Exam questions

Question 1

You need to create and show rates to specific customers across a given period an alternate version of the monthly invoice information. What service should you use.

Answer 1

AWS Billing conductor

Question 2

You want to run a report where you can see a monthly cost breakdown by AWS Service and potential future cost.

Which tool do you need?

Answer 2

AWS Cost Explorer

Question 3

Which service retrieve key costs related to various AWS services

Answer 3

AWS Pricing API

Question 4

AWS Trusted Advisor recommends AutoScaling groups. With what Pilar does this align best

Answer 4

Sustainability

By autoscaling you prevent running instances that consumes eneergy that aren’t needed

Question 5

What is an IGW?

Answer 5

Internet Gateway

Question 6

What is a good option for block storage for EC2 that’s Scale able to petabyte level

Answer 6

EFS (Elastic File Systems) - it’s a managed file system that can scale to petabyte level

Question 7

You need to use AWS service for managing and automating tasks performed on many AWS CloudFormation Stacks. Which system would you use?

Answer 7

AWS Resource groups - is used for managing automating tasks performed on multiple resources at the same time.

Question 8

What is a private cloud deployment?

Answer 8

On-premises

Question 9

You need expert Guidance to meet security and compliance requirements to implement best practices for a migration. What service should you use?

Answer 9

AWS Security Competency Partners

Question 10

What is default number of VPC you can have within an individual region?

Answer 10

5

Question 11

What section of an IAM policy manages the behaviors?

Answer 11

Effects -

Question 12

What type of storage option is a regional service that gives you the ability to store and manages files within the AWS cloud?

Answer 12

Amazon EFS (Elastic File Systems) - its a regional service that allows you to create and manage file systems within the AWS cloud infrastructure.

Question 13

Name 2 AWS container orchestration tools

Answer 13

1. ECS (Elastic container Service)
2. EKS (Elastic Kubernetes Service)

Question 14

What security group gives the ability to manage permissions for several different users at once time while controlling access to specific AWS resources?

Answer 14

IAM groups, these group manages permissions for multiple users at one time.

Question 15

What is rehosting?

Answer 15

“lift and shift” - little to no changes are made to the application while moving the application to the cloud.

Question 16

What is replatforming?

Answer 16

“lift, thinker and shift” - for this strategy you need to change certain part of the application, but not the core of the app.

Question 17

What is repurchasing?

Answer 17

This is a strategy means you replace your old application with a completely new cloud based application.

Question 18

What database instance type is offered by Amazon RDS?

Answer 18

Oracle

Question 19

When a VPC is created, it automatically comes with a route table that can be modified

Answer 19

this

Question 20

What are 2 situations where you can Utilize AWS DynamoDB

Answer 20

1. When using a serverless Database System
2. When catering up to 45milion request per second

Question 21

What AWS service you want to get insights to reduce the company carbon footprint, allign with with new ESG requirements?

Answer 21

AWS Data exchange - This service allows you to locate and use 3rd party information that is related to sustainability.

Question 22

Which AWS Framework pillar is focused on continual improvement and refinement oof system resources over the complete infrastructure cycle

Answer 22

Cost optimization pillar – this pillar support improvements and efficiencies on the AWS full lifecycle.

Meet functional requirements while achieving the smallest price point

Question 23

What is a key capability of an amazon S3 data lake architecture component?

Answer 23

Utilitzes a broad perspective of data science, data analytics and machinelearning in a centralized platform

Question 24

What is a VPC Flow Log?

Answer 24

It gives you the ability to gather details about IP addresses going from and to different network components within your VPC. You can view these via CloudLog

Question 25

What is AWS Direct Connect?

Answer 25

It’s a private connection that links your remote network to an VPC. It’s a link between your on-premise netwrok and your VPC

Question 26

Which AWS Service should you use to reduce misreporting and non-compliance risk, save cost on cloud infra, and ensure non-compliant server usage is stopped before it occurss?

Answer 26

AWS license manager
This service simplifies the management of software licenses from multiple vendors.

Question 27

If you want to access the internet from your EC2 instance and not use an public IP adress, what netwrok component would you need?

Answer 27

NAT (network adress translation) Gateway

Question 28

Which AWS service would you use to improve communication with your users that are located far from your existing AWS Regions?

Answer 28

CloudFront - AWS CloudFront is a Content Delivery Network (CDN) that caches copies of data at locations around the world near customers. To do this CloudFront uses Edge locations.

Question 29

What DynamoDB Feature is an in-memory caching component that delivers microsecond responses for it’s front-end applications?

Answer 29

DAX - DynamoDB Accelerator

Question 30

Which Technologies should you use to securely connecting remote workers and on-premises networks to your AWS cloud?

Answer 30

AWS VPN - virtual private network

Question 31

What security policy do you need to make sure a connection has the appropriate SSL security policy

Answer 31

Predefined Security Policy

Question 32

How many internet Gateways (IGW) can be attached to an Amazon VPC?

Answer 32

1 - a virtual private cloud can only have one internet gateway attached at a time.

Question 33

Which of the following elements do you need to access an AWS account programmatically?

Answer 33

1. Access Key ID
2. Secret Access Key

Question 34

What are Elastic IP addresses (EIPs)?

Answer 34

is a static, public IPv4 address designed for dynamic cloud computing. You can associate an Elastic IP address with any instance or network interface in any VPC in your account. With an Elastic IP address, you can mask the failure of an instance by rapidly remapping the address to another instance in your VPC.

• connected to 1 instance or network interface at the time
• ## IPv6 is not supported

Question 35

What do you need to securely connect your on-premises systems to your VPC?

Answer 35

Virtual Private Gateway (VPG)

Question 36

When you create and manage an Amazon RDS environment, there are no setup fees. How is the RDS environment billed?

Answer 36

By running time. It billed per hour of use (even if the RDS service is just running for 10 minutes)

Question 37

What is AWS re:Post?

Answer 37

a portal that provides access to the AWS knowledge Center for troubleshooting, query resolution by an AWS employee and best practices.

Question 38

Which of the following components can be used to identify the faulty EC2 instances?

Answer 38

Resource tagging, via this label you can indentify resources easily.

Question 39

What is the difference between AWS Cost Explores and Pricing calculator

Answer 39

Cost explores is looking back of the costs you made in the last 12 months

AWS pricing calculator gives an estimate of the cost that you will make when starting certain services

Question 40

What AWS service automates evidence collection and perform risk and compliance management?

Answer 40

AWS Audit Manager

Question 41

What is consider a security best practice for an operating system or application?

Answer 41

Create a primary function for the EC2 instance, such as separating web servers from database servers.

Question 42

What type of internal AWs user can be created to mimic a service/application or person to access a resource?

Answer 42

an IAM User

Question 43

What does Amazon recommend for protecting data in transit when you have a concern of accidental information disclosure?

Answer 43

IPSec ESP

Data should be encrypted using Secure Sockets Layer/Transport Layer Securit (SSL/TLS) or IPSec ESP. IPsec ESP is an internet protocol security