Which of the following is included within the security pillar of the AWS Well-Architected Framework?
Which AWS service or component allows inbound traffic from the internet to access a VPC?
Which of the following are AWS compute services? (Select TWO.)
Which AWS service does AWS Snowball Edge natively support?
Which of the following are benefits of running a database on Amazon RDS compared to an on-premises database? (Select TWO )
Which AWS service does AWS Snowball Edge natively support?
A network engineer needs to build a hybrid cloud architecture connecting on-premises networks to the AWS Cloud using AWS Direct Connect. The company has a few VPCs in a single AWS Region and expects to increase the number of VPCs to hundreds over time. Which AWS service or feature should the engineer use to simplify and scale this connectivity as the VPCs increase in number?
Which AWS service or feature allows a user to establish a dedicated network connection between a company's on-premises data center and the AWS Cloud?
What technology enables compute capacity to adjust as loads change?
A user is planning to launch two additional Amazon EC2 instances to increase availability. Which action should the user take?
A company would like to host its MySQL databases on AWS and maintain full control over the operating system, database installation, and configuration. Which AWS service should the company use to host the databases?
Under the AWS shared responsibility model what are the customer's responsibilities? (Select TWO.)
Which of the following is a benefit of using the AWS Cloud?
A cloud practitioner needs to obtain AWS compliance reports before migrating an environment to the AWS Cloud. How can these reports be generated?
Which of the following can be used to identify a specific user who stopped an amazon EC2 instance?
The continual reduction of AWS Cloud pricing is due to:
Which AWS services or features help decrease network latency for a globally dispersed user base? (Select TWO.)
A company wants to use Amazon Elastic Compute Cloud (Amazon EC2) to deploy a global commercial application. The deployment solution should be built with the highest redundancy and fault tolerance. Based on this situation the Amazon EC2 instances should be deployed:
A user needs to quickly deploy a nonrelational database on AWS. The user does not want to manage the underlying hardware or the database software. Which AWS service cart be used to accomplish this?
Which AWS service provides a report that enables users to assess AWS infrastructure compliance?
A retail company is building a new mobile app. The company is evaluating whether to build the app at an on-premises data center or in the AWS Cloud. Which of the following are benefits of building this app in the AWS Cloud? (Select TWO.)
A retail company is migrating its IT infrastructure applications from on premises to the AWS Cloud.
Which costs will the company eliminate with this migration? (Select TWO.)
A company wants to migrate its on-premises Microsoft SQL Server database server to the AWS Cloud. The company has decided to use Amazon EC2 instances to run this database.
Which of the following is the company responsible for managing, according to the AWS shared responsibility model?
A company discovered unauthorized access to resources in its on-premises data center. Upon investigation, the company found that the requests originated from a resource hosted on AWS. Which AWS team should the company contact to report this issue?
Which tasks are responsibilities of AWS, according to the AWS shared responsibility model? (Select TWO.)
A developer is working on enhancing applications at AWS. The developer needs a service that can securely host GitHub-based code, repositories, and version controls. Which AWS service should the developer use?
Which duty is a responsibility of AWS under the AWS shared responsibility model?
Which AWS service enables the decoupling and scaling of applications?
Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.
Which AWS service should a company use to create a NoSQL database?
A company manages global applications that require static IP addresses.
Which AWS service would enable the company to improve the availability and performance of its applications?
AWS Global Accelerator provides you with a set of static IP addresses that can map to multiple application endpoints across AWS Regions, to improve redundancy.
Which AWS service provides storage that can be mounted across multiple Amazon EC2 instances?
Which tasks require use of the AWS account root user? (Select TWO.)
Which AWS service decouples application components so that the components run independently?
Amazon SQS is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed systems, and serverless applications. Amazon SQS lets you decouple application components so that they run and fail independently, increasing the overall fault tolerance of the system.
A company needs to report on events that involve the specific AWS services that the company uses.
Which AWS service or resource can the company use with Amazon CloudWatch to meet this requirement?
A company needs steady and predictable performance from its Amazon EC2 instances at the lowest possible cost. The company also needs the ability to scale resources to ensure that it has the right resources available at the right time.
Which AWS service or resource will meet these requirements?
AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost.
A company wants to analyze streaming user data and respond to customer queries in real time.
Which AWS service can meet these requirements?
Amazon Kinesis is the AWS service that makes it easy to collect, process, and analyze such real-time, streaming data with four different capabilities: Kinesis Data Streams: Enables ingesting, buffering, and custom processing of your streaming data.
A company wants to secure its consumer web application by using SSL/TLS to encrypt traffic.
Which AWS service can the company use to meet this goal?
To enable HTTPS connections to your website or application in AWS, you need an SSL/TLS server certificate. For certificates in a Region supported by AWS Certificate Manager (ACM), we recommend that you use ACM to provision, manage, and deploy your server certificates.
Which combination of steps will enable multi-factor authentication (MFA) on an AWS account? (Select TWO.)
AWS Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your user name and password. With MFA enabled, when a user signs in to an AWS website, they will be prompted for their user name and password (the first factor—what they know), as well as for an authentication response from their AWS MFA device (the second factor—what they have). Taken together, these multiple factors provide increased security for your AWS account settings and resources.
Which approach will enhance a user’s security on AWS?
What is a benefit of using AWS serverless computing?
Serverless computing allows you to build and run applications and services without thinking about servers. With serverless computing, your application still runs on servers, but all the server management is done by AWS.
Which AWS benefit enables users to deploy cloud infrastructure that consists of multiple geographic regions connected by a network with low latency, high throughput, and redundancy?
The AWS Global Cloud Infrastructure is the most secure, extensive, and reliable cloud platform, offering over 200 fully featured services from data centers globally. Whether you need to deploy your application workloads across the globe in a single click, or you want to build and deploy specific applications closer to your end-users with single-digit millisecond latency, AWS provides you the cloud infrastructure where and when you need it.
Which AWS services or features can a company use to connect the network of its on-premises data center to AWS? (Select Two.)
Which AWS service provides an isolated virtual network to connect AWS services and resources?
Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you've defined. This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
Which AWS service acts as a data extract transform and load (ETL) tool to make it easy to prepare data for analytics?
A company has an uninterruptible application that runs on Amazon EC2 instances. The application constantly processes a backlog of files in an Amazon Simple Queue Service (Amazon SQS) queue. This usage is expected to continue to grow for years.
What is the MOST cost-effective EC2 instance purchasing model to meet these requirements?
Which AWS service or feature provides information about ongoing or upcoming scheduled events that can affect an AWS account?
According to the AWS shared responsibility model, which of the following are AWS responsibilities? (Select TWO)
A company needs a persistent cloud environment for development and testing for a project that will run for 3 months.
Which Amazon EC2 instance purchasing option meets these requirements MOST cost-effectively?
Which cloud characteristics enable a company to provision or release computing capacity as required? (Select Two.)
A company’s traffic logs show that IP addresses owned by AWS are being used in an attempt to flood ports on system resources.
To whole should the cloud practitioner report this issue?
Which is a recommended pattern for designing a highly available architecture on AWS?
A user has underutilized on-premises resources. Which AWS Cloud concept can BEST address this Issue?
Which AWS service or feature is used to troubleshoot network connectivity issues between Amazon EC2 instances?
Which of the following are advantages of using Amazon EC2 instances over traditional on-premses servers? (Select TWO.)
A company runs its business-critical web application on Amazon Elastic Container Service (Amazon ECS) and Amazon DynamoDB. The workload spikes up to 10 times the normal workload multiple times during the day.
Which AWS Cloud feature enables the company to meet these changes in demand?
A company uses Amazon S3 buckets. One of the company’s dependents enabled S3 Cross-Region Replication for those buckets to meet new requirements. The company’s bill for that month was larger than usual.
Which AWS service or feature can the company use to confirm that the cost increase was caused by the data replication?
Which of the following will help a user determine if they need to request a VPC service limit increase?
AWS Cost and Usage Reports tracks your AWS usage and provides estimated charges associated with your account. Each report contains line items for each unique combination of AWS products, usage type, and operation that you use in your AWS account.
AWS Trusted Advisors provides recommendations that help you follow AWS best practices. Trusted Advisor evaluates your account by using checks. These checks identify ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas.
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. ... The dashboard displays relevant and timely information to help you manage events in progress, and provides proactive notification to help you plan for scheduled activities.
AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures.
Which AWS services or features enable users to connect on-premises networks to a VPC? (Select Two.)
A user wants to move legacy applications to the AWS Cloud to reduce the total cost. Which option is the MOST cost-effective according to best practices?
What can users access from AWS Artifact?
Which AWS service or tool should a company use to centrally request and track service limit increases?
A company's security team requires that all Amazon EC2 workloads use approved Amazon Machine Images (AMIs). Which AWS service should the company use to verify that the EC2 instances are using approved AMIs?
A developer wants to use an Amazon S3 bucket to store application logs that contain sensitive data. Which AWS service or feature should the developer use to restrict read and write access to the S3 bucket?
A customer is deploying a new serverless application running on AWS Lambda.
Which of the following are the customer's responsibilities under the AWS shared responsibility model? (Select TWO.)
A development learn wants to deploy multiple test environments for an application in a fast, repeatable manner.
Which AWS service should the learn use?
A company has a serverless application that includes an Amazon API Gateway DynamoDB database a function, and an Amazon Which AWS service can the company use to trace user requests as they move through the application s components ?
What information is found on an AWS Identity and Access Management (IAM) credential report? (Select TWO.)
A company wants to be notified when its AWS Cloud costs or usage exceed defined thresholds. Which AWS service will support these requirements?
Which of the following security resources are supplied by AWS? (Select TWO.)
An e-learning platform needs to run an application for 2 months each year The application will be deployed on Amazon EC2 instances. Any application downtime during those 2 months must be avoided.
Which EC2 purchasing option will meet these requirements MOST cost-effectively?
A company sets up its AWS environment and creates eight IAM users for the development team.
Which of the following is a best practice for the company to follow to grant permissions to these IAM users?
What tasks should a customer perform when that customer suspects an AWS account has been compromised? (Choose two.)
Which benefit is always free of charge with AWS, regardless of a user’s AWS support plan?
Which action will provide documentation to help a company evaluate whether its use of the AWS Cloud is compliant with local regulatory standards?
Which of the following are included in AWS Enterprise Support? (Select TWO.)
A company wants guidance to optimize the cost and performance of its current AWS environment. Which AWS service or tool should the company use to identify areas for optimization?
A company wants to establish an encrypted network connection between applications at its on-premises data center and the applications that run in its AWS account. The connection must be over the public internet.
Which AWS service can the company use to meet these requirements?
Which tool can be used to create alerts when the actual or forecasted cost of AWS services exceeds a certain threshold?
Which task is a customer's responsibility, according to the AWS shared responsibility model?
A company is building a mobile app to provide shopping recommendations lo its customers. The company wants to use a graph database as part of the shopping recommendation engine.
Which AWS database service should the company choose?
Which statement describes a characteristic of the AWS global infrastructure?
Which actions should a company take to avoid failure in an AWS architecture design? (Select TWO)
Which of the following are aspects of the AWS shared responsibility model? (Select Two.)
Which Amazon EC2 pricing model provides the MOST cost savings for an always-up, right-sized database server running for a project that will last 1 year?
A company wants to configure its AWS resources so that the resources can be easily deployed across different AWS Regions. The company wants the deployment to be as automated as. Which AWS service will meet these requirements?
Using AWS CodePipeline and AWS CloudFormation, you can use continuous delivery to automatically build and test changes to your AWS CloudFormation stacks before promoting them to production stacks. This release process lets you rapidly and reliably make changes to your AWS infrastructure.
WS CloudFormation provides users with a simple way to create and manage a collection of Amazon Web Services (AWS) resources by provisioning and updating them in a predictable way. AWS CloudFormation enables you to manage your complete infrastructure or AWS resources in a text file.
A developer is testing a Docker-based application that uses the AWS SDK to interact with Amazon DynamoDB. In the local development environment the application has used 1AM access keys. The application is now ready for deployment onto an ECS cluster
How should the application authenticate with AWS services in production?
A company wants an in-memory data store that is compatible with open source in the cloud. Which AWS service should the company use?
How does AWS Cloud computing help businesses reduce costs? (Select TWO.)
A company wants to increase its ability to recover its infrastructure in the case of a natural disaster. Which pillar of the AWS Well-Architected Framework does this ability represent?
A developer is adding a feature to a client-side application so that users can upload videos to an Amazon S3 bucket.
What is the MOST secure way to give the application the ability to write files to the S3 bucket?
A company has dn application that analyzes photographs. A developer is preparing the application for deployment to Amazon EC2 instances. The application's image analysis functions require a mix of GPU instances and CPU instances that run on Amazon Linux. The developer needs to add code to the application so that the functions can determine whether they are running on a GPU instance
What should the functions do to obtain this information?
A developer needs to use the AWS CLI on an on-premises development server temporarily to access AWS services while performing maintenance. The developer needs to authenticate to AWS with their identity for several hours.
What is the MOST secure way to call AWS CLI commands with the developer's IAM identity?
An application needs to encrypt data that is written to Amazon S3 where the keys are managed in an on-premises data center and the encryption is handled by S3
Which type of encryption should be used?
A developer has created a web API that uses Amazon Elastic Container Service (Amazon ECS) and an Application Load Balancer (ALB) An Amazon CloudFront distribution uses the API as an origin for web clients The application has received millions of requests with a JSON Web Token (JWT) that is not valid in the authorization header The developer has scaled out the application to handle the unauthenticated requests
What should the developer do to reduce the number of unauthenticated requests to the API?
Which network security features are supported by Amazon VPC? (Select TWO.)
A company is using continuous integration/continuous delivery (CI/CD) systems A developer must automate the deployment of an application software package to Amazon EC2 instances and virtual servers that run on premises
Which AWS service should the developer use to meet these requirements?
A company needs to generate reports that will describe its usage of Amazon EC2 Reserved Instances across AWS accounts for the past month. Which AWS service or tool can the company use to meet this requirement?