Udemy Practice Exam 4 Flashcards
Which AWS service would you use to create a logically isolated section of the AWS Cloud where you can launch AWS resources in your virtual network?
Virtual Private Cloud (VPC)
As per the Shared Responsibility Model, Security and Compliance is a shared responsibility between AWS and the customer. Which of the following security services falls under the purview of AWS under the Shared Responsibility Model?
-AWS Shield Standard
-AWS Web Application Firewall (WAF)
-AWS Shield Advanced
-Security Groups for Amazon EC2
AWS Shield Standard
According to the AWS Shared Responsibility Model, which of the following are responsibilities of the customer for IAM? (Select two)
-Manage global network security infrastructure
-Enable MFA on all accounts
-Analyze user access patterns and review IAM permissions
-Configuration and vulnerability analysis for the underlying software infrastructure
-Compliance validation for the underlying software infrastructure
-Enable MFA on all accounts
-Analyze user access patterns and review IAM permissions
Which of the following is available across all AWS Support plans?
-Full set of AWS Trusted Advisor best practice checks
-Enhanced Technical Support with unlimited cases and unlimited contacts
-AWS Personal Health Dashboard
-Third-Party Software Support
“AWS Personal Health Dashboard”
A streaming media company wants to convert English language subtitles into Spanish language subtitles. As a Cloud Practitioner, which AWS service would you recommend for this use-case?
Amazon Translate
AWS Shield Advanced provides expanded DDoS attack protection for web applications running on which of the following resources? (Select two)
-Amazon CloudFront
-Amazon Elastic Compute Cloud
Who’s responsability is Patching networking infrastructure
AWS
Which of the following types are free under the Amazon S3 pricing model? (Select two)
Data transferred in from the internet
Data transferred out to an Amazon Elastic Compute Cloud (Amazon EC2) instance, when the instance is in the same AWS Region as the S3 bucket
The DevOps team at an IT company wants to centrally manage its servers on AWS Cloud as well as on-premise data center so that it can collect software inventory, run commands, configure and patch servers at scale. As a Cloud Practitioner, which AWS service would you recommend for this use-case?
Systems Manager
Which of the following AWS services offer LifeCycle Management for cost-optimal storage?
S3
How is Amazon EC2 different from traditional hosting systems? (Select two)
-Amazon EC2 can scale with changing computing requirements -With Amazon EC2, developers can launch and terminate the instances anytime they need to
Who is responsible for AWS Shield Standard
AWS
-managed service
-automatically activated for all customers
-no customization
An e-commerce company would like to receive alerts when the Reserved EC2 Instances utilization drops below a certain threshold. Which AWS service can be used to address this use-case?
AWS Budgets
-alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount
-define a utilization threshold and receive alerts when your RI usage falls below that threshold
AWS Budgets
An organization maintains a separate Virtual Private Cloud (VPC) for each of its business units. Two units need to privately share data. Which is the most optimal way of privately sharing data between the two VPCs?
VPC Peering
Which of the following are the serverless computing services offered by AWS (Select two)
-Fargate
-Lambda
Analyze user access patterns and review IAM permissions
responsibility of
Customer
A financial services company wants to migrate from its on-premises data center to AWS Cloud. As a Cloud Practitioner, which AWS service would you recommend so that the company can compare the cost of running their IT infrastructure on-premises vs AWS Cloud?
AWS Pricing Calculator
Which of the following S3 storage classes do not charge any data retrieval fee? (Select two)
-S3 Standard
-S3 Intelligent-Tiering
AWS Marketplace facilitates which of the following use-cases? (Select two)
-Sell Software as a Service (SaaS) solutions to AWS customers
-AWS customer can buy software that has been bundled into customized AMIs by the AWS Marketplace sellers
Which of the following describes an Availability Zone in the AWS Cloud?
One or more data centers in the same location
is one or more discrete data centers with redundant power, networking, and connectivity in an AWS Region.
vailability Zone
A media company uploads its media (audio and video) files to a centralized S3 bucket from geographically dispersed locations. Which of the following solutions can the company use to optimize transfer speeds?
S3 Transfer Acceleration
A financial services company wants to ensure that all customer data uploaded on its data lake on Amazon S3 always stays private. Which of the following is the MOST efficient solution to address this compliance requirement?
Use Amazon S3 Block Public Access to ensure that all S3 resources stay private
Which of the following statements are true regarding Amazon Simple Storage Service (S3) (Select two)?
-S3 is a key value based object storage service
-S3 stores data in a flat non-hierarchical structure
AWS Shield Advanced provides expanded DDoS attack protection for web applications running on which of the following resources? (Select two)
Cloud Front
EC2 Elastic Compute Cloud
Reserved Instance pricing is available for which of the following AWS services? (Select two)
-RDS
-EC2
Which entity ensures that your application on Amazon EC2 always has the right amount of capacity to handle the current traffic demand?
Auto Scaling
Which of the following is the MOST cost-effective EC2 instance purchasing option for short-term, spiky and critical workloads on AWS Cloud?
On-Demand Instance
Which of the following AWS Support plans provide programmatic access to AWS Support Center features to create, manage and close your support cases? (Select two)
-Business
-Enterprise
Which pillar of AWS Well-Architected Framework is responsible for making sure that you select the right resource types and sizes based on your workload requirements?
Performance Efficiency
The ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues.
Reliability
Pillar includes the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures.
Operational Excellence
AWS Trusted Advisor can provide alerts on which of the following common security misconfigurations? (Select two)?
-When you allow public access to Amazon S3 buckets
-When you don’t turn on user activity logging (AWS CloudTrail)
Which of the following S3 storage classes has NO constraint of a minimum storage duration charge for objects?
S3 Standard
S3 Intelligent Tiering
minimum storage duration charge for 90 days
S3 Glacier
minimum storage duration charge for 30 days.
Infrequent Access
minimum storage duration charge for 180 days.
S3 Glacier Deep Archive
Which of the following is best-suited for load-balancing HTTP and HTTPS traffic?
Application Load Balancer
Which of the following is correct regarding the AWS RDS service?Read Replicas
-You can use Read Replicas for both improved read performance as well as Disaster Recovery
-cross-Region Read Replica
Which of the following can you use to run a bootstrap script while launching an EC2 instance?
EC2 instance user data
Which of the following is available across all AWS Support plans?
AWS Personal Health Dashboard
AWS Personal Health Dashboard
U2F security key
The DevOps team at a Big Data consultancy has set up EC2 instances across two AWS Regions for its flagship application. Which of the following characterizes this application architecture? cross region improves
Availability
Which AWS service will help you install application code automatically to an Amazon EC2 instance?
AWS CodeDeploy
Which of the following are recommended security best practices for the AWS account root user? (Select two)
Enable MFA for the AWS account root user
Set up an IAM user with administrator permissions and do not use AWS account root user for administrative tasks
Which AWS service can be used to set up billing alarms to monitor estimated charges on your AWS account?
-AWS Organizations
-Amazon CloudWatch
-AWS Organizations
-AWS Cost Explorer
Amazon CloudWatch
Which AWS service would you choose for a data processing project that needs a schemaless database?
Amazon DynamoDB
Amazon DynamoDB
True
Which of the following is a container service of AWS?
works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS).
AWS Fargate
Which of the following AWS storage services can be directly used with on-premises systems?
Amazon Elastic File System (Amazon EFS)
To access EFS file systems from on-premises
-AWS Direct Connect or
-AWS VPN connection
Amazon S3 can be accessed from on-premises
only via AWS Storage Gateway
A firm wants to maintain the same data on S3 between its production account and multiple test accounts. Which technique should you choose to copy data into multiple test accounts while retaining object metadata?
Amazon S3 Replication
When accounts in organization share reserved instances,
they must
be launched in the same Availability Zone as the reserved instances where purchased
Which of the following entities are part of a VPC in the AWS Cloud? (Select two)
Subnet
Internet Gateway
An e-commerce company has migrated its IT infrastructure from the on-premises data center to AWS Cloud. Which of the following costs is the company responsible for?
Application software license costs
Which AWS service will you use to provision the same AWS infrastructure across multiple AWS accounts and regions?
AWS CloudFormation
Which of the following entities can be used to connect to an EC2 server from a Mac OS, Windows or Linux based computer via a browser-based client?
EC2 Instance Connect
EC2 Instance Connect uses
Secure Shell (SSH).
AWS Identity and Access Management (IAM) policies
can be used from a Mac OS, Windows or Linux based computer,
SSH
Which of the following AWS services can be used to forecast your AWS account usage and costs?
AWS Cost Explorer
automatically assesses applications for exposure, vulnerabilities, and deviations from best practices.
Inspector
Which AWS service can help you analyze your infrastructure to identify unattached or underutilized EBS volumes?
AWS Trusted Advisor
Which of the following are benefits of the AWS Web Application Firewall (WAF)? (Select two)
-WAF can block all requests except the ones that you allow
-WAF can check for the presence of SQL code that is likely to be malicious (known as SQL injection)
WAF can check for the presence of SQL code that is likely to be malicious (known as SQL injection)
-Amazon API Gateway API
-Amazon CloudFront
-Application Load Balancer.
-is a good fit for non-HTTP use cases
-provides static IP addresses that act as a fixed entry point to your applications
AWS Global Accelerator
Which of the following AWS entities lists all users in your account and the status of their various account aspects such as passwords, access keys, and MFA devices?
Credential Reports
A cargo shipping company runs its server-fleet on Amazon EC2 instances. Some of these instances host the CRM (Customer Relationship Management) applications that need to be accessible 24*7. These applications are not mission-critical. In case of a disaster, these applications can be managed on a lesser number of instances for some time.
Which disaster recovery strategy is well-suited as well as cost-effective for this requirement?
Warm Standby strategy
-always running but smaller
-business critical
Warm Standby strategy
-iddle service
-provision and then scale
Pilot light
-mission critial
-no downtime
multi-site active/active
-lower priority
-restore after event
backup & restore
