반응형
AWS Cloud 관련 자격증들 중에서 가장 쉬운 자격증이 AWS Certified Cloud Practitioner 이다.
AWS의 다양한 서비스들에 대해 얕게나마 알고 있으면 취득가능하다.
| 사이트No. | 덤프No. | Question | Choice Options | Answer | Keywords | Explanation |
| T001 | A company is planning to run a global marketing application in the AWS Cloud. The application will feature videos that can be viewed by users. The company must ensure that all users can view these videos with low latency. Which AWS service should the company use to meet this requirement? |
A. AWS Auto Scaling B. Amazon Kinesis Video Streams C. Elastic Load Balancing D. Amazon CloudFront |
Amazon CloudFront | Amazon CloudFront | low latency, delivery of videos, Amazon CloudFront Amazon CloudFront Amazon CloudFront is a content delivery network (CDN) that speeds up the delivery of content to users across the world. CloudFront achieves this by using a network of edge locations. An edge location is a physical location where content is cached and served to users. When a user requests content, CloudFront directs the request to the nearest edge location, where the cached content is delivered to the user. This reduces the time it takes to deliver the content and improves the user experience. By using a global network of edge locations, CloudFront is able to deliver content faster, regardless of the user's location. Reference: https://aws.amazon.com/cloudfront/features/ |
|
| T002 | D252 | Which pillar of the AWS Well-Architected Framework refers to the ability of a system to recover from infrastructure or service disruptions and dynamically acquire computing resources to meet demand? | A. Security B. Reliability C. Performance efficiency D. Cost optimization |
B. Reliability | AWS Well-Architected Framework, Reliability pillar | Reliability The Reliability pillar encompasses the ability of a workload to perform its intended function correctly and consistently when it's expected to. This includes the ability to operate and test the workload through its total lifecycle. 5 design principles for reliability - Automatically recover from failure - Test recovery procedures - Scale horizontally to increase aggregate workload availability - Stop guessing capacity - Manage change in automation https://aws.amazon.com/blogs/apn/the-6-pillars-of-the-aws-well-architected-framework/ |
| T003 | Which of the following are benefits of migrating to the AWS Cloud? (Choose two.) | A. Operational resilience B. Discounts for products on Amazon.com C. Business agility D. Business excellence E. Increased staff retention |
A. Operational resilience C. Business agility |
AWS Cloud | ||
| T004 | A company is planning to replace its physical on-premises compute servers with AWS serverless compute services. The company wants to be able to take advantage of advanced technologies quickly after the migration. Which pillar of the AWS Well-Architected Framework does this plan represent? |
A. Security B. Performance efficiency C. Operational excellence D. Reliability |
B. Performance efficiency | AWS Well-Architected Framework, Performance efficiency pillar | The Performance Efficiency pillar includes the ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve. There are five design principles for performance efficiency in the cloud: Democratize advanced technologies Go global in minutes Use serverless architectures Experiment more often Consider mechanical sympathy https://aws.amazon.com/blogs/apn/the-6-pillars-of-the-aws-well-architected-framework/ |
|
| T005 | A large company has multiple departments. Each department has its own AWS account. Each department has purchased Amazon EC2 Reserved Instances. Some departments do not use all the Reserved Instances that they purchased, and other departments need more Reserved Instances than they purchased. The company needs to manage the AWS accounts for all the departments so that the departments can share the Reserved Instances. Which AWS service or tool should the company use to meet these requirements? |
A. AWS Systems Manager B. Cost Explorer C. AWS Trusted Advisor D. AWS Organizations |
D. AWS Organizations | AWS Organizations | AWS Organizations, departments can share the Reserved Instances. | |
| T006 | Which component of the AWS global infrastructure is made up of one or more discrete data centers that have redundant power, networking, and connectivity? | A. AWS Region B. Availability Zone C. Edge location D. AWS Outposts |
B. Availability Zone | Availability Zone | Availability Zone - one or more isolated data centers in the same regional area - redundant power, networking, and connectivity |
|
| T007 | Which duties are the responsibility of a company that is using AWS Lambda? (Choose two.) | A. Security inside of code B. Selection of CPU resources C. Patching of operating system D. Writing and updating of code E. Security of underlying infrastructure |
A. Security inside of code D. Writing and updating of code |
AWS Lambda | AWS Lambda, AWS shared responsibility model, responsibility of a company | |
| T008 | Which AWS services or features provide disaster recovery solutions for Amazon EC2 instances? (Choose two.) | A. ׀•׀¡2 Reserved Instances B. EC2 Amazon Machine Images (AMIs) C. Amazon Elastic Block Store (Amazon EBS) snapshots D. AWS Shield E. Amazon GuardDuty |
B. EC2 Amazon Machine Images (AMIs) C. Amazon Elastic Block Store (Amazon EBS) snapshots |
disaster recovery | ||
| T009 | A company is migrating to the AWS Cloud instead of running its infrastructure on premises. Which of the following are advantages of this migration? (Choose two.) |
A. Elimination of the need to perform security auditing B. Increased global reach and agility C. Ability to deploy globally in minutes D. Elimination of the cost of IT staff members E. Redundancy by default for all compute services |
B. Increased global reach and agility C. Ability to deploy globally in minutes |
AWS Cloud | agility, in minutes |
|
| T010 | A user is comparing purchase options for an application that runs on Amazon EC2 and Amazon RDS. The application cannot sustain any interruption. The application experiences a predictable amount of usage, including some seasonal spikes that last only a few weeks at a time. It is not possible to modify the application. Which purchase option meets these requirements MOST cost-effectively? |
A. Review the AWS Marketplace and buy Partial Upfront Reserved Instances to cover the predicted and seasonal load. B. Buy Reserved Instances for the predicted amount of usage throughout the year. Allow any seasonal usage to run on Spot Instances. C. Buy Reserved Instances for the predicted amount of usage throughout the year. Allow any seasonal usage to run at an On-Demand rate. D. Buy Reserved Instances to cover all potential usage that results from the seasonal usage. |
C. Buy Reserved Instances for the predicted amount of usage throughout the year. Allow any seasonal usage to run at an On-Demand rate. | C is the correct answer, the question explicitly mentioned that "The application cannot sustain any interruption" of which Spot Instances are ideal for workloads with flexible start and end times, or that can withstand interruptions. Ideally we want pricing that doesn't allow interruption in this case it will be On-Demand. By using Reserved Instances for the predictable usage and leveraging On-Demand instances for seasonal spikes, the user can avoid overprovisioning while still having the required capacity during peak periods. This approach allows for cost-effective utilization of resources while meeting the application's requirement of no interruptions. |
||
| T011 | A company wants to review its monthly costs of using Amazon EC2 and Amazon RDS for the past year. Which AWS service or tool provides this information? |
A. AWS Trusted Advisor B. Cost Explorer C. Amazon Forecast D. Amazon CloudWatch |
B. Cost Explorer | Cost Explorer | After you enable Cost Explorer, AWS prepares the data about your costs for the current month and the last 12 months, and then calculates the forecast for the next 12 months. The current month's data is available for viewing in about 24 hours. The rest of your data takes a few days longer. Cost Explorer updates your cost data at least once every 24 hours. | |
| T012 | A company wants to migrate a critical application to AWS. The application has a short runtime. The application is invoked by changes in data or by shifts in system state. The company needs a compute solution that maximizes operational efficiency and minimizes the cost of running the application. Which AWS solution should the company use to meet these requirements? |
A. Amazon EC2 On-Demand Instances B. AWS Lambda C. Amazon EC2 Reserved Instances D. Amazon EC2 Spot Instances |
B. AWS Lambda | AWS Lambda | 1. Run code without provisioning or managing infrastructure. Simply write and upload code as a .zip file or container image. 2. Automatically respond to code execution requests at any scale, from a dozen events per day to hundreds of thousands per second. 3. Save costs by paying only for the compute time you use—by per-millisecond—instead of provisioning infrastructure upfront for peak capacity. |
|
| T013 | Which AWS service or feature allows users to connect with and deploy AWS services programmatically? | A. AWS Management Console B. AWS Cloud9 C. AWS CodePipeline D. AWS software development kits (SDKs) |
D. AWS software development kits (SDKs) | AWS software development kits (SDKs) | AWS software development kits (SDKs) provide developers with the necessary tools and libraries to interact with AWS services programmatically. SDKs are available for various programming languages, such as Python, Java, .NET, Ruby, and more. They offer APIs and helper functions that simplify the integration and interaction with AWS services. Using the AWS SDKs, developers can write code to authenticate with AWS, make API calls, manage resources, and deploy and configure AWS services. This enables programmatically automating tasks, provisioning resources, managing infrastructure, and interacting with AWS services without the need for manual intervention. |
|
| T014 | A company plans to create a data lake that uses Amazon S3. Which factor will have the MOST effect on cost? |
A. The selection of S3 storage tiers B. Charges to transfer existing data into Amazon S3 C. The addition of S3 bucket policies D. S3 ingest fees for each request |
A. The selection of S3 storage tiers | Amazon S3. | ||
| T015 | A company is launching an ecommerce application that must always be available. The application will run on Amazon EC2 instances continuously for the next 12 months. What is the MOST cost-effective instance purchasing option that meets these requirements? |
A. Spot Instances B. Savings Plans C. Dedicated Hosts D. On-Demand Instances |
B. Savings Plans | Amazon EC2 Savings Plans | Amazon EC2 Savings Plans enable you to reduce your compute costs by committing to a consistent amount of compute usage for a 1-year or 3-year term. This results in savings of up to 72% over On-Demand Instance costs. Any usage up to the commitment is charged at the discounted Savings Plan rate (for example, $10 an hour). Any usage beyond the commitment is charged at regular On-Demand Instance rates. | |
| T016 | Which AWS service or feature can a company use to determine which business unit is using specific AWS resources? | A. Cost allocation tags B. Key pairs C. Amazon Inspector D. AWS Trusted Advisor |
A. Cost allocation tags | Cost allocation tags | Cost allocation tags are a mechanism provided by AWS to assign metadata to AWS resources for cost tracking and categorization purposes. By applying cost allocation tags to resources, companies can associate custom metadata to identify and categorize resources based on different criteria, such as business unit, department, project, or application. When using cost allocation tags, companies can track and analyze their AWS costs based on the assigned tags. This allows them to determine the cost distribution among different business units or any other relevant categorization. Cost allocation tags provide granular visibility into resource usage and expenditure, enabling accurate cost attribution and analysis. |
|
| T018 | Which AWS service or tool should a company use to centrally request and track service limit increases? | A. AWS Config B. Service Quotas C. AWS Service Catalog D. AWS Budgets |
B. Service Quotas | Service Quotas | Service Quotas is an AWS service that allows users to view, manage, and request increases in service limits for various AWS services. Service limits are predefined limits set by AWS on the usage of specific resources or services within an AWS account. By using Service Quotas, a company can centrally manage its service limits and request increases when needed. It provides visibility into the current limits, usage, and available quota for each service. The service includes an interface to submit requests for limit increases, track the status of the requests, and receive notifications on updates. |
|
| T019 | Which documentation does AWS Artifact provide? | A. Amazon EC2 terms and conditions B. AWS ISO certifications C. A history of a company's AWS spending D. A list of previous-generation Amazon EC2 instance types |
B. AWS ISO certifications | AWS Artifact | AWS Artifact is a web service that enables you to download AWS security and compliance documents such as ISO certifications and SOC reports. User Guide. Describes key concepts of AWS Artifact and provides instructions for using the features of AWS Artifact. | |
| T020 | Which task requires using AWS account root user credentials? | A. Viewing billing information B. Changing the AWS Support plan C. Starting and stopping Amazon EC2 instances D. Opening an AWS Support case |
B. Changing the AWS Support plan | Changing the AWS Support plan, which includes upgrading or downgrading the level of support, typically requires the privileges associated with the AWS account root user. The root user has full access and permissions to manage all aspects of the AWS account, including billing and support-related configurations. | ||
| T021 | A company needs to simultaneously process hundreds of requests from different users. Which combination of AWS services should the company use to build an operationally efficient solution? |
A. Amazon Simple Queue Service (Amazon SQS) and AWS Lambda B. AWS Data Pipeline and Amazon EC2 C. Amazon Kinesis and Amazon Athena D. AWS Amplify and AWS AppSync |
A. Amazon Simple Queue Service (Amazon SQS) and AWS Lambda | The combination of SQS and Lambda offers several benefits: Scalability: SQS allows for handling a large number of requests, while Lambda automatically scales the processing capacity based on the incoming workload. Reliability: SQS ensures reliable message delivery, and Lambda functions are designed to be stateless and fault-tolerant. Decoupling: The decoupling of services through SQS enables loose coupling, allowing components to evolve independently and scale separately. |
||
| T022 | What is the scope of a VPC within the AWS network? | A. A VPC can span all Availability Zones globally. B. A VPC must span at least two subnets in each AWS Region. C. A VPC must span at least two edge locations in each AWS Region. D. A VPC can span all Availability Zones within an AWS Region. |
D. A VPC can span all Availability Zones within an AWS Region. | Amazon VPC | * A VPC is a logically isolated piece of AWS cloud dedicated to your company. This means, you can run applications on overly provisioned, highly available, and redundant infrastructure setup and it is managed by AWS. All the complexity of setting up a data center with cables, server racks, hardware, power supply, etc. all are managed by AWS. * A VPC belongs to a region. * A VPC spans all availability zones. * You can have multiple VPCs per region. * VPC contains one or more subnets. * A Subnet is tied to a single availability zone. * EC2 instances launch into subnets. |
|
| T023 | Which of the following are components of an AWS Site-to-Site VPN connection? (Choose two.) | A. AWS Storage Gateway B. Virtual private gateway C. NAT gateway D. Customer gateway E. Internet gateway |
B. Virtual private gateway D. Customer gateway |
Amazon VPC | AWS Storage Gateway - it’s a hybrid cloud storage solution - not A Virtual Private Gateway - It’s the AWS side of a VPN connection NAT Gateway is used for the private subnet to connect to internet - not C customer gateway is the customer side of a VPN connection IGW is not site-to-site, it’s for providing internet access - not E |
|
| T024 | A company needs to establish a connection between two VPCs. The VPCs are located in two different AWS Regions. The company wants to use the existing infrastructure of the VPCs for this connection. Which AWS service or feature can be used to establish this connection? |
A. AWS Client VPN B. VPC peering C. AWS Direct Connect D. VPC endpoints |
B. VPC peering | Amazon VPC | Inter-Region VPC Peering is possible. For AWS Direct Connect, its main selling point is to connect your on-premise infrastructure. https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html |
|
| T025 | According to the AWS shared responsibility model, what responsibility does a customer have when using Amazon RDS to host a database? | A. Manage connections to the database B. Install Microsoft SQL Server C. Design encryption-at-rest strategies D. Apply minor database patches |
A. Manage connections to the database | Amazon RDS | not C - You do not design the encryption strategy but enable it during provisioning as an option. Option A, managing connections to the database, is typically handled by the application or the customer's responsibility outside of the database service itself. |
|
| T026 | What are some advantages of using Amazon EC2 instances to host applications in the AWS Cloud instead of on premises? (Choose two.) | A. EC2 includes operating system patch management. B. EC2 integrates with Amazon VPC, AWS CloudTrail, and AWS Identity and Access Management (IAM). C. EC2 has a 100% service level agreement (SLA). D. EC2 has a flexible, pay-as-you-go pricing model. E. EC2 has automatic storage cost optimization. |
D. EC2 has a flexible, pay-as-you-go pricing model. E. EC2 has automatic storage cost optimization. |
AWS Cloud | Controversial. | |
| T027 | A user needs to determine whether an Amazon EC2 instance's security groups were modified in the last month. How can the user see if a change was made? |
A. Use Amazon EC2 to see if the security group was changed. B. Use AWS Identity and Access Management (IAM) to see which user or role changed the security group. C. Use AWS CloudTrail to see if the security group was changed. D. Use Amazon CloudWatch to see if the security group was changed. |
C. Use AWS CloudTrail to see if the security group was changed. | AWS CloudTrail | CloudTrail is the correct answer: https://aws.amazon.com/cloudtrail/features/ "CloudTrail records user activity and API calls across AWS services as events. CloudTrail events help you answer the questions of "who did what, where, and when?"" |
|
| T028 | Which AWS service will help protect applications running on AWS from DDoS attacks? | A. Amazon GuardDuty B. AWS WAF C. AWS Shield D. Amazon Inspector |
C. AWS Shield | shield is the answer to DDoS if you see DDoS, choose shield Automatic protection: AWS Shield provides automatic protection for all AWS customers against common and most frequently observed DDoS attacks, without the need for any additional setup. DDoS response team: AWS Shield has a dedicated DDoS Response Team (DRT) available 24/7 to monitor and mitigate DDoS attacks, providing expertise and support during an attack. Scalability: AWS Shield is designed to scale and handle high-volume DDoS attacks, leveraging AWS's global network infrastructure. |
||
| T029 | Which AWS service or feature acts as a firewall for Amazon EC2 instances? | A. Network ACL B. Elastic network interface C. Amazon VPC D. Security group |
D. Security group | Security group - at instance level NACL - subnet level |
||
| T030 | How does the AWS Cloud pricing model differ from the traditional on-premises storage pricing model? | A. AWS resources do not incur costs B. There are no infrastructure operating costs C. There are no upfront cost commitments D. There are no software licensing costs |
B. There are no infrastructure operating costs | |||
| T031 | A company has a single Amazon EC2 instance. The company wants to adopt a highly available architecture. What can the company do to meet this requirement? |
A. Scale vertically to a larger EC2 instance size. B. Scale horizontally across multiple Availability Zones. C. Purchase an EC2 Dedicated Instance. D. Change the EC2 instance family to a compute optimized instance. |
B. Scale horizontally across multiple Availability Zones. | |||
| T032 | A company's on-premises application deployment cycle was 3-4 weeks. After migrating to the AWS Cloud, the company can deploy the application in 2-3 days. Which benefit has this company experienced by moving to the AWS Cloud? |
A. Elasticity B. Flexibility C. Agility D. Resilience |
C. Agility | Increase speed and agility | Increase speed and agility – In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower. | |
| T033 | Which of the following are included in AWS Enterprise Support? (Choose two.) | A. AWS technical account manager (TAM) B. AWS partner-led support C. AWS Professional Services D. Support of third-party software integration to AWS E. 5-minute response time for critical issues |
A. AWS technical account manager (TAM) D. Support of third-party software integration to AWS |
AWS Enterprise Support | https://i.ytimg.com/vi/0LQcq_zyNmg/maxresdefault.jpg | |
| T034 | A global media company uses AWS Organizations to manage multiple AWS accounts. Which AWS service or feature can the company use to limit the access to AWS services for member accounts? |
A. AWS Identity and Access Management (IAM) B. Service control policies (SCPs) C. Organizational units (OUs) D. Access control lists (ACLs) |
B. Service control policies (SCPs) | AWS Organizations | SCPs are a feature of AWS Organizations that allow an organization to set rules that govern the use of AWS services across all accounts in the organization. SCPs can be used to restrict the use of specific AWS services or to impose additional conditions or requirements on the use of those services. SCPs are applied at the organizational unit (OU) level, so organizations can create different policies for different groups of accounts within their AWS Organization. | |
| T035 | A company wants to limit its employees' AWS access to a portfolio of predefined AWS resources. Which AWS solution should the company use to meet this requirement? |
A. AWS Config B. AWS software development kits (SDKs) C. AWS Service Catalog D. AWS AppSync |
C. AWS Service Catalog | AWS Service Catalog | AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures. | |
| T036 | An online company was running a workload on premises and was struggling to launch new products and features. After migrating the workload to AWS, the company can quickly launch products and features and can scale its infrastructure as required. Which AWS Cloud value proposition does this scenario describe? |
A. Business agility B. High availability C. Security D. Centralized auditing |
A. Business agility | agility | ||
| T037 | Which of the following are advantages of the AWS Cloud? (Choose two.) | A. AWS management of user-owned infrastructure B. Ability to quickly change required capacity C. High economies of scale D. Increased deployment time to market E. Increased fixed expenses |
B. Ability to quickly change required capacity C. High economies of scale |
AWS Cloud | * Trade fixed expense for variable expense * Benefit from massive economies of scale * Stop guessing capacity * Increase speed and agility * Stop spending money running and maintaining data centers * Go global in minutes |
|
| T038 | AWS has the ability to achieve lower pay-as-you-go pricing by aggregating usage across hundreds of thousands of users. This describes which advantage of the AWS Cloud? |
A. Launch globally in minutes B. Increase speed and agility C. High economies of scale D. No guessing about compute capacity |
C. High economies of scale | Benefit from massive economies of scale – By using cloud computing, you can achieve a lower variable cost than you can get on your own. Because usage from hundreds of thousands of customers is aggregated in the cloud, providers such as AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices. | ||
| T039 | A company has a database server that is always running. The company hosts the server on Amazon EC2 instances. The instance sizes are suitable for the workload. The workload will run for 1 year. Which EC2 instance purchasing option will meet these requirements MOST cost-effectively? |
A. Standard Reserved Instances B. On-Demand Instances C. Spot Instances D. Convertible Reserved Instances |
A. Standard Reserved Instances | Standard Reserved Instances | Standard Reserved Instances provide a significant cost-saving opportunity for long-term, steady-state workloads. By purchasing Reserved Instances, the company commits to a specific instance configuration, including instance type, region, and term (1 year in this case). This commitment allows the company to benefit from a lower hourly rate compared to On-Demand Instances. Since the workload is expected to run continuously for a year, the company can confidently make the upfront payment and reserve the instances for that duration. This provides cost predictability and significant savings compared to using On-Demand Instances throughout the year. |
|
| T040 | A company is developing a mobile app that needs a high-performance NoSQL database. Which AWS services could the company use for this database? (Choose two.) |
A. Amazon Aurora B. Amazon RDS C. Amazon Redshift D. Amazon DocumentDB (with MongoDB compatibility) E. Amazon DynamoDB |
D. Amazon DocumentDB (with MongoDB compatibility) E. Amazon DynamoDB |
Amazon DocumentDB, Amazon DynamoDB | RDS is a SQL based DB. Dynamo DB and Document DB are the only No-SQL options. | |
| T041 | Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Choose two.) | A. Patch the Amazon EC2 guest operating system. B. Upgrade the firmware of the network infrastructure. C. Apply password rotation for IAM users. D. Maintain the physical security of edge locations. E. Maintain least privilege access to the root user account. |
B. Upgrade the firmware of the network infrastructure. D. Maintain the physical security of edge locations. |
AWS shared responsibility model | ||
| T042 | Which of the following are features of network ACLs as they are used in the AWS Cloud? (Choose two.) | A. They are stateless. B. They are stateful. C. They evaluate all rules before allowing traffic. D. They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic. E. They operate at the instance level. |
A. They are stateless. D. They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic. |
network ACLs | Network ACLs are stateless, which means that responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa). A network ACL has inbound rules and outbound rules. Each rule can either allow or deny traffic. Each rule has a number from 1 to 32766. We evaluate the rules in order, starting with the lowest numbered rule, when deciding whether allow or deny traffic. If the traffic matches a rule, the rule is applied and we do not evaluate any additional rules. We recommend that you start by creating rules in increments (for example, increments of 10 or 100) so that you can insert new rules later on, if needed. |
|
| T043 | A company has designed its AWS Cloud infrastructure to run its workloads effectively. The company also has protocols in place to continuously improve supporting processes. Which pillar of the AWS Well-Architected Framework does this scenario represent? |
A. Security B. Performance efficiency C. Cost optimization D. Operational excellence |
D. Operational excellence | AWS Well-Architected Framework | Refine operations procedures frequently: As you use operations procedures, look for opportunities to improve them. As you evolve your workload, evolve your procedures appropriately. Set up regular game days to review and validate that all procedures are effective and that teams are familiar with them. | |
| T044 | Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload? | A. Amazon Route 53 B. Amazon Macie C. AWS Direct Connect D. AWS PrivateLink |
C. AWS Direct Connect | AWS Direct Connect | AWS Direct Connect is a network service that establishes a dedicated, private network connection between an organization's on-premises infrastructure and AWS. It enables secure and reliable communication between the on-premises network and AWS resources without traversing the public internet. | |
| T045 | A company needs to graphically visualize AWS billing and usage over time. The company also needs information about its AWS monthly costs. Which AWS Billing and Cost Management tool provides this data in a graphical format? |
A. AWS Bills B. Cost Explorer C. AWS Cost and Usage Report D. AWS Budgets |
B. Cost Explorer | Cost Explorer | Both Cost Explorer and Cost and Usage reports are for same purpose. The main difference is Cost Explorer gives graphically representation. so correct answer is B | |
| T046 | A company wants to run production workloads on AWS. The company needs concierge service, a designated AWS technical account manager (TAM), and technical support that is available 24 hours a day, 7 days a week. Which AWS Support plan will meet these requirements? |
A. AWS Basic Support B. AWS Enterprise Support C. AWS Business Support D. AWS Developer Support |
B. AWS Enterprise Support | |||
| T047 | Which architecture design principle describes the need to isolate failures between dependent components in the AWS Cloud? | A. Use a monolithic design. B. Design for automation. C. Design for single points of failure. D. Loosely couple components. |
D. Loosely couple components. | |||
| T048 | Which AWS services are managed database services? (Choose two.) | A. Amazon Elastic Block Store (Amazon EBS) B. Amazon S3 C. Amazon RDS D. Amazon Elastic File System (Amazon EFS) E. Amazon DynamoDB |
C. Amazon RDS E. Amazon DynamoDB |
Amazon RDS, Amazon DynamoDB |
A , B & D are Storage Services.. and C & E are Database Services... C. Amazon RDS: Amazon RDS (Relational Database Service) is a fully managed database service that supports popular relational database engines such as MySQL, PostgreSQL, Oracle, SQL Server, and Amazon Aurora. It handles administrative tasks such as database setup, patching, backups, and automated backups, allowing users to focus on their applications rather than database management. E. Amazon DynamoDB: Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. It offers automatic scaling, built-in security, and automated backups, making it an ideal choice for applications that require low-latency data access and flexible scaling. |
|
| T049 | A company is using the AWS Free Tier for several AWS services for an application. What will happen if the Free Tier usage period expires or if the application use exceeds the Free Tier usage limits? |
A. The company will be charged the standard pay-as-you-go service rates for the usage that exceeds the Free Tier usage. B. AWS Support will contact the company to set up standard service charges. C. The company will be charged for the services it consumed during the Free Tier period, plus additional charges for service consumption after the Free Tier period. D. The company's AWS account will be frozen and can be restarted after a payment plan is established. |
A. The company will be charged the standard pay-as-you-go service rates for the usage that exceeds the Free Tier usage. | |||
| T050 | A company recently deployed an Amazon RDS instance in its VPC. The company needs to implement a stateful firewall to limit traffic to the private corporate network. Which AWS service or feature should the company use to limit network traffic directly to its RDS instance? |
A. Network ACLs B. Security groups C. AWS WAF D. Amazon GuardDuty |
B. Security groups | Security groups | stateless - Netwrok ACL stateful - security group AWS WAF is a web application firewall that lets you monitor the HTTP(S) requests that are forwarded to your protected web application resources. You can protect the following resource types: Amazon CloudFront distribution Amazon API Gateway REST API Application Load Balancer AWS AppSync GraphQL API Amazon Cognito user pool |
|
| T051 | Which AWS service uses machine learning to help discover, monitor, and protect sensitive data that is stored in Amazon S3 buckets? | A. AWS Shield B. Amazon Macie C. AWS Network Firewall D. Amazon Cognito |
B. Amazon Macie | Amazon Macie | https://aws.amazon.com/macie/ Amazon Macie is a data security and data privacy service that uses machine learning (ML) and pattern matching to discover and protect your sensitive data. |
|
| T052 | A company wants to improve the overall availability and performance of its applications that are hosted on AWS. Which AWS service should the company use? |
A. Amazon Connect B. Amazon Lightsail C. AWS Global Accelerator D. AWS Storage Gateway |
C. AWS Global Accelerator | AWS Global Accelerator | Global Accelerator improves overall performance and availability. Those who vote B should go check the use cases covered by LightSail and that it's ONE virtual server, not the best when it comes to availability and performance... | |
| T053 | Which AWS service or feature identifies whether an Amazon S3 bucket or an IAM role has been shared with an external entity? | A. AWS Service Catalog B. AWS Systems Manager C. AWS IAM Access Analyzer D. AWS Organizations |
C. AWS IAM Access Analyzer | AWS IAM | ||
| T054 | A company does not want to rely on elaborate forecasting to determine its usage of compute resources. Instead, the company wants to pay only for the resources that it uses. The company also needs the ability to increase or decrease its resource usage to meet business requirements. Which pillar of the AWS Well-Architected Framework aligns with these requirements? |
A. Operational excellence B. Security C. Reliability D. Cost optimization |
D. Cost optimization | pillar of the AWS Well-Architected Framework | ||
| T055 | A company wants to launch its workload on AWS and requires the system to automatically recover from failure. Which pillar of the AWS Well-Architected Framework includes this requirement? |
A. Cost optimization B. Operational excellence C. Performance efficiency D. Reliability |
D. Reliability | pillar of the AWS Well-Architected Framework | Reliability - recover from failure. | |
| T056 | A large enterprise with multiple VPCs in several AWS Regions around the world needs to connect and centrally manage network connectivity between its VPCs. Which AWS service or feature meets these requirements? |
A. AWS Direct Connect B. AWS Transit Gateway C. AWS Site-to-Site VPN D. VPC endpoints |
B. AWS Transit Gateway | AWS Transit Gateway | Answer is B. Keyword here is "centrally". Transit gateway acts as a central hub to connect VPCs. | |
| T057 | Which AWS service supports the creation of visual reports from AWS Cost and Usage Report data? | A. Amazon Athena B. Amazon QuickSight C. Amazon CloudWatch D. AWS Organizations |
B. Amazon QuickSight | Amazon QuickSight | https://aws.amazon.com/premiumsupport/knowledge-center/quicksight-cost-usage-report/ Amazon QuickSight is a business intelligence (BI) service that allows users to create interactive visualizations, reports, and dashboards from various data sources, including AWS services. It provides rich visualization capabilities to analyze and explore data, enabling users to gain insights and make data-driven decisions. |
|
| T058 | Which AWS service should be used to monitor Amazon EC2 instances for CPU and network utilization? | A. Amazon Inspector B. AWS CloudTrail C. Amazon CloudWatch D. AWS Config |
C. Amazon CloudWatch | Amazon CloudWatch | Amazon CloudWatch is a web service that enables you to monitor and manage various metrics and configure alarm actions based on data from those metrics. CloudWatch uses metrics to represent the data points for your resources. AWS services send metrics to CloudWatch. CloudWatch then uses these metrics to create graphs automatically that show how performance has changed over time. |
|
| T059 | A company is preparing to launch a new web store that is expected to receive high traffic for an upcoming event. The web store runs only on AWS, and the company has an AWS Enterprise Support plan. Which AWS resource will provide guidance about how the company should scale its architecture and operational support during the event? |
A. AWS Abuse team B. The designated AWS technical account manager (TAM) C. AWS infrastructure event management D. AWS Professional Services |
C. AWS infrastructure event management | AWS Enterprise Support plan. | https://aws.amazon.com/premiumsupport/programs/iem/ AWS Infrastructure Event Management (IEM) offers architecture and scaling guidance and operational support during the preparation and execution of planned events, such as shopping holidays, product launches, and migrations. For these events, AWS Infrastructure Event Management will help you assess operational readiness, identify and mitigate risks, and execute your event confidently with AWS experts by your side. The program is included in the Enterprise Support plan and is available to Business Support customers for an additional fee. |
|
| T060 | A user wants to deploy a service to the AWS Cloud by using infrastructure-as-code (IaC) principles. Which AWS service can be used to meet this requirement? |
A. AWS Systems Manager B. AWS CloudFormation C. AWS CodeCommit D. AWS Config |
B. AWS CloudFormation | AWS CloudFormation. | built-in choice for infrastructure as code is AWS CloudFormation. Infrastructure as code is the process of provisioning and managing your cloud resources by writing a template file that is both human readable, and machine consumable. For AWS cloud development the built-in choice for infrastructure as code is AWS CloudFormation. |
|
| T061 | A company that has multiple business units wants to centrally manage and govern its AWS Cloud environments. The company wants to automate the creation of AWS accounts, apply service control policies (SCPs), and simplify billing processes. Which AWS service or tool should the company use to meet these requirements? |
A. AWS Organizations B. Cost Explorer C. AWS Budgets D. AWS Trusted Advisor |
A. AWS Organizations | AWS Organizations | giveaways in question: 1. centrally manage and govern its AWS Cloud environment 2 . automate the creation of AWS accounts 3. apply service control policies (SCPs) 4. simplify billing processes. |
|
| T062 | Which IT controls do AWS and the customer share, according to the AWS shared responsibility model? (Choose two.) | A. Physical and environmental controls B. Patch management C. Cloud awareness and training D. Zone security E. Application data encryption |
B. Patch management C. Cloud awareness and training |
|||
| T063 | A company is launching an application in the AWS Cloud. The application will use Amazon S3 storage. A large team of researchers will have shared access to the data. The company must be able to recover data that is accidentally overwritten or deleted. Which S3 feature should the company turn on to meet this requirement? |
A. Server access logging B. S3 Versioning C. S3 Lifecycle rules D. Encryption in transit and at rest |
B. S3 Versioning | Amazon S3 | ||
| T064 | A manufacturing company has a critical application that runs at a remote site that has a slow internet connection. The company wants to migrate the workload to AWS. The application is sensitive to latency and interruptions in connectivity. The company wants a solution that can host this application with minimum latency. Which AWS service or feature should the company use to meet these requirements? |
A. Availability Zones B. AWS Local Zones C. AWS Wavelength D. AWS Outposts |
D. AWS Outposts | AWS Outposts, AWS Local Zones |
AWS Outposts is designed for workloads that need to remain on-premises due to latency requirements, where customers want that workload to run seamlessly with the rest of their other workloads in AWS. AWS Local Zones are a new type of AWS infrastructure designed to run workloads that require single-digit millisecond latency, like video rendering and graphics intensive, virtual desktop applications. Not every customer wants to operate their own on-premises data center, while others may be interested in getting rid of their local data center entirely. Local Zones allow customers to gain all the benefits of having compute and storage resources closer to end-users, without the need to own and operate their own data center infrastructure. (D) AWS Outposts would be the best fit here. Since the client is migrating only the workloads on AWS while (B) AWS Local Zone wants to get rid of hosting its on-prem data center. |
|
| T065 | A company wants to migrate its applications from its on-premises data center to a VPC in the AWS Cloud. These applications will need to access on-premises resources. Which actions will meet these requirements? (Choose two.) |
A. Use AWS Service Catalog to identify a list of on-premises resources that can be migrated. B. Create a VPN connection between an on-premises device and a virtual private gateway in the VPC. C. Use an Amazon CloudFront distribution and configure it to accelerate content delivery close to the on-premises resources. D. Set up an AWS Direct Connect connection between the on-premises data center and AWS. E. Use Amazon CloudFront to restrict access to static web content provided through the on-premises web servers. |
B. Create a VPN connection between an on-premises device and a virtual private gateway in the VPC. D. Set up an AWS Direct Connect connection between the on-premises data center and AWS. |
|||
| T066 | A company wants to use the AWS Cloud to provide secure access to desktop applications that are running in a fully managed environment. Which AWS service should the company use to meet this requirement? |
A. Amazon S3 B. Amazon AppStream 2.0 C. AWS AppSync D. AWS Outposts |
B. Amazon AppStream 2.0 | Amazon AppStream 2.0 | AppStream 2.0 is a fully managed application streaming service that provides users instant access to their desktop applications from anywhere | |
| T067 | A company wants to implement threat detection on its AWS infrastructure. However, the company does not want to deploy additional software. Which AWS service should the company use to meet these requirements? |
A. Amazon VPC B. Amazon EC2 C. Amazon GuardDuty D. AWS Direct Connect |
C. Amazon GuardDuty | Amazon GuardDuty | threat detection | |
| T068 | Which AWS service uses edge locations? | A. Amazon Aurora B. AWS Global Accelerator C. Amazon Connect D. AWS Outposts |
B. AWS Global Accelerator | AWS Global Accelerator, Edge locations | AWS Global Accelerator and Amazon CloudFront are separate services that use the AWS global network and its edge locations around the world | |
| T069 | A company needs to install an application in a Docker container. Which AWS service eliminates the need to provision and manage the container hosts? |
A. AWS Fargate B. Amazon FSx for Windows File Server C. Amazon Elastic Container Service (Amazon ECS) D. Amazon EC2 |
C. Amazon Elastic Container Service (Amazon ECS) | Amazon Elastic Container Service (Amazon ECS) | Docker. container hosts. The answer is easier than You think. "Which AWS Service...." So we are looking for SERVICES in answers. Is AWS Fargate a service? NO. IT IS AN ENGINE within Elastic Container Service. And as the name states, ECS is a Service so this is the only possible answer. |
|
| T070 | Which AWS service or feature checks access policies and offers actionable recommendations to help users set secure and functional policies? | A. AWS Systems Manager B. AWS IAM Access Analyzer C. AWS Trusted Advisor D. Amazon GuardDuty |
B. AWS IAM Access Analyzer | AWS IAM | ||
| T381 | A company is using AWS Identity and Access Management (IAM). Who can manage the access keys of the AWS account root user? |
A. IAM users in the same account that have been granted permission B. IAM roles in any account that have been granted permission C. IAM users and roles that have been granted permission D. The AWS account owner |
The AWS account owner | AWS Identity and Access Management (IAM) | ||
| T382 | A company needs a managed NFS file system that the company can use with its AWS compute resources. Which AWS service or feature will meet these requirements? |
A. Amazon Elastic Block Store (Amazon EBS) B. AWS Storage Gateway Tape Gateway C. Amazon S3 Glacier Flexible Retrieval D. Amazon Elastic File System (Amazon EFS) |
D. Amazon Elastic File System (Amazon EFS) | Amazon Elastic File System (Amazon EFS) | managed NFS file system | |
| T383 | What is the security best practice concerning sensitive data stored in Amazon S3? | A. Enable cross-Region replication on the S3 bucket. B. Enable S3 server-side encryption on the S3 bucket. C. Configure AWS WAF to prevent unauthorized access to the S3 bucket. D. Configure Amazon GuardDuty to prevent unauthorized access to the S3 bucket. |
B. Enable S3 server-side encryption on the S3 bucket | Amazon S3 server-side encryption | The best practice for securing sensitive data stored in Amazon S3 is to enable S3 server-side encryption on the S3 bucket. This ensures that the data is encrypted at rest and can only be accessed by authorized parties with the appropriate decryption keys. | |
| T384 | An application requires a database that offers consistent performance and latency that can be measured in single-digit milliseconds. Which AWS service meets these requirements? |
A. Amazon DynamoDB B. Amazon RDS C. Amazon Redshift D. Amazon EMR |
