Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Objects oriented > Cloud Solutions Architecture > Flashcards

Cloud Solutions Architecture Flashcards

1
Q

Which is the best definition of cloud architecture?

a) Applying cloud characteristics to technical and business requirements
a solution that uses cloud services and features to meet-
b) Designing applications in cloud-based, shared IT infrastructure by using virtual machines and
fault-tolerant data stores in the cloud
c) Relocating traditional on-premises data centers to internet-accessible data centers that a vendor
m a n a g e s
d) Combining frontend and backend software and components to create highlyavailable and
scalable web services that meet the needs of an organization

A

a) Applying cloud characteristics to technical a n d business requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The AWS Well-Architected Framework has six pillars. Three of the pillars are security,
operational excellence, and sustainability. What are two of the other pillars of the Well-
Architected Framework? (Select TWO.)

a) Cost optimization
b) Reliability
c) Risk management
d) Governance Privacy

A

a) Cost optimization
b) Reliability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which actions are consistent with the operational excellence pillar of the AWS Well- Architected Framework? (Select TWO.)

a) Evaluate organizational structures and roles to identify skill gaps.
b) Plan and manage the full lifecycle of hardware assets.
c) Apply software engineering principles a n d methodology t o infrastructure as code.
d) Review and improve processes and procedures o n a continuous cycle.
d) Ensure operations personnel document changes to the infrastructure.

A

c) Apply software engineering principles a n d methodology t o infrastructure as code.
d) Review and improve processes and procedures o n a continuous cycle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A specific application requires a frontend web tier of multiple servers that communicate with a backend application tier of multiple servers.

Which design most closely follows AWS best practices?
a) Design the web tier to communicate with the application tier through the Elastic Load Balancing (ELB) service
b) Create multiple instances that each combine a web frontend and application backend in the
same instance.
c) Assign a dedicated application server and a dedicated connection to each web server.
d) Create a full mesh network between the web and application tiers, so that each web server can
communicate directly with every application server.

A

a) Design the web tier to communicate with the application tier through the Elastic Load Balancing (ELB) service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A solutions architect is developing a process for handling server failures. Which process most closely follows AWS best practices?
a) Amazon CloudWatch detects a system failure. It notifies the systems administrator, who provisions a new server by using the AWS Management Console.
b) The operations Staff detects a system failure. They notify the systems administrator, who
provisions a new server by using the AWS Management Console.

c) Amazon CloudWatch detects a system failure. It initiates automation to provision a new server.
d) The operations staff detects a system failure. They initiate automation to provision a new server.

A

c) Amazon CloudWatch detects a system failure. It initiates automation to provision a new server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A company is considering moving their on-premises data center to the cloud. Their primary motivation is to increase their cost efficiency. Which approach most closely follows AWS best practices?

a) Provision some of the servers in the cloud and ensure the servers run 24/7.

b) Provision the servers that are needed and stop services when they are not being used.

c) Replicate their on-premises data center in the cloud.

d) Maintain the on-premises data center as long as possible.

A

b) Provision the servers that are needed and stop services when they are not being used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Here’s the corrected and formatted version:

A company stores read-only data in Amazon S3. Most users are in the same country as the company headquarters, while some users are located around the world. Which design decision most closely follows AWS best practices?

a) Use a bucket in the AWS Region that is closest to the company headquarters. All users access the data through Amazon CloudFront.

b) Use a bucket in the Region closest to the company headquarters.

c) Replicate objects across buckets in AWS Regions around the world. Users access the bucket in the Region that is closest to them.

d) Use a bucket in the Region that has the lowest average latency for all users.

A

a) Use a bucket in the AWS Region that is closest to the company headquarters. All users access the data through Amazon CloudFront.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Here’s the corrected and formatted version:

A consultant must access a large object in an S3 bucket. They need one day to access the file. Which method for granting access most closely follows AWS best practices?

a) Create a user account for the consultant. Grant the user account permissions to access the S3 bucket through the AWS Management Console.

b) Enable public access on the S3 bucket. Give the object URL to the consultant.

c) Create a presigned URL to the object that expires in 24 hours, and give it to the consultant.

d) Copy the object to a new S3 bucket. Enable public access on the new bucket. From the new bucket, get the object URL, and give it to the consultant.

A

c) Create a presigned URL to the object that expires in 24 hours, and give it to the consultant.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which are main considerations that influence which AWS Regions to use? (Select TWO.)

a) Application resiliency during system failures

b) Latency reduction for end users

c) Security and access control

d) Compliance with laws and regulations

e) Protection against localized natural disasters

A

b) Latency reduction for end users
d) Compliance with laws and regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which are main considerations that influence which Availability Zones to use? (Select TWO.)

a) Security and access control

b) Latency reduction for end users

c) Protection against localized natural disasters

d) Compliance with laws and regulations

e) Application resiliency during system failures

A

c) Protection against localized natural disasters
e) Application resiliency during system failures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which statement reflects a design principle of the security pillar of the Well-Architected Framework?

a) Apply security at all layers of an architecture.

b) Ensure that staff are actively monitoring potential risks manually.

c) Decentralize privilege management.

d) Do not deploy a solution to production until you’re certain that no security risks exist.

A

a) Apply security at all layers of an architecture.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which statements about responsibility are accurate based on the AWS shared responsibility model? (Select TWO.)

a) AWS is responsible for the configuration of security groups.

b) AWS is responsible for the physical security of data centers.

c) Customers are responsible for managing their user data.

d) AWS is responsible for host-based firewall configurations.

e) Customers are responsible for the installation, maintenance, and decommissioning of the hardware that they use in the AWS data center.

A

b) AWS is responsible for the physical security of data centers.

c) Customers are responsible for managing their user data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which options are characteristics of the principle of least privilege? (Select TWO.)

a) Always use groups.

b) Use encryption.

c) Monitor actions and changes.

d) Craft security policies that limit access to specific tasks.

e) Grant access only as needed.

A

d) Craft security policies that limit access to specific tasks.

e) Grant access only as needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which statement about AWS Identity and Access Management (IAM) is true?

a) With IAM, you can manage encryption for items that require encryption at rest.

b) IAM provides an extra layer of security by offering anomaly detection on resources.

c) With IAM, you can grant principals granular access to resources.

d) IAM provides an audit trail of who performed an action, what action they performed, and when they performed it.

A

c) With IAM, you can grant principals granular access to resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which statements describe AWS Identity and Access Management (IAM) roles? (Select TWO.)

a) They provide temporary security credentials.

b) They can only be used by accounts that are associated to the person who creates the role.

c) They provide permanent security credentials.

d) Individuals, applications, and services can assume roles.

e) They are uniquely associated to an individual.

A

a) They provide temporary security credentials.
d) Individuals, applications, and services can assume roles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which statement reflects a best practice for the root user on an AWS account?

a) Create two root users with separate credentials and distribute them to two different individuals.

b) To avoid getting locked out of the account, do not enable multi-factor authentication (MFA) on the root account.

c) Create an admin user and perform most admin tasks with this user instead of the root user.

d) Remove unneeded permissions from the root user account.

A

c) Create an admin user and perform most admin tasks with this user instead of the root user.

17
Q

How does AWS Identity and Access Management (IAM) evaluate a policy?

a) An explicit deny statement does not override an explicit allow statement.

b) If the policy doesn’t have any explicit deny statements or explicit allow statements, users have access by default.

c) It checks for explicit deny statements before it checks for explicit allow statements.

d) It checks for explicit allow statements before it checks for explicit deny statements.

A

c) It checks for explicit deny statements before it checks for explicit allow statements.

18
Q

Which statement about AWS Identity and Access Management (IAM) policies is accurate?

a) Identity-based policies are attached to a user, group, or role.

b) Resource-based policies allow access by default.

c) Identity-based policies can only be attached to a single entity.

d) Resource-based policies are attached to a user, group, or role.

A

a) Identity-based policies are attached to a user, group, or role.

19
Q

Which AWS Identity and Access Management (IAM) policy element includes information about whether to allow or deny a request?

a) Effect

b) Action

c) Principal

d) Condition

A

a) Effect

20
Q

Which option accurately describes the statement element in an AWS Identity and Access Management (IAM) policy?

a) The statement element is an optional part of an IAM policy.

b) The statement element does not apply to identity-based policies.

c) The statement element contains other elements that together define what is allowed or denied.

d) A policy can only have one statement element.

A

c) The statement element contains other elements that together define what is allowed or denied.

21
Q

Due to a company merger, a data engineer needs to increase their object storage capacity. They are not sure how much storage they will need. They want a highly scalable service that can store unstructured, semistructured, and structured data. Which service would be the most cost-effective to accomplish this task?

a) Amazon Elastic Block Store (Amazon EBS)

b) AWS Storage Gateway

c) Amazon S3

d) Amazon RDS

A

c) Amazon S3

22
Q

Amazon S3 provides a good solution for which use case?

a) An internet-accessible storage location for video files that an external website can access

b) Ledger data that is updated and accessed frequently

c) Hourly storage of frequently accessed temporary files

d) A data warehouse for business intelligence

A

a) An internet-accessible storage location for video files that an external website can access

23
Q

A company is interested in using Amazon S3 to host their website instead of a traditional web server. Which types of content does Amazon S3 support for static web hosting? (Select THREE.)

a) Video and sound files

b) Dynamic HTML files

c) Client-side scripts

d) Database engine

e) Server-side scripts

f) HTML files and image files

A

a) Video and sound files
c) Client-side scripts
f) HTML files and image files

24
Q

A company wants to use an S3 bucket to store sensitive data. Which actions can they take to protect their data? (Select TWO.)

a) Using Secure File Transfer Protocol (SFTP) to connect directly to Amazon S3.

b) Uploading unencrypted files to Amazon S3 because Amazon S3 encrypts the files by default.

c) Enabling server-side encryption on the S3 bucket after uploading sensitive data.

d) Enabling server-side encryption on the S3 bucket before uploading sensitive data.

e) Using client-side encryption to protect data in transit before it is sent to Amazon S3.

A

d) Enabling server-side encryption on the S3 bucket before uploading sensitive data.

e) Using client-side encryption to protect data in transit before it is sent to Amazon S3.

25
Q

A company must create a common place to store shared files. Which requirements does Amazon S3 support? (Select TWO.)

a) Maintain different versions of files.

b) Recover deleted files.

c) Attach comments to files.

d) Compare file contents between files.

e) Lock a file so that only one person at a time can edit it.

A

a) Maintain different versions of files.

b) Recover deleted files.

26
Q

A customer service team accesses case data daily for up to 30 days. Cases can be reopened and require immediate access for 1 year after they are closed. Reopened cases require 2 days to process. Which solution meets the requirements and is the most cost-efficient?

a) Store case data in S3 Standard. Use a lifecycle policy to move the data into S3 Standard-Infrequent Access (S3 Standard-IA) after 30 days.

b) Store all case data in S3 Standard so that it is available whenever it is needed.

c) Store case data in S3 Standard. Use a lifecycle policy to move the data into Amazon S3 Glacier Flexible Retrieval after 30 days.

d) Store case data in S3 Intelligent-Tiering to automatically move data between tiers based on access frequency.

A

a) Store case data in S3 Standard. Use a lifecycle policy to move the data into S3 Standard-Infrequent Access (S3 Standard-IA) after 30 days.

Objects oriented (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions