ITExams Practice Test Flashcards
Web servers running on Amazon EC2 access a legacy application running in a corporate data center. What term would describe this model? A. Cloud-native B. Partner network C. Hybrid architecture D. Infrastructure as a service
C. Hybrid architecture
What is the benefit of using AWS managed services, such as Amazon ElastiCache and Amazon Relational Database Service (Amazon RDS)?
A. They require the customer to monitor and replace failing instances.
B. They have better performance than customer-managed services.
C. They simplify patching and updating underlying OSs.
D. They do not require the customer to optimize instance type or size selections.
C. They simplify patching and updating underlying OSs.
Which service provides a virtually unlimited amount of online highly durable object storage?
A. Amazon Redshift
B. Amazon Elastic File System (Amazon EFS)
C. Amazon Elastic Container Service (Amazon ECS)
D. Amazon S3
D. Amazon S3
Which of the following Identity and Access Management (IAM) entities is associated with an access key ID and secret access key when using AWS Command Line Interface (AWS CLI)?
A. IAM group
B. IAM user
C. IAM role
D. IAM policy
B. IAM user
Which of the following security-related services does AWS offer? (Choose two.)
A. Multi-factor authentication physical tokens
B. AWS Trusted Advisor security checks
C. Data encryption
D. Automated penetration testing
E. Amazon S3 copyrighted content detection
B. AWS Trusted Advisor security checks
C. Data encryption
Which AWS managed service is used to host databases?
A. AWS Batch
B. AWS Artifact
C. AWS Data Pipeline
D. Amazon RDS
Answer : D
Explanation -
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups. It frees you to focus on your applications so you can give them the fast performance, high availability, security and compatibility they need.
Which AWS service provides a simple and scalable shared file storage solution for use with Linux-based AWS and on-premises servers?
A. Amazon S3
B. Amazon Glacier
C. Amazon EBS
D. Amazon EFS
Answer : D
Explanation:
Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. It is built to scale on demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.
Amazon EFS is designed to provide the throughput, IOPS, and low latency needed for Linux workloads. Throughput and IOPS scale as a file system grows and can burst to higher throughput levels for short periods of time to support the unpredictable performance needs of file workloads. For the most demanding workloads, Amazon EFS can support performance over 10 GB/sec and up to 500,000 IOPS.
When architecting cloud applications, which of the following are a key design principle?
A. Use the largest instance possible
B. Provision capacity for peak load
C. Use the Scrum development process
D. Implement elasticity
Answer : D
Explanation:
Cloud services main proposition is to provide elasticity through horizontal scaling. It”™s already there. As for using largest instance possible, it is not a design principle that helps cloud applications in anyway.
Scrum development process is not related to architecting. Therefore, a key principle is to provision your application for on-demand capacity.
Peak loads is something that cloud applications experience everyday. Peak load management should be a necessary part of cloud application design principle.
Which AWS service should be used for long-term, low-cost storage of data backups?
A. Amazon RDS
B. Amazon Glacier
C. AWS Snowball
D. AWS EBS
Answer : B. Amazon Glacier
Explanation -
Amazon S3 Glacier is a secure, durable, and low-cost storage class of S3 for data archiving and long-term backup. Customers can store large or small amounts of data for as little as $0.004 per gigabyte per month. The S3 Glacier storage class is ideal for archives where data is regularly retrieved and some of the data may be needed in minutes.
Amazon RDS is a relational database service that hosts databases. It helps you create and manage databases. Amazon Snowball is a petabyte-scale data transfer service that provides cost efficient data transfer to AWS from tamper proof physical devices. Similarly, Elastic block storage offers persistent block storage volumes for EC2 instances.
Under the shared responsibility model, which of the following is a shared control between a customer and AWS? A. Physical controls B. Patch management C. Zone security D. Data center auditing
B. Patch management
Which AWS service allows companies to connect an Amazon VPC to an on-premises data center? A. AWS VPN B. Amazon Redshift C. API Gateway D. Amazon Direct Connect
Answer : D
Explanation:
AWS Direct Connect enables you to securely connect your AWS environment to your on-premises data center or office location over a standard 1 gigabit or 10 gigabit Ethernet fiber-optic connection.
AWS Direct Connect offers dedicated high speed, low latency connection, which bypasses internet service providers in your network path. An AWS Direct Connect location provides access to Amazon Web Services in the region it is associated with, as well as access to other US regions. AWS Direct Connect allows you to logically partition the fiber-optic connections into multiple logical connections called Virtual Local Area Networks
(VLAN). You can take advantage of these logical connections to improve security, differentiate traffic, and achieve compliance requirements.
A company wants to reduce the physical compute footprint that developers use to run code.
Which service would meet that need by enabling serverless architectures?
A. Amazon Elastic Compute Cloud (Amazon EC2)
B. AWS Lambda
C. Amazon DynamoDB
D. AWS CodeCommit
Answer : B
Explanation:
AWS Lambda is an integral part of coding on AWS. It reduces physical compute footprint by utilizing aws cloud services to run code.
Which AWS service provides alerts when an AWS event may impact a company"™s AWS resources? A. AWS Personal Health Dashboard B. AWS Service Health Dashboard C. AWS Trusted Advisor D. AWS Infrastructure Event Management
Answer : A
Explanation:
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. While the Service Health
Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of the
AWS services underlying your AWS resources.
Which of the following are categories of AWS Trusted Advisor? (Choose two.) A. Fault Tolerance B. Instance Usage C. Infrastructure D. Performance E. Storage Capacity
Answer : AD
Explanation:
Like your customized cloud expert, AWS Trusted Advisor analyzes your AWS environment and provides best practice recommendations in five categories: cost optimization, performance, security, fault tolerance and service limits.
Which task is AWS responsible for in the shared responsibility model for security and compliance?
A. Granting access to individuals and services
B. Encrypting data in transit
C. Updating Amazon EC2 host firmware
D. Updating operating systems
Answer : C
Explanation:
AWS Compliance enables customers to establish and operate in an AWS security control environment
-> The shared responsibility model is part of AWS Compliance program
-> The Security of the cloud is managed by Amazon AWS provider
-> The Security in the cloud is responsibility of the customer
-> The customer is responsible for their information and data, their secure transmission, integrity, and encryption
-> Also, the customer is responsible for managing, support, patching and control of the guest operating system and AWS services provided like EC2
-> AWS customers retain control and ownership of their data
-> The AWS network provides significant protection against traditional network security issues and the customer can implement further protection