Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS CCP > Practice Test 1.2 > Flashcards

Practice Test 1.2 Flashcards

1
Q

Which of the following are the advantages of Cloud Computing? (Select three)

  • benefit from massive economies of scale
  • allocate a few months of planning for your infrastructure capacity needs
  • spend money on building and maintaining data centers
  • trade capital expense for variable expense
  • go global in mins and deploy apps in multiple regions around world in few clicks
  • trade variable expense for capital expense
A

Benefit from massive economies of scale
Trade capital expense for variable expense
Go global in minutes and deploy applications in multiple regions around the world with just a few clicks
(1. Trade fixed expense for variable expense – Instead of having to invest heavily in data centers and servers before you know how you’re going to use them, you can pay only when you consume computing resources, and pay only for how much you consume.
2. Benefit from massive economies of scale
3. Stop guessing capacity
4. Increase speed and agility
5. Stop spending money running and maintaining data centers
6. Go global in minutes)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following AWS Support plans provides access to online training with self-paced labs?

  • Basic
  • Developer
  • Enterprise
  • Business
A

Enterprise
AWS offers three different support plans to cater to each of its customers - Developer, Business, and Enterprise Support plans. A basic support plan is included for all AWS customers.

AWS Enterprise Support provides customers with concierge-like service where the main focus is on helping the customer achieve their outcomes and find success in the cloud. With Enterprise Support, you get access to online training with self-paced labs, 24x7 technical support from high-quality engineers, tools and technology to automatically manage the health of your environment, consultative architectural guidance, a designated Technical Account Manager (TAM) to coordinate access to proactive/preventative programs and AWS subject matter experts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Compared to the On-demand prices, what is the highest possible discount offered for spot instances?

  • 10
  • 75
  • 90
  • 50
A

90

Amazon EC2 Spot Instances let you take advantage of unused EC2 capacity in the AWS cloud. Spot Instances are available at up to a 90% discount compared to On-Demand prices. You can use Spot Instances for various stateless, fault-tolerant, or flexible applications such as big data, containerized workloads, CI/CD, web servers, high-performance computing (HPC), and other test & development workloads.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following AWS services support reservations to optimize costs? (Select three)?

  • Lambda
  • EC2 Instances
  • RDS
  • DocumentDB
  • DynamoDB
  • S3
A

EC2 Instances

DynamoDB

RDS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AWS Web Application Firewall (WAF) offers protection from common web exploits at which layer?

  • Layer 7
  • Layer 4
  • Layer 4 & 7
  • Layer 3
A

Layer 7
AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to an Amazon API Gateway API, Amazon CloudFront or an Application Load Balancer. HTTP and HTTPS requests are part of the Application layer, which is layer 7.

Incorrect options:
Layer 3 - Layer 3 is the Network layer and this layer decides which physical path data will take when it moves on the network. AWS Shield offers protection at this layer. WAF does not offer protection at this layer.
Layer 4 - Layer 4 is the Transport layer and this layer data transmission occurs using TCP or UDP protocols. AWS Shield offers protection at this layer. WAF does not offer protection at this layer.
Layer 4 and 7 - This option has been added as a distractor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which AWS services can be used to facilitate organizational change management, part of the Reliability pillar of AWS Well-Architected Framework? (Select three)

  • AWS CloudTrail
  • AWS Trusted Advisor
  • AWS Config
  • Amazon CloudWatch
  • Amazon Inspector
  • Amazon GuardDuty
A

AWS Config - AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.

AWS CloudTrail - AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command-line tools, and other AWS services.

Amazon CloudWatch - Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. CloudWatch provides data and actionable insights to monitor applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following AWS Support plans provides access to Infrastructure Event Management for an additional fee?

  • Enterprise
  • Basic
  • Developer
  • Business
A

Business - AWS recommends Business Support if you have production workloads on AWS and want 24x7 phone, email and chat access to technical support and architectural guidance in the context of your specific use-cases. You get full access to AWS Trusted Advisor Best Practice Checks. Also, you get access to Infrastructure Event Management for an additional fee.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is CORRECT regarding removing an AWS account from AWS Organizations?

  • The AWS account can be removed from AWS Systems Manager
  • The AWS account must be able to operate as a standalone account. Only then it can be removed from AWS organizations
  • Raise a support ticket with AWS Support to remove the account
  • The AWS account must not have any Service Control Policies (SCPs) attached to it. Only then it can be removed from AWS organizations
A

The AWS account must be able to operate as a standalone account. Only then it can be removed from AWS organizations

You can remove an account from your organization only if the account has the information that is required for it to operate as a standalone account. For each account that you want to make standalone, you must accept the AWS Customer Agreement, choose a support plan, provide and verify the required contact information, and provide a current payment method. AWS uses the payment method to charge for any billable (not AWS Free Tier) AWS activity that occurs while the account isn’t attached to an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following entities applies patches to the underlying OS for AWS Aurora?

  • The AWS Support after receiving a request from the customer
  • The AWS customer by using AWS Systems Manager
  • The AWS customer by SSHing on the instances
  • The AWS Product Team automatically
A

The AWS Product Team automatically

Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud. Amazon Aurora is fully managed by Amazon Relational Database Service (RDS), which automates time-consuming administration tasks like hardware provisioning, database setup, patching, and backups. The AWS Product team is responsible for applying patches to the underlying OS for AWS Aurora.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following AWS Support plans provide access to guidance, configuration, and troubleshooting of AWS interoperability with third-party software? (Select two)

  • Business
  • Corporate
  • Developer
  • Basic
  • Enterprise
A

Enterprise - AWS Enterprise Support provides customers with concierge-like service where the main focus is helping the customer achieve their outcomes and find success in the cloud. With Enterprise Support, you get 24x7 technical support from high-quality engineers, tools and technology to automatically manage the health of your environment, consultative architectural guidance delivered in the context of your applications and use-cases, and a designated Technical Account Manager (TAM) to coordinate access to proactive/preventative programs and AWS subject matter experts. You get access to guidance, configuration, and troubleshooting of AWS interoperability with many common operating systems, platforms, and application stack components.

Business - AWS recommends Business Support if you have production workloads on AWS and want 24x7 phone, email and chat access to technical support and architectural guidance in the context of your specific use-cases. You get full access to AWS Trusted Advisor Best Practice Checks. You get access to guidance, configuration, and troubleshooting of AWS interoperability with many common operating systems, platforms, and application stack components.
https://aws.amazon.com/premiumsupport/plans/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following are correct statements regarding the AWS Global Infrastructure? (Select two)

  • Each AWS Region consists of two or more Availability Zones
  • Each AWS Region consists of one or more Availability Zones
  • Each Availability Zone (AZ) consists of two or more discrete data centers
  • Each AWS Region consists of two or more Edge Locations
  • Each Availability Zone (AZ) consists of one or more discrete data centers
A

Each AWS Region consists of two or more Availability Zones

Each Availability Zone (AZ) consists of one or more discrete data centers

AWS has the concept of a Region, which is a physical location around the world where AWS clusters data centers. Each AWS Region consists of multiple (two or more), isolated, and physically separate AZ’s within a geographic area. Each AZ has independent power, cooling, and physical security and is connected via redundant, ultra-low-latency networks.

An Availability Zone (AZ) is one or more discrete data centers with redundant power, networking, and connectivity in an AWS Region. All AZ’s in an AWS Region are interconnected with high-bandwidth, low-latency networking, over fully redundant, dedicated metro fiber providing high-throughput, low-latency networking between AZ’s.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The DevOps team at an IT company is moving 500 GB of data from an EC2 instance to an S3 bucket in the same region. Which of the following scenario captures the correct charges for this data transfer?

  • The company would only be charged for the outbound data transfer from EC2 instance
  • The company would not be charged for this data transfer
  • The company would only be charged for the inbound data transfer into the S3 bucket
  • The company would be charged for both the outbound data transfer from EC2 instance as well as the inbound data transfer into the S3 bucket
A

The company would not be charged for this data transfer

There are three fundamental drivers of cost with AWS: compute, storage, and outbound data transfer. In most cases, there is no charge for inbound data transfer or data transfer between other AWS services within the same region. Outbound data transfer is aggregated across services and then charged at the outbound data transfer rate.

Per AWS pricing, data transfer between S3 and EC2 instances within the same region is not charged, so there would be no data transfer charge for moving 500 GB of data from an EC2 instance to an S3 bucket in the same region.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A big data analytics company is moving its IT infrastructure from an on-premises data center to AWS Cloud. The company has some server-bound software licenses that it wants to use on AWS. As a Cloud Practitioner, which of the following EC2 instance types would you recommend to the company?

  • Dedicated Instance
  • Reserved Instance
  • On-Demand Instance
  • Dedicated Host
A

Dedicated host

Amazon EC2 Dedicated Hosts allow you to use your eligible software licenses from vendors such as Microsoft and Oracle on Amazon EC2. An Amazon EC2 Dedicated Host is a physical server fully dedicated for your use, so you can help address corporate compliance requirements.

Incorrect:
via - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html
Dedicated instance - Dedicated Instances are Amazon EC2 instances that run in a virtual private cloud (VPC) on hardware that’s dedicated to a single customer. Dedicated Instances that belong to different AWS accounts are physically isolated at the hardware level. However, Dedicated Instances may share hardware with other instances from the same AWS account that are not Dedicated Instances. You cannot use Dedicated Instances for using server-bound software licenses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

AWS Shield Advanced provides expanded DDoS attack protection for web applications running on which of the following resources? (Select two)

  • Amazon Route 53
  • Amazon API Gateway
  • AWS Global Accelerator
  • AWS CloudFormation
  • AWS Elastic Beanstalk
A

Amazon Route 53
AWS Global Accelerator

AWS Shield Standard is activated for all AWS customers, by default. For higher levels of protection against attacks, you can subscribe to AWS Shield Advanced. With Shield Advanced, you also have exclusive access to advanced, real-time metrics and reports for extensive visibility into attacks on your AWS resources. With the assistance of the DRT (DDoS response team), AWS Shield Advanced includes intelligent DDoS attack detection and mitigation for not only for network layer (layer 3) and transport layer (layer 4) attacks but also for application layer (layer 7) attacks.

AWS Shield Advanced provides expanded DDoS attack protection for web applications running on the following resources: Amazon Elastic Compute Cloud, Elastic Load Balancing (ELB), Amazon CloudFront, Amazon Route 53, AWS Global Accelerator.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following statements are CORRECT regarding the AWS VPC service? (Select two)

  • A Security Group can have allow rules only
  • A Security Group can have both allow and deny rules
  • A NAT Instance is managed by AWS
  • A NACL can have allow rules only
  • A NAT Gateway is managed by AWS
A

A Security Group can have allow rules only

A NAT Gateway is managed by AWS

A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. Security groups act at the instance level, not at the subnet level. You can specify allow rules, but not deny rules. You can specify separate rules for inbound and outbound traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following AWS services has encryption enabled by default?

  • CloudTrail Logs
  • EFS
  • S3
  • EBS
A

CloudTrail Logs

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. CloudTrail can be used to record AWS API calls and other activity for your AWS account and save the recorded information to log files in an Amazon Simple Storage Service (Amazon S3) bucket that you choose. By default, the log files delivered by CloudTrail to your S3 bucket are encrypted using server-side encryption with Amazon S3–managed encryption keys (SSE-S3).

17
Q

Which AWS service will help you receive alerts when the reservation utilization falls below the defined threshold?

  • AWS Pricing Calculator
  • AWS CloudTrail
  • AWS Budgets
  • AWS Trusted Advisor
A

AWS Budgets

AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount.

You can also use AWS Budgets to set reservation utilization or coverage targets and receive alerts when your utilization drops below the threshold you define. Reservation alerts are supported for Amazon EC2, Amazon RDS, Amazon Redshift, Amazon ElastiCache, and Amazon Elasticsearch reservations.

18
Q

A company wants to identify the optimal AWS resource configuration for its workloads so that the company can reduce costs and increase workload performance. Which of the following services can be used to meet this requirement?

  • AWS Systems Manager
  • AWS Cost Explorer
  • AWS Budgets
  • AWS Compute Optimizer
A

AWS Compute Optimizer - AWS Compute Optimizer recommends optimal AWS resources for your workloads to reduce costs and improve performance by using machine learning to analyze historical utilization metrics. Over-provisioning resources can lead to unnecessary infrastructure costs, and under-provisioning resources can lead to poor application performance. Compute Optimizer helps you choose optimal configurations for three types of AWS resources: Amazon EC2 instances, Amazon EBS volumes, and AWS Lambda functions, based on your utilization data.

Compute Optimizer recommends up to 3 options from 140+ EC2 instance types, as well as a wide range of EBS volume and Lambda function configuration options, to right-size your workloads. Compute Optimizer also projects what the CPU utilization, memory utilization, and run time of your workload would have been on recommended AWS resource options. This helps you understand how your workload would have performed on the recommended options before implementing the recommendations.

19
Q

Which of the following statements are CORRECT regarding the Availability Zone (AZ) specific characteristics of EBS and EFS storage types?
-EBS volume can be attached to a single instance in the same Availability Zone whereas
EFS file system can be mounted on instances across multiple Availability Zones
-EBS volume can be attached to one or more instances in multiple Availability Zones and
EFS file system can be mounted on instances in the same Availability Zone
-EBS volume can be attached to a single instance in the same Availability Zone and EFS
file system can only be mounted on instances in the same Availability Zone
-EBS volume can be attached to one or more instances in multiple Availability Zones and
EFS file system can be mounted on instances across multiple Availability Zones

A

EBS volume can be attached to a single instance in the same Availability Zone whereas EFS file system can be mounted on instances across multiple Availability Zones

Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. It is built to scale on-demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.

The service is designed to be highly scalable, highly available, and highly durable. Amazon EFS file systems store data and metadata across multiple Availability Zones in an AWS Region. EFS file system can be mounted on instances across multiple Availability Zones.

Amazon Elastic Block Store (EBS) is an easy to use, high-performance block storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction-intensive workloads at any scale.

Designed for mission-critical systems, EBS volumes are replicated within an Availability Zone (AZ) and can easily scale to petabytes of data. You can attach an available EBS volume to one instance that is in the same Availability Zone as the volume.

20
Q

What is AWS Step Function?

A

lets you coordinate multiple AWS services into serverless workflows. You can design and run workflows that stitch together services such as AWS Lambda, AWS Glue and Amazon SageMaker.

21
Q

A research group wants to use EC2 instances to run a scientific computation application that has a fault tolerant architecture. The application needs high-performance hardware disks that provide fast I/O performance. As a Cloud Practitioner, which of the following storage options would you recommend as the MOST cost-effective solution?

  • Instance Store
  • S3
  • EBS
  • EFS
A

An instance store provides temporary block-level storage for your instance. This storage is located on disks that are physically attached to the host computer. This is a good option when you need storage with very low latency, but you don’t need the data to persist when the instance terminates or you can take advantage of fault-tolerant architectures. For this use-case, the computation application itself has a fault tolerant architecture, so it can automatically handle any failures of Instance Store volumes.

As the Instance Store volumes are included as part of the instance’s usage cost, therefore this is the correct option.

22
Q

Which AWS Support plan provides architectural guidance contextual to your specific use-cases?

  • Developer
  • Business
  • Enterprise
  • Basic
A

Business - AWS recommends Business Support if you have production workloads on AWS and want 24x7 phone, email and chat access to technical support and architectural guidance in the context of your specific use-cases. You get full access to AWS Trusted Advisor Best Practice Checks. You also get access to Infrastructure Event Management for an additional fee.

23
Q

Which of the following AWS services support VPC Endpoint Gateway for a private connection from a VPC? (Select two)

  • Amazon SNS
  • Amazon SQS
  • DynamoDB
  • Amazon EC2
  • S3
A

S3 & DynamoDB
A VPC endpoint enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by AWS PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. Instances in your VPC do not require public IP addresses to communicate with resources in the service. Traffic between your VPC and the other service does not leave the Amazon network.

There are two types of VPC endpoints: interface endpoints and gateway endpoints.
An interface endpoint is an elastic network interface with a private IP address from the IP address range of your subnet that serves as an entry point for traffic destined to a supported service. Interface endpoints are powered by AWS PrivateLink, a technology that enables you to privately access services by using private IP addresses.

A gateway endpoint is a gateway that you specify as a target for a route in your route table for traffic destined to a supported AWS service. The following AWS services are supported: Amazon S3 // DynamoDB
Exam Alert:
You may see a question around this concept in the exam. Just remember that only S3 and DynamoDB support VPC Endpoint Gateway. All other services that support VPC Endpoints use a VPC Endpoint Interface.

AWS CCP (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions