YT 61-80 Flashcards
A company wants to manage deployed IT services and govern its infrastructure as code (laC) templates.Which AWS service will meet this requirement?
A. AWS Resource Explorer
B. AWS Service Catalog
C. AWS Organizations
D. AWS Systems Manager
β B. AWS Service Catalog
π‘ Explanation:
AWS Service Catalog allows organizations to centrally manage and deploy approved IT services and infrastructure as code (IaC) templates.
β Why the others are wrong:
A. AWS Resource Explorer: Used for discovering AWS resources, not managing IaC.
C. AWS Organizations: Helps manage multiple AWS accounts, not infrastructure templates.
D. AWS Systems Manager: Focuses on operational management, not IaC governance.
Which AWS service or tool helps users visualize, understand, and manage spending and usage over time?
A. AWS Organizations
B. AWS Pricing Calculator
C. AWS Cost Explorer
D. AWS Service Catalog
β C. AWS Cost Explorer
π‘ Explanation:
AWS Cost Explorer provides visual reports on spending trends and cost forecasts.
β Why the others are wrong:
A. AWS Organizations: Manages multiple AWS accounts but does not analyze costs in detail.
B. AWS Pricing Calculator: Estimates costs but does not track usage over time.
D. AWS Service Catalog: Manages approved IT resources, not cost tracking.
A company is using a central data platform to manage multiple types of data for its customers. The company wants to use AWS services to discover, transform, and visualize the data. Which combination of AWS services should the company use to meet these requirements? (Choose two.)
A. AWS Glue
B. Amazon Elastic File System (Amazon EFS)
C. Amazon Redshift
D. Amazon QuickSight
E. Amazon Quantum Ledger Database (Amazon QLDB)
β A. AWS Glue & D. Amazon QuickSight
π‘ Explanation:
AWS Glue performs data extraction, transformation, and loading (ETL), while Amazon QuickSight provides interactive data visualization.
β Why the others are wrong:
B. Amazon EFS: A file storage service, not used for data transformation.
C. Amazon Redshift: A data warehouse, but it does not perform ETL or visualization.
E. Amazon QLDB: A ledger database, not suitable for general data transformation and visualization.
A global company wants to migrate its third-party applications to the AWS Cloud. The company wants help from a global team of experts to complete the migration faster and more reliably in accordance with AWS internal best practices. Which AWS service or resource will meet these requirements?β
A. AWS Support
B. AWS Professional Services
C. AWS Launch Wizard
D. AWS Managed Services (AMS)
β B. AWS Professional Services
π‘ Explanation:
AWS Professional Services provides expert guidance to help companies migrate applications efficiently using AWS best practices.
β Why the others are wrong:
A. AWS Support: Focuses on troubleshooting, not migration strategy.
C. AWS Launch Wizard: Automates resource provisioning but does not provide migration guidance.
D. AWS Managed Services (AMS): Manages cloud environments but does not specifically handle migration.
A Developer wants to deploy an application quickly on AWS without manually creating the required resources. Which AWS service will meet these requirements?
A. Amazon EC2
B. AWS Elastic Beanstalk
C. AWS CodeBuild
D. Amazon Personalize
β B. AWS Elastic Beanstalk
π‘ Explanation:
AWS Elastic Beanstalk automates resource provisioning, deployment, scaling, and management for applications.
β Why the others are wrong:
A. Amazon EC2: Provides compute resources but requires manual setup.
C. AWS CodeBuild: Used for building and testing code, not for deployment.
D. Amazon Personalize: Provides AI-powered recommendations, not deployment automation.
A company is storing sensitive customer data in an Amazon S3 bucket. The company wants to protect the data from accidental deletion or overwriting. Which S3 feature should the company use to meet these requirements?
A. S3 Lifecycle rules
B. S3 Versioning
C. S3 bucket policies
D. S3 server-side encryption
β B. S3 Versioning
π‘ Explanation:
S3 Versioning keeps multiple versions of objects, preventing accidental deletion or overwriting.
β Why the others are wrong:
A. S3 Lifecycle rules: Automates object deletion but does not prevent accidental overwrites.
C. S3 bucket policies: Controls access but does not preserve object versions.
D. S3 server-side encryption: Protects data confidentiality but does not prevent deletion.
Which AWS service provides the ability to manage infrastructure as code?
A. AWS CodePipeline
B. AWS CodeDeploy
C. AWS Direct Connect
D. AWS CloudFormation
β D. AWS CloudFormation
π‘ Explanation:
AWS CloudFormation allows users to define and provision AWS infrastructure as code.
