1). Which of the following describes the cloud design principle of scalability?
A ). The ability to automatically increase available compute resources (EC2) to meet growing user demand.
B ). The ability to route incoming client requests between multiple application servers.
C ). The ability to segment physical resources into multiple virtual partitions.
D ). The ability to reduce production costs by spreading capital expenses across many accounts.
Correct Answer: A
Explanation
Explanation/Reference:
scalable deployment will automatically “scale up” its capacity to meet growing user demand without the need for manual interference.
2). Which of the following best describes the cloud service model known as infrastructure as a service (IaaS)?
A ). End user access to software applications delivered over the internet
B ). Access to a simplified interface through which customers can directly deploy their application code without having to worry about managing the underlying infrastructure
C ). Customer rental of the use of measured units of a provider’s physical compute, storage, and networking resources
D ). Abstracted interfaces built to manage clusters of containerized workloads.
Correct Answer: C.
Explanation
Explanation/Reference:
IaaS is a model that gives customers access to virtualized units of a provider’s physical resources. IaaS customers manage their infrastructure much the way they would local, physical servers.
3). How does AWS ensure that no single customer consumes an unsustainable proportion of
available resources?
A ). AWS allows customers to consume as much as they’re willing to pay for, regardless of general availability.wCX
B ). AWS imposes default limits on the use of its service resources but allows customers to request higher limits.
C ). AWS imposes hard default limits on the use of its service resources.
D ). AWS imposes default limits on the use of its services by Basic account holders;
Premium account holders face no limits.
Correct Answer : B.
Explanation
Explanation/Reference:
AWS applies usage limits on most features of its services. However, in many cases, you can apply for a limit to be lifted.
4). The AWS Free Tier is designed to give new account holders the opportunity to get to know how their services work without necessarily costing any money. How does it work?
A ). You get service credits that can be used to provision and launch a few typical workloads.
B ). You get full free access to a few core AWS services for one month.
C ). You get low-cost access to many core AWS services for three months.
D ). You get free lightweight access to many core AWS services for a full 12 months.
Correct Answer: D.
Explanation
Explanation/Reference:
The Free Tier offers you free lightweight access to many core AWS services for a full 12 months
5) AWS customers receive “production system down” support within one hour when they subscribe to which support plan(s)?
A ). Enterprise.
B ). Business and Enterprise.
C ). Developer and Basic.
D ). All plans get this level of support.
Correct Answer: B.
Explanation
Explanation/Reference:
“Production system down” support within one hour is available only to subscribers to the Business or Enterprise support plans
6) AWS customers get full access to the AWS Trusted Advisor best practice checks when they
subscribe to which support plan(s)?
A ). All plans get this level of support
B ). Basic and Business.
C ). Business and Enterprise.
D ). Developer, Business, and Enterprise.
Correct Answer: D.
Explanation
Explanation/Reference:
All support plans come with full access to Trusted Advisor except for the (free) Basic plan
7) The AWS Shared Responsibility Model illustrates how AWS itself (as opposed to its customers) is responsible for which aspects of the cloud environment?
A ). The redundancy and integrity of customer-added data
B ). The underlying integrity and security of AWS physical resources
C ). Data and configurations added by customers
D ). The operating systems run on EC2 instances
Correct Answer : B.
Explanation
Explanation/Reference:
According to the Shared Responsibility Model, AWS is responsible for the underlying integrity and security of AWS physical resources, but not the integrity of the data and configurations added by customers.
8) Which of these is a designation for two or more AWS data centers within a single geographic area?
A ). Availability Zone
B ). Region
C ). Network subnet
D ). Geo-unit
Correct Answeer: A.
Explanation
Explanation/Reference:
An Availability Zone is one of two or more physical data centers located within a single AWS Region.
9) How, using security best practices, should your organization’s team members access your AWS account resources?
A ). Only a single team member should be given any account access.
B ). Through a jointly shared single account user who’s been given full account-wide
permissions.
C ). Through the use of specially created users, groups, and roles, each given the fewest permissions necessary.
D ). Ideally, resource access should occur only through the use of access keys.
Correct Answer: C.
Explanation
Explanation/Reference:
Team members should each be given identities (as users, groups, and/or roles) configured with exactly the permissions necessary to do their jobs and no more
10). Which of the following describes a methodology that protects your organization’s data
when it’s on-site locally, in transit to AWS, and stored on AWS?
A ). Client-side encryption
B ). Server-side encryption
C ). Cryptographic transformation
D ). Encryption at rest
Correct Answer: A.
Explanation
Explanation/Reference:
End-to-end encryption that protects data at every step of its life cycle is called client-side encryption
11 ). What authentication method will you use to access your AWS resources remotely through
the AWS Command Line Interface (CLI)?
A ). Strong password
B ). Multifactor authentication
C ). SSH key pairs
D ). Access keys
Correct Answer: D.
Explanation
Explanation/Reference:
AWS CLI requests are authenticated through access keys.
12 ). Which of these is the primary benefit from using resource tags with your AWS assets?
A ). Tags enable the use of remote administration operations via the AWS CLI.
B ). Tags make it easier to identify and administrate running resources in a busy AWS account.
C ).Tags enhance data security throughout your account.
D ). Some AWS services won’t work without the use of resource tags.
Correct Answer: B.
Explanation
Explanation/Reference:
Resource tags—especially when applied with consistent naming patterns—can make it
easier to visualize and administrate resources on busy accounts
13 ). What defines the base operating system and software stack that will be available for a new Elastic Compute Cloud (EC2) instance when it launches?
A ). The Virtual Private Cloud (VPC) into which you choose to launch your instance.
B ). The instance type you select.
C ). The Amazon Machine Image (AMI) you select.
D ). You don’t need to define the base OS—you can install that once the instance launches.
Correct Answer: C.
Explanation
Explanation/Reference:
The AMI you select while configuring your new instance defines the base OS
14) Which of the following AWS compute services offers an administration experience that most closely resembles the way you would run physical servers in your own local data center?
A ). Simple Storage Service (S3)
B ). Elastic Container Service (ECS)
C ). Elastic Compute Cloud (EC2)
D ). Lambda
Correct Answer: C.
Explanation
Explanation/Reference:
You can administer EC2 instances using techniques that are similar to the way you’d work with physical servers.
15) Which of the following AWS object storage services offers the lowest ongoing charges, but at the cost of some convenience?
A ). Glacier
B ). Storage Gateway
C ). Simple Storage Service (S3)
D ).Elastic Block Store (EBS)
Correct Answer: A.
Explanation
Explanation/Reference:
Amazon Glacier can reliably store large amounts of data for a very low price but requires CLI or SDK administration access, and retrieving your data can take hours
16) Which of the following AWS storage services can make the most practical sense for petabyte-sized archives that currently exist in your local data center?
A ). Saving to a Glacier Vault
B ).Saving to a Simple Storage Service (S3) bucket
C ). Saving to an Elastic Block Store (EBS) volume
D ). Saving to an AWS Snowball device
Correct Answer: D.
Explanation
Explanation/Reference:
You can transfer large data stores to the AWS cloud (to S3 buckets) by having Amazon send you a Snowball device to which you copy your data and which you then ship back to Amazon
17) Which of the following will provide the most reliable and scalable relational database experience on AWS?
A ). Relational Database Service (RDS)
B ).Running a database on an EC2 instance
C ). DynamoDB
D ).Redshift
Correct Ans : A.
Explanation
Explanation/Reference:
RDS offers a managed and highly scalable database environment for most popular relational database engines (including MySQL, MariaDB, and Oracle).
18) What’s the best and simplest way to increase reliability of an RDS database instance?
A ). Increase the available IOPS.
B ). Choose the Aurora database engine when you configure your instance.
C ). Enable Multi-AZ.
D ). Duplicate the database in a second AWS Region.
Correct Answer: C.
Explanation
Explanation/Reference:
Multi-AZ will automatically replicate your database in a second Availability Zone for greater reliability. It will, of course, also double your costs.