Practice Exam 3 Flashcards

1
Q

Which AWS service can you use to connect your AWS Cloud with an on-premises data center?

IAM
VPC peering
Internet Gateway
Virtual private gateway

A

Virtual private gateway

A virtual private gateway is a logical, fully redundant distributed edge routing function that sits at the edge of your VPC. As it is capable of terminating VPN connections from your on-premises or customer environments, the VPG is the VPN concentrator on the Amazon side of the Site-to-Site VPN connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following are characteristics of Regions?
choose 3

They contain only the resources and services specifically deployed to them.

They are fully independent and isolated.

They are dependent and shared.

They are grouped in geographic locations.

A

-They contain only the resources and services specifically deployed to them.
Regions are isolated, and resources that are uploaded are not automatically replicated across them.

-They are fully independent and isolated.
Regions are fully independent and isolated. If one Region is impacted, the others will not be.

-They are grouped in geographic locations.
AWS logically groups its Regions into geographic locations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A company is considering the cloud deployment models when planning a new application. Which deployment model allows the company to fully stop spending money running and maintaining data centers?

Infrastructure as a Service (IaaS)

Private cloud

Hybrid cloud

Public cloud

A

Public cloud

With the public cloud, all resources run in the cloud. Don’t forget: This is the AWS Cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A company has an application with user bases in both Australia and Canada. The company has deployed their application to servers currently provisioned in the Canada (Central) Region. Unfortunately, Australian users are experiencing high latency and slow download times. How can the company reduce latency?

Set up Direct Connect for users in Australia.

Use S3 Transfer Acceleration to speed up delivery of static content to users in Australia.

Provision resources across Availability Zones in the Canada (Central) Region to handle the demand.

Provision resources to the Asia Pacific (Sydney) Region in Australia.

A

Provision resources to the Asia Pacific (Sydney) Region in Australia.

A multi-Region deployment solves the issue by deploying the application closest to the user base.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Under the shared responsibility model, for which of the following does AWS NOT assume responsibility?

Customer data

Hypervisors

Physical security of AWS facilities

Networking

A

Customer data

Customers are responsible for their own customer data in the cloud. AWS manages the networking, hypervisor configuration, and physical security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You would like to set up a loosely coupled architecture. Which service would allow you to send and receive messages and store them if they are not consumed immediately?

AWS SQS

AWS SES

AWS S3

Amazon DynamoDB

A

AWS SQS

SQS is a message queuing service that allows you to build loosely coupled systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is an AWS global service?

IAM

EC2

VPC

Amazon RDS

A

IAM

Identity and Access Management is a global service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The Chief Marketing Officer of the hotel chain you work for would like to develop a solution to enable voice recognition capabilities in rooms, so customers can request services without picking up the phone. Competitors have already begun rolling out these technologies in an attempt to improve their customers’ experience. Which benefit of the AWS Cloud would you most emphasize to the CMO in your business case for creating an AWS-based solution that allows you to innovate more quickly and deliver your applications faster, as a response to your competitors?

Agility

Cost savings

Deploy globally in minutes

Elasticity

A

Agility

The AWS Cloud provides instant access to new technologies. Companies can move with agility to satisfy new business requirements and meet competitive demands. There is a very low barrier of entry for innovation. If a solution is not meeting expectations, services can be instantly de-provisioned. The other 3 options will also prove to be benefits of deploying in the AWS Cloud, but the use case emphasizes the need to move quickly against competitive threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is an AWS global service?

VPC

EC2

RDS

CloudFront

A

CloudFront

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency and high transfer speeds, all within a developer-friendly environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What defines long-term data protection?

Agility

Elasticity

Durability

High availability

A

Durability

Durability is all about long-term data protection. This means your data will remain intact without corruption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You have an Application Load Balancer for routing traffic from developers to the EC2 instance that contains a web application being put into operation. To prepare for the application going live for public use, you add an Auto Scaling group and a second Application Load Balancer to route web traffic from customers to the EC2 instance. The addition is an example of which of the following?

Scalability

Reliability

Elasticity

Durability

A

Scalability

This is an example of scalability, which means systems are expected to grow over time with no drop in performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Your company has decided to migrate entirely to the AWS Cloud. Which answers are a part of the 6 advantages of cloud computing?
choose 2

Stop spending money running and maintaining data centers.

Benefit from minor economies of scale.

Trade variable expense for capital expense.

Go global in minutes

A

Stop spending money running and maintaining data centers.

Focus on projects that differentiate your business, not the infrastructure. Cloud computing lets you focus on your own customers rather than on the heavy lifting of racking, stacking, and powering servers.

Go global in minutes

Easily deploy your application in multiple regions around the world with just a few clicks. This means you can provide lower latency and a better experience for your customers at a minimal cost.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which type of user is created when you initially sign up for an AWS account?

Full access user

Limited access user

Root user

Administrator user

A

Root user

The root user is created when you initially sign up for your account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is correct regarding the number of Regions, Availability Zones, edge locations, and data centers?

There are more Availability Zones than edge locations.

There are more Availability Zones than Regions.

The number of Availability Zones is the same as the number of Regions.

There are more Regions than Availability Zones.

A

There are more Availability Zones than Regions.

Regions contain 2 or more Availability Zones, which are themselves made up of 1 or more data centers. This means there will always be more AZs than Regions. Edge locations are separate from AZs and Regions, and there are more Edge Locations than Regions and Availability Zones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which statement is true regarding the AWS Global Infrastructure?

Availability Zones contain edge locations.

Each AWS Region consists of multiple, isolated, and physically separate AZs within a geographic area.

Each AWS Availability Zone contains multiple Regions.

Edge locations contain Regions

A

Each AWS Region consists of multiple, isolated, and physically separate AZs within a geographic area.

AWS has the concept of a Region, which is a physical location around the world where we cluster data centers. We call each group of logical data centers an Availability Zone. Each AWS Region consists of multiple, isolated, and physically separate AZs within a geographic area. Unlike other cloud providers, that often define a region as a single data center, the multiple-AZ design of every AWS Region offers advantages for customers. Each AZ has independent power, cooling, and physical security and is connected via redundant, ultra-low-latency networks. AWS customers focused on high availability can design their applications to run in multiple AZs to achieve even greater fault tolerance. AWS infrastructure Regions meet the highest levels of security, compliance, and data protection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following statements about AWS Regions is true?
choose 2

Regions are generally specific geographical areas.

Regions are automatically fully synchronized to contain the same data globally

Regions are made up of Availability Zones.

Regions are user-defined constructs.

A

-Regions are generally specific geographical areas.
A Region is a geographical area divided into Availability Zones. Each Region contains at least 2 publicly accessible Availability Zones.

-Regions are made up of Availability Zones.
A Region is a geographical area divided into Availability Zones. Each Region contains at least 2 publicly accessible Availability Zones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the ways a user can access resources in their AWS account?

Application code

API Gateway

AWS Command Line Interface (CLI)

AWS Management Console

A

Application code
Application code is a form of programmatic access. Programmatic access provides access to your AWS resources through an application or a tool like the CLI.

AWS Command Line Interface (CLI)
The AWS CLI allows you to access your AWS account through a terminal or command window.

AWS Management Console
The AWS Management Console allows you to access your AWS account and manage applications running in your account from a web browser.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A customer has set up an Amazon S3 bucket and wants to limit access to specific users. What is the most efficient way to do so?

Bucket access policy

AmazonS3FullAccess managed policy

IAM role assumed by the user

IAM user policy

A

Bucket access policy

You can add a bucket access policy directly to an Amazon S3 bucket to grant IAM users access permissions for the bucket and the objects in it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which policy will provide information on performing penetration testing on your EC2 instances?

JSON policy

IAM policy

Customer Service Policy for Penetration Testing

AWS Customer Agreement

A

Customer Service Policy for Penetration Testing

AWS customers are welcome to carry out security assessments or penetration tests against their AWS infrastructure without prior approval for Amazon EC2 instances, NAT gateways, elastic load balancers, and 7 other services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Under the shared responsibility model, which of the following is the customer’s responsibility when using Amazon RDS?

Taking database backups

Using AWS encryption solutions to protect data

Collecting monitoring data to debug failures

Managing infrastructure security in RDS

Creating and managing database users

A

Taking database backups
You are responsible for managing backups of your data.

Using AWS encryption solutions to protect data
You are responsible for protecting your data.

Collecting monitoring data to debug failures
You are responsible for collecting monitoring data from all the parts of your AWS solutions so you can more easily identify issues.

Creating and managing database users
You are responsible for managing access to your databases.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following are focuses of the reliability pillar of the Well-Architected Framework?
choose 2

Scale vertically for resilience.

Implement recovery procedures without testing.

Reduce idle resources.

Recover from failure automatically.

A

Reduce idle resources.
Recover from failure automatically

This is a focus of the reliability pillar. This pillar focuses on designing systems that work consistently and recover quickly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A customer is managing multiple AWS accounts using AWS Organizations. What can the customer use to restrict the same permissions across all AWS accounts managed under AWS Organizations using minimal effort?

Service control policies

S3 bucket policy

IAM organization policy

IAM user policy

A

Service control policies

AWS Organizations provides central governance and management for multiple accounts. Organization service control policies (SCPs) allow you to create permissions guardrails that apply to all accounts within a given organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which service might you use to provide Distributed Denial of Service (DDoS) protection to your applications running on AWS?

AWS WAF

AWS Inspector

AWS Shield

DynamoDB

A

AWS Shield

AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A customer has multiple IAM users that need the same access permissions. How can the customer provide the same access permissions to all the users quickly and efficiently?

By creating a policy and assigning it to each user

By assigning a preconfigured AWS managed policy to each user

By assigning users to an EC2 security group

By assigning users to an IAM group that has the needed permissions.

A

By assigning users to an IAM group that has the needed permissions.

IAM groups allow a set of users to have the same access permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which AWS service provides central governance and management across multiple AWS accounts?

Identity and Access Management

CloudFormation

AWS Systems Manager

AWS Organizations

A

AWS Organizations

AWS Organizations allows you to centrally manage multiple AWS accounts under one umbrella

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Where is the best place to store your root user access key so your application can use it to make requests to AWS?

It needs to be coded directly into your application.

Nowhere — you should not use the root user access keys for this.

It should be configured as a parameter and held in the Key Management Store (KMS).

In the .aws file in your application.

A

Nowhere — you should not use the root user access keys for this.

It is not recommended to use the root user account or access keys for any reason, as these grant full unrestricted access to the entire account. Recommended practice is to follow the concept of “least privilege” and create am IAM user or role with just enough access to do what is needed and nothing more, and use those keys as required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

When talking about AWS security, what does “authorization” refer to?

A user delegating access to another user temporarily

Evaluating what permissions a user has

Logging in to the Console

Identifying who is accessing the system

A

Evaluating what permissions a user has

Authentication identifies who is accessing the system and passes that information to the authorization process, which in turn determines what permissions the user has in AWS. Although authorization is a part of the process to log in to the Console, by itself it is not enough.

28
Q

When talking about AWS security, what does “authentication” refer to?

Evaluating what permissions a user has

Identifying who is accessing the system

A user delegating access to another user temporarily

Logging in to the Console

A

Identifying who is accessing the system

Authentication identifies who is accessing the system and passes that information to the authorization process, which in turn determines what permissions the user has in AWS.

29
Q

A customer needs to identify vulnerabilities on their EC2 instances, such as unintended network access. Which services will provide a report of findings?
choose 2

Trusted Advisor

Macie

IAM credential report

AWS Artifact

Inspector

A

Trusted Advisor

Trusted Advisor is a tool that provides real-time guidance to help you provision resources following AWS best practices. It will check security groups for rules that allow unrestricted access (0.0.0.0/0) to specific ports.

Inspector

Inspector works with EC2 instances to uncover and report vulnerabilities.

30
Q

Which credentials can you use to access the AWS Management Console?

Your access key

Your security token

Your username and password

Your secret access key

A

Your username and password

You use a username and password to log in to the AWS Console, although access keys and secret access keys can be used to access some APIs programmatically.

31
Q

Which of the following AWS services can help you assess the fault tolerance of your AWS environment?

AWS Trusted Advisor

AWS WAF

AWS Shield

AWS Inspector

A

AWS Trusted Advisor

AWS Trusted Advisor can help you assess the fault tolerance of your AWS environment. AWS Inspector can help you assess your security.

32
Q

An oil and gas utility company which is highly regulated must create a Cloud governance scheme. The company is organized into multiple autonomous departments which will all be using AWS resources. These departments each sponsor independent projects that are reviewed by regulatory boards for the approval of customer price increases. The code and infrastructure for each project has production, development, and testing environments. Which of the following account strategies will maximize security and operational efficiency for the company?

Create multiple AWS accounts, 1 for each autonomous department within the company.

Create multiple AWS accounts: 1 for the production environment, 1 for the development environment, and 1 for the testing environment for all departments.

Create an Organizational Unit structure in AWS Organizations with separate underlying accounts for production, development, and testing environments.

Create a single AWS account for centralized security management.

A

Create an Organizational Unit structure in AWS Organizations with separate underlying accounts for production, development, and testing environments.

A multi-layered account structure will work best for this company, leveraging AWS Organizations to establish Organizational Units for each department, with separate production, development, and testing environments. While there is no physical AWS account at the department level, service control policies can be applied at the Organizational Unit level, and billing can be reported separately for each department. An account for each department — in which the department combines dev/test/prod — or a single account for the company hosting all workloads together will NOT provide segregation of production, development, and testing environments at the account level. Multiple standalone accounts for each department and environment would compromise operational efficiency in managing environments across departments, as there is no overarching AWS Organization to manage all the accounts centrally.

33
Q

A purchasing department staff member is set up as an AWS user in the company’s Procurement AWS account. At each month-end, the staff member needs access to an application running on EC2 in the company’s Accounts Payable AWS account to reconcile reports. Which of the following provides the most secure and operationally efficient way to give the staff member access to the Accounts Payable application?

Create a user for the staff member in the Accounts Payable AWS account.

Configure Active Directory integration so you can federate the staff member’s access to the Accounts Payable AWS account.

Invoke an AWS Lambda function to run the application in the Accounts Payable AWS account.

Have the user request temporary security credentials for the application by assuming a role.

A

Have the user request temporary security credentials for the application by assuming a role.

The staff member should be given the ability to assume a role programmatically with the permissions necessary to run the Accounts Payable application.

34
Q

An organization needs to run a MySQL relational database on AWS. They plan to hire their own database administrators to manage their databases, including taking backups, using replication, and clustering. Which option provides the customer the control and flexibility needed?

Use Systems Manager to install the MySQL database directly to on-premises servers.

Open a case with AWS Support to have them assist the database administrators with the installation of the MySQL database.

Install the MySQL database directly on an EC2 instance.

Use the Amazon Relational Database Service (RDS) to launch the MySQL database.

A

Install the MySQL database directly on an EC2 instance.

Installing the database directly to EC2 gives the customer complete control over the database and its management.

35
Q

A new application rolled out by the development team is going to require load balancing of HTTP and HTTPS traffic. Which load balancer is best suited for this type of traffic?

Network Load Balancer

HTTP Load Balancer

Classic Load Balancer

Application Load Balancer

A

Application Load Balancer

An Application Load Balancer is best suited for load balancing of HTTP and HTTPS traffic and provides advanced request routing targeted at the delivery of modern application architectures, including microservices and containers.

36
Q

A company has provisioned an EC2 instance as a web server. The web application on the server is running within a subnet within a VPC. For some reason, the application is unable to access the internet. Which component is missing?

Internet gateway

Private IP address for the instance

Network Access Control List (NACL)

Peering connection

A

Internet gateway

An internet gateway allows public traffic to the internet from the VPC.

37
Q

With which AWS service, coupled with EC2, can you implement elasticity by adding and removing instances as needed?

Elastic Beanstalk

AWS Systems Manager

Auto Scaling

CloudFormation

A

Auto Scaling

Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance.

38
Q

A company is planning for a one-time sale of 75% off all products on its website. They expect to see a short-term spike on the sale day. Which EC2 instance type should the company use to meet its requirements and maximize flexibility?

Convertible Reserved Instance (RI)

Standard Reserved Instance (RI)

EC2 Spot

On-Demand

A

On-Demand

On-Demand is good for applications that have unpredictable workloads that can’t be interrupted.

39
Q

The Solutions Architect leading your project tells you the application your team is working on requires a managed NoSQL database. Which of the following AWS services best fits that description?

ElastiCache

Redshift

DynamoDB

RDS

A

DynamoDB

DynamoDB is AWS’ managed NoSQL database.

40
Q

Which of the following are steps you should take in securing your AWS account?
choose 3

Assign policies directly to your administrative users

Activate Multi-factor Authentication (MFA) on your root account.

Use groups to delegate access to IAM users.

Create individual IAM users.

A

Activate Multi-factor Authentication (MFA) on your root account.
The root account should have MFA enabled, due to its unlimited access to an account.

Use groups to delegate access to IAM users.
Groups should be used to delegate permissions to the users you create, instead of individual assigning policies to IAM users, since it makes administration easier.

Create individual IAM users.
You should always create IAM users for individual users, since the root account should never be used for actual work.

41
Q

You need an AWS service that can identify objects, people, text, scenes, and activities in images and videos. Which service would you choose?

CloudWatch

CloudSearch

AWS Inspector

Rekognition

A

Rekognition

Rekognition allows you to automate your image and video analysis.

42
Q

Your company has decided to migrate a SQL Server database to a newly created AWS account. Which service can be used to migrate the database?

DynamoDB

Database Migration Service

AWS RDS

ElastiCache

A

Database Migration Service

DMS helps you migrate databases to or within AWS.

43
Q

A college student wants to quickly launch a WordPress website but doesn’t have a lot of cloud experience. Which service will help the student launch the website with a low, predictable monthly fee?

Lightsail

Fargate

EC2 instance

Outposts

A

Lightsail

Lightsail allows you to quickly launch all the resources you need for small projects like preconfigured applications like WordPress.

44
Q

Your team needs to begin monitoring the applications running in your AWS account by collecting metrics, logs, and events. Which AWS service can you use?

Amazon CloudWatch

AWS App Monitoring

AWS Config

Amazon CloudTrail

A

Amazon CloudWatch

CloudWatch is a collection of services that help you monitor and observe your cloud resources.

45
Q

A developer would like to build a serverless application but doesn’t want to install files or configure their local development machine. Which service will allow the developer to build the application by writing code in a web browser?

CloudFront

Cloud9

CodeDeploy

CodePipeline

A

Cloud9

Cloud9 allows application developers to write code within an integrated development environment (IDE) from within their web browser.

46
Q

When might Auto Scaling be used?

To provision resources that can be adjusted once per 24-hour period

When you require scalable capacity to maintain service levels in your environment

Where predictable workload patterns exist

To control provisioning of S3 bucket capacity

A

When you require scalable capacity to maintain service levels in your environment

Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost.

47
Q

The load on your application fluctuates by day of the week. Wednesdays have the most traffic, and Saturdays have the least traffic. Which AWS service allows you to ensure you have the correct amount of compute capacity while also optimizing on a cost basis?

Control Tower

Trusted Advisor

Auto Scaling

CloudWatch

A

Auto Scaling

Auto Scaling allows you to add or remove EC2 instances based on conditions you specify. Auto Scaling events can be scheduled to meet predictable changes in the load on your application.

48
Q

For a subnet to be public and send non-local traffic to the internet, we must update the route table of the public subnet and attach which of the following to the VPC that contains the subnet?

Internet gateway

Router

Network access control list

Route 53

A

Internet gateway

An internet gateway enables resources inside your VPC to reach the internet, as long as route tables and IP addresses are correctly configured in your environment.

49
Q

A company with a business-critical application needs to ensure business continuity and that they will not be impacted by capacity restraints in a given Region. How can the company ensure this?
Choose 3

On-demand capacity reservation

Spot instance with a capacity reservation

Savings Plan with a capacity reservation

Standard Reserved Instance (RI) with a capacity reservation

Convertible Reserved Instance (RI) with a capacity reservation

A

On-demand capacity reservation
On-Demand Capacity Reservations enable you to reserve compute capacity for your Amazon EC2 instances for any duration.

Standard Reserved Instance (RI) with a capacity reservation
A Reserved Instance is a reservation of resources and capacity for either 1 or 3 years. A capacity reservation offers assurance that the customer will be given preference if there is ever a capacity constraint in a Region.

Convertible Reserved Instance (RI) with a capacity reservation
A Reserved Instance is a reservation of resources and capacity for either 1 or 3 years. A capacity reservation offers assurance that the customer will be given preference if there is ever a capacity constraint in a Region.

50
Q

A customer has decided to go with a 1-year Standard Reserved Instance (RI) for EC2 since their application has steady state and predictable usage. Which pricing option should they choose to earn the largest discount over the 1-year term?

No upfront

All upfront

Monthly on-demand

Partial upfront

A

All upfront

All upfront earns the maximum discount.

51
Q

A company needs a scalable data warehouse to consolidate multiple data sources for reporting, where real-time transaction processing (insert, update, and delete) is not required. Which solution best supports this requirement?

Elastic MapReduce (EMR)

Relational Database Service (RDS)

Redshift

Data Pipeline

A

Redshift

Redshift is a scalable data warehouse solution that supports querying, reporting, analytics, and business intelligence. It can be used when you need to consolidate multiple data sources for reporting and don’t require real-time transaction processing (insert, update, and delete).

52
Q

When analyzing application performance, a developer realizes the queries to the database are taking a long time. What can the developer implement to store common queries and improve performance?

Simple Queue Service (SQS)

Elastic Block Store (EBS)

CloudFront

ElastiCache

A

ElastiCache

ElastiCache helps you alleviate database load for data that is accessed often. ElastiCache is a great way to cache common queries.

53
Q

A developer has noticed several SQL injection attacks against a web application running on an EC2 spot instance. What is the best way to prevent this type of attack?

Shield Advanced

Shield Standard

Web Application Firewall (WAF)

Private subnet

A

Web Application Firewall (WAF)

WAF helps protect your web applications against common web attacks like SQL injection attacks and cross-site scripting.

54
Q

Which of the following is AWS’ data warehousing service?

EMR

Snowball

Redshift

S3 Big Data

A

Redshift

Redshift is AWS’ data warehousing service.

55
Q

A company with a popular website would like to analyze website clickstreams in real time to determine site usability. How can they obtain the data in real time for analysis?

Data Pipeline

DynamoDB

Kinesis

DMS

A

Kinesis

Kinesis allows you to analyze data and video streams in real time.

56
Q

Which of the following support services do all accounts receive as part of the AWS Support Basic tier?

Architectural support

Technical Account Manager

24/7 support via phone and chat

Billing support

A

Billing support

The AWS Support Basic tier is the free support given to all AWS accounts. All accounts receive billing support, because every customer needs an avenue to lodge disputes or make requests around their billing.

57
Q

A system administrator works for a company and manages several AWS accounts. He would like to use a Convertible Reserved Instance (RI) across different AWS accounts. How can this be set up?

By using consolidated billing with AWS Organizations

By using a service control policy (SCP) under Control Tower

By using AWS Cost Explorer

By using combined billing within AWS Budgets

A

By using consolidated billing with AWS Organizations

Organizations allows you to centrally manage multiple AWS accounts under 1 umbrella. You can allocate resources and apply policies across accounts.

58
Q

A user is looking to buy a prebuilt solution that runs on AWS that allows them to track projects. Where can the user go to find a catalog of AWS-recognized providers selling third-party solutions to individuals?

Marketplace

Consulting partner from the AWS Partner Network (APN)

Managed Services

AWS Community Forums

A

Marketplace

Marketplace is a digital catalog of prebuilt solutions you can purchase or license. You may also sell your own solutions to others via Marketplace.

59
Q

A company is trying to visualize and forecast its costs and usage over time. Which service can help them?

AWS Cost Explorer

AWS Budgets

Cost and Usage Report

AWS Organizations

A

AWS Cost Explorer

Cost Explorer allows you to visualize and forecast your costs and usage over time.

60
Q

Why would you use tags in AWS?

For a NoSQL data store

To store passwords for your servers

To organize your resources

To store code

A

To organize your resources

A tag is a label that you or AWS assigns to an AWS resource. You can use tags to organize your resources, and cost allocation tags to track your AWS costs on a detailed level.

61
Q

You have a web application that needs to run for a short period of time. It is all right if there are interruptions in the application. Which EC2 instance type would be best for this use case?

On-Demand Instance

Spot Instance

Dedicated Instance

Reserved Instance

A

Spot Instance

Spot Instances are a great choice for this use case. Amazon EC2 Spot Instances let you take advantage of unused EC2 capacity in the AWS Cloud. Spot Instances are available at up to a 90% discount compared to On-Demand prices. The key phrase in this question is, “It is alright if there are interruptions in the application.” If the application could not accept interruptions, then the best option would be On-Demand.

62
Q

What can we do in AWS to receive the benefits of volume pricing for your multiple AWS accounts?

Use AWS Trusted Advisor

Purchase services in bulk from AWS Marketplace.

You will receive volume pricing by default.

Use consolidated billing in AWS Organizations.

A

Use consolidated billing in AWS Organizations.

You can use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts or multiple Amazon Internet Services Pvt. Ltd (AISPL) accounts. You can combine the usage across all accounts in the organization to share the volume pricing discounts, Reserved Instance discounts, and Savings Plans. This can result in a lower charge for your project, department, or company than with individual standalone accounts.

63
Q

A company is launching a new product and needs help with assessing its operational readiness and identifying and mitigating risks. Which feature of the Enterprise Support plan provides this?

Professional Services

Technology partner from the AWS Partner Network (APN)

Infrastructure Event Management

Managed Services

A

Infrastructure Event Management

Infrastructure Event Management provides support for planning and running business-critical events.

64
Q

You work for a financial company that has several mission-critical workloads running on AWS. Which AWS Support plan should you use if you want response times in under 15 minutes when issues occur?

Developer

Business

Basic

Enterprise

A

Enterprise

Recommended if you have business- and/or mission-critical workloads in AWS.

65
Q

Which of the following EC2 instance types will realize a savings over time in exchange for a contracted term-of-service?

Discount Instances

Reserved Instances

Spot Instances

On-Demand Instances

A

Reserved Instances

EC2 Reserved Instances offer significant discounts for a contracted term-of-service, up to 75% off.