Certified Cloud Practitioner - 10/2020 Flashcards
Which of the following are signs of a highly avail-able application? (Select TWO.)
a) Virtualized hypervisor-driven systems are deployed as mandated by company policy.
b) Applications are protected behind multiple layers of security.
c) A failure in one geographic region will trig-ger an automatic failover to resources in a different region.
d) Spikes in user demand are met through automatically increasing resources.
c) A failure in one geographic region will trig-ger an automatic failover to resources in a different region.
d) Spikes in user demand are met through automatically increasing resources.
How does the metered payment model make many benefits of cloud computing possible? (Select TWO.)
a) Full-stack applications are possible without the need to invest in capital expenses.
b) Experiments with multiple configuration options are now cost-effective.
c) Greater application security is now possible.
d) Applications are now highly scalable.
a) Full-stack applications are possible without the need to invest in capital expenses.
b) Experiments with multiple configuration options are now cost-effective.
Which of the following characteristics most help AWS provide such scalable services? (Select TWO.)
a) Its geographic reach
b) The value of its capitalized assets
c) The enormous number of servers it operates
d) Its highly automated infrastructure administration systems
c) The enormous number of servers it operates
d) Its highly automated infrastructure administration systems
Which of the following best describes Platform as a Service products?
a) Services that give you direct control over underlying compute and storage resources
b) Services that hide infrastructure complexity behind a simple interface
c) Services that provide a service to end users through a public network
d) Platforms that allow developers to run their code over short periods on cloud servers
b) Services that hide infrastructure complexity behind a simple interface
Which of the following best describes elasticity?
a) The ability to more densely pack virtualized resources onto a single physical server
b) The ability to bill resource usage using a pay-per-user model
c) The ability of an application to automatically add preconfigured compute resources to meet increasing demand
d) The ability of an application to increase or decrease compute resources to match changing demand
d) The ability of an application to increase or decrease compute resources to match changing demand
Which of the following best describes Software as a Service products? a) Services that give you direct control over underlying compute and storage resources b) Platforms that allow developers to run their code over short periods on cloud servers c) Services that provide a service to end users through a public network d) Services that hide infrastructure complexity behind a simple interface
c) Services that provide a service to end users through a public network
Which of the following best describes scalability? a) The ability of an application to increase or decrease compute resources to match changing demand b) The ability of an application to automatically add preconfigured compute resources to meet increasing demand c) The ability to more densely pack virtualized resources onto a single physical server d) The ability to bill resource usage using a pay-per-user model
b) The ability of an application to automatically add preconfigured compute resources to meet increasing demand Increasing or decreasing compute resources better describes elasticity. Efficient use of virtualized resources and billing models aren’t related directly to scalability.
What is a hypervisor? a) Software used to log and monitor virtualized operations b) Hardware device used to provide an inter-face between storage and compute modules c) Hardware device used to provide an inter-face between networking and compute modules d) Software used to administrate virtualized re-sources run on physical infrastructure
d) Software used to administrate virtualized re-sources run on physical infrastructure A hypervisor is software (not hardware) that administrates virtualized operations.
Which of the following best describes Infrastructure as a Service products? a) Services that give you direct control over underlying compute and storage resources b) Services that hide infrastructure complexity behind a simple interface c) Services that provide a service to end users through a public network d) Platforms that allow developers to run their code over short periods on cloud servers
a) Services that give you direct control over underlying compute and storage resources PaaS products mask complexity, SaaS products provide end-user services, and serverless architectures (like AWS Lambda) let developers run code on cloud servers.
Which of the following best describes server virtualization? a) Aggregating physical resources spread over multiple physical devices into a single virtual device b) “Sharding” data from multiple sources into a single virtual data store c) Logically partitioning physical compute and storage devices into multiple smaller virtual devices d) Abstracting the complexity of physical infrastructure behind a simple web interface
c) Logically partitioning physical compute and storage devices into multiple smaller virtual devices
Which of the following does not contribute significantly to the operational value of a large cloud provider like AWS? a) Highly experienced teams of security engineers b) Metered, pay-per-use pricing c) Multiregional presence d) Deep experience in the retail sphere
d) Deep experience in the retail sphere Having globally distributed infrastructure and experienced security engineers makes a provider’s infrastructure more reliable. Metered pricing makes a wider range of workloads possible.
