Cloud Concepts
Why are Serverless Architectures more economical than Server-based Architectures?
a. Serverless Architectures use new powerful computing devices
b. With the Server-based Architectures, compute resources continue to run all the time but with serverless architecture, compute resources are only used when code is being executed
c. When you reserve serverless capacity, you will get large discounts compared to server reservation
d. With Serverless Architectures you have the ability to scale automatically up or down as demand changes
b. With the Server-based Architectures, compute resources continue to run all the time but with serverless architecture, compute resources are only used when code is being executed
Serverless architectures can reduce costs because you do not have to manage or pay for underutilized servers, or provision redundant infrastructure to implement high availability. For example, you can upload your code to the AWS Lambda compute service, and the service can run the code on your behalf using AWS infrastructure. With AWS Lambda, you are charged for every 100ms your code executes and the number of times your code is triggered.
Which of the following services gives you access to all AWS auditor-issued reports and certifications?
a. AWS Artifact
b. AWS Config
c. AWS CloudTrail
d. Amazon CloudWatch
a. AWS Artifact
AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS’ security and compliance reports and select online agreements.
What are some key benefits of using AWS CloudFormation? (Choose TWO)
a. It allows you to model your entire infrastructure in just a text file
b. It applies advanced IAM security features automatically
c. It helps AWS customers deploy their applications without worrying about the underlying infrastructure
d. It automates the provisioning and updating of your infrastructure in a safe and controlled manner
e. It compiles and builds application code in a timely manner
a. It allows you to model your entire infrastructure in just a text file
c. It helps AWS customers deploy their applications without worrying about the underlying infrastructure
The benefits of using AWS CloudFormation include:
1- CloudFormation allows you to model your entire infrastructure in a text file. This template becomes the single source of truth for your infrastructure. This helps you to standardize infrastructure components used across your organization, enabling configuration compliance and faster troubleshooting.
2- AWS CloudFormation provisions your resources in a safe, repeatable manner, allowing you to build and rebuild your infrastructure and applications, without having to perform manual actions or write custom scripts. CloudFormation takes care of determining the right operations to perform when managing your stack, and rolls back changes automatically if errors are detected.
3- Codifying your infrastructure allows you to treat your infrastructure as just code. You can author it with any code editor, check it into a version control system, and review the files with team members before deploying into production.
4- CloudFormation allows you to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts.
Which statement best describes the AWS Pay-As-You-Go pricing model?
a. With AWS, you replace large upfront expenses with low fixed payments
b. With AWS, you replace low upfront expenses with large variable payments
c. With AWS, you replace low upfront expenses with large fixed payments
d. With AWS, you replace large capital expenses with low variable payments
d. With AWS, you replace large capital expenses with low variable payments
AWS does not require minimum spend commitments or long-term contracts. You replace large fixed upfront expenses with low variable payments that only apply based on what you use. For example, when using On-demand instances you pay only for the hours\seconds they are running and nothing more.
Which of the below options are use cases of the Amazon Route 53 service? (Choose TWO)
a. Point-to-point connectivity between an on-premises data center and AWS
b. Provides performance optimization recommendations
c. Manages global application traffic through a variety of routing types
d. Detects configuration changes in the AWS environment
e. DNS configuration and management
c. Manages global application traffic through a variety of routing types
e. DNS configuration and management
Amazon Route 53 can be used for:
• Registering domain names
• DNS configuration and management
• Configuring health checks to route traffic only to healthy endpoints
• Managing global application traffic (cross-regions) through a variety of routing types.
Which of the following is a feature of Amazon RDS that performs automatic failover when the primary database fails to respond?
a. RDS Multi-AZ
b. RDS Single-AZ
c. RDS Write Replica
d. RDS Snapshots
a. RDS Multi-AZ
When you enable Multi-AZ, Amazon Relational Database Service (Amazon RDS) maintains a redundant and consistent standby copy of your data. If you encounter problems with the primary copy, Amazon RDS automatically switches to the standby copy (or to a read replica in the case of Amazon Aurora) to provide continued availability to the data. The two copies are maintained in different Availability Zones (AZs), hence the name “Multi-AZ.” Each AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. Having separate Availability Zones greatly reduces the likelihood that both copies will concurrently be affected by most types of disturbances.
For compliance and regulatory purposes, a government agency requires that their applications must run on hardware that is dedicated to them only. How can you meet this requirement?
a. Use EC2 Dedicated Hosts
b. Use EC2 Spot Instances
c. Use EC2 Reserved Instances
d. Use EC2 On-demand Instances
a. Use EC2 Dedicated Hosts
When you launch instances on a Dedicated Host, the instances run on a physical server that is dedicated for your use. While Dedicated instances also run on dedicated hardware, Dedicated Hosts provide further visibility and control by allowing you to place your instances on a specific, physical server. This enables you to deploy instances using configurations that help address corporate compliance and regulatory requirements.
An application developer wants to store data in a key-value database. Which service should they use?
1. Amazon RDS
2. Amazon DynamoDB
3. Amazon DocumentDB
4. Amazon Aurora
2. Amazon DynamoDB
Which Support plans include access to all AWS Trusted Advisor checks? (Select TWO.)
1. Basic
2. Enterprise
3. Business
4. Developer
5. AWS Free Tier
2. Enterprise
3. Business
Which tasks are the responsibilities of AWS? (Select TWO.)
1. Configuring security groups on Amazon EC2 instances
2. Configuring AWS infrastructure devices
3. Maintaining virtualization infrastructure
4. Training company employees on how to use AWS services
5. Creating IAM users and groups
2. Configuring AWS infrastructure devices
3. Maintaining virtualization infrastructure
What does the term “Economies of scale” mean?
a. It means that you have the ability to pay as you go
b. It means that you save more when you consume more
c. It means that AWS will continuously lower costs as it grows
d. It means as more time passes using AWS, you pay more for its services
c. It means that AWS will continuously lower costs as it grows
By using cloud computing, you can achieve a lower variable cost than you would get on your own. Because usage from hundreds of thousands of customers is aggregated in the cloud, providers such as AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices. For example, AWS has reduced the per GB storage price of S3 by 80% since the service was first introduced in 2006.
Which component or service establishes a dedicated private connection between an on-premises data center and virtual private cloud (VPC)?
1. Internet gateway
2. Virtual private gateway
3. Amazon CloudFront
4. AWS Direct Connect
4. AWS Direct Connect
In the S3 Intelligent-Tiering storage class, Amazon S3 moves objects between a frequent access tier and an infrequent access tier. Which storage classes are used for these tiers? (Select TWO.)
1. S3 Standard-IA
2. S3 Glacier Deep Archive
3. S3 One Zone-IA
4. S3 Standard
5. S3 Glacier Flexible Retrieval
1. S3 Standard-IA
4. S3 Standard
Which of the following is an available option when purchasing Amazon EC2 instances?
a. The ability to pay upfront to get lower hourly costs
b. The ability to bid to get the lowest possible prices
c. The ability to buy Dedicated Instances for up to 90% discount
d. The ability to register EC2 instances to get volume discounts on every hour the instances are running
a. The ability to pay upfront to get lower hourly costs
For Customers who can commit to using EC2 over a 1 or 3-year term, it is better to use Amazon EC2 Reserved Instances or AWS Savings Plans. Reserved Instances and AWS Savings Plans provide a significant discount (up to 72%) compared to On-Demand instance pricing.
Which service provides review details for user activities and API calls that have occurred within an AWS environment?
1. AWS Trusted Advisor
2. Amazon CloudWatch
3. Amazon Inspector
4. AWS CloudTrail
4. AWS CloudTrail
You want to create a backup of your data in another geographical location. Where should you create this backup?
a. In another Availability Zone
b. In another Region
c. In another Local Zone
d. In another Edge location
b. In another Region
A Region is a physical location around the world where AWS clusters data centers. AWS calls each group of logical data centers an Availability Zone. Each AWS Region consists of multiple, isolated, and physically separate Availability Zones within a geographic area.
You found evidence of malicious and unauthorized behaviors in the account. What service can help to continue to monitor for other behavior?
1. AWS Systems Manager
2. Trusted Advisor
3. Inspector
4. GuardDuty
4. GuardDuty
GuardDuty is a threat detection service that continuously monitors for malicious activity and anomalous behavior in AWS accounts.
You have just created a new bucket and uploaded a file into it. Will this be automatically viewable by anyone on the internet?
1. No. By default, buckets and their contents are private.
2. Yes. By default, buckets and their contents are public.
3. Only if you have an internet gateway.
4. Only if you have a NAT gateway.
1. No. By default, buckets and their contents are private.
A company wants to ensure that all AWS accounts in their environment conform to company-wide policies. Which services can help? (Select TWO.)
1. Control Tower
2. Organizations
3. Systems Manager
4. Trusted Advisor
1. Control Tower
2. Organizations
Control Tower helps you ensure your accounts conform to company-wide policies and guardrails. Control Tower actually sits on top of Organizations. Organizations allows you to centrally manage multiple AWS accounts under one umbrella. You can allocate resources and apply policies across accounts.
Which AWS Trusted Advisor category includes checks for high-utilization EC2 instances?
1. Cost Optimization
2. Fault Tolerance
3. Security
4. Performance
4. Performance
A food delivery company has a set of three EC2 instances that remain idle for most of the day, except for three spikes during breakfast, lunch, and dinner. What is the most effective way to optimize these instances with the lowest operational overhead?
1. Use an elastic load balancer to scale out and in based on demand.
2. Write a script to stop instances when demand is low.
3. Use an Auto Scaling group to scale out and in based on demand.
4. Use Reserved Instances instead of On-Demand Instances.
3. Use an Auto Scaling group to scale out and in based on demand.
The Auto Scaling group can be used to scale out and scale in the instances as the demand dictates. This will save money and avoid having instances sitting idle for long periods of time. AWS Auto Scaling monitors your applications and automatically adjusts your capacity to maintain steady, predictable performance at the lowest possible cost. Using AWS Auto Scaling, it’s easy to set up application scaling for multiple resources across multiple services in minutes.
Which is the most efficient AWS feature that allows a company to restrict IAM users from making changes to a common administrator IAM role created in all accounts in their organization?
1. GuardDuty IAM findings
2. Shield
3. Service control policies (SCPs)
4. IAM user policy
3. Service control policies (SCPs)
AWS Organizations provides central governance and management for multiple accounts. Organization SCPs allow you to create permissions guardrails that apply to all accounts within a given organization.
You are storing CSV files in S3. You want to create a report from using those files. What service can do this for you?
1. Cost Explorer.
2. CloudWatch.
3. S3 Storage Lens.
4. Athena.
4. Athena.
Athena integrates with S3 easily and can provide the option of creating a report from the files in S3.
You have been tasked with optimizing EC2 instances and the usage across your account. Which of the following can help you do this? (Select TWO).
1. Lambda
2. Load Balancers
3. Compute Optimizer
4. Trusted Advisor
3. Compute Optimizer
4. Trusted Advisor
Compute Optimizer can provide recommendations on how to optimize the use of your EC2 instance types based on utilization data. Trusted Advisor can be used to provide recommendations on how to optimize instances for cost.
Your company stores files in S3 and wants to be able to access them from EC2 instances like a file system. Which of the following can achieve this?
1. Transit Gateway.
2. S3 File Gateway.
3. Elastic File System Ultra (EFSU).
4. Elastic File System (EFS).
2. S3 File Gateway.
S3 File Gateway allows you to store and access objects in S3 from NFS or SMB file data with local caching.