Udemy Practice Exam 1 Flashcards
When you use AWS Shield Standard with what services
you receive comprehensive availability protection against all known infrastructure (Layer 3 and 4) attacks. (Select 2)
-CloudFront
-Route 53
You can subscribe to AWS Shield Advanced applications running on
-Amazon Elastic Compute Cloud (EC2)
-Elastic Load Balancing (ELB)
-Amazon CloudFront
-AWS Global Accelerator
-Amazon Route 53
Unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources.
AWS Systems Manager
AWS Web Application Firewall (WAF) offers protection from common web exploits at which layer?
Layer 7
Monitor the HTTP and HTTPS requests that are forwarded to an Amazon API Gateway API, Amazon CloudFront or an Application Load Balancer.
AWS Web Application Firewall (WAF)
is the Network layer and this layer decides which physical path data will take when it moves on the network. AWS Shield offers protection at this layer.
Layer 3
is the Transport layer and this layer data transmission occurs using TCP or UDP protocols. AWS Shield offers protection at this layer.
Layer 4
AWS Shield Advanced provides expanded DDoS attack protection for web applications running on which of the following resources?
-Route 53
-Global Accelerator
-Cloud Formation
-EC2
-ELB
A research group wants to use EC2 instances to run a scientific computation application that has a fault-tolerant architecture. The application needs high-performance hardware disks that provide fast I/O performance. As a Cloud Practitioner, which of the following storage options would you recommend as the MOST cost-effective solution?
Instance Store
Storage available as a hardware disk
Instance Store
high-performance block storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction-intensive workloads at any scale.
EBS Amazon Elastic Block Store
The performance of AWS managed RDS instance is better than a customer-managed databases instance (T or F)
True
DS instances are optimized for memory, performance, or I/O,
Services that can have reservations
-EC2
-DynamoDB
-RDS
-Elastic Cache
-RedShift
What services does AWS Inspector scan
-EC2
-Lambda
-Containarised workloads
How many AZ in a region
Minimum 3
How many discrete data centers in an AZ
1 or more
Reserved instance significant savings
75%
Spot instance significant savings
90%
A data analytics company is running a proprietary batch analytics application on AWS and wants to use a storage service which would be accessed by hundreds of EC2 instances simultaneously to append data to existing files. As a Cloud Practitioner, which AWS service would you suggest for this use-case?
-S3
-EFS
-EBS
-Instance Store
and why
-EFS
-EBS and Instance Store can’t be accessed simultaneously by multiple EC2
-S3 doesn’t support file appending
EBS vs. Instance Store
Instance store is a physical hardware disk
Doesn’t persist through instance stops or failures.
Which AWS Support plan provides architectural guidance contextual to your specific use-cases?
Business
This plan only supports general architectural guidance.
Developer
Physical and Environmental controls are responsibility of
AWS
Route 53 routing policy based on the locations of your resources
Geoproximity
-Based on users location: Geolocation
EFS can be mounted on multiple instances across multiple AZ (t/f)
True
EBS: can attach to only a single instance in the same AZ
active-active configuration with cross-region support
DynamoDB with global tables
all DB instance have read/write capability , cross-Region not enabled
-Amazon Aurora with multi-master cluster
is a global team of experts that can help you realize your desired business outcomes when using the AWS Cloud. consultants
AWS Professional Services
partner program for technology and consulting businesses that leverage Amazon Web Services to build solutions and services for customers.
AWS Partner Network (APN)
Which AWS services can be used to decouple components of a microservices based application on AWS Cloud? (Select two)
-SNS
-SQS
Credits are applied in the following order:
-Soonest expiring
-Least number of applicable products
-Oldest credit
Which of the following AWS Support plans provide access to guidance, configuration, and troubleshooting of AWS interoperability with third-party software? (Select two)
-Business
-Enterprise
Serverless AWS Computing
-Lambda
-Fargate
A multi-national corporation wants to get expert professional advice on migrating to AWS and managing their applications on AWS Cloud. Which of the following entities would you recommend for this engagement?
-APN Consulting Partner
-APN Technology partners can’t help with migration
Which of the following AWS Support plans provides access to online training with self-paced labs?
-Enterprise
Configuration Management is responsibility of
- both AWS and customer
Which of the following AWS Support plans provides access to Infrastructure Event Management for an additional fee?
-business
Which of the following AWS services has encryption enabled by default?
-CloudTrail Logs
Which of the following is a recommended way to provide programmatic access to AWS resources?
Access Key ID
Secret Access Key
A company wants to have control over creating and using its own keys for encryption on AWS services. Which of the following can be used for this use-case?
Customer Managed CMK
Which of the following AWS Support plans provide access to only 7 core checks from the AWS Trusted Advisor Best Practice Checks? (Select two)
-Basic
-Developer
Which of the following AWS services support VPC Endpoint Gateway for a private connection from a VPC? (Select two)
-DynamoDB
-S3
OTHER SERVICES: VPC Interface Endpoint
Configure the database in RDS Multi-AZ deployment with automatic failover to the standby
RDS automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ)
NAT Gateway is managed by AWS, which is user managed
Gateway Instance
A company wants to identify the optimal AWS resource configuration for its workloads so that the company can reduce costs and increase workload performance. Which of the following services can be used to meet this requirement?
AWS Compute optimizer
data transfer between S3 and EC2 instances within the same region is not charged (T/F)
True
Which of the following is an AWS database service?
-RedShift
-Database Migration Service
-RedShift
analyze and debug serverless and distributed applications such as those built using a microservices architecture.
x-RAY
allows marketers and developers to deliver customer-centric engagement experiences by capturing customer usage data to draw real-time insights.
Amazon Pinpoint
The AWS account must be able to operate as a standalone account. Only then it can be removed from AWS organizations (t/f)
True
Which of the following entities applies patches to the underlying OS for AWS Aurora?
The AWS Product Team automatically
Which of the following AWS services can be used to connect a company’s on-premises environment to a VPC without using the public internet?
AWS Direct Connect