AWS Cloud Practitioner

A company is planning to run a global marketing application in the AWS Cloud. The application will feature videos that can be viewed by users. The company must ensure that all users can view these videos with low latency. \n Which AWS service should the company use to meet this requirement?

* **A.** AWS Auto Scaling
* **B.** Amazon Kinesis Video Streams
* **C.** Elastic Load Balancing
* **D.** Amazon CloudFront

Answer : **D**

Which pillar of the AWS Well-Architected Framework refers to the ability of a system to recover from infrastructure or service disruptions and dynamically acquire computing resources to meet demand?

* **A.** Security
* **B.** Reliability
* **C.** Performance efficiency
* **D.** Cost optimization

Answer : **B**

Which of the following are benefits of migrating to the AWS Cloud? (Choose two.)

* **A.** Operational resilience
* **B.** Discounts for products on Amazon.com
* **C.** Business agility
* **D.** Business excellence
* **E.** Increased staff retention

Answer : **AC**

A company is planning to replace its physical on-premises compute servers with AWS serverless compute services. The company wants to be able to take advantage of advanced technologies quickly after the migration. \n Which pillar of the AWS Well-Architected Framework does this plan represent?

* **A.** Security
* **B.** Performance efficiency
* **C.** Operational excellence
* **D.** Reliability

Answer : **B**

A large company has multiple departments. Each department has its own AWS account. Each department has purchased Amazon EC2 Reserved Instances. \n Some departments do not use all the Reserved Instances that they purchased, and other departments need more Reserved Instances than they purchased. \n The company needs to manage the AWS accounts for all the departments so that the departments can share the Reserved Instances. \n Which AWS service or tool should the company use to meet these requirements?

* **A.** AWS Systems Manager
* **B.** Cost Explorer
* **C.** AWS Trusted Advisor
* **D.** AWS Organizations

Answer : **B**

Which component of the AWS global infrastructure is made up of one or more discrete data centers that have redundant power, networking, and connectivity?

* **A.** AWS Region
* **B.** Availability Zone
* **C.** Edge location
* **D.** AWS Outposts

Answer : **B**

Which duties are the responsibility of a company that is using AWS Lambda? (Choose two.)

* **A.** Security inside of code
* **B.** Selection of CPU resources
* **C.** Patching of operating system
* **D.** Writing and updating of code
* **E.** Security of underlying infrastructure

Answer : **AD**

Which AWS services or features provide disaster recovery solutions for Amazon EC2 instances? (Choose two.)

* **A.** ׀•׀¡2 Reserved Instances
* **B.** EC2 Amazon Machine Images (AMIs)
* **C.** Amazon Elastic Block Store (Amazon EBS) snapshots
* **D.** AWS Shield
* **E.** Amazon GuardDuty

Answer : **BC**

A company is migrating to the AWS Cloud instead of running its infrastructure on premises. \n Which of the following are advantages of this migration? (Choose two.)

* **A.** Elimination of the need to perform security auditing
* **B.** Increased global reach and agility
* **C.** Ability to deploy globally in minutes
* **D.** Elimination of the cost of IT staff members
* **E.** Redundancy by default for all compute services

Answer : **BD**

A user is comparing purchase options for an application that runs on Amazon EC2 and Amazon RDS. The application cannot sustain any interruption. The application experiences a predictable amount of usage, including some seasonal spikes that last only a few weeks at a time. It is not possible to modify the application. \n Which purchase option meets these requirements MOST cost-effectively?

* **A.** Review the AWS Marketplace and buy Partial Upfront Reserved Instances to cover the predicted and seasonal load.
* **B.** Buy Reserved Instances for the predicted amount of usage throughout the year. Allow any seasonal usage to run on Spot Instances.
* **C.** Buy Reserved Instances for the predicted amount of usage throughout the year. Allow any seasonal usage to run at an On-Demand rate.
* **D.** Buy Reserved Instances to cover all potential usage that results from the seasonal usage.

Answer : **B**

A company wants to review its monthly costs of using Amazon EC2 and Amazon RDS for the past year. \n Which AWS service or tool provides this information?

* **A.** AWS Trusted Advisor
* **B.** Cost Explorer
* **C.** Amazon Forecast
* **D.** Amazon CloudWatch

Answer : **B**

A company wants to migrate a critical application to AWS. The application has a short runtime. The application is invoked by changes in data or by shifts in system state. The company needs a compute solution that maximizes operational efficiency and minimizes the cost of running the application. \n Which AWS solution should the company use to meet these requirements?

* **A.** Amazon EC2 On-Demand Instances
* **B.** AWS Lambda
* **C.** Amazon EC2 Reserved Instances
* **D.** Amazon EC2 Spot Instances

Answer : **B**

Which AWS service or feature allows users to connect with and deploy AWS services programmatically?

* **A.** AWS Management Console
* **B.** AWS Cloud9
* **C.** AWS CodePipeline
* **D.** AWS software development kits (SDKs)

Answer : **D**

A company plans to create a data lake that uses Amazon S3. \n Which factor will have the MOST effect on cost?

* **A.** The selection of S3 storage tiers
* **B.** Charges to transfer existing data into Amazon S3
* **C.** The addition of S3 bucket policies
* **D.** S3 ingest fees for each request

Answer : **A**

A company is launching an ecommerce application that must always be available. The application will run on Amazon EC2 instances continuously for the next \n 12 months. \n What is the MOST cost-effective instance purchasing option that meets these requirements?

* **A.** Spot Instances
* **B.** Savings Plans
* **C.** Dedicated Hosts
* **D.** On-Demand Instances

Answer : **B**

Which AWS service or feature can a company use to determine which business unit is using specific AWS resources?

* **A.** Cost allocation tags
* **B.** Key pairs
* **C.** Amazon Inspector
* **D.** AWS Trusted Advisor

Answer : **A**

A company wants to migrate its workloads to AWS, but it lacks expertise in AWS Cloud computing. \n Which AWS service or feature will help the company with its migration?

* **A.** AWS Trusted Advisor
* **B.** AWS Consulting Partners
* **C.** AWS Artifacts
* **D.** AWS Managed Services

Answer : **D**

Which AWS service or tool should a company use to centrally request and track service limit increases?

* **A.** AWS Config
* **B.** Service Quotas
* **C.** AWS Service Catalog
* **D.** AWS Budgets

Answer : **B**

Which documentation does AWS Artifact provide?

* **A.** Amazon EC2 terms and conditions
* **B.** AWS ISO certifications
* **C.** A history of a companyג€™s AWS spending
* **D.** A list of previous-generation Amazon EC2 instance types

Answer : **B**

Which task requires using AWS account root user credentials?

* **A.** Viewing billing information
* **B.** Changing the AWS Support plan
* **C.** Starting and stopping Amazon EC2 instances
* **D.** Opening an AWS Support case

Answer : **B**

A company needs to simultaneously process hundreds of requests from different users. \n Which combination of AWS services should the company use to build an operationally efficient solution?

* **A.** Amazon Simple Queue Service (Amazon SQS) and AWS Lambda
* **B.** AWS Data Pipeline and Amazon EC2
* **C.** Amazon Kinesis and Amazon Athena
* **D.** AWS Amplify and AWS AppSync

Answer : **B**

What is the scope of a VPC within the AWS network?

* **A.** A VPC can span all Availability Zones globally.
* **B.** A VPC must span at least two subnets in each AWS Region.
* **C.** A VPC must span at least two edge locations in each AWS Region.
* **D.** A VPC can span all Availability Zones within an AWS Region.

Answer : **D**

Which of the following are components of an AWS Site-to-Site VPN connection? (Choose two.)

* **A.** AWS Storage Gateway
* **B.** Virtual private gateway
* **C.** NAT gateway
* **D.** Customer gateway
* **E.** Internet gateway

Answer : **BD**

A company needs to establish a connection between two VPCs. The VPCs are located in two different AWS Regions. The company wants to use the existing infrastructure of the VPCs for this connection. \n Which AWS service or feature can be used to establish this connection?

* **A.** AWS Client VPN
* **B.** VPC peering
* **C.** AWS Direct Connect
* **D.** VPC endpoints

Answer : **B**

According to the AWS shared responsibility model, what responsibility does a customer have when using Amazon RDS to host a database?

* **A.** Manage connections to the database
* **B.** Install Microsoft SQL Server
* **C.** Design encryption-at-rest strategies
* **D.** Apply minor database patches

Answer : **A**

What are some advantages of using Amazon EC2 instances to host applications in the AWS Cloud instead of on premises? (Choose two.)

* **A.** EC2 includes operating system patch management.
* **B.** EC2 integrates with Amazon VPC, AWS CloudTrail, and AWS Identity and Access Management (IAM).
* **C.** EC2 has a 100% service level agreement (SLA).
* **D.** EC2 has a flexible, pay-as-you-go pricing model.
* **E.** EC2 has automatic storage cost optimization.

Answer : **DE**

A user needs to determine whether an Amazon EC2 instance's security groups were modified in the last month. \n How can the user see if a change was made?

* **A.** Use Amazon EC2 to see if the security group was changed.
* **B.** Use AWS Identity and Access Management (IAM) to see which user or role changed the security group.
* **C.** Use AWS CloudTrail to see if the security group was changed.
* **D.** Use Amazon CloudWatch to see if the security group was changed.

Answer : **C**

Which AWS service will help protect applications running on AWS from DDoS attacks?

* **A.** Amazon GuardDuty
* **B.** AWS WAF
* **C.** AWS Shield
* **D.** Amazon Inspector

Answer : **C**

Which AWS service or feature acts as a firewall for Amazon EC2 instances?

* **A.** Network ACL
* **B.** Elastic network interface
* **C.** Amazon VPC
* **D.** Security group

Answer : **D**

How does the AWS Cloud pricing model differ from the traditional on-premises storage pricing model?

* **A.** AWS resources do not incur costs
* **B.** There are no infrastructure operating costs
* **C.** There are no upfront cost commitments
* **D.** There are no software licensing costs

Answer : **B**

A company has a single Amazon EC2 instance. The company wants to adopt a highly available architecture. \n What can the company do to meet this requirement?

* **A.** Scale vertically to a larger EC2 instance size.
* **B.** Scale horizontally across multiple Availability Zones.
* **C.** Purchase an EC2 Dedicated Instance.
* **D.** Change the EC2 instance family to a compute optimized instance.

Answer : **B**

A company's on-premises application deployment cycle was 3-4 weeks. After migrating to the AWS Cloud, the company can deploy the application in 2-3 days. \n Which benefit has this company experienced by moving to the AWS Cloud?

* **A.** Elasticity
* **B.** Flexibility
* **C.** Agility
* **D.** Resilience

Answer : **A**

Which of the following are included in AWS Enterprise Support? (Choose two.)

* **A.** AWS technical account manager (TAM)
* **B.** AWS partner-led support
* **C.** AWS Professional Services
* **D.** Support of third-party software integration to AWS
* **E.** 5-minute response time for critical issues

Answer : **AD**

A global media company uses AWS Organizations to manage multiple AWS accounts. \n Which AWS service or feature can the company use to limit the access to AWS services for member accounts?

* **A.** AWS Identity and Access Management (IAM)
* **B.** Service control policies (SCPs)
* **C.** Organizational units (OUs)
* **D.** Access control lists (ACLs)

Answer : **C**

A company wants to limit its employees' AWS access to a portfolio of predefined AWS resources. \n Which AWS solution should the company use to meet this requirement?

* **A.** AWS Config
* **B.** AWS software development kits (SDKs)
* **C.** AWS Service Catalog
* **D.** AWS AppSync

Answer : **C**

An online company was running a workload on premises and was struggling to launch new products and features. After migrating the workload to AWS, the company can quickly launch products and features and can scale its infrastructure as required. \n Which AWS Cloud value proposition does this scenario describe?

* **A.** Business agility
* **B.** High availability
* **C.** Security
* **D.** Centralized auditing

Answer : **A**

Which of the following are advantages of the AWS Cloud? (Choose two.)

* **A.** AWS management of user-owned infrastructure
* **B.** Ability to quickly change required capacity
* **C.** High economies of scale
* **D.** Increased deployment time to market
* **E.** Increased fixed expenses

Answer : **BC**

AWS has the ability to achieve lower pay-as-you-go pricing by aggregating usage across hundreds of thousands of users. \n This describes which advantage of the AWS Cloud?

* **A.** Launch globally in minutes
* **B.** Increase speed and agility
* **C.** High economies of scale
* **D.** No guessing about compute capacity

Answer : **C**

A company has a database server that is always running. The company hosts the server on Amazon EC2 instances. The instance sizes are suitable for the workload. The workload will run for 1 year. \n Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?

* **A.** Standard Reserved Instances
* **B.** On-Demand Instances
* **C.** Spot Instances
* **D.** Convertible Reserved Instances

Answer : **A**

A company is developing a mobile app that needs a high-performance NoSQL database. \n Which AWS services could the company use for this database? (Choose two.)

* **A.** Amazon Aurora
* **B.** Amazon RDS
* **C.** Amazon Redshift
* **D.** Amazon DocumentDB (with MongoDB compatibility)
* **E.** Amazon DynamoDB

Answer : **BE**

Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Choose two.)

* **A.** Patch the Amazon EC2 guest operating system.
* **B.** Upgrade the firmware of the network infrastructure.
* **C.** Apply password rotation for IAM users.
* **D.** Maintain the physical security of edge locations.
* **E.** Maintain least privilege access to the root user account.

Answer : **BD**

Which of the following are features of network ACLs as they are used in the AWS Cloud? (Choose two.)

* **A.** They are stateless.
* **B.** They are stateful.
* **C.** They evaluate all rules before allowing traffic.
* **D.** They process rules in order, starting with the lowest numbered rule, when deciding whether to allow traffic.
* **E.** They operate at the instance level.

Answer : **AD**

A company has designed its AWS Cloud infrastructure to run its workloads effectively. The company also has protocols in place to continuously improve supporting processes. \n Which pillar of the AWS Well-Architected Framework does this scenario represent?

* **A.** Security
* **B.** Performance efficiency
* **C.** Cost optimization
* **D.** Operational excellence

Answer : **D**

Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload?

* **A.** Amazon Route 53
* **B.** Amazon Macie
* **C.** AWS Direct Connect
* **D.** AWS PrivateLink

Answer : **D**

A company needs to graphically visualize AWS billing and usage over time. The company also needs information about its AWS monthly costs. \n Which AWS Billing and Cost Management tool provides this data in a graphical format?

* **A.** AWS Bills
* **B.** Cost Explorer
* **C.** AWS Cost and Usage Report
* **D.** AWS Budgets

Answer : **B**

A company wants to run production workloads on AWS. The company needs concierge service, a designated AWS technical account manager (TAM), and technical support that is available 24 hours a day, 7 days a week. \n Which AWS Support plan will meet these requirements?

* **A.** AWS Basic Support
* **B.** AWS Enterprise Support
* **C.** AWS Business Support
* **D.** AWS Developer Support

Answer : **B**

Which architecture design principle describes the need to isolate failures between dependent components in the AWS Cloud?

* **A.** Use a monolithic design.
* **B.** Design for automation.
* **C.** Design for single points of failure.
* **D.** Loosely couple components.

Answer : **D**

Which AWS services are managed database services? (Choose two.)

* **A.** Amazon Elastic Block Store (Amazon EBS)
* **B.** Amazon S3
* **C.** Amazon RDS
* **D.** Amazon Elastic File System (Amazon EFS)
* **E.** Amazon DynamoDB

Answer : **CE**

A company is using the AWS Free Tier for several AWS services for an application. \n What will happen if the Free Tier usage period expires or if the application use exceeds the Free Tier usage limits?

* **A.** The company will be charged the standard pay-as-you-go service rates for the usage that exceeds the Free Tier usage.
* **B.** AWS Support will contact the company to set up standard service charges.
* **C.** The company will be charged for the services it consumed during the Free Tier period, plus additional charges for service consumption after the Free Tier period.
* **D.** The companyג€™s AWS account will be frozen and can be restarted after a payment plan is established.

Answer : **A**

A company recently deployed an Amazon RDS instance in its VPC. The company needs to implement a stateful firewall to limit traffic to the private corporate network. \n Which AWS service or feature should the company use to limit network traffic directly to its RDS instance?

* **A.** Network ACLs
* **B.** Security groups
* **C.** AWS WAF
* **D.** Amazon GuardDuty

Answer : **C**

Which AWS service uses machine learning to help discover, monitor, and protect sensitive data that is stored in Amazon S3 buckets?

* **A.** AWS Shield
* **B.** Amazon Macie
* **C.** AWS Network Firewall
* **D.** Amazon Cognito

Answer : **B**

A company wants to improve the overall availability and performance of its applications that are hosted on AWS. \n Which AWS service should the company use?

* **A.** Amazon Connect
* **B.** Amazon Lightsail
* **C.** AWS Global Accelerator
* **D.** AWS Storage Gateway

Answer : **C**

Which AWS service or feature identifies whether an Amazon S3 bucket or an IAM role has been shared with an external entity?

* **A.** AWS Service Catalog
* **B.** AWS Systems Manager
* **C.** AWS IAM Access Analyzer
* **D.** AWS Organizations

Answer : **C**

A company does not want to rely on elaborate forecasting to determine its usage of compute resources. Instead, the company wants to pay only for the resources that it uses. The company also needs the ability to increase or decrease its resource usage to meet business requirements. \n Which pillar of the AWS Well-Architected Framework aligns with these requirements?

* **A.** Operational excellence
* **B.** Security
* **C.** Reliability
* **D.** Cost optimization

Answer : **D**

A company wants to launch its workload on AWS and requires the system to automatically recover from failure. \n Which pillar of the AWS Well-Architected Framework includes this requirement?

* **A.** Cost optimization
* **B.** Operational excellence
* **C.** Performance efficiency
* **D.** Reliability

Answer : **D**

A large enterprise with multiple VPCs in several AWS Regions around the world needs to connect and centrally manage network connectivity between its VPCs. \n Which AWS service or feature meets these requirements?

* **A.** AWS Direct Connect
* **B.** AWS Transit Gateway
* **C.** AWS Site-to-Site VPN
* **D.** VPC endpoints

Answer : **B**

Which AWS service supports the creation of visual reports from AWS Cost and Usage Report data?

* **A.** Amazon Athena
* **B.** Amazon QuickSight
* **C.** Amazon CloudWatch
* **D.** AWS Organizations

Answer : **A**

Which AWS service should be used to monitor Amazon EC2 instances for CPU and network utilization?

* **A.** Amazon Inspector
* **B.** AWS CloudTrail
* **C.** Amazon CloudWatch
* **D.** AWS Config

Answer : **C**

A company is preparing to launch a new web store that is expected to receive high traffic for an upcoming event. The web store runs only on AWS, and the company has an AWS Enterprise Support plan. \n Which AWS resource will provide guidance about how the company should scale its architecture and operational support during the event?

* **A.** AWS Abuse team
* **B.** The designated AWS technical account manager (TAM)
* **C.** AWS infrastructure event management
* **D.** AWS Professional Services

Answer : **B**

A user wants to deploy a service to the AWS Cloud by using infrastructure-as-code (IaC) principles. \n Which AWS service can be used to meet this requirement?

* **A.** AWS Systems Manager
* **B.** AWS CloudFormation
* **C.** AWS CodeCommit
* **D.** AWS Config

Answer : **B**

A company that has multiple business units wants to centrally manage and govern its AWS Cloud environments. The company wants to automate the creation of \n AWS accounts, apply service control policies (SCPs), and simplify billing processes. \n Which AWS service or tool should the company use to meet these requirements?

* **A.** AWS Organizations
* **B.** Cost Explorer
* **C.** AWS Budgets
* **D.** AWS Trusted Advisor

Answer : **A**

Which IT controls do AWS and the customer share, according to the AWS shared responsibility model? (Choose two.)