A. Amazon DynamoDB | Amazon DynamoDB | Amazon DynamoDB would be the best option in this scenario as it is a fully managed NoSQL database service that is designed to provide single-digit millisecond latency and consistent performance at scale. DynamoDB is also highly available, fault-tolerant, and can automatically scale up or down based on demand, making it a great choice for applications with variable workloads. | |
| T385 | A company needs to block SQL injection attacks. Which AWS service or feature provides this functionality? |
A. AWS WAF B. Network ACLs C. Security groups D. AWS Trusted Advisor |
A. AWS WAF | AWS WAF | block SQL injection attacks | |
| T386 | A company wants its Amazon EC2 instances to operate in a highly available environment, even if there is a natural disaster in a particular geographic area. Which solution achieves this goal? |
A. Use EC2 instances in a single Availability Zone B. Use EC2 instances in multiple AWS Regions C. Use EC2 instances in multiple edge locations. D. Use Amazon CloudFront with the EC2 instances configured as the source. |
B. Use EC2 instances in multiple AWS Regions | AWS Regions | highly available environment | |
| T387 | Treating infrastructure as code in the AWS Cloud allows users to: | A. automate migration of on-premises hardware to AWS data centers. B. let a third party automate an audit of the AWS infrastructure. C. turn over application code to AWS so it can run on the AWS infrastructure. D. automate the infrastructure provisioning process. |
D. automate the infrastructure provisioning process. | Treating infrastructure as code | ||
| T388 | A company needs to apply security rules to specific Amazon EC2 instances. Which AWS service or feature provides this functionality? |
A. AWS WAF B. Network ACLs C. Amazon VPC D. Security groups |
D. Security groups | Security groups | Security groups are a fundamental feature of Amazon VPC that acts as a virtual firewall for EC2 instances. They enable you to control inbound and outbound traffic to your EC2 instances by defining rules that specify the allowed traffic's source and destination. Security groups can be applied at the instance level to specific instances or to an entire group of instances that share a common set of security requirements. | |
| T389 | A company wants to run Amazon EC2 instances in locations that are near the company’s global users. Which aspect of the AWS environment will support this requirement? |
A. Availability Zone B. Edge locations C. AWS Regions D. Regional edge caches |
C. AWS Regions | You can't create an EC2 on AZ or on Edge locations....you can create EC2 only on a Region | ||
| T390 | A company's project team needs to simultaneously mount a file system on multiple Amazon EC2 Linux instances. The file system also will be shared across multiple Availability Zones. Which AWS service will meet these requirements? |
A. Amazon Elastic File System (Amazon EFS) B. Amazon S3 C. Amazon Elastic Block Store (Amazon EBS) D. Amazon FSx for Windows File Server |
A. Amazon Elastic File System (Amazon EFS) | Amazon Elastic File System (Amazon EFS) | EFS is a highly scalable file storage system designed to provide flexible storage for multiple EC2 instances | |
| T391 | A large retail company wants to use an AWS service to process clickstream data from the company's ecommerce website. The company wants to collect and analyze the streaming data in real time. Which AWS service meets these requirements? |
A. Amazon Kinesis B. Amazon Athena C. Amazon CloudFront D. AWS Data Exchange |
A. Amazon Kinesis | Amazon Kinesis | A. Amazon Kinesis Amazon Kinesis is a fully managed service that allows you to collect, process, and analyze streaming data in real-time. This service can be used to process clickstream data from an ecommerce website in real-time. |
|
| T392 | Which pillar of the AWS Well-Architected Framework focuses on the return on investment of moving into the AWS Cloud? | A. Sustainability B. Cost optimization C. Operational excellence D. Reliability |
B. Cost optimization | Five pillars of AWS Well-Architected Framework | Reliability Operational Excellence Performance Efficiency Cost Optimization Security |
|
| T393 | A company is developing an application that the company will host on Amazon EC2 instances. The application must be available 24 hours a day, 7 days a week. The company needs a scalable, highly available cloud architecture to support the application. Which guidelines should the company apply in its design to meet these requirements? (Choose two.) |
A. Use EC2 Spot Instances B. Use Multi-AZ deployments. C. Use Auto Scaling groups D. Use AWS Backup. E. Use EC2 Reserved Instances. |
B. Use Multi-AZ deployments. C. Use Auto Scaling groups |
|||
| T394 | Which AWS service helps users audit API activity across their AWS account? | A. AWS CloudTrail B. Amazon Inspector C. AWS WAF D. AWS Config |
A. AWS CloudTrail | AWS CloudTrail | CloudTrail enables auditing, security monitoring, and operational troubleshooting by tracking user activity and API usage. CloudTrail logs, continuously monitors, and retains account activity related to actions across your AWS infrastructure, giving you control over storage, analysis, and remediation actions. | |
| T395 | Which AWS service should a company use to create a serverless workflow? | A. Amazon Connect B. AWS Lambda C. AWS Step Functions D. Amazon Elastic Block Store (Amazon EBS) E. AWS CodeBuild |
C. AWS Step Functions | AWS Step Functions | serverless workflow. AWS Step Functions is the AWS service that provides serverless workflow orchestration. With Step Functions, you can coordinate multiple AWS services into serverless workflows, or state machines, to build applications with greater speed and agility. This service enables you to create complex, multi-step workflows that include conditional branching, error handling, and wait states. |
|
| T396 | A company wants to build a data analytics application that uses Amazon Redshift. The company needs a cost estimate for its future Amazon Redshift usage. Which AWS tool will provide a high-level cost estimation? |
A. AWS Budgets B. AWS Pricing Calculator C. AWS Cost Explorer D. Saving Plans |
B. AWS Pricing Calculator | AWS Pricing Calculator | high-level cost estimation | |
| T397 | A company is using Amazon EC2 instances. Which tasks are the company's responsibility, according to the AWS shared responsibility model? (Choose two.) |
A. Choose the initial root password of new Linux instances. B. Identify which users can access the EC2 instances, and manage their permissions in the operating system. C. Apply the updates of the hypervisor where the EC2 instances are running. D. Choose between a Wi-Fi connection and an Ethernet connection for the global internet access. E. Identify and manage the users who are allowed to create or delete EC2 instances. |
B. Identify which users can access the EC2 instances, and manage their permissions in the operating system. E. Identify and manage the users who are allowed to create or delete EC2 instances. |
AWS shared responsibility model | The AWS shared responsibility model clarifies the division of responsibilities between AWS and customers. AWS is responsible for the security of the cloud infrastructure, while customers are responsible for the security of their applications and data in the cloud. | |
| T398 | Which AWS service gives users the ability to run AWS services on premises? | A. Amazon CloudFront B. AWS Outposts C. AWS Global Accelerator D. Amazon VPC |
B. AWS Outposts | AWS Outposts | An Outpost is a pool of AWS compute and storage capacity deployed at a customer site. AWS operates, monitors, and manages this capacity as part of an AWS Region. You can create subnets on your Outpost and specify them when you create AWS resources such as EC2 instances, EBS volumes, ECS clusters, and RDS instances. https://docs.aws.amazon.com/outposts/latest/userguide/what-is-outposts.html |
|
| T399 | Which guideline is a well-architected design principle tor building cloud applications? | A. Keep static data closer to compute resources. B. Provision resources for peak capacity. C. Design for automated recovery from failure. D. Use tightly coupled components. |
C. Design for automated recovery from failure. | well-architected design principle | https://docs.aws.amazon.com/wellarchitected/latest/reliability-pillar/design-principles.html | |
| T400 | Which actions are examples of a company's effort to rightsize its AWS resources to control cloud costs? (Choose two.) | A. Switch from Amazon RDS to Amazon DynamoDB to accommodate NoSQL datasets. B. Base the selection of Amazon EC2 instance types on past utilization patterns. C. Use Amazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers. D. Use Multi-AZ deployments for Amazon RDS. E. Replace existing Amazon EC2 instances with AWS Elastic Beanstalk. |
B. Base the selection of Amazon EC2 instance types on past utilization patterns. C. Use Amazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers. |
rightsize its AWS resources to control cloud costs | ||
| T401 | Where can AWS users review answers to frequently asked questions about security in the AWS Cloud? | A. AWS Trusted Advisor B. AWS Knowledge Center C. AWS Support Center D. AWS Artifact |
B. AWS Knowledge Center | AWS Knowledge Center | The Knowledge Center content covers the most frequent questions and requests from builders. Knowledge Center articles and videos are produced by an AWS team and display an AWS Official badge. | |
| T402 | Which AWS service or feature can a company use to estimate AWS costs before provisioning workloads? | A. AWS Pricing Calculator B. AWS Cost and Usage Report C. Cost Explorer D. AWS Budgets |
A. AWS Pricing Calculator | AWS Pricing Calculator | Keyword: "before provisioning workloads" so its a estimation of architecture - done through AWS Pricing Calculator Cost Explorer - will help forecasting cost with the past usage pattern, so it will be done based on existing workload cost. |
|
| T403 | An application that is hosted on Amazon EC2 has a steady and consistent workload. The application will operate for at least 1 year. What is the MOST cost-effective instance purchasing option to meet these requirements? |
A. Spot Instances B. Reserved Instances C. On-Demand Instances D. Dedicated Hosts |
B. Reserved Instances | Reserved Instances | To meet the requirements of having a steady and consistent workload on an Amazon EC2 instance that will operate for at least 1 year, the most cost-effective instance purchasing option is Reserved Instances (RIs). | |
| T404 | A company needs to use dashboards and charts to analyze insights from business data. Which AWS service will provide the dashboards and charts for these insights? |
A. Amazon Macie B. Amazon Aurora C. Amazon QuickSight D. AWS CloudTrail |
C. Amazon QuickSight | Amazon QuickSight | Amazon QuickSight is a business intelligence service that provides dashboards and visualizations to help users analyze and gain insights from business data. | |
| T405 | Which of the following are security principles in the AWS Well-Architected Framework? (Choose two.) | A. Analyze and attribute expenditures. B. Monitor, alert, and audit actions and changes to AWS resources. C. Deploy globally in minutes. D. Protect data in transit and at rest. E. Perform operations as code. |
B. Monitor, alert, and audit actions and changes to AWS resources. D. Protect data in transit and at rest. |
security principles in the AWS Well-Architected Framework | B. Monitor, alert, and audit actions and changes to AWS resources: This principle is important to detect and respond to security incidents by monitoring and alerting on security-related events, and by auditing changes to AWS resources. D. Protect data in transit and at rest: This principle is important to protect data from unauthorized access, disclosure, alteration, or destruction, both when it is moving across networks and when it is stored. |
|
| T406 | A company moves its infrastructure from on premises to the AWS Cloud. The company can now provision additional Amazon EC2 instances whenever the instances are required. With this ability, the company can launch new marketing campaigns in 3 days instead of 3 weeks. Which benefit of the AWS Cloud does this scenario demonstrate? |
A. Cost savings B. Improved operational resilience C. Increased business agility D. Enhanced security |
C. Increased business agility | |||
| T407 | A company wants to design a reliable web application that is hosted on Amazon EC2. Which approach will achieve this goal? |
A. Launch large EC2 instances in the same Availability Zone B. Spread EC2 instances across more than one security group C. Spread EC2 instances across more than one Availability Zone. D. Use an Amazon Machine Image (AMI) from AWS Marketplace. |
C. Spread EC2 instances across more than one Availability Zone. | Availability Zone | ||
| T408 | Which AWS service should a company use to provision, manage, and deploy SSL/TLS certificates? | A. AWS Secrets Manager B. Amazon Inspector C. AWS CodeDeploy D. AWS Certificate Manager (ACM) |
D. AWS Certificate Manager (ACM) | AWS Certificate Manager (ACM) | ||
| T409 | A company provides Amazon Workspaces to its remote employees. The company wants to prevent employees from using their virtual desktops to visit specific websites that are known to be malicious. Which AWS service should the company use to meet this requirement? |
A. AWS Shield Advanced B. Amazon Route 53 C. Amazon GuardDuty D. AWS Network Firewall |
D. AWS Network Firewall | AWS Network Firewall | AWS Network Firewall is a managed firewall service that allows customers to filter traffic to and from their VPCs. Customers can create firewall rules based on IP addresses, domains, or other criteria. By setting up rules to block traffic to known malicious websites, the company can prevent its remote employees from accessing these websites from their Amazon Workspaces. | |
| T410 | A company wants to build an application that uses AWS Lambda to run Python code. Under the AWS shared responsibility model, which tasks will be the company's responsibility? (Choose two.) |
A. Management of the underlying infrastructure B. Management of the operating system. C. Writing the business logic code. D. Installation of the computer language runtime. E. Providing AWS Identity and Access Management (1AM) access to the Lambda service. |
C. Writing the business logic code. E. Providing AWS Identity and Access Management (1AM) access to the Lambda service. |
AWS shared responsibility model | ||
| T411 | Which of the following is one of the pillars of the AWS Well-Architected Framework? | A. Efficiency and redundancy B. High availability C. Operational excellence D. Business optimization |
C. Operational excellence | AWS Well-Architected Framework | ||
| T412 | D012 | A company has multiple departments. The company must charge each department for its exact AWS Cloud usage, including data transfer costs. How can the company determine these costs by department? |
A. Use one AWS account for each department. B. Use cost allocation tags on services that are used the most often. C. Use AWS Trusted Advisor. D. Use Savings Plans. |
B. Use cost allocation tags on services that are used the most often. | Most Voted : B | |
| T413 | An ecommerce company has Amazon EC2 instances running as web servers. There is a predictable pattern of peak traffic load that occurs two times each day, always at the same time. The EC2 instances are idle for the remainder of the day. What is the MOST cost-effective way to manage these resources while maintaining fault tolerance? |
