Topic 3 Flashcards by Max Tremp

A company wants to try a third party ecommerce solution before deciding to use it long torm Which AWS
Orvice or tool will support this effort?
A. AWS Marketplace
B. AWS Partner Network (APN)
C. AWS Managed Services
D. AWS Service Catalog

Answer: A

How well did you know this?

Not at all

Perfectly

IT systems should be designed to reduce interdependencies, so that a change or failure in one component
does not cascade to other components
This is an example of which principle of cloud architecture design?
A. ScalabilityAWSCLOUD PRACTITIONER DUMPS
B. Loose coupling
C. Automation
D. Automatic scaling

Answer: B

How well did you know this?

Not at all

Perfectly

The ability to horizontally scale Amazon EC2 instances based on demand is an example of which concept in the AWSCloud value proposition?
A. Economy of scale
B. Elasticity
C. High availability
D. Agility

Answer: A

How well did you know this?

Not at all

Perfectly

When a company provisions web servers in multiple AWS Regions,what is being increased?
A. Coupling
B. Availability
C. Security
D. Durability

Answer: B

How well did you know this?

Not at all

Perfectly

Which AWS service helps users meet contractual and regulatory compliance requirements for data security
by using dedicated hardware appliances within the AWS Cloud?
A. AWS SecretsManager
B. AWS CloudHSM
C. AWS Key Management Service (AWS KMS),
D. AWS Directory Service

Answer: B

How well did you know this?

Not at all

Perfectly

Amazon Route 53 enables users to:
A. encrypt data in transit.
B. register DNS domain names
C. generate and manage SSL certificates OD.
D. establish a dedicated network connection to AWS

Answer: B

How well did you know this?

Not at all

Perfectly

How can an AWS user with an AWS Basic Support plan obtain technical assistance from AWS?
A. AWS Senior Support Engineers
B. AWSTechnical Account Managers
C. AWS Trusted Advisor
D. AWS Discussion Forums

Answer: C

How well did you know this?

Not at all

Perfectly

How can a company isolate the costs of production and non-production workloads on AWS?
A. Create identity and Access Management (IAM) roles for production and non-production workloads
B. Use different accounts for production and non-production expenses.
C. Use Amazon EC2 for non-production workloads and otherservices for production workloads.
D. Use Amazon CloudWatch to monitor the use of services

Answer: B

How well did you know this?

Not at all

Perfectly

Which AWS service or feature can be used to monitor CPU usage?
A. AWS CloudTrail
B. VPC Flow Logs
C. Amazon CloudWatch
D. AWS Config

Explanation:
Amazon CloudWatch is ma onitoring service for AWS cloud resources and the applications you run on
AWS. You can use Amazon CloudWatch to collect and track metrics, collect andmonitor log files, and set
alarms.

How well did you know this?

Not at all

Perfectly

A user is planning to migrate an application workload to the AWS Cloud Which control becomes the
responsibility of AWS once the migration is complete?
A. Patching the guest operating system
B. Maintaining physical and environmental controls
C. Protecting communications and maintaining zone security
D. Patching specific applications

Answer: B

How well did you know this?

Not at all

Perfectly

Which AWS service provides a quick and automated way to create and manage AWS accounts?
A. AWS QuickSight
B. Amazon Lightsail
C. AWSOrganizations
D. Amazon Connect

Answer: C

How well did you know this?

Not at all

Perfectly

Which AWS service can run a managedPostgreSQL database that provides online transaction processing
(OLTP)?
A. Amazon DynamoDB
B. Amazon Athena
C. Amazon RDS
D. Amazon EMR

Answer: C
Explanation:
https://aws.amazon.com/blogs/big-data/join-amazon-redshift-and-amazon-rds-postgresql-with-dblink/

How well did you know this?

Not at all

Perfectly

Users are reporting latency when connecting to an website with a global customer base. Which AWS service will improve the customer experience by reducing latency?
A. Amazon CloudFront
B. AWS Direct Connect
C. Amazon EC2 Auto Scaling
D. AWS Transit Gateway

Answer: A

How well did you know this?

Not at all

Perfectly

Which of the following are benefits of using AWS Trusted Advisor? (Select TWO.)
A. Providing high-performance containerorchestration
B. Creating and rotating encryption keys
C. Detecting underutilized resources to save costs
D. Improving security by proactively monitoring the AWS environment Implementing enforced tagging
across AWS resources

Answer: C

How well did you know this?

Not at all

Perfectly

TheAWS Trusted Advisor checks include recommendations regarding which of the following? (Select
TWO.)
A. Information on Amazon S3 bucket permissions
B. AWS service outages
C. Multi-factor authentication enabled on the AWS account root user
D. Available software patches
E. Number of users in the account

Answer: A D

How well did you know this?

Not at all

Perfectly

Which of the following can be used a second factor within the AWS Management Console for AWS
Multi-Factor Authentication (AWS MFA)?
A. AWS IAM password
B. AWS Certificate Manager certificate
C. U2F security key token
D. Access key or secret key

Answer: C

How well did you know this?

Not at all

Perfectly

Which AWS service helps identifymalicious or unauthorized activities in AWS accounts and workloads?
A. Amazon Rekognition
B. AWS Trusted Advisor
C. Amazon GuardDuty
D. Amazon CloudWatch

Answer: C

How well did you know this?

Not at all

Perfectly

Which AWS Support plan offers access to self-paced labs?
A. Business Support
B. Enterprise Support
C. Basic Support
D. Developer Support

Answer: B

How well did you know this?

Not at all

Perfectly

A company’s application running on Amazon EC2 is designed to use an Auto Scaling group to dynamically
add or remove instances as demand increases or decreases. This is an example of
which AWS Cloud architectural principle?
A. Loose coupling
B. Elasticity
C. Design for failure
D. Parallelism

Answer: B

How well did you know this?

Not at all

Perfectly

What are the multiple, isolated locations within an AWS Region that are connected by low-latency networks
called?
A. AWS Direct Connects
B. Amazon VPCs
C. Edge locations
D. Availability Zones

Answer: D
Explanation:
Each Region is completely independent. Each Availability Zone is isolated, but the Availability Zones in a
Region are connected through low-latency links. A Local Zone is an AWS infrastructure deployment that
places select services closer to your end users. A Local Zone is an extension of a Region that is in a
different location from your Region. It provides a high-bandwidth backbone to the AWS infrastructure and is
ideal for latency-sensitive applications, for example machine learning.
e:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html

How well did you know this?

Not at all

Perfectly

Which AWS dashboard displays relevant and timely information to help users manage events in progress,
and provides proactive notifications to help plan for scheduled activities?
A. AWS Service Health Dashboard
B. AWS Personal Health Dashboard
C. AWS Trusted Advisor dashboard
D. Amazon CloudWatch dashboard

Answer: B
Explanation:
https://d1.awsstatic.com/whitepapers/aws-overview.pdf
AWS Personal Health Dashboard AWS Personal HealthDashboard provides alerts and remediation
guidance when AWS is experiencing events that might affect you. While the Service Health Dashboard
displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources. The dashboard
displays relevant and timely information to help you manage events in progress, and provides proactive
notification to help you plan for scheduled activities. With Personal Health Dashboard, alerts are
automatically triggered by changes in the health of AWS resources, giving you event visibility and guidance
to help quickly diagnose and resolve issues.

How well did you know this?

Not at all

Perfectly

When building a cloud Total Cost of Ownership (TCO) model, which costelements should be considered for
workloads running on AWS? (Select THREE.)
A. Compute costs
B. Facilities costs
C. Storage costs
D. Data transfer costs
E. Network infrastructure costs
F. Hardware lifecycle costs

Answer: A E

How well did you know this?

