Cloud Partitioner Test 2

Question 1

Which of the following provides software solutions that are either hosted on or integrated with the AWS platform which may include Independent Software Vendors (ISVs), SaaS, PaaS, developer tools, management, and security vendors?

a.Technical Account Management
b.Concierge Support
c.AWS Partner Network Technology Partners
d.AWS Partner Network Consulting Partners

Answer 1

c.AWS Partner Network Technology Partners

Question 2

In AWS, which of the following is a design principle that you should implement when designing your cloud architecture?

a.Utilize free or open-source software
b.Use multiple Availability Zones
c.Always use large servers to anticipate increase usage
d.Tightly couple your components

Answer 2

b.Use multiple Availability Zones

Question 3

In Amazon EC2, which pricing construct adjusts its price based on supply and demand of EC2 instances?

a.On-Demand Instance
b.Spot Instance
c.Standard Reserved Instance
d.Convertible Reserved Instance

Answer 3

b.Spot Instance

Question 4

Which service does AWS use to notify you when AWS is experiencing events that may impact you?

a.AWS Health
b.Amazon CloudWatch
c.AWS Support Center
d.Amazon SNS

Answer 4

a.AWS Health

Question 5

Which service would you use to speed up content delivery to your customers?

a.Amazon CloudWatch
b.Amazon CloudFront
c.AWS CloudTrail
d.Amazon S3 Transfer Acceleration

Answer 5

b.Amazon CloudFront

Question 6

A company plans to migrate their on-premises MySQL database to Amazon RDS. Which AWS service should they use for this task?

a.AWS Glue
b.AWS Database Migration Service (AWS DMS)
c.AWS Schema Conversion Tool (AWS SCT)
d.AWS Server Migration Service

Answer 6

b.AWS Database Migration Service (AWS DMS)

Question 7

Which of the following is a fully managed database in AWS that can be used to store JSON documents?

a.Amazon ElastiCache
b.Amazon Redshift
c.Amazon Aurora
d.Amazon DynamoDB

Answer 7

d.Amazon DynamoDB

Question 8

Which of the following are defined as global services in AWS? (Select TWO.)

a.Amazon CloudFront
b.AWS Batch
c.Amazon RDS
d.Amazon DynamoDB
e.AWS Identity and Access Management

Answer 8

a.Amazon CloudFront
e.AWS Identity and Access Management

Question 9

Which of the following is best suited for load balancing Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLS) traffic and has the capability of handling millions of requests per second while maintaining ultra-low latencies?

a.Network Load Balancer
b.None of the above
c.Gateway Load Balancer
d.Application Load Balancer

Answer 9

a.Network Load Balancer

Question 10

__________ lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.

a.Amazon WorkSpaces
b.Amazon Lightsail
c.Amazon VPC
d.Virtual Private Gateway

Answer 10

c.Amazon VPC

Question 11

A leading company wants to ensure that its cloud services are consistently delivered at the agreed-upon level of its business stakeholders. The company is considering using the AWS Cloud Adoption Framework (AWS CAF) to guide its cloud operations.

Which capabilities within the AWS CAF’s Operations perspective would be most helpful for the company?

a.Identity and Access Management
b.Modern Application Development
c.Performance and Capacity Management
d.Program and Project Management

Answer 11

c.Performance and Capacity Management

Question 12

Which service allows you to add powerful visual analysis feature to your applications that enables you to search, verify, and organize millions of images?

a.Amazon Rekognition
b.Amazon CloudSearch
c.Amazon SageMaker
d.Amazon Macie

Answer 12

a.Amazon Rekognition

Question 13

A customer needs to establish a dedicated connection between their on-premises network and their AWS VPC that provides a more consistent network experience than Internet-based connections. Which of the following network services should they use?

a.VPN Connection
b.AWS Direct Connect
c.AWS VPN CloudHub
d.VPC Peering

Answer 13

b.AWS Direct Connect

Question 14

Which is a machine learning-powered security service that discovers, classifies, and protects sensitive data such as personally identifiable information (PII) or intellectual property?

a.Amazon GuardDuty
b.Amazon Rekognition
c.Amazon Macie
d.Amazon Cognito

Answer 14

c.Amazon Macie

Question 15

A startup wants to move its on-premises infrastructure to AWS. The IT Security team wants to protect all of the applications against unintended and unauthorized access as well as potential vulnerabilities.

