Bonolo AWS Mock Exam 3 PDF
Document Details
Uploaded by PromptDidgeridoo9975
2025
AWS
Bonolo Mathamelo
Tags
Summary
This is an AWS mock exam. It contains questions and answers on topics such as cloud computing models, cost allocation, data management, and best practices for AWS IAM service. The mock exam is for classroom use.
Full Transcript
## Review: AWS Mock Exam 3 (CLASSROOM: MICT_AWS & CLOUD ADMIN) ### Respondent 3 Bonolo Mathamelo Time to complete: **45:38** Points: **48/65** ### 1. Which pillar of the AWS Well-Architected Framework recommends maintaining infrastructure as code? - Security - Cost Optimisation - Performance Eff...
## Review: AWS Mock Exam 3 (CLASSROOM: MICT_AWS & CLOUD ADMIN) ### Respondent 3 Bonolo Mathamelo Time to complete: **45:38** Points: **48/65** ### 1. Which pillar of the AWS Well-Architected Framework recommends maintaining infrastructure as code? - Security - Cost Optimisation - Performance Efficiency - **Operational Excellence** ### 2. According to the AWS Shared Responsibility Model, which of the following are responsibilities of the customer? (select 2) - **Operating system patches and updates of an EC2 instance** - AWS Global Network Security - **Enabling data encryption of data stored in S3 buckets** - Ensuring AWS employees cannot access customer data - Compliance validation of Cloud infrastructure ### 3. Gmail is an example of which of the following Cloud Computing Models? - **Software as a Service (SaaS)** - Infrastructure as a Service (IaaS) - Platform as a Service (PaaS) - Function as a Service (FaaS) ### 4. Which AWS service can be used for online analytical processing? - Amazon RDS - **Amazon Redshift** - Amazon DynamoDB - Amazon ElastiCache ### 5. Compared to the On-demand prices, what is the highest possible discount offered for reserved instances? - 90% - 72% - 40% - **50%** ### 6. Which of the following statements are true about Cost Allocation Tags in AWS Billing? (Select two) - **For each resource, each tag key must be unique, and each tag key can have only one value** - Tags helps in organize resources and are a mandatory configuration item to run reports - **For each resource, each tag key must be unique, but can have multiple values** - You must activate both AWS generated tags and user-defined tags separately before they can appear in Cost Explorer or on a cost allocation report - Only user-defined tags need to be activated before they can appear in Cost Explorer or on a cost allocation report ### 7. Which of the following statements are CORRECT about the AWS Auto Scaling group? (Select two) - **Auto Scaling group scales out and adds more number of EC2 instances to match an increase in demand** - Auto Scaling group scales down and reduces the number of EC2 instances to match a decrease in demand - **Auto Scaling group scales in and reduces the number of EC2 instances to match a decrease in demand** - Auto Scaling group scales down and downgrades to a less powerful EC2 instance to match a decrease in demand - Auto Scaling group scales up and upgrades to a more powerful EC2 instance to match an increase in demand ### 8. Which of the following are recommended best practices for AWS IAM service? (Select two) - **Enable MFA for all users** - Create a minimum number of accounts and share these account credentials among employees - **Rotate credentials regularly** - Grant maximum privileges to avoid assigning privileges again - Share AWS account root user access keys with other administrators ### 9. Which AWS services support High Availability by default? (Select two) - **EBS** - **EFS** - Redshift - DynamoDB - Instance Store ### 10. A startup wants to set up its IT infrastructure on AWS Cloud. The CTO would like to receive detailed reports that break down the startup's AWS costs by the hour in an S3 bucket. As a Cloud Practitioner, which AWS service would you recommend for this use-case? - **AWS Cost and Usage Reports** - AWS Pricing Calculator - AWS Cost Explorer - AWS Budgets ### 11. AWS Identity and Access Management (IAM) policies are written as JSON documents. Which of the following are mandatory elements of an IAM policy? - **Effect, Action** - Sid, Principal - Action, Condition - Effect, Sid ### 12. Which of the following is the best way to protect your data from accidental deletion on Amazon S3? - S3 Versioning - **S3 lifecycle configuration** - S3 Storage Classes - S3 Transfer Acceleration ### 13. A research group wants to provision an EC2 instance for a flexible application that can be interrupted. As a Cloud Practitioner, which of the following would you recommend as the MOST cost-optimal option? - Reserved Instances - **Spot Instances** - Dedicated Hosts - On Demand Instances ### 14. AWS Trusted Advisor analyzes your AWS environment and provides best practice recommendations for which of the following categories? (Select two)? - **Elasticity** - **Change Management** - Service limits - Documentation - **Cost Optimisation** ### 15. A cyber-security agency uses AWS Cloud and wants to carry out security assessments on their own AWS infrastructure without any prior approval from AWS. Which of the following describes/facilitates this practice? - Network Stress Testing - Amazon Inspector - **Penetration Testing** - AWS Secrets Manager ### 16. As a Cloud Practitioner, which S3 storage class would you recommend for data archival? - **S3 Glacier** - S3 Standard - S3 Intelligent-Tiering - S3 One Zone-IA ### 17. Which AWS service can be used as an in-memory database with high-performance and low latency? - Amazon RDS - **Amazon Elasticache** - Amazon DynamoDB - Amazon Athena ### 18. Which AWS service will you use if you have to move large volumes of on-premises data to AWS Cloud from a remote location with limited bandwidth? - **AWS Snowball** - AWS Virtual Private Network (VPN) - AWS Direct Connect - AWS Transit Gateway ### 19. Which of the following AWS service is regional in scope? - **AWS Lambda** - AWS IAM - Amazon Cloudfront - AWS WAF ### 20. Which of the following is a part of the AWS Global Infrastructure? - **Region** - Subnets - Virtual Private Cloud (VPC) - Virtual Private Network (VPN) ### 21. Data encryption is automatically enabled for which of the following AWS services? (Select two)? - **Amazon S3 Glacier** - **Amazon EBS volumes** - AWS Storage Gateway - Amazon Redshift - Amazon EFS drives ### 22. Which feature of AWS Cloud offers the ability to innovate faster and rapidly develop, test and launch software applications? - **Agility** - Elasticity - Cost savings - Ability to deploy globally in minutes. ### 23. Which of the following are components of an AWS Site-to-Site VPN? (Select two) - **Customer Gateway** - **Virtual Private Gateway** - Storage Gateway - NAT Gateway - Internet Gateway ### 24. A company has a static website hosted on an S3 bucket in an AWS Region in Asia. Although most of its users are in Asia, now it wants to drive growth globally. How can it improve the global performance of its static website? - **Use CloudFront to improve the performance of your website** - Use CloudFormation to improve the performance of your website - Use WAF to improve the performance of your website - Use S3 Transfer Acceleration to improve the performance of your website ### 25. Which AWS service can be used to automate code deployment to EC2 instances as well as on-premises instances? - **AWS CodeDeploy** - AWS CodeCommit - AWS CloudFormation - AWS CodePipeline ### 26. What is the primary benefit of deploying an RDS database in a Read Replica configuration? - **Read Replica improves database scalability** - Read Replica enhances database availability - Read Replica protects the database from a regional failure - Read Replica reduces database usage costs ### 27. A medical device company is looking for a durable and cost-effective way of storing their historic data. Due to compliance requirements, the data must be stored for 10 years. Which AWS Storage solution will you suggest? - **S3 Glacier Deep Archive** - S3 Glacier - AWS Storage Gateway - Amazon EFS ### 28. Which of the following AWS services offer block-level storage? (Select two) - ECS - S3 - **EBS** - EFS - **Instance Store** ### 29. An organization maintains separate VPCs for each of its departments. With expanding business, the organization now wants to connect all VPCs for better departmental collaboration. Which AWS service will help the organization tackle the issue effectively? - **AWS Transit Gateway** - VPC Peering - AWS Direct Connect - Site to Site VPN ### 30. An e-commerce company uses AWS Cloud and would like to receive separate invoices for development and production environments. As a Cloud Practitioner, which of the following solutions would you recommend for this use-case? - **Create separate AWS accounts for development and production environments to receive separate invoices** - Use AWS Organizations to create separate invoices for development and production environments - Tag all resources in the AWS account as either "development" or "production". Then use the tags to create separate invoices - Use AWS Cost Explorer to create separate invoices for development and production environments ### 31. Which of the following improves the availability for a fleet of EC2 instances? - Deploy the EC2 instances across different AWS Regions of the same Availability Zone - Deploy the EC2 instances in the same Availability Zone across two different AWS Regions - Deploy the EC2 instances in the same Availability Zone of an AWS Region - **Deploy the EC2 instances across different Availability Zones in the same AWS Region** ### 32. Which of the following AWS entities provides the information required to launch an EC2 instance? - Lambda - EBS - **AMI** - EFS ### 33. Which budget types can be created under AWS Budgets (Select three)? - Hardware Budget - **Cost budget** - **Usage budget** - **Reservation budget** - Software budget - Resource budget ### 34. A startup runs its proprietary application on docker containers. As a Cloud Practitioner, which AWS service would you recommend so that the startup can run containers and still have access to the underlying servers? - AWS Lambda - **Amazon Elastic Container Service (Amazon ECS)** - AWS Fargate - Amazon Elastic Container Registry (ECR) ### 35. Which S3 storage class offers the lowest availability? - S3 One Zone-IA - S3 Standard - S3 Intelligent-Tiering - **S3 Glacier** ### 36. Which AWS service can be used to execute code triggered by new files being uploaded to S3? - SQS - EC2 - **Lambda** - ECS ### 37. An AWS hardware failure has impacted one of your EBS volumes. Which AWS service will alert you of the affected resources and provide a remedial action? - AWS Personal Health Dashboard - **Amazon GuardDuty** - AWS Config - AWS Trusted Advisor ### 38. A multi-national company has its business-critical data stored on a fleet of Amazon EC2 instances, in various countries, configured in region-specific compliance rules. To demonstrate compliance, the company needs to submit historical configurations on a regular basis. Which AWS service is best suited for this requirement? - **AWS Config** - Amazon Macie - AWS CloudTrail - Amazon GuardDuty ### 39. An IT company has deployed a static website on S3, but the website is still inaccessible. As a Cloud Practioner, which of the following solutions would you suggest to address this issue? - Fix the S3 bucket policy - Disable S3 encryption - Enable S3 versioning - Enable S3 replication ### 40. Which of the following are correct statements regarding the AWS Shared Responsibility Model? (Select two) - **AWS is responsible for Security "of" the Cloud** - For abstracted services like Amazon S3, AWS operates the infrastructure layer, the operating system, and platforms - **For abstracted services like Amazon S3, AWS operates the infrastructure layer, the operating system, and platforms** - Configuration Management is the responsibility of the customer - AWS is responsible for training AWS and customer employees on AWS products and services ### 41. Which AWS service protects your AWS account by monitoring malicious activity and detecting threats? - **GuardDuty** - CloudTrail - CloudWatch - Trusted Advisor ### 42. Which of the following AWS services specialize in data migration from on-premises to AWS Cloud? (Select two) - **Snowball** - **Database Migration Service** - Site to Site VPN - Direct Connect - Transit Gateway ### 43. Which Global Infrastructure identity is composed of one or more discrete data centers with redundant power, networking, and connectivity, and are used to deploy infrastructure? - **Availability Zones** - Regions - Edge Location ### 44. What is the pricing model of Cloud Computing? - Discounts over time - **Pay-as-you-go Pricing** - Pay once a year - Flat-rate pricing ### 45. Which are the 3 pricing fundamentals of the AWS Cloud? - Compute, Storage, and Data transfer in the AWS Cloud - Compute, Networking, and Data transfer out of the AWS Cloud - Compute, Storage, and Data transfer out of the AWS Cloud - **Storage, Functions, and Data transfer in the AWS Cloud** ### 46. Which of the following is NOT an advantage of Cloud Computing? - Trade capital expense (CAPEX) for operational expense (OPEX) - Train your employees less - Go global in minutes - **Stop spending money running and maintaining data centers** ### 47. Deploying your applications across multiple AZs will help address which Cloud Concept? - **High Availability** - Scalability - Automation - Elasticity ### 48. According to the Shared Responsibility Model, who is responsible for Patch Management? - AWS - **The customer** - AWS and the customer ### 49. Which of the following options can be used to access and manage all AWS services (Select three)? - **AWS Management Console** - **AWS Systems Manager** - **AWS Software Developer Kit (SDK)** - AWS Secrets Manager - **AWS Command Line Interface (CLI)** - Amazon API Gateway ### 50. Which of the following are correct statements regarding the AWS Shared Responsibility Model? (Select two) - **The Customer is responsible for security IN the cloud** - **AWS is responsible for security IN the cloud** - The Customer is responsible for security OF the cloud - AWS is responsible for security OF the cloud ### 51. How do you pay for AWS? (Choose 3) - **Pay for what you use** - **Pay monthly** - **Pay less when you reserve** - Pay even more when as AWS grows - Pay even less as AWS grows - Pay more when you reserve ### 52. Which of the following is a benefit of running an application in multiple Availability Zones? - Allows you to exceed AWS service limits - **Increase the availability of your application** - Increase available compute capacity - Reduces application response time between servers and global users ### 53. A key practice when designing solutions on AWS is to minimize dependencies between components so that the failure of a single component does not impact other components. What is this practice called? - Scalable coupling - Elastic coupling - **Loose coupling** - Monolithic ### 54. Which of the following are types of AWS Identity and Access Management (IAM) identities? (Choose TWO) - **IAM Roles** - AWS Organizations - **IAM Users** - AWS Organizations - IAM Policies ### 55. Which of the below is a best practice when building applications on AWS? - **Decouple the components of the application so they run independently** - Ensure that the application runs on hardware from trusted vendors - Strengthen physical security by applying the principle of least privilege - Use IAM policies to maintain performance ### 56. Which AWS Service allows customers to download AWS SOC & PCI reports? - **AWS Artifact** - AWS Glue - Amazon Chime - AWS Well-Architected tool ### 57. Which IAM entity can best be used to grant temporary access to your AWS resources? - IAM Users - **IAM Roles** - Key pairs - IAM Groups ### 58. Which service is a fully managed pub/sub messaging service that makes it easy to set up, operate, and send notifications from the cloud, using a push-based system? - **Simple Notification Service (SNS)** - Simple Queue Service (SQS) - Auto Scaling Group (ASG) ### 59. Which AWS service publishes up-to-the-minute information on the general status and availability of all AWS services in all the Regions of AWS Cloud? - AWS Service Health Dashboard - AWS CloudFormation - AWS Personal Health Dashboard - **Amazon CloudWatch** ### 60. If a resource is deleted in AWS, which service should you use to investigate first? - CloudWatch Logs - **CloudTrail** - Personal Health Dashboard ### 61. Which CloudWatch feature would you use to trigger notifications when a metric reaches a threshold you specify? - CloudWatch Events - CloudWatch Triggers - **CloudWatch Alarms** - CloudWatch Logs ### 62. A company wants to implement threat detection on its AWS infrastructure. However, the company does not want to deploy additional software. Which AWS service should the company use to meet these requirements? - Amazon VPC - Amazon EC2 - **Amazon GurdDuty** - Amazon Security ### 63. Which AWS service can be used to encrypt data at rest? - AWS Shield - AWS Guru - **AWS Key Management Service** - AWS Protection ### 64. A company wants to convert video files and audio files from their source format into a format that will play on smartphones, tablets, and web browsers. Which AWS service will meet these requirements? - **AWS Transcoder** - AWS Replace - AWS Comprehend - AWS Glue ### 65. A customer is running a comparative study of pricing models of Amazon EFS and Amazon EBS that are used with the Amazon EC2 instances that host the application. Which of the following statements are correct regarding this use-case? (Select two) - **You will pay a fee each time you read from or write data stored on the EFS - Infrequent Access storage class** - **Amazon EC2 data transfer charges will apply for all EBS direct APIs for Snapshots** - Amazon EBS Snapshots are stored incrementally, which means you are billed only for the changed blocks stored - Amazon EBS Snapshot storage pricing is based on the amount of space your data consumes in EBS - With AWS Backup, you pay only for the amount of EFS backup storage you use in a month, you need not pay for restoring this data
