aws.pdf

Full Transcript

1. What is the purpose of Amazon S3 versioning? 2 points
a. Improve upload performance
b. Protect objects from accidental deletions
c. Manage access control lists
d. Enable multi-factor authentication
2. What is the primary advantage of using Amazon DynamoDB global tables for a global
application? 2 points
a. Reduced cost of data storage across regions
b. Single-digit millisecond read and write performance globally
c. Manual replication of data between region
d. Support for SQL queries across all regions
3. Which of the following are benefits of using Amazon S3 Lifecycle Policies? (Select TWO
correct answers) 4 points
a. Automatically transition objects to a lower-cost storage class
b. Delete objects based on age
c. Enable server-side encryption
d. Control object access at a granular level
4. Which best practice involves designing with independent components? 2 points
a. Treating resources as disposable
b. Using loosely coupled components
c. Implementing high availability
d. Building monolithic applications
5. Which of the following EC2 instance types are designed to optimize performance for
applications requiring significant parallel processing? (Select TWO correct answers) 4
points
a. C5n
b. P4
c. R5
d. T3
6. What is the principle of least privilege? 2 points
a. Granting all users full access to all resources
b. Granting users only the permissions they need to perform their tasks
c. Restricting access to a single AWS Region
d. Assigning permissions based on job titles
7. Which of the following are responsibilities of the customer in the AWS Shared
Responsibility Model? (Select TWO correct answers) 4 points
a. Managing AWS Global Infrastructure
b. Configuring network security
c. Ensuring data encryption at rest
d. Managing AWS foundation services
8. Which of the following are key responsibilities of a Cloud Architect? (Select TWO correct
answers) 4 points
a. Managing on-premises servers
b. Setting technical cloud strategy with business leads
 c. Designing the transformation roadmap
d. Developing mobile applications
9. What is the impact of using an instance store-backed AMI compared to an EBS-backed
AMI on the boot process and instance lifecycle? 2 points
a. Instance store-backed AMIs boot faster and support stopping instances
b. EBS-backed AMIs boot faster and allow instances to be stopped and started
c. Instance store-backed AMIs allow stopping instances and provide persistent
storage
d. EBS-backed AMIs require reinitialization at each boot, leading to longer boot
times
10. Which of the following are key considerations when selecting a database type for a
specific workload? (Select TWO correct answers) 4 points
a. Durability requirements
b. Number of database users
c. Data characteristics
d. Operating system compatibility

Senario

1. Your company is launching an e-commerce platform expected to experience fluctuating
traffic due to seasonal sales. The platform will require multiple application servers and a
database server, all hosted on EC2 instances. High availability and cost optimization are
crucial.

Given the need for high availability, how should you architect the deployment of these
instances? (Select TWO correct answers) 4 points
a. Deploy instances in multiple Availability Zones
b. Use Elastic Load Balancing across multiple Availability Zones
c. Implement cross-Region replication
d. Use Spot Instances across different Availability Zones

2. Your company is migrating a set of applications to AWS and needs to implement secure
access controls. The applications will be accessed by employees and contractors, and
some of the data is sensitive. To ensure that only authorized users access the
applications, which security best practices should be followed? (Select TWO answers) 4
points
a. Enable MFA for all users
b. Use a single shared account for all users
c. Require strong, complex passwords
d. Grant root user access to everyone
3. Your company wants to implement a backup solution for its on-premises data center
using Amazon S3. The data needs to be securely stored and occasionally accessed. To
ensure data security during transfer to Amazon S3, which encryption method should you
use? (Select TWO answers) 4 points
 a. Client-side encryption
b. Server-side encryption with Amazon S3 managed keys (SSE-S3)
c. No encryption is necessary
d. Only use AWS KMS encryption

4. Your company is developing a video processing application that processes large video
files. The application runs batch jobs that are compute-intensive but can tolerate
interruptions. You need to optimize costs while ensuring the jobs complete in a
reasonable time frame. To further optimize the cost, how can you ensure that the Spot
Instances used for processing are not terminated before the jobs complete? (Select
TWO correct answers) 4 points
a. Use Spot Fleet with a diversified allocation strategy
b. Manually monitor the Spot Instance pricing and availability
c. Request Spot Instances with a maximum bid price higher than the On-Demand
price
d. Use a combination of On-Demand and Spot Instances
5. Your company is migrating its existing on-premises data center to AWS and wants to
ensure that security is built into every layer of the architecture. To minimize the impact of
potential security breaches, which practice should you follow? (Select TWO correct
answer) 4 points
a. Isolate parts of your infrastructure
b. Use a single security group for all instances
c. Use automation to ensure consistent security
d. Store all sensitive data unencrypted
6. Your team is setting up an S3 bucket to store sensitive financial data. Security and
controlled access are top priorities. How should you manage access permissions to the
objects in the bucket? (Select TWO correct answers) 4 points
a. Use bucket policies to define access rules
b. Allow public access for ease of use
c. Implement AWS IAM policies
d. Use pre-signed URLs for permanent access
7. You are responsible for setting up IAM policies for a new team of developers who will
need access to specific AWS resources for a limited time. When setting up IAM policies
to ensure developers only access the resources essential for their tasks within specific
operational constraints, which policy elements should you prioritize to define these
limitations accurately? (Select TWO correct answer) 4 points
a. Effect
b. Resource
c. Condition
d. Principal
8. You are tasked with designing a cloud architecture for a new e-commerce platform that
requires high availability, scalability, and cost efficiency. To meet the high availability
requirement, which of the following should you implement? (Select TWO correct answer)
4 points
 a. Deploy all resources in a single Availability Zone Use
b. Multi-AZ deployments
c. Use Amazon CloudFront to cache static content
d. Deploy to multiple AWS Regions
9. Your company needs to design a high-availability database architecture for a
mission-critical application. The database must be resilient to failures, secure, and
capable of handling heavy read traffic. Which features should be implemented to ensure
high availability and resilience? (Select TWO correct answers) 4 points
a. Multi-AZ deployment with Amazon RDS
b. Automated backups with Amazon RDS
c. Cross-Region replication with Amazon DynamoDB global tables
d. Using instance store for database storage

True and False

1. Amazon EFS is suitable for scenarios where multiple EC2 instances running Windows
need to access the same file system. 2 points
a. True
b. False

2. In Amazon RDS, read replicas can be promoted to standalone databases in the event of
a primary database failure. 2 points
a. True
b. False

3. The AWS Well-Architected Framework consists of six pillars, including Cost Optimization
and Performance Efficiency. 2 points
a. True
b. False

4. AWS Compute Optimizer can automatically resize your EC2 instances based on
workload recommendations 2 points
a. True
b. False

5. When using Amazon EC2 Spot Instances, AWS will terminate the instance if the Spot
price exceeds your bid price. 2 points
a. True
b. False

6. When you enable Cross-Region Replication (CRR) for an S3 bucket, existing objects in
the bucket are automatically replicated to the destination region. 2 points
a. True
b. False
7. IAM roles provide temporary security credentials and are often used for cross-account
access. 2 points
a. True
b. False

8. The AWS Nitro System enhances the performance of EBS-optimized instances by
reducing I/O contention. 2 points
a. True
b. False

9. Amazon S3 supports the storage of both structured and unstructured data. 2 points
a. True
b. False

10. S3 Block Public Access is a feature that overrides other bucket policies and object
permissions to ensure no public access. 2 points
a. True
b. False

11. By default, all requests in IAM are denied unless explicitly allowed by a policy. 2 points
a. True
b. False

12. The root user should be used regularly for all administrative tasks in an AWS account. 2
points
a. True
b. False

13. A single data center can be part of multiple Availability Zones. 2 points
a. True
b. False

14. Resource-based policies are attached to IAM users and groups to control their access to
resources. 2 points
a. True
b. False

15. The main goal of the Operational Excellence pillar is to run and monitor systems that
deliver business value. 2 points
a. True
b. False
16. You should always use the same AWS Region for all your resources to simplify
management, regardless of latency or compliance requirements. 2 points
a. True
b. False

17. S3 Transfer Acceleration is used to replicate data across different AWS Regions 2 points
a. True
b. False