Prime 100 domande random

Question 1

What part of an Amazon Virtual Private Cloud (VPC) is considered stateful?

Answer 1

Security groups

Question 2

You have created a VPC for your company’s AWS deployment. You need to implement a way of controllingincoming and outgoing for your EC2 instance on the VPC. What would you use for this?

Answer 2

Security groups

Question 3

What type of storage option is a regional service that gives you the ability to store and manage files within the AWSCloud?

Answer 3

Amazon EFS
(Amazon Elastic File System)

Question 4

Which of these would you use for running programs that can automatically retrieve key costs related to various AWSservices?

Answer 4

AWS Cost Explorer

Question 5

Which two features are part of AWS Organizations?

Answer 5

Consolidating billing for multiple accounts

Controlling permission for accounts using SCPs

Question 6

if you wanted to route Internet traffic to your specific domain, what AWS resource should you use?

Answer 6

Amazon Route 53

Question 7

Which Amazon Kinesis tool lets you create time-series analytics using standard SQL queries against real-time data?

Answer 7

Amazon Kinesis Data Analytics

Question 8

You need to create a historical CPU report on your Amazon Elastic Compute Cloud (EC2) instance. How long doesAmazon CloudWatch keep metric data?

Answer 8

15 months

Question 9

You work for ABC corporation that is actively using Amazon S3 storage solutions. The company has files that are stored using Amazon S3, but they want to save costs because a majority of their files are not used after 40 days. However, they need the ability to recover files within a few minutes after the request to see a file. Which option below best meets these requirements?

Answer 9

Move the data to Amazon S3 Standard using Infrequent Access (IA)option after 40 days.

Question 10

You need to present a case to your company’s management for moving operations from an on-premises data centerto AWS Cloud. Which of these will help your company reduce its costs by moving to an AWS cloud deployment?(Select TWO.)

Answer 10

Using automation

Taking advantage of managed services

Question 11

You work for a financial services company, and you need to find a way to automatically detect and analyzehandwritten notes inside of financial reports. Which AWS service should you use?

Answer 11

Textract

Question 12

Which of the following statements is true when it comes to using route tables within your virtual private cloud (VPC)?

Answer 12

When your VPC is created, it automatically comes with a route table that can be modified.

Question 13

If you want to access the Internet from your Amazon EC2 instance and not use a public IP address, which networking component would you use to access the Internet?

Answer 13

NAT gateway

Question 14

Which Amazon storage option is a good solution if you need storage that offers block-level encryption, high reliability, and is highly available, while using applications that use fine-grained updates to raw unformatted data?

Answer 14

Amazon EBS

Question 15

Which Amazon Elastic Block Storage (EBS) storage type provides cost-effective storage for data that is typically accessed infrequently, with an IOPS of around 100?

Answer 15

HDD-backed volumes

Question 16

You are guiding an application development team to design a new system that needs to be high performing and resilient. Which architecture type should you implement to ensure that the failure of a single component does not bring the whole system down?

Answer 16

Microservices-based

Question 17

As an IT specialist with a cloud background, you are concerned with the overall recoverability of your data within thecloud. What does Amazon S3 offer to alleviate this concern?

Answer 17

Amazon S3 provides strong read-after-write consistency.

Question 18

You are a cloud technology consultant for a company that wants to expand its global operations using AWSRegions. What would you set as requirements for selecting the appropriate AWS Region for your business?

Answer 18

Maintaining regional data sovereignty
Reducing latency for users

Question 19

You have been managing your current production workload with several Reserved Instances for about 15 months.However, you have noticed a small and progressive increase in overall workload and want to make sure your EC2infrastructure can handle the bandwidth to support the increased workload.
What type of instance would meet this requirement?

Answer 19

On-Demand Instance

Question 20

Which of the following is considered a true advantage of cloud technology when decoupling from a data center?

Answer 20

Changing resources dynamically based on seasonal needs

Question 21

When does Amazon DynamoDB encrypt data at rest?

Answer 21

When the first rows of data enter the table

Question 22

You need to select an AWS Support plan for your organization that will include a technical account manager for additional support. Which would be the most economical option in this scenario?

Answer 22

Developer

Question 23

For which two situations will AWS Trusted Advisor recommend actions?

Answer 23

Weak IAM user password policies
EBS volumes with no snapshots

Question 24

Your boss asks you which storage option would allow the company to transfer petabytes of data between thecurrent AWS S3 storage solution and data that resides in the company-owned data center. Which option would you recommend?

Answer 24

AWS Snowball Edge

Question 25

Which perspective of the AWS Cloud Adoption Framework would you use to gain knowledge on updating the skills of the company staff and all company processes?

Answer 25

People

Question 26

You need to run a certain software tool on AWS compute resources and allow your users to securely access asingle version of it using any device while ensuring high levels of performance. Which AWS system should you usefor this requirement?

Answer 26

Amazon AppStream

Question 27

What security option gives you the ability to manage permissions for several different users at one time while controlling access to specific AWS resources?

Answer 27

IAM group

Question 28

Which two tasks can you complete using AWS Artifact?

Answer 28

Access agreements made with AWS
Create users to allow access to AWS resources

Question 29

Which two statements are correct applications of VPC components?

Answer 29

Keep databases with customer personal data on a private subnet.
Use a virtual private gateway to connect a VPC and office network.

Question 30

You are supporting an application that requires that the EC2 instance be shut down after 5:00 PM every day. You want to make sure this is done automatically so you have configured the shut-down processing to use a Lambda function. For some reason, the application binaries are sporadically being corrupted and the corruption is related tothe shut-down process.
Which of the following components can be used to identify the faulty EC2 instance?

Answer 30

Instance metadata

Question 31

Which of these technologies should you use for securely connecting remote workers and on-premises networks to your AWS cloud?

Answer 31

AWS VPN

Question 32

You are architecting a solution on AWS for your company and need to optimize costs by considering data transfer costs. Which of these actions incurs data transfer charges on AWS?

Answer 32

Data transferred across AWS Regions.

Question 33

Your company has several AWS Cloud accounts and VPCs in all of them. You need to integrate several VPCs into a much larger network. Which two connectivity options can you use for this?

Answer 33

AWS Transit Gateway
Software Site-to-Site VPN

Question 34

You want to load balance connections from your EC2 instance to another application tier on the same network.Which type of load balancer would you choose to meet this requirement?

Answer 34

Internal load balancer

Question 35

You have been working for your company for three years as a system administrator. You have been informed that you need to house several batch application servers. This application can be stopped and started at any point intime. Your task is to provision the needed EC2 infrastructures and your goal is to keep the cost to a minimum.
Which type of instance should you consider?

Answer 35

Spot Instances

Question 36

Which of the following actions is MOST aligned with the sustainability pillar of the AWS Well-ArchitectedFramework?

Answer 36

Terminating unused Elastic IPs to avoid unnecessary resource usage.

Question 37

You are a cloud technology consultant working for a US Government agency. You are running web applicationsusing Elastic Compute Cloud (EC2) instances with attached Elastic Block Store (EBS) volumes for storing confidential user data like PII. You need to ensure security of both data-in-transit as well as data-at-rest for theinstances and their EBS volumes. How will you do this most efficiently?

Answer 37

Use AWS KMS Keys for Amazon EBS encryption.

Question 38

You need to use an AWS service that allows you to automate evidence collection and perform risk and compliancemanagement. Which of these services should you use for this scenario?

Answer 38

AWS Audit Manager

Question 39

Which two statements are true regarding AWS Regions and Availability Zones?

Answer 39

A Region can have several AZs.
Each AZ has several data centers.

Question 40

You need to run a certain software tool on AWS compute resources and allow your users to securely access asingle version of it using any device while ensuring high levels of performance. Which AWS system will you use forthis requirement?

Answer 40

Amazon AppStream 2.0

Question 41

What does Amazon recommend for protecting data in transit when connecting to a public cloud service that uses aRemote Desktop Protocol (RDP) connection?

Answer 41

X.509 certificate

Question 42

What kind of strategy does Amazon offer for situations regarding accidental deletion within Amazon S3?

Answer 42

Versioning

Question 43

You are asked to ensure that your company’s data storage is in sync with the necessary regulatory compliance requirements. Which AWS service helps you manage the encryption for data at rest on your AWS Cloud?

Answer 43

AWS KMS

Question 44

Your company needs to link its on-premises systems to its cloud on AWS. Which of these technologies would allow you to create a secure connection from an on-premises data center to a VPC on AWS?

Answer 44

Virtual private gateway

Question 45

You want to implement security measures that:
Automatically enforce security policies across resources.
Centralize the deployment of baseline security groups for VPC protection.

Which of the following AWS services best supports these requirements?

Answer 45

AWS Firewall Manager

Question 46

You want to monitor service limits related to Elastic IP addresses that are being used, active snapshots, and EBSvolumes. Which service would you use?

Answer 46

AWS Trusted Advisor

Question 47

You are asked to create user accounts and configure their access permissions for a corporate AWS deployment. Which of these are IAM best practices you will use?

Answer 47

Use the principle of least privilege.

Question 48

You want to use an AWS service that allows you to automate evidence collection and perform risk and compliancemanagement. Which of the following services should you use for this scenario?

Answer 48

AWS Audit Manager

Question 49

You are creating an IAM policy using the visual editor from the IAM console. Which two key components will you beprompted to provide?

Answer 49

Choose a service
Select an action

Question 50

Which AWS service provides protection against DDoS attacks for free and is a key component of the Reliability pillar within the AWS framework?

Answer 50

AWS Shield

Question 51

You are leading a new startup company and need to leverage AWS resources. Which of these entities is a startupprogram from AWS that provides resources and tools like AWS credits to eligible startups.

Answer 51

AWS Activate

Question 52

What type of abuse is caused when an Amazon EC2 server is not patched and could be infected with a virus, worm, or Trojan horse?

Answer 52

Compromised resource

Question 53

What type of internal Amazon user can be created to mimic a service, application, or person that has access to AWS resources?

Answer 53

IAM user

Question 54

Your company needs to maintain reserve EC2 instances in multiple Availability Zones and Regions to ensureservices during a failover event. Which of these systems should you use for this?

Answer 54

Savings Plans

Question 55

You need to allow your development team to efficiently package application code and its dependencies together tobe used across different systems. Which of these are container orchestration tools you use on AWS?

Answer 55

EKS
ECS

Question 56

Which of the following is a key pillar within the AWS framework?

Answer 56

Operational Excellence

Question 57

The company you work for has been using an on-premises 15 TB MySQL database for about two years. Over the past 5 months, data has been constantly increasing at a rate of 800 GB per month. You have been tasked with migrating the data into an AWS cloud solution while also creating a read replica with under a 200-millisecond lag time between the primary and the read replica.
Which database solution can you use to meet these requirements?

Answer 57

Amazon Aurora

Question 58

Which AWS technology should you use for managing and exploring AWS resources and running AWS CLIcommands from a web browser without downloading specific command-line tools?

Answer 58

CloudShell

Question 59

As your company’s AWS Cloud administrator, you have just logged in as the root user for the first time. What should you do immediately as a security best practice?

Answer 59

Turn on MFA for the root account.

Question 60

For which two purposes do you need the AWS root account?

Answer 60

Changing the AWS account email address
Changing the AWS support plan for the account

Question 61

Which of the following security events would AWS Trusted Advisor look for within your AWS infrastructure?