A. Use an Auto Scaling group to scale resources in and out based on demand. B. Purchase Reserved Instances to ensure peak capacity at all times. C. Write a cron job to stop the EC2 instances when the traffic demand is low. D. Write a script to vertically scale the EC2 instances during peak traffic demand. |
A. Use an Auto Scaling group to scale resources in and out based on demand. | Auto Scaling | ||
| T414 | A company wants to integrate its online shopping website with social media login credentials. Which AWS service can the company use to make this integration? |
A. AWS Directory Service B. AWS Identity and Access Management (IAM) C. Amazon Cognito D. AWS IAM Identity Center (AWS Single Sign-On) |
C. Amazon Cognito | Amazon Cognito is an AWS service that allows developers to add user sign-up, sign-in, and access control to their web and mobile applications. It provides support for various identity providers, including social media login credentials, and can be used to integrate these credentials with an online shopping website. | ||
| T415 | A company needs to create graphs that show historical and current costs for the company's AWS account. Which AWS service or tool provides this functionality? |
A. AWS Config B. AWS Cost and Usage Report C. AWS Budgets D. AWS Cost Explorer |
D. AWS Cost Explorer | AWS Cost Explorer | AWS Cost Explorer is a service that allows a company to view and analyze their AWS costs and usage. It provides a wide range of cost and usage reports, including a cost graph that shows the historical and current costs for the company's AWS account. This service allows the company to view costs by service, by tag, by time, by linked account, and by other dimensions. Cost Explorer also enables the company to set custom budgets, alerts and to view trends and forecasts. | |
| T416 | A company acquired another corporation. The company now has two AWS accounts. Which AWS service or tool can the company use to consolidate the billing for these two accounts? |
A. AWS Systems Manager B. AWS Organizations C. AWS License Manager D. Cost Explorer |
B. AWS Organizations | AWS Organizations | consolidate the billing | |
| T417 | Which AWS Support plans provide a complete set of AWS Trusted Advisor checks? | A. AWS Business Support and AWS Basic Support B. AWS Enterprise Support and AWS Business Support C. AWS Enterprise Support and AWS Developer Support D. AWS Business Support and AWS Developer Support |
B. AWS Enterprise Support and AWS Business Support | AWS Trusted Advisor | AWS Trusted Advisor is a service that provides a set of best practices and recommendations for AWS customers to optimize their AWS usage and reduce costs. The complete set of Trusted Advisor checks is available with the AWS Enterprise Support and AWS Business Support plans. These plans provide a complete set of checks across all categories, including security, performance, and cost optimization. | |
| T418 | Which of the following is a method for building a highly available application on AWS? | A. Place an Independent copy of the application in two or more Availability Zones. B. Place codependent components of the application in two or more Availability Zones C. Run one version of the application in one Availability Zone and run an earlier version of the application in a second Availability Zone. D. Deploy two copies of the application in a single Availability Zone. |
A. Place an Independent copy of the application in two or more Availability Zones. | high availability | ||
| T419 | Which statement is an AWS Cloud best practice that focuses on the elasticity and agility of cloud computing? | A. Provision capacity based on past usage and theoretical peaks. B. Dynamically scale to meet usage demands. C. Build the application and infrastructure in a data center that grants physical access. D. Break apart the application into loosely coupled components. |
B. Dynamically scale to meet usage demands. | elasticity , agility | ||
| T420 | Which AWS service could an administrator use to provide desktop environments for several employees? | A. AWS Organizations B. AWS Fargate C. AWS WAF D. AWS Workspaces |
D. AWS Workspaces | AWS Workspaces | ||
| T421 | A company simulates workflows to review and validate that all processes are effective and that staff are familiar with the processes. Which design principle of the AWS Well-Architected Framework is the company following with this practice? |
A. Perform operations as code. B. Refine operation procedures frequently. C. Make frequent, small, reversible changes. D. Structure the company to support business outcomes. |
B. Refine operation procedures frequently. | design principle of the AWS Well-Architected Framework | The practice of simulating workflows to review and validate processes aligns with the "Refine operation procedures frequently" design principle of the AWS Well-Architected Framework. This principle emphasizes the importance of regularly reviewing and refining operational procedures to ensure that they remain effective and efficient. By simulating workflows, the company can identify potential issues and inefficiencies in their processes and refine them accordingly. | |
| T423 | According to the AWS shared responsibility model, the customer is responsible for applying the latest security updates and patches for which of the following? | A. Amazon DynamoDB B. Amazon EC2 instances C. Amazon RDS instances D. Amazon S3 |
B. Amazon EC2 instances | AWS shared responsibility model | ||
| T424 | Which cloud computing advantage is a company applying when it uses AWS Regions to increase application availability to users in different countries? | A. Pay-as-you-go pricing B. Capacity forecasting C. Economies of scale D. Global reach |
D. Global reach | |||
| T425 | Which option is an advantage of AWS Cloud computing that minimizes variable costs? | A. High availability B. Economies of scale C. Global reach D. Agility |
B. Economies of scale | |||
| T426 | Which action will help increase security in the AWS Cloud? | A. Enable programmatic access for all IAM users. B. Use IAM users instead of IAM roles to delegate permissions. C. Rotate access keys on a reoccurring basis. D. Use inline policies instead of customer managed policies. |
C. Rotate access keys on a reoccurring basis. | security in the AWS Cloud | ||
| T427 | A user wants to transport data between AWS and an on-premises environment using a private network connection. Which AWS service or feature can be used to meet these requirements? |
A. NAT gateway B. AWS Direct Connect C. Amazon VPC D. Internet gateway |
B. AWS Direct Connect | AWS Direct Connect | ||
| T428 | Which AWS service can serve a static website? | A. Amazon S3 B. Amazon Route 53 C. Amazon QuickSight D. AWS X-Ray |
A. Amazon S3 | Amazon S3 | Amazon S3 (Simple Storage Service) is an object storage service that can be used to store and retrieve any amount of data, at any time, from anywhere on the web. It can be used to serve a static website. By creating a new bucket in Amazon S3, and then uploading the files for your website to the bucket, you can make your website available to the world. You can also configure the bucket to act as a static website host. Once your website is hosted on Amazon S3, you can use Amazon Route 53 to route traffic to your website. | |
| T429 | Which design principles are enabled by the AWS Cloud to improve the operation of workloads? (Choose two.) | A. Minimize upfront design B. Loose coupling C. Disposable resources D. Server design and concurrency E. Minimal viable product |
B. Loose coupling C. Disposable resources |
AWS Cloud, design principles | AWS Cloud offers several design principles that improve the operation of workloads. Two of those principles are: B. Loose coupling: Services should be designed to be loosely coupled. A loosely coupled system is one where each component is independent and does not rely on other components to function correctly. C. Disposable resources: Design systems that expect and tolerate failure. In the cloud, there is no need to repair failed components. Simply shut them down and replace them with new ones. This design principle is often called "disposable resources." |
|
| T430 | A large company has a workload that requires hardware to remain on premises. The company wants to use the same management and control plane services that it currently uses on AWS. Which AWS service should the company use to meet these requirements? |
A. AWS Device Farm B. AWS Fargate C. AWS Outposts D. AWS Ground Station |
C. AWS Outposts | AWS Outposts | The answer is C. https://aws.amazon.com/outposts/ "Truly consistent hybrid experience Use the same hardware infrastructure, APIs, tools, and management controls available in the cloud to provide a truly consistent developer and IT operations experience. " |
|
| T431 | Which of the following is included within the security pillar of the AWS Well-Architected Framework? | A. Identity federation B. Data protection C. Incident reporting D. Disaster recovery |
B. Data protection | security pillar of the AWS Well-Architected Framework | https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/welcome.html | |
| T432 | A company has been storing monthly reports in an Amazon S3 bucket. The company exports the report data into comma-separated values (.csv) files. A developer wants to write a simple query that can read all of these files and generate a summary report. Which AWS service or feature should the developer use to meet these requirements with the LEAST amount of operational overhead? |
A. Amazon S3 Select B. Amazon Athena C. Amazon Redshift D. Amazon EC2 |
B. Amazon Athena | Amazon Athena | Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. The developer can use it to write a simple query that can read all of the .csv files in the Amazon S3 bucket and generate a summary report. Athena uses Presto, an open-source query engine, to perform the queries, and it does not require any infrastructure to be provisioned or managed. This means that the developer can use it with the least amount of operational overhead. |
|
| T433 | A company wants the ability to accommodate peak application usage without purchasing equipment for on-premises data centers. Which AWS Cloud benefit is the company seeking? |
A. High availability B. Security C. Reliability D. Elasticity |
D. Elasticity | Elasticity | accommodate peak application usage. Elasticity is the ability of a system to automatically provision and de-provision resources based on the changing workload demands. AWS provides a variety of services that can be scaled up or down quickly and automatically, allowing companies to adjust their computing resources as needed to accommodate fluctuations in application usage. This means that companies can avoid over-provisioning resources and paying for unused capacity, and also can handle peak workloads without purchasing additional hardware. |
|
| T434 | Which of the following are pillars of the AWS Well-Architected Framework? (Choose two.) | A. Availability B. Reliability C. Scalability D. Responsive design E. Operational excellence |
B. Reliability E. Operational excellence |
pillars of the AWS Well-Architected Framework | ||
| T435 | Which AWS service provides highly durable object storage? | A. Amazon S3 B. Amazon Elastic File System (Amazon EFS) C. Amazon Elastic Block Store (Amazon EBS) D. Amazon FSx |
A. Amazon S3 | Amazon S3 | highly durable object storage | |
| T436 | A company needs to migrate all of its development teams to a cloud-based integrated development environment (IDE). Which AWS service should the company use? |
A. AWS CodeBuild B. AWS Cloud9 C. AWS OpsWorks D. AWS Cloud Development Kit (AWS CDK) |
B. AWS Cloud9 | AWS Cloud9 | B. AWS Cloud9 AWS Cloud9 is a cloud-based integrated development environment (IDE) that allows a company to write, run, and debug code on a browser-based interface. It provides a collaborative, browser-based environment that includes a code editor, a terminal, and a debugger. The service also integrates with AWS services such as Lambda, Elastic Beanstalk, and EC2 to provide a seamless experience for developers. The company can use it to migrate all of its development teams to a cloud-based IDE A. AWS CodeBuild: AWS CodeBuild is a fully managed build service that compiles source code, runs tests, and produces software packages that are ready to deploy. It does not provide an integrated development environment. |
|
| T437 | Which AWS database service providers in-memory data storage? | A. Amazon DynamoDB B. Amazon ElastiCache C. Amazon RDS D. Amazon Timestream |
B. Amazon ElastiCache | Amazon ElastiCache | in-memory data storage | |
| T438 | A company needs a content delivery network that provides secure delivery of data, videos, applications, and APIs to users globally with low latency and high transfer speeds. Which AWS service meets these requirements? |
A. Amazon CloudFront B. Elastic Load Balancing C. Amazon S3 D. Amazon Elastic Transcoder |
A. Amazon CloudFront | Amazon CloudFront | content delivery network, low latency |
|
| T439 | Which of the following are design principles for reliability in the AWS Cloud? (Choose two.) | A. Build architectures with tightly coupled resources. B. Use AWS Trusted Advisor to meet security best practices. C. Use automation to recover immediately from failure. D. Right size Amazon EC2 instances to ensure optimal performance. E. Simulate failures to test recovery processes. |
C. Use automation to recover immediately from failure. E. Simulate failures to test recovery processes. |
reliability | failure | |
| T440 | Which AWS service is a cloud security posture management (CSPM) service that aggregates alerts from various AWS services and partner products in a standardized format? | A. AWS Security Hub B. AWS Trusted Advisor C. Amazon EventBridge D. Amazon GuardDuty |
A. AWS Security Hub | AWS Security Hub | cloud security posture management (CSPM) service. AWS Security Hub collects and aggregates data from various AWS services, such as AWS Config, Amazon GuardDuty, and AWS Firewall Manager, as well as from third-party security tools, and uses machine learning algorithms to analyze and prioritize security findings. |
|
| T441 | A company wants to use the AWS Cloud to define its entire infrastructure as code. The company wants to limit human error and activate consistent responses to events. Which pillar of the AWS Well-Architected Framework does this plan support? |
A. Security B. Operational excellence C. Cost optimization D. Reliability |
B. Operational excellence | Operational excellence pillar of the AWS Well-Architected Framework | Operational excellence. By performing operations as code, you limit human error and enable consistent responses to events. https://docs.aws.amazon.com/wellarchitected/latest/framework/oe-design-principles.html |
|
| T442 | A developer wants AWS users to access AWS services by using temporary security credentials. Which AWS service or feature should the developer use to provide these credentials? |
A. IAM policies B. IAM user groups C. AWS Security Token Service (AWS STS) D. AWS IAM Identity Center (AWS Single Sign-On) |
C. AWS Security Token Service (AWS STS) | AWS Security Token Service (AWS STS) | temporary security credentials. | |