β Why the others are wrong:
A. AWS CodePipeline: Manages CI/CD pipelines, not infrastructure.
B. AWS CodeDeploy: Automates application deployment, not infrastructure provisioning.
C. AWS Direct Connect: Establishes private network connections, not infrastructure as code.
An online gaming company needs to choose a purchasing option to run its Amazon EC2 instances for 1 year. The web traffic is consistent, and any increases in traffic are predictable. The EC2 instances must be online and available without any disruption.Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?
A. On-Demand Instances
B. Reserved Instances
C. Spot Instances
D. Spot Fleet
β B. Reserved Instances
π‘ Explanation:
Reserved Instances provide cost savings for applications with predictable usage by committing to a 1-year or 3-year term.
β Why the others are wrong:
A. On-Demand Instances: More expensive for steady workloads.
C. Spot Instances: Cheaper but can be interrupted, unsuitable for always-on applications.
D. Spot Fleet: Similar to Spot Instances, lacks guaranteed availability.
Which AWS service or feature allows a user to establish a dedicated network connection between a companyβs on-premises data center and the AWS Cloud?
A. AWS Direct Connect
B. VPC peering
C. AWS VPN
D. Amazon Route 53
β A. AWS Direct Connect
π‘ Explanation:
AWS Direct Connect establishes a private, high-speed connection between an on-premises data center and AWS.
β Why the others are wrong:
B. VPC peering: Connects VPCs but does not provide on-premises connectivity.
C. AWS VPN: Provides a secure connection but is not as stable or high-speed as Direct Connect.
D. Amazon Route 53: Manages DNS but does not establish network connections.
Which option is a physical location of the AWS global infrastructure?
A. AWS DataSync
B. AWS Region
C. Amazon Connect
D. AWS Organizations
β B. AWS Region
π‘ Explanation:
An AWS Region is a physical location with multiple Availability Zones, providing cloud infrastructure.
β Why the others are wrong:
A. AWS DataSync: Transfers data but is not a physical location.
C. Amazon Connect: A cloud-based contact center service.
D. AWS Organizations: Manages accounts, not physical infrastructure.
A company wants to protect its AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks. Which pillar of the AWS Well-Architected Framework is supported by these goals?
A. Reliability
B. Security
C. Operational excellence
D. Performance efficiency
β B. Security
π‘ Explanation:
The Security pillar of the AWS Well-Architected Framework focuses on protecting information, systems, and assets while identifying and mitigating risks.
β Why the others are wrong:
A. Reliability: Ensures systems function correctly and recover from failures, but does not focus on security.
C. Operational excellence: Focuses on managing operations efficiently, not security.
D. Performance efficiency: Deals with optimizing resources and scalability, not security.
What is the purpose of having an internet gateway within a VPC?
A. To create a VPN connection to the VPC
B. To allow communication between the VPC and the internet
C. To impose bandwidth constraints on internet traffic
D. To load balance traffic from the internet across Amazon EC2 instances
β B. To allow communication between the VPC and the internet
π‘ Explanation:
An Internet Gateway enables internet access for resources inside a VPC, allowing outbound and inbound traffic.
β Why the others are wrong:
A. To create a VPN connection to the VPC: VPN connections require AWS Site-to-Site VPN, not an internet gateway.
C. To impose bandwidth constraints on internet traffic: AWS does not use internet gateways to limit bandwidth.
D. To load balance traffic from the internet across EC2 instances: Elastic Load Balancer (ELB) handles this, not an internet gateway.
A company is running a monolithic on-premises application that does not scale and is difficult to maintain. The company has a plan to migrate the application to AWS and divide the application into microservices. Which best practice of the AWS Well-Architected Framework is the company following with this plan?
A. Integrate functional testing as part of AWS deployment.
B. Use automation to deploy changes.
C. Deploy the application to multiple locations.
D. Implement loosely coupled dependencies.
β D. Implement loosely coupled dependencies
π‘ Explanation:
Breaking a monolithic application into microservices follows the principle of loosely coupled dependencies, improving scalability and maintainability.
β Why the others are wrong:
A. Integrate functional testing as part of AWS deployment: Important but not related to microservices.
B. Use automation to deploy changes: Helps but does not define microservices architecture.
C. Deploy the application to multiple locations: Enhances availability but is not the core concept of microservices.
A company has an AWS account. The company wants to audit its password and access key rotation details for compliance purposes. Which AWS service or tool will meet this requirement?
