Udemy Practice Exam 5

Question 1

Which AWS tool/service will help you define your cloud infrastructure using popular programming languages such as Python and JavaScript?

Answer 1

AWS Cloud Development Kit (CDK)

Question 2

A data science team would like to build Machine Learning models for its projects. Which AWS service can it use?

Answer 2

Amazon SageMaker

Question 3

An e-commerce company would like to build a chatbot for its customer service using Natural Language Understand (NLU). As a Cloud Practitioner, which AWS service would you use?

Answer 3

Amazon Lex

Question 4

Natural language processing (NLP) service that uses machine learning to find meaning and insights in text.

Answer 4

Amazon Comprehend

Question 5

A company needs to keep sensitive data in its own data center due to compliance but would still like to deploy resources using AWS. Which Cloud deployment model does this refer to?

Answer 5

Hybrid Cloud

Question 6

Which of the following statements is an AWS best practice when architecting for the Cloud?
-Automation
-Servers, not services
-Close coupling
-Security comes last

Answer 6

-Automation

Question 7

Which AWS service can be used to send, store, and receive messages between software components at any volume to decouple application tiers?

Answer 7

-Amazon SQS

Question 8

According to the Well-Architected Framework, which of the following action is recommended in the Security pillar?
-Use AWS Cost Explorer to view and track your usage in detail
-Use Amazon CloudWatch to measure overall efficiency
-Use AWS CloudFormation to automate security best practices
-Use AWS KMS to encrypt data

Answer 8

Use AWS KMS to encrypt data
“Protect data in transit and at rest”

Question 9

Which AWS service can be used to view the most comprehensive billing details for the past month?

Answer 9

AWS Cost & Usage Reports

Question 10

A production company would like to establish an AWS managed VPN service between its on-premises network and AWS. Which item needs to be set up on the company’s side?

Answer 10

A customer gateway

Question 11

Which types of monitoring can be provided by Amazon CloudWatch? (Select TWO)
-Performance and availability of AWS services
-API Access
-Application performance
-Account management
-Resource utilization

Answer 11

-Application performance
-Resource utilization

Question 12

A Cloud Practitioner would like to get operational insights of its resources to quickly identify any issues that might impact applications using those resources. Which AWS service can help with this task?

Answer 12

-AWS Systems Manager

Question 13

-You can create logical groups of resources such as applications, different layers of an application stack, or production versus development environments.
-Central place to view and manage your AWS resources,

Answer 13

-AWS Systems Manager

Question 14

Which of the following AWS Support plans is the MOST cost-effective when getting enhanced technical support by Cloud Support Engineers?

Answer 14

-Business

Question 15

It provides enhanced technical support, but by Cloud Support Associates.

Answer 15

-Developer

Question 16

A company would like to separate cost for AWS services by the department for cost allocation. Which of the following is the simplest way to achieve this task?

Answer 16

-Create tags for each department

Question 17

A media company wants to enable customized content suggestions for the users of its movies streaming platform. Which AWS service can provide these personalized recommendations based on the historic data?

Answer 17

-Amazon Personalize

Question 18

A developer would like to automate operations on his on-premises environment using Chef and Puppet. Which AWS service can help with this task?

Answer 18

AWS OpsWorks

Question 19

Which of the following IAM Security Tools allows you to review permissions granted to a user?

Answer 19

IAM access advisor
service permissions granted to a user and when those services were last accessed.

Question 20

Lists all users in your account and the status of their various credentials, including passwords, access keys, and MFA devices.

Answer 20

IAM credentials report

Question 21

A start-up would like to monitor its cost on the AWS Cloud and would like to choose an optimal Savings Plan. As a Cloud Practitioner, which AWS service would you use?

Answer 21

AWS Cost Explorer

Question 22

According to the Shared Responsibility Model, which of the following is both the responsibility of AWS and the customer? (Select two)
-Configuration management
-Data center security
-Customer data
-Disposal of disk drives
-Operating system (OS) configuration

Answer 22

-Configuration management
-Operating system (OS) configuration (host OS-AWS / guest OS-Customer)

Question 23

Which AWS service can inspect CloudFront distributions running on any HTTP web-server?

Answer 23

AWS WAF

Question 24

Allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define.

Answer 24

AWS WAF (web application firewall )

Question 25

Is a threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads.

Answer 25

AWS GuardDuty

Question 26

Automated security assessment service that helps improve the security and compliance of applications deployed on AWS.

Answer 26

Amazon Inspector

Question 27

A company is planning to implement Chaos Engineering to expose any blind spots that can disrupt the resiliency of the application.

Which AWS service will help implement this requirement with the least effort?

Answer 27

AWS Fault Injection Simulator

Question 28

Which of the following are the best practices when using AWS Organizations? (Select TWO)
-Create accounts per department
-Never use tags for billing
-Restrict account privileges using Service Control Policies (SCP)
-Disable CloudTrail on several accounts
-Do not use AWS Organizations to automate AWS account creation

Answer 28

-Create accounts per department
-Restrict account privileges using Service Control Policies (SCP)

Question 29

A research lab needs to be notified in case of a configuration change for security and compliance reasons. Which AWS service can assist with this task?

Answer 29

AWS Config

Question 30

Helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

Answer 30

AWS Secrets Manager

Question 31

A company using a hybrid cloud would like to store secondary backup copies of the on-premises data. Which S3 Storage Class would you use for a cost-optimal yet rapid access solution?

Answer 31

S3 One Zone - Infrequent Access
costs 20% less

Question 32

S3 categories that don’t charge retrieval charge (2)

Answer 32

-S3 Standard
-S3 Intelligent-Tiering`

Question 33

A company would like to audit requests made to an S3 bucket. As a Cloud Practitioner, which S3 feature would you recommend addressing this use-case?

Answer 33

S3 Access Logs

Question 34

Provides detailed records for the requests that are made to a bucket.

Answer 34

S3 Access Logs

Question 35

A company would like to move 50 petabytes (PBs) of data from its on-premises data centers to AWS in the MOST cost-effective way. As a Cloud Practitioner, which of the following solutions would you choose?

Answer 35

AWS Snowmobile
(up to 100PB)

Question 36

-computing and data transfer device
-on-board storage and compute power that provides select AWS services for use in edge locations.
-up to 100 TB of capacity.

Answer 36

AWS Snowball Edge

Question 37

up to 80 TB of capacity.

Answer 37

AWS Snowball

Question 38

8 TB capacity

Answer 38

AWS Snowcone

Question 39

Which AWS serverless service allows you to prepare data for analytics?

Answer 39

AWS Glue
(ETL)

Question 40

According to the Shared Responsibility Model, which of the following is a responsibility of the customer?
-Managing DynamoDB
-Firewall & networking configuration in EC2
-Protecting hardware infrastructure
-Edge locations security

Answer 40

-Firewall & networking configuration in EC2

Question 41

A company based in Sydney hosts its application on EC2 instances in ap-southeast-2. They would like to deploy the same EC2 instances in eu-south-1. Which of the following AWS entities can address this use-case?

Answer 41

Amazon Machine Image (AMI)

Question 42

A corporation would like to have a central user portal to log in to third-party business applications as well as accounts managed under AWS Organizations. As a Cloud Practitioner, which AWS service would you use for this task?

Answer 42

AWS Single Sign-On (SSO)

Question 43

A Cloud Practitioner would like to deploy identical resources across all regions and accounts using templates while estimating costs. Which AWS service can assist with this task?

Answer 43

AWS CloudFormation

Question 44

Which of the following services are provided by Amazon Route 53? (Select TWO)

-Transfer acceleration
-Domain registration
-IP routing
-Health checks and monitoring
-Load balancing

Answer 44

-Domain registration
-Health checks and monitoring

Question 45

Which security control tool can be used to deny traffic from a specific IP address?

Answer 45

Network ACL

Question 46

Which of the following statements is the MOST accurate when describing AWS Elastic Beanstalk?

Answer 46

It is a Platform as a Service (PaaS) which allows you to deploy and scale web applications and services
DEPLOY
SCALE

Question 47

Developers simply upload their application, and Elastic Beanstalk automatically handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring.

Answer 47

AWS Elastic Beanstalk

Question 48

An engineering team would like to cost-effectively run hundreds of thousands of batch computing workloads on AWS. As a Cloud Practitioner, which AWS service would you use for this task?

Answer 48

AWS Batch

Question 49

to plan, schedule, and execute your batch computing workloads across the full range of AWS compute services.

Answer 49

AWS Batch

Question 50

An organization would like to copy data across different Availability Zones (AZs) using EBS snapshots. Where are EBS snapshots stored in the AWS Cloud?

Answer 50

Amazon S3

Question 51

A company would like to define a set of rules to manage objects cost-effectively between storage classes. As a Cloud Practitioner, which Amazon S3 feature would you use?

Answer 51

S3 Lifecycle management

Question 52

Which AWS tool can provide best practice recommendations for performance, service limits, and cost optimization?

Answer 52

AWS Trusted Advisor

Question 53

A production company with predictable usage would like to reduce the cost of its Amazon EC2 instances by using reserved instances. Which of the following length terms are available for Amazon EC2 reserved instances? (Select TWO)

Answer 53

1 year

3 years

Question 54

Which of the following statements is INCORRECT regarding EBS Volumes?
-EBS Volumes are bound to a specific Availability Zone (AZ)
-EBS Volumes can be mounted to one instance at a time
-EBS Volumes can be bound to several Availability Zones (AZs)
-EBS Volumes can persist data after their termination

Answer 54

-EBS Volumes can be bound to several Availability Zones (AZs)

Question 55

Which of the following criteria are used to charge for Elastic Block Store (EBS) volumes? (Select TWO)

Answer 55

-Provisioned IOPS (input/output operations)
-Volume Type

Question 56

A multinational company has just moved its infrastructure to AWS Cloud and has employees traveling to different offices around the world. How should the company set the AWS accounts?

Answer 56

There is nothing to do, IAM is a global service

Question 57

Which service/tool will you use to create and provide trusted users with temporary security credentials that can control access to your AWS resources?

Answer 57

AWS Security Token Service (AWS STS)

Question 58

a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users).

Answer 58

AWS Security Token Service (AWS STS)

Question 59

A growing start-up has trouble identifying and protecting sensitive data at scale. Which AWS fully managed service can assist with this task?

Answer 59

Amazon Macie

Question 60

According to the Well-Architected Framework, which of the following statements are recommendations in the Operational Excellence pillar? (Select two)

-Automatically recover from failure
-Anticipate failure
-Enable traceability
-Make frequent, small, reversible changes
-Use serverless architectures

Answer 60

-Anticipate failure
-Make frequent, small, reversible changes

Question 61

An engineering team is new to the AWS Cloud and it would like to launch a dev/test environment with low monthly pricing. Which AWS service can address this use-case?

Answer 61

Amazon Lightsail

Question 62

A start-up would like to quickly deploy a popular technology on AWS. As a Cloud Practitioner, which AWS tool would you use for this task?

Answer 62

AWS Quick Starts references

Question 63

Which AWS service allows you to quickly and easily add user sign-up, sign-in, and access control to web and mobile applications?

Answer 63

Amazon Cognito

Question 64

authenticate users through social identity providers such as Facebook, Twitter, or Amazon, with SAML identity solutions, or by using your own identity system.

Answer 64

Amazon Cognito

Question 65

A company would like to reserve EC2 compute capacity for three years to reduce costs. The company also plans to increase their workloads during this period. As a Cloud Practitioner, which EC2 Reserved Instance type would you recommend?

Answer 65

Convertible Reserved Instances

Question 66

A company would like to create a private, high bandwidth network connection between its on-premises data centers and AWS Cloud. As a Cloud Practitioner, which of the following options would you recommend?

Answer 66

Direct Connect

Question 67

A brand new startup would like to remove its need to manage the underlying infrastructure and focus on the deployment and management of its applications. Which type of Cloud Computing does this refer to?

Answer 67

Platform as a Service (PaaS)

Question 68

A company would like to move its infrastructure to AWS Cloud. Which of the following should be included in the Total Cost of Ownership (TCO) estimate? (Select TWO)

Answer 68

Server administration

Power/Cooling

Question 69

A company needs to use a secure online data transfer tool/service that can automate the ongoing transfers from on-premises systems into AWS while providing support for incremental data backups.

Which AWS tool/service is an optimal fit for this requirement?

Answer 69

AWS DataSync

Question 70

secure online data transfer service that simplifies, automates, and accelerates copying terabytes of data to and from AWS storage services.

Answer 70

AWS DataSync

Question 71

Which of the following options is NOT a feature of Amazon Inspector?

-Automate security assessments
-Track configuration changes
-Analyze against unintended network accessibility
-Inspect running operating systems (OS) against known vulnerabilities

Answer 71

-Track configuration changes

Question 72

According to the Shared Responsibility Model, which of the following are responsibilities of AWS? (Select two)

-Data center security
-Encrypting application data
-Network operability
-Configuring IAM Roles

Answer 72

-Data center security
-Network operability

Question 73

The IT infrastructure at a university is deployed on AWS Cloud and it’s experiencing a read-intensive workload. As a Cloud Practitioner, which AWS service would you use to take the load off databases?

Answer 73

Amazon ElastiCache

Question 74

Which of the following options are the benefits of using AWS Elastic Load Balancing (ELB)? (Select TWO)

Answer 74

-High availability
-Fault tolerance

Question 75

The development team at a company manages 300 microservices and it is now trying to automate the code reviews to improve the code quality. Which tool/service is the right fit for this requirement?

Answer 75

Amazon CodeGuru
CodeGuru Reviewer
CodeGuru Profiler

Question 76

pinpoints an application’s most expensive lines of code by helping developers understand the runtime behavior of their applications, identify and remove code inefficiencies, improve performance, and significantly decrease compute costs.

Answer 76

CodeGuru Profiler

Question 77

Which AWS service can be used to subscribe to an RSS feed to be notified of the status of all AWS service interruptions?

Answer 77

AWS Service Health Dashboard

Question 78

Which of the following billing timeframes is applied when running a Windows EC2 on-demand instance?

Answer 78

Pay per second

Question 79

Which of the following AWS services can be used to generate, use, and manage encryption keys on the AWS Cloud?

Answer 79

AWS CloudHSM

Question 80

Which of the following statements is CORRECT regarding the scope of an Amazon Virtual Private Cloud (VPC)?

-A VPC spans all Availability Zones (AZs) within a region
-A VPC spans all subnets in all regions
-A VPC spans all Availability Zones (AZs) in all regions
-A VPC spans all regions within an Availability Zone (AZ)

Answer 80

-A VPC spans all Availability Zones (AZs) within a region

Question 81

Which AWS service would you use to create a logically isolated section of the AWS Cloud where you can launch AWS resources in your virtual network?

Answer 81

Virtual Private Cloud (VPC)

Question 82

Which AWS entity enables you to privately connect your VPC to an Amazon SQS queue?

Answer 82

VPC Interface Endpoint