Services
Compute
Databases
Applications & Management
Network & Security (& Storage)
100

You have noticed that several critical Amazon EC2 instances have been terminated. Which of the following AWS services would help you determine who took this action?

  • A. Amazon Inspector.
  • B. AWS CloudTrail.
  • C. AWS Trusted Advisor.
  • D. EC2 Instance Usage Report.

What is AWS CloudTrail?

100

What is the AWS serverless service that allows you to run your applications without any administrative burden?

  • A. Amazon LightSail.
  • B. AWS Lambda.
  • C. Amazon RDS instances.
  • D. Amazon EC2 instances.

What is AWS Lambda?

100

As an on-premises MySQL DBA, you are tasked with migrating to the AWS Cloud to reduce time spent on database maintenance. Which AWS service will help automate tasks like backups, patching, and disaster recovery?

  • A. Amazon RDS.
  • B. Amazon Redshift.
  • C. Amazon DynamoDB.
  • D. Amazon CloudWatch.

What is Amazon RDS?

100

What are the change management tools that helps AWS customers audit and monitor all resource changes in their AWS environment? (Choose TWO)

  • A. AWS CloudTrail.
  • B. Amazon Comprehend.
  • C. AWS Transit Gateway.
  • D. AWS X-Ray.
  • E. AWS Config.

What are AWS CloudTrail and AWS Config?

100

Which of the following services can help protect your web applications from SQL injection and other vulnerabilities in your application code?

  • A. Amazon Cognito.
  • B. AWS IAM.
  • C. Amazon Aurora.
  • D. AWS WAF.

What is AWS WAF?

200

What does Amazon ElastiCache provide?  (Response: What is Option <Letter>?)

  • A. In-memory caching for read-heavy applications.
  • B. An Ehcache compatible in-memory data store.
  • C. An online software store that allows Customers to launch pre-configured software with just few clicks.
  • D. A domain name system in the cloud.

What is Option A?

200

In your on-premises environment, you can create as many virtual servers as you need from a single template. What can you use to perform the same in AWS?

  • A. IAM.
  • B. An internet gateway.
  • C. EBS Snapshot.
  • D. AMI.

What is AMI?

200

Classify the following AWS database services by their main use case: Amazon DynamoDB, Amazon RDS, Amazon Redshift, Amazon Aurora. (Response: What is Option <Letter>?)

  • A. DynamoDB: NoSQL workload, RDS: Transactional system, Redshift: Large-scale data analytics, Aurora: Transactional system.
  • B. DynamoDB: Transactional system, RDS: NoSQL workload, Redshift: Transactional system, Aurora: Large-scale data analytics.
  • C. DynamoDB: Large-scale data analytics, RDS: NoSQL workload, Redshift: Transactional system, Aurora: Transactional system.
  • D. DynamoDB: NoSQL workload, RDS: Large-scale data analytics, Redshift: Transactional system, Aurora: NoSQL workload.

What is Option A?

200

An application experiences high read latency due to frequent requests for the same data. Which of the following services would you use to accelerate read performance in DynamoDB by providing an in-memory cache for frequently accessed items?

  • A. Amazon Elastic File System (EFS).
  • B. Amazon DynamoDB Accelerator (DAX).
  • C. Amazon Elasticache for Redis.
  • D. Amazon Simple Storage Service (S3).

What is Amazon DynamoDB Accelerator (DAX)?

200

What is the AWS feature that provides an additional level of security above the default authentication mechanism of usernames and passwords?

  • A. Encrypted keys.
  • B. Email verification.
  • C. AWS KMS.
  • D. AWS MFA.

What is AWS MFA?

300

What is the AWS service that provides a virtual network dedicated to your AWS account?

  • A. AWS VPN.
  • B. AWS Subnets.
  • C. AWS Dedicated Hosts.
  • D. Amazon VPC.

What is Amazon VPC?

300

When launching an EC2 instance, which of the following features can help reduce the risk of data loss in the event of instance termination?

  • A. EBS-backed storage.
  • B. Instance Store.
  • C. Instance Metadata.
  • D. Elastic IP.

What is EBS-backed storage?

300

Which of the following services are key/value stores? (Choose 3 answers)

  • A. Amazon ElastiCache.
  • B. Simple Notification Service. 
  • C. DynamoDB.
  • D. Simple Storage Service.
  • E. Simple Workflow Service.

What are Amazon ElastiCache, DynamoDB, and Simple Storage Service (S3)?

300

What are the AWS services/features that can help you maintain a highly available and fault-tolerant architecture in AWS? (Choose TWO)

  • A. AWS Direct Connect.
  • B. Amazon EC2 Auto Scaling.
  • C. Elastic Load Balancer.
  • D. CloudFormation.
  • E. Network ACLs.

What are Amazon EC2 Auto Scaling and Elastic Load Balancer?

300

You are working on two projects that require completely different network configurations. Which AWS service or feature will allow you to isolate resources and network configurations?

  • A. Internet gateways.
  • B. Virtual Private Cloud.
  • C. Security Groups.
  • D. Amazon CloudFront.

What is Virtual Private Cloud?

400

Which of the following does NOT belong to the AWS Cloud Computing models?

  • A. Platform as a Service (PaaS).
  • B. Infrastructure as a Service (IaaS).
  • C. Software as a Service (SaaS).
  • D. Networking as a Service (NaaS).

What is NaaS?

400

Which of the following statements best describes the use of Instance Store on an EC2 instance, and when should it be applied? (Response: What is Option <Letter>?)

  • A. Instance Store provides persistent block-level storage that survives instance termination, making it ideal for storing critical data.
  • B. Instance Store is ephemeral storage that is directly attached to the physical host of an EC2 instance, suitable for temporary data such as caching or buffer storage.
  • C. Instance Store is used to store backups and is always replicated across multiple Availability Zones for durability.
  • D. Instance Store provides scalable storage with automatic data backups, making it ideal for storing databases in a production environment.

What is Option B?

400

What is true about Amazon Aurora replicas? (Choose up to 3 correct answers). (Response: What are Options <Letter>, ... , and <Letter>?)

  • A. Aurora replicas are read-only copies of the primary Aurora database that help distribute read traffic.
  • B. Aurora replicas increase write throughput by offloading writes from the primary instance.
  • C. Aurora replicas can automatically failover and become the new primary instance in case of a failure.
  • D. Aurora replicas can be created across multiple regions for disaster recovery.
  • E. Aurora replicas can be used for backup purposes but do not help with read scalability.

What are Options A, C, and D?

400

Which of the following are good use cases for Amazon EC2 Spot Instances? (Choose all that apply). (Response: What are Options <Letter>, ... , and <Letter>?)

  • A. Running stateless applications that can tolerate interruptions and termination.
  • B. Running mission-critical applications where 100% uptime is required.
  • C. Batch processing jobs that can be restarted or paused when instances are terminated.
  • D. Applications that need significant cost savings (up to 90%) compared to On-Demand pricing.
  • E. Long-running applications where the instance must be reserved for a fixed period.

What are A, C, and D?

400

According to the AWS Acceptable Use Policy, which of the following statements is true regarding penetration testing of EC2 instances? (Response: What is Option <Letter>?)

  • A. Penetration testing is not allowed in AWS.
  • B. Penetration testing is performed automatically by AWS to determine vulnerabilities in your AWS infrastructure.
  • C. Penetration testing can be performed by the customer on their own instances without prior authorization from AWS.
  • D. The AWS customers are only allowed to perform penetration testing on services managed by AWS.

What is Option C?

500

Which of the following AWS services is a fully managed graph database service that supports both property graph and RDF graph models for applications such as social networking, recommendation engines, and fraud detection?

  • A. Amazon Aurora
  • B. Amazon Neptune
  • C. Amazon DynamoDB
  • D. Amazon Redshift
  • E. Amazon ElastiCache

What is Amazon Neptune?

500

Which of the following is NOT a feature of the AWS Serverless Application Model (AWS SAM)? (Response: What is Option <Letter>?)

  • A. Simplified definition of AWS Lambda functions and their events.
  • B. Ability to define APIs and DynamoDB tables.
  • C. Deployment of serverless applications using AWS CloudFormation.
  • D. Automatic scaling of EC2 instances based on incoming traffic.

What is Option D?

500

What are the key differences between Amazon ElastiCache for Memcached and Amazon ElastiCache for Redis? (Choose all that apply). (Response: What are Options <Letter>, ... , and <Letter>?)

  • A. Memcached is multi-threaded, while Redis is single-threaded.
  • B. Redis supports data persistence, while Memcached does not.
  • C. Redis supports advanced data structures, while Memcached only supports key-value pairs.
  • D. Redis is more suited for complex data storage and persistence, while Memcached is best for simple caching.

What are Options B, C, and D?

500

Which of the following are true about Amazon EC2 Dedicated Hosts and Amazon EC2 Dedicated Instances? (Choose all that apply). (Response: What are Options <Letter>, ... , and <Letter>?)

  • A. Dedicated Hosts allow full control over instance placement on physical servers.
  • B. Dedicated Instances provide full control over instance placement. 
  • C. Dedicated Hosts are typically more expensive than Dedicated Instances.
  • D. Dedicated Instances allow for granular control of instance placement on specific physical servers.
  • E. Dedicated Instances are suitable for workloads requiring physical isolation but not placement control.

What are A, C, and E?

500

Which of the following are NOT best practices recommended when implementing AWS Identity and Access Management (IAM) to secure access to AWS resources in a production environment? (Choose all that apply). (Response: What are Options <Letter>, ... , and <Letter>?)

  • A. Use AWS IAM roles for application access to AWS services rather than embedding long-term access keys in the code.
  • B. Grant root user access to all users within the account for troubleshooting purposes.
  • C. Implement least privilege access by only granting the specific permissions that are needed for each user or service role.
  • D. Use MFA (Multi-Factor Authentication) only for the root account to enhance security.
  • E. Create IAM groups for different roles (e.g., admin, developer, and read-only) and assign permissions to these groups.
  • F. Enable AWS CloudTrail to monitor and log all IAM actions performed within the AWS account for auditing purposes.
  • G. Periodically review and rotate IAM access keys to prevent unauthorized access or key misuse.

What are Options B and D?

M
e
n
u