Answer 61

Security groups with unrestricted access

Question 62

Your boss tells you to find an inexpensive cloud solution for an EC2 environment that will only be needed for 9months. What is your best option?

Answer 62

Spot Instance

Question 63

Amazon recommends their Amazon S3 Glacier services for which of the following situations?

Answer 63

Data is continually accessed and recovery time is less than 10 minutes.

Question 64

You are instructed to create an Amazon RDS database environment. At the same time, you are advised that you need to understand how you are going to be billed based on your research and design of the newly created RDS environment.
As of today, your EC2 instance has been connected for 8 hours and 45 minutes. Keep in mind that there are no setup fees and no minimums to be concerned with.
Which billing option specifies how you would be billed?

Answer 64

Running time

Question 65

You need to inventory all the IT assets across your systems as per their usage and analyze infrastructure dependencies and application components. You also need to perform resource grouping into applications. Which of these technologies will you use for this?

Answer 65

AWS Migration Hub

Question 66

What Amazon security feature encrypts data at rest using AES-256 and is considered transparent to the end user within the Amazon S3 environment?

Answer 66

Encryption server side

Question 67

You want to use an AWS service for centralized and automated data protection over multiple AWS services for both on-premises and in the cloud. Which of the following technologies should you use?

Answer 67

AWS Backup

Question 68

You want to use a suitable technology for achieving single digit write and microsecond read speeds for a modern application with durability using multiple Availability Zones. Which of the following systems should you use for this?

Answer 68

Amazon MemoryDB for Redis

Question 69

You have just created an EC2 instance using an AMI that uses a Linux Ubuntu operating system. A security report suggested that the operating system might need to be patched.
How would you classify the operating system that needs to be patched, and whose responsibility is it to patch it?

Answer 69

Guest operating system, and the customer’s responsibility

Question 70

What type of application could you use if you wanted to install security patches or service packs beyond the patchlevel from an AMI?

Answer 70

Bootstrapping

Question 71

You are creating an application that works with datasets that are highly connected and need a fully managed graphdatabase service. Which of the following systems should you use for this?

Answer 71

Amazon Neptune

Question 72

Which two actions can you perform using AWS Cost Explorer? (Choose two.)

Answer 72

View costs of resources by tags

View your top five cost consuming services

Question 73

Which AWS service should you use when you want to perform pricing for climate risk in a portfolio, reduce acompany’s carbon footprint, or align with new environmental, social, and governance (ESG) requirements?

Answer 73

AWS Data Exchange

Question 74

Your boss wants you to find an inexpensive cloud solution that will support a production environment for longer thanthree years that uses a Linux platform.
What type of instance will meet this requirement?

Answer 74

Reserved Instance

Question 75

You need a way to automate the process of evidence collection so that you can easily assess the effectiveness ofcontrols, including activities, procedures, and policies. Which of the following AWS services should you use for this?

Answer 75

AWS Audit Manager

Question 76

You want to perform modeling and provisioning for cloud resources needed by your applications across severalAWS Regions using automation. You also need to be able to perform rollbacks in case of any issues. Which AWSsystem should you use for this?

Answer 76

CloudFormation

Question 77

Which Amazon S3 bucket policy can limit access to a specific object?

Answer 77

Using a custom prefix

Question 78

You need to select the correct computing options for your company’s workloads. Which EC2 instance type would bethe right choice for workloads that process datasets for high-performance databases?

Answer 78

Memory optimized

Question 79

You are learning about encryption options offered by AWS. You have created two EC2 instances. One of theinstances is for a file sharing server and the other is for a front-end web server.
As it relates to the shared responsibility model and the need for server-side encryption on a file system within anEC2 environment, who is responsible for encrypting data at rest?

Answer 79

The customer

Question 80

You want to work through a global community of AWS experts for generating greater demand for your company’sproducts and increasing visibility with AWS Sales and customers. Which of these options should you use for this?

Answer 80

AWS APN

Question 81

Your company wants to launch a few new web applications with minimal overhead. You want to deploy and operateyour applications on AWS Cloud in the easiest way without having to provision resources individually by yourself.Which tool should you use?

Answer 81

AWS Elastic Beanstalk

Question 82

You are creating an application that works with datasets that are highly connected and need a fully managed graphdatabase service. Which of these systems should you use for this?

Answer 82

Amazon Neptune

Question 83

Which AWS service should you use to reduce misreporting and non-compliance risk, save costs on cloudinfrastructure, and ensure non-compliant server usage is stopped before it occurs?

Answer 83

AWS License Manager

Question 84

You are using Amazon Elastic Compute Cloud (EC2) for running an application and want to send newsletters from this application to thousands of recipients. Which of the following AWS services should you use for this requirement?

Answer 84

Simple Email Service (Amazon SES)

Question 85

Your company wants to maintain reserve EC2 instances in multiple Availability Zones and Regions to ensureservices during a failover event. Which of the following systems should you use for this?

Answer 85

Regional Reserved Instances

Question 86

Which of these AWS support plans includes access to the Concierge?

Answer 86

Enterprise

Question 87

You are supporting a production AWS EC2 instance. You are notified that your AWS instance has a corrupted EBSvolume. What AWS resource would graphically identify the issue and allow you to create and configure forward-looking notifications across multiple channels?

Answer 87

AWS Personal Health Dashboard

Question 88

What is the main reason for using an Elastic IP address associated with your virtual private cloud account?

Answer 88

You have the ability to move network attributes from one instance toanother in one single step.

Question 89

What does Amazon recommend for protecting data in transit when you have a concern of accidental information disclosure?

Answer 89

IPSec ESP

Question 90

You are a SysOps engineer for a company that manages the distribution of music for a large record label. Music isdownloaded all across North America. Certain areas geographically download large amounts of music as comparedto other less populated areas. However, you are seeing a trend of customers complaining about the time it takes todownload their music.
What would be the most cost-effective solution?

Answer 90

Amazon CloudFront

Question 91

Which AWS caching solution has the ability to route traffic within AWS resources, such as EC2 instances, AmazonS3 buckets, and Elastic Load Balancing load balancers, while also routing user requests outside AWSinfrastructures using a cloud Domain Name System (DNS)?

Answer 91

Amazon Route 53

Question 92

Which two support cases can you create using AWS Support from the AWS Management Console? (Choose two.)

Answer 92

Account and billing
Service limit increase

Question 93

As it relates to the shared responsibility model, which security option is the customer’s responsibility?

Answer 93

Amazon Machine Images (AMIs)

Question 94

You work for a holding company that manages several other companies that support several different industries.You are tasked with setting up AWS accounts for each company within the holdings portfolio. You are also requiredto manage these accounts from a global perspective and keep up with the billing information related to these newAWS accounts.
Which of the following policies would best meet these requirements?

Answer 94

Use AWS Organizations

Question 95

Which of these AWS technologies will you use to create and integrate AWS services for the development toolchainof your project which can include build, deployment, and source control?

Answer 95

AWS CodeStar

Question 96

Which of the following options would describe a location where an AWS cluster data center is located?

Answer 96

Region

Question 97

What is the default number of virtual private clouds (VPCs) you can have within an individual Region?

Answer 97

50

Question 98

Which of the following statements are FALSE when creating an Amazon S3 bucket? (Choose all that apply.)

Answer 98

You cannot use uppercase letters in bucket names.

Question 99

AWS Trusted Advisor recommends using Auto Scaling groups to optimize resource utilization. This recommendation aligns with which pillar?

Answer 99

Cost Optimization

Question 100

Your manager tells you to find an Amazon cloud solution that has scalable object-level storage with a durability level of 99.999999999% that will support frequent access to data. What should you choose?

Answer 100

Amazon S3