Which of the following capability of AWS CAF’s Security perspective would be most relevant to address this concern?

a.Data Protection
b.Threat Detection
c.Identity and Access Management
d.Infrastructure Protection

Answer 15

d.Infrastructure Protection

Question 16

Which of the following are the characteristics of Amazon EC2 Convertible Reserved Instances? (Select TWO.)

a.Allows the change of instance family, operating system, tenancy, and payment option
b.Provides the most significant discount of the RI types and are best suited for steady-state usage
c.Has the capability to change the attributes of the RI as long as the exchange results in the creation of Reserved Instances of equal or greater value
d.Allows you to match your capacity reservation to a predictable recurring schedule that only requires a fraction of a day, a week, or a month

Answer 16

a.Allows the change of instance family, operating system, tenancy, and payment option
c.Has the capability to change the attributes of the RI as long as the exchange results in the creation of Reserved Instances of equal or greater value

Question 17

A customer has a number of on-demand instances running simultaneously to serve customer transactions. Occasionally, most of these instances do not perform any tasks when demand is low. What is a good cost optimization strategy to implement for this case?

a.Use spot instances instead of on-demand instances
b.Create a script that would automatically shut down an instance when utilization is low
c.Implement an auto scaling group to control the number of running instances at a time
d.Scale up the instances to a higher instance type to reduce the number of running instances at a time

Answer 17

c.Implement an auto scaling group to control the number of running instances at a time

Question 18

Which of the following will allow you to create a data warehouse in AWS for your business intelligence needs?

a. Amazon RDS
b. Amazon DynamoDB
c. Amazon Redshift
d.Amazon S3

Answer 18

c. Amazon Redshift

Question 19

Which of the following services are part of the AWS serverless platform that does not require provisioning, maintaining, and administering servers for backend components? (Select TWO.)

a.Amazon ElastiCache
b.Amazon API Gateway
c.Amazon EMR
d.Amazon OpenSearch
e.Lambda@Edge

Answer 19

b.Amazon API Gateway
e.Lambda@Edge

Question 20

Which of the following is the benefit of using Amazon Relational Database Service (Amazon RDS) over traditional database management?

a.Automatically apply both client-side and server-side encryption to your data by default
b.Automatically scales up the instance type of your RDS cluster based on demand
c.It is five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases
d.Lower administrative burden through automatic software patching and maintenance of the underlying operating system

Answer 20

d.Lower administrative burden through automatic software patching and maintenance of the underlying operating system

Question 21

In the AWS Shared Responsibility Model, whose responsibility is it to patch the host operating system of an Amazon EC2 instance?

a.Both AWS and the customer
b.Customer
c.AWS
d.Neither AWS nor the customer

Answer 21

c.AWS

Question 22

What is the most secure way to provide applications temporary access to your AWS resources?

a.-Create an IAM role and have the application assume the role
b.Create an IAM group that has access to the resources, and add the application there
c.Create an IAM policy that allows the application to access the resources, and attach the policy to the application
d.Create an IAM user with access keys and assign it to the application

Answer 22

a.-Create an IAM role and have the application assume the role

Question 23

A space agency is using Amazon S3 to store their high-resolution satellite images and videos everyday. Which of the following should they do to minimize the upload time?

a.Upload the images and videos using the BatchWriteItem API
b.Use the Multipart upload API
c.Shift to S3 Intelligent-Tiering storage class
d.Enable Cross-Origin Resource Sharing (CORS)

Answer 23

b.Use the Multipart upload API

Question 24

A customer in North Virginia, USA is doing some drone work and collecting environmental data. Which of the following services allows him to easily obtain terabytes of data storage for use in a space-constrained environment and allows him to transfer these data to AWS?

a.AWS Snowmobile
b.AWS Snowcone
c.AWS Data Pipeline
d.AWS Transit Gateway

Answer 24

b.AWS Snowcone

Question 25

What services will help you create a highly available and scalable web app in the cloud? (Select TWO.)

a.Amazon CloudFront
b.Amazon EC2 Auto Scaling
c.AWS ELB
d.Amazon CloudWatch
e.Amazon AppStream 2.0

Answer 25

b.Amazon EC2 Auto Scaling
c.AWS ELB

Question 26

Which of the following is the most cost-effective payment option when you purchase either a Standard or Convertible Reserved Instance for a 1-year term?

a.No Upfront
b.Partial Upfront
c.All Upfront
d.Deferred

Answer 26

c.All Upfront

Question 27

Which of the following is a data transport solution that accelerates moving terabytes to petabytes of data into and out of AWS using appliances with on-board storage and compute capabilities?

a.Lambda@Edge
b.AWS Snowball Edge
c.AWS Snowcone
d.AWS Snowmobile

Answer 27

b.AWS Snowball Edge

Question 28

Which of the following should you use to automatically transfer your infrequently accessed data in your S3 bucket to a more cost-effective storage class?

a.AWS Storage Gateway
b.Amazon S3 access control list
c.AWS Transfer Family
d.Amazon S3 Lifecycle Policy

Answer 28

d.Amazon S3 Lifecycle Policy

Question 29

A customer is building a cloud architecture in AWS which should scale horizontally or vertically in order to automatically adjust capacity and maintain steady, predictable performance at the lowest possible cost. Which of the following statements are true regarding horizontal and vertical scaling? (Select TWO.)

a.Upgrading to a higher EC2 instance type and adding more EC2 instances to your resource pool are both examples of Horizontal Scaling
b.Adding more EC2 instances to your resource pool is an example of Vertical Scaling
c.Upgrading to a higher EC2 instance type is an example of Horizontal Scaling
d.Adding more EC2 instances to your resource pool is an example of Horizontal Scaling
e.Upgrading to a higher EC2 instance type is an example of Vertical Scaling

Answer 29

d.Adding more EC2 instances to your resource pool is an example of Horizontal Scaling
e.Upgrading to a higher EC2 instance type is an example of Vertical Scaling

Question 30

Which of the following statements accurately describes the AWS Shared Responsibility model?

a.AWS is responsible for securing the physical infrastructure of the cloud, applications, and data in the cloud, while customers are only responsible for managing the access and identity of their users.
b.AWS is responsible for securing the physical infrastructure of the cloud, while customers are responsible for securing their applications and data in the cloud.
c.Both AWS and customers are equally responsible for securing the physical infrastructure of the cloud, applications, and data in the cloud.
d.Customers are responsible for securing the physical infrastructure of the cloud, while AWS is responsible for securing their applications and data in the cloud.

Answer 30

b.AWS is responsible for securing the physical infrastructure of the cloud, while customers are responsible for securing their applications and data in the cloud.

Question 31

Which of the following AWS Cost Management tools enable you to forecast future costs and usage of your AWS resources based on your past consumption?

a.AWS Cost and Usage report
b.Amazon Forecast
c.AWS Pricing Calculator
d.Cost Explorer

Answer 31

d.Cost Explorer

Question 32

A website is experiencing varying levels of traffic throughout the day and is not fully consuming server capacity all the time. Which advantage does AWS Cloud provide over traditional data centers when it comes to handling traffic load?

a.Quick capacity provisioning
b.High Availability
c.Elasticity
d.Durability

Answer 32

c.Elasticity

Question 33

Which of the following is typically used to secure your VPC subnets?

a.Network ACL
b.AWS Config
c.Security Group
d.AWS IAM

Answer 33

a.Network ACL

Question 34

Which among the services below can you use to test and troubleshoot IAM and resource-based policies?

a.IAM Policy Simulator
b.Amazon Inspector
c.AWS Config
d.Systems Manager

Answer 34

a.IAM Policy Simulator

Question 35

A customer needs to retrieve the instance ID, instance profile permissions, and kernel information of their EC2 instance for an app that is running within the same instance. Where can the customer find this information?

a.Resource tag
b.Instance metadata
c.Amazon Machine Image
d.Instance user data

Answer 35

b.Instance metadata

Question 36

A company wants to launch a Microsoft SQL Server database in AWS. The database instance should only be managed by the company’s DBA and must be accessible via RDP. A standard license for SQL Server is required but the company is not yet sure how much CPU and memory to allocate to the database.

Which option gives the most convenience and flexibility to determine the best database size while still being cost-effective?

a.Launch an EC2 instance and install MS SQL Server. Purchase a Standard MSSQL license from Microsoft and apply it to the database you installed.

b.Launch an Amazon Aurora database that runs MS SQL Server. Buy a Standard MSSQL license from the AWS License Manager service.

c.Use a Windows Server with SQL Server Standard bundled AMI so you won’t need to buy and manage your own license.

d.Launch an RDS instance that runs MS SQL Server Standard. Purchase a Standard MSSQL license and store it in the AWS Managed Services (AMS).

Answer 36

c.Use a Windows Server with SQL Server Standard bundled AMI so you won’t need to buy and manage your own license.

Question 37

Which of the following actions will AWS charge you for?

a.Provisioning elastic IPs and attaching them to running EC2 instances
b.Transfer of EC2 files between two AWS Regions
c.Setting up additional VPCs in your account
d.Network charges for the transfer of data from your data center to S3 through a VPN

Answer 37

b.Transfer of EC2 files between two AWS Regions

Question 38

Which of the following is true regarding the Business support plan in AWS?

a.Provides a 15-minute response time support if your production system goes down
b.Provides a 15-minute response time support if your business-critical system goes down
c.Provides a 1-hour response time support if your production system got impaired
d.Provides a 1-hour response time support if your production system goes down

Answer 38

d.Provides a 1-hour response time support if your production system goes down

Question 39

In compliance with the Sarbanes-Oxley Act (SOX) federal law, a US-based company is required to provide SOC 1 and SOC 2 reports of their cloud resources. Where are these AWS compliance documents located?

a.AWS GovCloud
b.AWS Certificate Manager
c.AWS Organizations
d.AWS Artifact

Answer 39

d.AWS Artifact

Question 40

Which of the following should you use if you need to provide temporary AWS credentials for users who have been authenticated via their social media logins as well as for guest users who do not require any authentication?

a.AWS Single Sign-On
b.Amazon Cognito Identity Pool
c.AWS AppSync
d.Amazon Cognito User Pool

Answer 40

b.Amazon Cognito Identity Pool

Question 41

Which of the folllowing is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads?

a.Amazon Macie
b.AWS Shield
c.Amazon GuardDuty
d.AWS WAF

Answer 41

c.Amazon GuardDuty

Question 42

A company needs to troubleshoot an issue on their serverless application which is composed of an API Gateway, Lambda function, and a DynamoDB database. Which service should they use to trace user requests as they travel through their entire application?

a.AWS X-Ray
b.AWS CloudTrail
c.Amazon Inspector
d.Amazon CloudWatch

Answer 42

a.AWS X-Ray

Question 43

Which of the following cloud design principles supports growth in users, traffic, or data size with no drop-in performance?

a.Scalability
b.Design for failure
c.Decouple your components
d.Go Serverless to reduce compute footprint

Answer 43

a.Scalability

Question 44

Which of the following is the most cost-effective instance purchasing option for hosting an application which will run non-interruptible workloads for a period of three years?

a.Amazon EC2 Spot Instances
b.Amazon EC2 On-Demand Instances
c.Amazon EC2 Standard Reserved Instances
d.Amazon EC2 Convertible Reserved Instances

Answer 44

c.Amazon EC2 Standard Reserved Instances

Question 45

Which of the following cloud best practices reinforces the use of the Service-Oriented Architecture (SOA) design principle?

a.Decouple your components.
b.Design for failure.
c.Implement elasticity.
d.Think parallel.

