any dependencies
An IAM Role Policy that acts as a Service Role
An IAM Role Policy that acts as a Resource Role
An IAM User Policy that acts as a Service Role
The resources that will use the role; also, a policy dependency must be added
The resource that will use the role, policies must be dependant
What template section would provide additional information about the template, and would come after the description?
Conditions Metadata Outputs Resources Parameters
Metadata
What actions can be took if the number of instances on your account has reached maximum?
Create the instance again Delete excess instances Launch a different type of instance Place the instance in another account Request a limit increase
Request an limit increase
Delete access instances
What steps would need to be taken to change an EBS volume from gp2 to io1?
Make a soft limit request with AWS.
Create a new Amazon Elastic Block Store (Amazon EBS) volume.
Delete the old volume.
Take a snapshot of the Amazon Elastic Block Store (Amazon EBS) volume.
Change the setting of the Amazon Elastic Block Store (Amazon EBS)volume so that it scales.
Delete the old EBS volume
Create a new EBS volume
Take a snapshot of the old EBS volume
What type of connectivity solution should be used to send log data to CloudWatch Logs without going through the internet?
Interface VPC endpoint
AWS VPN CloudHub
Gateway VPC endpoint
NAT instance
Interface VPC endpoint
Which of the following AWS services has encryption enabled by default?
CloudTrail
EFS
EBS
S3
EBS
Which of the following AWS services support reservations to optimize costs?
Lambda EC2 Instances DynamoDB DocumentDB RDS S3
EC2 Instances
DynamoDB
RDS
What AWS resource can reduce costs and increase workload performance?
AWS Compute Optimizer
AWS Systems Manager
AWS Budgets
AWS Cost Explorer
AWS Compute Optimizer
AWS Shield provides DDoS attack prevention for which resources?
Amazon Route 53 Amazon API Gateway AWS Global Accelerator AWS Elastic Beanstalk AWS CloudFormation
AWS Global Accelerator
Amazon Route 53
Which of the following AWS services should be used to automatically distribute incoming traffic across multiple targets?
AWS Elastic Beanstalk
Amazon Elasticsearch
AWS Auto Scaling
AWS Elastic Load Balancing
AWS Elastic Load Balancing
What are advantages of cloud computing?
Benefit from massive economies of scale
Spend money on building and maintaining data centres
Trade capital expense for variable expense
Trade variable expense for capital expense
Allocate a few months of planning for your infrastructure capacity needs
Go global in minutes and deploy applications in multiple regions around the world with just a few clicks
Benefit from massive economies of scale
Trade capital expense for variable expense
Go global in minutes and deploy applications in multiple regions around the world with just a few clicks
Which of the following is the MOST cost-effective option to purchase an EC2 Reserved Instance?
No upfront payment option with standard 1-year term
Partial upfront payment option with standard 1-year term
No upfront payment option with standard 3-years term
Partial upfront payment option with standard 3-years term
Partial upfront payment option with standard 3-years term
What is an AWS region?
A geographically distinct location
How many Availability Zones does each region have?
At least 2
What is an edge location?
A datacentre owned by a AWS partner which is directly connected to the AWS network
