Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ACP Exam > Practice Test 4 Study > Flashcards

Practice Test 4 Study Flashcards

1
Q

Which of the following entities can be used to connect to an Amazon Elastic Compute Cloud (Amazon EC2) server from a Mac OS, Windows or Linux based computer via a browser-based client?

  1. Putty
  2. Amazon EC2 Instance Connect
  3. SSH
  4. AWS Direct Connect
A

2 - Amazon EC2 Instance Connect

Amazon EC2 Instance Connect provides a simple and secure way to connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following describes an Availability Zone (AZ) in the AWS Cloud?
1. One or more data centers in the same location
2. One or more server racks in multiple locations
3. One or more server racks in the same location
4. One or more data centers in multiple locations

A

1 - One or more data centers in the same location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following Amazon Simple Storage Service (Amazon S3) storage classes do not charge any data retrieval fee? (Select two)
1. Amazon S3 Glacier Flexible Retrieval
2. Amazon S3 Intelligent-Tiering
3. Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)
4. Amazon S3 Standard
5. Amazon S3 Standard-Infrequent Access (S3 Standard-IA)

A

2 - Amazon S3 Intelligent-Tiering
4 - Amazon S3 Standard

  • Amazon S3 Standard does not charge any data retrieval fee.
  • Amazon S3 Intelligent-Tiering does not charge any data retrieval fee.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

As per the AWS Shared Responsibility Model, Security and Compliance is a shared responsibility between AWS and the customer. Which of the following security services/utilities falls under the purview of AWS under the AWS Shared Responsibility Model?
1. Security group
2. AWS Web Application Firewall (AWS WAF)
3. AWS Shield Advanced
4. AWS Shield Standard

A

4 - AWS Shield Standard

As AWS Shield Standard is automatically activated for all AWS customers with no options for any customizations, therefore AWS needs to manage the maintenance and configurations for this service. Hence this service falls under the purview of AWS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following AWS authentication mechanisms supports an AWS Multi-Factor Authentication (AWS MFA) device that you can plug into a USB port on your computer?
1. SMS text message-based MFA (AWS MFA)
2. Hardware MFA (AWS MFA) device
3. U2F security key
4. Virtual MFA (AWS MFA) device

A

3 - U2F security key

Hardware Multi-Factor Authentication (AWS MFA) device - This is a hardware device that generates a six-digit numeric code based upon a time-synchronized one-time password algorithm. The user must type a valid code from the device on a second webpage during sign-in. Each MFA device assigned to a user must be unique. A user cannot type a code from another user’s device to be authenticated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

AWS Shield Advanced provides expanded DDoS attack protection for web applications running on which of the following resources? (Select two)
1. AWS Elastic Beanstalk
2. Amazon EC2
3. Amazon CloudFront
4. Amazon S3
5. AWS IAM

A

2 - Amazon EC2
3 - Amazon CloudFront

AWS Shield Advanced provides expanded DDoS attack protection for web applications running on the following resources:
* Amazon Elastic Compute Cloud,
* Elastic Load Balancing (ELB),
* Amazon CloudFront,
* Amazon Route 53,
* AWS Global Accelerator.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AWS Trusted Advisor can provide alerts on which of the following common security misconfigurations? (Select two)?
1. When you allow public access to Amazon S3 buckets
2. When you don’t turn on user activity logging (AWS CloudTrail)
3. When you share IAM user credentials with others
4. When you don’t tag objects in Amazon S3 buckets
5. When you don’t enable data encryption on Amazon S3 Glacier

A

1 - When you allow public access to Amazon S3 buckets
2 - When you don’t turn on user activity logging (AWS CloudTrail)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is correct regarding the Amazon Relational Database Service (Amazon RDS) service?

  1. You can use both read replicas and multi-AZ deployment for improved read performance
  2. You can use read replicas for disaster recovery and multi-AZ deployment for improved read performance
  3. You can use read replicas for improved read performance as well as disaster recovery
  4. You can use read replicas for improved read performance and multi-AZ deployment for disaster recovery
A

3 - You can use read replicas for improved read performance as well as disaster recovery

Read replicas allow you to create read-only copies that are synchronized with your master database. Read replicas are used for improved read performance. You can also place your read replica in a different AWS Region closer to your users for better performance. Using a cross-Region read replica can also help ensure that you get back up and running if you experience a regional availability issue in case of a disaster. Read replicas are an example of horizontal scaling of resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which AWS entity enables you to privately connect your Amazon Virtual Private Cloud (Amazon VPC) to an Amazon Simple Queue Service (Amazon SQS) queue?
1. VPC Gateway Endpoint
2. VPC Interface Endpoint
3. AWS Direct Connect
4. Internet Gateway

A

2 - VPC Interface Endpoint

An interface endpoint is an elastic network interface (ENI) with a private IP address from the IP address range of your subnet that serves as an entry point for traffic destined to a supported service. Interface endpoints are powered by AWS PrivateLink, a technology that enables you to privately access services by using private IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following statements are CORRECT regarding AWS Global Accelerator? (Select two)
1. AWS Global Accelerator provides static IP addresses that act as a fixed entry point to your application
2. AWS Global Accelerator is a good fit for non-HTTP use cases
3. AWS Global Accelerator uses the AWS global network and its edge locations. But the edge locations used by GA are different from Amazon CloudFront edge locations.
4. AWS Global Accelerator can be used to host static Web sites
5. AWS Global Accelerator cannot be configured with an ELB

A

1 - AWS Global Accelerator provides static IP addresses that act as a fixed entry point to your application
2 - AWS Global Accelerator is a good fit for non-HTTP use cases

Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions.

AWS Global Accelerator is a good fit for non-HTTP use cases, such as gaming (UDP), IoT (MQTT), or Voice over IP, as well as for HTTP use cases that specifically require static IP addresses or deterministic, fast regional failover.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A cargo shipping company runs its server fleet on Amazon Elastic Compute Cloud (Amazon EC2) instances. Some of these instances host the CRM (Customer Relationship Management) applications that need to be accessible 24x7. These applications are not mission-critical. In case of a disaster, these applications can be managed on a lesser number of instances for some time.

Which disaster recovery strategy is well-suited as well as cost-effective for this requirement?
1. Backup & Restore strategy
2. Pilot Light strategy
3. Multi-site active-active strategy
4. Warm Standby strategy

A

4 - Warm Standby strategy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following AWS services offers Lifecycle configuration for cost-optimal storage?
1. Amazon EC2 instance store
2. Amazon EBS
3. Amazon Storage Gateway
4. Amazon S3

A

4 - Amazon S3

ou can manage your objects on Amazon S3 so that they are stored cost-effectively throughout their lifecycle by configuring their Amazon S3 Lifecycle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which AWS service would you use to create a logically isolated section of the AWS Cloud where you can launch AWS resources in your virtual network?
1. VPC
2. Subnet
3. VPN
4. Network ACL

A

1 - VPC

A subnet is a range of IP addresses within your VPC. A subnet is not an AWS service, so this option is ruled out.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following AWS services can be used to forecast your AWS account usage and costs?
1. AWS Budgets
2. AWS Pricing Calculator
3. AWS Cost Explorer
4. AWS Cost & Usage Report (AWS CUR)

A

3 - AWS Cost Explorer

AWS Budgets cannot forecast your AWS account cost and usage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which entity ensures that your application on Amazon Elastic Compute Cloud (Amazon EC2) always has the right amount of capacity to handle the current traffic demand?
1. Network Load Balancer
2. Application Load Balancer
3. Amazon EC2 Auto Scaling
4. Multi-AZ deployment

A

3 - Amazon EC2 Auto Scaling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The DevOps team at an IT company wants to centrally manage its servers on AWS Cloud as well as on-premise data center so that it can collect software inventory, run commands, configure and patch servers at scale. As a Cloud Practitioner, which AWS service would you recommend for this use-case?
1. AWS Config
2. AWS OpsWorks
3. AWS CloudFormation
4. AWS Systems Manager

A

4 - AWS Systems Manager

AWS Systems Manager allows you to automate operational tasks such as collecting software inventory, running commands, managing patches, and configuring servers across AWS Cloud as well as on-premises infrastructure.

17
Q

Which of the following can you use to run a bootstrap script while launching an Amazon Elastic Compute Cloud (Amazon EC2) instance?
1. Amazon EC2 instance AMI data
2. Amazon EC2 instance user data
3. Amazon EC2 instance metadata
4. Amazon EC2 instance configuration data

A

2 - Amazon EC2 instance user data

Amazon EC2 instance user data is the data that you specified in the form of a bootstrap script or configuration parameters while launching your instance.

18
Q

A social media company wants to have the MOST cost-optimal strategy for deploying Amazon Elastic Compute Cloud (Amazon EC2) instances. As a Cloud Practitioner, which of the following options would you recommend? (Select two)
1. Use Spot Instances for ad-hoc jobs that can be interrupted
2. Use On-Demand instances to run applications with a predictable usage over the next one year
3. Use On-Demand instances for ad-hoc jobs that can be interrupted
4. Use Reserved Instances (RI) for ad-hoc jobs that can be interrupted
5. Use Reserved Instances (RI) to run applications with a predictable usage over the next one year

A

1 - Use Spot Instances for ad-hoc jobs that can be interrupted

5 - Use Reserved Instances (RI) to run applications with a predictable usage over the next one year

You can purchase a Reserved Instance (RI) for a one-year or three-year commitment, with the three-year commitment offering a bigger discount. Reserved instances (RI) are a great fit for application with a steady-state usage. Reserved instances (RI) cannot be interrupted.

19
Q

Which of the following is best-suited for load-balancing HTTP and HTTPS traffic?
1. Application Load Balancer
2. Network Load Balancer
3. System Load Balancer
4. AWS Auto Scaling

A

1 - Application Load Balancer

ACP Exam (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions