Must know 2

Question 1

What is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account by allowing logging, continuous monitoring, and retention of account activity related to actions across your infrastructure, including those done by AWS accts?

Answer 1

AWS CloudTrail

Question 2

What is AWS CloudTrail?

Answer 2

It is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account by allowing logging, continuous monitoring, and retention of account activity related to actions across your infrastructure, including those done by AWS accts?

Question 3

What is a fully managed application streaming service which you can use to centrally manage your desktop applications?

Answer 3

Amazon AppStream 2.0

Question 4

What service is primarily used to collect monitoring and operational data in the form of logs, metrics, and events, providing you with a unified view of AWS resources, applications, and services that run on AWS and on-premises servers?

Answer 4

Amazon CloudWatch

Question 5

What is AWS Trusted Advisor?

Answer 5

An application that draws upon best practices learned from AWS’ aggregated operational history of serving hundreds of thousands of AWS customers. Trusted Advisor inspects your AWS environment and makes recommendations for saving money, improving system performance, or closing security gaps.

Question 6

What accounts support full trusted advisor? What about Developer?

Answer 6

Business & Enterprise; Developer provides 7 core checks

Question 7

How does AWS Trusted Advisor compare to Amazon CloudWatch?

Answer 7

TA provides best practices while CloudWatch collects monitoring and operation data in a unified view and gives you actionable insights to monitor

Question 8

What is the main benefit of serverless?

Answer 8

It eliminates infrastructure management tasks such as server or cluster provisioning, patching, operating system maintenance, and capacity provisioning, allowing you to increase your agility and innovation

Question 9

What is Amazon SQS used for?

Answer 9

To transmit any volume of data, at any level of throughput, without losing messages or requiring other services to be available

Question 10

How does Amazon SQS increase overall fault tolerance?

Answer 10

By decoupling application components so that they fail and run independently, and storing multiple copies of every message are stored redundantly across multiple availability zones so that they are available whenever needed?

Question 11

How do you automatically get Amazon EC2, Amazon RDS, ElastiCache, Amazon ES, and Amazon Redshift Reserved Instance (RI) purchase recommendations that could help you reduce your costs?

Answer 11

By enabling Cost Explorer

Question 12

What provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources; and is built to scale on-demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth?

Answer 12

Amazon Elastic File System (EFS)

Question 13

If you cannot reach one of your EC2 web servers behind an ELB whenever you enter the DNS name of your load balancer. Which of the following should you first check to gain more insight on the issue?

Answer 13

ELB Health Check

Question 14

What continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations?

Answer 14

AWS Config

Question 15

What services allow you to mask downtime of your application by rerouting your traffic to healthy instances?

Answer 15

Amazon Route 53 & ELB

Question 16

What services allows you to store Docker images and orchestrate Docker containers in a simple and cost-effective manner?

Answer 16

Elastic Container Service & Registry (ECS & ECR)

Question 17

What allows you to create workflow tasks that will simplify and automate operations for you. You can configure automatic retry to allow SWF to retry failed activity or workflow tasks along with your given conditions. If your app’s steps take more than 500 milliseconds to complete, you need to track the state of processing, and you need to recover or retry if a task fails, Amazon SWF can help you?

Answer 17

AWS Simple Workflow

Question 18

What service has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time, including custom reports (including charts and tabular data) that analyze cost and usage data, both at a high level and for highly-specific requests, allowing you to dive deeper into your cost and usage data to identify trends, pinpoint cost drivers, and detect anomalies?

Answer 18

Cost Explorer

Question 19

What service lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily, allowing scale to millions of users and supports sign-in with social identity providers, such as Facebook, Google, and Amazon, and enterprise identity providers via SAML 2.0?

Answer 19

Amazon Cognito

Question 20

What is Amazon WorkSpaces?

Answer 20

A managed, secure Desktop-as-a-Service (DaaS) solution where you provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe

Question 21

What is a cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with just a browser, which includes a code editor, debugger, and terminal?

Answer 21

Cloud9

Question 22

What is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools that allows you to run complex analytic queries against petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance local disks, and massively parallel query execution?