* **A.** Physical and environmental controls
* **B.** Patch management
* **C.** Cloud awareness and training
* **D.** Zone security
* **E.** Application data encryption

Answer : **BC**

A company is launching an application in the AWS Cloud. The application will use Amazon S3 storage. A large team of researchers will have shared access to the data. The company must be able to recover data that is accidentally overwritten or deleted. \n Which S3 feature should the company turn on to meet this requirement?

* **A.** Server access logging
* **B.** S3 Versioning
* **C.** S3 Lifecycle rules
* **D.** Encryption in transit and at rest

Answer : **B**

A manufacturing company has a critical application that runs at a remote site that has a slow internet connection. The company wants to migrate the workload to \n AWS. The application is sensitive to latency and interruptions in connectivity. The company wants a solution that can host this application with minimum latency. \n Which AWS service or feature should the company use to meet these requirements?

* **A.** Availability Zones
* **B.** AWS Local Zones
* **C.** AWS Wavelength
* **D.** AWS Outposts

Answer : **B**

A company wants to migrate its applications from its on-premises data center to a VPC in the AWS Cloud. These applications will need to access on-premises resources. \n Which actions will meet these requirements? (Choose two.)

* **A.** Use AWS Service Catalog to identify a list of on-premises resources that can be migrated.
* **B.** Create a VPN connection between an on-premises device and a virtual private gateway in the VPC.
* **C.** Use an Amazon CloudFront distribution and configure it to accelerate content delivery close to the on-premises resources.
* **D.** Set up an AWS Direct Connect connection between the on-premises data center and AWS.
* **E.** Use Amazon CloudFront to restrict access to static web content provided through the on-premises web servers.

Answer : **AD**

A company wants to use the AWS Cloud to provide secure access to desktop applications that are running in a fully managed environment. \n Which AWS service should the company use to meet this requirement?

* **A.** Amazon S3
* **B.** Amazon AppStream 2.0
* **C.** AWS AppSync
* **D.** AWS Outposts

Answer : **A**

A company wants to implement threat detection on its AWS infrastructure. However, the company does not want to deploy additional software. \n Which AWS service should the company use to meet these requirements?

* **A.** Amazon VPC
* **B.** Amazon EC2
* **C.** Amazon GuardDuty
* **D.** AWS Direct Connect

Answer : **C**

Which AWS service uses edge locations?

* **A.** Amazon Aurora
* **B.** AWS Global Accelerator
* **C.** Amazon Connect
* **D.** AWS Outposts

Answer : **B**

A company needs to install an application in a Docker container. \n Which AWS service eliminates the need to provision and manage the container hosts?

* **A.** AWS Fargate
* **B.** Amazon FSx for Windows File Server
* **C.** Amazon Elastic Container Service (Amazon ECS)
* **D.** Amazon EC2

Answer : **C**

Which AWS service or feature checks access policies and offers actionable recommendations to help users set secure and functional policies?

* **A.** AWS Systems Manager
* **B.** AWS IAM Access Analyzer
* **C.** AWS Trusted Advisor
* **D.** Amazon GuardDuty

Answer : **B**

A company has a fleet of cargo ships. The cargo ships have sensors that collect data at sea, where there is intermittent or no internet connectivity. The company needs to collect, format, and process the data at sea and move the data to AWS later. \n Which AWS service should the company use to meet these requirements?

* **A.** AWS IoT Core
* **B.** Amazon Lightsail
* **C.** AWS Storage Gateway
* **D.** AWS Snowball Edge

Answer : **C**

A retail company needs to build a highly available architecture for a new ecommerce platform. The company is using only AWS services that replicate data across multiple Availability Zones. \n Which AWS services should the company use to meet this requirement? (Choose two.)

* **A.** Amazon EC2
* **B.** Amazon Elastic Block Store (Amazon EBS)
* **C.** Amazon Aurora
* **D.** Amazon DynamoDB
* **E.** Amazon Redshift

Answer : **AB**

Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?

* **A.** Agility
* **B.** Elasticity
* **C.** Reliability
* **D.** Durability

Answer : **B**

Service control policies (SCPs) manage permissions for which of the following?

