Section 18 - Account Management, Billing & Support Flashcards

1
Q

With AWS Organizations, the main account is called the master account and all of the other accounts are called

Grogu accounts
Smaller accounts
Child accounts
Bastard stepchildren accounts

A

child accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

All of the following are cost benefits of AWS Organization (choose three)

A - Aggregate costs (volume discounts offered for services for combined accounts)

B - Consolidated bill (one bill to cover the multiple accounts)

C - Annual discount (only charged for 10.5 months)

D - Reserved Instance resource can be shared amongst accounts (pooling of EC2 reserved instances for optimal savings)

E - Discount on RDS and Dynamo DB services

A

`A, B, & D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

AWS Organizations can restrict account privileges usings:

Service Command Protocol (SCP)
Service Control Policy (SCP)
Service Planning Cannery (SPC)
Account Control (AC)

A

Service Control Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

With AWS Organization, ___ is available to automate account creation:

API
Cheap labor
JSON scripting
Account Creation Tool (ACT)

A

API

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AWS Organizations - two strategies for multiple accounts are (choose two)

One account with multiple VPCs
Rotating accounts
Slingshot account manuevers
Multiple accounts

A

one account with multiple VPCs
multiple accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

AWS multi account strategy (choose two)

enable CloudTrail on just the main account and send logs to central S3 account

send CloudWatch logs to all accounts

send CloudWatch logs to central account

enable Cloudtrail on all accounts and send logs to the central S3 account

A

send CloudWatch logs to the central account
enable CloudTrail on all accounts and send logs to S3 on just the central account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

True or False - When using AWS Organizations, you can nest OUs inside of other OUs

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

True or False:

Service Control Policies can be used to whitelist or blacklist IAM acionts

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Service Control Policy (SCP) can be applied at the following levels (choose two)

Bottom
Account
OU
Top

A

Account, OU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Service Control Policy is applied to:

Only the root user
Only the non root users and some roles
all the Users and Roles (including Root)
all the kings horses and all the kings men

A

all the Users and Roles (including Root)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

SCP (Service Control Protocol) (does/does not) affect service-linked roles

A

does not

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Service-linked roles:

enable other AWS services to integrate with AWS Organizations
enable other AWS roles to integrate with bagels and butter
prevent other AWS services from integrating with AWS Organizations
are made of chain metal

A

enable other AWS services to integrate with AWS Organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SCP (Service Control Protocol) (does/does not) apply to the Master Account

A

does not

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a typical use case for SCP (Service Control Protocol) - choose two

Enforce PCI compliance by explicitly disabling services
allow access to all services
restrict access to certain services (for example, can’t use EMR)
restrict access to accessing restrictions

A

enforce PCI compliance by explicitly disabling services
restrict access to certain services (for example, can’t use EMR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

with Service Control Policy, how many levels OU can be created

three
five
two
ten

A

five

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Deny List
Allow List

A - Most restrictive. actions are prohibited by default, and you specify what services and actions are allowed

B - Default setting. which is actions are allowed by default, and you specify what services and actions are prohibited

A

Deny - B
Allow - A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Deny List
Allow List

A - Most restrictive. actions are prohibited by default, and you specify what services and actions are allowed

B - Default setting. which is actions are allowed by default, and you specify what services and actions are prohibited

A

Deny - B
Allow - A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Service Control Policies (SCP) apply

apply to internal users and roles and external users
apply to external users only
apply to external users and internal users named Fred
apply to internal users only, not to external users

A

apply to internal users only, not to external users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

By default, AWS Organizations attaches an AWS managed policy called ____ to all roots, OUs, and accounts.

ManagedAll
FullAWSAccess
AWSAccess
ManagedAWSAccess

A

FullAWSAccess

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The _______ deny is when the administrator has selected the Deny option for a permission for a user or group. This Deny takes precedence over all allowed settings

Example: If the administrator has set the Deny Read option on an object for a group, all members of that group are not able to read the object. If the administrator adds a user and gives them the Allow Read permission, if that user is a member of that group, they still are not able to read the object.

