Practice Test 3: Practice Test #3 - AWS Certified Cloud Flashcards
Which feature of AWS Cloud offers the ability to innovate faster and rapidly develop, test and launch software applications?
- Cost savings
- Agility
- Elasticity
- Ability to deploy globally in minutes
Agility
Which of the following statements are CORRECT regarding security groups and network access control lists (network ACL)? (Select two)
- A security group contains a numbered list of rules and evaluates these rules in the increasing order while deciding whether to allow the traffic
- A network access control list (network ACL) is stateful, that is, it automatically allows the return traffic
- A security group is stateful, that is, it automatically allows the return traffic
- A network access control list (network ACL) contains a numbered list of rules and evaluates these rules in the increasing order while deciding whether to allow the traffic
- A security group is stateless, that is, the return traffic must be explicitly allowed
- A security group is stateful, that is, it automatically allows the return traffic
- A network access control list (network ACL) contains a numbered list of rules and evaluates these rules in the increasing order while deciding whether to allow the traffic
Which AWS service can be used as an in-memory database with high-performance and low latency?
- Amazon DynamoDB
- Amazon ElastiCache
- Amazon Athena
- Amazon Relational Database Service (Amazon RDS)
Amazon ElastiCache
A startup runs its proprietary application on docker containers. As a Cloud Practitioner, which AWS service would you recommend so that the startup can run containers and still have access to the underlying servers?
- AWS Fargate
- Amazon Elastic Container Service (Amazon ECS)
- Amazon Elastic Container Registry (Amazon ECR)
- AWS Lambda
Amazon Elastic Container Service (Amazon ECS)
Which Amazon Route 53 routing policy would you use when you want to route your traffic in an active-passive configuration?
- Simple routing
- Weighted routing
- Failover routing
- Latency-based routing
Failover routing
What is the primary benefit of deploying an Amazon Relational Database Service (Amazon RDS) database in a Read Replica configuration?
- Read Replica improves database scalability
- Read Replica reduces database usage costs
- Read Replica enhances database availability
- Read Replica protects the database from a regional failure
Read Replica improves database scalability
AWS Lambda pricing is based on which of the following criteria? (Select two)
- The number of lines of code for the AWS Lambda function
- The size of the deployment package for the AWS Lambda function
- Number of requests for the AWS Lambda function
- The language runtime of the AWS Lambda function
- The time it takes for the AWS Lambda function to execute
- Number of requests for the AWS Lambda function
- The time it takes for the AWS Lambda function to execute
Which of the following statements are CORRECT about the AWS Auto Scaling group? (Select two)
- Auto Scaling group scales up and upgrades to a more powerful Amazon EC2 instance to match an increase in demand
- Auto Scaling group scales out and adds more number of Amazon EC2 instances to match an increase in demand
- Auto Scaling group scales down and downgrades to a less powerful Amazon EC2 instance to match a decrease in demand
- Auto Scaling group scales in and reduces the number of Amazon EC2 instances to match a decrease in demand
- Auto Scaling group scales down and reduces the number of Amazon EC2 instances to match a decrease in demand
- Auto Scaling group scales out and adds more number of Amazon EC2 instances to match an increase in demand
- Auto Scaling group scales in and reduces the number of Amazon EC2 instances to match a decrease in demand
Which of the following AWS services specialize in data migration from on-premises to AWS Cloud? (Select two)
- AWS Database Migration Service (AWS DMS)
- AWS Snowball
- AWS Site-to-Site VPN
- AWS Transit Gateway
- AWS Direct Connect
- AWS Database Migration Service (AWS DMS)
- AWS Snowball
A development team is looking for a forum where the most frequent questions and requests from AWS customers are listed along with AWS provided solutions.
Which AWS forum/service can be used for troubleshooting an issue or checking for a solution?
- AWS Health Dashboard - service health
- AWS Knowledge Center
- AWS Marketplace
- AWS Support Center
AWS Knowledge Center
Which of the following statements is correct regarding the Amazon Elastic File System (Amazon EFS) storage service?
- EC2 instances can access files on an Amazon Elastic File System (Amazon EFS) file system only in one Availability Zone (AZ)
- EC2 instances can access files on an Amazon Elastic File System (Amazon EFS) file system across many Availability Zones (AZ) and VPCs but not across Regions
- EC2 instances can access files on an Amazon Elastic File System (Amazon EFS) file system across many Availability Zones (AZ) but not across VPCs and Regions
- EC2 instances can access files on an Amazon Elastic File System (Amazon EFS) file system across many Availability Zones (AZ), Regions and VPCs
EC2 instances can access files on an Amazon Elastic File System (Amazon EFS) file system across many Availability Zones (AZ), Regions and VPCs
Which AWS services/features support High Availability by default? (Select two)
- Subnet
- Amazon Elastic Block Store (Amazon EBS)
- Amazon DynamoDB
- Instance Store
- Amazon Elastic File System (Amazon EFS)
- Amazon DynamoDB
- Amazon Elastic File System (Amazon EFS)
Subnet - A subnet is a range of IP addresses in your VPC. You can create AWS resources, such as EC2 instances, in specific subnets. Each subnet must reside entirely within one Availability Zone and cannot span multiple Availability Zones.
Amazon Elastic Block Store (Amazon EBS) - Amazon Elastic Block Store (Amazon EBS) is an easy to use, high-performance block storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction-intensive workloads at any scale. EBS volumes are replicated within an Availability Zone (AZ) and can easily scale to petabytes of data.
Instance Store - As Instance Store volumes are tied to an EC2 instance, they are also single Availability Zone (AZ) entities.
A multi-national company has its business-critical data stored on a fleet of Amazon Elastic Compute Cloud (Amazon EC2) instances, in various countries, configured in region-specific compliance rules. To demonstrate compliance, the company needs to submit historical configurations on a regular basis. Which AWS service is best suited for this requirement?
- AWS Config
- Amazon GuardDuty
- AWS CloudTrail
- Amazon Macie
AWS Config
A company has a static website hosted on an Amazon Simple Storage Service (Amazon S3) bucket in an AWS Region in Asia. Although most of its users are in Asia, now it wants to drive growth globally. How can it improve the global performance of its static website?
- Use Amazon CloudFormation to improve the performance of your website
- Use Amazon CloudFront to improve the performance of your website
- Use AWS Web Application Firewall (AWS WAF) to improve the performance of your website
- Use Amazon S3 Transfer Acceleration (Amazon S3TA) to improve the performance of your website
Use Amazon CloudFront to improve the performance of your website
Amazon S3 Transfer Acceleration (Amazon S3TA) enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket. Amazon S3 Transfer Acceleration (Amazon S3TA) takes advantage of Amazon CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path. Amazon S3 Transfer Acceleration (Amazon S3TA) cannot be used to improve the performance of a static website.
Which of the following is a perspective of the AWS Cloud Adoption Framework (AWS CAF)?
- Process
- Product
- Architecture
- Business
Business
Business, People, Governance, Platform, Security, and Operations.
Which of the following statements are true about Cost Allocation Tags in AWS Billing? (Select two)
- For each resource, each tag key must be unique, and each tag key can have only one value
- You must activate both AWS generated tags and user-defined tags separately before they can appear in Cost Explorer or on a cost allocation report
- For each resource, each tag key must be unique, but can have multiple values
- Tags help in organizing resources and are a mandatory configuration item to run reports
- Only user-defined tags need to be activated before they can appear in Cost Explorer or on a cost allocation report
- For each resource, each tag key must be unique, and each tag key can have only one value
- You must activate both AWS generated tags and user-defined tags separately before they can appear in Cost Explorer or on a cost allocation report
A Cost Allocation Tag is a label that you or AWS assigns to an AWS resource. Each tag consists of a key and a value. For each resource, each tag key must be unique, and each tag key can have only one value. You can use tags to organize your resources, and cost allocation tags to track your AWS costs on a detailed level.
AWS provides two types of cost allocation tags, an AWS generated tags and user-defined tags. AWS defines, creates, and applies the AWS generated tags for you, and you define, create, and apply user-defined tags. You must activate both types of tags separately before they can appear in Cost Explorer or on a cost allocation report.
A medical device company is looking for a durable and cost-effective way of storing their historic data. Due to compliance requirements, the data must be stored for 10 years. Which AWS Storage solution will you suggest?
- Amazon Elastic File System (Amazon EFS)
- AWS Storage Gateway
- Amazon S3 Glacier Deep Archive
- Amazon S3 Glacier Flexible Retrieval
Amazon S3 Glacier Deep Archive
A leading research firm needs to access information available in old patents and documents (such as PDFs, Text Files, Word documents, etc) present in its huge knowledge base. The firm is looking for a powerful search tool that can dig into these knowledge resources and return the most relevant files/documents. Which of the following is the correct service to address this requirement?
- Amazon Comprehend
- Amazon Kendra
- Amazon Lex
- Amazon Personalize
Amazon Kendra
Amazon Kendra is an intelligent search service powered by machine learning.
Which of the following AWS entities provides the information required to launch an Amazon Elastic Compute Cloud (Amazon EC2) instance?
- Amazon Machine Image (AMI)
- AWS Lambda
- Amazon Elastic File System (Amazon EFS)
- Amazon Elastic Block Store (Amazon EBS)
Amazon Machine Image (AMI)
Which budget types can be created under AWS Budgets (Select three)?
- Hardware budget
- Reservation budget
- Usage budget
- Resource budget
- Cost budget
- Software budget
- Reservation budget
- Usage budget
- Cost budget
Which of the following Cloud Computing models does the ‘gmail’ service represent?
- Software as a service (SaaS)
- Infrastructure as a service (IaaS)
- Function as a service (FaaS)
- Platform as a service (PaaS)
Software as a service (SaaS)
AWS Identity and Access Management (AWS IAM) policies are written as JSON documents. Which of the following are mandatory elements of an IAM policy?
- Effect, Sid
- Action, Condition
- Sid, Principal
- Effect, Action
Effect, Action
A JSON policy document includes these elements:
Optional policy-wide information at the top of the document
One or more individual statements
Each statement includes information about a single permission. The information in a statement is contained within a series of elements.
Version – Specify the version of the policy language that you want to use. As a best practice, use the latest 2012-10-17 version.
Statement – Use this main policy element as a container for the following elements. You can include more than one statement in a policy.
Sid (Optional) – Include an optional statement ID to differentiate between your statements.
Effect – Use Allow or Deny to indicate whether the policy allows or denies access.
Principal (Required in only some circumstances) – If you create a resource-based policy, you must indicate the account, user, role, or federated user to which you would like to allow or deny access. If you are creating an IAM permissions policy to attach to a user or role, you cannot include this element. The principal is implied as that user or role.
Action – Include a list of actions that the policy allows or denies.
Resource (Required in only some circumstances) – If you create an IAM permissions policy, you must specify a list of resources to which the actions apply. If you create a resource-based policy, this element is optional. If you do not include this element, then the resource to which the action applies is the resource to which the policy is attached.
Condition (Optional) – Specify the circumstances under which the policy grants permission.
A startup has just moved its IT infrastructure to AWS Cloud. The CTO would like to receive detailed reports that break down the startup’s AWS costs by the hour in an Amazon Simple Storage Service (Amazon S3) bucket. As a Cloud Practitioner, which AWS service would you recommend for this use-case?
- AWS Cost Explorer
- AWS Pricing Calculator
- AWS Cost & Usage Report (AWS CUR)
- AWS Budgets
AWS Cost & Usage Report (AWS CUR)
