Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Cloud Practitioner > Linux Academy Questions > Flashcards

Linux Academy Questions Flashcards

1
Q

You have a critical application that must be able to be optimized for high disaster recovery. Ideally, which deployment mechanism would you choose?

A) Deployment to multiple data centers
B) Deployment to multiple facilities
C) Deployment to multiple AZs
D) Deployment to multiple regions

A

D) Deployment to multiple regions

Regions represent different geographic locations and are best for disaster recovery.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In the AWS Shared Responsibility Model, what does AWS perform on your behalf for EBS volumns?

A) Replication of the EBS volume across multiple regions
B) Replication of the EBS volume across multiple EC2 instances
C) Replication of the EBS volume across multiple Availability Zones
D) Replication of the EBS volume across the same Availability Zone

A

D) Replication of the EBS volume across the same Availability Zone

When you create an EBS volume, it is automatically replicated in the same Availability Zone to help prevent data loss in the event of a single hardware component failure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What helps you aggregate your logs from your EC2 instance?

A) SNS
B) CloudWatch logs
C) CloudTrail
D) S3

A

B) CloudWatch logs

You can use Amazon CloudWatch Logs to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS CloudTrail, Route 53, and other sources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What service would be most useful in a disaster recovery situation?

A) Route 53
B) AWS EC2
C) AWS Guard Duty
D) AWS S3 transfer acceleration

A

A) Route 53

When you have more than one resource performing the same function—for example, more than one HTTP server or mail server—you can configure Amazon Route 53 to check the health of your resources. For example, suppose your website, example.com, is hosted on six servers, two each in three data centers around the world. You can configure Route 53 to check the health of those servers and to respond to DNS queries for example.com using only the servers that are currently healthy. You can also use Route 53 to switch DNS addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You manage and maintain a web server and a cluster of databases that host the results of scientific experiments for new requests for funding and proposals. Most of the time, these resources are idle but become extremely busy when funding is awarded. What is the best choice for a cost-efficient architecture?

A) Configure an Elastic Load Balancer between your web server and databases.
B) Configure your web server to use an EC2 spot instance.
C) Configure the database cluster to be an RDS cluster with multiple Availability Zones.
D) Configure a serverless architecture using AWS Lambda functions.

A

D) Configure a serverless architecture using AWS Lambda functions.

AWS Lambda automatically scales out to meet demand for the database cluster, provides a platform to run code without the need of a dedicated web server, and you only pay for the compute time you use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

For auditing purposes, your company now wants to monitor all API activity for all regions in your AWS environment. What can you use to fulfill this new requirement? Please select the best answer out of the available choices.

A) Enable CloudTrail for all Availability Zones.
B) Use AWS Config to enable the trail for all regions.
C) For each region, enable CloudTrail and send all logs to a bucket in each region.
D) Make sure you have CloudTrail created in all Regions.

A

D) Make sure you have CloudTrail created in all Regions.

Turn on CloudTrail for all regions in your environment and CloudTrail can deliver all log files from all regions to one S3 bucket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following tools can best assist with identifying common security vulnerabilities?

A) AWS Inspector
B) AWS Config
C) AWS Guard Duty
D) AWS Trusted Advisor

A

A) AWS Inspector

AWS Inspector can check your EC2 instances for common security vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You receive an alert an issue between an application and the database servers. What should you check to ensure communication is working?

A) AWS KMS
B) Security group rules
C) NACL rules
D) AWS IAM roles

A

B) Security group rules

Since the issue is communication between the application and server, you should check security group rules since security groups control access at the instance ENI level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which option below cannot be used to import data into Amazon Glacier?

A) AWS S3 lifecycle policies
B) AWS Management Console
C) AWS Glacier API
D) AWS Glacier SDK

A

B) AWS Management Console

The AWS Management Console cannot be used to upload data to Glacier; the management console can only be used to create a Glacier vault that can be used to upload data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What acts as a virtual firewall that controls traffic to your EC2 instances?

