Practice exam 9

Question 1

An administrator needs to rapidly deploy a popular IT solution and start using it immediately. Where can the administrator find assistance?

A. AWS Well-Architected Framework documentation.
B. Amazon CloudFront.
C. AWS CodeCommit.
D. AWS Quick Start reference deployments.

Answer 1

D. AWS Quick Start reference deployments.

Question 2

What is one of the advantages of the Amazon Relational Database Service (Amazon RDS)?

A. It simplifies relational database administration tasks.
B. It provides 99.99999999999% reliability and durability.
C. It automatically scales databases for loads.
D. It enables users to dynamically adjust CPU and RAM resources.

Answer 2

A. It simplifies relational database administration tasks.

Question 3

Which of the following AWS Cloud services can be used to run a customer-managed relational database?

A. Amazon EC2.
B. Amazon Route 53.
C. Amazon ElastiCache.
D. Amazon DynamoDB.`

Answer 3

A. Amazon EC2.`

Question 4

A user is planning to launch two additional Amazon EC2 instances to increase availability. Which action should the user take?

A. Launch the instances across multiple Availability Zones in a single AWS Region.
B. Launch the instances as EC2 Reserved Instances in the same AWS Region and the same Availability Zone.
C. Launch the instances in multiple AWS Regions but in the same Availability Zone.
D. Launch the instances as EC2 Spot Instances in the same AWS Region but in different Availability Zones.

Answer 4

A. Launch the instances across multiple Availability Zones in a single AWS Region.

Question 5

Which of the following can limit Amazon Simple Storage Service (Amazon S3) bucket access to specific users?

A. A public and private key-pair.
B. Amazon Inspector.
C. AWS Identity and Access Management (IAM) policies.
D. Security Groups.

Answer 5

C. AWS Identity and Access Management (IAM) policies.

Question 6

Which AWS service allows companies to connect an Amazon VPC to an on-premises data center? (Select TWO)

A. AWS VPN.
B. Amazon Redshift.
C. API Gateway.
D. Amazon Direct Connect.

Answer 6

A. AWS VPN.
D. Amazon Direct Connect.

Question 7

Which AWS service or feature can be used to monitor CPU usage?

A. AWS CloudTrail.
B. VPC Flow Logs.
C. Amazon CloudWatch.
D. AWS Config.

Answer 7

C. Amazon CloudWatch.

Question 8

Which task is AWS responsible for in the shared responsibility model for security and compliance?

A. Granting access to individuals and services.
B. Encrypting data in transit.
C. Updating Amazon EC2 host firmware.
D. Updating operating systems.

Answer 8

C. Updating Amazon EC2 host firmware.

Question 9

Which of the following security-related actions are available at no cost?

A. Calling AWS Support.
B. Contacting AWS Professional Services to request a workshop.
C. Accessing forums, blogs, and whitepapers.
D. Attending AWS classes at a local university.

Answer 9

C. Accessing forums, blogs, and whitepapers.

Question 10

Which storage service can be used as a low-cost option for hosting static websites?

A. Amazon Glacier.
B. Amazon DynamoDB.
C. Amazon Elastic File System (Amazon EFS).
D. Amazon Simple Storage Service (Amazon S3).

Answer 10

D. Amazon Simple Storage Service (Amazon S3).

Question 11

According to the AWS shared responsibility model what is the sole responsibility of AWS?

A. Application security.
B. Edge location management.
C. Patch management.
D. Client-side data.

Answer 11

B. Edge location management.

Question 12

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO)

A. Multiple Availability Zones.
B. Performance efficiency.
C. Security.
D. Encryption usage.
E. High availability.

Answer 12

B. Performance efficiency.
C. Security.

Question 13

Which AWS service identifies security groups that allow unrestricted access to a user’s AWS resources?

A. AWS Trusted Advisor.
B. Amazon Inspector.
C. Amazon CloudWatch.
D. AWS CloudTrail.

Answer 13

A. AWS Trusted Advisor.

Question 14

Which design principles for cloud architecture are recommended when re-architecting a large monolithic application? (Select TWO)

A. Use manual monitoring.
B. Use fixed servers.
C. Implement loose coupling.
D. Rely on individual components.
E. Design for scalability.

Answer 14

C. Implement loose coupling.
E. Design for scalability.

Question 15

When architecting cloud applications, which of the following are a key design principle?

A. Use the largest instance possible.
B. Provision capacity for peak load.
C. Use the Scrum development process.
D. Implement elasticity.

Answer 15

D. Implement elasticity.

Question 16

A company has deployed several relational databases on Amazon EC2 instances. Every month the database software vendor releases new security patches that need to be applied to the databases. What is the MOST efficient way to apply the security patches?

A. Connect to each database instance on a monthly basis and download and apply the necessary security patches from the vendor.
B. Enable automate patching for the instances using the Amazon RDS console.
C. In AWS Config. configure a rule for the instances and the required patch level.
D. Use AWS Systems Manager to automate database patching according to a schedule.

Answer 16

D. Use AWS Systems Manager to automate database patching according to a schedule.

Question 17

Which mechanism allows developers to access AWS services from application code?

A. AWS Software Development Kit.
B. AWS Management Console.
C. AWS CodePipeline.
D. AWS Config.

Answer 17

A. AWS Software Development Kit.

Question 18

Which AWS feature will reduce the customer’s total cost of ownership (TCO)?

A. Shared responsibility security model.
B. Single tenancy.
C. Elastic computing.
D. Encryption.

Answer 18

C. Elastic computing.

Question 19

Which of the following is a benefit of using the AWS Cloud?

A. Permissive security removes the administrative burden.
B. Ability to focus on revenue-generating activities.
C. Control over cloud network hardware.
D. Choice of specific cloud hardware vendors.

Answer 19

B. Ability to focus on revenue-generating activities.

Question 20

Which of the following are categories of AWS Trusted Advisor? (Select TWO)

A. Fault Tolerance.
B. Instance Usage.
C. Infrastructure.
D. Performance.
E. Storage Capacity.

Answer 20

A. Fault Tolerance.
D. Performance.

Question 21

What is Amazon CloudWatch?

A. A code repository with customizable build and team commit features.
B. A metrics repository with customizable notification thresholds and channels.
C. A security configuration repository with threat analytics.
D. A rule repository of a web application firewall with automated vulnerability prevention features.

Answer 21

B. A metrics repository with customizable notification thresholds and channels.

Question 22

Under the AWS shared responsibility model, which of the following activities are the customer’s responsibility? (Select TWO)

A. Patching operating system components for Amazon Relational Database Server (Amazon RDS).
B. Encrypting data on the client-side.
C. Training the data center staff.
D. Configuring Network Access Control Lists (ACL).
E. Maintaining environmental controls within a data center.

Answer 22

B. Encrypting data on the client-side.
D. Configuring Network Access Control Lists (ACL).

Question 23

Under the shared responsibility model, which of the following is a shared control between a customer and AWS?

A. Physical controls.
B. Patch management.
C. Zone security.
D. Data center auditing.

Answer 23

B. Patch management.

Question 24

Which AWS service is used to pay AWS bills, and monitor usage and budget costs?

A. AWS Billing and Cost Management.
B. Consolidated billing.
C. Amazon CloudWatch.
D. Amazon QuickSight.

Answer 24

A. AWS Billing and Cost Management.

Question 25

How do customers benefit from Amazon’s massive economies of scale?

A. Periodic price reductions as the result of Amazon’s operational efficiencies.
B. New Amazon EC2 instance types providing the latest hardware.
C. The ability to scale up and down when needed.
D. Increased reliability in the underlying hardware of Amazon EC2 instances.

Answer 25

A. Periodic price reductions as the result of Amazon’s operational efficiencies.

Question 26

Which AWS feature allows a company to take advantage of usage tiers for services across multiple member accounts?

A. Service control policies (SCPs).
B. Consolidated billing.
C. All Upfront Reserved Instances.
D. AWS Cost Explorer.

Answer 26

B. Consolidated billing.

Question 27

Which AWS services provide a way to extend an on-premises architecture to the aws cloud? (Select TWO)

A. Amazon EBS.
B. Amazon Connect.
C. AWS Storage Gateway.
D. Amazon CloudFront.
E. AWS Direct Connect.

Answer 27

C. AWS Storage Gateway.
E. AWS Direct Connect.

Question 28

Which of the following services will automatically scale with an expected increase in web traffic?

A. AWS CodePipeline.
B. Elastic Load Balancing.
C. Amazon EBS.
D. AWS Direct Connect.

Answer 28

B. Elastic Load Balancing.

Question 29

Which service provides a virtually unlimited amount of online highly durable object storage?

A. Amazon Redshift.
B. Amazon Elastic File System (Amazon EFS).
C. Amazon Elastic Container Service (Amazon ECS).
D. Amazon S3.

Answer 29

D. Amazon S3.

Question 30

Which AWS feature should a customer leverage to achieve high availability of an application?

A. AWS Direct Connect.
B. Availability Zones.
C. Data centers.
D. Amazon Virtual Private Cloud (Amazon VPC).

Answer 30

B. Availability Zones.

Question 31

Which AWS service or feature can enhance network security by blocking requests from a particular network for a web application on AWS? (Select TWO)

A. AWS WAF.
B. AWS Trusted Advisor.
C. AWS Direct Connect.
D. AWS Organizations.
E. Network ACLs.

Answer 31

A. AWS WAF.
E. Network ACLs.

Question 32

Which of the following is a cloud architectural design principle?

A. Scale up not out.
B. Loosely couple components.
C. Build monolithic systems.
D. Use commercial database software.

Answer 32

B. Loosely couple components.

Question 33

Which service enables risk auditing by continuously monitoring and logging account activity, including user actions in the AWS Management Console and AWS SDKs?

A. Amazon CloudWatch.
B. AWS CloudTrail.
C. AWS Config.
D. AWS Health.

Answer 33

B. AWS CloudTrail.

Question 34

Where can AWS compliance and certification reports be downloaded?

A. AWS Artifact.
B. AWS Concierge.
C. AWS Certificate Manager.
D. AWS Trusted Advisor.

Answer 34

A. AWS Artifact.

Question 35

The financial benefits of using AWS are: (Select TWO)

A. Reduced Total Cost of Ownership (TCO).
B. Increased capital expenditure (capex).
C. Reduced operational expenditure ( opex ).
D. Deferred payment plans for startups.
E. Business credit lines for startups.

Answer 35

A. Reduced Total Cost of Ownership (TCO).
C. Reduced operational expenditure ( opex ).

Question 36

Which AWS service can serve a static website?

A. Amazon S3.
B. Amazon Route 53.
C. Amazon QuickSight.
D. AWS X-Ray.

Answer 36

A. Amazon S3.

Question 37

What are the benefits of using the AWS Cloud for companies with customers in many countries around the world (Select TWO)

A. Companies can deploy applications in multiple AWS Regions to reduce latency.
B. Amazon Translate automatically translates third-party website interfaces into multiple languages.
C. Amazon CloudFront has multiple edge locations around the world to reduce latency.
D. Amazon Comprehend allows users to build applications that can respond to user requests in many languages.
E. Elastic Load Balancing can distribute application web traffic to multiple AWS Regions around the world which reduces latency.

Answer 37

A. Companies can deploy applications in multiple AWS Regions to reduce latency.
C. Amazon CloudFront has multiple edge locations around the world to reduce latency.

