1.Which of the following are ways to improve security on AWS? (Choose two.) Show
A. Using AWS Artifact 2.Which of the following enables users to leverage the power of AWS services programmatically? A. AWS Command Line Interface (AWS CLI) 3. Which security credentials are required to run commands by using the AWS Command Line Interface (AWS CLI)? A. Access Key ID and Secret Access Key 4. Which are customer responsibilities when using Amazon EC2? (Choose two.) A. Underlying
hardware maintenance 5. A web developer has limited knowledge of AWS networking services such as Amazon VPC, Elastic Load Balancing, and Auto Scaling, but wants to host a highly available web application. Which AWS service would automatically handle the deployment and reduce the complexity for the developer? A. AWS CodeDeploy 6. A company wants to route its traffic directly and privately to a VPC without going over the public internet. Which connectivity option provides this capability? A. AWS VPN 7. A company wants to build an application for a new line of business. According to the AWS Well-Architected Framework, what design principles should be implemented? (Choose two.) A. Consolidate multiple AWS accounts into a single account. 8. A company wants to forecast its AWS Cloud costs for the upcoming year by analyzing its past AWS Cloud spending trends. Which AWS service should the company use to meet this requirement? A. AWS Control Tower 9. Which AWS service or feature can help a company determine if it has Amazon S3 buckets that are publicly available? A. AWS Service Health Dashboard 10. A company’s newly launched application is gaining in popularity very quickly. To improve customer service, the company wants to set up a phone number to manage the increasing volume of calls received by the company’s support staff. Which AWS service should be used to meet this requirement? A. Amazon Connect 11. Which credentials used to sign in to the AWS Management Console meet security best practices? (Choose two.) A. An access key 12. AWS can relieve a company’s IT staff of which of the following IT tasks? (Choose two.) A. Patching database software 13. A company’s security team requires that all Amazon EC2 workloads use approved Amazon Machine Images (AMIs). Which AWS service should the company use to verify that the EC2 instances are using approved AMIs? A. Amazon CloudWatch 14. Which of the following are benefits of using the AWS Cloud? (Choose two.) A. 100% fault tolerance 15. Which of the following security-related aspects of running an Amazon Elastic Compute Cloud (Amazon EC2) instance is the responsibility of AWS? A. Security of private keys 16. Which AWS service aggregates, organizes, and prioritizes security alerts and findings from multiple AWS services? A. Amazon Detective 17. A developer has an AWS account and needs access to another account’s test database. Which AWS service or feature can the developer use to gain access to the test database? A. Amazon Macie 18. Using Amazon Elastic Container Service (Amazon ECS) to break down a monolithic architecture into microservices is an example of: A. a loosely coupled architecture. 19. Which service enables customers to audit API calls in their AWS accounts? A. AWS CloudTrail 20. Which VPC component provides a layer of security at the subnet level? A. Security groups 21. Which benefit is available for Convertible Reserved Instances but NOT Standard Reserved Instances? A. The instances can be exchanged for instances of a different instance size. 22. A user wants to move legacy applications to the AWS Cloud to reduce the total cost. Which option is the MOST cost-effective according to best practices? A. Rewrite the legacy
applications in an open-source language, such as Python. 23. According to the AWS shared responsibility model, which task is the responsibility of AWS for workloads running on Amazon EC2? A. Updating the physical hardware 24. A user needs to identify underutilized Amazon Elastic Block Store (Amazon EBS) volumes to reduce costs. Which AWS service or feature will meet this requirement? A. AWS CloudTrail 25. Which AWS service will help a company identify the user who deleted an Amazon EC2 instance yesterday? A.
Amazon CloudWatch 26. A company has existing software licenses that it wants to bring to AWS, but the licensing model requires licensing physical cores. How can the company meet this requirement in the AWS Cloud? A. Launch an Amazon EC2 instance with default tenancy. 27. A company must keep records of all resource changes that are made through the AWS Management Console and AWS APIs. Which AWS service should the company use to meet this requirement? A. Amazon CloudWatch 28. A company requires an isolated environment within AWS for security purposes. Which action can be taken to accomplish this? A. Create a separate Availability Zone to host the resources. 29. A company needs to monitor and forecast AWS costs and usage. The company also must set event-driven alert notifications that occur if spending limits are exceeded. Which AWS service or tool should the company use to meet these requirements? A. AWS Budgets 30. Which of the following is a best practice for creating policies for IAM users? A. Start with a large set of permissions and remove the permissions that are not required. 31. A user with an AWS Basic Support plan has determined that illegal activities are being run on their AWS resources. What is the recommended method for the user to report the activity to AWS? A. Contact the AWS Concierge Support team. 32. When comparing AWS Cloud with on-premises Total Cost of Ownership, which expenses must be considered? (Choose two.) A. Physical storage hardware 33. A company uses Amazon EC2 infrastructure to host steady-state workloads and needs to achieve significant cost savings. Which EC2 instance pricing model should the company select? A. Reserved Instances 34. Which guideline is a well-architected design principle for building cloud applications? A. Keep static data closer to
compute resources. 35. What does the AWS Cloud provide to increase the speed and agility of execution for customers? (Choose two.) A. Readily available resources with low provisioning times 36. A company believes an unauthorized user copied data from an Amazon S3 bucket to their own account. Which AWS service will record the actions taken by the user? A. Amazon CloudWatch 37. Which AWS service provides a simple way to set up a new multi-account AWS environment and govern it at scale? A. AWS Trusted Advisor 38. How does the AWS global infrastructure offer high availability and fault tolerance to its users? A. The AWS infrastructure is made up of multiple AWS Regions within various Availability Zones located in areas that have low flood risk, and are interconnected with low-latency networks and redundant power supplies. 39. How can moving to the AWS Cloud help users reduce the time dedicated to operating system patching? (Choose two.) A. Users can take advantage of managed services on AWS. 40. A user has an AWS Business Support plan and requires detailed billing information. Which AWS resource will help? A. AWS Concierge Support 41. A company has enabled billing alerts in its AWS account and wants to receive a notification through Amazon Simple Notification Service (Amazon SNS) whenever its monthly bill exceeds a set amount. Which AWS service or tool should the company use to achieve this? A. Amazon CloudWatch 42. A security officer wants a list of any potential vulnerabilities in Amazon EC2 security groups. Which AWS service should the officer use? A. Amazon GuardDuty 43. A company has multiple departments. Each department uses its own AWS account. Which AWS service or tool can the company use to combine the billing for all accounts into one bill? A. Amazon Forecast 44. A cloud practitioner needs to obtain AWS compliance reports before migrating an environment to the AWS Cloud. How can these reports be generated? A. Contact the AWS Compliance team 45. A large company has a workload that requires hardware to remain on premises. The company wants to use the same management and control plane services that it currently uses on AWS. Which AWS service should the company use to meet these requirements? A. AWS Device Farm 46. Which tasks require using AWS account root user credentials? (Choose two.) A. Creating an Amazon EC2 key pair 47. Which of the following are advantages of using Amazon EC2 instances over traditional on-premises servers? (Choose two.) A. Pay-as-you-go pricing 48. To avoid malicious compute activities, a user needs a quick way to determine if any Amazon EC2 instances have ports that allow unrestricted access. Which AWS service will support this requirement? A. VPC Flow Logs 49. What are the market advantages of running workloads in the AWS Cloud? (Choose two.) A. Less staff time is required to deploy new workloads. 50. Which Amazon S3 storage class allows users to store data backups for long periods of time at the LOWEST cost? A. S3 Standard-Infrequent Access (S3 Standard-IA) 51. Which of the following technologies provides a secure network connection from on-premises to AWS? A. Virtual Private Network 52. When using Amazon RDS, what is the customer responsible for? A. Patching and maintenance
of the underlying operating system. 53. Which controls are shared under the AWS shared responsibility model? (Choose two.) A. Awareness and training 54. A company has decided to migrate its production workloads to the AWS Cloud. Which actions can help reduce operational costs as part of the migration? (Choose two.) A. Reduce overprovisioned instances. 55. Which design principles are enabled by the AWS Cloud to improve the operation of workloads? (Choose two.) A. Minimize upfront design 56. To optimize costs and resource usage, a company needs to monitor the operational health of its entire system of AWS Cloud resources. Which AWS service will meet these requirements? A. AWS Organizations 57. If a user has an AWS account with an Enterprise-level AWS Support plan, who is the primary point of contact for billing or account inquiries? A. Solutions architect 58. Which AWS service will track user activity on AWS? A. Amazon GuardDuty 59. A cloud practitioner needs an effective method to decrease application latency and increase performance for end users. Which services will help? (Choose two.) A. Amazon Elastic Container Service (Amazon ECS) for Kubernetes 60. A company is building a business intelligence solution and wants to use dashboards for reporting purposes. Which AWS service can be used? A. Amazon Redshift Which design principles are enabled by the AWS cloud to improve the operation of workloads?There are five design principles for reliability in the cloud:. Automatically recover from failure.. Test recovery procedures.. Scale horizontally to increase aggregate workload availability.. Stop guessing capacity.. Manage change in automation.. Which of the following is an AWS cloud architecture design principle?Implementing the single points of failure is one of the design principles of AWS architecture.
Which design principle is achieved by following the reliability pillar of the AWS well architected framework?Reliability Pillar
The design principles within this pillar include using automation for recovery from failure, testing recovery procedures, scaling horizontally to increase workload availability, managing change in automation, and understanding capacity.
Which cloud architecture design concept is supported by distributing workloads across various?Cloud load balancing is the process of distributing workloads across computing resources in a cloud computing environment and carefully balancing the network traffic accessing those resources.
|