Answer 22

Amazon Redshift

Question 23

What provides serverless orchestration for modern applications to centrally manage a workflow by breaking it into multiple steps, adding flow logic, and tracking the inputs and outputs between the steps?

Answer 23

AWS Step Functions

Question 24

What is a web service that enables businesses, researchers, data analysts, and developers to easily and cost-effectively process vast amounts of data using a hosted Apache Hadoop framework running on the web-scale infrastructure of Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Simple Storage Service (Amazon S3)?

Answer 24

Amazon EMR

Question 25

What is a substitutes for an account ID in the web address for your account, which can be created and managed by AWS Management Console, AWS CLI, or AWS API?

Answer 25

Account Alias

Question 26

Which drive is better for small/random vs. large/sequential workloads?

Answer 26

Solid State Drive: Small & Random

Hard Disk Drive: Large & Sequential

Question 27

What is a fast, scalable NoSQL database service of AWS?

Answer 27

Amazon DynamoDB

Question 28

What is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL?

Answer 28

Amazon Athena

Question 29

What do security groups accept as inbound and/or outbound rules?

Answer 29

Security groups accept IP address, IP address range, and security group ID as either source or destination of inbound or outbound rules.

Question 30

You can manage your instances, images, and other Amazon EC2 resources, you can optionally assign your own _______ to each resource in the form of ___.

Answer 30

Metadata, Instance tags

Question 31

What is AWS’s Digital User Engagement Service that enables AWS customers to effectively communicate with their end-users and measure user engagement across multiple channels including email, Text Messaging (SMS) and Mobile Push Notifications?

Answer 31

Amazon Pinpoint

Question 32

Chef or Puppet is needed?

Answer 32

AWS OpsWorks

Question 33

What is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS by providing always-on detection and automatic inline mitigations that minimize application downtime and latency, so there is no need to engage AWS Support to benefit from DDoS protection?

Answer 33

AWS Shield

Question 34

Aside from EC2, what others are reservation models available for?

Answer 34

Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Redshift, and Amazon DynamoDB.

Question 35

What a self-healing relational database engine (where data blocks and disks are continuously scanned for errors and repaired automatically) that combines the speed and reliability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases, and designed to transparently handle the loss of up to two copies of data without affecting database write availability and up to three copies without affecting read availability?

Answer 35

Amazon Aurora

Question 36

Which AWS storage service offers faster disk read and write performance and provides temporary block-level storage for your instance?

Answer 36

Instance Store

Question 37

What is the lowest support plan that allows an unlimited number of technical support cases to be opened?

Answer 37

Developer

Question 38

As an AWS customer, what offering do you naturally inherit from AWS after you sign up?

Answer 38

AWS customers inherit all of the benefits of their security controls, including best practices for security policies, architecture, and operational processes validated against external assurance frameworks.

Question 39

What AWS service can monitor the compliance status of your AWS resources against a set of compliance guidelines?

Answer 39

AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.

Question 40

What type of EBS volume is recommended for most workloads and is also usable as a boot volume?

Answer 40

General Purpose SSD

Question 41

What are the 5 aspects of Trusted Advisor checks?

Answer 41

Cost Optimization – recommendations that can potentially save you money by highlighting unused resources and opportunities to reduce your bill.

Security – identification of security settings that could make your AWS solution less secure.

Fault Tolerance – recommendations that help increase the resiliency of your AWS solution by highlighting redundancy shortfalls, current service limits, and over-utilized resources.

Performance – recommendations that can help to improve the speed and responsiveness of your applications.

Service Limits – recommendations that will tell you when service usage is more than 80% of the service limit.

Question 42

What is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage?

Answer 42

AWS Storage Gateway

Question 43

What is used in order for you to establish private connectivity between AWS and your datacenter, office, or colocation environment?

Answer 43

AWS Direct Connect

Question 44

What is an edge computing and data transfer device provided by the AWS Snowball service?

Answer 44

AWS Snowball Edge

Question 45

Which of the following RDS engines allows you to bring your own license (BYOL)?

