Practice Questions 2

Question 1

AWS offers the ability to download or export many reports within the Management Console that you can then use for local processing or importing into other tools. Which data format is offered to export the data from the Management Console?
A. CSV
B. JSON
C. XML
D. SQL

Answer 1

A. CSV

Question 2

You suspect one of your employees has been violating company policy with the use of AWS services under your account for personal use. Which AWS service would be valuable to investigate their activities?
A. CloudTrail
B. CloudWatch
C. CloudAudit
D. CloudLog

Answer 2

A. CloudTrail

Question 3

Rather than using your on-premises VDI solutions, which AWS service could be leveraged to provide your users the same functionality while removing your need to maintain and support a hardware infrastructure?
A. AppStream
B. WorkSpaces
C. WorkLink
D. AWS DaaS

Answer 3

B. WorkSpaces

Question 4

Your company wants to split budgets out in multiple ways in order to gain insight into costs by department and projects.
Which AWS tool under the Billing Dashboard will allow easy implementation of this?
A. Cost centers
B. Cost graphs
C. Cost categories
D. Cost codes

Answer 4

C. Cost categories

Question 5

AWS incorporates a variety of robust security services to counter common types of web attacks. Which type of attack is the AWS Shield service designed to protect against?
A. Cross-site scripting
B. SQL injection
C. Brute force
D. Distributed Denial of Service

Answer 5

D. Distributed Denial of Service

Question 6

You need to provide application access to a subset of users to test and verify functionality but do not want them to see production data. What type of data deidentification process would you use for this?
A. Static masking
B. Dynamic masking
C. PII masking
D. Sensitivity masking

Answer 6

B. Dynamic masking

Question 7

What is the easiest method to implement encryption at rest within S3 from the perspective of the user?
A. Client-side encryption using keys generated by AWS
B. Server-side encryption using your own keys
C. Server-side encryption using keys generated by AWS
D. Client-side encryption using your own keys

Answer 7

C. Server-side encryption using keys generated by AWS

Question 8

With consolidated billing you can merge multiple accounts into a single bill and leverage the combined resources for discounts on AWS services. Which of the following is not a cost that receives discounts under consolidated billing?
A. EC2
B. Support plans
C. Lambda
D. Fargate

Answer 8

B. Support plans

Question 9

The AWS Marketplace offers images from vendors that are full packages for their products that can be deployed within AWS. Costs for Marketplace offerings have two components. Which of the following are the price components? (Choose two.)
A. S3 costs
B. EC2 costs
C. Support costs
D. Licensing costs
E. Professional services costs

Answer 9

B. EC2 costs

D. Licensing costs

Question 10

Your company has decided to retire their on-premises data warehouse and move to a similar solution in AWS for increased capacity and lower costs. Which AWS service would you explore for this initiative?
A. Redshift
B. Aurora
C. DynamoDB
D. RDS

Answer 10

A. Redshift

Question 11

Which type of service offerings pushes the responsibility for configuration and operations to AWS and leaves the customer only responsible for loading their data?
A. Unmanaged
B. Regulated
C. Managed
D. Offloaded

Answer 11

C. Managed

Question 12

When users are created via the IAM console, what can be used to assign granular levels of access within a service?
A. Groups
B. Roles
C. ACLs
D. Settings

Answer 12

B. Roles

Question 13

A system is able to keep functioning when some portions of it experience an outage of resources. What concept refers to this ability?
A. Availability
B. Resiliency
C. Redundancy
D. Elasticity

Answer 13

B. Resiliency

Question 14

AWS allows for resources to be added to a system without any downtime or interruption to services. What is this concept called?
A. Elasticity
B. Scalability
C. Expandability
D. Portability

Answer 14

A. Elasticity

Question 15

Which component of AWS Systems Manager provides a consolidated view of data from sources such as CloudTrail and CloudWatch to help with the investigation of operational issues?
A. Explorer
B. AppConfig
C. Systems Manager
D. OpsCenter

Answer 15

D. OpsCenter

Question 16

Security groups and access control lists (ACLs) are two means of applying security rules within AWS. Which of the following statements is true?
A. Security groups and ACLs can both be applied to subnets and instances
B. Security groups apply to instances; ACLs apply to subnets
C. Security groups apply to subnets; ACLs apply to instances
D. Security groups and ACLs are only used on subnets

Answer 16

B. Security groups apply to instances; ACLs apply to subnets

Question 17

To help manage versioning in AWS S3, the service provides automation tools, called actions, to handle how versions are stored and when they are removed from the system. Which of the following are the types of actions available? (Choose two.)
A. Archive
B. Transition
C. Delete
D. Rotate
E. Expire

Answer 17

B. Transition

E. Expire

Question 18

Under the AWS Shared Responsibility Model and an IaaS implementation, which of the following areas of responsibility reside with the customer? (Choose two.)
A. Application code
B. Operating system
C. Virtualization
D. Storage
E. Networking

Answer 18

A. Application code

B. Operating system

Question 19

The use of multifactor authentication is imperative to protect accounts with administrative access, especially the root user for your AWS account. Along with a password, which of the following could be used to fulfill multifactor requirements?
A. PIN
B. Question/answer challenge
C. One-time use code
D. Date of birth

Answer 19

C. One-time use code

Question 20

Rather than creating accounts with passwords in AWS, your corporate policies require you to use your internal credentials via federation with AWS. Which technology could you use to establish federated authentication with AWS?
A. JSON
B. HTTPS
C. RADIUS
D. SAML

Answer 20

D. SAML

Question 21

When adding new users in IAM, you want to be able to assign a set of capabilities to them and keep them uniform between those users. Which feature of IAM would you use to accomplish this?
A. Groups
B. Labels
C. Roles
D. Sets

Answer 21

A. Groups

Question 22

Which core concept of cloud computing most relates to the cost-savings benefits you can realize through AWS offerings?
A. Broad network access
B. On-demand self-service
C. Metered service
D. Resource pooling

Answer 22

C. Metered service

Question 23

Which AWS support plan is the lowest level that gives 24/7 access to support?
A. Free
B. Business
C. Enterprise
D. Developer

Answer 23

B. Business

Question 24

Your company has decided for the first time to start using AWS services for storage. As a precondition, your CEO has demanded assurances that you can quickly remove data from AWS should the need arise. Which core concept of cloud computing would this pertain to?
A. Portability
B. Reversibility
C. Interoperability
D. Removability

Answer 24

B. Reversibility

Question 25

The Trust Advisor can flag AWS services that you have provisioned but are inactive or being used below the level for which they are configured. Which area of Trust Advisor would you explore to find this report?
A. Performance
B. Service limits
C. Cost optimization
D. Security

Answer 25

C. Cost optimization

Question 26

You want to do a compliance check with your configurations against best practices. Which AWS service would you use to accomplish this?
A. Trusted Advisor
B. IAM dashboard
C. AWS Management Console
D. AWS System Manager

Answer 26

A. Trusted Advisor

Question 27

You need to offer easy access to your AWS systems from anywhere, but you do not want to deal with many of the problems of BYOD and the security issues associated with it. Which AWS service would you investigate to accomplish this?
A. OpsWorks
B. Lambda
C. Aurora
D. WorkSpaces

Answer 27

D. WorkSpaces

Question 28

When using the AWS Virtual Private Cloud to span between AWS resources and your on-premises resources, what type of cloud deployment are you using?
A. Public
B. Community
C. Private
D. Hybrid

Answer 28

D. Hybrid

Question 29

Which concept of cloud computing refers to the ability of a system to easily move between different cloud providers?
A. Interoperability
B. Portability
C. Moveability
D. Transferability

Answer 29

B. Portability

Question 30

Which AWS database service does not use SQL and is highly optimized for key-value data storage?
A. DynamoDB
B. Aurora
C. Redshift
D. CloudFront

Answer 30

A. DynamoDB

Question 31

Which component of the AWS Management Console allows a user to access the shell and CLI for managing EC2 instances without the use of keys or exposing ports?
A. Run command
B. Distributor
C. Systems Manager
D. Automation

Answer 31

C. Systems Manager

Question 32

An academic institution has a suite of software packages that it wants to make available to students but does not want to distribute software or be responsible for the support of it on student devices. Which AWS service would be the easiest and most cost-effective means to accomplish this?
A. WorkSpaces
B. AppStream
C. WorkLink
D. VirtualApp

Answer 32

B. AppStream

Question 33

Which AWS security service would allow you to apply processing rules to web traffic based upon the contents or type of request?
A. AWS Shield
B. Route 53
C. AWS WAF
D. AWS Inspector

Answer 33

C. AWS WAF

Question 34

Which AWS storage service is used by EC2 instances for high-throughput data operations?
A. S3
B. AWS Storage Gateway
C. Elastic Block Storage
D. AWS Snow

Answer 34

C. Elastic Block Storage

Question 35

You want to use a set of configurations within your code that will use the same key value on all systems but have different values based upon the specific system. Which AWS tool allows you to do this?
A. Parameter store
B. State manager
C. Distributor
D. Automation

Answer 35

A. Parameter store