Questions from exams

Question 1

2 AWS Services with automatic data encryption

Answer 1

S3 and Storage Gateway

Question 2

Which AWS service enables you to make it easy to centrally manage access to multiple AWS accounts and business applications and provide users with single sign-on?

Answer 2

SSO (Single Sign On)

Question 3

Using AWS marketplace what two ways can sellers deliver software to customers?

Answer 3

AMIs and SaaSs

Question 4

Which AWS service lets you use Chef and Puppet to automate how servers are configured, deployed and managed across your EC2 instances or on-premises computer environments

Answer 4

AWS OpsWorks

Question 5

True or False; you can use CloudWatch for on-premises servcers?

Answer 5

True

Question 6

Which AWS service has an easy-to-use interface that lets you visualise, understand and manage your AWS costs and usage over time?

Answer 6

AWS Cost Explorer

Question 7

Which AWS services is an online tool that provides real-time guidance to help provision your resources following AWS best practices?

Answer 7

AWS Trusted Advisor

Question 8

Which AWS service enables you to access, audit and evaluate the configurations of your AWS resources?

Answer 8

AWS Config

Question 9

Which AWS service is an automated security assessment service that helps improve the security and compliance of applications deployed on your EC2 instances?

Answer 9

AWS Inspector

Question 10

Which AWS service is a fully-managed data security and data privacy service that uses machine learning and pattern matching to discover and protect sensitive data in AWS?

Answer 10

AWS Macie

Question 11

Which AWS service is a fully-managed extract, transform and load (ETL) service that makes it easy for customers to prepare and load their data for analytics?

Answer 11

AWS Glue

Question 12

Which AWS service turns text into life-like speech?

Answer 12

AWS Polly

Question 13

True or False; DynamoDB is schemaless?

Answer 13

True

Question 14

True or False; Redshift is schemaless?

Answer 14

False

Question 15

Which MFA device is a device that you can plug into a USB port on your computer?

Answer 15

U2F Security Key - Universal 2nd Factor Security Key

Question 16

Which AWS service allows marketers and developers to deliver customer-centric engagement experiences by capturing customer usage data to draw real-time insights

Answer 16

Amazon Pinpoint

Question 17

Which AWS service automates code deployments to any instance, including EC2 instances and instances running on-premises?

Answer 17

AWS CodeDeploy

Question 18

Which AWS service is a fully-managed source control service that hosts secure Git-based repositories?

Answer 18

AWS CodeCommit

Question 19

Which AWS service is a continuous delivery service that enables you to model, visualise and automate the steps required to release your software?

Answer 19

AWS CodePipeline

Question 20

Which AWS service gives the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount?

Answer 20

AWS Budgets

Question 21

Which AWS service allows you to centralise operational data from multiple AWS services and automate tasks across your AWS resources?

Answer 21

AWS Systems Manager

Question 22

Which AWS service helps you identify the optimal resource configurations and delivers recommendations for:
- EC2 instances
- EBS volumes
- EC2 Autoscaling groups
- Lambda functions
?

Answer 22

AWS Compute Optimizer

Question 23

Which AWS support level gives you access to online training and self-paced labs?

Answer 23

Enterprise support

Question 24

True or False; DynamoDB global tables replicates data automatically across your choice of AWS regions?

Answer 24

True

Question 25

True or False; DynamoDB global tables automatically scales capacity to accommodate your workloads?

Answer 25

True

Question 26

Which AWS service links your network directly to AWS?

Answer 26

AWs Direct Connect

Question 27

True or False; Foundations are part of the reliability pillar of the AWS Well-Architected Framework?

Answer 27

True

Question 28

What 3 services are part of Foundations?

Answer 28

• VPC
• Trusted Advisor
• Service Quotas

Question 29

Which AWS service enables you to privately connect your VPC to supported AWS services and are powered by AWS PrivateLink without requiring an Internet Gateway, NAT device, VPN connection or Direct Connect connection?

Answer 29

VPC Endpoints

Question 30

What are the six pillars of the Well-Architected Framework?

Answer 30

• Operational Excellence
• Security
• Reliability
• Performance Efficiency
• Cost Optimisation
• Sustainability

Question 31

Main purpose of RDS Multi-AZ deployments?

Answer 31

High Availability

Question 32

Main purpose of RDS Multi-region deployments?