Which of the following are direct benefits of server virtualization? (Select TWO.) a) Fast resource provisioning and launching b) Greater application security c) Efficient (high-density) use of resources d) Elastic application designs
a) Fast resource provisioning and launching c) Efficient (high-density) use of resources
Which of the following scenarios would be a good use case for AWS Organizations? (Select TWO.) a) A single company with multiple AWS accounts that wants a single place to administrate everything b) A company that’s integrated some operations with an upstream vendor c) A company with two distinct operational units, each with its own accounting system and AWS account d) An organization that provides AWS access to large teams of its developers and admins
a) A single company with multiple AWS accounts that wants a single place to administrate everything b) A company that’s integrated some operations with an upstream vendor Companies with multiple users of resources in a single AWS account would not benefit from AWS Organizations, nor would a company with completely separated units. The value of AWS Organizations is in integrating the administration of related accounts.
Which of the following tools are available to ensure you won’t accidentally run past your Free Tier limit and incur unwanted costs? (Select TWO.) a) Billing & Cost Management section on the Top Free Tier Services Dashboard b) The Top Free Tier Services by Usage section on the Billing & Cost Management Dashboard c) Automated email alerts when activity approaches the Free Tier limits d) The Billing Preferences Dashboard
b) The Top Free Tier Services by Usage section on the Billing & Cost Management Dashboard c) Automated email alerts when activity approaches the Free Tier limits
Which is the best place to get a quick summary of this month’s spend for your account? a) Billing & Cost Management Dashboard b) Cost Explorer c) Budgets d) Cost and usage reports
a) Billing & Cost Management Dashboard
Which of the following is likely to be an accurate source of AWS pricing information? a) Wikipedia pages relating to a particular service b) The AWS Total Cost of Ownership Calculator c) The AWS Command Line Interface (AWS CLI) d) AWS online documentation relating to a particular service
d) AWS online documentation relating to a particular service
Is it always possible to request service limit increases from AWS? a) Yes. All service limits can be increased. b) Service limits are defaults. They can be increased or decreased on demand. c) No. A limit can never be increased. d) No. Some service limits are hard.
d) No. Some service limits are hard.
What is the main difference between the goals of Cost Explorer and of cost and usage reports? a) Cost and usage reports are meant to alert you to malicious intrusions, while Cost Explorer displays visualizations of high-level historical and current account costs. b) Cost and usage reports display visualizations of high-level historical and current account costs, while Cost Explorer generates granular usage reports in CSV format. c) Cost Explorer displays visualizations of high-level historical and current account costs, while cost and usage reports generate granular usage reports in CSV format. d) Cost Explorer lets you set alerts that are triggered by billing events, while cost and usage reports help you visualize system events.
c) Cost Explorer displays visualizations of high-level historical and current account costs, while cost and usage reports generate granular usage reports in CSV format.
Which of the following AWS Total Cost of Ownership Calculator parameters is likely to have the greatest impact on cost? a) Number of servers b) Currency c) AWS Region d) Guest OS
a) Number of servers
Which of the following EC2 services can be used without charge under the Free Tier? a) t2.micro EC2 instance type instances for a total of 750 hours per month b) Any single EC2 instance type as long as it runs for less than 75 hours per month c) A single t2.micro EC2 instance type instance for 750 hours per month d) Any single EC2 instance type as long as it runs for less than one hour per day
a) t2.micro EC2 instance type instances for a total of 750 hours per month
Which of the following is a limitation of the AWS Simple Monthly Calculator? a) Not all AWS services are included. b) The pricing is seldom updated and doesn’t accurately reflect current pricing. c) You can calculate resource use for only one service at a time. d) You’re not able to specify specific configuration parameters.
a) Not all AWS services are included.
