Under the shared responsibility model, which of the following is the customer responsible for?
AWS for a self-hosted database that requires a nightly shutdown for maintenance and cost-saving purposes
The use of what AWS feature or service allows companies to track and categorize spending on a detailed level?
Which service stores objects, provides real-time access to those objects, and offers versioning and lifecycle capabilities?
What AWS team assists customers with accelerating cloud adoption through paid engagements in any of several specialty practice areas?
A customer would like to design and build a new workload on AWS Cloud but does not have the AWS-related software technical expertise in-house.Which of the following AWS programs can a customer take advantage of to achieve that outcome?
Distributing workloads across multiple Availability Zones supports which cloud architecture design principle?
Which AWS services can host a Microsoft SQL Server database? (Choose two.)
Which of the following inspects AWS environments to find opportunities that can save money for users and also improve system performance?
Which of the following Amazon EC2 pricing models allow customers to use existing server-bound software licenses?
Which AWS characteristics make AWS cost effective for a workload with dynamic user demand? (Choose two.)
Which service enables risk auditing by continuously monitoring and logging account activity, including user actions in the AWS Management Console and AWSSDKs?
Which of the following are characteristics of Amazon S3? (Choose two.)
Which services can be used across hybrid AWS Cloud architectures? (Choose two.)
What costs are included when comparing AWS Total Cost of Ownership (TCO) with on-premises TCO?
A company is considering using AWS for a self-hosted database that requires a nightly shutdown for maintenance and cost-saving purposes.Which service should the company use?
Which of the following is a correct relationship between regions, Availability Zones, and edge locations?
Which AWS tools assist with estimating costs? (Choose three.)
Which of the following are advantages of AWS consolidated billing? (Choose two.)
Which of the following Reserved Instance (RI) pricing models provides the highest average savings compared to On-Demand pricing?
Compared with costs in traditional and virtualized data centers, AWS has:
A characteristic of edge locations is that they:
Which of the following can limit Amazon Storage Service (Amazon S3) bucket access to specific users?
Which of the following security-related actions are available at no cost?
Which of the Reserved Instance (RI) pricing models can change the attributes of the RI as long as the exchange results in the creation of RIs of equal or greater value?
Which AWS feature will reduce the customer's total cost of ownership (TCO)?
Which of the following services will automatically scale with an expected increase in web traffic?
Where are AWS compliance documents, such as an SOC 1 report, located?
Under the AWS shared responsibility model, which of the following activities are the customer's responsibility? (Choose two.)
Which is a recommended pattern for designing a highly available architecture on AWS?
According to best practices, how should an application be designed to run in the AWS Cloud?
AWS supports which of the following methods to add security to Identity and Access Management (IAM) users? (Choose two.)
Which AWS services should be used for read/write of constantly changing data? (Choose two.)
What is one of the advantages of the Amazon Relational Database Service (Amazon RDS)?
A customer needs to run a MySQL database that easily scales.Which AWS service should they use?
Which of the following components of the AWS Global Infrastructure consists of one or more discrete data centers interconnected through low latency links?
Which of the following is a shared control between the customer and AWS?
How many Availability Zones should compute resources be provisioned across to achieve high availability?
One of the advantages to moving infrastructure from an on-premises data center to the AWS Cloud is:
What is the lowest-cost, durable storage option for retaining database backups for immediate retrieval?
Which AWS IAM feature allows developers to access AWS services through the AWS CLI?
Which of the following is a fast and reliable NoSQL database service?
What is an example of agility in the AWS Cloud?
Which service should a customer use to consolidate and centrally manage multiple AWS accounts?
What approach to transcoding a large number of individual video files adheres to AWS architecture principles?
For which auditing process does AWS have sole responsibility?
Which feature of the AWS Cloud will support an international company's requirement for low latency to all of its customers?
Which of the following is the customer's responsibility under the AWS shared responsibility model?
A customer is using multiple AWS accounts with separate billing.How can the customer take advantage of volume discounts with minimal impact to the AWS resources?
Which of the following are features of Amazon CloudWatch Logs? (Choose two.)
Which of the following is an AWS managed Domain Name System (DNS) web service?
A customer is deploying a new application and needs to choose an AWS Region.Which of the following factors could influence the customer's decision? (Choose two.)
Which storage service can be used as a low-cost option for hosting static websites?
Which Amazon EC2 instance pricing model can provide discounts of up to 90%?
What is the AWS customer responsible for according to the AWS shared responsibility model?
Which of the following AWS Cloud services can be used to run a customer-managed relational database?
A company is looking for a scalable data warehouse solution.Which of the following AWS solutions would meet the company's needs?
Which statement best describes Elastic Load Balancing?
Which of the following are valid ways for a customer to interact with AWS services? (Choose two.)
The AWS Cloud's multiple Regions are an example of:
Which of the following AWS services can be used to serve large amounts of online video content with the lowest possible latency? (Choose two.)
Web servers running on Amazon EC2 access a legacy application running in a corporate data center.What term would describe this model?
What is the benefit of using AWS managed services, such as Amazon ElastiCache and Amazon Relational Database Service (Amazon RDS)?
Which service provides a virtually unlimited amount of online highly durable object storage?
Which of the following Identity and Access Management (IAM) entities is associated with an access key ID and secret access key when using AWS CommandLine Interface (AWS CLI)?
Which of the following security-related services does AWS offer? (Choose two.)
Which AWS managed service is used to host databases?
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups. It frees you to focus on your applications so you can give them the fast performance, high availability, security and compatibility they need.https://aws.amazon.com/rds/?c=db&sec=srv
Which AWS service provides a simple and scalable shared file storage solution for use with Linux-based AWS and on-premises servers?
Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. It is built to scale on demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.Amazon EFS is designed to provide the throughput, IOPS, and low latency needed for Linux workloads. Throughput and IOPS scale as a file system grows and can burst to higher throughput levels for short periods of time to support the unpredictable performance needs of file workloads. For the most demanding workloads, Amazon EFS can support performance over 10 GB/sec and up to 500,000 IOPS.
When architecting cloud applications, which of the following are a key design principle?
Cloud services main proposition is to provide elasticity through horizontal scaling. It's already there. As for using largest instance possible, it is not a design principle that helps cloud applications in anyway. Scrum development process is not related to architecting. Therefore, a key principle is to provision your application for on-demand capacity. Peak loads is something that cloud applications experience everyday. Peak load management should be a necessary part of cloud application design principle.https://d1.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf
Which AWS service should be used for long-term, low-cost storage of data backups?
Amazon S3 Glacier is a secure, durable, and low-cost storage class of S3 for data archiving and long-term backup. Customers can store large or small amounts of data for as little as $0.004 per gigabyte per month. The S3 Glacier storage class is ideal for archives where data is regularly retrieved and some of the data may be needed in minutes.Amazon RDS is a relational database service that hosts databases. It helps you create and manage databases. Amazon Snowball is a petabyte-scale data transfer service that provides cost efficient data transfer to AWS from tamper proof physical devices. Similarly, Elastic block storage offers persistent block storage volumes for EC2 instances.https://aws.amazon.com/backup-restore/services/
Under the shared responsibility model, which of the following is a shared control between a customer and AWS?
Which AWS service allows companies to connect an Amazon VPC to an on-premises data center?
AWS Direct Connect enables you to securely connect your AWS environment to your on-premises data center or office location over a standard 1 gigabit or 10 gigabit Ethernet fiber-optic connection. AWS Direct Connect offers dedicated high speed, low latency connection, which bypasses internet service providers in your network path. An AWS Direct Connect location provides access to Amazon Web Services in the region it is associated with, as well as access to other US regions. AWS Direct Connect allows you to logically partition the fiber-optic connections into multiple logical connections called Virtual Local Area Networks(VLAN). You can take advantage of these logical connections to improve security, differentiate traffic, and achieve compliance requirements.https://aws.amazon.com/getting-started/projects/connect-data-center-to-aws/
A company wants to reduce the physical compute footprint that developers use to run code.Which service would meet that need by enabling serverless architectures?
Which AWS service provides alerts when an AWS event may impact a company's AWS resources?
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. While the Service HealthDashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of theAWS services underlying your AWS resources.https://aws.amazon.com/premiumsupport/technology/personal-health-dashboard/
Which of the following are categories of AWS Trusted Advisor? (Choose two.)
Like your customized cloud expert, AWS Trusted Advisor analyzes your AWS environment and provides best practice recommendations in five categories: cost optimization, performance, security, fault tolerance and service limits.https://aws.amazon.com/premiumsupport/technology/trusted-advisor/
Which task is AWS responsible for in the shared responsibility model for security and compliance?
AWS Compliance enables customers to establish and operate in an AWS security control environment
The shared responsibility model is part of AWS Compliance program
The Security of the cloud is managed by Amazon AWS provider
The Security in the cloud is responsibility of the customer
The customer is responsible for their information and data, their secure transmission, integrity, and encryption
Also, the customer is responsible for managing, support, patching and control of the guest operating system and AWS services provided like EC2
AWS customers retain control and ownership of their data
The AWS network provides significant protection against traditional network security issues and the customer can implement further protection
Where should a company go to search software listings from independent software vendors to find, test, buy and deploy software that runs on AWS?
AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS.https://aws.amazon.com
Which of the following is a benefit of using the AWS Cloud?
Developer and IT staff productivity accounted for nearly 30% of overall financial benefits. The remaining benefits were driven by the flexibility and agility ofAmazon cloud infrastructure services, which make it easier to trial new business models, support revenue-generating applications, and provide more reliable services to end users.https://media.amazonwebservices.com/IDC_Business_Value_of_AWS_Accelerates_Over_time.pdf
When performing a cost analysis that supports physical isolation of a customer workload, which compute hosting model should be accounted for in the Total Cost of Ownership (TCO)?
Use Dedicated Hosts to launch Amazon EC2 instances on physical servers that are dedicated for your use. Dedicated Hosts give you additional visibility and control over how instances are placed on a physical server, and you can reliably use the same physical server over time. As a result, Dedicated Hosts enable you to use your existing server-bound software licenses like Windows Server and address corporate compliance and regulatory requirements.
Which AWS service provides the ability to manage infrastructure as code?
AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This file serves as the single source of truth for your cloud environment.https://aws.amazon.com/cloudformation/
If a customer needs to audit the change management of AWS resources, which of the following AWS services should the customer use?
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records yourAWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. This enables you to simplify compliance auditing, security analysis, change management, and operational troubleshooting.https://aws.amazon.com/config/
What is Amazon CloudWatch?
Amazon CloudWatch is basically a metrics repository. An AWS service "" such as Amazon EC2 "" puts metrics into the repository, and you retrieve statistics based on those metrics. If you put your own custom metrics into the repository, you can retrieve statistics on these metrics as well.https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_architecture.html
Which service allows a company with multiple AWS accounts to combine its usage to obtain volume discounts?
use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts or multiple Amazon Internet Services Pvt.Ltd (AISPL) accounts. Every organization in AWS Organizations has a master account that pays the charges of all the member accounts.Consolidated billing has the following benefits:
Combined usage "" You can combine the usage across all accounts in the organization to share the volume pricing discounts and Reserved Instance discounts. This can result in a lower charge for your project, department, or company than with individual standalone accounts. For more information, seeVolume Discounts.
Which of the following services could be used to deploy an application to servers running on-premises? (Choose two.)
Which Amazon EC2 pricing model adjusts based on supply and demand of EC2 instances?
Which design principles for cloud architecture are recommended when re-architecting a large monolithic application? (Choose two.)
Rearchitecting applications involves sweeping change where an old monolithic application is completely revamped according to modern microservices architecture. Using individual components to re-architect a big application is one part of the process. The most important part is to design the application for scalability because the level of investment for a monolithic application can only be justified when resilience and scalability is needed.https://www.architech.ca/re-architect-applications/
Which is the MINIMUM AWS Support plan that allows for one-hour target response time for support cases?
Where can AWS compliance and certification reports be downloaded?
WS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS's security and compliance reports and select online agreements. The AWS SOC 2 report is particularly helpful for completing questionnaires because it provides a comprehensive description of the implementation and operating effectiveness of AWS security controls. Another useful document is the Executive Briefing within the AWSFedRAMP Partner Package.https://aws.amazon.com/compliance/faq/
Which AWS service provides a customized view of the health of specific AWS services that power a customer's workloads running on AWS?
Personal Health Dashboard gives you a personalized view of the status of the AWS services that power your applications, enabling you to quickly see when AWS is experiencing issues that may impact you. For example, in the event of a lost EBS volume associated with one of your EC2 instances, you would gain quick visibility into the status of the specific service you are using, helping save precious time troubleshooting to determine root cause.https://aws.amazon.com/premiumsupport/technology/personal-health-dashboard/
Which of the following is an advantage of consolidated billing on AWS?
Which of the following steps should be taken by a customer when conducting penetration testing on AWS?
Which of the following AWS features enables a user to launch a pre-configured Amazon Elastic Compute Cloud (Amazon EC2) instance?
To use Amazon EC2, you simply:
Select a pre-configured, templated Amazon Machine Image (AMI) to get up and running immediately. Or create an AMI containing your applications, libraries, data, and associated configuration settings.
Configure security and network access on your Amazon EC2 instance.
Choose which instance type(s) you want, then start, terminate, and monitor as many instances of your AMI as needed, using the web service APIs or the variety of management tools provided.
Determine whether you want to run in multiple locations, utilize static IP endpoints, or attach persistent block storage to your instances.
Pay only for the resources that you actually consume, like instance-hours or data transfer.https://aws.amazon.com/ec2/features/
How would an AWS customer easily apply common access controls to a large set of users?
Instead of defining permissions for individual IAM users, it's usually more convenient to create groups that relate to job functions (administrators, developers, accounting, etc.). Next, define the relevant permissions for each group. Finally, assign IAM users to those groups. All the users in an IAM group inherit the permissions assigned to the group. That way, you can make changes for everyone in a group in just one place. As people move around in your company, you can simply change what IAM group their IAM user belongs to.https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
What technology enables compute capacity to adjust as loads change?
AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost. UsingAWS Auto Scaling, it's easy to setup application scaling for multiple resources across multiple services in minutes. The service provides a simple, powerful user interface that lets you build scaling plans for resources including Amazon EC2 instances and Spot Fleets, Amazon ECS tasks, Amazon DynamoDB tables and indexes, and Amazon Aurora Replicas. AWS Auto Scaling makes scaling simple with recommendations that allow you to optimize performance, costs, or balance between them. If you're already using Amazon EC2 Auto Scaling to dynamically scale your Amazon EC2 instances, you can now combine it with AWS AutoScaling to scale additional resources for other AWS services. With AWS Auto Scaling, your applications always have the right resources at the right time.https://aws.amazon.com/autoscaling/
Which AWS services are defined as global instead of regional? (Choose two.)
Which AWS service would you use to obtain compliance reports and certificates?
AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS' security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment CardIndustry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls. Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the Nondisclosure Agreement(NDA).https://aws.amazon.com/artifact/
Under the shared responsibility model, which of the following tasks are the responsibility of the AWS customer? (Choose two.)
Which AWS service can be used to manually launch instances based on resource requirements?
A company is migrating an application that is running non-interruptible workloads for a three-year time frame.Which pricing construct would provide the MOST cost-effective solution?
The financial benefits of using AWS are: (Choose two.)
Which AWS Cost Management tool allows you to view the most granular data about your AWS bill?
Which of the following can an AWS customer use to launch a new Amazon Relational Database Service (Amazon RDS) cluster? (Choose two.)
Which of the following is an AWS Cloud architecture design principle?
Loose coupling between services can also be done through asynchronous integration. It involves one component that generates events and another that consumes them. The two components do not integrate through direct point-to-point interaction, but usually through an intermediate durable storage layer. This approach decouples the two components and introduces additional resiliency. So, for example, if a process that is reading messages from the queue fails, messages can still be added to the queue to be processed when the system recovers.
Which of the following security measures protect access to an AWS account? (Choose two.)
If you decided to create service accounts (that is, accounts used for programmatic access by applications running outside of the AWS environment) and generate access keys for them, you should create a dedicated service account for each use case. This will allow you to restrict the associated policy to only the permissions needed for the particular use case, limiting the blast radius if the credentials are compromised. For example, if a monitoring tool and a release management tool both require access to your AWS environment, create two separate service accounts with two separate policies that define the minimum set of permissions for each tool.
Which service provides a hybrid storage service that enables on-premises applications to seamlessly use cloud storage?
AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage. Customers use Storage Gateway to simplify storage management and reduce costs for key hybrid cloud storage use cases. These include moving tape backups to the cloud, reducing on-premises storage with cloud-backed file shares, providing low latency access to data in AWS for on-premises applications, as well as various migration, archiving, processing, and disaster recovery use cases.https://aws.amazon.com/storagegateway/?whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc
Which of the following services falls under the responsibility of the customer to maintain operating system configuration, security patching, and networking?
Which of the following is an important architectural design principle when designing cloud applications?
Data Center resilience is practiced through Availability Zones across data centers that reduce the impact of failures.Fault isolation improvement can be made to traditional horizontal scaling by sharding (a method of grouping instances into groups called shards, instead of sending the traffic from all users to every node like in the traditional IT structure.)https://www.botmetric.com/blog/aws-cloud-architecture-design-principles/
Which AWS support plan includes a dedicated Technical Account Manager?
Amazon Relational Database Service (Amazon RDS) offers which of the following benefits over traditional database management?
Which service is best for storing common database query results, which helps to alleviate database access load?
Amazon ElastiCache for Redis is a great choice for implementing a highly available, distributed, and secure in-memory cache to decrease access latency, increase throughput, and ease the load off your relational or NoSQL databases and applications. ElastiCache can serve frequently requested items at sub- millisecond response times, and enables you to easily scale for higher loads without growing the costlier backend databases. Database query results caching, persistent session caching, and full-page caching are all popular examples of caching with ElastiCache for Redis.https://aws.amazon.com/products/databases/real-time-apps-elasticache-for-redis/
Which of the following is a component of the shared responsibility model managed entirely by AWS?
Which options does AWS make available for customers who want to learn about security in the cloud in an instructor-led setting? (Choose two.)
Which of the following features can be configured through the Amazon Virtual Private Cloud (Amazon VPC) Dashboard? (Choose two.)
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.You can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your web servers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.
If each department within a company has its own AWS account, what is one way to enable consolidated billing?
How do customers benefit from Amazon's massive economies of scale?
Which AWS services can be used to gather information about AWS account activity? (Choose two.)
AWS offers a solution that uses AWS CloudTrail to log account activity, Amazon Kinesis to compute and stream metrics in real-time, and Amazon DynamoDB to durably store the computed data. Metrics are calculated for create, modify, and delete API calls for more than 60 supported AWS services. The solution also features a dashboard that visualizes your account activity in real-time.
Which of the following common IT tasks can AWS cover to free up company IT resources? (Choose two.)
In which scenario should Amazon EC2 Spot Instances be used?
Which AWS feature should a customer leverage to achieve high availability of an application?
This is to achieve High Availability for any web application (in this case SwiftCode) deployed in AWS. The following features will be present:
High availability across multiple instances/multiple availability zones.
Auto Scaling of instances (scale up and scale down) based on number of requests coming in
Additional Security to the instances/database that are in production
No impact to end users during newer version of code deployment
No Impact during patching the instance
Which is the minimum AWS Support plan that includes Infrastructure Event Management without additional costs?
Which AWS service can serve a static website?
You can host a static website on Amazon Simple Storage Service (Amazon S3). On a static website, individual webpages include static content. They might also contain client-side scripts. By contrast, a dynamic website relies on server-side processing, including server-side scripts such as PHP, JSP, or ASP.NET. AmazonS3 does not support server-side scripting.https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html
How does AWS shorten the time to provision IT resources?
What can AWS edge locations be used for? (Choose two.)
CloudFront delivers your content through a worldwide network of data centers called edge locations. When a user requests content that you're serving withCloudFront, the user is routed to the edge location that provides the lowest latency (time delay), so that content is delivered with the best possible performance.
Which of the following can limit Amazon Simple Storage Service (Amazon S3) bucket access to specific users?
To allow users to perform S3 actions on the bucket from the VPC endpoints or IP addresses, you must explicitly grant those user-level permissions. You can grant user-level permissions on either an AWS Identity and Access Management (IAM) policy or another statement in the bucket policy.https://aws.amazon.com/premiumsupport/knowledge-center/block-s3-traffic-vpc-ip/
A solution that is able to support growth in users, traffic, or data size with no drop in performance aligns with which cloud architecture principle?
A company will be moving from an on-premises data center to the AWS Cloud.What would be one financial difference after the move?
How should a customer forecast the future costs for running a new web application?