Answer 32

Disaster recovery and local performance

Question 33

Main purpose of RDS Read replicas?

Answer 33

Scalability

Question 34

RDS Multi-AZ deployments non-Aurora uses synchronous or asynchronous replication?

Answer 34

Synchronous

Question 35

RDS Multi-AZ deployments Aurora uses synchronous or asynchronous replication?

Answer 35

Asynchronous

Question 36

RDS Multi-region deployments uses synchronous or asynchronous replication?

Answer 36

Asynchronous

Question 37

RDS Read replicas uses synchronous or asynchronous replication?

Answer 37

Asynchronous

Question 38

What refers to new IT resources being only a click away?

Answer 38

Agility

Question 39

Which AWS service are built by AWS Solutions Architects + Partners to help you deploy popular technologies on AWS, based on best practices for security and high availability. These accelerations reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately?

Answer 39

AWS Quick Starts

Question 40

Rule of thumb
- for resource performance monitoring, events and alerts, which service should you think of?

Answer 40

CloudWatch

Question 41

Rule of thumb
- for account specific activity and audit, which service should you think of?

Answer 41

CloudTrail

Question 42

Rule of thumb
- for specific change history, audit and compliance, which service should you think of?

Answer 42

Config

Question 43

A financial services company wants to ensure that its AWS account activity meets the governance, compliance and auditing norms. As a Cloud Practitioner, which AWS service would you recommend for this use-case?

Answer 43

CloudTrail

Question 44

Which AWS service checks your EC2 instances that were running at any time during the last 14 days and alerts you if the daily CPU utilization was 10% or less and network I/O was 5 MB or less on 4 or more days.

Answer 44

AWS Trusted Advisor

Question 45

Which AWS service analyses your AWS environment and provides best practice recommendations in five categories: Cost Optimization, Performance, Security, Fault Tolerance, Service Limits.

Answer 45

AWS Trusted Advisor

Question 46

A corporation would like to have a central user portal to log in to third-party business applications as well as accounts managed under AWS Organizations. As a Cloud Practitioner, which AWS service would you use for this task?

Answer 46

AWS Single Sign On (SSO)

Question 47

Which AWS service can check Amazon Elastic Block Store (Amazon EBS) volume configurations and warns when volumes appear to be underused?

Answer 47

AWS Trusted Advisor

Question 48

What rules does a Security Group have?

Answer 48

allow only rules

Question 49

What acts as a virtual firewall for your instance to control inbound and outbound traffic?

Answer 49

Security Groups

Question 50

What is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets?

Answer 50

Network Access Control List (NACL)

Question 51

What rules does a NACL (Network Access Control List) have?

Answer 51

A network ACL has separate inbound and outbound rules, and each rule can either allow or deny traffic.

Question 52

True of False; NAT (Network Address Translation) Gateway is managed by AWS?

Answer 52

True

Question 53

True of False; NAT (Network Address Translation) Instance is managed by AWS?

Answer 53

False, it is managed by you

Question 54

Which support plan provides architectural guidance that is contextual to your use-cases?

Answer 54

Business support plan

Question 55

Which support plan provides architectural guidance that is a consultative review and guidance based on your applications

Answer 55

Enterprise and Enterprise-on-ramp

Question 56

Which support plans have programmatic case management via the AWS Support API?

Answer 56

Business, Enterprise-on-ramp and Enterprise

Question 57

Which support plan have AWS Incident Detection and Response (for an additional fee)?

Answer 57

Enterprise

Question 58

Which support plan has access to a pool of Technical Account Managers?

Answer 58

Enterprise On-Ramp

Question 59

Which support plan has access to a Designated Technical Account Manager?

Answer 59

Enterprise

Question 60

Which support plans have access to account assistance via the Concierge Support Team?

Answer 60

Enterprise On-Ramp and Enterprise

Question 61

AWS Shield Advanced provides expanded DDoS attack protection for web applications running on which five resources?

Answer 61

• Route 53
• AWS Global Accelerator
• EC2
• ELB
• CloudFront

Question 62

Which AWS service is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale.

Answer 62

Amazon API Gateway

Question 63

Five AWS Services that support reservations to optimise costs

Answer 63

• EC2
• RDS
• DynamoDB
• EastiCache
• Redshift

Question 64

What EC2 instance storage is a good option when you need storage with very low latency, but you don’t need the data to persist when the instance terminates or you can take advantage of fault-tolerant architectures?

