Udemy Practice Exam 2 Flashcards
Acts as a firewall at the instance level
Security Group
Acts as a firewall at the subnet level
NACL Network Access Control List
Fundamental Drivers of cost with AWS
Compute, Storage, Outbound data transfer
A social media company wants to protect its web application from common web exploits such as SQL injection and cross-site scripting. Which of the following AWS services can be used to address this use-case?
WAF Web Application Firewall
An IT company wants to run a log backup process every Monday at 2 AM. The usual runtime of the process is 5 minutes. As a Cloud Practitioner, which AWS services would you recommend to build a serverless solution for this use-case? (Select two)
-CloudWatch
-Lambda
An online gaming company wants to block users from certain geographies from accessing its content. Which AWS service can be used to accomplish this task?
AWS WAF
Which characteristic of Cloud Computing imparts the ability to acquire resources as you need and release when you no longer need them?
Elasticity
Which service gives a personalized view of the status of the AWS services that are part of your Cloud architecture so that you can quickly assess the impact on your business when AWS service(s) are experiencing issues?
Personal Health Dashboard
A company wants a fully managed, flexible, and scalable file storage system, with low latency access, for its Windows-based applications. Which AWS service is the right choice for the company?
-Amazon EBS
-Amazon EFS
-Amazon FSx for windows
Amazon FSx for windows
Multi AZ (Availability Zone) deployment is an example of which of the following?
-High Availability
Sends an alarm when the actual cost exceeds a certain threshold.
-Cloudwatch Billing Alarms
Sends an alarm when the actual cost exceeds the budgeted amount or even when the cost forecast exceeds the budgeted amount.
-Budgets
allow you to use select AWS services, like compute and storage services, closer to more end-users, providing them very low latency access to the applications running locally.
AWS Local Zones
site that CloudFront uses to cache copies of the content for faster delivery to users at any location.
Edge Location
Due to regulatory and compliance reasons, an organization is supposed to use a hardware device for any data encryption operations in the cloud. Which AWS service can be used to meet this compliance requirement?
CloudHSM - Hardware Security Module
Which of the following solutions can you use to connect your on-premises network with AWS Cloud (Select two).
AWS Direct Connect
AWS VPN
Which AWS service publishes up-to-the-minute information on the general status and availability of all AWS services in all the Regions of AWS Cloud?
AWS Service Health Dashborad
Managing patches of the guest operating system on EC2 is responsibility of
Customer
Which AWS compute service provides the EASIEST way to access resizable compute capacity in the cloud with support for per-second billing and access to the underlying OS?
Elastic Compute Cloud EC2
Which AWS service should be used when you want to run container applications, but want to avoid the operational overhead of scaling, patching, securing, and managing servers?
Amazon Elastic Container Service- Fargate launch type
Which of the following AWS services allows a database to have flexible schema and supports document data models?
Dynamo DB
A company is using a message broker service on its on-premises application and wants to move this messaging functionality to AWS Cloud. Which of the following AWS services is the right choice to move the existing functionality easily?
Amazon MQ
managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easy to set up and operate message brokers on AWS.
Amazon MQ
The engineering team at an IT company wants to monitor the CPU utilization for its fleet of EC2 instances and send an email to the administrator if the utilization exceeds 80%. As a Cloud Practitioner, which AWS services would you recommend to build this solution? (Select two)
Amazon SNS
Amazon CloudWatch
An e-commerce company wants to assess its applications deployed on EC2 instances for vulnerabilities and deviations from AWS best practices. Which AWS service can be used to facilitate this?
AWS Inspector
-automatically assesses applications for exposure, vulnerabilities, and deviations from best practices.
-automated security assessment service that helps improve the security and compliance of applications deployed on AWS.
AWS Inspector
Rightsize workloads with artificial intelligence and machine learning-based analytics to reduce costs by up to 25%.
AWS Compute Optimizer
AWS Compute Optimizer helps avoid overprovisioning and underprovisioning four types of AWS resources
-Amazon Elastic Compute Cloud (EC2)
-Lambda functions
-Amazon Elastic Container Service (ECS)
-Fargate
-Amazon Elastic Block Store (EBS)
-is accessed less frequently but requires rapid access when needed.
-data can be regenerated
S3 One-Zone Infrequent Access (One-Zone IA)
Which AWS service helps with global application availability and performance using the AWS global network?
Global Accelerator
-improves the availability and performance of your applications with local or global users.
-It provides static IP addresses
-good fit for non-HTTP use cases,
Global Accelerator
Trusted Advisor 5 checks
-Cost Optimization
-Performance
-Security
-Fault Tolerance
-Service limits
spans all of the availability zones
-subnet
-VPC
-VPC
spans only one AZ
-subnet
-VPC
-subnet
Which policy describes prohibited uses of the web services offered by Amazon Web Services?
AWS Acceptable Use Policy
Which of the following statement is correct regarding the AWS pricing policy for data transfer charges into or out of an AWS Region?
Only outbound data is charged
Which AWS services are Gobal in scope
- Identity and Access Management (IAM)
- AWS Organizations
- Amazon CloudFront
- Amazon Route53
- AWS Global Accelerator
- AWS Direct Connect
- AWS Firewall Manager
- AWS Web Application Firewall (WAF)
- AWS Shield
Allows one contact to open unlimited cases
- Developer
Allows unlimited contacts to open unlimited cases
-Business
-Enterprise
contains the basic building blocks for cloud IT.
IaaS
Amazon EC2
removes the need to manage underlying infrastructure
PaaS
Elastic Beanstalk
provides you with a complete product that is run and managed by the service provider.
SaaS
Amazon Rekognition
The Concierge Support Team is only available for
Enterprise
Which AWS service can be used to store, manage, and deploy Docker container images?
Amazon Elastic Container Registry ECR
AWS Autoscalling
You can automatically deploy AWS Shield when a DDoS attack is detected (t/f)
False
Which AWS support plan provides access to a designated Technical Account Manager (TAM)?
Enterprise
a fully-managed service that provides you with an interactive browser-based shell and CLI experience. It helps provide secure and auditable instance management without the need to open inbound ports, maintain bastion hosts, and manage SSH keys.
AWS Systems Manager Session Manager
different gateway types supported by AWS Storage Gateway
-File Gateway
-Volume Gateway
-Tape Gateway
hybrid cloud storage service that connects your existing on-premises environments with the AWS Cloud.
Storage Gateway
Which of the following AWS services can be used to prevent Distributed Denial-of-Service (DDoS) attack? (Select three)
-WAF
-Shield
-CloudFront with Route53
Which AWS service can be used to provision resources to run big data workloads on Hadoop clusters?
EMR
Which of the following AWS services is essential for implementing security of resources in AWS Cloud?
Identity and Access Management
configuration management service that provides managed instances of Chef and Puppet.
OpsWorks
A data analytics company has some data stored on Amazon S3 and wants to do SQL based analysis on this data with minimum effort. As a Cloud Practitioner, which of the following AWS services will you suggest for this use case?
Athena
Which AWS Route 53 routing policy would you use to improve the performance for your customers by routing the requests to the AWS endpoint that provides the fastest experience?
Latency routing policy
A startup is looking for 24x7 phone based technical support for his AWS account. Which of the following is the MOST cost-effective AWS support plan for this use-case?
Business