3 0 / 1 point

Which option is a company’s responsibility when running Amazon RDS?

Operating system installation

Operating system patching

Application optimization

Database software patching

Correct
Application optimization
Answer:

4 1 / 1 point

Which scenario is a good fit for Amazon Redshift?

A company needs a database for managing unstructured data.

A company needs a relational database for a line of business transactional database.

A company needs a data warehouse to support analytics applications.

A company needs to store large volumes of mixed media image and video files.

5 1 / 1 point

How does AWS Trusted Advisor assist a company getting started with AWS?

Trusted Advisor provides recommendations for migrating on-premises resources to the

cloud.

Trusted Advisor prevents access to resources that have overly broad permissions.

Trusted Advisor provides recommendations on configuring your AWS resources.

Trusted Advisor automatically increases service limits (quotas) if you are near the limit.

6 1 / 1 point

A developer needs temporary block storage for cache data on an EC2 instance. Which option
should they choose?

Amazon Elastic File System (Amazon EFS)

 Amazon S3

Amazon Elastic Block Store (Amazon EBS)

EC2 instance store

7 1 / 1 point

Which scenario best describes a use case for Amazon Aurora?

A company needs a database to store semi-structured data.

A company needs a highly available PostgreSQL-compatible database.

A company wants to run an Oracle database in the cloud.

A company needs a data warehouse that can be queried using standard business
intelligence tools.

8 1 / 1 point

What role do security groups play in managing access to EC2 instances?

Security groups define the identity and access management (IAM) roles that can access an
instance.

Security groups control inbound access to the subnet that an EC2 is associated with.

Security groups provide a set of rules to control traffic to or from an instance.

Security groups identify the public and private key required to connect to an EC2
instance.

9 1 / 1 point

How does the AWS Billing Dashboard help companies analyze their AWS usage to find
potential cost-saving opportunities?

The billing dashboard lists the costs incurred over the past month by service, by AWS
Region, and by linked accounts.

The billing dashboard shows the pricing models for all of the AWS services that are used
in your account and where your usage falls in the free tier.

The billing dashboard lists all AWS accounts with activity in the previous 6 months and a
summary of spending for each account.
 The billing dashboard shows the status of the month-to-date AWS expenditure
and the AWS services that account for the majority of the overall expenditure.

10 1 / 1 point

Which scenario is a good fit for Amazon Elastic File System (Amazon EFS) storage?

A company wants to host a website.

A company needs temporary file storage for its application running on EC2.

A company wants to build a petabyte-sized data lake for analytics.

A company needs to give all EC2 instances in its VPC read and write access to a
network file system (NFS).

11 1 / 1 point

Which statement accurately describes how auto scaling is used?

The size of an auto scaling group will scale up and down automatically based on its
configuration and the number of instances can’t be manually adjusted.

Auto scaling is useful for dynamic, unpredictable workloads but doesn’t add much value
for predictable workloads.

Auto scaling is useful for predictable workloads.

Auto scaling allows an application to automatically add resources, but it can’t

automatically scale them back down.

12 1 / 1 point

Which statement describes the business perspective of the AWS Cloud Adoption
Framework?

Stakeholders can create a strong business case for cloud adoption and prioritize
cloud adoption initiatives.

Stakeholders can evaluate organizational structures and roles, new skill and process
requirements, and identify gaps.

Stakeholders can focus on the skills and processes that are needed to align IT strategy and
goals with business strategy and goals.
 Stakeholders can use architectural dimensions and models to understand and
communicate the nature of IT systems and their relationships.

13 1 / 1 point

Which statement accurately describes how customers can use AWS Support?

Customers are assigned a Technical Account Manager (TAM) for all AWS Support plans.

Customers must choose one of three support plans: Basic Support, Business Support, and
Enterprise Support.

Customers should contact their Support Concierge to provide quick and efficient
technical support.

Customers can get AWS Support for both experimental non-production accounts
and for business-critical production accounts.

14 1 / 1 point

Which of the following statements about how a company would use AWS Organizations are
accurate?
A company can only manage AWS Organizations through the AWS Management Console.

A company can consolidate and centrally manage multiple AWS accounts.

A company can use AWS Organizations to create security groups that control access to
resources.
A company can use AWS Organizations’ consolidated identity and access management
(IAM) feature to replace the existing IAM system for an individual account.

A company can benefit from volume discounts from consolidated billing.

15 1 / 1 point

A network administrator wants to configure a public subnet and route incoming and outgoing
traffic to and from an EC2 instance in the public subnet to the public internet. Which virtual
private cloud (VPC) feature should they use?

A network address translation (NAT) gateway

A network access control list (ACL)

VPC sharing

An internet gateway
16 1 / 1 point

How is Elastic Load Balancing (ELB) used with Amazon EC2 Auto Scaling?

ELB performs health checks on new EC2 instances that are added to the Amazon
EC2 Auto Scaling group.

ELB triggers an Auto Scaling event when a threshold is reached.

ELB automatically adds new instances to the Auto Scaling group when the load reaches a
predetermined limit.

ELB distributes traffic between EC2 instances in an Auto Scaling group.

ELB establishes the minimum and maximum number of instances in the Amazon EC2
Auto Scaling group.

17 0.5 / 1 point

Which of the following statements about securing data in transit are true?
Transport layer security (TLS) is a proprietary protocol that’s used to secure traffic
between AWS VPCs.

Transport layer security (TLS) certificates can be managed using AWS Certificate
Manager (ACM).

Data moving between AWS services is encrypted using transport layer security (TLS) and
AWS Key Management Service (AWS KMS).

Transport layer security (TLS) provides encryption of data in transit.

Web traffic that runs over HTTP is encrypted using transport layer security (TLS).

Selected Answer - Incorrect

18 1 / 1 point

What type of alert might be provided by AWS Trusted Advisor?

An alert of unauthorized access in an AWS account.

An alert that an IAM user has requested service quota changes.

An alert that multi-factor authentication (MFA) isn’t activated on an AWS

account.
 An alert of unusual API calls made in an AWS account.

19 1 / 1 point

A company needs to store billions of low-volume daily events that will be used for analytics.
Which storage option best fits this use case?

Amazon Elastic Block Storage (Amazon EBS)

Amazon Elastic Container Service (Amazon ECS)

Amazon S3

EC2 instance store

20 1 / 1 point

What is the relationship between AWS Regions, Availability Zones, and data centers?

A set of data centers in a geographical area creates a Region. Availability Zones are
connections between Regions.

Each Region has a set of data centers. Each data center maps to one Availability Zone.

Each Availability Zone includes data centers. Each data center in an Availability Zone is
located in a different geographical Region.

Each Region has locations called Availability Zones. Each Availability Zone has
data centers.

21 1 / 1 point

A company needs to run a short script each time a new item is added to an Amazon S3 bucket.
Which compute option meets the need with the least amount of resource provisioning?

Write a batch job to run the script on all new items overnight when there’s less
competition for resources. Run the batch job on spot instances.

Set up the script to run in a container, and deploy the container on Amazon Elastic
Container Service (Amazon ECS).

Create an AWS Lambda function to run the script whenever a new item is added
to the bucket.

Set up a small EC2 instance that runs code to check for new uploads to the bucket and
runs the script.
22 1 / 1 point

A developer is testing a prototype on EC2. The instances are terminated after testing, but the
application requires uninterrupted compute while processing. Which type of EC2 instance
pricing meets the need at the lowest cost?

Scheduled reserved instance

Spot instance

Reserved instance

On-demand instance

23 1 / 1 point

Which of the following factors are considered in calculating the total cost of ownership (TCO)
for the AWS Cloud?

The amount of storage that needs to be migrated to the cloud.

The number of roles that need to be migrated to the cloud.

The number of users that need to be migrated to the cloud.
The number of groups that need to be migrated to the cloud.

The number of servers that need to be migrated to the cloud.

24 1 / 1 point

Which statement accurately describes AWS pricing?

Volume-based discounts are available when usage increases (on some services).

Companies can reserve capacity on some services, but it doesn’t impact the cost.

Companies must sign a long-term contract to be able to pay only for what they use.

Outbound data transfers aren’t charged.

25 1 / 1 point

Which statement about AWS Auto Scaling is true?

You can use either Amazon EC2 Auto Scaling or AWS Auto Scaling, but not both.
 AWS Auto Scaling and Amazon EC2 Auto Scaling are synonymous.

AWS Auto Scaling can be used to automatically scale Amazon RDS databases.

AWS Auto Scaling can be used to automatically scale Amazon DynamoDB tables
and indexes.

26 1 / 1 point

Which statement about AWS storage services is accurate?

To access an Amazon Elastic File System (Amazon EFS), the file system must be
mounted on an Amazon EC2 instance in your VPC.

EC2 instance store is a good choice for running big data processing and analytics.

Amazon Elastic Block Storage (Amazon EBS) volumes provide temporary block storage to
EC2, but don’t persist when the EC2 instance is stopped.

EC2 instance store provides durable storage for the EC2 instance it’s attached to but isn’t
available to other EC2 instances.

27 1 / 1 point

Which IT requirement would lead an architect to choose an infrastructure as a service (IaaS)

cloud service model?

A company wants to maintain the highest level of flexibility over its IT resources.

A company wants to use a web-based email solution.

A company wants to run a managed instance for the marketplace.

A company wants to maintain control of its applications but avoid maintaining servers and
operating systems.

28 1 / 1 point

Which statement reflects a design principle of the Reliability pillar of the AWS Well-
Architected Framework?

Limit automation when updating infrastructure.

Do not deploy code to production until you’re certain it can’t fail.

Replace one large resource with multiple, smaller resources, and distribute
requests across these smaller resources.
 Scale vertically to the largest instance types that your budget allows based on your best
guess of capacity.

29 1 / 1 point

A company wants complete control over its server’s configurations, operating system (OS),
and the application software stack. Which AWS compute service should they choose?

Amazon EC2

Amazon RDS

AWS Lambda

Amazon Elastic Container Service (Amazon ECS)

30 1 / 1 point

An AWS account administrator wants to grant temporary cross-account access that allows
external users access to specific resources within their own account. Which action would
align with the best practice of using temporary sessions?

Create a new IAM user account for each user that needs access.

Create an identity and access management (IAM) role that can be assumed by
external users and grant it permissions to the specific resources.

Create an IAM policy that grants external users access to the specific resources.

Create an IAM group, grant resource permissions to the group, then add IAM users to the
group.

31 1 / 1 point

Which statement about AWS Regions is true?

Data stored in an AWS Region isn’t subject to geographical compliance requirements.

All available Regions are enabled by default in an AWS account.

Using a Region as close as possible to users can reduce latency.

All AWS accounts can access all AWS Regions.

32 1 / 1 point
 Which of the following statements about identity and access management (IAM) policies are
accurate?
Resource-based policies are attached to a user, group, or role.

Identity-based policies are attached to a user, group, or role.

Resource-based policies allow access by default.

Access control lists (ACLs) are a form of resource-based policies.

Identity-based policies can only be attached to a single entity.

33 1 / 1 point

How do economies of scale help customers moving to cloud computing from on-premises
computing?

Customers have full control of their infrastructure.

Customers can achieve lower variable costs and scale infrastructure beyond
what’s possible on-premises.

Customers can deploy resources globally.

Customers can scale servers horizontally.

34 1 / 1 point

Which statement about edge locations is true?

Regional edge caches are used to cache data that’s frequently updated and must be
refreshed continuously.

AWS points of presence provide two to three edge locations per Region.

The AWS global network includes a large number of Regional edge caches and a smaller
number of edge locations to deliver content to users.

Amazon CloudFront uses edge locations and Regional edge caches to deliver
content with lower latency.

35 0 / 1 point

Which statement describes high availability?

A measure of the total time in service divided by the number of failures.

 A system can provide its expected functionality when desired by a user.
Correct
A system can withstand some measure of degradation without going down.
Answer:

The probability that your entire system will function as intended for a specified period.

A system can withstand some measure of degradation without going down.

36 0 / 1 point

A company uploads PDF forms to Amazon S3 that must be retained for 1 year. The forms are
rarely accessed after 1 week but must be available within 1 day when they’re requested.
What lifecycle policy is the most cost-effective for their needs?

Move objects from Amazon S3 Standard to Amazon S3 Glacier after 7 days. Delete them
after 365 days.

Move objects from Amazon S3 Standard to Amazon S3 One Zone-Infrequent

Access after 7 days. Delete the objects after 365 days.
Correct Move objects from Amazon S3 Standard to Amazon S3 Glacier after 7 days. Delete them
Answer: after 365 days.

Move objects from Amazon S3 Infrequent Access to Amazon Standard after 1 week.

Move objects from Amazon S3 Standard to Amazon Infrequent Access after 7 days.

37 1 / 1 point

Which of the following pieces of information MUST be configured for the EC2 instances that
will be part of an Auto Scaling group?
Network access control list (ACL)

ID of an Amazon Machine Image (AMI)

Auto Scaling group metrics

EC2 instance type

Storage volume

38 1 / 1 point

A network administrator wants to run their e-commerce web application on a virtual private
cloud (VPC). Which of the following steps is part of setting up the VPC?
Delete the local route in the route table.
Create the main route table.
 Attach the VPC to a security group.

Create private and public subnets.

Specify the range of IP addresses for the VPC.

39 1 / 1 point

A company needs to store long-lived data. They need the data to be available immediately, but
access patterns are unpredictable. Which Amazon S3 storage class would be most cost-
effective?

Amazon S3 One Zone-Infrequent Access

Amazon S3 Standard

Amazon S3 Glacier

Amazon S3 Intelligent-Tiering

40 1 / 1 point

Which scenario describes a good use case for Amazon S3 Standard storage?

Share an NFS file system.

Act as an EC2 instance store.

Host website images.

Run a relational database.

41 1 / 1 point

Which statement about Amazon S3 Glacier security is accurate?

Access to Amazon S3 Glacier can be managed using IAM policies.

For all operations and interactions with Amazon S3 Glacier, you can use the AWS
Management Console.

The data in Amazon S3 Glacier is public by default.

 Applications encryption must be initiated on objects archived to Amazon S3 Glacier
either using the console or programmatically.

42 1 / 1 point

A cloud practitioner wants to visualize their AWS costs per EC2 instance type for the past 3
months. Which AWS tool or feature should they use?

AWS Pricing Calculator

AWS Cost Explorer

AWS Budgets

AWS Bills page

43 1 / 1 point

Which scenario describes a use case for AWS CloudTrail?

An account administrator wants the ability to track user activity on their account.

A developer wants to control user logins to their website.

An account administrator wants to centrally control access permissions for groups of

accounts.

A systems administrator wants to protect their web application from denial of service
attacks.

44 0 / 1 point

Which option describes a capability of Amazon Virtual Private Clouds (VPCs)?

Can have its address range changed as desired after creation

Can be configured as a physically isolated section of the AWS Cloud

Correct
Can span Availability Zones
Answer:

Can span Availability Zones

Can belong to multiple AWS Regions

45 1 / 1 point
 A company must produce reports of any changes to its EC2 instance settings. Which AWS
service should they use?

AWS Artifact

AWS CloudTrail

Amazon CloudWatch

AWS Config

46 1 / 1 point

For which type of use case is it usually OK to have 2 9s of availability (99%)?

Internet of Things (IoT) applications

Batch processing

Online commerce

ATM transactions

47 1 / 1 point

Which statement is an advantage of the platform as a service (PaaS) cloud service model?

PaaS provides the greatest level of control over IT resources.

PaaS avoids the need to manage operating systems.

PaaS is the most similar to traditional on-premises models for IT resources.

PaaS reduces the need to handle application deployments.

48 1 / 1 point

Which statement reflects a design principle of the Security pillar of the AWS Well-
Architected Framework?

Apply security at all layers of an architecture.

Decentralize privilege management.

Do not deploy a solution to production until you are certain that there are no security
risks.
 Ensure that staff are actively monitoring potential risks manually.

49 1 / 1 point

Which of the following are advantages of cloud computing for a company moving from a
traditional on-premises computing model?
IT teams can make capacity decisions before deploying applications so that they always
have excess capacity.

The company can focus less on infrastructure and focus more on differentiating
the business.

Resources can be created, scaled up, scaled down, or destroyed based on

demand.

The company can invest in more capital (fixed) expenses and reduce their variable
expenses.
All on-premises server licenses can be easily transferred and managed centrally in the
cloud.

50 1 / 1 point

Which scenario should be addressed with a network load balancer?

A solution must load balance incoming gRPC requests.

A solution must support routing traffic to a containerized application based on the

contents of incoming requests.

A solution must route traffic at the Open Systems Interconnection (OSI) model layer 7.

A solution must load balance millions of requests per second while maintaining
low latency.

51 1 / 1 point

Which statement about Amazon Elastic Block Storage (Amazon EBS) is true?

Amazon EBS volumes are automatically replicated across multiple Availability Zones.

EBS volumes cannot be resized.

Amazon EBS volumes persist independently from the EC2 instance to which they
are attached.

Amazon EBS volumes aren’t recommended for storage that requires frequent updating.
52 1 / 1 point

A company has an application running on two EC2 instances. They want to reduce idle EC2
capacity. The application load is difficult to forecast, and they want to keep the CPU utilization
close to 40% on all instances. Which type of Amazon EC2 Auto Scaling should they use?

Predictive scaling

Dynamic scaling

Scheduled scaling

Manual scaling

53 1 / 1 point

What is an attribute in a DynamoDB table?

A data element that is shared by all items in a table

A key that uniquely identifies a set of data elements

A set of related data

A data element that doesn’t need to be broken down further

54 1 / 1 point

How does cloud computing improve a company’s ability to provision resources to meet
capacity demands compared to on-premises computing?

Cloud resources can experience peaks and valleys in usage.

Cloud resources can be locked down to the resource level.

Cloud resources can scale up or down based on demand.

Cloud resources can be cost forecasted.

55 1 / 1 point

Which requirement suggests configuring Amazon Route 53 with latency routing?

A company wants to route traffic to only locations where they have distribution rights.
 A company wants to route traffic to the Region that provides the fastest
experience based on performance measurements.

A company wants to perform A/B testing and route traffic to different locations based on
a percentage of traffic.

A company wants to detect website outages and automatically redirect customers to a

healthy location.

56 1 / 1 point

A developer wants to use Amazon Elastic Block Store (Amazon EBS) for their application.
What action should they take?

Attach the Amazon EBS Volume to multiple Amazon EC2 instances in multiple Availability
Zones.

Replicate the Amazon EBS volume in a different Availability Zone.

Back up the Amazon EBS volume using Snapshots.

Attach the Amazon EBS volume to an Amazon EC2 instance.

57 1 / 1 point

Which feature of Amazon RDS should a company configure to enable high availability?

Provisioned IOPS storage

Multi-AZ deployment

VPC deployment

Encryption with AWS Key Management Service keys

58 1 / 1 point

Which configuration represents a valid use of security groups in a virtual private cloud (VPC)?

Set a deny rule that prevents access to the subnet from the public internet.

Limit inbound access to the private subnet of the VPC.

Set a deny rule that prevents outbound traffic from an EC2 instance in a VPC.
 Limit outbound traffic from an EC2 instance in the VPC to a specific database
server.

59 1 / 1 point

Which of the following statements about responsibility are accurate based on the AWS
shared responsibility model?

Customers are responsible for managing their user data.

AWS is responsible for the configuration of security groups.

AWS is responsible for deciding what data to encrypt in customers’ Amazon S3 buckets.

AWS is responsible for the physical security of data centers.

Customers are responsible for the installation, maintenance, and decommissioning of the
hardware that they use in the AWS data center.

60 1 / 1 point

A company has an e-commerce site that requires storage and retrieval of unstructured
customer metadata to support one of its microservices. Which database option is best suited
to store this data?

Amazon RDS

Amazon Redshift

Amazon DynamoDB

Amazon Aurora