A0ECA98E8ED1ECBB812B65DFB463BAFBQUESTION 286What are the advantages of the AWS Cloud? (Choose two.)A.Fixed rate monthly costB.No need to guess capacity requirementsC.Increased speed to marketD.Increased upfront capital expenditureE.Physical access to cloud data centersCorrect Answer:BCSection: (none)ExplanationExplanation/Reference:Reference:QUESTION 287When comparing the total cost of ownership (TCO) of an on-premises infrastructure to a cloud architecture,what costs should be considered? (Choose two.)A.The credit card processing fees for application transactions in the cloud.B.The cost of purchasing and installing server hardware in the on-premises data.C.The cost of administering the infrastructure, including operating system and software installations,patches, backups, and recovering from failures.D.The costs of third-party penetration testing.E.The advertising costs associated with an ongoing enterprise-wide campaign.Correct Answer:BCSection: (none)ExplanationExplanation/Reference:Reference:QUESTION 288Which AWS feature allows a company to take advantage of usage tiers for services across multiplemember accounts? Show
Recommended textbook solutions
Information Technology Project Management: Providing Measurable Organizational Value5th EditionJack T. Marchewka 346 solutions
Introduction to Algorithms3rd EditionCharles E. Leiserson, Clifford Stein, Ronald L. Rivest, Thomas H. Cormen 726 solutions
Computer Organization and Design MIPS Edition: The Hardware/Software Interface5th EditionDavid A. Patterson, John L. Hennessy 220 solutions Information Technology Project Management: Providing Measurable Organizational Value5th EditionJack T. Marchewka 346 solutions Upgrade to remove ads Only ₩37,125/year
Terms in this set (165)EC2 Instance Virtual Server EC2 Image A software bundle that was built from a template definition and made available within a single AWS Region. EC2 Instance Type ... You only want to manage applications and data. Which type of cloud computing models should you use? Platform as a service Pricing model of cloud computing? Pay-as-you-go pricing Availability Zones Which Global Infrastructure identity is composed of one or more discrete data centers with redundant power, networking, and connectivity, and are used to deploy infrastructure? Which are the three pricing fundamentals of the AWS cloud? Compute, Storage, and data transfer out of the AWS cloud What are the options of a point of consideration when choosing an AWS Region? Compliance with data governance What are AWS regions composed of? Two or more availability zones Which of the following services has a global scope? IAM is a global service (encompasses all regions) What defines the distribution responsibilities for security in the AWS cloud? Shared Responsibility Model What is a proper definition of IAM Roles? An IAM entity that defines a set of permissions for making AWS service requests, that will be used by AWS services Which of the following is an IAM Security tool? IAM Credentials Report What are IAM Policies? JSON documents to define Users, Groups or Roles' permissions IAM Access Advisor Shows the service permissions granted to a user and when those services were last accessed. True statement The AWS CLI can interact with AWS using commands in your command line shell, while the AWS SDK can interact with AWS programmatically What's principle should you apply regarding IAM Permissions? Grant lease privilege What should you do to increase your root account security? Enable Multi-Factor Authentication (MFA) Which CloudWatch feature would you use to trigger notifications when a metric reaches a threshold you specify? CloudWatch Alarms CloudWatch Alarms Used to trigger notifications for any metric Which AWS service helps developers analyze and debug production as well as distributed applications? X-Ray X-Ray Helps developers analyze and debug production, distributed applications, such as those built using a micro services architecture. Which AWS service provides alerts and remediation guidance when AWS is experiencing events that may impact you? Personal Health Dashboard You need to setup metrics monitoring for every service in AWS. What service would you use? CloudWatch CloudWatch A monitoring service to monitor AWS resources as well as the applications that run on AWS. You can use CloudWatch to collect an d track metrics, collect and monitor log files, and set alarms. What cloud monitoring feature can you use to detect unusual activity in your account such as inaccurate resource provisikinoing or hitting service limits? CloudTrail Insights CloudTrail Insights Helps AWS users identify and respond to unusual activity associated with write API calls by continuously analyzing CloudTrail management events. Which service allows you to inspect, audit, and record events and API calls made within your AWS account? CloudTrail CloudTrail A web service that records activity made on your account and delivers log files to your Amazon S3 bucket. AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. Which AWS service automatically analyzes code and provides performance recommendations? CodeGuru CodeGuru Amazon CodeGuru is a developer tool that provides intelligent recommendations to improve code quality and identify an application's most expensive lines of code. How would you describe Amazon CloudWatch Logs? A single, highly scalable service that centralizes the logs from all of your systems, applications, and AWS services that you use If a resource is deleted in AWS, which service should you use to investigate