OM SRI SAI RAM

TOTAL Q & A : 222

TOTAL EXAMS : 10

EXAM 1

What credentials are required for an IAM user to access AWS services using the
AWS Command Line Interface (AWS CLI)?
Access keys
1 User ID
2 User name and password
3 Secret token.
Answer : Access keys

2 . You work as an on-premises MySQL DBA. The work of database

configuration, backups, patching, and DR can be time-consuming and
repetitive. Your company has decided to migrate to the AWS Cloud. Which of
the following can help save time on database maintenance so you can focus
on data architecture and performance?
 Amazon RDS
 Amazon CloudWatch
 Amazon Redshift
 Amazon DynamoDB

Answer : Amazon RDS

3. What is the AWS database service that allows you to upload data
structured in key-value format?
 Amazon Aurora
 Amazon DynamoDB
 Amazon Redshift
 Amazon RDS

Answer : Amazon DynamoDB

4. A company is deploying a new two-tier web application in AWS. Where

should the most frequently accessed data be stored so that the application’s
response time is optimal?
 AWS Storage Gateway
 Amazon EBS volume
 AWS OpsWorks
 Amazon ElastiCache

Answer : Amazon ElastiCache.

5 . A company is concerned that they are spending money on underutilized

compute resources in AWS. Which AWS feature will help ensure that their
applications are automatically adding/removing EC2 compute capacity to
closely match the required demand?
 AWS Cost Explorer
 AWS Budgets
 AWS Elastic Load Balancer
 AWS Auto Scaling
Answer : AWS Auto Scaling

6 . A company has decided to migrate its Oracle database to AWS. Which

AWS service can help achieve this without negatively impacting the
functionality of the source database?
 AWS Application Migration Service
 AWS OpsWorks
 AWS Database Migration Service
 AWS Application Discovery Service

Answer : AWS Database Migration Service

7. What is the advantage of the AWS-recommended practice of “decoupling“

applications?
 Reduces inter-dependencies so that failures do not impact other
components of the application
 Allows treating an application as a single, cohesive unit
 Allows updates of any monolithic application quickly and easily
 Allows tracking of any API call made to any AWS service

Answer : Reduces inter-dependencies so that failures do not impact other

components of the application
8 . A global company with a large number of AWS accounts is seeking a way
in which they can centrally manage billing and security policies across all
accounts. Which AWS Service will assist them in meeting these goals?
 AWS Config
 IAM User Groups
 AWS Organizations
 AWS Trusted Advisor

Answer : AWS Organizations

9. Which service provides DNS in the AWS cloud?

 Route 53
 AWS Config
 Amazon CloudFront
 Amazon EMR

Answer : Route 53

10 . A company has an AWS Enterprise Support plan. They want quick and
efficient guidance with their billing and account inquiries. Which of the
following should the company use?
 AWS Support Concierge
 AWS Operations Support
 AWS Health Dashboard
  AWS Customer Service

Answer : AWS Support Concierge

11 . Which of the following does NOT belong to the AWS Cloud Computing
models?
 Networking as a Service (NaaS)
 Software as a Service (SaaS)
 Platform as a Service (PaaS)
 Infrastructure as a Service (IaaS)

Answer : Networking as a Service (NaaS)

12 . Your company has a data store application that requires access to a

NoSQL database. Which AWS database offering would meet this
requirement?
 Amazon Aurora
 Amazon Redshift
 Amazon Elastic Block Store
 Amazon DynamoDB

Answer : Amazon DynamoDB

13 . In the AWS Shared responsibility Model, which of the following are the
responsibility of the customer? (Choose TWO)
 Patching the Network infrastructure
 Controlling physical access to compute resources
 Configuring network access rules
 Disk disposal
 Setting password complexity rules

Answer :
 Configuring network access rules
 Setting password complexity rules

14 . You are working on a project that involves creating thumbnails of millions

of images. Consistent uptime is not an issue, and continuous processing is not
required. Which EC2 buying option would be the most cost-effective?
 Spot Instances
 On-demand Instances
 Reserved Instances
 Dedicated Instances

Answer : Spot Instances

15 . Which of the following is an example of horizontal scaling in the
AWS Cloud?
 Adding more RAM capacity to an EC2 instance
 Replacing an existing EC2 instance with a larger, more powerful one
 Increasing the compute capacity of a single EC2 instance to address the
growing demands of an application
 Adding more EC2 instances of the same size to handle an increase in
traffic

Answer : Adding more EC2 instances of the same size to handle an increase
in traffic

16 . How can you view the distribution of AWS spending in one of your AWS
accounts?
 By using Amazon VPC console
 By contacting the AWS Support team
 By using AWS Cost Explorer
 By contacting the AWS Finance team

Answer : By using AWS Cost Explorer

17 . What is the AWS service that enables AWS architects to manage

infrastructure as code?
 AWS CloudFormation
 Amazon SES
 AWS Config
  Amazon EMR

Answer : AWS CloudFormation

18. What does Amazon CloudFront use to distribute content to global users
with low latency?
 AWS Global Accelerator
 AWS Regions
 AWS Edge Locations
 AWS Availability Zones
Answer : AWS Edge Locations

19 . In your on-premises environment, you can create as many virtual servers

as you need from a single template. What can you use to perform the same in
AWS?
 AMI
 An internet gateway
 IAM
 EBS Snapshot

Answer : AMI

20 . What is the AWS tool that enables you to use scripts to manage all AWS
services and resources?
 AWS Console
 AWS CLI
  AWS Service Catalog
 AWS OpsWorks

Answer : AWS CLI

21 . What is the AWS service that performs automated network assessments

of Amazon EC2 instances to check for vulnerabilities?
 Amazon Kinesis
 Amazon Inspector
 Security groups
 AWS Network Access Control Lists

Answer : Amazon Inspector

22 . What are the AWS services\features that can help you maintain a highly
available and fault-tolerant architecture in AWS? (Choose TWO)
 CloudFormation
 Elastic Load Balancer
 Network ACLs
 AWS Direct Connect
 Amazon EC2 Auto Scaling

Answer : Elastic Load Balancer AND Amazon EC2 Auto Scaling

23 . Amazon S3 Glacier Flexible Retrieval is an Amazon S3 storage class that is
suitable for storing ____________ & ______________. (Choose TWO)
 Active archives
 Dynamic websites’ assets
 Long-term analytic data
 Active databases
 Cached data

 Answer : Active archives AND Long-term analytic data

24 . A company has deployed a new web application on multiple Amazon EC2

instances. Which of the following should they use to ensure that the
incoming HTTP traffic is distributed evenly across the instances?
 AWS Application Load Balancer
 AWS Gateway Load Balancer
 AWS Network Load Balancer
 AWS Auto Scaling

ANSWER : AWS Application Load Balancer

25 . What are the change management tools that helps AWS customers audit
and monitor all resource changes in their AWS environment? (Choose TWO)
 Amazon Comprehend
 AWS Transit Gateway
 AWS X-Ray
 AWS Config
  AWS CloudTrail

 ANSWER : AWS Config AND AWS CloudTrail

26 . What is the AWS data warehouse service that supports a high level of
query performance on large amounts of datasets?
 Amazon RDS
 Amazon Kinesis
 Amazon DynamoDB
 Amazon Redshift

ANSWER : Amazon Redshift

27 . Savings Plans are available for which of the following AWS compute
services? (Choose TWO)
 AWS Lambda
 AWS Outposts
 Amazon EC2
 AWS Batch
 Amazon Lightsail

ANSWER : AWS Lambda Amazon EC2

28 . A company has a large amount of structured data stored in their on-
premises data center. They are planning to migrate all the data to AWS, what
is the most appropriate AWS database option?
 Amazon RDS
 Amazon DynamoDB
 Amazon ElastiCache
 Amazon SNS

ANSWER : AMAZON RDS

29 . Your application has recently experienced significant global growth, and

international users are complaining of high latency. What is the AWS
characteristic that can help improve your international users’ experience?
 Data durability
 Elasticity
 Global reach
 High availability

ANSWER : Global reach

 EXAM 2

1. Which of the following is NOT a characteristic of Amazon Elastic

Compute Cloud (Amazon EC2)?
 Amazon EC2 offers scalable computing
 Amazon EC2 eliminates the need to invest in hardware upfront
 Amazon EC2 is considered a Serverless Web Service
 Amazon EC2 can launch as many or as few virtual servers as needed

ANSWER : Amazon EC2 is considered a Serverless Web Service

2 . How do ELBs improve the reliability of your application?

 By replicating data to multiple availability zones
 By creating database Read Replicas
 By ensuring that only healthy targets receive traffic
 By distributing traffic across multiple S3 buckets

ANSWER : By ensuring that only healthy targets receive traffic

3 . Which support plan includes AWS Support Concierge Service?

 Business Support
 Standard Support
 Premium Support
 Enterprise Support
ANSWER : Enterprise Support

4 . Both AWS and traditional IT distributors provide a wide range of virtual

servers to meet their customers’ requirements. What is the name of these
virtual servers in AWS?
 AWS Managed Servers
 Amazon EBS Snapshots
 Amazon EC2 Instances
 Amazon Virtual Private Cloud

ANSWER : Amazon EC2 Instances

5 . What is the benefit of using an API to access AWS Services?

 It allows for programmatic management of AWS resources
 It improves the performance of AWS resources
 It reduces the number of developers necessary
 It reduces the time needed to provision AWS resources

ANSWER : It allows for programmatic management of AWS resources

6 . A company needs to track resource changes using the API call history.
Which AWS service can help the company achieve this goal?
  AWS Config
 Amazon CloudWatch
 AWS CloudTrail
 AWS CloudFormation

ANSWER : AWS CloudTrail

7 . A company has hundreds of VPCs in multiple AWS Regions worldwide.

What service does AWS offer to simplify the connection management among
the VPCs?
 AWS Transit Gateway
 AWS PrivateLink
 Amazon Connect
 VPC Peering

ANSWER : AWS Transit Gateway

8 . A company needs to migrate their website from on-premises to AWS.

Security is a major concern for them, so they need to host their website on
hardware that is NOT shared with other AWS customers. Which of the
following EC2 instance options meets this requirement?
 On-demand instances
 Reserved instances
 Spot instances
 Dedicated instances
ANSWER : Dedicated instances
9 . A company plans to migrate a large amount of archived data to AWS. The
archived data must be maintained for a period of 5 years and must be
retrievable within 5 hours of a request. What is the most cost-effective AWS
storage service to use?
 Amazon EBS Infrequent Access
 Amazon EFS Infrequent Access
 Amazon S3 Standard
 Amazon S3 Glacier Flexible Retrieval
ANSWER : Amazon S3 Glacier Flexible Retrieval

10 . Which AWS Service provides the current status of all AWS Services in all
AWS Regions?
 Amazon Rekognition
 AWS Management Console
 AWS Health Dashboard
 Amazon CloudWatch

ANSWER : AWS Health Dashboard

11 . Which of the following is used to control network traffic in AWS?

(Choose TWO)
 IAM Policies
 Security Groups
 Key Pairs
 Access Keys
 Network Access Control Lists (NACLs)
ANSWER : Security Groups AND Network Access Control Lists (NACLs)

12 . What is the AWS’ recommendation regarding access keys?

 Delete all access keys and use passwords instead
 Rotate them regularly
 Save them within your application code
 Only share them with trusted people

ANSWER : Rotate them regularly

13 . Which of the following can be used to protect data at rest on Amazon S3?
(Choose TWO)
 Conversion
 Decryption
 Versioning
 Deduplication
 Permissions

ANSWER : Versioning AND Permissions

14 . Why does every AWS Region contain multiple Availability Zones?

 Multiple Availability Zones results in lower total cost compared to
deploying in a single Availability Zone
  Multiple Availability Zones within a region increases the storage
capacity available in that region
 Multiple Availability Zones allows for data replication and global reach
 Multiple Availability Zones allows you to build resilient and highly
available architectures

ANSWER : Multiple Availability Zones allows you to build resilient and

highly available architectures

15 . A company is seeking to deploy an existing .NET application onto AWS as

quickly as possible. Which AWS Service should the customer use to achieve
this goal?
 AWS Amplify
 AWS Systems Manager
 AWS Trusted Advisor
 AWS Elastic Beanstalk

ANSWER : AWS Elastic Beanstalk

16 . What is the AWS Support feature that allows customers to manage

support cases programmatically?
 AWS Support API
 AWS Trusted Advisor
 AWS Health Dashboard
 AWS Operations Support

ANSWER : AWS Support API

17 . A company is using EC2 Instances to run their e-commerce site on the
AWS platform. If the site becomes unavailable, the company will lose a
significant amount of money for each minute the site is unavailable. Which
design principle should the company use to minimize the risk of an outage?

 Fault Tolerance
 Pilot Light
 Multi-threading
 Least Privilege

ANSWER : Fault Tolerance

18. Which features are included in the AWS Business Support Plan? (Choose
TWO)
 Partial access to the core Trusted Advisor checks
 24x7 access to the TAM feature
 Access to Cloud Support Engineers via email only during business
hours
 Access to the Infrastructure Event Management (IEM) feature for
additional fee
 24x7 access to customer service

ANSWER :
 Access to the Infrastructure Event Management (IEM) feature for
additional fee
AND
 24x7 access to customer service

19 . A customer is seeking to store objects in their AWS environment and to

make those objects downloadable over the internet. Which AWS Service can
be used to accomplish this?

 Amazon EBS
 Amazon Instance Store
 Amazon S3
 Amazon EFS

ANSWER : Amazon S3

20 . Which of the following are examples of the customer’s responsibility to

implement “security IN the cloud”? (Choose TWO)
 Replacing physical hardware
 Creating a new hypervisor
 File system encryption
 Patch management of the underlying infrastructure
 Building a schema for an application

ANSWER : File system encryption AND Building a schema for an

application
 EXAM 3

1. Which of the following is NOT a characteristic of Amazon Elastic

Compute Cloud (Amazon EC2)?
 Amazon EC2 offers scalable computing
 Amazon EC2 eliminates the need to invest in hardware upfront
 Amazon EC2 is considered a Serverless Web Service
 Amazon EC2 can launch as many or as few virtual servers as needed

ANSWER : Amazon EC2 is considered a Serverless Web Service

2 . How do ELBs improve the reliability of your application?

 By replicating data to multiple availability zones
 By creating database Read Replicas
 By ensuring that only healthy targets receive traffic
 By distributing traffic across multiple S3 buckets

ANSWER : By ensuring that only healthy targets receive traffic

3 . Which support plan includes AWS Support Concierge Service?

 Business Support
 Standard Support
 Premium Support
 Enterprise Support
ANSWER : Enterprise Support

4 . Both AWS and traditional IT distributors provide a wide range of virtual

servers to meet their customers’ requirements. What is the name of these
virtual servers in AWS?
 AWS Managed Servers
 Amazon EBS Snapshots
 Amazon EC2 Instances
 Amazon Virtual Private Cloud

ANSWER : Amazon EC2 Instances

5 . What is the benefit of using an API to access AWS Services?

 It allows for programmatic management of AWS resources
 It improves the performance of AWS resources
 It reduces the number of developers necessary
 It reduces the time needed to provision AWS resources

ANSWER : It allows for programmatic management of AWS resources

6 . A company needs to track resource changes using the API call history.
Which AWS service can help the company achieve this goal?
  AWS Config
 Amazon CloudWatch
 AWS CloudTrail
 AWS CloudFormation

ANSWER : AWS CloudTrail

7 . A company has hundreds of VPCs in multiple AWS Regions worldwide.

What service does AWS offer to simplify the connection management among
the VPCs?
 AWS Transit Gateway
 AWS PrivateLink
 Amazon Connect
 VPC Peering
ANSWER : AWS Transit Gateway

8 . A company needs to migrate their website from on-premises to AWS.

Security is a major concern for them, so they need to host their website on
hardware that is NOT shared with other AWS customers. Which of the
following EC2 instance options meets this requirement?
 On-demand instances
 Reserved instances
 Spot instances
 Dedicated instances

ANSWER : Dedicated instances

9. A company plans to migrate a large amount of archived data to AWS. The
archived data must be maintained for a period of 5 years and must be
retrievable within 5 hours of a request. What is the most cost-effective AWS
storage service to use?
 Amazon EBS Infrequent Access
 Amazon EFS Infrequent Access
 Amazon S3 Standard
 Amazon S3 Glacier Flexible Retrieval

ANSWER : Amazon S3 Glacier Flexible Retrieval

10 . Which AWS Service provides the current status of all AWS Services in all
AWS Regions?
 Amazon Rekognition
 AWS Management Console
 AWS Health Dashboard
 Amazon CloudWatch

ANSWER : AWS Health Dashboard

11 . Which of the following is used to control network traffic in AWS?

(Choose TWO)
 IAM Policies
 Security Groups
 Key Pairs
 Access Keys
 Network Access Control Lists (NACLs)
ANSWER : Security Groups AND Network Access Control Lists (NACLs)

12 . What is the AWS’ recommendation regarding access keys?

