Test 5

Question 1

Which service enables customers to audit and monitor changes in AWS resources?

a.
AWS Config
b.
Amazon GuardDuty
c.
Amazon Inspector
d.
AWS TrustedAdvisor

Answer 1

a.
AWS Config

Question 2

An architecture design includes Amazon EC2, an Elastic Load Balancer, and Amazon RDS. What is the BEST way to get a monthly cost estimation for this architecture?

a.
Collect the published prices of the AWS services and calculate the monthly estimate.
b.
Open an AWS Support case, provide the architecture proposal, and ask for a monthly cost of estimation
c.
Use the AWS Simple Monthly Calculator to estimate the monthly cost.
d.
Use the AWS Total Cost of Ownership (TCO) Calculator to estimate the monthly cost.

Answer 2

c.
Use the AWS Simple Monthly Calculator to estimate the monthly cost.

Question 3

Which service provides a user the ability to warehouse data in the AWS Cloud?

a.
Amazon VPC
b.
Amazon EFS
c.
Amazon RDS
d.
Amazon Redshift

Answer 3

d.
Amazon Redshift

Question 4

An external auditor needs to verify the compliance and security of the AWS data center facilities where a company’s data is stored. How should this request be addressed?

a.
Access the AWS Artifact portal and create an access URL for the auditor to download the required reports
b.
Create a support case using the AWS account root user credentials requesting that a concierge accompany the auditor to the facility.
c.
Access the AWS Artifact portal and download the required reports to provide to the auditor
d.
Contact an AWS technical account manager and request access to the next scheduled facility tour.

Answer 4

a.
Access the AWS Artifact portal and create an access URL for the auditor to download the required reports

Question 5

A system in the AWS Cloud is designed to withstand the failure of one or more components. What is this an example of?

a.
Agility
b.
High Availability
c.
Scalability
d.
Elasticity

Answer 5

b.
High Availability

Question 6

A cloud practitioner needs an Amazon EC2 instance to launch and run for 7 hours without interruptions. What is the most suitable and cost-effective option for this task?

a.
Dedication Host
b.
Reserved Instance
c.
Spot Instance
d.
On-Demand Instance

Answer 6

d.
On-Demand Instance

Question 7

How can moving to the AWS Cloud help users reduce the time dedicated to operating system patching? (SELECT TWO)

a. Users have the ability to use license-included Amazon EC2 Instances
b. AWS Professional Services will upgrade instances to the latest operating system versions.
c. Users can take advantage of AWS System Manager features.
d. Users can outsource operating system patching the AWS Support Team
e. Users can take advantage of managed services on AWS

Answer 7

c. Users can take advantage of AWS System Manager features.
e. Users can take advantage of managed services on AWS

Question 8

What can users access from AWS Artifact?

a.
A download of configuration management details for all AWS Resources.
b.
AWS security and compliance documents
c.
Training materials for AWS services
d.
A security assessment of the applications deployed in the AWS Cloud

Answer 8

b.
AWS security and compliance documents

Question 9

A web application is hosted on AWS using an Elastic Load Balancer, multiple Amazon EC2 Instances, and Amazon RDS. Which Security measures fall under the responsibility of AWS? (Select TWO)

a. Installing the latest security patches on the RDS instance
b. Running a virus scan on EC2 Instances
c. Configuring a security group and a network access control list (NACL) for EC2 instances.
d. Encrypting communication between the EC2 instances and the Elastic Load Balancer
e. Protecting against IP spoofing and packet sniffing

Answer 9

a. Installing the latest security patches on the RDS instance
e. Protecting against IP spoofing and packet sniffing

Question 10

What does the AWS Cloud provide to increase the speed and agility of execution for customers? (SELECT TWO)

a. Readily available resources with low provisioning times
b. Access to AWS Data Centers
c. Lower resource provisioning cost
d. Free Tier services usage
e. Scalable Compute Capacity

Answer 10

a. Readily available resources with low provisioning times
e. Scalable Compute Capacity

Question 11

Where can AWS Compliance and certification reports be downloaded?

a.
AWS Concierge
b.
AWS Artifact
c.
AWS Certificate Manager
d.
AWS Trusted Manager

Answer 11

b.
AWS Artifact

Question 12

Which AWS service provides a quick and automated way to create and manage AWS accounts?

a.
Amazon Lightsail
b.
AWS Organizations
c.
AWS QuickSight
d.
Amazon Connect

Answer 12

b.
AWS Organizations

Question 13

A user deploys an Amazon RDS DB instance in multiple Availability Zones. This strategy involves which pillar of the AWS Well-Architected Framework?

a.
Reliability
b.
Security
c.
Cost Optimization
d.
Performance efficiency

Answer 13

a.
Reliability

Question 14

The continual reduction of AWS Cloud pricing is due to

a.
pay-as-you-go pricing
b.
the AWS global Infrastructure
c.
Economies of scale
d.
Reserved storage pricing

Answer 14

c.
Economies of scale

Question 15

An application runs on multiple Amazon EC2 instances that access a shared file system simultaneously. Which AWS Storage service should be used?

a.
Amazon EFS
b.
Amazon EBS
c.
Amazon S3
d.
AWS Artifact

Answer 15

a.
Amazon EFS

Question 16

What is a key advantages of moving to the AWS Cloud?

a.
Trading variable expenses for capital expenses
b.
Decreased time to solution delivery
c.
There are no default service limits on AWS accounts
d.
Putting physical hardware into AWS managed data centers

Answer 16

b.
Decreased time to solution delivery

Question 17

Which functions can users perform using AWS KMS?

a.
Create and manage AWS access keys for an AWS account IAM user.
b.
Create and manage keys for multi-factor authentication
c.
Create and manage keys for encryption and decryption of data.
d.
Create and manage AWS access keys for the AWS account root user.

Answer 17

c.
Create and manage keys for encryption and decryption of data.

Question 18

When building a cloud Total Cost of Ownership (TCO) model, which cost elements should be considered for workloads running on AWS? (SELECT THREE)

a. Compute Costs
b. Hardware Lifecycle cost
c. Storage Costs
d. Data Transfer Costs
e. Facilities Costs
f. Network Infrastructure Cost

Answer 18

a. Compute Costs
c. Storage Costs
f. Network Infrastructure Cost

Question 19

A user has underutilized on-premises resources. Which AWS Cloud concept can BEST address this issue?

a.
Elasticity
b.
Security
c.
High availability
d.
Loose Coupling

Answer 19

a.
Elasticity

Question 20

A company’s web application currently has tight dependencies on underlying components, so when one component fails, the entire web application fails. Applying which AWS Cloud design principle will address the current design issue?

a.
Doubling EC2 computing resources to increase system fault tolerance
b.
Implementing elasticity, enabling the application to scale up or scale down as demand changes.
c.
Focusing on decoupling components by isolating them and ensuring individual components can function when other components fail
d.
Enabling several EC2 Instances to run in parallel to achieve better performance

Answer 20

c.
Focusing on decoupling components by isolating them and ensuring individual components can function when other components fail

Question 21

Which security service automatically recognizes and classifies sensitives data or intellectual property on AWS?

a.
Amazon Macie
b.
Amazon Inspector
c.
Amazon GuardDuty
d.
AWS Shield

Answer 21

a.
Amazon Macie

Question 22

Users are reporting latency when connecting to a website with a global customer base. Which AWS service will improve the customer experience by reducing latency?

a.
Amazon CloudFront
b.
AWS Transit Gateway
c.
Amazon EC2 Auto Scaling
d.
AWS Direct Connect

Answer 22

a.
Amazon CloudFront

Question 23

How can users protect against distributed denial of service (DDoS) attacks in the AWS Cloud?

a.
Monitor AWS CloudTrail logging
b.
Use Amazon CloudWatch Montioring
c.
Configure a firewall
d.
Use Amazon Redshift

Answer 23

c.
Configure a firewall

Question 24

Which AWS Service allows for effective cost management of multiple AWS Accounts?

a.
Amazon Connect
b.
AWS Trusted Advisor
c.
AWS Direct Connect
d.
AWS Organizations

Answer 24

d.
AWS Organizations

Question 25

A user wants guidance on possible savings when migrating from on-premises to AWS. Which tool is suitable for this scenario? a. AWS Total Cost of Ownership (TCO) Calculator b. Cost Explorer c. AWS Budgets d. AWS Well-Architected Tool

Answer 25

a. AWS Total Cost of Ownership (TCO) Calculator

Question 26

A company has multiple AWS accounts within AWS Organizations and wants to apply the Amazon EC2 Reserved Instances benefit to a single account only. Which action should be taken? a. Purchase the Reserved Instances in individual linked accounts and turn off Reserved Instance sharing from the payer level. Incorrect b. Purchase the Reserved Instances from master payer account and turn off Reserved Instance sharing. c. Enable Reserved Instance sharing in the AWS billing and Cost Management console d. Enable Billing alerts in the AWS billing and Cost Management Console. e. A user wants guidance on possible savings when migrating from on-premises to AWS

Answer 26

b. Purchase the Reserved Instances from master payer account and turn off Reserved Instance sharing.

