Cloud Flashcards
A corporation would like to simplify access management to multiple AWS accounts as well as facilitate
AWS Single Sign-On (AWS SSO) access to its AWS accounts. As a Cloud Practitioner,
which AWS service would you use for this task?
-AWS Command Line Interface (CLI)
-AWS Identity and Access Management (AWS IAM)
-AWS Cognito
-AWS IAM Identity Center
AWS IAM Identity Center
The DevOps team at an e-commerce company is trying to debug performance issues for its serverless
application built using a microservices architecture. As a Cloud Practitioner,
which AWS service would you recommend addressing this use-case?
-Amazon Pinpoint
-AWS Trusted Advisor
-AWS CloudFormation
-AWS X-Ray
-AWS X-Ray
Which option is a common stakeholder role for the AWS Cloud Adoption Framework (AWS CAF) platform perspective? (Select two)
-Chief Information Officer (CIO)
-Chief Product Officer (CPO)
-Chief Technology Officer (CTO)
-Chief Data Officer (CDO)
-Engineer
-Chief Technology Officer (CTO)
-Engineer
A financial services company wants to migrate from its on-premises data center to AWS Cloud. As a Cloud Practitioner,
which AWS service would you recommend so that the company can compare the cost of running their IT infrastructure on-premises vs AWS Cloud?
-AWS Pricing Calculator
-AWS Trusted Advisor
-AWS Budgets
-AWS Cost Explorer
-AWS Pricing Calculator
A developer would like to automate operations on his on-premises environment using Chef and Puppet.
Which AWS service can help with this task?
-AWS CloudFormation
-AWS Batch
-AWS CodeDeploy
-AWS OpsWorks
-AWS OpsWorks
A unicorn startup is building an analytics application with support for a speech-based interface.
The application will accept speech-based input from users and then convey results via speech.
As a Cloud Practitioner, which solution would you recommend for the given use-case?
-Use Amazon Polly to convert speech to text for downstream analysis. Then use Amazon Transcribe to convey the text results via speech
-Use Amazon Translate to convert speech to text for downstream analysis. Then use Amazon Polly to convey the text results via speech
-Use Amazon Transcribe to convert speech to text for downstream analysis. Then use Amazon Polly to convey the text results via speech
-Use Amazon Polly to convert speech to text for downstream analysis. Then use Amazon Translate to convey the text results via speech
-Use Amazon Transcribe to convert speech to text for downstream analysis. Then use Amazon Polly to convey the text results via speech
Which AWS Route 53 routing policy would you use to route traffic to multiple resources
and also choose how much traffic is routed to each resource?
-Weighted routing
-Simple routing
-latency-based routing
-Failover routing
-Weighted routing
Which of the following options is NOT a feature of Amazon Inspector?
-Inspect running operating systems (OS) against known vulnerabilities
-Automate security assessments
-Analyze against unintended network accessibility
-Track configuration changes
-Track configuration changes
Which of the following options are the benefits of using AWS Elastic Load Balancing (ELB)? (Select TWO)
-High availability
-Fault tolerance
-Agility
-Storage
-Less costly
-High availability
-Fault tolerance
A data analytics company is running a proprietary batch analytics application on AWS and wants to use a
storage service which would be accessed by hundreds of EC2 instances simultaneously to append data to existing files.
As a Cloud Practitioner, which AWS service would you suggest for this use-case?
-Amazon Elastic Block Store (Amazon EBS)
-Instance Store
-Amazon Elastic File System (Amazon EFS)
-Amazon Simple Storage Service (Amazon S3)
-Amazon Elastic File System (Amazon EFS)
A Cloud Practitioner would like to get operational insights of its resources to quickly
identify any issues that might impact applications using those resources.
Which AWS service can help with this task?
-AWS Trusted Advisor
-AWS Systems Manager
-AWS Health Dashboard - Your Account Health
-Amazon Inspector
-AWS Systems Manager
An IT company is on a cost-optimization spree and wants to identify all Amazon Elastic Compute Cloud
(Amazon EC2) instances that are under-utilized. Which AWS services can be used off-the-shelf
to address this use-case without needing any manual configurations? (Select two)
-AWS Trusted Advisor
-AWS Budgets
-AWS Cost Explorer
-Amazon CloudWatch
-AWS Cost & Usage Report (AWS CUR)
-AWS Trusted Advisor
-AWS Cost Explorer
Which of the following are the advantages of using the AWS Cloud? (Select TWO)
-Stop guessing about capacity
-Trade operational expense for capital expense
-Limited scaling
-AWS is responsible for security in the cloud
-Increase speed and agility
-Stop guessing about capacity
-Increase speed and agility
Which of the following AWS services can be used to forecast your AWS account usage and costs?
-AWS Pricing Calculator
-AWS Cost Explorer
-AWS Budgets
-AWS Cost & Usage Report (AWS CUR)
-AWS Cost Explorer
A financial services company wants to ensure that its AWS account activity meets the governance,
compliance and auditing norms. As a Cloud Practitioner, which AWS service would you recommend for this use-case?
-AWS CloudTrail
-AWS Config
-Amazon CloudWatch
-AWS Trusted Advisor
-AWS CloudTrail
A photo sharing web application wants to store thumbnails of user-uploaded images
on Amazon Simple Storage Service (Amazon S3). The thumbnails are rarely used but need to be
immediately accessible from the web application. The thumbnails can be regenerated easily
if they are lost. Which is the most cost-effective way to store these thumbnails on Amazon Simple Storage Service (Amazon S3)?
-Use Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) to store the thumbnails
-Use Amazon S3 Standard to store the thumbnails
-Use Amazon S3 Standard-Infrequent Access (S3 Standard-IA) to store the thumbnails
-Use Amazon S3 Glacier Flexible Retrieval to store the thumbnails
Use Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) to store the thumbnails
Which of the following AWS authentication mechanisms supports an AWS Multi-Factor Authentication (AWS MFA) device that you can plug into a USB port on your computer?
-U2F security key
-Hardware Multi-Factor Authentication (AWS MFA) device
-SMS text message-based Multi-Factor Authentication (AWS MFA)
-Virtual Multi-Factor Authentication (AWS MFA) device
-U2F security key
AWS Marketplace facilitates which of the following use-cases? (Select two)
-Buy Amazon EC2 Standard Reserved Instances (RI)
-AWS customer can buy software that has been bundled into customized Amazon Machine Image (AMIs) by the AWS Marketplace sellers
-Raise request for purchasing AWS Direct Connect connection
-Purchase compliance documents from third-party vendors
-Sell Software as a Service (SaaS) solutions to AWS customers
-AWS customer can buy software that has been bundled into customized Amazon Machine Image (AMIs) by the AWS Marketplace sellers
-Sell Software as a Service (SaaS) solutions to AWS customers
Which AWS service can be used to subscribe to an RSS feed to be notified of the status of all AWS service interruptions?
-AWS Health Dashboard - Your Account Health
-AWS Health Dashboard - Service Health
-Amazon Simple Notification Service (Amazon SNS)
-AWS Lambda
-AWS Health Dashboard - Your Account Health
An intern at an IT company provisioned a Linux based On-demand EC2 instance with per-second billing
but terminated it within 30 seconds as he wanted to provision another instance type.
What is the duration for which the instance would be charged?
-60 seconds
-300 seconds
-600 seconds
-30 seconds
-60 seconds
A start-up would like to quickly deploy a popular technology on AWS. As a Cloud Practitioner,
which AWS tool would you use for this task?
-AWS Forums
-AWS CodeDeploy
-AWS Whitepapers
-AWS Partner Solutions (formerly Quick Starts)
-AWS Partner Solutions (formerly Quick Starts)
AWS Organizations provides which of the following benefits? (Select two)
-Provision Amazon EC2 Spot instances across the member AWS accounts
-Volume discounts for Amazon EC2 and Amazon S3 aggregated across the member AWS accounts
-Deploy patches on Amazon EC2 instances across the member AWS accounts
-Check vulnerabilities on Amazon EC2 instances across the member AWS accounts
-Share the reserved Amazon EC2 instances amongst the member AWS accounts
-Volume discounts for Amazon EC2 and Amazon S3 aggregated across the member AWS accounts
-Share the reserved Amazon EC2 instances amongst the member AWS accounts
AWS Compute Optimizer delivers recommendations for which of the following AWS resources? (Select two)
-AWS Lambda functions, Amazon Simple Storage Service (Amazon S3)
-Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon Elastic File System (Amazon EFS)
-Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon EC2 Auto Scaling groups
-Amazon Elastic Block Store (Amazon EBS), AWS Lambda functions
-Amazon Elastic File System (Amazon EFS), AWS Lambda functions
-Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon EC2 Auto Scaling groups
-Amazon Elastic Block Store (Amazon EBS), AWS Lambda functions
A startup runs its proprietary application on docker containers. As a Cloud Practitioner,
which AWS service would you recommend so that the startup can run containers and still have access to the underlying servers?
-Amazon Elastic Container Service (Amazon ECS)
-AWS Lambda
-AWS Fargate
-Amazon Elastic Container Registry (Amazon ECR)
-Amazon Elastic Container Service (Amazon ECS)
Which pillar of the AWS Well-Architected Framework recommends maintaining infrastructure as code (IaC)?
