AWS Forge Mock Exam 5 PDF

Summary

This is an AWS Forge mock exam. The exam contains questions about various AWS services. The document is a past paper and covers topics such as networking, security and databases.

Full Transcript

Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
Test taker's answer a Correct r Incorrect = Partial Credit
r 1) A unicorn startup is building an analytics application with support for a speech-based
interface. The application will accept speech-based input from users and then convey
results via speech. As a Cloud Practitioner, which solution would you recommend for the
given use-case?

a) Use Amazon Transcribe to convert speech to text for downstream analysis. Then
use Amazon Polly to convey the text results via speech
b) Use Amazon Polly to convert speech to text for downstream analysis. Then use
Amazon Transcribe to convey the text results via speech
c) Use Amazon Translate to convert speech to text for downstream analysis. Then use
Amazon Polly to convey the text results via speech
d) Use Amazon Polly to convert speech to text for downstream analysis. Then use
Amazon Translate to convey the text results via speech.

a 2) A company wants to improve the resiliency of its flagship application so it wants to move
from its traditional database system to a managed AWS database service to support active-
active configuration in both the East and West US AWS regions. The active-active
configuration with cross-region support is the prime criteria for any database solution that
the company considers.
Which AWS database service is the right fit for this requirement?

a) Amazon DynamoDB with global tables
b) Amazon DynamoDB with DynamoDB Accelerator
c) Amazon Aurora with multi-master cluster
d) Amazon Relational Database Service (Amazon RDS) for MYSQL.

a 3) Which of the following AWS services can be used to connect a company's on-premises
environment to a VPC without using the public internet?

a) AWS Direct Connect
b) Amazon VPC Endpoint
c) Internet Gateway
d) Site-to-Site VPN.

a 4) Which of the following AWS services should be used to automatically distribute incoming
traffic across multiple targets?

a) AWS Elastic Load Balancing
b) AWS Elastic Beanstalk
c) Amazon Elasticsearch
d) AWS Auto Scaling.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
a 5) Which AWS Route 53 routing policy would you use to route traffic to multiple resources and
also choose how much traffic is routed to each resource?

a) Weighted routing policy
b) Failover routing policy
c) Simple routing policy
d) Latency routing policy.

r 6) Which of the following AWS services support VPC Endpoint Gateway for a private
connection from a VPC? (Select two)

a) S3
b) DynamoDB
c) Amazon EC2
d) Amazon SQS
e) Amazon SNS.

a 7) Which security service of AWS is enabled for all AWS customers, by default, at no additional
cost?

a) AWS Web Application Firewall (AWS WAF)
b) AWS Shield Standard
c) AWS Secrets Manager
d) AWS Shield Advanced.

a 8) An e-commerce company has deployed an RDS database in a single Availability Zone. The
engineering team wants to ensure that in case of an AZ outage, the database should
continue working on the same endpoint without any manual administrative intervention.
Which of the following solutions can address this use-case?

a) Deploy the database via Elastic Beanstalk
b) Configure the database in RDS read replica mode with automatic failover to the standby
c) Configure the database in RDS Multi-AZ deployment with automatic failover to the
standby
d) Provision the database via CloudFormation.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
a 9) Which of the following statements are CORRECT regarding the AWS VPC service? (Select
two)

a) A Security Group can have allow rules only
b) A NAT Gateway is managed by AWS
c) A Security Group can have both allow and deny rules
d) A NAT Instance is managed by AWS
e) A NACL can have allow rules only.

r 10) AWS Shield Advanced provides expanded DDoS attack protection for web applications
running on which of the following resources? (Select two)

a) Amazon Route 53
b) Amazon API Gateway
c) AWS Global Accelerator
d) AWS CloudFormation
e) AWS Elastic Beanstalk.

a 11) Which of the following is an AWS database service?

a) Glue
b) Redshift
c) Storage Gateway
d) Database Migration Service.

r 12) A data analytics company has some data stored on Amazon S3 and wants to do SQL based
analysis on this data with minimum effort. As a Cloud Practitioner, which of the following
AWS services will you suggest for this use case?

a) Amazon Aurora
b) Amazon Athena
c) Redshift
d) DynamoDB.

r 13) Which AWS service can be used to provision resources to run big data workloads on
Hadoop clusters?

a) AWS Step Function
b) AWS Batch
c) Amazon EC2
d) Amazon EMR.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
a 14) A social media company wants to protect its web application from common web exploits
such as SQL injection and cross-site scripting. Which of the following AWS services can be
used to address this use-case?

a) Amazon GuardDuty
b) Amazon Inspector
c) AWS Web Application Firewall (WAF)
d) Amazon CloudWatch.

a 15) Which of the following solutions can you use to connect your on-premises network with
AWS Cloud (Select two)

a) AWS Direct Connect
b) Amazon VPC
c) AWS VPN
d) Internet Gateway
e) Amazon Route 53.

a 16) Which AWS service helps with global application availability and performance using the
AWS global network?

a) Global Accelerator
b) Amazon CloudFront
c) Elastic Load Balancer
d) Amazon Route 53.

a 17) Which of the following statement is correct for a Security Group and a Network Access
Control List?

a) Security Group acts as a firewall at the subnet level whereas Network Access Control
List acts as a firewall at the instance level
b) Security Group acts as a firewall at the instance level whereas Network Access
Control List acts as a firewall at the subnet level
c) Security Group acts as a firewall at the VPC level whereas Network Access Control List
acts as a firewall at the AZ level
d) Security Group acts as a firewall at the AZ level whereas Network Access Control List
acts as a firewall at the VPC level.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
a 18) Which of the following AWS services allows a database to have flexible schema and
supports document data models?

a) Amazon DynamoDB
b) Amazon RDS for PostgreSQL
c) Amazon Redshift
d) Amazon Aurora.

r 19) Which of the following AWS services can be used to prevent Distributed Denial-of-Service
(DDoS) attack? (Select three)

a) AWS Shield
b) AWS CloudHSM
c) Amazon CloudFront with Route 53
d) AWS Trusted Advisor
e) Amazon Inspector
f) AWS WAF.

a 20) Which of the following AWS services comes under the Software as a Service (SaaS) Cloud
Computing Type?

a) Amazon Rekognition
b) Amazon EC2
c) AWS Elastic Beanstalk
d) Elastic Load Balancing.

a 21) Which of the following use-cases is NOT supported by Amazon Rekognition?

a) Quickly resize photos to create thumbnails
b) Identify person in a photo
c) Detect text in a photo
d) Label objects in a photo.

r 22) Which of the following AWS services are global in scope? (Select two)

a) Amazon CloudFront
b) Amazon Relational Database Service (Amazon RDS)
c) AWS Identity and Access Management (IAM)
d) Amazon Elastic Compute Cloud (Amazon EC2)
e) Amazon S3.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
a 23) A customer has created a VPC and a subnet within AWS Cloud. Which of the following
statements is correct?

a) A VPC spans all of the Availability Zones in the Region whereas a subnet spans
only one Availability Zone in the Region
b) Both the VPC and the subnet span all of the Availability Zones in the Region
c) Both the VPC and the subnet span only one Availability Zone in the Region
d) Both the VPC and the subnet span only one Availability Zone in the Region.

a 24) Which of the following are examples of Horizontal Scalability (aka Elasticity)? (Select two)

a) Elastic Load Balancing
b) Add a bigger CPU to a computer
c) Read Replicas in Amazon RDS
d) Modify an EC2 instance type from t2.nano to u-12tb1.metal
e) Modify a Database instance to higher CPU and RAM.

r 25) An online gaming company wants to block users from certain geographies from accessing
its content. Which AWS services can be used to accomplish this task? (Select two)

a) AWS WAF
b) CloudWatch
c) Route 53
d) AWS Shield
e) AWS Protect.

a 26) Which AWS Route 53 routing policy would you use to improve the performance for your
customers by routing the requests to the AWS endpoint that provides the fastest
experience?

a) Failover routing policy
b) Latency routing policy
c) Weighted routing policy
d) Simple routing policy.

r 27) Which AWS service can be used for online analytical processing?

a) Amazon RDS
b) Amazon Redshift
c) Amazon DynamoDB
d) Amazon ElastiCache.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
r 28) Which AWS services support High Availability by default? (Select two)

a) DynamoDB
b) Redshift
c) EFS
d) EBS
e) Instance Store.

a 29) Which AWS service can be used as an in-memory database with high-performance and low
latency?

a) Amazon ElastiCache
b) Amazon RDS
c) Amazon DynamoDB
d) Amazon Athena.

r 30) Which of the following are components of an AWS Site-to-Site VPN? (Select two)

a) Virtual Private Gateway
b) Storage Gateway
c) Customer Gateway
d) NAT Gateway
e) Internet Gateway.

r 31) A company has a static website hosted on an S3 bucket in an AWS Region in Asia.
Although most of its users are in Asia, now it wants to drive growth globally. How can it
improve the global performance of its static website?

a) Use CloudFormation to improve the performance of your website
b) Use CloudFront to improve the performance of your website
c) Use WAF to improve the performance of your website
d) Use S3 Transfer Acceleration to improve the performance of your website.

r 32) What is the primary benefit of deploying an RDS database in a Read Replica configuration?

a) Read Replica improves database scalability
b) Read Replica enhances database availability
c) Read Replica protects the database from a regional failure
d) Read Replica reduces database usage costs.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
r 33) An organization maintains separate VPCs for each of its departments. With expanding
business, the organization now wants to connect all VPCs for better departmental
collaboration. Which AWS service will help the organization tackle the issue effectively?

a) AWS Transit Gateway
b) VPC Peering
c) AWS Direct Connect
d) AWS Direct Connect.

r 34) Which AWS Route 53 routing policy would you use when you want to route your traffic in an
active-passive configuration?

a) Failover routing policy
b) Simple routing policy
c) Weighted routing policy
d) Latency routing policy.

r 35) Which of the following statements are CORRECT regarding Security Groups and Network
Access Control Lists (NACLs)? (Select two)

a) A Security Group is stateful, that is, it automatically allows the return traffic
b) A NACL contains a numbered list of rules and evaluates these rules in the
increasing order while deciding whether to allow the traffic
c) A Security Group contains a numbered list of rules and evaluates these rules in the
increasing order while deciding whether to allow the traffic
d) A NACL is stateful, that is, it automatically allows the return traffic
e) A Security Group is stateless, that is, the return traffic must be explicitly allowed.

r 36) Which of the following AWS services specialize in data migration from on-premises to AWS
Cloud? (Select two)

a) Snowball
b) Site to Site VPN
c) Database Migration Service
d) Direct Connect
e) Transit Gateway.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
r 37) Which AWS Route 53 routing policy would you use to route traffic to a single resource such
as a web server for your website?

a) Simple routing policy
b) Failover routing policy
c) Weighted routing policy
d) Latency routing policy.

a 38) A streaming media company wants to convert English language subtitles into Spanish
language subtitles. As a Cloud Practitioner, which AWS service would you recommend for
this use-case?

a) Amazon Translate
b) Amazon Polly
c) Amazon Transcribe
d) Amazon Rekognition.

r 39) A multi-national organization has separate VPCs for each of its business units on the AWS
Cloud. The organization also wants to connect its on-premises data center with all VPCs for
better organization-wide collaboration. Which AWS services can be combined to build the
MOST efficient solution for this use-case? (Select two)

a) AWS Transit Gateway
b) VPC Peering
c) AWS Direct Connect
d) Internet Gateway
e) AWS Storage Gateway.

r 40) Which of the following statements are CORRECT regarding AWS Global Accelerator?
(Select two)

a) Global Accelerator is a good fit for non-HTTP use cases
b) Global Accelerator provides static IP addresses that act as a fixed entry point to
your applications
c) Global Accelerator uses the AWS global network and its edge locations. But the edge
locations used by Global Accelerator are different from Amazon CloudFront edge
locations
d) Global Accelerator cannot be configured with an Elastic Load Balancer (ELB)
e) Global Accelerator can be used to host static websites.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
r 41) Which AWS entity enables you to privately connect your VPC to an Amazon SQS queue?

a) VPC Interface Endpoint
b) VPC Gateway Endpoint
c) AWS Direct Connect
d) Internet Gateway.

r 42) Which of the following is best-suited for load-balancing HTTP and HTTPS traffic?

a) Application Load Balancer
b) Network Load Balancer
c) AWS Auto Scaling
d) System Load Balancer.

r 43) Which of the following are benefits of the AWS Web Application Firewall (WAF)? (Select
two)

a) WAF can block all requests except the ones that you allow
b) WAF can check for the presence of SQL code that is likely to be malicious (known
as SQL injection)
c) WAF offers protection against all known infrastructure (Layer 3 and 4) attacks
d) WAF offers dedicated support from the DDoS Response Team (DRT) and advanced
reporting
e) AWS WAF lets you monitor the HTTP and HTTPS requests that are forwarded to
Amazon Route 53.

r 44) An organization maintains a separate Virtual Private Cloud (VPC) for each of its business
units. Two units need to privately share data. Which is the most optimal way of privately
sharing data between the two VPCs?

a) VPC Peering
b) Site to Site VPN
c) AWS Direct Connect
d) VPC Endpoint.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
r 45) Which of the following is correct regarding the AWS RDS service?

a) You can use Read Replicas for both improved read performance as well as
Disaster Recovery
b) You can use Read Replicas for improved read performance and Multi-AZ for Disaster
Recovery
c) You can use both Read Replicas and Multi-AZ for improved read performance
d) You can use Read Replicas for Disaster Recovery and Multi-AZ for improved read
performance..

a 46) Which AWS service would you use to create a logically isolated section of the AWS Cloud
where you can launch AWS resources in your virtual network?

a) Virtual Private Cloud (VPC)
b) Virtual Private Network (VPN)
c) Subnet
d) Network Access Control List (NACL).

a 47) Which AWS service would you choose for a data processing project that needs a
schemaless database?

a) Amazon RedShift
b) Amazon DynamoDB
c) Amazon Aurora
d) Amazon RDS.

a 48) A company would like to create a private, high bandwidth network connection between its
on-premises data centers and AWS Cloud. As a Cloud Practitioner, which of the following
options would you recommend?

a) Site-to-Site VPN
b) VPC Endpoints
c) Direct Connect
d) VPC Peering.

a 49) Which AWS serverless service allows you to prepare data for analytics?

a) AWS Glue
b) Amazon Athena
c) Amazon Redshift
d) Amazon EMR.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
a 50) Which security control tool can be used to deny traffic from a specific IP address?

a) VPC Flow Logs
b) AWS GuardDuty
c) Security Group
d) Network ACL.

a 51) An e-commerce company would like to build a chatbot for its customer service using Natural
Language Understand (NLU). As a Cloud Practitioner, which AWS service would you use?

a) Amazon Lex
b) Amazon Rekognition
c) Amazon SageMaker
d) Amazon Comprehend.

a 52) Which of the following statements is CORRECT regarding the scope of an Amazon Virtual
Private Cloud (VPC)?

a) A VPC spans all Availability Zones (AZs) within a region
b) A VPC spans all subnets in all regions
c) A VPC spans all Availability Zones (AZs) in all regions
d) A VPC spans all regions within an Availability Zone (AZ).

r 53) Which AWS service can inspect CloudFront distributions running on any HTTP web-server?

a) AWS WAF
b) AWS GuardDuty
c) Amazon Inspector
d) AWS Elastic Load Balancer.

a 54) Which of the following will help you control the incoming traffic to an Amazon EC2 instance?

a) Security Group
b) AWS Resource Group
c) NACL (Network ACL)
d) Route Table.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
r 55) A company is planning to move their traditional CRM application running on MySQL to an
AWS database service. Which database service is the right fit for this requirement?

a) Amazon DynamoDB
b) Amazon Neptune
c) Amazon ElastiCache
d) Amazon Aurora.

a 56) A weather tracking application is built using Amazon DynamoDB. The performance of the
application has been consistently good. But lately, the team has realized that during
holidays and travel seasons, the load on the application is high and the read requests
consume most of the database resources, thereby drastically increasing the overall
application latency.
Which feature/service will help resolve this issue?

a) DynamoDB Accelerator
b) DynamoDB Regulator
c) Amazon ElastiCache
d) Amazon CloudFront.

r 57) An e-learning company wants to build a knowledge graph by leveraging a fully managed
database. Which of the following is the best fit for this requirement

a) Amazon Neptune
b) Amazon DocumentDB
c) Amazon RDS
d) Amazon DynamoDB.

a 58) A company is considering using AWS for a self-hosted database that requires a nightly
shutdown for
maintenance and cost-saving purposes.
Which service should the company use?
a) Amazon Redshift
b) Amazon DynamoDB
c) Amazon Elastic Compute Cloud (Amazon EC2) with Amazon EC2 instance store
d) Amazon EC2 with Amazon Elastic Block Store (Amazon EBS).
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
r 59) What is one of the advantages of the Amazon Relational Database Service (Amazon RDS)?

a) It simplifies relational database administration tasks.
b) It provides 99.99999999999% reliability and durability.
c) It enables users to dynamically adjust CPU and RAM resources.
d) It automatically scales databases for loads..

a 60) A customer needs to run a MySQL database that easily scales.
Which AWS service should they use?

a) Amazon Aurora
b) Amazon Redshift
c) Amazon DynamoDB
d) Amazon ElastiCache.

a 61) Which of the following is a fast and reliable NoSQL database service?

a) Amazon Redshift
b) Amazon RDS
c) Amazon DynamoDB
d) Amazon S3.

a 62) Which of the following AWS Cloud services can be used to run a customer-managed
relational database?

a) Amazon EC2
b) Amazon Route 53
c) Amazon ElastiCache
d) Amazon DynamoDB.

a 63) What feature of Amazon RDS helps to create globally redundant databases?

a) Snapshots
b) Automatic patching and updating
c) Cross-Region read replicas
d) Provisioned IOPS.
Cheslin Ralph Wilsnach
AWS Forge Mock Exam 5 - JOH - Rev (v1)
Finished 8/5/2024 7:20 AM / Scored 35/65 (54%)
r 64) Which of the following services is a MySQL-compatible database that automatically grows
storage as
needed?

a) Amazon Elastic Compute Cloud (Amazon EC2)
b) Amazon Relational Database Service (Amazon RDS) for MySQL
c) Amazon Lightsail
d) Amazon Aurora.

a 65) Which AWS service can be used to query stored datasets directly from Amazon S3 using
standard SQL?

a) AWS Glue
b) AWS Data Pipeline
c) Amazon CloudSearch
d) Amazon Athena.