HNF Problem Questions

Question 1

This AWS service uses dedicated private network connections between your on-premise network or branch office sites and Amazon VPC

Answer 1

AWS Direct Connect

Question 2

What are the connectivity options that can be used to build hybrid cloud architecture? (Choose 2)

• -Direct Connect
• -Cloud9
• -VPN
• -Artifact
• -CloudTrail

Answer 2

–Direct Connect

–VPN

Question 3

Using Amazon RDS falls under the shared responsibility model. Which of the following are customer responsibilities?
Choose 2

• -managing the database settings
• -installing the database software
• -patching the database software
• -performing backups
• -building the relational database schema

Answer 3

–managing the database settings

–building the relational database schema

Question 4

What does the AWS Personal Health Dashboard provide? (choose 2)

• -Personalized view of AWS service health
• -published information about the current status and availability of all AWS services
• -recommendations for Cost Optimization
• -a dashboard detailing vulnerabilities in your applications
• -detailed troubleshooting guidance to address AWS events impacting your resources

Answer 4

–Personalized view of AWS service health

–detailed troubleshooting guidance to address AWS events impacting your resources

Question 5

Based on the AWS Shared Responsibility Model, which of the following are the sole responsibility of AWS?
Choose 2

• -installing software on EC2 instances
• -monitoring network performance
• -configuring Access Control Lists (ACLs)
• -Creating hypervisors
• -hardware maintenance

Answer 5

–Creating hypervisors

–hardware maintenance

Question 6

What is the AWS service that provides a virtual network dedicated to your AWS account?

Answer 6

AWS VPC

virtual private cloud

Question 7

Sarah has deployed an application in the Northern California (us-west-1) region. After examining the application’s traffic, she notices that about 30% of the traffic is coming from Asia. What can she do to reduce latency for the users in Asia?

• -Replicate the current resources across multiple Availability Zones within the same region
• -migrate the application to a hosting provider in Asia
• -recreate the website content
• -create a CDN using CloudFront, so that content is cached at Edge Locations close to and in Asia

Answer 7

–create a CDN using CloudFront, so that content is cached at Edge Locations close to and in Asia

Question 8

NACL

Answer 8

Network Access Control List
an optional layer of security for your VPC that acts as firewall for controlling traffic in and out of one or more subnets

Question 9

File level storage that provides a scalable, elastic file system for Linux0based workloads for use with AWS Cloud services and on-premise resources

Answer 9

Amazon Elastic File Service

Amazon EFS cannot be used to store Amazon RDS DB instances

Question 10

What doe the AWS Personal Health Dashboard provide?
Choose 2?

• -Recommendations for Cost Optimization
• -Detailed troubleshooting guidance to address AWS events impacting your resources
• -A dashboard detailing vulnerabilities in your applications
• -Published information about the current status and availability of all AWS services
• -Personalized view of AWS service health

Answer 10

–Detailed troubleshooting guidance to address AWS events impacting your resources

–Personalized view of AWS service health

Question 11

This service allows you to run containerized applications on a cluster of EC2 instances?

Answer 11

ECS

Elastic Container Service

Question 12

Two examples of AWS shared controls

• -VPC Management
• -data Center operations
• -IAM management
• -patch management
• -configuration management

Answer 12

–patch management

–configuration management

Question 13

An AWS service that creates a template that contains a software configuration (for example, an operating system, an application server, and applications). This pre-configured template save time and avoids errors when configuring setting to create new instances

Answer 13

AMI

Amazon Machine Image

Question 14

Allows organizations to create and manage catalogs of IT services that are approved for use on AWS

Answer 14

AWS Service Catalog

Question 15

Which statement best describes the operational excellence pillar of the AWS Well-Architected Framework?

• -the ability of a system to recover gracefully from failure
• -the ability to manage datacenter operations more efficiently
• -the ability to monitor systems and improve supporting processes and procedures
• -the efficient use of computing resources to meet requirements

Answer 15

–the ability to monitor systems and improve supporting processes and procedures

Question 16

What is the AWS tool that enables you to use scripts to manage all AWS services and resources?

Answer 16

AWS CLI

Command Line Interface

Question 17

A company has created a solution that helps AWS customers improve their architectures on AWS. Which AWS program may support this company?

