Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Cloud Practitioner > Cloud Practitioner - PRACTICE 1 > Flashcards

Cloud Practitioner - PRACTICE 1 Flashcards

1
Q

What advantages does a database administrator obtain by using the Amazon Relational Database Service (RDS)?

  1. RDS provides 99.99999999999% reliability and durability.
  2. RDS databases automatically scale based on load.
  3. RDS enables users to dynamically adjust CPU and RAM resources.
  4. RDS simplifies administration tasks relational database
A

RDS simplifies relational database administration tasks

Amazon RDS is a managed relational database service on which you can run several types of database software. The service is managed so this reduces the database administration tasks an administrator would normally undertake. The managed service includes hardware provisioning, database setup, patching and backups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A Cloud Practitioner requires point-in-time recovery (PITR) for an Amazon DynamoDB table. Who is responsible for configuring and performing backups?

  1. AWS is responsible for both tasks.
  2. The customer is responsible for configuring and AWS is responsible for performing backups.
  3. The customer is responsible for both tasks.
  4. AWS is responsible for configuring and the user is responsible for performing backups.
A

The customer is responsible for configuring and AWS is responsible for performing backups

Point-in-time recovery (PIT) provides continuous backups of your DynamoDB table data. When enabled, DynamoDB maintains incremental backups of your table for the last 35 days until you explicitly turn it off. It is a customer responsibility to enable PITR on and AWS is responsible for actually performing the backups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A large company is interested in avoiding long-term contracts and moving from fixed costs to variable costs. What is the value proposition of AWS for this company?

  1. Economies of scale
  2. Pay-as-you-go pricing
  3. Volume pricing discounts
  4. Automated cost optimization
A

Pay-as-you-go pricing

Pay-as-you-go pricing helps companies move away from fixed costs to variable costs in a model in which they only pay for what they actually use. There are no fixed term contracts with AWS so that requirement is also met.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A customer needs to determine Total Cost of Ownership (TCO) for a workload that requires physical isolation. Which hosting model should be accounted for?

  1. Dedicated Hosts
  2. Reserved Instances
  3. On-Demand Instances
  4. Spot Instances
A

Dedicated Hosts

An Amazon EC2 Dedicated Host is a physical server with EC2 instance capacity fully dedicated to your use. Dedicated Hosts allow you to use your existing per-socket, per-core, or per-VM software licenses, including Windows Server, Microsoft SQL Server, SUSE, and Linux Enterprise Server. Note that dedicated hosts can be considered “hosting model” as it determines that actual underlying infrastructure that is used for running your workload.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which tasks can a user complete using the AWS Cost Management tools? Select TWO

  1. Automatically terminate AWS resources if budget thresholds are exceeded.
  2. Break down AWS costs by day, service, and linked AWS account.
  3. Create budgets and receive notifications if current or forecasted usage exceeds the budgets.
  4. Launch either EC2 Spot instances or On-Demand instances based on the current pricing.
  5. Move data stored in Amazon S3 Standard to an archiving storage class to reduce cost.
A

Break down AWS costs by day, service, and linked AWS account & Create budgets and receive notifications if current or forecasted usage exceeds the budgets

The AWS Cost Management tools include services, tools, and resources to organize and track cost and usage data, and enhance control through. consolidated billing and access permissions, enable better planning through budgeting and forecasts, and further lower costs with resources and pricing optimizations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following AWS services are compute services? (Select TWO.)

  1. AWS Batch
  2. AWS CloudTrail
  3. AWS Elastic Beanstalk
  4. Amazon EFS
  5. Amazon Inspector
A

AWS Batch & AWS Elastic Beanstalk

AWS Batch enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS. AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which design principles are enabled by the AWS Cloud to improve the operation of workloads? (Select TWO.)

  1. Minimize platform design
  2. Loose coupling
  3. Customized hardware
  4. Remove single points of failure
  5. Minimum viable product
A

Loose coupling & Remove single points of failure

Loose coupling is when you break systems down into smaller components that are loosely coupled together. This reduces interdependencies between systems components. This is achieved in the cloud using messages buses, notification and messaging services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A user is planning to launch three EC2 instances behind a single Elastic Load Balancer. The deployment should be highly available.

  1. Launch the instances across multiple Availability Zones in a single AWS Region.
  2. Launch the instances as EC2 Spot Instances in the same AWS Region and the same Availability Zone.
  3. Launch the instances in multiple AWS Regions, and use Elastic IP addresses.
  4. Launch the instances as EC2 Reserved Instances in the same AWS Region, but in different Availability Zones.
A

Launch the instances across multiple Availability Zones in a single AWS Region

To make the deployment highly available the user should launch the instances across multiple Availability Zones in a single AWS Region. Elastic Load Balancers can only serve targets in a single Region so it is not possible to deploy across Regions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which resource should a new user on AWS use to get help with deploying popular technologies based on AWS best practices, including architecture and deployment instructions?

  1. AWS CloudFormation
  2. AWS Artifact
  3. AWS Config
  4. AWS Quick Starts
A

AWS Quick Starts

Quick Starts are built by Amazon Web Services (AWS) solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability. These accelerators reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately. Each Quick Start includes AWS CloudFormation templates that automate the deployment and a guide that discusses the architecture and provides step-by-step deployment instructions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A company needs to publish messages to a thousands of subscribers simultaneously using a push mechanism. Which AWS service should the company use?

  1. AWS Step Functions
  2. Amazon Simple Workflow Service (SWF)
  3. Amazon Simple Notification Service (Amazon SNS)
  4. Amazon Simple Queue Service (Amazon SQS)
A

Amazon Simple Notification Service (Amazon SNS)

Amazon SNS is a publisher/subscriber notification service that uses a push mechanism to publish messages to multiple subscribers. Amazon SNS enables you to send messages or notifications directly to users with SMS text messages to over 200 countries, mobile push on Apple, Android, and other platforms or email (SMTP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A company uses Amazon EC2 instances to run applications that are dedicated to different departments. The company needs to break out the costs of these applications and allocate them to the relevant department. The EC2 instances run in a single VPC. How can the company achieve these requirements?

  1. Enable billing access for IAM users and view the costs in Cost Explorer.
  2. Enable billing alerts through Amazon Cloud Watch and Amazon SNS.
  3. Create tags by department on the instances and then run a cost allocation report.
  4. Add additional Amazon VPCs and launch each application in a separate VPC.
A

Create tags by department on the instances and then run a cost allocation report

The company should create cost allocation tags that specify the department and assign them to resources. These tags must be activated so they are visible in the cost allocation report. Once this is done and a monthly cost allocation report has been configured it will be easy to monitor the costs for each department.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An application uses a PostgreSQL database running on a single Amazon EC2 instance. A Cloud Practitioner has been asked to increase the availability of the database so there is automatic recovery in the case of a failure. Which tasks can the Cloud Practitioner take to meet this requirement?

  1. Migrate the database to Amazon RDS and enable the Multi-AZ feature.
  2. Configure an Elastic Load Balancer in front of the EC2 instance.
  3. Configure EC2 Auto Recovery to move the instance to another Region.
  4. Set the DeleteOnTermination value to false for the EBS root volume.
A

Migrate the database to Amazon RDS and enable the Multi-AZ feature

Moving the database to Amazon RDS means that the database can take advantage of the built-in Multi-AZ feature. This feature creates a standby instance in another Availability Zone and synchronously replicates to it. In the event of a failure that affects the primary database an automatic failover can occur and the database will become functional on the standby instance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A company is launching a new website which is expected to have highly variable levels of traffic. The website will run on Amazon EC2 and must be highly available. What is the MOST cost-effective approach?

  1. Use the AWS CLI to launch and terminate Amazon EC2 instances to match demand.
  2. Create an Amazon EC2 Auto Scaling group and configure an Elastic Load Balancer.
  3. Determine the highest expected traffic and use an appropriate instance type.
  4. Launch the website using an Amazon EC2 instance running on a dedicated host.
A

Create an Amazon EC2 Auto Scaling group and configure an Elastic Load Balancer

The most cost-effective approach for ensuring the website is highly available on Amazon EC2 instances is to use an Auto Scaling group. This will ensure that the appropriate number of instances is always available to service the demand. An Elastic Load Balancer can be placed in front of the instances to distribute incoming connections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following statements best describes the concept of agility in relation to cloud computing on AWS? (Select TWO.)

  1. The speed at which AWS rolls out new features.
  2. The ability to experiment quickly.
  3. The elimination of wasted capacity.
  4. The ability to automatically scale capacity.
  5. The speed at which AWS resources can be created.
A

The ability to experiment quickly & The speed at which AWS resources can be created

In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A company runs a batch job on an Amazon EC2 instance and it takes 6 hours to complete. The workload is expected to double in volume each month with a proportional increase in processing time. What is the most efficient cloud architecture to address the growing workload?

  1. Run the batch job on a larger Amazon EC2 instance type with more CPU.
  2. Change the Amazon EC2 volume type to a Provisioned IOPS SSD volume.
  3. Run the application on a bare metal Amazon EC2 instance.
  4. Run the batch workload in parallel across multiple Amazon EC2 instances.
A

Run the batch workload in parallel across multiple Amazon EC2 instances

The most efficient option is to use multiple EC2 instances and distribute the workload across them. This is an example of horizontal scaling and will allow the workload to keep growing in size without any issue and without increasing the overall processing timeframe.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

An individual IAM user must be granted access to an Amazon S3 bucket using a bucket policy. Which element in the S3 bucket policy should be updated to define the user account for which access will be granted?

  1. Action
  2. Principal
  3. Resource
  4. Condition
A

Principal

The Principal element specifies the user, account, service, or other entity that is allowed or denied access to a resource. The bucket policy below has a Principal element set to * which is a wildcard meaning any user. To grant access to a specific IAM user the following format can be used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A Cloud Practitioner needs a tool that can assist with viewing and managing AWS costs and usage over time. Which tool should the Cloud Practitioner use?

  1. AWS Budgets
  2. Amazon Inspector
  3. AWS Organizations
  4. AWS Cost Explorer
A

AWS Cost Explorer

AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. AWS Cost Explorer provides you with a set of default reports that you can use as the starting place for your analysis. From there, use the filtering and grouping capabilities to dive deeper into your cost and usage data and generate custom insights.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A company plans to deploy a relational database on AWS. The IT department will perform database administration. Which service should the company use?

  1. Amazon EC2
  2. Amazon RedShift
  3. Amazon ElastiCache
  4. Amazon DynamoDB
A

Amazon EC2

A self-managed relational database can be installed on Amazon EC2. When using this deployment you can choose the operating system and instance type that suits your needs and then install and manage any database software you require.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A company is planning to move a number of legacy applications to the AWS Cloud. The solution must be cost-effective. Which approach should the company take?

  1. Migrate the applications to dedicated hosts on Amazon EC2.
  2. Rehost the applications on Amazon EC2 instances that are right-sized.
  3. Use AWS Lambda to host the legacy applications in the cloud.
  4. Use an Amazon S3 static website to host the legacy application code.
A

Rehost the applications on Amazon EC2 instances that are right-sized

The most cost-effective solution that works is to use Amazon EC2 instances that are right-sized with the most optimum instance types. Right-sizing is the process of ensuring that the instance type selected for each application provides the right amount of resources for the application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A company must provide access to AWS resources for their employees. Which security practices should they follow? (Select TWO.)

  1. Enable multi-factor authentication for users.
  2. Create IAM policies based on least privilege principles.
  3. Disable password policies and management console access.
  4. Create IAM users in different AWS Regions.
  5. Create IAM Roles and apply them to IAM groups.
A

Enable multi-factor authentication for users & Create IAM policies based on least privilege principles

There are several security best practices for AWS IAM that are listed in the document shared below. Enabling multi-factor authentication is a best practice to require a second factor of authentication when logging in. Another best practice is to grant least privilege access when configuring users and password policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

An Amazon Virtual Private Cloud (VPC) can include multiple…

  1. AWS Regions.
  2. Edge locations.
  3. Internet gateways.
  4. Availability Zones.
A

Availability Zones

An Amazon VPC includes multiple Availability Zones. Within a VPC you can create subnets in each AZ that is available in the Region and distribute your resources across these subnets for high availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A Cloud Practitioner anticipates an increase in application traffic at a future date and time when a sales event will take place. How can the Cloud Practitioner configure Amazon EC2 Auto Scaling to ensure the right number of Amazon EC2 instances are available ahead of the event?

  1. Configure predictive scaling.
  2. Configure a target tracking scaling policy.
  3. Configure a scheduled scaling policy.
  4. Configure a step scaling policy.
A

Configure a scheduled scaling policy

Scheduled scaling helps you to set up your own scaling schedule according to predictable load changes. For example, let’s say that every week the traffic to your web application starts to increase on Wednesday, remains high on Thursday, and starts to decrease on Friday. You can configure a schedule for Amazon EC2 Auto Scaling to increase capacity on Wednesday and decrease capacity on Friday.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A company is deploying an application on Amazon EC2 that requires low-latency access to application components in an on-premises data center. Which AWS service or resource can the company use to extend their existing VPC to the on-premises data center?

  1. Amazon Connect
  2. AWS Outposts
  3. AWS Direct Connect
  4. Amazon Workspaces
A

AWS Outposts

AWS Outposts is a fully managed service that offers the same AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience. With AWS Outposts you can extend your VPC into the on-premise data center.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which type of credential should a Cloud Practitioner use for programmatic access to AWS resources from the AWS CLI/API?

  1. SSL/TLS certificate
  2. SSH public keys
  3. Access keys
  4. User name and password
A

Access keys

Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A company is designing a new a service that must align with the operational excellence pillar of the AWS Well-Architected Framework. Which design principles should the company follow? (Select TWO.)

  1. Anticipate failure.
  2. Make large-scale changes.
  3. Perform operations as code.
  4. Perform manual operations.
  5. Create static operational procedures.
A

Anticipate failure & Perform operations as code

AWS Well-Architected helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads.
There are 5 pillars and under the operational excellence pillar the following best practices are recommended:
* Perform operations as code
* Make frequent, small, reversible changes
* Refine operations procedures frequently
* Anticipate failure
* Learn from all operational failures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

A website has a global customer base and users have reported poor performance when connecting to the site. Which AWS service will improve the customer experience by reducing latency?

  1. AWS Direct Connect
  2. Amazon EC2 Auto Scaling
  3. Amazon CloudFront
  4. Amazon ElastiCache
A

Amazon CloudFront

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is one method of protecting against distributed denial of service (DDoS) attacks in the AWS Cloud?

  1. Use Amazon CloudWatch monitoring.
  2. Configure a firewall in front of resources.
  3. Monitor the Service Health Dashboard.
  4. Enable AWS CloudTrail logging.
A

Configure a firewall in front of resources

Some forms of DDoS mitigation are included automatically with AWS services. You can further improve your DDoS resilience by using an AWS architecture with specific services and by implementing additional best practices. Using a firewall with AWS resources is recommended to reduce the attack surface of your services which can mitigate some DDoS attacks.

28
Q

How much data can a company store in the Amazon S3 service?

  1. 1 PB
  2. 100 TB
  3. 100 PB
  4. Virtually unlimited
A

Virtually unlimited

The Amazon Simple Storage Service (S3) offers virtually unlimited storage. The total volume of data and number of objects you can store are unlimited. Individual Amazon S3 objects can range in size from a minimum of 0 bytes to a maximum of 5 terabytes. The largest object that can be uploaded in a single PUT is 5 gigabytes.

29
Q

A company is deploying a new workload and software licensing requirements dictate that the workload must be run on a specific, physical server. Which Amazon EC2 instance deployment option should be used?

  1. Dedicated Instances
  2. Spot Instances
  3. Reserved Instances
  4. Dedicated Hosts
A

Dedicated Hosts

An Amazon EC2 Dedicated Host is a physical server fully dedicated for your use, so you can help address corporate compliance requirements. Amazon EC2 Dedicated Hosts allow you to use your eligible software licenses from vendors such as Microsoft and Oracle on Amazon EC2, so that you get the flexibility and cost-effectiveness of using your own licenses, but with the resiliency, simplicity and elasticity of AWS

30
Q

Which of the following are valid benefits of using the AWS Cloud? (Select TWO.)

  1. Outsource all operational risk.
  2. Total control over data center infrastructure.
  3. Fast provisioning of IT resources.
  4. Ability to go global quickly.
  5. Outsource all application development to AWS.
A

Fast provisioning of IT resources & Go global in minutes

The ability to provision IT resources quickly and easily and also globally are valid benefits of using the AWS cloud.

31
Q

Which tasks require the use of the AWS account root user? (Select TWO.)

  1. Enabling encryption for S3.
  2. Viewing AWS CloudTrail logs.
  3. Changing the account name.
  4. Changing AWS Support plans.
  5. Changing payment currency.
A

Changing the account name & Changing AWS Support plans

Some tasks can only be performed by the root user of an AWS account. This includes changing the account name and changing AWS support plans. For more information view the AWS article referenced below.

32
Q

Which AWS service can a company use to discover and protect sensitive data that is stored in Amazon S3 buckets.

  1. Amazon GuardDuty
  2. AWS Policy Generator
  3. Amazon Detective
  4. Amazon Macie
A

Amazon Macie

Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Amazon Macie automates the discovery of sensitive data at scale and lowers the cost of protecting your data.

33
Q

Which benefits can a company gain by deploying a relational database on Amazon RDS instead of Amazon EC2? (Select TWO.)

  1. Automated Backups
  2. Schema management
  3. Indexing of tables
  4. Software patching
  5. Root access to OS
A

Automated backups & Software patching

Two of the benefits of using a managed Amazon RDS service instead of a self-managed database on EC2 are that you get automated backups and automatic
software patching.

34
Q

A company is planning to deploy an application with a relational database on AWS. The application layer requires access to the database instance’s operating system in order to run scripts. The company prefer to keep management overhead to a minimum. Which deployment should be used for the database?

  1. Amazon RDS
  2. Amazon DynamoDB
  3. Amazon EC2
  4. Amazon S3
A

Amazon EC2

The company would like to keep management overhead to a minimum so RDS would be good to meet that requirement. However, with RDS you cannot access the operating system so the requirement for running scripts on the OS rules RDS out. Therefore, the next best solution is to deploy on an Amazon EC2 instances as the other options presented are unsuitable for a relational database.

35
Q

Customers using AWS services must patch operating systems on which of the following services?

  1. AWS Lambda
  2. Amazon EC2
  3. AWS Fargate
  4. Amazon DynamoDB
A

Amazon EC2

Amazon EC2 is an infrastructure as a service (IaaS) solution. This means the underlying hardware and software layer for running a virtual server are managed for you. As a customer you must then manage the operating system and any software you install. This includes installing patches on the operating system as part of regular maintenance activities.

36
Q

Which AWS feature can be used to launch a pre-configured Amazon Elastic Compute Cloud (EC2) instance?

  1. Amazon Elastic Block Store (EBS)
  2. Amazon EC2 Systems Manager
  3. Amazon Machine Image (AMI)
  4. Amazon AppStream 2.0
A

Amazon Machine Image (AMI)

An Amazon Machine Image (AMI) provides the information required to launch an instance. You must specify an AMI when you launch an instance. You can launch multiple instances from a single AMI when you need multiple instances with the same configuration. You can use different AMIs to launch instances when you need instances with different configurations.

37
Q

Which of the following AWS features or services can be used to provide root storage volumes for Amazon EC2 instances?

  1. Amazon Elastic Block Store (EBS)
  2. Amazon Machine Image
  3. Amazon Elastic File System (EFS)
  4. Amazon Simple Storage Service (S3)
A

Amazon Elastic Block Store (EBS)

The Amazon Elastic Block Store (EBS) provides block-based storage volumes for Amazon EC2 instances. Root volumes are where the operating system is installed and can be either EBS volumes or instance store volumes.

38
Q

Which AWS service or feature can assist with protecting a website that is hosted outside of AWS?

  1. Amazon VPC route tables
  2. Amazon EC2 security groups
  3. Amazon VPC network ACLs
  4. AWS Web Application Firewall (WAF)
A

AWS Web Application Firewall (WAF)

AWS WAF can be used to protect on-premises resources if they are deployed behind an Application Load Balancer (ALB). In this scenario the on-premises website servers are added to a target group by IP address. The ALB has a WAF WebACL attached to it and distributes connections to the on-premises website.

39
Q

Which AWS service can a team use to deploy infrastructure on AWS using familiar programming languages?

  1. AWS Cloud Development Kit (AWS CDK)
  2. Amazon CodeGuru
  3. AWS Config
  4. AWS CodeCommit
A

AWS Cloud Development Kit (AWS CDK)

The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud application resources using familiar programming languages. With AWS CDK you can stick to using programming languages that are familiar to you and have infrastructure deployed using AWS CloudFormation.

40
Q

When running applications in the AWS Cloud, which common tasks can AWS manage on behalf of their customers? (Select TWO.)

  1. Patching database software
  2. Application source code auditing
  3. Creating a database schema
  4. Taking a backup of a database
  5. Application security testing
A

Patching database software & Taking a backup of a database

With AWS managed services you can reduce your time spent performing common IT tasks. With services such as Amazon RDS, AWS will patch the database host operating system and database software and perform patch management activities.

41
Q

Which of the following will help a user determine if they need to request an Amazon EC2 service limit increase?

  1. AWS Personal Health Dashboard
  2. AWS Cost Explorer
  3. AWS Trusted Advisor
  4. AWS Service Health Dashboard
A

AWS Trusted Advisor

AWS Trusted Advisor is an online tool that provides you real-time guidance to help you provision your resources following AWS best practices. Trusted Advisor checks help optimize your AWS infrastructure, improve security and performance, reduce your overall costs, and monitor service limits.

42
Q

How does the AWS cloud increase the speed and agility of execution for customers? (Select TWO.)

  1. Fast provisioning of resources
  2. Private connections to data centers
  3. Secured data centers
  4. Lower cost of deployment
  5. Scalable compute capacity
A

Fast provisioning of resources & Scalable compute capacity

The ability to quickly provision resources on AWS is a good example of speed and agility. On AWS the resources are readily available and can be deployed extremely quickly. Scalable compute capacity is another example as it gives you the agility to easily reconfigure your resources with more or less capacity as is required.

43
Q

A company has multiple AWS accounts and is using AWS Organizations with consolidated billing. Which advantages will they benefit from? (Select TWO.)

  1. They will receive one bill for the accounts in the organization.
  2. The default service limits in all accounts will be increased.
  3. They will receive a fixed discount for all usage across accounts.
  4. They may benefit from lower unit pricing for aggregated usage.
  5. They will be automatically enrolled in a business support plan.
A

They will receive one bill for the accounts in the Organization & They may benefit from lower unit pricing for aggregated use

You can use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts. With consolidated billing you get:
-One bill for multiple accounts.
- Easy tracking or charges across accounts.
- Combined usage across accounts and sharing of volume pricing discounts, reserved instance discounts and savings plans.
- No extra fee.

44
Q

Which of the following represents a value proposition for using the AWS Cloud?

  1. AWS is responsible for securing your applications.
  2. It is not necessary to enter into long term contracts.
  3. Customers can request specialized hardware.
  4. AWS provides full access to their data centers.
A

It is not necessary to enter into long term contracts

With AWS you can pay for what you use and there is no requirement to enter into long term contracts. However, there are opportunities to gain large discounts by committing to 1 or 3 years contracts for reserved instances and savings plans.

45
Q

A company has many underutilized compute resources on-premises. Which AWS Cloud feature will help resolve this issue?

  1. High availability
  2. Elasticity
  3. Global deployment
  4. Fault tolerance
A

Elasticity

Elasticity can resolve the issue of underutilization as you can easily and automatically adjust the resource allocations for your compute resources based on actual utilization. This ensures that you have the right amount of resources and do not pay for more than you need.

46
Q

What can a Cloud Practitioner use to categorize and track AWS costs by project?

  1. Cost Allocation Tags
  2. AWS Trusted Advisor
  3. Consolidated billing
  4. Multiple accounts
A

Cost Allocation Tags

Cost allocation tags can be used to tag and categorize your resources and then run view the billing in Cost Explorer and the cost allocation report. For example you can tag your resources by department or project and then view costs attributed to the resources used by those groups.

47
Q

A company is deploying a MySQL database on AWS. The database must easily scale and have automatic backup enabled. Which AWS service should the company use?

  1. Amazon Athena
  2. Amazon DynamoDB
  3. Amazon Aurora
  4. Amazon DocumentDB
A

Amazon Aurora

Amazon Aurora is a relational database that is compatible with MySQL and PostgreSQL database engines. Aurora is extremely fast and scales up to 128 TB. You can also deploy replicas for read scaling within and across Regions. Aurora also offers automated backups.

48
Q

A company plans to use reserved instances to get discounted pricing for Amazon EC2 instances. The company may need to change the EC2 instance type during the one year period.

Which instance purchasing option is the MOST cost-effective for this use case?

  1. Standard Reserved Instances
  2. Convertible Reserved Instances
  3. Zonal Reserved Instances
  4. Regional Reserved Instances
A

Convertible Reserved Instances

A convertible reserved instance enables you to exchange one or more Convertible Reserved Instances for another Convertible Reserved Instance with a different configuration, including instance family, operating system, and tenancy.

49
Q

Which of the following is a sole responsibility of AWS?

  1. Application deployment
  2. Patch management
  3. Availability Zone management
  4. Customer data access controls
A

Availability Zone Management

According to the shared responsibility model, AWS is responsible to the management of all AWS global infrastructure components including Regions, Availability Zones, Edge locations, Regional Edge Caches, and Local Zones.

50
Q

Which AWS service provides a managed software version control system?

  1. Amazon CodeDeploy
  2. AWS CodePipeline
  3. AWS DataSync
  4. AWS CodeCommit
A

AWS CodeCommit

AWS CodeCommit is a fully-managed source control service that hosts secure Git-based repositories. It makes it easy for teams to collaborate on code in a secure and highly scalable ecosystem. CodeCommit eliminates the need to operate your own source control system or worry about scaling its infrastructure. You can use CodeCommit to securely store anything from source code to binaries, and it works seamlessly with your existing Git tools.

51
Q

Which of the following deployments involves the reliability pillar of the AWS Well-Architected Framework?

  1. Amazon RDS Multi-AZ deployment
  2. Amazon EBS provisioned IOPS volume
  3. Attach a WebACL to a CloudFront distribution
  4. Use CloudFormation to deploy infrastructure
A

Amazon RDS Multi-AZ deployment

An Amazon Relational Database Service (RDS) deployment across multiple availability zones is a good example of using the reliability pillar of the AWS Well-Architected Framework. The specific design principle being followed here is “Automatically recover from failure”.

52
Q

A Cloud Practitioner needs to monitor a new Amazon EC2 instances CPU and network utilization. Which AWS service should be used?

  1. Amazon Inspector
  2. AWS CloudTrail
  3. AWS Systems Manager
  4. Amazon CloudWatch
A

Amazon CloudWatch

Amazon CloudWatch is a performance monitoring service. AWS services send metrics about their utilization to CloudWatch which collects the metrics. You can then view the results in Cloud Watch and configure alarms.

53
Q

AWS are able to continually reduce their pricing due to:

  1. Economies of scale
  2. Pay-as-you go pricing.
  3. Elastic compute services.
  4. Compute savings plans.
A

Economies of scale

By using cloud computing, you can achieve a lower variable cost than you can get on your own. Because usage from hundreds of thousands of customers is aggregated in the cloud, providers such as AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices.

54
Q

Which AWS services can a company use to gather information about activity in their AWS account? (Select TWO.)

  1. Amazon CloudFront
  2. AWS CloudTrail
  3. AWS Trusted Advisor
  4. Amazon Connect
  5. Amazon Cloud Watch
A

AWS CloudTrail & Amazon CloudWatch

Amazon CloudWatch is a performance monitoring service. AWS services send metrics about their utilization to CloudWatch which collects the metrics. Additionally, CloudWatch collects metrics about account activity such as billing information which can also be viewed. AWS CloudTrail is an auditing service that monitors API activity in your account. Whenever you perform any operation in the account this results in an API action and this information is recorded to create an audit trail.

55
Q

A company is deploying an application in the AWS Cloud. How can they secure the application? (Select TWO.)

  1. Enable encryption for the application data at rest.
  2. Configure public access for the AWS services used by the application.
  3. Enable monitoring by turning off encryption for data in transit.
  4. Limit access privileges according to the principal of least privilege.
  5. Provide full admin access to developer and operations staff.
A

Enable encryption for the application data at rest & Limit access privileges according to the principal of least privilege

In this scenario the company must apply best practice principals for securing their application. Enabling encryption for data at rest is definitely a good practice and data in transit should also be encrypted where possible as well. It is also a good practice to limit access privileges according to the principal of least privilege. This means limiting privileges to those required to perform a specific role.

56
Q

A Cloud Practitioner is developing a new application and wishes to integrate features of AWS services directly into the application. Which of the following is the BEST tool for this purpose?

  1. AWS Software Development Kit
  2. AWS CodeDeploy
  3. AWS Command Line Interface (CLI)
  4. AWS CodePipeline
A

AWS Software Development Kit

A software development kit (SDK) is a collection of software development tools in one installable package. AWS provide SDKs for various programming languages and these can be used for integrating the features of AWS services directly into an application.

57
Q

A user needs to identify underutilized Amazon EC2 instances to reduce costs. Which AWS service or feature will meet this requirement?