Which of these tools lets you design graphs within the browser interface to track your account spending? a) Consolidating Billing b) Budgets c) Reports d) Cost Explorer
d) Cost Explorer
Which of the following Simple Monthly Calculator selections will likely have an impact on most other configuration choices on the page? (Select TWO.) a) Calculate By Month Or Year b) Free Usage Tier c) Include Multiple Organizations d) Choose Region
b) Free Usage Tier d) Choose Region
You want to experiment with deploying a web server on an EC2 instance. Which two of the following resources can you include to make that work while remaining within the Free Tier? (Select TWO.) a) A 30 GB solid-state Elastic Block Store (EBS) drive b) Two 20 GB solid-state Elastic Block Store (EBS) drives c) A t2.micro instance type EC2 instance d) A 5 GB bucket on S3
a) A 30 GB solid-state Elastic Block Store (EBS) drive c) A t2.micro instance type EC2 instance
Which of the following is not a setting you can configure in a Cost budget? a) Instance type b) Period (monthly, quarterly, etc.) c) Owner (username of resource owner) d) Start and stop dates
c) Owner (username of resource owner)
Which of the following AWS documentation URLs points to the page containing an up-to-date list of service limits? a) https://docs.aws.amazon.com/latest/gr/aws_service_limits.htmlLinks to an external site. b) https://docs.aws.amazon.com/general/latest/gr/limits.html c) https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html d) https://aws.amazon.com/general/latest/gr/aws_service_limits.html
c) https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html
Which of the following best describes one possible reason for AWS service limits? a) To more equally distribute available resources between customers from different regions b) Because there are logical limits to the ability of AWS resources to scale upward c) To prevent individual customers from accidentally launching a crippling level of resource consumption d) To allow customers to more gradually increase their deployments
c) To prevent individual customers from accidentally launching a crippling level of resource consumption
What is the purpose of cost allocation tags? a) To associate spend limits to automatically trigger resource shutdowns when necessary b) To visually associate account events with billing periods c) To help you identify the purpose and owner of a particular running resource to better understand and control deployments d) To help you identify resources for the purpose of tracking your account spending
d) To help you identify resources for the purpose of tracking your account spending
What is the main goal for creating a Usage budget type (in AWS Budgets)? a) To track the status of any active reserved instances on your account b) To monitor costs being incurred against your account c) To track particular categories of resource consumption d) To correlate usage per unit cost to understand your account cost efficiency
c) To track particular categories of resource consumption
Which of the following will probably not affect the pricing for an AWS service? a) Requests for raising the available service limit b) AWS Region c) The volume of data egress from an Amazon Glacier vault d) The volume of data saved to an S3 bucket
a) Requests for raising the available service limit
Which of the following is not an included parameter in the AWS Total Cost of Ownership Calculator? a) The tax implications of a cloud deployment b) Electricity costs of an on-premises deployment c) Networking costs of an on-premises deployment d) Labor costs of an on-premises deployment
a) The tax implications of a cloud deployment
CHAPTER 3 - Getting Support on AWS
CHAPTER 3 - Getting Support on AWS
Your company is planning a major deployment on AWS. While the design and testing stages are still in progress, which of the following plans will provide the best blend of support and cost savings? a) Business b) Enterprise c) Basic d) Developer
a) Business
AWS documentation is available in a number of formats, including which of the following? (Select TWO.) a) Microsoft Word (DOC) b) HTML c) DocBook d) Kindle
b) HTML d) Kindle
Your web development team is actively gearing up for a deployment of an ecommerce site. During these early stages of the process, individual developers are running into frustrating conflicts and configuration problems that are highly specific to your situation. Which of the following plans will provide the best blend of support and cost savings? a) Enterprise b) Basic c) Business d) Developer
d) Developer
Your company enrolled in the Developer Support plan and, through the course of one month, consumed $4,000 USD of AWS services. How much will the support plan cost the company for the month? a) $120 b) $480 c) $29 d) $100
a) $120
On which of the following sites are you most likely to find information about encrypting your AWS resources? a) https://aws.amazon.com/premiumsupport/knowledge-center b) https://docs.aws.amazon.com c) https://aws.amazon.com/security/encryption d) https://aws.amazon.com/security/security-resources
d) https://aws.amazon.com/security/security-resources
Your Linux-based EC2 instance requires a patch to a Linux kernel module. The problem is that patching the module will, for some reason, break the connection between your instance and data in an S3 bucket. Your team doesn’t know if it’s possible to work around this problem. Which is the most cost-effective AWS plan through which support professionals will try to help you? a) Business. b) No plan covers this kind of support. c) Developer. d) Enterprise.
a) Business.
What is the primary function of the content linked from the Knowledge Center? a) To present solutions to commonly encountered technical problems using AWS infrastructure b) To introduce new users to the functionality of the core AWS services c) To provide a public forum where AWS users can ask their technical questions d) To explain how AWS deployments can be more efficient and secure than on-premises
a) To present solutions to commonly encountered technical problems using AWS infrastructure
Which of the following Trusted Advisor alerts is available only for accounts on the Business or Enterprise Support plan? (Select TWO.) a) Service Limits b) MFA on Root Account c) IAM Access Key Rotation d) Load Balancer Optimization
c) IAM Access Key Rotation d) Load Balancer Optimization
When using AWS documentation pages, what is the best way to be sure the information you’re reading is up-to-date? a) The page will have the word Current at the top right. b) The page URL will include the version number (i.e., 3.2). c) The page URL will include the word latest. d) There is no easy way to tell.
c) The page URL will include the word latest.
Instances that are running (mostly) idle should be identified by which of these Trusted Advisor categories? a) Cost Optimization b) Service Limits c) Replication d) Performance
a) Cost Optimization
The primary purpose of an AWS technical account manager is to: a) Provide deployment guidance and advocacy for Enterprise Support customers b) Provide strategic cost estimates for Enterprise Support customers c) Provide deployment guidance and advocacy for Business Support customers d) Provide 24/7 customer service for your AWS account
a) Provide deployment guidance and advocacy for Enterprise Support customers
For which of the following will AWS provide direct 24/7 support to all users—even those on the Basic Support plan? a) Help with making a bill payment to AWS b) Help with infrastructure under a massive denial-of-service (DoS) attack c) Help with failed and unavailable infrastructure d) Help with accessing your infrastructure via the AWS CLI
a) Help with making a bill payment to AWS
“Data volumes that aren’t properly backed up” is an example of which of these Trusted Advisor categories? a) Performance b) Fault Tolerance c) Cost Optimization d) Security
b) Fault Tolerance
Which of the following is not a Trusted Advisor category? a) Performance b) Fault Tolerance c) Replication d) Service Limits
c) Replication
Your corporate website was offline last week for more than two hours—which caused serious consequences, including the early retirement of your CTO. Your engineers have been having a lot of trouble tracking down the source of the outage and admit that they need outside help. Which of the following will most likely meet that need? a) Enterprise b) Developer c) Business d) Basic
a) Enterprise
Which of the following AWS support services does not offer free documentation of some sort? a) The Basic Support plan b) AWS Professional Services c) AWS Partner Network d) The Knowledge Center
c) AWS Partner Network
Within the context of Trusted Advisor, what is a false positive? a) A green OK icon for a service state that is failed or failing b) An alert for a service state that was actually intentional c) Textual indication of a failed state d) A single status icon indicating that your account is completely compliant
b) An alert for a service state that was actually intentional
Your company enrolled in the Business Support plan and, through the course of three months, consumed $33,000 of AWS services (the consumption was equally divided across the months). How much will the support plan cost the company for the full three months? a) $1,100 b) $100 c) $2,310 d) $4,000
c) $2,310
Which of the following documentation sites are most likely to contain code snippets for you to cut and (after making sure you understand exactly what they’ll do) paste into your AWS operations? (Select TWO.) a) https://aws.amazon.com/professional-services b) https://docs.aws.amazon.com c) https://aws.amazon.com/premiumsupport/compare-plans d) https://aws.amazon.com/premiumsupport/knowledge-center
b) https://docs.aws.amazon.com d) https://aws.amazon.com/premiumsupport/knowledge-center
What is the key difference between the roles of AWS Professional Services and a technical account manager (TAM)? a) The TAM is a cloud professional employed by AWS to guide you through the planning and execution of your infrastructure. The Professional Services product provides cloud professionals to work alongside your own team to help you administrate your cloud infrastructure. b) The Professional Services product helps AWS Partner Network cloud professionals work alongside your own team to help you administrate your cloud infrastructure. The TAM is a cloud professional employed by AWS to guide you through the planning and execution of your infrastructure. c) The Professional Services product is a network appliance that AWS installs in your data center to test cloud-bound workloads for compliance with best practices. The TAM is a cloud professional employed by AWS to guide you through the planning and execution of your infrastructure. d) The TAM is a member of your team designated as the point person for all AWS projects. The Professional Services product provides consultants to work alongside your own team to help you administrate your cloud infrastructure.
b) The Professional Services product helps AWS Partner Network cloud professionals work alongside your own team to help you administrate your cloud infrastructure. The TAM is a cloud professional employed by AWS to guide you through the planning and execution of your infrastructure.
CHAPTER 4 - Understanding the AWS Environment
CHAPTER 4 - Understanding the AWS Environment
Which of the following is an AWS Region for which customer access is restricted? a) AWS GovCloud b) AWS Admin c) Asia Pacific (Tokyo) d) US-DOD
a) AWS GovCloud
What determines the order by which subnets/AZ options are displayed in EC2 configuration dialogs? a) By order of capacity, with largest capacity first b) Numerical order c) Alphabetical order d) They (appear) to be displayed in random order.
d) They (appear) to be displayed in random order.
Which of the following is the most accurate description of an AWS Availability Zone? a) One or more independently powered data centers running a wide range of hardware host types b) The infrastructure running within a single physical data center c) All the data centers located within a broad geographic area d) One or more independently powered data centers running a uniform hardware host type
a) One or more independently powered data centers running a wide range of hardware host types
According to the AWS Shared Responsibility Model, what’s the best way to define the status of the software driving an AWS managed service? a) Everything associated with an AWS managed service is the responsibility of the customer. b) Whatever is added by the customer (like application code) is the customer’s responsibility. c) Whatever the customer can control (application code and/or configuration settings) is the customer’s responsibility. d) Everything associated with an AWS managed service is the responsibility of AWS.
c) Whatever the customer can control (application code and/or configuration settings) is the customer’s responsibility.
What is the primary goal of autoscaling? a) To ensure the long-term reliability of a particular physical resource b) To orchestrate the use of multiple parallel resources to direct incoming user requests c) To ensure that a predefined service level is maintained regardless of external demand or instance failures d) To ensure the long-term reliability of a particular virtual resource
c) To ensure that a predefined service level is maintained regardless of external demand or instance failures
What are the most significant architectural benefits of the way AWS designed its regions? (Select TWO.) a) It can make infrastructure more fault tolerant. b) It can make applications more compliant with local regulations. c) It can bring down the price of running. d) It can make applications available to end users with lower latency.
b) It can make applications more compliant with local regulations. d) It can make applications available to end users with lower latency.
You want to improve the resilience of your EC2 web server. Which of the following is the most effective and efficient approach? a) Launch parallel, load-balanced instances in multiple AWS Regions. b) Launch parallel, load-balanced instances in multiple Availability Zones within a single AWS Region. c) Launch parallel, autoscaled instances in multiple Availability Zones within a single AWS Region. d) Launch parallel, autoscaled instances in multiple AWS Regions.
b) Launch parallel, load-balanced instances in multiple Availability Zones within a single AWS Region.
What is the main purpose of Amazon Route 53? a) Protecting web applications from web-based threats b) Using the serverless power of Lambda to customize CloudFront behavior c) Managing domain name registration and traffic routing d) Countering the threat of distributed denial-of-service (DDoS) attacks
c) Managing domain name registration and traffic routing
Which of the following would be a valid endpoint your developers could use to access a particular Relational Database Service instance you’re running in the Northern Virginia region? a) us-east-1.amazonaws.com.rds b) ecs.eu-west-3.amazonaws.com c) rds.us-east-1.amazonaws.com d) rds.amazonaws.com.us-east-1
c) rds.us-east-1.amazonaws.com
When you request a new virtual machine instance in EC2, your instance will automatically launch into the currently selected value of which of the following? a) Region b) Subnet c) Service d) Availability Zone
a) Region
Which of the following are not globally based AWS services? (Select TWO.) a) EC2 b) CloudFront c) Route 53 d) RDS
TBD
Which of the following AWS services are not likely to benefit from Amazon edge locations? (Select TWO.) a) EC2 load balancers b) Elastic Block Store (EBS) c) RDS d) CloudFront
TBD
Which of the following designations would refer to the AWS US West (Oregon) region? a) us-east-1 b) us-west-2 c) us-west-2a d) us-west-2b
b) us-west-2
Where will you find information on the limits AWS imposes on the ways you can use your account resources? a) AWS User Agreement Policy b) AWS Acceptable Use Dashboard c) AWS Acceptable Use Policy d) AWS Acceptable Use Monitor
c) AWS Acceptable Use Policy
Which of the following is one of the first places you should look when troubleshooting a failing application? a) AWS Acceptable Use Monitor b) AWS Billing Dashboard c) Service Status Dashboard d) Service Health Dashboard
d) Service Health Dashboard
Why is it that most AWS resources are tied to a single region? a) Because spreading them too far afield would introduce latency issues b) Because those resources are run on a physical device, and that device must live somewhere c) Because access to any one digital resource must always occur through a single physical gateway d) Because security considerations are best served by restricting access to a single physical location
b) Because those resources are run on a physical device, and that device must live somewhere
Which of the following design strategies is most effective for maintaining the reliability of a cloud application? a) Resource redundancy b) Resource geolocation c) Resource isolation d) Resource automation
a) Resource redundancy
Which of the following is the primary benefit of using CloudFront distributions? a) Greater security through data encryption b) Greater availability through redundancy c) Reduced latency access to your content no matter where your end users live d) Automated protection from mass email campaigns
c) Reduced latency access to your content no matter where your end users live
Which of the following most accurately describes a subnet within the AWS ecosystem? a) The networking hardware used within a single Availability Zone b) The block of IP addresses assigned for use within a single Availability Zone c) The block of IP addresses assigned for use within a single region d) The virtual limits imposed on the network access permitted to a resource instance
b) The block of IP addresses assigned for use within a single Availability Zone
According to the AWS Shared Responsibility Model, which of the following are responsibilities of AWS? (Select TWO.) a) The security of the cloud b) Patching OSs running on EC2 instances c) Patching underlying virtualization software running in AWS data centers d) Security of what’s in the cloud
a) The security of the cloud c) Patching underlying virtualization software running in AWS data centers
Chapter 5 - Securing Your AWS Resources
Chapter 5 - Securing Your AWS Resources
-
What does KMS use to encrypt objects stored on your AWS account?
- KMS master key
- Client-side master key
- SSH master key
- Customer master key
-
What will IAM users with AWS Management Console access need to successfully log in?
- Their username and password
- Their account number and secret access key
- Their username, password, and secret access key
- Their username, account_number, and a password