A) Security group
B) IAM
C) NACL
D) AWS WAF

A

A) Security group

AWS security groups (SGs) are associated with EC2 instances and provide security at the protocol and port access level. Each security group—working much the same way as a firewall—contains a set of rules that filter traffic coming into and out of an EC2 instance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How can you make sure your organization does not exceed its monthly budget?

A) Sign up for the free alert under billing preferences in the AWS Management Console.
B) Set a schedule to regularly review the Billing and Cost Management dashboard each month.
C) Create an email alert in AWS Budgets.
D) In CloudWatch, create an alarm that triggers each time the limit is reached.

A

C) Create an email alert in AWS Budgets.

AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount. You can also use AWS Budgets to set reservation utilization or coverage targets and receive alerts when your utilization drops below the threshold you define. Reservation alerts are supported for Amazon EC2, Amazon RDS, Amazon Redshift, Amazon ElastiCache, and Amazon Elasticsearch reservations.

Budgets can be tracked at the monthly, quarterly, or yearly level, and you can customize the start and end dates. You can further refine your budget to track costs associated with multiple dimensions, such as AWS service, linked account, tag, and others. Budget alerts can be sent via email and/or Amazon Simple Notification Service (SNS) topic.

Budgets can be created and tracked from the AWS Budgets dashboard or via the Budgets API.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What AWS service provides you infrastructure as code?

A) CloudFormation
B) OpsWorks
C) Elastic Beanstalk
D) VPC

A

A) CloudFormation

AWS CloudFormation is infrastructure as code and provides a common language for you to describe and provision all the infrastructure resources in your cloud environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following is not a disaster recovery deployment technique?

A) Pilot light
B) Multi-site
C) Warm standby
D) Single site

A

D) Single site

This is not a real solution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Glacier designed for? (Choose 3).

A) Data archives
B) A replacement for tape archives
C) On demand access for archives
D) Infrequently accessed data
E) Cached data
A

A) Data archives
B) A replacement for tape archives
D) Infrequently accessed data

Glacier is low-cost storage for backup and archival data that is often used to replace tape archives.

Glacier is low-cost storage for infrequently accessed data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which statements below are correct regarding scalability?

A) A scalable system diverts traffic to multiple regions.
B) A scalable system distributes traffic based on demand.
C) A scalable system distributes traffic to instances with the highest capacity.
D) A scalable system distributes traffic to instances with the least load.

A

B) A scalable system distributes traffic based on demand.
D) A scalable system distributes traffic to instances with the least load.

Scalability scales up with an increased number of instances and scales down automatically based on demand, as well as diverts traffic to the instances with the least load.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which security feature is associated with a subnet in your VPC to protect incoming traffic requests?

A) GuardDuty
B) NACL
C) Internet Gateway
D) Subnet group

A

B) NACL

A network access control list (NACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

After installing SSL/TLS for security, you were alerted that there is a consistent spike in one of your company’s web servers hosting a large application. This increased activity slowed down your application. Which of the following is the best and most cost-effective option for resolving the slow speed and getting your application to respond quickly again?

A) Create a custom CloudWatch script to monitor the resources and alert you when the application begins to degrade
B) Offload the SSL/TLS from running locally on your application to AWS CloudHSM
C) Migrate the application to a larger EC2 instance with more computing and networking capability
D) Create an auto-scaling group to scale out traffic based on demand

A

B) Offload the SSL/TLS from running locally on your application to AWS CloudHSM

AWS CloudHSM can take the SSL/TLS processing for the web servers. This will reduce the burden on the web server and add extra security by storing the web server’s private key in CloudHSM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which AWS service allows you to analyze EC2 instances against pre-defined security templates to check for vulnerabilities?

A) AWS Inspector
B) AWS Config
C) AWS Trusted Advisor
D) AWS Shield

A

A) AWS Inspector

Inspector allows you to analyze the behavior of your resources and helps identify potential security issues. You define a collection of resources to include in the assessment target and create an assessment template to launch a security assessment run of that target.

19
Q

Which is a benefit of CloudFront?

A) Serverless compute capacity
B) Unlimited storage
C) DNS management
D) Built-in DDoS protection

A

D) Built-in DDoS protection

CloudFront allows you to cache content at edge locations. When a request is made for that content, the request is sent to an edge location (not your application’s hardware), so the edge locations absorb DDoS attacks and protect your underlying hardware.

20
Q

In the AWS Shared Responsibility Model, which of the following is not your responsibility as the customer?

A) Encrypting your data
B) Decommissioning your data
C) Managing Security groups and NACLS
D) Patching your EC2 instances

A

B) Decommissioning your data

In the AWS Shared Responsibility Model, customers are not responsible for decommissioning their own data. You as a customer do not own the physical infrastructure and because this you will not be responsible for decommissioning the hardware that your data resides on. AWS will be responsible for decommissioning the data by AWS’s preferred method of hardware destruction.

21
Q

How do you encrypt CloudTrail logs?

A) Send all logs to S3, and enable server-side encryption.
B) No action is needed since they are automatically encrypted.
C) Enable KMS encryption.
D) Enable encryption.

A

B) No action is needed since they are automatically encrypted.

By default, logs files are encrypted using server-side encryption with S3-managed encryption keys.

22
Q

What two encryption key options are available in the AWS web console when you are uploading a new object with the S3 upload wizard?

A) AWS KMS master-key
B) Amazon S3 master-key
C) AWS KMS stored customer key
D) Customer key

A

A) AWS KMS master-key
B) Amazon S3 master-key

The two encryption key options are available in the AWS web console when you are uploading a new object with the upload wizard are the Amazon S3 master-key and the AWS KMS master-key options.

23
Q

Which option below allows you to call AWS services from programming languages?

A) AWS IAM
B) AWS Management Console
C) AWS CLI
D) AWS SDK

A

D) AWS SDK

AWS SDK takes the complexity out of coding by providing language-specific APIs for AWS services.

24
Q

AWS Trusted Advisor provides insight into which five categories of an AWS account?

A) Performance, connectivity, cost optimization, access control, and service limits
B) Security, fault tolerance, high availability, connectivity, and service limits
C) Security, fault tolerance, high availability, access control, and service limits
D) Performance, fault tolerance, cost optimization, security, and service limits

A

D) Performance, fault tolerance, cost optimization, security, and service limits

Trusted Advisor provides insight for your AWS account for five categories: performance, fault tolerance, cost optimization, security, and service limits

25
Q

What do you use to ensure an EC2 instance has appropriate access to your S3 bucket?

A) AWS IAM roles
B) AWS IAM users
C) AWS IAM groups
D) AWS IAM policies

A

A) AWS IAM roles

IAM roles can be used to delegate access to users, applications, or services to your AWS resources.

26
Q

An administrator would like to prepare a report that will be presented to the auditing team. The report is meant to depict that the organization’s cloud infrastructure has followed the widely accepted industry standards of deployment, maintenance, and monitoring. Which tool can they use to assist them?

A) AWS CloudTrail
B) AWS Trusted Advisor
C) AWS Organizations
D) AWS Total Cost of Ownership

A

A) AWS CloudTrail

27
Q

An administrator would like to automate the creation of new AWS accounts for the research and development department of the organization where new workloads need to be spun up promptly and categorized into groups. How can this be achieved efficiently?

A) Use of AWS CloudFormation would be sufficient
B) Use of AWS Organizations
C) Using the AWS API to programmatically create each account via command line interface
D) AWS Identity Access Management (IAM)

A

B) Use of AWS Organizations

28
Q

An administrator would like to efficiently automate the replication and deployment of a specific software configuration existent on one EC2 instance onto four hundred others. Which AWS service is BEST suited for implementation?

A) AWS OpsWorks
B) AWS Beanstalk
C) AWS Launch Configuration
D) AWS Auto-scaling

A

A) AWS OpsWorks

29
Q

“S3 Intelligent-Tiering” object storage class delivers automatic cost savings by moving data between which of the two access tiers?

A) Standard access and Frequent access
B) Frequent access and Infrequent access
C) Standard access and Infrequent access
D) Standard access and One Zone-Infrequent access

A

B) Frequent access and Infrequent access

30
Q

A radio station compiles a list of the most popular songs each year and will seldom refer to the information thereafter. Listeners can get access to this information up to 24 hours after request. Which is the most cost-effective object storage for this information?

A) Amazon S3 Glacier
B) Amazon S3 One Zone - Infrequently Accessed
C) Amazon S3 Glacier Deep Archive
D) Amazon S3 Standard - Infrequently Accessed

A

C) Amazon S3 Glacier Deep Archive

31
Q

A developer would like to automate the installation, updating of a set of applications on a series of EC2 instances and on-premise servers. Which is the most appropriate service to use to achieve this requirement?

A) AWS CodeBuild
B) AWS CodeCommit
C) AWS CodeDeploy
D) AWS CloudFormation

A

C) AWS CodeDeploy

32
Q

Which statements accurately distinguish AWS Cloud9 from AWS Lambda. (Select TWO)

A) With AWS Cloud9, developers can share in real-time a development environment with just a few clicks and pair program together. This is not possible with AWS Lambda
B) AWS Lambda can be used to create functions that run in AWS Cloud9 IDE
C) AWS Lambda functions are dependent on the Amazon API Gateway whilst AWS Cloud9 IDE can write, run, and debug any code
D) AWS Cloud9 provides an online platform to write, run, and debug code from the browser, whilst AWS Lambda functions can be installed locally
E) Without locally installing an IDE, AWS Cloud9 will not run.

A

A) and B)

33
Q

In Cost Optimization, what is referred to as EC2 Right Sizing?

A) It is a cost-effective solution to determine the appropriate Amazon EC2 resources such as memory, processor type and storage when provisioning an instance type.
B) It is a cost-saving solution that analyses data over a period of time to determine and recommend the type of Amazon EC2 instances appropriate for your workload.
C) It is the scaling down or scaling up of Amazon EC2 instances and instance types to meet workload demand by maintaining only the threshold resources.
D) It is a cost-saving solution that outlines the recommendations of best practice in four aspects, namely cost optimization, performance, fault tolerance, and service limits.

A

A) It is a cost-effective solution to determine the appropriate Amazon EC2 resources such as memory, processor type, and storage when provisioning an instance type.

34
Q

When designing a highly available architecture, what is the difference between vertical scaling (scaling up) and horizontal scaling (scaling out)?

A) Scaling up provides for high availability whilst scaling out brings fault-tolerance
B) Scaling out is not cost-effective compared to scaling up
C) Scaling up adds more resources to an instance, scaling out adds more instances
D) Autoscaling groups require scaling up whilst launch configurations use scaling out

A

C) Scaling up adds more resources to an instance, scaling out adds more instances

35
Q

Which of the following is an accurate statement regarding AWS resource tags? (Select TWO)

A) All AWS resource tags have a semantic interpretation
B) Within a resource tag, every defined key must have a value string
C) By default, resource tags are assigned as null, null
D) Resource tags can be edited or removed at any time
E) Placement groups support tags

A

D) Resource tags can be edited or removed at any time

E) Placement groups support tags

36
Q

A start-up organization would like to instantaneously deploy a complex web and mobile application development environment, complete with the necessary resources and peripheral assets. How can this be achieved efficiently?

A) By putting together the necessary components from AWS services, starting with EC2 instances
B) Creating AWS Lambda functions that will be triggered by single-button click to call the appropriate API of the respective resources and peripheral assets needed.
C) Using AWS Quick Starts to identify and provision the appropriate AWS CloudFormation templates
D) Making use of the AWS Serverless Application Repository to identify and deploy the resources needed for a web and movile application development environment.