Implicit
Implied
Declined
Explicit

A

Explicit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

An _____ deny is when a user or group are not granted a specific permission in the security settings of an object, but they are not explicitly denied either.

Granting permission to an object is done by the administrator adding the user or group to the object’s Access Control List (ACL) and selecting the Allow option for the Read, Modify or Delete permissions. If the administrator does not add the user or group to the object or doesn’t select the Allow or Deny options for any of the permissions, the user or group is ____ denied the permission to the object.

if you have the Management group with Read permission to a file but you want to allow one user in the Management group to Modify the file, you can add the individual user to the files permission and select the Allow option for the Modify permission. Using this method allows the individual user to modify the file even though the group they are in only has the Read permission. An _____ deny only denies a permission until the user or group is allowed to perform the permission.

Implicit
Implied
Declined
Explicit

A

implicit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Two benefits of Consolidated Billing (choose two)

combined usage (combine usage across all AWS accounts in AWS organization to share volume pricing, Reserved Instances, and Savings Plan discounts.

You get a 30% discount on the total bill

You get a 5% discount on the total bill

You get one bill for all AWS Accounts in the AWS Organization

A

combined usage (combine usage across all AWS accounts in AWS organization to share volume pricing, Reserved Instances, and Savings Plan discounts.

You get one bill for all AWS Accounts in the AWS Organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

True or False

The management account can turn off Reserved Instances discount sharing for any account in the AWS Organization, including itself.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

An easy way to set up and govern a secure and compliant multi-account AWS environment based on best practices

AWS Multi
AWS Organizations
AWS Control Tower
AWS MultiAccount

A

AWS Control Tower

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Just fyi - no question involved on this

AWS Control Tower benefits

  • automate the set up of your environment in a few clicks
  • automate ongoing policy management using guardrails
  • detect policy violations and remediate them
  • monitor compliance through an interactive dashboard
A

n/a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Lets you centrally manage your cloud resources to achieve governance at scale of your infrastructure as code (IaC) templates, written in CloudFormation or Terraform. With this service, you can meet your compliance requirements while making sure your customers can quickly deploy the cloud resources they need.

AWS Configure
AWS Monitor
AWS Service Catalog
AWS Guardrail

A

AWS Service Catalog

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Four difference pricing models:

1 - Pay as you go
2 - Save when you reserve
3 - Pay less using more
4 - Pay less as AWS grows

A - volume based discounts
B - pay for what you use, remain agile, responsive, meet scale demands
C - minimize risks, predictably manage budgets, comply with long-term requirements
D - nothing to say here lol

A

1 - B
2 - C
3 - A
4 - D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Reservations are available for (no correlating question)

EC2 Reserved Instances
DynamoDB Reserved Capacity
ElastiCaste Reserved Nodes
RDS Reserved Instance
Redshift Reserved Nodes

A

n/a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Free services where you don’t pay for the service but rather, for the resources created by the services (choose three)

Elastic Beanstalk
EC2
CloudFormation
IAM
Auto Scaling Group
VPC

A

Elastic Beanstalk
CloudFormation
Auto Scaling Group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Two examples of free tier service:

E2 large instance
S3, EBS, ELB, AWS Data transfer (up to a certain amount)
VPC
E2 micro instance

A

S3, EBS, ELB, AWS Data transfer (up to a certain amount)

E2 micro instance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

On-demand instances have a minimum runtime of

1 second
10 seconds
6 seconds
60 seconds

A

60 seconds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

On demand instances of Windows/Linux are charged

per every second
per every minute
per every hour
per every last breath of your dying body

A

per every second

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

on demand instances that are not Windows/Linux are charged

per every second
per every minute
per every hour
per every last breath of your dying body

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Reserved instances require a commitment of either (choose two)

one year
one week
three months
three years

A

one year

three years

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

How much discount it offered on Reserved Instances in comparison to on-demand

10%
33%
75%
25%

A

75%

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

How much discount it offered on Spot Instances in comparison to on-demand

90%
33%
75%
25%

A

90%

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

This type of instance is where you bid for the instance and could lose the instance should you be outbid by someone offering a higher price.

