Practice Exam A

Question 1

Which of the following statements is a valid reason for choosing a specific AWS Region to deploy your applications in? (Choose 2 answers)

Answer 1

1. Selecting a specific AWS region enables you to ensure that your application is closer to your end-users and offers low latency connectivity.
2. Selecting a specific AWS region ensures that you can comply with data sovereignty laws and compliance.

Question 2

Which AWS Service offers a complete cloud-powered Business Intelligence service that is charged on a pay-per-session pricing model?

Answer 2

AWS Quicksight

Question 3

Which of the following AWS Security tools can protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources?

Answer 3

AWS WAF
(*web application firewall)

Question 4

You are required to host a website across a fleet of web servers on the Amazon platform. In order to build a highly cost-effective solution, you want to automatically provision additional web servers configured with the necessary application stack when demand on those servers increases over a period and then terminate web servers when there is a decrease in CPU load. How would you configure your solution?

Answer 4

Configure Auto Scaling to manage your web servers. As part of the configuration, configure and launch additional servers when CPU Utilization goes above a threshold for a short period of time. Configure the Auto Scaling service to terminate web servers when the CPU Utilization levels drop below a certain threshold for a specified period of time.

Question 5

One of the seven design principals of the Security Pillar in the Well-Architected Framework refers to the concept
of applying security at all layers. Which two firewall options can you configure to protect your EC2 Instances deployed in a VPC? (Choose 2 answers)

Answer 5

1. NACLs
2. Security Groups

Question 6

Which of the following describes a benefit of cloud computing that relates to its ability to scale out and scale in resources based on demand?

Answer 6

Elasticity

Question 7

Which mode of Amazon ECS allows you to have control and manage your cluster of servers and schedule placement of containers on the servers?

Answer 7

EC2 Launch Type

Question 8

Which AWS database solution enables you to build a complete data warehousing solution, capable of handling complex analytic queries against petabytes of structured data using standard SQL and industry recognized Business Intelligence (BI) tools?

Answer 8

AWS Redshift

Question 9

Which AWS Service enables you to test a new IAM Policy to ensure that it will only allow access from a specific IP Address before deploying the policy?

Answer 9

IAM. Policy Simulator

Question 10

You have been hired as a cloud consultant to design your clients’ web application architecture. A key requirement is to address a concern about building a second version of the web application so that if the primary site fails for any reason, customers can be redirected to the secondary site. You are also concerned about regional outages. How you would design this solution?

Answer 10

Build two versions of the site, primary site in your main region, and secondary site in another region. Configure Route53 with a Failover routing policy to switch to the secondary site if the primary site is down.

Question 11

Each region consists of a minimum of two availability zones and many now have at least three availability zones. These availability zones are separated by a meaningful distance, many kilometers, from any other AZ, although all are within 100 km (60 miles) of each other. What is the primary benefit of having multiple AZs configured as above in each region?

Answer 11

To enable customers to deploy applications across these availability zones in a manner that would achieve high availability.

Question 12

Your organization hosts multiple AWS Accounts with multiple VPCs. You would like to connect these VPCs together and centrally manage connectivity policies. Which AWS service enables you to connect multiple VPCs configured as a hub that controls how traffic is routed among all the connected networks which act like spokes?

Answer 12

AWS Transit Gateway.

Question 13

Which type of EBS volume would you recommend for a high-performance application that is particularly sensitive to high latency?

Answer 13

EBS Provisioned IOPS SSD (io1)

Question 14

You are building a multi-tier architecture with web servers placed in the public subnet and application servers placed in the private subnet of your VPC. You need to deploy Elastic Load Balancers to distribute traffic to both the web-server farm and the application server farm. Which type of load balancer would you choose to distribute traffic to your application servers?

Answer 14

Internal load balancers

Question 15

Which service of the AWS Global Infrastructure enables you to distribute your content (videos, images, documents) such that they are cached locally for low latency access when your users try to download them?

Answer 15

Edge Locations

Question 16

In applying the principals of the Reliability Pillar for Failure Management, what strategy should you adopt for production workloads, when you encounter a failure?

Answer 16

Replaced the failed component with a new one and carry out the analysis on the failed resource out of the band.

Question 17

A company plans to migrate its on-premises MySQL database to Amazon RDS. Which AWS service should they use for this task?

Answer 17

AWS Database Migration Service (AWS DMS)

Question 18

Which AWS Service helps you to review the state of your workloads and compares them to the latest AWS architectural best practices?

Answer 18

AWS Well-Architected Tool

Question 19

What best practice strategy should you follow when assigning permissions to IAM Users and Groups?

Answer 19

The principal of least privileges

Question 20

When retrieving data from Amazon Glacier, what is the typical time taken to make a Standard archive available?

Answer 20

3 to 5 hours

Question 21

Which of the following types of EBS volumes can be used as boot volumes for your EC2 Instances? (Select 2 answers)

Answer 21

1. General Purposes SSD (gp2)
2. Provisioned IOPS SSD (io1)

Question 22

Which AWS Service enables developers to analyze and debug applications, identifying the root cause of performance issues and errors?

Answer 22

AWS X-Ray

Question 23

Which feature of the AWS EC2 Services helps to prevent the accidental termination of an EC2 Instance by preventing the user from issuing a termination command either from the console or CLI?

Answer 23

Enable ‘Termination Protection’

Question 24

Your company hosts various workloads across multiple AWS Accounts. Which AWS service can help you maximize on your total spend across all accounts by combining your accounts in a group and thus benefiting from volume discounts?

Answer 24

AWS Organization

Question 25

Which VPC Component enables to you grant Internet access to servers in the public subnet deployed in the VPC?

Answer 25

Internet Gateway

Question 26

Which AWS service can be used to monitor your company’s fleet of EC2 Instances which can be used to identify performance issues related to CPU utilization or memory consumption?

Answer 26

AWS CloudWatch

Question 27

You have launched a VPC in your AWS Account. You have been asked if it is possible to establish connectivity from your on-premise network to the VPC enabling your Developers with seamless access to production workloads deployed in the VPC from the on-premise network. Which connectivity strategy will enable you to establish this connection over the standard public Internet while keeping costs to a minimum?

Answer 27

Setup a Hardware VPC Connection between your on-premise network and your VPC.

Question 28

Which AWS service enables you to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount?

Answer 28

AWS Budgets

Question 29

Which component of the AWS System Manager service can be used to automate common administrative tasks like remotely executing shell scripts or PowerShell commands, installing software updates?

Answer 29

Run Command

Question 30

Which type of cloud service model enables you to consume applications hosted by vendors in the cloud that do not require you to host any infrastructure or platform and which is generally accessible over the public Internet?

Answer 30

SaaS

Question 31

Which AWS services automatically provisions the necessary infrastructure (e.g. load balancing, auto-scaling, and health monitoring) and enables developers to automatically deploy applications built-in supported languages such as node.js, PHP and python?

Answer 31

AWS Elastic Beanstalk

Question 32

Which AWS Service enables companies looking to migrate to the AWS Cloud obtain copies of various compliance documents such as ISO certifications, Payment Card Industry (PCI), and Service Organization Control (SOC) reports?

Answer 32

AWS Artifact

Question 33

Which AWS service enables you to experience a truly hybrid solution by extending AWS Infrastructure such as EC2 and EBS services such that they can be hosted in your own on-premise datacentre?

Answer 33

AWS Outpost

Question 34

Which AWS service enables you to orchestrate and support the deployment of Docker Containers?

Answer 34

Amazon Elastic Container Services (ECS)

Question 35

Which storage solution enables you to share a common file system across multiple Linux based EC2 Instances that can be used to support applications which require access to data with very low latency connectivity?

Answer 35

EFS

Question 36

You have a fleet of on-premise servers that require access to a centrally managed cloud storage service. The application running on your servers need to be able to store and retrieve files as durable objects on Amazon S3 over standard NFS based access with local caching. Which AWS service can help you deliver a solution to meet the above required?

Answer 36

AWS Storage Gateway - File Gateway

Question 37

Which AWS EC2 pricing option enables you to take advantage of unused EC2 capacity in the AWS cloud and can offer up to a 90% discount compared to On-Demand prices?

Answer 37

Spot Instances

Question 38

AWS RDS supports six database engines. From the list below, choose three engines supported by Amazon RDS? (Choose 3 answers)

Answer 38

1. Oracle
2. MySQL
3. Microsoft SQL

Question 39

Which Amazon S3 Storage Class enables you to optimize costs by automatically moving data to the most cost-effective access tier, while ensuring that frequently access data is made available immediately?

Answer 39

Amazon S3 Inteligent Tiering

Question 40

Which AWS Service enables you to compare those costs against on-premise capital expenditure with the on-demand costs associated with building your infrastructure on AWS?

Answer 40

AWS TOC

Question 41

Which AWS services enables you to track all API activity in your AWS account regardless of whether the activity was performed using the AWS Management Console of the Command Line Interface?

Answer 41

AWS CloudTrail

Question 42

Which of the following additional benefits come as part of signing up to the Enterprise Support Plan, when compared to the Business Support Plan? (Choose 2 answers)

Answer 42

1. Access to a designated Technical Account Manager to proactively monitor your environment.
2. Business-critical systems down with Responses Time of less than 15 minutes.

Question 43

You wish to configure an Amazon S3 Event, such that your legal team gets a notification if someone tries to delete an object from a sensitive S3 Bucket? Which AWS Service is used by Amazon S3 to send out notifications to your legal team?

Answer 43

Amazon SNS

Question 44

Which Amazon SQS queue type offers maximum throughput, best-effort ordering, and at-least-once delivery?

Answer 44

SQS Standard Queue

Question 45

Which AWS service can be used to run a piece of code which can create thumbnails of images uploaded to one Amazon S3 bucket and copy them copied to another S3 Bucket?

Answer 45

AWS Lambda

Question 46

Which AWS EC2 pricing option can help you reduce costs by allowing you to use your existing server-bound software licenses?

Answer 46

Dedicated Hosts

Question 47

Which AWS service enables you to perform heterogeneous migrations between different database platforms, such as Oracle to Amazon Aurora

Answer 47

AWS Database Migration Service

Question 48

You wish to deploy a Line of Business application which will use your on-premise identity and access management system (Active Directory) for login authentication. This will involve setting up network connectivity between your AWS architecture and your on-premise datacentre. What is this type of cloud deployment model known as?

Answer 48

Hybrid Cloud

Question 49

You wish to configure a bucket that will enforce a policy that enables anonymous to access its content if they connect to the data from the Corporate and branch offices as part of your security strategy. Which S3 configuration feature will enable you to define the IP Ranges from where you will allow access to the data?

Answer 49

Bucket Policy

Question 50

Which AWS Service provides you with static IP addresses that serve as a fixed entry point to your applications, thereby ensuring that you don’t need to make any client-facing changes or update DNS records as you modify or replace endpoints such as Application Load Balancers to connect to your application?

Answer 50

AWS Global Accelerator

Question 51

Which IAM service enables you to effectively manage users by creating a collection of them based on their job function and assigning them permissions according to their roles to the entire collective?

Answer 51

IAM Groups

Question 52

Which AWS Service can be used to analyze your data held in Amazon S3 using standard SQL queries, without having to set up and manage any servers or data warehouses?

Answer 52

Amazon Athena

Question 53

Which AWS Compliance program has AWS implemented to ensure that its healthcare customers can build applications to securely process, store, and maintain protected patient medical information?

Answer 53

HIPAA

Question 54

Your company is planning to host application workloads on AWS, and you wish to deploy a test environment. You wish to ensure that your developers can access your AWS account using a highly secure authentication process and follow best practices. Which of the following two configuration options will help ensure enhance security? (Choose 2 answers)

Answer 54

1. Configure your IAM Password Policy with Complexity Rules.
2. Configure your IAM accounts with MFA.

Question 55

Which of the following services offered by AWS are considered global services? (Choose 2 answers)

Answer 55

1. Route53
2. Identity and Access Management (IAM)

Question 56

Which AWS service enables you to monitor and have consistent visibility and network traffic controls for every microservice in an application, such that you can quickly pinpoint the exact location of errors and automatically re-route network traffic when there are failures or when code changes need to be deployed?

Answer 56

App Mesh

Question 57

Which of the following AWS services enables you to quickly launch a webserver with a pre-configured WordPress installation pack, offers predictable monthly pricing, comes with integrated certificate management, and provides free SSL/TLS certificates?

Answer 57

AWS LightSail

Question 58

Your administrators need to access your AWS environment using the command-line interface to perform certain specific functions. Which login method do you need to provide them to grant them access via the CLI?

Answer 58

Access Keys

Question 59

Which AWS Service enables you to centrally manage multiple AWS Accounts with service control policies (SCPs) to determine which services can be used in those individual AWS member Accounts?

Answer 59

AWS Organizations

Question 60

Which feature of IAM enables you to use your existing corporate Active Directory user credentials to log in to the AWS Management Console and therefore offer a single sign-on service?

Answer 60

Identity Federation

Question 61

Which of the following AWS Services is a better option to securely grant necessary permissions to a web application running on an EC2 Instance, that needs access to digital assets hosted on an S3 Bucket?

Answer 61

IAM Role

Question 62

Which AWS service enables you to perform search, analysis, and visualize data in real-time with features such as full-text search?

Answer 62

Amazon Elastisearch

Question 63

Your company uses Amazon RDS for certain databases it hosts on AWS. Amazon also offers you the ability to use the same RDS technology on-premise. Which AWS service enables you to deploy Amazon RDS services on-premise, bringing the same benefits of easy to set up, operate, and scale databases to your on-premises deployments?

Answer 63

Amazon RDS on VMware

Question 64

Which AWS service helps you identify potential unused resources such as Elastic IP Addresses that are not attached to a running instance, and thus highlight opportunities to save on costs?

Answer 64

AWS Trusted Advisor

Question 65

Which AWS Service can be used to capture, transform, and load streaming data into Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk, enabling near real-time analytics with existing business intelligence?

Answer 65

AWS Kinesis Firehose