Question 38

Which of the following are main components of the AWS global infrastructure? (Select TWO)

A. Resource groups.
B. Availability Zones.
C. Security groups.
D. Regions.
E. Amazon Machine Images (AMIS).

Answer 38

B. Availability Zones.
D. Regions.

Question 39

What is the AWS customer responsible for according to the AWS shared responsibility model?

A. Physical access controls.
B. Data encryption.
C. Secure disposal of storage devices.
D. Environmental risk management.

Answer 39

B. Data encryption.

Question 40

If each department within a company has its own AWS account, what is one way to enable consolidated billing?

A. Use AWS Budgets on each account to pay only to budget.
B. Contact AWS Support for a monthly bill.
C. Create an AWS Organization from the payer account and invite the other accounts to join.
D. Put all invoices into one Amazon Simple Storage Service (Amazon S3) bucket, load data into Amazon Redshift, and then run a billing report.

Answer 40

C. Create an AWS Organization from the payer account and invite the other accounts to join.

Question 41

What costs are included when comparing AWS Total Cost of Ownership (TCO) with on-premises TCO?

A. Project management.
B. Antivirus software licensing.
C. Data center security.
D. Software development.

Answer 41

C. Data center security.

Question 42

What is the benefit of using AWS managed services, such as Amazon ElastiCache and Amazon Relational Database Service (Amazon RDS)?

A. They require the customer to monitor and replace failing instances.
B. They have better performance than customer-managed services.
C. They simplify patching and updating underlying OSs.
D. They do not require the customer to optimize instance type or size selections.

Answer 42

B. They have better performance than customer-managed services.

Question 43

Which services can be used across hybrid AWS Cloud architectures? (Select TWO)

A. Amazon Route 53.
B. Virtual Private Gateway.
C. Classic Load Balancer.
D. Auto Scaling.
E. Amazon CloudWatch default metrics.

Answer 43

A. Amazon Route 53.
B. Virtual Private Gateway.

Question 44

Which statement best describes Elastic Load Balancing?

A. It translates a domain name into an IP address using DNC.
B. It distributes incoming application traffic across one or more Amazon EC2 instances.
C. It collects metrics on connected Amazon EC2 instances.
D. It automatically adjusts the number of Amazon EC2 instances to support incoming traffic.

Answer 44

B. It distributes incoming application traffic across one or more Amazon EC2 instances.

Question 45

Which of the following is a fast and reliable NoSQL database service?

A. Amazon Redshift.
B. Amazon RDS.
C. Amazon DynamoDB.
D. Amazon S3.

Answer 45

C. Amazon DynamoDB.

Question 46

Which AWS service would you use to obtain compliance reports and certificates?

A. AWS Artifact.
B. AWS Lambda.
C. Amazon Inspector.
D. AWS Certificate Manager.

Answer 46

A. AWS Artifact.

Question 47

Which AWS services are defined as global instead of regional? (Select TWO)

A. Amazon Route 53.
B. Amazon EC2.
C. Amazon S3.
D. Amazon CloudFront.
E. Amazon DynamoDB.

Answer 47

A. Amazon Route 53.
D. Amazon CloudFront.

Question 48

How would an AWS customer easily apply common access controls to a large set of users?

A. Apply an IAM policy to an IAM group.
B. Apply an IAM policy to an IAM role.
C. Apply the same IAM policy to all IAM users with access to the same workload.
D. Apply an IAM policy to an Amazon Cognito user pool.

Answer 48

A. Apply an IAM policy to an IAM group.

Question 49

Which of the following is an important architectural design principle when designing cloud applications?

A. Use multiple Availability Zones.
B. Use tightly coupled components.
C. Use open source software.
D. Provision extra capacity.

Answer 49

A. Use multiple Availability Zones.

Question 50

Which service allows a company with multiple AWS accounts to combine its usage to obtain volume discounts?

A. AWS Server Migration Service.
B. AWS Organizations.
C. AWS Budgets.
D. AWS Trusted Advisor.

Answer 50

B. AWS Organizations.