AWS Certified Cloud Practitioner QUIZ SET 3 Author: CloudVikas Published Date: 22 March 2020 Welcome to AWS Certified Cloud Practitioner QUIZ SET 3. Please enter Email ID to get QUIZ Results. Hope you will enjoy this. 1. In EC2, there are various options related to pricing. Which of the following are valid EC2 pricing options? On-Demand Reserved Enterprise Stop2. At AWS, AWS Team wants you to be successful. AWS Support plans are designed to give you the right mix of tools and access to expertise so that you can be successful with AWS while optimizing performance, managing risk, and keeping costs under control. Which of the following support plans features a Full set of checks for AWS Trusted Advisor Best Practice Checks? Developer Enterprise Business3. Which of the following services can you use to monitor and report on performance metrics for your AWS Infrastructure?X-RayCloudTrailCloudWatchCloudFormation4. Which of the following best describes a Resource Group?A resource group is a collection of resources that share one or more tags (or portions of tags.)A resource group is a collection of resources of the same type (EC2, S3, etc.) that share one or more tags or portions of tags.A resource group is a collection of resources of the same type (EC2, S3, etc.) that are deployed in the same Availability Zone.5. ############################### There are more Regions than Edge Locations. Select the best response.FalseTrue6. At AWS, AWS Team wants you to be successful. AWS Support plans are designed to give you the right mix of tools and access to expertise so that you can be successful with AWS while optimizing performance, managing risk, and keeping costs under control. Which of the following support plans features AWS Support API in Programmatic Case Management event? Basic Enterprise Developer Business7. How can you view the distribution of AWS spending in one of your AWS accounts?By contacting the AWS Support teamBy using AWS Cost Explorer8. Can a NAT Gateway be used as the default route for private subnets using global IPv6 addresses?NoYes9. True or False: With Consolidated Billing, the Paying Account can make changes to any of the resources owned by a Linked Account.FalseTrue10. Which EC2 Instance is a flexible pricing model that provides savings of up to 72% on your AWS compute usage?Reserved instancesDiscount instancesSavings Plans11. A company decides to migrate its Oracle database to AWS. Which AWS service can help achieve this without negatively impacting the functionality of the source database?AWS Server Migration ServiceAWS Database Migration Service12. Which of the following would help to ensure that the right security settings are put in place? (Choose two) AWS Trusted Advisor AWS Inspector Concierge Support Team13. In AWS, there are few services that are free to use. Which of the following AWS services are free to use? CloudFormation Auto-Scaling Route53 IAM S3 Elastic Beanstalk VPC14. Which of the following option is incorrect?Amazon Aurora is a configuration management service that provides managed instances of Chef and Puppet.AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors.The main purpose of the AWS CloudWatch is to monitor the utilization of your AWS resources.15. True or False: It's safer to use Access Keys than it is to use IAM roles.FalseTrue16. Select one example of the AWS shared controls.falsetrue17. Which of the following tools can you use to monitor CPU utilization metrics for your EC2 instances?It can only be assigned to a single user, group or role in your accountCloudTrailCloudWatchX-RayCloudFormation18. Which is an immutable way to set policies on a Glacier vault such as retention or enforcing MFA before delete.Identity Access Management PolicyGlacier Data PolicyBucket PolicyVault Security PolicyGlacier Vault Lock19. What is the purpose of an Egress-Only Internet Gateway? (Choose 2) Allows VPC based IPv6 traffic to communicate to the Internet Prevents IPv6 traffic accessing the Internet by utilising Security Groups Allows instances communicating over IPv4 or IPv6 to access the Internet Prevents IPv6 based Internet resources initiating a connection into a VPC20. By default, what is the maximum number of Linked Accounts per Paying Account under Consolidated Billing?501002021. A company has developed an eCommerce web application in AWS. What should they do to ensure that the application has the highest level of availability?Deploy the application across multiple Regions and Availability ZonesDeploy the application across multiple VPC’s and subnets22. Which of the following option is correct regarding AWS Database Migration Service (DMS)?AWS Database Migration Service (DMS) helps enterprise customers plan migration projects by gathering information about their on-premises data centers.AWS Database Migration Service (DMS) helps you migrate databases to AWS easily and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database.AWS Database Migration Service (DMS) is a configuration management service that provides managed instances of Chef and Puppet.AWS Database Migration Service (DMS) is used to migrate your on-premises workloads to AWS.23. Which of the following services allows you to manage your agreements with AWS?AWS Certificate ManagerAWS Artifact24. Which feature allows you to organize your AWS resources according to user-defined tags?AWS OrganizationsResource GroupsIAM Groups25. When can we use Spot Instances in Amazon EC2 pricing?What are the features of Spot instances? It’s easy to launch, scale and manage Spot Instances through AWS services, like EC2 Auto Scaling and ECS, or integrated third parties, like Terraform and Jenkins. You can use Spot Instances for various stateless, fault-tolerant, or flexible applications such as big data, containerized workloads, CI/CD, web servers, high-performance computing (HPC), and test & development workloads. A Spot Instance is an unused EC2 instance that is available for less than the On-Demand price. Spot Instances enable you to request unused EC2 instances at steep discounts It can be used for storing data26. Availability Zones within a Region are connected over low-latency links. Which of the following is a benefit of these links?Achieve global high availabilityMake synchronous replication of your data possible27. What is the AWS service that enables AWS architects to manage infrastructure as code?AWS CloudFormationAmazon SES28. Which of these statements on Direct Connect are False. (Choose 2)Direct Connect connections are highly available.Direct Connect requires BGP routing.Traffic through a Direct Connect connection can reach the internet via AWS Internet Gateway.Direct Connect requires 802.1Q VLAN support.29. In Team A, Many developers are working on two-tier application development. While building that application they have used a MySQL database layer. Which of the following AWS database deployments would provide automated backups to the application?Amazon AuroraAmazon DocumentDB30. At AWS, AWS Team wants you to be successful. AWS Support plans are designed to give you the right mix of tools and access to expertise so that you can be successful with AWS while optimizing performance, managing risk, and keeping costs under control. Which of the following support plans features 1 hour response time in the event of the Production system down? Basic Enterprise Developer Business31. Which of the following option is incorrect?AWS EC2 lets you dive deeper into your cost and usage data to identify trends, pinpoint cost drivers, and detect anomalies.Auto scaling is the feature that automates the process of adding/removing the server capacity (based on demand). Autoscaling allows you to reduce your costs by automatically turning off resources that aren’t in use.AWS Elastic Load Balancer (ELB) is the service that distributes the incoming application traffic to multiple targets that you define.AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount.32. Which of the following option is correct regarding AWS CloudTrail ?AWS CloudTrail provides a preconfigured view, based on fixed filter settings, that displays information about your usage and cost trends.AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.AWS CloudTrail is an online tool that provides real time guidance to help you provision your resources following AWS best practices.AWS CloudTrail is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.33. What does the AWS Snowball provide?Secure transfer of large amounts of data into and out of the AWS Cloud.A direct encrypted connection to Amazon S3.34. Which of the following option is correct regarding Amazon Redshift?Amazon Redshift makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups.Amazon Redshift is a fast, fully managed data warehouse that makes it simple and cost-effective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools.Amazon Redshift is a NoSQL database service.Amazon Redshift is a monitoring service that gives you complete visibility of your cloud resources and applications35. What should you do in order to keep the data on EBS volumes safe?Create EBS snapshotsStore a backup daily in an external drive36. Compute capacity is an important parameter in each cloud-based project. Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Which AWS feature should the company use to ensure that their applications are automatically adding/removing compute capacity to closely match the required demand?AWS Auto ScalingAWS Budgets37. IAM allows you to manage users and their level of access to the AWS Console. What are its key features? Integrates with many different AWS services Provide temporary access for users/devices and services where necessary Allows you to set up your own password rotation policy Identity Federation dedicated hosts Multifactor Authentication Granular Permissions Centralized control of your AWS account Supports PCI DSS Compliance Shared Access to your AWS account38. You want to allow your VPC instances to resolve using on-prem DNS. Can you do this and how/why?Yes, by configuring a DHCP Option Set to issue your on-prem DNS IP to VPC clients.No, VPC resources are prevented from using a DNS located on a non-AWS network for security reasons.No, VPC resources must use the local DNS within their respective subnet for latency reasons.Yes, by setting up a Route 53 Private Zone and configuring NS records for your on-prem DNS.39. ###############################An AMI is template that contains a software configuration such as an operating system, application server, and applications. Choose the best response.TrueFalse40. At AWS, AWS Team wants you to be successful. AWS Support plans are designed to give you the right mix of tools and access to expertise so that you can be successful with AWS while optimizing performance, managing risk, and keeping costs under control. Which of the following support plans features a < 4-hour response time in the event of an impaired production system?DeveloperBusinessBasic41. At AWS, AWS Team wants you to be successful. AWS Support plans are designed to give you the right mix of tools and access to expertise so that you can be successful with AWS while optimizing performance, managing risk, and keeping costs under control. Which of the following support plans features 7 Core checks for AWS Trusted Advisor Best Practice Checks?EnterpriseBusinessDeveloper42. Which of the following services can you use to monitor all API activity in your AWS account?CloudWatchCloudFormationIAMCloudTrail43. Alex is using AWS RDS in his project. He has to analyze purchasing options to enable optimization ways for the project. What are the purchasing options to optimize costs respective to AWS RDS? Clock hours of server time Standby time Storage capacity On-Demand Instances Reserved Instances44. What is Server-Side Encryption ?Server-side encryption is the encryption of data at its destination by the application or service that receives it. Amazon S3 encrypts your data at the object level as it writes it to disks in its data centers and decrypts it for you when you access it.45. Which of the following option is incorrect?Amazon EMR is used to run and scale Apache Spark, Hadoop, HBase, Presto, Hive, and other Big Data Frameworks.Amazon SES refers to the Amazon Simple Email service.AWS EC2 is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.AWS CloudFormation is a service that helps you model and set up your Amazon Web Services resources so that you can spend less time managing those resources and more time focusing on your applications that run in AWS.46. Which of the following DNS record types does Route 53 not support?DNSKEYCNAMESPFAAAA47. Alex is using RDS in his project. He has to analyze RDS Billing from the project perspective. Which of the following are criteria affecting his billing for RDS? Data transfer in and out of your DB instance from or to the internet and other AWS Regions. Total number of storage I/O requests that you have made in a billing cycle, for Amazon RDS magnetic storage only. Standby time Clock hours of server time Storage capacity that you have provisioned to your DB instance. If you scale your provisioned storage capacity within the month, your bill is pro-rated.48. Many companies are using cloud services in their projects. If you are using AWS then which of the following is not a fundamental AWS charge?Data-inStorageCompute49. ###############################Which parameter act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level.S3Network ACLsEC250. Which of the following support plans features access to AWS Support during business hours via email?DeveloperEnterpriseBasic51. One of the most important AWS best practices to follow is the cloud architecture principle of elasticity. How does this principle improve your architecture’s design?By automatically provisioning the required AWS resources based on changes in demandBy automatically scaling your AWS resources using the Elastic Load Balancer52. Standard Reserved Instances can be moved between regions. Is it true or false?TrueFalse53. In Which EC2 Instance, will you pay for computing capacity by the hour or second with no long-term commitments?Reserved instancesDiscount instancesOn-demand instances54. Which of the following services can be used for analysis and debugging application?AWS OpsWorksAWS X-Ray55. The AWS Web Application Firewall can go down to which of the following OSI layers?67456. AWS encourages its customers to decouple their applications in AWS, what is the main benefit of decoupling?Allows you to deal with your application as a single unit.Reduce inter-dependencies, so failures do not impact other components of the application.57. What do you gain from setting up consolidated billing for five different AWS accounts under another master account?Each AWS account gets six times the free-tier services capacity.Each AWS account gets volume discounts.58. You have noticed that several critical Amazon EC2 instances have been terminated. Which of the following AWS services would help you determine who took this action?AWS CloudTrailAmazon EC2 Usage report59. ###############################Which of the following AWS term are not used for physically distinct groups of data centers? Select the best response. Availability Zone Edge Location Region60. Which of the following data formats does Amazon Athena support? (Choose 3) Apache Parquet JSON XML Apache ORC61. As part of the Enterprise support plan, which of the following could provide them with architectural and scaling guidance?AWS Support APIInfrastructure Event Management62. ###############################Alex has created an application to run his business. Which service would help to support his web application to offload serving static assets and store user uploaded images? Select the best response.Amazon EC2Amazon S3Amazon EBS63. Select TWO examples of the AWS shared controls. Configuration Management. VPC Management. Patch Management.64. ############################### Consider you have created Amazon EC2 instance.To find out the private and public IP addresses for an Amazon EC2 instance,you retrieve the instance metadata. http://169.254.169.254/latest/meta-data/.Is it true or false?FalseTrue65. Which of the following tools can be used to determine who provisioned an EC2 instance and what time they made the API call?IAMCloudFormationCloudTrailCloudWatch66. You work as an on-premises MySQL DBA. The work of database configuration, backups, patching, and DR can be time-consuming and repetitive. Your company has decided to migrate to the AWS Cloud. Which of the following can help save time on the regular database tasks so you can focus on giving users the fast performance and high availability that they need?Amazon RDSAmazon Redshift67. Your Chief Security Officer has asked you to monitor network requests and API calls coming from a set of malicious IP addresses. She would also like to receive a notification any time such activity is detected and create an automated work flow to quarantine any EC2 instances which is compromised. Which services would you recommend?Use GuardDuty to detect threats and compromised instances, use CloudWatch Events to trigger SNS notifications and trigger a Lambda function to isolate any compromised EC2 instancesUse Trusted Advisor to report on threats and compromised instances, use CloudTrail and CloudWatch Events to trigger a Lambda function to terminate any compromised EC2 instances and send an SNS notification to alert the Security team via emailUse Inspector to detect exposure to malicious IP address ranges, use AWS WAF to deny malicious requests and use cloud formation and auto scaling groups to re-launch compromised instances68. True or False: Security in the cloud is the responsibility of AWS.TrueFalse69. You are architecting a complex application landscape that values fast disk I/O for EC2 instances above everything else. Which storage option would you choose?EBSEFSIOPSS3Instance Store Enter your email ID details to get QUIZ Result Author: CloudVikas