Reserved Instance
Bid Instance
Blink instance
Spot instance

A

Spot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Dedicated Host instances require a commitment of either (choose two)

one year
one week
three months
three years

A

one year
three years

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

This type of instance runs on hardware dedicated to you

Your Instance
Just4You Instance
Sole instance
Dedicated Host

A

Dedicated host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

This type of instance allows you to user your existing per-socket, or per-VM software license

Dedicated Host
Reserved Instance
Spot Instance
Savings Instance

A

Dedicated host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Dedicated host uses what type of billing (choose two)

Annual costs
Monthly
On-demand
Reserved for 1 or 3 years

A

on-demand
reserved for 1 or 3 years

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Can both be used to launch EC2 instances onto physical servers that are dedicated for your use (choose two)

Dedication Mode
Dedicated Hosts
Dedicated Instances
Dedicated Nodes

A

Dedicated Hosts
Dedicates Instances

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What are the pay factors for Lambda? (choose TWO)

Per API call
Per duration
Per duration x amount of RAM utilized
Per RAM utilized

A

per API call
per duration x amount of RAM utilized

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What are the pay factors for Fargate?

pay for vCPU and memory resources allocated to your applications
pay per gate
pay per SSD
pay per volume

A

pay for vCPU and memory resources allocated to your applications

45
Q

When using A-____ there is no cost but when using a B-____, there is a cost incurred

private IP
default gateway
internet gateway
public IP

A

A - public IP
B - private IP

46
Q

What are the three types of Savings Plans

Bridge Savings Plan
EC2 Savings Plan
Compute Savings Plan
Power Savings Plan
Machine Learning Savings Plan

A

EC2 Savings Plan
Compute Savings Plan
Machine Learning Savings Plan

47
Q

EC2 Savings Plan offers up to __% discount compared to On-Demand

25%
50%
72%
80%

A

72%

48
Q

Commit to a certain $ amount per hour for 1 or 3 years

Capacity Reserved Instance
On-Demand
Reserved Instance
Savings Plan

A

Savings Plan

49
Q

Compute Plan offers up to __% discount compared to On-Demand

25%
50%
66%
80%

A

66%

50
Q

Between the EC2 and Compute Savings Plan, which is more flexible?

A

Compute Savings Plan

51
Q

Which plan pricing is regardless of Family, Region, Size, OS, tenancy, compute options

EC2 Savings Plan
Compute Savings Plan
Versatile Savings Plan
Machine Learning Savings Plan

A

Compute Savings Plan

52
Q

Type of savings plan for machine learning services such as SageMaker

Machine Learning Savings Plan
SageMaker Savings Plan
Macho Savings Plan
EC2 Machine Savings Plan

A

Machine Learning Savings Plan

53
Q

You can get an estimate pricing for your savings plan at the following URL:

http://awsamazon/savingsplan.com
https://aws.amazon.com/savingsplans/pricing
https://awsamazon/savings-plan-pricing.com
https://aws.amazon.com/savingspricingplan

A

http://aws.amazon.com/savingsplans/pricing

54
Q

The Savings Plan is setup from the

AWS Budget
AWS Dashboard
AWS Savings Console
AWS Cost Explorer console

A

AWS Cost Explorer Console

55
Q

Reduce costs and improve performance by recommending optimal AWS resources for your workloads. Uses Machine Learning to analyze your resources configurations and their utilization CloudWatch metrics

AWS Analyzer
AWS Deterministic
AWS Compute Optimized
AWS CloudAnalyze

A

AWS Compute Optimized

56
Q

URL for AWS Pricing Calculator

https://calculatorawscom.com
https://calculator.aws
https//aws.com/calculator
https://calculator.aws.com

A

https://calculator.aws/

57
Q

A way to estimate your costs in the cloud.