Question 27

When designing a typical three-tier web application, which AWS services and/or features improve availability and reduce the impact failures? (SELECT TWO) a. Amazon VPC subnet ACLs to check the health of the service. b. AWS Server Migration Service (AWS SMS) To move Amazon EC2 Instances into a different region c. Distributed Resources across multiple AWS points of presence. d. AWS Auto Scaling for Amazon EC2 instances e. Distributed resources across multiple Availability Zones

Answer 27

d. AWS Auto Scaling for Amazon EC2 instances e. Distributed resources across multiple Availability Zones

Question 28

What is an Availability Zone in AWS? a. A completely isolated Geographic location b. A data center location with a single source of power and networking c. One or more edge locations based around the world d. One or more physical data centers

Answer 28

d. One or more physical data centers

Question 29

Which AWS services can be used to move data from on-premises data centers to AWS? (SELECT TWO) a. AWS ElastiCache b. Amazon API Gateway c. AWS Lambda d. AWS Snowball e. AWS Database Migration Service (AWS DMS)

Answer 29

d. AWS Snowball e. AWS Database Migration Service (AWS DMS)

Question 30

Under the shared responsibility model, which of the following is shared control between a customer and AWS? a. Zone Security b. Data Center Auditing c. Physical controls d. Patch management

Answer 30

d. Patch management

Question 31

Which components are required to build a successful site-to-site VPN Connection on AWS? (Select Two) a. Virtual Private Gateway b. Internet Gateway c. Customer Gateway d. Nat Gateway e. Transit Gateway

Answer 31

a. Virtual Private Gateway c. Customer Gateway

Question 32

Which AWS Services may be scaled using AWS Auto Scaling? (SELECT TWO) a. Amazon Route53 b. Amazon EC2 c. Amazon DynamoDB d. Amazon S3 e. Amazon Redshift

Answer 32

b. Amazon EC2 c. Amazon DynamoDB

Question 33

Which AWS service can run a managed Postgre SQL database that provides online transaction processing (OLTP)? a. Amazon RDS b. Amazon Athena c. Amazon DynamoDB d. Amazon EMR

Answer 33

a. Amazon RDS

Question 34

Which AWS storage service is designed to transfer petabytes of data in and out of the cloud? a. AWS Snowball b. Amazon LightSail c. AWS S3 Glacier Deep Archive d. AWS Storage Gateway

Answer 34

a. AWS Snowball

Question 35

For which of the following does an AWS user have the SOLE responsibility? a. Amazon Elastic Compute Cloud (Amazon EC2) instance health monitoring b. Durable data storage for AWS users. c. Data transfer in the Cloud d. User applications on Amazon EC2 instances

Answer 35

d. User applications on Amazon EC2 instances

Question 36

What are the immediate benefits of using the AWS Cloud? (SELECT TWO) a. Increased agility b. AWS holds responsibility for security in the cloud c. User control of Infrastructure d. Increased IT Staff e. Capital expenses are replaced with variable expenses

Answer 36

a. Increased agility e. Capital expenses are replaced with variable expenses

Question 37

One of the advantages to moving infrastructure from an on-premises data center to the AWS Cloud is a. it allows the business to leave servers unpatched. b. it allows the business to focus on business activities c. it allows the business to put a server in each customer's data center d. it allows the business to eliminate IT Bills

Answer 37

b. it allows the business to focus on business activities

Question 38

Which AWS service provides a simple way to set up a new multi-account AWS environment and govern it at scale? a. AWS Trusted Advisor b. AWS Security Hub c. AWS Control Tower d. AWS Resource Access Manager

Answer 38

c. AWS Control Tower

Question 39

Which AWS service or feature can enhance network security by blocking requests from a particular network for a web application on AWS? a. AWS Organizations b. AWS Direct Connect c. AWS WAF d. AWS Trusted Advisor e. Network ACLs

Answer 39

c. AWS WAF e. Network ACLs

Question 40

What are the benefits of using the AWS Cloud for companies with customers in many countries around the world? (SELECT TWO) a. Amazon Comprehend allows users to build applications that can respond to user requests in many languages. b. Elastic Load Balancing can distribute application web traffic to multiple AWS Regions around the world, which reduces latency. c. Amazon CloudFront has multiple edge locations around the world to reduce latency. d. Companies can deploy applications in multiple AWS Regions to reduce latency e. Amazon Translate automatically translates third-party website interfaces into multiple languages.

Answer 40

c. Amazon CloudFront has multiple edge locations around the world to reduce latency. d. Companies can deploy applications in multiple AWS Regions to reduce latency

Question 41

A company wants to set up a highly available workload in AWS with a disaster recovery plan that will allow the company to recover in case of a regional service interruption. Which configuration will meet these requirements? a. Run across two AWS Regions, using a third AWS Region for the disaster recovery site. b. Run on two Availability Zones in one AWS Region, using the additional Availability Zones in the AWS Regions for the disaster recovery site. c. Run on two Availability Zones in one AWS Region, using a local AWS Region for the disaster recovery site. d. Run on two Availability Zones in one AWS Region, using another AWS Region for the disaster recovery site.

Answer 41

d. Run on two Availability Zones in one AWS Region, using another AWS Region for the disaster recovery site.

Question 42

Which AWS service requires the customer to patch the guest operating system? a. Amazon Elasticsearch Service (Amazon ES) b. AWS Lambda c. Amazon ElastiCache d. Amazon EC2

Answer 42

d. Amazon EC2

Question 43

Which AWS service should be used to monitor Amazon EC2 instances for CPU and network utilization? a. AWS Config b. Amazon CloudWatch c. AWS CloudTrail d. Amazon Inspector

Answer 43

b. Amazon CloudWatch

Question 44

Under the AWS Shared Responsibility model, which of the following is a responsibility of AWS? a. Applying AWS IAM security policies b. Enabling server-side encryption for objects-stored in S3 c. Patching the operating system on an Amazon EC2 instance d. Applying updates to the hyper-visor

Answer 44

d. Applying updates to the hyper-visor

Question 44

To use the AWS CLI, users are required to generate a. A password policy b. a managed policy c. an access/secret key d. an API key

Answer 44

c. an access/secret key

Question 45

What does the Amazon S3 Intelligent-Tiering storage class offer? a. Automatic cost savings by moving objects between tiers based on access pattern changes b. Long-term retention of data by copying the data to an encrypted Amazon Elastic Block Store (Amazon EBS) volume c. Secure, durable and lowest cost storage for data archival d. Payment flexibility by reserving storage capacity

Answer 45

a. Automatic cost savings by moving objects between tiers based on access pattern changes

Question 46

Performing operations as a code is a design principle that supports which pillar of the AWS Well-Architected Framework? a. Reliability b. Security c. Performance efficiency d. Operational excellence

Answer 46

d. Operational excellence

Question 47

A company has a 500 TB image repository that needs to be transported to AWS for processing. Which AWS service can import this data MOST cost-effectively? a. AWS Snowball b. AWS VPN c. AWS S3 d. AWS Direct Connect

Answer 47

a. AWS Snowball

Question 48

Which Amazon EC2 Pricing model should be used to comply with per-core software licensing requirements? a. Dedicated Hosts b. Spot Instances c. On-Demand Instances d. Reserved Instance

Answer 48

a. Dedicated Hosts

Question 49

A user needs to identify all costs associated with a specific business unit that operates independently within a company. How can this be accomplished? a. Use AWS Organizations to create a separate account for the business unit. b. Ensure that the business unit adheres to the company's tagging strategy. c. Use AWS Budgets to set threshold alerts to ensure spending compliance. d. Isolate the business unit work into a previously unused AWS Region.

Answer 49

a. Use AWS Organizations to create a separate account for the business unit.

Question 50

AWS Can relieve a company's IT staff of which of the following IT tasks? (SELECT TWO) a. Creating database schemas b. Storage capacity planning c. Patching database software d. Setting up access controls for data e. Writing application code

Answer 50

b. Storage capacity planning c. Patching database software

Question 51

Which of the following are benefits of using AWS Trusted Advisor? (SELECT TWO) a. Improving security by proactively monitoring the AWS environment b. Providing high-performance container orchestration c. Creating and rotating encryption keys d. Implementing enforced tagging across AWS resources e. Detecting underutilized resources to save costs

Answer 51

a. Improving security by proactively monitoring the AWS environment e. Detecting underutilized resources to save costs

Question 52

A company needs an Amazon S3 bucket that cannot have any public objects due to compliance requirements. How can this be accomplished? a. Create a service to monitor all s3 uploads and remove any public uploads b. Hold a team meeting to discuss the importance of only uploading private S3 objects c. Enable S3 Block Public Access from the AWS Management Console d. Require all s3 objects to be manually approved before uploading

Answer 52

c. Enable S3 Block Public Access from the AWS Management Console

Question 53

AWS Budgets can be used to a. send an alert when the utilization of Reserved Instances drops below a certain percentage b. prevent a given user from creating a resource c. set resource limits in AWS accounts to prevent overspending d. split an AWS bill across multiple forms of payment

Answer 53

c. set resource limits in AWS accounts to prevent overspending

Question 54

Which of the following allows an application running on an Amazon EC2 instance to securely write data to an Amazon S3 bucket without using long-term credentials? a. AWS Shield b. Amazon Cognito c. AWS IAM Role d. AWS IAM user access key

Answer 54

c. AWS IAM Role

Question 55

Which AWS Service can be used to track resource changes and establish compliance? a. AWS Config b. Amazon CloudWatch c. AWS CloudTrail d. AWS Trusted Advisor

Answer 55

a. AWS Config

Question 56

Which AWS service allows companies to connect an Amazon VPC to an on-premises data center? a. Amazon Redshift b. API Gateway c. Amazon Connect d. AWS VPN

Answer 56

d. AWS VPN

Question 57

A company is considering migrating its application to AWS. The company wants to compare the cost of running the workload on-premises to running the equivalent workload on the AWS platform. Which tool can be used to perform this comparison? a. Cost Explorer b. AWS Billing and Cost Management console c. AWS Total Cost of Ownership (TCO) Calculator d. AWS Simple Monthly Calculator

Answer 57

c. AWS Total Cost of Ownership (TCO) Calculator

Question 58

A company wants to try a third-party ecommerce solution before deciding to use it long term. Which AWS service or tool will support this effort? a. AWS Marketplace b. AWS Service Catalog c. AWS Partner Network (APN) d. AWS Managed Services

Answer 58

a. AWS Marketplace

Question 59

A company is planning to launch an ecommerce site in a single AWS Region to a worldwide user base. Which AWS services will allow the company to reach users and provide low latency and high transfer speeds? (SELECT TWO) a. Application Load Balancer b. AWS Direct Connect c. AWS Global Accelerator d. Amazon CloudFront e. AWS Lambda

Answer 59

c. AWS Global Accelerator d. Amazon CloudFront

Question 60

The user is fully responsible for which action when running workloads on AWS? a. Patching the infrastructure components b. Maintaining the underlying infrastructure components c. Implementing controls to route application traffic d. Maintaining physical and environmental controls

Answer 60

c. Implementing controls to route application traffic

Question 61

A company has launched a product that requires private connectivity from an on-premises network to a VPC. Which AWS Service or functionality should the company use? a. AWS Direct Connect b. NAT gateway c. VPC Peering d. internet Gateway

Answer 61

a. AWS Direct Connect

Question 62

Which AWS tools automatically forecast future AWS costs? a. AWS Total Cost of Ownership (TCO) Calculator b. AWS Simple Monthly Calculator c. AWS Support Center d. Cost Explorer

Answer 62

d. Cost Explorer

Question 63

Which AWS service enables users to securely connect to AWS resources over the public internet? a. AWS Direct Connect b. AWS VPN c. AWS VPC peering d. Amazon Pinpoint

Answer 63

b. AWS VPN

Question 64

What is a value proposition of the AWS Cloud? a. AWS manages user applications in the AWS Cloud. b. No long-term contract is required c. Provision new servers in days. d. AWS is responsible for security in the AWS Cloud

Answer 64

b. No long-term contract is required