1. A company has infrastructure in one AWS Region and is expanding operations to a second AWS Region. The company is using the same AWS CloudFormation template in the second Region that the company uses in the original Region. The company attempts to launch Amazon EC2 OnDemand Instances in the second Region and receives error messages. What could cause these error messages? Show
A. A new EC2 key pair has not been created for the EC2 instances. Reveal Answer: A 2. Which of the following is a software development framework that a company can use to define cloud resources as code and provision the resources through AWS CloudFormation? A. AWS CLI Reveal Answer: C 3. Which options are available to a user who wants to contact AWS Support? (Choose two.) A. Create an email case in the AWS Support Center. Reveal Answer: C D 4. A global company is building a simple time-tracking mobile app. The app needs to operate globally and must store collected data in a database. Data must be accessible from the AWS Region that is closest to the user. What should the company do to meet these data storage requirements with the LEAST amount of operational overhead? A. Use Amazon EC2 in multiple Regions to host separate databases. Reveal Answer: C 5. A company plans to store sensitive data in an Amazon S3 bucket. Which task is the responsibility of AWS? A. Activate encryption at rest for the data. Reveal Answer: A 6. A company needs a firewall that will control network connections to and from a single Amazon EC2 instance. This firewall will not control network connections to and from other instances that are in the same subnet. Which AWS service or feature can the company use to meet these requirements? A. Network ACL Reveal Answer: D 7. Which of the following are AWS Trusted Advisor support categories? (Choose two.) A. Operational excellence Reveal Answer: B C 8. Which of the following is entirely the responsibility of AWS, according to the AWS shared responsibility model? A. Patching of the guest operating system Reveal Answer: C 9. Which AWS service can be used to decouple applications? A. AWS Config Reveal Answer: B 10. A financial services company wants to ensure that its AWS account activity is logged to meet regulatory requirements for logging, auditing, and governance. Which AWS service meets these requirements? A. AWS CloudTrail Reveal Answer: A 11. A company implements an Amazon EC2 Auto Scaling policy along with an Application Load Balancer to automatically recover unhealthy applications that run on Amazon EC2 instances. Which pillar of the AWS Well-Architected Framework does this action cover? A. Security Reveal Answer: D 12. A retail company needs to build a highly available architecture for a new ecommerce platform. The company is using the only AWS services that replicate data across multiple Availability Zones. Which AWS services should the company use to meet this requirement? (Choose two.) A. Amazon EC2 Reveal Answer: C D 13. Which AWS service uses edge locations? A. Amazon Aurora Reveal Answer: B 14. A company wants to deploy some of its resources in the AWS Cloud. To meet regulatory requirements, the data must remain local and on premises. There must be low latency between AWS and the company resources. Which AWS service or feature can be used to meet these requirements? A. AWS Local Zones Reveal Answer: C 15. What is the LEAST expensive AWS Support plan that provides a designated AWS technical account manager (TAM)? A. AWS Developer Support Reveal Answer: B 16. Which AWS service or feature enables users to encrypt data at rest in Amazon S3? A. IAM policies Reveal Answer: A 17. A company is moving multiple applications to a single AWS account. The company wants to monitor the AWS Cloud costs incurred by each application. What can the company do to meet this requirement? A. Set up invoiced billing. Reveal Answer: D 18. A company is based in the us-east-1 Region and has a satellite office in the eu-west-2 Region. The company wants to use Amazon WorkSpaces to host its internal web portal and virtual desktops for employees. What should the company do to minimize latency and ensure the best possible performance for employees? A. Deploy the internal web portal and virtual desktops to us-east-1 only. Use an Amazon CloudFront distribution for the users in eu-west-2. Reveal Answer: B 19. A company is considering a move to the AWS Cloud. The company wants to be able to scale its compute resources as needed to accommodate changing loads. Which benefit of the AWS Cloud does this scenario describe? A. Global deployments in minutes Reveal Answer: D 20. A company runs its workloads on premises. The company wants to forecast the cost of running a large application on AWS. Which AWS service or tool can the company use to obtain this information? A. AWS Pricing Calculator Reveal Answer: D 21. A company wants to provide managed Windows virtual desktops and applications to its remote employees over secure network connections. Which AWS services can the company use to meet these requirements? (Choose two.) A. Amazon Connect Reveal Answer: C D 22. Which of the following is a managed AWS service that is used specifically for extract, transform, and load (ETL) data? A. Amazon Athena Reveal Answer: B 23. Which AWS service is always free of charge for users? A. Amazon S3 Reveal Answer: C 24. Which AWS services can be used to store files? (Choose two.) A. Amazon S3 Reveal Answer: A C E 25. How does consolidated billing help reduce costs for a company that has multiple AWS accounts? A. It aggregates usage across accounts so that the company can reach volume discount thresholds sooner. Reveal Answer: A 26. Which AWS service or feature can be used to find availability status information on all AWSservices? A. AWS Personal Health Dashboard Reveal Answer: C 27. Which AWS service or feature provides users with recommendations for common billing questions? A. AWS Marketplace Reveal Answer: B 28. A company wants to distribute its incoming traffic across multiple Amazon EC2 instances. Which AWS service or feature should be used to meet this requirement? A. Amazon Virtual Private Cloud (Amazon VPC) Reveal Answer: B 29. Which disaster recovery option is the LEAST expensive? A. Warm standby Reveal Answer: C 30. A company uses a database that has a simple sign-up page to create users, and a basic login form to authenticate users so they can access the database. The company wants to give users the ability to store personal information, but the user access must be controlled in a more secure and reliable way. Which AWS service or feature will meet these requirements? A. Security groups Reveal Answer: A 31. Which pillar of the AWS Well-Architected Framework focuses on the ability to run workloads effectively, gain insight into operations, and continuously improve supporting processes and procedures? A. Cost optimization Reveal Answer: C 32. Which AWS benefit is demonstrated by on-demand technology services that enable companies to replace upfront fixed expenses with variable expenses? A. High availability Reveal Answer: C 33. A large organization has a single AWS account. What are the advantages of reconfiguring the single account into multiple AWS accounts? (Choose two.) A. It allows for administrative isolation between different workloads. Reveal Answer: A C 34. An online retail company recently deployed a production web application. The system administrator needs to block common attack patterns such as SQL injection and cross-site scripting. Which AWS service should the administrator use to address these concerns? A. AWS WAF Reveal Answer: A 35. What does Amazon CloudFront provide? A. Automatic scaling for all resources to power an application from a single unified interface Reveal Answer: B 36. Which phase describes agility as a benefit of building in the AWS Cloud? A. The ability to pay only when computing resources are consumed, based on the volume of resources that are consumed Reveal Answer: C 37. A company is undergoing a security audit. The audit includes security validation and compliance validation of the AWS infrastructure and services that the company uses. The auditor needs to locate compliance-related information and must download AWS security and compliance documents. These documents include the System and Organization Control (SOC) reports. Which AWS service or group can provide these documents? A. AWS Abuse team Reveal Answer: B 38. Which AWS Trusted Advisor checks are available to users with AWS Basic Support? (Choose two.) A. Service limits Reveal Answer: A C 39. A company has a centralized group of users with large file storage requirements that have exceeded the space available on premises. The company wants to extend its file storage capabilities for this group while retaining the performance benefit of sharing content locally. What is the MOST operationally efficient AWS solution for this scenario? A. Create an Amazon S3 bucket for each user. Mount each bucket by using an S3 file system mounting utility. Reveal Answer: B 40. Which network security features are supported by Amazon VPC? (Choose two.) A. Network ACLs Reveal Answer: A D 41. A company wants to build a new architecture with AWS services. The company needs to compare service costs at various scales. Which AWS service, tool, or feature should the company use to meet this requirement? A. AWS Compute Optimizer Reveal Answer: B 42. An Elastic Load Balancer allows the distribution of web traffic across multiple: A. AWS Regions. Reveal Answer: B 43. Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity? A. Agility Reveal Answer: B 44. Which AWS services make use of global edge locations? (Choose two.) A. AWS Fargate Reveal Answer: B C 45. Which of the following are economic benefits of using AWS Cloud? (Choose two.) A. Consumption-based pricing Reveal Answer: A C 46. A company is using Amazon EC2 Auto Scaling to scale its Amazon EC2 instances. Which benefit of the AWS Cloud does this example illustrate? A. High availability Reveal Answer: B 47. A company is running and managing its own Docker environment on Amazon EC2 instances. The company wants to alternate to help manage cluster size, scheduling, and environment maintenance. Which AWS service meets these requirements? A. AWS Lambda Reveal Answer: C 48. A company hosts an application on an Amazon EC2 instance. The EC2 instance needs to access several AWS resources, including Amazon S3 and Amazon DynamoDB. What is the MOST operationally efficient solution to delegate permissions? A. Create an IAM role with the required permissions. Attach the role to the EC2 instance. Reveal Answer: A C 49. Who is responsible for managing IAM user access and secret keys according to the AWS shared responsibility model? A. IAM access and secret keys are static, so there is no need to rotate them. Reveal Answer: B 50. A company is running a Microsoft SQL Server instance on premises and is migrating its application to AWS. The company lacks the resources needed to refactor the application, but management wants to reduce operational overhead as part of the migration. Which database service would MOST effectively support these requirements? A. Amazon DynamoDB Reveal Answer: D 51. A company wants to increase its ability to recover its infrastructure in the case of a natural disaster. Which pillar of the AWS Well-Architected Framework does this ability represent? A. Cost optimization Reveal Answer: C 52. Which AWS service provides the capability to view end-to-end performance metrics and troubleshoot distributed applications? A. AWS Cloud9 Reveal Answer: D 53. Which tasks require use of the AWS account root user? (Choose two.) A. Changing an AWS Support plan Reveal Answer: A E 54. Which of the following describes AWS Local Zones? A. A cluster of data centers in one geographic location Reveal Answer: C 55. Which AWS service or feature is highly available by default? A. Amazon EC2 Reveal Answer: D 56. A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access. What should the company use to access instances remotely instead of opening inbound SSH ports and managing SSH keys? A. EC2 key pairs Reveal Answer: B 57. A user needs the ability to access as many resources as are needed. The user also needs the ability to scale up and scale down with only a few minutes of notice. Which benefit of the AWS Cloud describes these abilities? A. Reliability Reveal Answer: C 58. Which task is an AWS responsibility when a workload is running in Amazon RDS? A. Creating the database table Reveal Answer: C 59. A company is building a mobile app to provide shopping recommendations to its customers. The company wants to use a graph database as part of the shopping recommendation engine. Which AWS database service should the company choose? A. Amazon DynamoDB Reveal Answer: C 60. Which duty is a responsibility of AWS under the AWS shared responsibility model? A. Identity and access management (IAM) Reveal Answer: D 61. Which AWS service allows users to provision resources using a consistent and repeatable process? A. AWS Systems Manager Reveal Answer: B 62. A company has an application workload that is stateless be design and can sustain occasional downtime. The application performs massively parallel computations. Which Amazon EC2 pricing model should the company choose for its application to reduce cost? A. On-Demand Instances Reveal Answer: B 63. A company wants to establish a private network connection between AWS and its corporate network. Which AWS service or feature will meet this requirement? A. Amazon Connect Reveal Answer: C 64. According to the AWS shared responsibility model, the customer is responsible for applying the latest security updates and patches for which of the following? A. Amazon DynamoDB Reveal Answer: B 65. Which AWS service is a relational database compatible with MySQL and PostgreSQL? A. Amazon Redshift Reveal Answer: C 68. Which AWS service should a company use to continuously monitor the compliance of AWS resource configurations? Which of the following aspects of security are managed by AWS?AWS provides services that help you protect your data, accounts, and workloads from unauthorized access. AWS data protection services provide encryption capabilities, key management, and sensitive data discovery to help you protect your data and workloads.
What are the security aspects that the AWS customer is responsible for Choose two?Customers are responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply the appropriate permissions.
Which of the following controls are managed by AWS?The following are examples of controls that are managed by AWS, AWS customers, or both. Inherited Controls – Controls that a customer fully inherits from AWS. Shared Controls – Controls that apply to both the infrastructure layer and customer layers, but in separate contexts or perspectives.
Which of the following security requirements are managed by AWS select 3 answers from the options given below?The responsibility of AWS includes the following 1) Securing edge locations 2) Monitoring physical device security 3) Implementing service organization Control (SOC) standards.
|