aws.pdf
Document Details
Uploaded by MagicalCerberus
TAR UMT
Tags
Full Transcript
1. What is the purpose of Amazon S3 versioning? 2 points a. Improve upload performance b. Protect objects from accidental deletions c. Manage access control lists d. Enable multi-factor authentication 2. What is the primary advantage of using Amazon DynamoDB global tables...
1. What is the purpose of Amazon S3 versioning? 2 points a. Improve upload performance b. Protect objects from accidental deletions c. Manage access control lists d. Enable multi-factor authentication 2. What is the primary advantage of using Amazon DynamoDB global tables for a global application? 2 points a. Reduced cost of data storage across regions b. Single-digit millisecond read and write performance globally c. Manual replication of data between region d. Support for SQL queries across all regions 3. Which of the following are benefits of using Amazon S3 Lifecycle Policies? (Select TWO correct answers) 4 points a. Automatically transition objects to a lower-cost storage class b. Delete objects based on age c. Enable server-side encryption d. Control object access at a granular level 4. Which best practice involves designing with independent components? 2 points a. Treating resources as disposable b. Using loosely coupled components c. Implementing high availability d. Building monolithic applications 5. Which of the following EC2 instance types are designed to optimize performance for applications requiring significant parallel processing? (Select TWO correct answers) 4 points a. C5n b. P4 c. R5 d. T3 6. What is the principle of least privilege? 2 points a. Granting all users full access to all resources b. Granting users only the permissions they need to perform their tasks c. Restricting access to a single AWS Region d. Assigning permissions based on job titles 7. Which of the following are responsibilities of the customer in the AWS Shared Responsibility Model? (Select TWO correct answers) 4 points a. Managing AWS Global Infrastructure b. Configuring network security c. Ensuring data encryption at rest d. Managing AWS foundation services 8. Which of the following are key responsibilities of a Cloud Architect? (Select TWO correct answers) 4 points a. Managing on-premises servers b. Setting technical cloud strategy with business leads c. Designing the transformation roadmap d. Developing mobile applications 9. What is the impact of using an instance store-backed AMI compared to an EBS-backed AMI on the boot process and instance lifecycle? 2 points a. Instance store-backed AMIs boot faster and support stopping instances b. EBS-backed AMIs boot faster and allow instances to be stopped and started c. Instance store-backed AMIs allow stopping instances and provide persistent storage d. EBS-backed AMIs require reinitialization at each boot, leading to longer boot times 10. Which of the following are key considerations when selecting a database type for a specific workload? (Select TWO correct answers) 4 points a. Durability requirements b. Number of database users c. Data characteristics d. Operating system compatibility Senario 1. Your company is launching an e-commerce platform expected to experience fluctuating traffic due to seasonal sales. The platform will require multiple application servers and a database server, all hosted on EC2 instances. High availability and cost optimization are crucial. Given the need for high availability, how should you architect the deployment of these instances? (Select TWO correct answers) 4 points a. Deploy instances in multiple Availability Zones b. Use Elastic Load Balancing across multiple Availability Zones c. Implement cross-Region replication d. Use Spot Instances across different Availability Zones 2. Your company is migrating a set of applications to AWS and needs to implement secure access controls. The applications will be accessed by employees and contractors, and some of the data is sensitive. To ensure that only authorized users access the applications, which security best practices should be followed? (Select TWO answers) 4 points a. Enable MFA for all users b. Use a single shared account for all users c. Require strong, complex passwords d. Grant root user access to everyone 3. Your company wants to implement a backup solution for its on-premises data center using Amazon S3. The data needs to be securely stored and occasionally accessed. To ensure data security during transfer to Amazon S3, which encryption method should you use? (Select TWO answers) 4 points a. Client-side encryption b. Server-side encryption with Amazon S3 managed keys (SSE-S3) c. No encryption is necessary d. Only use AWS KMS encryption 4. Your company is developing a video processing application that processes large video files. The application runs batch jobs that are compute-intensive but can tolerate interruptions. You need to optimize costs while ensuring the jobs complete in a reasonable time frame. To further optimize the cost, how can you ensure that the Spot Instances used for processing are not terminated before the jobs complete? (Select TWO correct answers) 4 points a. Use Spot Fleet with a diversified allocation strategy b. Manually monitor the Spot Instance pricing and availability c. Request Spot Instances with a maximum bid price higher than the On-Demand price d. Use a combination of On-Demand and Spot Instances 5. Your company is migrating its existing on-premises data center to AWS and wants to ensure that security is built into every layer of the architecture. To minimize the impact of potential security breaches, which practice should you follow? (Select TWO correct answer) 4 points a. Isolate parts of your infrastructure b. Use a single security group for all instances c. Use automation to ensure consistent security d. Store all sensitive data unencrypted 6. Your team is setting up an S3 bucket to store sensitive financial data. Security and controlled access are top priorities. How should you manage access permissions to the objects in the bucket? (Select TWO correct answers) 4 points a. Use bucket policies to define access rules b. Allow public access for ease of use c. Implement AWS IAM policies d. Use pre-signed URLs for permanent access 7. You are responsible for setting up IAM policies for a new team of developers who will need access to specific AWS resources for a limited time. When setting up IAM policies to ensure developers only access the resources essential for their tasks within specific operational constraints, which policy elements should you prioritize to define these limitations accurately? (Select TWO correct answer) 4 points a. Effect b. Resource c. Condition d. Principal 8. You are tasked with designing a cloud architecture for a new e-commerce platform that requires high availability, scalability, and cost efficiency. To meet the high availability requirement, which of the following should you implement? (Select TWO correct answer) 4 points a. Deploy all resources in a single Availability Zone Use b. Multi-AZ deployments c. Use Amazon CloudFront to cache static content d. Deploy to multiple AWS Regions 9. Your company needs to design a high-availability database architecture for a mission-critical application. The database must be resilient to failures, secure, and capable of handling heavy read traffic. Which features should be implemented to ensure high availability and resilience? (Select TWO correct answers) 4 points a. Multi-AZ deployment with Amazon RDS b. Automated backups with Amazon RDS c. Cross-Region replication with Amazon DynamoDB global tables d. Using instance store for database storage True and False 1. Amazon EFS is suitable for scenarios where multiple EC2 instances running Windows need to access the same file system. 2 points a. True b. False 2. In Amazon RDS, read replicas can be promoted to standalone databases in the event of a primary database failure. 2 points a. True b. False 3. The AWS Well-Architected Framework consists of six pillars, including Cost Optimization and Performance Efficiency. 2 points a. True b. False 4. AWS Compute Optimizer can automatically resize your EC2 instances based on workload recommendations 2 points a. True b. False 5. When using Amazon EC2 Spot Instances, AWS will terminate the instance if the Spot price exceeds your bid price. 2 points a. True b. False 6. When you enable Cross-Region Replication (CRR) for an S3 bucket, existing objects in the bucket are automatically replicated to the destination region. 2 points a. True b. False 7. IAM roles provide temporary security credentials and are often used for cross-account access. 2 points a. True b. False 8. The AWS Nitro System enhances the performance of EBS-optimized instances by reducing I/O contention. 2 points a. True b. False 9. Amazon S3 supports the storage of both structured and unstructured data. 2 points a. True b. False 10. S3 Block Public Access is a feature that overrides other bucket policies and object permissions to ensure no public access. 2 points a. True b. False 11. By default, all requests in IAM are denied unless explicitly allowed by a policy. 2 points a. True b. False 12. The root user should be used regularly for all administrative tasks in an AWS account. 2 points a. True b. False 13. A single data center can be part of multiple Availability Zones. 2 points a. True b. False 14. Resource-based policies are attached to IAM users and groups to control their access to resources. 2 points a. True b. False 15. The main goal of the Operational Excellence pillar is to run and monitor systems that deliver business value. 2 points a. True b. False 16. You should always use the same AWS Region for all your resources to simplify management, regardless of latency or compliance requirements. 2 points a. True b. False 17. S3 Transfer Acceleration is used to replicate data across different AWS Regions 2 points a. True b. False