CLF-02-Services & Concepts

Question 1

Provides block-level storage volumes for Amazon EC2 instances.

Answer 1

Amazon Elastic Block Storage (EBS)

Question 2

Provides Object-level storage.

Answer 2

Amazon Simple Storage Service (S3)

Question 3

Is a service that runs code w/o provisioning servers.

Answer 3

AWS Lambda

Question 4

Is a service that adds chaching layers on top of databases to help improve the read times of common requests.

Answer 4

Amazon ElastiCache

Question 5

Monitors object acces patterns within 30 days period. Uses Amazon S3 Standard-IA & Amazon S3 std.

Answer 5

Amazon S3 Intelligent-Tiering

Question 6

Is a low-cost storage class that is ideal for flexible archiving. To retirieve objects within a few minutes to a few hours.

Answer 6

Amazon S3 Glacier Flexible Retrieval

Question 7

Is ideal for data that is infrequently accesed but requires high availability when needed. Stores data in a min. of 3 AVZs. Is cheaper than Amazon S3 std.

Answer 7

Amazon S3 std-IA

Question 8

Is ideal for infrequently accessed data that does not require high availability.

Answer 8

Amazon S3 One Zone-IA

Question 9

A digital catalog that includes thousands of listings from independent SW vendors.

Answer 9

AWS Marketplace

Question 10

Resource that can answer questions about best practices and assist with troubleshooting issues

Answer 10

AWS Support

Question 11

Resource that provides guidance, architectural reviews, and ongoing communication with companies as they plan, deploy and optimize their applications

Answer 11

Technical Account Manager (TAM)

Question 12

An online tool that inspects an AWS environment and provides REAL-TIME guidance in accordance with AWS best practices. It also has a service limit dashboard.

Answer 12

AWS Trusted Advisor

Question 13

Perspective of the AWS Cloud Adoption Framework (CAF) that includes principles for operating in the cloud by using agile best practices and ensuring that cloud services are delivered at a level that is agreed upon with your business stakeholders.

Answer 13

Operations Perspective

Question 14

Perspective of the AWS Cloud Adoption Framework (CAF) that helps moves a business from a model that separates business and IT strategies into a business model that integrates IT strategy.

Answer 14

Business Perspective

Question 15

Perspective of the AWS Cloud Adoption Framework (CAF) that helps Human Resources (HR) employees prepare their teams for cloud adoption by updating organizational processes and staff skills to include cloud-based competencies.

Answer 15

People Perspective

Question 16

Perspective of the AWS Cloud Adoption Framework (CAF) that provides the capability to update the staff skills and organizational processes that are necessary to ensure business governance in the cloud. Maximizing organizational benefits and minimizing transformation-related risks.

Answer 16

Governance Perspective

Question 17

Service used for transferring (physically) up to 100 PB of data to AWS.

Answer 17

AWS Smowmobile

Question 18

Graph DB service. Build and run applications with a highly connected datasets, such as recommendation engines, fraud detection, and knowledge graphs.

Answer 18

AWS Neptune

Question 19

Content delivery service to customers through a global network of edge locations.

Answer 19

Amazon Cloudfront

Question 20

Is an autonomous 1/18 scale race car that tests reinforcement learning models.

Answer 20

AWS DeepRacer

Question 21

Ideal for temporary data that does not need to be kept long term.

Answer 21

Instance stores

Question 22

Is a section of a virtual private cloud (VPC) in which you can group resources based on security or operational needs.

Answer 22

Subnet

Question 23

Run infrastructure in a hybrid cloud approach.

Answer 23

AWS Outposts

Question 24

Provision resources by using programmig languages or a text file (JSON/YAML).

Answer 24

AWS CloudFormation

Question 25

Provision an isolated section of the AWS Cloud to launch resources in a virtual network that a person defines.

Answer 25

Virtual Private Cloud (VPC)

Question 26

Support Plans that provide full features of AWS Trusted Advisor service.

Answer 26

Enterprise & Business

Question 27

Program that consists of 3 types of offers that allow customers to use AWS services w/o incurring costs: Always free, 12 months free and Trials.

Answer 27

AWS-Free Tier

Question 28

Resource that atm handles the deployment details of capacity provisioning, load balancing, auto-scaing, and application health-monitoring. NO Templates.

Answer 28

AWS Elastic Beanstalk

Question 29

Device that transfers large amounts of data into and out of AWS.

Answer 29

AWS Snowball

Question 30

Service that monitors apps and atm adds or removes capacity from resource groups in response to changing demand.

Answer 30

AWS Auto Scaling

Question 31

Service that provides data for monitoring apps, optimize resource utilization, and respond to system-wide performance changes.

Answer 31

Amazon CloudWatch

Question 32

Service that acts a single-point of contact for all incoming web traffic to an Auto Scaling Group.

Answer 32

Load Balancer

Question 33

Reduces compute costs by committing to a consistent hourly spend for 1-year or 3-year term. Savings up to 72% over On-Demand Instance costs.

Answer 33

EC2 Instance Savings Plans

Question 34

Billing descount that is applied to the use of On-Demand Instances in an AWS account. It can be Std Reserved and Convertible Reserved. 1-year or 3-year term, NO spend commitment.

Answer 34

Reserved Instances

Question 35

Ideal for workload with flexible start and end times or that can withstand interruptions. Leverage unused EC2 computing capacity and offer cost savings up to 90% of On-Demand Instance prices.

Answer 35

Spot Instance

Question 36

Physical servers with EC2 Instance capacity that is fully dedicated to a single customer. Is the most expensive option. A business can use per-socket, per-core, and per-VM SW licences.

Answer 36

Dedicated Hosts

Question 37

Migration strategy that involves replacing an existing app with a cloud-based version, such as a SW found in AWS Marketplace.

Answer 37

Repurchasing

Question 38

Migration strategy that involves moving an app to the cloud with LITTLE TO NO modifs. to the app itself. “Lift & Shift”

Answer 38

Rehosting

Question 39

Migration strategy that involves selectively optimizing aspects of an app to achieve benefits in the cloud w/o changing the core architecture of the app. “Lift, Tinker, & Shift”

Answer 39

Replatforming

Question 40

Data warehousing service for provideing big data analysis.

Answer 40

Amazon Redshift

Question 41

Is a ledger db service. To review a complete history of all the changes that have been made to app data.

Answer 41

Amazon Quantum Ledger Database (Amazon QLDB)

Question 42

Virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance. By default, it DENIES all inbound traffic and allows all outbound traffic. Business can add custom rules.

Answer 42

Security group

Question 43

Virtual firewall that controls inbound and outbound traffic at the subnet level (of one or more subnets). Is an optional layer of security.

Answer 43

Network Access Control List (NACL)

Question 44

Connection between a VPC and the internet.

Answer 44

Internet Gateway

Question 45

Fully managed service that runs Kubernetes in AWS.

Answer 45

Amazon EKS

Question 46

Provide a std way to package an app’s code and dependencies into a single object

Answer 46

Container

Question 47

Service that provides the capability to quickly build, train, and deploy machine learning models.

Answer 47

Amazon SageMaker

Question 48

Identifies threats by continually monitoring the network activity and account behavior within an AWS environment. It analyzes multiple AWS data sources, such as AWS CloudTrail event logs, Amazon VPC Flow Logs, and DNS Logs.

Answer 48

AWS GuardDuty

Question 49

Service that helps protect apps against distributed denial-of-service (DDoS) attacks.

Answer 49

AWS Shield

Question 50

Service that checks apps for security vulnerabilities and deviations from security best practices.

Answer 50

Amazon Inspector

Question 51

Service that monitors network requests for web apps

Answer 51

AWS WebApplication Firewall (WAF)

Question 52

Business can quickly create CUSTOM REPORTS to analyze their AWS cost and usage data OVER TIME.

Answer 52

AWS Cost Explorer

Question 53

Lets businesses set custom alerts that will notify individuals when service usage exceeds (or is forecasted to exceed) the amount that has been budgeted.

