Prime 100 domande random Flashcards by Mop jan

What part of an Amazon Virtual Private Cloud (VPC) is considered stateful?

Security groups

How well did you know this?

Not at all

Perfectly

You have created a VPC for your company’s AWS deployment. You need to implement a way of controllingincoming and outgoing for your EC2 instance on the VPC. What would you use for this?

Security groups

How well did you know this?

Not at all

Perfectly

What type of storage option is a regional service that gives you the ability to store and manage files within the AWSCloud?

Amazon EFS
(Amazon Elastic File System)

How well did you know this?

Not at all

Perfectly

Which of these would you use for running programs that can automatically retrieve key costs related to various AWSservices?

AWS Cost Explorer

How well did you know this?

Not at all

Perfectly

Which two features are part of AWS Organizations?

Consolidating billing for multiple accounts

Controlling permission for accounts using SCPs

How well did you know this?

Not at all

Perfectly

if you wanted to route Internet traffic to your specific domain, what AWS resource should you use?

Amazon Route 53

How well did you know this?

Not at all

Perfectly

Which Amazon Kinesis tool lets you create time-series analytics using standard SQL queries against real-time data?

Amazon Kinesis Data Analytics

How well did you know this?

Not at all

Perfectly

You need to create a historical CPU report on your Amazon Elastic Compute Cloud (EC2) instance. How long doesAmazon CloudWatch keep metric data?

15 months

How well did you know this?

Not at all

Perfectly

You work for ABC corporation that is actively using Amazon S3 storage solutions. The company has files that are stored using Amazon S3, but they want to save costs because a majority of their files are not used after 40 days. However, they need the ability to recover files within a few minutes after the request to see a file. Which option below best meets these requirements?

Move the data to Amazon S3 Standard using Infrequent Access (IA)option after 40 days.

How well did you know this?

Not at all

Perfectly

You need to present a case to your company’s management for moving operations from an on-premises data centerto AWS Cloud. Which of these will help your company reduce its costs by moving to an AWS cloud deployment?(Select TWO.)

Using automation

Taking advantage of managed services

How well did you know this?

Not at all

Perfectly

You work for a financial services company, and you need to find a way to automatically detect and analyzehandwritten notes inside of financial reports. Which AWS service should you use?

Textract

How well did you know this?

Not at all

Perfectly

Which of the following statements is true when it comes to using route tables within your virtual private cloud (VPC)?

When your VPC is created, it automatically comes with a route table that can be modified.

How well did you know this?

Not at all

Perfectly

If you want to access the Internet from your Amazon EC2 instance and not use a public IP address, which networking component would you use to access the Internet?

NAT gateway

How well did you know this?

Not at all

Perfectly

Which Amazon storage option is a good solution if you need storage that offers block-level encryption, high reliability, and is highly available, while using applications that use fine-grained updates to raw unformatted data?

Amazon EBS

How well did you know this?

Not at all

Perfectly

Which Amazon Elastic Block Storage (EBS) storage type provides cost-effective storage for data that is typically accessed infrequently, with an IOPS of around 100?

HDD-backed volumes

How well did you know this?

Not at all

Perfectly

You are guiding an application development team to design a new system that needs to be high performing and resilient. Which architecture type should you implement to ensure that the failure of a single component does not bring the whole system down?

Microservices-based

How well did you know this?

Not at all

Perfectly

As an IT specialist with a cloud background, you are concerned with the overall recoverability of your data within thecloud. What does Amazon S3 offer to alleviate this concern?

Amazon S3 provides strong read-after-write consistency.

How well did you know this?

Not at all

Perfectly

You are a cloud technology consultant for a company that wants to expand its global operations using AWSRegions. What would you set as requirements for selecting the appropriate AWS Region for your business?

Maintaining regional data sovereignty
Reducing latency for users

How well did you know this?

Not at all

Perfectly

You have been managing your current production workload with several Reserved Instances for about 15 months.However, you have noticed a small and progressive increase in overall workload and want to make sure your EC2infrastructure can handle the bandwidth to support the increased workload.
What type of instance would meet this requirement?

On-Demand Instance

How well did you know this?

Not at all

Perfectly

Which of the following is considered a true advantage of cloud technology when decoupling from a data center?

Changing resources dynamically based on seasonal needs

How well did you know this?

Not at all

Perfectly

When does Amazon DynamoDB encrypt data at rest?

When the first rows of data enter the table

How well did you know this?

Not at all

Perfectly

You need to select an AWS Support plan for your organization that will include a technical account manager for additional support. Which would be the most economical option in this scenario?

Developer

How well did you know this?

Not at all

Perfectly

For which two situations will AWS Trusted Advisor recommend actions?

Weak IAM user password policies
EBS volumes with no snapshots

How well did you know this?

Not at all

Perfectly

Your boss asks you which storage option would allow the company to transfer petabytes of data between thecurrent AWS S3 storage solution and data that resides in the company-owned data center. Which option would you recommend?

AWS Snowball Edge

How well did you know this?

Not at all

Perfectly

Which perspective of the AWS Cloud Adoption Framework would you use to gain knowledge on updating the skills of the company staff and all company processes?

People

You need to run a certain software tool on AWS compute resources and allow your users to securely access asingle version of it using any device while ensuring high levels of performance. Which AWS system should you usefor this requirement?

Amazon AppStream

What security option gives you the ability to manage permissions for several different users at one time while controlling access to specific AWS resources?

IAM group

Which two tasks can you complete using AWS Artifact?

Access agreements made with AWS Create users to allow access to AWS resources

Which two statements are correct applications of VPC components?

Keep databases with customer personal data on a private subnet. Use a virtual private gateway to connect a VPC and office network.

You are supporting an application that requires that the EC2 instance be shut down after 5:00 PM every day. You want to make sure this is done automatically so you have configured the shut-down processing to use a Lambda function. For some reason, the application binaries are sporadically being corrupted and the corruption is related tothe shut-down process. Which of the following components can be used to identify the faulty EC2 instance?

Instance metadata

Which of these technologies should you use for securely connecting remote workers and on-premises networks to your AWS cloud?

AWS VPN

You are architecting a solution on AWS for your company and need to optimize costs by considering data transfer costs. Which of these actions incurs data transfer charges on AWS?

Data transferred across AWS Regions.

Your company has several AWS Cloud accounts and VPCs in all of them. You need to integrate several VPCs into a much larger network. Which two connectivity options can you use for this?

AWS Transit Gateway Software Site-to-Site VPN

You want to load balance connections from your EC2 instance to another application tier on the same network.Which type of load balancer would you choose to meet this requirement?

Internal load balancer

You have been working for your company for three years as a system administrator. You have been informed that you need to house several batch application servers. This application can be stopped and started at any point intime. Your task is to provision the needed EC2 infrastructures and your goal is to keep the cost to a minimum. Which type of instance should you consider?

Spot Instances

Which of the following actions is MOST aligned with the sustainability pillar of the AWS Well-ArchitectedFramework?

Terminating unused Elastic IPs to avoid unnecessary resource usage.

You are a cloud technology consultant working for a US Government agency. You are running web applicationsusing Elastic Compute Cloud (EC2) instances with attached Elastic Block Store (EBS) volumes for storing confidential user data like PII. You need to ensure security of both data-in-transit as well as data-at-rest for theinstances and their EBS volumes. How will you do this most efficiently?

Use AWS KMS Keys for Amazon EBS encryption.

You need to use an AWS service that allows you to automate evidence collection and perform risk and compliancemanagement. Which of these services should you use for this scenario?

AWS Audit Manager

Which two statements are true regarding AWS Regions and Availability Zones?

A Region can have several AZs. Each AZ has several data centers.

Amazon AppStream 2.0

What does Amazon recommend for protecting data in transit when connecting to a public cloud service that uses aRemote Desktop Protocol (RDP) connection?

X.509 certificate

What kind of strategy does Amazon offer for situations regarding accidental deletion within Amazon S3?

Versioning

You are asked to ensure that your company’s data storage is in sync with the necessary regulatory compliance requirements. Which AWS service helps you manage the encryption for data at rest on your AWS Cloud?

AWS KMS

Your company needs to link its on-premises systems to its cloud on AWS. Which of these technologies would allow you to create a secure connection from an on-premises data center to a VPC on AWS?

Virtual private gateway

You want to implement security measures that: Automatically enforce security policies across resources. Centralize the deployment of baseline security groups for VPC protection. Which of the following AWS services best supports these requirements?

AWS Firewall Manager

You want to monitor service limits related to Elastic IP addresses that are being used, active snapshots, and EBSvolumes. Which service would you use?

