AWS CloudPractitioner - Practice Exam

Section 1

4. Which of the below options are related to the reliability of AWS? (Choose TWO)

   • A. Applying the principle of least privilege to all AWS resources.
   • B. Automatically provisioning new resources to meet demand.
   • C. All AWS services are considered Global Services, and this design helps customers serve their international users.
   • D. Providing compensation to customers if issues occur.
   • E. Ability to recover quickly from failures.
   Answer

   Correct answer: B, E

5. Which statement is true regarding the AWS Shared Responsibility Model?

   • A. Responsibilities vary depending on the services used.
   • B. Security of the IaaS services is the responsibility of AWS.
   • C. Patching the guest OS is always the responsibility of AWS.
   • D. Security of the managed services is the responsibility of the customer.
   Answer

   Correct answer: A

6. What does AWS Snowball provide? (Choose TWO)

   • A. Built-in computing capabilities that allow customers to process data locally.
   • B. A catalog of third-party software solutions that customers need to build solutions and run their businesses.
   • C. A hybrid cloud storage between on-premises environments and the AWS Cloud.
   • D. An Exabyte-scale data transfer service that allows you to move extremely large amounts of data to AWS.
   • E. Secure transfer of large amounts of data into and out of the AWS.
   Answer

   Correct answer: A, E

7. An organization has a large number of technical employees who operate their AWS Cloud infrastructure. What does AWS provide to help organize them into teams and then assign the appropriate permissions for each team?

   • A. IAM roles.
   • B. IAM users.
   • C. IAM user groups.
   • D. AWS Organizations.
   Answer

   Correct answer: C

8. What is the advantage of the AWS-recommended practice of “decoupling” applications?

   • A. Allows treating an application as a single, cohesive unit.
   • B. Reduces inter-dependencies so that failures do not impact other components of the application.
   • C. Allows updates of any monolithic application quickly and easily.
   • D. Allows tracking of any API call made to any AWS service.
   Answer

   Correct answer: B

9. One of the most important AWS best-practices to follow is the cloud architecture principle of elasticity. How does this principle improve your architecture’s design?

   • A. By automatically scaling your on-premises resources based on changes in demand.
   • B. By automatically scaling your AWS resources using an Elastic Load Balancer.
   • C. By reducing interdependencies between application components wherever possible.
   • D. By automatically provisioning the required AWS resources based on changes in demand.
   Answer

   Correct answer: D

10. A startup company is operating on limited funds and is extremely concerned about cost overruns. Which of the below options can be used to notify the company when their monthly AWS bill exceeds $2000? (Choose TWO)

    • A. Setup a CloudWatch billing alarm that triggers an SNS notification when the threshold is exceeded.
    • B. Configure the Amazon Simple Email Service to send billing alerts to their email address on a daily basis.
    • C. Configure the AWS Budgets Service to alert the company when the threshold is exceeded.
    • D. Configure AWS CloudTrail to automatically delete all AWS resources when the threshold is exceeded.
    • E. Configure the Amazon Connect Service to alert the company when the threshold is exceeded.
    Answer

    Correct answer: A, C

11. Which of the following does NOT belong to the AWS Cloud Computing models?

    • A. Platform as a Service (PaaS).
    • B. Infrastructure as a Service (IaaS).
    • C. Software as a Service (SaaS).
    • D. Networking as a Service (NaaS).
    Answer

    Correct answer: D

12. Hundreds of thousands of DDoS attacks are recorded every month worldwide. What service does AWS provide to help protect AWS Customers from these attacks? (Choose TWO)

    • A. AWS Shield.
    • B. AWS Config.
    • C. Amazon Cognito.
    • D. AWS WAF.
    • E. AWS KMS.
    Answer

    Correct answer: A, D

13. A company is deploying a new two-tier web application in AWS. Where should the most frequently accessed data be stored so that the application’s response time is optimal?

    • A. AWS OpsWorks.
    • B. AWS Storage Gateway.
    • C. Amazon EBS volume.
    • D. Amazon ElastiCache.
    Answer

    Correct answer: D

14. Which of the following are examples of AWS-Managed Services, where AWS is responsible for the operational and maintenance burdens of running the service? (Choose TWO)

    • A. Amazon VPC.
    • B. Amazon DynamoDB.
    • C. Amazon Elastic MapReduce.
    • D. AWS IAM.
    • E. Amazon Elastic Compute Cloud.
    Answer

    Correct answer: B, C

15. Which of the following must an IAM user provide to interact with AWS services using the AWS Command Line Interface (AWS CLI)?

    • A. Access keys.
    • B. Secret token.
    • C. UserID.
    • D. User name and password.
    Answer

    Correct answer: A

16. You have AWS Basic support, and you have discovered that some AWS resources are being used maliciously, and those resources could potentially compromise your data. What should you do?

    • A. Contact the AWS Customer Service team.
    • B. Contact the AWS Abuse team.
    • C. Contact the AWS Concierge team.
    • D. Contact the AWS Security team.
    Answer

    Correct answer: B

17. Select TWO examples of the AWS shared controls.

    • A. Patch Management.
    • B. IAM Management.
    • C. VPC Management.
    • D. Configuration Management.
    • E. Data Center operations.
    Answer

    Correct answer: A, D

18. What is the AWS service that enables AWS architects to manage infrastructure as code?

    • A. AWS CloudFormation.
    • B. AWS Config.
    • C. Amazon SES.
    • D. Amazon EMR.
    Answer

    Correct answer: A

19. What does the AWS Health Dashboard provide? (Choose TWO)

    • A. Detailed troubleshooting guidance to address AWS events impacting your resources.
    • B. Health checks for Auto Scaling instances.
    • C. Recommendations for Cost Optimization.
    • D. A dashboard detailing vulnerabilities in your applications.
    • E. Personalized view of AWS service health.
    Answer

    Correct answer: A, E

20. Which of the following is not a benefit of Amazon S3? (Choose TWO)

    • A. Amazon S3 provides unlimited storage for any type of data.
    • B. Amazon S3 can run any type of application or backend system.
    • C. Amazon S3 stores any number of objects, but with object size limits.
    • D. Amazon S3 can be scaled manually to store and retrieve any amount of data from anywhere.
    • E. Amazon S3 provides 99.999999999% (11 9’s) of data durability.
    Answer

    Correct answer: B, D

21. What does AWS provide to deploy popular technologies such as IBM MQ on AWS with the least amount of effort and time?

    • A. Amazon Aurora.
    • B. Amazon CloudWatch.
    • C. AWS Quick Start reference deployments.
    • D. AWS OpsWorks.
    Answer

    Correct answer: C

Section 2

9. A company is introducing a new product to their customers, and is expecting a surge in traffic to their web application. As part of their Enterprise Support plan, which of the following provides the company with architectural and scaling guidance?

   • A. AWS Knowledge Center.
   • B. AWS Health Dashboard.
   • C. Infrastructure Event Management.
   • D. AWS Support Concierge Service.
   Answer

   Correct answer: C

10. Which of the below is a best-practice when designing solutions on AWS?

    • A. Invest heavily in architecting your environment, as it is not easy to change your design later.
    • B. Use AWS reservations to reduce costs when testing your production environment.
    • C. Automate wherever possible to make architectural (© ) experimentation easier.
    • D. Provision a large compute capacity to handle any spikes in load
    Answer

    Correct answer: C

11. According to the AWS Acceptable Use Policy, which of the following statements is true regarding penetration testing of EC2 instances?

    • A. Penetration testing is not allowed in AWS.
    • B. Penetration testing is performed automatically by AWS to determine vulnerabilities in your AWS infrastructure.
    • C. Penetration testing can be performed by the customer on their own instances without prior authorization from AWS.
    • D. The AWS customers are only allowed to perform penetration testing on services managed by AWS.
    Answer

    Correct answer: C

12. Which service is used to ensure that messages between software components are not lost if one or more components fail?