Answer 64

Instance Store

Question 65

True or False; EFS file system can be mounted on instances across multiple Availability Zones

Answer 65

True

Question 66

Each AWS Region consist of one or more Availability Zones?

Answer 66

False

Question 67

Each AWS Region consist of two or more Availability Zones?

Answer 67

True

Question 68

Each Availability Zone (AZ) consists of one or more discrete data centers?

Answer 68

True

Question 69

Each Availability Zone (AZ) consists of two or more discrete data centers?

Answer 69

False

Question 70

True or False; for EC2 reserved instances a 3 years term would always be more cost-effective than a 1-year term?

Answer 70

True

Question 71

Which AWS service creates a secure connection between your data center or branch office and your AWS cloud resources. This connection goes over the public internet.

Answer 71

Site-to-Site VPN

Question 72

Which AWS service is the industry-leading cloud big data platform for processing vast amounts of data using open source tools such as Hadoop, Apache Spark, Apache Hive, Apache HBase, Apache Flink, Apache Hudi, and Presto.

Answer 72

AWS EMR (Elastic MapReduce)

Question 73

EMR (Elastic MapReduce) is a serverless service?

Answer 73

False

Question 74

True or False; data transfer between EC2 instances and S3 within the same region is not charged?

Answer 74

True

Question 75

True or False; S3 has encryption enabled by default?

Answer 75

False

Question 76

True or False; CloudTrail Logs has encryption enabled by default?

Answer 76

True

Question 77

Which AWS service will help you receive alerts when the reservation utilization falls below the defined threshold?

Answer 77

AWS Budgets

Question 78

True or False; you can use AWS Budgets to set reservation utilization or coverage targets and receive alerts when your utilization drops below the threshold you define?

Answer 78

True

Question 79

A big data analytics company is moving its IT infrastructure from an on-premises data center to AWS Cloud. The company has some server-bound software licenses that it wants to use on AWS. As a Cloud Practitioner, which of the following EC2 instance types would you recommend to the company?

Answer 79

Dedicated Host

Question 80

True or False; Amazon EC2 Dedicated Hosts allow you to use your eligible software licenses from vendors such as Microsoft and Oracle on Amazon EC2?

Answer 80

True

Question 81

True or False; Dedicated Instances supports Bring Your Own License (BYOL)?

Answer 81

False, but Dedicated Hosts do

Question 82

Which of the AWS Support plans provides access to Infrastructure Event Management for an additional fee?

Answer 82

Business (Enterprise includes it as part of the plan)

Question 83

Which S3 tier is for data that is accessed less frequently, but requires rapid access when needed?

Answer 83

Standard-Infrequent Access (S3 Standard IA)

Question 84

True or False; To remove an AWS account from an AWS Organisation the AWS account must not have any Service Control Policies (SCPs) attached to it. Only then can it be removed from AWS Organisations?

Answer 84

False; this is not a pre-requisite to remove the AWS account.

Question 85

True or False; To remove an AWS account from an AWS Organisation the AWS account must be able to operate as a standalone account. Only then it can be removed from AWS organizations

Answer 85

True

Question 86

True or False; encryption is enabled by default on S3?

Answer 86

False

Question 87

True or False; The AWS encryption SDK is a client-side encryption library that is separate from the language–specific SDKs?

Answer 87

True

Question 88

What are the three best practice areas for reliability in the cloud?

Answer 88

• Foundations
• Change Management
• Failure Management

Question 89

True or False; Under the AWS Shared Responsibility Model, Configuration Management is a shared responsibility of both AWS and the customer?

Answer 89

True

Question 90

True or False; SQS cannot be used to monitor CPU utilization for EC2 instances or send emails?

Answer 90

True, use SNS instead

Question 91

What are the three fundamental drivers of cost with AWS?

Answer 91

• compute
• storage
• outbound data transfer.

Question 92

True or False; A VPC spans all of the Availability Zones in the Region?

Answer 92

True

Question 93

True or False; A subnet is a range of IP addresses within your VPC?

Answer 93

True

Question 94

True or False; A subnet spans only one Availability Zone in the Region?

Answer 94

True

Question 95

An online gaming company wants to block users from certain geographies from accessing its content. Which TWO AWS services can be used to accomplish this task?

Answer 95

• Route 53
• AWS WAF

Question 96

True or False; You can use Route 53 geolocation routing policy to block certain geographies?

Answer 96

True

Question 97

Which AWS service is a managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easy to set up and operate message brokers on AWS?

Answer 97

Amazon MQ

Question 98

True or False; Root account permissions cannot be restricted?

Answer 98

True

Question 99

Which AWS service can be used to store, manage, and deploy Docker container images?

Answer 99

Elastic Container Registry (ECR)

Question 100

S3 is a regional based or global service?

Answer 100

Regional, you specify an AWS Region when you create your Amazon S3 bucket

Question 101

Which AWS service helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources

Answer 101

AWS WAF (Web Application Firewall)

Question 102

Which AWS service is a threat detection service that monitors malicious activity and unauthorized behaviour to protect your AWS account. By analysing billions of events across your AWS accounts from:
- AWS CloudTrail
- VPC Flow Logs
- DNS Logs

Answer 102

AWS GuardDuty

Question 103

True or False; AWS GuardDuty can be used to protect from web exploits such as SQL injection and cross-site scripting?

Answer 103

False

Question 104

Which AWS service allows organizations to create and manage catalogues of IT services that are approved for use on AWS?

Answer 104

AWS Service Catalog

Question 105

An e-commerce company wants to assess its applications deployed on EC2 instances for vulnerabilities and deviations from AWS best practices. Which AWS service can be used to facilitate this?

Answer 105

AWS Inspector

Question 106

True or False; The AWS Developer Support plan allows one primary contact to open unlimited cases?

Answer 106

True

Question 107

A data analytics company has some data stored on Amazon S3 and wants to do SQL based analysis on this data with minimum effort. As a Cloud Practitioner, which AWS service will you suggest for this use case?

Answer 107

Amazon Athena

Question 108

Which AWS service is an interactive query service that makes it easy to analyse data in Amazon S3 using standard SQL.

Answer 108

Amazon Athena

Question 109

A startup is looking for 24x7 phone based technical support for his AWS account. What is the MOST cost-effective AWS support plan for this use-case?

Answer 109

Business

Question 110

Which AWS service provides a simple and secure way to connect to your Linux instances using Secure Shell (SSH)?

Answer 110

Amazon EC2 Instance Connect

Question 111

Which AWS service helps with global application availability and performance using the AWS global network?

Answer 111

AWS Global Accelerator

Question 112

Which AWS service improves the availability and performance of your applications with local or global users?

Answer 112

AWS Global Accelerator

Question 113

True or False; CloudFront can be used to improve application availability and performance using the AWS global network?

Answer 113

False, instead use Global Accelerator

Question 114

Which storage is ideal for the temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content, or for data that is replicated across a fleet of instances, such as a load-balanced pool of web servers?

Answer 114

Instance storage

Question 115

What are the four different budget types you can create under AWS Budgets?

Answer 115

• Cost budget
• Usage budget
• Reservation budget
• Savings Plans budget

Question 116

True or False; With AWS Backup, you pay only for the amount of backup storage you use and the amount of backup data you restore in the month?

Answer 116

True

Question 117

True or False; Amazon EBS Snapshot storage pricing is based on the amount of space your data consumes in EBS?

Answer 117

False, Snapshot storage is based on the amount of space your data consumes in Amazon S3

Question 118

True or False; You will pay a fee each time you read from or write data stored on the EFS - Infrequent Access storage class?

Answer 118

True

Question 119

Amazon EBS Snapshots are stored incrementally, which means you are billed only for the changed blocks stored

Answer 119

True, Amazon EBS Snapshots are a point in time copy of your block data. For the first snapshot of a volume, Amazon EBS saves a full copy of your data to Amazon S3. EBS Snapshots are stored incrementally, which means you are billed only for the changed blocks stored.

Question 120

True or False; AWS Shield Advanced is a free service for AWS Enterprise Support plan?

Answer 120

False, AWS Shield Advanced is a paid service for all customers, irrespective of the Support plan.

Question 121

True or False; AWS Shield Advanced offers protection against higher fees that could result from a DDoS attack?

Answer 121

True

Question 122

A leading research firm needs to access information available in old patents and documents (such as PDFs, Text Files, Word documents, etc) present in its huge knowledge base. The firm is looking for a powerful search tool that can dig into these knowledge resources and return the most relevant files/documents. Which is the correct AWS service to address this requirement?

Answer 122

AWS Kendra

Question 123

Which AWS service is an intelligent search service powered by machine learning. It reimagines enterprise search for your websites and applications so your employees and customers can easily find the content they are looking for, even when it’s scattered across multiple locations and content repositories within your organization.

Answer 123

AWS Kendra

Question 124

Which AWS service is a natural-language processing (NLP) service that uses machine learning to uncover information in unstructured data?

Answer 124

AWs Comprehend

Question 125

Which AWS service is a service for building conversational interfaces into any application using voice and text?

Answer 125

AWS Lex

Question 126

True or False; Amazon Redshift only supports Single-AZ deployments?

Answer 126

True

Question 127

True or False; Amazon EFS is a regional service storing data within and across multiple Availability Zones (AZs) for high availability and durability?

Answer 127

True

Question 128

True or False; EC2 instances can access files on an EFS file system across many Availability Zones but not across VPCs and Regions?

Answer 128

False

Question 129

True or False; Amazon EC2 instances can access your EFS file system across AZs, regions, and VPCs, while on-premises servers can access using AWS Direct Connect or AWS VPN.

Answer 129

True

Question 130

True or False; AWS Organizations can create separate invoices for development and production environments?

Answer 130

False

Question 131

An e-commerce company uses AWS Cloud and would like to receive separate invoices for development and production environments. What solution would you recommend for this use-case?

Answer 131

Create separate AWS accounts for development and production environments to receive separate invoices

Question 132

Amazon CloudWatch billing metric data is stored in which AWS Region?

Answer 132

US East (N. Virginia) - us-east-1

Question 133

True or False; for Cost Allocation Tags in AWS Billing: For each resource, each tag key must be unique, and each tag key can have only one value?

Answer 133

True

Question 134

True or False; for Cost Allocation Tags in AWS Billing: You must activate both AWS generated tags and user-defined tags separately before they can appear in Cost Explorer or on a cost allocation report?

Answer 134

True

Question 135

True or False; for Cost Allocation Tags in AWS Billing: For each resource, each tag key must be unique, but can have multiple values

Answer 135

False, each tag key can have only one value

Question 136

True or False; for Cost Allocation Tags in AWS Billing: Only user-defined tags need to be activated before they can appear in Cost Explorer or on a cost allocation report?

Answer 136

False, both kinds of tags (user-defined and AWS generated) need to be activated separately before they can appear in report generation.

Question 137

An organization maintains separate VPCs for each of its departments. With expanding business, the organization now wants to connect all VPCs for better departmental collaboration. Which AWS service will help the organization tackle the issue effectively?

Answer 137

AWS Transit Gateway

Question 138

Which AWS service connects VPCs and on-premises networks through a central hub. This simplifies your network and puts an end to complex peering relationships?

Answer 138

AWS Transit Gateway

Question 139

True or False; with a growing number of VPCs, connecting them using VPC Peering becomes difficult to manage?

Answer 139

True, for connecting multiple VPC together use Transit Gateway

Question 140

True or False; Redshift has encryption automatically enabled?

Answer 140

False

Question 141

True or False; S3 Glacier has encryption automatically enabled?

Answer 141

True

Question 142

Two components of an AWS Site-to-Site VPN?

Answer 142

Customer Gateway and Virtual Private Gateway

Question 143

Two mandatory elements of AWS Identity and Access Management (IAM) policies?

Answer 143

• Action
• Effect

Question 144

Trusted Advisor analyses your AWS environment and provides best practice recommendations for which 5 categories?

Answer 144

• Cost optimisation
• Performance
• Security
• Fault tolerance
• Service limits

Question 145

Which AWS Support plan provides general architectural guidance on how services can be used for various use-cases, workloads, or applications?

Answer 145

Business

Question 146

Which AWS service is a complimentary service to create data-driven business cases for AWS Cloud planning and migration?

Answer 146

AWS Migration Evaluator

Question 147

Security groups are stateful or stateless?

Answer 147

stateful, if you send a request from your instance, the response traffic for that request is allowed to flow in regardless of inbound security group rules

Question 148

NACL (Network Access Control Lists) are stateful or stateless?

Answer 148

Stateless - which means that responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa)

Question 149

What is the difference between warm-standby and pilot-light disaster recovery strategies?

Answer 149

Warm standby can handle traffic at reduced levels immediately. Pilot light requires you to first deploy infrastructure and then scale out resources before the workload can handle requests.

Question 150

Which AWS services can be used together to send alerts whenever the AWS account root user signs in (two)?

Answer 150

• CloudWatch
• SNS

Question 151

True or False; using AWS organisations, users can receive cost benefits of other user’s reserved instances only if they are in the same Availability Zone?

Answer 151

True

Question 152

True or False; You can use RDS Read Replicas for both improved read performance as well as Disaster Recovery

Answer 152

True

Question 153

Which AWS storage service can be directly used with on-premises systems?

Answer 153

EFS

Question 154

True or False, S3 can be directly used with on-premises systems?

Answer 154

False, S3 can be accessed from on-premises only via AWS Storage Gateway.

Question 155

Which AWS service is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS?

Answer 155

AWS Direct Connect

Question 156

True or False; Global Accelerator is a good fit for non-HTTP use cases?

Answer 156

True

Question 157

Which AWS service is a networking service that helps you improve the availability and performance of the applications that you offer to your global users?

Answer 157

AWS Global Accelerator

Question 158

True or False; Global Accelerator provides static IP addresses that act as a fixed entry point to your applications?

Answer 158

True

Question 159

True or False; Global Accelerator cannot be configured with an Elastic Load Balancer (ELB)?

Answer 159

False. A regional ELB load balancer is an ideal target for AWS Global Accelerator.

Question 160

True or False; Global Accelerator uses the AWS global network and its edge locations. But the edge locations used by Global Accelerator are different from Amazon CloudFront edge locations?

Answer 160

False, AWS Global Accelerator and Amazon CloudFront use the same edge locations.

Question 161

Which AWS service enables fast, easy, and secure transfers of files over long distances between your client and your Amazon S3 bucket?

Answer 161

S3 Transfer Accelerator

Question 162

Which AWS entity enables you to privately connect your VPC to an Amazon SQS queue?

Answer 162

VPC Interface Endpoint, this is supported by all services. Only S3 and DynamoDB support VPC Gateway Endpoint

Question 163

Which two AWS services are supported by VPC Gateway Endpoint?

Answer 163

S3 and DynamoDB

Question 164

True or False; Billing alarms can be triggered via Cost Explorer?

Answer 164

False

Question 165

True or False; S3 Glacier has no data retrieval fee?

Answer 165

False

Question 166

True or False; S3 Intelligent-Tiering does not charge any data retrieval fee?

Answer 166

True

Question 167

Which AWS tool/service will help you define your cloud infrastructure using popular programming languages such as Python and JavaScript?

Answer 167

AWS CDK (Cloud Development Kit)

Question 168

True or False; you use the AWS CDK framework to author AWS CDK projects which are executed to generate CloudFormation templates?

Answer 168

True

Question 169

Which IAM Security Tool shows the service permissions granted to a user and when those services were last accessed?

Answer 169

IAM Access Advisor

Question 170

Using which IAM Security Tool can generate and download a credential report that lists all users in your account and the status of their various credentials, including passwords, access keys, and MFA devices?

Answer 170

IAM Credentials Report

Question 171

True or False; IAM credentials report can be used to review permissions granted to a user?

Answer 171

False

Question 172

True or False; EC2 Auto Scaling can detect when an instance is unhealthy, terminate it, and replace it with a new one?

Answer 172

True

Question 173

How much data can you transfer per Snowmobile?

Answer 173

You can transfer up to 100PB per Snowmobile

Question 174

Which AWS service is a secure online data transfer service that simplifies, automates, and accelerates copying terabytes of data to and from AWS storage services?

Answer 174

AWS DataSync

Question 175

True or False; AWS Trusted Advisor can be used to get operational insights of AWS resources?

Answer 175

False, use Systems Manager for operational insights, not Trusted Advisor

Question 176

A Cloud Practitioner would like to get operational insights of its resources to quickly identify any issues that might impact applications using those resources. Which AWS service can help with this task?

Answer 176

AWS Systems Manager

Question 177

Which AWS service lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily?

Answer 177

AWS Cognito

Question 178

Which AWS service can be used to generate, use, and manage encryption keys on the AWS Cloud?

Answer 178

CloudHSM

Question 179

With which AWS service can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available?

Answer 179

SQS

Question 180

What billing timeframes is applied when running a Windows EC2 on-demand instance?

Answer 180

Pay per second

Question 181

True or False Total Cost of Ownership (TCO) refers to owning the infrastructure, I.e. on-premises, as opposed to via AWS

Answer 181

True

Question 182

True or False; Route 53 provides IP routing?

Answer 182

False

Question 183

True or False; Route 53 provides health checks and monitoring?

Answer 183

True

Question 184

Which AWS service lets you easily create and publish interactive BI dashboards that include Machine Learning-powered insights?

Answer 184

AWS Quicksight

Question 185

A company is looking at a service/tool to automate and minimize the time spent on keeping the server images up-to-date. These server images are used by EC2 instances as well as the on-premises systems.

Which AWS service will help achieve the company’s need?

Answer 185

Amazon EC2 Image Builder

Question 186

Which AWS service significantly reduces the effort of keeping EC2 images up-to-date and secure?

Answer 186

Amazon EC2 Image Builder

Question 187

What data sources are used by Amazon Detective to analyze events and identify potential security issues?

Answer 187

• AWS CloudTrail logs
• VPC Flow Logs
• Amazon GuardDuty findings

Question 188

Which AWS service allows you to connect any number of IoT devices to the cloud without requiring you to provision or manage servers?

Answer 188

AWS IoT Core

Question 189

Which AWS service provides the easiest way to set up and govern a new, secure, multi-account AWS environment based on best practices?

Answer 189

AWS Control Tower

Question 190

True or False; S3 buckets are region-specific?

Answer 190

True

Question 191

Which AWS service is a fast, reliable, fully-managed graph database service that makes it easy to build and run applications that work with highly connected datasets?

Answer 191

AWS Neptune

Question 192

Which AWS service is a fully managed service that allows you to join public blockchain networks or set up and manage scalable private blockchain networks using popular open-source frameworks?

Answer 192

Amazon Managed Blockchain

Question 193

True or False; QLDB is not a blockchain technology?

Answer 193

True

Question 194

Which AWS service runs MongoDB in AWS?

Answer 194

DocumentDB

Question 195

Which AWS service is a graphical user interface you can use to manage your AWS Snowball devices?

Answer 195

OpsHub

Question 196

Which services/tools offers a user-friendly graphical user interface to manage AWS Snowball devices without a need for command-line interface or REST APIs?

Answer 196

AWS OpsHub

Question 197

True or False; With Elastic Beanstalk, you can quickly deploy and manage applications in the AWS Cloud without having to learn about the infrastructure that runs those applications?

Answer 197

True

Question 198

True or False; AWS Elastic Beanstalk supports web applications built on different languages. But, Elastic Beanstalk cannot be used for deploying non-web applications?

Answer 198

False, non-web applications can also be deployed using Elastic Beanstalk.

Question 199

True or False; You can use Resource Groups to organize your AWS resources. Resource groups make it easier to manage and automate tasks on large numbers of resources at a time?

Answer 199

True

Question 200

Which AWS service is a DynamoDB-compatible caching service that enables you to benefit from fast in-memory performance for demanding applications.

Answer 200

DynamoDB Accelerator

Question 201

True or False, there is a scope for message loss in SNS?

Answer 201

True, because it is a push system, the destination may not be available when the message is sent, so the message may be lost

Question 202

Which free tool helps to review the state of your workloads and compares them to the latest AWS architectural best practices after you have answered a series of questions about your workload?

Answer 202

AWS Well-Architected Tool

Question 203

True or False; AWS WAF can be deployed on Amazon EC2 instances directly?

Answer 203

False

Question 204

AWS offers two types of Savings Plans, name both

Answer 204

• Compute Savings Plan
• EC2 Instance Savings Plan

Question 205

True or False; AWS has the concept of a Region, which is a physical location around the world where AWS clusters the data centers?

Answer 205

True

Question 206

True or False; AWS calls each group of logical data centers as an Availability Zone?

Answer 206

True

Question 207

True or False; All traffic between AZ’s is encrypted?

Answer 207

True

Question 208

You can use AWS Pricing Calculator to get a forecast of your spending for the next 12 months?

Answer 208

False

Question 209

You can use AWS Cost Explorer to get a forecast of your spending for the next 12 months?

Answer 209

True