AWS Trusted Advisor

You are asked to create user accounts and configure their access permissions for a corporate AWS deployment. Which of these are IAM best practices you will use?

Use the principle of least privilege.

You want to use an AWS service that allows you to automate evidence collection and perform risk and compliancemanagement. Which of the following services should you use for this scenario?

AWS Audit Manager

You are creating an IAM policy using the visual editor from the IAM console. Which two key components will you beprompted to provide?

Choose a service Select an action

Which AWS service provides protection against DDoS attacks for free and is a key component of the Reliability pillar within the AWS framework?

AWS Shield

You are leading a new startup company and need to leverage AWS resources. Which of these entities is a startupprogram from AWS that provides resources and tools like AWS credits to eligible startups.

AWS Activate

What type of abuse is caused when an Amazon EC2 server is not patched and could be infected with a virus, worm, or Trojan horse?

Compromised resource

What type of internal Amazon user can be created to mimic a service, application, or person that has access to AWS resources?

IAM user

Your company needs to maintain reserve EC2 instances in multiple Availability Zones and Regions to ensureservices during a failover event. Which of these systems should you use for this?

Savings Plans

You need to allow your development team to efficiently package application code and its dependencies together tobe used across different systems. Which of these are container orchestration tools you use on AWS?

EKS ECS

Which of the following is a key pillar within the AWS framework?

Operational Excellence

The company you work for has been using an on-premises 15 TB MySQL database for about two years. Over the past 5 months, data has been constantly increasing at a rate of 800 GB per month. You have been tasked with migrating the data into an AWS cloud solution while also creating a read replica with under a 200-millisecond lag time between the primary and the read replica. Which database solution can you use to meet these requirements?

Amazon Aurora

Which AWS technology should you use for managing and exploring AWS resources and running AWS CLIcommands from a web browser without downloading specific command-line tools?

CloudShell

As your company’s AWS Cloud administrator, you have just logged in as the root user for the first time. What should you do immediately as a security best practice?

Turn on MFA for the root account.

For which two purposes do you need the AWS root account?

Changing the AWS account email address Changing the AWS support plan for the account

Which of the following security events would AWS Trusted Advisor look for within your AWS infrastructure?

Security groups with unrestricted access

Your boss tells you to find an inexpensive cloud solution for an EC2 environment that will only be needed for 9months. What is your best option?

Spot Instance

Amazon recommends their Amazon S3 Glacier services for which of the following situations?

Data is continually accessed and recovery time is less than 10 minutes.

You are instructed to create an Amazon RDS database environment. At the same time, you are advised that you need to understand how you are going to be billed based on your research and design of the newly created RDS environment. As of today, your EC2 instance has been connected for 8 hours and 45 minutes. Keep in mind that there are no setup fees and no minimums to be concerned with. Which billing option specifies how you would be billed?

Running time

You need to inventory all the IT assets across your systems as per their usage and analyze infrastructure dependencies and application components. You also need to perform resource grouping into applications. Which of these technologies will you use for this?

AWS Migration Hub

What Amazon security feature encrypts data at rest using AES-256 and is considered transparent to the end user within the Amazon S3 environment?

Encryption server side

You want to use an AWS service for centralized and automated data protection over multiple AWS services for both on-premises and in the cloud. Which of the following technologies should you use?

AWS Backup

You want to use a suitable technology for achieving single digit write and microsecond read speeds for a modern application with durability using multiple Availability Zones. Which of the following systems should you use for this?

Amazon MemoryDB for Redis

You have just created an EC2 instance using an AMI that uses a Linux Ubuntu operating system. A security report suggested that the operating system might need to be patched. How would you classify the operating system that needs to be patched, and whose responsibility is it to patch it?

Guest operating system, and the customer’s responsibility

What type of application could you use if you wanted to install security patches or service packs beyond the patchlevel from an AMI?

Bootstrapping

You are creating an application that works with datasets that are highly connected and need a fully managed graphdatabase service. Which of the following systems should you use for this?

Amazon Neptune

Which two actions can you perform using AWS Cost Explorer? (Choose two.)

View costs of resources by tags View your top five cost consuming services

Which AWS service should you use when you want to perform pricing for climate risk in a portfolio, reduce acompany’s carbon footprint, or align with new environmental, social, and governance (ESG) requirements?

AWS Data Exchange

Your boss wants you to find an inexpensive cloud solution that will support a production environment for longer thanthree years that uses a Linux platform. What type of instance will meet this requirement?

Reserved Instance

You need a way to automate the process of evidence collection so that you can easily assess the effectiveness ofcontrols, including activities, procedures, and policies. Which of the following AWS services should you use for this?

AWS Audit Manager

You want to perform modeling and provisioning for cloud resources needed by your applications across severalAWS Regions using automation. You also need to be able to perform rollbacks in case of any issues. Which AWSsystem should you use for this?

CloudFormation

Which Amazon S3 bucket policy can limit access to a specific object?

Using a custom prefix

You need to select the correct computing options for your company’s workloads. Which EC2 instance type would bethe right choice for workloads that process datasets for high-performance databases?

Memory optimized

You are learning about encryption options offered by AWS. You have created two EC2 instances. One of theinstances is for a file sharing server and the other is for a front-end web server. As it relates to the shared responsibility model and the need for server-side encryption on a file system within anEC2 environment, who is responsible for encrypting data at rest?

The customer

You want to work through a global community of AWS experts for generating greater demand for your company’sproducts and increasing visibility with AWS Sales and customers. Which of these options should you use for this?

AWS APN

Your company wants to launch a few new web applications with minimal overhead. You want to deploy and operateyour applications on AWS Cloud in the easiest way without having to provision resources individually by yourself.Which tool should you use?

AWS Elastic Beanstalk

You are creating an application that works with datasets that are highly connected and need a fully managed graphdatabase service. Which of these systems should you use for this?

Amazon Neptune

Which AWS service should you use to reduce misreporting and non-compliance risk, save costs on cloudinfrastructure, and ensure non-compliant server usage is stopped before it occurs?

AWS License Manager

You are using Amazon Elastic Compute Cloud (EC2) for running an application and want to send newsletters from this application to thousands of recipients. Which of the following AWS services should you use for this requirement?

Simple Email Service (Amazon SES)

Your company wants to maintain reserve EC2 instances in multiple Availability Zones and Regions to ensureservices during a failover event. Which of the following systems should you use for this?

Regional Reserved Instances

Which of these AWS support plans includes access to the Concierge?

Enterprise

You are supporting a production AWS EC2 instance. You are notified that your AWS instance has a corrupted EBSvolume. What AWS resource would graphically identify the issue and allow you to create and configure forward-looking notifications across multiple channels?

AWS Personal Health Dashboard

What is the main reason for using an Elastic IP address associated with your virtual private cloud account?

You have the ability to move network attributes from one instance toanother in one single step.

What does Amazon recommend for protecting data in transit when you have a concern of accidental information disclosure?

IPSec ESP

You are a SysOps engineer for a company that manages the distribution of music for a large record label. Music isdownloaded all across North America. Certain areas geographically download large amounts of music as comparedto other less populated areas. However, you are seeing a trend of customers complaining about the time it takes todownload their music. What would be the most cost-effective solution?

Amazon CloudFront

Which AWS caching solution has the ability to route traffic within AWS resources, such as EC2 instances, AmazonS3 buckets, and Elastic Load Balancing load balancers, while also routing user requests outside AWSinfrastructures using a cloud Domain Name System (DNS)?

Amazon Route 53

Which two support cases can you create using AWS Support from the AWS Management Console? (Choose two.)

Account and billing Service limit increase

As it relates to the shared responsibility model, which security option is the customer’s responsibility?

Amazon Machine Images (AMIs)

You work for a holding company that manages several other companies that support several different industries.You are tasked with setting up AWS accounts for each company within the holdings portfolio. You are also requiredto manage these accounts from a global perspective and keep up with the billing information related to these newAWS accounts. Which of the following policies would best meet these requirements?

Use AWS Organizations

Which of these AWS technologies will you use to create and integrate AWS services for the development toolchainof your project which can include build, deployment, and source control?

AWS CodeStar

Which of the following options would describe a location where an AWS cluster data center is located?

Region

What is the default number of virtual private clouds (VPCs) you can have within an individual Region?

Which of the following statements are FALSE when creating an Amazon S3 bucket? (Choose all that apply.)

You cannot use uppercase letters in bucket names.

AWS Trusted Advisor recommends using Auto Scaling groups to optimize resource utilization. This recommendation aligns with which pillar?

Cost Optimization

Your manager tells you to find an Amazon cloud solution that has scalable object-level storage with a durability level of 99.999999999% that will support frequent access to data. What should you choose?

Amazon S3