Exam Questions Flashcards

Question 1

Q

Why is AWS more economical than traditional data centers for applications with varying compute workloads?

A. Amazon Elastic Compute Cloud (Amazon EC2) costs are billed on a monthly basis.
B. Customers retain full administrative access to their Amazon EC2 instances.
C. Amazon EC2 instances can be launched on-demand when needed.
D. Customers can permanently run enough instances to handle peak workloads.

Question 2

Q

Which AWS service would simplify migration of a database to AWS?

A. AWS Storage Gateway
B. AWS Database Migration Service (AWS DMS)
C. Amazon Elastic Compute Cloud (Amazon EC2)
D. Amazon AppStream 2.0

Question 3

Q

Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment?

A. AWS Config
B. AWS OpsWorks
C. AWS SDK
D. AWS Marketplace

Question 4

Q

Which AWS networking service enables a company to create a virtual network within AWS?

A. AWS Config
B. Amazon Route 53
C. AWS Direct Connect
D. Amazon Virtual Private Cloud (Amazon VPC)

Question 5

Q

Which of the following is AWS’s responsibility under the AWS shared responsibility model?

A. Configuring third-party applications
B. Maintaining physical hardware
C. Securing application access and data
D. Managing custom Amazon Machine Images (AMIs)

Question 6

Q

Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery?

A. AWS Regions
B. AWS edge locations
C. AWS Availability Zones
D. Amazon Virtual Private Cloud (Amazon VPC)

Question 7

Q

How would a system administrator add an additional layer of login security to a user’s AWS Management Console?

A. Use AWS Cloud Directory
B. Audit AWS Identity and Access Management (IAM) roles
C. Enable Multi-Factor Authentication
D. Enable AWS CloudTrail

Question 8

Q

Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated?

A. Amazon CloudWatch
B. AWS CloudTrail
C. AWS X-Ray
D. AWS Identity and Access Management (AWS IAM)

Question 9

Q

Which service would you use to send alerts based on Amazon CloudWatch alarms?

A. Amazon Simple Notification Service (Amazon SNS)
B. AWS CloudTrail
C. AWS Trusted Advisor
D. Amazon Route 53

Question 10

Q

Where can a customer find information about prohibited actions on AWS infrastructure?

A. AWS Trusted Advisor
B. AWS Identity and Access Management (IAM)
C. AWS Billing Console
D. AWS Acceptable Use Policy

Question 11

Q

According to AWS, what is the benefit of Elasticity?

A. Minimize storage requirements by reducing logging and auditing activities
B. Create systems that scale to the required capacity based on changes in demand
C. Enable AWS to automatically select the most cost-effective services.
D. Accelerate the design process because recovery from failure is automated, reducing the need for testing

Question 12

Q

Which tool can you use to forecast your AWS spending?

A. AWS Organizations
B. Amazon Dev Pay
C. AWS Trusted Advisor
D. AWS Cost Explorer

Question 13

Q

What best describes the “Principle of Least Privilege”?
Choose the correct answer from the options given below.

A. All users should have the same baseline permissions granted to them to use basic AWS services.
B. Users should be granted permission to access only resources they need to do their assigned job.
C. Users should submit all access requests in written form so that there is a paper trail of who needs access to different AWS resources.
D. Users should always have a little more permission than they need.

Question 14

Q

A web administrator maintains several public and private web-based resources for an organisation. Which service can they use to keep track of the expiry dates of SSL/TLS certificates as well as updating and renewal?

A. AWS Data Lifecycle Manager
B. AWS License Manager
C. AWS Firewall Manager
D. AWS Certificate Manager

Question 15

Q

Which of the following is the responsibility of the customer to ensure the availability and backup of the EBS volumes?

A. Delete the data and create a new EBS volume.
B. Create EBS snapshots.
C. Attach new volumes to EC2 Instances.
D. Create copies of EBS Volumes.

Question 16

Q

Which of the following AWS services can be used to retrieve configuration changes made to AWS resources causing operational issues?

A. Amazon Inspector
B. AWS CloudFormation
C. AWS Trusted Advisor
D. AWS Config

Question 17

Q

Which of the following features of Amazon RDS allows for better availability of databases? Choose the answer from the options given below.

A. VPC Peering
B. Multi-AZ
C. Read Replicas
D. Data encryption

Question 18

Q

A website for an international sport governing body would like to serve its content to viewers from different parts of the world in their vernacular language. Which of the following services provide location-based web personalization using geolocation headers?