  1. AWS CodeBuild
  2. AWS Trusted Advisor
  3. AWS Cost Explorer
  4. AWS Personal Health Dashboard
A

AWS Trusted Advisor

AWS Trusted Advisor offers a rich set of best practice checks and recommendations across five categories: cost optimization, security, fault tolerance, performance, and service limits. The Trusted Advisor “low utilization Amazon EC2 instances” check, checks the Amazon Elastic Compute Cloud (Amazon EC2) instances that were running at any time during the last 14 days and alerts you if the daily CPU utilization was 10% or less and network I/O was 5 MB or less on 4 or more days.

58
Q

Which of the following can an AWS customer use to launch a new ElastiCache cluster? (Select TWO.)

  1. AWS CloudFormation
  2. AWS Concierge
  3. AWS Systems Manager
  4. AWS Management Console
  5. AWS Data Pipeline
A

AWS CloudFormation & AWS Management Console

There are several ways to launch resources in AWS. You can use the AWS Management Console or Command Line Interface (CLI) or you can automate the process by using tools such as AWS CloudFormation. With AWS CloudFormation you can deploy infrastructure such as Amazon ElastiCache clusters by defining your desired configuration state in code using a template file written in JSON or YAML. CloudFormation will then deploy the resources by creating a Stack according to the template file.

59
Q

A company is deploying a new web application in a single AWS Region that will be used by users globally. Which AWS services will assist with lowering latency and improving transfer speeds for the global users? (Select TWO.)

  1. AWS Direct Connect
  2. AWS Global Accelerator
  3. Amazon CloudFront
  4. AWS Transfer Gateway
  5. AWS Snowcone
A

AWS Global Accelerator & Amazon CloudFront

Amazon CloudFront is a content delivery network (CDN) that caches content around the world for lower latency access. AWS Global Accelerator enables access to your application by leveraging the same Edge Locations as CloudFront and routing connections across the AWS global network. Both of these services assist with lowering latency and improving transfer speeds for users who are distributed around the world.

60
Q

For what purpose would a Cloud Practitioner access AWS Artifact?

  1. Download configuration details for all AWS resources.
  2. Access training materials for AWS services.
  3. Create a security assessment report for AWS services.
  4. Gain access to AWS security and compliance documents.
A

Gain access to AWS security and compliance documents

AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS’ security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls.

61
Q

Which AWS Cloud service provides recommendations on how to optimize performance for AWS services?

  1. Amazon Inspector
  2. AWS Trusted Advisor
  3. Amazon CloudWatch
  4. AWS CloudTrail
A

AWS Trusted Advisor

AWS Trusted Advisor can improve the performance of your service by checking your service limits, ensuring you take advantage of provisioned throughput, and monitoring for overutilized instances.

62
Q

A company is migrating a monolithic application that does not scale well into the cloud and refactoring it into a microservices architecture. Which best practice of the AWS Well-Architected Framework does this plan relate to?

  1. Stop spending money on undifferentiated heavy lifting.
  2. Implement loosely coupled services.
  3. Manage change in automation.
  4. Use multiple solutions to improve performance.
A

Implement loosely coupled services

A microservices architecture will help ensure that each component of the application can scale independently and be updated independently. Loose coupling further assists as it places reduces the dependencies between systems and ensures that messages and data being passed between application components can be reliably and durably stored.

63
Q

What are AWS Identity and Access Management (IAM) access keys used for?

  1. Logging in to the AWS Management Console.
  2. Ensuring the integrity of log files.
  3. Making programmatic calls to AWS from AWS APIs.
  4. Enabling encryption in transit for web servers.
A

Making programmatic calls to AWS from AWS APIs

Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK).

64
Q

What is the best practice for managing AWS IAM access keys?

  1. There is no need to manage access keys.
  2. Customers should rotate access keys regularly.
  3. AWS rotate access keys on a schedule.
  4. Never use access keys, always use IAM roles.
A

Customers should rotate access keys regularly

It is a security best practice to rotate access keys regularly. This practice ensures that if access keys are compromised the security exposure is mitigated.

65
Q

According to the AWS shared responsibility model, which of the following is a responsibility of AWS?

  1. Configuring network ACLs to block malicious attacks.
  2. Patching software running on Amazon EC2 instances.
  3. Updating the firmware on the underlying EC2 hosts.
  4. Updating security group rules to enable connectivity.
A

Updating the firmware on the underlying EC2 hosts.

AWS are responsible for updating firmware on the physical Amazon EC2 host servers. Customers are then responsible for any patching of the EC2 operating system and any installed software.

AWS Cloud Practitioner (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions