AWS CERTIFIED CLOUD PRACTITIONER. 390 AWS Practice Exam Questions with Answers & Detailed Explanations. Complete Coverage of the Latest Blue-Print for the CLF-CO1 Exam.

Document Content and Description Below

AWS CERTIFIED CLOUD PRACTITIONER. 390 AWS Practice Exam Questions with Answers & Detailed Explanations. Complete Coverage of the Latest Blue-Print for the CLF-CO1 Exam. SET 1: PRACTICE QUESTIONS... ONLY Click here to go directly to Set 1: Practice Questions, Answers & Explanations Question 1 Which AWS service is primarily used for software version control? 1. AWS CodeCommit 2. AWS CodeStar 3. AWS Cloud9 4. AWS CodeDeploy Question 2 Which AWS service can you use to install a third-party database? 1. Amazon RDS 2. Amazon DynamoDB 3. Amazon EC2 4. Amazon EMR Question 3 Identify the services that have a global (rather than regional) scope? (choose 2) 1. Amazon Route 53 2. Amazon S3 3. Amazon CloudFront 4. AWS Lambda 5. Amazon EC2 Question 4 Which service can you use to provision a preconfigured server with little to no AWS experience? 1. Amazon Elastic Beanstalk 2. AWS Lambda 3. Amazon EC2 4. Amazon Lightsail Question 5 Which AWS service allows you to connect to storage from on-premise servers using standard file protocols? 1. Amazon S3 2. Amazon EBS 3. Amazon Glacier 4. Amazon EFS Question 6 Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted? 1. On-Demand 2. Reserved 3. Spot 4. Dedicated Instance Question 7 What is an availability zone composed of? 1. One or more regions 2. One or more DCs in a location 3. A collection of edge locations 4. A collection of VPCs Question 8 Which AWS services are used for analytics? (choose 2) 1. Amazon RDS 2. Amazon ElastiCache 3. Amazon Athena 4. Amazon S3 5. Amazon EMR Question 9 What advantages does deploying Amazon CloudFront provide? (choose 2) 1. A private network link to the AWS cloud 2. Reduced latency 3. Automated deployment of resources 4. Improved performance for end users 5. Provides serverless compute services Question 10 What considerations are there when choosing which region to use? (choose 2) 1. Data sovereignty 2. Available storage capacity 3. Latency 4. Pricing in local currency 5. Available compute capacity Question 11 Which service can be used to track the CPU usage of an EC2 instance? 1. Amazon CloudTrail 2. Amazon CloudFront 3. Amazon CloudFormation 4. Amazon CloudWatch Question 12 Which feature of AWS allows you to deploy a new application for which the requirements may change over time? 1. Elasticity 2. Fault tolerance 3. Disposable resources 4. High availability Question 13 Which items can be configured from within the VPC management console? (choose 2) 1. Subnets 2. Regions 3. Load Balancing 4. Auto Scaling 5. Security Groups Question 14 Which services are integrated with KMS encryption? (choose 2) 1. Amazon RDS 2. Amazon EC2 3. Amazon EBS 4. Amazon SWF 5. AWS CloudFormation Question 15 Which service allows you to automatically expand and shrink your application in response to demand? 1. AWS ElastiCache 2. Amazon Elastic Load Balancing 3. AWS Auto Scaling 4. Amazon DynamoDB Question 16 The AWS global infrastructure is composed of? (choose 2) 1. Regions 2. Clusters 3. Fault Zones 4. Availability Zones 5. IP subnets Question 17 Which of the statements below is accurate regarding Amazon S3 buckets? (choose 2) 1. Bucket names must be unique regionally 2. Buckets are replicated globally 3. Bucket names must be unique globally 4. Buckets are region-specific 5. Buckets can contain other buckets Question 18 Which AWS storage technology can be considered a "virtual hard disk in the cloud"? 1. Amazon Elastic File Storage (EFS) filesystem 2. Amazon Elastic Block Storage (EBS) volume 3. Amazon S3 object 4. Amazon Glacier archive Question 19 Under the AWS shared responsibility model what is the customer responsible for? (choose 2) 1. Physical security of the data center 2. Replacement and disposal of disk drives 3. Configuration of security groups 4. Patch management of infrastructure 5. Encryption of customer data Question 20 Which service records API activity on your account and delivers log files to an Amazon S3 bucket? 1. Amazon CloudWatch 2. Amazon S3 Event Notifications 3. Amazon CloudTrail 4. Amazon CloudWatch Logs Question 21 The IAM service can be used to manage which objects? (choose 2) 1. Security groups 2. Access policies 3. Roles 4. Network ACLs 5. Key pairs Question 22 Which types of pricing policies does AWS offer? (choose 2) 1. Pay-as-you-go 2. Enterprise license agreement (ELA) 3. Non-peak hour discounts 4. Global usage discounts 5. Save when you reserve Question 23 Which tool enables you to visualize your usage patterns over time and to identify your underlying cost drivers? 1. AWS Simple Monthly Calculator 2. Total Cost of Ownership (TCO) Calculator 3. AWS Cost Explorer 4. AWS Budgets Question 24 What advantages do you get from using the AWS cloud? (choose 2) 1. Trade capital expense for variable expense 2. Stop guessing about capacity 3. Increased capital expenditure 4. Gain greater control of the infrastructure layer 5. Comply with all local security compliance programs Question 25 A company plans to create a hybrid cloud architecture. What technology will allow them to create a hybrid cloud? 1. VPC Peering 2. Internet Gateway 3. Direct Connect 4. Elastic Network Interface Question 26 Which service supports the resolution of public domain names to IP addresses or AWS resources? 1. Amazon Route 53 2. Amazon CloudFront 3. Amazon SNS 4. Hosted Zones Question 27 What can you use to quickly connect your office securely to your Amazon VPC? 1. Route Table 2. Internet Gateway 3. Direct Connect 4. AWS managed VPN Question 28 What is the scope of a VPC within a region? 1. Spans all Availability Zones within the region 2. Spans all Availability Zones globally 3. At least 2 subnets per region 4. At least 2 data centers per region Question 29 Which service can be used for building and integrating loosely-coupled, distributed applications? 1. Amazon EBS 2. Amazon SNS 3. Amazon EFS 4. Amazon RDS Question 30 Which type of Amazon Elastic Load Balancer operates at layer 7 of the OSI model? 1. Application Load Balancer 2. Network Load Balancer 3. Classic Load Balancer 4. F5 Load Balancer Question 31 Which services can help to automate a company's IT infrastructure? (choose 2) 1. Amazon CloudWatch Alarms 2. Amazon Route 53 3. AWS Lambda Scheduled Events 4. Virtual Private Cloud 5. Elastic Network Interface Question 32 Which database service is a NoSQL type of database that is fully managed? 1. Amazon RDS 2. Amazon DynamoDB 3. Amazon RedShift 4. Amazon ElastiCache Question 33 Which storage service allows you to connect multiple EC2 instances concurrently using filelevel protocols? 1. Amazon S3 2. Amazon EBS 3. Amazon EFS 4. Amazon Glacier Question 34 For which services does Amazon not charge customers? (choose 2) 1. Amazon VPC 2. Amazon EBS 3. Amazon CloudFormation 4. Amazon S3 5. Amazon SNS Question 35 What architectural best practice aims to reduce the interdependencies between services? 1. Services, Not Servers 2. Removing Single Points of Failure 3. Automation 4. Loose Coupling Question 36 What is the most cost-effective support plan that should be selected to provide at least a 1- hour response time for a production system failure? 1. Basic 2. Developer 3. Business 4. Enterprise Question 37 Which AWS database service supports complex queries and joins and is suitable for a transactional database deployment? 1. Amazon RDS 2. Amazon DynamoDB 3. Amazon RedShift 4. Amazon EMR Question 38 Under the shared responsibility model, what are examples of shared controls? (choose 2) 1. Patch management 2. Storage system patching 3. Physical and environmental 4. Configuration management 5. Service and Communications Protection Question 39 How can an organization compare the cost of running applications in an on-premise or colocation environment against the AWS cloud? 1. AWS Budgets 2. AWS Simple Monthly Calculator 3. TCO Calculator 4. AWS Cost Explorer Question 40 What is the most cost-effective EC2 pricing option to use for a non-critical overnight workload? 1. On-Demand 2. Spot 3. Reserved Instance 4. Dedicated Host Question 41 Which service allows you to run code as functions without needing to provision or manage servers? 1. Amazon EC2 2. Amazon CodeDeploy 3. AWS Lambda 4. Amazon EKS Question 42 What benefits does Amazon EC2 provide over using non-cloud servers? (choose 2) 1. Complete control of the hypervisor layer 2. Elastic web-scale computing 3. Inexpensive 4. Fault tolerance 5. High-availability with an SLA of 99.99% Question 43 Which type of Elastic Load Balancer operates at the connection layer (layer 4) and supports IP addresses as targets? 1. Application Load Balancer 2. Network Load Balancer 3. Classic Load Balancer 4. ELBs do not support IP addresses as targets Question 44 Which of the following are features of Amazon CloudWatch? (choose 2) 1. Used to gain system-wide visibility into resource utilization 2. Records account activity and service events from most AWS services 3. Used for auditing of API calls 4. Can be accessed via API, command-line interface, AWS SDKs, and the AWS Management Console 5. Provides visibility into user activity by recording actions taken on your account Question 45 Amazon S3 bucket names must follow as set of rules. Which of the rules below apply to Amazon S3 bucket names? (choose 2) 1. Names must be unique across all of AWS 2. Names must be 3 to 63 characters in length 3. Names must contain uppercase letters 4. Names must be unique within a region 5. Names must be formatted as a DNS domain name Question 46 Which of the following statements are correct about Elastic Block Store (EBS) volumes? (choose 2) 1. Root EBS volumes are retained on termination by default 2. EBS volumes must be in the same AZ as the instances they are attached to 3. You can attach multiple EBS volumes to an instance 4. You can attach an EBS volume to multiple instances 5. EBS volumes cannot be backed up Question 47 Which statement below is incorrect in relation to Security Groups? 1. Operate at the instance level 2. Support allow rules only 3. Stateless 4. Evaluate all rules Question 48 What constraints apply to customers when performing penetration testing? (choose 2) 1. Permission is required for all penetration tests 2. You can perform penetration testing on your own systems at any time without prior authorization 3. You must complete and submit the AWS Vulnerability / Penetration Testing Request Form to request authorization 4. Penetration testing can be performed against any AWS resources 5. Penetration testing must be performed by a certified security consultant Question 49 Which statement below is incorrect in relation to Network ACLs? 1. Operate at the Availability Zone level 2. Support allow and deny rules 3. Stateless 4. Process rules in order Question 50 What benefits are provided by Amazon CloudFront? (choose 2) 1. Allows you to register domain names 2. Built-in Distributed Denial of Service (DDoS) attack protection 3. Used to enable private subnet instances to access the Internet 4. Content is cached at Edge Locations for fast distribution to customers 5. Provides a worldwide distributed DNS service Question 51 Which service can be used to help you to migrate databases to AWS quickly and securely? 1. AWS KMS 2. AWS SMS 3. AWS DMS 4. AWS Migration Hub Question 52 Which feature can you use to grant read/write access to an Amazon S3 bucket? 1. IAM Role 2. IAM Policy 3. IAM Group 4. IAM User Question 53 Which AWS support plan should you use if you need a response time of < 15 minutes for a business-critical system failure? 1. Basic 2. Developer 3. Business 4. Enterprise Answer: 4 Explanation: Only the Enterprise plan provides a response time of < 15 minutes for the failure of a business-critical system Both Business and Enterprise offer < 1-hour response time for the failure of a production system References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-billing-and-pricing/ Question 54 Which AWS service is used to enable multi-factor authentication? 1. Amazon STS 2. AWS IAM 3. Amazon EC2 4. AWS KMS Question 55 Which AWS service can be used to convert video and audio files from their source format into versions that will playback on devices like smartphones, tablets and PC? 1. Elastic Transcoder 2. Elastic Beanstalk 3. Elastic Load Balancer 4. Auto Scaling Question 56 What method can you use to take a backup of an Amazon EC2 instance using AWS tools? 1. Take full and incremental file-level backups using the backup console 2. Take application-consistent backups using the EC2 API 3. Use Cross Region Replication (CRR) to copy the instance to another region 4. Take a snapshot to capture the point-in-time state of the instance Question 57 What are two ways that moving to an AWS cloud can benefit an organization? (choose 2) 1. Switch to a CAPEX model 2. Increase speed and agility 3. Stop guessing about capacity 4. Depreciate assets over a longer timeframe 5. Gain greater control of data center security Question 58 Which of the following statements is correct in relation to consolidated billing? (choose 2) 1. Paying accounts are independent and cannot access resources of other accounts 2. Used to consolidate billing across organizations 3. One bill is provided per AWS organization 4. Volume pricing discounts cannot be applied to resources 5. Only available to Enterprise customers Question 59 Which AWS service allows you to use block-based volumes on-premise that are then asynchronously backed up to Amazon S3? 1. AWS Storage Gateway File Gateway 2. AWS Storage Gateway Volume Gateway 3. Amazon S3 Multi-Part upload 4. Amazon S3 Transfer Acceleration Question 60 When instantiating compute resources, what are two techniques for using automated, repeatable processes that are fast and avoid human error? (choose 2) 1. Snapshotting 2. Bootstrapping 3. Fault tolerance 4. Infrastructure as code 5. Performance monitoring Question 61 A company would like to maximize their potential volume and RI discounts across multiple accounts and also apply service control policies on member accounts. What can they use gain these benefits? 1. AWS Budgets 2. AWS Cost Explorer 3. AWS IAM 4. AWS Organizations Question 62 Which AWS service can an organization use to automate operational tasks on EC2 instances using existing Chef cookbooks? 1. AWS OpsWorks 2. AWS Service Catalog 3. AWS Config 4. AWS CodeDeploy Question 63 Which AWS service can be used to process a large amount of data using the Hadoop framework? 1. Amazon Athena 2. Amazon Kinesis 3. AWS Glue 4. Amazon EMR Question 64 Which feature of Amazon Rekognition can assist with saving time? 1. Identification of objects in images and videos 2. Identification of the language of text in a document 3. Adds automatic speech recognitions (ASR) to applications 4. Provides on-demand access to compliance-related information Question 65 Which type of cloud deployment enables customers to leverage the benefits of the public cloud and co-existing with on-premises infrastructure? 1. Public Cloud 2. Private Cloud 3. Hybrid Cloud 4. Legacy IT Infrastructure SET 1: PRACTICE QUESTIONS, ANSWERS & EXPLANATIONS Question 1 Which AWS service is primarily used for software version control? 1. AWS CodeCommit 2. AWS CodeStar 3. AWS Cloud9 4. AWS CodeDeploy Answer: 1 Explanation: AWS CodeCommit is a fully-managed source control service that hosts secure Gitbased repositories. It makes it easy for teams to collaborate on code in a secure and highly scalable ecosystem AWS CodeStar enables you to quickly develop, build, and deploy applications on AWS. AWS CodeStar provides a unified user interface, enabling you to easily manage your software development activities in one place AWS Cloud9 is a cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with just a browser AWS CodeDeploy is a deployment service that automates application deployments to Amazon EC2 instances, on-premises instances, or serverless Lambda functions References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/additional-aws-services-tools/ https://aws.amazon.com/codecommit/ https://aws.amazon.com/codestar/ https://aws.amazon.com/cloud9/ https://docs.aws.amazon.com/codedeploy/latest/userguide/welcome.html Question 2 Which AWS service can you use to install a third-party database? 1. Amazon RDS 2. Amazon DynamoDB 3. Amazon EC2 4. Amazon EMR Answer: 3 Explanation: All of these services are managed services except for Amazon EC2. EC2 is the only service in the list upon which you can manually install the database software of your choice References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-compute/ https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-databases/ Question 3 Identify the services that have a global (rather than regional) scope? (choose 2) 1. Amazon Route 53 2. Amazon S3 3. Amazon CloudFront 4. AWS Lambda 5. Amazon EC2 Answer: 1,3 Explanation: Amazon Route 53 and Amazon CloudFront have a global scope Amazon S3 uses a global namespace but buckets and objects are created within a region AWS Lambda is a regional service References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/content-delivery-and-dns-services/ Question 4 Which service can you use to provision a preconfigured server with little to no AWS experience? 1. Amazon Elastic Beanstalk 2. AWS Lambda 3. Amazon EC2 4. Amazon Lightsail Answer: 4 Explanation: Lightsail provides developers compute, storage, and networking capacity and capabilities to deploy and manage websites, web applications, and databases in the cloud Lightsail provides preconfigured virtual private servers (instances) that include everything required to deploy and application or create a database Deploying a server on Lightsail is extremely easy and does not require knowledge of how to configure VPCs, security groups, network ACLs etc. AWS Elastic Beanstalk can be used to quickly deploy and manage applications in the AWS Cloud. It is considered a PaaS service. However, you do still need to deploy within a VPC so more AWS expertise is required Amazon EC2 also requires AWS expertise as it deploys within a VPC AWS Lambda provides serverless functions not preconfigured servers References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-compute/ Question 5 Which AWS service allows you to connect to storage from on-premise servers using standard file protocols? 1. Amazon S3 2. Amazon EBS 3. Amazon Glacier 4. Amazon EFS Answer: 4 Explanation: EFS is a fully-managed service that makes it easy to set up and scale file storage in the Amazon Cloud EFS filesystems are mounted using the NFS protocol (which is a file-level protocol) Access to EFS file systems from on-premises servers can be enabled via Direct Connect or AWS VPN You mount an EFS file system on your on-premises Linux server using the standard Linux mount command for mounting a file system via the NFSv4.1 protocol Amazon S3 is an object-level not file-level storage system Amazon Glacier is an archiving solution that is accessed through S3 Amazon Elastic Block Storage (EBS) is block-level storage that can only be accessed by EC2 instances from the same AZ as the EBS volume References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/additional-aws-services-tools/ Question 6 Which pricing model should you use for EC2 instances that will be used in a lab environment for several hours on a weekend and must run uninterrupted? 1. On-Demand 2. Reserved 3. Spot 4. Dedicated Instance Answer: 1 Explanation: Spot instances are good for short term requirements as they can be very economical. However, you may find that the instance is terminated if the spot market price moves On-Demand is the best choice for this situation as it is the most economical option that will ensure no interruptions Reserved instances are good for long-term, static requirements as you must lockin for 1 or 3 years in return for a decent discount Dedicated instances are EC2 instances that run on hardware dedicated to a single customer References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-billing-and-pricing/ Question 7 What is an availability zone composed of? 1. One or more regions 2. One or more DCs in a location 3. A collection of edge locations 4. A collection of VPCs Answer: 2 Explanation: Availability Zones are physically separate and isolated from each other AZ’s have direct, low-latency, high throughput and redundant network connections between each other A region is a geographical area Each region consists of 2 or more availability zones References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-global-infrastructure/ Question 8 Which AWS services are used for analytics? (choose 2) 1. Amazon RDS 2. Amazon ElastiCache 3. Amazon Athena 4. Amazon S3 5. Amazon EMR Answer: 3,5 Explanation: Amazon Elastic Map Reduce (EMR) provides a managed Hadoop framework that makes it easy, fast, and cost-effective to process vast amounts of data across dynamically scalable Amazon EC2 instance Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL ElastiCache is a data caching service that is used to help improve the speed/performance of web applications running on AWS Amazon RDS is Amazon's relational database and is primarily used for transactional workloads Amazon S3 is used for object storage References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/additional-aws-services-tools/ https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/additional-aws-services-tools/ Question 9 What advantages does deploying Amazon CloudFront provide? (choose 2) 1. A private network link to the AWS cloud 2. Reduced latency 3. Automated deployment of resources 4. Improved performance for end users 5. Provides serverless compute services Answer: 2, 4 Explanation: CloudFront is a content delivery network (CDN) that allows you to store (cache) your content at “edge locations” located around the world This allows customers to access content more quickly and provides security against DDoS attacks CloudFront can be used for data, videos, applications, and APIs A private network link to the AWS cloud can be provisioned using AWS Direct Connect or an IPSec VPN Automated deployment of resources is performed using CloudFormation CloudFront is a CDN not a serverless compute service References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/content-delivery-and-dns-services/ Question 10 What considerations are there when choosing which region to use? (choose 2) 1. Data sovereignty 2. Available storage capacity 3. Latency 4. Pricing in local currency 5. Available compute capacity Answer: 1,3 Explanation: You may choose a region to reduce latency, minimize costs, or address regulatory requirements Available capacity is generally not a concern as AWS has a large pool of resources and does not disclose the available capacity in each region Pricing for AWS services is in USD References: https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-region.html https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-global-infrastructure/ Question 11 Which service can be used to track the CPU usage of an EC2 instance? 1. Amazon CloudTrail 2. Amazon CloudFront 3. Amazon CloudFormation 4. Amazon CloudWatch Answer: 4 Explanation: Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS CloudWatch is for performance monitoring, whereas CloudTrail is for auditing AWS CloudTrail is a web service that records activity made on your account and delivers log files to an Amazon S3 bucket CloudFormation is used for automated provisioning of infrastructure CloudFront is a content delivery network (CDN) that caches content References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/monitoring-and-logging-services/ Question 12 Which feature of AWS allows you to deploy a new application for which the requirements may change over time? 1. Elasticity 2. Fault tolerance 3. Disposable resources 4. High availability Answer: 1 Explanation: Elasticity allows you to deploy your application without worrying about whether it will need more or less resources in the future. With elasticity, the infrastructure can scale on-demand Fault tolerance and high availability are mechanisms used for ensuring the availability of your application and protecting against the failure of hardware or software components Disposable resources is an architectural principle in which servers and other components are treated as temporary resources and are replaced rather than updated References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/architecting-for-the-cloud/ Question 13 Which items can be configured from within the VPC management console? (choose 2) 1. Subnets 2. Regions 3. Load Balancing 4. Auto Scaling 5. Security Groups Answer: 1,5 Explanation: Subnets and Security groups can be configured from within the VPC console Regions are not configured, resources within regions are configured Load balancing and auto scaling is configured from the EC2 console References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-networking/ Question 14 Which services are integrated with KMS encryption? (choose 2) 1. Amazon RDS 2. Amazon EC2 3. Amazon EBS 4. Amazon SWF 5. AWS CloudFormation Answer: 1,3 Explanation: Not all services integrate with KMS. Review the reference below References: https://aws.amazon.com/kms/features/ Question 15 Which service allows you to automatically expand and shrink your application in response to demand? 1. AWS ElastiCache 2. Amazon Elastic Load Balancing 3. AWS Auto Scaling 4. Amazon DynamoDB Answer: 3 Explanation: Auto Scaling automatically responds to demand by adding or removing EC2 instances to ensure the right amount of compute capacity is available at any time Amazon ELB distributes incoming requests to EC2 instances. It can be used in conjunction with Auto Scaling AWS Elasticache provides in-memory cache and database services Amazon DynamoDB is a NoSQL database References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/elastic-load-balancing-and-auto-scaling/ Question 16 The AWS global infrastructure is composed of? (choose 2) 1. Regions 2. Clusters 3. Fault Zones 4. Availability Zones 5. IP subnets Answer: 1,4 Explanation: The AWS Global infrastructure is built around Regions and Availability Zones (AZs) A Region is a physical location in the world where AWS have multiple AZs AZs consist of one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-global-infrastructure/ Question 17 Which of the statements below is accurate regarding Amazon S3 buckets? (choose 2) 1. Bucket names must be unique regionally 2. Buckets are replicated globally 3. Bucket names must be unique globally 4. Buckets are region-specific 5. Buckets can contain other buckets Answer: 3,4 Explanation: S3 uses a universal (global) namespace, which means bucket names must be unique globally. However, you create the buckets in a region and the data never leaves that region unless explicitly configured to do so through cross-region replication (CRR) Objects within a bucket are replicated within a region across multiple AZs (except for the One-Zone IA class) You cannot create nested buckets References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-storage/ https://digitalcloud.training/certification-training/aws-solutions-architectassociate/storage/amazon-s3/ Question 18 Which AWS storage technology can be considered a "virtual hard disk in the cloud"? 1. Amazon Elastic File Storage (EFS) filesystem 2. Amazon Elastic Block Storage (EBS) volume 3. Amazon S3 object 4. Amazon Glacier archive Answer: 2 Explanation: An EBS volume is a block storage device that is most similar to a virtual hard disk in the cloud as when attached to an instance it appears as a local disk that can have an operating system installed on or be formatted and used for any other local storage purpose An EFS filesystem is mounted over the NFS protocol which is a file-level protocol. Therefore, it is a network filesystem not a virtual hard disk and cannot have an operating system installed or be formatted and used as a locally attached disk S3 is an object storage system and cannot be mounted and used as a virtual hard drive Glacier is an archiving solution where you can archive your S3 objects at extremely low cost References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-storage/ Question 19 Under the AWS shared responsibility model what is the customer responsible for? (choose 2) 1. Physical security of the data center 2. Replacement and disposal of disk drives 3. Configuration of security groups 4. Patch management of infrastructure 5. Encryption of customer data Answer: 3,5 Explanation: AWS are responsible for “Security of the Cloud” Customers are responsible for “Security in the Cloud” AWS are responsible for items such as the physical security of the DC, replacement of old disk drives, and patch management of the infrastructure Customers are responsible for items such as configuring security groups, network ACLs, patching their operating systems and encrypting their data References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-shared-responsibility-model/ Question 20 Which service records API activity on your account and delivers log files to an Amazon S3 bucket? 1. Amazon CloudWatch 2. Amazon S3 Event Notifications 3. Amazon CloudTrail 4. Amazon CloudWatch Logs Answer: 3 Explanation: AWS CloudTrail is a web service that records activity made on your account and delivers log files to an Amazon S3 bucket CloudTrail is for auditing (CloudWatch is for performance monitoring) S3 Event Notifications is a feature that notifies you when certain events happen in your S3 buckets, it does not record API activity at the account level Amazon CloudWatch Logs lets you monitor and troubleshoot your systems and applications using your existing system, application and custom log files References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/monitoring-and-logging-services/ Question 21 The IAM service can be used to manage which objects? (choose 2) 1. Security groups 2. Access policies 3. Roles 4. Network ACLs 5. Key pairs Answer: 2,3 Explanation: Access policies are objects that you attach to entities and resources to define their permissions Roles are created and then “assumed” by trusted entities and define a set of permissions for making AWS service requests Security groups and network ACLs are used as instance-level and subnet-level firewalls respectively Key pairs are created in EC2 and are used to login to EC2 instances. Don't confuse these with access keys and secret IDs which are used to grant programmatic access to resources References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/identity-and-access-management/ https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html Question 22 Which types of pricing policies does AWS offer? (choose 2) 1. Pay-as-you-go 2. Enterprise license agreement (ELA) 3. Non-peak hour discounts 4. Global usage discounts 5. Save when you reserve Answer: 1,5 Explanation: Amazon pricing includes options for pay-as-you-go, save when you reserve and pay less by using more Amazon does not offer ELAs, non-peak hour discounts, or global usage discounts References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-billing-and-pricing/ https://aws.amazon.com/pricing/ Question 23 Which tool enables you to visualize your usage patterns over time and to identify your underlying cost drivers? 1. AWS Simple Monthly Calculator 2. Total Cost of Ownership (TCO) Calculator 3. AWS Cost Explorer 4. AWS Budgets Answer: 3 Explanation: The AWS Cost Explorer is a free tool that allows you to view charts of your costs. You can view cost data for the past 13 months and forecast how much you are likely to spend over the next three months. Cost Explorer can be used to discover patterns in how much you spend on AWS resources over time and to identify cost problem area The TCO calculator is a free tool provided by AWS that allows you to estimate the cost savings of using the AWS Cloud vs. using an on-premised data center The AWS Simple Monthly Calculator helps customers and prospects estimate their monthly AWS bill more efficiently AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-billing-and-pricing/ https://aws.amazon.com/aws-cost-management/aws-budgets/ Question 24 What advantages do you get from using the AWS cloud? (choose 2) 1. Trade capital expense for variable expense 2. Stop guessing about capacity 3. Increased capital expenditure 4. Gain greater control of the infrastructure layer 5. Comply with all local security compliance programs Answer: 1,2 Explanation: The 6 advantages of cloud are: 1 Trade capital expense for variable expense 2 Benefit from massive economies of scale 3 Stop guessing about capacity 4 Increase speed and agility 5 Stop spending money running and maintaining data centres 6 Go global in minutes You do not gain greater control of the infrastructure layer as AWS largely control this, and though AWS is compliant with lots of security compliance programs, not all programs in all local countries will be included References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/cloud-computing-concepts/ Question 25 A company plans to create a hybrid cloud architecture. What technology will allow them to create a hybrid cloud? 1. VPC Peering 2. Internet Gateway 3. Direct Connect 4. Elastic Network Interface Answer: 3 Explanation: Direct Connect provides a low-latency, high bandwidth connection to connect customer on-premise environments with the AWS cloud which allows them to create a "hybrid" cloud architecture VPC peering is a way of allowing routing between VPCs in different AWS accounts An Internet Gateway is used to connect public subnets to the Internet (egress) An Elastic Network Interface (ENI) is a logical networking component in a VPC that represents a virtual network card References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-networking/ Question 26 Which service supports the resolution of public domain names to IP addresses or AWS resources? 1. Amazon Route 53 2. Amazon CloudFront 3. Amazon SNS 4. Hosted Zones Answer: 1 Explanation: Amazon Route 53 is a highly available and scalable Domain Name System (DNS) service A hosted zone is a collection of records for a specified domain in Route 53 CloudFront is a content delivery network (CDN) that allows you to store (cache) your content at “edge locations” located around the world Simple Notification Service is used to send notifications over multiple transport protocols References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/content-delivery-and-dns-services/ Question 27 What can you use to quickly connect your office securely to your Amazon VPC? 1. Route Table 2. Internet Gateway 3. Direct Connect 4. AWS managed VPN Answer: 4 Explanation: An AWS managed VPN can be used to quickly connect from an office to an Amazon VPC Direct Connect provides high-bandwidth, low-latency connectivity but takes weeks to months to setup (and is much more expensive) An Internet Gateway is used to connect a public subnet to the Internet (egress) A Route Table is part of a VPC and is used to control how traffic is routed within the VPC References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-networking/ Question 28 What is the scope of a VPC within a region? 1. Spans all Availability Zones within the region 2. Spans all Availability Zones globally 3. At least 2 subnets per region 4. At least 2 data centers per region Answer: 1 Explanation: A VPC spans all availability zones within a region VPCs do not span regions, you create VPCs in each region VPCs are not limited by subnets, subnets are created within AZs and you can have many subnets in an AZ An AZ uses one or more data centers. AWS does not publicize the details References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-networking/ Question 29 Which service can be used for building and integrating loosely-coupled, distributed applications? 1. Amazon EBS 2. Amazon SNS 3. Amazon EFS 4. Amazon RDS Answer: 2 Explanation: Amazon Simple Notification Service (Amazon SNS) is a web service that makes it easy to set up, operate, and send notifications from the cloud Amazon SNS is used for building and integrating loosely-coupled, distributed applications Amazon Elastic Block Storage (EBS) provides storage volumes for EC2 instances Amazon Elastic File System (EFS) provides an NFS filesystem for usage by EC2 instances Amazon Relational Database Service (RDS) provides a managed relational database service References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/notification-services/ Question 30 Which type of Amazon Elastic Load Balancer operates at layer 7 of the OSI model? 1. Application Load Balancer 2. Network Load Balancer 3. Classic Load Balancer 4. F5 Load Balancer Answer: 1 Explanation: Application Load Balancer (ALB) – layer 7 load balancer that routes connections based on the content of the request Network Load Balancer (NLB) – layer 4 load balancer that routes connections based on IP protocol data Classic Load Balancer (CLB) – this is the oldest of the three and provides basic load balancing at both layer 4 and layer 7 An F5 load balancer is not an Amazon load balancer References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/elastic-load-balancing-and-auto-scaling/ Question 31 Which services can help to automate a company's IT infrastructure? (choose 2) 1. Amazon CloudWatch Alarms 2. Amazon Route 53 3. AWS Lambda Scheduled Events 4. Virtual Private Cloud 5. Elastic Network Interface Answer: 1,3 Explanation: Amazon CloudWatch Alarms – You can create a CloudWatch alarm that sends an Amazon Simple Notification Service (Amazon SNS) message when a particular metric goes beyond a specified threshold for a specified number of periods AWS Lambda Scheduled events – These events allow you to create a Lambda function and direct AWS Lambda to execute it on a regular schedule Amazon Route 53 is a DNS service and does not offer automation A VPC is a logical networking construct and is not an example of automation An ENI is a logical network adapter and is not an example of automation References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/architecting-for-the-cloud/ Question 32 Which database service is a NoSQL type of database that is fully managed? 1. Amazon RDS 2. Amazon DynamoDB 3. Amazon RedShift 4. Amazon ElastiCache Answer: 2 Explanation: DynamoDB is Amazon’s fully managed non-relational database service Amazon RDS is a relational (SQL) type of database Amazon RedShift is a data warehouse that can be analyzed using SQL tools Elasticache is a data caching service that is used to help improve performance References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-databases/ Question 33 Which storage service allows you to connect multiple EC2 instances concurrently using filelevel protocols? 1. Amazon S3 2. Amazon EBS 3. Amazon EFS 4. Amazon Glacier Answer: 3 Explanation: Amazon Elastic File System allows you to connect hundreds or thousands of EC2 instances concurrently and is accessed using the file-level NFS protocol Amazon Elastic Block Storage provides block-level volumes to individual EC2 instances (cannot connect multiple instances to a single EBS volume) Amazon S3 is an object storage system and Glacier is used for archiving S3 objects References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-storage/ Question 34 For which services does Amazon not charge customers? (choose 2) 1. Amazon VPC 2. Amazon EBS 3. Amazon CloudFormation 4. Amazon S3 5. Amazon SNS Answer: 1,3 Explanation: Amazon VPC and CloudFormation are free of charge, however in the case of CloudFormation you pay for the resources it creates All other listed services are chargeable References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-billing-and-pricing/ Question 35 What architectural best practice aims to reduce the interdependencies between services? 1. Services, Not Servers 2. Removing Single Points of Failure 3. Automation 4. Loose Coupling Answer: 4 Explanation: As application complexity increases, a desirable attribute of an IT system is that it can be broken into smaller, loosely coupled components. This means that IT systems should be designed in a way that reduces interdependencies—a change or a failure in one component should not cascade to other components The concept of loos coupling includes "well-defined interfaces" which reduce interdependencies in a system by enabling interaction only through specific, technology-agnostic interfaces (e.g. RESTful APIs) References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/architecting-for-the-cloud/ Question 36 What is the most cost-effective support plan that should be selected to provide at least a 1- hour response time for a production system failure? 1. Basic 2. Developer 3. Business 4. Enterprise Answer: 3 Explanation: Basic does not provide any technical support Developer provides business hours access via email Business provides < 1-hour response times for a production system failure Enterprise provides < 1-hour response times for a production system failure but is a more expensive References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-billing-and-pricing/ Question 37 Which AWS database service supports complex queries and joins and is suitable for a transactional database deployment? 1. Amazon RDS 2. Amazon DynamoDB 3. Amazon RedShift 4. Amazon EMR Answer: 1 Explanation: Amazon RDS supports complex queries and joins and is suitable for a transactional database deployment Amazon DynamoDB is a NoSQL database and does not support to complex queries and joins Amazon RedShift is a data warehouse used for analytic not transactional databases Amazon EMR is a Hadoop service that is not suitable for transactional databases References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-databases/ Question 38 Under the shared responsibility model, what are examples of shared controls? (choose 2) 1. Patch management 2. Storage system patching 3. Physical and environmental 4. Configuration management 5. Service and Communications Protection Answer: 1,4 Explanation: Shared Controls– Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives Patch Management– AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications Configuration Management– AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications Service and Communications Protection is an example of a customer specific control Storage system patching is an AWS responsibility Physical and Environmental controls is an example of an inherited control (a customer fully inherits from AWS) References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-shared-responsibility-model/ Question 39 How can an organization compare the cost of running applications in an on-premise or colocation environment against the AWS cloud? 1. AWS Budgets 2. AWS Simple Monthly Calculator 3. TCO Calculator 4. AWS Cost Explorer Answer: 3 Explanation: The TCO calculator is a free tool provided by AWS that allows you to estimate the cost savings of using the AWS Cloud vs. using an on-premised data center The AWS Cost Explorer is a free tool that allows you to view charts of your costs. You can view cost data for the past 13 months and forecast how much you are likely to spend over the next three months. Cost Explorer can be used to discover patterns in how much you spend on AWS resources over time and to identify cost problem area The AWS Simple Monthly Calculator helps customers and prospects estimate their monthly AWS bill more efficiently AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-billing-and-pricing/ Question 40 What is the most cost-effective EC2 pricing option to use for a non-critical overnight workload? 1. On-Demand 2. Spot 3. Reserved Instance 4. Dedicated Host Answer: 2 Explanation: Spot instances are good for short term requirements as they can be very economical. Sometimes AWS may terminate your instance, e.g. when the market price exceeds your bid price. This is a good option for non-critical workloads that can be terminated On-Demand is not the most economical option Reserved instances are good for long-term, static requirements as you must lockin for 1 or 3 years in return for a decent discount Dedicated hosts provide a full server dedicated to a single customer and is therefore expensive References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-billing-and-pricing/ Question 41 Which service allows you to run code as functions without needing to provision or manage servers? 1. Amazon EC2 2. Amazon CodeDeploy 3. AWS Lambda 4. Amazon EKS Answer: 3 Explanation: AWS Lambda is a serverless computing technology that allows you to run code without provisioning or managing servers Lambda is a serverless computing technology that allows you to run code without provisioning or managing servers AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Lambda, and your on-premises servers Amazon Elastic Container Service for Kubernetes (Amazon EKS) is a managed service that makes it easy for you to run Kubernetes on AWS without needing to stand up or maintain your own Kubernetes control plane References: https://digitalcloud.training/certification-training/aws-certified-cloudpractitioner/aws-compute/ Question 42 What benefits does Amazon EC2 provide over using non-cloud servers? (choose 2) 1. Complete control of the hypervisor layer 2. Elastic web-scale computing 3. Inexpensive 4. Fault tolerance 5. High-availability with an SLA of 99.99% Answer: 2,3 Explanation: Elastic Web-Scale computing– you can increase or decrease capacity within minutes not hours and commission one to thousands of instances simultaneously Inexpensive – Amazon passes on the financial benefits of scale by charging very low rates and on a capacity consumed basis Amazon EC2 does not provide any control of the hypervisor or underlying hardware infrastructure Amazon does not offer fault tolerance for EC2, you need to design this into your application stack (and assume things will fail) EC2 offers a highly reliable environment where replacement instances can be rapidly and predictably commissioned with SLAs of 95% for each region [Show More]

Last updated: 1 year ago

Preview 1 out of 253 pages