Practice Exam 2 Flashcards
A company can provision a new EC2 instance at the click of a button, which reduces the time to make those resources available to their development team from weeks to just minutes. Which benefit of cloud computing does this demonstrate?
Trade capital expense for variable expense.
Stop spending money running and maintaining data centers.
Increase speed and agility.
Go global in minutes.
Increase speed and agility.
The cloud gives you increased speed and agility. All the services you have access to help you innovate faster, giving you speed to market.
Which of the following are load balancer types offered by AWS?
(Choose 3)
Web
Original
Classic
Application
Network
Database
Service
Classic
Classic is a valid load balancer type AWS offers.
Application
Application is a valid load balancer type AWS offers.
Network
Network is a valid load balancer type AWS offers.
Your company is migrating to the AWS Cloud. For servers, your company has existing server-bound software licenses they would like to continue to use. Which EC2 purchasing option allows this?
Reserved
Dedicated Host
On-Demand
Spot
Dedicated Host
The Dedicated Host option will allow for reuse of these hardware-bound licenses
Which of the following can be specified as an origin when creating a CloudFront distribution?
(Choose 3)
An S3 bucket
An RDS instance
An elastic load balancer
A domain name
An S3 bucket
An elastic load balancer
A domain name
A CloudFront origin can be an S3 bucket, an elastic load balancer, or a valid domain name.
During disaster recovery exercises, you need to re-route traffic from EC2 instances to instances in another Region. With which service can you do this?
AWS Auto Scaling
Route 53
VPC Peering
CloudFront
Route 53
Route 53 can be used for disaster recovery by simply shifting traffic to the new Region. Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to internet applications by translating names (like www.example.com) into the numeric IP addresses (like 192.0.2.1) that computers use to connect to each other. Amazon Route 53 is fully compliant with IPv6 as well.
Which AWS service would enable you to view the spending distribution in 1 of your AWS accounts?
Billing Advisor
AWS Cost Explorer
AWS Spending Explorer
AWS Organizations
AWS Cost Explorer
Cost Explorer allows you to visualize and forecast your costs and usage over time.
Which of the following are best practices when it comes to securing your AWS account?
(Choose 5)
Activate MFA on the root account
Use groups to assign permissions
Apply an IAM password policy
Store your root account keys on your application for easy access.
Delete your root account password.
Delete your root access keys.
Create individual IAM users
Activate MFA on the root account
The root account has full control and access within an individual AWS account; therefore, it should be protected with MFA.
Use groups to assign permissions
Creating individual IAM users, using groups to assign them permissions, and creating a strong password policy are all key components of securing your AWS account.
Apply an IAM password policy
Creating individual IAM users, using groups to assign them permissions, and creating a strong password policy are all key components of securing your AWS account.
Delete your root access keys.
Creating individual IAM users, using groups to assign them permissions, and creating a strong password policy are all key components of securing your AWS account. The root user should only be used in emergencies, and therefore there should be no need to have root access keys which allow the root user programmatic access - any programmatic access should use something other than the root account. It is not possible to delete the root password, and this should be securely, safely stored and not used in any applications!
Create individual IAM users
Creating individual IAM users, using groups to assign them permissions, and creating a strong password policy are all key components of securing your AWS account.
You are reviewing the AWS Shared Responsibility model to present an overview to management on what your company is responsible for in AWS. Which option is a customer responsibility?
Customer data
Availability Zones
Networking
Edge locations
Customer data
Customers are responsible for the storage and securing of their own data.
Which of the following are pillars found in the AWS Well-Architected Framework?
(Choose 2)
Encrypting data at rest
Cost Optimization
Performance Optimization
Operational Excellence
Deploying to multiple Availability Zones
Cost Optimization
The Cost Optimization pillar focuses on building resilient systems at the least cost.
Operational Excellence
The Operational Excellence pillar focuses on building applications that effectively support your workloads.
You are trying out AWS on a trial basis and need to deploy an application without having to configure servers. Which AWS service can you use?
CloudFormation
ECS
Auto Scaling
Elastic Beanstalk
Elastic Beanstalk
Elastic Beanstalk allows you to deploy your web applications and web services to AWS
A company is using Trusted Advisor to ensure they are following AWS best practices. What real-time guidance does Trusted Advisor provide?
(Choose 3)
Low utilization on EC2 instances
Exposed access keys
Upcoming user interface changes to the console
Amazon services down
S3 bucket permissions for public access
Low utilization on EC2 instances
Trusted Advisor checks this for all customers. FYI: This was found in the “AWS Trusted Advisor best practice checklist” documentation linked from within the lesson.
Exposed access keys
Trusted Advisor checks this for Enterprise and Business Support customers.
S3 bucket permissions for public access
Trusted Advisor checks this for all customers.
The CTO of a software company has requested an executive summary detailing the advantages of a potential move to the AWS Cloud. What can you say is an advantage of an RDS database over a traditional database?
AWS maintains the underlying OS and performs software patching on the database.
It is much easier to convert to a NoSQL database.
It is 5 times faster than traditional databases.
There is much greater access for DBAs.
AWS maintains the underlying OS and performs software patching on the database.
RDS is a managed service that makes it easy to launch and manage relational databases. RDS does provide a lot of value, like automated backups and software patching, and frees you up to focus on your applications.
Which of the following tools provides a view of the performance and availability of your AWS services based on your requirements?