Answer 45

a.Decouple your components.

Question 46

A manufacturing company has multiple AWS accounts for various departments. As the company grows, they are experiencing an increase in its AWS costs and want to optimize its expenses by taking advantage of any available discounts.

Which of the following actions below will allow you to take advantage of volume discounts in AWS?

a.Move all of your AWS resources from multiple accounts to a single global account.
b.Upgrade to an AWS Enterprise support plan.
c.Use AWS Organizations and enable the consolidated billing feature.
d.Opt for an All upfront Convertible Reserved Instance pricing for a 3-year term.

Answer 46

c.Use AWS Organizations and enable the consolidated billing feature.

Question 47

Which of the following policies grant the necessary permissions required to access your Amazon S3 resources? (Select TWO.)

a.User policies
b.Object policies
c.Bucket policies
d.Network access control policies
e.Routing policies

Answer 47

a.User policies
c.Bucket policies

Question 48

Which of the following is a valid characteristic of an IAM Group?

a.Groups can be nested.
b.A group can contain many users, and a user can belong to multiple groups.
c.There’s no limit to the number of groups you can have.
d.There is a default group that automatically includes all users in the AWS account.

Answer 48

b.A group can contain many users, and a user can belong to multiple groups.

Question 49

Which of the following is used to enable instances in the public subnet to connect to the public Internet?

a.Internet Gateway
b.NAT instance
c.API Gateway
d.NAT Gateway

Answer 49

a.Internet Gateway

Question 50

You are permitted to conduct security assessments and penetration testing without prior approval against which AWS resources? (Select TWO.)

a.Amazon RDS
b.Amazon S3
c.Amazon Aurora
d.AWS Security Token Service (STS)
e.AWS Identity and Access Management (IAM)

Answer 50

a.Amazon RDS
c.Amazon Aurora

Question 51

A new AWS customer needs to deploy up to 100 t3a.large EC2 instances on their recently launched VPC, which is way beyond the default service limit. What should they do so they can launch their additional instances?

a.Create a case in the AWS Support Center page and request a service limit increase.
b.Use AWS Trusted Advisor to increase the default service limits for EC2 instances.
c.Do nothing. You can directly launch 100 t3a.large EC2 instances at the same time since AWS will automatically increase your service limit for you.
d.Enable Enhanced Networking.

Answer 51

a.Create a case in the AWS Support Center page and request a service limit increase.

Question 52

Which of the following is not required when launching an EBS-backed EC2 instance?

a.Elastic IP address
b.EBS Root volume
c.Security group
d.VPC and subnet specification

Answer 52

a.Elastic IP address

Question 53

Which of the following AWS service enables customers to analyze, investigate, and identify the root cause of potential security issues or suspicious activities in their AWS environment?

a.AWS Security Hub
b.Amazon Detective
c.Amazon GuardDuty
d.Amazon Inspector

Answer 53

b.Amazon Detective

Question 54

Which of the following are the best practices that can help secure your AWS resources using the AWS Identity and Access Management (IAM) service? (Select TWO.)

a.Lock away your AWS account root user access keys.
b.Use Bastion Hosts.
c.Use Inline Policies instead of Customer Managed Policies.
d.Grant least privilege.
e.Grant most privilege.

Answer 54

a.Lock away your AWS account root user access keys.
d.Grant least privilege.

Question 55

When a company uses AWS and decouple from their on-premises data center, they will be able to have which of the following benefits? (Select TWO.)

a.Massive discounts for bare metal servers from Amazon.com.
b.Decrease your TCO.
c.Deferred payments to their operational expenditures.
d.Replace low variable costs with upfront capital expenses (CAPEX).
e.Reduce time to market.

Answer 55

b.Decrease your TCO.
e.Reduce time to market.

Question 56

Which of the following tasks fall under the sole responsibility of AWS based on the shared responsibility model?

a.Implementing IAM policies
b.Physical and environmental controls
c.Patch Management
d.Applying Amazon S3 bucket policies

Answer 56

b.Physical and environmental controls

Question 57

Which is a fully-managed source control service that allows you to host Git-based repositories and enable code collaboration for your team via pull requests, branching, and merging?

a.AWS CodeCommit
b.AWS CodeBuild
c.AWS CodeStar
d.AWS CodeDeploy

Answer 57

a.AWS CodeCommit

Question 58

Which AWS service is commonly used for streaming data in real-time?

a.Amazon EMR
b.Amazon OpenSearch Service
c.Amazon Data Pipeline
d.Amazon Kinesis

Answer 58

d.Amazon Kinesis

Question 59

A customer currently has a Basic support plan and they are planning to use the Infrastructure Event Management, Well-Architected Reviews and Operations Reviews features in AWS. What should they do in order to access these features in the most cost-effective manner?

a.None since these features are already included in their Basic support plan.
b.Upgrade to Developer support plan.
c.Upgrade to Business support plan.
d.Upgrade to Enterprise support plan.

Answer 59

d.Upgrade to Enterprise support plan.

Question 60

An insurance company plans to use AWS to visually create, run, and monitor ETL workflows. Which of the following services would you recommend?

a.AWS Storage Gateway
b.Amazon Athena
c.Amazon QuickSight Q
d.AWS Glue Studio

Answer 60

d.AWS Glue Studio

Question 61

What is the best type of instance purchasing option to choose if you will run an EC2 instance for 3 months to perform a job that is uninterruptible?

a.Reserved
b.Spot
c.Dedicated
d. On-Demand

Answer 61

d. On-Demand

Question 62

The IT Security team of your company needs to conduct a vulnerability analysis on your application servers to ensure that the EC2 instances comply with the annual security IT audit. You need to set up an automated security assessment service to improve the security and compliance of your applications. The solution should automatically assess applications for exposure, vulnerabilities, and deviations from the AWS best practices.

Which of the following options would you implement to satisfy this requirement?

a.AWS Inspector
b.AWS WAF
c.Amazon CloudFront
d.AWS Snowball

Answer 62

a.AWS Inspector

Question 63

There is an incident with your team where an S3 object was deleted using an account without the owner’s knowledge. What can be done to prevent unauthorized deletion of your S3 objects?

a.Set your S3 buckets to private so that objects are not publicly readable/writable
b.Configure MFA delete on the S3 bucket.
c.Create access control policies so that only you can perform S3-related actions
d.Set up stricter IAM policies that will prevent users from deleting S3 objects

Answer 63

b.Configure MFA delete on the S3 bucket.

Question 64

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)

a.Scalability
b.High Availability
c.Performance Efficiency
d.Agility
e.Sustainability

Answer 64

c.Performance Efficiency
e.Sustainability

Question 65

Which of the following is one of the benefits of migrating your systems from an on-premises data center to AWS Cloud?

a.Eliminates the need for the customer to implement client-side or service-side encryption for their data
b.Enables the customer to eliminate high IT infrastructure costs since cloud computing is absolutely free
c.Completely eliminates the administrative overhead of patching the guest operating system of their EC2 instances
d.Enables the customer to focus on business activities rather than on the heavy lifting of racking, stacking, and powering servers

Answer 65

d.Enables the customer to focus on business activities rather than on the heavy lifting of racking, stacking, and powering servers