A

C) Using AWS Quick Starts to identify and provision the appropriate AWS CloudFormation templates

37
Q

Your company is planning to host resources in the AWS Cloud. They want to use services which can be used to decouple resources hosted on the cloud. Which of the following services can help fulfill this requirement?

A) AWS EBS volumes
B) AWS EBS snapshots
C) AWS Glacier
D) AWS SQS

A

D) AWS SQS

Amazon Simple Queue Service (SQS) offers a reliable, highly-scalable hosted queue for storing messages as they travel between applications or microservices. It moves data between distributed application components and helps you decouple these components.

38
Q

Select TWO statements that describe the main roles of AWS Web Application Firewall (WAF) and AWS Shield.

A) AWS Shield Standard is inherently available within the AWS WAF service at no extra cost
B) AWS WAF is inherently available within the AWS Shield Standard service at an additional charge
C) AWS WAF will provide expanded protection against SYN floods, DNS query floods and UDP reflection attacks at no additional cost
D) AWS WAF and AWS Shield are fully-managed services
E) AWS WAF is included with AWS Shield Advanced at no extra cost - a service that prevents distributed denial of service (DDoS) attacks

A

A) and E)

39
Q

An organization runs several EC2 instances inside a VPC using three subnets, one for Development, one for Test, and one for Production. The Security team has some concerns about the VPC configuration and needs to restrict the communication across the EC2 instances using Security Groups. Which of the following options is true for Security Groups?

A) You can change a Security Group associated with an instance if the instance state is stopped or running.
B) You can change a Security Group associated with an instance if the instance state is stopped, but not if it’s running.
C) You can change a Security Group only if there are no instances associated with it.
D) The only Security Group you can change is the default Security Group.
E) None of the above.

A

A) You can change a Security Group associated with an instance if the instance state is stopped or running.

40
Q

Which of the following are features of an edge location. Choose 3 answers from the options given below.

A) Distribute content to users
B) Cache common responses
C) Distribute load across multiple resources
D) Used in conjunction with the CloudFront service

A

A), B), and D)

41
Q

A company currently has an application which consists of a .NET layer which connects to a MySQL database. They now want to move this application onto AWS. They want to make use of all AWS features such as high availability and automated backups. Which of the following would be an ideal database in AWS to migrate to for this requirement?

A) Aurora
B) DynamoDB
C) An EC2 instance with MySQL installed
D) An EC2 instance with Aurora installed

A

A) Aurora

42
Q

You are requested to expose your serverless application implemented with AWS Lambda to HTTP clients (using HTTP Proxy). Which of the following AWS services can you use to accomplish the task? (Select TWO)

A) AWS Elastic Load Balancing (ELB)
B) AWS Route53
C) AWS API Gateway
D) AWS Lightsail
E) AWS Elastic Beanstalk
A

A) AWS Elastic Load Balancing (ELB)
C) AWS API Gateway

Application load balancers now support invoking Lambda functions to serve HTTP(S) requests. This enables users to access serverless applications from any HTTP client, including web browsers.

API Gateway + Lambda is a common pattern for exposing serverless functions via HTTP(S). “Creating, deploying, and managing a REST API to expose backend HTTP endpoints, AWS Lambda functions, or other AWS services.”

43
Q

Which of the following AWS services use serverless technology? (Choose TWO)

A) DynamoDB
B) EC2
C) S3
D) AWS Autoscaling

A

A) DynamoDB

C) S3

44
Q

Which of the following disaster recovery deployment mechanisms results in the greatest downtime for users?

A) Pilot light
B) Warm standby
C) Multi-site
D) Backup and Restore

A

D) Backup and Restore

In order of most to least downtime:

  • Backup and Restore
  • Pilot Light
  • Warm Standby
  • Multi-site

AWS Cloud Practitioner (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions