Topic 4, 1-152

Question 1

Which AWS service is a content delivery network that securely delivers data, video, and applications to users globally with low latency and high speeds?

• AWS CloudFormation
• AWS Direct Connect
• AmazonCloudFront
• Amazon Pinpoint

Answer 1

Amazon CloudFront

Question 2

Which solution provides the FASTEST application response times to frequently accessed data to users in multiple AWS Regions?

• AWS CloudTrail across multiple Availability Zones
• Amazon CloudFront to edge locations
• AWS CloudFormation in multiple regions
• A virtual private gateway over AWS Direct Connect

Answer 2

Amazon CloudFront to edge locations

Question 3

Which AWS service can be used in the application deployment process?

• AWS AppSync
• AWS Batch
• AWS CodePipeline
• AWS DataSync

Answer 3

AWS CodePipeline

Question 4

Which benefit of the AWS clouds supporting matching the supply of resources with changing workloads demands?

• Security
• Reliability
• Elasticity
• High availability

Answer 4

Elasticity

Question 5

Which AWS tool cant they use?

• AWS Trusted Advisor
• AWS Systems Manager
• AWS Config
• AWS Service Catalog

Answer 5

AWS Trusted Advisor

Question 6

When a company provisions web servers in multiple AWS region what is being increased?

• Coupting
• Availability
• Security
• Durability

Answer 6

Availability

Question 7

What tasks should a customer perform when that customer suspects an AWS account has been compromised? (Select TWO)

• Rotate passwords and access keys.
• Remove MFA tokens.
• Move resources to a different AWS Region.
• Delete AWS CloudTrail Resources.
• Contact AWS Support.

Answer 7

Rotate passwords and access keys.

Contact AWS Support.

Question 8

Where should users report that AWS resources are being used for malicious purposes?

AWS Abuse team

AWS Shield

AWS Support

AWS Developer Forums

Answer 8

AWS Abuse team

Question 9

Which management service can be used to set alarms for AWS resources?

• Amazon CloudWatch
• Amazon Simple Notification Service (Amazon SNS)
• Amazon Simple Email Service (Amazon SES)
• AWS CloudTrail

Answer 9

Amazon CloudWatch

Question 10

When comparing the total cost of ownership (TCO) of on-premises infrastructure to a cloud architecture, what costs should be considered? (Select TWO.)

• The credit card processing fees for application transactions in the cloud.
• The cost of purchasing and installing server hardware in the on-premises data.
• The cost of administering the infrastructure, including the operating system and software installations, patches, backups, and recovering from failures.
• The costs of third-party penetration testing.
• The advertising costs associated with an ongoing enterprise-wide campaign.

Answer 10

The cost of purchasing and installing server hardware in the on-premises data.

The cost of administering the infrastructure, including the operating system and software installations, patches, backups, and recovering from failures

Question 11

What does AWS Marketplace allow users to do? (Choose two.)

• Sell unused Amazon EC2 Spot Instances.
• Sell solutions to other AWS users.
• Buy third-party software that runs on AWS.
• Purchase AWS security and compliance documents.
• Order AWS Snowball.

Answer 11

Sell solutions to other AWS users.

Buy third-party software that runs on AWS.

Question 12

According to the AWS shared responsibility model, what is AWS responsible for?

• Configuring Amazon VPC
• Managing application code
• Maintaining application traffic
• Managing the network infrastructure

Answer 12

Managing the network infrastructure

Question 13

What does it mean if a user deploys a hybrid cloud architecture on AWS?

• All resources run using the on-premises infrastructure.
• Some resources run on-premises and some run in a colocation center.
• All resources run in the AWS Cloud.
• Some resources run on-premises and some run in the AWS Cloud.

Answer 13

Some resources run on-premises and some run in the AWS Cloud

Question 14

Which architectural principle is used when deploying an Amazon Relational Database Service (Amazon RDS) instance in Multiple Availability Zone mode?

• Implement loose coupling.
• Design for failure.
• Automate everything that can be automated.
• Use services, not servers.

Answer 14

Design for failure.

Question 15

Treating infrastructure as code in the AWS Cloud allows users to:

• automate migration of on-premises hardware to AWS data centers.
• let a third party automate an audit of the AWS infrastructure.
• turn overapplication code to AWS so it can run on the AWS infrastructure.
• automate the infrastructure provisioning process.

Answer 15

automate the infrastructure provisioning process.

Question 16

A Cloud Practitioner needs to store data for 7 years to meet regulatory requirements.
Which AWS service will meet this requirement at the LOWEST cost?

• Amazon S3
• AWS Snowball
• Amazon Redshift
• Amazon S3 Glacier

Answer 16

Amazon S3 Glacier

Question 17

Which Amazon EC2 pricing model is the MOST cost-efficient for an uninterruptible workload that runs once a year for 24 hours?

• On-Demand Instances
• Reserved Instances
• Spot Instances
• Dedicated Instances

Answer 17

On-Demand Instances

Question 18

According to the AWS Well-Architected Framework, what change management steps should be taken to achieve reliability in the AWS Cloud? (Select TWO.)

• Use AWS Contig to generate an inventory of AWS resources
• Use service limits to prevent users from creating or making changes to AWS resources.
• Use AWS CloudTrail to record AWS API calls into an auditable log file
• Use AWS Certificate Manager to whitelist approved AWS resources and services.
• Use Amazon GuardDuty to validate configuration changes made to AWS resources

Answer 18

Use service limits to prevent users from creating or making changes to AWS resources.

Use Amazon GuardDuty to validate configuration changes made to AWS resources

Question 19

A user has underutilized on-premises resources. Which AWS Cloud concept can BEST address this Issue?

• High availability
• Elasticity
• Security
• Loose coupling

Answer 19

Elasticity

Question 20

A user wants a recommendation on how to optimize the cost and performance of their AWS environment?

Which AWS tool can they use?

• AWS trusted Advisor
• AWS Systems Manager
• AWS Config
• AWS Service Catalog

Answer 20

AWS trusted Advisor

Question 21

A user deploys an Amazon RDS DB instance in multiple Availability Zones. This strategy involves which pillar of the AWS WelI-Architected Framework?

Performance efficiency
Reliability
Cost optimization
Security

Answer 21

Reliability

Question 22

A company is considering migrating its applications to AWS. The company wants to compare the cost of running the workload on-premises to running the equivalent workload on the AWS platform.
Which tool can be used to perform this comparison?

• AWS Simple Monthly Calculator
• AWS Total Cost of Ownership (TCO) Calculator
• AWS Billing and Cost Management console
• Cost Explorer

Answer 22

AWS Total Cost of Ownership (TCO) Calculator

Question 23

A customer runs anOn-Demand Amazon Linux EC2 instance for 3 hours, 5 minutes, and 6 seconds.
For how much time will the customer be billed?

• 3 hours, 5 minutes
• 3 hours, 5 minutes, and 6 seconds
• 3 hours, 6 minutes
• 4 hours

Answer 23

3 hours, 5 minutes, and 6 seconds

Question 24

Which of the following identify and access management entitles is associated with an access key id and secret access key when using AWS command-line interface?

• IAM group
• IAM user
• IAM role
• IAM policy

Answer 24

IAM user

Question 25

A web application running on AWS has been spammed with malicious requests from a recurring set of IP addresses.
Which AWS service can help secure the application and block the malicious traffic?

• AWS IAM
• Amazon GuardDuty
• Amazon Simple Notification Service (Amazon SNS)
• AWS WAF

Answer 25

AWS WAF

Question 26

Which principles are used to architect applications for reliability on the AWS Cloud? (Choose two.)

• *-**Design for automated failure recovery
• Use multiple Availability Zones
• Manage changes via documented processes
• Test for moderate demand to ensure reliability
• Backup recovery to an on-premises environment

Answer 26

-Design for automated failure recovery

-Backup recovery to an on-premises environment

Question 27

Which AWS service identifies security groups that allow unrestricted access to a user’s AWS resources?

• AWS CloudTrail
• AWS Trusted Advisor
• Amazon CloudWatch
• Amazon Inspector

Answer 27

AWS Trusted Advisor

Question 28

What is an AWS Cloud design best practice?

Tight coupling of components
Single point of failure
High availability
Overprovisioning of resources

Answer 28

Tight coupling of components

Question 29

Which AWS service or feature allows a company to visualize, understand, and manage AWS costs and usage over time?

AWS Budgets
AWS Cost Explorer
AWS Organizations
Consolidated billing

Answer 29

AWS Cost Explorer

Question 30

How does AWS MOST effectively reduce computing costs for a growing start-up company?

• It provides on-demand resources for peak usage.
• It automates the provisioning of individual developer environments.
• It automates customer relationship management.
• It implements a fixed monthly computing budget.

Answer 30

It provides on-demand resources for peak usage.

Question 31

Under the AWS shared responsibility model, AWS is responsible for which security-related task?

Lifecycle management of IAM credentials
Physical security of global infrastructure
Encryption ofAmazon EBS volumes
Firewall configuration

Answer 31

Physical security of global infrastructure

Question 32

Under the AWS shared responsibility model, customer responsibilities include which one of the following?

• Securing the hardware, software, facilities, and networks that run all products and services.
• Providing certificates, reports, and other documentation directly to AWS customers under NDA.
• Configuring the operating system, network, and firewall.
• Obtaining industry certifications and independent third-party attestations.

Answer 32

-Configuring the operating system, network, and firewall.

Question 33

Which actions support the reliability pillar of the AWS Architected Framework? (Select TWO.)

• *-**Enforce higher security specifically in regard to designed for failure.
• Ensure that backend components include multiple Availability Zone deployments.
• Avoid the use of automatic scaling to simplify the cloud architecture.
• Enable object versioning within Amazon S3 and replicating data to another AWS Region.
• Include an Application Load Balancer to distribute traffic to multiple Amazon EC2 instance in separate Availability Zones

Answer 33

Ensure that backend components include multiple Availability Zone deployments.

Enable object versioning within Amazon S3 and replicating data to another AWS Region.

Question 34

Which of the following is the responsibility of AWS?

• Setting up AWS Identity and Access Management (IAM) users and groups
• Physically destroying storage media at end of life
• Patching guest operating systems
• Configuring security settings on Amazon EC2 instances

Answer 34

-Physically destroying storage media at end of life

Question 35

What will help a company perform a cost benefit analysis of migrating to the AWS Cloud?

• Cost Explorer
• AWS Total Cost of Ownership (TCO)Calculator
• AWS Simple Monthly Calculator
• AWS Trusted Advisor

Answer 35

-AWS Total Cost of Ownership (TCO)Calculator

Question 36

A user needs an automated security assessment report that will identify unintended network access to Amazon EC2 instances and vulnerabilities on those instances.
Which AWS service will provide this assessment report?

• EC2 security groups
• AWS Config
• Amazon Macie
• Amazon Inspector

Answer 36

Amazon Inspector

Question 37

Which AWS service can be used to generate alerts based on an estimated monthly bill?

• AWS Config
• Amazon CloudWatch
• AWS X-Ray
• AWS CloudTrail

Answer 37

Amazon CloudWatch

Question 38

Using AWS Identity and Access Management (IAM) to grant access only to the resources needed to perform a task is a concept known as:

• restricted access.
• as-needed access.
• least privilege access.
• token access

Answer 38

least privilege access.

Question 39

What function do security groups serve related to Amazon Elastic Compute Cloud (Amazon EC2) instance security?

• Act as a virtual firewall for the Amazon EC2 instance.
• Secure AWS user accounts with AWS Identity and Access Management (IAM) policies.
• Provide DDoS protection with AWS Shield.
• Use Amazon CloudFront to protect the Amazon EC2 instance

Answer 39

-Act as a virtual firewall for the Amazon EC2 instance.

Question 40

What does AWS Shield Standard provide?

WAFrules
DDoS protection
Identity and Access Management (IAM) permissions and access to resources
Data encryption

Answer 40

DDoS protection

Question 41

which of the following acts as a virtual firewall at the amazon ec2 instance level to control traffic for one or more instances?

Access keys
Virtual private gateways
Security groups
Access Control Lists (ACL)

Answer 41

Security groups

Question 42

Which of the following provides the ability to share the cost benefits of Reserved Instances across AWS accounts?

• AWS Cost Explorer between AWS accounts
• Linked accounts and consolidated billing
• Amazon Elastic Compute Cloud (Amazon EC2) Reserved Instance Utilization Report
• Amazon EC2 Instance Usage Report between AWS accounts

Answer 42

Linked accounts and consolidated billing

Question 43

What is the value of using third-party software from AWS Marketplace instead of installing third-party software on Amazon EC2? (Choose two.)

• Users pay for the software by the hour or month depending on licensing.
• AWS Marketplace enables the user to launch applications with 1-Click.
• AWS Marketplace data encryption is managed by a third-party vendor.
• AWS Marketplace eliminates the need toupgrade to newer software versions.
• Users can deploy third-party software without testing

Answer 43

Users pay for the software by the hour or month depending on licensing.

AWS Marketplace enables the user to launch applications with 1-Click.

Question 44

A company has multiple AWS accounts and wants to simplify and consolidate its billing process.
Which AWS service will achieve this?

• AWS Cost and Usage Reports
• AWS Organizations
• AWS Cost Explorer
• AWS Budgets

Answer 44

AWS Organizations

Question 45

Which AWS service enables users to consolidate billing across multiple accounts?

Amazon QuickSight
AWS Organizations
AWS Budgets
Amazon Forecast

Answer 45

AWS Organizations

Question 46

What is one of the customer’s responsibilities according to the AWS shared responsibility model?

Virtualization infrastructure

Network infrastructure

Application security

Physical security of hardware

Answer 46

Application security

Question 47

A company is migrating from on-premises data centers to the AWS cloud and is looking for hands-on help
with the project.
How can the company get this support? (Select Two.)

• *-**Ask for a quote from the AWS Marketplace team to perform a migration into the company’s AWS accounts
• Contact AWS Support and open a case for assistance
• Use AWS professional services to provide and to set up and AWS Landing Zone in the company’s AWS account
• Select a partner from the AWS Partner Network (APN) to assist with the migration.
• Use Amazon Connect to create a new request for proposal (RFP) for export assistance in migrating to the AWS Cloud

Answer 47

Contact AWS Support and open a case for assistance

Select a partner from the AWS Partner Network (APN) to assist with the migration

Question 48

A startup is working on a new application that needs to go to market quickly. The application
requirements may need to be adjusted in the near future.
Which of the following is a characteristic of the AWS Cloud that would meet this specific need?

Elasticity
Reliability
Performance
Agility

Answer 48

Agility

Question 49

Which of the following services is a MySQL-compatible database that automatically grows storage as needed?

Amazon Elastic Compute Cloud (Amazon EC2)
Amazon Relational Database Service (Amazon RDS) for MySQL
Amazon Lightsail
Amazon Aurora

Answer 49

Amazon Aurora

Question 50

What is the benefit of loose coupling as a principle of cloud architecture design?

It facilitates low-latency request handling.
It allows applications to have dependent workflows.
It prevents cascading failures between different components.
It allows companies to focus on their physical data center operations

Answer 50

It prevents cascading failures between different components.

Question 51

Which service’s PRIMARY purpose is software version control?

Amazon CodeStar
AWS Command Line Interface (AWS CLI)
Amazon Cognito
AWS CodeCommit

Answer 51

AWS CodeCommit

Question 52

Which tasks are the customer’s responsibility in the AWS shared? (Select TWO)

Infrastructure facilities access management
Cloud infrastructure hardware lifecycle management
Configuration management of user’s applications
Networking infrastructure protection
Security groups configuration

Answer 52

Configuration management of user’s applications

Security groups configuration

Question 53

A user is running an application on AWS and notices that one or more AWS-owned IP addresses is involved in a distributed denial-of-service (DDoS) attack.
Who should the user contact FIRST about this situation?

AWS Premium Support
AWSTechnical Account Manager
AWS Solutions Architect
AWS Abuse team

Answer 53

AWS Abuse team

Question 54

Which AWS services provide a way to extend an on-premises architecture lo the AWS Cloud? (Select TWO )

Amazon EBS
AWS Direct Connect
Amazon CloudFront
AWS Storage Gateway
Amazon Connect

Answer 54

AWS Direct Connect

AWS Storage Gateway

Question 55

Acompany wants to migrate an MYSQL database to AWS but does not have the budget for Database Administrators to handle routine tasks including provisioning, patching, and performing backups?
Which AWS service will support this use case?

• Amazon RDS
• Amazon DynamoDB
• Amazon DocumentDB
• Amazon ElasttiCache

Answer 55

Amazon DynamoDB

Question 56

A system in the AWS Cloud is designed to withstand the failure of one or more components.
What is this an example of?

Elasticity
High Availability
Scalability
Agility

Answer 56

Agility

Question 57

What is an example of high availability in the AWS Cloud?

Consulting AWS technical support at any time day or night
Ensuring an application remains accessible, even if a resource fails
Making any AWS service available for use by paying on demand
Deploying in any part of the world using AWS Regions

Answer 57

Ensuring an application remains accessible, even if a resource fails

Question 58

A company with a Developer-level AWS Support plan provisioned an Amazon RDS database and cannot to it.
Who should the developer contact for this level of support?

AWS Support using a support case
AWS Professional Services
AWS Technical Account Manager
AWS consulting partners

Answer 58

AWS Support using a support case

Question 59

Which of the following is an AWS database service?

Amazon Redshift
Amazon Elastic Block Store (Amazon EBS)
Amazon S3Glacier
AWS Snowball

Answer 59

Amazon Redshift

Question 60

Why should a company choose AWS instead of a traditional data center?

AWS provides users with full control over the underlying resources.
AWS does not require long-term contracts and provides a pay-as-you-go model.
AWS offers edge locations in every country, supporting global reach.
AWS has no limits on the number of resources that can be created.

Answer 60

AWS does not require long-term contracts and provides a pay-as-you-go model

Question 61

Which of the following are advantages of the AWS cloud? (Select TWO)

AWS manages the maintenance of the cloud infrastructure.
AWS manages the security of application built on AWS.
AWS manages capacity planning for physical servers.
AWS manages the development of applications on AWS.
AWS manages cost planning for virtual servers.

Answer 61

AWS manages the maintenance of the cloud infrastructure.

AWS manages capacity planning for physical servers.

Question 62

A company requires a dedicated network connection between its on-premises servers and the AWS Cloud.
Which AWS service should be used?

AWS VPN
AWS Direct Connect
Amazon API Gateway
Amazon Connect

Answer 62

AWS Direct Connect

Question 63

A company that does business online needs to quickly deliver new functionality in an iterative manner, minimizing the time to market
Which AWS Cloud feature can provide this?

Elasticity
High availability
Agility
Reliability

Answer 63

Agility

Question 64

which of the following are benefits of running a database on amazon rds compared to an on premises database? (Select TWO)

RDS backup are managed by AWS
RDS supports any relational database
RDS has no database engineer licensing costs.
RDS database compute capacity can be easily scaled.
RDS inbound traffic content (for example, security groups) is managed by AWS.

Answer 64

RDS backup are managed by AWS

RDS has no database engineer licensing costs.

Question 65

Which service should be used to estimate the costs of running a new project on AWS?

AWS TCO Calculator
AWS Simple Monthly Calculator
AWS Cost Explorer API
AWSBudgets

Answer 65

AWS Cost Explorer API

Question 66

Under the AWS shared responsibility model, which of the following are customer responsibilities? (Select TWO.)

Setting up server-side encryption on an Amazon S3 bucket
Amazon RDS instance patching
Network and firewall configurations
Physical security of data center facilities
Compute capacity availability

Answer 66

Network and firewall configurations

Compute capacity availability

Question 67

What does AWS Shield Standard provide?

WAF rules
DDoS protection
Identity and Access Management (IAM) permissions and access to resources
Data encryption

Answer 67

DDoS protection

Question 68

Each department within a company has its own independent AWS account and its own payment method New company leadership wants to centralized departmental governance and consolidate payments

How can this be achieved using AWS services or features?

• Forward monthly invoices for each account Then create 1AM roles to allow cross-account access
• Create a new AWS account Then configure AWS Organizations and invite all 0 existing accounts to join.
• Configure AWS Organizations in each of the existing accounts Then link all accounts together
• Use Cost Explorer to combine costs from all accounts Then replicate I AM policies across accounts

Answer 68

Create a new AWS account Then configure AWS Organizations and invite all 0 existing accounts to join.

Question 69

Which AWS service controls permissions to the AWS management console?

Amazon Connect
AWS IAM
AWS Direct Connect
AmazonRecognition

Answer 69

AWS IAM

Question 70

Which managed AWS service provides real-time guidance on AWS security best practices?

AWS X-Ray
AWS Trusted Advisor
Amazon CloudWatch
AWS Systems Manager

Answer 70

AWS Trusted Advisor

Question 71

Which AWS service provides a secure, fast, and cost-effective way to migrate or transport exabyte-scale datasets into AWS?

AWS Batch
AWS Snowball
AWS Migration Hub
AWS Snowmobile

Answer 71

AWS Snowmobile

Question 72

Which load balancer types are available with Elastic Load Balancing (ELB)? (Choose two.)

Public load balancers with AWS Application Auto Scaling capabilities
F5Big-IP and Citrix NetScaler load balancers
Classic Load Balancers
Cross-zone load balancers with public and private IPs
Application Load Balancers

Answer 72

Public load balancers with AWS Application Auto Scaling capabilities

Application Load Balancers

Question 73

What is the MINIMUM AWS Support plan that provides designated Technical Account Managers?

Enterprise
Business
Developer
Basic

Answer 73

Enterprise

Question 74

Which Amazon Virtual Private Cloud (Amazon VPC) feature enables users to connect two VPCs together?

Amazon VPC endpoints
Amazon Elastic Compute Cloud (Amazon EC2) ClassicLink
Amazon VPC peering
AWS Direct Connect

Answer 74

Amazon VPC peering

Question 75

Which AWS support plan provides access to architectural and operational reviews as well as 24/7 access to senior cloud support engineers through email, online chat, and phone?

Basic
Business
Developer
Enterprise

Answer 75

Enterprise

Question 76

What are the advantages of Reserved Instances? (Choose two.)

They provide a discount over on-demand pricing.
They provide access to additional instance types.
They provide additional networking capability.
Customers can upgrade instances as new types become available.
Customers can reserve capacity in an Availability Zone.

Answer 76

They provide a discount over on-demand pricing.

Customers can reserve capacity in an Availability Zone.

Question 77

Which services use AWS edge locations? (Choose two.)

Amazon CloudFront
AWS Shield
Amazon EC2
Amazon RDS
Amazon ElastiCache

Answer 77

Amazon CloudFront

Amazon ElastiCache

Question 78

What is an AWS Identity and Access Management (IAM) role?

A user associated with an AWS resource
A group associated with an AWS resource
An entity that defines a set of permissions for use with an AWS resource
An authentication credential associated with a multi-factor authentication (MFA) token

Answer 78

An entity that defines a set of permissions for use with an AWS resource

Question 79

Which of the following AWS services provide compute resources? (Choose two.)

AWS Lambda
Amazon Elastic Container Service (Amazon ECS)
AWS CodeDeploy
Amazon Glacier
AWS Organizations

Answer 79

AWS Lambda
Amazon Elastic Container Service (Amazon ECS)

Question 80

Which Amazon EC2 principle model offers the MOST significant discount when compared to On-Demand Instances?

Partial Upfront Reserved Instances for a 1-year term

All Upfront Reserved Instances for a 1-year term

All Upfront Reserved Instances for a 3-year term

No Upfront Reserved Instances for a 3-year term

Answer 80

All Upfront Reserved Instances tor a 3 year term

Question 81

Which tool is used to forecast AWS spending?

AWS Trusted Advisor
AWS Organizations
Cost Explorer
Amazon Inspector

Answer 81

Cost Explorer

Question 82

Which service enables customers to audit and monitor changes in AWS resources?

AWS Trusted Advisor
Amazon GuardDuty
Amazon Inspector
AWS Config

Answer 82

AWS Config

Question 83

A director has been tasked with investigating hybrid cloud architecture. The company currently accesses AWS over the public internet.
Which service will facilitate private hybrid connectivity?

Amazon Virtual Private Cloud (Amazon VPC) NAT Gateway
AWS Direct Connect
Amazon Simple Storage Service (Amazon S3) Transfer Acceleration
AWS Web Application Firewall (AWS WAF)

Answer 83

AWS Direct Connect

Question 84

Which Amazon RDS feature can be used to achieve high availability?

Multiple Availability Zones
Amazon Reserved Instances
Provisioned IOPS storage
Enhanced monitoring

Answer 84

Multiple Availability Zones

Question 85

An architect design includes Amazon EC2, an Elastic Load Balancer, and Amazon RDS.
What is the BEST way to got a monthly cost estimation for this architecture?

• Open an AWS Support case, provide the architecture proposal, and ask for monthly cost estimation.
• Use the published prices of the AWS services and calculate the monthly estimate.
• Use the AWS Simple Monthly Calculator to estimate the monthly cost.
• Use the AWS Total Cost of Ownership (TCO) Calculator to estimate the monthly cost.

Answer 85

Use the AWS Simple Monthly Calculator to estimate the monthly cost

Question 86

Which AWS service enables users to securely connect to AWS resources over the public internet?

Amazon VPS peering
AWS Direct Connect
AWS VPN
Amazon Pinpoint

Answer 86

AWS VPN

Question 87

when building a cloud total cost of ownership model which cost elements should be considered for workload running on AWS? (Select Three.)

• Compute costs
• Facilities costs
• Storage costs
• Data transfer costs
• Network infrastructure costs
• Hardware lifecycle costs

Answer 87

Compute costs
Storage costs

Hardware lifecycle costs

Question 88

Which of the following allows users to provision a dedicated network connection from their internal network to AWS?

AWSCloudHSM
AWS Direct Connect
AWS VPN
Amazon Connect

Answer 88

AWS Direct Connect

Question 89

Which of the following AWS services can be used to run a self-managed database?

Amazon Route 53
AWS X-Ray
AWS Snowmobile
Amazon Elastic Compute Cloud(Amazon EC2)

Answer 89

Amazon Elastic Compute Cloud(Amazon EC2)

Question 90

which amazon ec2 pricing model should be used to comply with per-core software license requirements?

Dedicated Hosts
On-Demand Instances
Spot Instances
Reserved Instances

Answer 90

Reserved Instances

Question 91

What helps a company provide a lower latency experience to its users globally?

Using an AWS Region that is central to all users
Using a second Availability Zone in the AWS Region that is using used
Enabling caching in the AWS Region that is being used
Using edge locations to put content closer to all users

Answer 91

Using an AWS Region that is central to all users

Question 92

What is the responsibility of AWS in the shared responsibility model?

• Updating the network ACLs to block traffic to vulnerable ports.
• Patching operating systems running on Amazon EC2 instances.
• Updating the firmware on the underlying EC2 hosts.
• Updating the security group rules to block traffic to the vulnerable ports

Answer 92

Updating the firmware on the underlying EC2 hosts.

Question 93

After selecting an Amazon EC2 Dedicated Host reservation, which pricing option would provide the largest discount?

No upfront payment
Hourly on-demand payment
Partial upfront payment
All upfront payment

Answer 93

All upfront payment

Question 94

Which AWS service is suitable for an event driven workload?

Amazon EC2
AWS Elastic Beanstalk
AWS Lambda
Amazon Lumberyard

Answer 94

AWS Elastic Beanstalk

Question 95

Which AWS services may be scaled using AWS auto scaling? (Select TWO)

Amazon EC2
Amazon DynamoDB
Amazon S3
Amazon Route 53
Amazon Redshift

Answer 95

Amazon DynamoDB

Amazon Redshift

Question 96

Which AWS service enables users to deploy infrastructure as code by automating the process of provisioning resources?

Amazon GameLift
AWS CloudFormation
AWS Data Pipeline
AWS Glue

Answer 96

AWS CloudFormation

Question 97

What is an advantage of using the AWS Cloud over a traditional on-premises solution? (Select TWO)

Users do not have to guess about future capacity needs.
Users can utilize existing hardware contracts for purchases.
Users can fix costs no matter what their traffic is.
Users can avoid audits by using reports from AWS

Answer 97

Users do not have to guess about future capacity needs.

Users can fix costs no matter what their traffic is.

Question 98

Which of the following are benefits of hosting infrastructure in the AWS Cloud? (Choose two.)

• There are no upfront commitments.
• AWS manages all security in the cloud.
• Users have the ability to provision resources on demand.
• Users have access to free and unlimited storage.
• Users have control over the physical infrastructure

Answer 98

AWS manages all security in the cloud.
-Users have the ability to provision resources on demand.

Question 99

Which AWS tool will identify security groups that grant unrestricted Internet access to a limited list of ports?

AWS Organizations
AWSTrusted Advisor
AWS Usage Report
Amazon EC2 dashboard

Answer 99

Amazon EC2 dashboard

Question 100

Which benefit of the AWS Cloud supports matching the supply of resources with changing workload demands?

Security
Reliability
Elasticity
High availability

Answer 100

Elasticity

Question 101

What feature of Amazon RDS helps to create globally redundant databases?

Snapshots
Automatic patching and updating
Cross-Region read replicas
Provisioned IOPS

Answer 101

Snapshots

Question 102

Which of the following are AWS best practices? (Select TWO.)

• Enable AWS Multi-Factor Authentication (AWS MFA) for users.
• Enable access key sharing among users.
• Use the inline policies instead of user managed policies.
• Configure strong password policies for users.
• Avoid rotating credentials.

Answer 102

Enable AWS Multi-Factor Authentication (AWS MFA) for users.

-Use the inline policies instead of user managed policies.

Question 103

Which services manage and automate application deployment on AWS? (Select TWO.)

AWS Elastic Beanstalk
AWS CodeCommit
AWS Data Pipeline
AWSCloudFormation
AWS Config

Answer 103

AWS CodeCommit
AWS Data Pipeline

Question 104

A company wants to build its new application workloads in the AWS Cloud instead of using on-premises resources.
What expense can be reduced using the AWS Cloud?

• The cost of writing custom-built Java or Node .js code
• Penetration testing for security
• hardware required to support new applications
• Writing specific test cases for third-party applications

Answer 104

hardware required to support new applications

Question 105

What is an AWS cloud design best practice?

Tight coupling of components
Single point of failure
High availability
Overprovisioning of resources

Answer 105

Single point of failure

Question 106

Which design principle should be considered when architecting in the AWS Cloud?

• Think of servers as non-disposable resources.
• Use synchronous integration of services.
• Design loosely coupled components
• Implement the least permissive rules for security groups

Answer 106

Design loosely coupled components

Question 107

When comparing AWS with on-premises Total Cost of Ownership (TCO), what costs are included?

Data center security
Business analysis
Project management
Operating system administration

Answer 107

Data center security

Question 108

Under the AWS shared responsibility model, which of the following is an example of security in the AWS Cloud?

Managing edge locations
Physical security
Firewall configuration
Global infrastructure

Answer 108

Physical security

Question 109

which AWS tools or services can be used to list all AWS Lambda functions running in an account?

AWS CLI
AWS CloudFormation
AWS SDKs
AWS CloudTrail
Amazon Cloud Directory

Answer 109

AWS CLI

AWS SDKs

Question 110

Which AWS service identifies security groups that allow unrestricted access to the AWS resources?

AWS Trusted Advisor
Amazon Inspector
Amazon CloudWatch
AWSCloudTrail

Answer 110

Amazon Inspector

Question 111

Which AWS service securely delivers data, videos, applications, and APIS to users globally with low latency and high transfer speeds?

AWSCloudFormation
Amazon CloudFront
Amazon Pinpoint
Amazon Redshift

Answer 111

Amazon CloudFront

Question 112

Which requirement must be met for a member account to be unlinked from an AWS organization account?

• The linked account must be activity compliant with AWS System and Organization Controls (SOC)
• The payer and the linked account both create AWS Support cases to request that the member account be unlinked from the organization.
• The monitor account must meet the requirements of a standalone account.
• The payer account must be used to remove the linked account from the organization

Answer 112

The payer account must be used to remove the linked account from the organization

Question 113

A user needs to automatically discover, classify, and protect sensitive data stored in Amazon S3 Which AWS service can meet these requirements?

Amazon Inspector
Amazon Macie
Amazon GuardDuty
AWS Secrets Manager

Answer 113

Amazon Macie

Question 114

Which of the following allows AWS users to manage cost allocates for billing?

Tagging resources
Limiting who can create resources
Adding a secondary payment method
Running all operation on a single AWS account

Answer 114

Tagging resources

Question 115

On demand reserved and spot instances belong to which principle of cloud architecture design?

Performance
Removing single points of failure
Loose coupling
Optimizing for cost

Answer 115

Optimizing for cost

Question 116

Which methods can be used to identify AWS costs by departments? (Choose two.)

• Enable multi-factor authentication for the AWS account root user.
• Create separate accounts for each department.
• Use Reserved Instances whenever possible.
• Use tags to associate each instance with a particular department.
• Pay bills using purchase orders

Answer 116

Create separate accounts for each department.

Pay bills using purchase orders

Question 117

What are the immediate benefits of using the AWS Cloud? (Choose two.)

Increased IT staff.
Capital expenses are replaced with variable expenses.
User control of infrastructure.

Increased agility.
AWS holds responsibility for security in the cloud.

Answer 117

User control of infrastructure.

Increased agility.

Question 118

which AWS service is used t automate configuration management using Chef and puppet?

AWS Config
AWS OpsWorks
AWSCloudFormation
AWS Systems Manager

Answer 118

AWS OpsWorks

Question 119

A company is considering moving its on-premises data center to AWS.
What factors should be included in doing a Total Cost of Ownership (TCO) analysis? (Choose two.)
Amazon EC2 instance availability
Power consumption of the data center
Labor costs to replace old servers
Application developer time
Database engine capacity

Answer 119

Power consumption of the data center
Labor costs to replace old servers

Question 120

What does it mean to grant the least privilege to AWS IAM users?

It is granting permissions to a single user only

It is granting permissions using AWS IAM policies only.
It is granting AdministratorAccess policy permissions to trustworthy users.
It is granting only the permissions required to perform a given task

Answer 120

It is granting only the permissions required to perform a given task

Question 121

A company is designing an application hosted in a single AWS Region serving end-users spread across the world. The company wants to provide the end-users low latency access to the application data.
Which of the following services will help fulfill this requirement?

• Amazon CloudFront
• AWS Direct Connect
• Amazon Route 53 global DNS
• Amazon Simple Storage Service (Amazon S3) transfer acceleration

Answer 121

AWS Direct Connect

Question 122

Which AWS hybrid storage service enables your on-premises applications to seamlessly use AWS Cloud storage through standard file-storage protocols?

AWS Direct Connect
AWS Snowball

AWS Storage Gateway
AWS Snowball Edge

Answer 122

AWS Storage Gateway

Question 123

Which of the following deployment models enables customers to fully trade their capital IT expenses for operational expenses?

On-premises
Hybrid
Cloud
Platform as a service

Answer 123

Cloud

Question 124

Which feature adds elasticity to Amazon EC2 instances to handle the changing demand for workloads?

Resource groups
Lifecycle policies
Application Load Balancer
Amazon EC2 Auto Scaling

Answer 124

Amazon EC2 Auto Scaling

Question 125

Under the AWS shared responsibility model the customer manages which of the following? (Select TWO)

• Decommissioning of physical storage devices.
• Security group and ACL configuration
• Patch management of an Amazon RDS instance operating system
• Controlling physical access to data centers
• Patch management of an Amazon EC2 instance operating system

Answer 125

Security group and ACL configuration

Patch management of an Amazon EC2 instance operating system

Question 126

Which AWS feature or service can be used to capture information about incoming and outgoing traffic in an AWS VPC infrastructure?

AWS Config
VPC Flow Logs
AWSTrusted Advisor
AWS CloudTrail

Answer 126

VPC Flow Logs

Question 127

Which of the following is an important architectural principle when designing cloud applications?

• Store data and backups in the same region.
• Design tightly coupled system components.
• Avoid multi-threading.
• Design for failure

Answer 127

Design for failure

Question 128

Which situation should be reported to the AWS abuse team?

• An Availability Zone has a service disruption.
• An intrusion attempt is made from an AWS IP address
• A user has trouble accessing an Amazon S3 bucket from an AWS IP address
• A user needs to change payment methods due to a compromise

Answer 128

An intrusion attempt is made from an AWS IP address

Question 129

What is AWS Trusted Advisor?

• It is an AWS staff member who provides recommendations and best practices on how to use AWS.
• It is a network of AWS partners who provide recommendations and best practices on how to use AWS.
• It is an online tool with a set of automated checks that provide recommendations on cost optimization, performance, and security.
• It is another name for AWS Technical Account Managers who provide recommendations on cost optimization, performance, and security

Answer 129

It is an online tool with a set of automated checks that provide recommendations on cost optimization, performance, and security.

Question 130

According to the AWS shared responsibility model who is responsible for configuration?

• It is solely responsible of the customer
• It is solely the responsibility of AWS
• It is shared between AWS and the customer
• It is not part of the AWS shared responsibility model

Answer 130

It is shared between AWS and the customer.

Question 131

A company wants to monitor the CPU usage of its Amazon EC2 resources.
Which AWS service should the company use?

AWS CloudTrail
Amazon CloudWatch
AWS Cost and Usage report
Amazon SimpleNotification Service (Amazon SNS)

Answer 131

Amazon CloudWatch

Question 132

What AWS service would be used to centrally manage AWS access across multiple accounts?

• AWS Service Catalog
• AWS Config
• AWS TrustedAdvisor
• AWS Organizations

Answer 132

AWS Organizations

Question 133

Which of the following is an AWSWell-Architected Framework design principle related to reliability?

Deployment to a single Availability Zone
Ability to recover from failure

Design for cost optimization
Perform operations as code

Answer 133

Ability to recover from failure

Question 134

Where can a user find a catalog of AWS recognized providers of third party security solutions?

AWS Service Catalog
AWS Marketplace
AWS Quick Start
AWS CodeDeploy

Answer 134

AWS Marketplace

Question 135

What exclusive benefit is provided to users with Enterprise Support?

Access to a Technical Project Manager
Access to a Technical Account Manager
Access to a Cloud Support Engineer
Access to a Solutions Architect

Answer 135

Access to a Cloud Support Engineer

Question 136

Which AWS service allows users to provision infrastructure as code?

AWS CodeBuild
AWS CloudFormation

AWS Organizations
AWS CodeCommit

Answer 136

AWS CloudFormation

Question 137

Which AWS service needs to be enabled to track all user account changes within the AWS Management Console?

AWS CloudTrail
Amazon Simple Notification Service (Amazon SNS)
VPC Flow Logs
AWS CloudHSM

Answer 137

AWS CloudTrail

Question 138

A Cloud Practitioner is asked how to estimate the cost of using a new application on AWS.
What is the MOST appropriate response?

• Inform the user that AWS pricing allows for on-demand pricing.
• Direct the user to the AWS Simple Monthly Calculator for an estimate.
• Use Amazon QuickSight to analyze current spending on-premises.
• Use Amazon AppStream 2.0 for real-time pricing analytics

Answer 138

Direct the user to the AWS Simple Monthly Calculator for an estimate

Question 139

Which AWS service offers on-demand access to AWS security and compliance reports?

AWS CloudTrail
AWS Artifact
AWS Health
Amazon CloudWatch

Answer 139

AWS Artifact

Question 140

How does AWS charge for AWS Lambda?

• Users bid on the maximum price they are willing to pay per hour.
• Users choose a 1-, 3- or 5-year upfront payment term.
• Users pay for the required permanent storage on a file system or in a database.
• Users pay based on the number of requests and consumed computing resources.

Answer 140

-Users pay based on the number of requests and consumed computing resources.

Question 141

Which tool can be used to compare the costs of running a web application in a traditional hosting environment to running it on AWS?

AWS Cost Explorer
AWS Budgets
AWS Cost and Usage report
AWS Total Cost of Ownership (TCO) Calculator

Answer 141

AWS Total Cost of Ownership (TCO) Calculator

Question 142

Which of the following is an advantage of using AWS?

AWS audits user data.
Data is automatically secure.
There is no guessing on capacity needs.
AWS manages compliance needs.

Answer 142

There is no guessing on capacity needs.

Question 143

Which of the following is a component of the AWS Global infrastructure?

Amazon Alexa

AWS Regions
Amazon Lightsail
AWSOrganizations

Answer 143

AWS Regions

Question 144

When designing a typical three-tier web application which AWS services and for features improve availability and reduce the impact failures?

AWS Auto Scaling for Amazon for amazon EC2 instances. (Select TWO)

• Amazon VPC subnet ACLs check the health of a service.
• Distributed resources across multiple Availability Zones.
• AWS Server Migration Service (AWS SMS) to move Amazon EC2 instance into a different Region.
• Distributed resources across multiple AWS points of presence

Answer 144

• Amazon VPC subnet ACLs check the health of a service.
• AWS Server Migration Service (AWS SMS) to move Amazon EC2 instance into a different

Question 145

Under the AWS shared responsibility model, customers are responsible for which aspects of security in the cloud? (Choose two.)

• Visualization management
• Hardware management
• Encryption management
• Facilities management
• Firewall management

Answer 145

Encryption management

Firewall management

Question 146

Which AWS service is a long term archiving solution?

Amazon S3 Glacier
Amazon S3
Amazon EFS
AWS Storage Gateway

Answer 146

Amazon S3 Glacier

Question 147

Which service would provide network connectivity in a hybrid architecture that includes the AWS Cloud?

Amazon VPC
AWS Direct Connect
AWS Directory Service
Amazon API Gateway

Answer 147

Amazon VPC

Question 148

How is asset management on AWS easier than asset management in a physical data center?

• AWS provides a Configuration Management Database that users can maintain.
• AWS performs infrastructure discovery scans on the customer’s behalf.
• Amazon EC2 automatically generates an asset report and places it in the customer’s specified Amazon S3 bucket.
• Users can gather asset metadata reliably with a few API calls.

Answer 148

-AWS performs infrastructure discovery scans on the customer’s behalf.

Question 149

Which AWS service can a customer use to set up an alert notification when the account is approaching a particular dollar amount?

AWS Cost and Usage reports
AWS Budgets
AWS Cost Explorer
AWS Trusted Advisor

Answer 149

AWS Budgets

Question 150

Which AWS services provide a quick and automated way to create and manage AWS accounts?

AWS QuickSight
Amazon Lighsil

AWS Organizations
Amazon Connect

Answer 150

AWS Organizations

Question 151

When comparing AWS with on-premises Total Cost of Ownership (TCO), what costs are included?

Data center security
Business analysis
Project management
Operating system administration

Answer 151

Data center security