| T443 | Which of the following is an architectural design principle of the AWS Well-Architected Framework? | A. Loosely couple components B. Build monolithic systems C. Scale vertically, not horizontally D. Use third-party software |
A. Loosely couple components | design principle of the AWS Well-Architected Framework | ||
| T444 | What does the Amazon S3 Intelligent-Tiering storage class offer? | A. Payment flexibility by reserving storage capacity B. Long-term retention of data by copying the data to an encrypted Amazon Elastic Block Store (Amazon EBS) volume C. Automatic cost savings by moving objects between tiers based on access pattern changes D. Secure, durable, and lowest cost storage for data archival |
C. Automatic cost savings by moving objects between tiers based on access pattern changes | Amazon S3 Intelligent-Tiering storage class | ||
| T446 | Which of the following is a recommended design principle of the AWS Well-Architected Framework? | A. Reduce downtime by making infrastructure changes infrequently and in large increments. B. Invest the time to configure infrastructure manually. C. Learn to improve from operational failures. D. Use monolithic application design for centralization. |
C. Learn to improve from operational failures. | design principle of the AWS Well-Architected Framework | ||
| T447 | An Availability Zone consists of: | A. one or more data centers in a single location. B. two or more data centers in multiple locations. C. one or more physical hosts in a single data center. D. two or more physical hosts in multiple data centers. |
A. one or more data centers in a single location. | |||
| T448 | A company is designing a web application that will run on Amazon EC2 instances. Which AWS services and features will improve availability and reduce the impact of failures for this application? (Choose two.) |
A. Amazon EC2 Auto Scaling for the EC2 instances B. VPC subnet ACLs to check the health of a service C. Resources that are distributed across multiple Availability Zones D. Configuration of AWS Server Migration Service (AWS SMS) to move the EC2 instances to a different AWS Region E. Resources that are distributed across multiple AWS points of presence |
A. Amazon EC2 Auto Scaling for the EC2 instances C. Resources that are distributed across multiple Availability Zones |
Amazon EC2 | improve availability and reduce the impact of failures | |
| T449 | Which fully managed AWS service assists with the creation, testing, and management of custom Amazon EC2 images? | A. EC2 Image Builder B. Amazon Machine Image (AMI) C. AWS Launch Wizard D. AWS Elastic Beanstalk |
A. EC2 Image Builder | Amazon EC2 Image Builder | Amazon EC2 images | |
| T450 | Which of the following describes an AWS Region? | A. Specific location within a geographic area that provides high availability B. Set of data centers spanning multiple countries C. A global picture of a user's cloud computing environment D. A collection of databases that can be accessed from a specific geographic area only |
A. Specific location within a geographic area that provides high availability | AWS Region | An AWS Region is a geographical area consisting of a collection of data centers that are in close proximity to each other, located in a specific part of the world, and that are managed by AWS. Each AWS Region contains multiple Availability Zones, each comprising one or more data centers, which are interconnected via high-bandwidth, low-latency connections to provide high availability and fault tolerance. | |
| T451 | Which AWS service provides recommendations to help users optimize costs and follow AWS best practices? | A. AWS Trusted Advisor B. AWS Service Catalog C. AWS Ground Station D. Amazon GuardDuty |
A. AWS Trusted Advisor | AWS Trusted Advisor | provides recommendations to help users optimize costs and follow AWS best practices | |
| T452 | Which AWS service provides a cloud-based contact center that scales to support a business of any size? | A. Amazon Personalize B. Amazon Cognito C. Amazon Connect D. Amazon Lightsail |
C. Amazon Connect | Amazon Connect | cloud-based contact center | |
| T453 | A financial company needs to centrally manage its AWS accounts and use consolidated billing. Which AWS service or feature should the company use? |
A. AWS Cost Explorer B. AWS Organizations C. AWS Billing and Cost Management D. AWS Budgets |
B. AWS Organizations | AWS Organizations | manage its AWS accounts and use consolidated billing | |
| T454 | A company is preparing for an audit and wants documentation that AWS complies with the Payment Card Industry Data Security Standard (PCI DSS). Where can the company find this documentation? |
A. AWS Artifact B. AWS Organizations C. AWS Trusted Advisor D. AWS Support Center |
A. AWS Artifact | AWS Artifact | AWS Artifact provides documentation that AWS complies with various compliance programs and certifications, including the Payment Card Industry Data Security Standard (PCI DSS). AWS Artifact allows customers to download compliance reports and other documentation that can be used for audit and compliance purposes | |
| T455 | A company stores data in an Amazon S3 bucket. Which task is the responsibility of AWS? |
A. Configure an S3 Lifecycle policy. B. Activate S3 Versioning. C. Configure S3 bucket policies. D. Protect the infrastructure that supports S3 storage. |
D. Protect the infrastructure that supports S3 storage. | Amazon S3 | The responsibility of AWS (Amazon Web Services) in this context is to protect the infrastructure that supports S3 storage. This includes ensuring the physical security, network security, and availability of the underlying infrastructure components that power the Amazon S3 service. Tasks such as configuring an S3 Lifecycle policy (A), activating S3 Versioning (B), and configuring S3 bucket policies (C) are the responsibilities of the customer or the user of AWS services. |
|
| T456 | Which AWS service allows a user to provision a managed MySQL DB instance? | A. Amazon DynamoDB B. Amazon Redshift C. Amazon RDS D. AWS Database Migration Service (AWS DMS) |
C. Amazon RDS | Amazon RDS | managed MySQL DB | |
| T457 | Which AWS service should a cloud practitioner use to receive real-time guidance for provisioning resources, based on AWS best practices related to security, cost optimization, and service limits? | A. AWS Trusted Advisor B. AWS Config C. AWS Security Hub D. AWS Systems Manager |
A. AWS Trusted Advisor | AWS Trusted Advisor | real-time guidance for provisioning resources | |
| T458 | Which statements represent the cost-effectiveness of the AWS Cloud? (Choose two.) | A. Users can trade fixed expenses for variable expenses. B. Users can deploy all over the world in minutes. C. AWS offers increased speed and agility. D. AWS is responsible for patching the infrastructure. E. Users benefit from economies of scale. |
A. Users can trade fixed expenses for variable expenses. E. Users benefit from economies of scale. |
|||
| T459 | Which AWS service stores graph data in the form of vertices and edges? | A. Amazon DynamoDB B. Amazon RDS C. Amazon Quantum Ledger Database (Amazon QLDB) D. Amazon Neptune |
D. Amazon Neptune | Amazon Neptune | graph data in the form of vertices and edges | |
| T460 | When designing AWS workloads to be operational even when there are component failures, what is an AWS best practice? | A. Perform quarterly disaster recovery tests. B. Place the main component on the us-east-1 Region. C. Design for automatic failover to healthy resources. D. Design workloads to fit on a single Amazon EC2 instance. |
C. Design for automatic failover to healthy resources. | automatic failover | ||
| T461 | A company wants to protect resources that the company hosts on AWS, including Application Load Balancers and Amazon CloudFront distributions. The company wants an AWS service that can provide near real-time visibility into attacks on the company's resources. The service must also have a dedicated AWS team to assist with distributed denial of service (DDoS) attacks. Which AWS service will meet these requirements? |
A. AWS WAF B. AWS Shield Standard C. Amazon Macie D. AWS Shield Advanced |
D. AWS Shield Advanced | AWS Shield Advanced | near real-time visibility into attacks, dedicated AWS team to assist DDoS |
|
| T462 | Which AWS Support plan provides customers with access to an AWS technical account manager (TAM)? | A. AWS Basic Support B. AWS Developer Support C. AWS Business Support D. AWS Enterprise Support |
D. AWS Enterprise Support | AWS technical account manager (TAM) | ||
| T463 | Which task is the responsibility of a company that is using Amazon RDS? | A. Provision the underlying infrastructure. B. Create IAM policies to control administrative access to the service. C. Install the cables to connect the hardware for compute and storage. D. Install and patch the RDS operating system. |
B. Create IAM policies to control administrative access to the service. | Amazon RDS | IAM policies to control administrative access | |
| T464 | A company has an application with robust hardware requirements. The application must be accessed by students who are using lightweight, low-cost laptops. Which AWS service will help the company deploy the application without investing in backend infrastructure or high-end client hardware? |
A. Amazon AppStream 2.0 B. AWS AppSync C. Amazon WorkLink D. AWS Elastic Beanstalk |
A. Amazon AppStream 2.0 | Amazon AppStream 2.0 | without investing in backend infrastructure or high-end client hardware | |
| T465 | Which of the following is an AWS value proposition that describes a user's ability to scale infrastructure based on demand? | A. Speed of innovation B. Resource elasticity C. Decoupled architecture D. Global deployment |
B. Resource elasticity | Resource elasticity | ||
| T466 | A company needs to organize its resources and track AWS costs on a detailed level. The company needs to categorize costs by business department, environment, and application. Which solution will meet these requirements? |
A. Access the AWS Cost Management console to organize resources, set an AWS budget, and receive notifications of unintentional usage. B. Use tags to organize the resources. Activate cost allocation tags to track AWS costs on a detailed level. C. Create Amazon CloudWatch dashboards to visually organize and track costs individually. D. Access the AWS Billing and Cost Management dashboard to organize and track resource consumption on a detailed level. |
B. Use tags to organize the resources. Activate cost allocation tags to track AWS costs on a detailed level. | Tags | cost allocation tags to track AWS costs on a detailed level. | |
| T467 | Using Amazon Elastic Container Service (Amazon ECS) to break down a monolithic architecture into microservices is an example of: | A. a loosely coupled architecture. B. a tightly coupled architecture. C. a stateless architecture. D. a stateful architecture. |
A. a loosely coupled architecture. | Amazon Elastic Container Service (Amazon ECS) | ||
| T468 | Which AWS benefit is demonstrated by on-demand technology services that enable companies to replace upfront fixed expenses with variable expenses? | A. High availability B. Economies of scale C. Pay-as-you-go pricing D. Global reach |
C. Pay-as-you-go pricing | Pay-as-you-go pricing | ||
| T469 | Which AWS service is a key-value database that provides sub-millisecond latency on a large scale? | A. Amazon DynamoDB B. Amazon Aurora C. Amazon DocumentDB (with MongoDB compatibility) D. Amazon Neptune |
A. Amazon DynamoDB | Amazon DynamoDB | key-value database provides sub-millisecond latency on a large scale |
|
| T470 | A company stores several terabytes of data in an Amazon S3 bucket. The company needs to query the data by using standard SQL and does not want to set up infrastructure. Which AWS service should the company use to meet these requirements? |
A. Amazon RDS B. Amazon Redshift C. Amazon Athena D. Amazon EC2 |
C. Amazon Athena | Amazon Athena | ||
| T471 | Which AWS service supports the analysis, investigation, and identification of the root cause of security events and suspicious activities in an AWS account? | A. Amazon Inspector B. Amazon Macie C. Amazon Detective D. Amazon CloudWatch |
C. Amazon Detective | Amazon Detective | root cause of security events and suspicious activities in an AWS account | |
| T472 | A company plans to run its IT infrastructure in the AWS Cloud. The infrastructure must be highly available. The company also must minimize the network latency between servers. Which deployment scenario will meet these requirements? |
A. Deploy in multiple Availability Zones in multiple AWS Regions. B. Deploy in one Availability Zone in one AWS Region C. Deploy in multiple AWS Regions. Deploy in one Availability Zone in each Region. D. Deploy in multiple Availability Zones in one AWS Region. |
D. Deploy in multiple Availability Zones in one AWS Region. | Availability Zone | highly available, minimize the network latency | |
| T473 | Which AWS service decouples application components so that the components run independently? | A. Amazon Simple Notification Service (Amazon SNS) B. Amazon Simple Workflow Service (Amazon SWF) C. AWS Glue D. Amazon Simple Queue Service (Amazon SQS) |
D. Amazon Simple Queue Service (Amazon SQS) | Amazon Simple Queue Service (Amazon SQS) | decouples application components so that the components run independently | |
| T474 | A company is designing an application. For the data persistence layer, the company wants to use a NoSQL database. Which AWS service should the company use for the database? |
A. Amazon Redshift B. AWS DataSync C. Amazon Athena D. Amazon DynamoDB |
D. Amazon DynamoDB | Amazon DynamoDB | NoSQL database. | |
| T475 | Which AWS service keeps track of SSL/TLS certificates, creates new certificates, and processes renewals? | A. AWS Identity and Access Management (IAM) B. AWS Certificate Manager (ACM) C. AWS Config D. AWS Trusted Advisor |
B. AWS Certificate Manager (ACM) | AWS Certificate Manager (ACM) | keeps track of SSL/TLS certificates, creates new certificates, and processes renewals | |
| T476 | A company is using AWS Lambda. Which task is the company’s responsibility, according to the AWS shared responsibility model? |
A. Update the Lambda runtime language. B. Maintain the runtime environment. C. Maintain the networking infrastructure. D. Configure the resource. |
D. Configure the resource. | AWS Lambda, AWS shared responsibility model | ||
| T477 | A company needs to process data from satellite communications without managing any infrastructure. Which AWS service should the company use to meet these requirements? |
A. Amazon CloudWatch B. Amazon Aurora C. Amazon Athena D. AWS Ground Station |
D. AWS Ground Station | AWS Ground Station | process data from satellite communications without managing any infrastructure. | |
| T478 | A company wants to run its applications in the AWS Cloud. The company does not have enough staff to maintain and protect its critical business applications. Which AWS service should the company use to perform these tasks? |
A. AWS Shield B. Amazon RDS C. AWS Config D. AWS Managed Services (AMS) |
D. AWS Managed Services (AMS) | AWS Managed Services (AMS) | company does not have enough staff | |
| T479 | A company needs to test a new application that was written in Python. The code will activate when new images are stored in an Amazon S3 bucket. The application will put a watermark on each image and then will store the images in a different S3 bucket. Which AWS service should the company use to conduct the test with the LEAST amount of operational overhead? |
A. Amazon EC2 B. AWS Code Deploy C. AWS Lambda D. Amazon Lightsail |
C. AWS Lambda | AWS Lambda | least amount of operational overhead | |
| T480 | A cloud engineer needs to track AWS costs. The cloud engineer also needs to receive event driven alerts when costs exceed specific thresholds. Which AWS tool provides this functionality? |
A. AWS Cost Explorer B. AWS Budgets C. Cost allocation tags D. AWS Cost and Usage Reports |
AWS Budgets | AWS Budgets | Cost Explorer empowers you to set custom cost anomaly alerts that notify you of trending costs. Budgets are about cost governance, setting thresholds to limit surprise AWS billing. |
|
| T481 | Which of the following is available to a company that has an AWS Business Support plan? | A. AWS Support concierge B. AWS DDoS Response Team (DRT) C. AWS technical account manager (TAM) D. AWS Health API |
||||
| T482 | A company wants to migrate its on-premises data warehouse to AWS. The information in the data warehouse is used to populate analytics dashboards. Which AWS service should the company use for the data warehouse? |
A. Amazon ElastiCache B. Amazon Aurora C. Amazon RDS D. Amazon Redshift |
D. Amazon Redshift | Amazon Redshift | data warehouse, populate analytics dashboards |
|
| T483 | A company wants to use machine learning to identify suspicious activities in its AWS account. Which AWS service provides this functionality? |
A. AWS Shield B. Amazon Macie C. Amazon Detective D. AWS WAF |
C. Amazon Detective | Amazon Detective | machine learning to identify suspicious activities in its AWS account. | |
| T484 | A company is hosting a web application in a Docker container on Amazon EC2. AWS is responsible for which of the following tasks? |
A. Scaling the web application and services developed with Docker B. Provisioning or scheduling containers to run on clusters and maintain their availability C. Performing hardware maintenance in the AWS facilities that run the AWS Cloud D. Managing the guest operating system, including updates and security patches |
C. Performing hardware maintenance in the AWS facilities that run the AWS Cloud | AWS's responsibility | ||
| T485 | Which options does AWS make available for customers who want to learn about security in the cloud in an instructor-led setting? (Choose two.) | A. AWS Trusted Advisor B. AWS Online Tech Talks C. AWS Blog D. AWS Forums E. AWS Classroom Training |
B. AWS Online Tech Talks E. AWS Classroom Training |
AWS Online Tech Talks, AWS Classroom Training | in an instructor-led setting | |
| T486 | Which AWS service will help a company identify the user who deleted an Amazon EC2 instance yesterday? | A. Amazon CloudWatch B. AWS Trusted Advisor C. AWS CloudTrail D. Amazon Inspector |
C. AWS CloudTrail | AWS CloudTrail | ||
| T487 | A company is configuring its AWS Cloud environment. The company's administrators need to group users together and apply permissions to the group. Which AWS service or feature can the company use to meet these requirements? |
A. AWS Organizations B. Resource groups C. Resource tagging D. AWS Identity and Access Management (IAM) |
D. AWS Identity and Access Management (IAM) | AWS Identity and Access Management (IAM) | group users together and apply permissions to the group. | |
| T488 | Which statement describes a characteristic of the AWS global infrastructure? | A. Edge locations contain multiple AWS Regions B. AWS Regions contain multiple Regional edge caches C. Availability Zones contain multiple data centers D. Each data center contains multiple edge locations |
C. Availability Zones contain multiple data centers | Availability Zone | ||
| T489 | A company has an online shopping website and wants to store customers' credit card data. The company must meet Payment Card Industry (PCI) standards. Which service can the company use to access AWS compliance documentation? |
A. Amazon Cloud Directory B. AWS Artifact C. AWS Trusted Advisor D. Amazon Inspector |
B. AWS Artifact | AWS Artifact | AWS compliance documentation | |
| T490 | Which AWS service can a company use to perform complex analytical queries? | A. Amazon RDS B. Amazon DynamoDB C. Amazon Redshift D. Amazon ElastiCache |
C. Amazon Redshift | Amazon Redshift | complex analytical queries | |
| D001 | How can a user protect an Amazon EC2 instance from a suspicious IP address? | A. Block the IP on the inbound rule of a network ACL. B. Block the IP on the outbound rule of a security group. C. Block the IP on the inbound rule of a security group and network ACL. D. Block the IP on the outbound rule of a security group and network ACL. |
A. Block the IP on the inbound rule of a network ACL | Network ACL | AWS Network ACL 서브넷 기준 적용(2차 보안 계층) 룰에 대한 허용 및 거부 규칙 지원 아웃바운드 요청에 대한 응답 규칙 정의 필요 등록된 규칙의 번호순으로 트래픽 허용 및 거부 설정된 서브넷 하단의 모든 Instance에 자동 적용됨 Security Group 인스턴스 기준 적용(1차 보안 계층) 룰에 대한 허용 규칙만 지원 아웃바운드 요청에 대한 응답 자동 허용 등록된 모든 규칙을 평가하여 트래픽 허용 특정 그룹을 지정시에만 Instance에 적용됨 |
|
| D002 | Which AWS service will help a company plan a migration to AWS by collecting the configuration usage and behavior data of on-premises data centers? |
A. AWS Resource Groups B. AWS Application Discovery Service C. AWS Service Catalog D. AWS Systems Manager |
B. AWS Application Discovery Service | AWS Application Discovery Service | collecting the configuration usage and behavior data of on-premises data centers | |
| D003 | A company is moving its office and must establish an encrypted connection to AWS. Which AWS service will help meet this requirement? |
A. AWS VPN B. Amazon Route 53 C. Amazon API Gateway D. Amazon Connect |
A. AWS VPN | AWS VPN | encrypted connection | |
| D004 | A company wants to build an application that consists entirely of microservices. Which AWS Cloud architecture design principle supports this goal? |
A. Think parallel B. Implement elasticity C. Stop guessing capacity D. Decouple components |
D. Decouple components | AWS Cloud architecture design principle | microservices. Decouple components | |
| D005 | A company needs a centralized, secure way to create and manage cryptographic keys. The company will use the keys across a wide range of AWS services and applications. The company needs to track and document when the keys are created, used, and deleted. Which AWS service or feature will meet these requirements? |
A. AWS Secrets Manager B. AWS License Manager C. AWS Systems Manager Parameter Store D. AWS Key Management Service (AWS KMS) |
D. AWS Key Management Service (AWS KMS) | AWS Key Management Service (AWS KMS) | AWS Key Management Service (AWS KMS) makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications. AWS KMS is a secure and resilient service that uses hardware security modules that have been validated under FIPS 140-2, or are in the process of being validated, to protect your keys. AWS KMS is integrated with AWS CloudTrail to provide you with logs of all key usage to help meet your regulatory and compliance needs. |
|
| D006 | Which AWS service should a company use to provision, manage, and deploy SSL/TLS certificates? |
A. AWS Secrets Manager B. Amazon Inspector C. AWS CodeDeploy D. AWS Certificate Manager (ACM) |
D. AWS Certificate Manager (ACM) | AWS Certificate Manager (ACM) | ||
| D007 | Which AWS benefit enables users to deploy cloud infrastructure that consists of multiple geographic regions connected by a network with low latency, high throughput, and redundancy? | A. Economies of scale B. Security C. Elasticity D. Global reach |
C. Elasticity | Elasticity | The AWS Global Cloud Infrastructure is the most secure, extensive, and reliable cloud platform, offering over 200 fully featured services from data centers globally. Whether you need to deploy your application workloads across the globe in a single click, or you want to build and deploy specific applications closer to your end-users with single-digit millisecond latency, AWS provides you the cloud infrastructure where and when you need it. | |
| D008 | Which component of the AWS global infrastructure provides low-latency access to content in multiple geographic areas by storing copies of data close to end users? | A. AWS Regions B. Availability Zones C. Local Zones D. Edge locations |
C. Local Zones | AWS Local Zones | AWS Local Zones allow you to use select AWS services, like compute and storage services, closer to more end-users, providing them very low latency access to the applications running locally. | |
| D009 | Which of the following is an AWS Well-Architected Framework design principle for operational excellence in the AWS Cloud? | A. Go global in minutes. B. Make frequent, small, reversible changes. C. Implement a strong foundation of identity and access management. D. Stop spending money on hardware infrastructure for data center operations. |
B. Make frequent, small, reversible changes. | AWS Well-Architected Framework design principle for operational excellence | There are five design principles for operational excellence in the cloud: Perform operations as code: In the cloud, you can apply the same engineering discipline that you use for application code to your entire environment. You can define your entire workload (applications, infrastructure) as code and update it with code. You can implement your operations procedures as code and automate their run process by initiating them in response to events. By performing operations as code, you limit human error and achieve consistent responses to events. Make frequent, small, reversible changes: Design workloads to permit components to be updated regularly. Make changes in small increments that can be reversed if they fail (without affecting customers when possible). Refine operations procedures frequently: As you use operations procedures, look for opportunities to improve them. As you evolve your workload, evolve your procedures appropriately. Set up regular game days to review and validate that all procedures are effective and that teams are familiar with them. Anticipate failure: Perform “pre-mortem” exercises to identify potential sources of failure so that they can be removed or mitigated. Test your failure scenarios and validate your understanding of their impact. Test your response procedures to verify that they are effective, and that teams are familiar with their process. Set up regular game days to test workloads and team responses to simulated events. Learn from all operational failures: Drive improvement through lessons learned from all operational events and failures. Share what is learned across teams and through the entire organization. |
|
| D010 | Which of the following are advantages of the AWS Cloud? (Select TWO.) | A. AWS manages all the security within the cloud B. Expenses never change from month to month C. Users can stop spending money on the maintenance of data centers D. Users do not need to deploy applications globally E. Users can stop guessing about resource capacity |
C. Users can stop spending money on the maintenance of data centers E. Users can stop guessing about resource capacity |
AWS Cloud | stop spending money on the maintenance of data centers. stop guessing about resource capacity |
|
| D011 | How does the AWS Cloud help companies build agility into their processes and cloud infrastructure? | A. Companies can avoid provisioning too much capacity when they do not know how much capacity is required. B. Companies can expand into new geographic regions. C. Companies can access a range of technologies to experiment and innovate quickly. D. Companies can pay for IT resources only when they use the resources. |
C. Companies can access a range of technologies to experiment and innovate quickly. | AWS Cloud | agility | |
| D013 | Which of the following is an architectural design principle of the AWS WeII-Architected Framework? | A. Loosely couple components B. Build monolithic systems C. Scale vertically, not horizontally D. Use third-party software |
A. Loosely couple components | AWS WeII-Architected Framework | Loosely couple components | |
| D014 | Which AWS service provides storage that can be mounted across multiple Amazon EC2 instances? |
A. Amazon WorkSpaces B. Amazon Elastic File System (Amazon EFS) C. AWS Database Migration Service (AWS DMS) D. AWS Snowball Edge |
B. Amazon Elastic File System (Amazon EFS) | Amazon Elastic File System (Amazon EFS) | ||
| D039 | How does the AWS global infrastructure offer high availability and fault tolerance lo its users? | A. The AWS infrastructure is made up of multiple AWS Regions within various Availability Zones located in areas that have low flood risk and are interconnected with low-latency networks and redundant power supplies B. The AWS infrastructure consists of subnets containing various Availability Zones with multiple data centers located in the same geographic location C. AWS allows users to choose AWS Regions and data centers so that users can select the closest data centers in different Regions D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that ate connected with low-latency networking and redundant power supplies |
D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that ate connected with low-latency networking and redundant power supplies | Availability Zone | Availability Zone, low-latency networking and redundant power supplies, high availability and fault tolerance | |
| D059 | A company is running a critical workload on an Amazon RDS D8 instance. The company needs the DB instance to be highly available with a recovery time of less than 5 minutes. Which solution will meet these requirements? | A. Create a read replica of the DB instance. B. Create a template of the DB instance by using AWS Cloud Formation. C. Take frequent snapshots of the DB instance. Store the snapshots in Amazon S3. D. Modify the DB instance to be a Multi-AZ deployment. |
D. Modify the DB instance to be a Multi-AZ deployment. | Multi-AZ deployment | A Multi-AZ deployment of Amazon RDS automatically provisions and maintains a synchronous standby replica in a different availability zone (AZ) than the primary instance. In the event of a failure of the primary instance, the replica is promoted to be the new primary instance, and the recovery time is less than 5 minutes. This ensures high availability for the critical workload and meets the company's requirement for a recovery time of less than 5 minutes. Additionally, it also provides automatic failover and data replication, so in case of any disaster or unplanned outage you will have a fully-working DB instance up and running with minimal data loss. | |
| D062 | Which AWS services use cloud-native storage that provides replication across multiple Availability Zones by default? (Choose two.) | A. Amazon ElastiCache B. Amazon RDS for Oracle C. Amazon Neptune D. Amazon DocumentDB (with MongoDB compatibility) E. Amazon Redshift |
B. Amazon RDS for Oracle E. Amazon Redshift |
Multi-AZ deployment | multiple Availability Zones by default, Amazon RDS for Oracle, Amazon Redshift |
|
| D064 | A company needs a content delivery network that provides secure delivery of data, videos, applications, and APIs to users globally with low latency and high transfer speeds. Which AWS service meets these requirements? |
A. Amazon CloudFront B. Elastic Load Balancing C. Amazon S3 D. Amazon Elastic Transcoder |
Amazon CloudFront | Amazon CloudFront | low latency, delivery of videos, Amazon CloudFront | |
| D071 | A company wants its Amazon EC2 instances to operate in a highly available environment, even if there in a natural disaster in a particular geographic area. Which solution achieves this goal? | A. Use EC2 instances in a single Availability Zone. B. Use EC2 instance in multiple AWS Regions. C. Use EC2 instance in multiple edge locations. D. Use Amazon Cloudfront with the EC2 instance configured as the source. |
D. Use Amazon Cloudfront with the EC2 instance configured as the source. | Amazon CloudFront | ||
| D075 | Which of the following are design principles of the reliability pillar of the AWS Well-Architected Framework? (Select TWO.) | A. Perform operations as code. B. Stop guessing capacity. C. Adopt serverless architecture whenever possible. D. Use build and deployment management systems. E. Make changes to infrastructure by using automation. |
B. Stop guessing capacity. E. Make changes to infrastructure by using automation. |
AWS Well-Architected Framework, Reliability pillar | ||
| D081 | A company is defining its AWS multi-account strategy. The company needs to control access to AWS services and needs to consolidate billing across accounts. Which AWS service should the company use to meet these requirements? | A. AWS Organizations B. AWS Identity and Access Management (IAM) C. AWS Billing and Cost Management D. Amazon Cognito |
A. AWS Organizations | AWS Organizations | AWS Organizations, consolidate billing across accounts. | |
| D085 | Which component of the AWS global infrastructure does Amazon CloudFront use to speed up the delivery of content to users across the world? | A. Amazon VPC B. Edge location C. Local Zone D. AWS Outposts connection |
B. Edge location | Amazon CloudFront | AWS global infrastructure, Amazon CloudFront, Edge location | |
| D095 | A company is using AWS Organizations to configure AWS accounts. Which design principle is a best practice for the company to implement? | A. Organize accounts based on security and operational needs. B. Assign multiple sets of related workloads to each production account. C. Deploy workloads to the organization's management account. D. Combine production workloads and non-production workloads. |
A. Organize accounts based on security and operational needs. | AWS Organizations | AWS Organizations, design principle | |
| D107 | Which component of the AWS global infrastructure does Amazon CloudFront use to deliver content to end users with low latency? | A. Edge locations B. AWS Regions C. Availability Zones D. AWS Direct Connect connections |
A. Edge locations | Amazon CloudFront | Amazon CloudFront, Edge location | |
| D113 | A company wants to use a server less compute service for an application. When AWS service will meet tins requirement? |
A. AWS Lamba B. AWS CloudFormation C. AWS Elastic Beanstalk D. Elastic Load Balancing |
A. AWS Lambda | AWS Lambda | AWS Lambda, server less compute service | |
| D114 | Which task can a company complete by using AWS Organizations? | A. Track application deployment statuses globally. B. Remove unused and underutilized AWS resources across all accounts. C. Activate DDoS protection across all accounts. D. Share pre-purchased Amazon EC2 resources across accounts |
C. Activate DDoS protection across all accounts | AWS Organizations | AWS Organizations, Activate DDoS protection across all accounts | |
| D127 | A company wants to build an application that uses AWS Lambda to run Python code. Under the AWS shared responsibility model, which tasks will be the company's responsibility? (Select TWO.) |
A. Management of the underlying infrastructure. B. Management of the operating system. C. Writing the business logic code. D. Installation of the computer language runtime. E. Providing AWS Identity and Access Management (IAM) access to the Lambda service |
C. Writing the business logic code. E. Providing AWS Identity and Access Management (1AM) access to the Lambda service. |
AWS shared responsibility model, AWS Lambda | ||
| D141 | A company has a global website with static content. Which AWS service will deliver the static content with low latency? |
A. AWS Lambda B. Amazon CloudFront C. Amazon EC2 Auto Scaling D. AWS Compute Optimizer |
B. Amazon CloudFront | Amazon CloudFront | Amazon CloudFront, low latency | |
| D153, D161 | Which of the following gives a company the ability to take advantage of tiered pricing tor services across multiple AWS member accounts? | A. AWS Organizations service control policies (SCPs) B. AWS Organizations consolidated billing C. All Upfront Reserved instances D. Cost Explorer utilization reports |
B. AWS Organizations consolidated billing | AWS Organizations | AWS Organizations, consolidated billing | |
| D180 | Which design principles of the AWS WelI-Architected Framework help increase reliability? (Select TWO.) |
A. Automatically recover from failure. B. Enable traceability. C. Scale horizontally to increase workload availability. D. Automate security best practices. E. Keep people away from data. |
A. Automatically recover from failure. C. Scale horizontally to increase workload availability. |
AWS Well-Architected Framework, Reliability pillar | ||
| D185 | Which of the following consists of one or more isolated data centers in the same regional area that are interconnected through low-latency networks? | A. Availability Zone B. Edge location C. AWS Region D. Private networking |
A. Availability Zone | Availability Zone | low-latency networks | |
| D188 | A system automatically recovers from failure when a company launches its workload on the AWS Cloud services platform. Which pillar of the AWS Well-Architected Framework does this situation demonstrate? |
A. Reliability B. Cost optimization C. Performance efficiency D. Operational excellence. |
A. Reliability | AWS Well-Architected Framework, Reliability pillar | ||
| D195 | A company needs an AWS service that can monitor the company's AWS account If the service identifies misconfigurations; the company's operations team must receive an alert Additionally, the service must remediate the issues by invoking AWS Lambda functions. Which service will meet these requirements? |
A. Amazon Macie B. Amazon GuardDuty C. AWS Config D. AWS Trusted Advisor |
D. AWS Trusted Advisor | AWS Trusted Advisor | monitor misconfigurations, | |
| D196 | A company implements an Amazon EC2 Auto Scaling policy along with an Application Load Balancer to automatically recover unhealthy applications that run on Amazon EC2 instances. Which pillar of the AWS Well-Architected Framework does this action cover? |
A. Security B. Performance efficiency C. Operational excellence D. Reliability |
D. Reliability | AWS Well-Architected Framework, Reliability pillar | ||
| D211 | A company acquired another corporation. The company now has two AWS accounts. Which AWS service or tool can the company use to consolidate the billing for these two accounts? |
A. AWS Systems Manager B. AWS Organizations C. AWS License Manager D. Cost Explorer |
B. AWS Organization | AWS Organizations | AWS Organizations, consolidated billing | |
| D214 | Which pillar of Vie AWS Well-Architected Framework is focused on the ability of a workload lo perform its intended function correctly and consistently at the expected time? | A. Performance efficiency B. Operational excellence C. Reliability D. Security |
A. Performance efficiency | AWS Well-Architected Framework, Performance efficiency pillar | AWS Well-Architected Framework, Performance efficiency pillar, expected time | |
| D236 | Which AWS service or feature provides high availability and low latency within an AWS Region? | A. Edge locations B. Availability Zones C. AWS Outposts D. Amazon Route 53 |
B. Availability Zones | Availability Zone | high availability and low latency within an AWS Region | |
| D256 | A company wants to design its cloud architecture so that its workloads are resilient can consistently perform their intended functions correctly and can recover from failure quickly. Which pillar of the AWS Well-Architected Framework does this architecture represent? |
A. Security B. Performance efficiency C. Operational excellence D. Reliability |
D. Reliability | AWS Well-Architected Framework, Reliability pillar | ||
| D257 | How does consolidated billing help reduce costs for a company that has multiple AWS accounts? | A. It aggregates usage across accounts so that the company can reach volume discount thresholds sooner. B. It offers an additional 5% discount on purchases of All Upfront Reserved Instances. C. It provides a simplified billing invoice that the company can process more quickly than a standard invoice. D. It gives AWS resellers the ability to bill their customers for usage. |
A. It aggregates usage across accounts so that the company can reach volume discount thresholds sooner. | AWS Organizations | AWS Organizations, consolidated billing | |
| D270 | A company needs to perform data processing once a week that typically takes about 5 hours to complete. Which AWS service should the company use for this workload? |
A. AWS Lambda B. Amazon EC2 C. AWS CodeDeploy D. AWS Wavelength |
A. AWS Lambda | AWS Lambda | ||
| D281 | A company has acquired several other companies. All the companies host their IT infrastructure in the AWS Cloud. Which AWS service should the acquiring company use to centralize the account management? | A. AWS Systems Manager B. AWS Organizations C. AWS Security Hub D. Amazon Workspaces |
B. AWS Organization | AWS Organizations | AWS Organizations, centralize the account management | |
| D283 | Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.) | A. Resource scalability B. Performance efficiency C. System elasticity D. Agile development E. Operational excellence |
B. Performance efficiency E. Operational excellence |
AWS Well-Architected Framework | <Pillars > - Operational excellence - Security - Reliability - Performance efficiency - Cost optimization - Sustainability |
|
| D284 | Which AWS service or feature enables users to get one bill and easily track charges for multiple AWS accounts? | A. AWS Organizations B. Cost Explorer C. AWS Trusted Advisor D. AWS Management Console |
A. AWS Organizations | AWS Organizations | AWS Organizations, consolidated billing | |
| D291 | A company's procurement department wants volume discounts on AWS services for the company but numerous departments have separate AWS accounts. Which AWS service or tool can the company use to receive volume discounts across multiple AWS accounts? | A. Cost Explore' B. AWS Budgets C. AWS Cost and Usage Report D. AWS Organizations |
D. AWS Organizations | AWS Organizations | AWS Organizations, receive volume discounts across multiple AWS accounts | |
| D304 | A company is designing a web application that will run on Amazon EC2 instances. Which AWS services and features will improve availability and reduce the impact of failures for this application? (Choose two.) |
A. Amazon EC2 Auto Scaling for the EC2 instances B. VPC subnet ACLs to check the health of a service C. Resources that are distributed across multiple Availability Zones D. Configuration of AWS Server Migration Service (AWS SMS) to move the EC2 instances to a different AWS Region E. Resources that are distributed across multiple AWS points of presence |
A. Amazon EC2 Auto Scaling for the EC2 instances C. Resources that are distributed across multiple Availability Zones |
Availability Zone | improve availability and reduce the impact of failures | |
| D313 | A company wants its Amazon EC2 instances to provide a low-latency static website to global users. What should the company do to meet this requirement? |
A. Use the EC2 instances in multiple edge locations. B. Use an Application Load Balancer with the EC2 instances configured as the target. C. Use the EC2 instances in the same Availability Zone but in different AWS Regions. D. Use Amazon CloudFront with the EC2 instances configured as the source. |
C. Use the EC2 instances in the same Availability Zone but in different AWS Regions. | Availability Zone | low-latency | |
| D315 | Which AWS services are delivered globally instead of regionally? (Select TWO.) | A. Amazon EC2 B. Amazon CloudFront C. Amazon Route 53 D. Amazon VPC E. Amazon RDS |
B. Amazon CloudFront C. Amazon Route 53 |
Amazon CloudFront | ||
| D316 | Which pillar of the AWS Well-Architected Framework includes the continual improvement of processes and procedures as a priority? | A. Cost optimization B. Reliability C. Performance efficiency D. Operational excellence |
B. Reliability | AWS Well-Architected Framework, Reliability pillar | ||
| D356 | A company wants its Amazon EC2 instance to share the same geographic area but use redundant underlying power sources. Which solution will meet these requirements? |
A. Use EC2 instance across multiple Availability Zones in the same AWS Region. B. Use Amazon CloudFront as the database for the EC2 instances. C. Use EC2 instances in the same edge location and the same Availability Zone. D. Use EC2 instances in AWS OpsWorks stacks in different AWS Regions. |
A. Use EC2 instance across multiple Availability Zones in the same AWS Region. | Multi-AZ deployment | share the same geographic area but use redundant underlying power sources. | |
| D91 | A company is using AWS Lambda. Which task is the company's responsibility, according to the AWS shared responsibility model? |
A. Update the Lambda runtime language B. Maintain the runtime environment C. Maintain the networking infrastructure D. Configure the resource |
D. Configure the resource | AWS Lambda | AWS Lambda, AWS shared responsibility model, responsibility of a company | |
| D92 | What is a customer responsibility under the AWS shared responsibility model when using AWS Lambda? |
A. Maintenance of the underlying Lambda hardware. B. Maintenance of the Lambda networking infrastructure. C. The code and libraries that run in the lambda function. D. The Lambda server software. |
C. The code and libraries that run in the lambda function. | AWS Lambda | AWS Lambda, AWS shared responsibility model, customer responsibility |
The AWS Well-Architected Framework is a set of best practices and guidelines that helps customers design and operate their workloads on AWS. The framework consists of five pillars:
- Operational Excellence: focuses on the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures.
- Security: focuses on protecting information, systems, and assets while delivering business value through risk assessments and mitigation strategies.
- Reliability: focuses on the ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues
- Performance Efficiency: focuses on using computing resources effectively and making tradeoffs between cost and performance.
- Cost optimization: focuses on the return on investment of moving into the AWS Cloud.
반응형
'IT,SW,Data,Cloud,코딩' 카테고리의 다른 글
| 프롬프트 엔지니어링 2 Prompt Engineering 2 (1) | 2023.10.25 |
|---|---|
| 프롬프트 엔지니어링 Prompt Engineering (0) | 2023.10.25 |
| AWS Certified Cloud Practitioner 자격증 공부방법 및 취득후기 - 간단 요약 (0) | 2023.07.16 |
| 빅데이터분석기사 실기시험 23년 6월 시험부터 단답형 문제 사라짐 (1) | 2023.05.22 |
| 빅데이터분석기사_캐글_T1-2.Outlier 이상치 소수점 (0) | 2022.10.12 |
| 빅데이터분석기사_캐글T1-1_IQR (0) | 2022.10.11 |
| 파이썬 공부4 (0) | 2022.09.19 |
| 파이썬 공부3 (0) | 2022.09.13 |
댓글