Domain 3: Technology

Question 1

You have a read-heavy application workload resulting in I/O-intensive Amazon RDS database queries. Which service is most suitable to improve performance?

Answer 1

ElastiCache

You can use ElastiCache to store the results of often-used queries, and this will allow quicker retrieval of this data. https://aws.amazon.com/elasticache/

Question 2

A software development team has begun using the AWS Developer Tools Suite. Which service will enable creating, managing, and working with software development projects on AWS?

Answer 2

AWS CodeStar

AWS CodeStar is a cloud-based service for creating, managing, and working with software development projects on AWS. You can quickly develop, build, and deploy applications on AWS with an AWS CodeStar project. https://docs.aws.amazon.com/codestar/latest/userguide/welcome.html

Question 3

Your design team has recommended the need to distribute incoming traffic across multiple EC2 instances and also across multiple availability zones. Which AWS service can accomplish this?

Answer 3

Elastic Load Balancer

Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones. Elastic Load Balancing offers three types of load balancers that all feature the high availability, automatic scaling, and robust security necessary to make your applications fault-tolerant. https://aws.amazon.com/elasticloadbalancing/

Question 4

A financial company needs to migrate large amounts of data, at a petabyte-scale, to AWS. Which AWS service can perform this type of migration?

Answer 4

AWS Snowball

Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud. Using Snowball addresses common challenges with large-scale data transfers including high network costs, long transfer times, and security concerns.

Question 5

You have a MySQL database that you want to migrate to the cloud, and you need it to be significantly faster there. You are looking for a speed increase up to 5 times the current performance. Which AWS offering could you use?

Answer 5

Amazon Aurora

Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases. Amazon Aurora is up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases. https://aws.amazon.com/rds/aurora/

Question 6

You have infrequently accessed data in S3 buckets that you want to transfer to Glacier. What can you use in AWS to do this?

Answer 6

S3 Lifecycle Policy

You can add rules in an S3 Lifecycle configuration to tell Amazon S3 to transition objects to another Amazon S3 storage class. For example:

When you know that objects are infrequently accessed, you might transition them to the S3 Standard-IA storage class.

You might want to archive objects that you don’t need to access in real time to the S3 Glacier storage class. https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html

Question 7

Several EC2 instances in what will be a public subnet need internet access. Which will you configure as one of the steps in granting internet access?

Answer 7

Internet Gateway

An internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet. An internet gateway serves two purposes: to provide a target in your VPC route tables for internet-routable traffic, and to perform network address translation (NAT) for instances that have been assigned public IPv4 addresses. https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html

Question 8

AWS Trusted Advisor provide checks in 5 different categories. Which item is not one of those checks?

Answer 8

Elasticity

Although this is a valued concept in AWS, it is not one of the 5 checks provided in Trusted Advisor. The five checks are Cost Optimization, Performance, Security, Fault Tolerance, and Service Limits. https://aws.amazon.com/premiumsupport/technology/trusted-advisor/

Question 9

After experiencing unusual behavior in your AWS account, you need to determine if there are any issues with AWS that may be affecting your account. What section of the AWS portal helps you to inspect account alerts and find remediation guidance for your account?

Answer 9

AWS Personal Health Dashboard

AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. While the Service Health Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources. https://aws.amazon.com/premiumsupport/technology/personal-health-dashboard/

Question 10

A developer is trying to programmatically retrieve information from an EC2 instance such as public keys, ip address, and instance id. From where can this information be retrieved?

Answer 10

Instance metadata

This type of data is stored in Instance metadata.

Question 11

A colleague tells you about a service that uses machine learning to discover and protect sensitive data stored in S3 Buckets. Which AWS service does this?

Answer 11

Macie

Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. https://aws.amazon.com/macie/

Question 12

Which storage service can provide very high durability storage for Objects?

Answer 12

Amazon S3

S3 provides high durability storage of objects. https://aws.amazon.com/s3/

Question 13

You are about to migrate a MySQL database to the AWS Cloud. Which AWS service can help with this?

Answer 13

AWS Database Migration Service

AWS Database Migration Service helps you migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. The AWS Database Migration Service can migrate your data both to and from most of the widely used commercial and open-source databases. https://aws.amazon.com/dms/

Question 14

You have two software systems that need to communicate, and you also need to ensure that messages are not lost between them. Which AWS service can help meet these requirements?

Answer 14

SQS

Amazon SQS is a message queue service used by distributed applications to exchange messages through a polling model, and can be used to decouple sending and receiving components. Amazon SQS also provides extremely high message durability, ensuring that messages are not lost if your software systems fail.

Question 15

A travel company has an application that serves customers worldwide. Which AWS service can speed up delivery of content to this widespread customer base?

Answer 15

CloudFront

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront is integrated with AWS – both physical locations that are directly connected to the AWS global infrastructure, as well as other AWS services. https://aws.amazon.com/cloudfront/

Question 16

A Healthcare agency needs to store certain patient information for up to 10 years. To save cost, they want to archive this data to cheaper storage. The data needs to be retrieved within 12 hours. Which is the cheapest option?

Answer 16

Glacier Deep Archive

Glacier Deep Archive meets the requirement and is the cheapest option. Amazon S3 Glacier and S3 Glacier Deep Archive are secure, durable, and extremely low-cost Amazon S3 cloud storage classes for data archiving and long-term backup. They are designed to deliver 99.999999999% durability and provide comprehensive security and compliance capabilities that can help meet even the most stringent regulatory requirements. https://aws.amazon.com/glacier/

Question 17

You have joined a small company and inherited an AWS application built within the EC2 Classic network. Which Load Balancer will work with this application?

Answer 17

Classic Load Balancer

Classic Load Balancer provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level. Classic Load Balancer is intended for applications that were built within the EC2-Classic network. https://aws.amazon.com/elasticloadbalancing/

Question 18

A recent audit has dictated that a company begin keeping a log of AWS Management Console actions and API calls. Which AWS service can help with this?

Answer 18

AWS CloudTrail

AWS CloudTrail increases visibility into your user and resource activity by recording AWS Management Console actions and API calls. You can identify which users and accounts called AWS, the source IP address from which the calls were made, and when the calls occurred. https://aws.amazon.com/cloudtrail/

Question 19

There have been some questionable activities in your AWS account. You need to review your event history, such as actions taken from the Management Console and the CLI. Which service records this type of information?

Answer 19

AWS CloudTrail

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides the event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting. In addition, you can use CloudTrail to detect unusual activity in your AWS accounts. These capabilities help simplify operational analysis and troubleshooting. https://aws.amazon.com/cloudtrail/

Question 20

Which AWS service allows the deployment of versioned resources in code templates, otherwise known as infrastructure as code?

Answer 20

CloudFormation

AWS CloudFormation provides a common language for you to model and provision AWS and third-party application resources in your cloud environment. AWS CloudFormation allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. https://aws.amazon.com/cloudformation/

Question 21

You have been tasked to create an S3 bucket for storing templates. A team member has forwarded you the templates, which are used for creating multiple different AWS resources such as S3 buckets, EC2 instances, and VPCs. Which service uses these templates to create AWS resources?

Answer 21

CloudFormation

AWS CloudFormation simplifies provisioning and management on AWS. You can create templates for the service or application architectures you want and have AWS CloudFormation use those templates for quick and reliable provisioning of the services or applications (called “stacks”). You can also easily update or replicate the stacks as needed. https://aws.amazon.com/cloudformation/resources/templates/

Question 22

A company is migrating to the AWS Cloud. They need to set up DNS in the cloud. Which service is a highly available and scalable cloud DNS service in AWS?

Answer 22

Route 53

Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating names like www.example.com into the numeric IP addresses like 192.0.2.1 that computers use to connect. Amazon Route 53 is fully compliant with IPv6 as well. https://aws.amazon.com/route53/

Question 23

A software company is looking for a tool to automate their deployments from end to end. Which AWS service can provide this continuous delivery functionality?

CodeDeploy

CodePipeline

CodeBuild

CodeCommit

Answer 23

CodePipeline

AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. CodePipeline automates the build, test, and deploy phases of your release process every time there is a code change, based on the release model you define. This enables you to rapidly and reliably deliver features and updates. https://aws.amazon.com/codepipeline/

Question 24

You are trying out AWS on a trial basis and need to deploy an application without having to configure servers. Which AWS service can you use?

Auto Scaling

ECS

Elastic Beanstalk

CloudFormation

Answer 24

Elastic Beanstalk

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS. https://aws.amazon.com/elasticbeanstalk/

Question 25

Your company hosts gaming applications online and would like to deliver these apps to a worldwide audience. Which AWS Service would enable delivery to users worldwide and greatly improve response times?

DynamoDB

CloudFront

CloudFormation

Elasticache

Answer 25

CloudFront

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

Question 26

You want to group together EC2 instances and manage them as a group. One thing you want to do is issue commands remotely to these instances. Which AWS service will you use?

Answer 26

Systems Manager

AWS Systems Manager Run Command lets you remotely and securely manage the configuration of your managed instances. A managed instance is any EC2 instance or on-premises machine in your hybrid environment that has been configured for Systems Manager. https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html

Question 27

Several S3 Buckets have been deleted, and a few EC2 instances have been terminated. Which AWS service can you use to determine who took these actions?

Answer 27

AWS CloudTrail

CloudTrail provides the event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services.

Question 28

A gaming company is using the AWS Developer Tool Suite to develop, build, and deploy their applications. Which AWS service can be used to trace user requests from end-to-end through the application?

Answer 28

AWS X-Ray

AWS X-Ray provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components. You can use X-Ray to analyze from simple three-tier applications to complex microservices applications consisting of thousands of services. https://aws.amazon.com/xray/

Question 29

Your company is migrating its services to the AWS cloud. The DevOps team has heard about infrastructure as code, and wants to investigate this concept. Which AWS service would they investigate?

Answer 29

AWS CloudFormation

AWS CloudFormation is a service that helps you model and set up your Amazon Web Services resources so that you can spend less time managing those resources and more time focusing on your applications that run in AWS. https://aws.amazon.com/cloudformation/

Question 30

Several S3 Buckets have been deleted, and a few EC2 instances have been terminated. Which AWS service can you use to determine who took these actions?

Answer 30

AWS CloudTrail

CloudTrail provides the event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services.

Question 31

In order to improve fault tolerance, you would like to begin using services that provide fault tolerance. Which AWS services provide automatic replication across Availability Zones? (choose 2)

Answer 31

DynamoDb

• DynamoDB provides this replication.

S3

• S3 provides this replication.

Question 32

With which AWS service, coupled with EC2, can you implement elasticity by adding and removing instances as needed?

Answer 32

Auto Scaling

AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost. In this way, the necessary EC2 instances will expand and contract based on the current demands placed on the application.

Question 33

A company needs to use a Load Balancer which can serve traffic at the TCP, and UDP layers. Additionally, it needs to handle millions of requests per second at very low latencies. Which Load Balancer should they use?

Answer 33

Network Load Balancer

Network Load Balancer is best suited for load balancing of Transmission Control Protocol (TCP), User Datagram Protocol (UDP) and Transport Layer Security (TLS) traffic where extreme performance is required. Operating at the connection level (Layer 4), Network Load Balancer routes traffic to targets within Amazon Virtual Private Cloud (Amazon VPC) and is capable of handling millions of requests per second while maintaining ultra-low latencies. https://aws.amazon.com/elasticloadbalancing/