AWS Cloud Practitioner-Interview

John is working on a web application that needs to read/write an Amazon DynamoDB table and an Amazon S3 bucket. This operation requires AWS credentials and authorization to use AWS services. Which service would John use?

Correct Answer: AWS IAM Role.

Which service would help to support your web application to offload serving static assets and store user uploaded images and video off-instance?

Correct Answer: Amazon S3

What is Amazon CloudFront service?

Correct Answer: Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

There are more Regions than Edge Locations. Select the best response.
True
False

Correct Answer: False

IAM user is an important service in AWS.Which of the following should an IAM user provide to interact with AWS services using the AWS CLI?
Secret token
Access keys
Correct Answer: Access keys

What does the “Principle of Least Privilege” refer to?

Correct Answer: You should grant your users only the permissions they need when they need them and nothing more.

Which among the following AWS service is used to ensure that messages between software components are not lost if one or more components fail?
Amazon SQS
Amazon Connect
Correct Answer: Amazon SQS

Which of the following S3 storage classes is ideal for data with unpredictable access patterns?
Amazon S3 Intelligent-Tiering.
Amazon S3 Standard-Infrequent Access.
Correct Answer: Amazon S3 Intelligent-Tiering.

Can we use an AMI to launch an instance, which is the copy of the AMI running as a virtual server on a host computer in Amazon’s data center?
Yes
No
Correct Answer: Yes
What acts as an additional layer of security at the subnet level in a VPC?

Correct Answer: Network Access Control Lists

An AMI is template that contains a software configuration such as an operating system, application server, and applications. Choose the best response.
True
False

Correct Answer: True

Amazon S3 is an object-level storage service.
True
False
Correct Answer: True

The principle “design for failure and nothing will fail” is very important when designing your AWS Cloud architecture. Which of the following would help adhere to this principle?

Correct Answer: Availability Zones

What is the AWS database service that allows you to upload data structured in key-value format?
DynamoDB
Amazon Redshift
Correct Answer: DynamoDB

John wants to run a questionnaire application for only one day (without interruption), which AWS EC2 purchase option would you choose?

Correct Answer: On-demand instances

What are the benefits of having infrastructure hosted in the AWS Cloud? (Choose two)
Competitive upfront costs
Increase speed and agility
All of the physical security and most of the data/network security are taken care of for you
There is no need to worry about security
Correct Answer: Increase speed and agility.All of the physical security and most of the data/network security are taken care of for you.

Consider you have created Amazon EC2 instance.To find out the private and public IP addresses for an Amazon EC2 instance,you retrieve the instance metadata. it true or false?
True
False
Correct Answer: True

What is the AWS service that provides a virtual network dedicated to your AWS account?

Correct Answer: AWS VPC

Which of the following services may not be required when building auto-scalable architecture in AWS?

Correct Answer: S3

True or False: S3 is object storage suitable for the storage of ‘flat’ files like Word documents, photos, etc.

Correct Answer: True

IAM policies are written using __.
SGML
SAML
JSON
Correct Answer: JSON

Which of the following is the document used to grant permissions to users, groups, and roles?
Paradigm
Protocol
Policy
Correct Answer: Policy

Which of the following data archival services is extremely inexpensive, but has a several hour data-retrieval window?
S3
S3-IA
Glacier
Correct Answer: Glacier

Which service provides DNS in the AWS cloud?
Amazon CloudFront
Route 53
AWS Config
Correct Answer: Route 53

According to the AWS Acceptable Use Policy, which of the following statements is true regarding penetration testing of EC2 instances?
Penetration testing is not allowed in AWS.

Can be performed by the customer on their own instances without prior authorization from AWS.
Correct Answer: Can be performed by the customer on their own instances without prior authorization from AWS.

The identification process of an online financial services company requires that new users must complete an online interview with their security team. Once the users’ identities are verified, the recorded interviews may not be required in the future unless there are compliance issues. What is the most cost-effective service to store the recorded videos?

Correct Answer: AWS Glacier

True or False: Objects stored in S3 are stored in a single, central location within AWS.
False
True
Correct Answer: True

Which of the following EC2 options is best for long-term workloads with predictable usage patterns?
Correct Answer: Reserved instances

A company has decided to migrate to AWS. What design principles should they consider to facilitate good design in the cloud?
Correct Answer: Automate to make architectural experimentation easier.

True or False: With Consolidated Billing, the Paying Account can make changes to any of the resources owned by a Linked Account.
True
False
A company has moved to AWS recently. They have a lot of concerns about the security of the cloud. Which of the following would help them ensure that the right security settings are put in place? (Choose two)
AWS Trusted Advisor
Concierge Support Team
AWS Inspector
Correct Answer: AWS Trusted Advisor.

AWS Inspector.

What does the AWS Snowball provide?
A direct encrypted connection to Amazon S3.
Secure transfer of large amounts of data into and out of the AWS Cloud.
Correct Answer: Secure transfer of large amounts of data into and out of the AWS Cloud.

Availability Zones within a Region are connected over low-latency links. Which of the following is a benefit of these links?
Achieve global high availability
Make synchronous replication of your data possible
Correct Answer: Make synchronous replication of your data possible

You work as an on-premises MySQL DBA. The work of database configuration, backups, patching, and DR can be time-consuming and repetitive. Your company has decided to migrate to the AWS Cloud. Which of the following can help save time on the regular database tasks so you can focus on giving users the fast performance and high availability that they need?
Amazon RDS
Amazon Redshift
Correct Answer: Amazon RDS

A company is planning to develop an application consisting of hundreds of microservices. They decide to host the application on the AWS Cloud. Since there are a large number of services produced by the application, it needs a powerful tool for analysis and debugging. Which of the following services can best meet this requirement?
AWS OpsWorks
AWS X-Ray
Correct Answer: AWS X-Ray

Select TWO examples of the AWS shared controls.
Patch Management.
Configuration Management.
VPC Management.
Correct Answer: Patch Management..Configuration Management..

A developer is planning to build a two-tier web application that has a MySQL database layer. Which of the following AWS database deployments would provide automated backups to his application?
Amazon DocumentDB
Amazon Aurora
Correct Answer: Amazon Aurora

Which of the following EC2 instance types will realize a savings over time in exchange for a contracted term-of-service?
Discount instances
On-demand instances
Reserved instances
Correct Answer: Reserved instances

Which of the following option is correct regarding Amazon Redshift?
Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools.
Amazon Redshift is a NoSQL database service.
Amazon Redshift is a monitoring service that gives you complete visibility of your cloud resources and applications
Amazon Redshift makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups.
Correct Answer: Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools.

Which of the following AWS services are free to use? (Choose 5)
Auto-Scaling
Route53
IAM
S3
CloudFormation
Elastic Beanstalk
VPC
Correct Answer: Auto-Scaling

.IAM.

CloudFormation.

Elastic Beanstalk.

VPC.

A company has developed an eCommerce web application in AWS. What should they do to ensure that the application has the highest level of availability?
Deploy the application across multiple Regions and Availability Zones
Deploy the application across multiple VPC’s and subnets
Correct Answer: Deploy the application across multiple Regions and Availability Zones

A company decides to migrate its Oracle database to AWS. Which AWS service can help achieve this without negatively impacting the functionality of the source database?
AWS Server Migration Service
AWS Database Migration Service
Correct Answer: AWS Database Migration Service

Which of the following support plans features a < 4-hour response time in the event of an impaired production system?
Basic
Developer
Business
Correct Answer: Business

What do you gain from setting up consolidated billing for five different AWS accounts under another master account?
Each AWS account gets volume discounts.
Each AWS account gets six times the free-tier services capacity.
Correct Answer: Each AWS account gets volume discounts.

By default, what is the maximum number of Linked Accounts per Paying Account under Consolidated Billing?
100
50
20
Your Answer : 100

Which of the following best describes a Resource Group?
A resource group is a collection of resources of the same type (EC2, S3, etc.) that share one or more tags or portions of tags.
A resource group is a collection of resources that share one or more tags (or portions of tags.)
A resource group is a collection of resources of the same type (EC2, S3, etc.) that are deployed in the same Availability Zone.
Correct Answer: A resource group is a collection of resources that share one or more tags (or portions of tags.)

What should you do in order to keep the data on EBS volumes safe?
Create EBS snapshots
Store a backup daily in an external drive
Correct Answer: Create EBS snapshots

Which of the following support plans features access to AWS Support during business hours via email?
Developer
Basic
Enterprise
Which of the following option is incorrect?
Amazon SES refers to the Amazon Simple Email service.
AWS EC2 is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.
Amazon EMR is used to run and scale Apache Spark, Hadoop, HBase, Presto, Hive, and other Big Data Frameworks.
AWS CloudFormation is a service that helps you model and set up your Amazon Web Services resources so that you can spend less time managing those resources and more time focusing on your applications that run in AWS.
Correct Answer: Amazon Aurora is a configuration management service that provides managed instances of Chef and Puppet.

A company complains that they are wasting a lot of money on underutilized compute resources in AWS. Which AWS feature should they use to ensure that their applications are automatically adding/removing compute capacity to closely match the required demand?
AWS Budgets
AWS Auto Scaling
Correct Answer: AWS Auto Scaling

Which of the following are valid EC2 pricing options? (Choose 2)
Stop
On-Demand
Enterprise
Reserved
Correct Answer: On-Demand.

Reserved.

AWS encourages its customers to decouple their applications in AWS, what is the main benefit of decoupling?
Reduce inter-dependencies, so failures do not impact other components of the application.
Allows you to deal with your application as a single unit.
Correct Answer: Reduce inter-dependencies, so failures do not impact other components of the application.

Which of the following option is incorrect?
Amazon Aurora is a configuration management service that provides managed instances of Chef and Puppet.
The main purpose of the AWS CloudWatch is to monitor the utilization of your AWS resources.
AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors.
Correct Answer: Amazon Aurora is a configuration management service that provides managed instances of Chef and Puppet.

Which of the following is not a fundamental AWS charge?
Data-in
Compute
Storage
Correct Answer: Data-in

What is the AWS service that enables AWS architects to manage infrastructure as code?
AWS CloudFormation
Amazon SES
Correct Answer: AWS CloudFormation

Which of the following services allows you to manage your agreements with AWS?
AWS Artifact
AWS Certificate Manager
Correct Answer: AWS Artifact

Which of the following option is incorrect?
Auto scaling is the feature that automates the process of adding/removing the server capacity (based on demand). Autoscaling allows you to reduce your costs by automatically turning off resources that aren’t in use.
AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount.
AWS Elastic Load Balancer (ELB) is the service that distributes the incoming application traffic to multiple targets that you define.
AWS EC2 lets you dive deeper into your cost and usage data to identify trends, pinpoint cost drivers, and detect anomalies.
Correct Answer: AWS EC2 lets you dive deeper into your cost and usage data to identify trends, pinpoint cost drivers, and detect anomalies.

One of the most important AWS best practices to follow is the cloud architecture principle of elasticity. How does following this principle improve your architecture’s design?
By automatically scaling your AWS resources using the Elastic Load Balancer
By automatically provisioning the required AWS resources based on changes in demand
Correct Answer: By automatically provisioning the required AWS resources based on changes in demand

How can you view the distribution of AWS spending in one of your AWS accounts?
By using AWS Cost Explorer
By contacting the AWS Support team
Correct Answer: By using AWS Cost Explorer

Which of the following are criteria affecting your billing for RDS? (Choose 3)
Data transfer in
Number of requests
Additional storage
Standby time
Clock hours of server time
Correct Answer: Number of requests.Additional storage.Clock hours of server time.

A company is planning to introduce a new product to their customers. They are expecting high traffic to their web application. As part of the Enterprise support plan, which of the following could provide them with architectural and scaling guidance?
AWS Support API
Infrastructure Event Management
Correct Answer: Infrastructure Event Management

Which of the following option is correct regarding AWS CloudTrail ?
AWS CloudTrail is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.
AWS CloudTrail provides a preconfigured view, based on fixed filter settings, that displays information about your usage and cost trends.
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.
AWS CloudTrail is an online tool that provides real time guidance to help you provision your resources following AWS best practices.
Correct Answer: AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.

Which of the following option is correct regarding AWS Database Migration Service (DMS)?
AWS Database Migration Service (DMS) is a configuration management service that provides managed instances of Chef and Puppet.
AWS Database Migration Service (DMS) is used to migrate your on-premises workloads to AWS.
AWS Database Migration Service (DMS) helps enterprise customers plan migration projects by gathering information about their on-premises data centers.
AWS Database Migration Service (DMS) helps you migrate databases to AWS easily and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database.
Correct Answer: AWS Database Migration Service (DMS) helps you migrate databases to AWS easily and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database.

You have noticed that several critical Amazon EC2 instances have been terminated. Which of the following AWS services would help you determine who took this action?
AWS CloudTrail
Amazon EC2 Usage report
Correct Answer: AWS CloudTrail

Which of the following option is incorrect?
AWS EC2 is a web service for securely controlling access to AWS services. With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users and applications can access.
Amazon RDS is relational database service.
Network Access Control Lists is a VPC feature that allows you to control traffic at the subnet level.
Amazon EMR is used to run and Scale Apache Spark, Hadoop, HBase, Presto, Hive, and other Big Data Frameworks.
Correct Answer: AWS EC2 is a web service for securely controlling access to AWS services. With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users and applications can access.

Which of the following option is correct regarding AWS Direct Connect?
AWS Direct Connect is used to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your data center, office, or co-location environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections.
AWS Direct Connect is used to physically migrate petabyte-scale data sets into and out of AWS.
AWS Direct Connect is a content delivery network.
Correct Answer: AWS Direct Connect is used to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your data center, office, or co-location environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections.

Which of the following option is incorrect regarding Amazon Inspector?
Amazon Inspector can be used to check the network accessibility of your Amazon EC2 instances -at the subnet level- but this is not done automatically.
Amazon Inspector allows you to create assessment templates to automate security vulnerability assessments throughout your development and deployment pipelines or for static production systems.
Amazon Inspector is an automated security assessment service that helps you test the network accessibility of your Amazon EC2 instances and the security state of your applications running on the instances.
Correct Answer: Amazon Inspector can be used to check the network accessibility of your Amazon EC2 instances -at the subnet level- but this is not done automatically.

Which AWS network feature can establish a private network connection between AWS and your datacenter?
AWS Direct Connect
Amazon CloudFront
AWS Snowball
Correct Answer: AWS Direct Connect

Which of the following services will help you optimize your entire AWS environment in real time following AWS best practices?
AWS Inspector
AWS Trusted Advisor
AWS Shield
Correct Answer: AWS Trusted Advisor

Which of the following AWS services can help you assess the fault-tolerance of your AWS environment?
AWS Trusted Advisor
AWS Shield
AWS Inspector
Correct Answer: AWS Trusted Advisor

What does Amazon Elastic Beanstalk provide?
A PaaS solution to automate application deployment.
A compute engine for Amazon ECS.
A long-term data storage.
Correct Answer: A PaaS solution to automate application deployment.

A company created a solution that will help AWS customers improve their architectures on AWS. Which AWS program may support this company?
APN Technology Partners
APN Consulting Partners
AWS Professional Services
Correct Answer: APN Consulting Partners

Which of the following is not a benefit of Amazon S3? (Choose TWO)
Amazon S3 can be scaled manually to store and retrieve any amount of data from anywhere.
Amazon S3 can run any type of application or backend system.
Amazon S3 stores any number of objects, but with object size limits.
Correct Answer: Amazon S3 can be scaled manually to store and retrieve any amount of data from anywhere..Amazon S3 can run any type of application or backend system..

You need to use an AWS service to assess the security and compliance of your EC2 instances. Which of the following services should you use?
AWS WAF
AWS Inspector
AWS Shield
Correct Answer: AWS Inspector