AWS Cloud Concepts Quiz

Questions and Answers

Which AWS feature allows users to create a dedicated connection between their on-premises data center and AWS?

VPC peering

Amazon Route 53

AWS VPN

AWS Direct Connect (correct)

What is classified as a physical location within the AWS global infrastructure?

AWS Organizations

Amazon Connect

AWS DataSync

AWS Region (correct)

Which pillar of the AWS Well-Architected Framework focuses on risk assessment and asset protection?

Performance efficiency

Operational excellence

Reliability

Security (correct)

What role does an internet gateway play within a VPC?

To allow communication between the VPC and the internet

What best practice is a company following when migrating to AWS and dividing a monolithic application into microservices?

Implement loosely coupled dependencies.

Which AWS service helps audit password and access key rotation for compliance?

IAM credential report

Which of the following is NOT a benefit of using Reserved Instances?

Flexibility to change instance types

What is the primary function of Spot Fleet in AWS?

To manage a fleet of Spot Instances across multiple instance types

Which AWS service is primarily known for providing highly durable object storage?

Amazon S3

Which responsibility remains with the customer when hosting databases on Amazon EC2 instances?

Operating system installations

What is a key advantage of migrating to the AWS Cloud?

Adopting a pay-as-you-go payment model

Which AWS service is designed for hybrid cloud storage solutions?

AWS Storage Gateway

Which tool can a user utilize to create cost estimates for AWS usage?

AWS Pricing Calculator

Which service should developers use to integrate AWS features into applications?

AWS Software Development Kit

Which design principle is recommended by the AWS Well-Architected Framework?

Learning from operational failures

Which option indicates that an organization does not need to manage physical infrastructure when using AWS?

Ability to focus on application development

What is the concept of granting access only to the resources needed to perform a task called?

Least privilege access

Which AWS service allows you to set up a firewall for controlling traffic in an Amazon VPC subnet?

Network ACL

Which AWS service enables companies to operate a data warehouse without managing its infrastructure?

Amazon Redshift Serverless

How does AWS Cloud computing help businesses in cost reduction?

AWS allows adjusting capacity according to demand.

Which AWS service can grant users in one account access to resources in another account?

IAM role

What is one task that AWS is responsible for when services are used?

Maintenance of physical and environmental controls

What is essential in implementing infrastructure as code for automation in deployment?

Use of template files for resource definitions

What defines the method for ensuring users have only the permissions necessary to perform their tasks?

Least privilege principle

What is the primary purpose of AWS Global Accelerator?

To enhance performance by routing traffic through AWS infrastructure.

Which AWS service is specifically designed for sending messages between applications?

Amazon Simple Queue Service (Amazon SQS)

What advantage does consolidated billing offer to AWS customers?

Volume discounts based on multiple account usage.

Which resource is recommended for accessing compliance-related information in AWS?

AWS Artifact

How can a user review all Amazon S3 buckets with ACLs and bucket policies?

Through Access Analyzer for S3.

Which AWS service is best for delivering applications closer to end users?

Amazon CloudFront

What is a key feature of AWS Direct Connect?

It provides a dedicated, high-speed connection to AWS services.

Which AWS service can help maintain the security of environments in the cloud?

AWS WAF

Which actions are AWS responsible for in the shared responsibility model? (Choose two.)

Patching the operating system on Amazon RDS instances

What is the most cost-effective Amazon S3 storage class for data that is infrequently accessed but needs retrieval within 12 hours?

S3 Glacier Flexible Retrieval

Which resource can identify services used by a user within a specified date range?

AWS Identity and Access Management Access Analyzer

What AWS service allows a company to engage third-party consultants for maintaining its AWS environment?

AWS Partner Network (APN)

Which tool can a company use to create Amazon QuickSight dashboards with its billing data weekly?

AWS Cost and Usage Report

Which service enables EC2 instances to automatically adjust to varying workloads?

Amazon EC2 Auto Scaling

Which storage solution can replace on-premises storage with a cloud-based but locally cached option?

AWS Storage Gateway

What is the most efficient AWS service for automating the management and rotation of credentials?

AWS Secrets Manager

When planning to store backups in AWS, which feature should be utilized for local caching of cloud storage?

AWS Storage Gateway

For data that needs immediate access but is infrequently used, which Amazon S3 class should be chosen?

S3 Standard-IA

Which service is designed to identify and classify sensitive data in AWS?

Amazon Macie

Which actions are recommended for maintaining security as an AWS account root user? (Choose two)

Create an IAM user with administrator privileges for daily tasks

To ensure high availability with a quick recovery time for an Amazon RDS DB instance, which solution should be implemented?

Modify the DB instance to be a Multi-AZ deployment

For a company planning to run an application on EC2 instances continuously for 1 year, which purchasing option is the most cost-effective?

Reserved Instances

Which AWS service provides a secure method for managing encryption keys?

AWS Key Management Service (AWS KMS)

Which AWS security service continuously monitors for malicious activity and unauthorized behavior?

Amazon GuardDuty

Study Notes

AWS Certified Cloud Practitioner (CLF-C02) Exam Q&A

• Question 1: A company plans to use an Amazon Snowball Edge device to transfer files to the AWS Cloud. Which activities related to a Snowball Edge device are available to the company at no cost?

  • Use of the Snowball Edge appliance for a 10-day period

• Question 2: A company has deployed applications on Amazon EC2 instances. The company needs to assess application vulnerabilities and must identify infrastructure deployments that do not meet best practices.

  • Use Amazon Inspector

• Question 3: A company has a centralized group of users needing large file storage that exceeds their on-premises space. The company wants to extend its file storage capabilities for this group while retaining performance to share content locally.

  • Configure and deploy an AWS Storage Gateway file gateway, connect each user's workstation to the file gateway.

• Question 4: According to security best practices, how should an Amazon EC2 instance given access to an Amazon S3 bucket?

  • Have the EC2 instance assume a role to obtain the privileges to upload the file.

• Question 5: Which option is a customer responsibility when using Amazon DynamoDB under the AWS Shared Responsibility Model?

  • Access to DynamoDB tables

• Question 6: Which option is a perspective that includes foundational capabilities of the AWS Cloud Adoption Framework (AWS CAF)?

  • Governance

• Question 7: A company is running and managing its own Docker environment on Amazon EC2 instances. The company wants an alternative to help manage cluster size, scheduling, and environment maintenance.

  • Use AWS Fargate

• Question 8: A company wants to run a NoSQL database on Amazon EC2 instances.

  • Update the guest operating system of the EC2 instances.

• Question 9: Which AWS services or tools can identify rightsizing opportunities for Amazon EC2 instances? (Choose two.)

  • AWS Cost Explorer
  • AWS Compute Optimizer

• Question 10: Which of the following are benefits of using AWS Trusted Advisor? (Choose two.)

  • Detecting underutilized resources to save costs
  • Improving security by proactively monitoring the AWS environment

• Question 11: Which of the following is an advantage that users experience when they move on-premises workloads to the AWS Cloud?

  • Elimination of expenses for running and maintaining data centers

• Question 12: A company wants to manage deployed IT services and govern its infrastructure as code (IaC) templates.

  • AWS Service Catalog

• Question 13: Which AWS service or tool helps users visualize, understand, and manage spending and usage over time?

  • AWS Cost Explorer

• Question 14: A company is using a central data platform. The company wants to discover, transform, and visualize the data.

  • AWS Glue
  • Amazon QuickSight

• Question 15: A global company wants to migrate its third-party applications. The company wants help from a global team of experts to complete the migration faster and more reliably.

  • AWS Professional Services

• Question 16: An e-learning platform needs to run an application for 2 months each year. The application will be deployed on Amazon EC2 instances. Any application downtime must be avoided.

  • Use On-Demand Instances

• Question 17: A developer wants to deploy an application quickly without manually creating resources.

  • AWS Elastic Beanstalk

• Question 18: A company is storing sensitive customer data in an Amazon S3 bucket. The company wants to protect the data from accidental deletion or overwriting.

  • S3 Versioning

• Question 19: Which AWS service provides the ability to manage infrastructure as code?

  • AWS CloudFormation

• Question 20: Online gaming company wants to run Amazon EC2 instances for 1 year. The web traffic is consistent and any increases in traffic are predictable.

  • Reserved Instances

• Question 21: Which AWS service or feature allows a user to establish a dedicated network connection between a company's on-premises data center and the AWS Cloud?

  • AWS Direct Connect

• Question 22: Which option is a physical location of the AWS global infrastructure?

  • AWS Region

• Question 23: A company wants to protect its AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks.

  • Security

• Question 24: What is the purpose of having an internet gateway within a VPC?

  • To allow communication between the VPC and the internet

• Question 25: A company is running a monolithic on-premises application. The company has a plan to migrate the application.

  • Implement loosely coupled dependencies

• Question 26: A company has an AWS account. The company wants to audit its password and access key rotation details for compliance purposes.

  • AWS Audit Manager

• Question 27: A company wants to receive a notification when a specific AWS cost threshold is reached.

  • AWS Budgets
  • Cost Explorer

• Question 28: Which AWS service or resource provides answers to the most frequently asked security-related questions that AWS receives from its users?

  • AWS Knowledge Center

• Question 29: Which tasks are customer responsibilities, according to the AWS shared responsibility model? (Choose two.)

  • Configure the AWS provided security group firewall
  • Classify company assets in the AWS Cloud

• Question 30: Which of the following are pillars of the AWS Well-Architected Framework? (Choose two.)

  • Availability
  • Reliability

• Question 31: Which AWS service or feature is used to send text and email messages?

  • Amazon Simple Notification Service (Amazon SNS)
  • Amazon Simple Email Service (Amazon SES)

• Question 32: A user needs programmatic access to AWS resources through the AWS CLI or the AWS API.

  • Access Keys

• Question 33: A company runs simulations on AWS Batch. Each simulation is stateless, fault-tolerant, and runs for up to 3 hours.

  • Spot Instances

• Question 34: What does the concept of agility mean in AWS Cloud computing? (Choose two.)

  • The speed at which AWS resources are implemented
  • The ability to experiment quickly

• Question 35: A company needs to block SQL injection attacks.

  • AWS WAF

• Question 36: Which AWS service or feature identifies whether an Amazon S3 bucket or an IAM role has been shared with an external entity?

  • AWS IAM Access Analyzer

• Question 37: A cloud practitioner needs to obtain AWS compliance reports before migrating an environment to the AWS Cloud.

  • Download reports from AWS Artifact.

• Question 38: An e-commerce company has migrated its infrastructure.

  • Cost of application software licenses

• Question 39: A company wants to manage its AWS infrastructure.

  • AWS Systems Manager

• Question 40: Which of the following are benefits of using AWS Trusted Advisor? (Choose two.)

  • Detecting underutilized resources to save costs
  • Improving security

• Question 41: Which service enables customers to audit API calls in their AWS accounts?

  • AWS CloudTrail

• Question 42: What is a customer responsibility when using AWS Lambda?

  • Management of the code within the Lambda function

• Question 43: A company has 5 TB of data. The company wants to run queries occasionally.

  • Amazon Athena

• Question 44: Which AWS service can be used at no additional cost?

  • AWS Cost Explorer and more in the same format as above.

Description

Test your knowledge of Amazon Web Services with this quiz focused on cloud concepts, features, and best practices. Covering topics such as VPCs, the Well-Architected Framework, and hybrid storage solutions, this quiz challenges you to assess your understanding of AWS capabilities and services.