Practice Exam B

Question 1

Which AWS service makes it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS

Answer 1

Amazon EKS.

Question 2

You work for a web application development company and have been asked to design an infrastructure solution which can be repeatedly created using scripted templates to create individual sandbox environments for your developers to use. Some infrastructure components will include the setup and configuration of a VPC, EC2 Instances, S3 buckets etc. Which AWS service enables you to design an infrastructure template that can be deployed to create repeatable infrastructure for your developers to use as a sandbox environment?

Answer 2

AWS CloudFormation.

Question 3

Which IAM feature enables you to grant secure access to other AWS accounts?

Answer 3

IAM Roles.

Question 4

Which configuration feature of the AWS Auto Scaling service enables you to define a maximum number of EC2 Instances that can be launched in your fleet?

Answer 4

Auto Scaling Group.

Question 5

Which AWS Service can be used to analyze IoT telemetry data in real-time as it is streamed into your data storage services on AWS?

Answer 5

AWS Kinesis.

Question 6

Which of the following is true with regards to the benefits of purchasing a convertible EC2 Reserved Instance?

(Choose 2 answers)

Answer 6

1. To benefit from better pricing, you can exchange a No Upfront Convertible Reserved Instance for an All Upfront or Partial Upfront Convertible Reserved Instance.
2. You can exchange one or more Convertible Reserved Instances with a different configuration, including instance family, operating system, and tenancy.

Question 7

Which AWS S3 service can be used to help prevent accidental deletion of objects?

Answer 7

Versioning.

Question 8

Your CEO recently heard that a competitor who migrated to AWS suffered from an attack. The competitors’ AWS Account was used to mine cryptocurrency for an illegal concern. Which AWS security services offer threat detection capabilities using machine learning and behavior models to help detect such malicious activity?

Answer 8

AWS Guard Duty.

Question 9

Which AWS service uses machine-learning to classify sensitive information stored in your Amazon S3 buckets and monitor access patterns for anomalies that indicate risks or suspicious behavior, such as large quantities of source code being downloaded?

Answer 9

AWS Macie.

Question 10

Which AWS service is more cost-effective if you need to host static website content for an upcoming product launch?

Answer 10

Amazon S3.

Question 11

Which AWS support plans are suitable if you require telephone technical support? (Choose 2 Answers)

Answer 11

1. Business
2. Enterprise

Question 12

You have been asked to design and deploy docker style containerized applications on the AWS platform. As part of the requirement, you have been asked to suggest a solution that will not require granular infrastructure management such as choosing server types or deciding when to scale your clusters. Which AWS Elastic Container Service (ECS) modes will enable you to focus on the application packaging rather and worry about provisioning, patching, and scaling of servers?

Answer 12

AWS Fargate.

Question 13

Your finance team would like to be alerted when the cost of using a new AWS test/dev account is about to reach the approved budget for an upcoming project. Which AWS tool can you use to help you achieve this need?

Answer 13

AWS Budgets.

Question 14

Which of the following six advantages of cloud computing enables you to achieve massive savings by avoiding hidden costs when compared to an on-premise infrastructure design?

Answer 14

Stop spending money running and maintaining data centers.

Question 15

Which of the following determines the price of S3?

(Choose 3 answers).

Answer 15

1. Amount of Storage.
2. Data Transfer Out.
3. Storage Class.

Question 16

As part of designing for the Well-Architected Framework, you should enable traceability in order to meet best practices for the Security Pillar. Which of the following AWS tools can help you achieve this?

Answer 16

AWS CloudTrail.

Question 17

Which AWS service allows you to register any application resources, such as databases, queues, microservices, and other cloud resources, with custom names, that allows your applications to easily query the registry for the location of such resources?

Answer 17

CloudMap.

Question 18

As part of implementing change management, which AWS service can be used to assess, audit, and evaluate change configurations of your AWS resources, enabling you to identify if a change was the cause of an incident?

Answer 18

AWS Config.

Question 19

Which AWS service enables you to set custom cost and usage budgets to manage your AWS spend more easily?

Answer 19

AWS Budgets.

Question 20

Where can AWS customers to list their Reserved Instances for sale, if they signed up for a 1 or 3-year contract but now no longer need the instance?

Answer 20

Reversed Instance Marketplace.

Question 21

You are planning on developing a website in multiple languages such that you have one fleet of EC2 Instances which serves the English version of your site and another fleet that serves the Spanish version of your site. For each language version, you will be configuring URLs with different paths such that the English version of your site will contain /en/ in the path, and the Spanish version will contain /es/.

Which type of Load Balancer would you use to route traffic to ensure users connect to the site in their desired language?

Answer 21

Application Load Balancer.

Question 22

You wish to automatically start your fleet of servers used to an Accounting application every morning at 6 am and then shut down the servers at night at 6 pm. This will help reduce overall costs. You plan to use Cloud Events and create cron/scheduled job for this. Which AWS service can enable you to run a node.js code to perform the actual start and stop request, triggered from the scheduled CloudWatch Events Rule?

Answer 22

AWS Lambda.

Question 23

Which AWS Report gives enables you to view line items for each unique combination of AWS product, usage type, and operation that your AWS account uses?

Answer 23

AWS Cost and Usage Report.

Question 24

Which AWS Service can be used to automatically select and deploy operating system software patches automatically across large groups of instances?

Answer 24

AWS System Manager Patch Manager.

Question 25

Which S3 storage class would you recommend for hosting data that is quickly accessible but infrequently accessed and can also be re-created if required hence offers even cheaper storage costs?

Answer 25

S3 One Zone IA.

Question 26

Which AWS services enable you to perform security assessment against your EC2 instance using pre-defined rules mapped to security best practices, thus enabling you to perform common checks such as access to your EC2 instances from the internet, remote root login being enabled, or vulnerable software versions installed?

Answer 26

AWS Inspector.

Question 27

Which service in AWS protects your virtual network and resources from common Distributed Denial of Service (DDoS) attacks?

Answer 27

AWS Shield.

Question 28

You are building an application for a Wealth Asset Management company which will be used to store portfolio data and transactions of stocks. Mutual funds and Forex purchased. To that end you require a backend database solution that will ensure a ledger-like functionality because they want to maintain an accurate history of their applications’ data, for example, tracking the history of credits and debits for its customers. Which AWS Database Solution would you recommend for this business requirement?

Answer 28

Amazon QLBD.

Question 29

Which of the following is part of the customers’ responsibility regarding the Shared Responsibility Model?

(Choose 2 answers)

Answer 29

1. Configure NACL to only allow inbound ports 80 and 443 to Linux web servers from the Internet.
2. Patch Windows EC2 Instances with the latest security patches.

Question 30

Your eCommerce application is built following a monolith architecture which means that a single component failure often brings the entire app crashing to a halt. Modern software best practices recommend decoupling application components that offer a higher level of redundancy. A requirement for building a decouple microservices architecture is to have a process in place to handle messages between components so that if one component is held up in processing, newer requests/tasks are held in a queue and not lost. Then when that component becomes free, it will be able to poll for new requests/tasks from the queue. Which AWS Service enables you to design a microservices architecture for your eCommerce application?

Answer 30

Amazon SQS.

Question 31

Which feature of the Amazon S3 platform enables you to upload content to a centralized bucket from across any location, such that the data is uploaded via AWS Edge Locations ensuring faster transfer speeds and avoidance of general public Internet congestion?

Answer 31

Amazon S3 Transfer Acceleration.

Question 32

Which AWS Service enables you to purchase and register new domain names that can be used to publish your website on the Internet?

Answer 32

Route53.

Question 33

What is an Amazon Region?

Answer 33

A Geological region comprising Amazon Availability Zones.

Question 34

Which of the following are examples of Amazon AWS Certifications and Attestations for Compliance?

(Choose 3 answers)

Answer 34

1. ISO 27001
2. SOC 3
3. PCI DSS Level1

Question 35

Which AWS service enables you to manage multiple AWS Accounts under a single Master Account where you can apply policies to restrict what services can be configured in each member account?

Answer 35

AWS Organization.

Question 36

You are setting an AWS CloudFront distribution for a new video sharing web application. Your CFO would like to know the costs associated with using CloudFront.

Which of the following is NOT required to estimate the cost of CloudFront?

Answer 36

Data Transfer In.

Question 37

Which of the following is true regarding the Amazon Simple Storage Service (Amazon S3)?

(Select 2 answers)

Answer 37

1. Amazon S3 Standard Storage Class offers 99.999999999.
2. Amazon S3 is Object-Based Storage.

Question 38

Which AWS Service enables you to distribute your digital assets such that it is cached locally to users who attempt to access this content for a time to live, and thus helps to reduce network latency?

Answer 38

AWS CloudFront.

Question 39

Which AWS Service can be used to track costs you have incurred so far in your AWS account with a graphical visualization?

Answer 39

AWS Cost Explorer.

Question 40

As part of ensuring operational excellence, you are required to monitor your EC2 service health in terms of load and traffic to and from those servers. Which AWS service will enable you to build dashboards to get a quick one pane health view of your EC2 farm?

Answer 40

AWS CloudWatch.

Question 41

One of the five design principals of the Performance Efficiency Pillar suggests using a serverless architecture. Which of the following use cases lends itself well to using serverless architecture?

(Choose 2 answers)

Answer 41

1. Using Lambda Functions to start and stop test servers.
2. Hosting a static website on an S3 Bucket.

Question 42

Which AWS Service enables you to analyze streaming data, gain actionable insights, and respond to your business and customer needs in real-time?

Answer 42

Amazon Kinesis Data Analytics.

Question 43

Which tool in Amazon IAM can you use to configure company-wide password rules such as complexity level, number of passwords to remember, and length of password?

Answer 43

Password Policy.

Question 44

What is the maximum file size that you can store in Amazon S3?

Answer 44

5TB.

Question 45

Which AWS services does Amazon CloudWatch use to send out email alerts to administrators when alarms are triggered and enter the ‘Alarm’ state?

Answer 45

Amazon SNS.

Question 46

Which AWS Database service is suitable for your company’s new Smart IoT product ranges, that can be used to manage trillions of events per day and be used to store a time series of events from those devices?

Answer 46

AWS Timestream.

Question 47

Which AWS Services enables developers to create, publish, maintain, monitor, and secure APIs for serverless applications that need to access data, business logic, or functionality from your backend services?

Answer 47

API Gateway.

Question 48

Which AWS service enables you to configure multiple Windows-based EC2 Instances to share and access a common storage solution that is based on using the industry-standard SMB protocol and eliminate the administrative overhead of managing Windows file servers?

Answer 48

Amazon FSx for Windows File Sever.

Question 49

Which AWS Service enables you to use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments?

Answer 49

AWS OpsWorks.

Question 50

Your company provides an Options market trading service. You wish to run the end of day analysis against the day’s transaction costs, perform execution reporting, and conduct market performance analysis. Which AWS service provides Managed Compute Environments that dynamically provisions and scale compute resources based on the volume and resource requirements of your submitted jobs?

Answer 50

AWS Batch.

Question 51

Which of the following is the primary key benefit of using an Amazon RDS Database instead of installing a MySQL compatible database on your EC2 Instance?

Answer 51

Managing of the database including patching and backup is take care of by Amazon.

Question 52

Which AWS Database engine offers up to five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases?

Answer 52

Amazon Aurora.

Question 53

Which AWS Service can be attached to your EC2 Instances and used as a virtual disk?

Answer 53

EBS.

Question 54

Which AWS Service is used to ensure that only specific traffic on specific ports is allowed inbound to your EC2 Instances and act as a firewall at the Instance Level?

Answer 54

Security Groups.

Question 55

Your company manages a fleet of Windows EC2 instances in a VPC (Public/Private Subnet Configuration) for a client. Your team is connecting to the VPC over the Internet to manage the fleet of Amazon EC2 instances running in both the public and private subnets. You have not yet gotten the approval to configure a site-to-site VPN tunnel from your offices to the client’s VPC.
You have added a bastion host with Microsoft Remote Desktop Protocol (RDP) access to the application instance in the private subnet, but the client wants to further limit administrative access to all of the instances in the VPC.

Which of the following bastion host deployment options will meet this requirement?

Answer 55

Configure the Bastion Host in the Public Subnet with an Elastic IP and a Security Group to accept incoming RDP traffic from only your corporate IP address.

Question 56

Where can you set up Billing Alarms?

Answer 56

AWS CloudWatch.

Question 57

Your organization is looking to replace its old desktops and laptops with thin clients and virtual desktop infrastructure in the cloud. Which AWS service offers you the ability to host Windows desktops quickly and at a fraction of the costs of traditional VDI deployments?

Answer 57

AWS Workspaces.

Question 58

Are you allowed to run vulnerability testing against your AWS workloads?

Answer 58

Yes.

Question 59

When an Elastic Load Balancer detects an unhealthy EC2 Instance, what action does it perform in regards to distributing incoming traffic?

Answer 59

It only send traffic to the remaining healthy instances.

Question 60

Which of the following statements are true?

Answer 60

NACLS protect the entire subnets whereas Security Groups protect the individual instance.

Question 61

Which Elastic Load Balancer is ideal for handling volatile workloads and can scale to millions of requests per second?

Answer 61

Network Load Balancer.

Question 62

Which IP Addressing strategy enables you to increase the levels of High Availability for a public-facing EC2 Instance?

Answer 62

Elastic IP Address.

Question 63

Your company is planning on migrating to the AWS Cloud. As part of a one-time data migration effort migration, you need to transfer over 500TB of data to Amazon S3 is a couple of weeks. Which is the most cost-effective strategy to transfer this amount of data to the cloud?

Answer 63

Use the Amazon Snowball Service.

Question 64

Which Amazon S3 service can you use to automatically migrate data from one storage class to another after a set number of days as a means of reducing your costs, especially where frequent instant access may not be required to that subset of data?

Answer 64

Lifecycle Management.

Question 65

One of the five design principals for cost optimization as part of the Well-Architected Framework is to ‘Adopt a Consumption Model’. Which of the following statements in reference holds true for this statement?

Answer 65

For applications running in development and test environments, you should use On-Demend EC2 Instances.