Practice Exam 6 Flashcards
Which of the following compute services is ideal if you need to run a simple website or a simple e-commerce application?
Lambda
Elastic Beanstalk
Lightsail
EC2
Lightsail
Lightsail is ideal for simple websites or simple e-commerce applications.
Users need to access AWS resources from the Command Line Interface. Which IAM option can be used for authentication?
IAM group
IAM policy
IAM role
Access keys
Access keys
You must provide your AWS access keys to make programmatic calls to AWS or to use the AWS Command Line Interface or AWS Tools for PowerShell.
Which defines one or more discrete data centers with redundant power, networking, and connectivity?
AWS Local Zones
Region
Edge location
Availability Zone
Availability Zone
An Availability Zone (AZ) is one or more discrete data centers with redundant power, networking, and connectivity in an AWS Region. AZs are physically separated by a meaningful distance, many kilometers, from any other AZ, although all are within 100 km (60 miles) of each other.
When would you use the Reserved Instance pricing model?
(Choose 2)
Your application has steady state usage
Your application has unpredictable workloads
Your application requires a capacity reservation
Ability to bid on the lowest compute price possible
-Your application has steady state usage
Reserved Instances are a great way of reducing costs on long running applications with steady state usage. Even if the money is not available to make upfront payments, using Reserved Instances over longer periods can still be useful for cost savings.
-Your application requires a capacity reservation
Amazon EC2 Reserved Instances (RI) can provide a capacity reservation, offering additional confidence in your ability to launch the number of instances you have reserved when you need them.
Which following statement is true of newly created security groups with their default rules?
New security groups block outbound traffic and allow all incoming traffic.
New security groups allow both incoming and outbound traffic.
New security groups block both incoming and outbound traffic.
New security groups allow only outbound traffic and block all incoming traffic.
New security groups allow only outbound traffic and block all incoming traffic.
By default, new security groups start with only an outbound rule to allow all traffic to leave the instances. You must add rules to enable any inbound traffic.
Which of the following describes a subnet accurately?
The Amazon VPC side of a VPN connection.
A segment of a VPC’s IP address range where you can place groups of isolated resources.
A logically isolated virtual network in the AWS cloud.
The Amazon VPC side of a connection to the public Internet.
A segment of a VPC’s IP address range where you can place groups of isolated resources.
A virtual private cloud, or VPC, is the virtual network you create in your AWS account. When you create a VPC, you split it into smaller network segments by specifying a range of IP addresses. These segments are referred to as subnets, and this is where you launch your AWS resources.
Which of the following are part of the AWS storage services category?
(Choose 3)
Amazon RDS
Amazon S3
Amazon EFS
Amazon Redshift
Storage Gateway
Amazon S3
Amazon EFS
Storage Gateway
Are storage services.
The AWS Global Infrastructure comprises Regions, Availability Zones, and edge locations, and there is a different number of each infrastructure element. Select the option that shows the correct order from greatest to least.
Number of Availability Zones > Number of Edge Locations > Number of Regions
Number of Availability Zones > Number of Regions > Number of Edge Locations
Number of Regions > Number of Availability Zones > Number of Edge Locations
Number of Edge Locations > Number of Availability Zones > Number of Regions
Number of Edge Locations > Number of Availability Zones > Number of Regions
The number of edge locations is greater than the number of Availability Zones, which is greater than the number of Regions. Regions contain Availability Zones, therefore there will always be more AZs than Regions.
Your application needs fully managed storage for objects. Which of the following options should you choose?
EBS
S3
RDS
EC2
S3
S3 is fully managed storage for objects. EBS provides virtual hard disks in the cloud and is block-based, not object-based. EC2 is a compute service, and RDS is a database service.
Which of the following statements are true of Amazon Aurora?
(Choose 2)
It uses the AWS Management Console, AWS CLI commands, and API operations to handle routine database tasks.
It is part of the Amazon DynamoDB service.
It can deliver up to three times the throughput of MySQL.
It is compatible with the MySQL and PostgreSQL database engines.
-It uses the AWS Management Console, AWS CLI commands, and API operations to handle routine database tasks.
You can handle routine database tasks on it using either the AWS Management Console, AWS CLI commands, or API operations.
-It is compatible with the MySQL and PostgreSQL database engines.
Amazon Aurora is compatible with MySQL and PostgreSQL.
Which of the following enables you to interact with AWS services using only textual commands?
