AWS 4 Flashcards
A company has multiple applications and is now building a new multi-tier application. The company will host the new application on Amazon EC2 instances. The company wants the network routing and traffic between the various applications to follow the security principle of least privilege.Which AWS service or feature should the company use to enforce this principle?
A. Security groups
B. AWS Shield
C. AWS Global Accelerator
D. AWS Direct Connect gateway
A. Security groups
A company’s web application requires AWS credentials and authorizations to use an AWS service.Which IAM entity should the company use as best practice?
A. IAM role
B. IAM user
C. IAM group
D. IAM multi-factor authentication (MFA)
A. IAM role
A company is creating a document that defines the operating system patch routine for all the company’s systems.Which AWS resources should the company include in this document? (Choose two.)
A. Amazon EC2 instances
B. AWS Lambda functions
C. AWS Fargate tasks
D. Amazon RDS instances
E. Amazon Elastic Container Service (Amazon ECS) instances
A. Amazon EC2 instances
D. Amazon RDS instances
Which AWS service or feature gives a company the ability to control incoming traffic and outgoing traffic for Amazon EC2 instances?
A. Security groups
B. Amazon Route 53
C. AWS Direct Connect
D. Amazon VPC
A. Security groups
A company is starting to build its infrastructure in the AWS Cloud. The company wants access to technical support during business hours. The company also wants general architectural guidance as teams build and test new applications.Which AWS Support plan will meet these requirements at the LOWEST cost?
A. AWS Basic Support
B. AWS Developer Support
C. AWS Business Support
D. AWS Enterprise Support
B. AWS Developer Support
A company is migrating its public website to AWS. The company wants to host the domain name for the website on AWS.Which AWS service should the company use to meet this requirement?
A. AWS Lambda
B. Amazon Route 53
C. Amazon CloudFront
D. AWS Direct Connect
B. Amazon Route 53
A company needs to evaluate its AWS environment and provide best practice recommendations in five categories: cost, performance, service limits, fault tolerance, and security.Which AWS service can the company use to meet these requirements?
A. AWS Shield
B. AWS WAF
C. AWS Trusted Advisor
D. AWS Service Catalog
C. AWS Trusted Advisor
Which AWS service provides the capability to view end-to-end performance metrics and troubleshoot distributed applications?
A. AWS Cloud9
B. AWS CodeStar
C. AWS Cloud Map
D. AWS X-Ray
D. AWS X-Ray
Which cloud computing benefit does AWS demonstrate with its ability to offer lower variable costs as a result of high purchase volumes?
A. Pay-as-you-go pricing
B. High availability
C. Global reach
D. Economies of scale
D. Economies of scale
Which AWS service provides threat detection by monitoring for malicious activities and unauthorized actions to protect AWS accounts, workloads, and data that is stored in Amazon S3?
A. AWS Shield
B. AWS Firewall Manager
C. Amazon GuardDuty
D. Amazon Inspector
C. Amazon GuardDuty
Which AWS service can a company use to store and manage Docker images?
A. Amazon DynamoDB
B. Amazon Kinesis Data Streams
C. Amazon Elastic Container Registry (Amazon ECR)
D. Amazon Elastic File System (Amazon EFS)
C. Amazon Elastic Container Registry (Amazon ECR)
A company needs an automated security assessment report that will identify unintended network access to Amazon EC2 instances. The report also must identify operating system vulnerabilities on those instances.Which AWS service or feature should the company use to meet this requirement?
A. AWS Trusted Advisor
B. Security groups
C. Amazon Macie
D. Amazon Inspector
D. Amazon Inspector
A global company is building a simple time-tracking mobile app. The app needs to operate globally and must store collected data in a database. Data must be accessible from the AWS Region that is closest to the user.What should the company do to meet these data storage requirements with the LEAST amount of operational overhead?
A. Use Amazon EC2 in multiple Regions to host separate databases
B. Use Amazon RDS cross-Region replication
C. Use Amazon DynamoDB global tables
D. Use AWS Database Migration Service (AWS DMS)
C. Use Amazon DynamoDB global tables
Which of the following are economic advantages of the AWS Cloud? (Choose two.)
A. Increased workforce productivity
B. Decreased need to encrypt user data
C. Manual compliance audits
D. Simplified total cost of ownership (TCO) accounting
E. Faster product launches
A. Increased workforce productivity
D. Simplified total cost of ownership (TCO) accounting
Which controls does the customer fully inherit from AWS in the AWS shared responsibility model?
A. Patch management controls
B. Awareness and training controls
C. Physical and environmental controls
D. Configuration management controls
C. Physical and environmental controls
Which task is a customer’s responsibility, according to the AWS shared responsibility model?
A. Management of the guest operating systems
B. Maintenance of the configuration of infrastructure devices
C. Management of the host operating systems and virtualization
D. Maintenance of the software that powers Availability Zones
A. Management of the guest operating systems
A company needs to deliver new website features quickly in an iterative manner to minimize the time to market.Which AWS Cloud concept does this requirement represent?
A. Reliability
B. Elasticity
C. Agility
D. High availability
C. Agility
A company wants to increase its ability to recover its infrastructure in the case of a natural disaster.Which pillar of the AWS Well-Architected Framework does this ability represent?
A. Cost optimization
B. Performance efficiency
C. Reliability
D. Security
C. Reliability
Which AWS service tracks API calls and user activity?
A. AWS Organizations
B. AWS Config
C. Amazon CloudWatch
D. AWS CloudTrail
D. AWS CloudTrail
Which AWS service, feature, or tool uses machine learning to continuously monitor cost and usage for unusual cloud spending?
A. Amazon Lookout for Metrics
B. AWS Budgets
C. Amazon CloudWatch
D. AWS Cost Anomaly Detection
D. AWS Cost Anomaly Detection
A company deployed an application on an Amazon EC2 instance. The application ran as expected for 6 months in the past week, users have reported latency issues. A system administrator found that the CPU utilization was at 100% during business hours. The company wants a scalable solution to meet demand.Which AWS service or feature should the company use to handle the load for its application during periods of high demand?
A. Auto Scaling groups
B. AWS Global Accelerator
C. Amazon Route 53
D. An Elastic IP address
A. Auto Scaling groups
A company wants to migrate to AWS and use the same security software it uses on premises. The security software vendor offers its security software as a service on AWS.Where can the company purchase the security solution?
A. AWS Partner Solutions Finder
B. AWS Support Center
C. AWS Management Console
D. AWS Marketplace
D. AWS Marketplace
A company is generating large sets of critical data in its on-premises data center. The company needs to securely transfer the data to AWS for processing. These transfers must occur daily over a dedicated connection.Which AWS service should the company use to meet these requirements?
A. AWS Backup
B. AWS DataSync
C. AWS Direct Connect
D. AWS Snowball
C. AWS Direct Connect
A company wants to run production workloads on AWS. The company wants access to technical support from engineers 24 hours a day, 7 days a week. The company also wants access to the AWS Health API and contextual architectural guidance for business use cases. The company has a strong IT support team and does not need concierge support.Which AWS Support plan will meet these requirements at the LOWEST cost?
A. AWS Basic Support
B. AWS Developer Support
C. AWS Business Support
D. AWS Enterprise Support
C. AWS Business Support Most Voted