AWS Systems Manager
AWS Trusted Advisor
AWS Service Health Dashboard
AWS Personal Health Dashboard
AWS Personal Health Dashboard
AWS Personal Health Dashboard focuses on the performance and availability of your AWS services so you can respond accordingly.
Which of the following is AWS’ managed database service that is compatible with MySQL?
MariaDB
DynamoDB
PostgreSQL
Aurora
Aurora
Aurora is AWS’ managed database service that is up to 5x faster than a traditional MySQL database.
A company has made the decision to migrate its internal on-premises data center to the cloud. Who can help the company plan and conduct the migration?
(Choose 2)
AWS Support
Marketplace
Consulting partner from the AWS Partner Network (APN)
AWS Infrastructure Event Management
Consulting partner from the AWS Partner Network (APN)
Consulting partners offer professional services.
AWS Infrastructure Event Management
Infrastructure Event Management offers architecture guidance and operational support during the preparation and execution of planned events, such as shopping holidays, product launches, and migrations.
When AWS uses tape media to perform backups in their data centers, who would be responsible for their safe and secure disposal?
Customer
AWS
Third Parties
Shared Responsibility
AWS
Since this relates to physical media located within an AWS data center, it is the responsibility of AWS.
A developer would like to access AWS services from application code. How can a developer achieve this?
Software Development Kit (SDK)
CodePipeline
CodeBuild
CodeCommit
Software Development Kit (SDK)
SDKs allow you to access AWS services from popular programming languages like Java, Python, C#, and many more.
A company is considering moving their critical applications and databases to the cloud. They want to ensure their data never becomes corrupted or lost due to a system malfunction. A system that reliably stores data without loss is considered to be what?
Agile
Durable
Highly available
Elastic
Durable
A system that stores data without loss is a durable one. Durability is all about long-term data protection. This means your data will remain intact without corruption.
A small company has purchased a new system which they want to deploy in the AWS Cloud but does not have anyone with the required AWS skill set to perform the deployment. Which service can help with this?
AWS Partner Network (APN) Consulting Partners
AWS Partner Network (APN) Technology Partners
Trusted Advisor
AWS Support
AWS Partner Network (APN) Consulting Partners
APN Consulting Partners include professional services organizations like system integrators, strategic consultancies, agencies, managed service providers (MSPs), and value-added resellers. In this case, we would engage a Consulting Partner to help us deploy a new system to the AWS Cloud.
Your company has decided to use Amazon WorkSpaces. They can use Amazon WorkSpaces to provision either Windows or Linux desktops in just a few minutes. What type of solution is this?
IaaS
DaaS
SaaS
PaaS
DaaS
Amazon WorkSpaces provides a Desktop as a Service (DaaS) solution.
A company is considering moving its data and applications to the cloud. What are some of the benefits of moving to the cloud?
(Choose 2)
Operate production workloads that are more highly available, fault tolerant, and scalable.
Gain access to AWS Support, a team of dedicated AWS experts, to help with custom software development.
Provision exactly the right type and size of computing resources you need.
Shift the responsibility of security to AWS.
Have direct control over servers.
Operate production workloads that are more highly available, fault tolerant, and scalable.
The AWS global infrastructure, which includes Availability Zones, offers the ability to operate production workloads that are more highly available, fault tolerant, and scalable than a single data center solution.
Provision exactly the right type and size of computing resources you need.
You’re able to stop guessing capacity. You can access as much or as little capacity as you need, and scale up and down as required.
Which of the following engines are classified as relational databases on AWS?
(Choose 2)
Redshift
Aurora
DynamoDB
MariaDB
Aurora
Aurora is a type of RDS engine on AWS.
MariaDB
MariaDB is a type of RDS engine on AWS.
You need to allow IPv4 resources in a private subnet to connect to services outside your VPC, but you can’t allow external services to initiate a connection with those private IPv4 resources. Which of the following must be present to enable this access?
Route tables
NAT gateway
Security groups
Network access control lists
NAT gateway
A NAT gateway is required to allow resources in a private subnet to access the internet.
A company would like to reduce operational overhead when operating AWS infrastructure. Which service can help them do this?
Technology partner from the AWS Partner Network (APN)
Managed Services
Consulting partner from the AWS Partner Network (APN)
Professional Services
Managed Services
Managed Services helps you efficiently operate your AWS infrastructure and reduces operational risks and overhead.
A company needs to use a load balancer that can serve traffic at the TCP and UDP layers. Additionally, it needs to handle millions of requests per second at very low latencies. Which load balancer should they use?
TCP Load Balancer
Application Load Balancer
Classic Load Balancer
Network Load Balancer
Network Load Balancer
Network Load Balancer is best suited for load balancing of Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLS) traffic where extreme performance is required. Operating at the connection level (Layer 4), Network Load Balancer routes traffic to targets within Amazon Virtual Private Cloud (Amazon VPC) and is capable of handling millions of requests per second while maintaining ultra-low latencies.
A company is using CloudTrail to simplify operational analysis and troubleshooting. When tracking user activity, which content fields does CloudTrail track when a user accesses the AWS Management Console?
(Choose 2)
Resource tag
Username
Region
Previous state of the affected resource
Availability Zone
Username
CloudTrail allows you to track the username.
Region
CloudTrail tracks the AWS Region that the request was made to, such as us-east-1.