Practice Tests

Question 1

Which of the following are the best practices when using AWS Organizations? (Select TWO)

Restrict account privileges using Service Control Policies (SCP)

Create accounts per department

Answer 1

Restrict account privileges using Service Control Policies (SCP)

Create accounts per department

Question 2

A Cloud Practitioner would like to get operational insights of its resources to quickly identify any issues that might impact applications using those resources. Which AWS service can help with this task?

choose 1
Amazon Inspector - 
AWS Personal Health Dashboard  
AWS Trusted Advisor 
WS Systems Manager

Answer 2

WS Systems Manager

Question 3

A brand new startup would like to remove its need to manage the underlying infrastructure and focus on the deployment and management of its applications. Which type of Cloud Computing does this refer to?

Infrastructure as a Service (IaaS)

Software as a Service (SaaS)

Platform as a Service (PaaS)

Rekognition

Answer 3

Platform as a Service (PaaS)

Infrastructure as a Service (IaaS) - IaaS contains the basic building blocks for cloud IT. It typically provides access to networking features, computers (virtual or on dedicated hardware), and data storage space. IaaS gives the highest level of flexibility and management control over IT resources.
Software as a Service (SaaS) - SaaS provides you with a complete product that is run and managed by the service provider.
Rekognition is an example of a SaaS service.
On-premises -sophisticated hardware, compatible software, and robust services. Also, the business needs to deploy dedicated IT staff to upkeep, scale, and manage the on-premise infrastructure continuously.

Question 4

A company would like to define a set of rules to manage objects cost-effectively between storage classes. As a Cloud Practitioner, which Amazon S3 feature would you use?

S3 Lifecycle management

Answer 4

S3 Lifecycle management

Question 5

An organization would like to copy data across different Availability Zones (AZs) using EBS snapshots. Where are EBS snapshots stored in the AWS Cloud?

RDS
S3
EC2
EFS

Answer 5

S3

Question 6

Which of the following statements is INCORRECT regarding EBS Volumes?

EBS Volumes can be mounted to one instance at a time

EBS Volumes are bound to a specific Availability Zone (AZ)

EBS Volumes can persist data after their termination

EBS Volumes can be bound to several Availability Zones (AZs)

Answer 6

EBS Volumes can be bound to several Availability Zones (AZs)

Question 7

A company would like to reserve EC2 compute capacity for three years to reduce costs. The company also plans to increase their workloads during this period. As a Cloud Practitioner, which EC2 Reserved Instance type would you recommend?

Standard Reserved Instances
Scheduled Reserved Instances
Adaptable Reserved Instances
Convertible Reserved Instances

Answer 7

Convertible Reserved Instances

Question 8

Which security control tool can be used to deny traffic from a specific IP address?

Network ACL
Security Group
AWS GuardDuty
VPC Flow Logs

Answer 8

Network ACL

Question 9

An e-commerce company would like to build a chatbot for its customer service using Natural Language Understand (NLU). As a Cloud Practitioner, which AWS service would you use?

Sagemaker
Comprehend
LEX
Recognition

Answer 9

LEX

Question 10

A company using a hybrid cloud would like to store secondary backup copies of the on-premises data. Which S3 Storage Class would you use for a cost-optimal yet rapid access solution?

S3 Glacier
S3 Standard - infrequent Access
S3 Standard- General Purposes
S3 One zone - Infrequent Access

Answer 10

S3 One zone - Infrequent Access

Question 11

Which of the following criteria are used to charge for Elastic Block Store (EBS) volumes? (Select TWO)

Provisioned IOPS
Data type
The EC2 instance type the EBS volume is attached to
Data transfer IN
Volume Type

Answer 11

Volume Type

Provisioned IOPS

Question 12

A start-up would like to monitor its cost on the AWS Cloud and would like to choose an optimal Savings Plan. As a Cloud Practitioner, which AWS service would you use?

AWS Cost Explorer
AWS Budgets
AWS Cost and Usage Reports
AWS Pricing Calculator

Answer 12

AWS Cost Explorer
Exam Alert:
Please review the differences between “AWS Cost and Usage Reports” and “AWS Cost Explorer”. Think of “AWS Cost and Usage Reports” as a cost management tool providing the most detailed cost and usage data for your AWS account. It can provide reports that break down your costs by the hour into your S3 bucket. On the other hand, “AWS Cost Explorer” is more of a high-level cost management tool that helps you visualize the costs and usage associated with your AWS account.

Question 13

An engineering team is new to the AWS Cloud and it would like to launch a dev/test environment with low monthly pricing. Which AWS service can address this use-case?

LIGHTSAIL
CloudFormation
ECS
EC2

Answer 13

LIGHTSAIL

Question 14

A company would like to create a private, high bandwidth network connection between its on-premises data centers and AWS Cloud. As a Cloud Practitioner, which of the following options would you recommend?

VPC Peering
Direct Connect
VPC Endpoints
SITE-To-SITE VPN

Answer 14

Direct Connect

Question 15

Which Amazon EC2 Auto Scaling feature can help with fault tolerance?

Lower cost by adjusting the number of EC2 instances

Distributing load to EC2 instances

Having the right amount of computing capacity

Replacing unhealthy EC2 instances

Answer 15

Replacing unhealthy EC2 instances

Question 16

A company would like to move 50 petabytes (PBs) of data from its on-premises data centers to AWS in the MOST cost-effective way. As a Cloud Practitioner, which of the following solutions would you choose?

AWS Snowmobile
AWS Snowmobile Edge
AWS Storage Gateway
AWS Snowball

Answer 16

AWS Snowmobile
AWS Snowmobile is an Exabyte-scale data transfer service used to move extremely large amounts of data to AWS. You can transfer up to 100PB per Snowmobile, a 45-foot long ruggedized shipping container, pulled by a semi-trailer truck. Snowmobile makes it easy to move massive volumes of data to the cloud, including video libraries, image repositories, or even a complete data center migration. Transferring data with Snowmobile is more secure, fast and cost-effective.

Question 17

A company based in Sydney hosts its application on EC2 instances in ap-southeast-2. They would like to deploy the same EC2 instances in eu-south-1. Which of the following AWS entities can address this use-case?

Amazon Machine Image (AMI)
Elastic Load Balancing (ELB)
AWS Lambda
EBS snapshots

Answer 17

Amazon Machine Image (AMI)

Question 18

According to the Well-Architected Framework, which of the following action is recommended in the Security pillar?

Use AWAS KMS to encrypt Data

Use AWS Cost Explorer to view and track your usage in detail

Use Amazon CloudWatch to measure overall efficiency

Use AWS CloudFormation to automate security best practices

Answer 18

Use AWS KMS to encrypt data

AWS Key Management Service (AWS KMS) makes it easy for you to create and control keys used for encryption. It is a key service of the Security pillar.

The Security pillar includes the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies.
Encrypting data is part of the design principle “Protect data in transit and at rest”: Classify your data into sensitivity levels and use mechanisms, such as encryption, tokenization, and access control where appropriate.

Question 19

Which of the following AWS services can be used to generate, use, and manage encryption keys on the AWS Cloud?

AWS CloudHSM

Amazon Inspector

AWS GuardDuty

AWS Secrets Manager

Answer 19

AWS CloudHSM

CloudHSM allows you to securely generate, store, and manage cryptographic keys used for data encryption in a way that keys are accessible only by you.

Question 20

According to the Well-Architected Framework, which of the following statements are recommendations in the Operational Excellence pillar? (Select two)

Anticipate failure

Make frequent, small, reversible changes

Automatically recover from failure

Use serverless architectures

Answer 20

Anticipate failure

Make frequent, small, reversible changes

Question 21

Which AWS service can inspect CloudFront distributions running on any HTTP web-server?

AWS GuardDuty

Amazon Inspector

AWS Elastic Load Balancer

AWS WAF

Answer 21

AWS WAF

Question 22

Which of the following services are provided by Amazon Route 53? (Select TWO)

Domain registration

Health checks and monitoring

Transfer acceleration

Load balancing

IP routing

Answer 22

Domain registration

Health checks and monitoring

Question 23

Which AWS serverless service allows you to prepare data for analytics?

Redshift
Athena
EMR
GLUE

Answer 23

AWS Glue - AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. AWS Glue job is meant to be used for batch ETL data processing.

Question 24

A data science team would like to build Machine Learning models for its projects. Which AWS service can it use?
Connect

Comprehend

Polly

Sagemaker

Answer 24

Sagemaker –Amazon SageMaker is a fully-managed platform that enables developers and data scientists to quickly and easily build, train, and deploy machine learning models at any scale. Amazon SageMaker removes all the barriers that typically slow down developers who want to use machine learning.

Question 25

Which of the following IAM Security Tools allows you to review permissions granted to a user?

IAM access advisor

IAM credentials report

IAM policies

Multi-Factor Authentication (MFA)

Answer 25

IAM access advisor
advisor shows the service permissions granted to a user and when those services were last accessed. You can use this information to revise your policies. To summarize, you can identify unnecessary permissions so that you can revise your IAM policies accordingly.

Question 26

Adding more CPU/RAM to an Amazon EC2 instance represents which of the following?

Vertical scaling

Horizontal scaling

Managing increasing volumes of data

Loose coupling

Answer 26

Vertical scaling
A “vertically scalable” system, which is constrained to running its processes on only one computer; in such systems, the only way to increase performance is to add more resources into one computer in the form of faster (or more) CPUs, memory or storage.

Question 27

Which AWS service allows you to quickly and easily add user sign-up, sign-in, and access control to web and mobile applications?

Amazon Cognito

AWS Identity and Access Management (IAM)

AWS Single Sign-On (SSO)

AWS Organizations

Answer 27

Amazon Cognito
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. With Amazon Cognito, you also have the option to authenticate users through social identity providers such as Facebook, Twitter, or Amazon, with SAML identity solutions, or by using your own identity system.

Question 28

The IT infrastructure at a university is deployed on AWS Cloud and it’s experiencing a read-intensive workload. As a Cloud Practitioner, which AWS service would you use to take the load off databases?

GLUE
EMR
ElastiCache
RDS

Answer 28

Amazon ElastiCache
Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory caches, instead of relying entirely on slower disk-based databases.
If EC2 instances are intensively reading data from a database, ElastiCache can cache some values to take the load off the database.