 Delete all access keys and use passwords instead
 Rotate them regularly
 Save them within your application code
 Only share them with trusted people

ANSWER : Rotate them regularly

13 . Which of the following can be used to protect data at rest on Amazon S3?
(Choose TWO)
 Conversion
 Decryption
 Versioning
 Deduplication
 Permissions

ANSWER : Versioning AND Permissions

14 . Why does every AWS Region contain multiple Availability Zones?

  Multiple Availability Zones results in lower total cost compared to
deploying in a single Availability Zone
 Multiple Availability Zones within a region increases the storage
capacity available in that region
 Multiple Availability Zones allows for data replication and global reach
 Multiple Availability Zones allows you to build resilient and highly
available architectures

ANSWER : Multiple Availability Zones allows you to build resilient and highly
available architectures

15 . A company is seeking to deploy an existing .NET application onto AWS as

quickly as possible. Which AWS Service should the customer use to achieve
this goal?
 AWS Amplify
 AWS Systems Manager
 AWS Trusted Advisor
 AWS Elastic Beanstalk

ANSWER : AWS Elastic Beanstalk

16 . What is the AWS Support feature that allows customers to manage

support cases programmatically?
 AWS Support API
 AWS Trusted Advisor
 AWS Health Dashboard
 AWS Operations Support
ANSWER : AWS Support API

17 . A company is using EC2 Instances to run their e-commerce site on the

AWS platform. If the site becomes unavailable, the company will lose a
significant amount of money for each minute the site is unavailable. Which
design principle should the company use to minimize the risk of an outage?
 Fault Tolerance
 Pilot Light
 Multi-threading
 Least Privilege

ANSWER : Fault Tolerance

18 . Which features are included in the AWS Business Support Plan? (Choose
TWO)
 Partial access to the core Trusted Advisor checks
 24x7 access to the TAM feature
 Access to Cloud Support Engineers via email only during business
hours
 Access to the Infrastructure Event Management (IEM) feature for
additional fee
 24x7 access to customer service

ANSWER :
  Access to the Infrastructure Event Management (IEM) feature for
additional fee
 24x7 access to customer service

19. A customer is seeking to store objects in their AWS environment and to

make those objects downloadable over the internet. Which AWS Service can
be used to accomplish this?
 Amazon EBS
 Amazon Instance Store
 Amazon S3
 Amazon EFS

ANSWER : Amazon S3

20 . Which of the following are examples of the customer’s responsibility to

implement “security IN the cloud”? (Choose TWO)
 Replacing physical hardware
 Creating a new hypervisor
 File system encryption
 Patch management of the underlying infrastructure
 Building a schema for an application

ANSWER : File system encryption

AND
Building a schema for an application
 EXAM 4

1 . How does AWS notify customers about security and privacy events
pertaining to AWS services?
 Using the AWS Management Console
 Using Security Bulletins
 Using the AWS ACM service
 Using Compliance Resources

ANSWER : Using Security Bulletins

2 . A company is seeking to better secure its AWS account from unauthorized

access. Which of the below options can the customer use to achieve this
goal?
 Require Multi-Factor Authentication (MFA) for all IAM User access
 Set up two login passwords
 Create one IAM account for each department in the company
(Development, QA, Production), and share it across all staff in that
department
 Restrict any API call made through SDKs or CLI

ANSWER : Require Multi-Factor Authentication (MFA) for all IAM User access

3 . An external auditor is requesting a log of all accesses to the AWS resources

in the company’s account. Which of the following services will provide the
auditor with the requested information?
  AWS CloudFormation
 Amazon CloudFront
 AWS CloudTrail
 Amazon CloudWatch

ANSWER : AWS CloudTrail

4 . Which of the following Amazon RDS features facilitates offloading of

database read activity?
 Automated Backups
 Multi-AZ Deployments
 Read Replicas
 Database Snapshots

ANSWER : Read Replicas

5 . A company is developing an application that will leverage facial

recognition to automate photo tagging. Which AWS Service should the
company use for facial recognition?
 Amazon Polly
 AWS IAM
 Amazon Comprehend
 Amazon Rekognition
ANSWER : Amazon Rekognition

6 . Which of the following are types of AWS Identity and Access Management
(IAM) identities? (Choose TWO)
 IAM Roles
 AWS Resource Groups
 IAM Policies
 AWS Organizations
 IAM Users

 ANSWER : IAM Roles And IAM Users

7 . You are running a financial services web application on AWS. The application
uses a MySQL database to store the data. Which of the following AWS services
would improve the performance of your application by allowing you to retrieve
information from fast in-memory caches?
 Amazon Neptune
 DAX
 Amazon EFS
 Amazon ElastiCache

Answer : Amazon ElastiCache

8 . What features does AWS offer to help protect your data in the Cloud?
(Choose TWO)
 Access control
 Unlimited storage
  Data encryption
 Free MFA devices for all AWS account owners

Answer : Access control AND Data encryption

9 . A company is building an online cloud storage platform. They need a

storage service that can scale capacity automatically, while minimizing cost.
Which AWS storage service should the company use to meet these
requirements?
 Amazon Elastic Block Store
 Amazon Simple Storage Service
 AWS Storage Gateway
 Amazon Elastic Container Service

ANSWER : Amazon Simple Storage Service

10 . Your company requires a response time of less than 15 minutes from

support interactions about their business-critical systems that are hosted on
AWS if those systems go down. Which AWS Support Plan should this
company use?
 AWS Basic Support
 AWS Enterprise Support
 AWS Developer Support
 AWS Business Support

ANSWER : AWS Enterprise Support

11 . Which AWS service or feature is used to manage the keys used to encrypt
customer data?
 Multi-Factor Authentication (MFA)
 Amazon Macie
 AWS KMS
 AWS Service Control Policies (SCPs)

ANSWER : AWS KMS

12 . Which AWS service enables you to quickly purchase and deploy SSL/TLS
certificates?
 Amazon GuardDuty
 AWS WAF
 AWS ACM
 Amazon Detective

ANSWER : AWS ACM

13 . A company is migrating a web application to AWS. The application’s

compute capacity is continually utilized throughout the year. Which of the
below options offer the company the most cost-effective solution? (Choose
TWO)
 Reserved Instances
 Dedicated Hosts
 Spot Instances
  Savings Plans
 On-demand Instances

 ANSWER : Reserved Instances AND Savings Plans

14 . Which of the following approaches will help you eliminate human error
and automate the process of creating and updating your AWS environment?
 Use AWS CodeDeploy to build and automate your AWS environment
 Migrate all of your applications to a dedicated host
 Use Software test automation tools
 Use code to provision and operate your AWS infrastructure

ANSWER : Use code to provision and operate your AWS infrastructure

15 . Which AWS Service allows customers to create a template that

programmatically defines policies and configurations of all AWS resources as
code and so that the same template can be reused among multiple projects?
 AWS Auto Scaling
 AWS CloudTrail
 AWS CloudFormation
 AWS Config

ANSWER : AWS CloudFormation

16 . Which of the following S3 storage classes is most appropriate to host
static assets for a popular e-commerce website with stable access patterns?
 S3 Standard
 S3 Standard-IA
 S3 Intelligent-Tiering
 S3 Glacier Deep Archive

ANSWER : S3 Standard
17 . Why are Serverless Architectures more economical than Server-based
Architectures?
 When you reserve serverless capacity, you will get large discounts
compared to server reservation
 With Serverless Architectures you have the ability to scale
automatically up or down as demand changes
 With the Server-based Architectures, compute resources continue to
run all the time but with serverless architecture, compute resources
are only used when code is being executed
 Serverless Architectures use new powerful computing devices

ANSWER : With the Server-based Architectures, compute resources continue

to run all the time but with serverless architecture, compute resources are
only used when code is being executed
 EXAM 5

1) You have a real-time IoT application that requires sub-millisecond latency.

Which of the following services should you use?
1 AWS Cloud9
2 Amazon Redshift
3 Amazon ElastiCache for Redis
4 Amazon Athena

ANSWER : Amazon ElastiCache for Redis

2) What is the main benefit of the AWS Storage Gateway service?

 It automates the process of building, maintaining, and running ETL
jobs
 It provides physical devices to migrate data from on premises to AWS
 It allows integration of on-premises IT environments with Cloud
Storage
 It provides hardware-based key storage for regulatory compliance

ANSWER : It allows integration of on-premises IT environments with Cloud

Storage

3) Which service can you use to route traffic to the endpoint that provides
the best application performance for your users worldwide?
 AWS DAX Accelerator
 AWS Global Accelerator
 AWS Data Pipeline
  AWS Transfer Acceleration

ANSWER : AWS Global Accelerator

4 . Which of the below options is true of Amazon VPC?

 AWS is responsible for all the management and configuration details of
Amazon VPC
 Amazon VPC helps customers to review their AWS architecture and
adopt best practices
 Amazon VPC allows customers to control user interactions with all
other AWS resources
 AWS Customers have complete control over their Amazon VPC virtual
networking environment

ANSWER : AWS Customers have complete control over their Amazon VPC
virtual networking environment

5 . For compliance and regulatory purposes, a government agency requires

that their applications must run on hardware that is dedicated to them only.
How can you meet this requirement?
 Use EC2 Reserved Instances
 Use EC2 Spot Instances
 Use EC2 On-demand Instances
 Use EC2 Dedicated Hosts

ANSWER : Use EC2 Dedicated Hosts

6 . Where can AWS account owners get a list of all users in their account,
including the status of their AWS credentials?
 AWS CloudTrail Trails
 AWS Artifact reports
 AWS Cost and Usage Report
 IAM Credential Report

ANSWER : IAM Credential Report

7 . A developer wants to quickly deploy and manage his Docker application in

the AWS Cloud, but he doesn’t have any experience with cloud computing.
Which of the following AWS services would help the developer achieve his
goal?
 Amazon Personalize
 AWS Elastic Beanstalk
 AWS CloudHSM
 AWS CodeDeploy

ANSWER : AWS Elastic Beanstalk

8 . The owner of an E-Commerce application notices that the compute

capacity requirements vary heavily from time to time. What makes AWS
more economical than traditional data centers for this type of application?
  AWS allows customers to launch and terminate EC2 instances based on
demand
 AWS allows customers to choose cheaper types of EC2 instances that
best fit their needs
 AWS allows customers to launch powerful EC2 instances to handle
spikes in load
 AWS allows customers to pay upfront to get bigger discounts

ANSWER : AWS allows customers to launch and terminate EC2 instances

based on demand

9. Which of the following AWS services would help you migrate on-premise
databases to AWS?
 AWS Directory Service
 AWS DMS
 AWS Transit Gateway
 Amazon S3 Transfer Acceleration

ANSWER : AWS DMS

10 . Which statement is true in relation to the security of Amazon EC2?

 You should deploy critical components of your application in the
Availability Zone that you trust
 You should use instance store volumes to store login data
 You should regularly patch the operating system and applications on
your EC2 instances
 You can track all API calls using Amazon Athena
 ANSWER : You should regularly patch the operating system and
applications on your EC2 instances

11. An organization needs to build a financial application that requires support

for ACID transactions. Which AWS database service is most appropriate in this
case?
 DMS
 RedShift
 AWS Amplify
 RDS

ANSWER : RDS

12 . Amazon RDS supports multiple database engines to choose from. Which

of the following is not one of them?
 Oracle
 PostgreSQL
 Teradata
 Microsoft SQL Server

ANSWER : Teradata

13 . Which statement best describes the AWS Pay-As-You-Go pricing model?

 With AWS, you replace large upfront expenses with low fixed
payments
  With AWS, you replace low upfront expenses with large variable
payments
 With AWS, you replace low upfront expenses with large fixed
payments
 With AWS, you replace large capital expenses with low variable
payments

ANSWER : With AWS, you replace large capital expenses with low variable
payments

14 . Which of the below options are use cases of the Amazon Route 53
service? (Choose TWO)
 Detects configuration changes in the AWS environment
 DNS configuration and management
 Provides performance optimization recommendations
 Manages global application traffic through a variety of routing types
 Point-to-point connectivity between an on-premises data center and
AWS

ANSWER :

 DNS configuration and management

AND
 Manages global application traffic through a variety of routing types

15 . Which AWS service helps developers compile and test their code?
 AWS CodeDeploy
  AWS CodeStar
 AWS CodeBuild
 AWS CodeCommit

ANSWER : AWS CodeBuild

16 . You want to create a backup of your data in another geographical location.

Where should you create this backup?
 In another Local Zone
 In another Edge location
 In another Region
 In another Availability Zone

ANSWER : In another Region

17 . Which of the following services allows you to install and run custom
relational database software?
 Amazon EC2
 Amazon RDS
 Amazon Inspector
 Amazon Cognito

ANSWER : Amazon EC2

18 . A media company has an application that requires the transfer of large
data sets to and from AWS every day. This data is business critical and should
be transferred over a consistent connection. Which AWS service should the
company use?
 AWS Direct Connect
 AWS VPN
 AWS Snowmobile
 Amazon Comprehend

ANSWER : AWS Direct Connect

19 . Your web application currently faces performance issues and suffers from
long load times. Which of the following AWS services could help fix these
issues and improve performance?
 AWS Shield
 Amazon Detective
 AWS Security Hub
 AWS X-Ray

ANSWER : AWS X-Ray

20 . Who from the following will get the largest discount?

 A user who chooses to buy On-demand, Convertible, Partial upfront
instances
 A user who chooses to buy Reserved, Standard, No upfront instances
  A user who chooses to buy Reserved, Convertible, All upfront
instances
 A user who chooses to buy Reserved, Standard, All upfront instances

ANSWER : A user who chooses to buy Reserved, Standard, All upfront

instances

21 . Which of the following is a feature of Amazon RDS that performs

automatic failover when the primary database fails to respond?
 RDS Snapshots
 RDS Write Replica
 RDS Single-AZ
 RDS Multi-AZ

ANSWER : RDS Multi-AZ

22 . You have migrated your application to AWS recently. How can you view
the AWS costs applied to your account?
 Using the AWS Cost & Usage Report
 Using the Amazon VPC dashboard
 Using the Amazon AppStream 2.0 dashboard
 Using the AWS CloudWatch logs dashboard

ANSWER : Using the AWS Cost & Usage Report

23 . What can you use to assign permissions directly to an IAM user?
 IAM Identity
 IAM Role
 IAM Policy
 IAM User Group

ANSWER : IAM Policy

24 . You want to transfer 200 Terabytes of data from on-premises locations to

the AWS Cloud, which of the following can do the job in a cost-effective way?
 AWS DataSync
 AWS Snowmobile
 AWS DMS
 AWS Snowball

ANSWER : AWS Snowball

 EXAM 6

1 ) AWS provides disaster recovery capability by allowing customers to

deploy infrastructure into multiple ___________

1. Support plans
2. Edge locations
3. Regions
4. Transportation devices

Answer : Regions

2 ) Who is responsible for scaling a DynamoDB database in the AWS Shared

Responsibility Model?
 Your internal DevOps team
 AWS
 Your development team
 Your security team

Answer : AWS

3) Which of the following services is an AWS repository management system

that allows for storing, versioning, and managing your application code?
 AWS CodeCommit
 AWS CodePipeline
 AWS X-Ray
 Amazon CodeGuru
Answer : AWS CodeCommit

4 ) You are working as a web app developer. You are currently facing issues in
media playback for mobile devices because your media format is not
supported. Which of the following AWS services can help you convert your
media into another format?

 Amazon Rekognition
 Amazon Pinpoint
 Amazon Elastic Transcoder
 Amazon S3

Answer : Amazon Elastic Transcoder

5 ) You have multiple standalone AWS accounts and you want to decrease
your AWS monthly charges. What should you do?
 Try to remove unnecessary AWS accounts
 Enable AWS tiered-pricing before provisioning resources
 Add the accounts to an AWS Organization and use Consolidated Billing
 Track the AWS charges that are incurred by the member accounts

Answer : Add the accounts to an AWS Organization and use Consolidated

Billing
6 ) Each AWS Region is composed of multiple Availability Zones. Which of the
following best describes what an Availability Zone is?
 It is a collection of Local Zones designed to be completely isolated from
each other
 It is a distinct location within a region that is insulated from failures in
other Availability Zones
 It is a logically isolated network of the AWS Cloud
 It is a collection of data centers distributed in multiple countries

Answer : It is a distinct location within a region that is insulated from failures

in other Availability Zones

7 ) Which AWS service can be used to route end users to the nearest
AWS Region to reduce latency?
 AWS Cloud9
 Amazon Route 53
 AWS Systems Manager Session Manager
 Amazon Cognito

Answer : Amazon Route 53

8 ) You have just finished writing your application code. Which service can be
used to automate the deployment and scaling of your application?
 AWS Elastic Beanstalk
 AWS CodeCommit
 Amazon Simple Storage Service
  Amazon CodeGuru

Answer : AWS Elastic Beanstalk

9 ) Engineers are wasting a lot of time and effort managing batch computing
software in traditional data centers. Which of the following AWS services
allows them to easily run thousands of batch computing jobs?
 Amazon EC2
 AWS Batch
 AWS Fargate
 Lambda@Edge

Answer : AWS Batch

10 ) Which of the following can be used to protect websites not hosted on

AWS?
 AWS Ground Station
 AWS Network ACLs
 AWS Security Groups
 AWS WAF

Answer : AWS WAF

11 ) What should you consider when storing data in Amazon Glacier?

 Pick the right Glacier class based on your retrieval needs
  Attach Glacier to an EC2 Instance to be able to store data
 Amazon Glacier only accepts data in a compressed format
 Glacier can only be used to store frequently accessed data and data
archives

Answer : Pick the right Glacier class based on your retrieval needs

12 ) You are working as a site reliability engineer (SRE) in an AWS

environment, which of the following services helps monitor your
applications?
 Amazon CloudWatch
 Amazon CloudHSM
 Amazon CloudSearch
 Amazon Elastic MapReduce

Answer : Amazon CloudWatch

13 ) What factors determine how you are charged when using AWS Lambda?
(Choose TWO)
 Compute time consumed
 Number of requests to your functions
 Number of volumes
 Placement groups
 Storage consumed
  Answer : Compute time consumed AND
 Number of requests to your functions

14 ) How can you protect data stored on Amazon S3 from accidental deletion?
 By enabling S3 Versioning
 By configuring S3 Bucket Policies
 By configuring S3 Lifecycle Policies
 By disabling S3 Cross-Region Replication (CRR)

Answer : By enabling S3 Versioning

15 ) A company is running a large web application that needs to always be

available. The application tends to slow down when CPU usage is greater
than 60%. How can they track when CPU usage goes above 60% for any of the
EC2 Instances in their account?
 Use CloudFront to monitor the CPU usage
 Use SNS to monitor the utilization of the server
 Use CloudWatch Alarms to monitor the CPU and alert when the CPU
usage is >= 60%
 Set the AWS Config CPU threshold to 60% to receive a notification
when EC2 usage exceeds that value

Answer : Use CloudWatch Alarms to monitor the CPU and alert when the
CPU usage is >= 60%
16 ) Which of the following factors affect Amazon CloudFront cost? (Choose
TWO)
 Storage Class
 Number of Requests
 Instance type
 Traffic Distribution
 Number of Volumes
 Answer : Number of Requests AND Traffic Distribution

17 ) Which of the following are part of the seven design principles for security
in the cloud? (Choose TWO)
 Use manual monitoring techniques to protect your AWS resources
 Enable real-time traceability
 Scale horizontally to protect from failures
 Never store sensitive data in the cloud
 Use IAM roles to grant temporary access instead of long-term
credentials

Answer : Enable real-time traceability AND Use IAM roles to grant

temporary access instead of long-term credentials

18 ) Which of the following services is used when encrypting EBS volumes?

 AWS WAF
 AWS KMS
 Amazon GuardDuty
  Amazon Macie

ANSWER : AWS KMS

19 ) Which database service should you use if your application and data
schema require “joins“ or complex transactions?
 Amazon DocumentDB
 Amazon RDS
 Amazon DynamoDB
 AWS Outposts

ANSWER : Amazon RDS

20 ) You have developed a web application targeting a global audience. Which

of the following will help you achieve the highest redundancy and fault
tolerance from an infrastructure perspective?
 Deploy the application in multiple Availability Zones in multiple AWS
regions
 Deploy the application in a single Availability Zone
 Deploy the application in multiple Availability Zones in a single AWS
region
 There is no need to architect for these capabilities in AWS, as AWS is
redundant by default

ANSWER : Deploy the application in multiple Availability Zones in multiple

AWS regions
 EXAM 7

1. A customer needs to access a broad collection of AWS services via an

intuitive, web-based user interface. Which of the following options
would you recommend?
2. AWS Management Console
3. AWS SDK
4. Bastion Host
5. AWS CLI

Answer : AWS Management Console

2 ) A developer needs to access a Linux EC2 Instance to modify a WordPress
configuration file. Which of the following methods let them connect to their
instance’s Linux terminal? (Select TWO.)
 User Data
 AWS Direct Connect
 VPC Peering
  EC2 Instance Connect
 Session Manager

Answer : EC2 Instance Connect , Session Manager

3 ) Which of the following AWS services provides a security management

tool that can be used to configure your AWS WAF rules across different AWS
accounts?
 AWS Firewall Manager
 AWS Resource Access Manager
 AWS Trusted Advisor
 Amazon GuardDuty

Answer : AWS Firewall Manager

4 ) Which service will you use to quickly and securely transfer hundreds of
petabytes of data to AWS?
 AWS Data Exchange
 AWS Snowball Edge
 AWS Data Pipeline
 AWS Snowmobile

Answer : AWS Snowmobile

5 ) Which AWS service allows your EC2 compute capacity to automatically
scale based on the incoming traffic?
 Amazon Lightsail
 Amazon Macie
 AWS CloudTrail
 AWS Auto Scaling

ANSWER : AWS Auto Scaling

6 . How can you apply and easily manage the common access permissions to
a large number of IAM users in AWS?
 Attach the IAM Policy to an IAM Role then afterwards, associate that
role to all of the IAM Users.
 Attach the necessary policies or permissions required to a new IAM
Group then afterwards, add the IAM Users to the IAM group.
 Attach the exact same IAM Policy to all of the IAM Users.
 Apply permissions to multiple IAM Users by using a cross-account role.

Answer : Attach the necessary policies or permissions required to a new IAM

Group then afterwards, add the IAM Users to the IAM group.

7 ) Which statement below is correct regarding the components of the AWS

Global Infrastructure?
 An AWS Region contains multiple Availability Zones.
 An Availability Zone contains edge locations.
 An Availability Zone contains multiple AWS Regions.
 An edge location contains multiple AWS Regions.
Answer : An AWS Region contains multiple Availability Zones.

8 ) Which of the following is true regarding Elastic Load Balancing?

 It is a virtual server that allows you to run your applications in the AWS
Cloud.
 It distributes incoming application traffic across multiple targets, such
as Amazon EC2 instances, in multiple Availability Zones.
 It automatically increases or decreases the number of instances as the
demand of your application changes.
 It translates domain names (such as www.tutorialsdojo.com) into
numeric IP addresses (such as 192.0.2.1) that Amazon EC2 instances
use to connect to each other.

Answer :

It distributes incoming application traffic across multiple targets, such as

Amazon EC2 instances, in multiple Availability Zones.

9 ) What are the things that you can implement to improve the security of
your Identity and Access Management (IAM) users? (Select TWO.)
 Block incoming traffic via Network ACL.
 Enable Multi-Factor Authentication (MFA).
 Enable AWS Mobile Push Notification.
 Configure a strong password policy for your users.
 Block incoming traffic via Security Groups.
  Answer : Enable Multi-Factor Authentication (MFA). And
 Configure a strong password policy for your users.

10 ) Among the following services, which is the most suitable one to use to
store the results of I/O-intensive SQL database queries to improve application
performance?
 Amazon ElastiCache
 AWS Greengrass
 AWS IoT Greengrass
 Amazon DynamoDB Accelerator (DAX)

Answer : Amazon ElastiCache

11 ) Which AWS service enables you to build event-driven applications and
decouple the components of your application architecture?
 Amazon SQS
 Amazon Kinesis
 Amazon SNS
 Amazon EventBridge

Answer : Amazon EventBridge

12 ) A company is planning to adopt a hybrid cloud architecture with AWS.

Which of the following options can they use to help them estimate their costs?
 Cost allocation tag
 AWS Pricing Calculator
  Consolidated Billing
 AWS Cost Explorer

Answer : AWS Pricing Calculator

13 )

What is the minimum number of Availability Zones that you should set up for
your Application Load Balancer in order to create a highly available
architecture?
 2 ( Answer )
 1
 3
 4

14 ) Which of the following is a key use case of AWS Control Tower?

 A centralized logging service for all types of log files.
 A way for customers to send instructions to an AWS account on how to
deploy popular technologies such as WordPress.
 An easy way to establish a landing zone that implements an AWS well-
architected, multi-account environment and applies the AWS best
practices.
 A fast monitoring engine used to detect if any of your AWS accounts
deviate from the AWS best practices.

Answer : An easy way to establish a landing zone that implements an AWS

well-architected, multi-account environment and applies the AWS best
practices.
15 ) Which of the following characteristics correctly describes the Amazon
Simple Storage Service? (Select TWO.)
 A high-performance block storage service
 A hybrid cloud storage service
 A highly durable object storage infrastructure
 A storage service with virtually unlimited space
 A durable, high throughput file system

 Answer : A highly durable object storage infrastructure AND

 A storage service with virtually unlimited space

16 ) Which of the following Amazon EC2 instance purchasing options can help
you address compliance requirements and reduce costs by allowing you to
use your existing server-bound software licenses?
 Dedicated Host
 Reserved Instance
 Dedicated Instance
 On-Demand Instance

Answer : Dedicated Host

17 ) Which of the following are true regarding Amazon Relational Database

Service (Amazon RDS)? (Select TWO.)
  It is a fully managed nonrelational database service
 Provides 99.99999999999% reliability and durability
 Simplifies the management of time-consuming database
administration tasks
 Automatically scales up the relational database instance size based on
the incoming workload
 Makes it easy to set up, operate, and scale a relational database
Answer :

 Simplifies the management of time-consuming database

administration tasks
AND
 Makes it easy to set up, operate, and scale a relational database

18 ) Which among the options below is a highly available and scalable cloud
Domain Name System (DNS) web service in AWS?
 Rekognition
 Lightsail
 Active Directory Domain Service
 Route 53

Answer : Route 53

19 ) Which of the following AWS service provides managed compliance and

security controls for workloads?
 AWS Security Hub
 AWS Lambda
  Amazon EC2
 Amazon S3

Answer : AWS Security Hub

EXAM 8

1.
What service provides the lowest-cost storage option for retaining database
backups which also allows occasional data retrieval in minutes?
 Amazon S3 Glacier Flexible Retrieval
 Amazon EFS
 Amazon EBS
 Amazon S3
Answer : Amazon S3 Glacier Flexible Retrieval

2. What are the benefits of using Edge locations in AWS? (Select TWO.)

 Improves application performance by delivering content closer to your

users
 Provides caching which reduces the load on your origin servers
 Provides highly scalable object storage for your static content
 Offers an easy-to-use edge computing device that is helpful for data
migration
  Seamlessly extends AWS to edge devices so they can act locally on the
data they generate, while still using the cloud for management,
analytics, and durable storage

Answer :

 improves application performance by delivering content closer to your

users
 Provides caching which reduces the load on your origin servers

3 . In AWS, which of the following is a design principle that you should

implement when designing your cloud architecture?

3. Tightly couple your components

4. Utilize free or open-source software
5. Use multiple Availability Zones
6. Always use large servers to anticipate increase usage

 Answer : Use multiple Availability Zones

4 . A customer needs to retrieve the instance ID, instance profile permissions,
and kernel information of their EC2 instance for an app that is running within
the same instance. Where can the customer find this information?
 Instance metadata
 Resource tag
 Instance user data
 Amazon Machine Image

Answer : Instance metadata

5 . A customer needs to establish a dedicated connection between their on-
premises network and their AWS VPC that provides a more consistent
network experience than Internet-based connections. Which of the following
network services should they use?
 VPN Connection
 AWS VPN CloudHub
 AWS Direct Connect
 VPC Peering

Answer : AWS Direct Connect

6 . Which of the following cloud design principles supports growth in users,

traffic, or data size with no drop-in performance?
 Go Serverless to reduce compute footprint
 Decouple your components
 Scalability
 Design for failure

 Answer : Scalability

7 . A company is using Amazon S3 to store their static media contents such as

photos and videos. Which of the following should you use to provide specific
users access to the bucket?
 SSH key
  Network Access Control List
 Bucket Policy
 Security Group

Answer : Bucket Policy

8 . A company is currently using an On-Demand EC2 instance for their

application which they plan to migrate to a Reserved EC2 Instance to save on
cost. Which of the following is the most cost-effective option if the
application being hosted would be used for more than 3 years?
 No Upfront Convertible Reserved Instance pricing for a 3-year term.
 No Upfront Standard Reserved Instance pricing for a 1-year term that
is renewed every year.
 All Upfront Convertible Reserved Instance pricing for a 1-year term.
 All Upfront, Standard Reserved Instance pricing for a 3-year term.

Answer : All Upfront, Standard Reserved Instance pricing for a 3-year term.

9. A company has web servers running on Amazon EC2 instances that access
a RESTful API hosted on their on-premises data center. What kind of
architecture is the company using?
 Software as a Service (SaaS)
 Serverless Architecture
 Hybrid Architecture
 Platform as a Service (PaaS)
Answer : Hybrid Architecture

10 . A company which has a basic support plan needs resources to deploy,

test, and improve their AWS environment. Which of the following can they
use for free?
 AWS online documentation, whitepapers, blogs and support forums
 AWS Support API for programmatic case management
 In-person classes with an accredited AWS instructor
 Technical Account Manager consultation

Answer : AWS online documentation, whitepapers, blogs and support

forums

11. Which of the following can a developer use to interact with your AWS
services? (Select TWO.)
 AWS Artifact
 AWS Command Line Interface
 AWS SDKs
 Elastic Network Interface
 AWS Organizations

Answer : AWS Command Line Interface , AWS SDKs

12 )
A startup is developing a mobile app with a database service to store user data.
The app is expected to grow rapidly, and the company needs a flexible and
scalable database service that can handle unpredictable traffic and workload
spikes.
Which service should the startup use if they need a scalable, fast, and flexible
non-relational database service?
 Amazon RDS
 Amazon DynamoDB
 Amazon S3
 Amazon Redshift
Answer : Amazon DynamoDB
13 ) Which of the following is typically used to secure your VPC subnets?
 Network ACL
 AWS Config
 AWS IAM
 Security Group

Answer : Network ACL

14 ) Which of the following is a fully managed database in AWS that can be

used to store JSON documents?
 Amazon ElastiCache
 Amazon Aurora
 Amazon Redshift
 Amazon DynamoDB
Answer : Amazon DynamoDB

15 ) Which service would you use to speed up content delivery to your

customers?
 Amazon CloudFront
 Amazon CloudWatch
 AWS CloudTrail
 Amazon S3 Transfer Acceleration

Answer : Amazon CloudFront

16 ) Which of the following will allow you to create a data warehouse in AWS
for your business intelligence needs?
 Amazon S3
 Amazon Redshift
 Amazon DynamoDB
 Amazon RDS

Answer : Amazon Redshift

17 ) A company plans to migrate their on-premises MySQL database to

Amazon RDS. Which AWS service should they use for this task?
  AWS Glue
 AWS Schema Conversion Tool (AWS SCT)
 AWS Server Migration Service
 AWS Database Migration Service (AWS DMS)

Answer : AWS Database Migration Service (AWS DMS)

18 . Which of the following is best suited for load balancing Transmission

Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer
Security (TLS) traffic and has the capability of handling millions of requests
per second while maintaining ultra-low latencies?
 Application Load Balancer
 Network Load Balancer
 Gateway Load Balancer
 None of the above

Answer : Network Load Balancer

19 ) Which of the following are defined as global services in AWS? (Select

TWO.)
 AWS Batch
 Amazon DynamoDB
  AWS Identity and Access Management
 Amazon RDS
 Amazon CloudFront

 Answer : AWS Identity and Access Management , Amazon CloudFront

20 ) Which among the services below can you use to test and troubleshoot
IAM and resource-based policies?
 IAM Policy Simulator
 AWS Config
 Systems Manager
 Amazon Inspector

Answer : IAM Policy Simulator

21 ) Which of the following is the most cost-effective instance purchasing
option for hosting an application which will run non-interruptible workloads
for a period of three years?
 Amazon EC2 On-Demand Instances
 Amazon EC2 Standard Reserved Instances
 Amazon EC2 Spot Instances
 Amazon EC2 Convertible Reserved Instances

Answer : Amazon EC2 Standard Reserved Instances

 EXAM 9
1 ) Which of the following is the benefit of using Amazon Relational Database
Service (Amazon RDS) over traditional database management?
 It is five times faster than standard MySQL databases and three times
faster than standard PostgreSQL databases
 Lower administrative burden through automatic software patching and
maintenance of the underlying operating system
 Automatically scales up the instance type of your RDS cluster based on
demand
 Automatically apply both client-side and server-side encryption to your
data by default

ANSWER :
Lower administrative burden through automatic software patching and
maintenance of the underlying operating system

2 ) A customer currently has a Basic support plan and they are planning to
use the Infrastructure Event Management, Well-Architected Reviews and
Operations Reviews features in AWS. What should they do in order to access
these features in the most cost-effective manner?
 Upgrade to Developer support plan.
 None since these features are already included in their Basic support
plan.
 Upgrade to Business support plan.
 Upgrade to Enterprise support plan.

ANSWER : Upgrade to Enterprise support plan

3 ) A startup wants to move its on-premises infrastructure to AWS. The IT
Security team wants to protect all of the applications against unintended and
unauthorized access as well as potential vulnerabilities.
Which of the following capability of AWS CAF‘s Security perspective would be
most relevant to address this concern?
 Infrastructure Protection
 Threat Detection
 Data Protection
 Identity and Access Management

 ANSWER : Infrastructure Protection

4 ) Which of the following is the most cost-effective payment option when you
purchase either a Standard or Convertible Reserved Instance for a 1-year term?
 Partial Upfront
 No Upfront
 All Upfront
 Deferred

ANSWER : All Upfront

5 ) The IT Security team of your company needs to conduct a vulnerability

analysis on your application servers to ensure that the EC2 instances comply
with the annual security IT audit. You need to set up an automated security
assessment service to improve the security and compliance of your
applications. The solution should automatically assess applications for
exposure, vulnerabilities, and deviations from the AWS best practices.
Which of the following options would you implement to satisfy this
requirement?
  Amazon CloudFront
 AWS Inspector
 AWS Snowball
 AWS WAF

ANSWER : AWS Inspector

6 ) Which of the following tasks fall under the sole responsibility of AWS
based on the shared responsibility model?
 Physical and environmental controls
 Patch Management
 Implementing IAM policies
 Applying Amazon S3 bucket policies

ANSWER : Physical and environmental controls

7 ) Which of the following is one of the benefits of migrating your systems

from an on-premises data center to AWS Cloud?
 Eliminates the need for the customer to implement client-side or
service-side encryption for their data
 Completely eliminates the administrative overhead of patching the
guest operating system of their EC2 instances
 Enables the customer to eliminate high IT infrastructure costs since
cloud computing is absolutely free
 Enables the customer to focus on business activities rather than on the
heavy lifting of racking, stacking, and powering servers
ANSWER : Enables the customer to focus on business activities rather than
on the heavy lifting of racking, stacking, and powering servers

8 ) Which of the following is used to enable instances in the public subnet to

connect to the public Internet?
 API Gateway
 NAT Gateway
 NAT instance
 Internet Gateway

ANSWER : Internet Gateway

9 ) __________ lets you provision a logically isolated section of the

AWS Cloud where you can launch AWS resources in a virtual network
that you define.
 Virtual Private Gateway
 Amazon Lightsail
 Amazon VPC
 Amazon WorkSpaces
 ANSWER : Amazon VPC

10 ) Which of the following should you use to automatically transfer

your infrequently accessed data in your S3 bucket to a more cost-
effective storage class?
 AWS Transfer Family
 Amazon S3 access control list
 Amazon S3 Lifecycle Policy
 AWS Storage Gateway

ANSWER : Amazon S3 Lifecycle Policy

11 ) Which business intelligence tool is offered by Amazon Web

Services and allows users to create and publish interactive dashboards
and reports easily?
 AWS Cost and Usage Report
 Amazon QuickSight
 AWS Trusted Advisor
 AWS Cost Explorer

ANSWER : Amazon QuickSight

12 ) Which of the following services allow you to mask downtime of

your application by rerouting your traffic to healthy instances? (Select
TWO.)
  AWS EC2 Auto Scaling
 AWS ELB
 VPC Route tables
 AWS App Mesh
 Amazon Route 53

ANSWER : AWS ELB , Amazon Route 53

13 ) What service allows you to create alarms that notify you when EC2 CPU
Utilization thresholds are breached?
 AWS Auto Scaling
 Amazon SNS
 Amazon CloudWatch
 AWS Config

ANSWER : Amazon CloudWatch

14 ) Which service in AWS is best used for data analytics and data
warehousing?
 Amazon DynamoDB
 Amazon Redshift
 Amazon Aurora
 Amazon S3
ANSWER : Amazon Redshift

15 ) A customer needs to identify the IAM user who terminated their

production EC2 instance in AWS. Which service should they use in this
situation?
 AWS CloudTrail
 Amazon AppStream 2.0
 AWS Systems Manager
 Amazon CloudWatch

ANSWER : AWS CloudTrail

16 ) Which of the following AWS services are used to secure your VPC
network? (Select TWO.)
 IAM
 Network ACL
 Application load balancer
 CloudFront
 Security group

ANSWER : Network ACL , Security group

17 ) Your web servers are showing relatively poor performance in delivering

content. How can you improve its performance and cost efficiency?
  Use HTTP protocol instead to decrease the time consumed in
decrypting content
 Request AWS to use faster network cables for your servers
 Run more web servers to distribute the workload
 Apply a caching mechanism that stores frequently accessed content

ANSWER : Apply a caching mechanism that stores frequently accessed

content

18 ) What is the primary reason why you should be using an elastic load
balancer for a website with high activity?
 ELBs help tighten security through the use of security groups
 ELBs help you scale servers easily without manual intervention
 ELBs boost your website’s overall performance
 ELBs can distribute traffic equally to your backend targets to handle
the incoming traffic load

ANSWER : ELBs can distribute traffic equally to your backend targets to

handle the incoming traffic load

19 ) Which AWS support plan includes a Concierge Support Team which will
assist you with your billing and account inquiries, and work with you to
implement billing and account best practices?
 Enterprise support plan
 Business support plan
  Basic support plan
 Developer support plan

ANSWER : Enterprise support plan

20 ) The use of multi-threading in your Amazon S3 requests via the Multipart

Upload API is an example of which AWS cloud best practice?
 Think parallel.
 Decouple your components.
 Allow for evolutionary architectures.
 Implement elasticity.

ANSWER : Think parallel.

21 ) You are tasked to simplify the migration of your databases from your on-
premises server to AWS. Which service fits best for this purpose?
 AWS Server Migration Service
 AWS Database Migration Service
 AWS Snowmobile
 AWS Snowball

ANSWER : AWS Database Migration Service

22 ) A company is using Amazon S3 to store various types of documents in a
single bucket, and different teams frequently access the stored objects. If the
document is accidentally overwritten or deleted, the data must be
recoverable. Which of the following S3 features should they use?
 S3 Event Notifications
 S3 Versioning
 S3 Glacier Vault Lock
 S3 Lifecycle

ANSWER : S3 Versioning

23 ) You have multiple AWS accounts in your organization. How can you take
advantage of this to save on your monthly costs?
 Use AWS Organizations and enable consolidated billing
 Create an IAM Group containing all the AWS accounts and enable
consolidated billing
 Migrate all resources to a central account to take advantage of volume
discounts
 Set a budget for each account to minimize spending

ANSWER : Use AWS Organizations and enable consolidated billing

24 ) You wish to host a static website of your own in AWS at a low cost. Which
service should be used for this purpose?
  Amazon Elastic Load Balancer
 Amazon EC2
 Amazon S3 Standard
 Amazon S3 Infrequent Access

ANSWER : Amazon S3 Standard

EXAM 10
1 . A Software Developer is working on an application for a startup. The
company wants to incorporate a conversational interface that allows customers
to interact with the app through voice and text.
Which of the following AWS service would help the developer to build the
application?
 Amazon Polly
 Amazon Personalize
 Amazon Translate
 Amazon Lex

ANSWER : Amazon Lex

2. A Software Engineer is working on a new project for the company. The

project entails creating a web application with the PHP framework and
releasing it to the AWS Cloud. Given the company‘s limited resources and the
Software Engineer‘s tight deadline, the Software Engineer must devise a plan
for quickly deploying the application to AWS while avoiding the time-
consuming process of setting up and configuring the infrastructure.
Which of the following service will allow the Software Engineer to quickly
deploy their application into the AWS Cloud without building or launching the
individual resources themselves?
 Amazon EBS
 AWS Elastic Beanstalk
 Amazon ECS
 Amazon EKS

ANSWER : AWS Elastic Beanstalk

3 . Which of the following is the responsibility of the customer in the AWS
cloud? (Select TWO.)
 Managing data stored in the AWS resources
 Managing users in their AWS account
 Upgrading chipsets to the latest commercially available product
 Disposal of disk drives
 Ensuring that AWS services comply with the standards required of
them

 ANSWER : Managing data stored in the AWS resources

Managing users in their AWS account

4. What service acts as a firewall for your EC2 instances?

 Elastic Network Interface
 Network ACL
 VPC
 Security Group

ANSWER : Security Group

5 ) A manufacturing company is undergoing an organizational
transformation to focus more on its customers, aiming to maximize the value
delivered to them. This shift involves promoting team collaboration to ensure
alignment with the firm‘s strategic objectives.
How can the company achieve this goal while following the AWS Cloud
Adoption Framework (CAF)? (Choose two.)
 Transition and upgrade legacy infrastructure through migration and
modernization efforts.
 Employ a robust data and analytics platform to generate actionable
insights.
 Restructure teams to prioritize product-focused and value stream-
oriented approaches.
 Adopt agile methodologies for continuous improvement and rapid
innovation.
 Introduce new products and revenue models.

ANSWER :

 Restructure teams to prioritize product-focused and value stream-

oriented approaches.
 Adopt agile methodologies for continuous improvement and rapid
innovation.
6 ) Which type of EC2 instance is the most suitable and cost-effective if the
customer will be running mission-critical workloads continuously for a whole
year?
 On-Demand
 Reserved
 Dedicated
 Spot
ANSWER :

Reserved

7 ) Which of the following is a serverless compute service of AWS?

 AWS Lambda
 Amazon Aurora
 Amazon Athena
 Amazon DynamoDB

ANSWER : AWS Lambda

8 ) Which of the following statements is true for AWS CloudTrail?

 CloudTrail is able to capture application error logs from your EC2
instances
 When you create a trail in the AWS Management Console, the trail
applies to all AWS Regions by default
 CloudTrail charges you for every management event trail created
 CloudTrail is disabled by default for newly created AWS accounts

ANSWER : When you create a trail in the AWS Management Console, the
trail applies to all AWS Regions by default
9 ) Which AWS service lets you provision either Windows or Linux desktops in
just a few minutes and can scale easily to provide thousands of desktops to
workers?
 AWS Cloud9
 Amazon Workspaces
 AWS Systems Manager
 AWS Organizations

ANSWER : Amazon Workspaces

10 ) A DevOps Engineer hosted an e-commerce website on AWS in the US

East (Northern Virginia) region. Due to recent regulatory changes, the
company decided to expand its operations and launch a new instance of the
e-commerce website in the Europe (London) region. The DevOps Engineer‘s
task is to replicate the entire infrastructure of the existing e-commerce
website in the new region with the least possible downtime.
Which of the following is best to replicate the entire infrastructure to another
AWS Region with the least possible downtime?
 Create a golden AMI which you can use to redeploy your instances to
the new region
 Create a CloudFormation template and deploy it in the new region
 Enable RDS multi-AZ to have a similar database instance running in the
new region
 Take an EBS snapshot on all your storage devices and copy them to the
new region

 ANSWER : Create a CloudFormation template and deploy it in the new

region
11 ) A DevOps Engineer hosted an e-commerce website on AWS in the US East
(Northern Virginia) region. Due to recent regulatory changes, the company
decided to expand its operations and launch a new instance of the e-commerce
website in the Europe (London) region. The DevOps Engineer‘s task is to
replicate the entire infrastructure of the existing e-commerce website in the
new region with the least possible downtime.
Which of the following is best to replicate the entire infrastructure to another
AWS Region with the least possible downtime?
 Create a golden AMI which you can use to redeploy your instances to
the new region
 Create a CloudFormation template and deploy it in the new region
 Enable RDS multi-AZ to have a similar database instance running in the
new region
 Take an EBS snapshot on all your storage devices and copy them to the
new region

 ANSWER : Create a CloudFormation template and deploy it in the new

region

12 ) You noticed that you cannot reach one of your EC2 web servers behind an
ELB whenever you enter the DNS name of your load balancer. Which of the
following should you first check to gain more insight on the issue?
 AWS CloudTrail
 AWS Config
 Amazon CloudWatch
 ELB Health Check

ANSWER : ELB Health Check

13 ) Which of the following services allows you to store Docker images and
orchestrate Docker containers in a simple and cost-effective manner? (Select
TWO.)
 AWS Batch
 AWS CodeCommit
 AWS Lambda
 Amazon ECS
 Amazon ECR

ANSWER : Amazon ECS , Amazon ECR

14 ) Which of the following provides you access to Reserved Instance (RI)

purchase recommendations based on your past usage and indicate potential
opportunities for savings as compared to On-Demand usage?
 AWS Billing Dashboard
 AWS Budgets
 AWS Cost Explorer
 AWS Cost and Usage report

ANSWER : AWS Cost Explorer

15 ) You are planning to deploy a video streaming application with frequently

accessed, throughput-intensive workloads to your EC2 instance which
requires fast, consistent throughput. What EBS volume type should you use
to maximize performance as well as cost?
 General Purpose SSD
 Throughput Optimized HDD
 Cold HDD
 Provisioned IOPS SSD

 ANSWER : Throughput Optimized HDD

16 ) You have a large number of log files that will be archived in AWS for a long
time and should have a retrieval time of 12 hours or less. Which service is the
most cost-effective storage class for this purpose?
 Amazon S3 Glacier Instant Retrieval
 Amazon EBS Cold HDD
 Amazon S3 Glacier Deep Archive
 Amazon S3 Standard-IA

ANSWER : Amazon S3 Glacier Deep Archive

17 ) Which service in AWS protects your resources from common DDoS

attacks in a proactive manner?
  AWS Shield
 Amazon Inspector
 AWS WAF
 Security groups

ANSWER : AWS Shield

18 ) Which of the following AWS services are considered to be global services?

(Select TWO.)
 Amazon Route 53
 AWS CloudTrail
 AWS Lambda
 Amazon VPC
 AWS WAF

 ANSWER : Amazon Route 53 , AWS WAF

19 ) You believe that your AWS root account may have been used without
you knowing. What can you do to tighten the security on the root account?
 Configure MFA for your root account
 Disable root account credentials and use an IAM user with admin
privileges instead
 Change the root account password often
 Enable Cloudtrail to monitor for suspicious logins
  ANSWER : Configure MFA for your root account

20 ) As an AWS customer, what offering do you naturally inherit from AWS

after you sign up?
 All the data you store in and retrieve from AWS
 All the responsibilities in enforcing security and compliance policies of
your organization
 All the hardware and software that you provision in the AWS cloud
 All the best practices of AWS policies, architecture, and operational
processes built to satisfy your requirements

ANSWER :
All the best practices of AWS policies, architecture, and operational
processes built to satisfy your requirements

21 ) A mobile game startup plans to upgrade its local servers to serve

consumers better. However, locally stored data cannot be migrated due to
compliance requirements. Which of the following options would you
recommend to satisfy this requirement?
 Do not perform any migration for now to save up some capital for a
large scale migration in the future.
 Utilize AWS web servers but keep your data locally. Setup a hybrid
model in which the web servers in AWS will communicate with your
local data store.
 Slowly migrate your web servers and data into AWS while keeping your
budget in check.
  Dispose all of your servers and migrate your data to AWS since it will be
cheaper and more durable to store data in the cloud.

ANSWER :

Utilize AWS web servers but keep your data locally. Setup a hybrid model in
which the web servers in AWS will communicate with your local data store.

22 ) Which of the following is part of the best practices in securing your AWS
account?
 Always manually define permissions to each and every individual IAM
user
 Create an IAM user with admin privileges instead of using root
 Enable MFA only on the root account
 Grant Most Privilege

 ANSWER : Create an IAM user with admin privileges instead of using

root

23 )
Which AWS service allows me to patch my Windows EC2 instances without
having to RDP into them?
 AWS CodeDeploy
 Amazon Simple Workflow
  AWS CloudFormation
 AWS Systems Manager

ANSWER : AWS Systems Manager

24 ) Which of the following is not a part of the AWS Global Infrastructure?

 Edge Locations
 Regions
 Availability Zones
 Placement Groups

ANSWER : Placement Groups

25 ) An organization plans to build an online application form with a

detection capability to recognize attributes appearing in the images. This
feature will remove forms that contain inappropriate photos uploaded by
users. However, the development team has no experience building machine-
learning models.
Which of the following services would you recommend?
 Amazon SageMaker
 Amazon Rekognition
 Amazon Detective
 Amazon Kendra

ANSWER : Amazon Rekognition

26 ) You have an Amazon Linux EC2 instance running for an hour and thirty
minutes. How will AWS bill you in terms of usage?
 You will only be billed for an hour according to the hourly billing rule
 You will be billed for one hour and thirty minutes according to the
hourly billing rule
 You will be billed for an hour and thirty minutes according to the per-
second billing rule
 You will be billed for an hour and twenty-nine minutes according to the
per second billing rule

ANSWER : You will be billed for an hour and thirty minutes according to the
per-second billing rule

27 ) Which of the following is not a standard design principle when designing

systems in AWS?
 Loose coupling
 Disposable resources instead of fixed servers
 Servers, not services
 Design for failure

 ANSWER : Servers, not services

28 ) Which payment plan will give you the largest discount when purchasing
EC2 reserved instances?
 Partial upfront payment for a 3-year term purchase
  All upfront payment for a 3-year term purchase
 All upfront payment for a 1-year term purchase
 Partial upfront payment for a 1-year term purchase

 ANSWER : All upfront payment for a 3-year term purchase

--------------------------------------------------------------------------------------------------------