• -AWS Professional Services
• -APN Technology Partners
• -AWS TAM
• -APN Consulting Partners

Answer 17

–APN Consulting Partners

Question 18

what is AWS Config

Answer 18

it is a service that enables you to assess, audit, and evaluate the config of all your AWS resources

Question 19

Which AWS policy defines the prohibited uses of the AWS Cloud?

Answer 19

AWS Acceptable Use Policy

Question 20

A company has an AWS Enterprise Support plan. They want quick and efficient guidance with their billing and account inquiries. Which of the following should the company use?

• -AWS Operations Support
• -AWS Personal Health Dashboard
• -AWS Direct Connect
• -AWS Support Concierge

Answer 20

–AWS Support Concierge

Question 21

What is Cloud9

Answer 21

a cloud-based IDE that runs within your browser

Question 22

The principle “design for failure and nothing will fail” is very important when designing your AWS Cloud architecture. Which of the following would help adhere to this principle? (Choose TWO)

Availability Zones
Elastic Load Balancing
Vertical Scaling
Multi-Factor Identification

Answer 22

Availability Zones

Elastic Load Balancing

Question 23

In you on-premises environment, you can create as many virtual servers as you need from a single template. What can you to perform the same in AWS?

• -EBS Snapshot
• -AMI
• -IAM
• -An internal gateway

Answer 23

AMI

Amazon Machine Image

Question 24

Which AWS security feature is associated with an EC2 instance and functions to filter incoming traffic requests?

Answer 24

Security Groups

Question 25

Which two of the following can help protect you EC2 instances from DDoS attacks

• -CloudHSM
• -AWS Batch
• -Network Access Control Limits
• -IAM
• -Security Groups

Answer 25

–Network Access Control Limits

–Security Groups

Question 26

Where can you store files in AWS?
Choose 2

• -EMR
• -ECS
• -SNS
• -EBS
• -EFS

Answer 26

–EBS
Elastic Block Store
–EFS
Elastic File System

Question 27

What are the amazon RDS features that can be used improve the availability of your database?
Choose 2

• -Read Replicas
• -Multi-AZ Deployment
• -Edge Locations
• -Automatic patching
• -AWS Regions

Answer 27

–Read Replicas

–Multi-AZ Deployment

Question 28

How are AWS customers billed for Linux-based EC2 usage

Answer 28

instances are billed in 1 sec increments with a minimum of 1 minute

Question 29

Which service can be described as a global content delivery network (CDN) service:

Answer 29

Amazon CloudFront

Question 30

a compute service that allows you to run hundreds of thousands of batch computing jobs on AWS

Answer 30

AWS Batch

Question 31

What are the change management tools that helps AWS customers audit an dmonitor all resource change in their AWS environment?
Choose 2

• -AWS CloudTrail
• -Amazon Comprehend
• -AWS Transit Gateway
• -AWS Config
• -AWS X-Ray

Answer 31

–AWS CloudTrail

–AWS Config

Config and CloudTrail are change management tools that help audit and monitor resource and config change

Question 32

What is AWS CloudHSM

Answer 32

it is a cloud-based hardware security module and enables you to easily generate and use your own encryption keys on the AWS Cloud

Question 33

Which two statements are true

• -The Amazon Simple Email Service is responsible for sending email notifications when usage approaches a service limit
• -there are no service limits on AWS
• -you can contact AWS support to increase the service limits
• -each IAM user has the same service limits
• -you can use the AWS Trusted Advisory to monitor your service limits

Answer 33

–you can contact AWS support to increase the service limits

–you can use the AWS Trusted Advisory to monitor your service limits

Question 34

Amazon Service that helps you analyze vast amounts of data by distrusting the computational work across across a cluster of virtual servers running in the AWS Cloud

Answer 34

AWS EMR

Question 35

Which of the following AWS services is designed with native Multi-AZ fault tolerance in mind?
Choose 2

• -Snowball
• -EBS
• -DynnamoDB
• -Redshift
• -S3

Answer 35

–DynnamoDB

–S3

EBS volume data is replicated across multiple servers within the same availabity zone

Question 36

A company has developed an eCommerce web application in AWS. What should they do to ensure that the application has the highest level of availability?

Answer 36

Deploy the application across multiple Region and Availability Zones

Question 37

What does ElasticCache provide?

• -an online software store that allows Customers to launch pre-configured software with just a few clicks
• -domain name system in the cloud
• -an Ehcache compatible in-memory data store
• -in-memory chaching for read-heavy applications

Answer 37

–in-memory chaching for read-heavy applications

Question 38

Which of the following are examples of AWS-Managed Services, where AWS is responsible for the operational and maintenance burdens of running the service? (Choose TWO)

• -Amazon Elastic MapReduce
• -DynamoDB
• -VPC
• -IAM
• -Elastic Compute Cloud

Answer 38

• -Amazon Elastic MapReduce

- -DynamoDB

Question 39

A cost-effective solution for storing images or videos (compared to S3). A block level storage that can be used as a disk drive for EC2 or RDS instances.

Answer 39

Amazon EBS

Question 40

Which service is used to ensure that message between software components are not lost if one or more components fail?
\_\_Amazon SES
--Amazon Connect
--Amazon SQS
--AWS Direct Connect

Answer 40

Amazon SQS

Simple Queue Service

Question 41

What does Network ACLs do?

Answer 41

it is used to control traffic at the subnet level

Question 42

You want to run a questionnaire for only one day (without interruption), Amazon EC2 purchase option should you use?

Answer 42

On-Demand instances

Question 43

Which of the following does not belong to the AWS cloud computing models?

• -PaaS
• -NaaS
• -IaaS
• -SaaS

Answer 43

NaaS

Network as a Service

Question 44

Which statement is true regarding the AWS Shared Responsibility Model?

–Security of the IaaS services is the responsibility of AWS
–Patching the guest OS is always the responsibility of AWS
__Security of the managed services is the responsibility of the customer
–Responsibilities vary depending on the service used

Answer 44

–Responsibilities vary depending on the service used

Question 45

What is the AWS service that enables AWS architects to manage infrastructure as code?

• -CloudFormation
• -SES
• -Config
• -EMR

Answer 45

CloudFormation

Question 46

A company is deploying a new two-tier web application in AWS. Where should the most frequently accessed data be stored so that the application’s response time is optimal?

• -AWS Storage Gateway
• -AWS OpsWorks
• -Amazon EBS volume
• -Amazon ElasticCache

Answer 46

Amazon ElasticCache

Question 47

When can penetration testing be performed with EC2 instances

Answer 47

penetration testing can be performed by the customer on their own instance without prior authorization from AWS

Question 48

Which of the following AWS services is free to use?

• -Route53
• -CloudWatch
• -AutoScaling
• -EC2

Answer 48

AutoScaling

Question 49

According to the AWS Shared responsibility model, which of the following are the responsibility of the customer?
Choose 2

• -protecting the confidentiality of data in transit in S3
• -managing environmental events of AWS data centers
• -controlling physical access to AWS regions
• -ensuring that the underlying EC2 host is configured properly
• -patching applications installed on EC2

Answer 49

–protecting the confidentiality of data in transit in S3

–patching applications installed on EC2

Question 50

What should you do in order to keep the data on EBS volumes safe?
Choose 2

• -store a backup daily in an external drive
• -create EBS snapshots
• -prevent any unauthorized access to AWS data centers
• -regularly update firmware on EBS devices
• -ensure that EBS data is encrypted at rest

Answer 50

–create EBS snapshots

–ensure that EBS data is encrypted at rest

Question 51

Provides software solutions that are either hosted on, or integrated with, the AWS platform

Answer 51

APN Technology Partners

Question 52

What is the primary storage service used by Amazon RDS database instance?

Answer 52

Amazon EBS

Question 53

You have AWS Basic support, and you have discovered that some AWS resources are being used maliciously, and those resources could potentially compromise your data. What should you do?

Answer 53

Contact the AWS Abuse Team

Question 54

Under the Shared Responsibility Model, which of the following controls do customers fully inherit from AWS?
Choose 2

• -environmental controls
• -database controls
• -awareness and training
• -physical controls
• -patch management controls

Answer 54

–environmental controls

–physical controls

Question 55

​ A company is introducing a new product to their customers, and is expecting a surge in traffic to their web application. As part of their Enterprise Support plan, which of the following provides the company with architectural and scaling guidance?

Answer 55

Infrastructure Event Management

Question 56

Which of the following procedures will help reduce your S3 cost?

• -use the right combination of storage classes based on different use cases
• use the import/export feature to move old files automatically to Amazon Glacier
• -move all the data stored in S3 standard to EBS
• -pick the right Availability Zone for your S3 bucket

Answer 56

–use the right combination of storage classes based on different use cases

Question 57

Shares a collection of offerings to help you achieve specific outcomes related to enterprise could adoption

Answer 57

AWS Professional Services

Question 58

Under the shared responsibility model, which of the following is the AWS’ responsibility

• -server-side encryption
• -client-side encryption
• -configuring infrastructure services
• -filtering traffic with Security Groups

Answer 58

–configuring infrastructure services

Question 59

A developer is planning to build a two-tier web application that has MySQL database layer. Which of the following AWS database services would provide automated backups for the applications?

• -Aurora
• DocumentDB
• DynamoDB
• a MySQL database installed on an EC2 instance

Answer 59

Aurora

Question 60

What is the AWS service that provides you the highest level of control over the underlying virtual infrastructure?

• -RDS
• -Redshift
• -DynamoDB
• -EC2

Answer 60

EC2

Question 61

What isAWS VPN

Answer 61

a virtual private network allows you to establish a secure and private tunnel from your network or device to the AWS global network

Question 62

Name 3 Amazon messaging services

Answer 62

MQ
SQS
SNS

Question 63

An EC2 instance purchasing options supports the Bring Your Own License model for almost every BYOL scenario?

Answer 63

Dedicated Hosts

Question 64

Which of two following will impact the price paid for an EC2 instance?

• -the availability zone where the instance is provisioned
• -number of private IPs
• -Instance type
• -Number of buckets
• -Storage capacity

Answer 64

–Instance type

–Storage capacity

Question 65

A company is planning to host an educational website on AWS. Their video courses will be streamed all around the world. Which of the following AWS services will help achieve high transfer speeds?

Answer 65

CloudFronot

Question 66

A Japanese company hosts their applications on Amazon EC2 instances in the Tokyo Region. The company has opened new branches in the United States, and the US users are complaining of high latency. What can the company do to reduce latency for the users in the US while reducing costs?

Answer 66

deploying a new Amazon EC2 instances in a region located in the US

Question 67

Enables you to monitor and collect log file from your EC2 instances?

Answer 67

CloudWatch Logs

Question 68

A global company with a large number of AWS accounts is seeking a way in which they can centrally manage billing and security policies across all accounts. Which AWS Service will assist them in meeting these goals?

Answer 68

AWS Organizations

Question 69

What is the AWS service that enables you to manage all of your AWS accounts for a single mast account?

Answer 69

AWS Organizations

Question 70

What does AWS provide to deploy popular technologies - such as IBM MQ - on AWS with the least amount of effort and time?

Answer 70

AWS Quick Start reference deployments

Question 71

What does Amazon CloudFront use to distribute content to global users with low latency?

Answer 71

AWS Edge Locations

Question 72

Which service allows customers to manage their agreements with AWS?

Answer 72

AWS Artifact

Question 73

Professional services firms that help customers design, architect, build, migrate, and manage their workloads and applications on AWS

Answer 73

APN Consulting Partners

Question 74

A company has decided to migrate its Oracle database to AWS. Which AWS service can help achieve this without negatively impacting the functionality of the source database?

Answer 74

AWS Database Migration Service

Question 75

helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture.

You can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors

Answer 75

AWS X-Ray

Question 76

What is the AWS feature that provides an additional level of security above the default authentication mechanism of usernames and passwords?

Answer 76

AWS MFA

Multi-Factor Authentication

Question 77

What is the AWS data warehouse service that supports a high level of query performance on large amounts of datasets?

• -DynamoDB
• -Kinesis
• –RDS
• -Redshift

Answer 77

Redshift

it is petabyte-scale data warehouse that allows for complex analytic querries

Question 78

Using Ec2 falls under which of the following cloud computing models?

• -SaaS
• -IaaS
• -IaaS & SaaS
• -PaaS

Answer 78

IaaS

Question 79

In order to implement best practices when dealing with a “Single Point of Failure,” you should attempt to build as much automation as possible in both detecting and reacting to failure. Which of the following AWS services would help? (Choose TWO)

• -EC2
• -ECR
• -ELB
• -Auto Scaling
• -Athena

Answer 79

• -ELB

- -Auto Scaling

Question 80

What is the advantage of the AWS-recommended practice of “decoupling” applications?

Answer 80

Reduces inter-dependencies so that failures do not impact other components of the application

Question 81

What are 2 AWS services/features that can help you maintain a highly available and fault-tolerant architecture in AWS?

• -AWS Direct Connect
• -ELB
• -EC2 Auto Scaling
• -network ACLs
• -CloudFormation

Answer 81

–ELB

–EC2 Auto Scaling