Answer 45

Oracle

Question 46

Which control does the customer fully inherit from AWS based on the Shared Responsibility Model?

Answer 46

All the physical and environmental controls on their data centers, network cables, servers, and other equipment

Question 47

What is a curated digital catalog that makes it easy for customers to find, buy, deploy, and manage third-party software and services that customers need to build solutions and run their businesses?

Answer 47

AWS Marketplace

Question 48

In implementing continuous integration and continuous delivery (CI/CD) in your cloud architecture, which service will make it easy for you to set up your entire development and continuous delivery toolchain for coding, building, testing, and deploying your application code?

Answer 48

CodeStar

Question 49

What are the benefits of using Amazon DynamoDB as your database?

Answer 49

1. DB size scales automatically so you don’t have to worry about capacity
2. You can store different kinds of unstructgured data that would normally not be suitable for relational databases

Question 50

A customer has a popular website that has millions of viewers from all over the world and has read-heavy database workloads. Which of the following is the best option to use to increase the read throughput on their database?

Answer 50

Enable Amazon RDS Read Replicas

Question 51

What connects VPCs and on-premises networks through a central hub to simplify your network and puts an end to complex peering relationships as a cloud router?

Answer 51

AWS Transit Gateway

Question 52

What handles the complexity of creating, storing, and renewing public SSL/TLS X.509 certificates and keys that protect your AWS websites and applications, allowing you to provide certificates for supported AWS services either by issuing them directly with ACM or by importing third-party certificates into the ACM management system, so that this AWS service can secure multiple domain names and multiple names within a domain?

Answer 52

AWS Certificate Manager (ACM)

Question 53

What should you use when you must support HTTPS connections in a region not supported by ACM?

Answer 53

IAM

Question 54

Which is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy?

Answer 54

CodeBuild

Question 55

An organization is mandated to secure its Amazon S3 bucket and ensure that it cannot have any public objects to satisfy the compliance requirements.

What S3 feature should be used to easily accomplish this?

Answer 55

Block Public Access

Question 56

What is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage in S3, giving customers way to to simplify storage management and reduce costs for key hybrid cloud storage use cases, including moving backups to the cloud, using on-premises file shares backed by cloud storage, and providing low latency access to data in AWS for on-premises applications?

Answer 56

AWS Storage Gateway

Question 57

What establishes a dedicated connection between your on-premises data center and your AWS cloud resources?

Answer 57

AWS Direct Connect

Question 58

What is a VPC endpoint for Amazon S3 that enables AWS services in your VPC to use private IP addresses to access Amazon S3 with no exposure to the public Internet?

Answer 58

Amazon S3 Gateway Endpoint

Question 59

What is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL that is serverless, so there is no infrastructure to set up or manage, and you can start analyzing data immediately, without the need to load your data as it works directly with data stored in S3?

Answer 59

Amazon Athena

Question 60

What allows you to query and retrieve structured and semi-structured data from files in Amazon S3 without having to load the data?

Answer 60

Amazon Redshift Spectrum

Question 61

What is a set of batch management capabilities that enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS, which dynamically provisions the optimal quantity and type of compute resources based on the volume and specific resource requirements of the batch jobs submitted?

Answer 61

AWS Batch

Question 62

What is a service that improves the availability and performance of your applications with local or global users by providing you with static IP addresses that serve as a fixed entry point to your applications hosted in one or more AWS Regions, which then are anycast from AWS edge locations, so they’re announced from multiple AWS edge locations at the same time, allowing traffic to ingress onto the AWS global network as close to your users as possible?

Answer 62

AWS Global Accelerator

Question 63

The security team needs to automate security vulnerability assessments throughout their development and production environments. Which service should they use to comply with this requirement?

Answer 63

Amazon Inspector

Question 64

What is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS that is mainly used to protect web applications, TCP-based applications, and UDP-based game servers against a DDoS attack?

Answer 64

AWS Shield

Question 65

What is is a web application firewall that helps protect your web applications from common web exploits such as XSS and SQL injection, and not for automated security vulnerability assessments that you can use AWS WAF to create custom rules that block common attack patterns and rules that are designed for your specific application?

Answer 65

AWS WAF

Question 66

What is used for sharing private content through CloudFront in the form of a virtual user identity that will be used to give your CloudFront distribution permission to fetch a private object from your origin server, restrict access to content that you serve from Amazon S3 buckets by configuring 1) create special CloudFront user, 2) configure S3 bucket permissions, and only allow users to access files through CloudFront not directly from the S3 bucket?

Answer 66

Origin Access Identity

Question 67

Which AWS service provides tracing and monitoring capabilities for your Lambda function?

Answer 67

AWS X-ray

Question 68

What does AWS X-ray make it easy for you to do?

Answer 68

Create service map, identify errors and bugs, and build your own analysis and visualization apps

Question 69

What are the basic support included for all AWS customers?

Answer 69

Customer Service & Communities - 24x7 access to customer service, documentation, whitepapers, and support forums.

AWS Trusted Advisor - Access to the 7 core Trusted Advisor checks and guidance to provision your resources following best practices to increase performance and improve security.

AWS Personal Health Dashboard - A personalized view of the health of AWS services, and alerts when your resources are impacted.

Hence, the correct answer is: Basic, Developer, Business, and Enterprise support plans.

Question 70

What are the benefits of AWS organizations?

Answer 70

• Centrally Manage Policies across Multiple AWS Accounts
• Automate AWS Account Creation and Management
• Consolidate Billing across Multiple AWS Accounts
• Govern Access to AWS Services, Resources, and Regions
• Configure AWS Services Across Multiple Accounts

Question 71

What is a massively scalable and durable real-time data streaming service that can continuously capture gigabytes of data per second from hundreds of thousands of sources such as website clickstreams, database event streams, financial transactions, social media feeds, IT logs, and location-tracking events? The data collected is available in milliseconds to enable real-time analytics use cases such as real-time dashboards, real-time anomaly detection, dynamic pricing, and more.

Answer 71

Amazon Kinesis Data Streams

Question 72

What is a managed service that easily enables you to create and control the keys used for cryptographic operations. The service provides a highly available key generation, storage, management, and auditing solution for you to encrypt or digitally sign data within your own applications or control the encryption of data across AWS services?

Answer 72

AWS KMS

Question 73

What is S3 pricing based on?

Answer 73

The rate you are charged depends on your objects’ size, how long you stored the objects and the storage class.

Question 74

What is an online tool that provides real-time guidance to help you provision your resources following AWS best practices that provides recommendations for Cost Optimization, Performance, Security, Fault Tolerance, and Service Limit?

Answer 74

AWS Trusted Advisor

Question 75

Which AWS team can assist you when your AWS resources are impacted by potentially abusive activities such as phishing, malware, spam, and denial of service (DoS) or distributed denial of service (DDoS) incidents?

Answer 75

AWS Abuse

Question 76

What is aconfiguration management service that helps customers configure and operate applications, both on-premises and in the AWS Cloud, using Chef, and Puppet?

Answer 76

AWS OpsWorks

Question 77

What service will allow you to safely store and automatically rotate database secrets for services such as Amazon RDS and Amazon Redshift?

Answer 77

AWS Secrets Manager

Question 78

What AWS services does Amazon EBS use natively for encryption?

Answer 78

AWS KMS

Question 79

What is a managed service that enables you to create and control the keys used for cryptographic operations easily by providing a highly available key generation, storage, management, and auditing solution for you to encrypt or digitally sign data within your own applications or control the encryption of data across AWS services?

Answer 79

AWS Key Management Service (KMS)

Question 80

What are the key features of Route 53?

Answer 80

• Resolver - get recursive DNS for your Amazon VPC and on-premises networks.
• Traffic flow - route end users to the best endpoint for your application based on geoproximity, latency, health, and other considerations.
• Latency based routing - route end users to the AWS region that provides the lowest possible latency.
• Geo DNS - route end users to a particular endpoint that you specify based on the end user’s geographic location.
• Private DNS for Amazon VPC - Manage custom domain names for your internal AWS resources without exposing DNS data to the public Internet.
• DNS Failover - automatically route your website visitors to an alternate location to avoid site outages.
• Health Checks and Monitoring - monitor your application’s health and performance, as well as your web servers and other resources.
• Domain Registration - search for and register available domain names or transfer in existing domain names.

Question 81

What is a software development platform to deploy apps where apps are packaged in containers that can be run on any OS, allowing the apps to run the same regardless of where they run?

Answer 81

Docker

Question 82

What is a private docker repository, which stores docker images?

Answer 82

Amazon Elastic Container Registry

Question 83

What can speed up content transfers to and from Amazon S3 by as much as 50% - 500% for long-distance transfer of larger objects. Customers who have either web or mobile applications with widespread users or applications hosted far away from their S3 bucket can experience long and variable upload and download speeds over the Internet?

Answer 83

Amazon S3 Transfer Acceleration

Question 84

A customer plans to use Amazon S3 to store their less frequently accessed data and reduce their costs. The data is re-creatable and will be used as a secondary backup. Which of the following storage classes is the cheapest and most suitable option?

Answer 84

S3 One Zone -IA

Question 85

What is built by AWS solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability. These accelerators reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately?

Answer 85

AWS Quick Starts

Question 86

A company is planning to launch an Amazon EC2 instance with an attached EBS volume in a default configuration. You will be charged only for the EBS storage in which instance state?

Answer 86

Stopped

Question 87

What is an AWS provisions encryption hardware?

Answer 87

AWS CloudHSM

Question 88

Which of the following pricing options will automatically reduce your cost on any EC2 instance usage regardless of region, instance family, size, OS, or tenancy?

Answer 88

Savings Plans

Question 89

What allows you to seamlessly set up, run, and scale popular open-Source compatible in-memory data stores in the cloud. Build data-intensive apps or boost the performance of your existing databases by retrieving data from high throughput and low latency in-memory data stores?

Answer 89

Amazon ElastiCache

Question 90

What are the different types of ElastiCache services?

Answer 90

ElastiCache for Redis - it is a blazing fast in-memory data store that provides sub-millisecond latency to power internet-scale real-time applications.

ElastiCache for Memcached- a Memcached-compatible in-memory key-value store service that can be used as a cache or a data store.

ElastiCache for Redis Global Database - you can write to your ElastiCache for Redis cluster in one region and have the data available to be read from two other cross-region replica clusters, thereby enabling low-latency reads and disaster recovery across regions.

Question 91

What is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS that recognizes sensitive data such as personally identifiable information (PII) or intellectual property and provides you with dashboards and alerts that give visibility into how these data are being accessed or moved?

Answer 91

Amazon Macie

Question 92

What is a highly scalable and cost-effective service for sending and receiving email that eliminates the complexity and expense of building an in-house email solution or licensing, installing, and operating a third-party email solution by allowing use of SMTP interface or one of the AWS SDKs to integrate Amazon SES directly into your existing applications, as well as also embedding the email sending capabilities of Amazon SES into the software you already use, such as ticketing systems and email clients?

Answer 92

Amazon Simple Email Service

Question 93

Which AWS service is primarily used for software version control?

Answer 93

AWS CodeCommit

Question 94

What is a fully-managed source control service that hosts secure Git-based repositories, which makes it easy for teams to collaborate on code in a secure and highly scalable ecosystem?

Answer 94

AWS CodeCommit

Question 95

Which aspects of security on AWS are customer responsibilities? (Select TWO.)

• Availability of AWS regions
• Physical access controls
• Server-side encryption
• Patching of storage systems
• Setting up account pw policies

Answer 95

• Server-side encryption

- Setting up account pw policies

Question 96

What makes it easy to add image and video analysis to your applications, allowing it to identify the objects, people, text, scenes, and activities, as well as detect any inappropriate content?

Answer 96

Amazon Rekognition

Question 97

What is an automatic speech recognition (ASR) service that makes it easy for developers to add speech-to-text capability to their applications?

Answer 97

Amazon Transcribe

Question 98

What svc identifies the language of the text; extracts key phrases, places, people, brands, or events; understands how positive or negative the text is; analyzes text using tokenization and parts of speech; and automatically organizes a collection of text files by topic?

Answer 98

Amazon Comprehend

Question 99

Which of the following AWS services are compute services? (Select TWO.)

• Amazon Inspector
• AWS Batch
• AWS CloudTrail
• Amazon EFS
• AWS Elastic Beanstalk

Answer 99

• AWS Elastic Beanstalk

- AWS Batch

Question 100

What is a PaaS that is a developer centric view of deploying an application on AWS?

Answer 100

AWS Elastic Beanstalk

Question 101

Which AWS service or feature can be used to restrict the individual API actions that users and roles in each member account can access?

Answer 101

AWS Organizations

Question 102

How can a user quickly determine if any Amazon EC2 instances have ports that allow unrestricted access?

Answer 102

AWS Trusted Advisor

Question 103

What scans your AWS infra, compares it to AWS best practices, and provides recommended actions?

Answer 103

AWS Trusted Advisor

Question 104

What can be used to quickly connect from an office to an Amazon VPC?

Answer 104

AWS managed VPN (via Amazon VPC)

Question 105

How many regions can ELB span?

Answer 105

1

Question 106

What helps you protect secrets needed to access your applications, services, and IT resources, and also enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle?

Answer 106

Internet gateway

Question 107

What is used for outbound internet access for instances running in a private SUBNET?

Answer 107

NAT Gateway

Question 108

What is AWS vs. customer responsible for in using RDS?

Answer 108

AWS manage administration tasks including hardware provisioning, database setup, patching and backups.

Customers are responsible for configuring security groups to control access to the database.

Question 109

Which AWS service can be used to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PC?

Answer 109

Elastic Transcoder

Question 110

When storing sensitive company data in Amazon S3, which security best practices should customers follow?

Answer 110

“Enable S3 server-side encryption on the S3 bucket”

AWS recommend enabling encryption of data at rest. One of the options for encrypting data in S3 is to enable server-side encryption on the S3 bucket. With Server-side encryption, Amazon S3 encrypts objects before saving them to disks in the AWS data centers and then decrypts the objects when they are downloaded.

Question 111

What do AWS Cost Management tools include?

Answer 111

Services, tools, and resources to organize and track cost and usage data, enhance control through consolidated billing and access permissions, enable better planning through budgeting and forecasts, and further lower costs with resources and pricing optimizations.

Question 112

Which is built by Amazon Web Services (AWS) solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability to reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately, including AWS CloudFormation templates that automate the deployment and a guide that discusses the architecture and provides step-by-step deployment instructions?

Answer 112

Quick Starts

Question 113

What are the benefits of CloudFront?

Answer 113

– Cache content at Edge Location for fast distribution to customers.

– Built-in Distributed Denial of Service (DDoS) attack protection.

– Integrates with many AWS services (S3, EC2, ELB, Route 53, Lambda).

Question 114

Which AWS service or feature can be used to capture information about inbound and outbound IP traffic on network interfaces in a VPC?

Answer 114

VPC Flow Logs

Question 115

A Cloud Practitioner wants to configure the AWS CLI for programmatic access to AWS services. Which credential components are required?

Answer 115

Access key = access key ID & secret access key

Question 116

What are the names of two types of AWS Storage Gateway?

Answer 116

Gateway Virtual Tape Library & File Gateway

Question 117

What service enables hybrid storage between on-premises environments and the AWS Cloud? What are the types?

Answer 117

AW Storage Gateway (file, volume, and tape)

Question 118

What protects against common exploits that could compromise application availability, compromise security or consume excessive resources?

Answer 118

AWS WAF

Question 119

What is a managed Distributed Denial of Service (DDoS) protection service?

Answer 119

AWS Shield

Question 120

A user has limited knowledge of AWS services, but wants to quickly deploy a scalable Node.js application in an Amazon VPC.

Which service should be used to deploy the application?

Answer 120

AWS Elastic Beanstalk