Cloud Practitioner

Question 1

What term describes the on-demand delivery of compute power, database, storage, applications, and other IT resources through a online provider platform?

A. Load balancing
B. Microservices
C. Cloud computing
D. Service level agreements

Answer 1

C. Cloud computing

Question 2

What cloud service type offers the basic components for cloud information technology by giving the consumer access to networking infrastructure, virtual or dedicated server computing, and
data storage space?

A. Business as a service
B. Platform as a service
C. Software as a service
D. Infrastructure as a service

Answer 2

D. Infrastructure as a service

Question 3

What is a method for connecting infrastructure and applications between AWS Cloud-based resources and other resources that reside on-site or at a co-location site?

A. Hybrid deployment
B. Cloud-based deployment
C. On-premises deployment
D. Private cloud deployment

Answer 3

A. Hybrid deployment

Question 4

Which two of these offerings represent core AWS services?

A. Machine Learning
B. Containers
C. IoT
D. Storage
E. Compute

Answer 4

D. Storage
E. Compute

Question 5

Which two of these statements represents the agility and flexibility value proposition of AWS?

A. Supports green initiatives and lower utility costs
B. Leveraging for rapid deployment, testing, experimentation, and innovation
C. Taking advantage of multiple availability zones
D. Responding to competitors and new technologies
E. Cheaper maintenance and upgrades

Answer 5

B. Leveraging for rapid deployment, testing, experimentation, and innovation
D. Responding to competitors and new technologies

Question 6

What service is most closely aligned to the elasticity value proposition at AWS?

A. Serverless computing
B. Auto-scaling
C. Elastic load balancing
D. Containers

Answer 6

B. Auto-scaling

Question 7

What is the most important value proposition for most AWS customers?

A. Agility
B. Security
C. Elasticity
D. Cost

Answer 7

D. Cost

Question 8

Which of these is NOT a part of the AWS security triad?

A. Identity and Access Management (IAM)
B. Content Delivery Networking (CDN)
C. Key Management Service (KMS)
D. Infrastructure security

Answer 8

B. Content Delivery Networking (CDN)

Question 9

Fill in the blank.
Organizations deploy more _____________ on AWS.

A. Mission-critical workloads
B. Agile developers
C. Blob storage
D. Disaster recovery solutions

Answer 9

A. Mission-critical workloads

Question 10

Which of these is NOT a part of the free-tier model?

A. Always free
B. Free trials
C. 12 Months Free
D. Basic support plan

Answer 10

D. Basic support plan

Question 11

What is the new name of the traditional AWS TCO Calculator?

A. Trusted Advisor
B. AWS Shield
C. AWS Pricing Calculator
D. Estimate Exports

Answer 11

C. AWS Pricing Calculator

Question 12

What is a console-based, on-demand self-service auditing object retrieval service that offers
quick and easy access to AWS compliance documentation and agreements?

A. VPC
B. EC2
C. Artifact
D. CSA

Answer 12

C. Artifact

Question 13

Which CSA level deals with STAR Self-assessment?

A. Level 1
B. Level 2
C. Level 3
D. Level 4

Answer 13

A. Level 1

Question 14

What is a repository of frequently used resources and processes needed to perform compliance responsibilities on AWS?

A. Artifact
B. AWS Inspector
C. Compliance Solutions Guide
D. GuardDuty

Answer 14

C. Compliance Solutions Guide

Question 15

Which of these statements is true regarding Network ACLs?

A. They are stateful
B. They apply to elastic network interfaces
C. They can contain deny rules
D. They apply to inbound traffic only

Answer 15

C. They can contain deny rules

Question 16

. What is a form of stateful firewall that is applied directly to an instance in an outbound and inbound direction?

A. NACL
B. WAF
C. Shield
D. Security Group

Answer 16

D. Security Group

Question 17

What AWS security service lets you control and monitor the HTTP and HTTPS requests forwarded to Amazon CloudFront (CDN), Application Elastic Load Balancer (ELB), or API Gateway?

A. NACL
B. WAF
C. Shield
D. Security Group

Answer 17

B. WAF

Question 18

Which of these statements represents a feature specific to AWS Shield Advanced and not Shield Standard?

A. 24x7 DDoS response team (DRT) assistance
B. Basic protection against common DoS floods and exploits
C. Combined with NACLs, SGs, and WAF for layered defense
D. DoS and common DDoS protection provided at no extra cost

Answer 18

A. 24x7 DDoS response team (DRT) assistance

Question 19

What is an automated security assessment service that enhances security and compliance of applications running on AWS by evaluating applications for vulnerabilities and nonconformity
with best practices?

A. Amazon GuardDuty
B. Amazon Inspector
C. Amazon Macie
D. AWS Shield

Answer 19

B. Amazon Inspector

Question 20

What AWS security service monitors flow logs, CloudTrail, S3 data events, and DNS log activities for advanced threat management?

A. Amazon GuardDuty
B. Amazon Inspector
C. Amazon Macie
D. AWS Shield

Answer 20

A. Amazon GuardDuty

Question 21

What type of encryption does AWS KMS use to protect an Elastic Block Store volume or S3 bucket?

A. 3DES
B. SSH2
C. SHA2
D. AES-256

Answer 21

D. AES-256

Question 22

Which t2 instance type of the Amazon Linux 2 AMI (HVM), SSD Volume Type is part of the freetier model?

A. t2.nano
B. t2.micro
C. t2.small
D. t2.medium

Answer 22

B. t2.micro

Question 23

What AWS EC2 feature allows you to automate instance launches, simplify permission policies, and enforce best practices across your organization?

A. Amazon Machine Images
B. AWS Marketplace
C. Auto-scaling
D. Launch templates

Answer 23

D. Launch templates

Question 24

What type of elastic load balancer is used for HTTP and HTTPS traffic as well as hosting the WAF?

A. Application load balancer
B. Network load balancer
C. Classic load balancer
D. All of the above

Answer 24

A. Application load balancer

Question 25

Which of these statements is true regarding S3 buckets?

A. Encryption is enabled by default
B. Versioning is enabled by default
C. Block Public access is enabled by default
D. Bucket policies are enabled by default

Answer 25

C. Block Public access is enabled by default

Question 26

What is a human and machine-readable data interchange method commonly used with IAM managed policies, S3 bucket policies, and CloudFormation infrastructure as code?

A. YAML
B. JAVA
C. PHP
D. JSON

Answer 26

D. JSON

Question 27

What service does CloudFormation offer to AWS customers?

A. Platform as a service
B. Content delivery networking
C. Infrastructure as code
D. Automatic scalability

Answer 27

C. Infrastructure as code

Question 28

. What is a fast content delivery networking (CDN) service offered by Amazon Web Services?

A. CloudTrail
B. CloudWatch
C. CloudFormation
D. CloudFront

Answer 28

D. CloudFront

Question 29

What instance type allows you to bid on spare Amazon EC2 computing capacity based on the present price where instances are treated a commodity?
A. Reserved instances
B. On-demand instances
C. Spot instances
D. Instance templates

Answer 29

C. Spot instances

Question 30

What is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage and storage tier management through a virtual appliance?

A. Elastic File System (EFS)
B. Storage Gateway
C. Elastic Block Store (EBS)
D. AWS Snowball

Answer 30

B. Storage Gateway

Question 31

Which of these statements is NOT true concerning elastic block store volume security?

A. Volumes that are created from encrypted snapshots are automatically encrypted
B. volumes that are created from unencrypted snapshots are automatically unencrypted
C. If no snapshot is selected, you can choose to encrypt the volume and specify your own key
D. In the management console you can encrypt all volumes in the region by default

Answer 31

D. In the management console you can encrypt all volumes in the region by default

Question 32

What is the preferred method, written in JSON, to provide access to the objects stored in an S3 bucket?

A. Bucket policy
B. Block public access settings
C. Object ownership
D. Access control list

Answer 32

A. Bucket policy

Question 33

Which of these database platforms is supported by Amazon Aurora?

A. MariaDB
B. Oracle Database
C. PostgreSQL
D. SQL Server

Answer 33

C. PostgreSQL

Question 34

What networking component of AWS allows customers to connect their VPCs and their onpremises networks to a single gateway in a scalable fashion across multiple accounts?

A. Route 53
B. Direct Connect
C. CloudFront
D. Transit Gateway

Answer 34

D. Transit Gateway

Question 35

Which of these cannot be used to pay for your AWS account?

A. Direct billing
B. Debit card
C. Credit card
D. Cyber currency

Answer 35

D. Cyber currency

Question 36

Which two of these is a pillar of the well-architected initiative?

A. Scalability
B. Operational Excellence
C. Security
D. Elasticity
E. Durability

Answer 36

B. Operational Excellence
C. Security

Question 37

Which support plan is specifically recommended if you have production workloads in AWS?

A. Basic
B. Developer
C. Business
D. Enterprise

Answer 37

C. Business

Question 38

Which two of these is a category of checks used by the Trusted Advisor?

A. Infrastructure as Code
B. Cost Optimization
C. Flexibility
D. Sustainability
E. Fault Tolerance

Answer 38

B. Cost Optimization
E. Fault Tolerance

Question 39

. What is a managed service that empowers governance, compliance, operational auditing, and risk auditing of AWS accounts by examining all API calls?

A. CloudTrail
B. CloudWatch
C. CloudFormation
D. CloudFront

Answer 39

A. CloudTrail

Question 40

What is a monitoring and management service used by developers, systems operators, and managers in AWS to gather actionable data, metrics, and insights with alarm capabilities?

A. CloudTrail
B. CloudWatch
C. CloudFormation
D. CloudFront

Answer 40

B. CloudWatch

Question 41

What do AWS Organizations use to group AWS accounts?

A. Buckets
B. Containers
C. Organizational users
D. Clusters

Answer 41

C. Organizational users