AWS Q&As PDF

1. A company plans to use an Amazon Snowball Edge device to transfer files to the AWS Cloud. Which activities related to a Snowball Edge device are available to the company at no cost? a. Use of the Snowball Edge appliance for a 10-day period b. The transfer of data out of Amazon S3 and to the Snowball Edge appliance c. The transfer of data from the Snowball Edge appliance into Amazon S3 d. Daily use of the Snowball Edge appliance after 10 days 2. A company has deployed applications on Amazon EC2 instances. The company needs to assess application vulnerabilities and must identify infrastructure deployments that do not meet best practices. Which AWS service can the company use to meet these requirements? a. AWS Trusted Advisor b. Amazon Inspector c. AWS Config d. Amazon GuardDuty 3. A company has a centralized group of users with large file storage requirements that have exceeded the space available on-premises. The company wants to extend its file storage capabilities for this group while retaining the performance benefit of sharing content locally. What is the MOST operationally efficient AWS solution for this scenario? a. Create an Amazon S3 bucket for each user. Mount each bucket by using an S3 file system mounting utility. b. Configure and deploy an AWS Storage Gateway file gateway. Connect each user's workstation to the file gateway. c. Move each user's working environment to Amazon WorkSpaces. Set up an Amazon WorkDocs account for each user. d. Deploy an Amazon EC2 instance and attach an Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS volume. Share the EBS volume directly with the users. 4. According to security best practices, how should an Amazon EC2 instance be given access to an Amazon S3 bucket? a. Hard code an IAM user's secret key and access key directly in the application and upload the file. b. Store the IAM user's secret key and access key in a text file on the EC2 instance, read the keys, then upload the file. c. Have the EC2 instance assume a role to obtain the privileges to upload the file. d. Modify the S3 bucket policy so that any service can upload to it at any time. Answer: C 5. Which option is a customer responsibility when using Amazon DynamoDB under the AWS Shared Responsibility Model? a. Physical security of DynamoDB b. Patching of DynamoDB c. Access to DynamoDB tables d. Encryption of data at rest in DynamoDB 6. Which option is a perspective that includes foundational capabilities of the AWS Cloud Adoption Framework (AWS CAF)? a. Sustainability b. Performance efficiency c. Governance d. Reliability 7. A company is running and managing its own Docker environment on Amazon EC2 instances. The company wants an alternative to help manage cluster size, scheduling, and environment maintenance. Which AWS service meets these requirements? a. S Lambda b. Amazon RDS c. AWS Fargate d. Amazon Athena 8. A company wants to run a NoSQL database on Amazon EC2 instances. Which task is the responsibility of AWS in this scenario? a. Update the guest operating system of the EC2 instances b. Maintain high availability at the database layer c. Patch the physical infrastructure that hosts the EC2 instances d. Configure the security group firewall 9. Which AWS services or tools can identify rightsizing opportunities for Amazon EC2 instances? (Choose two.) a. AWS Cost Explorer b. AWS Billing Conductor c. Amazon CodeGuru d. Amazon SageMaker e. AWS Compute Optimizer 10. Which of the following are benefits of using AWS Trusted Advisor? (Choose two.) a. Providing high-performance container orchestration b. Creating and rotating encryption keys c. Detecting underutilized resources to save costs d. Improving security by proactively monitoring the AWS environment e. Implementing enforced tagging across AWS resources 11. Which of the following is an advantage that users experience when they move on-premises workloads to the AWS Cloud? a. Elimination of expenses for running and maintaining data centers b. Price discounts that are identical to discounts from hardware providers c. Distribution of all operational controls to AWS d. Elimination of operational expenses 12. A company wants to manage deployed IT services and govern its infrastructure as code (IaC) templates. Which AWS service will meet this requirement? a. AWS Resource Explorer b. AWS Service Catalog c. AWS Organizations d. AWS Systems Manager 13. Which AWS service or tool helps users visualize, understand, and manage spending and usage over time? a. AWS Organizations b. AWS Pricing Calculator c. AWS Cost Explorer d. AWS Service Catalog 14. A company is using a central data platform to manage multiple types of data for its customers. The company wants to use AWS services to discover, transform, and visualize the data. Which combination of AWS services should the company use to meet these requirements? (Choose two.) a. AWS Glue b. Amazon Elastic File System (Amazon EFS) c. Amazon Redshift d. Amazon QuickSight e. Amazon Quantum Ledger Database (Amazon QLDB) 15. A global company wants to migrate its third-party applications to the AWS Cloud. The company wants help from a global team of experts to complete the migration faster and more reliably in accordance with AWS internal best practices. Which AWS service or resource will meet these requirements? a. AWS Support b. AWS Professional Services c. AWS Launch Wizard d. AWS Managed Services (AMS) 16. An e-learning platform needs to run an application for 2 months each year. The application will be deployed on Amazon EC2 instances. Any application downtime during those 2 months must be avoided. Which EC2 purchasing option will meet these requirements MOST cost-effectively? a. Rerved Instances b. Dedicated Hosts c. Spot Instances d. On-Demand Instances 17. A developer wants to deploy an application quickly on AWS without manually creating the required resources. Which AWS service will meet these requirements? a. Amazon EC2 b. AWS Elastic Beanstalk c. AWS CodeBuild d. Amazon Personalize 18. A company is storing sensitive customer data in an Amazon S3 bucket. The company wants to protect the data from accidental deletion or overwriting. Which S3 feature should the company use to meet these requirements? a. S3 Lifecycle rules b. S3 Versioning c. S3 bucket policies d. S3 server-side encryption 19. Which AWS service provides the ability to manage infrastructure as code? a. AWS CodePipeline b. AWS CodeDeploy c. AWS Direct Connect d. AWS CloudFormation 20. Which AWS service or feature allows a user to establish a dedicated network connection between a company’s on- premises data center and the AWS Cloud? a. AWS Direct Connect b. VPC peering c. AWS VPN d. Amazon Route 53 21. Which option is a physical location of the AWS global infrastructure? a. AWS DataSync b. AWS Region c. Amazon Connect d. AWS Organizations 22. A company wants to prioritize AWS Cloud infrastructure, systems, and assets when performing risk assessment and mitigation tasks. Which pillar of the AWS Well-Architected Framework is supported by these goals? a. Reliability b. Security c. Operation excellence d. Performance efficiency 23. What is the purpose of having an internet gateway within a VPC? a. To force a VPN connection to the VPC b. To allow communication between the VPC and the internet c. To improve bandwidth consumption on internet traffic d. To increase network isolation from the internet across Amazon EC2 instances 24. A company is running a monolithic on-premises application that does not scale and is difficult to maintain. The company has a plan to migrate the application to AWS and divide the application into microservices. Which best practice of the AWS Well-Architected Framework is the company following with this plan? a. Integrate functional testing as part of AWS deployment b. Use automation to deploy changes c. Deploy the application to multiple locations d. Implement loosely coupled dependencies 25. A company has an AWS account. The company wants to audit its password and access key rotation details for compliance purposes. Which AWS service or tool will meet this requirement? a. IAM Access Analyzer b. AWS Artifact c. IAM credential report d. AWS Audit Manager 26. A company wants to receive a notification when a specific AWS cost threshold is reached. Which AWS services or tools can the company use to meet this requirement? (Choose two) a. Amazon Simple Queue Service (Amazon SQS) b. AWS Budgets c. Cost Explorer d. Amazon CloudWatch 27. Which AWS service or resource provides answers to the most frequently asked technical questions that AWS receives from its users? a. AWS Artifact b. Amazon Connect c. AWS Chatbot d. AWS Knowledge Center 28. Which tasks are customer responsibilities, according to the AWS shared responsibility model? (Choose two.) a. Configure the AWS-provided security group firewall b. Deploy compute assets in the AWS Cloud c. Determine which Availability Zones to use for Amazon S3 buckets d. Patch or upgrade Amazon DynamoDB e. Select an instance type for an AWS Lambda function 29. Which of the following are pillars of the AWS Well-Architected Framework? (Choose two.) a. Availability b. Reliability c. Scalability d. Responsive design e. Operational excellence 30. Which AWS service or feature is used to send both short and email messages from distributed applications? a. Amazon Simple Notification Service (Amazon SNS) b. Amazon Simple Email Service (Amazon SES) c. Amazon CloudWatch alarms d. Amazon Simple Queue Service (Amazon SQS) 31. A company runs thousands of simultaneous simulations using AWS Batch. Each simulation is stateless, is fault tolerant, and runs for up to 3 hours. Which pricing model enables the company to optimize costs and meet these requirements? a. Reserved Instances b. Spot Instances c. On-Demand Instances d. Dedicated Instances 32. A user needs programmatic access to AWS resources through the AWS CLI of the AWS API. Which option will provide the user with appropriate access? a. Amazon Inspector b. Access keys c. SSH public keys d. AWS Key Management (AWS KMS) keys 33. What does the concept of agility mean in AWS Cloud computing? (Choose two.) a. The speed at which AWS resources are implemented b. The speed at which AWS creates new AWS Regions c. The ability to experiment quickly d. The elimination of wasted capacity e. The low cost of entry into cloud computing 34. A company needs to block SQL injection attacks. Which AWS service or feature can meet this requirement? a. AWS WAF b. AWS Shield c. Network ACLs d. Security groups 35. Which AWS service or feature identifies whether an Amazon S3 bucket or an IAM role has been shared with an external entity? a. AWS Service Catalog b. AWS Systems Manager c. AWS IAM Access Analyzer d. AWS Organizations 36. A cloud practitioner needs to obtain AWS compliance reports before migrating an environment to the AWS Cloud. How can these reports be generated? a. Contact the AWS Compliance team. b. Download the reports from AWS Artifact. c. Open a case with AWS Support. d. Generate the reports with Amazon Macie. 37. An eCommerce company has migrated its IT infrastructure from an on-premises data center to the AWS Cloud. Which cost is the company’s direct responsibility? a. Cost of application software licenses b. Cost of the hardware infrastructure on AWS c. Cost of power for the AWS servers d. Cost of physical security for the AWS data center 38. A company is setting up AWS Identity and Access Management (IAM) on an AWS account. Which recommendation complies with IAM security best practices? a. Use the account root user access keys for administrative tasks. b. Grant broad permissions so that all company employees can access the resources they need. c. Turn on multi-factor authentication (MFA) for added security during the login process. d. Avoid rotating credentials to prevent issues in production applications. 39. Elasticity in the AWS Cloud refers to which of the following? (Choose two.) a. How quickly an Amazon EC2 instance can be restarted b. The ability to rightsize resources as demand shifts c. The maximum amount of RAM an Amazon EC2 instance can use d. The pay-as-you-go billing model e. How easily resources can be procured when they are needed 40. Which service enables customers to audit API calls in their AWS accounts? a. AWS CloudTrail b. AWS Trusted Advisor c. Amazon Inspector d. AWS X-Ray 41. What is a customer responsibility when using AWS Lambda according to the AWS shared responsibility model? a. Managing the code within the Lambda function b. Confirming that the hardware is working in the data center c. Patching the operating system d. Shutting down Lambda functions when they are no longer in use 42. A company has 5 TB of data stored in Amazon S3. The company plans to occasionally run queries on the data for analysis. Which AWS service should the company use to run these queries in the MOST cost-effective manner? a. Amazon Redshift b. Amazon Athena c. Amazon Kinesis d. Amazon RDS 43. Which AWS service can be used at no additional cost? a. Amazon SageMaker b. AWS Config c. AWS Organizations d. Amazon CloudWatch 44. Which AWS Cloud Adoption Framework (AWS CAF) capability belongs to the people perspective? a. Data architecture b. Event management c. Cloud fluency d. Strategic partnership 45. A company wants to make an upfront commitment for continued use of its production Amazon EC2 instances in exchange for a reduced overall cost. Which pricing options meet these requirements with the LOWEST cost? (Choose two.) a. Spot Instances b. Reserved Instances c. Savings Plans d. Dedicated Hosts 46. A company wants to migrate its on-premises relational databases to the AWS Cloud. The company wants to use infrastructure as close to its current geographical location as possible. Which AWS service or resource should the company use to select its Amazon RDS deployment area? a. Amazon Connect b. AWS Wavelength c. AWS Regions d. AWS Direct Connect 47. A company is exploring the use of the AWS Cloud and needs to create a cost estimate for a project before the infrastructure is provisioned. Which AWS service or feature can be used to estimate costs before deployment? a. AWS Free Tier b. AWS Pricing Calculator c. AWS Billing and Cost Management d. AWS Cost and Usage Report 48. A company is building an application that needs to deliver images and videos globally with minimal latency. Which approach can the company use to accomplish this in a cost-effective manner? a. Deliver the content through Amazon CloudFront. b. Store the content on Amazon S3 and enable S3 cross-region replication. c. Implement a VPN across multiple AWS Regions. d. Deliver the content through AWS PrivateLink. 49. Which of the following is a software development framework that a company can use to define cloud resources as code and provision the resources through AWS CloudFormation? a. AWS CLI b. AWS Developer Center c. AWS Cloud Development Kit (AWS CDK) d. AWS CodeStar 50. A company is developing an application that uses multiple AWS services. The application needs to use temporary, limited-privilege credentials for authentication with other AWS APIs. Which AWS service or feature should the company use to meet these authentication requirements? a. Amazon API Gateway b. IAM users c. AWS Security Token Service (AWS STS) d. IAM instance profiles 51. Which AWS service is a cloud security posture management (CSPM) service that aggregates alerts from various AWS services and partner products in a standardized format? a. AWS Security Hub b. AWS Trusted Advisor c. Amazon EventBridge d. Amazon GuardDuty 52. Which AWS service is always provided at no charge? a. Amazon S3 b. AWS Identity and Access Management (IAM) c. Elastic Load Balancers d. AWS WAF 53. To reduce costs, a company is planning to migrate a NoSQL database to AWS. Which AWS service is fully managed and can automatically scale throughput capacity to meet database workload demands? a. Amazon Redshift b. Amazon Aurora c. Amazon DynamoDB d. Amazon RDS 54. A company is using Amazon DynamoDB. Which task is the company’s responsibility, according to the AWS shared responsibility model? a. Patch the operating system. b. Provision hosts. c. Manage database access permissions. d. Secure the operating system. 55. A company has a test AWS environment. The company is planning on testing an application within AWS. The application testing can be interrupted and does not need to run continuously. Which Amazon EC2 purchasing option will meet these requirements most cost-effectively? a. On-Demand Instances b. Dedicated Instances c. Spot Instances d. Reserved Instances 56. Which AWS service gives users the ability to discover and protect sensitive data that is stored in Amazon S3 buckets? a. Amazon Macie b. Amazon Detective c. Amazon GuardDuty d. AWS IAM Access Analyzer 57. Which of the following services can be used to block network traffic to an instance? (Choose two.) a. Security groups b. Amazon Virtual Private Cloud (Amazon VPC) flow logs c. Network ACLs d. Amazon CloudWatch e. AWS CloudTrail 58. Which AWS service can identify when an Amazon EC2 instance was terminated? a. AWS Identity and Access Management (IAM) b. AWS CloudTrail c. AWS Compute Optimizer d. Amazon EventBridge 59. Which of the following is a fully managed MySQL-compatible database? a. Amazon S3 b. Amazon DynamoDB c. Amazon Redshift d. Amazon Aurora 60. Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co-location environments, or on-premises facilities? a. AWS Snowmobile b. AWS Local Zones c. AWS Outposts d. AWS Fargate 61. Which AWS service can run a managed PostgreSQL database that provides online transaction processing (OLTP)? a. Amazon DynamoDB b. Amazon Athena c. Amazon RDS d. Amazon EMR 62. A company wants to provide managed Windows virtual desktops and applications to its remote employees over secure network connections. Which AWS services can the company use to meet these requirements? (Choose two.) a. Amazon Connect b. Amazon AppStream 2.0 c. Amazon WorkSpaces d. AWS Site-to-Site VPN e. Amazon Elastic Container Service (Amazon ECS) 63. A company wants to monitor for misconfigured security groups that are allowing unrestricted access to specific ports. Which AWS service will meet this requirement? a. AWS Trusted Advisor b. Amazon CloudWatch c. Amazon GuardDuty d. AWS Health Dashboard 64. Which AWS service is a key-value database that provides sub-millisecond latency on a large scale? a. Amazon DynamoDB b. Amazon Aurora c. Amazon DocumentDB (with MongoDB compatibility) d. Amazon Neptune 65. A company is deploying a machine learning (ML) research project that will require a lot of compute power over several months. The ML processing jobs do not need to run at specific times. Which Amazon EC2 instance purchasing option will meet these requirements at the lowest cost? a. On-Demand Instances b. Spot Instances c. Reserved Instances d. Dedicated Instances 66. Which AWS services or features provide disaster recovery solutions for Amazon EC2 instances? (Choose two.) a. EC2 Reserved Instances b. EC2 Amazon Machine Images (AMIs) c. Amazon Elastic Block Store (Amazon EBS) snapshots d. AWS Shield e. Amazon GuardDuty 67. Which AWS service provides command line access to AWS tools and resources directly from a web browser? a. AWS CloudHSM b. AWS CloudShell c. Amazon WorkSpaces d. AWS Cloud Map 68. A network engineer needs to build a hybrid cloud architecture connecting on-premises networks to the AWS Cloud using AWS Direct Connect. The company has a few VPCs in a single AWS Region and expects to increase the number of VPCs to hundreds over time. Which AWS service or feature should the engineer use to simplify and scale this connectivity as the VPCs increase in number? a. VPC endpoints b. AWS Transit Gateway c. Amazon Route 53 d. AWS Secrets Manager 69. A company wants to assess its operational readiness. It also wants to identify and mitigate operational risks ahead of a new product launch. Which AWS Support plan offers guidance and support for this kind of event at no additional charge? a. AWS Business Support b. AWS Basic Support c. AWS Developer Support d. AWS Enterprise Support 70. A company wants to establish a schedule for rotating database user credentials. Which AWS service will support this requirement with the LEAST amount of operational overhead? a. AWS Systems Manager b. AWS Secrets Manager c. AWS License Manager d. AWS Managed Services 71. Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload? a. Amazon Route 53 b. Amazon Macie c. AWS Direct Connect d. AWS PrivateLink 72. Which AWS service is used to provide encryption for Amazon EBS? a. AWS Certificate Manager b. AWS Systems Manager c. AWS KMS d. AWS Config 73. A company wants to manage its AWS Cloud resources through a web interface. Which AWS service will meet this requirement? a. AWS Management Console b. AWS CLI c. AWS SDK d. AWS Cloud9 74. Which of the following are advantages of the AWS Cloud? (Choose two.) a. Trade variable expenses for capital expenses b. High economies of scale c. Launch globally in minutes d. Focus on managing hardware infrastructure e. Overprovision to ensure capacity 75. Which AWS Cloud benefit is shown by an architecture’s ability to withstand failures with minimal downtime? a. Agility b. Elasticity c. Scalability d. High availability 76. A developer needs to maintain a development environment infrastructure and a production environment infrastructure in a repeatable fashion. Which AWS service should the developer use to meet these requirements? a. AWS Ground Station b. AWS Shield c. AWS IoT Device Defender d. AWS CloudFormation 77. Which task is the customer's responsibility, according to the AWS shared responsibility model? a. Maintain the security of the AWS Cloud b. Configure firewalls and networks c. Patch the operating system of Amazon RDS instances d. Implement physical and environmental controls 78. Which AWS service helps deliver highly available applications with fast failover for multi-Region and Multi-AZ architectures? a. AWS WAF b. AWS Global Accelerator c. AWS Shield d. AWS Direct Connect 79. A company has a set of eCommerce applications. The applications need to send messages to each other. Which AWS service meets this requirement? a. AWS Auto Scaling b. Elastic Load Balancing c. Amazon Simple Queue Service (Amazon SQS) d. Amazon Kinesis Data Streams 80. What are the benefits of consolidated billing for AWS Cloud services? (Choose two.) a. Volume discounts b. A minimal additional fee for use c. One bill for multiple accounts d. Installment payment options e. Custom cost and usage budget creation 81. A user wants to review all Amazon S3 buckets with ACLs and S3 bucket policies in the S3 console. Which AWS service or resource will meet this requirement? a. S3 Multi-Region Access Points b. S3 Storage Lens c. AWS IAM Identity Center (AWS Single Sign-On) d. Access Analyzer for S3 82. What is the best resource for a user to find compliance-related information and reports about AWS? a. AWS Artifact b. AWS Marketplace c. Amazon Inspector d. AWS Support 83. Which AWS service enables companies to deploy an application close to end users? a. Amazon CloudFront b. AWS Auto Scaling c. AWS AppSync d. Amazon Route 53 84. Which AWS service or feature improves network performance by sending traffic through the AWS worldwide network infrastructure? a. Route table b. AWS Transit Gateway c. AWS Global Accelerator d. Amazon VPC 85. Which AWS service provides highly durable object storage? a. Amazon S3 b. Amazon Elastic File System (Amazon EFS) c. Amazon Elastic Block Store (Amazon EBS) d. Amazon FSx 86. Which responsibility belongs to AWS when a company hosts its databases on Amazon EC2 instances? a. Database backups b. Database software patches c. Operating system patches d. Operating system installations 87. Which of the following are advantages of moving to the AWS Cloud? (Choose two.) a. The ability to turn over the responsibility for all security to AWS. b. The ability to use the pay-as-you-go model. c. The ability to have full control over the physical infrastructure. d. No longer having to guess what capacity will be required. e. No longer worrying about users' access controls. 88. Which AWS service is a hybrid cloud storage service that provides on-premises users access to virtually unlimited cloud storage? a. AWS DataSync b. Amazon S3 Glacier c. AWS Storage Gateway d. Amazon Elastic Block Store (Amazon EBS) 89. A company plans to migrate to AWS and wants to create cost estimates for its AWS use cases. Which AWS service or tool can the company use to meet these requirements? a. AWS Pricing Calculator b. Amazon CloudWatch c. AWS Cost Explorer d. AWS Budgets 90. Which tool should a developer use to integrate AWS service features directly into an application? a. AWS Software Development Kit b. AWS CodeDeploy c. AWS Lambda d. AWS Batch 91. Which of the following is a recommended design principle of the AWS Well-Architected Framework? a. Reduce downtime by making infrastructure changes infrequently and in large increments. b. Invest the time to configure infrastructure manually. c. Learn to improve from operational failures. d. Use monolithic application design for centralization. 92. Using AWS Identity and Access Management (IAM) to grant access only to the resources needed to perform a task is a concept known as: a. Restricted access. b. As-needed access. c. Least privilege access. d. Token access. 93. Which AWS service or tool can be used to set up a firewall to control traffic going into and coming out of an Amazon VPC subnet? a. Security group b. AWS WAF c. AWS Firewall Manager d. Network ACL 94. A company wants to operate a data warehouse to analyze data without managing the data warehouse infrastructure. Which AWS service will meet this requirement? a. Amazon Aurora b. Amazon Redshift Serverless c. AWS Lambda d. Amazon RDS 95. How does AWS Cloud computing help businesses reduce costs? (Choose two.) a. AWS charges the same prices for services in every AWS Region. b. AWS enables capacity to be adjusted on demand. c. AWS offers discounts for Amazon EC2 instances that remain idle for more than 1 week. d. AWS does not charge for data sent from the AWS Cloud to the internet. e. AWS eliminates many of the costs of building and maintaining on-premises data centers. 96. A company wants to grant users in one AWS account access to resources in another AWS account. The users do not currently have permission to access the resources. Which AWS service will meet this requirement? a. IAM group b. IAM role c. IAM tag d. IAM Access Analyzer 97. Which task is the responsibility of AWS when using AWS services? a. Management of IAM user permissions b. Creation of security group rules for outbound access c. Maintenance of physical and environmental controls d. Application of Amazon EC2 operating system patches 98. A company wants to automate infrastructure deployment by using infrastructure as code (IaC). The company wants to scale production stacks so the stacks can be deployed in multiple AWS Regions. Which AWS service will meet these requirements? a. Amazon CloudWatch b. AWS Config c. AWS Trusted Advisor d. AWS CloudFormation 99. Which option is an AWS Cloud Adoption Framework (AWS CAF) platform perspective capability? a. Data architecture b. Data protection c. Data governance d. Data science 100. A company is running a workload in the AWS Cloud. Which AWS best practice ensures the MOST cost-effective architecture for the workload? a. Loose coupling b. Rightsizing c. Caching d. Redundancy 101. A company is using a third-party service to back up 10 TB of data to a tape library. The on-premises backup server is running out of space. The company wants to use AWS services for the backups without changing its existing backup workflows. Which AWS service should the company use to meet these requirements? a. Amazon Elastic Block Store (Amazon EBS) b. AWS Storage Gateway c. Amazon Elastic Container Service (Amazon ECS) d. AWS Lambda 102. Which AWS tool gives users the ability to plan their service usage, service costs, and instance reservations, and also allows them to set custom alerts when their costs or usage exceed established thresholds? a. Cost Explorer b. AWS Budgets c. AWS Cost and Usage Report d. Reserved Instance reporting 103. Which tasks are the customer's responsibility, according to the AWS shared responsibility model? (Choose two.) a. Establish the global infrastructure. b. Perform client-side data encryption. c. Configure IAM credentials. d. Secure edge locations. e. Patch Amazon RDS DB instances. 104. A developer has been hired by a large company and needs AWS credentials. Which are security best practices that should be followed? (Choose two.) a. Grant the developer access to only the AWS resources needed to perform the job. b. Share the AWS account root user credentials with the developer. c. Add the developer to the administrator's group in AWS IAM. d. Configure a password policy that ensures the developer’s password cannot be changed. e. Ensure the account password policy requires a minimum length. 105. A company has multiple AWS accounts that include compute workloads that cannot be interrupted. The company wants to obtain billing discounts that are based on the company’s use of AWS services. Which AWS feature or purchasing option will meet these requirements? a. Resource tagging b. Consolidated billing c. Pay-as-you-go pricing d. Spot Instances 106. A user wants to allow applications running on an Amazon EC2 instance to make calls to other AWS services. The access granted must be secure. Which AWS service or feature should be used? a. Security groups b. AWS Firewall Manager c. IAM roles d. IAM user SSH keys 107. A company wants a fully managed Windows file server for its Windows-based applications. Which AWS service will meet this requirement? a. Amazon FSx b. Amazon Elastic Kubernetes Service (Amazon EKS) c. Amazon Elastic Container Service (Amazon ECS) d. Amazon EMR 108. A company wants to migrate its NFS on-premises workload to AWS. Which AWS Storage Gateway type should the company use to meet this requirement? a. Tape Gateway b. Volume Gateway c. Amazon FSx File Gateway d. Amazon S3 File Gateway 109. A company needs to track the activity in its AWS accounts and needs to know when an API call is made against its AWS resources. Which AWS tool or service can be used to meet these requirements? a. Amazon CloudWatch b. Amazon Inspector c. AWS CloudTrail d. AWS IAM 110. A company has an uninterruptible application that runs on Amazon EC2 instances. The application consistently processes a backlog of files in an Amazon Simple Queue Service (Amazon SQS) queue. This usage is expected to grow over the years. What is the MOST cost-effective EC2 instance purchasing model to meet these requirements? a. Spot Instances b. On-Demand Instances c. Savings Plans d. Dedicated Hosts 111. A company wants an AWS service to provide product recommendations based on its customer data. Which AWS service will meet this requirement? a. Amazon Polly b. Amazon Personalize c. Amazon Comprehend d. Amazon Rekognition 112. A company is planning its migration to the AWS Cloud. The company is identifying its capability gaps by using the AWS Cloud Adoption Framework (AWS CAF) perspectives. Which phase of the cloud transformation journey includes these identification activities? a. Envision b. Align c. Scale d. Launch 113. A social media company wants to protect its web application from common web exploits such as SQL injections and cross-site scripting. Which AWS service will meet these requirements? a. Amazon Inspector b. AWS WAF c. Amazon GuardDuty d. Amazon CloudWatch 114. Which fully managed AWS service assists with the creation, testing, and management of custom Amazon EC2 images? a. EC2 Image Builder b. Amazon Machine Image (AMI) c. AWS Launch Wizard d. AWS Elastic Beanstalk 115. A company wants an automated process to continuously scan its Amazon EC2 instances for software vulnerabilities. Which AWS service will meet these requirements? a. Amazon GuardDuty b. Amazon Inspector c. Amazon Detective d. Amazon Cognito 116. A company needs to perform data processing once a week that typically takes about 5 hours to complete. Which AWS service should the company use for this workload? a. AWS Lambda b. Amazon EC2 c. AWS CodeDeploy d. AWS Wavelength 117. Which AWS service or feature provides log information of the inbound and outbound traffic on network interfaces in a VPC? a. Amazon CloudWatch Logs b. AWS CloudTrail c. VPC Flow Logs d. AWS Identity and Access Management (IAM) 118. A company wants to design a centralized storage system to manage the configuration data and passwords for its critical business applications. Which AWS service or capability will meet these requirements MOST cost-effectively? a. AWS systems Manager Parameter Store b. AWS Secrets Manager c. AWS Config d. Amazon S3 119. A company plans to deploy containers on AWS. The company wants full control of the compute resources that host the containers. Which AWS service will meet these requirements? a. Amazon Elastic Kubernetes Service (Amazon EKS) b. AWS Fargate c. Amazon EC2 d. Amazon Elastic Container Service (Amazon ECS) 120. Which AWS service or feature allows users to create new AWS accounts, group multiple accounts to organize workflows, and apply policies to groups of accounts? a. AWS Identity and Access Management (IAM) b. AWS Trusted Advisor c. AWS CloudFormation d. AWS Organizations 121. A company wants to store and retrieve files in Amazon S3 for its existing on-premises applications by using industry-standard file system protocols. Which AWS service will meet these requirements? a. AWS DataSync b. AWS Snowball Edge c. Amazon S3 File Gateway d. AWS Transfer Family 122. A company wants to block SQL injection attacks. Which AWS service or feature should the company use to meet this requirement? a. AWS WAF b. Network ACLs c. Security groups d. AWS Certificate Manager (ACM) 123. A company wants a unified tool to provide a consistent method to interact with AWS services. Which AWS service or tool will meet this requirement? a. AWS CLI b. Amazon Elastic Container Service (Amazon ECS) c. AWS Cloud9 d. AWS Virtual Private Network (AWS VPN) 124. A company needs to evaluate its AWS environment and provide best practice recommendations in five categories: cost, performance, service limits, fault tolerance, and security. Which AWS service can the company use to meet these requirements? a. AWS Shield b. AWS WAF c. AWS Trusted Advisor d. AWS Service Catalog 125. Which perspective in the AWS Cloud Adoption Framework (AWS CAF) includes capabilities for configuration management and patch management? a. Platform b. Operations c. Security d. Governance 126. A company has a compute workload that is steady, predictable, and uninterruptible. Which Amazon EC2 instance purchasing options meet these requirements MOST cost-effectively? (Choose two.) a. On-Demand Instances b. Reserved Instances c. Spot Instances d. Savings Plans e. Dedicated Hosts 127. Which Amazon EC2 pricing model is MOST cost-efficient for an uninterruptible workload that runs once a year for 24 hours? a. On-Demand Instances b. Reserved Instances c. Spot Instances d. Dedicated Instances 128. Which option is a shared responsibility between AWS and its customers under the AWS Shared Responsibility Model? a. Configuration of Amazon EC2 instance operating systems b. Application file system server-side encryption c. Patch management d. Security of the physical infrastructure 129. A company wants to migrate its on-premises workloads to the AWS Cloud. The company wants to separate workloads for chargeback to different departments. Which AWS services or features will meet these requirements? (Choose two.) a. Placement groups b. Consolidated billing c. Edge locations d. AWS Config e. Multiple AWS accounts 130. Which task is a responsibility of AWS, according to the AWS Shared Responsibility Model? a. Enable client-side encryption for objects stored in Amazon S3. b. Configure IAM security policies to comply with the principle of least privilege. c. Patch the guest operating system on an Amazon EC2 instance. d. Apply updates to the Nitro Hypervisor. 131. Which option is a benefit of using AWS for cloud computing? a. Trade variable expense for fixed expense b. Pay-as-you-go pricing c. Decreased speed and agility d. Spending money running and maintaining data centers 132. Which option is an AWS Cloud Adoption Framework (AWS CAF) business perspective capability? a. Culture evolution b. Event management c. Data monetization d. Platform architecture 133. A company is assessing its AWS Business Support plan to determine if the plan still meets the company’s needs. The company is considering switching to AWS Enterprise Support. Which additional benefit will the company receive with AWS Enterprise Support? a. A full set of AWS Trusted Advisor checks b. Phone, email, and chat access to cloud support engineers 24 hours a day, 7 days a week c. A designated technical account manager (TAM) to assist in monitoring and optimization d. A consultative review and architecture guidance for the company’s applications 134. Which pricing model will interrupt a running Amazon EC2 instance if capacity becomes temporarily unavailable? a. On-Demand Instances b. Standard Reserved Instances c. Spot Instances d. Convertible Reserved Instances 135. Which options are AWS Cloud Adoption Framework (AWS CAF) security perspective capabilities? (Choose two.) a. Observability b. Incident and problem management c. Incident response d. Infrastructure protection e. Availability and continuity 136. A company wants to run its workload on Amazon EC2 instances for more than 1 year. This workload will run continuously. Which option offers a discounted hourly rate compared to the hourly rate of On-Demand Instances? a. AWS Graviton processor b. Dedicated Hosts c. EC2 Instance Savings Plans d. Amazon EC2 Auto Scaling instances 137. Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity? a. Agility b. Elasticity c. Reliability d. Durability 138. Which AWS services can a company use to achieve a loosely coupled architecture? (Choose two.) a. Amazon WorkSpaces b. Amazon Simple Queue Service (Amazon SQS) c. Amazon Connect d. AWS Trusted Advisor e. AWS Step Functions 139. Which AWS Cloud service can send alerts to customers if custom spending thresholds are exceeded? a. AWS Budgets b. AWS Cost Explorer c. AWS Cost Allocation Tags d. AWS Organizations 140. A company plans to migrate to the AWS Cloud. The company wants to use the AWS Cloud Adoption Framework (AWS CAF) to define and track business outcomes as part of its cloud transformation journey. Which AWS CAF governance perspective capability will meet these requirements? a. Benefits management b. Risk management c. Application portfolio management d. Cloud financial management 141. A company needs to quickly and securely move files over long distances between its client and an Amazon S3 bucket. Which S3 feature will meet this requirement? a. S3 Versioning b. S3 Transfer Acceleration c. S3 ACLs d. S3 Intelligent-Tiering 142. A company needs to continuously run an experimental workload on an Amazon EC2 instance and stop the instance after 12 hours. Which instance purchasing option will meet this requirement most cost-effectively? a. On-Demand Instances b. Reserved Instances c. Spot Instances d. Dedicated Instances 143. Which cloud transformation journey phase of the AWS Cloud Adoption Framework (AWS CAF) focuses on demonstrating how the cloud helps accelerate business outcomes? a. Scale b. Envision c. Align d. Launch 144. Which option is a customer responsibility under the AWS shared responsibility model? a. Maintenance of underlying hardware of Amazon EC2 instances b. Application data security c. Physical security of data centers d. Maintenance of VPC components 145. A company wants its Amazon EC2 instances to operate in a highly available environment, even if there is a natural disaster in a particular geographic area. Which approach will achieve this goal? a. Use EC2 instances in multiple AWS Regions. b. Use EC2 instances in multiple Amazon CloudFront locations. c. Use EC2 instances in multiple edge locations. d. Use EC2 instances in AWS Local Zones. 146. A company wants to modernize and convert a monolithic application into microservices. The company wants to move the application to AWS. Which migration strategy should the company use? a. Rehost b. Replatform c. Repurchase d. Refactor 147. A systems administrator created a new IAM user for a developer and assigned the user an access key instead of a user name and password. What is the access key used for? a. To access the AWS account as the AWS account root user b. To access the AWS account through the AWS Management Console c. To access the AWS account through a CLI d. To access all of a company’s AWS accounts 148. Which option is an environment that consists of one or more data centers? a. Amazon CloudFront b. Availability Zone c. VPC d. AWS Outposts 149. A company is moving an on-premises data center to the AWS Cloud. The company must migrate 50 petabytes of file storage data to AWS with the least possible operational overhead. Which AWS service or resource should the company use to meet these requirements? a. AWS Snowmobile b. AWS Snowball Edge c. AWS Data Exchange d. AWS Database Migration Service (AWS DMS) 150. A company has an application with robust hardware requirements. The application must be accessed by students who are using lightweight, low-cost laptops. Which AWS service will help the company deploy the application without investing in backend infrastructure or high- end client hardware? a. Amazon AppStream 2.0 b. AWS AppSync c. Amazon WorkLink d. AWS Elastic Beanstalk 151. A company wants to query its server logs to gain insights about its customers’ experiences. Which AWS service will store this data MOST cost-effectively? a. Amazon Aurora b. Amazon Elastic File System (Amazon EFS) c. Amazon Elastic Block Store (Amazon EBS) d. Amazon S3 152. Which AWS service helps users audit API activity across their AWS account? a. AWS CloudTrail b. Amazon Inspector c. AWS WAF d. AWS Config 153. Which task is a customer’s responsibility, according to the AWS shared responsibility model? a. Management of the guest operating systems b. Maintenance of the configuration of infrastructure devices c. Management of the host operating systems and virtualization d. Maintenance of the software that powers Availability Zones 154. A company wants to automatically add and remove Amazon EC2 instances. The company wants the EC2 instances to adjust to varying workloads dynamically. Which service or feature will meet these requirements? a. Amazon DynamoDB b. Amazon EC2 Spot Instances c. AWS Snow Family d. Amazon EC2 Auto Scaling 155. Which security service automatically recognizes and classifies sensitive data or intellectual property on AWS? a. Amazon GuardDuty b. Amazon Macie c. Amazon Inspector d. AWS Shield 156. Which actions are best practices for an AWS account root user? (Choose two.) a. Share root user credentials with team members. b. Create multiple root users for the account, separated by environment. c. Enable multi-factor authentication (MFA) on the root user. d. Create an IAM user with administrator privileges for daily administrative tasks, instead of using the root user. e. Use programmatic access instead of the root user and password. 157. A company is running a critical workload on an Amazon RDS DB instance. The company needs the DB instance to be highly available with a recovery time of less than 5 minutes. Which solution will meet these requirements? a. Create a read replica of the DB instance. b. Create a template of the DB instance by using AWS CloudFormation. c. Take frequent snapshots of the DB instance. Store the snapshots in Amazon S3. d. Modify the DB instance to be a Multi-AZ deployment. 158. A company plans to migrate its application to AWS and run the application on Amazon EC2 instances. The application will have continuous usage for 1 year. Which EC2 instance purchasing option will meet these requirements MOST cost-effectively? a. Reserved Instances b. Spot Instances c. On-Demand Instances d. Dedicated Hosts 159. A company needs to transfer data between an Amazon S3 bucket and an on-premises application. Who is responsible for the security of this data, according to the AWS shared responsibility model? a. The company b. AWS c. Firewall vendor d. AWS Marketplace partner 160. Which pillar of the AWS Well-Architected Framework refers to the ability of a system to recover from infrastructure or service disruptions and dynamically acquire computing resources to meet demand? a. Security b. Reliability c. Performance efficiency d. Cost optimization 161. A company wants to identify Amazon S3 buckets that are shared with another AWS account. Which AWS service or feature will meet these requirements? a. AWS Lake Formation b. IAM credential report c. Amazon CloudWatch d. IAM Access Analyzer 162. Which AWS service gives users the ability to build interactive business intelligence dashboards that include machine learning insights? a. Amazon Athena b. Amazon Kendra c. Amazon QuickSight d. Amazon Redshift 163. Which of the following is an AWS value proposition that describes a user’s ability to scale infrastructure based on demand? a. Speed of innovation b. Resource elasticity c. Decoupled architecture d. Global deployment 164. Which action is a security best practice for access to sensitive data that is stored in an Amazon S3 bucket? a. Enable S3 Cross-Region Replication (CRR) on the S3 bucket. b. Use IAM roles for applications that require access to the S3 bucket. c. Configure AWS WAF to prevent unauthorized access to the S3 bucket. d. Configure Amazon GuardDuty to prevent unauthorized access to the S3 bucket. 165. A company needs a central user portal so that users can log in to third-party business applications that support Security Assertion Markup Language (SAML) 2.0. Which AWS service will meet this requirement? a. AWS Identity and Access Management (IAM) b. Amazon Cognito c. AWS IAM Identity Center (AWS Single Sign-On) d. AWS CLI 166. Which AWS service can migrate data between AWS storage services? a. AWS DataSync b. AWS Direct Connect c. AWS Lake Formation d. Amazon S3 167. Which statements represent the cost-effectiveness of the AWS Cloud? (Choose two.) a. Users can trade fixed expenses for variable expenses. b. Users can deploy all over the world in minutes. c. AWS offers increased speed and agility. d. AWS is responsible for patching the infrastructure. e. Users benefit from economies of scale. 168. A company wants to design its cloud architecture so that it can support development innovations and continuously improve processes and procedures. This is an example of which pillar of the AWS Well-Architected Framework? a. Security b. Performance efficiency c. Operational excellence d. Reliability 169. A company needs to consolidate the billing for multiple AWS accounts. The company needs to use one account to pay on behalf of all the other accounts. Which AWS service or tool should the company use to meet this requirement? a. AWS Trusted Advisor b. AWS Organizations c. AWS Budgets d. AWS Service Catalog 170. A company is moving some of its on-premises IT services to the AWS Cloud. The finance department wants to see the entire bill so it can forecast spending limits. Which AWS service can the company use to set spending limits and receive notifications if those limits are exceeded? a. AWS Cost and Usage Reports b. AWS Budgets c. AWS Organizations consolidated billing d. Cost Explorer 171. Which AWS Support plans provide access to an AWS technical account manager (TAM)? (Choose two.) a. AWS Basic Support b. AWS Developer Support c. AWS Business Support d. AWS Enterprise On-Ramp Support e. AWS Enterprise Support 172. Where can users find examples of AWS Cloud solution designs? a. AWS Marketplace b. AWS Service Catalog c. AWS Architecture Center d. AWS Trusted Advisor 173. Which task is the responsibility of a company that is using Amazon RDS? a. Provision the underlying infrastructure. b. Create IAM policies to control administrative access to the service. c. Install the cables to connect the hardware for compute and storage. d. Install and patch the RDS operating system. 174. Which of the following is an advantage that the AWS Cloud provides to users? a. Users eliminate the need to guess about infrastructure capacity requirements. b. Users decrease their variable costs by maintaining sole ownership of IT hardware. c. Users maintain control of underlying IT infrastructure hardware. d. Users maintain control of operating systems for managed services. 175. Which feature of Amazon RDS provides the ability to automatically create a primary database instance and to synchronously replicate data to an instance in another Availability Zone? a. Read replicas b. Blue/green deployment c. Multi-AZ deployment d. Reserved Instances 176. A company needs to check for IAM access keys that have not been rotated recently. Which AWS service should the company use to meet this requirement? a. AWS WAF b. AWS Shield c. Amazon Cognito d. AWS Trusted Advisor 177. A company runs many Amazon EC2 instances in its VPC. The company wants to use a native AWS security resource to control network traffic between certain EC2 instances. Which AWS service or feature will meet this requirement? a. Network ACLs b. AWS WAF c. Amazon GuardDuty d. Security groups 178. Which of the following can be components of a VPC in the AWS Cloud? (Choose two.) a. Amazon API Gateway b. Amazon S3 buckets and objects c. AWS Storage Gateway d. Internet gateway e. Subnet 179. A company is building a new application on AWS. The company needs the application to remain available if an individual application component fails. Which design principle should the company use to meet this requirement? a. Disposable resources b. Automation c. Rightsizing d. Loose coupling 180. A company wants to use a managed service to identify and protect sensitive data that is stored in Amazon S3. Which AWS service will meet these requirements? a. AWS IAM Access Analyzer b. Amazon GuardDuty c. Amazon Inspector d. Amazon Macie 181. Which AWS service or feature can a user configure to limit network access at the subnet level? a. AWS Shield b. AWS WAF c. Network ACL d. Security group 182. A company wants to enhance security by launching a third-party ISP intrusion detection system from its AWS account. Which AWS service or resource should the company use to meet this requirement? a. AWS Security Hub b. AWS Marketplace c. AWS Quick Starts d. AWS Security Center 183. How does the AWS Cloud help companies build agility into their processes and cloud infrastructure? a. Companies can avoid provisioning too much capacity when they do not know how much capacity is required. b. Companies can expand into new geographic regions. c. Companies can access a range of technologies to experiment and innovate quickly. d. Companies can pay for IT resources only when they use the resources. 184. Which AWS service or tool gives a company the ability to release application changes in an automated way? a. Amazon AppFlow b. AWS CodeDeploy c. AWS PrivateLink d. Amazon EKS Distro 185. Which AWS Cloud Adoption Framework (AWS CAF) perspective focuses on managing identities and permissions at scale? a. Operations b. Platform c. Governance d. Security 186. Which AWS service or feature allows users to securely store encrypted credentials and retrieve these credentials when required? a. AWS Encryption SDK b. AWS Security Hub c. AWS Secrets Manager d. AWS Artifact 187. Which pillar of the AWS Well-Architected Framework aligns with the ability to make frequent, small, and reversible changes to AWS Cloud architecture? a. Security b. Cost optimization c. Operational excellence d. Performance efficiency 188. Which AWS service or resource can a company use to deploy AWS WAF rules? a. Amazon EC2 b. Application Load Balancer c. AWS Trusted Advisor d. Network Load Balancer 189. A company hosts its website on Amazon EC2 instances. The company needs to ensure that the website reaches a global audience and provides minimum latency to users. Which AWS service should the company use to meet these requirements? a. Amazon Route 53 b. Amazon CloudFront c. Elastic Load Balancing d. AWS Lambda 190. Which AWS design principle emphasizes the reduction of interdependencies between components of an application? a. Scalability b. Loose coupling c. Automation d. Caching 191. A company wants to provide one of its employees with access to Amazon RDS. The company also wants to limit the interaction to only the AWS CLI and AWS software development kits (SDKs). Which combination of actions should the company take to meet these requirements while following the principles of least privilege? (Choose two.) a. Create an IAM user and provide AWS Management Console access only. b. Create an IAM user and provide programmatic access only. c. Create an IAM role and provide AWS Management Console access only. d. Create an IAM policy with administrator access and attach it to the IAM user. e. Create an IAM policy with Amazon RDS access and attach it to the IAM user. 192. A company is running a reporting web server application on Amazon EC2 instances. The application runs once every week and once again at the end of the month. The EC2 instances can be shut down when they are not in use. What is the MOST cost-effective billing model for this use case? a. Standard Reserved Instances b. Convertible Reserved Instances c. On-Demand Capacity Reservations d. On-Demand Instances 193. A company wants to discover, prepare, move, and integrate data from multiple sources for data analytics and machine learning. Which AWS serverless data integration service should the company use to meet these requirements? a. AWS Glue b. AWS Data Exchange c. Amazon Athena d. Amazon EMR 194. A company is moving its development and test environments to AWS to increase agility and reduce cost. Because these are not production workloads and the servers are not fully utilized, occasional unavailability is acceptable. What is the MOST cost-effective Amazon EC2 pricing model that will meet these requirements? a. Reserved Instances b. On-Demand Instances c. Spot Instances d. Dedicated Hosts 195. A company deploys its application on Amazon EC2 instances. The application occasionally experiences sudden increases in demand. The company wants to ensure that its application can respond to changes in demand at the lowest possible cost. Which AWS service or concept will meet these requirements? a. AWS Auto Scaling b. AWS Compute Optimizer c. AWS Cost Explorer d. AWS Well-Architected Framework 196. A company wants to organize its users so that the company can grant permissions to the users as a group. Which AWS service or tool can the company use to meet this requirement? a. Security groups b. AWS Identity and Access Management (IAM) c. Resource groups d. AWS Security Hub 197. A company wants to build an application that uses AWS Lambda to run Python code. Under the AWS shared responsibility model, which tasks will be the company’s responsibility? (Choose two.) a. Management of the underlying infrastructure. b. Management of the operating system. c. Writing the business logic code. d. Installation of the computer language runtime. e. Providing AWS Identity and Access Management (IAM) access to the Lambda service. 198. A company needs to identify who accessed an AWS service and what action was performed for a given time period. Which AWS service should the company use to meet this requirement? a. Amazon CloudWatch b. AWS CloudTrail c. AWS Security Hub d. Amazon Inspector 199. What does "security of the cloud" refer to in the AWS shared responsibility model? a. Availability of AWS services such as Amazon EC2 b. Security of the cloud infrastructure that runs all the AWS services c. Implementation of password policies for IAM users d. Security of customer environments by using AWS Network Firewall partners 200. A company has an application that produces unstructured data continuously. The company needs to store the data so that the data is durable and easy to query. Which AWS service can the company use to meet these requirements? a. Amazon RDS b. Amazon Aurora c. Amazon QuickSight d. Amazon DynamoDB 201. Which options are AWS Cloud Adoption Framework (AWS CAF) perspectives? (Choose two.) a. Cloud fluency b. Security c. Change acceleration d. Architecture e. Business 202. A company wants to migrate a company's on-premises container infrastructure to the AWS Cloud. The company wants to prevent unplanned administration and operation cost and adapt to a serverless architecture. Which AWS service will meet these requirements? a. Amazon Connect b. AWS Fargate c. Amazon Lightsail d. Amazon EC2 203. A company wants its Amazon EC2 instances to be in different locations but share the same geographic area. The company also wants to use multiple power grids and independent networking connectivity for the EC2 instances. Which solution meets these requirements? a. Use EC2 instances in multiple edge locations in the same AWS Region. b. Use EC2 instances in multiple Availability Zones in the same AWS Region. c. Use EC2 instances in multiple Amazon Connect locations in the same AWS Region. d. Use EC2 instances in multiple AWS Artifact locations in the same AWS Region. 204. An eCommerce company has deployed a new web application on Amazon EC2 instances. The company wants to distribute incoming HTTP traffic evenly across all running instances. Which AWS service or resource will meet this requirement? a. Amazon EC2 Auto Scaling b. Application Load Balancer c. Gateway Load Balancer d. Network Load Balancer 205. Which AWS service or feature gives users the ability to connect VPCs and on-premises networks to a central hub? a. Virtual private gateway b. AWS Transit Gateway c. Internet gateway d. Customer gateway 206. A company wants to run CPU-intensive workload across multiple Amazon EC2 instances. Which EC2 instance type should the company use to meet this requirement? a. General purpose instances b. Compute optimized instances c. Memory optimized instances d. Storage optimized instances 207. A company is connecting multiple VPCs and on-premises networks. The company needs to use an AWS service as a cloud router to simplify peering relationships. Which AWS service can the company use to meet this requirement? a. AWS Direct Connect b. AWS Transit Gateway c. Amazon Connect d. Amazon Route 53 208. A company stores a large amount of data that auditors access only twice each year. Which Amazon S3 storage class should the company use to store the data with the LOWEST cost? a. Amazon S3 Outposts b. Amazon S3 Glacier Instant Retrieval c. Amazon S3 Standard d. Amazon S3 Intelligent-Tiering 209. Which action should a company take to improve security in its AWS account? a. Require multi-factor authentication (MFA) for privileged users. b. Remove the root user account. c. Create an access key for the AWS account root user. d. Create an access key for each privileged user. 210. Which of the following are ways to improve security on AWS? (Choose two.) a. Using AWS Artifact b. Granting the broadest permissions to all IAM roles c. Running application code with AWS Cloud d. Enabling multi-factor authentication (MFA) with Amazon Cognito e. Using AWS Trusted Advisor security checks 211. Which AWS service can a company use to manage encryption keys in the cloud? a. AWS License Manager b. AWS Certificate Manager (ACM) c. AWS CloudHSM d. AWS Directory Service 212. A company wants to store its files in the AWS Cloud. Users need to be able to download these files directly using a public URL. Which AWS service or feature will meet this requirement? a. Amazon Redshift b. Amazon Elastic Block Store (Amazon EBS) c. Amazon Elastic File System (Amazon EFS) d. Amazon S3 213. A company is using AWS for all its IT infrastructure. The company's developers are allowed to deploy applications on their own. The developers want to deploy their applications without having to provision the infrastructure themselves. Which AWS service should the developers use to meet these requirements? a. AWS CloudFormation b. AWS CodeBuild c. AWS Elastic Beanstalk d. AWS CodeDeploy 214. A company wants to gain insights from its data and build interactive data visualization dashboards. Which AWS service will meet these requirements? a. Amazon SageMaker b. Amazon Rekognition c. Amazon QuickSight d. Amazon Kinesis 215. A cloud engineer wants to store data in Amazon S3. The engineer will access some of the data yearly and some of the data daily. Which S3 storage class will meet these requirements MOST cost-effectively? a. S3 Standard b. S3 Glacier Deep Archive c. S3 One Zone-Infrequent Access (S3 One Zone-IA) d. S3 Intelligent-Tiering 216. Which of the following are economic benefits of using the AWS Cloud? (Choose two.) a. Consumption-based pricing b. Perpetual licenses c. Economies of scale d. AWS Enterprise Support at no additional cost e. Bring-your-own-hardware model 217. A user is moving a workload from a local data center to an architecture that is distributed between the local data center and the AWS Cloud. Which type of migration is this? a. On-premises to cloud native b. Hybrid to cloud native c. On-premises to hybrid d. Cloud native to hybrid 218. A company needs to store infrequently used data for data archives and long-term backups. Which AWS service or storage class will meet these requirements MOST cost-effectively? a. Amazon FSx for Lustre b. Amazon Elastic Block Store (Amazon EBS) c. Amazon Elastic File System (Amazon EFS) d. Amazon S3 Glacier Flexible Retrieval 219. Which AWS service provides users with AWS issued reports, certifications, accreditations, and third-party attestations? a. AWS Artifact b. AWS Trusted Advisor c. AWS Health Dashboard d. AWS Config 220. A company needs to create and publish interactive business intelligence dashboards. The dashboards require insights that are powered by machine learning. Which AWS service or tool will meet these requirements? a. AWS Glue Studio b. Amazon QuickSight c. Amazon Redshift d. Amazon Athena 221. A company wants to use AWS. The company has stringent requirements about low-latency access to on- premises systems and data residency. Which AWS service should the company use to design a solution that meets these requirements? a. AWS Wavelength b. AWS Transit Gateway c. AWS Ground Station d. AWS Outposts 222. A company runs an on-premise contact center for customers. The company needs to migrate to a cloud-based solution that can deliver artificial intelligence features to improve user experience. Which AWS service will meet these requirements? a. AWS Wavelength b. AWS IAM Identity Center (AWS Single Sign-On) c. AWS Direct Connect d. Amazon Connect 223. A company needs the ability to acquire resources when the resources are needed. The company also needs the ability to release the resources when the resources are no longer needed. Which AWS concept represents the company's goals? a. Scalability b. Sustainability c. Elasticity d. Operational excellence 224. A company wants to use Amazon EC2 instances for a stable production workload that will run for 1 year. Which instance purchasing option meets these requirements MOST cost-effectively? a. Dedicated Hosts b. Reserved Instances c. On-Demand Instances d. Spot Instances 225. A company wants to log in securely to Linux Amazon EC2 instances. How can the company accomplish this goal? a. Use SSH keys. b. Use a VPN. c. Use end-to-end encryption. d. Use Amazon Route 53. 226. A company wants to use a serverless compute service for an application. Which AWS service will meet this requirement? a. AWS Lambda b. AWS CloudFormation c. AWS Elastic Beanstalk d. Elastic Load Balancing 227. A company wants a solution that will automatically adjust the number of Amazon EC2 instances that are being used based on the current load. Which AWS offering will meet these requirements? a. Dedicated Hosts b. Placement groups c. Auto Scaling groups d. Reserved Instances 228. A company is building AWS architecture to deliver real-time data feeds from an on-premises data center into an application that runs on AWS. The company needs a consistent network connection with minimal latency. What should the company use to connect the application and the data center to meet these requirements? a. AWS Direct Connect b. Public internet c. AWS VPN d. Amazon Connect 229. A company plans to migrate its custom marketing application and order-processing application to AWS. The company needs to deploy the applications on different types of instances with various configurations of CPU, memory, storage, and networking capacity. Which AWS service should the company use to meet these requirements? a. AWS Lambda b. Amazon Cognito c. Amazon Athena d. Amazon EC2 230. A company wants to monitor and block malicious HTTP and HTTPS requests that its Amazon CloudFront distributions receive. Which AWS service should the company use to meet these requirements? a. Amazon GuardDuty b. Amazon Inspector c. AWS WAF d. Amazon Detective 231. Which AWS services can host PostgreSQL databases? (Choose two.) a. Amazon S3 b. Amazon Aurora c. Amazon EC2 d. Amazon OpenSearch Service e. Amazon Elastic File System (Amazon EFS) 232. Which AWS service can generate information that can be used by external auditors? a. Amazon Cognito b. Amazon FSx c. AWS Config d. Amazon Inspector 233. Which AWS service or feature requires an internet service provider (ISP) and a colocation facility to be implemented? a. AWS VPN b. Amazon Connect c. AWS Direct Connect d. Internet gateway 234. A company wants its Amazon EC2 instances to operate in a highly available environment, even if there is a natural disaster in a particular geographic area. Which solution achieves this goal? a. Use EC2 instances in multiple AWS Regions. b. Use EC2 instances in multiple edge locations. c. Use EC2 instances in the same Availability Zone but in different AWS Regions. d. Use Amazon CloudFront with the EC2 instances configured as the source. 235. Which AWS service allows for file sharing between multiple Amazon EC2 instances? a. AWS Direct Connect b. AWS Snowball Edge c. AWS Backup d. Amazon Elastic File System (Amazon EFS) 236. A company needs to manage multiple logins across AWS accounts within the same organization in AWS Organizations. Which AWS service should the company use to meet this requirement? a. Amazon VPC b. Amazon GuardDuty c. Amazon Cognito d. AWS IAM Identity Center 237. A company uses Amazon WorkSpaces. Which task is the responsibility of AWS, according to the AWS shared responsibility model? a. Set up multi-factor authentication (MFA) for each WorkSpaces user account. b. Ensure the environmental safety and security of the AWS infrastructure that hosts WorkSpaces. c. Provide security for WorkSpaces user accounts through AWS Identity and Access Management (IAM). d. Configure AWS CloudTrail to log API calls and user activity. 238. A company is migrating its public website to AWS. The company wants to host the domain name for the website on AWS. Which AWS service should the company use to meet this requirement? a. AWS Lambda b. Amazon Route 53 c. Amazon CloudFront d. AWS Direct Connect 239. A company uses a third-party identity provider (IdP). The company wants to provide its employees with access to AWS accounts and services without requiring another set of login credentials. Which AWS service will meet this requirement? a. AWS Directory Service b. Amazon Cognito c. AWS IAM Identity Center d. AWS Resource Access Manager (AWS RAM) 240. Which combination of AWS services can be used to move a commercial relational database to an Amazon- managed open-source database? (Choose two.) a. AWS Database Migration Service (AWS DMS) b. AWS software development kits (SDKs) c. AWS Schema Conversion Tool d. AWS Systems Manager e. Amazon EMR 241. Which AWS service gives users on-demand, self-service access to AWS compliance control reports? a. AWS Config b. Amazon GuardDuty c. AWS Trusted Advisor d. AWS Artifact 242. A company runs a legacy workload in an on-premises data center. The company wants to migrate the workload to AWS. The company does not want to make any changes to the workload. Which migration strategy should the company use? a. Repurchase b. Replatform c. Rehost d. Refactor 243. A company is planning to migrate applications to the AWS Cloud. During a system audit, the company finds that its content management system (CMS) application is incompatible with cloud environments. Which migration strategies will help the company to migrate the CMS application with the LEAST effort? (Choose two.) a. Retire b. Rehost c. Repurchase d. Replatform e. Refactor 244. Which of the following are AWS best practice recommendations for the use of AWS Identity and Access Management (IAM)? (Choose two.) a. Use the AWS account root user for daily access. b. Use access keys and secret access keys on Amazon EC2. c. Rotate credentials on a regular basis. d. Create a shared set of access keys for system administrators. e. Configure multi-factor authentication (MFA). 245. Which option is AWS responsible for under the AWS shared responsibility model? a. Network and firewall configuration b. Client-side data encryption c. Management of user permissions d. Hardware and infrastructure 246. A company wants to run a graph query that provides credit card users’ names, addresses, and transactions. The company wants the graph to show if the names, addresses, and transactions indicate possible fraud. Which AWS database service will meet these requirements? a. Amazon DocumentDB (with MongoDB compatibility) b. Amazon Timestream c. Amazon DynamoDB d. Amazon Neptune 247. Which AWS service provides machine learning capability to detect and analyze content in images and videos? a. Amazon Connect b. Amazon Lightsail c. Amazon Personalize d. Amazon Rekognition 248. A company wants its AWS usage to be more sustainable. The company wants to track, measure, review, and forecast polluting emissions that result from its AWS applications. Which AWS service or tool can the company use to meet these requirements? a. AWS Health Dashboard b. AWS customer carbon footprint tool c. AWS Support Center d. Amazon QuickSight 249. Which AWS service gives users the ability to deploy highly repeatable infrastructure configurations? a. AWS CloudFormation b. AWS CodeDeploy c. AWS CodeBuild d. AWS Systems Manager 250. A company needs to provide customer service by using voice calls and web chat features. Which AWS service should the company use to meet these requirements? a. Amazon Aurora b. Amazon Connect c. Amazon WorkSpaces d. AWS Organizations 251. Which AWS service is designed to help users handle large amounts of data in a data warehouse environment? a. Amazon RDS b. Amazon DynamoDB c. Amazon Redshift d. Amazon Aurora 252. A company is building a web application using AWS. Which AWS service will help prevent network layer DDoS attacks against the web application? a. AWS WAF b. AWS Firewall Manager c. Amazon GuardDuty d. AWS Shield 253. Which of the following are advantages of moving to the AWS Cloud? (Choose two.) a. Users can implement all AWS services in seconds. b. AWS assumes all responsibility for the security of infrastructure and applications. c. Users experience increased speed and agility. d. Users benefit from massive economies of scale. e. Users can move hardware from their data center to the AWS Cloud. 254. Which AWS compute service gives users the ability to securely and reliably run containers at scale? a. Amazon Elastic Container Service (Amazon ECS) b. Amazon Aurora c. Amazon Athena d. Amazon Polly 255. Which AWS tool or feature acts as a VPC firewall at the subnet level? a. Security group b. Network ACL c. Traffic Mirroring d. Internet gateway 256. A company runs an application on AWS that performs batch jobs. The application is fault-tolerant and can handle interruptions. The company wants to optimize the cost to run the application. Which AWS offering will meet these requirements? a. Amazon Macie b. Amazon Neptune c. Amazon EC2 Spot Instances d. Amazon EC2 On-Demand Instances 257. Which AWS service can be used to send alerts when a specific Amazon CloudWatch alarm is invoked? a. AWS CloudTrail b. Amazon Simple Notification Service (Amazon SNS) c. Amazon Simple Queue Service (Amazon SQS) d. Amazon EventBridge 258. A cloud practitioner wants to use a highly available and scalable DNS service for its AWS workload. Which AWS service will meet this requirement? a. Amazon Route 53 b. Amazon Lightsail c. AWS Amplify Hosting d. Amazon S3 259. According to the AWS shared responsibility model, which task is the customer’s responsibility? a. Maintaining the infrastructure needed to run AWS Lambda b. Updating the operating system of Amazon DynamoDB instances c. Maintaining Amazon S3 infrastructure d. Updating the guest operating system on Amazon EC2 instances 260. A company is learning about its responsibilities that are related to the management of Amazon EC2 instances. Which tasks for EC2 instances are the company’s responsibility, according to the AWS shared responsibility model? (Choose two.) a. Install and patch the machine hypervisor. b. Patch the guest operating system. c. Encrypt data at rest on associated storage. d. Install the physical hardware and cabling. e. Provide physical security for the EC2 instances. 261. A company runs MySQL database workloads on self-managed servers in an on-premises data center. The company wants to migrate the database workloads to an AWS managed service. Which migration strategy should the company use? a. Rehost b. Repurchase c. Replatform d. Refactor 262. A company is planning to migrate a monolithic application to AWS. The company wants to modernize the application by splitting it into microservices. The company will deploy the microservices on AWS. Which migration strategy should the company use? a. Rehost b. Repurchase c. Replatform d. Refactor 263. A company wants to implement detailed tracking of its cloud costs by department and project. Which AWS feature or service should the company use? a. Consolidated billing b. Cost allocation tags c. AWS Marketplace d. AWS Budgets 264. A user wants to invoke an AWS Lambda function when an Amazon EC2 instance enters the “stopping” state. Which AWS service is appropriate for this use case? a. Amazon EventBridge b. AWS Config c. Amazon Simple Notification Service (Amazon SNS) d. AWS CloudFormation 265. A company has a MariaDB database on premises. The company wants to move the data to the AWS Cloud. Which AWS service will host this database with the LEAST amount of operational overhead? a. Amazon RDS b. Amazon Neptune c. Amazon S3 d. Amazon DynamoDB 266. Which AWS service or feature supports governance, compliance, and risk auditing of AWS accounts? a. Multi-factor authentication (MFA) b. AWS Lambda c. Amazon Simple Notification Service (Amazon SNS) d. AWS CloudTrail 267. Which AWS Cloud design principle is a company using when the company implements AWS CloudTrail? a. Activate traceability. b. Use serverless compute architectures. c. Perform operations as code. d. Go global in minutes. 268. A company needs a threat detection service that will continuously monitor its AWS accounts, workloads, and Amazon S3 buckets for malicious activity and unauthorized behavior. Which AWS service meets these requirements? a. AWS Shield b. AWS Firewall Manager c. Amazon GuardDuty d. Amazon Inspector 269. A company is planning to migrate to the AWS Cloud. The company is conducting organizational transformation and wants to become more responsive to customer inquiries and feedback. Which task should the company perform to meet these requirements, according to the AWS Cloud Adoption Framework (AWS CAF)? a. Realign teams to focus on products and value streams. b. Create new value propositions with new products and services. c. Use a new data and analytics platform to create actionable insights. d. Migrate and modernize legacy infrastructure. 270. A company wants to rightsize its Amazon EC2 instances. Which configuration change will meet this requirement with the LEAST operational overhead? a. Add EC2 instances in another Availability Zone. b. Change the size and type of the EC2 instances based on utilization. c. Convert the payment method from On-Demand to Savings Plans. d. Reprovision the EC2 instances with a larger instance type. 271. Which AWS service supports user sign-up functionality and authentication to mobile and web applications? a. Amazon Cognito b. AWS Config c. Amazon GuardDuty d. AWS Systems Manager 272. A company runs its production workload in the AWS Cloud. The company needs to choose one of the AWS Support Plans. Which of the AWS Support Plans will meet these requirements at the LOWEST cost? a. Developer b. Enterprise On-Ramp c. Enterprise d. Business 273. What is the primary use case for Amazon GuardDuty? a. Prevention of DDoS attacks b. Protection against SQL injection attacks c. Automatic monitoring for threats to AWS workloads d. Automatic provisioning of AWS resources 274. Which VPC component can a company use to set up a virtual firewall at the Amazon EC2 instance level? a. Network ACL b. Security group c. Route table d. NAT gateway 275. A developer needs to interact with AWS by using the AWS CLI. Which security feature or AWS service must be provisioned in the developer’s account to meet this requirement? a. User name and password b. AWS Systems Manager c. Root password access d. AWS access key 276. A food delivery company needs to block users in certain countries from accessing its website. Which AWS service should the company use to meet this requirement? a. AWS WAF b. AWS Control Tower c. Amazon Fraud Detector d. Amazon Pinpoint 277. A company needs to use Amazon S3 to store audio files that are each 5 megabytes in size. The company will rarely access the files, but the company must be able to retrieve the files immediately. Which S3 storage class will meet these requirements MOST cost-effectively? a. S3 Standard b. S3 Standard-Infrequent Access (S3 Standard-IA) c. S3 Glacier Flexible Retrieval d. S3 Glacier Deep Archive 278. A company wants to set up a secure network connection from on-premises to the AWS Cloud within 1 week. Which solution will meet these requirements? a. AWS Direct Connect b. Amazon VPC c. AWS Site-to-Site VPN d. Edge location 279. What is a customer responsibility under the AWS shared responsibility model when using AWS Lambda? a. Maintenance of the underlying Lambda hardware. b. Maintenance of the Lambda networking infrastructure. c. The code and libraries that run in the Lambda functions. d. The Lambda server software. 280. Which tasks are the responsibility of AWS according to the AWS shared responsibility model? (Choose two.) a. Configure AWS Identity and Access Management (IAM). b. Configure security groups on Amazon EC2 instances. c. Secure the access of physical AWS facilities. d. Patch applications that run on Amazon EC2 instances. e. Perform infrastructure patching and maintenance. 281. A company’s compliance officer wants to review the AWS Service Organization Control (SOC) reports. Which AWS service or feature should the compliance officer use to complete this task? a. AWS Artifact b. AWS Concierge Support c. AWS Support d. AWS Trusted Advisor 282. A company has a compliance requirement to record and evaluate configuration changes as well as perform remediation actions on AWS resources. Which AWS service should the company use? a. AWS Config b. AWS Secrets Manager c. AWS CloudTrail d. AWS Trusted Advisor 283. A company plans to perform a one-time migration of a large dataset with millions of files from its on-premises data center to the AWS Cloud. Which AWS service should the company use for the migration? a. AWS Database Migration Service (AWS DMS) b. AWS DataSync c. AWS Migration Hub d. AWS Application Migration Service 284. Which AWS network services or features allow CIDR block notation when providing an IP address range? (Choose two.) a. Security groups b. Amazon Machine Image (AMI) c. Network access control list (network ACL) d. AWS Budgets e. Amazon Elastic Block Store (Amazon EBS) 285. A company wants to develop an accessibility application that will convert text into audible speech. Which AWS service will meet this requirement? a. Amazon MQ b. Amazon Polly c. Amazon Neptune d. Amazon Timestream 286. A company needs to set up dedicated network connectivity between its on-premises data center and the AWS Cloud. The network cannot use the public internet. Which AWS service or feature will meet these requirements? a. AWS Transit Gateway b. AWS VPN c. Amazon CloudFront d. AWS Direct Connect 287. A company needs to use dashboards and charts to analyze insights from business data. Which AWS service will provide the dashboards and charts for these insights? a. Amazon Macie b. Amazon Aurora c. Amazon QuickSight d. AWS CloudTrail 288. A company wants to migrate its on-premises infrastructure to the AWS Cloud. Which advantage of cloud computing will help the company reduce upfront costs? a. Go global in minutes b. Increase speed and agility c. Benefit from massive economies of scale d. Trade fixed expense for variable expense 289. A company is designing workloads in the AWS Cloud. The company wants the workloads to perform their intended function correctly and consistently throughout their lifecycle. Which pillar of the AWS Well-Architected Framework does this goal represent? a. Operational excellence b. Security c. Reliability d. Performance efficiency 290. Which AWS service is used to temporarily provide federated security credentials to access AWS resources? a. Amazon GuardDuty b. AWS Simple Token Service (AWS STS) c. AWS Secrets Manager d. AWS Certificate Manager 291. What is a benefit of using an Elastic Load Balancing (ELB) load balancer with applications running in the AWS Cloud? a. An ELB will automatically scale resources to meet capacity needs. b. An ELB can balance traffic across multiple compute resources. c. An ELB can span multiple AWS Regions. d. An ELB can balance traffic between multiple internet gateways. 292. A company needs to convert video files and audio files to a format that will play on smartphones. Which AWS service will meet this requirement? a. Amazon Comprehend b. Amazon Rekognition c. Amazon Elastic Transcoder d. Amazon Polly 293. A company wants to securely store Amazon RDS database credentials and automatically rotate user passwords periodically. Which AWS service or capability will meet these requirements? a. Amazon S3 b. AWS Systems Manager Parameter Store c. AWS Secrets Manager d. AWS CloudTrail 294. A company needs to have the ability to set up infrastructure for new applications in minutes. Which advantage of cloud computing will help the company meet this requirement? a. Trade fixed expense for variable expense b. Go global in minutes c. Increase speed and agility d. Stop guessing capacity 295. A company needs a managed NFS file system that the company can use with its AWS compute resources. Which AWS service or feature will meet these requirements? a. Amazon Elastic Block Store (Amazon EBS) b. AWS Storage Gateway c. Amazon S3 Glacier Flexible Retrieval d. Amazon Elastic File System (Amazon EFS) 296. A company plans to migrate to the AWS Cloud. The company wants to gather information about its on-premises data center. Which AWS service should the company use to meet these requirements? a. AWS Application Discovery Service b. AWS DataSync c. AWS Storage Gateway d. AWS Database Migration Service (AWS DMS) 297. Which tasks are responsibilities of the customer according to the AWS shared responsibility model? (Choose two.) a. Secure the virtualization layer. b. Encrypt data and maintain data integrity. c. Patch the Amazon RDS operating system. d. Maintain identity and access management controls. e. Secure Availability Zones. 298. An online retail company wants to migrate its on-premises workload to AWS. The company needs to automatically handle a seasonal workload increase in a cost-effective manner. Which AWS Cloud features will help the company meet this requirement? (Choose two.) a. Cross-Region workload deployment b. Pay-as-you-go pricing c. Built-in AWS CloudTrail audit capabilities d. Auto Scaling policies e. Centralized logging 299. A developer needs to use a standardized template to create copies of a company's AWS architecture for development, test, and production environments. Which AWS service should the developer use to meet this requirement? a. AWS cloud Map b. AWS CloudFormation c. Amazon CloudFront d. AWS CloudTrail 300. Which AWS service can create a private network connection from on-premises to the AWS Cloud? a. AWS Config b. Virtual Private Cloud (Amazon VPC) c. AWS Direct Connect d. Amazon Route 53 301. Under the AWS shared responsibility model, which of the following is a responsibility of the customer? a. Shred disk drives before they leave a data center. b. Prevent customers from gathering packets or collecting traffic at the hypervisor level. c. Patch the guest operating system with the latest security patches. d. Maintain security systems that provide physical monitoring of data centers. 302. Which AWS service uses speech-to-text conversion to help users create meeting notes? a. Amazon Polly b. Amazon Textract c. Amazon Rekognition d. Amazon Transcribe 303. A company has a workload that will run continuously for 1 year. The workload cannot tolerate service interruptions. Which Amazon EC2 purchasing option will be MOST cost-effective? a. All Upfront Reserved Instances b. Partial Upfront Reserved Instances c. Dedicated Instances d. On-Demand Instances 304. A company migrated its systems to the AWS Cloud. The systems are rightsized, and a security review did not reveal any issues. The company must ensure that additional developments, integrations, changes, and system usage growth do not jeopardize this optimized AWS infrastructure. Which AWS service should the company use to report ongoing optimization and security? a. AWS Trusted Advisor b. AWS Health Dashboard c. Amazon Connect d. AWS Systems Manager 305. Which AWS service integrates with other AWS services to provide the ability to encrypt data at rest? a. AWS Key Management Service (AWS KMS) b. AWS Certificate Manager (ACM) c. AWS Identity and Access Management (IAM) d. AWS Security Hub 306. A company wants to track the monthly cost and usage of all Amazon EC2 instances in a specific AWS environment. Which AWS service or tool will meet these requirements? a. AWS Cost Anomaly Detection b. AWS Budgets c. AWS Compute Optimizer d. AWS Trusted Advisor 307. A company wants the ability to automatically acquire resources as needed and release the resources when they are no longer needed. Which cloud concept describes this functionality? a. Availability b. Elasticity c. Durability d. Reliability 308. A company wants a cost-effective option when running its applications in an Amazon EC2 instance for short time periods. The applications can be interrupted. Which EC2 instance type will meet these requirements? a. Spot Instances b. On-Demand Instances c. Reserved Instances d. Dedicated Instances 309. A company has an AWS Business Support plan. The company needs to gain access to the AWS DDoS Response Team (DRT) to help mitigate DDoS events. Which AWS service or resource must the company use to meet these requirements? a. AWS Shield Standard b. AWS Enterprise Support c. AWS WAF d. AWS Shield Advanced 310. Which AWS service or tool provides a visualization of historical AWS spending patterns and projections of future AWS costs? a. AWS Cost and Usage Report b. AWS Budgets c. Cost Explorer d. Amazon CloudWatch 311. A company is migrating to the AWS Cloud instead of running its infrastructure on premises. Which of the following are advantages of this migration? (Choose two.) a. Elimination of the need to perform security auditing b. Increased global reach and agility c. Ability to deploy globally in minutes d. Elimination of the cost of IT staff members e. Redundancy by default for all compute services 312. Which AWS service uses edge locations to cache content? a. Amazon Kinesis b. Amazon Simple Queue Service (Amazon SQS) c. Amazon CloudFront d. Amazon Route 53 313. A company wants to securely access an Amazon S3 bucket from an Amazon EC2 instance without accessing the internet. What should the company use to accomplish this goal? a. VPN connection b. Internet gateway c. VPC endpoint d. NAT gateway 314. A company wants an AWS service that can automate software deployment in Amazon EC2 instances and on- premises instances. Which AWS service will meet this requirement? a. AWS CodeCommit b. AWS CodeBuild c. AWS CodeDeploy d. AWS CodePipeline 315. Which AWS services are serverless? (Choose two.) a. AWS Fargate b. Amazon Managed Streaming for Apache Kafka c. Amazon EMR d. Amazon S3 e. Amazon EC2 316. A company wants to continuously improve processes and procedures to deliver business value. Which pillar of the AWS Well-Architected Framework does this goal represent? a. Performance efficiency b. Operational excellence c. Reliability d. Sustainability 317. Which of the following is a customer responsibility according to the AWS shared responsibility model? a. Apply security patches for Amazon S3 infrastructure devices. b. Provide physical security for AWS datacenters. c. Install operating system updates on Lambda@Edge. d. Implement multi-factor authentication (MFA) for IAM user accounts. 318. Which AWS service should a company use to organize, characterize, and search large numbers of images? a. Amazon Transcribe b. Amazon Rekognition c. Amazon Aurora d. Amazon QuickSight 319. Which benefit of the AWS Cloud helps companies achieve lower usage costs because of the aggregate usage of all AWS users? a. No need to guess capacity b. Ability to go global in minutes c. Economies of scale d. Increased speed and agility 320. Which benefit of the AWS Cloud helps companies achieve lower usage costs because of the aggregate usage of all AWS users? a. No need to guess capacity b. Ability to go global in minutes c. Economies of scale d. Increased speed and agility 321. Which task is the responsibility of the customer, according to the AWS shared responsibility model? a.

Document Details

Tags

Related

Summary

Full Transcript