June 2024 AWS Video Questions

Question 1

Which AWS service will host a MariaDB database with the least amount of operational overhead?

Answer 1

Amazon RDS

Amazon RDS supports hosting relational databases, including MariaDB. Migrating data from one MariaDB instance to another would involve minimal operational overhead compared to other options.

Question 2

Which AWS Cloud design principle is a company using when it implements AWS CloudTrail?

Answer 2

Accountability and Traceability

Accountability and Traceability means being able to track and monitor actions within your AWS environment. CloudTrail provides this by logging API calls, allowing you to see who did what and when.

Question 3

Which AWS service continuously monitors accounts, workloads, and S3 buckets for malicious activity?

Answer 3

Amazon GuardDuty

Amazon GuardDuty is specifically designed for continuous threat detection across AWS accounts, workloads, and data stores like S3.

Question 4

What task should a company perform to become more responsive to customer inquiries according to the AWS Cloud Adoption Framework?

Answer 4

Realign teams to focus on products and value streams.

Realigning teams to focus on products and value streams aligns with the CAF’s emphasis on customer-centricity.

Question 5

Which configuration change will right-size Amazon EC2 instances with the least operational overhead?

Answer 5

Change the size and type of the instance based on utilization.

Right-sizing means choosing the most cost-effective instance type and size to match your workload’s actual resource needs.

Question 6

Which AWS service supports user sign-up functionality and authentication to applications?

Answer 6

Amazon Cognito

Amazon Cognito provides user sign-up and authentication for mobile and web applications.

Question 7

Which benefit of the AWS Cloud helps achieve lower usage costs because of aggregate use?

Answer 7

Economies of Scale

Economies of Scale refer to the cost advantages a business gains due to its size and operational efficiency.

Question 8

Which task is the responsibility of the customer according to the AWS Shared Responsibility Model?

Answer 8

Creating and managing IAM users and permissions.

Managing IAM users and permissions falls under the customer’s security responsibility.

Question 9

Which service should a company use to manage Cloud resources using Infrastructure as Code (IaC) templates?

Answer 9

AWS Service Catalog

AWS Service Catalog lets organizations create and manage catalogs of IT services, defined using IaC templates.

Question 10

Which AWS service should be used to monitor the CPU utilization of EC2 instances?

Answer 10

Amazon CloudWatch

Amazon CloudWatch is designed for monitoring and observability, including collecting metrics like CPU utilization.

Question 11

Which AWS service or principle should a company use to estimate the cost for running its infrastructure in the cloud?

Answer 11

AWS Pricing Calculator

The AWS Pricing Calculator is used to estimate the cost of running services in AWS.

Question 12

Which AWS service allows ISVs to deliver and share custom Amazon Machine Images (AMIs)?

Answer 12

AWS Marketplace

AWS Marketplace allows ISVs to list and sell their software, including AMIs, to a wide audience.

Question 13

Which component must be attached to a VPC to enable inbound internet access?

Answer 13

Internet gateway

An Internet gateway is the component that connects your VPC to the public internet.

Question 14

Which AWS service supports a company’s ability to create and treat infrastructure as code?

Answer 14

AWS CloudFormation

AWS CloudFormation is the primary service for defining and managing infrastructure as code in AWS.

Question 15

Which AWS service is designed for high throughput and low latency for applications with a high volume of requests?

Answer 15

Amazon DynamoDB

Amazon DynamoDB is a NoSQL database designed for high throughput and low latency.

Question 16

Which AWS security service offers proactive detection of compromised instances or accounts?

Answer 16

Amazon GuardDuty

Amazon GuardDuty is a threat detection service that monitors for suspicious activity in AWS accounts and workloads.

Question 17

Which AWS support plan provides the full set of Trusted Advisor checks at the lowest cost?

Answer 17

Business support

Business support is the most cost-effective plan offering the full set of Trusted Advisor checks.

Question 18

Which AWS purchase option will optimize costs for a company planning a partial migration to serverless architecture?

