Which design principles are enabled by AWS cloud to improve the operation of workloads?

1.Which of the following are ways to improve security on AWS? (Choose two.)

A. Using AWS Artifact
B. Granting the broadest permissions to all IAM roles
C. Running application code with AWS Cloud9
D. Enabling multi-factor authentication (MFA) with Amazon Cognito
E. Using AWS Trusted Advisor security checks

2.Which of the following enables users to leverage the power of AWS services programmatically?

A. AWS Command Line Interface (AWS CLI)
B. AWS Trusted Advisor
C. AWS CodeDeploy
D. AWS Management Console

3. Which security credentials are required to run commands by using the AWS Command Line Interface (AWS CLI)?

A. Access Key ID and Secret Access Key
B. AWS root user email and password
C. Amazon Elastic Compute Cloud (Amazon EC2) key pairs
D. AWS Identity and Access Management (IAM) user name and password

4. Which are customer responsibilities when using Amazon EC2? (Choose two.)

A. Underlying hardware maintenance
B. File-system-level encryption
C. Guest operating system firewall configuration
D. Hypervisor-level software patching
E. Physical security at data center facilities

5. A web developer has limited knowledge of AWS networking services such as Amazon VPC, Elastic Load Balancing, and Auto Scaling, but wants to host a highly available web application. Which AWS service would automatically handle the deployment and reduce the complexity for the developer?

A. AWS CodeDeploy
B. AWS Resource Access Manager
C. AWS Elastic Beanstalk
D. AWS CloudFormation

6. A company wants to route its traffic directly and privately to a VPC without going over the public internet. Which connectivity option provides this capability?

A. AWS VPN
B. AWS Direct Connect
C. VPC NAT gateway
D. VPC internet gateway

7. A company wants to build an application for a new line of business. According to the AWS Well-Architected Framework, what design principles should be implemented? (Choose two.)

A. Consolidate multiple AWS accounts into a single account.
B. Buy and host hardware in the AWS Cloud.
C. Decouple the AWS Cloud architecture to break up monolithic deployments.
D. Move on-premises network hardware to VPCs.
E. Design elasticity into the AWS Cloud design.

8. A company wants to forecast its AWS Cloud costs for the upcoming year by analyzing its past AWS Cloud spending trends. Which AWS service should the company use to meet this requirement?

A. AWS Control Tower
B. Cost Explorer
C. AWS OpsWorks
D. AWS CloudFormation

9. Which AWS service or feature can help a company determine if it has Amazon S3 buckets that are publicly available?

A. AWS Service Health Dashboard
B. Amazon CloudWatch Logs
C. AWS Trusted Advisor
D. AWS Service Catalog

10. A company’s newly launched application is gaining in popularity very quickly. To improve customer service, the company wants to set up a phone number to manage the increasing volume of calls received by the company’s support staff. Which AWS service should be used to meet this requirement?

A. Amazon Connect
B. Amazon CloudFront
C. Amazon DirectConnect
D. AWS Trusted Advisor

11. Which credentials used to sign in to the AWS Management Console meet security best practices? (Choose two.)

A. An access key
B. Multi-factor authentication
C. X.509 certificates
D. A secret key
E. User name and password

12. AWS can relieve a company’s IT staff of which of the following IT tasks? (Choose two.)

A. Patching database software
B. Storage capacity planning
C. Creating database schemas
D. Setting up access controls for data
E. Writing application code

13. A company’s security team requires that all Amazon EC2 workloads use approved Amazon Machine Images (AMIs). Which AWS service should the company use to verify that the EC2 instances are using approved AMIs?

A. Amazon CloudWatch
B. Amazon Inspector
C. AWS Config
D. AWS Trusted Advisor

14. Which of the following are benefits of using the AWS Cloud? (Choose two.)

A. 100% fault tolerance
B. Total control over underlying infrastructure
C. Fast provisioning of IT resources
D. Outsourcing all application coding to AWS
E. Ability to go global quickly

15. Which of the following security-related aspects of running an Amazon Elastic Compute Cloud (Amazon EC2) instance is the responsibility of AWS?

A. Security of private keys
B. Hypervisor software updates
C. Security updates to software running on the instance
D. Policies controlling instance access

16. Which AWS service aggregates, organizes, and prioritizes security alerts and findings from multiple AWS services?

A. Amazon Detective
B. Amazon Inspector
C. Amazon Macie
D. AWS Security Hub

17. A developer has an AWS account and needs access to another account’s test database. Which AWS service or feature can the developer use to gain access to the test database?

A. Amazon Macie
B. Security groups
C. IAM roles
D. AWS Trusted Advisor

18. Using Amazon Elastic Container Service (Amazon ECS) to break down a monolithic architecture into microservices is an example of:

A. a loosely coupled architecture.
B. a tightly coupled architecture.
C. a stateless architecture.
D. a stateful architecture.

19. Which service enables customers to audit API calls in their AWS accounts?

A. AWS CloudTrail
B. AWS Trusted Advisor
C. Amazon Inspector
D. AWS X-Ray

20. Which VPC component provides a layer of security at the subnet level?

A. Security groups
B. Network ACLs
C. NAT gateways
D. Route tables

21. Which benefit is available for Convertible Reserved Instances but NOT Standard Reserved Instances?

A. The instances can be exchanged for instances of a different instance size.
B. The instances can be exchanged for instances of a different instance family.
C. The instances can be changed to a different Availability Zone.
D. The instances can be changed to a different AWS Region.

22. A user wants to move legacy applications to the AWS Cloud to reduce the total cost. Which option is the MOST cost-effective according to best practices?

A. Rewrite the legacy applications in an open-source language, such as Python.
B. Right-size the Amazon EC2 instances to prevent over-provisioning in terms of compute and memory.
C. Migrate relational databases to Amazon DynamoDB.
D. Reserve a data center facility with an upfront payment, which provides an additional discount.

23. According to the AWS shared responsibility model, which task is the responsibility of AWS for workloads running on Amazon EC2?

A. Updating the physical hardware
B. Updating the operating system
C. Updating the database engine
D. Updating the user data

24. A user needs to identify underutilized Amazon Elastic Block Store (Amazon EBS) volumes to reduce costs. Which AWS service or feature will meet this requirement?

A. AWS CloudTrail
B. AWS Budgets
C. AWS Trusted Advisor
D. AWS Personal Health Dashboard

25. Which AWS service will help a company identify the user who deleted an Amazon EC2 instance yesterday?

A. Amazon CloudWatch
B. AWS Trusted Advisor
C. AWS CloudTrail
D. Amazon Inspector

26. A company has existing software licenses that it wants to bring to AWS, but the licensing model requires licensing physical cores. How can the company meet this requirement in the AWS Cloud?

A. Launch an Amazon EC2 instance with default tenancy.
B. Launch an Amazon EC2 instance on a Dedicated Host.
C. Create an On-Demand Capacity Reservation.
D. Purchase Dedicated Reserved Instances.

27. A company must keep records of all resource changes that are made through the AWS Management Console and AWS APIs. Which AWS service should the company use to meet this requirement?

A. Amazon CloudWatch
B. AWS CloudTrail
C. AWS X-Ray
D. Amazon Inspector

28. A company requires an isolated environment within AWS for security purposes. Which action can be taken to accomplish this?

A. Create a separate Availability Zone to host the resources.
B. Create a separate VPC to host the resources.
C. Create a placement group to host the resources.
D. Create an AWS Direct Connect connection between the company and AWS

29. A company needs to monitor and forecast AWS costs and usage. The company also must set event-driven alert notifications that occur if spending limits are exceeded. Which AWS service or tool should the company use to meet these requirements?

A. AWS Budgets
B. Amazon CloudWatch
C. AWS Config
D. AWS Service Catalog

30. Which of the following is a best practice for creating policies for IAM users?

A. Start with a large set of permissions and remove the permissions that are not required.
B. Use only Amazon managed policies.
C. Start with a minimum set of permissions and grant additional permissions as necessary.
D. Attach policies directly to each user individually.

31. A user with an AWS Basic Support plan has determined that illegal activities are being run on their AWS resources. What is the recommended method for the user to report the activity to AWS?

A. Contact the AWS Concierge Support team.
B. Contact an AWS technical account manager.
C. Contact the AWS Abuse team.
D. Contact the AWS Support team.

32. When comparing AWS Cloud with on-premises Total Cost of Ownership, which expenses must be considered? (Choose two.)

A. Physical storage hardware
B. Operating system administration
C. Network infrastructure of data center
D. Project management
E. Database schema development

33. A company uses Amazon EC2 infrastructure to host steady-state workloads and needs to achieve significant cost savings. Which EC2 instance pricing model should the company select?

A. Reserved Instances
B. On-Demand Instances
C. Spot Instances
D. Dedicated Hosts

34. Which guideline is a well-architected design principle for building cloud applications?

A. Keep static data closer to compute resources.
B. Provision resources for peak capacity.
C. Design for automated recovery from failure.
D. Use tightly coupled components.

35. What does the AWS Cloud provide to increase the speed and agility of execution for customers? (Choose two.)

A. Readily available resources with low provisioning times
B. Scalable compute capacity
C. Free Tier services usage
D. Access to AWS data centers
E. Lower resource provisioning cost

36. A company believes an unauthorized user copied data from an Amazon S3 bucket to their own account. Which AWS service will record the actions taken by the user?

A. Amazon CloudWatch
B. AWS CloudTrail
C. AWS Infrastructure Event Management
D. AWS Systems Manager

37. Which AWS service provides a simple way to set up a new multi-account AWS environment and govern it at scale?

A. AWS Trusted Advisor
B. AWS Security Hub
C. AWS Control Tower
D. AWS Resource Access Manager

38. How does the AWS global infrastructure offer high availability and fault tolerance to its users?

A. The AWS infrastructure is made up of multiple AWS Regions within various Availability Zones located in areas that have low flood risk, and are interconnected with low-latency networks and redundant power supplies.
B. The AWS infrastructure consists of subnets containing various Availability Zones with multiple data centers located in the same geographic location.
C. AWS allows users to choose AWS Regions and data centers so that users can select the closest data centers in different Regions.
D. The AWS infrastructure consists of isolated AWS Regions with independent Availability Zones that are connected with low-latency networking and redundant power supplies.

39. How can moving to the AWS Cloud help users reduce the time dedicated to operating system patching? (Choose two.)

A. Users can take advantage of managed services on AWS.
B. Users can outsource operating system patching to the AWS Support team.
C. AWS Professional Services will upgrade instances to the latest operating system versions.
D. Users have the ability to use license-included Amazon EC2 instances.
E. Users can take advantage of AWS Systems Manager features.

40. A user has an AWS Business Support plan and requires detailed billing information. Which AWS resource will help?

A. AWS Concierge Support
B. AWS Service Catalog
C. AWS Budgets
D. AWS Cost and Usage Report

41. A company has enabled billing alerts in its AWS account and wants to receive a notification through Amazon Simple Notification Service (Amazon SNS) whenever its monthly bill exceeds a set amount. Which AWS service or tool should the company use to achieve this?

A. Amazon CloudWatch
B. Cost Explorer
C. AWS Cost and Usage Report
D. AWS Pricing Calculator

42. A security officer wants a list of any potential vulnerabilities in Amazon EC2 security groups. Which AWS service should the officer use?

A. Amazon GuardDuty
B. AWS Trusted Advisor
C. AWS CloudTrail
D. AWS Artifact

43. A company has multiple departments. Each department uses its own AWS account. Which AWS service or tool can the company use to combine the billing for all accounts into one bill?

A. Amazon Forecast
B. AWS Budgets
C. AWS Organizations
D. AWS Marketplace

44. A cloud practitioner needs to obtain AWS compliance reports before migrating an environment to the AWS Cloud. How can these reports be generated?

A. Contact the AWS Compliance team
B. Download the reports from AWS Artifact
C. Open a case with AWS Support
D. Generate the reports with Amazon Macie

45. A large company has a workload that requires hardware to remain on premises. The company wants to use the same management and control plane services that it currently uses on AWS. Which AWS service should the company use to meet these requirements?

A. AWS Device Farm
B. AWS Fargate
C. AWS Outposts
D. AWS Ground Station

46. Which tasks require using AWS account root user credentials? (Choose two.)

A. Creating an Amazon EC2 key pair
B. Removing an IAM user from the administrators group
C. Changing the AWS Support plan
D. Creating an Amazon CloudFront key pair
E. Granting an IAM user full administrative access

47. Which of the following are advantages of using Amazon EC2 instances over traditional on-premises servers? (Choose two.)

A. Pay-as-you-go pricing
B. Automation
C. Self-maintenance of servers
D. Agility
E. Access to physical hosts

48. To avoid malicious compute activities, a user needs a quick way to determine if any Amazon EC2 instances have ports that allow unrestricted access. Which AWS service will support this requirement?

A. VPC Flow Logs
B. AWS WAF
C. AWS CloudTrail
D. AWS Trusted Advisor

49. What are the market advantages of running workloads in the AWS Cloud? (Choose two.)

A. Less staff time is required to deploy new workloads.
B. Increased time to market for new application features.
C. Higher acquisition costs to support peak workloads.
D. Increased productivity for application development teams.
E. A decrease in the average server CPU utilization.

50. Which Amazon S3 storage class allows users to store data backups for long periods of time at the LOWEST cost?

A. S3 Standard-Infrequent Access (S3 Standard-IA)
B. S3 Standard
C. S3 Glacier
D. S3 One Zone-Infrequent Access (S3 One Zone-IA)

51. Which of the following technologies provides a secure network connection from on-premises to AWS?

A. Virtual Private Network
B. AWS Snowball
C. Amazon Virtual Private Cloud (Amazon VPC)
D. AWS Mobile Hub

52. When using Amazon RDS, what is the customer responsible for?

A. Patching and maintenance of the underlying operating system.
B. Managing automatic backups of the database.
C. Controlling network access through security groups.
D. Replacing failed instances in the event of a hardware failure

53. Which controls are shared under the AWS shared responsibility model? (Choose two.)

A. Awareness and training
B. Patching of Amazon RDS
C. Configuration management
D. Physical and environmental controls
E. Service and communications protection or security

54. A company has decided to migrate its production workloads to the AWS Cloud. Which actions can help reduce operational costs as part of the migration? (Choose two.)

A. Reduce overprovisioned instances.
B. Rehost all third-party licenses on AWS.
C. Implement a highly available architecture.
D. Use managed services.
E. Improve application security.

55. Which design principles are enabled by the AWS Cloud to improve the operation of workloads? (Choose two.)

A. Minimize upfront design
B. Loose coupling
C. Disposable resources
D. Server design and concurrency
E. Minimal viable product

56. To optimize costs and resource usage, a company needs to monitor the operational health of its entire system of AWS Cloud resources. Which AWS service will meet these requirements?

A. AWS Organizations
B. Amazon CloudWatch
C. AWS CloudTrail
D. AWS Config

57. If a user has an AWS account with an Enterprise-level AWS Support plan, who is the primary point of contact for billing or account inquiries?

A. Solutions architect
B. AWS Concierge Support team
C. An AWS Marketplace seller
D. AWS Partner Network (APN) partner

58. Which AWS service will track user activity on AWS?

A. Amazon GuardDuty
B. AWS Trusted Advisor
C. AWS CloudTrail
D. Amazon CloudWatch

59. A cloud practitioner needs an effective method to decrease application latency and increase performance for end users. Which services will help? (Choose two.)

A. Amazon Elastic Container Service (Amazon ECS) for Kubernetes
B. Amazon S3
C. Amazon AppStrearn 2.0
D. Amazon ElastiCache
E. Amazon CloudFront

60. A company is building a business intelligence solution and wants to use dashboards for reporting purposes. Which AWS service can be used?

A. Amazon Redshift
B. Amazon Elasticsearch Service (Amazon ES)
C. Amazon QuickSight
D. Amazon Athena

Which design principles are enabled by the AWS cloud to improve the operation of workloads?

Which of the following is an AWS cloud architecture design principle?

Which design principle is achieved by following the reliability pillar of the AWS well architected framework?

Which cloud architecture design concept is supported by distributing workloads across various?