-Security
-Cost Optimization
-Operational Excellence
-Performance Efficiency
-Operational Excellence
Which of the following are the best practices when using AWS Organizations? (Select TWO)
-Never use tags for billing
-Create AWS accounts per department
-Do not use AWS Organizations to automate AWS account creation
-Restrict account privileges using Service Control Policies (SCP)
-Disable AWS CloudTrail on several accounts
-Create AWS accounts per department
-Restrict account privileges using Service
A silicon valley based healthcare startup stores anonymized patient health data on Amazon S3.
The CTO further wants to ensure that any sensitive data on S3 is discovered and identified to prevent any sensitive data leaks.
As a Cloud Practitioner, which AWS service would you recommend addressing this use-case?
-AWS Glue
-Amazon Macie
-AWS Secrets Manager
-Amazon Polly
-Amazon Macie
A company uses reserved EC2 instances across multiple units with each unit having its own AWS account. However,
some of the units under-utilize their reserved instances while other units need more reserved instances.
As a Cloud Practitioner, which of the following would you recommend as the most cost-optimal solution?
-Use AWS Cost Explorer to manage AWS accounts of all units and then share the reserved EC2 instances amongst all units
-Use AWS Systems Manager to manage AWS accounts of all units and then share the reserved EC2 instances amongst all units
-Use AWS Trusted Advisor to manage AWS accounts of all units and then share the reserved EC2 instances amongst all units
-Use AWS Organizations to manage AWS accounts of all units and then share the reserved EC2 instances amongst all units
-Use AWS Organizations to manage AWS accounts of all units and then share the reserved EC2 instances amongst all units
A multi-national corporation wants to get expert professional advice on migrating to AWS and managing
their applications on AWS Cloud. Which of the following entities would you recommend for this engagement?
-APN Technology Partner
-Concierge Support Team
-APN Consulting Partner
-AWS Trusted Advisor
-APN Consulting Partner
A company would like to optimize Amazon Elastic Compute Cloud (Amazon EC2) costs.
Which of the following actions can help with this task? (Select TWO)
-Set up Auto Scaling groups to align the number of instances with the demand
-Opt for a higher AWS Support plan
-Vertically scale the EC2 instances
-Purchase Amazon EC2 Reserved instances (RIs)
-Build its own servers
-Set up Auto Scaling groups to align the number of instances with the demand
-Purchase Amazon EC2 Reserved instances (RIs)
An organization maintains a separate Virtual Private Cloud (VPC) for each of its business units.
Two units need to privately share data. Which is the most optimal way of privately sharing data between the two VPCs?
-AWS Site-to-Site VPN
-VPC Endpoint
-VPC peering connection
-AWS Direct Connect
-VPC peering connection
An IT company has a hybrid cloud architecture and it wants to centralize the server logs for its Amazon Elastic Compute Cloud
(Amazon EC2) instances and on-premises servers. Which of the following is the MOST effective for this use-case?
-Use Amazon CloudWatch Logs for the Amazon Elastic Compute Cloud (Amazon EC2) instance and AWS CloudTrail for the on-premises servers
-Use Amazon CloudWatch Logs for both the Amazon Elastic Compute Cloud (Amazon EC2) instance and the on-premises servers
-Use AWS CloudTrail for the Amazon Elastic Compute Cloud (Amazon EC2) instance and Amazon CloudWatch Logs for the on-premises servers
-Use AWS Lambda to send log data from Amazon Elastic Compute Cloud (Amazon EC2) instance as well as on-premises servers to Amazon CloudWatch Logs
-Use Amazon CloudWatch Logs for the Amazon Elastic Compute Cloud (Amazon EC2) instance and AWS CloudTrail for the on-premises servers
Which of the following AWS services are always free to use (Select two)?
-Amazon DynamoDB
-Amazon Simple Storage Service (Amazon S3)
-Amazon Elastic Compute Cloud (Amazon EC2)
-AWS Identity and Access Management (AWS IAM)
-AWS Auto Scaling
-AWS Identity and Access Management (AWS IAM)
-AWS Auto Scaling
An IT company wants to run a log backup process every Monday at 2 AM. The usual runtime of the process is 5 minutes.
As a Cloud Practitioner, which AWS services would you recommend to build a serverless solution for this use-case? (Select two)
-Amazon Eventbridge
-AWS Systems Manager
-AWS Step Function
-AWS Lambda
-Amazon Elastic Compute Cloud (Amazon EC2)
-Amazon Eventbridge
-AWS Lambda
Which entity ensures that your application on Amazon Elastic Compute Cloud (Amazon EC2) always has the right amount of capacity to handle the current traffic demand?
-Amazon EC2 Auto Scaling
-Network Load Balancer
-Multi-AZ deployment
-Application Load Balancer
-Amazon EC2 Auto Scaling
Which of the following AWS services have data encryption automatically enabled? (Select two)?
-Amazon Redshift
-Amazon Simple Storage Service (Amazon S3)
-Amazon Elastic Block Store (Amazon EBS)
-Amazon Elastic File System (Amazon EFS)
-AWS Storage Gateway
-Amazon Simple Storage Service (Amazon S3)
-AWS Storage Gateway
A Cloud Practitioner would like to deploy identical resources across all AWS regions
and accounts using templates while estimating costs. Which AWS service can assist with this task?
-Amazon LightSail
-AWS CloudFormation
-AWS CodeDeploy
-AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD)
-AWS CloudFormation
Which of the following AWS services offer block-level storage? (Select two)
-Amazon Simple Storage Service (Amazon S3)
-Instance Store
-Amazon Elastic Container Service (Amazon ECS)
-Amazon Elastic Block Store (Amazon EBS)
-Amazon Elastic File System (Amazon EFS)
-Instance Store
-Amazon Elastic Block Store (Amazon EBS)
Which AWS service would you choose for a data processing project that needs a schemaless database?
-Amazon DynamoDB
-Amazon Relational Database Service (Amazon RDS)
-Amazon Aurora
-Amazon RedShift
-Amazon DynamoDB
Which of the following are the serverless computing services offered by AWS ? (Select two)
-AWS Elastic Beanstalk
-Amazon Elastic Compute Cloud (Amazon EC2)
-AWS Lambda
-AWS Fargate
-Amazon Lightsail
-AWS Lambda
-AWS Fargate
Which of the following is a container service of AWS?
-AWS Elastic Beanstalk
-Amazon Simple Notification Service (Amazon SNS)
-AWS Fargate
-Amazon SageMaker
AWS Fargate
A gaming company is looking at a technology/service that can deliver a consistent low-latency
gameplay to ensure a great user experience for end-users in various locations.
Which AWS technology/service will provide the necessary low-latency access to the end-users?
-AWS Wavelength
-AWS Direct Connect
-AWS Edge Locations
-AWS Local Zones
-AWS Local Zones
An organization deploys its IT infrastructure in a combination of its on-premises
data center along with AWS Cloud. How would you categorize this deployment model?
-Cloud deployment
-Hybrid deployment
-Mixed deployment
-Private deployment
-Hybrid deployment
Which of the following are correct statements regarding the AWS Shared Responsibility Model? (Select two)
-Configuration Management is the responsibility of the customer
-For a service like Amazon EC2, that falls under Infrastructure as a Service (IaaS), AWS is responsible for maintaining guest operating system
-AWS is responsible for training AWS and customer employees on AWS products and services
-For abstracted services like Amazon S3, AWS operates the infrastructure layer, the operating system, and platforms
-AWS is responsible for Security ‘of’ the Cloud
-For abstracted services like Amazon S3, AWS operates the infrastructure layer, the operating system, and platforms
-AWS is responsible for Security ‘of’ the Cloud
A startup wants to provision an EC2 instance for the lowest possible cost for a long-term
duration but needs to make sure that the instance would never be interrupted.
As a Cloud Practitioner, which of the following options would you recommend?
-EC2 Reserved Instance (RI)
-EC2 On-Demand Instance
-EC2 Spot Instance
-EC2 Dedicated Host
-EC2 Reserved Instance (RI)
Which AWS service will you use to provision the same AWS infrastructure across multiple AWS accounts and regions?
-AWS CodeDeploy
-AWS OpsWorks
-AWS CloudFormation
-AWS Systems Manager
-AWS CloudFormation
Which benefit of Cloud Computing allows AWS to offer lower pay-as-you-go prices as
usage from hundreds of thousands of customers is aggregated in the cloud?
-Increased speed and agility
-Massive economies of scale
-Trade capital expense for variable expense
-Go global in minutes
-Massive economies of scale
A medical device company is looking for a durable and cost-effective way of storing their historic data.
Due to compliance requirements, the data must be stored for 10 years. Which AWS Storage solution will you suggest?
-Amazon Elastic File System (Amazon EFS)
-Amazon S3 Glacier Deep Archive
-AWS Storage Gateway
-Amazon S3 Glacier Flexible Retrieval
-Amazon S3 Glacier Deep Archive
A company’s flagship application runs on a fleet of Amazon Elastic Compute Cloud (Amazon EC2) instances.