A. Amazon CloudFront
B. Amazon EC2 Instance
C. Amazon Lightsail
D. Amazon Route 53

Question 19

Q

Which of the following are the recommended resources to be deployed in the Amazon VPC private subnet?
A. NAT Gateways
B. Bastion Hosts
C. Database Servers
D. Internet Gateways

Question 20

Q

A company wants to utilize AWS storage. For them, low storage cost is paramount. The data is rarely retrieved and a data retrieval time of 13-14 hours is acceptable for them. What is the best storage option to use?

A. Amazon S3 Glacier
B. S3 Glacier Deep Archive
C. Amazon EBS volumes
D. AWS CloudFront

Question 21

Q

Which AWS service provides a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability?

A. AWS RDS
B. DynamoDB
C. Oracle RDS
D. Elastic Map Reduce

Question 22

Q

For which of the following AWS resources, the Customer is responsible for the infrastructure-related security configurations?

A. Amazon RDS
B. Amazon DynamoDB
C. Amazon EC2
D. AWS Fargate

Question 23

Q

In the shared responsibility model for infrastructure services, such as Amazon Elastic Compute Cloud, which two are the customers responsibility?

A. Network infrastructure
B. Amazon Machine Images (AMIs)
C. Virtualization infrastructure
D. Physical security of hardware
E. Policies and configuration

Question 24

Q

A large Oil & gas company is planning to deploy a high-volume application on multiple Amazon EC2 instances. Which of the following can help to reduce operational expenses?

A. Deploy Amazon EC2 instance with Auto-scaling
B. Deploy Amazon EC2 instance in multiple AZ’s
C. Deploy Amazon EC2 instance with Amazon instance store-backed AMI
D. Deploy Amazon EC2 instance with Cluster placement group

Question 25

Q

Which of the following describes a security best practice that can be implemented by using AWS Identity and Access Management (IAM)?

A. Turn off AWS Management Console access for all users
B. Generate secret keys for every IAM user
C. Grant permissions to users who are required to perform a specific task only
D. Store AWS credentials within Amazon EC2 instances

Question 26

Q

Which aspect of AWS infrastructure provides global deployment of compute and storage?

A. Multiple Availability Zones in an AWS Region
B. Multiple AWS Regions
C. Tags
D. Resource groups

Question 27

Q

Which of the following are benefits of the AWS Cloud? (Select TWO.)

A. Companies need increased IT staff
B. Capital expenses are replaced with variable expenses
C. Customers receive the same monthly bill regardless of which resources they use
D. Companies gain increased agility
E. AWS holds responsibility for security in the cloud

Question 28

Q

A company is hosting a static website from a single Amazon S3 bucket.
Which AWS service will achieve lower latency and high transfer speeds?

A. AWS Elastic Beanstalk
B. Amazon DynamoDB Accelerator (DAX)
C. Amazon Route 53
D. Amazon CloudFront

Question 29

Q

A company needs phone, email, and chat access 24 hours a day, 7 days a week. The response time must be less than 1 hour if a production system has a service interruption.
Which AWS Support plan meets these requirements at the LOWEST cost?

A. Basic
B. Developer
C. Business
D. Enterprise

Question 30

Q

A company has an application server that runs on an Amazon EC2 instance. The application server needs to access contents within a private Amazon S3 bucket.

What is the recommended approach to meet this requirement?

A. Create an IAM Role with the appropriate permissions. Associate the role with the EC2 instance
B. Configure VPC peering connection to allow private communication between the EC2 instance and the S3 bucket
C. Create a shared access key. Configure the EC2 instance to use the hardcoded key
D. Configure the application to read an access key from a secured source

Question 31

Q

Which AWS service provides a simple and scalable shared file storage solution for use with Linux-based Amazon EC2 instances and on-premises servers?

A.AWS Managed Services (AMS)
B. Amazon S3 Glacier
C. Amazon Elastic Block Store (EBS)
D. Amazon Elastic File System (EFS)

Question 32

Q

Which of the following are advantages of the AWS Cloud? (Select TWO.)

A. AWS manages the maintenance of the cloud infrastructure
B. AWS manages the security of applications built on AWS
C. AWS manages capacity planning for physical servers
D. AWS manages the development of applications on AWS
E. AWS manages cost planning for virtual servers

Question 33

Q

Which Amazon EC2 pricing model adjusts based on supply and demand of EC2 instances?

A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Convertible Reserved Instances

Question 34

Q

Which security-related services or features does AWS offer? (Select TWO.)

A. Complete PCI compliance for customer applications that run on AWS
B. AWS Trusted Advisor security checks
C. Data encryption
D. Automated penetration testing
E. Amazon S3 copyrighted content detection

Question 35

Q

Which AWS service can create an alarm that sends a notification when a billing threshold is exceeded?

A. AWS Trusted Advisor
B. AWS CloudTrail
C. Amazon CloudWatch
D. Amazon QuickSight

Question 36

Q

Which of the following is an advantage of consolidated billing on AWS?

A. Volume pricing qualification
B. Shared access permissions
C. Multiple bills for each account
D. Elimination of the need to tag resources

Question 37

Q

A company requires physical isolation of its Amazon EC2 instances from the instances of other customers.
Which instance purchasing option meets this requirement?

A. Dedicated Hosts
B. Reserved Instances
C. On-Demand Instances
D. Spot Instances

Question 38

Q

A company needs to monitor and receive alerts about AWS Management Console sign-in events that involve the AWS account root user.
Which AWS service can the company use to meet these requirements?

A. Amazon CloudWatch
B. AWS Config
C. AWS Trusted Advisor
D. AWS identity and Access Management

Question 39

Q

A company wants a dedicated private connection to the AWS Cloud from its on-premises operations.
Which AWS service or feature will provide this connection?

A. AWS VPN
B. AWS PrivateLink
C. VPC endpoint
D. AWS Direct Connect

Question 40

Q

Which AWS Cloud architecture design principle supports the distribution of workloads across multiple Availability Zones?

A. Implement automation
B. Design for agility
C. Design for failure
D. Implement elasticity

Question 41

Q

Which recommendations are included in the AWS Trusted Advisor checks? (Select TWO.)

A. Amazon S3 bucket permissions
B. AWS service outages for services
C. Multi-factor authentication (MFA) use on the AWS account root user
D. Available software patches for Amazon EC2 instances
E. Number of users in the account

Question 42

Q

Which AWS services or features support data replication across AWS Regions? (Select TWO.)

A. Amazon S3
B. Amazon Elastic Block Store (EBS)
C. Amazon EC2 instance store
D. AWS Storage Gateway
E. Amazon RDS

Question 43

Q

Which statement best describes security groups?

A. They are stateful and deny all inbound traffic by default
B. They are stateful and allow all inbound traffic by default.
C. They are stateless and deny all inbound traffic by default.
D. They are stateless and allow all inbound traffic by default.

Question 44

Q

Which statement best describes Elastic Load Balancing?

A. A service that distributes incoming traffic across multiple targets, such as Amazon EC2 instances
B. A service that enables you to set up, manage, and scale a distributed in-memory
C. A service that monitors your applications and automatically adds or removes capacity
D. A service that provides data that you can use to monitor your applications

Question 45

Q

Your company has an application that uses Amazon EC2 instances to run the customer-facing website and Amazon RDS database instances to store customers’ personal information. How should the developer configure the VPC according to best practices?

A. Place the Amazon EC2 instances in a private subnet and the Amazon RDS database instances in a public subnet.
B. Place the Amazon EC2 instances in a public subnet and the Amazon RDS database instances in a private subnet.
C. Place the Amazon EC2 instances and the Amazon RDS database instances in a public subnet.
D. Place the Amazon EC2 instances and the Amazon RDS database instances in a private subnet.

Question 46

Q

A collaboration software company processes email for enterprise customers. They have more than 250 enterprise customers and more than half a million users. They must store petabytes of data for their customers. Which storage technology is the best to use in this scenario. (Select Two)

A. Amazon S3
B. EBS
C. Amazon S3 Glacier
D. None of the above

Question 47

Q

A data protection company must be able to ingest and store large amounts of customer data and help their customers meet compliance requirements. They use Amazon EC2 for scalable compute and Amazon DynamoDB for duplicate data and metadata lookups. Which storage technology is the best to use in this scenario. (Select two)

A. Amazon S3
B. Amazon S3 Glacier
C. None of the above
D. EFS

Question 48

Q

Which service is used to query and analyze data across a data warehouse?

A. Amazon Redshift
B. Amazon Neptune
C. Amazon DocumentDB
D. Amazon ElastiCache

Question 49

Q

You want to store data in a volume that is attached to an Amazon EC2 instance. Which service should you use?

A. AWS Lambda
B. Amazon ElastiCache
C. Amazon Simple Storage Service (Amazon S3)
D. Amazon Elastic Block Store (Amazon EBS)

Question 50

Q

Which tool enables you to visualize, understand, and manage your AWS costs and usage over time?

A. AWS Cost Explorer
B. AWS Artifact
C. AWS Pricing Calculator
D. AWS Budgets

Question 51

Q

Which statement is TRUE for AWS Lambda?

A. To use AWS Lambda, you must configure the servers that run your code.
B. The first step in using AWS Lambda is provisioning a server.
C. Before using AWS Lambda, you must prepay for your estimated compute time.
D. You pay only for compute time while your code is running.

Question 52

Q

A commercial shipping company that uses an on-premises legacy data management system. They must migrate to a serverless ecosystem while they continue to use their existing database system, which is based on Oracle. They are also in the process of decomposing their highly structured relational data into semi structured data. Which database service is the most appropriate once they have completed the data-processing.

A. RDS
B. Aurora
C. Dynamo DB
D. Redshift

Question 53

Q

Which service is used to run containerized applications on AWS?

A. Amazon Redshift.
B. Amazon Elastic Kubernetes Service (Amazon EKS).
C. Amazon SageMaker.
D. Amazon Aurora.

Question 54

Q

You are a solutions architect who works at a large retail company that is migrating its existing infrastructure to AWS. You recommend that they use a custom VPC. When you create a VPC, you assign it to an IPv4 Classless Inter-Domain Routing (CIDR) block of 10.0.1.0/24 (which has 256 total IP addresses). How many IP addresses are available? (Select the best answer.)

A. 256
B. 246
C. 251
D. 250

Question 55

Q

Your web application needs four instances to support steady traffic all of the time. On the last day of the month, the traffic triples. What is the most cost-effective way to handle this pattern? (Select the best answer)

A. Run 12 Reserved Instances all of the time.
B. Run four Reserved Instances constantly, then add eight On-Demand Instances on the last day of each month.
C. Run four On-Demand Instances constantly, then add eight more On-Demand Instances on the last day of each month.
D. Run four On-Demand Instances constantly, then add eight Reserved Instances on the last day of each month.

Question 56

Q

You want to store data in a key-value database. Which service should you use?

A. Amazon RDS
B. Amazon DocumentDB
C. Amazon Aurora
D. Amazon DynamoDB

Question 57

Q

You want Amazon S3 to monitor your objects’ access patterns. Which storage class should you use?

A. S3 Intelligent-Tiering
B. S3 One Zone-IA
C. S3 Standard-IA
D.S3 Glacier

Question 58

Q

Which task can AWS Key Management Service (AWS KMS) perform?

A. Configure multi-factor authentication (MFA).
B. Update the AWS account root user password.
C. Create cryptographic keys.
D. Assign permissions to users and groups.

Question 59

Q

Which service is used to quickly deploy and scale applications on AWS?

A. AWS Snowball
B. AWS Elastic Beanstalk
C. AWS Outposts
D. Amazon CloudFront

Question 60

Q

You are running an Amazon EC2 instance and want to store data in an attached resource. Your data is temporary and will not be kept long term. Which resource should you use?

A. Amazon Elastic Block Store (Amazon EBS) volume.
B. Amazon S3 bucket.
C. Instance store.
D. Subnet.

Question 61

Q

Which statement best describes Amazon DynamoDB?

A. A service that enables you to run relational databases in the AWS Cloud.
B. A serverless key-value database service.
C. A service that you can use to migrate relational databases, nonrelational databases, and other types of data stores.
D. An enterprise-class relational database.

Question 62

Q

A data protection and management company that provides services to enterprises. They must provide database services for over 55 petabytes of data. They have two types of data that require a database solution. First, they need a relational database store for configuration data. Second, they need a store for unstructured metadata to support a de-duplication service. After the data is de-duplicated, it is stored in Amazon S3 for quick retrieval, and eventually moved to Amazon S3 Glacier for long-term storage. Which database service is the most appropriate to use in this scenario? (Choose Two)

A. Dynamo DB
B. RDS
C. Redshift

Question 63

Q

Which statement best describes an Availability Zone?

A. A fully isolated portion of the AWS global infrastructure.
B. A site that Amazon CloudFront uses to cache copies of content for faster delivery to users at any location.
C. A separate geographical location with multiple locations that are isolated from each other.
D. The server from which Amazon CloudFront gets your files.

Question 64

Q

In the S3 Intelligent-Tiering storage class, Amazon S3 moves objects between a frequent access tier and an infrequent access tier. Which storage classes are used for these tiers? (Select TWO.)

A. S3 Glacier Deep Archive.
B. S3 Glacier.
C. S3 Standard.
D. S3 One Zone-IA.
E. S3 Standard-IA

Brainscape's Knowledge GenomeTM

Exam Questions Flashcards

Brainscape's Knowledge Genome^TM