Cloud Practitioner Exam Flashcards by Zac Simunovic

List out 6 benefits of AWS Cloud

Variable instead of capital expense
Economies of scale by sharing servers with others
Don’t have to ‘guess’ capacity
Quicker to start operating
Don’t need to manage data centre
Global

How well did you know this?

Not at all

Perfectly

How does AWS Cloud allow users to focus on business value?

AWS takes care of IT infrastructure concerns, allowing orgs to focus on their business.

How well did you know this?

Not at all

Perfectly

Define at least 6 items that would be part of a Total Cost Ownership Proposal

Location
Service
Tenancy
Operating System
Workload
Number of Instances

How well did you know this?

Not at all

Perfectly

Identify which operations will reduce costs by moving to the cloud

Infrastructure costs

How well did you know this?

Not at all

Perfectly

Explain the 5 cloud architecture design principles

Perform operations as code
Make frequent, small reversible changes
Refine operations procedures frequently
Anticipate failure (pre-mortem exercises)
Learn from all operational failures

How well did you know this?

Not at all

Perfectly

What are the 7 elements of the shared responsibility model

Physical security
Client and end-point protection
Identity and access management
Application-level controls
Network controls
Host infrastructure
Physical security

How well did you know this?

Not at all

Perfectly

Rank the following models from most customer responsible to most cloud provider responsible:

SaaS
FaaS
On-premises
IaaS
PaaS

On-premises
IaaS
PaaS
SaaS
FaaS

How well did you know this?

Not at all

Perfectly

What is the customer always responsible for in the shared responsibility model?

Data classification and accountability

How well did you know this?

Not at all

Perfectly

What is the core responsibility of AWS in the share responsibility model?

Protecting the infrastructure that runs the cloud services offered

How well did you know this?

Not at all

Perfectly

In the shared responsibility model, whose responsibility is the security of your platform for PaaS environments

Shared Responsibility

How well did you know this?

Not at all

Perfectly

In the shared responsibility model, the responsibility for data security in SaaS environments belongs to ________

Customer

How well did you know this?

Not at all

Perfectly

Shared responsibility model
Who is responsible for Application level controls in IaaS?

Customer

How well did you know this?

Not at all

Perfectly

Shared responsibility model
Who is responsible for Application level controls in PaaS?

Both customer and cloud provider

How well did you know this?

Not at all

Perfectly

Shared responsibility model
Who is responsible for Network Controls in FaaS?

Cloud Provider

How well did you know this?

Not at all

Perfectly

Shared responsibility model
Who is responsible for IAM in PaaS?

both customer and cloud provider

How well did you know this?

Not at all

Perfectly

Where can you find AWS compliance information?

AWS Artifact

How well did you know this?

Not at all

Perfectly

Where are system and organisations control located in AWS?

AWS Artifact

How well did you know this?

Not at all

Perfectly

Identity and access management (IAM) is capable of performing the following tasks:

Fine grained access to AWS resources
Providing options for multi-factor authentication
Analysing access for users and services across AWS environment
Integrating with existing corporate directories

How well did you know this?

Not at all

Perfectly

AWS CloudTrail is where:

trails and recent activities are summarized

How well did you know this?

Not at all

Perfectly

CloudTrail Management Events for the last ___ days are displayed in the Event History

How well did you know this?

Not at all

Perfectly

In CloudTrail, when are events recorded?

When resources are created, updated or deleted

How well did you know this?

Not at all

Perfectly

What is a trail?

It is a generated path of tracked actions

How well did you know this?

Not at all

Perfectly

What does an event log include:

event name, time, user, kind of resource, resource name

How well did you know this?

Not at all

Perfectly

CloudTrail Insights allow customers to ….

monitor their accounts for abnormal behaviour

How well did you know this?

Not at all

Perfectly

What are some examples of abnormal behaviour in CloudTrail

Sudden increase in resource provisioning Increase in AWS identity and access management operations Drops in routine maintenance

Is CloudTrail automatically enabled, or must you enable it?

It is automatically enabled

CloudWatch is a monitoring service that

tracks AWS cloud resources and apps running on your AWS account

What are four features that CloudWatch offer?

- Real-time tracking of metrics - Creates alarms for when metrics such as price or health reach beyond desired states - Creates a repository where you can parse and leverage alarms to notify you of anything that is unwanted - Allows you to create dynamic dashboards

What does Amazon Inspector do?

It tests for network access and the security state of apps running on those instances

What are four features Amazon Inspector offers?

- It gives a risk rating to cloud assets - Produces detailed reports - Automated security assessments through development and deployment

How does Amazon Inspector work?

- It works by scanning the network configuration within AWS to assess for reachability and uses an agent that is installed on the EC2 instances to assess for security risks at the infrastructure level

What does WAF stand for?

Web Application Firewall

What does AWS WAF allow you to do?

- Monitor the HTTP(s) requests to your application hosted in AWS - Control access to applications based on origin IP addresses

What AWS service allows you to use Web Access Control Lists, Rules and Rule Groups to set permissions and protect your application

AWS WAF

Where can WAF and Shield be found in AWS?

Network Access Analyser > Services, Security, Identity and Compliance > WAL & Shield

What AWS Service protects from DDoS attacks?

AWS Shield

What are the two types of AWS shields that can be deployed?

Shield Standard and Shield Advanced

What does AWS Guard Duty do?

Continuously monitors particular data sources for threat intelligence

What data sources does AWS Guard Duty monitor?

Flow Logs, CloudTrail event logs, CloudTrail event logs, and DNS logs

What does AWS Control Tower

It allows teams to leverage Landing Zones as a secure add-on to AWS organisations

What are Landing Zones and what do they offer?

Landing Zones = well-architected, multi-account AWS environment that is scalable and secure Allow account administrators to provide secured AWS accounts that are configured with a baseline

AWS Control Tower handles which of the following? Analyzing App security DDoS protection Key Storage and Management Securing and Governing Multiple AWS Accounts

Securing and Governing Multiple AWS Accounts

What does VPC stand for?

Virtual Private Cloud

Where can you find the ability to create a VPC?

Services > Networking & Content Delivery > VPC > Create VPC

What is a VPC

VPC is a network service that managed the traffic to all other AWS services you plan to use.

What can you use VPCs to do?

You use it to configure IP addresses, managed allowed ports etc

Which features of AWS helps cloud security by restricting access to subnets? This feature works like firewalls with rules for inbound/outbound access.

Network Access Control List (ACLs)

What do AWS Security Groups do?

Decides what traffic can reach and leave the resources it is connected to

What are 2 kinds of resources you can link a security group to?

EC2, VPC

Which AWS feature is focused on discovering sources of likely intrusions?

Network Access Analyser

How does the network access analyser work?

It scan the network access scopes (e.g. identifies non-permissible traffic types).

What determines the cost to run a network access analyser

The number of elastic network interfaces investigated

Where can you find security findings from across AWS accounts, services and 3rd-party partners to help analyse security trends and priority issues?

Security Hub

What are 3 benefits of Security Hub?

- Reduce complexity and effort when improving security of AWS accounts and workloads - Centralise findings and save time digging - Provides detailed dashboards that highlight current status to help leadership make decisions

Where can you find a list of the most frequently asked questions categorised by services provided by AWS?

AWS Knowledge Centre

Where can you find automated and managed services offered by AWS that inspects your AWS account for best security and efficient practices?

Amazon Trusted Advisor

What does Trusted Advisor base its recommendations on?

What other customers have implemented

What are the different types of cloud deployment models?

Public cloud, Private cloud Community Cloud (for nominated community of orgs) Hybrid

What are the 5 connectivity options

Network-to-Amazon VPC Amazon VPC-to-Amazon VPC Software remote access-to-Amazon VPC Transit VPC AWS Cloud WAN

How are availability zones related to regions?

Regions = multiple isolated availability zones

What are availability zones?

Data centres with redundant power

What is a cloud front edge location?

It is a content distribution network that provides a delivery service for cached content

Is there more availability zones or cloud front edge locations?

Way more edge locations

How do multiple availability zones provide high availability?

Availability zones are placed in distributed locations such that if one goes down, another is available.

When might you consider using multiple AWS regions?

1. to keep data close to the users to reduce latency 2. give you greater control over your recovery time in the event of a hard dependency failure on a regional AWS service.

What is the benefit of edge locations?

1. Faster user experience 2. Faster file upload

What are the 4 categories of services on AWS?

Compute Storage network database

What is AWS' compute service?

EC2

What does EC2 stand for?

Elastic Compute Coud

What is EC2?

web service that provide resizable compute capacity using the cloud.

What makes up EC2?

- Virtual machine in the cloud - 8 instance types, each with different CPU, RAM and storage - Uses EBS

What is EBS?

Elastic Block Storage = virtual storage volumes with the ability to attach multiple

What does AWS SLA guarantee?

99.99% uptime on EC2 and EBS within a region

What are the 3 EC2 types?

1. on-demand 2. Reserved (pay ahead of time and save cost) 3. Spot instance (short term agreement - get it when its availabile)

What is AWS S3?

Amazon Simple Storage Service = object storage service that offers industry-leading scalability, availability, security, performance

What does object based storage mean?

It stores things like files, images, videos etc as objects in a non-hierarchial way

What is a bucket is S3?

Container for objects stored in S3.

How can you access a bucket?

Over HTTPs, they have unique URLs

What do you store inside buckets?

The objects i.e. files, metadata, media etc. Its not file-based storage as that would assume hierarchy

What are keys?

Unique identifiers within buckets.

How many keys does each object get?

Exactly one

What are regions?

Regions are the geographical area where S3 will store buckets. Want to put them as close to customers as possible.

What are the 5 Storage classes?

Standard Intelligent Tiering One-Zone Infrequent Access Glacier Glacier Deep Archive

What is the standard storage class?

default, deployed across multiple zones to stay low cost

What is the intelligent tiering class?

Analysis of usage of objects in buckets and reclassification and billing differently

What is One-Zone Frequent Access?

Cheaper, no redundant replication of data across zones

What is Glacier?

Archival based, gives you a couple hours of retrieval time

What is Glacier Deep Archive?

Archival based, can take up to 12 hours to retrieve. Save on cost, but very slow.

What are some AWS networking Services?

ELB and Autoscaling

What does an elastic load balancer do?

Automatically distributes application traffic across multiple endpoints

What are some endpoints that elastic load balancers distribute traffic across?

across EC2 instances, IP addresses, lambda functions, containers

What are the major benefits of Elastic Load Balancers

Security Uptime Accessibility

What are the 4 types of load balancers offers by AWS?

Applications Network Gateway Classic

What is the applications load balancer used for?

web traffic http https

What is the network load balancer used for?

TCP, UDP, TLS Traffic Internal servers

What is the gateway load balancer used for?

Scaling traffic for virtual apps

What is the classic load balancer used for?

Basic load balancer, isn't used for much

What does the AWS autoscaling services do?

Optimises performance while lowering infrastructure costs by scaling multiple AWS resources safely

Autoscaling services monitor for unhealthy resources and applications to _____________________

deploy replacements automatically

What can the AWS autoscaling services scale?

EC2 Autoscaling Groups EC2 Spot fleeting requests Elastic container services (ECS) DynamoDB Aurora

Do both Autoscaling and ELB serve for high availability and security?

Yes

What does Autoscaling focus on doing?

Increasing or decreasing resources

What does ELB focus on doing?

balancing traffic load to multiple endpoints and instances

What are the two AWS database services?

Relational Database Service (RDS) and DynamoDB, a NoSQL database managed by Amazon

What does the RDS offer?

It supports 3rd party relational databases i.e. Microsoft SQL, MariaDB, PostgreSQL, Oracle AND Amazon Aurora You can scale database with a click of a button It auto replicates to a standby instance for availability

What does the DynamoDB NoSQL database offer?

Fully managed, just write the code Very high performance at scale Highly Available and secure

Where can you find documentation for tech support?

1. best practices 2. Whitepapers, 3. AWS knowledge Center 4. Forums 5. Blogs

What are the various levels of support plans?

Developer Business Enterprise

What does developer level offer?

For when experimenting or testing 7 core checks general + system impaired guidance business hours unlimited cases / 1 primary contact

What does business level offer?

For when you have production workloads in AWS full set of checks general + system impaired + production gudiance 24x7 contact unlimited cases / unlimited contacts Api support

What does enterprise level offer?

for when you have business and / or mission cirtical workloads in AWS Business + business critical system down guidance Consultative review and guidance based on your application Designated technical account manager Online labs Concierge support team

What is the AWS Partner Network?

a global community of partners that leverages programs, expertise, and resources to build, market, and sell customer offerings.

What are the 4 sources of technical assistance and knowledge?

Professional services, solutions architects, training and certification, APN

What are the benefits of using AWS Trusted Advisor

1. Help follow AWS best practices 2. Uses checks to fins ways to optimise AWS infrastructure, secuirity, performance, reduce costs, monitor service quotas Main benefits 1. Cost optimisation 2. Performance 3. Security 4. Fault Tolerance 5. Service Quotas

What are the various pricing models for AWS?

On-Demand Instances, Reserved Instances, Spot Instances

What is on Demand Instance pricing best used for?

when you need low cost, flexible computing capacity but dont want to commit to long term contract Best for short-term, irregular workloads that cannot be interrupted Ideal for applications being developed / tested on AWS for the first time

What is Reserved Instance pricing best used for?

Best for if you have a predictable workload over 1 or 3 year term

What discount compared to on-demand instance pricing do you get with reserved instance?

up to 75% discount

What are the three types of reserved instances?

Standard reserved (for max savings) Convertible reserved instances (for flexibility to change types) Scheduled reserved instances (for instances on a recurring schedule)

What is Spot Instance pricing best for?

1. When you have flexible start and end times 2. Apps that are only feasible at very low compute prices 3. Urgent computing needs for large amounts of additional capacity

What is the spot instance discount compared to on-demand instance pricing

Up to 90% discount compared to on-demand

Which instance can be interrupted within two minutes of notification when AWS needs the capacity back?

Spot Instant pricing This pricing is best for fault-tolerant applicatiosn

What is consolidated billing? and why is it useful for users?

Consolidating all billing for multiple AWS accounts into one, which simplifies billing to avoid multiple billing cycles per department (difficult to scale with)

How can multiple accounts aid in allocating costs across departments?

You can have multiple accounts to track costs on a department-specific basis, but then one overall bill to pay

Which AWS service is responsible for high-level tracking of expenses across multiple AWS accounts?

AWS organisations

How can you get billing support and information?

AWS support centre -> Create case AWS knowledge centre -> billing mangement

Where can you find pricing information on AWS services

AWS pricing whitepaper AWS pricing calculator

How can you figure alerts / alarms to help with billing?

You can place alerts on your budgets which trigger when % of budget amount is reached You can also get it to send you an SMS of the alert

Which AWS service is used for monitoring cloud service usage that exceeds defined cost thresholds?

AWS cloudtrail

what are resource groups used for?

Organising AWS resources

What do resource groups allow you to manage and automate?

Tasks at scale across multiple resource groups all at once

Where can you access resource groups?

AWS management console, AWS system manager console and by using the resource groups API via CLI or SDK

What is tagging resources? and what is it useful for?

It is where you apply a custom tag or variable to represent a group fo related resources, and the can be used to filter architectural elements to an application or project so that when you need to see how much a particular application costs on your monthly bill, you can filter down

What is Systems Manager? and what does it provide?

operations hub for AWS unified interface for tracking and resolving issues that arise across AWS applications and systems

What can you use Systems Manager with EC2 and VMs located on-premise to do?

group resources visualise the data respond appropriately

What is the application builder in AWS Developer Services?

Amazon Elastic Beanstalk = buld apps and services on fully managed development environment? It supports java, .net, node.js, python, Ruby, go and Docker Can leverage apache, Nginx, Passenger, IIS

What CI/CD tools are offered in AWS developer services?

Code commit Code build Code Deploy Code Pipeline

What is the AWS Global Accelerator?

Helps improve availability and performance of the applications that you offer to your gloabl users decreases app latency, and positively impacts SEO on web apps Increases throughput for data transfer

What is AWS Lambda?

Serverless computer service that lets you runs code without provisioning or using servers You can create workload-load scaling and use automated event triggers to develop highly available apps

According to AWS, what is the benefit of Elasticity?

create systems that scale to the required capacity based on changes in demand

Which tool can you use to forecast your AWS spending?

AWS cost explorer

A business analyst would like to move away from creating complex database queries and static spreadsheets when generating regular reports for high-level management. They would like to publish insightful, graphically appealing reports with interactive dashboards. Which service can they use to accomplish this?

Amazon quicksight

What is the AWS feature that enables fast, easy and secure transfers of files over long distances between your client and your Amazon S3 bucket?

Amazon S3 Transfer Acceleration

What best describes the “Principle of Least Privilege”? Choose the correct answer from the options given below.

Users should be granted permission to access only resources they need to do their assigned job.

A web administrator maintains several public and private web-based resources for an organisation. Which service can they use to keep track of the expiry dates of SSL/TLS certificates as well as updating and renewal?

AWS Certificate Manager

Which of the following is the responsibility of the customer to ensure the availability and backup of the EBS volumes?

Create EBS snapshots

Which of the following services can be used as an application firewall in AWS?

AWS WAF

Your design team is planning to design an application that will be hosted on the AWS Cloud. One of their main non-functional requirements is given below: Reduce inter-dependencies so failures do not impact other components. Which of the following concepts does this requirement relate to?

Decoupling

A manufacturing firm has recently migrated their application servers to the Amazon EC2 instance. The IT Manager is looking for the details of upcoming scheduled maintenance activities which AWS would be performing on AWS resources, that may impact the services on these EC2 instances. Which of the following services can alert you about the changes that can affect resources in your account?

AWS Personal Health Dashboard

Which of the following AWS services can be used to retrieve configuration changes made to AWS resources causing operational issues?

AWS Config

An organization runs several EC2 instances inside a VPC using three subnets, one for Development, one for Test, and one for Production. The Security team has some concerns about the VPC configuration. It requires restricting communication across the EC2 instances using Security Groups. Which of the following options is true for Security Groups related to the scenario?

You can change a Security Group associated with an instance if the instance is in the running state.

Which of the following features of Amazon RDS allows for better availability of databases? Choose the answer from the options given below.

Multi-AZ

Your company wants to move an existing Oracle database to the AWS Cloud. Which of the following services can help facilitate this move?

AWS Database Migration Service

Which of the following services allows you to analyze EC2 Instances against pre-defined security templates to check for vulnerabilities?

AWS Inspector

A website for an international sport governing body would like to serve its content to viewers from different parts of the world in their vernacular language. Which of the following services provide location-based web personalization using geolocation headers?

Amazon CloudFront

Which of the following can be used to protect against DDoS attacks? Choose 2 answers from the options given below.

AWS Shield AWS Shield Advanced

Which of the following are the recommended resources to be deployed in the Amazon VPC private subnet?

Database Servers

A company wants to utilize AWS storage. For them, low storage cost is paramount. The data is rarely retrieved and a data retrieval time of 13-14 hours is acceptable for them. What is the best storage option to use?

S3 Glacier Deep Archive

Which AWS service provides a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability?

DynamoDB

For which of the following AWS resources, the Customer is responsible for the infrastructure-related security configurations?

Amazon EC2 EC2 is an IaaS for which customers are responsible for security

In the shared responsibility model for infrastructure services, such as Amazon Elastic Compute Cloud, which of the below two are customers responsibility? A. Network infrastructure B. Amazon Machine Images (AMIs) C. Virtualization infrastructure D. Physical security of hardware E. Policies and configuration

Policies and configuration & Amazon Machine Images

AWS offers two savings plans to enable more savings and flexibility for its customers, namely, compute saving plans and EC2 Instance Savings plans. Which of the below statement is FALSE regarding Saving Plans? A. Capacity Reservations are not provided with Saving Plans. B. Savings Plans are available for all the regions. C. Savings plans will apply on ‘On-Demand Capacity Reservations’ that customers can allocate for their needs. D. The prices for Savings Plans do not change based on the amount of hourly commitment.

Savings Plans are available for all the regions

Which of the below-listed services is a region-based AWS service?

Amazon EFS = Elastic File system

Which of the following LightSail Wizard allows the customers to “create a copy of the LightSail instance in EC2”?

Upgrade to EC2

Which of the following features of Amazon Connect helps better customer engagement on AWS Cloud ? A. Push Notification B. High Quality Audio C. Mailbox Simulator D. Reputation Dashboard

Higher Quality Audio

A large IT company is looking to enable its large user base to remotely access Linux desktops from any location. Which service can be used for this purpose ?

Amazon WorkSpaces

Users in the Developer Team need to deploy a multi-tier web application. Which service can be used to create a customized portfolio that will help users for quick deployment?

AWS Service Catalog

A large Oil & gas company is planning to deploy a high-volume application on multiple Amazon EC2 instances. Which of the following can help to reduce operational expenses?

Deploy Amazon EC2 instance with Auto-scaling

Amazon EC2 instance in a cluster placement group will help...

to have low latency between instances

Which of the following activities are within the scope of AWS Support? A. Troubleshooting API issues B. Code Development C. Debugging custom software D. Third-party application configuration on AWS resources E. Database query tuning

Troubleshooting API issues and Third-party application configuration on AWS resources

I have a huge amount of data (images, documents). I want to store them on AWS storage service S3 and know how S3 is priced to make informed decisions. Which of the following is accounted as a cost for S3 storage? Select TWO. A. While uploading data to an S3 bucket B. Lifecycle transition requests C. Outbound data transfer from S3 in US-West to an EC2 instance in US-West D. Outbound data transfer to Amazon CloudFront E. Outbound data transfer from S3 in US-East to an EC2 instance in US-West

Lifecycle transition requests Outbound data transfer from S3 in US-East to an EC2 instance in US-West

I am using the Amazon Simple Notification Service to send notifications to alert admins whenever the CPU utilization of an EC2 instance crosses 70%. Which of the following can be subscribers to an SNS Topic? (Select TWO) A. Email B. Amazon S3 C. AWS Lambda D. Amazon CloudWatch E. Amazon DynamoDB streams

Email and AWS Lambda

A company is planning to run a global marketing application in the AWS Cloud. The application will feature videos that can be viewed by users. The company must ensure that all users can view these videos with low latency. Which AWS service should the company use to meet this requirement?

Amazon CloudFront

Which pillar of the AWS Well-Architected Framework refers to the ability of a system to recover from infrastructure or service disruptions and dynamically acquire computing resources to meet demand?

Reliability

Which of the following are benefits of migrating to the AWS Cloud? (Choose two.) A. Operational resilience B. Discounts for products on Amazon.com C. Business agility D. Business excellence E. Increased staff retention

Operational resilience Business agility

A company is planning to replace its physical on-premises compute servers with AWS serverless compute services. The company wants to be able to take advantage of advanced technologies quickly after the migration. Which pillar of the AWS Well-Architected Framework does this plan represent?

Performance efficiency

A large company has multiple departments. Each department has its own AWS account. Each department has purchased Amazon EC2 Reserved Instances. Some departments do not use all the Reserved Instances that they purchased, and other departments need more Reserved Instances than they purchased. The company needs to manage the AWS accounts for all the departments so that the departments can share the Reserved Instances. Which AWS service or tool should the company use to meet these requirements?

AWS Organisations

Which component of the AWS global infrastructure is made up of one or more discrete data centers that have redundant power, networking, and connectivity?

Availability Zone

Which duties are the responsibility of a company that is using AWS Lambda? (Choose two.) A. Security inside of code B. Selection of CPU resources C. Patching of operating system D. Writing and updating of code E. Security of underlying infrastructure

Security inside of code Writing and update of code

Which AWS services or features provide disaster recovery solutions for Amazon EC2 instances? (Choose two.) A. ׀*׀¡2 Reserved Instances B. EC2 Amazon Machine Images (AMIs) C. Amazon Elastic Block Store (Amazon EBS) snapshots D. AWS Shield E. Amazon GuardDuty

EC2 Amazon Machine Images Amazon Elastic Block Store (Amazon EBS) snapshots

A company is migrating to the AWS Cloud instead of running its infrastructure on premises. Which of the following are advantages of this migration? (Choose two.) A. Elimination of the need to perform security auditing B. Increased global reach and agility C. Ability to deploy globally in minutes D. Elimination of the cost of IT staff members E. Redundancy by default for all compute services

Increased global reach and agility Elimination of the cost of IT staff members

A user is comparing purchase options for an application that runs on Amazon EC2 and Amazon RDS. The application cannot sustain any interruption. The application experiences a predictable amount of usage, including some seasonal spikes that last only a few weeks at a time. It is not possible to modify the application. Which purchase option meets these requirements MOST cost-effectively?

Buy Reserved Instances for the predicted amount of usage throughout the year. Allow any seasonal usage to run at an On-Demand rate.

A company wants to review its monthly costs of using Amazon EC2 and Amazon RDS for the past year. Which AWS service or tool provides this information?

Cost Explorer

A company wants to migrate a critical application to AWS. The application has a short runtime. The application is invoked by changes in data or by shifts in system state. The company needs a compute solution that maximizes operational efficiency and minimizes the cost of running the application. Which AWS solution should the company use to meet these requirements?

AWS Lambda

Which AWS service or feature allows users to connect with and deploy AWS services programmatically?

AWS software development kits (SDKs)

A company plans to create a data lake that uses Amazon S3. Which factor will have the MOST effect on cost?

The selection of S3 storage tiers

A company is launching an ecommerce application that must always be available. The application will run on Amazon EC2 instances continuously for the next 12 months. What is the MOST cost-effective instance purchasing option that meets these requirements?

Savings Plans

Which AWS service or feature can a company use to determine which business unit is using specific AWS resources?

Cost allocation tags

A company wants to migrate its workloads to AWS, but it lacks expertise in AWS Cloud computing. Which AWS service or feature will help the company with its migration?

AWS Managed Services

Which AWS service or tool should a company use to centrally request and track service limit increases?

Service Quotas

Which documentation does AWS Artifact provide?

AWS ISO certifications

Which task requires using AWS account root user credentials? A. Viewing billing information B. Changing the AWS Support plan C. Starting and stopping Amazon EC2 instances D. Opening an AWS Support case

Changing the AWS Support plan

A company needs to simultaneously process hundreds of requests from different users. Which combination of AWS services should the company use to build an operationally efficient solution?

Amazon Simple Queue Service (Amazon SQS) and AWS Lambda

What is the scope of a VPC within the AWS network?

D. A VPC can span all Availability Zones within an AWS Region.

Which of the following are components of an AWS Site-to-Site VPN connection? A. AWS Storage Gateway B. Virtual private gateway C. NAT gateway D. Customer gateway E. Internet gateway

Virtual private gateway Customer gateway

A company needs to establish a connection between two VPCs. The VPCs are located in two different AWS Regions. The company wants to use the existing infrastructure of the VPCs for this connection. Which AWS service or feature can be used to establish this connection?

VPC peering

According to the AWS shared responsibility model, what responsibility does a customer have when using Amazon RDS to host a database?

Manage connections to the database

What are some advantages of using Amazon EC2 instances to host applications in the AWS Cloud instead of on premises? (Choose two.)

EC2 integrates with Amazon VPC, AWS CloudTrail, and AWS Identity and Access Management (IAM) EC2 has a flexible, pay-as-you-go pricing model.

A user needs to determine whether an Amazon EC2 instance's security groups were modified in the last month. How can the user see if a change was made?

Use AWS CloudTrail to see if the security group was changed.

Which AWS service will help protect applications running on AWS from DDoS attacks?

AWS Shield

Which AWS service or feature acts as a firewall for Amazon EC2 instances?

Security group

How does the AWS Cloud pricing model differ from the traditional on-premises storage pricing model?

There are no upfront cost commitments

A company has a single Amazon EC2 instance. The company wants to adopt a highly available architecture. What can the company do to meet this requirement?

Scale horizontally across multiple Availability Zones.

A company's on-premises application deployment cycle was 3-4 weeks. After migrating to the AWS Cloud, the company can deploy the application in 2-3 days. Which benefit has this company experienced by moving to the AWS Cloud?

Agility

Which of the following are included in AWS Enterprise Support? A. AWS technical account manager (TAM) B. AWS partner-led support C. AWS Professional Services D. Support of third-party software integration to AWS E. 5-minute response time for critical issues

AWS technical account manager (TAM) Support of third-party software integration to AWS

A global media company uses AWS Organizations to manage multiple AWS accounts. Which AWS service or feature can the company use to limit the access to AWS services for member accounts?

Service Control Policies

A company wants to limit its employees' AWS access to a portfolio of predefined AWS resources. Which AWS solution should the company use to meet this requirement?

AWS Service Catalog

What is AWS Service Catalog?

Create, organize, and govern a curated catalog of AWS resources that can be shared at the permissions level so you can quickly provision approved cloud resources without needing direct access to the underlying AWS services.

An online company was running a workload on premises and was struggling to launch new products and features. After migrating the workload to AWS, the company can quickly launch products and features and can scale its infrastructure as required. Which AWS Cloud value proposition does this scenario describe?

Business agility

AWS has the ability to achieve lower pay-as-you-go pricing by aggregating usage across hundreds of thousands of users. This describes which advantage of the AWS Cloud?

High economies of scale

A company is developing a mobile app that needs a high-performance NoSQL database. Which AWS services could the company use for this database? (Choose two.) A. Amazon Aurora B. Amazon RDS C. Amazon Redshift D. Amazon DocumentDB (with MongoDB compatibility) E. Amazon DynamoDB

Amazon DocumentDB (with MongoDB compatibility) Amazon DynamoDB

Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? A. Patch the Amazon EC2 guest operating system. B. Upgrade the firmware of the network infrastructure. C. Apply password rotation for IAM users. D. Maintain the physical security of edge locations. E. Maintain least privilege access to the root user account.

Maintain the physical security of edge locations Upgrade the firmware of the network infrastructure

Which of the following are features of network ACLs as they are used in the AWS Cloud? (Choose two.) A. They are stateless. B. They are stateful. C. They evaluate all rules before allowing traffic. D. They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic. E. They operate at the instance level.

They are stateless. They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic.

A company has designed its AWS Cloud infrastructure to run its workloads effectively. The company also has protocols in place to continuously improve supporting processes. Which pillar of the AWS Well-Architected Framework does this scenario represent? A. Security B. Performance efficiency C. Cost optimization D. Operational excellence

Operational excellence

Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload?

AWS Direct Connect

What is AWS Direct Connect

AWS Direct Connect is a cloud service that links your network directly to AWS to deliver consistent, low-latency performance.

A company needs to graphically visualize AWS billing and usage over time. The company also needs information about its AWS monthly costs. Which AWS Billing and Cost Management tool provides this data in a graphical format?

Cost Explorer

A company wants to run production workloads on AWS. The company needs concierge service, a designated AWS technical account manager (TAM), and technical support that is available 24 hours a day, 7 days a week. Which AWS Support plan will meet these requirements?

AWS Enterprise Support

Which architecture design principle describes the need to isolate failures between dependent components in the AWS Cloud?

Loosely couple components.

Which AWS services are managed database services? (Choose two.) A. Amazon Elastic Block Store (Amazon EBS) B. Amazon S3 C. Amazon RDS D. Amazon Elastic File System (Amazon EFS) E. Amazon DynamoDB

Amazon RDS and Amazon DynamoDB

A company recently deployed an Amazon RDS instance in its VPC. The company needs to implement a stateful firewall to limit traffic to the private corporate network. Which AWS service or feature should the company use to limit network traffic directly to its RDS instance?

Security groups

Which AWS service uses machine learning to help discover, monitor, and protect sensitive data that is stored in Amazon S3 buckets?

Amazon Macie

A company wants to improve the overall availability and performance of its applications that are hosted on AWS. Which AWS service should the company use?

AWS Global Accelerator

Which AWS service or feature identifies whether an Amazon S3 bucket or an IAM role has been shared with an external entity?

AWS IAM Access Analyzer

A large enterprise with multiple VPCs in several AWS Regions around the world needs to connect and centrally manage network connectivity between its VPCs. Which AWS service or feature meets these requirements?

AWS Transit Gateway

Which AWS service supports the creation of visual reports from AWS Cost and Usage Report data?

Amazon QuickSight

Which AWS service should be used to monitor Amazon EC2 instances for CPU and network utilization?

Amazon Cloudwatch

A company is preparing to launch a new web store that is expected to receive high traffic for an upcoming event. The web store runs only on AWS, and the company has an AWS Enterprise Support plan. Which AWS resource will provide guidance about how the company should scale its architecture and operational support during the event?

AWS infrastructure event management

A user wants to deploy a service to the AWS Cloud by using infrastructure-as-code (IaC) principles. Which AWS service can be used to meet this requirement

AWS CloudFormation

What is an Amazon Outpost?

Outposts are hardware devices that provide a limited amount of AWS compute and storage capacity, deployed locally in your data center.

A company wants to migrate its applications from its on-premises data center to a VPC in the AWS Cloud. These applications will need to access on-premises resources. Which actions will meet these requirements? (Choose two.) A. Use AWS Service Catalog to identify a list of on-premises resources that can be migrated. B. Create a VPN connection between an on-premises device and a virtual private gateway in the VPC. C. Use an Amazon CloudFront distribution and configure it to accelerate content delivery close to the on-premises resources. D. Set up an AWS Direct Connect connection between the on-premises data center and AWS. E. Use Amazon CloudFront to restrict access to static web content provided through the on-premises web servers.

B & D

Which AWS service uses edge locations?

AWS Global Accelerator

A company needs to install an application in a Docker container. Which AWS service eliminates the need to provision and manage the container hosts?

Amazon Elastic Container Service (Amazon ECS)

What is AWS Fargate?

AWS Fargate is a technology that you can use with Amazon ECS to run containers without having to manage servers or clusters of Amazon EC2 instances. With Fargate, you no longer have to provision, configure, or scale clusters of virtual machines to run containers.

Which AWS service or feature checks access policies and offers actionable recommendations to help users set secure and functional policies?

AWS IAM Access Analyzer

A company has a fleet of cargo ships. The cargo ships have sensors that collect data at sea, where there is intermittent or no internet connectivity. The company needs to collect, format, and process the data at sea and move the data to AWS later. Which AWS service should the company use to meet these requirements?

AWS Snowball Edge

What is AWS Snowball Edge?

AWS Snowball Edge is a type of Snowball device with on-board storage and compute power for select AWS capabilities. Snowball Edge can do local processing and edge-computing workloads in addition to transferring data between your local environment and the AWS Cloud.

A retail company needs to build a highly available architecture for a new ecommerce platform. The company is using only AWS services that replicate data across multiple Availability Zones. Which AWS services should the company use to meet this requirement? (Choose two.) A. Amazon EC2 B. Amazon Elastic Block Store (Amazon EBS) C. Amazon Aurora D. Amazon DynamoDB E. Amazon Redshift

A & B

What is Amazon Elastic Block Store?

Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes for use with EC2 instances

Service control policies (SCPs) manage permissions for which of the following?

AWS Organizations

Which AWS service can be used to encrypt data at rest?

AWS Key Management Service (AWS KMS)

A user is storing objects in Amazon S3. The user needs to restrict access to the objects to meet compliance obligations. What should the user do to meet this requirement?

Tag the objects in the S3 bucket

A company wants to convert video files and audio files from their source format into a format that will play on smartphones, tablets, and web browsers. Which AWS service will meet these requirements?

Amazon Elastic Transcoder

A company has several departments. Each department has its own AWS accounts for its applications. The company wants all AWS costs on a single invoice to simplify payment, but the company wants to know the costs that each department is incurring. Which AWS tool or feature will provide this functionality?

Consolidated billing

A company runs its workloads on premises. The company wants to forecast the cost of running a large application on AWS. Which AWS service or tool can the company use to obtain this information?

AWS Pricing Calculator

Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co- location environments, or on-premises facilities?

AWS Outposts

A company has a physical tape library to store data backups. The tape library is running out of space. The company needs to extend the tape library's capacity to the AWS Cloud. Which AWS service should the company use to meet this requirement?

AWS Storage Gateway

What is the AWS Storage Gateway?

AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage

Which AWS service or tool can be used to capture information about inbound and outbound traffic in an Amazon VPC?

VPC Flow Logs

In which situations should a company create an IAM user instead of an IAM role? (Choose two.) A. When an application that runs on Amazon EC2 instances requires access to other AWS services B. When the company creates AWS access credentials for individuals C. When the company creates an application that runs on a mobile phone that makes requests to AWS D. When the company needs to add users to IAM groups E. When users are authenticated in the corporate network and want to be able to use AWS without having to sign in a second time

B & D

Which AWS service is used to provide encryption for Amazon EBS?

AWS KMS

Which AWS services make use of global edge locations? (Choose two.) A. AWS Fargate B. Amazon CloudFront C. AWS Global Accelerator D. AWS Wavelength E. Amazon VPC

B & C

A company is operating several factories where it builds products. The company needs the ability to process data, store data, and run applications with local system interdependencies that require low latency. Which AWS service should the company use to meet these requirements?

AWS Outposts

Which of the following acts as an instance-level firewall to control inbound and outbound access?

Security groups

Which AWS tool or feature acts as a VPC firewall at the subnet level?

Network ACL

Which AWS service can be used to decouple applications?

Amazon Simple Queue Service (Amazon SQS

Which type of AWS storage is ephemeral and is deleted when an Amazon EC2 instance is stopped or terminated?

Amazon EC2 instance store

A company hosts an application on an Amazon EC2 instance. The EC2 instance needs to access several AWS resources, including Amazon S3 and Amazon DynamoDB. What is the MOST operationally efficient solution to delegate permissions? A. Create an IAM role with the required permissions. Attach the role to the EC2 instance. B. Create an IAM user and use its access key and secret access key in the application. C. Create an IAM user and use its access key and secret access key to create a CLI profile in the EC2 instance D. Create an IAM role with the required permissions. Attach the role to the administrative IAM user.

Which of the following is a component of the AWS Global Infrastructure?

AWS Regions

What is the purpose of having an internet gateway within a VPC?

To allow communication between the VPC and the internet

A pharmaceutical company operates its infrastructure in a single AWS Region. The company has thousands of VPCs in a various AWS accounts that it wants to interconnect. Which AWS service or feature should the company use to help simplify management and reduce operational costs?

AWS Transit Gateway

What is AWS Transit Gateway?

A transit gateway is a network transit hub that you can use to interconnect your virtual private clouds (VPCs) and on-premises networks.

Which of the following are Amazon Virtual Private Cloud (Amazon VPC) resources? A. Objects; access control lists (ACLs) B. Subnets; internet gateways C. Access policies; buckets D. Groups; roles

Subnets; internet gateways

A company launched an Amazon EC2 instance with the latest Amazon Linux 2 Amazon Machine Image (AMI). Which actions can a system administrator take to connect to the EC2 instance? (Choose two.) A. Use Amazon EC2 Instance Connect. B. Use a Remote Desktop Protocol (RDP) connection. C. Use AWS Batch D. Use AWS Systems Manager Session Manager. E. Use Amazon Connect

A & D

A company is migrating to Amazon S3. The company needs to transfer 60 TB of data from an on-premises data center to AWS within 10 days. Which AWS service should the company use to accomplish this migration?

AWS Snowball

What is AWS Snowball?

Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud

What type of database is Amazon DynamoDB?

Key-value

Which AWS services offer gateway VPC endpoints that can be used to avoid sending traffic over the internet? (Choose two.) A. Amazon Simple Notification Service (Amazon SNS) B. Amazon Simple Queue Service (Amazon SQS) C. AWS CodeBuild D. Amazon S3 E. Amazon DynamoDB

D & E

A company has a serverless application that includes an Amazon API Gateway API, an AWS Lambda function, and an Amazon DynamoDB database. Which AWS service can the company use to trace user requests as they move through the application's components?

AWS XRAY

What is AWS X-RAY?

service that collects data about requests that your application serves, and provides tools that you can use to view, filter, and gain insights into that data to identify issues and opportunities for optimization. For any traced request to your application, you can see detailed information not only about the request and response, but also about calls that your application makes to downstream AWS resources, microservices, databases, and web APIs.

A company needs to design an AWS disaster recovery plan to cover multiple geographic areas. Which action will meet this requirement? A. Configure multiple AWS accounts. B. Configure the architecture across multiple Availability Zones in an AWS Region. C. Configure the architecture across multiple AWS Regions. D. Configure the architecture among many edge locations.

A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access. What should the company use to access instances remotely instead of opening inbound SSH ports and managing SSH keys? A. EC2 key pairs B. AWS Systems Manager Session Manager C. AWS Identity and Access Management (IAM) D. Network ACLs

A company would like to host its MySQL databases on AWS and maintain full control over the operating system, database installation, and configuration. Which AWS service should the company use to host the databases? A. Amazon RDS B. Amazon EC2 C. Amazon DynamoDB D. Amazon Aurora

AMAZON EC2

How does the AWS global infrastructure offer high availability and fault tolerance to its users? A. The AWS infrastructure is made up of multiple AWS Regions within various Availability Zones located in areas that have low flood risk, and are interconnected with low-latency networks and redundant power supplies. B. The AWS infrastructure consists of subnets containing various Availability Zones with multiple data centers located in the same geographic location. C. AWS allows users to choose AWS Regions and data centers so that users can select the closest data centers in different Regions. D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that are connected with low-latency networking and redundant power supplies.

A company wants to migrate a small website and database quickly from on-premises infrastructure to the AWS Cloud. The company has limited operational knowledge to perform the migration. Which AWS service supports this use case? A. Amazon EC2 B. Amazon Lightsail C. Amazon S3 D. AWS Lambda

Which design principle is achieved by following the reliability pillar of the AWS Well-Architected Framework? A. Vertical scaling B. Manual failure recovery C. Testing recovery procedures D. Changing infrastructure manually

A company has a social media platform in which users upload and share photos with other users. The company wants to identify and remove inappropriate photos. The company has no machine learning (ML) scientists and must build this detection capability with no ML expertise. Which AWS service should the company use to build this capability?

Amazon Rekognition

Which responsibility belongs to AWS when a company hosts its databases on Amazon EC2 instances? A. Database backups B. Database software patches C. Operating system patches D. Operating system installations.

Operating system installations

Compare S3 One Zone-Infrequent Access (S3 One Zone-IA) and S3 Standard-Infrequent Access (S3 Standard-IA)

One Zone is less durable, reliable and available as it stores data in only one AZ, instead of the standard 3

A company needs to build an application that uses AWS services. The application will be delivered to residents in European Counties. The company must abide by regional regulatory requirements. Which AWS service or program should the company use to determine which AWS services meet the regional requirements? A. AWS Audit Manager B. AWS Shield C. AWS Compliance Program D. AWS Artifact

What is Amazon Cognito?

Amazon Cognito is an Amazon Web Services product that controls user authentication and access for mobile applications on internet-connected devices.

A company needs to implement identity management for a fleet of mobile apps that are running in the AWS Cloud. Which AWS service will meet this requirement? A. Amazon Cognito B. AWS Security Hub C. AWS Shield D. AWS WAF

A company's web application requires AWS credentials and authorizations to use an AWS service. Which IAM entity should the company use as best practice? A. IAM role B. IAM user C. IAM group D. IAM multi-factor authentication (MFA)

IAM role

A company is starting to build its infrastructure in the AWS Cloud. The company wants access to technical support during business hours. The company also wants general architectural guidance as teams build and test new applications. Which AWS Support plan will meet these requirements at the LOWEST cost? A. AWS Basic Support B. AWS Developer Support C. AWS Business Support D. AWS Enterprise Support

Which AWS service provides the capability to view end-to-end performance metrics and troubleshoot distributed applications? A. AWS Cloud9 B. AWS CodeStar C. AWS Cloud Map D. AWS X-Ray

AWS X-RAY

Which AWS service can a company use to store and manage Docker images? A. Amazon DynamoDB B. Amazon Kinesis Data Streams C. Amazon Elastic Container Registry (Amazon ECR) D. Amazon Elastic File System (Amazon EFS)

What is the Amazon Elastic Container Registry?

Amazon Elastic Container Registry (ECR) is a fully managed Docker container registry that makes it easy to store, share, and deploy container images

A global company is building a simple time-tracking mobile app. The app needs to operate globally and must store collected data in a database. Data must be accessible from the AWS Region that is closest to the user. What should the company do to meet these data storage requirements with the LEAST amount of operational overhead? A. Use Amazon EC2 in multiple Regions to host separate databases B. Use Amazon RDS cross-Region replication C. Use Amazon DynamoDB global tables D. Use AWS Database Migration Service (AWS DMS)

Which AWS service, feature, or tool uses machine learning to continuously monitor cost and usage for unusual cloud spending? A. Amazon Lookout for Metrics B. AWS Budgets C. Amazon CloudWatch D. AWS Cost Anomaly Detection

A company is generating large sets of critical data in its on-premises data center. The company needs to securely transfer the data to AWS for processing. These transfers must occur daily over a dedicated connection. Which AWS service should the company use to meet these requirements? A. AWS Backup B. AWS DataSync C. AWS Direct Connect D. AWS Snowball

AWS DataSync

Which of the following is a managed AWS service that is used specifically for extract, transform, and load (ETL) data?

AWS Glue

What is AWS glue?

AWS Glue is a serverless data integration service that makes it easy for analytics users to discover, prepare, move, and integrate data from multiple sources

Which of the following are shared controls that apply to both AWS and the customer, according to the AWS shared responsibility model? (Choose two.) A. Resource configuration management B. Network data integrity C. Employee awareness and training D. Physical and environmental security E. Replacement and disposal of disk drives

A&C

What is the LEAST expensive AWS Support plan that contains a full set of AWS Trusted Advisor best practice checks?

AWS Business Support

Why is AWS more economical than traditional data centers for applications with varying compute workloads?

Amazon EC2 instances can be launched on demand when needed.

Which AWS service would simplify the migration of a database to AWS?

) AWS Database Migration Service (AWS DMS)

Which AWS offering enables users to find, buy, and immediately start using software solutions in their AWS environment?

AWS Marketplace

Which AWS networking service enables a company to create a virtual network within AWS?

Amazon VPC

Which of the following is an AWS responsibility under the AWS shared responsibility model?

Maintaining physical hardware

Which component of the AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery?

Edge locations

How would a system administrator add an additional layer of login security to a user's AWS Management Console?

Enable multi-factor authentication

Which service can identify the user that made the API call when an Amazon EC2 instance is terminated?

AWS CloudTrail

Which service would be used to send alerts based on Amazon CloudWatch alarms?

Amazon Simple Notification Service (Amazon SNS)

Where can a user find information about prohibited actions on the AWS infrastructure?

AWS Acceptable Use Policy

AWS Elastic Beanstalk is a service that manages web infrastructure? True / False

True

Which AWS service helps you build text chatbots?

Amazon Lex

If an instance store reboots, does the data in the instance persist?

yes

Which sectence best describes AWS CloudWatch? a. CloudWatch monitors your account and recommends you cost optimization and performance improvement actions. b. CloudWatch is a service tha logs your AWS environment Actions. It is used to create events that describe how your application is being used. c. CloudWatch is a monitoring service that monitors your resources, and configures automatic alarms.

AWS Elastic Block Store Snapshot is

Incremental data backup

Containers are an essential concept in microservice architectures T/F

True

03. Customers using AWS services must patch operating systems on which of the following services? a) AWS Fargate b) Amazon DynamoDB c) Amazon EC2 d) AWS Lambda

EC2

Which of the following is one of the serverless compute services offered by AWS? Redshift Cloudfront Lamda Route 53

Lambda

Gmail falls under which cloud service model?

SaaS

The term S3 is used for which AWS service?

Simple Storage Service

Which tool can help clients run ad hoc SQL queries on S3 without managing servers?

Athena - it works with s3

Compute, Networking and Storage Services are included in which of the following AWS service levels?

Foundational Services

Cloudwatch cannot ustilise which of the following AWS products to trigger alarms? a. SNS b. Lambda c. CloudSearch D. Kineses

Cloudsearch

What is the smallest provisioned IOPS volume size?

4 GB

Which AWS service lets you automate the deployment of versioned resources in code template files, in a repeatable, testable and auditable manner?

CloudFormation

Which AWS Storage solution would allow you to attach many clients at the same time?

EFS

Which of the storage technologies below can be utilised to efficiently store messages across distributed systems?

SQS

Which of the following is not a form of ELB is AWS? Application load balancer Gateway Load Balancer Network Load Balancer Virtual Load Balancer

virtual Load balancer

What is the allowed size of the CIDR block range you are permitted in an AWS VPC?

/16 to /28

Which of the following access controls would you not include in S3?

Network ACL

What is the limit to how many security groups may be assigned to a single EC2 instance?

Where in AWS does your EC2 instances reside?

VPC

Which component of an EC2 instance do you change to allow the appropriate types of traffic?

Security groups?

Which of the following does not fall under fundamental cost in AWS? storage inbound data transfer compute outbound data transfer

Inbound data tranfer

Which of the following is used for visualisation in the AWS budgets tool? QuickSight SageMaker Cost Explorer Athena

Cost Explorer

Which of the following does not fall under fundamental cost in AWS? storage inbound data transfer compute outbound data transfer

Inbound data tranfer