AWS Estimator
AWS PricingEstimate
AWS Pricing Calculator
AWS PriceWise

A

AWS Pricing Calculator

58
Q

will show you all of the costs incurred for the month, the forecast and month to date

AWS Billing Dashboard
AWS Free Tier Dashboard
AWS Billing Site
AWS Cost Explorer

A

AWS Billing Dashboard

59
Q

will show you all of the resources used under the free tier

AWS Billing Dashboard
AWS Free Tier Dashboard
AWS Billing Site
AWS Cost Explorer

A

AWS Free Tier

60
Q

Cost and Usage Reports can be integrated and analyzed using (choose three)

Athena
RDS
DynamoDB
Redshift
QuickSight
MSWord

A

Athena
Redshift
QuickSight

61
Q

Provides a more granular insight into your costs and usage by running a report that can be integrated and analyzed with Athena, Redshift, or QuickSight

AWS Cost Explorer
AWS Billing Dashboard
AWS Costs and Usage Reports
AWS Free Tier

A

AWS Cost and Usage Reports

62
Q

Two types of tags

Resource
Freeze
Merit
Cost Allocation

A

Resource
Cost Allocation

63
Q

you can edit resource tags by

Going to “Resource Groups and Tag Editor” and select “Tag Editor”
Go to the Tag Dashboard
Go to the Editor Dashboard
Go to Cost Allocation tags

A

Going to “Resource Groups and Tag Editor” and select “Tag Editor”

64
Q

Provides a more granular insight into your costs and usage by using a more visual overlay and including forecasting

AWS Cost Explorer
AWS Billing Dashboard
AWS Costs and Usage Reports
AWS Free Tier Reports

A

AWS Cost Explorer

65
Q

True or False

AWS Cost Explorer and AWS Cost and Usage are both very similar but AWS Cost Explorer provides a more visual representation while AWS Cost and Usage allows to run of various report

A

True

66
Q

AWS Cost & Usage Reports (and AWS Cost Explorer) can run with which granularities (choose three)?

minute
second
daily
15 minute interval
hourly
monthly

A

hourly
daily
monthly

67
Q

If you’re looking for a service that will allow you to forecast your bill for up to 12 months ahead, you would use:

Cost & Usage Reports
Cost Explorer
Budgets
Bill and Chills

A

Cost Explorer

68
Q

Cost and Usage Reports take about how long to generate

1 hour
10 minutes
24 hours
60 minutes

A

24 hours

69
Q

Billing data metric is stored in which region?

us-west-2
us-central-1
us-east-1
us-north-2

A

us-east-1

70
Q

What three types of Budget can be created?

Usage
Cost
Service
Instance
Savings Plan
Reservation

A

Usage, Cost, Reservation, Savings Plan

71
Q

How many SNS notifications can be sent per budget?

10
5
1
100

A

5

72
Q

What is the price structure for Budgets?

Free Tier
Always Free
2 budgets free, then $.02/day/budget
$10/month

A

2 budgets free, then $.02/day/budget

73
Q

Continuously monitors your cost and usage using ML to detect unusual spends

AWS Anomaly
AWS MLAnalysis
AWS Cost Anomaly Detection
AWS ML Anomaly

A

AWS Cost Anomaly Detection

74
Q

AWS Cost Anomaly Detection monitors the following (select four)

AWS Services
AWS EC2 instances
Member accounts
S3 buckets
Cost Allocation tag
Cost categories

A

AWS Services
Member Accounts
Cost Allocation tags
Cost categories

75
Q

This service monitors all your quotas across AWS, you can get quota alerts via CloudWatch, and you can request quota increases directly from the console

AWS Quotas
AWS Quote Alarm
AWS Service Quotas
AWS Quato Alert

A

AWS Service Quotas

76
Q

Service provides high level AWS account assessment. Will analyze your accounts and provide recommendation on 5 categories

AWS Account Assessment
AWS Account Overview
AWS Trusted Advisor
AWS Account Stock

A

AWS Trusted Advisor

77
Q

Trust Advisor provides recommendations on five categories (Basic and Developer only get 7 specific checks whereas Business and Enterprise get all five):

Size
Speed
Cost Optimization
Fault Tolerance
Legality
Service Limits
Performance
Profitability
Security

A

Cost Optimization
Fault Tolerance
Service Limits
Performance
Security

78
Q

The Basic and Developer level accounts have access to how many Trusted Advisor core checks

1
5
7
10

A

7

79
Q

Choose 3 (of the 7) Trusted Advisor core checks from the list below

EBS Public Snapshots
EFS filesystem
Service Limits
RDS integrity
IAM Use (one IAM user minimum)

A

EBS Public Snapshots
Service Limits
IAM Use (one IAM user minimum)

80
Q

Choose 3 (of the 7) Trusted Advisor core checks from the list below

Security Groups - specific ports unrestricted (i.e SSH)
EFS filesystem
S3 Bucket permissions
RDS integrity
RDS Public snapshots

A

Security Groups - specific ports unrestricted
S3 Bucket permissions
RDS public snapshots

81
Q

Choose 3 (of the 7) Trusted Advisor core checks from the list below

EBS Public Snapshots
EFS filesystem
MFA on Root Account
RDS integrity
IAM Use (one IAM user minimum)

A

EBS Public Snapshots
MFA on Root Account
IAM Use (one IAM user minimum)

82
Q

Choose 3 (of the 7) Trusted Advisor core checks from the list below

EBS Public Snapshots
EFS filesystem
MFA on Root Account
RDS public snapshot
Organization integrity

A

EBS Public Snapshots
MFA on Root account
RDS public snapshot

83
Q

Business and Enterprise accounts get access to the following from Trusted Advisor (choose three)

The same 7 checks as Basic and Developer accounts
Full checks (200+) available on the 5 categories
12 checks (7 + 5)
Ability to set CloudWatch alarms when reaching limits
CloudTrail alerts
Programmatic Access using AWS Support API

A

Full checks available on the 5 categories
Ability to set CloudWatch alarms when reaching limits
Programmatic Access using AWS Support API

84
Q

Which two accounts have access to the AWS Support API

Basic
Developer
Business
Enterprise

A

Business
Enterprise

85
Q

How many checks are provided by Trusted Advisor

7
10
20
over 200

A

over 200

86
Q

What are the four different AWS support plans you can choose from?

Basic
Standard
Developer
DevOps
Business
Corporate
Enterprise

A

Basic
Developer
Business
Enterprise

87
Q

What type of AWS Support does this describe

Free

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Basic

88
Q

What type of AWS Support does this describe

Greater of $29 or 3% of monthly AWS charges

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Developer

89
Q

What type of AWS Support does this describe

Greater of $100 or
10% of monthly AWS charges for the first $0 - $10K
7% of monthly AWS charges from $10k - $80k
5% of monthly AWS charges from $80k - $250k
3% of monthly AWS charges over $250k

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Business

90
Q

What type of AWS Support does this describe

Greater of $5,500 or 10% of monthly AWS charges

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Enterprise On-Ramp

91
Q

What type of AWS Support does this describe

Greater of $15,000 or
10% of monthly AWS charges for the first $0 - $150K
7% of monthly AWS charges from $150k - $500k
5% of monthly AWS charges from $500k - $1M
3% of monthly AWS charges over $1M

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Enterprise

92
Q

What type of AWS Support does this describe

  • Customer Service & Communities - 24x7 access to customer service, documentation, whitepapers, and support forums.
  • AWS Trusted Advisor - access to the 7 core checks and guidance to provision your resources following best practices to increase performance and improve security
  • Personal Health Dashboard

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Basic

93
Q

What type of AWS Support does this describe

  • Basic Support Plan +
  • Business hours email access to Cloud Support Associates
  • Unlimited cases / 1 primary contact
  • Case severity / response times
    ==> general guidance < 24 business hours
    ==> System impaired: < 12 business hours

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Developer

94
Q

What type of AWS Support does this describe

Intended to be used for production workloads
Trusted Advisor - full set of checks & API access
24x7 phone, email, and chat access to Cloud Support Engineers
Unlimited cases / unlimited contacts
Access to infrastructure Event Management for additional fee
- Case severity / response times
==> general guidance < 24 business hours
==> System impaired: < 12 business hours
==> Production system impaired < 4 hours
==> Production system down < 1 hour

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Business

95
Q

What type of AWS Support does this describe

Intended to be used for production or business critical workloads
All of Business Support Plan +
Access to a pool of Technical Account Managers (TAM)
Concierge Support Team (for billing and account best practices)
infrastructure Event Management, Well-Architected & Operations Reviews
- Case severity / response times
==> general guidance < 24 business hours
==> System impaired: < 12 business hours
==> Production system impaired < 4 hours
==> Production system down < 1 hour
==> Business-critical system down < 30 minutes

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Enterprise On-Ramp

96
Q

Intended to be used for production or mission critical workloads
All of Business Support Plan +
Access to designatedTechnical Account Managers (TAM)
Concierge Support Team (for billing and account best practices)
infrastructure Event Management, Well-Architected & Operations Reviews
- Case severity / response times
==> general guidance < 24 business hours
==> System impaired: < 12 business hours
==> Production system impaired < 4 hours
==> Production system down < 1 hour
==> Business-critical system down < 15 minutes

Basic
Developer
Business
Enterprise On-Ramp
Enterprise

A

Enterprise

97
Q

Operate multiple accounts using

AWS Multiple
AWS Accounts
AWS Organizations
AWS ManyAccounts

A

AWS Organizations

98
Q

To setup guardrails and restrict power, use

AWS PowerLimit
AWS SCP (service control policies)
AWS Services
AWS Fukitall

A

AWS SCP (service control policies)

99
Q

Easily setup multiple accounts with best-practices

AWS Organizations
AWS Clock Tower
AWS MultiAccounts
AWS Legion

A

AWS Clock Tower

100
Q

For easy resource management and billing, you can use

Taggers
Allocation Costs
Use Tags & Cost Allocation Tag
Tags, Tags and more Tags

A

Use Tags & Cost Allocation Tag

101
Q

Choose four that represent IAM guidelines

password policy
reverse enginerring
MFA
most privilege
least privilege
password rotation

A

password policy
MFA
least privilege
password rotation

102
Q

Use this to record all resources configuration & compliance over time

Compliance Config
AWS Config
AWS Comply
AWS Configulrate

A

AWS Config

103
Q

A ____ is a collection of AWS resources that you can manage as a single unit.

Bundle
Group
Set
Stack

A

stack

104
Q

use to deploy stacks across accounts and regions

AWS Max
AWS ManyMove
AWS Stars
AWS Stacks

A

AWS Stacks

105
Q

To record API calls made within your account use

API Manager
CloudTrails
API Clouds
CloudWatch

A

CloudTrails

106
Q

If your account is compromised (choose three)

Scream
change root password
delete and recreate account from backup
rotate all passwords/keys
contact AWS Support

A

change root password
rotate all passwords/keys
contact AWS Support

107
Q

allows all users to create stacks defined by admins

AWS Service Catalog
AWS Stack Creator
AWS Stack Service
AWS Service Stack

A

AWS Service Catalog

108
Q

recommends resources configurations to reduce costs

Compute Minute
Resource Compute
Resource Recommend
Compute Optimizer

A

Compute Optimizer

109
Q

Difference between Budget and Cloudwatch alarms

  • 3pm
  • Budget can alarm you of forecasting over Budget, Cloud Watch can only alert if actually going over
  • The cost to use each service
  • Cloudwatch can alarm you of forecasting over Budget, Budget can only alert if actually going over
A

Budget can alarm you of forecasting over Budget, Cloud Watch can only alert if actually going over