CYBER SECU CMIT 326 Cloud Technologies. Final Exam .FOR AMAZON WEB SERVICES. 100 Questions

Document Content and Description Below

University of Maryland, University College CYBER SECU CMIT 326 Cloud Technologies. Final Exam .FOR AMAZON WEB SERVICES. 100 Questions QUESTION 100 (1 point) Saved Identify the services that have... a global (rather than regional) scope? (choose two) QUESTION 100 options: Amazon S3 Amazon CloudFront Amazon EC2 AWS Lambda Amazon Route 53 Saved What architectural best practice aims to reduce the interdependencies between services? QUESTION 99 options: automation removing single points of failure loose coupling services, not servers What benefits are provided by Amazon CloudFront? (choose two) QUESTION 98 options: allows you to register domain names provides a worldwide distributed DNS service used to enable private subnet instances to access the internet content is cached at edge Locations for fast distribution to customers built-in distributed denial-of-service (DDoS) attack protection Which feature of AWS allows you to deploy a new application for which the requirements may change over time? QUESTION 97 options: high availability fault tolerance elasticity disposable resources Which storage service allows you to connect multiple EC2 instances concurrently using file-level protocols? QUESTION 96 options: Amazon EBS Amazon Glacier Amazon EFS Amazon S3 Joe's company is looking to make a number of improvements. The firm would like to maximize potential volume and reserved instance (RI) discounts across multiple accounts and also apply service control policies on member accounts. Which service or tool can be used to gain these benefits? QUESTION 95 options: AWS Cost Explorer AWS Budgets AWS IAM AWS Organizations When designing a typical three-tier web application, which AWS services and/or features improve availability and reduce the impact failures? (Choose two.) QUESTION 94 options: AWS Auto Scaling for Amazon EC2 instances Amazon VPC subnet ACLs to check the health of a service Distributed resources across multiple Availability Zones AWS Server Migration Service (AWS SMS) to move Amazon EC2 instances into a different Region Distributed resources across multiple AWS points of presence What is the most cost-effective support plan that should be selected to provide at least a one-hour response time for a production system failure? QUESTION 93 options: developer basic business enterprise Your CTO wants to move to cloud. What cost advantages are there to moving to cloud? QUESTION 92 options: You can reduce marketing costs. You don't need to pay for application licensing. You get free data transfer into and out of the cloud. You provision only what you need and adjust to peak load. What are the benefits of developing and running a new application in the AWS Cloud compared to on-premises? (Choose two.) QUESTION 91 options: AWS automatically distributes the data globally for higher durability AWS will take care of operating the application AWS makes it easy to architect for high availability AWS can easily accommodate application demand changes AWS takes care of application security patching. A company wants to migrate its applications to a VPC on AWS. These applications will need to access on-premises resources. What combination of actions will enable the company to accomplish this goal? (choose two) QUESTION 90 options: Use the AWS Service Catalog to identify a list of on-premises resources that can be migrated. Build a VPN connection between an on-premises device and a virtual private gateway in the new VP. Use Amazon Athena to query data from the on-premises database servers. Connect the company's on-premises data center to AWS using AWS Direct Connect. Leverage Amazon CloudFront to restrict access to static web content provided through the company's on-premises web servers. What are the benefits of using reserved instances? (choose two) QUESTION 89 options: reduced cost more flexibility reserve capacity high availability uses dedicated hardware Which of the following will enhance the security of access to the AWS Management Console? (choose two) QUESTION 88 options: AWS Secrets Manager AWS Certificate Manager AWS Multifactor Authentication (AWS MFA) Security groups Password policies Which items can be configured from within the Amazon VPC management console? (choose two) QUESTION 87 options: regions security groups load balancing auto scaling subnets What does an organization need to do to move to another AWS region? QUESTION 86 options: Create a separate IAM account for that region. Apply for another AWS account in that region. Submit an application to extend their account to the additional region. Just start deploying resources in the additional region. Which of the following are architectural best practices for the AWS cloud? (choose 2) QUESTION 85 options: close coupling create monolithic architectures design for fault tolerance deploy into multiple availability zones deploy into a single availability zone Which AWS service allows you to connect to storage from onpremise servers using standard file protocols? QUESTION 84 options: Amazon EFS Amazon Glacier Amazon EBS Amazon S3 James is an IT professional and is looking into using AWS for the first time. Which of the following is an AWS responsibility under the AWS shared responsibility model? QUESTION 83 options: configuring third-party applications maintaining physical hardware securing application access and data deploying EC2 instances What can you use to quickly connect an office securely to Amazon VPC? QUESTION 82 options: Internet Gateway AWS managed VPN Direct Connect Route Table Which service can be used to track the CPU usage of an EC2 instance? QUESTION 81 options: Amazon CloudWatch Amazon CloudFormation Amazon CloudFront Amazon CloudTrail The Security Department wants to send alerts based on CloudWatch alarms. Which service would be used to send these alerts? QUESTION 80 options: Amazon Simple Notification Service (Amazon SNS) AWS Security Hub AWS Lambda Amazon Route 53 A company is planning to launch an e-commerce site in a single AWS region to a worldwide user base. Which AWS services will allow the company to reach users and provide low latency and high transfer speeds? (choose two) QUESTION 79 options: Application Load Balancer AWS Global Accelerator AWS Direct Connect Amazon CloudFront AWS Lambda Amy, a solutions architect, needs to create a virtual network within his AWS environment. Which AWS networking service would allow her to do this? QUESTION 78 options: AWS Route53 Amazon Route 53 AWS EC2t Amazon Virtual Private Cloud (Amazon VPC) Which feature can you use to grant read/write access to an Amazon S3 bucket? QUESTION 77 options: IAM User IAM Group IAM Role IAM Policy Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted? QUESTION 76 options: On-Demand Spot Reserved Dedicated Instance What advantages does deploying Amazon CloudFront provide? (choose two) QUESTION 75 options: provides serverless compute services automated deployment of resources a private network link to the AWS cloud improved performance for end users reduced latency Which of the following are recommended practices for managing IAM users? (choose two) QUESTION 74 options: require IAM users to change their passwords after a specified period of time prevent IAM users from reusing previous passwords recommend that the same password be used on AWS and other sites require IAM users to store their passwords in raw text disable multifactor authentication (MF for IAM users) Which feature of Amazon Rekognition can assist with saving time? QUESTION 73 options: provides on-demand access to compliance-related information identification of the language of text in a document adds automatic speech recognitions (ASR) to applications identification of objects in images and videos Which services are integrated with KMS encryption? (choose two) QUESTION 72 options: Amazon EC2 Amazon RDS AWS CloudFormation Amazon EBS Amazon SWF The IAM service can be used to manage which objects? (choose two) QUESTION 71 options: access policies network ACLs key pairs security groups roles Which AWS feature or service can be used to capture information about incoming and outgoing traffic in an AWS VPC infrastructure? QUESTION 70 options: AWS Config VPC Flow Logs AWS Trusted Advisor AWS CloudTrail Which tool enables you to see use patterns and identify cost drivers? QUESTION 69 options: AWS Simple Monthly Calculator AWS Budgets Total Cost of Ownership (TCO) Calculator AWS Cost Explorer Which of the following is a method of backup available in the AWS cloud? QUESTION 68 options: EBS snapshots EFS file systems Route 53 alias record availability zones Which of the following describes the relationships among AWS Regions, Availability Zones, and edge locations? (Choose two.) QUESTION 67 options: There are more AWS Regions than Availability Zones There are more edge locations than AWS Regions. An edge location is an Availability Zone. There are more AWS Regions than edge locations There are more Availability Zones than AWS Regions Which of the following are components of Amazon VPC? (Choose two.) QUESTION 66 options: Objects Subnets Buckets Internet gateways Access key The CIO of Acme Inc. is comparing the costs of standing up a data center or using a cloud provider such as AWS for an application with varying compute workloads. What is a reason the cloud provider, AWS, might be more economical? QUESTION 65 options: Amazon RDS costs are billed on a monthly basis. Users retain full administrative access to their Amazon EC2 instances. Amazon EC2 instances can be launched on demand when needed. Users can permanently run enough instances to handle peak workloads. What method can you use to take a backup of an Amazon EC2 instance using AWS tools? QUESTION 64 options: Use Cross Region Replication (CRR) to copy the instance to another region. Take application-consistent backups using the EC2 API. Take full and incremental file-level backups using the backup console. Take a snapshot to capture the point-in-time state of the instance. A company wants to use an AWS service to check application endpoints, with the ability to move traffic to healthy regional endpoints to improve application availability. Which service will support these requirements? QUESTION 63 options: Amazon Inspector Amazon CloudWatch AWS Global Accelerator Amazon CloudFront Which service can be used to help you to migrate databases to AWS quickly and securely? QUESTION 62 options: AWS SMS AWS KMS AWS DMS AWS Migration Hub How does AWS Trusted Advisor provide guidance to users of the AWS Cloud? (choose two) QUESTION 61 options: It identifies software vulnerabilities in applications running on AWS. It provides a list of cost optimization recommendations based on current AWS usage. It detects potential security vulnerabilities caused by permissions settings on account resources. It automatically corrects potential security issues caused by permissions settings on account resources. It provides proactive alerting whenever an Amazon EC2 instance has been compromised. Which types of pricing policies does AWS offer? (choose two) QUESTION 60 options: pay-as-you-go save when you reserve Enterprise license agreement (EL) nonpeak hour discounts global usage discounts Acme Corp. Is looking to buy software and start using it right away in the cloud. Which AWS offering enables users to do this? QUESTION 59 options: AWS Security Hub AWS OpsWorks AWSSDK AWS Marketplace Which of the following need to be included in a total cost of ownership (TCO) analysis? (choose two) QUESTION 58 options: facility equipment installation data center security costs company-wide marketing application development IT manager salary Which AWS support plan should you use if you need a response time of less than 15 minutes for a business-critical system failure? QUESTION 57 options: Basic Enterprise Business Developer A company is migrating from on-premises data centers to the AWS cloud and is looking for hands-on help with the project. How can the company get this support? (choose two) QUESTION 56 options: Ask for a quote from the AWS Marketplace team to perform a migration into the company's AWS account. Contact AWS Support and open a case for assistance. Use AWS Professional Services to provide guidance and to set up an AWS Landing Zone in the company's AWS account. Select a partner from the AWS Partner Network (APN) to assist with the migration. Use Amazon Connect to create a new request for proposal (RFP) for expert assistance in migrating to the AWS cloud. Which service supports the resolution of public domain names to IP addresses or AWS resources? QUESTION 55 options: Amazon Route 53 Amazon CloudFront Amazon SNS Hosted Zones Which cost-effective service can be used to move exabytes of data into AWS? QUESTION 54 options: AWS Snowmobile AWS Snowball S3 Transfer Acceleration S3 Cross-Region Replication (CRR) How can an organization compare the cost of running applications in an on-premise or colocation environment against the AWS cloud? Which type of Amazon Elastic Load Balancer operates at layer 7 of the OSI model? QUESTION 51 options: Network Load Balancer F5 Load Balancer Classic Load Balancer Application Load Balancer QUESTION 53 options: AWS Cost Explorer AWS Simple Monthly Calculator AWS Budgets TCO Calculator Which AWS service can be used to easily create multiple accounts? QUESTION 52 options: Amazon IAM Amazon Connect AWS CloudFormation AWS Organizations Which type of Amazon Elastic Load Balancer operates at layer 7 of the OSI model? QUESTION 51 options: Network Load Balancer F5 Load Balancer Classic Load Balancer Application Load Balancer What factor can contribute to a network bottleneck in a cloud deployment? QUESTION 50 options: malformed data packets the maximum transmission unit (MTU) has been exceeded errors in the routing tables of the firewall not enough security between the endpoints Which groups should be involved in a cloud change management process? QUESTION 49 options: IT, HR, marketing, finance IT, finance, and production IT, HR, finance, and production IT, finance, and production Which of the following correctly describes an external attack? QUESTION 48 options: when a hacker penetrates the cloud from the outside environment when an employee intentionally deletes files when somebody from inside the company tries to launch an attack when the ACL is maliciously misconfigured Which of the following can be used as a logging server? (choose two) QUESTION 47 options: SLA AmazonS3 OpenStack CACL ACL Which statement is true about a rolling update? QUESTION 46 options: It is deployed at random. Only the network administrator can apply it. It is typically used in a Linux-based environment. It does not need to be checked for security vulnerabilities. Which of the following is an example of data privacy law? QUESTION 45 options: ISO 27001 and FIPS 140-2 Sarbanes-Oxley GDPR California SB-327 How can a VPN be made more secure? QUESTION 44 options: implementing a firewall at the endpoints further encapsulating the data packet into more data packets layering it in IPsec using two-factor authentication (2FA) What is the function of cloud alerting? QUESTION 43 options: It alerts the user when an event needs to be monitored. It uses SMTP. It compiles system events into a central log. It alerts you when you are over resource limits. Which of the following protocols has the capability of retransferring lost packets? QUESTION 42 options: IP UDP TCP ARP What is metadata? QUESTION 41 options: It is data about the data. It is a data warehousing application. It refers to big data. It is a tool to find unhidden trends in the data sets. What is the cloud application life cycle? QUESTION 40 options: the establishment of software functionalities the period of utility of the cloud resource the time when software patches and other upgrades are applied the time when a cloud application is deleted after its useful life What is a cluster? QUESTION 39 options: It is a series of computers networked together in tandem. It interlinks the LAN to the WAN. It is a series of servers connected to one another in a LAN. It is a mesh-based network topology. What is encryption? QUESTION 38 options: deploying public and private keys implementing hashing algorithms converting plaintext into ciphertext installing a certificate authority What is the purpose of a tcpdump? QUESTION 37 options: to release data packets in a TCP/IP protocol to monitor network traffic and is also called "sniffing" to stores log files onto the virtual machine to discard malicious data packets Which kind of application makes use of a PKI? QUESTION 36 options: gaining access to shared resources endpoint security transferring data to a server video and audio conferencing Prior to a cloud application launch, what parameters show a successful test? (choose two) QUESTION 35 options: adequate amounts of sizing absence of partitioning app engine has been properly disabled development servers have been disengaged maintenance of data integrity Which are types of tunneling protocols? (choose two) QUESTION 34 options: IPsec TCP/IP PTP PPTP GRE What is a hotfix? QUESTION 33 options: It is a tool used for rollbacks. It is a patch that provides an instant snapshot of the system. It is used to check for backdoors in source code. It is a patch that can be deployed almost instantaneously. What is a template? QUESTION 32 options: It is a representation of your fingerprint for an SSO. It is part of a public key infrastructure. It is used in hashing algorithms. It is a prototype of a cloud system. Which is an example of an automation tool? QUESTION 31 options: scripting routers endpoint detection technologies APIs What is the purpose of federation? QUESTION 30 options: to allow a user to log into multiple systems with just one credential to grant access to network services to the user to assign access as defined by user roles to give the user access to the same resources among different cloud providers What is change management? QUESTION 29 options: It is rolling out new procedures, processes, upgrades, reconfigurations, and repairs. It is the process of shifting cloud resources. It is a time when the client and the cloud provider meet directly. It is a process of running checks of cloud apps in a sandbox. Which of the following is an example of encrypted communications? QUESTION 28 options: VPNs HTTPS TCP/IP SSL/TLS Which of the following is affected by jitter? QUESTION 27 options: voice communications security DNS HTTP What is the correct sequence of steps in the change management process? QUESTION 26 options: testing documentation, planning, securing approvals, validating changes, recording changes defining instructions, performing reviews recording changes, planning, testing documentation, securing approvals, validating changes, defining instructions, performing reviews performing reviews, recording changes, planning, testing documentation, securing approvals, defining instructions, validating changes validating changes, defining instructions, performing reviews, recording changes, planning, performing reviews, testing documentation Which of the following terms best describes "the time it takes for a data packet to move from source to destination"? QUESTION 25 options: congestion packet loss jitter latency What is CPU usage? QUESTION 24 options: a display of how much memory is left in RAM a metric that reflects how much disk space is being used up a measure of how much processing power is being used the amount of network bandwidth being used when connecting to the cloud Which of the following storage types usually connects with the motherboard via SATA/ATA connection? QUESTION 23 options: NAS SAN DAS object storage What is the role of the DNS Server? QUESTION 22 options: It breaks down the domain name into its corresponding IP address. It sends emails from the sender to the receiver. It stores data and information. It contains resources that can be accessed by employees. Which of the following are cloud automation techniques? (choose two) QUESTION 21 options: Orchestrator Ansible OpenStack S3 API What is a subnet? QUESTION 20 options: It joins two LANS. It joins a LAN and a WAN. It is a component of a VPN. It is one part of an overall IP network. What is a lockout? QUESTION 19 options: when an account is frozen after several failed log-in attempts the responsibility of the CIO/CISO to establish the lockout policy creating a strong password freezing a software development cycle if errors are found in the source code Which of the following is used for storage security on SANs? QUESTION 18 options: obfuscation ACL zoning host authentication Which of the following is true of the SAS model? QUESTION 17 options: You can manage your applications. You are responsible for software licensing. The software is managed by the cloud provider. You have to keep track of any patches and upgrades. When does the server resort to a swap file? QUESTION 16 options: when RAM usage is full when CPU usage is full when storage usage is full when network usage is full What is thick provisioning? QUESTION 15 options: operating at full capacity in an SaaS using all of the storage allocated in an account creating more VMs using cloud storage only as needed A cloud platform consists of what individual components? QUESTION 14 options: data packets and CRC checking algorithms public keys and private keys symmetric and asymmetric cryptographic infrastructures on-demand applications, scalable storage, and automation In order to outline priorities for traffic in the event of congestion, what can be created to mitigate? QUESTION 13 options: jitter QOS increase bandwidth increase CPU resources What are the different levels of RAID? QUESTION 12 options: RAID 1, RAID 2, RAID 3, RAID 4, RAID 5 RAID 3, RAID 5, RAID 7, RAID 9 RAID 0, RAID 1, RAID 5, RAID 6 RAID 0, RAID 1, RAID 5, RAID 7 Which of the following technologies can be used to maintain automation in cloud? (choose two) QUESTION 11 options: Python DR Puppet Chef Onguard What are cloud use patterns? QUESTION 10 options: the monitoring and analysis of traffic flows scaling up resources during peak demand the use of artificial intelligence to further simplify tasks the transfer of data from one cloud provider to another What is the purpose of a cloud workflow application? QUESTION 9 options: It oversees the overall processes from beginning to end. It deals with cloud integration issues. It addresses resource contention. It examines connectivity issues. Which of the following can cause a cloud synchronization issue? QUESTION 8 options: network bottlenecks corrupt files different time zones lack of internet connectivity During failure, which of the following sites provides the shortest RTO (recovery time objective)? QUESTION 7 options: cold site hot site warm site hybrid site What does a version update do? QUESTION 6 options: It keeps software code locked from accidental modification. It replaces the existing version of a software application. It creates an iteration of document revisions from beginning to end. It enables the blockchain process. What is a snapshot? QUESTION 5 options: It shows the state of a cloud deployment at a certain time. It recreates the master image of a hard drive. It creates a second set of original data. It shows the existing state of a virtual machine. What is the purpose of a hypervisor? QUESTION 4 options: It establishes the connection from the client to the server. It encapsulates a data packet inside another one. It provides authentication. It allows for the creation of VMs. What are two types of cloud backup methods? QUESTION 3 options: snapshot and clone tape and hard drive USB and Flash Azure and AWS What is cloud orchestration? QUESTION 2 options: creating new user accounts creating new permissions granting access to certain resources using APIs to automate routine processes What is the purpose of automation and orchestration? QUESTION 1 options: to allow for the recording and auditing of all events to transmit data more securely to provide a means for data backup to allow you to apply patches to a VM [Show More]

Last updated: 1 year ago

Preview 1 out of 24 pages