As per the new policies, the system administrators are looking for the best way to provide
secure shell access to Amazon Elastic Compute Cloud (Amazon EC2) instances without opening new ports or using public IP addresses.
-Which tool/service will help you achieve this requirement?
-AWS Systems Manager Session Manager
-Amazon Inspector
-Amazon Elastic Compute Cloud (Amazon EC2) Instance Connect
-Amazon Route 53
-AWS Systems Manager Session Manager
What is the primary benefit of deploying an Amazon Relational Database Service (Amazon RDS)
database in a Read Replica configuration?
-Read Replica protects the database from a regional failure
-Read Replica reduces database usage costs
-Read Replica improves database scalability
-Read Replica enhances database availability
-Read Replica improves database scalability
A company would like to separate cost for AWS services by the department for cost allocation.
Which of the following is the simplest way to achieve this task?
-Create different virtual private cloud (VPCs) for different departments
-Create different accounts for different departments
-Create tags for each department
-Create one account for all departments and share this account
-Create tags for each department
Which of the following Amazon S3 storage classes takes the most time to retrieve data
(also known as first byte latency)?
-Amazon S3 Intelligent-Tiering
-Amazon S3 Glacier Flexible Retrieval
-Amazon S3 Standard
-Amazon S3 Glacier Deep Archive
-Amazon S3 Glacier Deep Archive
A financial services enterprise plans to enable Multi-Factor Authentication (MFA) for its employees.
For ease of travel, they prefer not to use any physical devices to implement Multi-Factor Authentication (MFA).
Which of the below options is best suited for this use case?
-Hardware Multi-Factor Authentication (MFA) device
-U2F security key
-Soft Token Multi-Factor Authentication (MFA) device
-Virtual Multi-Factor Authentication (MFA) device
-Virtual Multi-Factor Authentication (MFA) device
Which of the following statements is the MOST accurate when describing AWS Elastic Beanstalk?
-It is an Infrastructure as Code (IaC) that allows you to model and provision resources needed for an application
-It is an Infrastructure as a Service (IaaS) that allows you to deploy and scale web applications and services
-It is a Platform as a Service (PaaS) that allows you to deploy and scale web applications and services
-It is a Platform as a Service (PaaS) that allows you to model and provision resources needed for an application
-It is a Platform as a Service (PaaS) that allows you to deploy and scale web applications and services
An AWS user is trying to launch an Amazon Elastic Compute Cloud (Amazon EC2) instance in a given region.
What is the region-specific constraint that the Amazon Machine Image (AMI) must meet so that it can be used
for this Amazon Elastic Compute Cloud (Amazon EC2) instance?
-You should use an Amazon Machine Image (AMI) from the same region, as it improves the performance of the Amazon EC2 instance
-An Amazon Machine Image (AMI) is a global entity, so the region is not applicable
-You must use an Amazon Machine Image (AMI) from the same region as that of the Amazon EC2 instance. The region of the Amazon Machine Image (AMI) has no bearing on the performance of the Amazon EC2 instance
-You can use an Amazon Machine Image (AMI) from a different region, but it degrades the performance of the Amazon EC2 instance
-You must use an Amazon Machine Image (AMI) from the same region as that of the Amazon EC2 instance. The region of the Amazon Machine Image (AMI) has no bearing on the performance of the Amazon EC2 instance
A cyber-security agency uses AWS Cloud and wants to carry out security assessments on its own AWS
infrastructure without any prior approval from AWS. Which of the following describes/facilitates this practice?
-Network Stress Testing
-Penetration Testing
-AWS Secrets Manager
-Amazon Inspector
-Penetration Testing
Due to regulatory and compliance reasons, an organization is supposed to use a hardware device for any
data encryption operations in the cloud. Which AWS service can be used to meet this compliance requirement?
-AWS Secrets Manager
-AWS Trusted Advisor
-AWS Key Management Service (AWS KMS)
-AWS CloudHSM
-AWS CloudHSM
Which service gives a personalized view of the status of the AWS services that are part of your Cloud architecture
so that you can quickly assess the impact on your business when AWS service(s) are experiencing issues?
-AWS Health - Your Account Health Dashboard
-Amazon Inspector
-AWS Health - Service Health Dashboard
-Amazon CloudWatch
-AWS Health - Your Account Health Dashboard
Which AWS service can help you analyze your infrastructure to identify unattached or underutilized Amazon EBS Elastic Volumes?
-AWS Config
-Amazon CloudWatch
-Amazon Inspector
-AWS Trusted Advisor
-AWS Trusted Advisor
An e-commerce company wants to store data from a recommendation engine in a database. As a Cloud Practioner, which
AWS service would you recommend to provide this functionality with the LEAST operational overhead for any scale?
-Amazon Relational Database Service (Amazon RDS)
-Amazon Simple Storage Service (Amazon S3)
-Amazon Neptune
-Amazon DynamoDB
-Amazon DynamoDB
What is the primary benefit of deploying an Amazon RDS Multi-AZ database with one standby?
-Amazon RDS Multi-AZ improves database performance for read-heavy workloads
-Amazon RDS Multi-AZ reduces database usage costs
-Amazon RDS Multi-AZ protects the database from a regional failure
-Amazon RDS Multi-AZ enhances database availability
-Amazon RDS Multi-AZ enhances database availability
Which AWS service can be used to automate code deployment to Amazon Elastic Compute Cloud (Amazon EC2)
instances as well as on-premises instances?
-AWS CodeDeploy
-AWS CodePipeline
-AWS CodeCommit
-AWS CloudFormation
-AWS CodeDeploy
Multi-AZ deployment is an example of which of the following?
-Scale out
-Performance Efficiency
-Scale up
-High Availability
-High Availability
Which policy describes prohibited uses of the web services offered by Amazon Web Services?
-AWS Fair Use Policy
-AWS Trusted Advisor
-AWS Acceptable Use Policy
-AWS Applicable Use Policy
-AWS Acceptable Use Policy
A company wants to improve the resiliency of its flagship application so it wants to move from its traditional database system to a
managed AWS NoSQL database service to support active-active configuration in both the East and West US AWS regions.
The active-active configuration with cross-region support is the prime criteria for any database solution that the company considers.
Which AWS database service is the right fit for this requirement?
-Amazon Aurora with multi-master clusters
-Amazon DynamoDB with global tables
-Amazon Relational Database Service (Amazon RDS) for MYSQL
-Amazon DynamoDB with DynamoDB Accelerator
-Amazon DynamoDB with global tables
Which AWS service can be used for online analytical processing
-Amazon DynamoDB
-Amazon ElastiCache
-Amazon Relational Database Service (Amazon RDS)
-Amazon Redshift
-Amazon DynamoDB
A company has a static website hosted on an Amazon simple storage service (Amazon S3) bucket in an AWS region in Asia. Although most of us users are in Asia, now it wants to drive growth globally. How can it improve the global performance of its static website?
- Use AWS web application firewall to improve the performance of your website
- Use Amazon cloudfront to improve the performance of your website
- Use Amazon cloudformation to improve the performance of your website
- use Amazon S3 transfer acceleration to improve the performance of your website
- Use Amazon cloudfront to improve the performance of your website
Amazon cloud, watch billing metric data is stored in which AWS region
- In the AWS region, where the AWS resource is provisioned
- In the AWS region, where the AWS account is created
- US East – US – east – 1
- US West – US – West – 1
- US East – US – east – 1
As a cloud practitioner, which Amazon simple storage service Amazon S3 storage class would you recommend for DATA archival
- Amazon S3 one zone – infrequent access
- Amazon S3 standard
- Amazon S3 intelligent tiering
- Amazon S3 glacier flexible retrieval
- Amazon S3 glacier flexible retrieval
A e-commerce company uses AWS cloud, and would like to receive separate invoices for development and production environments as a cloud practitioner which of the following solutions would you recommend for this case?
- Create separate AWS account for development and production environment to receive separate invoices
- Tag all resources in the AWS account as either development or production, then use the tags to create separate invoices
- Use AWS environments to create separate invoices for development and production environments
- Use AWS explorer to create separate invoices for development and production environments
- Create separate AWS account for development and production environment to receive separate invoices
AnIT company has a hybrid cloud architecture and wants to centralize the server logs for its Amazon the elastic compute cloud, Amazon EC2 instances and on premises servers. Which of the following is the most effective for this use case?
- Use Amazon cloud watch logs for the Amazon elastic compute cloud Amazon EC two instance and AWS cloud Trail for the on premise servers
- Use AWS cloud Trail for the Amazon elastic computer cloud Amazon E2 instance and Amazon cloud watch logs for the on premises servers
- Use AWS lambda to send log data from Amazon elastic compute cloud Amazon EC two instance as well as on premises servers to Amazon cloudwatch logs
- Use Amazon cloud watch logs for both the Amazon elastic compute cloud Amazon EC two instant and the on premises servers
- Use Amazon cloud watch logs for both the Amazon elastic compute cloud Amazon EC two instant and the on premises servers
AWS identity and access management AWS IAM policies are written as Json documents. Which of the following are mandatory elements of an IAM policy?
- Action, condition
- Effect, action
- SID, principal
- effect, SID
- Effect, action
A company is looking for a guided path to help deploy, configure, and secure its new workload while ensuring that it is ready for ongoing operations in the cloud which of the following AWS services/tools can be leveraged for this case
- AWS config
– AWS trusted advisor.
– AWS shared responsibility model.
– cloud formations
– cloud formations
Which is the following AWS entities provides information required to launch an Amazon elastic compute cloud Amazon EC two instance.
– Amazon elastic block store, Amazon, EBS
– Amazon machine image AMI
- AWS lambda
- Amazon elastic file system Amazon EFS
– Amazon machine image AMI
Which Amazon route 53 routing policy would you use when you want to route your traffic in a active – passive configuration?
– Fail over routing.
– latency based routing.
– simple routing.
– weighted routing
– Fail over routing.
AnIT company would like to move it IT resources, which include any data applications from an AWS region in the US to another AWS region in Europe, which of the following represents the correct solution for this use case.
– The company should use AWS database migration service, AWSDMS to move the resources, including any data and applications from source AWS region to destination, AWS region.
- the company should raise a ticket with AWS support for this resource migration
– The company should just start creating new resources in the destination, AWS region and then migrate relevant data and applications into the new AWS region
– the company should use AWS cloud formation to move the resources, including any data and applications from source AWS region to destination AWS region
– The company should just start creating new resources in the destination, AWS region and then migrate relevant data and applications into the new AWS region
Which of the following is a perspective of AWS cloud adoption framework AWS CAF
- process
– product
– architecture
– business
– business
Which AWS service will you use to privately connect your virtual private cloud PC to Amazon simple storage surface Amazon S3
- Amazon API Gateway
– AWS direct connect.
– AWS transit Gateway
– VPC endpoint
– VPC endpoint
Which AWS service can be used to execute code, triggered by new files being uploaded to Amazon Amazon simple storage service Amazon S3
- Amazon elastic compute cloud Amazon EC2
- Amazon elastic container service Amazon ECS
- AWS Lambda
- Amazon simple queue service Amazon SQS
- AWS Lambda
Which AWS service can help you create data driven business cases for transitioning your businesses from on premise to AWS cloud
- AWS migration evaluator.
– AWS budgets
– AWS trusted advisor.
– AWS billing and cost management
- AWS migration evaluator.
A multinational company has its business critical data stored on a fleet of Amazon elastic compute cloud Amazon EC2 instances in varying countries submitted and region specific client rules to demonstrate compliance. The company needs to submit historical configurations on a regular basis which AWS service is best suited for this requirement
- AWS Config
- Amazon guard duty?
– Amazon Macie
– Amazon cloud Trail.
- AWS Config
Under the AWS shared responsibility model which of the following is the responsibility of a customer regarding AWS lambda
- Patch underlying AWS lambda function infrastructure
- Maintain all runtime environments for AWS functions
- Maintain versions of an AWS lambda function
- Configure networking infrastructure for the AWS lambda functions
- Maintain versions of an AWS lambda function
Which of the following statement is correct regarding Amazon elastic file system Amazon EFS storage service
- EC2 instances can access files on an Amazon elastic file system. Amazon EFS file system across mini availability zones and VPCs, but not across regions.
- EC2 instances can access files on an Amazon elastic file system. Amazon EFS file system only in one availability zone.
- EC2 instances can access files on an Amazon Amazon elastic file system. Amazon EFS file system across many availability zones, but not across VPCs and regions.
- EC2 instances can access files on an Amazon elastic file system. Amazon EFS file system across many availability zones regions and VPCs.
- EC2 instances can access files on an Amazon elastic file system. Amazon EFS file system across many availability zones region and VPCs
A research lab wants to optimize the caching capabilities computations application running on Amazon elastic compute cloud Amazon EC2 instances. Which Amazon elastic compute cloud storage option is best suited for this use case?
- Amazon simple storage service Amazon S3
- Amazon elastic file system Amazon EFS
- Amazon elastic block store Amazon EBS
- instance store
- instance store
Which feature of AWS cloud offers ability to innovate faster and rapidly develop test and launch software applications
- cost savings
- Agility
- Ability to deploy globally in minutes
- elasticity
- Agility
Compared to the on-demand instant prices, what is the highest possible discount offered for a reserved instant?
- 40
- 72
- 50
- 90
- 72
Which AWS service can be used as an in memory database with high performance and low latency
- Amazon DynamoDB
- Amazon Athena
- Amazon ElastiCache
- Amazon Relational Database Service Amazon RDS
- Amazon ElastiCache
An IT company has deployed a static website on Amazon Simple Storage Service Amazon S3, but the website is still inaccessible. As a cloud Practitioner, which of the following solutions would you suggest to address this issue?
- Enable Amazon S3 Versioning
- Disable Amazon S3 encryption
- Enable Amazon S3 replication
- Fix the Amazon S3 bucket policy
- Fix the Amazon S3 bucket policy
Which of the following statements are true about AWS Lamba (select two)
- AWS Lambda let’s you run code without provisioning or managing servers
- you pay for the compute time you consume for AWS Lambda
- AWS Lambda allows you to orchestrate and manage Docker containers to facilitate complex containerized applications on AWS
- AWE Lambda allows you to install databases on the underlying server less Operating System
- AWS Lambda provides access to the underlying operating system to control its behavior through code
- AWS Lambda let’s you run code without provisioning or managing servers
- you pay for the compute time you consume for AWS Lambda
What foundational capability under the operations perspective is part of the AWS cloud Adoption framework
- Application portfolio management
- vulnerability management
- Performance and capacity management
- platform engineering
- Performance and capacity management
Which tool will help you review your workload against current AWS best practices for cost optimization, security and performance improvement and then obtained advice to architect them better
- AWS trusted advisor
- Amazon inspector
- AWS cost explorer
- Amazon cloud watch
AWS trusted advisor
Which AWS service can be used to store manage, and deploy docker container images
- Amazon elastic container registry ECR
- Amazon Elastic cloud Amazon EC2
- AWS lambda
- Amazon the elastic container service Amazon ECS
- Amazon elastic container registry ECR
What are the different gateway types supported by the AWS storage gateway service?
- Tape gateway, file gateway, and volume Gateway
- tape gateway, object gateway, and volume gateway
- Tape gateway, file gateway and block gateway
- object gateway, file gateway block gateway
- Tape gateway, file gateway, and volume Gateway
A company is using a message broker service on it on premises application and wants to move this messaging functionality to AWS cloud which of the following AWS services is the right choice to move the existing functionality easily
- Amazon kinesis data streams
- Amazon simple queue service Amazon SQS
- Amazon simple notification service Amazon SNS
- Amazon MQ
- Amazon MQ
Which of the following are examples of horizontal scalability a.k.a. elasticity select two
- elastic load balancing ELB
- Modify a database instance to higher CPU and ram
- Read Replicas in Amazon relational database service Amazon RDS
- Modify an EC2 instance type from t2.nano to u- 12tb1.metal
- add a bigger CPU to a computer
- elastic load balancing ELB
- Read Replicas in Amazon relational database service Amazon RDS
According to the AWS cloud adoption framework, what are two tasks that a company should perform when planning to migrate to the AWS cloud and aiming to be more responsive to customer, inquiries and feedback as part of their organizational transformation?
- Leverage legacy infrastructure for cost efficiencies
- Organize your teams around bureaucratic design principles
- Organize your teams around product and value streams
- Leverage agile method to rapidly iterate and evolve
- Create a new analytical insights with existing products and services
- Organize your teams around product and value streams
- Leverage agile method to rapidly iterate and evolve
AWS shield advance provides expanded DDS attack protection for web application running on which of the following resources select two
- Amazon API gateway
- AWS cloud formation
- AWS global accelerator
- amazon Amazon route 53
- AWS elastic beanstalk
- AWS global accelerator
- amazon Amazon route 53
Which AWS services can be used to facilitate organizational change management part of the reliability pillar of the AWS well architected framework select three
- Amazon inspector
- Amazon cloud watch
- AWS config
- Amazon guard duty
- AWS cloud Trail
- AWS trusted advisor
- Amazon cloud watch
- AWS config
- AWS cloud Trail
A big data analytics company is moving its IT infrastructure from an on premise data center to AWS cloud the company has some server bound software licenses that it wants to use on AWS as a cloud practitioner which of the following EC2 instances, would you recommend to the company?
- dedicated instance
- on demand instance
- dedicated host
- reserved instance
- dedicated host
Which of the following is a AWS database service
- Amazon red shift
- AWS storage gateway
- AWS database migration service
- AWS glue
- Amazon red shift
Which security service of AWS is enabled for all AWS customers by default at no additional cost
- AWS Web application firewall
- AWS shield advanced
- AWS secret manager
- AWS shield standard
- AWS shield standard
A startup wants to migrate its data and applications from the on premise data center to AWS cloud, which of the following options can be used by the start up to help with this migration select two
- Consult moderators on AWS developer forums
- use AWS trusted advisor to automate the infrastructure migration
- utilize AWS partner network to build a custom solution for this infrastructure migration
- raise a Support ticket with AWS support for further assistance
- leverage AWS professional services to accelerate the infrastructure migration
- utilize AWS partner network to build a custom solution for this infrastructure migration
- leverage AWS professional services to accelerate the infrastructure migration
Which of the following is the most most cost-effective option to purchase a EC2 reserved instance
- all upfront payment option with the standard one-year term
- No upfront payment option with a standard three term
- Partial upfront payment option with the standard three years term
- No upfront payment option with standard one year term
- Partial upfront payment option with the standard three years term
Compared to the on-demand instance prices, what is the highest possible discount offered for spot instances?
- 50
- 75
- 10
- 90
- 90
Which of the following AWS services has encryption enabled by default
- Amazon elastic file system
- AWS cloudTrail logs
- Amazon relational database service
- Amazon elastic block store
AWS cloudTrail logs
Which of the following AWS services support VPC and point Gateway for a private connection from a VPC select two
- amazon dynamo DB
- Amazon simple notification service
- Amazon simple queue service
- Amazon elastic compute cloud
- Amazon a simple storage service
- amazon dynamo DB
Amazon a simple storage service
Which a dip US support plan provides architectural guidance contextual to your specific use case
- AWS enterprise support
- AWS developer support
- AWS enterprise on ramp support
- AWS Business Support
- AWS Business Support
A company wants to identify the optimal AWS resource configuration for workload so that the company can reduce costs and increase low performance which of the following services can be used to meet this requirement
- AWS budget
- AWS systems manager
- AWS cost Explorer
- AWS compute optimizer
- AWS compute optimizer
Which AWS services can be used to decouple components of a micros surface based on AWS cloud select two
- Amazon simple notification service
- AWS lambda
- AWS step functions
- Amazon the simple queue service
- Amazon elastic compute cloud
Amazon simple notification service
Amazon the simple queue service
A customer has created a VPC and a subnet within AWS cloud, which of the following statements is correct
- an Amazon virtual private cloud spans all of the availability zones in the region, whereas a subnet spans only one availability zone in the region
- a subnet spans all of the availability zones in the region, whereas an Amazon virtual private cloud spans only one availability zone in the region
- Both the Amazon virtual private cloud, and the subnet span only one availability zone in the region
- Both the Amazon virtual private cloud, and the subnet span all of the availability zones in the region
- an Amazon virtual private cloud spans all of the availability zones in the region, whereas a subnet spans only one availability zone in the region
The AWS well architected framework provides guidance on building cloud-based applications using AWS best practices which of the following options are the pillars mentioned in the AWS well architected framework select two
- reliability
- cost optimization
- Availability
- Elasticity
- scalability
- reliability
- cost optimization
Which of the following can you use to connect your on premise network with AWS cloud select two
- AWS direct connect
- Amazon virtual private cloud
- Amazon route 53
- Internet gateway
- AWS virtual private network
- AWS direct connect
- AWS virtual private network
According to the AWS shared responsibility model, which of the following are responsibilities of the customer for Amazon RDS
- Managing the underlined server hardware on which Amazon relational database surface runs
- Applying patches to the Amazon relational database service database
- Applying patches to the underlying OS
- database encryption
- database encryption
Which of the following statement is correct for a security group and a network access control list
- security group as a firewall at the availability zone whereas network access control list as a firewall at the VPC level
- security group acts as a firewall at the instance level, whereas network access control list as a firewall at the subnet level
- Security group acts as a firewall at the subnet level where as network access control list as a firewall at the instance level
- security group as a firewall at the VPC level, whereas network access control list as a firewall at the availability zone level
- security group acts as a firewall at the instance level, whereas network access control list as a firewall at the subnet level
He start up has moved at IT infrastructure to the AWS cloud the CTO would like to receive detailed report that break down the start ups AWS cost by the hour in an Amazon simple storage service bucket. As a cloud practitioner, which AWS service would you recommend for this case?
- AWS pricing calculator
- AWS cost explorer
- AWS cost, and usage report
- AWS budgets
- AWS cost, and usage report
A customer is running a comparative study on pricing models of Amazon EFS and Amazon elastic block store that are used with the Amazon EC to instances that host the application which of the following statements are correct regarding this case select two
- You will pay a fee each time you read it or write data stored on the Amazon the elastic file system in frequent access storage class
- Amazon elastic block store snapshots are stored incrementally, which means you are billed only only for the blocks stored
- the elastic cloud charges will apply for all Amazon elastic block store direct API for snapshots
- with AWS back up you only pay for the amount of elastic file system back up storage you use in a month you need not pay for restoring this data
- Amazon elastic block door snapshot storage pricing is based on the amount of space your data consumes in Amazon the elastic block store
- You will pay a fee each time you read it or write data stored on the Amazon the elastic file system in frequent access storage class
- Amazon elastic block store snapshots are stored incrementally, which means you are billed only only for the blocks stored
Which of the following cloud computing models does the Gmail service represent?
- Function as a service
- infrastructure as a service
- Platform as a service
- software as a service
- software as a service
Which budget types can be created under AWS budgets select three
- reservation budget
- usage budget
- Resource budget
- Hardware budget
- cost budget
- reservation budget
- usage budget
- cost budget
Which of the control statements are correct regarding security groups and network access control lists select two
- a security group is stateless that is the returning traffic must be explicitly allowed
- a network access control list that is it automatically allows the return traffic
- a security group contains a numbered list of rules and evaluates. These rules increasing order while deciding whether to allow the traffic.
- a security group is that it automatically allows the return traffic
- a network access control list contains a numbered list of rules and evaluates these rules in the increasing order while deciding whether to allow the traffic
- a security group is that it automatically allows the return traffic
- a network access control list contains a numbered list of rules and evaluates these rules in the increasing order while deciding whether to allow the traffic
AWS lambda pricing is based on which of the following criteria select two
- the language written of the AWS lambda function
- number of requests for the AWS lambda function
- the size of the deployment package for the AWS lambda function
- The number of lines of code for the AWS lambda function
- the time it takes for the AWS lambda function to execute
- number of requests for the AWS lambda function
- the time it takes for the AWS lambda function to execute
Which of the following AWS services specialize in data migration from on premise to AWS cloud select two
- AWS direct connect
- AWS database migration service
- AWS transit Gateway
- AWS site to site VPN
- AWS snowball
- AWS database migration service
- AWS snowball
Which of the following are components of a AWS site to site VPN select two
- customer gateway
- AWS storage Gateway
- Network address translation Gateway
- Internet Gateway
- Virtual private Gateway
- customer gateway
-virtual private gateway
A firm wants to maintain the same data on Amazon simple store Orridge service between its production account and multiple test accounts. Which technique should you choose to copy data into multiple test accounts while retaining object metadata
- Amazon S3 bucket policy
- Amazon S3 transfer acceleration
- Amazon S3 storage classes
- Amazon S3 replication
- Amazon S3 replication
Which of the following entities are part of the Amazon virtual private cloud in the AWS cloud choose two
- AWS storage Gateway
- object
- API Gateway
- Internet gateway
- subnet
Internet gateway
- subnet
Which Amazon elastic compute cloud auto scalene feature can help with fault tolerance
- replacing unhealthy Amazon EC2 instances
- having the right amount of computing capacity
- Lower cost by adjusting the number of Amazon EC2 instances
- Distributing load to Amazon EC2 instances
- replacing unhealthy Amazon EC2 instances
Which types of monitoring can be provided by Amazon cloud watch select two
- Resource utilization
- Application performance
- API access
- Performance and ability of AWS services
- account management
- Resource utilization
- Application performance
Which of the following billing time frames is applied when running a Windows EC2 on-demand instance
- Pay per day
- Pay per minute
- Pay per second
- Pay per hour
- Pay per second
Which of the following services are provided by Amazon route 53 select two
- load balancing
- Domain registration
- transfer acceleration
- IP routing
- Health checks and monitoring
- Domain registration
- Health checks and monitoring
Which of the following criteria are used to calculate the charge for Amazon EBS volumes select two
- provisioned IOPS
- Data transfer in
- the Amazon EC2 instance type the Amazon EBS elastic volume is attached to
- Volume type
- Data type
- provisioned IOPS
- Volume type
An organization planning to move its infrastructure from the on premise data center to AWS cloud as a cloud practitioner which options would you recommend so that the organization can identify the right AWS services to build a solutions on AWS cloud select two
- AWS organizations
- AWS cloud Trail
- AWS partner network
- AWS service catalog
- Amazon cloud watch
- AWS partner network
- AWS service catalog
Which AWS service publishes up to the minute information on the general status and availability of all AWS services in the regions of the AWS cloud
- Amazon cloud watch
- AWS health dashboard Service health
- AWS health dashboard your account health
- AWS cloud formation
- AWS health dashboard Service health
Are scaling in EC2 and dynamo DB are examples of
- horizontal scaling
- vertical scaling
- horizontal scaling
AWS trusted advisor can provide guidance against the six well architected pillars, and architectural best practices
- True
- False
- false
Which of the following types are free under the Amazon simple storage service pricing model select two
- Data storage fee or object stored in s3 standard
- Data transferred in from the Internet
- Data storage fee for objects stored in S3 glacier
- DATA transferred out to an Amazon elastic computer cloud instance when the instance is in the same region as the S3 bucket
- Data transferred in from the Internet
- DATA transferred out to an Amazon elastic computer cloud instance when the instance is in the same region as the S3 bucket
Which of the following entities should be used for an Amazon elastic compute cloud instance to access a dynamoDB Table
- IAM role
- AWS key management service
- AWS IAM user access keys
- Amazon incognito
- IAM role
Which pillar of AWS well architected framework is responsible for making sure that you select the right resource types and sizes based on your workload requirements
- performance efficiency
- reliability
- cost optimization
- operational excellence
- performance efficiency
Which of the following entities can be used to connect to an Amazon elastic compute cloud server from a macOS Windows or Linux space computer computer via a browser based client
- AWS direct connect
- putty
- Amazon EC 2 instance connect
- SSH
Amazon EC 2 instance connect
Which of the following statements are correct regarding AWS global accelerator select two
- AWS global accelerator can be used to host static websites
- AWS global accelerator provide static IP addresses that act as a fixed entry point to your applications
- AWS global accelerator is a good fit for non-HTP cases
- AWS global accelerator cannot be configured with elastic balancer
- AWS global accelerator uses the AWS global network and edge locations but the edge locations used by global accelerator are different from Amazon cloudfront edge locations
- AWS global accelerator provide static IP addresses that act as a fixed entry point to your applications
- AWS global accelerator is a good fit for non-HTP cases
Which of the following are benefits of the AWS Web application firewall select two
- AWS Webb application firewall offers protection against all known infrastructure layer three and four attacks
- AWS application firewall can check for the presence of SQL code that is likely to be malicious
- AWS Webb, let you monitor the HTTPand http://requests are forwarded to Amazon route 53
- AWS web application firewall can block all requests except the ones that you allow
- AWS application firewall offers, dedicated support from the DDoS response team and advanced reporting
- AWS application firewall can check for the presence of SQL code that is likely to be malicious
- AWS web application firewall can block all requests except the ones that you allow
How is Amazon EC two different from traditional hosting system?
- with Amazon EC2 developers can launch and terminate the instances anytime they need to
- Amazon EC 2 can scale with changing computing requirements
- with Amazon EC 2 users risk over buying resources
- Amazon caters more towards groups of users with similar system requirements so that the server resources are shared across multiple users and the cost is reduced
- amazon E2 provides a pre-configured instance for a fixed monthly cost
- with Amazon EC2 developers can launch and terminate the instances anytime they need to
- Amazon EC 2 can scale with changing computing requirements
Which of the following AWS storage services can be directly used with on premise systems
- Amazon elastic block store
- amazon EC2 instant store
- Amazon elastic file system
- Amazon simple storage service
- Amazon elastic file system
Which AWS service would you use to create a logically isolated section of the AWS cloud or you can launch AWS resources in your virtual network?
- Network access control list
- Virtual private cloud
- subnet
- virtual private network
- Virtual private cloud
Which of the following statements are true about AWS Shared Responsibility Model? Select two
- AWS maintains the configuration of its infrastructure devices and is responsible for configuring the guest operating systems, databases, and applications
- AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest operating system and applications
- AWS trains AWS employees, but a customer must train their own employees
- Amazon elastic compute cloud is categorized as infrastructure as a service and hence AWS will perform all of the necessary security configuration and management tasks
- for Abstracted services, such as Amazon S3, AWS operates the infrastructure layer, for the operating system, platforms, encryption options, and appropriate permissions for accessing the s3 resources
- AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest operating system and applications
- AWS trains AWS employees, but a customer must train their own employees
A company wants to establish a private, dedicated connection between AWS and its on premises data center. Which AWS service is the right choice for this requirement?
- Amazon API gateway
- AWS Direct Connect
- Amazon Cloudfront
- AWS Site to site VPN
- AWS Direct Connect
Which of the following AWS services is delivered globally rather than regionally?
- AWS Snowmobile
- Amazon Elastic File System
- Amazon WorkSpaces
- Amazon Simple storage service buckets
- Amazon WorkSpaces
AWS support offers five support plan for its customers. Which of the following features are covered as part of the AWS basic support plan? Select two
- infrastructure event management
- use case guidance what AWS products, features and services to use for best supporting your specific needs
- one on one responses to account and billing questions
- client side diagnostic tools
- service health checks
- one on one responses to account and billing questions
- client side diagnostic tools
As part of a flexible pricing model, AWS offers two types of saving plans. Which of the following are the saving plans from AWS?
- instance saving plans, storage savings plans
- reserved instances saving plans, EC2 instance saving plans
- computer savings plans, storage saving plans
- compute savings plans, ec2 instance savings plans
- compute savings plans, ec2 instance savings plans
Which of the following statements are correct regarding the health monitoring and reporting capabilities supported by AWS Elastic Beanstalk? Select two
- the basic health reporting system that provides information about the health of instances in an AWS elastic Beanstalk environment does not use health checks performed by elastic load balancing
- with basic health reporting, the AWS elastic beanstalk service does not publish any metrics to Amazon cloudwatch
- the AWS elastic beanstalk health monitoring can determine that the environments auto scaling is available and has a minimum of at least one instance
- AWS elastic beanstalk provides only basic health reporting system; combined with elastic load balancing, they provide advanced health check features
- in a single instance environment, AWS elastic beanstalk determines the instances health by monitoring the elastic load balancing health settings
- with basic health reporting, the AWS elastic beanstalk service does not publish any metrics to Amazon cloudwatch
- the AWS elastic beanstalk health monitoring can determine that the environments auto scaling is available and has a minimum of at least one instance
Which of the following will help you control the incoming traffic to an Amazon EC2 instance
- Network access control list
- route table
- AWS resource group
- security group
- security group
A team manager needs data about the changes that have taken place for AWS resources in his account during the last two weeks. Which AWS service can help get this data?
- Amazon Cloudwatch
- AWS cloudTrail
- Amazon Inspector
- AWS config
- AWS config
By default, which of the following events are logged by AWS cloudTrail
- data events
- AWS cloudTrail insights events
- data events and insights events
- management events
- management events
Which free tool helps to review the state of your workloads and compares them to the latest AWS architectural best practices after you have answered a series of questions about your workload
- AWS well architected tool
- AWS well architected framework
- AWS trusted advisor
- AWS technical account manager
- AWS well architected tool
Which of the following are the security best practices suggested by AWS for identity and access management select two
- When you create IAM policies, the privileges required to perform a task
- Do not share password and want created this and failure of connectivity with the application logic
- share your AWS account root user credentials only if absolutely necessary for performing an important billing operation
- enable AWS multi factor authentication on your AWS root user account. MFA helps give root access to multiple users without actually sharing the root user login credentials
- do not share security credentials between accounts, use IAM roles instead
- do not share security credentials between accounts, use IAM roles instead
- When you create IAM policies, the privileges required to perform a task
Which of the following are the security best practices suggested by AWS for identity and access management select two
- When you create IAM policies, the privileges required to perform a task
- Do not share password and want created this and failure of connectivity with the application logic
- share your AWS account root user credentials only if absolutely necessary for performing an important billing operation
- enable AWS multi factor authentication on your AWS root user account. MFA helps give root access to multiple users without actually sharing the root user login credentials
- do not share security credentials between accounts, use IAM roles instead
- do not share security credentials between accounts, use IAM roles instead
- When you create IAM policies, the privileges required to perform a task
Which of the following statements are true about AWS regions and availability zones select two
- traffic between availability zones is not encrypted by default, but can be configured from AWS console
- a availability zone is a physical location where AWS clusters that data centers
- All traffic between availability zones is encrypted
- AWS calls each group of logical data centers as AWS regions
- each AWS region consists of multiple isolated and physically separated availability zones within a geographic area
- All traffic between availability zones is encrypted
- each AWS region consists of multiple isolated and physically separated availability zones within a geographic area
Which of the following represents the correct scenario where an auto scaling groups predictive scaling can be effectively used to maintain the required number of AWS resources
- to fix number of resources in the auto scaling group
- to help configure a cloud watch Amazon, simple cute service metric like approximate number of messages visible for scaling the group based on the value of the metric
- to manage your workload that exhibits reoccurring patterns that are specific to the day of the week or time of day
- to help configure a scaling policy to keep the average aggregate CPU utilization of your auto scaling group at 40%
- to manage your workload that exhibits reoccurring patterns that are specific to the day of the week or time of day
Club practitioner wants to use CDR block notation one provide in an IP address range which of the following AWS network services/utilities allow this feature select two
- Amazon simple storage service
- AWS lambda
- security group
- Network access control list
- security group
- Network access control list
Which of the following services/Tools offers a friendly graphical user interface manage AWS snowball devices without a need for command line interface or rest API
- AppStream 2.0
- AWS OpsWorks
- AWS OpsHub
- AWD Transfer Family
- AWS OpsHub
A university provides access to AWS services for students to submit their research data for analysis. Universities is looking at the most cost-effective approach for recovering from disasters and can tolerate data loss for a few hours which disaster recovery strategy is well suited for this case?
- pilot light
- warm standby
- multi site active
- Backup and restore
- Backup and restore
Which AWS service allows, you to connect any number of IoT devices to the cloud without requiring you, provision or manage servers
- AWS IoT gateway
- AWS control Tower
- Amazon Connect
- AWS IoT Core
- AWS IoT Core
Healthcare company wants to implement a continuous replication based disaster, recovery mechanism, and provide fast, reliable recovery of physical virtual and cloud-servers into AWS cloud which of the following represents the best fits solution for this use case
- cloudEndure Disaster recovery
- AWS Snowball Edge
- AWS Storage Gateway
- CloudCover Disaster Recovery
- cloudEndure Disaster recovery
Which pillar of AWS Well architected framework focuses on using IT and computing resources efficiently, while considering the right resource types and sizes based on workload requirements
- Operational Excellence Pillar
- Performance Efficiency Pillar
- reliability Pillar
- cost optimization pillar
- Performance Efficiency Pillar
Which of the following statements are true about AWS Elastic Beanstalk? Select two
- it was the elastic beanstalk supports Java, .net, PHP, but does not support docket Webb applications
- AWS elastic beanstalk automates the details of capacity, provisioning load, balancing and application deployment creating an environment that runs a version of your application however, scaling functionality cannot be automated using AWS elastic beanstalk
- AWS elastic beanstalk support Webb applications built on different languages, but AWS elastic beanstalk cannot be used for deploying non-web applications
- With AWS elastic beanstalk, you can quickly deploy and manage applications in the AWS cloud without having to learn about the infrastructure that runs those applications
- there is no underlying charge for AWS elastic in stock. You pay only for the underlying AWS resources that your application consumes.
- With AWS elastic beanstalk, you can quickly deploy and manage applications in the AWS cloud without having to learn about the infrastructure that runs those applications
- there is no underlying charge for AWS elastic in stock. You pay only for the underlying AWS resources that your application consumes.
Which of the following is the least effort way to encrypt data for a WS service only in your AWS account using AWS key management service
- Use AWS that are automatically created in your account for each service
- use AWS owned CMK in the service you wish to use encryption
- create your own customer managed keys in AWS KMS
- use AWS KMS APIs to encrypt data within your own applications by using the AWS encryption SDK
- Use AWS that are automatically created in your account for each service
Wish the following is repository service that helps in maintaining application dependencies via integration with commonly used package, managers and building tools like maven, Gradel and npm., etc.
- AWS codeBuild
- AWS code star
- AWS code commit
- AWS code artifact
- AWS code artifact
A team lead is reviewing the AWS services that could be used in the development workflow for his company which of the following statements are correct regarding the capabilities of these AWS services select three
- each AWS codestar project includes development, tools, including AWS code, pipeline, AWS code, commit AWS code, build, and AWS code deploy, I can be used on their own and with existing AWS applications
- code commit allows you to run bills and tests as part of your AWS code pipeline
- You can use AWS code and AWS cloud nine build and deploy a serverless web application
- AWS is a cloud integrated development environment. I’ll let you write run and bug your code with just a browser.
- AWS codeBuild is directly integrated with both AWS code, pipeline, and AWS code commit
- AWS code pipeline uses Amazon cloud watch events to detect changes in code, commit repositories used as a source for a pipeline
- each AWS codestar project includes development, tools, including AWS code, pipeline, AWS code, commit AWS code, build, and AWS code deploy, I can be used on their own and with existing AWS applications
- You can use AWS code and AWS cloud nine build and deploy a serverless web application
- AWS code pipeline uses Amazon cloud watch events to detect changes in code, commit repositories used as a source for a pipeline
Which of the following points to be considered when choosing a AWS region for a service select two
- the AWS region with high availability index should be considered for your business
- Compliance and residency guidelines of the AWS region should match your business requirements
- the AWS region should have 5G networks to seamlessly access the breath of AWS services in the region
- AWS region chosen should be geographically to the user base that utilizes the hosted AWS service
- the AWS region chosen should have all its availability zones within 100 km radius to keep latency low for hosted applications
- Compliance and residency guidelines of the AWS region should match your business requirements
- AWS region chosen should be geographically to the user base that utilizes the hosted AWS service
Which of the following data sources are used by Amazon detective to analyze defense and identify potential security issues
- Amazon cloud, watch logs, AWS cloud, Trail, and Amazon stored service access logs
- Amazon cloudwatch logs, Amazon VPC flow logs and Amazon guard duty findings
- AWS cloud, Trail logs, Amazon, VPC, flow logs, and Amazon guard duty findings
- Amazon cloud, watch logs, AWS cloud, Trail logs, and Amazon inspector logs
- AWS cloud, Trail logs, Amazon, VPC, flow logs, and Amazon guard duty findings
Which of the following are no SQL database services from AWS select two
- AWS storage Gateway
- Amazon relational database service
- Amazon Neptune
- Amazon document DB
- Amazon Aurora
- Amazon Neptune
- Amazon document DB
Which of the following statements are correct regarding the AWS control tower and service control policies select two
- Service control policies are a type of organization policy that you can use to manage permissions in your organization
- Service control policies can help permissions to accounts in your organization
- AWS control tower helps you deploy a multi account AWS environment, and operate it with day-to-day reminders and recommendations
- service control policies by default affect all the users in the AWS organization they have to be configured to affect. Only the member accounts if needed.
- AWS control tower, AWS native service, providing a predefined set of blueprints and guard to help customers implement a landing zone for new AWS accounts
- AWS control tower, AWS native service, providing a predefined set of blueprints and guard to help customers implement a landing zone for new AWS accounts
- Service control policies are a type of organization policy that you can use to manage permissions in your organization
A company stores all its media files in Amazon simple storage service, which is accessed by an application hosted on Amazon EC2 instances the company wants to convert these media files into formats that users can play back on mobile devices which AWS service/tool helps you achieve this requirement
- AWS glue
- Amazon comprehend
- Amazon, the elastic trans coder
- Amazon transcribe
- Amazon, the elastic trans coder
A gaming company needs to compute and storage devices close to edge locations in order to ensure ultra low latency for and users and devices that connect through mobile networks AWS service is best fit for this requirement
- AWS outpost
- AWS Snowball edge
- AWS wavelength
- AWS snowmobile
- AWS wavelength
A gaming company needs to compute and storage devices close to edge locations in order to ensure ultra low latency for and users and devices that connect through mobile networks AWS service is best fit for this requirement
- AWS outpost
- AWS Snowball edge
- AWS wavelength
- AWS snowmobile
- AWS wavelength
Which of the following statements are correct regarding Amazon API gateway select two
- Amazon API gateway can call AWS lambda function to create the front door of a serverless application
- API gateway can be configured to send data directly to Amazon kinesis data stream
- If an API response is served by the cached data, it is not considered an API call for billing purposes
- Amazon API Gateway create restful API storage gateway creates web socket API
- Amazon AP Gateway does not support APA result caching
- Amazon API gateway can call AWS lambda function to create the front door of a serverless application
- API gateway can be configured to send data directly to Amazon kinesis data stream
Which of the following statements are correct regarding Amazon API gateway select two
- Amazon API gateway can call AWS lambda function to create the front door of a serverless application
- API gateway can be configured to send data directly to Amazon kinesis data stream
- If an API response is served by the cached data, it is not considered an API call for billing purposes
- Amazon API Gateway create restful API storage gateway creates web socket API
- Amazon AP Gateway does not support APA result caching
- Amazon API gateway can call AWS lambda function to create the front door of a serverless application
- API gateway can be configured to send data directly to Amazon kinesis data stream
A manufacturing company is looking at a service that can offer AWS infrastructure, AWS services, API and tools on this on premise data center for running low latency applications which of the following service/tool is best fit for the given requirement
- AWS outpost
- AWS local zones
- AWS wavelength
- AWS Snow family
- AWS outpost
E-commerce application sends out messages to a downstream application whenever an order is created downstream application, application processes, the messages and update to our systems currently to applications directly communicate with each other. Which service will you use to decuple this architecture without any communication loss between the two systems?
- Amazon kinesis data streams
- AWS lambda
- Amazon simple notification service
- Amazon simple queue Service
- Amazon simple queue Service
Which of the following data sources are used by Amazon detective to analyze events and identify potential security issues
- Amazon cloudwatch logs, Amazon cloud, Trail logs, and simple Amazon storage service access logs
- Amazon cloudwatch logs, AWS cloud, Trail logs, and Amazon inspector logs
- Amazon cloudwatch logs, Amazon, VPC flow and Amazon duty findings
- AWS cloudTrail logs, Amazon, VPC, flow logs, and Amazon guard duty findings
- AWS cloudTrail logs, Amazon, VPC, flow logs, and Amazon guard duty findings
Which of the following data sources are used by Amazon detective to analyze events and identify potential security issues
- Amazon cloudwatch logs, Amazon cloud, Trail logs, and simple Amazon storage service access logs
- Amazon cloudwatch blogs, AWS cloud, Trail logs, and Amazon inspector logs
- Amazon cloudwatch logs, Amazon, VPC flow and Amazon duty findings
- AWS cloudTrail logs, Amazon, VPC, flow logs, and Amazon guard duty findings
- AWS cloudTrail logs, Amazon, VPC, flow logs, and Amazon guard duty findings
Historically, IT department had over provision for peak demand, IT professionals, neighboring this legacy mindset to the table when they build their cloud infrastructure leading to over provision resources and unnecessary costs, right sizing of resources is necessary to reduce infrastructure costs, while still using cloud functionality optimally, which feature of the AWS cloud refers to sizing the resources
- resiliency
- horizontal scaling
- reliability
- elasticity
- elasticity
Which of the following will help you control the incoming traffic to an Amazon EC2 instance
- security group
- Route table
- Network access control list
- AWS resource group
- security group
A security group has been changed in an AWS account and the manager of the account asked you to find the details of the user changed it as a cloud practitioner which AWS service will you use to fetch the necessary information?
- AWS cloud Trail
- AWS trusted advisor
- Amazon inspector
- AWS x-ray
- AWS cloud Trail
Which member of the AWS Snow family is used by the edge computing applications for IOT use cases for facilitating the collection and processing of data to gain immediate insight and transfer data to AWS
- AWS Snowball edge storage optimized
- AWS snowmobile
- AWS snow posts
- AWS snowcone
- AWS snowcone
Which feature/functionality will help you organize your AWS resources manage and automate tasks on large numbers of resources at a time
- AWS organizations
- AWS resource groups
- Amazon workspaces
- tags
- AWS resource groups
As a cloud practitioner, which of the following credentials would you recommend for signing into the AWS management Council to meet security best practices? Select two
- X.509 certificate
-Access key ID
- IAM username and password
- multifactor authentication
- Secret access key
- IAM username and password
- multifactor authentication
Which of the following statements are correct regarding API gateway select two
- if an api response is served by the cash data is not considered an API call for billing purposes
- Amazon API gateway creates stressful API storage gateway creates web socket API
- Amazon api Gateway does not support API result caching
- amazon api gateway can call a AWS lambda function to create the front door of a serverless application
- api gateway can be configured to send data directly to Amazon kinesis data stream
- amazon api gateway can call a AWS lambda function to create the front door of a serverless application
- api gateway can be configured to send data directly to Amazon kinesis data stream
Which of the following statements are correct regarding API gateway select two
- if an api response is served by the cash data is not considered an API call for billing purposes
- Amazon API gateway creates stressful API storage gateway creates web socket API
- Amazon api Gateway does not support API result caching
- amazon api gateway can call a AWS lambda function to create the front door of a serverless application
- api gateway can be configured to send data directly to Amazon kinesis data stream
- amazon api gateway can call a AWS lambda function to create the front door of a serverless application
- api gateway can be configured to send data directly to Amazon kinesis data stream
Which of the following are no SQL services from AWS select two
- Amazon document DB
- Amazon Aurora
- Amazon relational database service
- amazon Neptune
- AWS storage Gateway
- Amazon document DB
- amazon Neptune
Which AWS serverless service allows you to prepare data for analytics
- Amazon Athena
- Amazon EMR
- AWS Glue
- Amazon Redshift
- AWS Glue
Which of the following are best practices when using AWS Organizations? Select two
- never use tags for billing
- do not use AWS organizations to automate AWS account creation
- create AWS accounts per department
- restrict account privileges using Service Control Policies
- disable AWS CloudTrail on several accounts
- create AWS accounts per department
- restrict account privileges using Service Control Policies
A company is planning to implement chaos engineering to expose any Blindspot that can disrupt the resiliency of the application which AWS service will help implement this requirement with the least effort
- AWS trusted advisor
- Amazon inspector
- Amazon guard duty
- AWS fault injection simulator
- AWS fault injection simulator
Which of the following billing time frames is applied on running a windows EC2 on demand instance
- Pay per minute
- Pay per day
- Pay per hour
- Pay per second
- Pay per second
Which of the following billing time frames is applied on running a windows EC2 on demand instance
- Pay per minute
- Pay per day
- Pay per hour
- Pay per second
- Pay per second
The development team at a company manages 300 micros services and it is now trying to automate the code reviews to improve the code quality which tool/service is the right fit for this requirement
- AWS x-ray
- AWS trusted advisor
- AWS code build
- Amazon code guru
- Amazon code guru
He started up, would like to monitor its cost on the AWS cloud and would like to choose an optimal savings plan as a cloud practitioner which AWS service would you use?
- AWS cost explorer
- AWS pricing calculator
- AWS cost, and usage report
- AWS budgets
- AWS cost explorer
Which AWS service allows you to quickly and easily add user sign-up sign in and access control to Web and mobile applications
- AWS organizations
- AWS identity and access management
- AWS IAM identity center
- Amazon incognito
- Amazon incognito
A practitioner would like to get operational insights of its resources to quickly identify any issues that might impact applications using those resources which AWS service can help with this task
- AWS health dashboard - your account health
- Amazon inspector
- AWS systems manager
- AWS trusted advisor
- AWS systems manager
A production company would like to establish an aws managed virtual private network service between its on premises network and aws. Which item needs to be setup on the company’s side?
- a VPC endpoint interface
- a customer gateway
- a virtual private gateway
- a security group
- a customer gateway
According to the aws shared responsibility model, which of the following is both the responsibility of aws and the customer select two
- operating system configuration
- data center security
- configuration management
- customer data
- disposal of disk drives
- operating system configuration
- configuration management
According to the AWS shared responsibility model, which of the following is the responsibility of the customer
- edge locations security
- protecting hardware infrastructure
- firewall & network configuration of Amazon elastic compute cloud
- managing Amazon DynamoDB
- firewall & network configuration of Amazon elastic compute cloud
Which AWS services/features support High availability by default? Select two
- Amazon DynamoDB
- Amazon Elastic Block Store
- Instance Store
- subnet
- Amazon elastic file system
- Amazon DynamoDB
- Amazon elastic file system
AWS trusted advisor analyzes your AWS environment and provides best practice recommendations for which of the following categories? Select two
- documentation
- change Management
- cost optimization
- elasticity
- service limits
- cost optimization
- service limits
Which of the following AWS services are regional in scope? Select two
- Amazon Rekognition
- AWS Identity and Access Management
- AWS Lambda
- Amazon Cloudfront
- AWS Web Application Firewall
- Amazon Rekognition
- AWS Lambda
Which of the following AWS services support reservations to optimize costs select three
- Amazon relational database service
- Amazon red shift
- Amazon elastic compute cloud
- Amazon open search service
- Amazon ElastiCache
- amazon dynamo DB
- Amazon relational database service
- Amazon elastic compute cloud
- amazon dynamo DB
Epic data analytics company is moving its IT infrastructure to an on premise center to AWS cloud the company has some server bound software licenses that it wants to use on AWS which of the following EC2 instance types would allow the company to use is existing software bound software licenses
- on demand instance
- dedicated host
- reserved instance
- dedicated instance
- dedicated host
A company uses reserved EC2 instances across multiple units each with its own AWS account some units under utilize their reserved instances while other units need more reserved instances as a cloud practitioner. What is the most optimal solution to share reserved EC2 instances among all units
- AWS cost explorer
- AWS trusted advisor
- AWS systems manager
- AWS organizations
- AWS organizations
Which of the following AWS cloud storage services allow you to store and retrieve any amount of data from anywhere select two
- Amazon elastic compute cloud
- Amazon simple notification service
- amazon dynamo DB
- Amazon simple storage service
- Amazon elastic file system
- Amazon simple storage service
- Amazon elastic file system
Which AWS services can be used to facilitate organizational change management part of the reliability pillar of the AWS well architected framework select three
- Amazon inspector
- AWS cloud Trail
- AWS systems manager change manager
- AWS guard duty
- Amazon cloud watch
- AWS config
- AWS cloud Trail
- AWS systems manager change manager
- Amazon cloud watch
Which of the following statements describes the availability zone specific characteristics of Amazon elastic block store and Amazon elastic file system storage types
- Amazon EBS volumes can only be attached to a single instance in a single AZ and Amazon EFS file systems can only be mounted on instances in a single AZ
- Amazon EBS volumes can be attached to multiple instances in multiple AZ but Amazon EFS file systems can be mounted on instances in multiple AZ
- Amazon EPS volumes can be attached to multiple instances in multiple AZ but Amazon EFS file systems can only be mounted on instances of a single AZ
- Amazon EBS volumes can be attached to multiple instances of a single AZ but Amazon EFS file systems can only be mounted on a single instance in a single AZ 
- Amazon EBS volumes can be attached to multiple instances in multiple AZ but Amazon EFS file systems can be mounted on instances in multiple AZ
Which of the following is not a benefit of using AWS managed services such as Amazon relational database service
- AWS automatically manages database back up
- AWS managed. RDS instances typically have better performance than customer managed database instances.
- AWS takes care of patching the underlying OS
- customers can avoid the need to optimize database instance type and size
- customers can avoid the need to optimize database instance type and size