* **A.** Availability Zones
* **B.** AWS Regions
* **C.** AWS Organizations
* **D.** Edge locations

Answer : **C**

Which AWS service can be used to encrypt data at rest?

* **A.** Amazon GuardDuty
* **B.** AWS Shield
* **C.** AWS Security Hub
* **D.** AWS Key Management Service (AWS KMS)

Answer : **D**

Which characteristics are advantages of using the AWS Cloud? (Choose two.)

* **A.** A 100% service level agreement (SLA) for all AWS services
* **B.** Compute capacity that is adjusted on demand
* **C.** Availability of AWS Support for code development
* **D.** Enhanced security
* **E.** Increases in cost and complexity

Answer : **BD**

A user is storing objects in Amazon S3. The user needs to restrict access to the objects to meet compliance obligations. \n What should the user do to meet this requirement?

* **A.** Use AWS Secrets Manager.
* **B.** Tag the objects in the S3 bucket.
* **C.** Use security groups.
* **D.** Use network ACLs.

Answer : **D**

A company wants to convert video files and audio files from their source format into a format that will play on smartphones, tablets, and web browsers. \n Which AWS service will meet these requirements?

* **A.** Amazon Elastic Transcoder
* **B.** Amazon Comprehend
* **C.** AWS Glue
* **D.** Amazon Rekognition

Answer : **A**

Which of the following are benefits of Amazon EC2 Auto Scaling? (Choose two.)

* **A.** Improved health and availability of applications
* **B.** Reduced network latency
* **C.** Optimized performance and costs
* **D.** Automated snapshots of data
* **E.** Cross-Region Replication

Answer : **AB**

A company has several departments. Each department has its own AWS accounts for its applications. The company wants all AWS costs on a single invoice to simplify payment, but the company wants to know the costs that each department is incurring. \n Which AWS tool or feature will provide this functionality?

* **A.** AWS Cost and Usage Reports
* **B.** Consolidated billing
* **C.** Savings Plans
* **D.** AWS Budgets

Answer : **B**

A company runs its workloads on premises. The company wants to forecast the cost of running a large application on AWS. \n Which AWS service or tool can the company use to obtain this information?

* **A.** AWS Pricing Calculator
* **B.** AWS Budgets
* **C.** AWS Trusted Advisor
* **D.** Cost Explorer

Answer : **D**

A company wants to eliminate the need to guess infrastructure capacity before deployments. The company also wants to spend its budget on cloud resources only as the company uses the resources. \n Which advantage of the AWS Cloud matches the company's requirements?

* **A.** Reliability
* **B.** Global reach
* **C.** Economies of scale
* **D.** Pay-as-you-go pricing

Answer : **D**

Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co- location environments, or on-premises facilities?

* **A.** AWS Snowmobile
* **B.** AWS Local Zones
* **C.** AWS Outposts
* **D.** AWS Fargate

Answer : **C**

A company has a physical tape library to store data backups. The tape library is running out of space. The company needs to extend the tape library's capacity to the AWS Cloud. \n Which AWS service should the company use to meet this requirement?

* **A.** Amazon Elastic Block Store (Amazon EBS)
* **B.** Amazon S3
* **C.** Amazon Elastic File System (Amazon EFS)
* **D.** AWS Storage Gateway

Answer : **D**

An online retail company has seasonal sales spikes several times a year, primarily around holidays. Demand is lower at other times. The company finds it difficult to predict the increasing infrastructure demand for each season. \n Which advantages of moving to the AWS Cloud would MOST benefit the company? (Choose two.)

* **A.** Global footprint
* **B.** Elasticity
* **C.** AWS service quotas
* **D.** AWS shared responsibility model
* **E.** Pay-as-you-go pricing

Answer : **BE**

Which AWS service can be used to turn text into lifelike speech?

* **A.** Amazon Polly
* **B.** Amazon Kendra
* **C.** Amazon Rekognition
* **D.** Amazon Connect

Answer : **A**

Which AWS service or tool can be used to capture information about inbound and outbound traffic in an Amazon VPC?

