New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Amazon Web Services CLF-C02 AWS Certified Cloud Practitioner Exam Practice Test

Page: 1 / 79
Total 785 questions

AWS Certified Cloud Practitioner Questions and Answers

Question 1

Which AWS Cloud design principle does a company follow by using AWS CloudTrail?

Options:

A.

Recover automatically.

B.

Perform operations as code.

C.

Measure efficiency.

D.

Ensure traceability.

Question 2

A company wants to use Amazon EC2 instances to run a stateless and restartable process after business hours.

Which AWS service provides DNS resolution?

Options:

A.

Amazon CloudFront

B.

Amazon VPC

C.

Amazon Route 53

D.

AWS Direct Connect

Question 3

Which task can a company perform by using security groups in the AWS Cloud?

Options:

A.

Allow access to an Amazon EC2 instance through only a specific port.

B.

Deny access to malicious IP addresses at a subnet level.

C.

Protect data that is cached by Amazon CloudFront.

D.

Apply a stateless firewall to an Amazon EC2 instance.

Question 4

A company has multiple AWS accounts that include compute workloads that cannot be interrupted. The company wants to obtain billing discounts that are based on the company's use of AWS services.

Which AWS feature or purchasing option will meet these requirements?

Options:

A.

Resource tagging

B.

Consolidated billing

C.

Pay-as-you-go pricing

D.

Spot Instances

Question 5

Which tasks are the responsibility of AWS according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Configure AWS Identity and Access Management (IAM).

B.

Configure security groups on Amazon EC2 instances.

C.

Secure the access of physical AWS facilities.

D.

Patch applications that run on Amazon EC2 instances.

E.

Perform infrastructure patching and maintenance.

Question 6

How should the company deploy the application to meet these requirements?

Options:

A.

Ina single Availability Zone

B.

On AWS Direct Connect

C.

On Reserved Instances

D.

In multiple Availability Zones

Question 7

A company wants to access a report about the estimated environmental impact of the company's AWS usage.

Which AWS service or feature should the company use to meet this requirement?

Options:

A.

AWS Organizations

B.

IAM policy

C.

AWS Billing console

D.

Amazon Simple Notification Service (Amazon SNS)

Question 8

A company wants to migrate its applications to the AWS Cloud. The company plans to identify and prioritize any business transformation opportunities and evaluate its AWS Cloud readiness.

Which AWS service or tool should the company use to meet these requirements?

Options:

A.

AWS Cloud Adoption Framework (AWS CAF)

B.

AWS Managed Services (AMS)

C.

AWS Well-Architected Framework

D.

AWS Migration Hub

Question 9

What does "security of the cloud" refer to in the AWS shared responsibility model?

Options:

A.

Availability of AWS services such as Amazon EC2

B.

Security of the cloud infrastructure that runs all the AWS services

C.

Implementation of password policies for IAM users

D.

Security of customer environments by using AWS Network Firewall partners

Question 10

A user is moving a workload from a local data center to an architecture that is distributed between the local data center and the AWS Cloud.

Which type of migration is this?

Options:

A.

On-premises to cloud native

B.

Hybrid to cloud native

C.

On-premises to hybrid

D.

Cloud native to hybrid

Question 11

A company wants to securely store Amazon RDS database credentials and automatically rotate user passwords periodically.

Which AWS service or capability will meet these requirements?

Options:

A.

Amazon S3

B.

AWS Systems Manager Parameter Store

C.

AWS Secrets Manager

D.

AWS CloudTrail

Question 12

A company wants to create multiple isolated networks in the same AWS account.

Which AWS service or component will provide this functionality?

Options:

A.

AWS Transit Gateway

B.

Internet gateway

C.

Amazon VPC

D.

Amazon EC2

Question 13

Which AWS service provides a highly accurate and easy-to-use enterprise search service that is powered by machine learning (ML)?

Options:

A.

Amazon Kendra

B.

Amazon SageMaker

C.

Amazon Augmented Al (Amazon A2I)

D.

Amazon Polly

Question 14

A company migrated its core application onto multiple workloads in the AWS Cloud. The company wants to improve the application's reliability.

Which cloud design principle should the company implement to achieve this goal?

Options:

A.

Maximize utilization.

B.

Decouple the components.

C.

Rightsize the resources.

D.

Adopt a consumption model.

Question 15

A company must store call recordings for 6 years. The storage system should be highly durable and cost-effective.

Which AWS service meets these requirements?

Options:

A.

AWS Snowball

B.

Amazon S3

C.

AWS Storage Gateway

D.

Amazon Kinesis

Question 16

A developer needs to maintain a development environment infrastructure and a production environment infrastructure in a repeatable fashion.

Which AWS service should the developer use to meet these requirements?

Options:

A.

AWS Ground Station

B.

AWS Shield

C.

AWS loT Device Defender

D.

AWS CloudFormation

Question 17

Which task is the responsibility of AWS when using AWS services?

Options:

A.

Management of IAM user permissions

B.

Creation of security group rules for outbound access

C.

Maintenance of physical and environmental controls

D.

Application of Amazon EC2 operating system patches

Question 18

A company has an AWS-hosted website located behind an Application Load Balancer. The company wants to safeguard the website from SQL injection or cross-site scripting.

Which AWS service should the company use?

Options:

A.

Amazon GuardDuty

B.

AWS WAF

C.

AWS Trusted Advisor

D.

Amazon Inspector

Question 19

Which AWS services allow users to monitor and retain records of account activities that include governance, compliance, and auditing?

(Select TWO.)

Options:

A.

Amazon CloudWatch

B.

AWS CloudTrail

C.

Amazon GuardDuty

D.

AWS Shield

E.

AWS WAF

Question 20

What is an AWS responsibility under the AWS shared responsibility model?

Options:

A.

Configure the security group rules that determine which ports are open on an Amazon EC2 Linux instance.

B.

Ensure the security of the internal network in the AWS data centers.

C.

Patch the guest operating system with the latest security patches on Amazon EC2.

D.

Turn on server-side encryption for Amazon S3 buckets.

A company wants to deploy its critical application on AWS and maintain high availability.

Question 21

A company has a compliance requirement to record and evaluate configuration changes, as well as perform remediation actions on AWS resources.

Which AWS service should the company use?

Options:

A.

AWS Config

B.

AWS Secrets Manager

C.

AWS CloudTrail

D.

AWS Trusted Advisor

Question 22

Which AWS services can a company use to host and run a MySQL database? (Select TWO.)

Options:

A.

Amazon RDS

B.

Amazon DynamoDB

C.

Amazon S3

D.

Amazon EC2

E.

Amazon MQ

Question 23

Which option is a perspective that includes foundational capabilities of the AWS Cloud Adoption Framework (AWS CAF)?

Options:

A.

Sustainability

B.

Operations

C.

Performance efficiency

D.

Reliability

Question 24

What is a characteristic of Convertible Reserved Instances (RIs)?

Options:

A.

Users can exchange Convertible RIs for other Convertible RIs from a different instance family.

B.

Users can exchange Convertible RIs for other Convertible RIs in different AWS Regions.

C.

Users can sell and buy Convertible RIs on the AWS Marketplace.

D.

Users can shorten the term of their Convertible RIs by merging them with other Convertible RIs.

Question 25

Which AWS service is always free of charge for users?

Options:

A.

Amazon S3

B.

Amazon Aurora

C.

Amazon EC2

D.

AWS Identity and Access Management (IAM)

Question 26

An application runs on multiple Amazon EC2 instances that access a shared file system simultaneously.

Which AWS storage service should be used?

Options:

A.

Amazon EBS

B.

Amazon EFS

C.

Amazon S3

D.

AWS Artifact

Question 27

Which AWS service offers a global content delivery network (CDN) that helps companies securely deliver websites, videos, applications,

and APIs at high speeds with low latency?

Options:

A.

Amazon EC2

B.

Amazon CloudFront

C.

Amazon CloudWatch

D.

AWS CloudFormation

Question 28

Which service is an AWS in-memory data store service?

Options:

A.

Amazon Aurora

B.

Amazon RDS

C.

Amazon DynamoDB

D.

Amazon ElastiCache

Question 29

A company wants to migrate to the AWS Cloud. The company needs the ability to acquire resources when the resources are necessary.

The company also needs the ability to release those resources when the resources are no longer necessary.

Which architecture concept of the AWS Cloud meets these requirements?

Options:

A.

Elasticity

B.

Availability

C.

Reliability

D.

Durability

Question 30

A company needs help managing multiple AWS linked accounts that are reported on a consolidated bill.

Which AWS Support plan includes an AWS concierge whom the company can ask for assistance?

Options:

A.

AWS Developer Support

B.

AWS Enterprise Support

C.

AWS Business Support

D.

AWS Basic Support

Question 31

A developer wants to use an Amazon S3 bucket to store application logs that contain sensitive data.

Which AWS service or feature should the developer use to restrict read and write access to the S3 bucket?

Options:

A.

Security groups

B.

Amazon CloudWatch

C.

AWS CloudTrail

D.

ACLs

Question 32

A company manages factory machines in real time. The company wants to use AWS technology to deploy its monitoring applications as close to the factory machines as possible.

Which AWS solution will meet these requirements with the LEAST latency?

Options:

A.

AWS Outposts

B.

Amazon EC2

C.

AWS App Runner

D.

AWS Batch

Question 33

Which AWS services or tools are designed to protect a workload from SQL injections, cross-site scripting, and DDoS attacks? (Select TWO.)

Options:

A.

VPC endpoint

B.

Virtual private gateway

Q C. AWS Shield Standard

C.

AWS Config

D.

AWS WAF

Question 34

Which AWS service can defend against DDoS attacks?

Options:

A.

AWS Firewall Manager

B.

AWS Shield Standard

C.

AWS WAF

D.

Amazon Inspector

Question 35

Which option is a pillar of the AWS Well-Architected Framework?

Options:

A.

Patch management

B.

Cost optimization

C.

Business technology strategy

D.

Physical and environmental controls

Question 36

Which of the following is entirely the responsibility of AWS, according to the AWS shared responsibility model?

Options:

A.

Security awareness and training

B.

Development of an IAM password policy

C.

Patching of the guest operating system

D.

Physical and environmental controls

Question 37

A company wants its workload to perform consistently and correctly.

Which benefit of AWS Cloud computing does this goal represent?

Options:

A.

Security

B.

Elasticity

C.

Pay-as-you-go pricing

D.

Reliability

Question 38

A company is preparing to launch a redesigned website on AWS. Users from around the world will download digital handbooks from the website.

Which AWS solution should the company use to provide these static files securely?

Options:

A.

Amazon Kinesis Data Streams

B.

Amazon CloudFront with Amazon S3

C.

Amazon EC2 instances with an Application Load Balancer

D.

Amazon Elastic File System (Amazon EFS)

Question 39

Which aspect of security is the customer's responsibility, according to the AWS shared responsibility model?

Options:

A.

Patch and configuration management

B.

Service and communications protection or zone security

C.

Physical and environmental controls

D.

Awareness and training

Question 40

A company needs to design a solution for the efficient use of compute resources for an enterprise workload. The company needs to make informed decisions as its technology needs evolve.

Which pillar of the AWS Well-Architected Framework do these requirements represent?

Options:

A.

Operational excellence

B.

Performance efficiency

C.

Cost optimization

D.

Reliability

Question 41

A company wants to use Amazon EC2 instances for a stable production workload that will run for 1 year.

Which instance purchasing option meets these requirements MOST cost-effectively?

Options:

A.

Dedicated Hosts

B.

Reserved Instances

C.

On-Demand Instances

D.

Spot Instances

Question 42

A company needs to host a highly available application in the AWS Cloud. The application runs infrequently for short periods of time.

Which AWS service will meet these requirements with the LEAST amount of operational overhead?

Options:

A.

Amazon EC2

B.

AWS Fargate

C.

AWS Lambda

D.

Amazon Aurora

Question 43

Which AWS service or tool should a company use to forecast AWS spending?

Options:

A.

Amazon DevPay

B.

AWS Organizations

C.

AWS Trusted Advisor

D.

Cost Explorer

Question 44

A company is using AWS Organizations to configure AWS accounts.

A company is planning its migration to the AWS Cloud. The company is identifying its capability gaps by using the AWS Cloud Adoption Framework (AWS CAF) perspectives.

Which phase of the cloud transformation journey includes these identification activities?

Options:

A.

Envision

B.

Align

C.

Scale

D.

Launch

Question 45

A company needs Amazon EC2 instances for a workload that can tolerate interruptions.

Which EC2 instance purchasing option meets this requirement with the LARGEST discount compared to On-Demand prices?

Options:

A.

Spot Instances

B.

Convertible Reserved Instances

C.

Standard Reserved Instances

D.

Dedicated Hosts

Question 46

A retail company has recently migrated its website to AWS. The company wants to ensure that it is protected from SQL injection attacks. The website uses an Application Load Balancer to distribute traffic to multiple Amazon EC2 instances.

Which AWS service or feature can be used to create a custom rule that blocks SQL injection attacks?

Options:

A.

Security groups

B.

AWS WAF

C.

Network ACLs

D.

AWS Shield

Question 47

A company has an application that runs periodically in an on-premises environment. The application runs for a few hours most days, but runs for 8 hours a day for a week at the end of each month.

Which AWS service or feature should be used to host the application in the AWS Cloud?

Options:

A.

Amazon EC2 Standard Reserved Instances

B.

Amazon EC2 On-Demand Instances

C.

AWS Wavelength

D.

Application Load Balancer

Question 48

Which AWS service or feature can be used to control inbound and outbound traffic on an Amazon EC2 instance?

Options:

A.

Internet gateways

B.

AWS Identity and Access Management (IAM)

C.

Network ACLs

D.

Security groups

Question 49

Which of the following is the customer's responsibility, according to the AWS shared responsibility model?

Options:

A.

Identity and access management

B.

Hard drive initialization

C.

Protection of data center hardware

D.

Security of Availability Zones

Question 50

A company runs a database on Amazon Aurora in the us-east-1 Region. The company has a disaster recovery requirement that the database be available in another Region.

Which solution meets this requirement with minimal disruption to the database operations?

Options:

A.

Perform an Aurora Multi-AZ deployment.

B.

Deploy Aurora cross-Region read replicas.

C.

Create Amazon Elastic Block Store (Amazon EBS) volume snapshots for Aurora and copy them to another Region.

D.

Deploy Aurora Replicas.

Question 51

Which group shares responsibility with AWS for security and compliance of AWS accounts and resources?

Options:

A.

Third-party vendors

B.

Customers

C.

Reseller partners

D.

Internet providers

Question 52

Which options are common stakeholders for the AWS Cloud Adoption Framework (AWS CAF) platform perspective? (Select TWO.)

Options:

A.

Chief financial officers (CFOs)

B.

IT architects

C.

Chief information officers (CIOs)

D.

Chief data officers (CDOs)

E.

Engineers

Question 53

A company has an environment that includes Amazon EC2 instances, Amazon Lightsail, and on-premises servers. The company wants to automate the security updates for its operating systems and applications.

Which solution will meet these requirements with the LEAST operational effort?

Options:

A.

Use AWS Shield to identify and manage security events.

B.

Connect to each server by using a remote desktop connection. Run an update script.

C.

Use the AWS Systems Manager Patch Manager capability.

D.

Schedule Amazon GuardDuty to run on a nightly basis.

Question 54

A company has a single Amazon EC2 instance. The company wants to adopt a highly available architecture.

What can the company do to meet this requirement?

Options:

A.

Scale vertically to a larger EC2 instance size.

B.

Scale horizontally across multiple Availability Zones.

C.

Purchase an EC2 Dedicated Instance.

D.

Change the EC2 instance family to a compute optimized instance.

Question 55

A company needs to launch an Amazon EC2 instance.

Which of the following can the company use during the launch process to configure the root volume of the EC2 instance?

Options:

A.

Amazon EC2 Auto Scaling

B.

Amazon Data Lifecycle Manager (Amazon DLM)

C.

Amazon Machine Image (AMI)

D.

Amazon Elastic Block Store (Amazon EBS) volume

Question 56

A company is running an order processing system on Amazon EC2 instances. The company wants to migrate microservices-based application.

Which combination of AWS services can the application use to meet these requirements? (Select TWO.)

Options:

A.

Amazon Simple Queue Service (Amazon SQS)

B.

AWS Lambda

C.

AWS Migration Hub

D.

AWS AppSync

E.

AWS Application Migration Service

Question 57

A manufacturing company has a critical application that runs at a remote site that has a slow internet connection. The company wants to migrate the workload to AWS. The application is sensitive to latency and interruptions in connectivity. The company wants a solution that can host this application with minimum latency.

Which AWS service or feature should the company use to meet these requirements?

Options:

A.

Availability Zones

B.

AWS Local Zones

C.

AWS Wavelength

D.

AWS Outposts

Question 58

Which design principles should a company apply to AWS Cloud workloads to maximize sustainability and minimize environmental impact? (Select TWO.)

Options:

A.

Maximize utilization of Amazon EC2 instances.

B.

Minimize utilization of Amazon EC2 instances.

C.

Minimize usage of managed services.

D.

Force frequent application reinstallations by users.

E.

Reduce the need for users to reinstall applications.

Question 59

A company needs to host a web server on Amazon EC2 instances for at least 1 year. The web server cannot tolerate interruption.

Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?

Options:

A.

On-Demand Instances

B.

Partial Upfront Reserved Instances

C.

Spot Instances

D.

No Upfront Reserved Instances

Question 60

A company is building an application that will receive millions of database queries each second. The company needs the data store for the application to scale to meet these needs.

Which AWS service will meet this requirement?

Options:

A.

Amazon DynamoDB

B.

AWS Cloud9

C.

Amazon ElastiCache for Memcached

D.

Amazon Neptune

Question 61

Which AWS solution provides the ability for a company to run AWS services in the company's on-premises data center?

Options:

A.

AWS Direct Connect

B.

AWS Outposts

C.

AWS Systems Manager hybrid activations

D.

AWS Storage Gateway

Question 62

A company needs to centralize its operational data. The company also needs to automate tasks across all of its Amazon EC2 instances.

Which AWS service can the company use to meet these requirements?

Options:

A.

AWS Trusted Advisor

B.

AWS Systems Manager

C.

AWS CodeDeploy

D.

AWS Elastic Beanstalk

Question 63

A company has an application workload that is stateless by design and can sustain occasional downtime. The application performs massively parallel computations.

Which Amazon EC2 pricing model should the company choose for its application to reduce cost?

Options:

A.

On-Demand Instances

B.

Spot Instances

C.

Reserved Instances

D.

Dedicated Instances

Question 64

A company wants to implement controls (guardrails) in a newly created AWS Control Tower landing zone.

Which AWS services or features can the company use to create and define these controls (guardrails)? (Select TWO.)

Options:

A.

AWS Config

B.

Service control policies (SCPs)

C.

Amazon GuardDuty

D.

AWS Identity and Access Management (IAM)

E.

Security groups

Question 65

Which controls are the responsibility of both AWS and AWS customers, according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Physical and environmental controls

B.

Patch management

C.

Configuration management

D.

Account structures

E.

Choice of the AWS Region where data is stored

Question 66

In which categories does AWS Trusted Advisor provide recommended actions? (Select TWO.)

Options:

A.

Operating system patches

B.

Cost optimization

C.

Repetitive tasks

D.

Service quotas

E.

Account activity records

Question 67

A company wants to migrate its application to AWS. The company wants to replace upfront expenses with variable payment that is based on usage.

What should the company do to meet these requirements?

Options:

A.

Use pay-as-you-go pricing.

B.

Purchase Reserved Instances.

C.

Pay less by using more.

D.

Rightsize instances.

Question 68

Which AWS service or tool offers consolidated billing?

Options:

A.

AWS Artifact

B.

AWS Budgets

C.

AWS Organizations

D.

AWS Trusted Advisor

A company wants to limit its employees' AWS access to a portfolio of predefined AWS resources.

Question 69

Which AWS service can a company use to securely store and encrypt passwords for a database?

Options:

A.

AWS Shield

B.

AWS Secrets Manager

C.

AWS Identity and Access Management (IAM)

D.

Amazon Cognito

Question 70

A company wants to move its data warehouse application to the AWS Cloud. The company wants to run and scale its analytics services without needing to provision and manage data warehouse clusters.

Which AWS service will meet these requirements?

Options:

A.

Amazon Redshift provisioned data warehouse

B.

Amazon Redshift Serverless

C.

Amazon Athena

D.

Amazon S3

Question 71

A company is collecting user behavior patterns to identify how to meet goals for sustainability impact.

Which guidelines are best practices for the company to implement to meet these goals? (Select TWO.)

Options:

A.

Scale infrastructure with user load.

B.

Maximize the geographic distance between workloads and user locations.

C.

Eliminate creation and maintenance of unused assets.

D.

Scale resources with excess capacity and remove auto scaling.

E.

Scale infrastructure based on the number of users.

Question 72

A company provides a web-based ecommerce service that runs in two Availability Zones within a single AWS Region. The web service distributes content that is stored in the Amazon S3 Standard storage class. The company wants to improve the web service's performance globally.

What should the company do to meet this requirement?

Options:

A.

Change the S3 storage class to S3 Intelligent-Tiering.

B.

Deploy an Amazon CloudFront distribution to cache web server content in edge locations.

C.

Use Amazon API Gateway for the web service.

D.

Migrate the website ecommerce servers to Amazon EC2 with enhanced networking.

Question 73

Which AWS service provides the SIMPLEST way for the company to establish a website on AWS?

Options:

A.

Amazon Elastic File System (Amazon EFS)

B.

AWS Elastic Beanstalk

C.

AWS Lambda

D.

Amazon Lightsail

Question 74

Which design principle is included in the operational excellence pillar of the AWS Well-Architected Framework?

Options:

A.

Create annotated documentation.

B.

Anticipate failure.

C.

Ensure performance efficiency.

D.

Optimize costs.

Question 75

A company has an Amazon S3 bucket containing images of scanned financial invoices. The company is building an artificial intelligence (Al)-based application on AWS. The company wants the application to identify and read total balance amounts on the invoices.

Which AWS service will meet these requirements?

Options:

A.

Amazon Forecast

B.

Amazon Textract

C.

Amazon Rekognition

D.

Amazon Lex

Question 76

A company provides a software as a service (SaaS) application. The company has a new customer that is based in a different country.

The new customer's data needs to be hosted in that country.

Which AWS service or infrastructure component should the company use to meet this requirement?

Options:

A.

AWS Shield

B.

Amazon S3 Object Lock

C.

AWS Regions

D.

Placement groups

Question 77

A company wants an in-memory data store that is compatible with open source in the cloud.

Which AWS service should the company use?

Options:

A.

Amazon DynamoDB

B.

Amazon ElastiCache

C.

Amazon Elastic Block Store (Amazon EBS)

D.

Amazon Redshift

Question 78

A company is running an application that is hosted on Amazon EC2 instances. The usage of the EC2 instances is higher during daytime hours than nighttime hours. The company wants to optimize the number of EC2 instances based on this usage pattern.

Which AWS service or instance purchasing option should the company use to meet these requirements?

Options:

A.

Spot Instances

B.

Reserved Instances

C.

AWS CloudFormation

D.

AWS Auto Scaling

Question 79

Which AWS service or tool helps companies measure the environmental impact of their AWS usage?

Options:

A.

AWS customer carbon footprint tool

B.

AWS Compute Optimizer

C.

Sustainability pillar

D.

OS-Climate (Open Source Climate Data Commons)

Question 80

A newly created IAM user has no IAM policy attached.

What will happen when the user logs in and attempts to view the AWS resources in the account?

Options:

A.

All AWS services will be read-only access by default.

B.

Access to all AWS resources will be denied.

C.

Access to the AWS billing services will be allowed.

D.

Access to AWS resources will be allowed through the AWS CLL

Question 81

Which AWS service can a company use to perform complex analytical queries?

Options:

A.

Amazon RDS

B.

Amazon DynamoDB

C.

Amazon Redshift

D.

Amazon ElastiCache

Question 82

A company needs to run code in response to an event notification that occurs when objects are uploaded to an Amazon S3 bucket.

Which AWS service will integrate directly with the event notification?

Options:

A.

AWS Lambda

B.

Amazon EC2

C.

Amazon Elastic Container Registry (Amazon ECR)

D.

AWS Elastic Beanstalk

Question 83

A company needs to store data across multiple Availability Zones in an AWS Region. The data will not be

accessed regularly but must be immediately retrievable.

Which Amazon Elastic File System (Amazon EFS) storage class meets these requirements MOST cost effectively?

Options:

A.

EFS Standard

B.

EFS Standard-Infrequent Access(EFS Standard-IA)

C.

EFS One Zone

D.

EFS One Zone-Infrequent Access (EFS One Zone-IA)

Question 84

Which AWS service provides highly durable object storage?

Options:

A.

Amazon S3

B.

Amazon Elastic File System (Amazon EFS)

C.

Amazon Elastic Block Store (Amazon EBS)

D.

Amazon FSx

Question 85

Which of the following are design principles for reliability in the AWS Cloud? (Select TWO.)

Options:

A.

Build architectures with tightly coupled resources.

B.

Use AWS Trusted Advisor to meet security best practices.

C.

Use automation to recover immediately from failure.

D.

Rightsize Amazon EC2 instances to ensure optimal performance.

E.

Simulate failures to test recovery processes.

Question 86

Which statements represent the cost-effectiveness of the AWS Cloud? (Select TWO.)

Options:

A.

Users can trade fixed expenses for variable expenses.

B.

Users can deploy all over the world in minutes.

C.

AWS offers increased speed and agility.

D.

AWS is responsible for patching the infrastructure.

E.

Users benefit from economies of scale.

Question 87

Which pillar of the AWS Well-Architected Framework focuses on the ability to run workloads effectively, gain insight into operations, and continuously improve supporting processes and procedures?

Options:

A.

Cost optimization

B.

Reliability

C.

Operational excellence

D.

Performance efficiency

Question 88

Which activity can companies complete by using AWS Organizations?

Options:

A.

Troubleshoot the performance of applications.

B.

Manage service control policies (SCPs).

C.

Migrate applications to microservices.

D.

Monitor the performance of applications.

Question 89

An application is running on multiple Amazon EC2 instances. The company wants to make the application highly available by configuring a load balancer with requests forwarded to the EC2 instances based on URL paths.

Which AWS load balancer will meet these requirements and take the LEAST amount of effort to deploy?

Options:

A.

Network Load Balancer

B.

Application Load Balancer

C.

AWS OpsWorks Load Balancer

D.

Custom Load Balancer on Amazon EC2

Question 90

Which AWS service or tool can be used to consolidate payments for a company with multiple AWS accounts?

Options:

A.

AWS Cost and Usage Report

B.

AWS Organizations

C.

Cost Explorer

D.

AWS Budgets

Question 91

Which activity is a customer responsibility in the AWS Cloud according to the AWS shared responsibility model?

Options:

A.

Ensuring network connectivity from AWS to the internet

B.

Patching and fixing flaws within the AWS Cloud infrastructure

C.

Ensuring the physical security of cloud data centers

D.

Ensuring Amazon EBS volumes are backed up

Question 92

Who is responsible for decommissioning end-of-life underlying storage devices that are used to host data on AWS?

Options:

A.

Customer

B.

AWS

C.

Account creator

D.

Auditing team

Question 93

Which AWS service or tool provides recommendations to help users get rightsized Amazon EC2 instances based on historical workload usage data?

Options:

A.

AWS Pricing Calculator

B.

AWS Compute Optimizer

C.

AWS App Runner

D.

AWS Systems Manager

Question 94

Using Amazon Elastic Container Service (Amazon ECS) to break down a monolithic architecture into microservices is an example of:

Options:

A.

a loosely coupled architecture.

B.

a tightly coupled architecture.

C.

a stateless architecture.

D.

a stateful architecture.

Question 95

Which option is an advantage of AWS Cloud computing that minimizes variable costs?

Options:

A.

High availability

B.

Economies of scale

C.

Global reach

D.

Agility

Question 96

Which AWS service provides the ability to host a NoSQL database in the AWS Cloud?

Options:

A.

Amazon Aurora

B.

Amazon DynamoDB

C.

Amazon RDS

D.

Amazon Redshift

Question 97

Who enables encryption of data at rest for Amazon Elastic Block Store (Amazon EBS)?

Options:

A.

AWS Support

B.

AWS customers

C.

AWS Key Management Service (AWS KMS)

D.

AWS Trusted Advisor

Question 98

A company runs thousands of simultaneous simul-ations using AWS Batch. Each simul-ation is stateless, is fault tolerant, and runs for up to 3 hours.

Which pricing model enables the company to optimize costs and meet these requirements?

Options:

A.

Reserved Instances

B.

Spot Instances

C.

On-Demand Instances

D.

Dedicated Instances

Question 99

Which AWS service or feature offers HTTP attack protection to users running public-facing web applications?

Options:

A.

Security groups

B.

Network ACLs

C.

AWS Shield Standard

D.

AWS WAF

Question 100

Which database engine is compatible with Amazon RDS?

Options:

A.

Apache Cassandra

B.

MongoDB

C.

Neo4j

D.

PostgreSQL

Question 101

Which AWS features will meet these requirements? (Select TWO.)

Options:

A.

Security groups

B.

Network ACLs

C.

S3 bucket policies

D.

IAM user policies

E.

S3 bucket versioning

Question 102

What is a benefit of moving to the AWS Cloud in terms of improving time to market?

Options:

A.

Decreased deployment speed

B.

Increased application security

C.

Increased business agility

D.

Increased backup capabilities

Question 103

Which AWS service should a cloud engineer use to view API calls to AWS services?

Options:

A.

Amazon CloudWatch

B.

AWS CloudTrail

C.

AWS Config

D.

AWS Artifact

Question 104

A company's application stores data in an Amazon S3 bucket. The company has an AWS Lambda function that processes data in the S3

bucket. The company needs to invoke the function once a day at a specific time.

Which AWS service should the company use to meet this requirement?

Options:

A.

AWS Managed Services (AMS)

B.

AWS CodeStar

C.

Amazon EventBridge

D.

AWS Step Functions

Question 105

A company wants to host its relational databases on AWS. The databases have predefined schemas that the company needs to replicate on AWS.

Which AWS services could the company use for the databases? (Select TWO.)

Options:

A.

Amazon Aurora

B.

Amazon RDS

C.

Amazon DocumentDB (with MongoDB compatibility)

D.

Amazon Neptune

E.

Amazon DynamoDB

Question 106

When a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS, which Amazon EC2 instance type is required?

Options:

A.

Spot Instances

B.

Dedicated Instances

C.

Dedicated Hosts

D.

Reserved Instances

Question 107

A company wants to manage access and permissions for its third-party software as a service (SaaS)

applications. The company wants to use a portal where end users can access assigned AWS accounts and AWS Cloud applications.

Which AWS service should the company use to meet these requirements?

Options:

A.

Amazon Cognito

B.

AWS IAM Identity Center (AWS Single Sign-On)

C.

AWS Identity and Access Management (IAM)

D.

AWS Directory Service for Microsoft Active Directory

Question 108

A company is launching a new application in the AWS Cloud. The application will run on an Amazon EC2 instance. More EC2 instances will be needed when the workload increases.

Which AWS service or tool can the company use to launch the number of EC2 instances that will be needed to handle the workload?

Options:

A.

Elastic Load Balancing

B.

Amazon EC2 Auto Scaling

C.

AWS App2Container (A2C)

D.

AWS Systems Manager

Question 109

A retail company is building a new mobile app. The company is evaluating whether to build the app at an on-premises data center or in the AWS Cloud.

Which of the following are benefits of building this app in the AWS Cloud? (Select TWO.)

Options:

A.

A large upfront capital expense and low variable expenses

B.

Increased speed for trying out new projects

C.

Complete control over the physical security of the infrastructure

D.

Flexibility to scale up in minutes as the application becomes popular

E.

Ability to pick the specific data centers that will host the application servers

Question 110

Which AWS service aggregates, organizes, and prioritizes security alerts and findings from multiple AWS services?

Options:

A.

Amazon Detective

B.

Amazon Inspector

C.

Amazon Macie

D.

AWS Security Hub

Question 111

A company is migrating an application that includes an Oracle database to AWS. The company cannot rewrite the application.

To which AWS service could the company migrate the database?

Options:

A.

Amazon Athena

B.

Amazon DynamoDB

®C. Amazon RDS

C.

Amazon DocumentDB (with MongoDB compatibility)

Question 112

A company wants to deploy and manage a Docker-based application on AWS.

Which solution meets these requirements with the LEAST amount of operational overhead?

Options:

A.

An open-source Docker orchestrator on Amazon EC2 instances

B.

AWS AppSync

C.

Amazon Elastic Container Registry (Amazon ECR)

D.

Amazon Elastic Container Service (Amazon ECS)

Question 113

Which AWS service or tool helps to centrally manage billing and allow controlled access to resources across AWS accounts?

Options:

A.

AWS Identity and Access Management (IAM)

B.

AWS Organizations

C.

AWS Cost Explorer

D.

AWS Budgets

Question 114

A company is hosting a web application in a Docker container on Amazon EC2.

AWS is responsible for which of the following tasks?

Options:

A.

Scaling the web application and services developed with Docker

B.

Provisioning or scheduling containers to run on clusters and maintain their availability

C.

Performing hardware maintenance in the AWS facilities that run the AWS Cloud

D.

Managing the guest operating system, including updates and security patches

Question 115

A company uses Amazon Aurora as its database service. The company wants to encrypt its databases and database backups.

Which party manages the encryption of the database clusters and database snapshots, according to the AWS shared responsibility

model?

Options:

A.

AWS

B.

The company

C.

AWS Marketplace partners

D.

Third-party partners

Question 116

Which AWS feature or resource is a deployable Amazon EC2 instance template that is prepackaged with

software and security requirements?

Options:

A.

Amazon Elastic Block Store (Amazon EBS) volume

B.

AWS CloudFormation template

C.

Amazon Elastic Block Store (Amazon EBS) snapshot

D.

Amazon Machine Image (AMI)

Question 117

A company wants to migrate its on-premises data warehouse to AWS. The information in the data warehouse is

used to populate analytics dashboards.

Which AWS service should the company use for the data warehouse?

Options:

A.

Amazon ElastiCache

B.

Amazon Aurora

C.

Amazon RDS

D.

Amazon Redshift

Question 118

Which pillar of the AWS Well-Architected Framework includes a design principle about measuring the overall efficiency of workloads in terms of business value?

Options:

A.

Operational excellence

B.

Security

C.

Reliability

D.

Cost optimization

Question 119

Which AWS service will help protect applications running on AWS from DDoS attacks?

Options:

A.

Amazon GuardDuty

B.

AWS WAF

C.

AWS Shield

D.

Amazon Inspector

Question 120

Which of the following is an advantage of AWS Cloud computing?

Options:

A.

Trade security for elasticity.

B.

Trade operational excellence for agility.

C.

Trade fixed expenses for variable expenses.

D.

Trade elasticity for performance.

Question 121

A company needs to identify the last time that a specific user accessed the AWS Management Console.

Which AWS service will provide this information?

Options:

A.

Amazon Cognito

B.

AWS CloudTrail

C.

Amazon Inspector

D.

Amazon GuardDuty

Question 122

A cloud practitioner is analyzing Amazon EC2 instance performance and usage to provide recommendations for potential cost savings.

Which cloud concept does this analysis demonstrate?

Options:

A.

Auto scaling

B.

Rightsizing

C.

Load balancing

D.

High availability

Question 123

Which of the following promotes AWS Cloud architectural best practices for designing and operating reliable, secure, efficient, and cost-effective systems?

Options:

A.

AWS Serverless Application Model framework

B.

AWS Business Support

C.

Principle of least privilege

D.

AWS Well-Architected Framework

Question 124

In which of the following AWS services should database credentials be stored for maximum security?

Options:

A.

AWS Identity and Access Management (IAM)

B.

AWS Secrets Manager

C.

Amazon S3

D.

AWS Key Management Service (AWS KMS)

Question 125

Which AWS service or feature is used to send both text and email messages from distributed applications?

Options:

A.

Amazon Simple Notification Service (Amazon SNS)

B.

Amazon Simple Email Service (Amazon SES)

C.

Amazon CloudWatch alerts

D.

Amazon Simple Queue Service (Amazon SQS)

Question 126

Which AWS service or feature can be used to estimate costs before deployment?

Options:

A.

AWS Free Tier

B.

AWS Pricing Calculator

C.

AWS Billing and Cost Management

D.

AWS Cost and Usage Report

Question 127

Which task requires the use of AWS account root user credentials?

Options:

A.

The deletion of IAM users

B.

The change to a different AWS Support plan

C.

The creation of an organization in AWS Organizations

D.

The deletion of Amazon EC2 instances

Question 128

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)

Options:

A.

Availability

B.

Reliability

C.

Scalability

D.

Responsive design

E.

Operational excellence

Question 129

Which AWS service or feature is used to Troubleshoot network connectivity issues between Amazon EC2 instances?

Options:

A.

AWS Certificate Manager (ACM)

B.

Internet gateway

C.

VPC Flow Logs

D.

AWS CloudHSM

Question 130

A company needs a content delivery network that provides secure delivery of data, videos, applications, and APIs to users globally with low latency and high transfer speeds.

Which AWS service meets these requirements?

Options:

A.

Amazon CloudFront

B.

Elastic Load Balancing

C.

Amazon S3

D.

Amazon Elastic Transcoder

Question 131

Which option is an advantage of AWS Cloud computing that minimizes variable costs?

Options:

A.

High availability

B.

Economies of scale

C.

Global reach

D.

Agility

Question 132

Which design principle should be considered when architecting in the AWS Cloud?

Options:

A.

Think of servers as non-disposable resources.

B.

Use synchronous integration of services.

C.

Design loosely coupled components.

D.

Implement the least permissive rules for security groups.

Question 133

Which factors affect costs in the AWS Cloud? (Select TWO.)

Options:

A.

The number of unused AWS Lambda functions

B.

The number of configured Amazon S3 buckets

C.

Inbound data transfers without acceleration

D.

Outbound data transfers without acceleration

E.

Compute resources that are currently in use

Question 134

A company needs to run its existing custom, nonproduction workloads in the AWS Cloud quickly and cost-effectively.

The workloads can recover from interruptions easily.

Which pricing model should the company use?

Options:

A.

Reserved Instances

B.

On-Demand Instances

C.

Spot Instances

D.

Dedicated Hosts

Question 135

A large company has a workload that requires hardware to remain on premises. The company wants to use the same management and control plane services that it currently uses on AWS.

Which AWS service should the company use to meet these requirements?

Options:

A.

AWS Device Farm

B.

AWS Fargate

C.

AWS Outposts

D.

AWS Ground Station

Question 136

Which feature of the AWS Cloud gives users the ability to pay based on current needs rather than forecasted needs?

Options:

A.

AWS Budgets

B.

Pay-as-you-go pricing

C.

Volume discounts

D.

Savings Plans

Question 137

A company's user base needs to remotely access virtual desktop computers from the internet Which AWS service provides this functionality?

Options:

A.

Amazon Connect

B.

Amazon Cognito

C.

Amazon Workspaces

D.

Amazon Upstream 2.0

Question 138

Which of the following describes an AWS Region?

Options:

A.

A specific location within a geographic area that provides high availability

B.

A set of data centers spanning multiple countries

C.

A global picture of a user's cloud computing environment

D.

A collection of databases that can be accessed from a specific geographic area only

Question 139

Which design principle is achieved by following the reliability pillar of the AWS Well-Architected Framework?

Options:

A.

Vertical scaling

B.

Manual failure recovery

C.

Testing recovery procedures

D.

Changing infrastructure manually

Question 140

What does the Amazon S3 Intelligent-Tiering storage class offer?

Options:

A.

Payment flexibility by reserving storage capacity

B.

Long-term retention of data by copying the data to an encrypted Amazon Elastic Block Store (Amazon

EBS) volume

C.

Automatic cost savings by moving objects between tiers based on access pattern changes

D.

Secure, durable, and lowest cost storage for data archival

Question 141

A company moves its infrastructure from on premises to the AWS Cloud. The company can now provision additional Amazon EC2 instances whenever the instances are required. With this ability, the company can launch new marketing campaigns in 3 days instead of 3 weeks.

Which benefit of the AWS Cloud does this scenario demonstrate?

Options:

A.

Cost savings

B.

Improved operational resilience

C.

Increased business agility

D.

Enhanced security

Question 142

A company wants its Amazon EC2 instances to operate in a highly available environment, even if there is a

natural disaster in a particular geographic area.

Which solution achieves this goal?

Options:

A.

Use EC2 instances in a single Availability Zone.

B.

Use EC2 instances in multiple AWS Regions.

C.

Use EC2 instances in multiple edge locations.

D.

Use Amazon CloudFront with the EC2 instances configured as the source.

Question 143

A company is configuring its AWS Cloud environment. The company's administrators need to group users together and apply permissions to the group.

Which AWS service or feature can the company use to meet these requirements?

Options:

A.

AWS Organizations

B.

Resource groups

C.

Resource tagging

D.

AWS Identity and Access Management (IAM)

Question 144

Which AWS benefit is demonstrated by on-demand technology services that enable companies to replace upfront fixed expenses with variable expenses?

Options:

A.

High availability

B.

Economies of scale

C.

Pay-as-you-go pricing

D.

Global reach

Question 145

A company recently migrated to the AWS Cloud. The company needs to determine whether its newly imported Amazon EC2 instances are the appropriate size and type.

Which AWS services can provide this information to the company? {Select TWO.)

Options:

A.

AWS Auto Scaling

B.

AWS Control Tower

C.

AWS Trusted Advisor

D.

AWS Compute Optimizer

E.

Amazon Forecast

Question 146

Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Patch AWS network devices.

B.

Set user password rules.

C.

Provide physical security for compute resources.

D.

Configure security groups.

E.

Patch the operating system of an Amazon EC2 instance.

Question 147

What are some advantages of using Amazon EC2 instances lo host applications in the AWS Cloud instead of on premises? (Select TWO.)

Options:

A.

EC2 includes operating system patch management

B.

EC2 integrates with Amazon VPC. AWS CloudTrail, and AWS Identity and Access Management (IAM)

C.

EC2 has a 100% service level agreement (SLA).

D.

EC2 has a flexible, pay-as-you-go pricing model.

E.

EC2 has automatic storage cost optimization.

Question 148

A company wants to ensure that two Amazon EC2 instances are in separate data centers with minimal

communication latency between the data centers.

How can the company meet this requirement?

Options:

A.

Place the EC2 instances in two separate AWS Regions connected with a VPC peering connection.

B.

Place the EC2 instances in two separate Availability Zones within the same AWS Region.

C.

Place one EC2 instance on premises and the other in an AWS Region. Then connect them by using an

AWS VPN connection.

D.

Place both EC2 instances in a placement group for dedicated bandwidth.

Question 149

A company has an application with robust hardware requirements. The application must be accessed by students who are using lightweight, low-cost laptops.

Which AWS service will help the company deploy the application without investing in backend infrastructure or high end client hardware?

Options:

A.

Amazon AppStream 2.0

B.

AWS AppSync

C.

Amazon WorkLink

D.

AWS Elastic Beanstalk

Question 150

A large company wants to track the combined AWS usage costs of all of its linked accounts.

How can this be accomplished?

Options:

A.

Use AWS Trusted Advisor to generate customized summary reports.

B.

Use AWS Organizations to generate consolidated billing reports.

C.

Use AWS Budgets to set utilization targets and receive summary reports.

D.

Use the AWS Control Tower dashboard to get a summary report of all linked account costs.

Question 151

Which AWS service gives users the ability to provision a dedicated and private network connection from their internal

network to AWS?

Options:

A.

AWS CloudHSM

B.

AWS Direct Connect

C.

AWS VPN

D.

Amazon Connect

Question 152

Which AWS service uses a combination of publishers and subscribers?

Options:

A.

AWS Lambda

B.

Amazon Simple Notification Service (Amazon SNS)

C.

Amazon CloudWatch

D.

AWS CloudFormation

Question 153

A company deploys its application to multiple AWS Regions and configures automatic failover between those Regions.

Which cloud concept does this architecture represent?

Options:

A.

Security

B.

Reliability

C.

Scalability

D.

Cost optimization

Question 154

Which AWS services and features are provided to all customers at no charge? (Select TWO.)

Options:

A.

Amazon Aurora

B.

VPC

C.

Amazon SageMaker

D.

AWS Identity and Access Management (IAM)

E.

Amazon Polly

Question 155

company wants to protect its AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks.

Which pillar of the AWS Well-Architected Framework is supported by these goals?

Options:

A.

Reliability

B.

Security

C.

Operational excellence

D.

Performance efficiency

Question 156

Which AWS service or feature captures information about the network traffic to and from an Amazon EC2 instance?

Options:

A.

VPC Reachability Analyzer

B.

Amazon Athena

C.

VPC Flow Logs

D.

AWS X-Ray

Question 157

According to the AWS shared responsibility model, which of the following are AWS responsibilities? (Select TWO.)

Options:

A.

Network infrastructure and virtualization of infrastructure

B.

Security of application data

C.

Guest operating systems

D.

Physical security of hardware

E.

Credentials and policies

Question 158

A company is using AWS Lambda functions to build an application.

Which tasks are the company's responsibility, according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Patch the servers where the Lambda functions are deployed.

B.

Establish the IAM permissions that define who can run the Lambda functions.

C.

Write the code for the Lambda functions to define the application logic.

D.

Deploy Amazon EC2 instances to support the Lambda functions.

E.

Scale out the Lambda functions when the load increases.

Question 159

Which of the following actions are controlled with AWS Identity and Access Management (IAM)? (Select TWO.)

Options:

A.

Control access to AWS service APIs and to other specific resources.

B.

Provide intelligent threat detection and continuous monitoring.

C.

Protect the AWS environment using multi-factor authentication (MFA).

D.

Grant users access to AWS data centers.

E.

Provide firewall protection for applications from common web attacks.

Question 160

A user wants to invoke an AWS Lambda function when an Amazon EC2 instance enters the "stopping" state.

Which AWS service is appropriate for this use case?

Options:

A.

Amazon EventBridge

B.

AWS Config

C.

Amazon Simple Notification Service (Amazon SNS)

D.

AWS CloudFormation

Question 161

Which tasks are the customer's responsibility, according to the AWS shared responsibility model? (Select TWO.)

Options:

A.

Establish the global infrastructure.

B.

Perform client-side data encryption.

C.

Configure 1AM credentials.

D.

Secure edge locations.

E.

Patch Amazon RDS DB instances.

Question 162

Which AWS service or feature is associated with a subnet in a VPC and is used to control inbound and outbound traffic?

Options:

A.

Amazon Inspector

B.

Network ACLs

C.

AWS Shield

D.

VPC Flow Logs

Question 163

An AWS user wants to proactively detect when an instance or account might be compromised or if there are threats from attacks.

Which AWS service should the user choose?

Options:

A.

Amazon GuardDuty

B.

AWS WAF

C.

AWS Shield

D.

Amazon Inspector

Question 164

A company wants to ensure that all of its Amazon EC2 instances have compliant operating system patches.

Which AWS service will meet these requirements?

Options:

A.

AWS Compute Optimizer

B.

AWS Elastic Beanstalk

C.

AWS AppSync

D.

AWS Systems Manager

Question 165

Which AWS services are supported by Savings Plans? (Select TWO.)

Options:

A.

Amazon EC2

B.

Amazon RDS

C.

Amazon SageMaker

D.

Amazon Redshift

E.

Amazon DynamoDB

Question 166

Which AWS service can migrate Amazon EC2 instances from one AWS Region to another?

Options:

A.

AWS Application Migration Service

B.

AWS Database Migration Service (AWS DMS)

C.

AWS DataSync

D.

AWS Migration Hub

Question 167

A company needs to evaluate its AWS environment and provide best practice recommendations in five categories: cost, performance, service limits, fault tolerance, and security. Which AWS service can the company use to meet these requirements?

Options:

A.

AWS Shield

B.

AWS WAF

C.

AWS Trusted Advisor

D.

AWS Service Catalog

Question 168

A company is planning to migrate a monolithic application to AWS. The company wants to modernize the application by splitting it into microservices. The company will deploy the microservices on AWS.

Which migration strategy should the company use?

Options:

A.

Rehost

B.

Repurchase

C.

Replatform

D.

Refactor

Question 169

A company wants to implement detailed tracking of its cloud costs by department and project.

Which AWS feature or service should the company use?

Options:

A.

Consolidated billing

B.

Cost allocation tags

C.

AWS Marketplace

D.

AWS Budgets

Question 170

A company wants to migrate its on-premises infrastructure to the AWS Cloud.

Which advantage of cloud computing will help the company reduce upfront costs?

Options:

A.

Go global in minutes

B.

Increase speed and agility

C.

Benefit from massive economies of scale

D.

Trade fixed expense for variable expense

Question 171

A company wants to transport 100 TB of data from its data center to AWS without using internet.

Which AWS service will meet this requirement?

Options:

A.

AWS Snowcone

B.

AWS Snowball Edge

C.

AWS Data Exchange

D.

AWS DataSync

Question 172

Under the AWS shared responsibility model, which of the following is a responsibility of the customer?

Options:

A.

Shred disk drives before they leave a data center.

B.

Prevent customers from gathering packets or collecting traffic at the hypervisor level.

C.

Patch the guest operating system with the latest security patches.

D.

Maintain security systems that provide physical monitoring of data centers.

Question 173

A company is running a workload in the AWS Cloud.

Which AWS best practice ensures the MOST cost-effective architecture for the workload?

Options:

A.

Loose coupling

B.

Rightsizing

C.

Caching

D.

Redundancy

Question 174

Which AWS services are connectivity services for a VPC? (Select TWO.)

Options:

A.

AWS Site-to-Site VPN

B.

AWS Direct Connect

C.

Amazon Connect

D.

AWS Key Management Service (AWS KMS)

E.

AWS Identity and Access Management (IAM)

Question 175

An IT engineer needs to access AWS services from an on-premises application.

Which credentials or keys does the application need for authentication?

Options:

A.

AWS account user name and password

B.

IAM access key and secret

C.

Amazon EC2 key pairs

D.

AWS Key Management Service (AWS KMS) keys

Question 176

Which Amazon EC2 pricing model is the MOST cost efficient for an uninterruptible workload that runs once a year for 24 hours?

Options:

A.

On-Demand Instances

B.

Reserved Instances

C.

Spot Instances

D.

Dedicated Instances

Question 177

A company is using a central data platform to manage multiple types of data for its customers. The company wants to use AWS services to discover, transform, and visualize the data.

Which combination of AWS services should the company use to meet these requirements? (Select TWO.)

Options:

A.

AWS Glue

B.

Amazon Elastic File System (Amazon EFS)

C.

Amazon Redshift

D.

Amazon QuickSight

E.

Amazon Quantum Ledger Database (Amazon QLDB)

Question 178

A company has an application that produces unstructured data continuously. The company needs to store the data so that the data is durable and easy to query.

Which AWS service can the company use to meet these requirements?

Options:

A.

Amazon RDS

B.

Amazon Aurora

C.

Amazon QuickSight

D.

Amazon DynamoDB

Question 179

A company wants to log in securely to Linux Amazon EC2 instances.

How can the company accomplish this goal?

Options:

A.

Use SSH keys.

B.

Use a VPN.

C.

Use end-to-end encryption.

D.

Use Amazon Route 53.

Question 180

A developer needs to maintain a development environment infrastructure and a production environment infrastructure in a repeatable fashion Which AWS service should the developer use to meet these requirements?

Options:

A.

AWS Ground Station

B.

AWS Shield

C.

AWS loT Device Defender

D.

AWS CloudFormation

Question 181

A company wants to build a new web application by using AWS services. The application must meet the on-demand load for periods of heavy activity.

Which AWS services or resources provide the necessary workload adjustments to meet these requirements? (Select TWO.)

Options:

A.

Amazon Machine Image (AMI)

B.

Amazon EC2 Auto Scaling

C.

Amazon EC2 instance

D.

AWS Lambda

E.

EC2 Image Builder

Question 182

A company needs to create and publish interactive business intelligence dashboards. The dashboards require insights that are powered by machine learning.

Which AWS service or tool will meet these requirements?

Options:

A.

AWS Glue Studio

B.

Amazon QuickSight

C.

Amazon Redshift

D.

Amazon Athena

Question 183

A company is planning to host its workloads on AWS.

Which AWS service requires the company to update and patch the guest operating system?

Options:

A.

Amazon DynamoDB

B.

Amazon S3

C.

Amazon EC2

D.

Amazon Aurora

Question 184

A company needs to block SQL injection attacks.

Which AWS service or feature can meet this requirement?

Options:

A.

AWS WAF

B.

AWS Shield

C.

Network ACLs

D.

Security groups

Question 185

A company is hosting an application in the AWS Cloud. The company wants to verify that underlying AWS services and general AWS infrastructure are operating normally.

Which combination of AWS services can the company use to gather the required information? (Select TWO.)

Options:

A.

AWS Personal Health Dashboard

B.

AWS Systems Manager

C.

AWS Trusted Advisor

D.

AWS Service Health Dashboard

E.

AWS Service Catalog

Question 186

Which option is a customer responsibility under the AWS shared responsibility model?

Options:

A.

Maintenance of underlying hardware of Amazon EC2 instances

B.

Application data security

C.

Physical security of data centers

D.

Maintenance of VPC components

Question 187

A company that has multiple business units wants to centrally manage and govern its AWS Cloud environments. The company wants to automate the creation of AWS accounts, apply service control policies (SCPs), and simplify billing processes.

Which AWS service or tool should the company use to meet these requirements?

Options:

A.

AWS Organizations

B.

Cost Explorer

C.

AWS Budgets

D.

AWS Trusted Advisor

Question 188

Which AWS resource can help a company reduce Its costs in exchange for a usage commitment when using Amazon EC2 instances?

Options:

A.

Compute Savings Plans

B.

Auto Stalling group

C.

On-Demand Instance

D.

EC2 instance store

Question 189

Which AWS Support plan provides the full set of AWS Trusted Advisor checks at the LOWEST cost?

Options:

A.

AWS Developer Support

B.

AWS Business Support

C.

AWS Enterprise On-Ramp Support

D.

AWS Enterprise Support

Question 190

Which of the following is a fully managed MySQL-compatible database?

Options:

A.

Amazon S3

B.

Amazon DynamoDB

C.

Amazon Redshift

D.

Amazon Aurora

Question 191

Which option is a perspective that includes foundational capabilities of the AWS Cloud Adoption Framework (AWS CAF)?

Options:

A.

Sustainability

B.

Security

C.

Performance efficiency

D.

Reliability

Question 192

A company needs to set a maximum spending limit on AWS services each month. The company also needs to set up alerts for when the company reaches its spending limit.

Which AWS service or tool should the company use to meet these requirements?

Options:

A.

Cost Explorer

B.

AWS Trusted Advisor

C.

Service Quotas

D.

AWS Budgets

Question 193

Which capabilities are in the platform perspective of the AWS Cloud Adoption Framework (AWS CAF)? (Select TWO.)

Options:

A.

Performance and capacity management

B.

Data engineering

C.

Continuous integration and continuous delivery (CI/CD)

D.

Infrastructure protection

E.

Change and release management

Question 194

A company has created an AWS Cost and Usage Report and wants to visualize the report.

Which AWS service should the company use to ingest and display this information?

Options:

A.

Amazon QuickSight

B.

Amazon Pinpoint

C.

Amazon Neptune

D.

Amazon Kinesis

Question 195

Which AWS services can host PostgreSQL databases? (Select TWO.)

Options:

A.

Amazon S3

B.

Amazon Aurora

C.

Amazon EC2

D.

Amazon OpenSearch Service

E.

Amazon Elastic File System (Amazon EFS)

Question 196

A company wants to create a globally accessible ecommerce platform for its customers. The company wants to use a highly available and scalable DNS web service to connect users to the platform.

Which AWS service will meet these requirements?

Options:

A.

Amazon EC2

B.

Amazon VPC

C.

Amazon Route 53

D.

Amazon RDS

Question 197

A user wants to allow applications running on an Amazon EC2 instance to make calls to other AWS services. The access granted must be secure. Which AWS service or feature should be used?

Options:

A.

Security groups

B.

AWS Firewall Manager

C.

IAM roles

D.

IAM user SSH keys

Question 198

A company is running a reporting web server application on Amazon EC2 instances. The application runs once every week and once again at the end of the month. The EC2 instances can be shut down when they are not in use.

What is the MOST cost-effective billing model for this use case?

Options:

A.

Standard Reserved Instances

B.

Convertible Reserved Instances

C.

On-Demand Capacity Reservations

D.

On-Demand Instances

Question 199

Which AWS Cloud benefit is shown by an architecture’s ability to withstand failures with minimal downtime?

Options:

A.

Agility

B.

Elasticity

C.

Scalability

D.

High availability

Question 200

Which of the following is an advantage that the AWS Cloud provides to users?

Options:

A.

Users eliminate the need to guess about infrastructure capacity requirements.

B.

Users decrease their variable costs by maintaining sole ownership of IT hardware.

C.

Users maintain control of underlying IT infrastructure hardware.

D.

Users maintain control of operating systems for managed services.

Question 201

A company has a client that uses an Amazon RDS database. The client requests Information about operating system-level upgrades on the AWS resources that host the RDS database. The company employs a third-party provider to monitor the RDS database.

Who is responsible for upgrading the operating systems for Amazon RDS under the AWS shared responsibility model?

Options:

A.

The client

B.

The company

C.

AWS

D.

The third-party provider

Question 202

Which AWS Support plans provide access to an AWS technical account manager (TAM)? (Select)

Options:

A.

AWS Basic Support

B.

AWS Developer Support

C.

AWS Business Support

D.

AWS Enterprise On-Ramp Support

E.

AWS Enterprise Support

Question 203

A company wants to receive a notification when a specific AWS cost threshold is reached.

Which AWS services or tools can the company use to meet this requirement? (Select TWO.)

Options:

A.

Amazon Simple Queue Service (Amazon SQS)

B.

AWS Budgets

C.

Cost Explorer

D.

Amazon CloudWatch

E.

AWS Cost and Usage Report

Question 204

A company is building AWS architecture to deliver real-time data feeds from an on-premises data center into an application that runs on AWS. The company needs a consistent network connection with minimal latency.

What should the company use to connect the application and the data center to meet these requirements?

Options:

A.

AWS Direct Connect

B.

Public internet

C.

AWS VPN

D.

Amazon Connect

Question 205

Which fully managed AWS service assists with the creation, testing, and management of custom Amazon EC? images?

Options:

A.

EC2 Image Builder

B.

Amazon Machine Image (AMI)

C.

AWS Launch Wizard

D.

AWS Elastic Beanstalk

Question 206

A company wants to monitor for misconfigured security groups that are allowing unrestricted access to specific ports.

Which AWS service will meet this requirement?

Options:

A.

AWS Trusted Advisor

B.

Amazon CloudWatch

C.

Amazon GuardDuty

D.

AWS Health Dashboard

Question 207

Which actions are best practices for an AWS account root user? (Select TWO.)

Options:

A.

Share root user credentials with team members.

B.

Create multiple root users for the account, separated by environment.

C.

Enable multi-factor authentication (MFA) on the root user.

D.

Create an IAM user with administrator privileges for daily administrative tasks, instead of using the root user.

E.

Use programmatic access instead of the root user and password.

Question 208

Which AWS service supports user sign-up functionality and authentication to mobile and web applications?

Options:

A.

Amazon Cognito

B.

AWS Config

C.

Amazon GuardDuty

D.

AWS Systems Manager

Question 209

A company has multiple SQL-based databases located in a data center. The company needs to migrate all database servers to the AWS Cloud to reduce the cost of operating physical servers.

Which AWS service or resource will meet these requirements with the LEAST operational overhead?

Options:

A.

Amazon EC2 instances

B.

Amazon RDS

C.

Amazon DynamoDB

D.

OpenSearch

Question 210

A company wants to provide managed Windows virtual desktops and applications to its remote employees over secure network connections. Which AWS services can the company use to meet these requirements? (Select TWO.)

Options:

A.

Amazon Connect

B.

Amazon AppStream 2.0

C.

Amazon Workspaces

D.

AWS Site-to-Site VPN

E.

Amazon Elastic Container Service (Amazon ECS)

Question 211

Which AWS service or feature gives users the ability to connect VPCs and on-premises networks to a central hub?

Options:

A.

Virtual private gateway

B.

AWS Transit Gateway

C.

Internet gateway

D.

Customer gateway

Question 212

A company has deployed an Amazon EC2 instance.

Which option is an AWS responsibility under the AWS shared responsibility model?

Options:

A.

Managing and encrypting application data

B.

Installing updates and security patches of guest operating system

C.

Configuration of infrastructure devices

D.

Configuration of security groups on each instance

Question 213

A company has moved all its infrastructure to the AWS Cloud. To plan ahead for each quarter, the finance team wants to track the cost and usage data of all resources from previous months. The finance team wants to automatically generate reports that contains the data.

Which AWS service or feature should the finance team use to meet these requirements?

Options:

A.

Amazon Detective

B.

AWS Pricing Calculator

C.

AWS Budgets

D.

AWS Savings Plans

Question 214

Which AWS service provides threat detection by monitoring for malicious activities and unauthorized actions to protect AWS accounts, workloads, and data that is stored in Amazon S3?

Options:

A.

AWS Shield

B.

AWS Firewall Manager

C.

Amazon GuardDuty

D.

Amazon Inspector

Question 215

A company has a workload that will run continuously for 1 year. The workload cannot tolerate service interruptions.

Which Amazon EC2 purchasing option will be MOST cost-effective?

Options:

A.

All Upfront Reserved Instances

B.

Partial Upfront Reserved Instances

C.

Dedicated Instances

D.

On-Demand Instances

Question 216

A company is using Amazon DynamoDB.

Which task is the company's responsibility, according to the AWS shared responsibility model?

Options:

A.

Patch the operating system

B.

Provision hosts

C.

Manage database access permissions.

D.

Secure the operating system

Question 217

A developer has been hired by a large company and needs AWS credentials.

Which are security best practices that should be followed? (Select TWO.)

Options:

A.

Grant the developer access to only the AWS resources needed to perform the job.

B.

Share the AWS account root user credentials with the developer.

C.

Add the developer to the administrator's group in AWS IAM.

D.

Configure a password policy that ensures the developer's password cannot be changed.

E.

Ensure the account password policy requires a minimum length.

Question 218

An ecommerce company has deployed a new web application on Amazon EC2 Instances. The company wants to distribute incoming HTTP traffic evenly across all running instances.

Which AWS service or resource will meet this requirement?

Options:

A.

Amazon EC2 Auto Scaling

B.

Application Load Balancer

C.

Gateway Load Balancer

D.

Network Load Balancer

Question 219

Which AWS service gives users the ability to discover and protect sensitive data that is stored in Amazon S3 buckets?

Options:

A.

Amazon Macie

B.

Amazon Detective

C.

Amazon GuardDuty

D.

AWS I AM Access Analyzer

Question 220

A company wants to run its workload on Amazon EC2 instances for more than 1 year. This workload will run continuously.

Which option offers a discounted hourly rate compared to the hourly rate of On-Demand Instances?

Options:

A.

AWS Graviton processor

B.

Dedicated Hosts

C.

EC2 Instance Savings Plans

D.

Amazon EC2 Auto Scaling instances

Question 221

What is the best resource for a user to find compliance-related information and reports about AWS?

Options:

A.

AWS Artifact

B.

AWS Marketplace

C.

Amazon Inspector

D.

Increase operational costs across data centers.

Question 222

A company needs to store infrequently used data for data archives and long-term backups.

Which AWS service or storage class will meet these requirements MOST cost-effectively?

Options:

A.

Amazon FSx for Lustre

B.

Amazon Elastic Block Store (Amazon EBS)

C.

Amazon Elastic File System (Amazon EFS)

D.

Amazon S3 Glacier Flexible Retrieval

Question 223

A company wants high levels of detection and near-real-time (NRT) mitigation against large and sophisticated distributed denial of service (DDoS) attacks on applications running on AWS.

Which AWS service should the company use?

Options:

A.

Amazon GuardDuty

B.

Amazon Inspector

C.

AWS Shield Advanced

D.

Amazon Macie

Question 224

A company wants to build graph queries for real-time fraud pattern detection.

Which AWS service will meet this requirement?

Options:

A.

Amazon Neptune

B.

Amazon DynamoDB

C.

Amazon Timestream

D.

Amazon Forecast

Question 225

Which AWS service or tool gives users the ability to connect with AWS and deploy resources programmatically?

Options:

A.

Amazon quickSight

B.

AWS PrivateLink

C.

AWS Direct Connect

D.

AWS SDKs

Question 226

A company wants its AWS usage to be more sustainable. The company wants to track, measure, review, and forecast polluting emissions that result from its AWS applications.

Which AWS service or tool can the company use to meet these requirements?

Options:

A.

AWS Health Dashboard

B.

AWS customer carbon footprint tool

C.

AWS Support Center

D.

Amazon QuickSight

Question 227

What is the total volume of data that can be stored in Amazon S3?

Options:

A.

10 PB

B.

50 PB

C.

100 PB

D.

Virtually unlimited

Question 228

A developer wants to deploy an application quickly on AWS without manually creating the required resources. Which AWS service will meet these requirements?

Options:

A.

Amazon EC2

B.

AWS Elastic Beanstalk

C.

AWS CodeBuild

D.

Amazon Personalize

Question 229

A company plans to migrate to the AWS Cloud. The company is gathering information about its on-premises infrastructure and requires information such as the hostname, IP address, and MAC address.

Which AWS service will meet these requirements?

Options:

A.

AWS DataSync

B.

AWS Application Migration Service

C.

AWS Application Discovery Service

D.

AWS Database Migration Service (AWS DMS)

Question 230

A company plans to perform a one-time migration of a large dataset with millions of files from its on-premises data center to the AWS Cloud.

Which AWS service should the company use for the migration?

Options:

A.

AWS Database Migration Service (AWS DMS)

B.

AWS DataSync

C.

AWS Migration Hub

D.

AWS Application Migration Service

Question 231

A company wants to deploy a web application as a containerized application. The company wants to use a managed service that can automatically create container images from source code and deploy the containerized application.

Which AWS service will meet these requirements?

Options:

A.

AWS Elastic Beanstalk

B.

Amazon Elastic Container Service (Amazon ECS)

C.

AWS App Runner

D.

Amazon EC2

Question 232

Which of the following is a customer responsibility according to the AWS shared responsibility model?

Options:

A.

Apply security patches for Amazon S3 infrastructure devices.

B.

Provide physical security for AWS datacenters.

C.

Install operating system updates on Lambda@Edge.

D.

Implement multi-factor authentication (MFA) for 1AM user accounts.

Question 233

A company wants to connect its supported AWS services and VPCs. The company does not wa......

Which AWS service will meet these requirements?

Options:

A.

Amazon Inspector

B.

AWS PrivateLink

C.

Amazon Connect

D.

AWS Internet Gateway

Question 234

A company runs an uninterruptible Amazon EC2 workload on AWS 24 hours a day. 7 days a week. The company will require the same instance family and instance type to run the workload for the next 12 months.

Which combination of purchasing options should the company choose to MOST optimize costs? (Select TWO.)

Options:

A.

Standard Reserved Instance

B.

Convertible Reserved Instance

C.

Compute Savings Plan

D.

Spot Instance

E.

All Upfront payment

Question 235

Which capabilities are in the platform perspective of the AWS Cloud Adoption Framework (AWS CAF)? (Select TWO.)

Options:

A.

Performance and capacity management

B.

Data engineering

C.

Continuous integration and continuous delivery (CI/CD)

D.

Infrastructure protection

E.

Change and release management

Page: 1 / 79
Total 785 questions