Answer 18

Compute Savings Plans

Compute Savings Plans provide discounts for committing to a consistent level of compute usage for one or three years.

Question 19

What are two benefits of building a mobile app in the Cloud?

Answer 19

Increased speed for trying out new projects and Flexibility to scale up in minutes as the application becomes popular.

AWS allows for rapid provisioning of resources and enables rapid scaling of resources to meet changing demand.

Question 20

Which feature of Amazon S3 can a company use to meet WORM compliance requirements?

Answer 20

S3 Object Lock

S3 Object Lock is specifically designed to enforce WORM policies on objects in S3.

Question 21

What is S3 Object Lock designed for?

Answer 21

S3 Object Lock is specifically designed to enforce WORM policies on objects in S3, ensuring data immutability and compliance with regulations.

Question 22

What does versioning in S3 do?

Answer 22

Versioning helps keep multiple versions of an object but doesn’t prevent deletion or modification of those versions.

Question 23

What do bucket policies control in S3?

Answer 23

Bucket policies control access to S3 buckets and objects but don’t inherently enforce WORM.

Question 24

What does MFA Delete add to S3?

Answer 24

MFA Delete adds an extra layer of security for deleting objects but doesn’t prevent modification or guarantee immutability.

Question 25

Which EC2 purchase option is most cost-effective for batch workloads that can handle interruptions?

Answer 25

Spot Instances are the most cost-effective option (up to 90% discount) when you can tolerate interruptions.

Question 26

What is the benefit of Reserved Instances?

Answer 26

Reserved Instances provide discounts but require a one- or three-year commitment, not ideal for temporary workloads.

Question 27

What do Dedicated Instances offer?

Answer 27

Dedicated Instances offer the highest level of isolation but are more expensive than Reserved Instances and not necessary if workloads can tolerate interruptions.

Question 28

What is the most flexible but expensive EC2 option?

Answer 28

On-Demand Instances provide the most flexibility but are the most expensive option.

Question 29

What is the best solution for a highly available PostgreSQL database in RDS?

Answer 29

Amazon RDS Multi-AZ deployment creates a standby replica in a different Availability Zone, providing high availability and fault tolerance.

Question 30

What does Amazon RDS Single-AZ deployment lack?

Answer 30

Amazon RDS Single-AZ deployment lacks redundancy and is not fault-tolerant.

Question 31

What are Amazon RDS Snapshots used for?

Answer 31

Amazon RDS Snapshots are for backup and recovery, not high availability.

Question 32

What is AWS Database Migration Service (DMS) used for?

Answer 32

AWS Database Migration Service (DMS) is used for migrating databases, not for highly available deployments.

Question 33

What is the most secure way to store passwords and API keys in AWS?

Answer 33

AWS Secrets Manager is designed for storing, managing, and rotating secrets such as passwords and API keys securely.

Question 34

What does Amazon S3 lack for sensitive information?

Answer 34

Amazon S3 can store encrypted data but lacks built-in rotation and auditing features for sensitive information.

Question 35

Why shouldn’t AWS CloudFormation parameters be used for sensitive data?

Answer 35

AWS CloudFormation parameters should not be used for storing sensitive data as they might be visible in logs or in plain text.

Question 36

What is AWS Storage Gateway used for?

Answer 36

AWS Storage Gateway is for connecting on-premises applications to AWS storage.

Question 37

Which statement describes the relationship among AWS Global Network components?

Answer 37

There are more Availability Zones than AWS Regions.

Question 38

What are Availability Zones located within?

Answer 38

Availability Zones are located within Regions.

Question 39

What is Amazon Route 53?

Answer 39

Amazon Route 53 is AWS’s highly available and scalable DNS service.

Question 40

What does Amazon CloudFront do?

Answer 40

Amazon CloudFront is a content delivery network (CDN).

Question 41

What does Amazon VPC provide?

Answer 41

Amazon VPC provides virtual private networking.

Question 42

What does AWS Direct Connect create?

Answer 42

AWS Direct Connect creates a dedicated network connection between your data center and AWS.

Question 43

What feature of AWS Global infrastructure helps with geographic compliance?

Answer 43

AWS’s global footprint allows companies to deploy applications in specific geographic areas to comply with data residency regulations.

Question 44

What are the benefits of AWS Cloud for dynamic workloads?

Answer 44

Elasticity and Pay-as-you-go resource pricing.

Question 45

What does elasticity in AWS allow?

Answer 45

Elasticity allows companies to scale resources up or down rapidly to match dynamic demand.

Question 46

What does pay-as-you-go resource pricing do?

Answer 46

Pay-as-you-go resource pricing aligns perfectly with fluctuating workloads, allowing companies to pay only for resources consumed.

Question 47

What is an AWS best practice for operational workloads?

Answer 47

Design for automatic failover.

Question 48

What is the AWS pricing calculator used for?

Answer 48

The AWS pricing calculator estimates costs for various services before using them.

Question 49

What does AWS Storage Gateway - File Gateway allow?

Answer 49

AWS Storage Gateway - File Gateway allows you to access S3 objects using file protocols like NFS.

Question 50

Which services can a user use to change their IAM password?

Answer 50

AWS Management Console and AWS Command Line Interface (CLI).

Question 51

What provides a firewall at the subnet level?

Answer 51

Network Access Control Lists (NACLs) act as a firewall at the subnet level, controlling traffic entering and leaving a subnet.

Question 52

Which AWS service is used for automated video analysis?

Answer 52

Amazon Rekognition is a computer vision service that can analyze videos to identify people and objects.

Question 53

What is the most cost-effective purchasing option for a web server that cannot tolerate interruptions?

Answer 53

Reserved Instances - Partial Upfront offer the lowest hourly rate for a one-year commitment.

Question 54

What are best practices for managing IAM users?

Answer 54

Create individual IAM users, use groups to assign permissions, and grant least privilege access.

Question 55

What does stopping guessing capacity refer to in cloud computing?

Answer 55

Stopping guessing capacity describes the core concept of elasticity, allowing you to adjust resources on demand.

Question 56

How can a company obtain PCI compliance reports?

Answer 56

AWS Artifact is where AWS stores compliance reports, including those for PCI DSS.

Question 57

Which AWS service distributes traffic between EC2 instances?

Answer 57

Elastic Load Balancing (ELB) distributes traffic across multiple EC2 instances.

Question 58

What are AWS’s responsibilities in the Shared Responsibility Model?

Answer 58

Physical security of AWS data centers, patching the underlying hardware of EC2 instances, and maintaining the host operating system.

Question 59

Who manages the encryption of Amazon Aurora databases?

Answer 59

The customer is responsible for managing data encryption, including the encryption of database clusters and snapshots.

Question 60

Which AWS security service filters inbound web traffic?

Answer 60

AWS WAF (Web Application Firewall) allows you to create rules that filter and control web traffic.

Question 61

What does AWS Direct Connect provide?

Answer 61

AWS Direct Connect provides a dedicated, private network connection between your on-premises environment and AWS.

Question 62

Which AWS service should a company use for a dedicated, private network connection?

Answer 62

AWS Direct Connect

AWS Direct Connect provides a dedicated, private network connection between your on-premises environment and AWS, offering more consistent bandwidth and lower latency than public internet connections.

Question 63

What is the best EC2 purchase option for a temporary, variable workload that requires continuous availability?

Answer 63

On-Demand Instances

On-Demand Instances offer the flexibility to spin up instances as needed without a long-term commitment and guarantee continuous availability.

Question 64

Which AWS service allows employees to connect to managed workstations from personal devices?

Answer 64

Amazon WorkSpaces

Amazon WorkSpaces provides cloud-based virtual desktops that employees can access from their personal devices, offering a secure and managed working environment.

Question 65

Which service can be used to perform SQL queries on objects in an S3 bucket?

Answer 65

Amazon Athena

Amazon Athena is a serverless query service that allows you to use standard SQL to query data stored in S3.