Answer 53

AWS Budget

Question 54

Creates an ESTIMATE for the cost of business’ use cases on AWS.

Answer 54

AWS Pricing Calculator

Question 55

Service that provides access to AWS security and compliance reports and special online agreements

Answer 55

AWS Artifact

Question 56

Message queuing service. An app developer can send, store, and receive messages between SW components at any volume size, w/o loosing messages or requiring other services to be available.

Answer 56

Amazon SQS

Question 57

DNS web service.

Answer 57

Amazo Route 53

Question 58

Businesses centrally control permissions for their accounts by using service control policies (SCP). Additionally, it helps to consolidate billing for multiple AWS accounts.

Answer 58

AWS Organizations.

Question 59

Service that creates, manages, store, and uses cryptographic keys.

Answer 59

AWS Key Mgmt Service (AWS KMS)

Question 60

Pillar that focuses on using computing resources efficiently to meet system and business requirements (removing bottlenecks), and to maintain that efficiency as demand changes and technology evolve.

Answer 60

Performance Efficiency

Question 61

Pillar that includes the ability to run workloads effectively, gain insights, and continually improve supporting processes to deliver business value

Answer 61

Operational Excellence

Question 62

Pillar that focuses on protecting data, systems, and assets. Also to improve the security of your workoads.

Answer 62

Security

Question 63

Pillar that focuses on the ability of a workload to consistently and correctly perform its intended functions.

Answer 63

Reliability

Question 64

Automate the deployment of workloads into an AWS environment.

Answer 64

AWS Quick Starts

Question 65

Provides built-in human reviews workflows for common ML use cases, such as content moderation and text extraction for documents.

Answer 65

Amazon Augmented AI (amazon A2I)

Question 66

ML service that atm extracts text and data from scanned documents.

Answer 66

Amazon Textract

Question 67

Service that builds coversational interfaces using voice and text.

Answer 67

Amazon Lex

Question 68

A fully isolated portion of the AWS global infrastructure. Is a single datacenter or a group of data centers.

Answer 68

Availability Zone

Question 69

A separate geographical location with multiple locations that are isolated from each other.

Answer 69

Region

Question 70

Service that establishes a DEDICATED private connection between an On-Premises data center and VPC.

Answer 70

AWS Direct Connect

Question 71

Establishes a virtual private network (VPN) connection between a VPC and a private network. It creates an encrypted network path between your on-premises and cloud network by using internet.

Answer 71

Virtual Private Gateway

Question 72

Is a document DB service that support MongoDB workloads.

Answer 72

Amazon DocumentDB

Question 73

Are the IAM resource objects that are used to identify and group. These includes users, groups and roles.

Answer 73

Identities

Question 74

Are the IAM resource that AWS uses for authentication. These includes IAM users, federated users, and assumed IAM roles.

Answer 74

Entities

Question 75

Organize and group AWS resources. It makes easier to manage and automate tasks on a large numbers of resources at one time.

Answer 75

Resource Groups

Question 76

Service that helps you provision virtual, cloud-based Microsoft Windows, Amazon Linux, or Ubuntu Linux desktops for your users, is a Desktop as a Service (DaaS)

Answer 76

Amazon WorkSpaces

Question 77

This level support plan provides one hour or less response time for production level failures.

Answer 77

Business Support

Question 78

This type of data (public keys, ip address, instance id) is stored in…

Answer 78

Instance Metadata

Question 79

Structured program available to Enterprise Support level (and Business Support custs. for an extra fee) that helps you plan for large-scale events, such as product or application launches, infrastructure migrations, and marketing events.

Answer 79

AWS Infrastructure Event Management / AWS Countdown

Question 80

Structured program that give you strategic planning assistance before your event, as well as real-time support during those moments that matter most for your business.

Answer 80

AWS Infrastructure Event Management / AWS Countdown

Question 81

Is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses. Instances in either VPC can communicate with each other as if they are within the same network.

Answer 81

VPC Peering

Question 82

Payment method from Reserved Instances term that will save the most money?

Answer 82

All Upfront

Question 83

Is a resource-based AWS IAM policy. You add it to a bucket to grant other AWS accounts or IAM users access permissions for the buckets and the objects stored in it.

Answer 83

Bucket Policy

Question 84

You can add rules in an S3 Lifecycle configuration to tell Amazon S3 to transition objects to another Amazon S3 storage class.

Answer 84

S3 Lifecycle Policy

Question 85

Fully managed source control service that hosts secure Git-based repositories. it makes easy for teams to collab on code in a secure and highle scalable ecosystem.

Answer 85

AWS CodeCommit

Question 86

Is a cloud-based service for creating, managing, and working with sw development projects on AWS.

Answer 86

AWS CodeStar

Question 87

Provides alerts and remmediation guidance when AWS is experiencing events that may impact you.

Answer 87

AWS Personal Health Dashboard

Question 88

Balancer type best suited for load balancing of Transmission Control Protocol (TCP), User Datagram Protocol (UDP) and Transport Layer Security (TLS) traffic when extreme performance is required.

Answer 88

Network Load Balancer

Question 89

An organizational ability to leverage processes to deploy resources to achieve a particular outcome.

Answer 89

Capability (in AWS CAF)

Question 90

A model for cloud adoption that uses best practices to accelerate business outcomes through digital transformation.

Answer 90

AWS Cloud Adoption Framework (AWS CAF)

Question 91

The transformation domains of AWS CAF.

Answer 91

Technology, Process, Organization, Product

Question 92

The key AWS CAF components are:

Answer 92

Transformation Domains, Business Outcomes, Perspectives and Capabilities.

Question 93

Perspective that helps you achieve the confidentiality, integrity and availability of your data and cloud workloads.

Answer 93

Security Perspective

Question 94

AWS Cloud best practice: Multipart uploads use multi-threading.

Answer 94

Think Parallel

Question 95

Tool that lets you test and troubleshoot identity-based policies, IAM permission boundaries, Organizations service control policies, and resource-based policies

Answer 95

IAM Policy Simulator

Question 96

Resource that provides an end to end view of requests as they travel through your app, and shows a map of your application’s underlaying components.

Answer 96

Amazon X-Ray

Question 97

Contains the most comprehensive set of AWS cost and usage data available, including additional metadata about AWS services, pricing, and reservations.

Answer 97

AWS Cost and Usage Report

Question 98

It translates the private IP addresses assigned to your devices to a pulic IP addresses that can be used on the internet. Allows the connection between components within a private subnet to the internet.

Answer 98

AWS Network Address Translation (AWS NAT Gateway)

Question 99

When working with AWS Command Line Interface (CLI) you need to provide an access key id and a secret access key.

Answer 99

Access key

Question 100

Fully managed data security and data privacy service that uses ML and pattern matching to discover and protect your sensitive data in AWS.

Answer 100

Amazon Macie

Question 101

Which AWS services provide atm replication across Availability Zones?

Answer 101

DynamoDB and S3

Question 102

AWS service that lets you remotely and securely manage the configuration of your managed instances. A managed instance is any EC2 instance or on-premises machine in your hybrid env. that has been configured by the same AWS service.

Answer 102

AWS System Manager Run Command

Question 103

Fully managed continuos delivery service that helps you automate your release pipelines for fast and reliable app and infrastructure updates. It automates the build, test, and deploy phases of your release process.

Answer 103

AWS CodePipeline

Question 104

Can be used to migrate DATA from an on-premises db to a db in AWS.

Answer 104

AWS Database Migration Service (AWS DMS)

Question 105

IS an automated lift-and-shift solution. This solution can migrate physical servers and any db’s or apps that run on them to EC2 instances in AWS.

Answer 105

AWS Application Migration Service (AWS MGN)

Question 106

Is the primary point of contact for billing or account inquiries (applicable just for Enterprise Support).

Answer 106

Support Concierge Team

Question 107

Helps you ensure your accounts conform to company-wide policies.

Answer 107

Control Tower

Question 108

Allows you to manage and retrieve secrets (passwords or keys). It also manage the encryption of EBS volumes for Amazon EC2.

Answer 108

Key Management Service (KMS)

Question 109

Design principle “Use serverless architectures first” belongs to the pillar:

Answer 109

Performance Efficiency Pillar

Question 110

Design principle “Deply smaller, reversible changes” belongs to the pillar:

Answer 110

Operational Excellence Pillar

Question 111

If you notice your AWS account has been compromised, you have to contact…

Answer 111

AWS Trust & Safety team

Question 112

Service that allows you to assess, audit, and evaluate the configuration of your resources over time. Works with EC2 instances, servers running on-premises, and servers and VMs in environments provided by other cloud providers.

Answer 112

AWS Config

Question 113

Design principle “Plan for and anticipate failures” belongs to the pillar:

Answer 113

Operational Excellence Pillar

Question 114

Design principle “Learn from failures and refine” belongs to the pillar:

Answer 114

Operational Excellence Pillar

Question 115

Design principle “Use multi-region deployments” belongs to the pillar:

Answer 115

Performance Efficiency Pillar

Question 116

Design principle “Delegate tasks to a cloud vendor” belongs to the pillar:

Answer 116

Performance Efficiency Pillar

Question 117

Controls access to mobile and web apps

Answer 117

AWS Cognito

Question 118

Origins: LB, S3, Domain Name cam be for…

Answer 118

AWS CloudFront

Question 119

Service that helps you enable governance, compliance, and operations and risk audits for your AWS account. Actions that an AWS user, role, or service performs are logged as events in CloudTrail. It tracks the AWS Region and username.

Answer 119

AWS CloudTrail

Question 120

You can assign metadata to your AWS resources in the form of tags.

Answer 120

Resource Tag

Question 121

Technology partners provide software solutions. Consulting partners offer professional services.

Answer 121

AWS Partner Network (APN)

Question 122

Helps you efficiently operate your AWS infrastructure and reduces operational risks and overhead.

Answer 122

Managed Services

Question 123

Feature that allows you to track AWS costs by labeling resources using a key and value pair.

Answer 123

Cost Allocation Tags

Question 124

Allows you to select and deploy operating system and sw patches (operational tasks) automatically across your AWS resources

Answer 124

AWS Systems Manager

Question 125

This API allows you to receive price alerts when prices change

Answer 125

Prices List API

Question 126

Is a global team of experts that can help you realize your desired business outcomes with AWS.

Answer 126

Professional Services

Question 127

This service helps you manage data backups across multiple AWS services. You’re able to create a backup plan that includes frequency and retention.

Answer 127

AWS Backup

Question 128

Text messaging service used for mobile and internet devices and pre-dates cloud sevrices and the internet.

Answer 128

AWS Short Message Service (SMS)

Question 129

Is an email service that can send HTML-formatted messages from applications.

Answer 129

AWS Simple Email Service (SES)

Question 130

Is a service that allows apps to send email and text messages.

Answer 130

AWS Simple Notification Service (SNS)

Question 131

Service that allows you to deploy apps either on-premises or on EC2 instances in AWS Cloud, and it also automates infrastructure management using Chef or Puppet.

Answer 131

AWS OpsWorks

Question 132

Developer tool that manages the deployment of code to compute services in the cloud or on-premises.

Answer 132

AWS CodeDeploy

Question 133

Service that has a maximun message size of 256 KB (std queues) or 2 GB (FIFO queues) depending on the queue type. It tries to process messages based on First-In/First-Out but the order is only guaranteed with SQS FIFO queues.

Answer 133

Amazon SQS

Question 134

Is a natural language processing (NLP) service in which machine learning is used to discover valuable information and connections in texts.

Answer 134

Amazon Comprehend

Question 135

What are public cloud, private and hybrid?

Answer 135

Cloud Deployment Models

Question 136

Cost-effectively processes and analyzes streaming data at any scale as a fully managed service.

Answer 136

Amazon Kinesis

Question 137

Fully managed service that extends AWS infrastructure. AWS services, APIs, and tools to aby datacenter. Is ideal for workloads that require low latency access to on-premises systems, local data processing, or local data storage.

Answer 137

AWS Outposts

Question 138

You can use this device to collect, process and move data to AWS, either offline by shipping the device or online with AWS DataSync

Answer 138

AWS Snowcone

Question 139

Is a data migration and edge computing device that comes in two device options: Compute Optimized and Storage Optimized.

Answer 139

AWS Snowball

Question 140

Is used by developers to create APIs.

Answer 140

API Gateway

Question 141

Is a form of programmatic access. It provides access to your AWS resources through an app or a tool like CLI.

Answer 141

Application code

Question 142

What are the following controls? Patch mgmt, Config mgmt, Awareness & Training

Answer 142

Shared Controls (AWS & Customer)

Question 143

Is a program that allows establishing a secure connection from your local laptop to an EC2 instance

Answer 143

SSH Client

Question 144

Consisting of a private key and a public key, is a set of security credentials you use to prove your identity when contacting to an instance. You store the private key loaclly.

Answer 144

Pair keys

Question 145

Which apps monitors the health of your apps and instances?

Answer 145

ELB, Route 53, Elastic Beanstalk

Question 146

This service offers secure, on-board storage and compute power that can handle local processing and edge computing workloads in disconnected environments.

Answer 146

Snowball Edge Compute-Optimized

Question 147

Allows you to control access to data using AWS Identity and Access Management (IAM) policies, access control lists (ACLs), and Amazon S3 bucket policies. It also allows to query data in S3 using standard SQL.

Answer 147

Amazon Athena

Question 148

Is a managed cluster platform that simplifies running big data frameworks, such as Apache Hadoop and Apache Spark , on AWS to process and analyze vast amounts of data.

Answer 148

Amazon EMR (previously called Amazon Elastic MapReduce)

Question 149

Person or app that uses the AWS account root user, an IAM user or an IAM role to sign in an make requests to AWS.

Answer 149

Principal

Question 150

Is a fully managed serv. that offers reliability, security, scalability, anda broad set of capabilities that make it convenient and cost-effective to launch, run and scale high-performance file systems in the cloud.

Answer 150

Amazon FSx

Question 151

AWS BI Tool, can ingest data from the Cost and Usage Report

Answer 151

Amazon Quicksight

Question 152

Is a virtual private server (VPS) provider and the easiest way to get started with AWS for developers, small businesses, students, and other users who need a solution to develop and maintain their applications in the cloud.

Answer 152

Amazon Lightsail

Question 153

Are incremental backups that only saves the block on the volume that have changes after your most recent snapshot. The backups are stored redundantly in multiple AVZs using Amazon S3.

Answer 153

EBS Snapshots

Question 154

Is a command line interface (CLI) that you can use to quickly launch and manage containerized applications on AWS. It simplifies running applications on Amazon Elastic Container Service (ECS), AWS Fargate, and AWS App Runner.

Answer 154

AWS Copilot

Question 155

Helps you plan your migration to the AWS cloud by collecting usage and configuration data about your on-premises servers and databases. Application Discovery Service is integrated with AWS Migration Hub and AWS Database Migration Service Fleet Advisor.

Answer 155

AWS Application Discovery Service

Question 156

Automatic speech recognition service that uses machine learning models to convert audio to text. You can use it as a stand-alone transcription service or to add speech-to-text capabilities to any application.

Answer 156

Amazon Transcribe

Question 157

It is a cloud service that converts text into a very realistic spoken segment.

Answer 157

AWS Polly

Question 158

Perform media transcoding tasks in the cloud. It is designed as a highly scalable, easy-to-use and cost-effective method for developers and businesses to convert (or “transcode”) media content from its original format to versions that can be played on devices such as smartphones, tablets and PCs.

Answer 158

Amazon Elastic Transcoder

Question 159

Is a migration assessment service that helps you create a directional business case for AWS cloud planning and migration.

Answer 159

Migration Evaluator

Question 160

Is a cloud security posture management (CSPM) service that streamlines security operations with automated, continuous, security best practice checks against your AWS resources to help you identify misconfigurations.

Answer 160

AWS Security Hub