* **A.** VPC Flow Logs
* **B.** Amazon Inspector
* **C.** VPC endpoint services
* **D.** NAT gateway

Answer : **A**

A company wants to ensure that two Amazon EC2 instances are in separate data centers with minimal communication latency between the data centers. \n How can the company meet this requirement?

* **A.** Place the EC2 instances in two separate AWS Regions connected with a VPC peering connection.
* **B.** Place the EC2 instances in two separate Availability Zones within the same AWS Region.
* **C.** Place one EC2 instance on premises and the other in an AWS Region. Then connect them by using an AWS VPN connection.
* **D.** Place both EC2 instances in a placement group for dedicated bandwidth.

Answer : **B**

In which situations should a company create an IAM user instead of an IAM role? (Choose two.)

* **A.** When an application that runs on Amazon EC2 instances requires access to other AWS services
* **B.** When the company creates AWS access credentials for individuals
* **C.** When the company creates an application that runs on a mobile phone that makes requests to AWS
* **D.** When the company needs to add users to IAM groups
* **E.** When users are authenticated in the corporate network and want to be able to use AWS without having to sign in a second time

Answer : **BD**

Which AWS services should a company use to read and write data that changes frequently? (Choose two.)

* **A.** Amazon S3 Glacier
* **B.** Amazon RDS
* **C.** AWS Snowball
* **D.** Amazon Redshift
* **E.** Amazon Elastic File System (Amazon EFS)

Answer : **BD**

Which AWS service is used to provide encryption for Amazon EBS?

* **A.** AWS Certificate Manager
* **B.** AWS Systems Manager
* **C.** AWS KMS
* **D.** AWS Config

Answer : **C**

Which AWS services make use of global edge locations? (Choose two.)

* **A.** AWS Fargate
* **B.** Amazon CloudFront
* **C.** AWS Global Accelerator
* **D.** AWS Wavelength
* **E.** Amazon VPC

Answer : **BC**

A company is operating several factories where it builds products. The company needs the ability to process data, store data, and run applications with local system interdependencies that require low latency. \n Which AWS service should the company use to meet these requirements?

* **A.** AWS IoT Greengrass
* **B.** AWS Lambda
* **C.** AWS Outposts
* **D.** AWS Snowball Edge

Answer : **B**

Which of the following is a recommended design principle for AWS Cloud architecture?

* **A.** Design tightly coupled components.
* **B.** Build a single application component that can handle all the application functionality.
* **C.** Make large changes on fewer iterations to reduce chances of failure.
* **D.** Avoid monolithic architecture by segmenting workloads.

Answer : **C**

A company is designing its AWS workloads so that components can be updated regularly and so that changes can be made in small, reversible increments. \n Which pillar of the AWS Well-Architected Framework does this design support?

* **A.** Security
* **B.** Performance efficiency
* **C.** Operational excellence
* **D.** Reliability

Answer : **B**

Which of the following acts as an instance-level firewall to control inbound and outbound access?

* **A.** Network access control list
* **B.** Security groups
* **C.** AWS Trusted Advisor
* **D.** Virtual private gateways

Answer : **B**

A company has a workload that will run continuously for 1 year. The workload cannot tolerate service interruptions. \n Which Amazon EC2 purchasing option will be MOST cost-effective?

* **A.** All Upfront Reserved Instances
* **B.** Partial Upfront Reserved Instances
* **C.** Dedicated Instances
* **D.** On-Demand Instances

Answer : **A**

Which AWS service helps protect against DDoS attacks?

* **A.** AWS Shield
* **B.** Amazon Inspector
* **C.** Amazon GuardDuty
* **D.** Amazon Detective

Answer : **A**

Using AWS Config to record, audit, and evaluate changes to AWS resources to enable traceability is an example of which AWS Well-Architected Framework pillar?

* **A.** Security
* **B.** Operational excellence
* **C.** Performance efficiency
* **D.** Cost optimization

Answer : **A**

Which AWS tool or feature acts as a VPC firewall at the subnet level?

* **A.** Security group
* **B.** Network ACL
* **C.** Traffic Mirroring
* **D.** Internet gateway

Answer : **B**