Not at all

Perfectly

A company operating in the AWS Cloud requires separate invoices for specific environments, such as
development, testing, and production How can this be achieved? OA. Use multiple AWS accounts.
A. Use resource tagging
B. Use multiple VPCs.
C. Use Cost Explorer

Answer: A

How well did you know this?

Not at all

Perfectly

Where can users find a catalog of AWS-recognized providers of third-party security solutions?
A. AWS Service Catalog
B. AWS Marketplace
C. AWS Quick Start OD
D. AWS CodeDeploy

Answer: A Creo que realmente debería ser Marketplace

How well did you know this?

Not at all

Perfectly

Within the AWS Shared responsibility model, who is responsible for security and compliance? A. The customer is responsible B. AWS is responsible C. AWS and the customer share responsibility D. AWS shares responsibility with the relevant governing body

Answer: C

``` Which AWS services can be used as infrastructure automation tools? (Select TWO.) A. AWS CloudFormation B. Amazon CloudFront C. AWS Batch D. AWS OpsWorks E. Amazon QuickSight ```

Answer: A D

``` Which AWS services can be used to provide network connectivity between an on-premises network and a VPC? (Select TWO.) A. Amazon Route 53 B. AWS Direct Connect C. AWS Data Pipeline AWS VPN D. Amazon Connect ```

Answer: B

``` An ecommerce company anticipates a huge increasein web traffic for two very popular upcoming shopping holidays Which AWS service or feature can be configured to dynamically adjust resources to meet this change in demand? A. AWS Cloud Trail B. Amazon EC2 Auto Scaling C. Amazon Forecast D. AWS Config ```

Answer: B

Why is it beneficial to use Elastic Load Balancers with applications? A. They allow for the conversion from Application Load Balancers toClassic Load Balancers. B. They are capable of handling constant changes in network traffic patterns. C. They automatically adjust capacity D. They are provided at no charge to

Answer: B

What is an Availability Zone in AWS? A. One or more physical data centers B. A completely isolated geographic location C. One or more edge locations based around the world D. A data center location with a single source of power and networking

Answer: A

How does AWS charge for AWS Lambda usage once the free tier has been exceeded? (Select TWO) A. By the time it takes for the Lambda function to execute. B. By the number of versions of a specific Lambda function. C. By the number of requests made for a given Lambda function. D. By the programming language that is used for the Lambda function E. By the total number of Lambda functions in an AWS account

Answer: A C

A company is running an ecommerce application hosted inEurope. To decrease latency for users who access the website from other parts of the world, the company would like to cache frequently accessed static content closer to the users Which AWS service will support these requirements? A. Amazon ElastiCache B. Amazon CloudFront C. Amazon Elastic File System (Amazon EFS) D. Amazon Elastic Block Store (Amazon EBS)

Answer: C

Under the AWS shared responsibility model, which of the following is a customer responsibility? A. Installing security patches for the Xen and KVMhypervisors B. Installing operating system patches for Amazon DynamoDB C. Installing operating system security patches for Amazon EC2 database D. instances Installing operating system security patches for Amazon RDS database instances

Answer: C

What is a characteristic of Amazon S3 cross-region replication? A. Both source and destination S3 buckets must have versioning disabled B. The source and destination S3 buckets cannot be in different AWS Regions C. S3 buckets configured for cross-region replication canbe owned by a single AWS account or by different accounts D. The source S3 bucket owner must have the source and destination AWS Regions disabled for their account

Answer: C

A Cloud Practitioner must determine if any security groups in an AW account have been provisioned to allow unrestricted access for specific ports What is the SIMPLEST way to do this? A. Review the inbound rules for each security group in the Amazon EC2 management console to check for port 0.0.0.0/0. B. Run AWS Trusted Advisor and review the findings C. Open the AWS IAM console and check the inbound rule filters for open access D. In AWS Config, create a custom rule that invokes an AWS Lambdafunction to review firewall rules for inbound access

Answer: B

``` Which AWS services provide a user with connectivity between the AWS Cloud and onpremises resources? (Select TWO) A. AWS VPN B. Amazon Connect C. Amazon Cognito D. AWS Direct Connect E. AWS Managed Services ```

Answer: A D

Under the shared responsibility model, which of thefollowing tasks are the responsibility of the customer? (Choose two.) A. Maintaining the underlying Amazon EC2 hardware. B. Managing the VPC network access control lists. C. Encrypting data in transit and at rest. D. Replacing failed hard disk drives. E. Deploying hardware in different Availability Zones

Answer: B C Explanation: The hardware related jobs is the prime responsibility of AWS. VPC network access control lists is something a customer has to do himself to secure the applications. Encrypting data in transit and at rest is a shared responsibility in which AWS plays a part. All hardware related jobs have nothing to do with the customer. Reference: https://dzone.com/articles/aws-shared-responsibility-model-cloud-security

Which of the following allows an application running on an Amazon EC2 instance to securely write data to an Amazon S3 bucketwithout using long term credentials? A. Amazon Cognito B. AWS Shield C. AWS IAM role D. AWS IAM user access key

Answer: C

``` Which service is an AWS-managed Hadoop framework that makes it easy, fast, and cost effective to process large amounts of data across dynamically scalable Amazon EC2 instances? A. Amazon EMR B. Amazon EC2 C. AWS Elastic Beanstalk D. Amazon Redshift ```

Answer: A

``` Acompany is planning to launch an ecommerce site in a single AWS Region to a worldwide user base Which AWS services will allow the company to reach users and provide low latency and high transfer speeds? (Select TWO) A. Application Load Balancer B. AWS Global Accelerator C. AWS Direct Connect D. Amazon CloudFront E. AWS Lambda ```

Answer: D E creo que en lugar de lambda deberia ser cloud front, revisar

``` Which of thefollowing acts as a virtual firewall at the Amazon EC2 instance level to control traffic for one or more instances? A. Access keys B. Virtual private gateways C. Security groups D. Access Control Lists (ACL) ```

Answer: C

A company must store critical business data in Amazon S3 with a backup to another AWS Region How can this be achieved? A. Use an Amazon CloudFront Content Delivery Network (CDN) to cache data globally B. Set upAmazon S3 cross-region replication to another AWS Region C. Configure the AWS Backup service to back up the data to another AWS Region D. Take Amazon S3 bucket snapshots and copy that data to another AWS Region

Answer: B

When is itbeneficial for a company to use a Spot Instance? A. When there is flexibility in when an application needs to run. B. When there are mission-critical workloads. C. When dedicated capacity is needed. D. When an instance should not be stopped.

Answer: A Explanation: The key to understanding spot instances is to look at the way that cloud service providers such as Amazon Web Services (AWS) operate. Cloud service providers invest in hardware resources and then release those resources (often on a per-hour basis) to subscribers. One of the problems with this business model, however, is that at any given time, there are likely to be compute resources that are not being utilized. These resources represent hardware capacity that AWS has paid for but are sitting idle, and notmaking AWS any money at the moment. Rather than allowing these computing resources to go to waste, AWS offers them at a substantially discounted rate, with the understanding that if someone needs those resources for running a normal EC2 instance, that instance will take priority over spot instances that are using the hardware resources at a discounted rate. In fact, spot instances will be stopped if the resources are needed elsewhere. Reference: https://awsinsider.net/articles/2017/09/25/aws-spot-instances-primer.aspx

What does the Amazon S3 Intelligent-Tiering storage class offer? A. Paymentflexibility by reserving storage capacity B. Long-term retention of data by copying the data to an encrypted Amazon Elastic Block Store (Amazon EBS) volume C. Automatic cost savings by moving objects between tiers based on access pattern changes D. Secure,durable, and lowest cost storage for data archival

Answer: C

What is the total amount of storage offered by Amazon S3 A. 100 MB B. 5 GB OC C. 5 TB D. Unlimited

Answer: C

Which scenarios represent the concept of elasticity on AWS? (Choose two.) A. Scaling the number of Amazon EC2 instances based on traffic. B. Resizing Amazon RDS instances as business needs change. C. Automatically directing traffic to less-utilized Amazon EC2 instances. D. Using AWS compliance documents to accelerate the compliance process. E. Having the ability to create and govern environments using code.

Answer: A B Explanation: Reference: https://wa.aws.amazon.com/wat.concept.elasticity.en.html

A company is planning to launch a new steady-state workload on AWS that must be accessible 24 hours a day, 7 days a week. What is the MOST cost-effective Amazon EC2 pricing option? A. On-Demand Instances B. Spot Instances C. Reserved Instances D. Dedicated Hosts

Answer: A Suena a que debería de ser Reserved Instances