A. IAM Access Analyzer
B. AWS Artifact
C. IAM credential report
D. AWS Audit Manager
β C. IAM credential report
π‘ Explanation:
The IAM credential report provides details on password policies, access key rotation, and IAM user credentials.
β Why the others are wrong:
A. IAM Access Analyzer: Monitors resource access but does not audit credentials.
B. AWS Artifact: Provides compliance reports, not IAM access details.
D. AWS Audit Manager: Assists in compliance reporting but does not generate IAM credential reports.
A company wants to receive a notification when a specific AWS cost threshold is reached. Which AWS services or tools can the company use to meet this requirement?
(Choose two.)
A. Amazon Simple Queue Service (Amazon SQS)
B. AWS Budgets
C. Cost Explorer
D. Amazon CloudWatch
E. AWS Cost and Usage Report
β B. AWS Budgets & D. Amazon CloudWatch
π‘ Explanation:
AWS Budgets: Sends alerts when spending exceeds a defined threshold.
Amazon CloudWatch: Monitors AWS usage and can trigger cost-based alerts.
β Why the others are wrong:
A. Amazon SQS: Manages message queues, not cost alerts.
C. Cost Explorer: Analyzes past costs but does not send notifications.
E. AWS Cost and Usage Report: Provides cost data but does not trigger alerts.
Which AWS service or resource provides answers to the most frequently asked security-related questions that AWS receives from its users?
A. AWS Artifact
B. Amazon Connect
C. AWS Chatbot
D. AWS Knowledge Center
β D. AWS Knowledge Center
π‘ Explanation:
AWS Knowledge Center provides answers to frequently asked security-related and other AWS questions.
β Why the others are wrong:
A. AWS Artifact: Provides compliance and audit reports but not FAQ-style answers.
B. Amazon Connect: A cloud-based call center service, unrelated to security FAQs.
C. AWS Chatbot: Integrates AWS services with messaging platforms but does not provide FAQs.
Which tasks are customer responsibilities, according to the AWS shared responsibility model?
(Choose two.)
A. Configure the AWS provided security group firewall.
B. Classify company assets in the AWS Cloud.
C. Determine which Availability Zones to use for Amazon S3 buckets, 023
D. Patch or upgrade Amazon DynamoDB.
E. Select Amazon EC2 instances to run AWS Lambda on.
β
A. Configure the AWS provided security group firewall.
β
B. Classify company assets in the AWS Cloud.
π‘ Explanation:
Customers are responsible for security configurations (like security groups) and data classification to manage access controls.
β Why the others are wrong:
C. Determine which Availability Zones to use for S3 buckets: S3 is a regional service, not bound to specific AZs.
D. Patch or upgrade Amazon DynamoDB: AWS manages DynamoDB maintenance.
E. Select EC2 instances to run AWS Lambda: Lambda does not require EC2 instances; itβs fully managed by AWS.
Which of the following are pillars of the AWS Well-Architected Framework? (Choose two.)
A. Availability
B. Reliability
C. Scalability
D. Responsive design
E. Operational excellence
β
B. Reliability
β
E. Operational excellence
π‘ Explanation:
Reliability: Ensures systems recover quickly and function properly.
Operational excellence: Optimizes processes, automation, and management of workloads.
β Why the others are wrong:
A. Availability: Important but falls under Reliability, not its own pillar.
C. Scalability: Covered under Performance efficiency, not a standalone pillar.
D. Responsive design: Not part of the AWS Well-Architected Framework.
Which of the following is a fully managed MySQL-compatible database?
A. Amazon S3
B. Amazon DynamoDB
C. Amazon Redshift
D. Amazon Aurora
β D. Amazon Aurora
π‘ Explanation:
Amazon Aurora is a fully managed, MySQL- and PostgreSQL-compatible database offering high performance and availability.
β Why the others are wrong:
A. Amazon S3: Object storage, not a database.
B. Amazon DynamoDB: A NoSQL database, not MySQL-compatible.
C. Amazon Redshift: A data warehouse, not optimized for MySQL workloads.
Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co-location environments, or on-premises facilities?
A. AWS Snowmobile
B. AWS Local Zones
C. AWS Outposts
D. AWS Fargate
β C. AWS Outposts
π‘ Explanation:
AWS Outposts extends AWS services, APIs, and tools to on-premises environments, providing a hybrid cloud solution.
β Why the others are wrong:
A. AWS Snowmobile: A data transfer service for petabyte-scale migrations.
B. AWS Local Zones: Extends AWS infrastructure closer to users but does not integrate directly into on-premises data centers.
D. AWS Fargate: A serverless compute engine for containers, not a hybrid cloud solution
