Practice Exam 5 Flashcards

1
Q

A company would like to automate the configuration of its servers and deploy code to servers in the cloud and on-premises. Which service meets the requirement?

CodeDeploy

Elastic Beanstalk

CodeBuild

OpsWorks

A

OpsWorks

OpsWorks allows you to use Chef or Puppet to automate the configuration of your servers and deploy code on-premises or the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A customer would like to use machine learning to uncover the meaning and relationships in text from customer support incidents to ensure customers are happy after speaking to a support agent. How can they process the text from customer support incidents?

Macie

SNS

Amazon Connect

Comprehend

A

Comprehend

Comprehend is a natural language processing (NLP) service that uses machine learning to discover relationships and insights in text.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following best describes an AWS Region?

A collection of data centers that are spread evenly around a specific continent

A console that gives you a quick, global picture of your cloud computing environment

A collection of databases that can only be accessed from a specific geographic region

A distinct location within a geographic area designed to provide high availability to a specific geography

A

A distinct location within a geographic area designed to provide high availability to a specific geography

A Region is a distinct location within a geographic area designed to provide high availability to a specific geography. Regions are a key concept in AWS’ Global Infrastructure — each is made up of 1 or more isolated (within that Region) Availability Zones. There are often multiple AWS Regions on each continent, such as North America.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

If you have a new application and you are not sure about future demand, which of the below characteristics of cloud make cloud an ideal place to host it?

(Choose 3)

No upfront payment

Performance efficiency

High availability

No single point of failure

Pay as you go

Scalability

A

No upfront payment
Pay as you go
Scalability

No upfront payment and pay as you go mean that you do not need an initial outlay of capital for resources to build in cloud. Rather, you only need to pay for what you use going forward. These combined with the ability to consume more resources when needed (scalability) mean that cloud is a great way to host applications that have dynamic requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You want to monitor the cost of using your AWS services and receive alerts when the thresholds you define are met. Which of the following AWS Budgets types should you create?

Reservation budget

Usage budget

Cost budget

Savings Plans budget

A

Cost budget

You need to create a cost budget with AWS Budgets if you want to monitor the cost of using your AWS services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following are a collection of data centers within a specific Region?

AWS origins

Edge locations

Regions

Availability Zones

A

Availability Zones

Availability Zones are a collection of data centers within a specific region.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which cloud computing model offers fundamental building blocks that can be rented?

Function as a Service (FaaS)

Platform as a Service (PaaS)

Software as a Service (SaaS)

Infrastructure as a Service (IaaS)

A

Infrastructure as a Service (IaaS)

IaaS offers building blocks that can be rented. EC2 is an example of IaaS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following allows you to access AWS services from popular programming languages like Java, Python, and C#?

AWS Management Console

Software development kits

Command line interface

Programming languages

A

Software development kits

Software development kits (or SDKs) provide everything you need to develop and manage applications in AWS, including the programming language of your choice.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which AWS service allows you to run code without having to worry about provisioning any underlying resources (such as virtual machines, databases, etc.)?

EC2

DynamoDB

Lambda

Database Migration Service (DMS)

A

Lambda

Lambda is the AWS Function as a Service (FaaS) offering that lets you run code without provisioning or managing servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A company has developed a new web application that uses Amazon RDS MySQL as the backend database. The company wants to ensure the application is highly available. Which feature of RDS can ensure high availability?

Using CloudFront to ensure the data is available globally

Using Trusted Advisor to check for resource bottlenecks

Using Multi-AZ deployment

Using CloudWatch to monitor the uptime of the application

A

Using Multi-AZ deployment

RDS provides high availability and failover support for databases when using Multi-AZ deployments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the 3 cloud computing models?

(Choose 3)

Infrastructure as a Service (IaaS)

Software as a Service (SaaS)

Platform as a Service (PaaS)

Function as a Service (FaaS)

A

Infrastructure as a Service (IaaS)
Software as a Service (SaaS)
Platform as a Service (PaaS)

3 cloud computing models.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the below are TRUE statements when it comes to network security for an EC2 instance in AWS?

(Choose 3)

The customer is responsible for ensuring malicious traffic does not impair the network hardware.

AWS is responsible for ensuring malicious traffic does not reach the EC2 instance.

The customer is responsible for ensuring malicious traffic does not reach the EC2 instance.

AWS is responsible for ensuring unwanted traffic does not reach the EC2 instance.

The customer is responsible for ensuring unwanted traffic does not reach the EC2 instance.

AWS is responsible for ensuring malicious traffic does not impair the network hardware.

A

The customer is responsible for ensuring malicious traffic does not reach the EC2 instance.

The customer is responsible for ensuring unwanted traffic does not reach the EC2 instance.

AWS is responsible for ensuring malicious traffic does not impair the network hardware.

Under the Shared Responsibility Model, AWS takes responsibility for managing all the hardware (including access, patching, and other maintenance) and software required to deliver the service. In this scenario, AWS is responsible for the underlying network hardware, not the customer. However, the customer is responsible for ensuring that only wanted, valid traffic reaches their EC2 instance through the use of security groups, access control lists, or software firewalls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the below statements are correct in relation to security responsibilities in AWS?

(Choose 2)

As an AWS customer, you are responsible for the security OF the Cloud.

AWS is responsible for the security OF the Cloud.

AWS is responsible for the security IN the Cloud.

As an AWS customer, you are responsible for the security IN the Cloud.

A

AWS is responsible for the security OF the Cloud.
As an AWS customer, you are responsible for the security IN the Cloud.

AWS is responsible for the security OF the Cloud — the security of components that run the Cloud service. The customer is responsible for security IN the Cloud — that is, the security of their AWS resources and data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which security service provides enhanced protections and 24/7 access to AWS experts for a fee when issues arise?

AWS Shield Standard

Macie

AWS Shield Advanced

Enterprise Support

A

AWS Shield Advanced

AWS Shield Advanced provides enhanced protections and 24/7 access to AWS experts for a fee.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following AWS services gives you a personalized view of the performance and availability of the AWS services underlying your AWS resources, alerting you and providing remediation guidance when AWS is experiencing events that may affect you?

CloudTrail

Trusted Advisor

AWS Personal Health Dashboard

AWS Systems Manager

A

AWS Personal Health Dashboard

AWS Personal Health Dashboard gives you a personalized view of the performance and availability of the AWS services underlying your AWS resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When would you use the EC2 On-Demand pricing model?

(Choose 2)

Discounted cost model compared to Reserved Instances

No upfront payments required

Unpredictable workloads that cannot be interrupted

Guaranteed cost

A

No upfront payments required
Unpredictable workloads that cannot be interrupted

You would use the EC2 On-Demand model when you need compute capability that does not require any up front payments or long term commitments, and where you have applications with short-term or unpredictable workloads that cannot be interrupted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How does S3 Transfer Acceleration help you get your data into S3 quicker?

By using AWS’ network of edge locations to upload to a location closest to you before taking the most optimal path within AWS’ network

By letting you send the data in on a disk you provide (saving on upload times), then copying it to S3

By splitting up your data into smaller chunks and uploading it simultaneously, then putting it back together on S3

By compressing your data to make it smaller for upload, then de-compressing it onto S3

A

By using AWS’ network of edge locations to upload to a location closest to you before taking the most optimal path within AWS’ network

S3 Transfer Acceleration uses AWS’ network of edge locations to ingest data, and then uses the most optimal path within its own network to reach S3. Although compression and splitting data up before upload can also help speed things up, these are not offered by Transfer Acceleration. AWS does not let you send in data on your own disks, and although Snowball does let you send data in without going across the internet, it is only useful when working with massive amounts of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following are advantages of cloud computing?

(Choose 3)

Requires large amounts of capital

Variable expense

Elasticity

Agility

A

-Variable expense
You pay for what you use instead of making huge upfront investments.

-Elasticity
With elasticity, you do not have to plan ahead of time how much capacity you need. You can provision only what you need, and then grow and shrink based on demand.

-Agility
The cloud gives you increased agility. All the services you have access to help you innovate faster, giving you speed to market.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following statements are true about the Amazon EC2 service?

(Choose 3)

It provides a virtual database environment.

It provides scalable computing capacity in the AWS cloud.

It provides virtual computing environments.

It is used to launch up to 5 servers.

It supplies various configurations of CPU, memory, storage, and network capacity. You can use a preconfigured template called an Amazon Machine Image (AMI) to launch your instance.

A
  • It provides scalable computing capacity in the AWS cloud.
  • It provides virtual computing environments.
  • It supplies various configurations of CPU, memory, storage, and network capacity. You can use a preconfigured template called an Amazon Machine Image (AMI) to launch your instance.

EC2 allows you to rent and manage virtual servers in the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following AWS Support pricing plans provides a Technical Account Manager (TAM) for proactive guidance on your AWS account?

Enterprise

Basic

Business

Developer

A

Enterprise

Only the Enterprise Support plan provides a designated Technical Account Manager (TAM) for your AWS account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How can new AWS users easily search for and find services in their AWS accounts?

Command Line Interface (CLI)

Software Development Kits (SDKs)

AWS Management Console

Application code

A

AWS Management Console

The console makes it easy to search for and find services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of the following services will help you optimize your entire AWS environment in real-time following AWS best practices?

AWS Shield

AWS Trusted Advisor

AWS Inspector

AWS WAF

A

AWS Trusted Advisor

Trusted Advisor helps you optimize your entire AWS environment in real-time following AWS best practices. It helps you optimize cost, fault tolerance, and more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the following are advantages of cloud computing?

(Choose 3)

You can increase speed and agility.

You can stop guessing capacity.

You can trade variable expense for capital expense.

You can go global in minutes.

A

-You can increase speed and agility.
The provided services allow you to innovate more quickly and deliver your applications faster.

-You can stop guessing capacity.
Your capacity is matched exactly to your demand.

-You can go global in minutes.
You can deploy your applications around the world at the click of a button.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Broadly speaking, AWS is responsible for:

Security IN the Cloud

Security OF the Cloud

No security — security is up to the customer to manage

Security both IN and OF the Cloud

A

Security OF the Cloud

Generally speaking, AWS is responsible for security OF the Cloud — meaning that it is responsible for the infrastructure (hardware and software) which is used to deliver Cloud services to customers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

In Identity and Access Management (IAM), which term applies to a person or application that uses the AWS account root user, an IAM user, or an IAM role to sign in and make requests to AWS?

Entity

Identity

Resource

Principal

A

Principal

A principal is a person or application that uses the AWS account root user, an IAM user, or an IAM role to sign in and make requests to AWS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which of the following are storage services?

(Choose 2)

AWS RDS

AWS VPC

S3

AWS Elastic File System

A

-S3
S3 is a storage service.

-AWS Elastic File System
EFS is a storage service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

An EC2 instance in your VPC needs which of the following for the internet gateway to route its traffic to the internet?

A record

Public IP address

CNAME

Private IP address

A

Public IP address

An EC2 instance in your VPC needs a public IP address for the internet gateway to route its traffic to the internet.

28
Q

You are creating a few IAM policies. This is the first time you have worked with IAM policies. Which tool can you use to test IAM policies?

Amazon Inspector

CloudWatch

IAM policy simulator

Amazon GuardDuty

A

IAM policy simulator

The IAM policy simulator allows you to test and troubleshoot identity-based policies, IAM permissions boundaries, service control policies (SCPs), and resource-based policies.

29
Q

Which of the following is correct regarding the number of Regions, Availability Zones, edge locations, and data centers?

The number of Availability Zones is the same as the number of edge locations.

There are more Availability Zones than edge locations.

There are more edge locations than Availability Zones.

There are more Regions than edge locations.

A

There are more edge locations than Availability Zones.

Edge locations are a part of AWS’ content distribution network and are separate from Regions and AZs. The number of edge locations around the world is greater than that of Regions and Availability Zones, in order to reduce latency between your content and your customers - the more that exist, the greater the chance there is 1 where you need it.

30
Q

You have been tasked with developing a plan to move applications to AWS and use AWS services to house code, build, and deploy these applications. Which AWS service will allow you to host Git-based repositories?

GitHub

AWS CodeCommit

AWS CodeDeploy

AWS CodeBuild

A

AWS CodeCommit

CodeCommit is a source control system for private Git repositories.

31
Q

Which of the following are valid ways for an IAM user to manage AWS resources?

(Choose 3)

Programmatic access via the command line

Security group access via the AWS command line

AWS Management Console access

Emergency access via Identity and Access Management (IAM)

Using the AWS SDK

A

Programmatic access via the command line
AWS Management Console access
Using the AWS SDK

The 2 types of access are AWS Management Console access and programmatic access. Programmatic access is available via the AWS API, the CLI, and the SDKs - and an IAM user can use all these methods.

32
Q

Which of the following are characteristics of Availability Zones?

(Choose 3)

Contain shared power

Contain redundant networking

Contain physically separated data centers

Contain redundant connectivity

A

Contain redundant networking
Contain physically separated data centers
Contain redundant connectivity

Availability Zones (AZs) consist of one or more physically separated data centers, each with redundant power, networking, and connectivity, and housed in separate facilities.

33
Q

You have a short-term computing task to complete. It is essential that this task run uninterrupted from start to finish. Which is the best EC2 option for this task?

Reserved Instance

On-Demand Instance

Dedicated Host

Spot Instance

A

On-Demand Instance

It is a short-term project, which rules out Reserved Instances, and it has to run uninterrupted, which rules out Spot Instances.

34
Q

Which of the following can be used as a web-based interface to access and manage the AWS cloud?

AWS CLI

AWS API

AWS SDK

AWS Management Console

A

AWS Management Console

AWS Management Console is a web application for accessing and managing Amazon Web Services.

35
Q

A customer would like the ability to send HTML formatted emails from their application for marketing campaigns. Which service should the customer consider using?

Simple Queue Service (SQS)

Simple Notification Service (SNS)

Lambda

Data Pipeline

Simple Email Service (SES)

A

Simple Email Service (SES)

Amazon SES is an email service that allows you to send richly formatted HTML emails from your applications. It is the ideal choice for marketing campaigns or professional emails. Unlike SNS, SES sends HTML emails.

36
Q

AWS Trusted Advisor provides checks and recommended actions. Which of the following is not one of those checks?

Unrestricted access for specific ports on EC2

Checks for usage more than 80% of the service limit

CloudFront content delivery optimization

Checks to determine if an administrative user is used instead of the root account

A

Checks to determine if an administrative user is used instead of the root account

This is not a check provided in Trusted Advisor.

37
Q

A telecommunications company has hired you as a consultant to develop a business case for moving its IT applications and infrastructure to AWS. The company’s leadership understands the agility value of the cloud, but the finance group is not interested in shifting capital expense to operating expense due to the company’s tax structure. What will you include in the business case to attempt to satisfy everyone at the company?

Show the value of an elastic infrastructure for avoiding wasted capacity.

Suggest that the company wait to migrate to AWS until the current infrastructure is fully depreciated.

Suggest that the company make Reserved Instance purchases and capitalize them.

Show the company the TCO value of moving to an operating expense model.

A

Suggest that the company make Reserved Instance purchases and capitalize them.

Many companies capitalize Reserved Instance purchases, especially those with 3-year terms

38
Q

A healthcare company has nightly batch jobs that can afford to be interrupted. Which EC2 pricing model can meet this need and provide great savings by using a supply-and-demand model?

Standard Reserved Instances

Scheduled Reserved Instances

Spot Instances

On-Demand

A

Spot Instances

EC2 Spot Instances let you take advantage of unused EC2 capacity in the AWS Cloud. Spot Instances are available at up to a 90% discount compared to On-Demand prices.

39
Q

What is the time that passes between a user request and the resulting response called?

Durability

Latency

Agility

Availability

A

Latency

Latency is the time that passes between a user request and the resulting response.

40
Q

Instead of relying on a single data center to provide its services across the world, AWS relies on several separate geographic areas, each of which consists of one or more isolated locations. What are the official names for these separate geographic areas, and what is the name for the one or more multiple, isolated locations?

Regions; data centers

Locations; data centers

Sections; Availability Zones

Regions; Availability Zones

A

Regions; Availability Zones

The separate geographic areas, from which AWS provides its services, are known as Regions. Each Region consists of multiple isolated locations called Availability Zones. Each Availability Zone has one or more data centers.

41
Q

You need to use an AWS service to assess software vulnerabilities and unintended network exposure of your Amazon EC2 instances. Which of the following services should you use?

Amazon Inspector

AWS Trusted Advisor

AWS Shield

AWS WAF

A

Amazon Inspector

Amazon Inspector is an automated vulnerability management service that continually scans Amazon Elastic Compute Cloud (EC2) and container workloads for software vulnerabilities and unintended network exposure.

42
Q

For enhanced technical support, some AWS Support plans enable you to have an unlimited number of contacts that can open an unlimited amount of cases. Which of the following choices offer this feature?

(Choose 2)

Basic

Enterprise

Business

Developer

A

Enterprise
Business

With either the Business or Enterprise support plans, you can have an unlimited number of contacts that can open an unlimited amount of cases.

43
Q

A fantasy sports company needs to run an application for the length of a football season (5 months). They will run the application on an EC2 instance and there can be no interruption. Which purchasing option best suits this use case?

Dedicated

On-Demand

Reserved

Spot

A

On-Demand

This is not a long enough term to make Reserved Instances the better option. Plus, the application can’t be interrupted, which rules out Spot Instances.

44
Q

What type of long-term credentials for IAM users can be used to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK)?

Access keys

Username and password

Root user credentials

Security token

A

Access keys

Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK). Access keys consist of two parts: an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). Like a user name and password, you must use both the access key ID and secret access key together to authenticate your requests.

45
Q

Which of the following is AWS responsible for in the Shared Responsibility Model?

(Choose 3)

Edge locations

Availability Zones

Customer data

Regions

A

Edge locations
Availability Zones
Regions

AWS manages security of the Cloud. This includes the infrastructure, which consists of Regions, edge locations, and Availability Zones. On the other hand, security in the Cloud is the responsibility of the customer. Therefore, AWS is not responsible for safeguarding customer data — the customer is.

46
Q

Which of the following services are available 24x7 for all AWS Support plans?

(Choose 3)

Cloud Support Engineers

AWS documentation

Customer service

Support forums

A

AWS documentation
Customer service
Support forums

All AWS Support plans provide 24x7 access to customer service, documentation, and support forums.

47
Q

You want to define a secure private network in an AWS account where you launch your resources. What do you need to configure?

Virtual private network (VPN)

AWS Organizations

Virtual private cloud (VPC)

Internet gateway

A

Virtual private cloud (VPC)

VPC is a foundational service that allows you to create a secure private network in the AWS Cloud where you launch your resources.

48
Q

Which of the following support plans features a < 4-hour response time in the event of an impaired production system?

Business

Individual

Basic

Developer

A

Business

Both the Business and Enterprise support levels offer a < 4-hour response time in the event of an impaired production system.

49
Q

If you want access to all AWS Trusted Advisor checks, which of the AWS Support plans will provide that?

(Choose 2)

Developer

Basic

Business

Enterprise

A

Business
Enterprise

You must choose either the Business or Enterprise support plans to gain access to all AWS Trusted Advisor checks.

50
Q

Which of the below are you responsible for when running an RDS database on AWS?

Controlling access to the network hardware

Updating the host operating system

Controlling access to the database

Updating the database software

Controlling access to the compute hardware

A

Controlling access to the database

Under the Shared Responsibility Model for managed services, AWS takes responsibility for managing all the hardware (including access, patching, and other maintenance), as well as making sure the underlying OS and application is up-to-date. You as the user are responsible for keeping your data secure.

51
Q

What is the most efficient way for a customer to continuously monitor CloudTrail event logs, Amazon VPC Flow Logs, and DNS logs looking for unauthorized behavior?

GuardDuty

CloudWatch

Config

Inspector

A

GuardDuty

GuardDuty is an intelligent threat detection system that uncovers unauthorized behavior.

52
Q

A company is deploying an application to an EC2 instance. They care most about achieving the lowest cost possible and don’t mind if their workloads are interrupted. Which pricing option should the company consider?

Savings Plan

Dedicated Host

Reserved Instance

Spot Instance

A

Spot Instance

Spot Instances let you take advantage of unused EC2 capacity and are good for workloads that can be interrupted.

53
Q

You want to streamline access management for your AWS administrators by assigning them a pre-defined set of permissions based on their job role. Which options below are the best way to approach this?

(Choose 2)

Use IAM roles

Use IAM policies

Use AWS Organizations

Use IAM groups

A

-Use IAM policies
You manage permissions for IAM users, groups, and roles by creating a policy document in JSON format and attaching it.

-Use IAM groups
Using IAM groups lets you create a list of pre-defined permissions that any user made a part of that group will be granted. Roles are primarily used to grant AWS resources permissions to other AWS resources and generally are not for end-users.

54
Q

A company is planning for increased sales and traffic during an upcoming holiday sale. How can the company BEST prepare to meet the upcoming change in demand?

Develop a page to display, when demand can’t be met, asking the customer to try again later.

Review traffic from the previous year’s sale and add additional instances to match the capacity used.

Cache content using Amazon ElastiCache.

Implement EC2 Auto Scaling.

A

Implement EC2 Auto Scaling.

Auto Scaling adds or removes EC2 instances based on demand.

55
Q

Which of the following are common use cases for S3?

(Choose 2)

Hosting a relational database

Storing application assets

Installing a filesystem

Static web hosting

A

-Storing application assets
Common use cases for Amazon S3 include storing application assets. AWS does not recommend using S3 for filesystems or for database storage.

-Static web hosting
Common use cases for Amazon S3 include static web hosting. AWS does not recommend using S3 for filesystems or for database storage.

56
Q

A healthcare agency needs to store certain patient information for up to 10 years. To save cost, they want to archive this data to cheaper storage. The data needs to be retrieved within 12 hours. Which is the cheapest option?

Redshift

Glacier Deep Archive

Amazon S3 Glacier Flexible Retrieval (Formerly S3 Glacier)

S3 Standard-IA

A

Glacier Deep Archive

Glacier Deep Archive meets the requirement and is the cheapest option.

57
Q

You added a recently hired HR Assistant to the IAM group named ‘HumanResources’. Which of the following statements will apply to that user?

(Choose 2)

The HR Assistant inherits the permissions of the ‘HumanResources’ group.

The HR Assistant becomes an IAM member of the company’s Human Resources department.

The HR Assistant becomes the AWS root account user.

The HR Assistant becomes leader of the Human Resources department.

A
  • The HR Assistant inherits the permissions of the ‘HumanResources’ group.
  • The HR Assistant becomes an IAM member of the company’s Human Resources department.

By adding the HR Assistant to the ‘HumanResources’ group using the AWS Identity and Access Management (IAM) service, the new hire is now a member of the company’s HR department and inherits the administrative permissions of that group.

58
Q

A company is running several Linux workloads in the cloud. They are considering storage options. Which storage option should the company NOT use due to the fact the data will be lost when the instance is stopped or terminated?

EC2 Instance Store

Elastic File System (EFS)

S3 bucket

Elastic Block Store (EBS)

A

EC2 Instance Store

An instance store is a local storage that is physically attached to the host computer and cannot be removed. Storage is temporary since data loss occurs when the EC2 instance is stopped.

59
Q

Which factors are required to sign in to the AWS Management Console using multi-factor authentication (MFA)?

Username and password + authentication code

Username and authentication code

Username and password

Password and authentication code

A

Username and password + authentication code

Multi-Factor Authentication, or MFA, adds an extra layer of protection to your username and password when logging in to the AWS Management Console. To sign in, you would need 2 factors: 1) the user name and password; and 2) an authentication code from an AWS-supported MFA software app.

60
Q

Which of the following AWS services is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing business intelligence tools.

Redshift

EMR

Kinesis

DynamoDB

A

Redshift

Redshift is AWS’ fully managed data warehouse solution.

61
Q

A company is migrating to the AWS Cloud. They need to set up DNS in the cloud. Which service is a highly available and scalable cloud DNS service in AWS?

CloudFront

Route 53

Amazon VPC

Amazon Macie

A

Route 53

Route 53 is a DNS service that routes users to applications.

62
Q

You need to store key-value pairs of users and their high scores for a gaming application. Which is the fastest and cheapest storage option for this type of data?

DynamoDB

RDS MySQL

Amazon S3

Amazon RedShift

A

DynamoDB

DynamoDB is a fully managed NoSQL key-value and document database. DynamoDB scales automatically to massive workloads with fast performance and is the best choice for this scenario.

63
Q

Which services can host a MariaDB database?

(Choose 2)

DynamoDB

Aurora

EC2

DocumentDB

RDS

A

-EC2
For complete control of a database, you can install the database software directly on an EC2 instance.

-RDS
RDS supports several popular database engines: Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle Database, and SQL Server.

64
Q

In the AWS Global Infrastructure, which components are physically separated and connected through low-latency links, enabling fault tolerance and high availability?

Route 53

Virtual Private Clouds (VPCs)

Regions

Availability Zones

A

Availability Zones

Availability Zones (AZs) are connected among themselves in a single Region. They are physically separated, connected through low-latency links, fault tolerant, and allow high availability.

65
Q

Which of the following is AWS’ event-driven, serverless compute service?

Lightsail

EC2

Lambda

Elastic Beanstalk

A

Lambda

Lambda is AWS’ event-driven, serverless compute service that allows you to run code without having to deploy or manage any of the underlying resources such as EC2 instances.