``` Which of the following automatically distributes application traffic across multiple targets, such as Amazon EC2 instances or containers? A. AWS Application Discovery Service B. AWS Resource Groups C. AWS Auto Scaling D. Elastic LoadBalancing ```

Answer: D

``` Where can users find a catalog of AWS-recognized providers of third-party security solutions? A. AWS Service Catalog B. AWS Marketplace C. AWS Quick Start D. AWS CodeDeploy ```

Answer: B

A company must ensure that its endpoint for a database instance remains the same after a single Availability Zone service interruption The application needs to resume database operations without the need for manual administrative intervention How can these requirements be met? A. Use multiple Amazon Route 53 routes to thestandby database instance endpoint hosted on AWS Storage Gateway B. Configure Amazon RDS Multi-Availability Zone deployments with automatic failover to the standby C. Add multiple Application Load Balancers and deploy the database instance with AWS ElasticBeanstalk. D. Deploy a single Network Load Balancer to distribute incoming traffic across multiple Amazon CloudFront origins

Answer: B

``` Which AWS service handles the deployment details of capacity provisioning, load balancing, Auto Scaling, and application health monitoring? A. AWS Config B. Amazon Route 53 C. Amazon CloudFront ```

Answer: B. Suena a que realmente es AWS config

What should users do if they want to install an application ingeographically isolated locations? A. Install the application using multiple internet gateways. B. Deploy the application to an Amazon VPC. C. Deploy the application to multiple AWS Regions D. Configure the application using multiple NAT gateways

Answer: C

What does the AWS Simple Monthly Calculator do? A. Compares on-premises costs to colocation environments B. Estimates monthly billing based on projected usage C. Estimates power consumption at existing data centers D. Estimates CPU utilization

Answer: B

Which AWS service or feature provides an additional layer of protection for user name and password authentication to the AWS Management Console? A. Amazon Cloud Directory B. AWS KMS AWS Multi-Factor C. Authentication(AWS MEA) D. Amazon Cognito

Answer: C

A company with a Developer-level AWS Support plan provisioned an Amazon RDS database and cannot connect to it. Who should the developercontact for this level of support? A. AWS Support using a support case B. AWS Professional Services C. AWS Technical Account Manager AWS consulting partners

Answer: A

A company has multiple AWS accounts within AWS Organizations and wants to apply the Amazon EC2 Reserved instances benefit to a single account only Which action should be taken? A. Purchase the Reserved Instances from master payer account and turn off Reserved Instance sharing. B. Enable billing alerts in the AWS Billing and Cost Management console C. Purchase the Reserved instances in individuallinked accounts and turn off Reserved Instance sharing from the payer level D. Enable Reserved Instance sharing in the AWS Billing and Cost Management console

Answer: C

The pay-as-you-go pricing model for AWS services: A. reduces capital expenditures. B. requires payment up front for AWS services C. is relevant only for Amazon EC2, Amazon S3, and Amazon RDS. D. reduces operational expenditures.

Answer: D

``` As part of the AWS shared responsibility model, which of the following operational controls do users fully inherit from AWS? A. Security management of data center B. Patch management C. Configuration management D. User and access management ```

Answer: D Explanation: Reference: https://aws.amazon.com/compliance/shared-responsibility-model/

Which of the following describes the relationships among AWS Regions, Availability Zones, and edge locations? (Select TWO) A. There are more AWS Regions than Availability Zones B. There are more edge locations than AWS Regions C. An edge location is an Availability Zone D. There are more AWS Regions than edge locations E. There are moreAvailability Zones than AWS Regions

Answer: B E

A company is releasing a business-critical application Before the release the company needs strategic planning assistance from AWS. During the release, it needs infrastructure event management and real-time Support How can these requirements be met? A. Access AWS Trusted Advisor B. Contact the AWS Partner Network (APN). C. Sign up for AWS Enterprise Support D. Contact AWS Professional Services

Answer: D

Which of the following benefits doesthe AWS Compliance program provide to AWS customers? (Choose two.) A. It verifies that hosted workloads are automatically compliant with the controls of supported compliance frameworks. B. AWS is responsible for the maintenance of common compliance framework documentation. C. It assures customers that AWS is maintaining physical security and data protection. D. It ensures the use of compliance frameworks that are being used by other cloud providers. E. It will adopt new compliance frameworks as they become relevant to customer workloads.

Answer: A B Explanation: Reference: https://d0.awsstatic.com/whitepapers/compliance/AWS_Risk_and_Compliance_Whitepaper.pdf

``` Which AWS IAM feature is used to associate a set of permissions with multiple users? A. Multi-factor authentication B. Groups C. Password policies D. Access keys ```

Answer: B Explanation: An IAM group is a collection of IAM users. You can use groups to specify permissions for a collection of users, which can make those permissions easier to manage for those users. For example, you could have a group called Admins and give that group the types of permissions that administrators typically need. Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/id.html

``` AWS CloudFormation is designed to help the user: A. model and provision resources B. update application code, C. set up data lakes D. create reports for billing ```

Answer: A

``` Which of the following services provides on-demand access to AWS compliancereports? A. AWS IAM B. AWS Artifact C. Amazon GuardDuty D. AWS KMS ```

Answer: B Explanation: AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS’ security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls. Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the Nondisclosure Agreement (NDA). Reference: https://aws.amazon.com/artifact/

which AWS toolsautomatically forecast future AWS costs? A. AWS Support Center B. AWS Total Cost of Ownership (TCO) Calculator C. AWS Simple Monthly Calculator D. Cost Explorer

Answer: C

Which Amazon S3storage class is optimized to provide access to data with lower resiliency requirements, but rapid access when needed, such as duplicate backups? A. Amazon S3 Standard B. Amazon S3 Glacier Deep Archive C. Amazon S3 One Zone Infrequent Access D. Amazon S3 Glacier

Answer: A

What are the benefits of using theAWS Cloud for companies with customers in many countries around the world? (Select TWO.) A. Companies can deploy applications in multiple AWS Regions to reduce latency. B. Amazon Translate automatically translates third-party website interfaces into multiple languages C. Amazon CloudFront has multiple edge locations around the world to reduce latency D. Amazon Comprehend allows users to build applications that can respond to user requests in many languages. E. Elastic Load Balancing can distribute application web traffic to multiple AWS Regions around the world, which reduces latency

Answer: A C

``` A company wants to expand its content delivery network infrastructure Which AWS service should be used? A. Amazon S3 B. Amazon CloudFront C. AWS Global Accelerator D. Amazon Route 53 ```

Answer: B

``` Which components are required to build a successful site-to-site VPN connection on AWS? (Select TWO.) A. Internet gateway B. NAT gateway C. Customer gateway D. Transit gateway E. Virtualprivate gateway ```

Answer: C E

A company needs an Amazon S3 bucket that cannot have any public objects due tocompliance requirements How can this be accomplished? A. Enable S3 Block Public Access from the AWS Management Console B. Hold a team meeting to discuss the importance of only uploading private S3 objects C. Require all S3 objects to be manually approved before uploading D. Create a service to monitor all S3 uploads and remove any public uploads

Answer: A | 71.

Which AWS tool is used to compare the cost of running an application on-premises to running the application in the AWS Cloud? A. AWS Trusted Advisor B. AWS Simple Monthly Calculator C. AWS Total Cost of Ownership (TCO)Calculator D. Cost Explorer

Answer: C

``` Which service can be used to monitor and receive alerts for AWS account root user AWS Management Console sign-in events? A. AmazonCloudWatch B. AWS Config C. AWS Trusted Advisor D. AWS IAM ```

Answer: A

A user needs to launch a workload in multiple AWS environments Each copy of the workload must have the same configuration What is the MOST efficient way to accomplish this task? A. Launch the resources using the AWS Management Console B. Use AWS CloudFormation to launch a stack. C. Execute a custom PowerShell script to launch the workloads. D. Use AWS OpsWorks to provision the workloads

Answer: D

Under the AWS shared responsibility model, AWS is responsible for what combination of the following? (Select TWO) A. Configuring network ACLS B. Managing physical access to AWS data centers C. Setting and maintaining Amazon S3 access permissions. D. Updating Amazon EC2 security groups E. Maintaining the hardware that constitutes the cloud

Answer: B E

``` When comparing AWS Cloud with on-premises Total Cost of Ownership, which expenses must be considered? (Choose two.) A. Software development B. Projectmanagement C. Storage hardware D. Physical servers E. Antivirus software license ```

Answer: C D Explanation: Reference: https://aws.amazon.com/blogs/aws/the-new-aws-tco-calculator/

A company has a 500 TB image repository that needs to be transported to AWS for processing. Which AWS service can import this data MOST cost-effectively? A. AWS Snowball B. AWS Direct Connect C. AWS VPN D. Amazon S3

Answer: A

Which method helps to optimize costs for users moving to the AWS Cloud? A. Paying only for what is used B. Purchasing hardware before it is needed C. Manually provisioning cloud resources D. Purchasing for the maximum possible load

Answer: A

A company wants to integrate conversational natural language chatbots into its existing application using voice and text. Which managed AWS service can be used for this use case? A. Amazon Lex B. Amazon Polly C. AmazonTextract D. Amazon Comprehend

Answer: C

``` Which of the following can a customer use to enable single sign-on (SSO) to the AWS Console? A. Amazon Connect B. AWS Directory Service C. Amazon Pinpoint D. Amazon Rekognition ```

Answer: B Explanation: Single sign-on only works when used on a computer that is joined to the AWS Directory Service directory. It cannot be used on computers that are not joined to the directory. Reference: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_single_sign_on.html

``` Which AWSservice provides on demand downloads of AWS security and compliance documentation? A. AWS Directory Service B. AWS Artifact C. AWS Trusted Advisor D. Amazon Inspector ```

Answer: B

``` Which AWS service is used to provide encryption for Amazon EBS? A. A AWS Certificate Manager B. AWS Systems Manager C. AWS KMS D. AWS Config ```

Answer: C

Which AWS service offers persistent storage for a file system? A. Amazon S3 B. Amazon EC2 instance store C. Amazon Elastic Block Store (Amazon EBS) D. Amazon ElastiCache

Answer: C

``` After migrating a workload to AWS, which associated costs must a user still manage? 364 of 65 Flag for Review A. Staff to manage the hardware assets B. Physical access control C. Software licenses D. Power and cooling ```

Answer: A

Which AWS service makes it easy to create and manage AWS users and groups, and provide them with secure access toAWS resources at no charge? A. AWS Direct Connect B. Amazon Connect C. AWS Identity and Access Management (IAM) D. AWS Firewall Manager

Answer: C

Which AWS services can be used to move data from on-premises data centers to AWS? (Select TWO.) A. AWS Snowball B. AWS Lambda C. Amazon ElastiCache D. AWS Database Migration Service (AWS DMS) E. Amazon API Gateway

Answer: A C esta mal elsticache sirve para acelear web pages con in memory db, deberia ser DMS

What is the purpose of AWSStorage Gateway? A. it ensures on-premises data storage is 99.999999999% durable. B. It transports petabytes of data to and from AWS. C. It connects to multiple Amazon EC2 instances. D. it connects on-premises data storage to the AWS Cloud

Answer: D

``` To use the AWS CLI, users are required to generate: A. a password policy. B. an access/secret key. C. a managed policy. D. an API key ```

Answer: B

An application runs on multiple Amazon EC2 instances that access a shared file system simultaneously Which AWS storage service should be used? A. Amazon EBS B. Amazon EFS C. Amazon S3 D. AWS Artifact

Answer: B

``` Which AWS service provides inbound and outbound network ACLs to harden external connectivity to Amazon EC2? A. AWS IAM B. Amazon Connect C. Amazon VPC D. Amazon API Gateway ```

Answer: C

``` Which AWS service or feature allows the user to manage cross-region application traffic? A. Amazon AppStream 2.0 B. Amazon VPC C. Elastic Load Balancer D. AmazonRoute 53 ```

Answer: B

``` Which security service automatically recognizes and classifies sensitive data or intellectual property on AWS? A. Amazon GuardDuty B. Amazon Macie C. Amazon Inspector D. AWSShield ```

Answer: C

``` Which of the following are benefits of the AWS Cloud? (Choose two.) A. Unlimited uptime B. Elasticity C. Agility D. Colocation E. Capital expenses ```

Answer: B C Explanation: The most celebrated benefit of AWS cloud is elasticity since you canexpand the services when you experience more traffic. Agile developments in AWS Cloud through strategies are day by day becoming more established within the enterprises across the world. With so much improvement and call for optimization in the cloud, it is necessary that these strategies get established from the ground up within the organizations. It is highly important as already enterprises have a lot of bequest, politics and hierarchies which act as barriers in their businesses. Reference: https://www.botmetric.com/blog/evolution-agile-enterprises-aws-cloud/

``` Which AWS service allows users to download security and compliance reports about the AWS infrastructure on demand? A. AmazonGuardDuty B. AWS Security Hub C. AWS Artifact D. AWS Shield ```

Answer: B

Which of the following are benefits of AWS Global Accelerator? (SelectTWO) A. Reduced cost to run services on AWS B. Improved availability of applications deployed on AWS C. Higher durability of data stored on AWS D. Decreased latency to reach applications deployed on AWS E. Higher security of data stored on AWS

Answer: B D

What is the MOST cost-effective instance type for an application with a steady, consistent workload that is hosted on an Amazon EC2 instance, which needs to operate for at least one year? A. Spot Instances B. Reserved Instances C. On-Demand Instances D. Dedicated Host

Answer: B

``` Which AWS tools or services can be used to list all AWS Lambda functions running in an account? (Select TWO) A. AWS CLI B. AWS CloudFormation C. AWS CloudTrail D. Amazon Cloud Directory ```

Answer: A C

A company has different AWS accounts for production and development resources Which AWS service provides billing for all AWS accounts consolidated into a single payment method? A. Amazon Connect B. Cost Explorer C. AWS Trusted Advisor D. AWS Organizations

Answer: D Explanation: https://aws.amazon.com/answers/account-management/aws-multi-account-billing-strategy/

What is the purpose of a policy in AWS Identity Access Management (IAM)? A. To define the run schedule of an Amazon EC2 instance B. To assign permissions to a role, group, or user C. To manage ports within a VPN D. To manage the access keys for an IAM user

Answer: B

A Cloud Practitioner needs a consistent and dedicated connection between AWS resources and an on premises system Which AWS service can fulfill this requirement? A. AWS Direct Connect B. AWSVPN C. Amazon Connect D. AWS Data Pipeline

Answer: C Esta mal debería ser Direct Connect

Topic 3 Flashcards

(99 cards)