first? CloudTrail CloudTrail CloudTrail can record the history of events/API calls made within you AWS account, which will help determine who or what deleted the resource. You should investigate it first. Your private subnets need to connect to the Internet while still remaining private. Which AWS-managed VPC component allows you to do this? NAT Gateways NAT Gateway Allow your instances in your private subnets to access the Internet while remaining private, and are managed by AWS. Which type of firewall has both ALLOW and DENY rules and operates at the subnet level? Network Access Control List (NACL) Network Access Control List (NACL) A network access control list (NACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. They have both ALLOW and DENY rules. You would like to connect hundreds of VPCs and your on-premises data centers together. Which AWS service allows you to do link all these together efficiently? Transit Gateway Transit Gateway Connects thousands of VPC and on-premises networks together in a single gateway. A company needs two VPCs to communicate with each other. What can they use? VPC Peering VPC Peering VPC Peering connection is a networking connection between two VPCs using AWS' network. NAT Instance Allow your instances in your private subnets to access the Internet while remaining private, and are managed by you. You need a logically isolated section of AWS, where you can launch AWS resources in a private network that you define. What should you use? VPC (Virtual Private Cloud) VPC (Virtual Private Cloud) A virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS Cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC. A company needs to have a private, secure, and fast connection between its on-premises data centers and the AWS Cloud. Which connection should they use? AWS Direct Connect AWS Direct Connect A cloud service solution that makes it easy to establish a dedicated private network connection from your premises to AWS. Your VPC needs to connect with the Internet. Which VPC component can help? Internet Gateway Internet Gateway A horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet. Data sitting on an RDS instance would be referred to as? Data at rest Data at rest Data at rest means data stored or archived on a device. According to the Shared Responsibility Model, who is responsible for firewall and network configuration for EC2 Instances? The customer Which of the following services can you use to discover and protect your sensitive data in AWS? Macie Macie Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS, such as personally identifiable information (PII) or intellectual property. Which AWS service lets you quickly find the root of potential security issues to take faster actions? Detective Detective Amazon Detective makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. A company would like to protect its web applications from common web exploits that may affect availability, compromise security, or consume excessive resources. Which AWS service should they use? AWS WAF - Web Application Firewall AWS WAF - Web Application Firewall AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. Where can you find on-demand access to AWS compliance documentation and AWS agreements? AWS Artifact AWS Artifact AWS Artifact is your go-to, central resource for compliance-related information that matters to you. True or false: False You want to record configurations and changes over time. Which service allows you to do this? AWS Config AWS Config AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. A company would like to secure network communications using SSL & TLS certificates. Which AWS service can it use? AWS Certificate Manager (ACM) According to the Shared Responsibility Model, who is responsible for Patch Management? Customer & AWS You want to centrally automate security checks across several AWS accounts. Which AWS service can you use? AWS Security Hub AWS Security Hub AWS Security Hub provides you with a comprehensive view of your security state within AWS and your compliance with security standards and best practices. Which of the following services is managed by AWS and is used to manage encryption keys? AWS KMS A company would like to automate security on EC2 instances to assess security and vulnerabilities in these instances. Which AWS service should it use? Amazon Inspector Amazon Inspector Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It helps you test the network accessibility of your Amazon EC2 instances and the security state of your applications running on the instances. What actions can only the root user do? By default, only the root user can: Which AWS service's ONLY role is to safeguard running applications from DDoS attacks? Shield Which service is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads? Amazon GuardDuty When should you contact the AWS Abuse Team? The situations where you should contact the AWS Abuse team are: Spam, Port scanning, DoS or DDoS attacks, Intrusion attempts, Hosting objectionable or copyrighted content, Distributing malware. Amazon Transcribe An AWS service that makes it easy for customers to convert speech-to-text. Amazon Polly A service that turns text into lifelike speech A company would like to implement a chatbot that will convert speech-to-text and recognize the customers' intentions. What service should it use? Amazon Lex You would like to find objects, people, text, or scenes in images and videos. What AWS service should you use? Amazon Rekognition A start-up would like to rapidly create customized user experiences. Which AWS service can help? Amazon Personalize A research team would like to group articles by topics using Natural Language Processing (NLP). Which service should they use? Comprehend A developer would like to build, train, and deploy a machine learning model quickly. Which service can he use? Amazon SageMaker Which of the following services is a document search service powered by machine learning? Kendra Which tool allows you to centrally manage all users and roles permissions in your organization? Service control policies (SCPs) You would like to automatically set up and govern a secure multi-account AWS environment with best practices for your organization. Which AWS tool can you use? Control Tower Control Tower The easiest way to set up and govern a new, secure, multi-account AWS environment. It establishes a landing zone that is based on best-practices blueprints, and enables governance using guardrails you can choose from a pre-packaged list. Service control policies (SCPs) A type of organization policy that you can use to manage permissions in your organization. An SCP spans all IAM users, groups, and roles, including the AWS account root user. A company would like recommendations regarding its performance, security, and fault tolerance. What can it use? Trusted Advisor What is the most cost-effective option to have 24x7 phone, email, and chat support? Business Support Plan Basic Support Plan 24/7 access to customer service, documentation, whitepapers, and support forums Developer support plan Business hours email access to cloud support associates Trusted Advisor An online tool that provides you real time guidance to help you provision your resources following AWS best practices, including performance, security, and fault tolerance, but also cost optimization and service limits. Business support plan Used if you have production workloads What can you use to estimate the cost of your architecture solution? The AWS Simple Monthly Calculator/ Pricing Calculator Enterprise support plan 24/7 What can you use to get alerts when your costs and usage are exceeding or are forecasted to exceed your budgeting amount? Budgets Budgets Gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount. Difference with CloudWatch Billing Alarms: CloudWatch Billing Alarms only send alerts when your costs and usage are exceeding your budget, not when it is forecasted to exceed your budget, while AWS Budgets does both. A company would like to choose the best Savings Plan and forecast its cost in the next 3 months. Which AWS service can help? Cost Explorer Cost Explorer Can be used to forecast usage up to 12 months based on the previous usage. It can also be used to choose an optimal Savings Plan. Has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. Which of the following options uses machine learning to recommend optimal AWS resources and therefore reduces costs? Compute Optimizer Compute Optimizer Recommends optimal AWS resources for your workloads to reduce costs and improve performance by using machine learning to analyze historical utilization metrics. Which services are free to use in AWS? IAM, VPC, Consolidated Billing, and
Elastic Beanstalk True or False False Pricing Factors in S3 Storage class, Object size, Types of request, outbound transfer True
or False True EBS Pricing Factors The added data storage by EBS Snapshots are added cost in GB per month to EBS pricing. Other EBS pricing factors are: Volume type, Provisioned storage volume, IOPS, etc. Which of the following options can provide up to 66% discount compared to On-demand for a commitment to a consistent amount of usage for 1 or 3 years and offers the possibility to change EC2 instances family type? Compute Savings Plans Compute Savings Plans Provide the most flexibility and help to reduce your costs by up to 66% in exchange for a commitment to a consistent amount of usage for a 1 or 3 year term. These plans automatically apply to EC2 instance usage regardless of instance family, size, AZ, region, OS or tenancy, and also apply to Fargate or Lambda usage. On Demand Instances No long-term commitments or upfront payments. Increase or decrease your compute capacity depending on the demands of your app and only pay the specified hourly rate for the instances you use. With Linux EC2
instances, you pay per second of compute capacity. There is also a minimum of 60s of use. Reserved Instances Up to 75% discount compared to On-Demand instance pricing Spot Instances Up to 90% compared to on demand Ec2 Savings Plan Up to 72% compared to on-demand Which pricing model allows you to minimize risks, predictably manage budgets, and comply with long-term requirements, and is available for EC2, DynamoDB, ElastiCache, RDS, and Redshift? Reserve Which of the following services can help you manage multiple AWS accounts? Organizations Security Token Service (STS) A web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users). A company just created a new mobile application and wants to add a simple and secure user sign-up, sign-in, and access control. Which AWS service can it use? Cognito Cognito Lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. Directory Service Makes it easy for you to setup and run directories in the AWS cloud, or connect your AWS resources with an existing on-premises Microsoft Active Directory. A company would like to centrally manage access to multiple AWS accounts and business applications. Which service can it use? Single sign on (SSO) You would like to convert an S3 file so it can be played on users' devices. Which AWS service can help? Elastic Transcoder Which AWS service can be used to test your application across real desktop browsers and mobile devices? Device Farm A company would like to create 3D applications for its customers. Which AWS service can it use? Sumerian Which AWS service is serverless and lets you connect billions of devices to the AWS Cloud? IoT Core AWS Backup A centralized backup service that makes it easy and cost-effective for you to backup your application data across AWS services in the AWS Cloud. CloudEndure Disaster Recovery Minimizes downtime and data loss by providing fast, reliable recovery into AWS of your physical, virtual, and cloud-based servers. You would like to access desktop applications through a browser. Which AWS service would you use? App Stream 2.0 Amazon WorkSpaces A fully managed, secure cloud desktop service. You can use Amazon WorkSpaces to provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe. A hybrid company would like to provision desktops to their employees so they can access securely both the AWS Cloud and their data centers. Which AWS service can help? Amazon WorkSpaces AWS Well-Architected Tool Helps you review the state of your workloads and compares them to the latest AWS architectural best practices. It is based on the 5 pillars of the Well-Architected Framework (Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization). Performance Efficiency design principles Democratize advanced technologies, go global in minutes, use serverless architecture, experiment more often, mechanical sympathy. AWS Partner Network APN Technology Partners Auto Scaling in EC2 and DynamoDB are examples of? Horizontal scaling Design principles of Reliability. Testing recovery procedures, stopping guessing capacity, and managing changes in automation Horizontal Scaling Provision additional resources to function together as one unit such as aiding additional VMs Which of the following options is NOT a vertical scaling limit? Better fault tolerance Vertical Scaling When you increase the capacity of an existing resource, like adding additional CPUs or memory to VMs AWS Compute Optimizer delivers recommendations for what AWS resources? EC2 instances, EC2 Auto Scaling groups, EBS volumes, and Lambda functions Which of the following options are the benefits of using AWS Elastic Load Balancing (ELB)? (Select TWO) High availability Systems Manager Allows you to centralize operational data from multiple AWS services and automate tasks across your AWS resources. Free Services in AWS IAM Elastic Beanstalk It is a Platform as a Service (PaaS) which allows you to deploy and scale web applications and servicesMakes it even easier for developers to quickly deploy and manage applications in the AWS Cloud. Developers simply upload their application, and Elastic Beanstalk automatically handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring. A Cloud Practitioner would like to get operational insights of its resources to quickly identify any issues that might impact applications using those resources. Which AWS service can help with this task? Systems Manager An IT company wants to run a log backup process every Monday at 2 AM. The usual runtime of the process is 5 minutes. As a Cloud Practitioner, which AWS services would you recommend to build a serverless solution for this use-case? (Select two) CloudWatch An IT company is on a cost-optimization spree and wants to identify all EC2 instances that are under-utilized. Which AWS services can be used to address this use-case? (Select two) Trusted Adviser and Cost Explorer AWS Storage Gateway AWS Storage Gateway is a hybrid cloud storage service that connects your existing on-premises environments with the AWS Cloud. Container service Fargate What is the primary benefit of deploying an RDS database in a Read Replica configuration? Read Replicas improve database scalability. Read Replicas allow you to create read-only copies that are synchronized with your master database. Read Replicas are used for improved read performance. You can also place your read replica in a different AWS Region closer to your users for better performance. Read Replicas are an example of horizontal scaling of resources. Amazon Relational Database Service (Amazon RDS) Makes it easy to set up, operate, and scale a relational database in the cloud. Which pillar of the AWS Well-Architected Framework recommends maintaining infrastructure as code? Operational Excellence A financial services company wants to ensure that its AWS account activity meets the governance, compliance and auditing norms. As a Cloud Practitioner, which AWS service would you recommend for this use-case? CloudTrail The DevOps team at an e-commerce company is trying to debug performance issues for its serverless application built using a microservices architecture. As a Cloud Practitioner, which AWS service would you recommend addressing this use-case? X-Ray
Which of the following AWS Support plans provides access to online training with self-paced labs? Enterprise Which of the following AWS services are part of the AWS Foundation services for the Reliability pillar of the Well-Architected Framework in AWS Cloud? (Select two) AWS Service Quotas Which AWS service can help you analyze your infrastructure to identify unattached or underutilized EBS volumes? Trusted Advisor Which of the following options is NOT a feature of Amazon Inspector? Tracking Configuration Changes Data encryption is automatically enabled for which of the following AWS services?
Storage Gateway A silicon valley based healthcare startup stores anonymized patient health data on Amazon S3. The CTO further wants to ensure that any sensitive data on S3 is discovered and identified. As a Cloud Practitioner, which AWS service would you recommend addressing this use-case? Amazon Macie Which AWS service can be used to automate code deployment to EC2 instances as well as on-premises instances? CodeDepoly Which AWS service can be used to review the compliance and governance-related documents on AWS? Artifact A developer would like to automate operations on his on-premises environment using Chef and Puppet. Which AWS service can help with this task? AWS OpsWorks Which of the following AWS services offer block-level storage? (Select two) EBS An intern at an IT company provisioned a Linux based On-demand EC2 instance with per-second billing but terminated it within 30 seconds as he wanted to provision another instance type. What is the duration for which the instance would be charged? 60 seconds Which AWS service would you choose for a data processing project to store unstructured data? Dynamo DB AWS Organizations provides which of the following benefits? (Select two) Volume discounts for Amazon EC2 and Amazon S3 aggregated across the member AWS accounts A company would like to separate cost for AWS services by the department for cost allocation. Which of the following is the simplest way to achieve this task? Create tags for each department Students also viewedC849180 terms aclacoste Account Management, Billing & Support Quiz17 terms Aish_Paish AWS Cloud Practioner Practice Exam65 terms captainaleks AWS Cloud Practitioner Exam #265 terms takaj98 Other sets by this creatorAWS Summaries191 terms A_J42 AWS Practice Exam Questions6 terms A_J42 Azure 900 Test Prep78 terms A_J42 AWS Certified Cloud Practitioner Intro19 terms A_J42 Recommended textbook solutionsInformation Technology Project Management: Providing Measurable Organizational Value5th EditionJack T. Marchewka 346 solutions
Introduction to Algorithms3rd EditionCharles E. Leiserson, Clifford Stein, Ronald L. Rivest, Thomas H. Cormen 726 solutions
Computer Organization and Design MIPS Edition: The Hardware/Software Interface5th EditionDavid A. Patterson, John L. Hennessy 220 solutions Service Management: Operations, Strategy, and Information Technology7th EditionJames Fitzsimmons, Mona Fitzsimmons 103 solutions Which AWS service allows user to identify the changes made to a resource over time?AWS Config is a service that continuously tracks and evaluates the configuration changes of your AWS resources. It provides you with a Resource Timeline which helps you to investigate and audit how the resources and their relationships change over time.
Which AWS service can be used to track resource changes?You can use AWS CloudTrail to track which users are changing your AWS resources and infrastructure. CloudTrail is turned on by default for your AWS account. For an ongoing record of events in your AWS account, create a trail.
Which AWS feature allows a company to take advantage of usage tiers for services across multiple member accounts?You can use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts or multiple Amazon Internet Services Pvt.
Which AWS service allows clients to audit and monitor AWS resource changes?AWS Config continually assesses, audits, and evaluates the configurations and relationships of your resources.
|