    • A. Amazon SQS.
    • B. Amazon SES.
    • C. AWS Direct Connect.
    • D. Amazon Connect.
    Answer

    Correct answer: A

13. The principle “design for failure and nothing will fail” is very important when designing your AWS Cloud architecture. Which of the following would help adhere to this principle? (Choose TWO)

    • A. Multi-factor authentication.
    • B. Availability Zones.
    • C. Elastic Load Balancing.
    • D. Penetration testing.
    • E. Vertical Scaling.
    Answer

    Correct answer: B, C

14. Which of the following is equivalent to a user name and password and is used to authenticate your programmatic access to AWS services and APIs?

    • A. Instance Password.
    • B. Key pairs.
    • C. Access Keys.
    • D. MFA.
    Answer

    Correct answer: C

15. Which of the following EC2 instance purchasing options supports the Bring Your Own License (BYOL) model for almost every BYOL scenario?

    • A. Dedicated Instances.
    • B. Dedicated Hosts.
    • C. On-demand Instances.
    • D. Reserved Instances.
    Answer

    Correct answer: B

16. You are working on two projects that require completely different network configurations. Which AWS service or feature will allow you to isolate resources and network configurations?

    • A. Internet gateways.
    • B. Virtual Private Cloud.
    • C. Security Groups.
    • D. Amazon CloudFront.
    Answer

    Correct answer: B

17. An organization needs to analyze and process a large number of data sets. Which AWS service should they use?

    • A. Amazon EMR.
    • B. Amazon MQ.
    • C. Amazon SNS.
    • D. Amazon SQS.
    Answer

    Correct answer: A

18. In your on-premises environment, you can create as many virtual servers as you need from a single template. What can you use to perform the same in AWS?

    • A. IAM.
    • B. An internet gateway.
    • C. EBS Snapshot.
    • D. AMI.
    Answer

    Correct answer: D

19. What are two advantages of using Cloud Computing over using traditional data centers? (Choose TWO)

    • A. Reserved Compute capacity.
    • B. Eliminating Single Points of Failure (SPOFs).
    • C. Distributed infrastructure.
    • D. Virtualized compute resources.
    • E. Dedicated hosting.
    Answer

    Correct answer: C, D

20. AWS has created a large number of Edge Locations as part of its Global Infrastructure. Which of the following is NOT a benefit of using Edge Locations?

    • A. Edge locations are used by CloudFront to cache the most recent responses.
    • B. Edge locations are used by CloudFront to improve your end users’ experience when uploading files.
    • C. Edge locations are used by CloudFront to distribute traffic across multiple instances to reduce latency.
    • D. Edge locations are used by CloudFront to distribute content to global users with low latency.
    Answer

    Correct answer: C

21. What are the change management tools that helps AWS customers audit and monitor all resource changes in their AWS environment? (Choose TWO)

    • A. AWS CloudTrail.
    • B. Amazon Comprehend.
    • C. AWS Transit Gateway.
    • D. AWS X-Ray.
    • E. AWS Config.
    Answer

    Correct answer: A, E

22. Which of the following services will help businesses ensure compliance in AWS?

    • A. CloudFront.
    • B. CloudEndure Migration.
    • C. CloudWatch.
    • D. CloudTrail.
    Answer

    Correct answer: D

23. What is the AWS service/feature that takes advantage of Amazon CloudFront’s globally distributed edge locations to transfer files to S3 with higher upload speeds?

    • A. S3 Transfer Acceleration.
    • B. AWS WAF.
    • C. AWS Snowmobile.
    • D. AWS Snowball.
    Answer

    Correct answer: A

24. Which AWS services can be used to improve the performance of a global application and reduce latency for its users? (Choose TWO)

    • A. AWS KMS.
    • B. AWS Global accelerator.
    • C. AWS Direct Connect.
    • D. AWS Glue.
    • E. Amazon CloudFront.
    Answer

    Correct answer: B, E

25. Using Amazon RDS falls under the shared responsibility model. Which of the following are customer responsibilities? (Choose TWO)

    • A. Building the relational database schema.
    • B. Performing backups.
    • C. Managing the database settings.
    • D. Patching the database software.
    • E. Installing the database software.
    Answer

    Correct answer: A, C

26. A company has a large amount of structured data stored in their on-premises data center. They are planning to migrate all the data to AWS, what is the most appropriate AWS database option?

    • A. Amazon DynamoDB.
    • B. Amazon SNS.
    • C. Amazon RDS.
    • D. Amazon ElastiCache.
    Answer

    Correct answer: C

27. A company has created a solution that helps AWS customers improve their architectures on AWS. Which AWS program may support this company?

    • A. APN Consulting Partners.
    • B. AWS TAM.
    • C. APN Technology Partners.
    • D. AWS Professional Services.
    Answer

    Correct answer: A

Section 3

4. A company is migrating its on-premises database to Amazon RDS. What should the company do to ensure Amazon RDS costs are kept to a minimum?

   • A. Right-size before and after migration.
   • B. Use a Multi-Region Active-Passive architecture.
   • C. Combine On-demand Capacity Reservations with Saving Plans.
   • D. Use a Multi-Region Active-Active architecture.
   Answer

   Correct answer: A

5. What is the primary storage service used by Amazon RDS database instances?

   • A. Amazon Glacier.
   • B. Amazon EBS.
   • C. Amazon EFS.
   • D. Amazon S3.
   Answer

   Correct answer: B

6. A company is developing a new application using a microservices framework. The new application is having performance and latency issues. Which AWS Service should be used to troubleshoot these issues?

   • A. AWS CodePipeline.
   • B. AWS X-Ray.
   • C. Amazon Inspector.
   • D. AWS CloudTrail.
   Answer

   Correct answer: B

7. Which of the following AWS services is designed with native Multi-AZ fault tolerance in mind? (Choose TWO)

   • A. Amazon Redshift.
   • B. AWS Snowball.
   • C. Amazon Simple Storage Service.
   • D. Amazon EBS.
   • E. Amazon DynamoDB.
   Answer

   Correct answer: C, E

8. What are the Amazon RDS features that can be used to improve the availability of your database? (Choose TWO)

   • A. AWS Regions.
   • B. Multi-AZ Deployment.
   • C. Automatic patching.
   • D. Read Replicas.
   • E. Edge Locations.
   Answer

   Correct answer: B, D

9. Using Amazon EC2 falls under which of the following cloud computing models?

   • A. Iaas & SaaS.
   • B. IaaS.
   • C. SaaS.
   • D. PaaS.
   Answer

   Correct answer: B

10. What is the AWS service that performs automated network assessments of Amazon EC2 instances to check for vulnerabilities?

    • A. Amazon Kinesis.
    • B. Security groups.
    • C. Amazon Inspector.
    • D. AWS Network Access Control Lists.
    Answer

    Correct answer: C

11. Under the Shared Responsibility Model, which of the following controls do customers fully inherit from AWS? (Choose TWO)

    • A. Patch management controls.
    • B. Database controls.
    • C. Awareness & Training.
    • D. Environmental controls.
    • E. Physical controls.
    Answer

    Correct answer: D, E

12. What are the connectivity options that can be used to build hybrid cloud architectures? (Choose TWO)

    • A. AWS Artifact.
    • B. AWS Cloud9.
    • C. AWS Direct Connect.
    • D. AWS CloudTrail.
    • E. AWS VPN.
    Answer

    Correct answer: C, E

13. What is the AWS data warehouse service that supports a high level of query performance on large amounts of datasets?

    • A. Amazon Redshift.
    • B. Amazon Kinesis.
    • C. Amazon DynamoDB.
    • D. Amazon RDS.
    Answer

    Correct answer: A

14. Which of the following should be considered when performing a TCO analysis to compare the costs of running an application on AWS instead of on-premises?

    • A. Application development.
    • B. Market research.
    • C. Business analysis.
    • D. Physical hardware.
    Answer

    Correct answer: D

15. How are AWS customers billed for Linux-based Amazon EC2 usage?

    • A. EC2 instances will be billed on one second increments, with a minimum of one minute.
    • B. EC2 instances will be billed on one hour increments, with a minimum of one day.
    • C. EC2 instances will be billed on one minute increments, with a minimum of one hour.
    • D. EC2 instances will be billed on one day increments, with a minimum of one month.
    Answer

    Correct answer: A

16. Which of the following will impact the price paid for an EC2 instance? (Choose TWO)

    • A. Instance type.
    • B. The Availability Zone where the instance is provisioned.
    • C. Load balancing.
    • D. Number of buckets.
    • E. Number of private IPs.
    Answer

    Correct answer: A, B

17. A company uses AWS Organizations to manage all of its AWS accounts. Which of the following allows the company to restrict what services and actions are allowed in each individual account?

    • A. IAM Principals.
    • B. AWS Service Control Policies (SCPs).
    • C. IAM policies.
    • D. AWS Fargate.
    Answer

    Correct answer: B

18. What are the benefits of using the Amazon Relational Database Service? (Choose TWO)

    • A. Lower administrative burden.
    • B. Complete control over the underlying host.
    • C. Resizable compute capacity.
    • D. Scales automatically to larger or smaller instance types.
    • E. Supports the document and key-value data structure.
    Answer

    Correct answer: A, C

19. What is the connectivity option that uses Internet Protocol Security (IPSec) to establish encrypted connectivity between an on-premises network and the AWS Cloud?

    • A. Internet Gateway.
    • B. AWS IQ.
    • C. AWS Direct Connect.
    • D. AWS Site-to-Site VPN.
    Answer

    Correct answer: D

20. A company has developed a media transcoding application in AWS. The application is designed to recover quickly from hardware failures. Which one of the following types of instance would be the most cost-effective choice to use?

    • A. Reserved instances.
    • B. Spot Instances.
    • C. On-Demand instances.
    • D. Dedicated instances.
    Answer

    Correct answer: B

21. Which AWS Service provides the current status of all AWS Services in all AWS Regions?

    • A. AWS Service Health Dashboard.
    • B. AWS Management Console.
    • C. Amazon CloudWatch.
    • D. AWS Personal Health Dashboard.
    Answer

    Correct answer: A

22. A company has hundreds of VPCs in multiple AWS Regions worldwide. What service does AWS offer to simplify the connection management among the VPCs?

    • A. VPC Peering.
    • B. AWS Transit Gateway.
    • C. Amazon Connect.
    • D. Security Groups.
    Answer

    Correct answer: B

23. Data security is one of the top priorities of AWS. How does AWS deal with old storage devices that have reached the end of their useful life?

    • A. AWS sells the old devices to other hosting providers.
    • B. AWS destroys the old devices in accordance with industry-standard practices.
    • C. AWS sends the old devices for remanufacturing.
    • D. AWS stores the old devices in a secure place.
    Answer

    Correct answer: B

Section 4

1. A developer needs to set up an SSL security certificate for a client’s eCommerce website in order to use the HTTPS protocol. Which of the following AWS services can be used to deploy the required SSL server certificates? (Choose TWO)

   • A. Amazon Route 53.
   • B. AWS ACM.
   • C. AWS Directory Service.
   • D. AWS Identity & Access Management.
   • E. AWS Data Pipeline.
   Answer

   Correct answer: A, B

2. Which of the following AWS services scale automatically without your intervention? (Choose TWO)

   • A. Amazon EC2.
   • B. Amazon S3.
   • C. AWS Lambda.
   • D. Amazon EMR.
   • E. Amazon EBS.
   Answer

   Correct answer: B, C

3. A company is planning to migrate an application from Amazon EC2 to AWS Lambda to use a serverless architecture. Which of the following will be the responsibility of AWS after migration? (Choose TWO)

   • A. Application management.
   • B. Capacity management.
   • C. Access control.
   • D. Operating system maintenance.
   • E. Data management.
   Answer

   Correct answer: B, D

4. How do ELBs improve the reliability of your application?

   • A. By distributing traffic across multiple S3 buckets.
   • B. By replicating data to multiple availability zones.
   • C. By creating database Read Replicas.
   • D. By ensuring that only healthy targets receive traffic.
   Answer

   Correct answer: D

5. Which of the following are use cases for Amazon S3? (Choose TWO)

   • A. Hosting static websites.
   • B. Hosting websites that require sustained high CPU utilization.
   • C. Cost-effective database and log storage.
   • D. A media store for the CloudFront service.
   • E. Processing data streams at any scale.
   Answer

   Correct answer: A, D

6. What is the benefit of using an API to access AWS Services?

   • A. It improves the performance of AWS resources.
   • B. It reduces the time needed to provision AWS resources.
   • C. It reduces the number of developers necessary.
   • D. It allows for programmatic management of AWS resources.
   Answer

   Correct answer: D

7. What does AWS Service Catalog provide?

   • A. It enables customers to quickly find descriptions and use cases for AWS services.
   • B. It enables customers to explore the different catalogs of AWS services.
   • C. It simplifies organizing and governing commonly deployed IT services.
   • D. It allows developers to deploy infrastructure on AWS using familiar programming languages.
   Answer

   Correct answer: C

8. For managed services like Amazon DynamoDB, which of the below is AWS responsible for? (Choose TWO)

   • A. Protecting credentials.
   • B. Logging access activity.
   • C. Patching the database software.
   • D. Operating system maintenance.
   • E. Creating access policies.
   Answer

   Correct answer: C, D

9. Which of the following AWS Services helps with planning application migration to the AWS Cloud?

   • A. AWS Snowball Migration Service.
   • B. AWS Application Discovery Service.
   • C. AWS DMS.
   • D. AWS Migration Hub.
   Answer

   Correct answer: B

10. A company is trying to analyze the costs applied to their AWS account recently. Which of the following provides them the most granular data about their AWS costs and usage?

    • A. Amazon Machine Image.
    • B. AWS Cost Explorer.
    • C. AWS Cost & Usage Report.
    • D. Amazon CloudWatch.
    Answer

    Correct answer: C

11. What are the benefits of implementing a tagging strategy for AWS resources? (Choose TWO)

    • A. Quickly identify resources that belong to a specific project.
    • B. Quickly identify software solutions on AWS.
    • C. Track API calls in your AWS account.
    • D. Quickly identify deleted resources and their metadata.
    • E. Track AWS spending across multiple resources.
    Answer

    Correct answer: A, E

12. What are AWS shared controls?

    • A. Controls that are solely the responsibility of the customer based on the application they are deploying within AWS services.
    • B. Controls that a customer inherits from AWS.
    • C. Controls that apply to both the infrastructure layer and customer layers.
    • D. Controls that the customer and AWS collaborate together upon to secure the infrastructure.
    Answer

    Correct answer: D

13. Which of the following AWS services can help you perform security analysis and regulatory compliance auditing? (Choose TWO)

    • A. Amazon Inspector.
    • B. AWS Virtual Private Gateway.
    • C. AWS Batch.
    • D. Amazon ECS.
    • E. AWS Config.
    Answer

    Correct answer: A, E

14. TYMO Cloud Corp is looking forward to migrating their entire on-premises data center to AWS. What tool can they use to perform a cost-benefit analysis of moving to the AWS Cloud?

    • A. AWS Cost Explorer.
    • B. AWS TCO Calculator.
    • C. AWS Budgets.
    • D. AWS Pricing Calculator.
    Answer

    Correct answer: B

15. Why do many startup companies prefer AWS over traditional on-premises solutions? (Choose TWO)

    • A. AWS allows them to pay later when their business succeed.
    • B. AWS can build complete data centers faster than any other Cloud provider.
    • C. Using AWS, they can reduce time-to-market by focusing on business activities rather than on building and managing data centers.
    • D. AWS removes the need to invest in operational expenditure.
    • E. Using AWS allows companies to replace large capital expenditure with low variable costs.
    Answer

    Correct answer: C, E

16. What are the benefits of using DynamoDB? (Choose TWO)

    • A. Automatically scales to meet required throughput capacity.
    • B. Provides resizable instances to match the current demand.
    • C. Supports both relational and non-relational data models.
    • D. Offers extremely low (single-digit millisecond) latency.
    • E. Supports the most popular NoSQL database engines such as CouchDB and MongoDB.
    Answer

    Correct answer: A, D

17. As part of the AWS Migration Acceleration Program (MAP), what does AWS provide to accelerate Enterprise adoption of AWS? (Choose TWO)

    • A. AWS Partners.
    • B. AWS Artifact.
    • C. AWS Professional Services.
    • D. Amazon Athena.
    • E. Amazon PinPoint.
    Answer

    Correct answer: A, C

18. AWS recommends some practices to help organizations avoid unexpected charges on their bill. Which of the following is NOT one of these practices?

    • A. Deleting unused EBS volumes after terminating an EC2instance.
    • B. Deleting unused AutoScaling launch configuration.
    • C. Deleting unused Elastic Load Balancers.
    • D. Releasing unused Elastic IPs after terminating an EC2instance.
    Answer

    Correct answer: B

19. When running a workload in AWS, the customer is NOT responsible for: (Select TWO)

    • A. Running penetration tests.
    • B. Reserving capacity.
    • C. Data center operations.
    • D. Auditing and regulatory compliance.
    • E. Infrastructure security.
    Answer

    Correct answer: C, E

20. One of the major advantages of using AWS is cost savings. What does AWS provide to reduce the cost of running Amazon EC2 instances?

    • A. Low monthly instance maintenance costs.
    • B. Low-cost instance tagging.
    • C. Per-second instance billing.
    • D. Low instance start-up fees.
    Answer

    Correct answer: C

21. Which AWS Group assists customers in achieving their desired business outcomes?

    • A. AWS Security Team.
    • B. AWS Professional Services.
    • C. AWS Trusted Advisor.
    • D. AWS Concierge Support Team.
    Answer

    Correct answer: B

Section 5

4. An AWS customer has used one Amazon Linux instance for 2 hours, 5 minutes and 9 seconds, and one CentOS instance for 4 hours, 23 minutes and 7 seconds. How much time will the customer be billed for?

   • A. 3 hours for the Linux instance and 5 hours for the CentOS instance.
   • B. 2 hours, 5 minutes and 9 seconds for the Linux instance and 4 hours, 23 minutes and 7 seconds for the CentOS instance.
   • C. 2 hours, 5 minutes and 9 seconds for the Linux instance and 5 hours for the CentOS instance.
   • D. 3 hours for the Linux instance and 4 hours, 23 minutes and 7 seconds for the CentOS instance.
   Answer

   Correct answer: C

5. Which of the following Amazon RDS features facilitates offloading of database read activity?

   • A. Database Snapshots.
   • B. Multi-AZ Deployments.
   • C. Automated Backups.
   • D. Read Replicas.
   Answer

   Correct answer: D

6. How does AWS notify customers about security and privacy events pertaining to AWS services?

   • A. Using the AWS ACM service.
   • B. Using Security Bulletins.
   • C. Using the AWS Management Console.
   • D. Using Compliance Resources.
   Answer

   Correct answer: B

7. Which of the following approaches will help you eliminate human error and automate the process of creating and updating your AWS environment?

   • A. Use Software test automation tools.
   • B. Use AWS CodeDeploy to build and automate your AWS environment.
   • C. Use code to provision and operate your AWS infrastructure.
   • D. Migrate all of your applications to a dedicated host.
   Answer

   Correct answer: C

8. The TCO gap between AWS infrastructure and traditional infrastructure has widened over the recent years. Which of the following could be the reason for that?

   • A. AWS helps customers invest more in capital expenditures.
   • B. AWS automates all infrastructure operations, so customers save more on human resources costs.
   • C. AWS continues to lower the cost of cloud computing for its customers.
   • D. AWS secures AWS resources at no additional charge.
   Answer

   Correct answer: C

9. Which of the following is a type of MFA device that customers can use to protect their AWS resources?

   • A. AWS CloudHSM.
   • B. U2F Security Key.
   • C. AWS Access Keys.
   • D. AWS Key Pair.
   Answer

   Correct answer: B

10. Which AWS Service helps enterprises extend their on-premises storage to AWS in a cost-effective manner?

    • A. AWS Data Pipeline.
    • B. AWS Storage Gateway.
    • C. Amazon Aurora.
    • D. Amazon EFS.
    Answer

    Correct answer: B

11. Which of the below options is true of Amazon Cloud Directory?

    • A. Amazon Cloud Directory allows the organization of hierarchies of data across multiple dimensions.
    • B. Amazon Cloud Directory enables the analysis of video and data streams in real time.
    • C. Amazon Cloud Directory allows users to access AWS with their existing Active Directory credentials.
    • D. Amazon Cloud Directory allows for registration and management of domain names.
    Answer

    Correct answer: A

12. A user has opened a “Production System Down” support case to get help from AWS Support after a production system disruption. What is the expected response time for this type of support case?

    • A. 12 hours.
    • B. 15 minutes.
    • C. 24 hours.
    • D. One hour.
    Answer

    Correct answer: D

13. Which of the following should be taken into account when performing a TCO analysis regarding the costs of running an application on AWS VS on-premises? (Choose TWO)

    • A. Labor and IT costs.
    • B. Cooling and power consumption.
    • C. Amazon EBS computing power.
    • D. Software architecture.
    • E. Software compatibility.
    Answer

    Correct answer: A, B

14. Which of the following AWS offerings are serverless services? (Choose TWO)

    • A. Amazon EC2.
    • B. AWS Lambda.
    • C. Amazon DynamoDB.
    • D. Amazon EMR.
    • E. Amazon RDS.
    Answer

    Correct answer: B, C

15. Which AWS service enables you to quickly purchase and deploy SSL/TLS certificates?

    • A. Amazon GuardDuty.
    • B. AWS ACM.
    • C. Amazon Detective.
    • D. AWS WAF.
    Answer

    Correct answer: B

16. Which AWS Service provides integration with Chef to automate the configuration of EC2 instances?

    • A. AWS Config.
    • B. AWS OpsWorks.
    • C. AutoScaling.
    • D. AWS CloudFormation.
    Answer

    Correct answer: B

17. Which of the following services can be used to monitor the HTTP and HTTPS requests that are forwarded to Amazon CloudFront?

    • A. AWS WAF.
    • B. Amazon CloudWatch.
    • C. AWS Cloud9.
    • D. AWS CloudTrail.
    Answer

    Correct answer: B

18. When granting permissions to applications running on Amazon EC2 instances, which of the following is considered best practice?

    • A. Generate new IAM access keys every time you delegate permissions.
    • B. Store the required AWS credentials directly within the application code.
    • C. Use temporary security credentials (IAM roles) instead of long-term access keys.
    • D. Do nothing; Applications that run on Amazon EC2 instances do not need permission to interact with other AWS services or resources.
    Answer

    Correct answer: C

19. An organization has a legacy application designed using monolithic-based architecture. Which AWS Service can be used to decouple the components of the application?

    • A. Amazon SQS.
    • B. Virtual Private Gateway.
    • C. AWS Artifact.
    • D. Amazon CloudFront.
    Answer

    Correct answer: A

20. What should you do if you see resources, which you don’t remember creating, in the AWS Management Console? (Choose TWO)

    • A. Stop all running services and open an investigation.
    • B. Give your root account password to AWS Support so that they can assistin troubleshooting and securing the account.
    • C. Check the AWS CloudTrail logs and delete all IAM users that have access to your resources.
    • D. Open an investigation and delete any potentially compromised IAM users.
    • E. Change your AWS root account password and the passwords of any IAM users.
    Answer

    Correct answer: D, E

21. A key practice when designing solutions on AWS is to minimize dependencies between components so that the failure of a single component does not impact other components. What is this practice called?

    • A. Elastic coupling.
    • B. Loosely coupling.
    • C. Scalable coupling.
    • D. Tightly coupling.
    Answer

    Correct answer: B