Amazon API Gateway
AWS SDK
AWS CLI
AWS Management Console
AWS CLI
‘CLI’ stands for ‘Command Line Interface’, which is the open source tool used for executing tasks in AWS by typing and entering textual commands.
Which of the following best describes Availability Zones (AZs)?
Two zones containing compute resources that are designed to automatically maintain synchronized copies of each other’s data
Restricted areas designed specifically for the creation of virtual private clouds (VPCs) that span AZs
A content distribution network used to deliver content to users
Distinct locations from within an AWS Region that are engineered to be isolated from failures
Distinct locations from within an AWS Region that are engineered to be isolated from failures
Availability Zones are distinct locations from within an AWS Region that are engineered to be isolated from failures. Each Region is made up of 1 or more AZs. Availability Zones host almost every AWS service, including EC2 instances, S3 buckets, and much more. Some services will maintain copies of your data between Availability Zones, but this is dependent on the individual service (for example, S3 can store data in multiple AZs, whereas an EC2 instance is tied to a single AZ).
Enabling Amazon GuardDuty automatically grants the service permission to analyze continuous metadata streams from which of the following data sources?
(Choose 3)
VPC Flow Logs
AWS CloudTrail logs
Amazon S3 buckets
DNS query logs
-VPC Flow Logs
VPC Flow Logs captures information about the IP traffic going to and from Amazon EC2 network interfaces in your VPC. When you enable GuardDuty, it immediately starts analyzing your VPC Flow Logs data. It consumes VPC Flow Logs events directly from the VPC Flow Logs feature through an independent and duplicative stream of flow logs.
-AWS CloudTrail logs
AWS CloudTrail provides you with a history of AWS API calls for your account, including API calls made using the AWS Management Console, AWS SDKs, command-line tools, and higher-level AWS services. CloudTrail also allows you to identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address that the calls were made from, and when the calls occurred. When you enable GuardDuty, it immediately starts analyzing your CloudTrail event logs. It consumes CloudTrail management and S3 data events directly from CloudTrail.
-DNS query logs
This option only works if you use AWS DNS resolvers for your EC2 instances. GuardDuty will be able to access and process your request and response DNS logs through the internal DNS resolvers. When you enable GuardDuty, it will immediately start analyzing DNS logs through an independent data stream.
You are working with IAM and need to attach policies to users, groups, and roles. Which of the following will you be attaching these policies to?
Resources
Principals
Entities
Identities
Identities
Identities are the IAM resource objects that are used to identify and group. You can attach a policy to an IAM identity. These include users, groups, and roles.
You need to set up a virtual firewall for your EC2 instance. Which would you use?
Subnet
Network ACL
IAM policy
Security group
Security group
A security group acts as a virtual firewall for your instance to protect your EC2 instance by controlling inbound and outbound traffic.
Which of the following does Amazon ensure will happen when paying for AWS on an as-needed basis?
(Choose 3)
Spending less money in the long term
Enabling the full elasticity of business operations
Reducing procurement complexity
Redirecting focus to innovation and invention
Spending more money in the long term
-Enabling the full elasticity of business operations
Amazon provides certain benefits when you pay for services on an as-needed basis for your business. You can spend more time innovating and inventing, which consequently enables your business to be fully elastic.
-Reducing procurement complexity
Amazon provides certain benefits when you pay for services on an as-needed basis for your business. You can spend more time innovating and inventing, which consequently reduces the complexity of procurement.
-Redirecting focus to innovation and invention
Amazon provides certain benefits when you pay for services on an as-needed basis for your business, so you can spend more time innovating and inventing.
Which term refers to the Identity and Access Management (IAM) resource objects that AWS uses for authentication?
Resources
Identities
Principal
Entities
Entities
IAM entities are the users (IAM users and federated users) and roles that are created and used for authentication.
An auditor is conducting an audit of your IT operations for compliance. The auditor requests visibility to logs of event history across your AWS-based employee expense system infrastructure. Which AWS service will record and provide you the information you need?
AWS CloudWatch Logs
AWS Compliance Manager
AWS Systems Manager
AWS CloudTrail
AWS CloudTrail
AWS CloudTrail provides visibility to API call activity for AWS infrastructure and other services. AWS Cloudwatch Logs might be part of a centralized logging solution, but all API event information will come from CloudTrail. AWS Systems Manager can process EC2 logs only, and AWS Compliance Manager is not a service offered by AWS.
Which of the following are characteristics of Availability Zones (AZs)?
(Choose 3)
Physically separated
Data centers housed in the same facility
Fault tolerant
Connected through low-latency links
-Physically separated
AZs are physically separated.
-Fault tolerant
AZs are fault tolerant.
-Connected through low-latency links
AZs are connected to each other through low-latency links.
Which of the following are characteristics of cloud computing?
(Choose 3)
Cloud charges are capital expenditures.
Pay-as-you-go pricing
No extra skills or training are required.
Services are delivered via the internet.
On-demand delivery
-Pay-as-you-go pricing
The on-demand delivery via the internet of services with pay-as-you-go pricing characterizes cloud computing.
-Services are delivered via the internet.
The on-demand delivery via the internet of services with pay-as-you-go pricing characterizes cloud computing. Services incurred from a cloud services provider are operating expenses, not capital expenses. Capital expenditure (CapEX) is less common with the cloud, in favor of operational expenditure (OpEx). Skills and training for personnel are required to leverage cloud computing.
-On-demand delivery
The on-demand delivery via the internet of services with pay-as-you-go pricing characterizes cloud computing.
A company on the Business Support plan currently runs all their applications in a single Region. They have made the decision to expand to multiple Regions. What is the process to start deploying their applications to the new Regions?
Reach out to their Technical Account Manager (TAM) for assistance.
Open an account and billing support case with AWS Support.
Just start deploying the applications to the new Regions.
Copy the existing Availability Zone group to the new Regions.
Just start deploying the applications to the new Regions.
You are free to deploy your applications to new Regions. Don’t forget: CloudFormation can make the process of provisioning resources easier and repeatable.
Which of the following is AWS’ managed DDoS protection service?
Security groups
AWS Shield
AWS WAF
Access control lists
AWS Shield
AWS Shield is AWS’ managed DDoS protection service at Layer 4.
Adding resources to your application as user demand grows is an example of which cloud concept?
Automation
Scalability
Elasticity
High availability
Scalability
Scalability is the concept that, as cloud has essentially limitless capacity, it allows you to expand out as needed - as detailed in the question.
Which of the following AWS Support levels offers the assistance of a Technical Account Manager?
Business
Premium
Enterprise
Developer
Enterprise
Only Enterprise (the highest level of AWS Support plans) offers the services of a Technical Account Manager.
Your Development team uses 4 On-Demand EC2 instances. Your QA team has 5 Reserved Instances, only 3 of which are being used. Assuming all AWS accounts are under a single AWS Organization, how will the Development team’s instances be billed?
The Dev team will be billed for 2 instances at On-Demand prices and 2 instances at the Reserved Instance price.
The pricing for the Reserved Instances will shift from QA to Dev.
All the Dev team’s instances will be billed at the On-Demand rate.
All the Dev team’s instances will be billed at the Reserved Instance rate.
The Dev team will be billed for 2 instances at On-Demand prices and 2 instances at the Reserved Instance price.
Since the QA team has 5 Reserved Instances and only 3 are being used, that means 2 of the Reserved Instances are free. Since both teams belong to the same AWS Organization, the pricing for the 2 unused instances would be applied to 2 of the 4 Dev On-Demand instances.
Which of the following are AWS Security, Identity, and Compliance services?
(Choose 3)
AWS Security Hub
AWS Secrets Manager
AWS Key Management Service (KMS)
AWS Trusted Advisor
AWS Organizations
-AWS Security Hub
AWS Security Hub is part of the Security, Identity, and Compliance services. It provides you with a comprehensive view of your security state within AWS and your compliance with security standards and best practices.
-AWS Secrets Manager
AWS Secrets Manager is part of the Security, Identity, and Compliance services. It is a secrets management service that helps you protect access to your applications, services, and IT resources.
-AWS Key Management Service (KMS)
AWS Key Management Service is part of the Security, Identity, and Compliance services. It is a managed service that enables you to easily create and control the keys used for cryptographic operations.
Your company has entered into a 3-year contract with a government agency. Your best option for EC2 is Reserved Instances. Which AWS feature would you use to track your Reserved Instance usage?
AWS CloudTrail
AWS Cost and Usage Report
Trusted Advisor
AWS Organizations
AWS Cost and Usage Report
The Cost and Usage Report contains the most comprehensive set of cost and usage data.
You have been tasked with going into the AWS company account and getting information on saving money, improving system performance and reliability, and closing security gaps. Which tool can you use to get this information?
AWS Inspector
AWS Trusted Advisor
CloudWatch
AWS Cost and Usage Report
AWS Trusted Advisor
Trusted Advisor provides real-time guidance to help you provision your resources following AWS best practices.
Which of the following AWS services enables you to continuously monitor and record configuration changes of your resources?
AWS Trusted Advisor
AWS CloudTrail
Amazon GuardDuty
AWS Config
AWS Config
Config specifically focuses on listing the resources in your AWS account and presenting their configuration change history
Which of the following statements are true of Amazon Aurora?
(Choose 2)
It is compatible with Oracle.
It is compatible with MariaDB.
It can deliver up to five times the throughput of MySQL.
It is a Relational Database Service (RDS) database engine developed by Amazon.
-It can deliver up to five times the throughput of MySQL.
Aurora is 5x faster than normal MySQL and 3x faster than normal PostgreSQL
-It is a Relational Database Service (RDS) database engine developed by Amazon.
Aurora is an RDS engine developed by Amazon.
VPC, CloudFront, and Route 53 are examples of what type of AWS service?
Migration and Transfer
Database
Compute
Networking and Content Delivery
Networking and Content Delivery
Amazon VPC, Amazon CloudFront, and Amazon Route 53 are networking and content delivery services that AWS offers. VPC and Route 53 are involved with linking resources with one another to operate interactively; VPC creates a virtual network, and Route 53 connects end users to web applications. CloudFront is an AWS service for fast web content delivery.
An application that experiences highly variable traffic throughout the day has been configured in AWS. The capacity configured to serve this application adjusts to demands throughout the day. Which AWS principle does this describe?
Elasticity
Viscosity
Durability
High availability
Elasticity
With elasticity, you do not have to plan ahead of time how much capacity you need. You can provision only what you need, and then grow and shrink based on demand.
Which of the following engines are classified as relational databases on AWS?
(Choose 3)
Oracle
DynamoDB
PostgreSQL
MySQL
Redshift
Oracle
PostgreSQL
MySQL
PostgreSQL, MySQL, and Oracle are three types of RDS engines on AWS. By contrast, DynamoDB is Amazon’s nonrelational database solution and RedShift is Amazon’s data warehouse service.
You are using your corporate directory to grant your users access to AWS services. What is this called?
Role-based access
Multi-Factor Authentication
User group access
Federated access
Federated access
Federated access is when you use an external directory, such as your corporate one, to grant users in that directory access to AWS resources.
Which of the following does AWS use to notify you by email when you exceed 85% of your Free Tier limits for each service?
AWS Cost Explorer
AWS Personal Health Dashboard
AWS Budgets
AWS Organizations
AWS Budgets
AWS Budgets notifies you when you exceed 85% of your Free Tier limits for each service you’re using by sending you an email.
Which of the following support plans features access to Enhanced Technical Support via email only during business hours?
Basic
Enterprise
Developer
Business
Developer
The Developer Support plan features access to Enhanced Technical Support during business hours via email.
According to the AWS Shared Responsibility Model, which of the following is the customer responsible for?
(Choose 3)
Security groups
Amazon Virtual Private Cloud (VPC) service
Network access control lists (network ACLs)
Subnets
Security groups
Network access control lists (network ACLs)
Subnets
AWS is responsible for protecting the infrastructure that runs its services, which includes Amazon VPC. By comparison, the customer is responsible for what goes in the AWS Cloud. This includes subnets (each of which consist of a range of IP addresses), security groups (each of which acts as a virtual firewall to control inbound and outbound traffic), and network ACLs as additional layers of securit
Which of the below are you responsible for when running an EC2 instance on AWS?
(Choose 2)
Patching the network hardware
Patching the applications
Patching the operating system
Patching the compute hardware
Patching the applications
Patching the operating system
Under the Shared Responsibility Model, EC2 patching is a shared control — AWS is responsible for the underlying hardware, but you as the user are responsible for patching the OS and applications running in your instance.
Which service allows a user to rotate, manage, and retrieve secrets?
Identity and Access Management (IAM)
Secrets Manager
Key Management Service (KMS)
CloudHSM
Secrets Manager
Secrets Manager allows you to manage and retrieve secrets (passwords or keys).
Which of the following falls under AWS compute services category?
(Choose 3)
Amazon Elastic Beanstalk
Budgets
Amazon Elastic Compute Cloud (EC2)
Amazon Elastic File System (EFS)
Amazon Lightsail
Amazon Relational Database Services (RDS)
-Amazon Elastic Beanstalk
Elastic Beanstalk is a compute service used to deploy web applications.
-Amazon Elastic Compute Cloud (EC2)
EC2 is a compute service.
-Amazon Lightsail
Lightsail is a compute service.
Which service allows you to connect a private cloud to a public cloud?
Route 53
CodeDeploy
Direct Connect
Server Migration Service (SMS)
Direct Connect
Direct Connect is a dedicated physical network connection from your on-premises data center to AWS.
Which of the following best describes a system that is always online — without the need for human intervention?
Fault tolerant
Highly available
Scalable
Elastic
Highly available
A highly available system is always online — without the need for human intervention. Although fault tolerance is closely related to high availability, fault tolerance usually implies a degradation of service without human intervention, unlike high availability which is like-for-like.
Your company has recently migrated large amounts of data to the AWS Cloud in S3 buckets. It is necessary to discover and protect the sensitive data in these buckets. Which AWS service can do that?
GuardDuty
Amazon Macie
CloudTrail
AWS Inspector
Amazon Macie
Macie helps you discover and protect sensitive data.
In order to comply with regulatory mandates, some of your data needs to be retained in perpetuity. Which of the following AWS storage classes offers low-cost, long-term data archival?
EFS
Glacier
Redshift
S3
Glacier
Glacier is your best choice for deeply discounted, long-term object archival — as long as the data does not need to be available and online at a
Which of the following are examples of programmatic access?
(Choose 3)
Command Line Interface (CLI)
AWS Management Console
Software Development Kits (SDKs)
Application code
-Command Line Interface (CLI)
The CLI allows you to manage AWS services from a terminal session on your machine.
-Software Development Kits (SDKs)
SDKs allow you to access AWS services from popular programming languages like Java, Python, C#, and many more.
-Application code
AWS services can be accessed from application code using SDKs and programmatic calls.
Which of the following is NOT a database service in AWS?
Amazon EBS
Amazon Redshift
Amazon Neptune
Amazon Aurora
Amazon EBS
Amazon EBS is a storage service providing virtual hard disks in the cloud, while the other services listed are database services.
Which of the following services does the AWS Shield Standard plan provide?
(Choose 2)
Assistance with protection from common DDoS attacks
Reimburse related Route 53, CloudFront, and ELB DDoS charges
Network flow monitoring
Post-attack analysis
- Assistance with protection from common DDoS attacks
- Network flow monitoring
AWS Shield safeguards web applications. AWS Shield Standard is a base-level plan with features that include network flow monitoring and assistance with protection from common DDoS attacks.
Which of the following is true of AWS Lambda?
(Choose 3)
It lets you run code without provisioning or managing servers.
It is a serverless computing platform.
It triggers charges whether your code is running or not.
It supports several popular programming languages for writing application code.
-It lets you run code without provisioning or managing servers.
This is true. Lambda is considered serverless because you can run code without provisioning or managing servers.
-It is a serverless computing platform.
You can build serverless applications composed of functions.
-It supports several popular programming languages for writing application code.
Lambda supports several popular programming languages like Java, Python, Node.js, etc.
Which of the following statements are true of the AWS Free Tier?
(Choose 2)
You will never be charged for use of EC2 Micro instances.
Amazon S3 storage of up to 5 GB is always free.
Some AWS services come with short-term free trial offers.
Some AWS services are free for the first 12 months following the initial sign-up date to AWS.
-Some AWS services come with short-term free trial offers.
The AWS Free Tier offers some services for free for the first 12 months after signing up for an AWS account. It also offers free trials of select AWS services for a short period. So, usage is governed by these principles.
-Some AWS services are free for the first 12 months following the initial sign-up date to AWS.
The AWS Free Tier offers some services for free for the first 12 months after signing up for an AWS account. It also offers free trials of select AWS services for a short period. So, usage is governed by these principles.
A company has multiple AWS accounts across multiple Regions. Which AWS service can be used to manage these accounts and provide consolidated billing?
Identity and Access Management
CloudFormation
Trusted Advisor
AWS Organizations
AWS Organizations
Organizations allows you to centrally manage multiple AWS accounts under 1 umbrella.
You’ve been tasked with assessing your AWS infrastructure in terms of cost optimization. Which of the following AWS services would help with this task?
CloudTrail
AWS Personal Health Dashboard
AWS Systems Manager
Trusted Advisor
Trusted Advisor
AWS Trusted Advisor is an online tool that provides you with real-time guidance to help you provision your resources following AWS best practices.
You are leading a pilot program to try the AWS Cloud for 1 of your applications. You have been instructed to provide an estimate of your AWS bill. Which service will allow you to do this by manually entering your planned resources by service?
AWS Cost and Usage Report
AWS Cost Explorer
AWS CloudTrail
AWS Pricing Calculator
AWS Pricing Calculator
With the AWS Pricing Calculator, you can input the services you will use, as well as the configuration of those services, and get an estimate of the costs these services will accrue. The AWS Pricing Calculator can also help with calculating the total cost of ownership.
Which of the following best describes the ability to scale computing resources out or in easily, while only paying for the resources used?
Elasticity
Scalability
High availability
Fault tolerance
Elasticity
Elasticity describes the ability to scale computing resources out or in easily, while only paying for the resources used.
Which of the following statements are true of Amazon Redshift?
(Choose 2)
It is used for transactional systems.
It is designed for storing petabytes of data.
It is a data warehouse service.
It stores unstructured data.
It is designed for storing petabytes of data.
It is a data warehouse service.
Amazon Redshift is AWS’s data warehouse service designed to scale up to petabytes of structured data.
Upon which of these measurements is AWS Lambda pricing based?
(Choose 2)
Duration
Memory
Data transfer
Number of requests
Duration
Number of requests
With AWS Lambda, you are charged based on the number of requests for your functions and the amount of time (duration) it takes for your code to execute.
Which benefit of cloud computing allows you to avoid planning ahead of time for how much capacity you need?
Durability
Agility
High availability
Elasticity
Elasticity
With elasticity, you do not have to plan ahead of time how much capacity you need. You can provision only what you need, and then grow and shrink based on demand.
Who are the main users of the AWS Command Line Interface (CLI)?
Business Analysts
New cloud users
Developers
Non-technical roles
Developers
Developers are the main the users of the CLI.
How are permissions assigned to an IAM group?
(Choose 2)
Roles
Policies
Security group
Collection
Roles
Policies
Access is assigned using policies and roles.
Your company hosts gaming applications online and would like to deliver these apps to a worldwide audience. Which AWS service would enable delivery to users worldwide and greatly improve response times?
DynamoDB
CloudFormation
ElastiCache
CloudFront
CloudFront
CloudFront is a CDN that delivers data and applications globally with low latency.
Which of the following statements is true of AWS CloudTrail?
(Choose 3)
With CloudTrail, you can create a trail that either applies to one Region or to all Regions.
When you create an AWS account, you will have to manually enable CloudTrail.
CloudTrail delivers log files within 15 minutes of account activity.
Log files are encrypted
- With CloudTrail, you can create a trail that either applies to one Region or to all Regions.
- CloudTrail delivers log files within 15 minutes of account activity.
- Log files are encrypted
By default, CloudTrail event log files are encrypted using Amazon S3 server-side encryption.
How would a customer create a virtual firewall for an EC2 instance?
With an IAM group
With a web application firewall
With a security group
With AWS Shield
With a security group
Security groups act as virtual firewalls for EC2 instances.
Which deployment types offers the advantages of cloud computing?
(Choose 2)
Private cloud
Public cloud
On-premises cloud
Hybrid cloud
-Public cloud Public cloud (offered by AWS) provides advantages of cloud computing.
-Hybrid cloud
A hybrid cloud is a combination of public and private clouds.
Which component of the AWS Global Infrastructure caches content for fast delivery to users?
Regions
Availability Zones
Data centers
Edge locations
Edge locations
Edge locations cache content for fast delivery to your users.
When considering the security of an AWS EC2 instance, which of the below are users responsible for?
(Choose 2)
Physical and environmental controls
Patching and maintenance of OS and applications
Patching and maintenance of server hardware
Security configuration
Patching and maintenance of OS and applications
Security configuration
Under the Shared Responsibility Model, users are entirely responsible for the security, patching, and maintenance of AWS IaaS services such as EC2. AWS will only take care of the underlying hardware used to provide the service.
Which of the following falls under the AWS compute services category?
(Choose 2)
AWS Lambda
Amazon Rekognition
ElastiCache
Amazon Elastic Beanstalk
Amazon Elastic MapReduce (EMR)
AWS Lambda
Amazon Elastic Beanstalk
Are examples of a compute service.
