Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

aws practitioner > Practice Test 2: Practice Test #2 - AWS Certified Cloud Practitioner > Flashcards

Practice Test 2: Practice Test #2 - AWS Certified Cloud Practitioner Flashcards

1
Q

Which of the following AWS services are always free to use (Select two)?
- s3
- AWS Auto Scaling
- EC2
- AWS IAM
- DynamoDB

A
  • AWS Auto Scaling
  • AWS IAM
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What foundational capability under the operations perspective is part of the AWS Cloud Adoption Framework (AWS CAF)?
- Vulnerability management
- Application portfolio management
- Performance and capacity management
- Platform engineering

A

Performance and capacity management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

According to the AWS Shared Responsibility Model, which of the following are responsibilities of the customer for Amazon RDS?
- Managing the underlying server hardware on which Amazon RDS runs
- Applying patches to the underlying OS
- Applying patches to the Amazon RDS database
- Database encryption

A

Database encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following use-cases is NOT supported by Amazon Rekognition?
- Quick resize photos to create thumbnails
- Identify person in a photo
- Detect text in a photo
- Label objects in a photo

A

Quick resize photos to create thumbnails

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Multi-AZ deployment is an example of which of the following?
- High Availability
- Scale out
- Scale up
- Performance Efficiency

A

High Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Access Key ID and Secret Access Key are tied to which of the following AWS Identity and Access Management (AWS IAM) entities?
- IAM Role
- IAM User Group
- IAM User
- IAM Policy

A

IAM User

Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK). Access keys consist of two parts: an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). As a user name and password, you must use both the access key ID and secret access key together to authenticate your requests. Access Keys are secret, just like a password. You should never share them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which types of storage are s3, EBS and EFS?

A

Amazon Simple Storage Service (Amazon S3) is object based storage, Amazon Elastic Block Store (Amazon EBS) is block based storage and Amazon Elastic File System (Amazon EFS) is file based storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following AWS services allows a database to have flexible schema and supports document data models?
- DynamoDB
- Aurora
- Redshift
- RDS

A

DynamoDB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The engineering team at an IT company wants to monitor the CPU utilization for its fleet of Amazon Elastic Compute Cloud (Amazon EC2) instances and send an email to the administrator if the utilization exceeds 80%. As a Cloud Practitioner, which AWS services would you recommend to build this solution? (Select two)
- AWS Lambda
- SNS
- SQS
- AWS CloudTrail
- Amazon CloudWatch

A
  • SNS
  • Amazon CloudWatch
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which characteristic of Cloud Computing imparts the ability to acquire resources as you need and release when you no longer need them?
- Reliability
- Resiliency
- Durability
- Elasticity

A

Elasticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A company is using a message broker service on its on-premises application and wants to move this messaging functionality to AWS Cloud. Which of the following AWS services is the right choice to move the existing functionality easily?
- Amazon Kinesis Data Streams
- SNS
- Amazon MQ
- SQS

A

Amazon MQ

Amazon MQ is a managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easy to set up and operate message brokers on AWS. Amazon MQ reduces your operational responsibilities by managing the provisioning, setup, and maintenance of message brokers for you. Because Amazon MQ connects to your current applications with industry-standard APIs and protocols, you can easily migrate to AWS without having to rewrite code.

If you’re using messaging with existing applications, and want to move the messaging functionality to the cloud quickly and easily, AWS recommends you consider Amazon MQ. It supports industry-standard APIs and protocols so you can switch from any standards-based message broker to Amazon MQ without rewriting the messaging code in your applications. If you are building brand new applications in the cloud, AWS recommends you consider Amazon SQS and Amazon SNS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which Amazon Route 53 routing policy would you use to improve the performance for your customers by routing the requests to the AWS endpoint that provides the fastest experience?
- Lantecy-based routing
- Simple routing
- Weighted routing
- Failover routing

A

Lantecy-based routing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following statements are true about AWS Lambda? (Select two)
- AWS Lambda allows you to orchestrate and manage Docker containers to facilitate complex containerized applications on AWS
- AWS Lambda provides access to the underlying operating system to control its behavior through code
- AWS Lambda lets you run code without provisioning or managing servers
- You pay for the compute time you consume for AWS Lambda
- AWS Lambda allows you to install databases on the underlying serverless Operating System

A
  • AWS Lambda lets you run code without provisioning or managing servers
  • You pay for the compute time you consume for AWS Lambda
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which AWS service helps with global application availability and performance using the AWS global network?
- ELB
- Route 53
- AWS Global Accelerator
- Amazon CloudFront

A

AWS Global Accelerator

AWS Global Accelerator is a service that improves the availability and performance of your applications with local or global users. It provides static IP addresses that act as a fixed entry point to your application endpoints in a single or multiple AWS Regions, such as your Application Load Balancers, Network Load Balancers, or Amazon EC2 instances. AWS Global Accelerator uses the AWS global network to optimize the path from your users to your applications, improving the performance of your traffic by as much as 60%.

AWS Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions. AWS Global Accelerator is a good fit for non-HTTP use cases, such as gaming (UDP), IoT (MQTT), or Voice over IP, as well as for HTTP use cases that specifically require static IP addresses or deterministic, fast regional failover.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which AWS service can be used to store, manage, and deploy Docker container images?
- EC2
- AWS Lambda
- ECR (Elastic Container Registry)
- ECS (Elastic Container Service)

A

ECR (Elastic Container Registry)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A company’s flagship application runs on a fleet of Amazon Elastic Compute Cloud (Amazon EC2) instances. As per the new policies, the system administrators are looking for the best way to provide secure shell access to Amazon Elastic Compute Cloud (Amazon EC2) instances without opening new ports or using public IP addresses.

Which tool/service will help you achieve this requirement?
- Route 53
- AWS System Manager Session Manager
- Amazon Inspector
- EC2 Instance Connect

A

AWS System Manager Session Manager

AWS Systems Manager Session Manager is a fully-managed service that provides you with an interactive browser-based shell and CLI experience. It helps provide secure and auditable instance management without the need to open inbound ports, maintain bastion hosts, and manage SSH keys. AWS Systems Manager Session Manager helps to enable compliance with corporate policies that require controlled access to instances, increase security and auditability of access to the instances while providing simplicity and cross-platform instance access to end-users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A customer has created a VPC and a subnet within AWS Cloud. Which of the following statements is correct?
- A subnet spans all of the Availability Zones (AZ) in the Region whereas an Amazon Virtual Private Cloud (Amazon VPC) spans only one Availability Zone (AZ) in the Region
- Both the Amazon Virtual Private Cloud (Amazon VPC) and the subnet span only one Availability Zone (AZ) in the Region
- An Amazon Virtual Private Cloud (Amazon VPC) spans all of the Availability Zones (AZ) in the Region whereas a subnet spans only one Availability Zone (AZ) in the Region
- Both the Amazon Virtual Private Cloud (Amazon VPC) and the subnet span all of the Availability Zones (AZ) in the Region

A

An Amazon Virtual Private Cloud (Amazon VPC) spans all of the Availability Zones (AZ) in the Region whereas a subnet spans only one Availability Zone (AZ) in the Region

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which tool will help you review your workloads against current AWS best practices for cost optimization, security, and performance improvement and then obtain advice to architect them better?
- AWS Trusted Advisor
- AWS Cost Explorer
- Amazon Inspector
- Amazon CloudWatch

A

AWS Trusted Advisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following AWS services comes under the Software as a Service (SaaS) Cloud Computing Type?
- ELB
- Amazon Rekognition
- AWS Elastic BeanStalk
- EC2

A

Amazon Rekognition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which AWS service publishes up-to-the-minute information on the general status and availability of all AWS services in all the Regions of AWS Cloud?
- AWS Health Dashboard - service health
- AWS Health Dashboard - Your account health
- Amazon CloudWatch
- AWS CloudFormation

A

AWS Health Dashboard - service health

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following solutions can you use to connect your on-premises network with AWS Cloud (Select two)?
- AWS Direct Connect
- AWS Virtual Private Network (VPN)
- Internet Gateway
- Amazon Virtual Private Cloud (Amazon VPC)
- Amazon Route 53

A
  • AWS Direct Connect
  • AWS Virtual Private Network (VPN)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

AWS Compute Optimizer delivers recommendations for which of the following AWS resources? (Select two)
- AWS Lambda functions, Amazon Simple Storage Service (Amazon S3)
- Amazon Elastic File System (Amazon EFS), AWS Lambda functions
- Amazon Elastic Block Store (Amazon EBS), AWS Lambda functions
- Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon Elastic File System (Amazon EFS)
- Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon EC2 Auto Scaling groups

A
  • Amazon Elastic Block Store (Amazon EBS), AWS Lambda functions
  • Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon EC2 Auto Scaling groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the following statements is INCORRECT about AWS Auto Scaling?
- You can scale out and add more Amazon Elastic Compute Cloud (Amazon EC2) instances to match an increase in demand as well as scale in and remove Amazon Elastic Compute Cloud (Amazon EC2) instances to match a reduced demand
- You can automatically deploy AWS Shield when a DDoS attack is detected
- You can automatically remove unhealthy instances
- You can automatically register new instances to a load balancer

A

You can automatically deploy AWS Shield when a DDoS attack is detected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which of the following statement is correct for a Security Group and a Network Access Control List (Network ACL)?
- Security Group acts as a firewall at the Availability Zone (AZ) level whereas Network Access Control List (Network ACL) acts as a firewall at the VPC level
- Security Group acts as a firewall at the instance level whereas Network Access Control List (Network ACL) acts as a firewall at the subnet level
- Security Group acts as a firewall at the VPC level whereas Network Access Control List (Network ACL) acts as a firewall at the Availability Zone (AZ) level
- Security Group acts as a firewall at the subnet level whereas Network Access Control List (Network ACL) acts as a firewall at the instance level

A

Security Group acts as a firewall at the instance level whereas Network Access Control List (Network ACL) acts as a firewall at the subnet level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

An online gaming company wants to block users from certain geographies from accessing its content. Which AWS service can be used to accomplish this task?
- AWS Web Application Firewall (AWS WAF)
- Amazon CloudWatch
- Security group
- AWS Shield

A

AWS Web Application Firewall (AWS WAF)

aclaracion:
Network ACLs: Simple, subnet-level security at the network layer.
AWS WAF: Advanced, application-layer security for web traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the primary benefit of deploying an Amazon RDS Multi-AZ database with one standby?
- Amazon RDS Multi-AZ improves database performance for read-heavy workloads
- Amazon RDS Multi-AZ enhances database availability
- Amazon RDS Multi-AZ reduces database usage costs
- Amazon RDS Multi-AZ protects the database from a regional failure

A

Amazon RDS Multi-AZ enhances database availability

27
Q

Due to regulatory and compliance reasons, an organization is supposed to use a hardware device for any data encryption operations in the cloud. Which AWS service can be used to meet this compliance requirement?
- AWS Trusted Advisor
- AWS Secrets Manager
- AWS CloudHSM
- AWS Key Management Service (AWS KMS)

A

cloud-based Hardware Security Module (HSM)

28
Q

An e-commerce company wants to store data from a recommendation engine in a database. As a Cloud Practioner, which AWS service would you recommend to provide this functionality with the LEAST operational overhead for any scale?
- Amazon Relational Database Service (Amazon RDS)
- Amazon Neptune
- Amazon Simple Storage Service (Amazon S3)
- Amazon DynamoDB

A

Amazon DynamoDB

29
Q

A company wants a fully managed, flexible, and scalable file storage system, with low latency access, for its Windows-based applications. Which AWS service is the right choice for the company?
- Amazon Elastic Block Storage (Amazon EBS)
- Amazon FSx for Windows File Server
- Amazon FSx for Lustre
- Amazon Elastic File System (Amazon EFS)

A

Amazon FSx for Windows File Server

30
Q

Which of the following AWS services are global in scope? (Select two)
- Amazon Simple Storage Service (Amazon S3)
- AWS Identity and Access Management (AWS IAM)
- Amazon Relational Database Service (Amazon RDS)
- Amazon CloudFront
- Amazon Elastic Compute Cloud (Amazon EC2)

A
  • Amazon CloudFront
  • AWS Identity and Access Management (AWS IAM)

Most of the services that AWS offers are Region specific. But few services, by definition, need to be in a global scope because of the underlying service they offer. AWS Identity and Access Management (AWS IAM), Amazon CloudFront, Amazon Route 53 and AWS Web Application Firewall (AWS WAF) are some of the global services.

31
Q

As per the AWS Shared Responsibility Model, which of the following is a responsibility of AWS from a security and compliance point of view?
- Customer Data
- Edge Location Management
- Identity and Access Management
- Server-side Encryption (SSE)

A

Edge Location Management

AWS is responsible for security “of” the cloud. This covers their global infrastructure elements including Regions, Availability Zones (AZ), and Edge Locations.

32
Q

Which AWS support plan provides access to a designated Technical Account Manager (TAM)?
- AWS Enterprise On-Ramp Support
- AWS Developer Support
- AWS Enterprise Support
- AWS Business Support

A

AWS Enterprise Support

33
Q

Which of the following statement is correct regarding the AWS pricing policy for data transfer charges into or out of an AWS Region?
- Only outbound data transfer is charged
- Neither inbound nor outbound data transfer are charged
- Only inbound data transfer is charged
- Both inbound data transfer and outbound data transfer are charged

A

Only outbound data transfer is charged (no quieren que te vayas)

34
Q

What are the fundamental drivers of cost with AWS Cloud?
- Compute, Databases and Inbound Data Transfe
- Compute, Databases and Outbound Data Transfer
- Compute, Storage and Outbound Data Transfer
- Compute, Storage and Inbound Data Transfer

A

Compute, Storage and Outbound Data Transfer

35
Q

What are the different gateway types supported by AWS Storage Gateway service?
- Tape Gateway, File Gateway and Block Gateway
- Tape Gateway, File Gateway and Volume Gateway
- Tape Gateway, Object Gateway and Volume Gateway
- Object Gateway, File Gateway and Block Gateway

A

Tape Gateway, File Gateway and Volume Gateway

AWS Storage Gateway is a hybrid cloud storage service that connects your existing on-premises environments with the AWS Cloud. Customers use Storage Gateway to simplify storage management and reduce costs for key hybrid cloud storage use cases. These include moving tape backups to the cloud, reducing on-premises storage with cloud-backed file shares, providing low latency access to data in AWS for on-premises applications, as well as various migration, archiving, processing, and disaster recovery use cases.

AWS Storage Gateway service provides three different types of gateways – Tape Gateway, File Gateway, and Volume Gateway – that seamlessly connect on-premises applications to cloud storage, caching data locally for low-latency access.

36
Q

Which AWS compute service provides the EASIEST way to access resizable compute capacity in the cloud with support for per-second billing and access to the underlying OS?
- Amazon Lightsail
- Amazon Elastic Compute Cloud (Amazon EC2)
- AWS Lambda
- Amazon Elastic Container Service (Amazon ECS)

A

Amazon Elastic Compute Cloud (Amazon EC2)

37
Q

Which of the following statements are correct about the AWS root user account? (Select two)
- Root user account password cannot be changed once it is set
- Root user account gets unrestricted permissions when the account is created, but these can be restricted using IAM policies
- Root user access credentials are the email address and password used to create the AWS account
- Root user credentials should only be shared with managers requiring administrative responsibilities to complete their jobs
- It is highly recommended to enable Multi-Factor Authentication (MFA) for root user account

A
  • Root user access credentials are the email address and password used to create the AWS account
  • It is highly recommended to enable Multi-Factor Authentication (MFA) for root user account
38
Q

Which AWS service can be used to provision resources to run big data workloads on Hadoop clusters?
- Amazon Elastic Compute Cloud (Amazon EC2)
- Amazon EMR
- AWS Batch
- AWS Step Functions

A

Amazon EMR (Elastic MapReduce)

Amazon EMR is the industry-leading cloud big data platform for processing vast amounts of data using open source tools such as Hadoop, Apache Spark, Apache Hive, Apache HBase, Apache Flink, Apache Hudi, and Presto. Amazon EMR can be used to provision resources to run big data workloads on Hadoop clusters.

39
Q

A gaming company is looking at a technology/service that can deliver a consistent low-latency gameplay to ensure a great user experience for end-users in various locations.

Which AWS technology/service will provide the necessary low-latency access to the end-users?
- AWS Direct Connect
- AWS Local Zones
- AWS Wavelength
- AWS Edge Locations

A

AWS Local Zones

AWS Local Zones allow you to use select AWS services, like compute and storage services, closer to more end-users, providing them very low latency access to the applications running locally. AWS Local Zones are also connected to the parent region via Amazon’s redundant and very high bandwidth private network, giving applications running in AWS Local Zones fast, secure, and seamless access to the rest of AWS services.

You should use AWS Local Zones to deploy workloads closer to your end-users for low-latency requirements. AWS Local Zones have their connection to the internet and support AWS Direct Connect, so resources created in the Local Zone can serve local end-users with very low-latency communications.

40
Q

The AWS Cloud Adoption Framework (AWS CAF) recommends four iterative and incremental cloud transformation phases. Which cloud transformation journey phase of the AWS Cloud Adoption Framework (AWS CAF) focuses on demonstrating how the cloud will help accelerate your business outcomes?
- Envision
- Launch
- Scale
- Align

A

Envision

41
Q

Which AWS service should be used when you want to run container applications, but want to avoid the operational overhead of scaling, patching, securing, and managing servers?
- AWS Lambda
- Amazon Elastic Container Service (Amazon ECS) - EC2 launch type
- Amazon Elastic Container Service (Amazon ECS) - Fargate launch type
- Amazon Elastic Compute Cloud (Amazon EC2)

A

Amazon Elastic Container Service (Amazon ECS) - Fargate launch type

42
Q

Which AWS technology/service helps you to scale your resources to match supply with demand while still keeping your cloud solution cost-effective?
- AWS Cost Explorer
- AWS CloudFormation
- AWS OpsWorks
- AWS Auto Scaling

A

AWS Auto Scaling

43
Q

A startup is looking for 24x7 phone based technical support for its AWS account. Which of the following is the MOST cost-effective AWS support plan for this use-case?
- AWS Enterprise Support
- AWS Business Support
- AWS Developer Support
- AWS Enterprise On-Ramp Support

A

AWS Business Support

44
Q

Which Amazon Elastic Compute Cloud (Amazon EC2) pricing model is the most cost-effective and flexible with no requirement for a long term resource commitment or upfront payment but still guarantees that instance would not be interrupted?
- Dedicated Host
- On-demand Instance
- Spot Instance
- Reserved Instance (RI)

A

On-demand Instance

45
Q

A data analytics company stores its data on Amazon Simple Storage Service (Amazon S3) and wants to do SQL based analysis on this data with minimum effort. As a Cloud Practitioner, which of the following AWS services will you suggest for this use case?
- Amazon Redshift
- Amazon Aurora
- Amazon Athena
- Amazon DynamoDB

A

Amazon Athena

Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Amazon Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.

46
Q

Which of the following are examples of Horizontal Scalability (aka Elasticity)? (Select two)
- Elastic Load Balancing (ELB)
- Add a bigger CPU to a computer
- Modify a Database instance to higher CPU and RAM
- Read Replicas in Amazon Relational Database Service (Amazon RDS)
- Modify an EC2 instance type from t2.nano to u-12tb1.metal

A
  • Elastic Load Balancing (ELB)
  • Read Replicas in Amazon Relational Database Service (Amazon RDS)
47
Q

An e-commerce company wants to assess its applications deployed on Amazon Elastic Compute Cloud (Amazon EC2) instances for vulnerabilities and deviations from AWS best practices. Which AWS service can be used to facilitate this?
- AWS CloudHSM
- AWS Trusted Advisor
- Amazon Inspector
- AWS Secrets Manager

A

Amazon Inspector

48
Q

A developer has written a simple web application in PHP and he wants to just upload his code to AWS Cloud and have AWS handle the deployment automatically but still wants access to the underlying operating system for further enhancements. As a Cloud Practioner, which of the following AWS services would you recommend for this use-case?
- Amazon Elastic Compute Cloud (Amazon EC2)
- Amazon Elastic Container Service (Amazon ECS)
- AWS Elastic Beanstalk
- AWS CloudFormation

A

AWS Elastic Beanstalk

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS. Simply upload your code and AWS Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, auto-scaling to application health monitoring. At the same time, you retain full control over the AWS resources powering your application and can access the underlying resources at any time. There is no additional charge for AWS Elastic Beanstalk - you pay only for the AWS resources needed to store and run your applications.

49
Q

An IT company wants to run a log backup process every Monday at 2 AM. The usual runtime of the process is 5 minutes. As a Cloud Practitioner, which AWS services would you recommend to build a serverless solution for this use-case? (Select two)
- AWS Systems Manager
- AWS Step Function
- AWS Lambda
- Amazon Eventbridge
- Amazon Elastic Compute Cloud (Amazon EC2)

A
  • AWS Lambda
  • Amazon Eventbridge

Amazon EventBridge is a service that provides real-time access to changes in data in AWS services, your own applications, and software as a service (SaaS) applications without writing code. Amazon EventBridge Scheduler is a serverless task scheduler that simplifies creating, executing, and managing millions of schedules across AWS services without provisioning or managing underlying infrastructure.

50
Q

As per the AWS Shared Responsibility Model, which of the following is a responsibility of the customer from a security and compliance point of view?
- Availability Zone (AZ) infrastructure management
- Patching/fixing flaws within the AWS infrastructure
- Managing patches of the guest operating system on Amazon Elastic Compute Cloud (Amazon EC2)
- Configuration management for AWS global infrastructure

A

Managing patches of the guest operating system on Amazon Elastic Compute Cloud (Amazon EC2)

51
Q

Which AWS service enables users to find, buy, and immediately start using software solutions in their AWS environment?
- AWS OpsWorks
- AWS Systems Manager
- AWS Config
- AWS Marketplace

A

AWS Marketplace

52
Q

Which of the following AWS services can be used to prevent Distributed Denial-of-Service (DDoS) attack? (Select three)
- Amazon Inspector
- Amazon CloudFront with Amazon Route 53
- AWS CloudHSM
- AWS Trusted Advisor
- AWS Shield
- AWS Web Application Firewall (AWS WAF)

A
  • Amazon CloudFront with Amazon Route 53
  • AWS Shield
  • AWS Web Application Firewall (AWS WAF)
53
Q

An organization is planning to move its infrastructure from the on-premises datacenter to AWS Cloud. As a Cloud Practioner, which options would you recommend so that the organization can identify the right AWS services to build solutions on AWS Cloud (Select two)?
- AWS CloudTrail
- AWS Organizations
- AWS Partner Network (APN)
- Amazon CloudWatch
- AWS Service Catalog

A
  • AWS Partner Network (APN)
  • AWS Service Catalog
54
Q

A photo sharing web application wants to store thumbnails of user-uploaded images on Amazon Simple Storage Service (Amazon S3). The thumbnails are rarely used but need to be immediately accessible from the web application. The thumbnails can be regenerated easily if they are lost. Which is the most cost-effective way to store these thumbnails on Amazon Simple Storage Service (Amazon S3)?
- Use Amazon S3 Standard to store the thumbnails
- Use Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) to store the thumbnails
- Use Amazon S3 Standard-Infrequent Access (S3 Standard-IA) to store the thumbnails
- Use Amazon S3 Glacier Flexible Retrieval to store the thumbnails

A

Use Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) to store the thumbnails

55
Q

A social media company wants to protect its web application from common web exploits such as SQL injection and cross-site scripting. Which of the following AWS services can be used to address this use-case?
- AWS CloudWatch
- Amazon GuardDuty
- AWS Web Application Firewall (AWS WAF)
- Amazon Inspector

A

AWS Web Application Firewall (AWS WAF)

56
Q

A fleet of Amazon EC2 instances spread across different Availability Zones (AZ) needs to access, edit and share file-based data stored centrally on a system. As a Cloud Practitioner, which AWS service would you recommend for this use-case?
- Amazon Simple Storage Service (Amazon S3)
- Amazon Elastic File System (Amazon EFS)
- EC2 Instance Store
- Amazon Elastic Block Store (Amazon EBS)

A

Amazon Elastic File System (Amazon EFS)

57
Q

Which service gives a personalized view of the status of the AWS services that are part of your Cloud architecture so that you can quickly assess the impact on your business when AWS service(s) are experiencing issues?
- AWS Health - Service Health Dashboard
- AWS Health - Your Account Health Dashboard
- Amazon CloudWatch
- Amazon Inspector

A

AWS Health - Your Account Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you.

With AWS Health - Your Account Health Dashboard, alerts are triggered by changes in the health of your AWS resources, giving you event visibility, and guidance to help quickly diagnose and resolve issues.

58
Q

Which AWS service would you use to send alerts when the costs for your AWS account exceed your budgeted amount?
- AWS Organizations
- AWS Budgets
- AWS Cost Explorer
- AWS Pricing Calculator

A

AWS Budgets

59
Q

Which of the following AWS services is essential for implementing security of resources in AWS Cloud?
- AWS Web Application Firewall (AWS WAF)
- AWS Shield
- AWS Identity and Access Management (IAM)
- Amazon CloudWatch

A

AWS Identity and Access Management (IAM)

60
Q

A retail company has multiple AWS accounts for each of its departments. Which of the following AWS services can be used to set up consolidated billing and a single payment method for these AWS accounts?
- AWS Budgets
- AWS Cost Explorer
- AWS Organizations
- AWS Secrets Manager

A

AWS Organizations

61
Q

Which of the following options can be used to access and manage all AWS services (Select three)?
- AWS Command Line Interface (AWS CLI)
- Amazon API Gateway
- AWS Secrets Manager
- AWS Software Development Kit (SDK)
- AWS Systems Manager
- AWS Management Console

A
  • AWS Command Line Interface (AWS CLI)
  • AWS Software Development Kit (SDK)
  • AWS Management Console
62
Q

The AWS Well-Architected Framework provides guidance on building cloud based applications using AWS best practices. Which of the following options are the pillars mentioned in the AWS Well-Architected Framework? (Select two)
- Elasticity
- Cost Optimization
- Availability
- Scalability
- Reliability

A
  • Cost Optimization
  • Reliability

los 5 son
- operational excellence
- security
- reliability
- Performance Efficiency
- Cost Optimization

63
Q

Which policy describes prohibited uses of the web services offered by Amazon Web Services?
- AWS Fair Use Policy
- AWS Applicable Use Policy
- AWS Trusted Advisor
- AWS Acceptable Use Policy

A

AWS Acceptable Use Policy

64
Q

An organization has a complex IT architecture involving a lot of system dependencies and it wants to track the history of changes to each resource. Which AWS service will help the organization track the history of configuration changes for all the resources?
- AWS Config
- AWS Service Catalog
- AWS CloudFormation
- AWS CloudTrail

A

AWS Config

AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. Think resource-specific history, audit, and compliance; think Config.

With AWS Config, you can do the following: 1. Evaluate your AWS resource configurations for desired settings. 2. Get a snapshot of the current configurations of the supported resources that are associated with your AWS account. 3. Retrieve configurations of one or more resources that exist in your account. 4. Retrieve historical configurations of one or more resources. 5. Receive a notification whenever a resource is created, modified, or deleted. 6.View relationships between resources. For example, you might want to find all resources that use a particular security group.

aws practitioner (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions