Practice Test2 Flashcards
Which of the following statements are true about AWS Elastic Beanstalk? (Select two)
- WS Elastic Beanstalk supports Java, .NET, PHP, but does not support Docker web applications
- With Elastic Beanstalk, you can quickly deploy and manage applications in the AWS Cloud without having to learn about the infrastructure that runs those applications
- There is no additional charge for Elastic Beanstalk. You pay only for the underlying AWS resources that your application consumes
- AWS Elastic Beanstalk automates the details of capacity provisioning, load balancing, and application deployment, creating an environment that runs a version of your application. However, auto-scaling functionality cannot be automated using Elastic Beanstalk
- AWS Elastic Beanstalk supports web applications built on different languages. But, Elastic Beanstalk cannot be used for deploying non-web applications
With Elastic Beanstalk, you can quickly deploy and manage applications in the AWS Cloud without having to learn about the infrastructure that runs those applications
There is no additional charge for Elastic Beanstalk. You pay only for the underlying AWS resources that your application consumes
A financial consulting company is looking for automated reference deployments, that will speed up the process of deploying its financial solutions on AWS Cloud. The reference deployment should be able to deploy most of the well-known functions of financial services and leave space for customizations, if necessary.
Which AWS service will help achieve this requirement?
AWS Quick Starts
AWS CloudFormation
AWS Elastic Beanstalk
Amazon Quicksight
AWS Quick Starts
Which of the following statements are true about AWS Regions and Availability Zones (AZs)? (Select two)
Each AWS Region consists of multiple, isolated, and physically separate AZ’s within a geographic area
All traffic between AZ’s is encrypted
Traffic between AZ’s is not encrypted by default, but can be configured from AWS console
An Availability Zone is a physical location where AWS clusters the data centers
AWS calls each group of logical data centers as AWS Regions -
Each AWS Region consists of multiple, isolated, and physically separate AZ’s within a geographic area
All traffic between AZ’s is encrypted
A team lead is reviewing the AWS services that can be used in the development workflow for his company. Which of the following statements are correct regarding the capabilities of these AWS services? (Select three)
Each CodeStar project includes development tools, including AWS CodePipeline, AWS CodeCommit, AWS CodeBuild, and AWS CodeDeploy, that can be used on their own and with existing AWS applications
CodePipeline uses Amazon CloudWatch Events to detect changes in CodeCommit repositories used as a source for a pipeline
You can use AWS CodeStar and AWS Cloud9 to develop, build, and deploy a serverless web application
CodeBuild is directly integrated with both CodePipeline and
CodeCommit allows you to run builds and tests as part of your CodePipeline
AWS CodeStar is a cloud-based integrated development environment that lets you write, run, and debug your code with just a browser
Each CodeStar project includes development tools, including AWS CodePipeline, AWS CodeCommit, AWS CodeBuild, and AWS CodeDeploy, that can be used on their own and with existing AWS applications
CodePipeline uses Amazon CloudWatch Events to detect changes in CodeCommit repositories used as a source for a pipeline
You can use AWS CodeStar and AWS Cloud9 to develop, build, and deploy a serverless web application
A company is looking at a service/tool to automate and minimize the time spent on keeping the server images up-to-date. These server images are used by EC2 instances as well as the on-premises systems.
Which AWS service will help achieve the company’s need?
Amazon EC2 Image Builder
Amazon EC2 AMI -
AWS CloudFormation templates
AWS Systems Manager (Amazon Simple Systems Manager (SSM))
Amazon EC2 Image Builder
Which of the following is a repository service that helps in maintaining application dependencies via integration with commonly used package managers and build tools like Maven, Gradle, npm, etc?
AWS CodeArtifact
AWS CodeBuild
AWS Codecommit
AWS Codestar
AWS CodeArtifact
Which of the following represents the correct scenario where an Auto Scaling group’s (ASG) predictive scaling can be effectively used to maintain the required number of AWS resources?
To manage a workload that exhibits recurring load patterns that are specific to the day of the week or the time of day
To help configure a scaling policy to keep the average aggregate CPU utilization of your Auto Scaling group at 40 percent
To help configure a CloudWatch Amazon SQS metric like ApproximateNumberOfMessagesVisible for scaling the group based on the value of the metric -
To manage a fixed number of resources in the Auto Scaling group
To manage a workload that exhibits recurring load patterns that are specific to the day of the week or the time of day
Which of the following are NoSQL database services from AWS? (Select two)
Amazon Neptune -
Amazon DocumentDB
Amazon RDS
Amazon Aurora
AWS Storage Gateway
Amazon DocumentDB
Amazon Neptune
A weather tracking application is built using Amazon DynamoDB. The performance of the application has been consistently good. But lately, the team has realized that during holidays and travel seasons, the load on the application is high and the read requests consume most of the database resources, thereby drastically increasing the overall application latency.
Which feature/service will help resolve this issue?
DynamoDB Accelerator
DynamoDB Regulator
Amazon ElastiCache
Amazon CloudFront
DynamoDB Accelerator
Which of the following services/tools offers a user-friendly graphical user interface to manage AWS Snowball devices without a need for command-line interface or REST APIs?
AWS OpsHub
Amazon AppStream 2.0
AWS OpsWorks
AWS Transfer Family
AWS OpsHub
Which of the following statements are correct regarding the health monitoring and reporting capabilities supported by AWS Elastic Beanstalk? (Select two)
The Elastic Beanstalk health monitoring can determine that the environment’s Auto Scaling group is available and has a minimum of at least one instance
With basic health reporting, the Elastic Beanstalk service does not publish any metrics to Amazon CloudWatch
AWS Elastic Beanstalk provides only a basic health reporting system; Combined with Elastic Load Balancer, they provide advanced health check features
In a single instance environment, Elastic Beanstalk determines the instance’s health by monitoring the Elastic Load Balancing health settings
The Elastic Beanstalk health monitoring can determine that the environment’s Auto Scaling group is available and has a minimum of at least one instance
With basic health reporting, the Elastic Beanstalk service does not publish any metrics to Amazon CloudWatch
**AWS Elastic Beanstalk provides only a basic health reporting system; Combined with Elastic Load Balancer, they provide advanced health check features - This option has been added as a distractor.
A team manager needs data about the changes that have taken place for AWS resources in his account during the past two weeks. Which AWS service can help get this data?
AWS Config
Amazon CloudWatch -
Amazon Inspector -
AWS CloudTrail -
AWS Config
WS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. This enables you to simplify compliance auditing, security analysis, change management, and operational troubleshooting.
While AWS Config helps you answer questions like - “What did my AWS resource look like?” at a point in time. You can use AWS CloudTrail to answer “Who made an API call to modify this resource?”
As part of a flexible pricing model, AWS offers two types of Savings Plans. Which of the following are the Savings Plans from AWS?
Compute Savings Plans, EC2 Instance Savings Plans
Compute Savings Plans, Storage Savings Plans
Reserved Instances Savings Plans, EC2 Instance Savings Plans
Instance Savings Plans, Storage Savings Plans
Compute Savings Plans, EC2 Instance Savings Plans
Which tool/service will help you get a forecast of your spending for the next 12 months?
AWS Cost Explorer -
Consolidated Billing of AWS Organizations
AWS Pricing Calculator
AWS Marketplace
AWS Cost Explorer -
AWS Support offers four support plans for its customers. Identify the features that are covered as part of the AWS Basic Support Plan? (Select two)
One-on-one responses to account and billing questions
Service health checks
Best practice guidance
Use-case guidance – What AWS products, features, and services to use to best support your specific needs
Infrastructure event management
One-on-one responses to account and billing questions
Service health checks
Which of the following AWS services are offered free of cost? (Select two)
AWS Elastic Beanstalk
AWS Auto Scaling
Amazon EC2 Spot Instances
CloudWatch facilitated detailed monitoring of EC2 instances
An Elastic IP address, which is chargeable as long as it is associated with an EC2 instance
AWS Elastic Beanstalk
AWS Auto Scaling
Which member of the AWS Snow Family is used by the Edge computing applications for IoT use cases for facilitating the collection and processing of data to gain immediate insights and then transfer the data to AWS?
AWS Snowcone
AWS Snowball Edge Storage Optimized
AWS Snowposts
AWS Snowmobile
AWS Snowcone
AWS Snowposts - This is a made-up option, used only as a distractor.
A company is looking for ways to make its desktop applications available to the employees from browsers on their devices/laptops. Which AWS service will help achieve this requirement without having to procure servers or maintain infrastructure?
Amazon AppStream 2.0
Amazon WorkSpaces
AWS Outposts
AWS Snowball
Amazon AppStream 2.0
A company provides you with a completed product that is run and managed by the company itself. As a customer, you only use the product without worrying about maintaining or managing the product.
Which cloud computing model does this kind of product belong to?
Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Product as a Service (Paas)
Software as a Service (SaaS)
Product as a Service (Paas)* - This is a made-up option, given only as a distractor.
Which of the following points have to be considered when choosing an AWS Region for a service? (Select two)
Compliance and Data Residency guidelines of the AWS Region should match your business requirements -
AWS Region chosen should be geographically closer to the user base that utilizes the hosted AWS services
The AWS Region with high availability index should be considered for your business
The AWS Region should have 5G networks, to seamlessly access the breadth of AWS services in the region
The AWS Region chosen should have all its Availability Zones (AZs) within 100 Kms radius, to keep latency low for hosted applications
AWS Region chosen should be geographically closer to the user base that utilizes the hosted AWS services
Compliance and Data Residency guidelines of the AWS Region should match your business requirements -
**All AWS Regions are designed to be highly available.
Which of the following AWS services is delivered globally rather than regionally?
Amazon WorkSpaces
Amazon S3 buckets
Amazon Elastic File System
AWS Snowmobile
Amazon WorkSpaces
Amazon WorkSpaces is a managed, secure Desktop-as-a-Service (DaaS) solution. You can use Amazon WorkSpaces to provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe.
Which of the following data sources are used by Amazon Detective to analyze events and identify potential security issues?
AWS CloudTrail logs, Amazon VPC Flow Logs and Amazon GuardDuty findings
Amazon CloudWatch Logs, Amazon VPC Flow Logs and Amazon GuardDuty findings
Amazon CloudWatch Logs, AWS CloudTrail logs and S3 Access Logs
Amazon CloudWatch Logs, AWS CloudTrail logs and Amazon Inspector logs
AWS CloudTrail logs, Amazon VPC Flow Logs and Amazon GuardDuty findings
Which of the following statements are true about AWS Shared Responsibility Model? (Select two)
AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications
AWS trains AWS employees, but a customer must train their own employees
For abstracted services, such as Amazon S3, AWS operates the infrastructure layer, the operating system, platforms, encryption options, and appropriate permissions for accessing the S3 resources
Amazon Elastic Compute Cloud (Amazon EC2) is categorized as Infrastructure as a Service (IaaS) and hence AWS will perform all of the necessary security configuration and management tasks
AWS maintains the configuration of its infrastructure devices and is responsible for configuring the guest operating systems, databases, and applications
AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications
AWS trains AWS employees, but a customer must train their own employees
Which of the following will help you control the incoming traffic to an Amazon EC2 instance?
Security Group
AWS Resource Group
NACL (Network ACL)
Route Table
Security Group
Which of the following are security best practices suggested by AWS for Identity and Access Management (IAM)? (Select two)
When you create IAM policies, grant the least privileges required to perform a task
Don’t share security credentials between accounts, use IAM roles instead
Share your AWS account root user credentials only if absolutely necessary for performing an important billing operation
Enable AWS multi-factor authentication (MFA) on your AWS root user account. MFA helps give root access to multiple users without actually sharing the root user login credentials -
When you create IAM policies, grant the least privileges required to perform a task
Don’t share security credentials between accounts, use IAM roles instead
**Enable AWS multi-factor authentication (MFA) on your AWS root user account. MFA helps give root access to multiple users without actually sharing the root user login credentials - The given option just acts as a distractor. For extra security, AWS recommends that you use multi-factor authentication (MFA) for the root user in your account.
Which of the following statements are correct regarding the AWS Control Tower and Service Control Policies? (Select two)
Control Tower is an AWS native service providing a pre-defined set of blueprints and guardrails to help customers implement a landing zone for new AWS accounts
Service control policies (SCPs) are a type of organization policy that you can use to manage permissions in your organization
AWS Control Tower helps you deploy a multi-account AWS environment and operate it with day-to-day reminders and recommendations -
Service Control Policies (SCPs) can help grant permissions to the accounts in your organization
Service Control Policies (SCPs), by default, affect all the users in the AWS Organization. They have to be configured to affect only the member accounts if needed
Control Tower is an AWS native service providing a pre-defined set of blueprints and guardrails to help customers implement a landing zone for new AWS accounts
Service control policies (SCPs) are a type of organization policy that you can use to manage permissions in your organization
By default, which of the following events are logged by AWS CloudTrail?
Management events
Data events
Insights events
Data events and Insights events
Management events
