New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Amazon Web Services > AWS Certified Foundational > CLF-C02

CLF-C02 AWS Certified Cloud Practitioner Question and Answers

Question # 4

A retail company is building a new mobile app. The company is evaluating whether to build the app at an on-premises data center or in the AWS Cloud.

Which of the following are benefits of building this app in the AWS Cloud? (Select TWO.)

A.

A large upfront capital expense and low variable expenses

B.

Increased speed for trying out new projects

C.

Complete control over the physical security of the infrastructure

D.

Flexibility to scale up in minutes as the application becomes popular

E.

Ability to pick the specific data centers that will host the application servers

Full Access
Question # 5

Which benefit does Amazon Rekognition provide?

A.

The ability to place watermarks on images

B.

The ability to detect objects that appear in pictures

C.

The ability to resize millions of images automatically

D.

The ability to bid on object detection jobs

Full Access
Question # 6

Which of the following is an AWS value proposition that describes a user's ability to scale infrastructure based on demand?

A.

Speed of innovation

B.

Resource elasticity

C.

Decoupled architecture

D.

Global deployment

Full Access
Question # 7

A company plans to migrate to the AWS Cloud. The company is gathering information about its on-premises infrastructure and requires information such as the hostname, IP address, and MAC address.

Which AWS service will meet these requirements?

A.

AWS DataSync

B.

AWS Application Migration Service

C.

AWS Application Discovery Service

D.

AWS Database Migration Service (AWS DMS)

Full Access
Question # 8

A large company wants to track the combined AWS usage costs of all of its linked accounts.

How can this be accomplished?

A.

Use AWS Trusted Advisor to generate customized summary reports.

B.

Use AWS Organizations to generate consolidated billing reports.

C.

Use AWS Budgets to set utilization targets and receive summary reports.

D.

Use the AWS Control Tower dashboard to get a summary report of all linked account costs.

Full Access
Question # 9

Which option is an advantage of AWS Cloud computing that minimizes variable costs?

A.

High availability

B.

Economies of scale

C.

Global reach

D.

Agility

Full Access
Question # 10

Which AWS service will help a company identify the user who deleted an Amazon EC2 instance yesterday?

A.

Amazon CloudWatch

B.

AWS Trusted Advisor

C.

AWS CloudTrail

D.

Amazon Inspector

Full Access
Question # 11

A company deploys its application on Amazon EC2 instances. The application occasionally experiences sudden increases in demand. The company wants to ensure that its application can respond to changes in demand at the lowest possible cost.

Which AWS service or tool will meet these requirements?

A.

AWS Auto Scaling

B.

AWS Compute Optimizer

C.

AWS Cost Explorer

D.

AWS Well-Architected Framework

Full Access
Question # 12

Which of the following are customer responsibilities under the AWS shared responsibility model? (Select TWO.)

A.

Physical security of AWS facilities

B.

Configuration of security groups

Q C. Encryption of customer data on AWS

C.

Management of AWS Lambda infrastructure

Q E. Management of network throughput of each AWS Region

Full Access
Question # 13

A company wants to ensure that all of its Amazon EC2 instances have compliant operating system patches.

Which AWS service will meet these requirements?

A.

AWS Compute Optimizer

B.

AWS Elastic Beanstalk

C.

AWS AppSync

D.

AWS Systems Manager

Full Access
Question # 14

Which of the following are design principles for reliability in the AWS Cloud? (Select TWO.)

A.

Build architectures with tightly coupled resources.

B.

Use AWS Trusted Advisor to meet security best practices.

C.

Use automation to recover immediately from failure.

D.

Rightsize Amazon EC2 instances to ensure optimal performance.

E.

Simulate failures to test recovery processes.

Full Access
Question # 15

A social media company wants to protect its web application from common web exploits such as SQL injections and cross-site scripting. Which AWS service will meet these requirements?

A.

Amazon Inspector

B.

AWS WAF

C.

Amazon GuardDuty

D.

Amazon CloudWatch

Full Access
Question # 16

A company's IT team is managing MySQL database server clusters. The IT team has to patch the database and take backup snapshots of the data in the clusters. The company wants to move this workload to AWS so that these tasks will be completed automatically.

What should the company do to meet these requirements?

A.

Deploy MySQL database server clusters on Amazon EC2 instances.

B.

Use Amazon RDS with a MySQL database.

C.

Use an AWS Cloud Form at ion template to deploy MySQL database servers on Amazon EC2 instances.

D.

Migrate all the MySQL database data to Amazon S3.

Full Access
Question # 17

Which AWS service can report how AWS resource configurations have changed over time?

A.

AWS CloudTrail

B.

Amazon CloudWatch

C.

AWS Config

D.

Amazon Inspector

Full Access
Question # 18

Which design principles support the reliability pillar of the AWS Well-Architected Framework? (Select TWO.)

A.

Perform operations as code.

B.

Enable traceability.

C.

Automatically scale to meet demand.

D.

Deploy resources globally to improve response time.

E.

Automatically recover from failure.

Full Access
Question # 19

A company is migrating its data center to AWS. The company needs an AWS Support plan that provides chat access to a cloud sup engineer 24 hours a day, 7 days a week. The company does not require access to infrastructure event management.

What is the MOST cost-effective AWS Support plan that meets these requirements?

A.

AWS Enterprise Support

B.

AWS Business Support

C.

AWS Developer Support

D.

AWS Basic Support

Full Access
Question # 20

A company deploys its application to multiple AWS Regions and configures automatic failover between those Regions.

Which cloud concept does this architecture represent?

A.

Security

B.

Reliability

C.

Scalability

D.

Cost optimization

Full Access
Question # 21

A company is configuring its AWS Cloud environment. The company's administrators need to group users together and apply permissions to the group.

Which AWS service or feature can the company use to meet these requirements?

A.

AWS Organizations

B.

Resource groups

C.

Resource tagging

D.

AWS Identity and Access Management (IAM)

Full Access
Question # 22

Which actions are examples of a company's effort to right size its AWS resources to control cloud costs? (Select TWO.)

A.

Switch from Amazon RDS to Amazon DynamoDB to accommodate NoSQL datasets.

Q B. Base the selection of Amazon EC2 instance types on past utilization patterns.

B.

Use Amazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers.

C.

Use Multi-AZ deployments for Amazon RDS.

D.

Replace existing Amazon EC2 instances with AWS Elastic Beanstalk.

Full Access
Question # 23

Which AWS service or feature is used to Troubleshoot network connectivity issues between Amazon EC2 instances?

A.

AWS Certificate Manager (ACM)

B.

Internet gateway

C.

VPC Flow Logs

D.

AWS CloudHSM

Full Access
Question # 24

Which service is an AWS in-memory data store service?

A.

Amazon Aurora

B.

Amazon RDS

C.

Amazon DynamoDB

D.

Amazon ElastiCache

Full Access
Question # 25

A company needs to use standard SQL to query and combine exabytes of structured and semi-structured data across a data warehouse, operational database, and data lake.

Which AWS service meets these requirements?

A.

Amazon DynamoDB

B.

Amazon Aurora

C.

Amazon Athena

D.

Amazon Redshift

Full Access
Question # 26

A company wants to query its server logs to gain insights about its customers' experiences.

Which AWS service will store this data MOST cost-effectively?

A.

Amazon Aurora

B.

Amazon Elastic File System (Amazon EFS)

C.

Amazon Elastic Block Store (Amazon EBS)

D.

Amazon S3

Full Access
Question # 27

A company needs to identify the last time that a specific user accessed the AWS Management Console.

Which AWS service will provide this information?

A.

Amazon Cognito

B.

AWS CloudTrail

C.

Amazon Inspector

D.

Amazon GuardDuty

Full Access
Question # 28

A company needs to test a new application that was written in Python. The code will activate when new images are stored in an Amazon S3 bucket. The application will put a watermark on each image and then will store the images in a different S3 bucket.

Which AWS service should the company use to conduct the test with the LEAST amount of operational

overhead?

A.

Amazon EC2

B.

AWS CodeDeploy

C.

AWS Lambda

D.

Amazon Lightsail

Full Access
Question # 29

Which of the following is an advantage of AWS Cloud computing?

A.

Trade security for elasticity.

B.

Trade operational excellence for agility.

C.

Trade fixed expenses for variable expenses.

D.

Trade elasticity for performance.

Full Access
Question # 30

A company is using AWS Lambda functions to build an application.

Which tasks are the company's responsibility, according to the AWS shared responsibility model? (Select TWO.)

A.

Patch the servers where the Lambda functions are deployed.

B.

Establish the IAM permissions that define who can run the Lambda functions.

C.

Write the code for the Lambda functions to define the application logic.

D.

Deploy Amazon EC2 instances to support the Lambda functions.

E.

Scale out the Lambda functions when the load increases.

Full Access
Question # 31

Which AWS service provides the ability to host a NoSQL database in the AWS Cloud?

A.

Amazon Aurora

B.

Amazon DynamoDB

C.

Amazon RDS

D.

Amazon Redshift

Full Access
Question # 32

Which AWS solution gives companies the ability to use protocols such as NFS to store and retrieve objects in Amazon S3?

A.

Amazon FSx for Lustre

B.

AWS Storage Gateway volume gateway

C.

AWS Storage Gateway file gateway

D.

Amazon Elastic File System (Amazon EFS)

Full Access
Question # 33

A developer needs to build an application for a retail company. The application must provide real-time product recommendations that are based on machine learning.

Which AWS service should the developer use to meet this requirement?

A.

AWS Health Dashboard

B.

Amazon Personalize

C.

Amazon Forecast

D.

Amazon Transcribe

Full Access
Question # 34

A company wants to host its relational databases on AWS. The databases have predefined schemas that the company needs to replicate on AWS.

Which AWS services could the company use for the databases? (Select TWO.)

A.

Amazon Aurora

B.

Amazon RDS

C.

Amazon DocumentDB (with MongoDB compatibility)

D.

Amazon Neptune

E.

Amazon DynamoDB

Full Access
Question # 35

A cloud practitioner is analyzing Amazon EC2 instance performance and usage to provide recommendations for potential cost savings.

Which cloud concept does this analysis demonstrate?

A.

Auto scaling

B.

Rightsizing

C.

Load balancing

D.

High availability

Full Access
Question # 36

A company wants to use a managed service to simplify the setup, operation, and scaling of its MySQL database in the AWS Cloud.

Which AWS service will meet these requirements?

A.

Amazon EMR

B.

Amazon RDS

C.

Amazon Redshift

D.

Amazon DynamoDB

Full Access
Question # 37

Which of the following is a characteristic of the AWS account root user?

A.

The root user is the only user that can be configured with multi-factor authentication (MFA).

B.

The root user is the only user that can access the AWS Management Console.

C.

The root user is the first sign-in identity that is available when an AWS account is created.

D.

The root user has a password that cannot be changed.

Full Access
Question # 38

Which AWS service is a highly available and scalable DNS web service?

A.

Amazon VPC

B.

Amazon CloudFront

C.

Amazon Route 53

D.

Amazon Connect

Full Access
Question # 39

A company has an application with robust hardware requirements. The application must be accessed by students who are using lightweight, low-cost laptops.

Which AWS service will help the company deploy the application without investing in backend infrastructure or high end client hardware?

A.

Amazon AppStream 2.0

B.

AWS AppSync

C.

Amazon WorkLink

D.

AWS Elastic Beanstalk

Full Access
Question # 40

A company's information security manager is supervising a move to AWS and wants to ensure that AWS best practices are followed. The manager has concerns about the potential misuse of AWS account root user credentials.

Which of the following is an AWS best practice for using the AWS account root user credentials?

A.

Allow only the manager to use the account root user credentials for normal activities.

B.

Use the account root user credentials only for Amazon EC2 instances from the AWS Free Tier.

C.

Use the account root user credentials only when they alone must be used to perform a required

function.

D.

Use the account root user credentials only for the creation of private VPC subnets.

Full Access
Question # 41

A company is building a serverless architecture that connects application data from multiple data sources. The company needs a solution that does not require additional code.

Which AWS service meets these requirements?

A.

AWS Lambda

B.

Amazon Simple Queue Service (Amazon SQS)

C.

Amazon CloudWatch

D.

Amazon EventBridge

Full Access
Question # 42

A company hosts an application on an Amazon EC2 instance. The EC2 instance needs to access several AWS resources, including Amazon S3 and Amazon DynamoDB.

What is the MOST operationally efficient solution to delegate permissions?

A.

Create an IAM role with the required permissions. Attach the role to the EC2 instance.

B.

Create an IAM user and use its access key and secret access key in the application.

C.

Create an IAM user and use its access key and secret access key to create a CLI profile in the EC2 instance.

D.

Create an IAM role with the required permissions. Attach the role to the administrativeIAM user.

Full Access
Question # 43

Which benefit is included with an AWS Enterprise Support plan?

A.

AWS Partner Network (APN) support at no cost

B.

Designated support from an AWS technical account manager (TAM)

C.

On-site support from AWS engineers

D.

AWS managed compliance as code with AWS Config

Full Access
Question # 44

What is an Availability Zone?

A.

A location where users can deploy compute, storage, database, and other select AWS services

where no AWS Region currently exists

B.

One or more discrete data centers with redundant power, networking, and connectivity

C.

One or more clusters of servers where new workloads can be deployed

D.

A fast content delivery network (CDN) service that securely delivers data, videos, applications, and

APIs to users globally

Full Access
Question # 45

Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Select TWO.)

A.

Patch AWS network devices.

B.

Set user password rules.

C.

Provide physical security for compute resources.

D.

Configure security groups.

E.

Patch the operating system of an Amazon EC2 instance.

Full Access
Question # 46

Which AWS service or tool does AWS Control Tower use to create resources?

A.

AWS CloudFormation

B.

AWS Trusted Advisor

C.

AWS Directory Service

D.

AWS Cost Explorer

Full Access
Question # 47

Which option is an advantage of AWS Cloud computing that minimizes variable costs?

A.

High availability

B.

Economies of scale

C.

Global reach

D.

Agility

Full Access
Question # 48

A company needs to design a solution for the efficient use of compute resources for an enterprise workload. The company needs to make informed decisions as its technology needs evolve.

Which pillar of the AWS Well-Architected Framework do these requirements represent?

A.

Operational excellence

B.

Performance efficiency

C.

Cost optimization

D.

Reliability

Full Access
Question # 49

Which activity is a customer responsibility in the AWS Cloud according to the AWS shared responsibility model?

A.

Ensuring network connectivity from AWS to the internet

B.

Patching and fixing flaws within the AWS Cloud infrastructure

C.

Ensuring the physical security of cloud data centers

D.

Ensuring Amazon EBS volumes are backed up

Full Access
Question # 50

A company needs to configure rules to identify threats and protect applications from malicious network access.

Which AWS service should the company use to meet these requirements?

A.

AWS Identity and Access Management (IAM)

B.

Amazon QuickSight

C.

AWS WAF

D.

Amazon Detective

Full Access
Question # 51

How can an AWS user conduct security assessments of Amazon EC2 instances, NAT gateways, and Elastic

Load Balancers in a way that is approved by AWS?

A.

Flood a target with requests.

B.

Use Amazon Inspector.

C.

Perform penetration testing.

D.

Use the AWS Service Health Dashboard.

Full Access
Question # 52

Which AWS solution should the company use to meet this requirement?

A.

AWS Config

B.

AWS software development kits (SDKs)

C.

AWS Service Catalog

D.

AWS AppSync

Full Access
Question # 53

Which AWS service can a company use to perform complex analytical queries?

A.

Amazon RDS

B.

Amazon DynamoDB

C.

Amazon Redshift

D.

Amazon ElastiCache

Full Access
Question # 54

Which AWS service should a cloud practitioner use to receive real-time guidance for provisioning resources, based on AWS best practices related to security, cost optimization, and service limits?

A.

AWS Trusted Advisor

B.

AWS Config

C.

AWS Security Hub

D.

AWS Systems Manager

Full Access
Question # 55

Which AWS feature or resource is a deployable Amazon EC2 instance template that is prepackaged with

software and security requirements?

A.

Amazon Elastic Block Store (Amazon EBS) volume

B.

AWS CloudFormation template

C.

Amazon Elastic Block Store (Amazon EBS) snapshot

D.

Amazon Machine Image (AMI)

Full Access
Question # 56

Which statements explain the business value of migration to the AWS Cloud? (Select TWO.)

A.

The migration of enterprise applications to the AWS Cloud makes these applications automatically available on mobile devices.

S B. AWS availability and security provide the ability to improve service level agreements (SLAs) while reducing risk and unplanned downtime.

B.

Companies that migrate to the AWS Cloud eliminate the need to plan for high availability and disaster recovery.

C.

Companies that migrate to the AWS Cloud reduce IT costs related to infrastructure, freeing budget for reinvestment in other

areas.

D.

Applications are modernized because migration to the AWS Cloud requires companies to rearchitect and rewrite all

enterprise applications.

Full Access
Question # 57

Which AWS service or tool should a company use to forecast AWS spending?

A.

Amazon DevPay

B.

AWS Organizations

C.

AWS Trusted Advisor

D.

Cost Explorer

Full Access
Question # 58

Which AWS service or tool provides recommendations to help users get rightsized Amazon EC2 instances based on historical workload usage data?

A.

AWS Pricing Calculator

B.

AWS Compute Optimizer

C.

AWS App Runner

D.

AWS Systems Manager

Full Access
Question # 59

A company has an AWS-hosted website located behind an Application Load Balancer. The company wants to safeguard the website from SQL injection or cross-site scripting.

Which AWS service should the company use?

A.

Amazon GuardDuty

B.

AWS WAF

C.

AWS Trusted Advisor

D.

Amazon Inspector

Full Access
Question # 60

A company plans to migrate its on-premises workload to AWS. Before the migration, the company needs to estimate its future AWS service costs.

Which AWS service or tool should the company use to meet this requirement?

A.

AWS Trusted Advisor

B.

AWS Budgets

C.

AWS Pricing Calculator

D.

AWS Cost Explorer

Full Access
Question # 61

Which AWS service or tool offers consolidated billing?

A.

AWS Artifact

B.

AWS Budgets

C.

AWS Organizations

D.

AWS Trusted Advisor

A company wants to limit its employees' AWS access to a portfolio of predefined AWS resources.

Full Access
Question # 62

A company wants to use Amazon EC2 instances for a stable production workload that will run for 1 year.

Which instance purchasing option meets these requirements MOST cost-effectively?

A.

Dedicated Hosts

B.

Reserved Instances

C.

On-Demand Instances

D.

Spot Instances

Full Access
Question # 63

Which option is a pillar of the AWS Well-Architected Framework?

A.

Patch management

B.

Cost optimization

C.

Business technology strategy

D.

Physical and environmental controls

Full Access
Question # 64

A company wants to run its production workloads on AWS. The company needs concierge service, a designated AWS technical account manager (TAM), and technical support that is available 24 hours a day, 7 days a week.

Which AWS Support plan will meet these requirements?

A.

AWS Basic Support

B.

AWS Enterprise Support

C.

AWS Business Support

D.

AWS Developer Support

Full Access
Question # 65

Which AWS network services or features allow Cl DR block notation when providing an IP address range?

(Select TWO.)

A.

Security groups

B.

Amazon Machine Image (AMI)

C.

Network access control list (network ACL)

D.

AWS Budgets

E.

Amazon Elastic Block Store (Amazon EBS)

Full Access
Question # 66

A user wants to identify any security group that is allowing unrestricted incoming SSH traffic.

Which AWS service can be used to accomplish this goal?

A.

Amazon Cognito

B.

AWS Shield

C.

Amazon Macie

D.

AWS Trusted Advisor

Full Access
Question # 67

A company is using AWS Organizations to configure AWS accounts.

A company is planning its migration to the AWS Cloud. The company is identifying its capability gaps by using the AWS Cloud Adoption Framework (AWS CAF) perspectives.

Which phase of the cloud transformation journey includes these identification activities?

A.

Envision

B.

Align

C.

Scale

D.

Launch

Full Access
Question # 68

A company is hosting a web application in a Docker container on Amazon EC2.

AWS is responsible for which of the following tasks?

A.

Scaling the web application and services developed with Docker

B.

Provisioning or scheduling containers to run on clusters and maintain their availability

C.

Performing hardware maintenance in the AWS facilities that run the AWS Cloud

D.

Managing the guest operating system, including updates and security patches

Full Access
Question # 69

Which duties are the responsibility of a company that is using AWS Lambda? (Select TWO.)

A.

Security inside of code

B.

Selection of CPU resources

C.

Patching of operating system

D.

Writing and updating of code

E.

Security of underlying infrastructure

Full Access
Question # 70

Which design principles should a company apply to AWS Cloud workloads to maximize sustainability and minimize environmental impact? (Select TWO.)

A.

Maximize utilization of Amazon EC2 instances.

B.

Minimize utilization of Amazon EC2 instances.

C.

Minimize usage of managed services.

D.

Force frequent application reinstallations by users.

E.

Reduce the need for users to reinstall applications.

Full Access
Question # 71

A company is running an application on AWS. The company wants to identify and prevent the accidental

Which AWS service or feature will meet these requirements?

A.

Amazon GuardDuty

B.

Network ACL

C.

AWS WAF

D.

AWS Network Firewall

Full Access
Question # 72

A company suspects that its AWS resources are being used for illegal activities.

Which AWS group or team should the company notify?

A.

AWS Abuse team

B.

AWS Support team

C.

AWS technical account managers

D.

AWS Professional Services team

Full Access
Question # 73

A new AWS user who has little cloud experience wants to build an application by using AWS services. The user wants to learn how to implement specific AWS services from other customer examples. The user also wants to ask questions to AWS experts.

Which AWS service or resource will meet these requirements?

A.

AWS Online Tech Talks

B.

AWS documentation

C.

AWS Marketplace

D.

AWS Health Dashboard

Full Access
Question # 74

A company has a physical tape library to store data backups. The tape library is running out of space. The company needs to extend the tape library's capacity to the AWS Cloud.

Which AWS service should the company use to meet this requirement?

A.

Amazon Elastic File System (Amazon EFS)

B.

Amazon Elastic Block Store (Amazon EBS)

C.

Amazon S3

D.

AWS Storage Gateway

Full Access
Question # 75

A company provides a software as a service (SaaS) application. The company has a new customer that is based in a different country.

The new customer's data needs to be hosted in that country.

Which AWS service or infrastructure component should the company use to meet this requirement?

A.

AWS Shield

B.

Amazon S3 Object Lock

C.

AWS Regions

D.

Placement groups

Full Access
Question # 76

A company wants to move its iOS application development and build activities to AWS.

Which AWS service or resource should the company use for these activities?

A.

AWS CodeCommit

B.

Amazon EC2 M1 Mac instances

C.

AWS Amplify

D.

AWS App Runner

Full Access
Question # 77

Which encryption types can be used to protect objects at rest in Amazon S3? (Select TWO.)

A.

Server-side encryption with AmazonS3 managed encryption keys (SSE-S3)

B.

Server-side encryption with AWS KMSmanaged keys (SSE-KMS)

C.

TLS

D.

SSL

E.

Transparent Data Encryption (TDE)

Full Access
Question # 78

A large company has multiple departments. Each department has its own AWS account. Each department has purchased Amazon EC2 Reserved Instances. Some departments do not use all the Reserved Instances that they purchased, and other departments need more Reserved Instances than they purchased.

The company needs to manage the AWS accounts for all the departments so that the departments can share the Reserved Instances.

Which AWS service or tool should the company use to meet these requirements?

A.

AWS Systems Manager

B.

Cost Explorer

C.

AWS Trusted Advisor

D.

AWS Organizations

Full Access
Question # 79

Which AWS services or tools are designed to protect a workload from SQL injections, cross-site scripting, and DDoS attacks? (Select TWO.)

A.

VPC endpoint

B.

Virtual private gateway

Q C. AWS Shield Standard

C.

AWS Config

D.

AWS WAF

Full Access
Question # 80

Which AWS service or tool provides on-demand access to AWS security and compliance reports and AWS online agreements?

A.

AWS Artifact

B.

AWS Trusted Advisor

C.

Amazon Inspector

D.

AWS Billing console

Full Access
Question # 81

Which benefit of the AWS Cloud helps companies achieve lower usage costs because of the aggregate usage of all AWS users?

A.

No need to guess capacity

B.

Ability to go global in minutes

C.

Economies of scale

D.

Increased speed and agility

Full Access
Question # 82

A company wants to access a report about the estimated environmental impact of the company's AWS usage.

Which AWS service or feature should the company use to meet this requirement?

A.

AWS Organizations

B.

IAM policy

C.

AWS Billing console

D.

Amazon Simple Notification Service (Amazon SNS)

Full Access
Question # 83

Which AWS service is designed to help users build conversational interfaces into applications using voice and text?

A.

Amazon Lex

B.

Amazon Transcribe

C.

Amazon Comprehend

D.

Amazon Timestream

Full Access
Question # 84

A company wants to securely store Amazon RDS database credentials and automatically rotate user passwords periodically.

Which AWS service or capability will meet these requirements?

A.

Amazon S3

B.

AWS Systems Manager Parameter Store

C.

AWS Secrets Manager

D.

AWS CloudTrail

Full Access
Question # 85

A company wants to migrate its application to AWS. The company wants to replace upfront expenses with variable payment that is based on usage.

What should the company do to meet these requirements?

A.

Use pay-as-you-go pricing.

B.

Purchase Reserved Instances.

C.

Pay less by using more.

D.

Rightsize instances.

Full Access
Question # 86

A company migrated its core application onto multiple workloads in the AWS Cloud. The company wants to improve the application's reliability.

Which cloud design principle should the company implement to achieve this goal?

A.

Maximize utilization.

B.

Decouple the components.

C.

Rightsize the resources.

D.

Adopt a consumption model.

Full Access
Question # 87

A manufacturing company has a critical application that runs at a remote site that has a slow internet connection. The company wants to migrate the workload to AWS. The application is sensitive to latency and interruptions in connectivity. The company wants a solution that can host this application with minimum latency.

Which AWS service or feature should the company use to meet these requirements?

A.

Availability Zones

B.

AWS Local Zones

C.

AWS Wavelength

D.

AWS Outposts

Full Access
Question # 88

Which design principle is included in the operational excellence pillar of the AWS Well-Architected Framework?

A.

Create annotated documentation.

B.

Anticipate failure.

C.

Ensure performance efficiency.

D.

Optimize costs.

Full Access
Question # 89

A company is running an application that is hosted on Amazon EC2 instances. The usage of the EC2 instances is higher during daytime hours than nighttime hours. The company wants to optimize the number of EC2 instances based on this usage pattern.

Which AWS service or instance purchasing option should the company use to meet these requirements?

A.

Spot Instances

B.

Reserved Instances

C.

AWS CloudFormation

D.

AWS Auto Scaling

Full Access
Question # 90

Which credential allows programmatic access to AWS resources for use from the AWS CLI or the AWS API?

A.

User name and password

B.

Access keys

C.

SSH public keys

D.

AWS Key Management Service (AWS KMS) keys

Full Access
Question # 91

A company is reviewing the design of an application that will be migrated from on premises to a single Amazon EC2 instance.

What should the company do to make the application highly available?

A.

Provision additional EC2 instances in other Availability Zones.

B.

Configure an Application Load Balancer (ALB). Assign the EC2 instance as the ALB's target.

C.

Use an Amazon Machine Image (AMI) to create the EC2 instance.

D.

Provision the application by using an EC2 Spot Instance.

Full Access
Question # 92

A company is using Amazon RDS.

A company is launching a critical business application in an AWS Region.

How can the company increase resilience for this application?

A.

Deploy a copy of the application in another AWS account.

B.

Deploy the application by using multiple VPCs.

C.

Deploy the application by using multiple subnets.

D.

Deploy the application by using multiple Availability Zones.

Full Access
Question # 93

A developer wants to use an Amazon S3 bucket to store application logs that contain sensitive data.

Which AWS service or feature should the developer use to restrict read and write access to the S3 bucket?

A.

Security groups

B.

Amazon CloudWatch

C.

AWS CloudTrail

D.

ACLs

Full Access
Question # 94

Which AWS services allow users to monitor and retain records of account activities that include governance, compliance, and auditing?

(Select TWO.)

A.

Amazon CloudWatch

B.

AWS CloudTrail

C.

Amazon GuardDuty

D.

AWS Shield

E.

AWS WAF

Full Access
Question # 95

Which options are perspectives that include foundational capabilities of the AWS Cloud Adoption Framework (AWS CAF)? (Select TWO.)

A.

Sustainability

B.

Security

C.

Operations

D.

Performance efficiency

E.

Reliability

Full Access
Question # 96

Which AWS service provides a highly accurate and easy-to-use enterprise search service that is powered by machine learning (ML)?

A.

Amazon Kendra

B.

Amazon SageMaker

C.

Amazon Augmented Al (Amazon A2I)

D.

Amazon Polly

Full Access
Question # 97

Which AWS service offers a global content delivery network (CDN) that helps companies securely deliver websites, videos, applications,

and APIs at high speeds with low latency?

A.

Amazon EC2

B.

Amazon CloudFront

C.

Amazon CloudWatch

D.

AWS CloudFormation

Full Access
Question # 98

A company has an application that runs periodically in an on-premises environment. The application runs for a few hours most days, but runs for 8 hours a day for a week at the end of each month.

Which AWS service or feature should be used to host the application in the AWS Cloud?

A.

Amazon EC2 Standard Reserved Instances

B.

Amazon EC2 On-Demand Instances

C.

AWS Wavelength

D.

Application Load Balancer

Full Access
Question # 99

A company wants its Amazon EC2 instances to share the same geographic area but use redundant underlying power sources.

Which solution will meet these requirements?

A.

Use EC2 instances across multiple Availability Zones in the same AWS Region.

B.

Use Amazon CloudFront as the database for the EC2 instances.

C.

Use EC2 instances in the same edge location and the same Availability Zone.

D.

Use EC2 instances in AWS OpsWorks stacks in different AWS Regions.

Full Access
Question # 100

A developer needs to maintain a development environment infrastructure and a production environment infrastructure in a repeatable fashion.

Which AWS service should the developer use to meet these requirements?

A.

AWS Ground Station

B.

AWS Shield

C.

AWS loT Device Defender

D.

AWS CloudFormation

Full Access
Question # 101

Which perspective of the AWS Cloud Adoption Framework (AWS CAF) connects technology and business?

A.

Operations

B.

People

C.

Security

D.

Governance

Full Access
Question # 102

A company wants to create multiple isolated networks in the same AWS account.

Which AWS service or component will provide this functionality?

A.

AWS Transit Gateway

B.

Internet gateway

C.

Amazon VPC

D.

Amazon EC2

Full Access
Question # 103

Which group shares responsibility with AWS for security and compliance of AWS accounts and resources?

A.

Third-party vendors

B.

Customers

C.

Reseller partners

D.

Internet providers

Full Access
Question # 104

A company does not want to rely on elaborate forecasting to determine its usage of compute resources. Instead, the company wants to pay only for the resources that it uses. The company also needs the ability to increase or decrease its resource usage to meet business requirements.

Which pillar of the AWS Well-Architected Framework aligns with these requirements?

A.

Operational excellence

B.

Security

C.

Reliability

D.

Cost optimization

Full Access
Question # 105

Which AWS service requires the customer to patch the guest operating system?

A.

AWS Lambda

B.

Amazon OpenSearch Service

C.

Amazon EC2

D.

Amazon ElastiCache

Full Access
Question # 106

Which AWS service is always available free of charge to users?

A.

Amazon Athena

B.

AWS Identity and Access Management (IAM)

C.

AWS Secrets Manager

D.

Amazon ElastiCache

A company has only basic knowledge of AWS technologies.

Full Access
Question # 107

Which AWS Cloud design principle does a company follow by using AWS CloudTrail?

A.

Recover automatically.

B.

Perform operations as code.

C.

Measure efficiency.

D.

Ensure traceability.

Full Access
Question # 108

A company is hosting a web application on Amazon EC2 instances. The company wants to implement custom conditions to filter and control inbound web traffic.

Which AWS service will meet these requirements?

A.

Amazon GuardDuty

B.

AWSWAF

C.

Amazon Macie

D.

AWS Shield

Full Access
Question # 109

Which options are common stakeholders for the AWS Cloud Adoption Framework (AWS CAF) platform perspective? (Select TWO.)

A.

Chief financial officers (CFOs)

B.

IT architects

C.

Chief information officers (CIOs)

D.

Chief data officers (CDOs)

E.

Engineers

Full Access
Question # 110

A company is running workloads for multiple departments within a single VPC. The company needs to be able to bill each department for its resource usage.

Which action should the company take to accomplish this goal with the LEAST operational overhead?

A.

Add a department tag to each resource and configure cost allocation tags.

B.

Move each department resource to its own VPC.

C.

Move each department resource to its own AWS account.

D.

Use AWS Organizations to get a billing report for each department.

Full Access
Question # 111

A company wants to use Amazon EC2 instances to run a stateless and restartable process after business hours.

Which AWS service provides DNS resolution?

A.

Amazon CloudFront

B.

Amazon VPC

C.

Amazon Route 53

D.

AWS Direct Connect

Full Access
Question # 112

A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access.

According to the AWS shared responsibility model, which task is the responsibility of the customer?

A.

Protect the global infrastructure that runs all of the services offered in the AWS Cloud.

B.

Configure logical access controls for resources, and protect account credentials.

C.

Configure the security used by managed services.

D.

Patch and back up Amazon Aurora.

Full Access
Question # 113

A company needs to launch an Amazon EC2 instance.

Which of the following can the company use during the launch process to configure the root volume of the EC2 instance?

A.

Amazon EC2 Auto Scaling

B.

Amazon Data Lifecycle Manager (Amazon DLM)

C.

Amazon Machine Image (AMI)

D.

Amazon Elastic Block Store (Amazon EBS) volume

Full Access
Question # 114

Which AWS solution provides the ability for a company to run AWS services in the company's on-premises data center?

A.

AWS Direct Connect

B.

AWS Outposts

C.

AWS Systems Manager hybrid activations

D.

AWS Storage Gateway

Full Access
Question # 115

A company is preparing to launch a redesigned website on AWS. Users from around the world will download digital handbooks from the website.

Which AWS solution should the company use to provide these static files securely?

A.

Amazon Kinesis Data Streams

B.

Amazon CloudFront with Amazon S3

C.

Amazon EC2 instances with an Application Load Balancer

D.

Amazon Elastic File System (Amazon EFS)

Full Access
Question # 116

A company wants to migrate its on-premises application to the AWS Cloud. The company is legally obligated to retain certain data in its onpremises data center.

Which AWS service or feature will support this requirement?

A.

AWS Wavelength

B.

AWS Local Zones

C.

VMware Cloud on AWS

D.

AWS Outposts

Full Access
Question # 117

A company is planning a migration to the AWS Cloud and wants to examine the costs that are associated with different workloads.

Which AWS tool will meet these requirements?

A.

AWS Budgets

B.

AWS Cost Explorer

C.

AWS Pricing Calculator

D.

AWS Cost and Usage Report

Full Access
Question # 118

A company needs Amazon EC2 instances for a workload that can tolerate interruptions.

Which EC2 instance purchasing option meets this requirement with the LARGEST discount compared to On-Demand prices?

A.

Spot Instances

B.

Convertible Reserved Instances

C.

Standard Reserved Instances

D.

Dedicated Hosts

Full Access
Question # 119

Which AWS service is designed to help users orchestrate a workflow process for a set of AWS Lambda functions?

A.

Amazon DynamoDB

B.

AWS CodePipeline

C.

AWS Batch

D.

AWS Step Functions

Full Access
Question # 120

A company has an Amazon S3 bucket containing images of scanned financial invoices. The company is building an artificial intelligence (Al)-based application on AWS. The company wants the application to identify and read total balance amounts on the invoices.

Which AWS service will meet these requirements?

A.

Amazon Forecast

B.

Amazon Textract

C.

Amazon Rekognition

D.

Amazon Lex

Full Access
Question # 121

Which AWS service can a company use to securely store and encrypt passwords for a database?

A.

AWS Shield

B.

AWS Secrets Manager

C.

AWS Identity and Access Management (IAM)

D.

Amazon Cognito

Full Access
Question # 122

A company has an environment that includes Amazon EC2 instances, Amazon Lightsail, and on-premises servers. The company wants to automate the security updates for its operating systems and applications.

Which solution will meet these requirements with the LEAST operational effort?

A.

Use AWS Shield to identify and manage security events.

B.

Connect to each server by using a remote desktop connection. Run an update script.

C.

Use the AWS Systems Manager Patch Manager capability.

D.

Schedule Amazon GuardDuty to run on a nightly basis.

Full Access
Question # 123

A company needs to host a highly available application in the AWS Cloud. The application runs infrequently for short periods of time.

Which AWS service will meet these requirements with the LEAST amount of operational overhead?

A.

Amazon EC2

B.

AWS Fargate

C.

AWS Lambda

D.

Amazon Aurora

Full Access
Question # 124

Which of the following is entirely the responsibility of AWS, according to the AWS shared responsibility model?

A.

Security awareness and training

B.

Development of an IAM password policy

C.

Patching of the guest operating system

D.

Physical and environmental controls

Full Access
Question # 125

Which controls are the responsibility of both AWS and AWS customers, according to the AWS shared responsibility model? (Select TWO.)

A.

Physical and environmental controls

B.

Patch management

C.

Configuration management

D.

Account structures

E.

Choice of the AWS Region where data is stored

Full Access
Question # 126

Which AWS service or tool helps companies measure the environmental impact of their AWS usage?

A.

AWS customer carbon footprint tool

B.

AWS Compute Optimizer

C.

Sustainability pillar

D.

OS-Climate (Open Source Climate Data Commons)

Full Access
Question # 127

Which AWS service is used to temporarily provide federated security credentials to a

A.

Amazon GuardDuty

B.

AWS Simple Token Service (AWS STS)

C.

AWS Secrets Manager

D.

AWS Certificate Manager

Full Access
Question # 128

Which benefit of AWS Cloud computing provides lower latency between users and applications?

A.

Agility

B.

Economies of scale

C.

Global reach

D.

Pay-as-you-go pricing

Full Access
Question # 129

In which categories does AWS Trusted Advisor provide recommended actions? (Select TWO.)

A.

Operating system patches

B.

Cost optimization

C.

Repetitive tasks

D.

Service quotas

E.

Account activity records

Full Access
Question # 130

A company is building an application that will receive millions of database queries each second. The company needs the data store for the application to scale to meet these needs.

Which AWS service will meet this requirement?

A.

Amazon DynamoDB

B.

AWS Cloud9

C.

Amazon ElastiCache for Memcached

D.

Amazon Neptune

Full Access
Question # 131

Which tasks are the responsibility of AWS according to the AWS shared responsibility model? (Select TWO.)

A.

Configure AWS Identity and Access Management (IAM).

B.

Configure security groups on Amazon EC2 instances.

C.

Secure the access of physical AWS facilities.

D.

Patch applications that run on Amazon EC2 instances.

E.

Perform infrastructure patching and maintenance.

Full Access
Question # 132

A company has a single Amazon EC2 instance. The company wants to adopt a highly available architecture.

What can the company do to meet this requirement?

A.

Scale vertically to a larger EC2 instance size.

B.

Scale horizontally across multiple Availability Zones.

C.

Purchase an EC2 Dedicated Instance.

D.

Change the EC2 instance family to a compute optimized instance.

Full Access
Question # 133

How should the company deploy the application to meet these requirements?

A.

Ina single Availability Zone

B.

On AWS Direct Connect

C.

On Reserved Instances

D.

In multiple Availability Zones

Full Access
Question # 134

Which benefit is always free of charge with AWS, regardless of a user's AWS Support plan?

A.

AWS Developer Support

B.

AWS Developer Forums

C.

Programmatic case management

D.

AWS technical account manager (TAM)

Full Access
Question # 135

A company has a compliance requirement to record and evaluate configuration changes, as well as perform remediation actions on AWS resources.

Which AWS service should the company use?

A.

AWS Config

B.

AWS Secrets Manager

C.

AWS CloudTrail

D.

AWS Trusted Advisor

Full Access
Question # 136

What is a characteristic of Convertible Reserved Instances (RIs)?

A.

Users can exchange Convertible RIs for other Convertible RIs from a different instance family.

B.

Users can exchange Convertible RIs for other Convertible RIs in different AWS Regions.

C.

Users can sell and buy Convertible RIs on the AWS Marketplace.

D.

Users can shorten the term of their Convertible RIs by merging them with other Convertible RIs.

Full Access
Question # 137

Which AWS service provides a single location to track the progress of application migrations?

A.

AWS Application Discovery Service

B.

AWS Application Migration Service

C.

AWS Service Catalog

D.

AWS Migration Hub

Full Access
Question # 138

Which abilities are benefits of the AWS Cloud? (Select TWO.)

A.

Trade variable expenses for capital expenses.

B.

Deploy globally in minutes.

C.

Plan capacity in advance of deployments.

D.

Take advantage of economies of scale.

E.

Reduce dependencies on network connectivity.

Full Access
Question # 139

A company has a centralized group of users with large file storage requirements that have exceeded the space available on premises. The company wants to extend its file storage capabilities for this group while retaining the performance benefit of sharing content locally.

What is the MOST operationally efficient AWS solution for this scenario?

A.

Create an Amazon S3 bucket for each user. Mount each bucket by using an S3 file system mounting utility.

B.

Configure and deploy an AWS Storage Gateway file gateway. Connect each user's workstation to the file gateway.

C.

Move each user's working environment to Amazon Workspaces. Set up an Amazon WorkDocs account for each user.

D.

Deploy an Amazon EC2 instance and attach an Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS volume. Share the EBS volume directly with the users.

Full Access
Question # 140

A company is moving some of its on-premises IT services to the AWS Cloud. The finance department wants to see the entire bill so it can forecast spending limits.

Which AWS service can the company use to set spending limits and receive notifications if those limits are exceeded?

A.

AWS Cost and Usage Reports

B.

AWS Budgets

C.

AWS Organizations consolidated billing

D.

Cost Explorer

Full Access
Question # 141

Which pillar of the AWS Well-Architected Framework includes the AWS shared responsibility model?

A.

Operational excellence

B.

Performance efficiency

C.

Reliability

D.

Security

Full Access
Question # 142

A company uses a third-party identity provider (IdP). The company wants to provide its employees with access to AWS accounts and services without requiring another set of login credentials.

Which AWS service will meet this requirement?

A.

AWS Directory Service

B.

Amazon Cognito

C.

AWS IAM Identity Center

D.

AWS Resource Access Manager (AWS RAM)

Full Access
Question # 143

A company needs to implement identity management for a fleet of mobile apps that are running in the AWS Cloud.

Which AWS service will meet this requirement?

A.

Amazon Cognito

B.

AWS Security Hub

C.

AWS Shield

D.

AWS WAF

Full Access
Question # 144

A company is planning to move data backups to the AWS Cloud. The company needs to replace on-premises storage with storage that is cloud-based but locally cached.

Which AWS service meets these requirements?

A.

AWS Storage Gateway

B.

AWS Snowcone

C.

AWS Backup

D.

Amazon Elastic File System (Amazon EFS)

Full Access
Question # 145

Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload?

A.

Amazon Route 53

B.

Amazon Macie

C.

AWS Direct Connect

D.

AWS PrivaleLink

Full Access
Question # 146

Which AWS service can migrate Amazon EC2 instances from one AWS Region to another?

A.

AWS Application Migration Service

B.

AWS Database Migration Service (AWS DMS)

C.

AWS DataSync

D.

AWS Migration Hub

Full Access
Question # 147

A company is planning to migrate applications to the AWS Cloud. During a system audit, the company finds that its content management system (CMS) application is incompatible with cloud environments.

Which migration strategies will help the company to migrate the CMS application with the LEAST effort? (Select TWO.)

A.

Retire

B.

Rehost

C.

Repurchase

D.

Replatform

E.

Refactor

Full Access
Question # 148

A company operates a petabyte-scale data warehouse to analyze its data. The company wants a solution that will not require manual hardware and software management. Which AWS service will meet these requirements?

A.

Amazon DocumentDB (with MongoDB compatibility)

B.

Amazon Redshift

C.

Amazon Neptune

D.

Amazon ElastiCache

Full Access
Question # 149

Which AWS service or tool helps to centrally manage billing and allow controlled access to resources across AWS accounts?

A.

AWS Identity and Access Management (IAM)

B.

AWS Organizations

C.

AWS Cost Explorer

D.

AWS Budgets

Full Access
Question # 150

A company wants to use the latest technologies and wants to minimize its capital investment. Instead of upgrading on-premises infrastructure, the company wants to move to the AWS Cloud.

Which AWS Cloud benefit does this scenario describe?

A.

Increased speed to market

B.

The trade of infrastructure expenses for operating expenses

C.

Massive economies of scale

D.

The ability to go global in minutes

Full Access
Question # 151

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO)

A.

High availability

B.

Performance efficiency

C.

Cost optimization

D.

Going global in minutes

E.

Continuous development

Full Access
Question # 152

A company has an application that uses AWS services. During scaling events, the company wants to keep

application usage within AWS service quotas.

Which AWS services or tools can report on the quotas so that the company can improve the reliability of the application? (Select TWO.)

A.

Service Quotas console

B.

AWS Trusted Advisor

C.

AWS Systems Manager

D.

AWS Shield

E.

AWS Cost Explorer

Full Access
Question # 153

Who enables encryption of data at rest for Amazon Elastic Block Store (Amazon EBS)?

A.

AWS Support

B.

AWS customers

C.

AWS Key Management Service (AWS KMS)

D.

AWS Trusted Advisor

Full Access
Question # 154

A company wants to receive a notification when a specific AWS cost threshold is reached.

Which AWS services or tools can the company use to meet this requirement? (Select TWO.)

A.

Amazon Simple Queue Service (Amazon SQS)

B.

AWS Budgets

C.

Cost Explorer

D.

Amazon CloudWatch

E.

AWS Cost and Usage Report

Full Access
Question # 155

A company needs to run a workload for several batch image rendering applications. It is acceptable for the workload to experience downtime.

Which Amazon EC2 pricing model would be MOST cost-effective in this situation?

A.

On-Demand Instances

B.

Reserved Instances

C.

Dedicated Instances

D.

Spot Instances

Full Access
Question # 156

Which of the following is a managed AWS service that is used specifically for extract, transform, and load (ETL) data?

A.

Amazon Athena

B.

AWS Glue

C.

Amazon S3

D.

AWS Snowball Edge

Full Access
Question # 157

A company has a client that uses an Amazon RDS database. The client requests Information about operating system-level upgrades on the AWS resources that host the RDS database. The company employs a third-party provider to monitor the RDS database.

Who is responsible for upgrading the operating systems for Amazon RDS under the AWS shared responsibility model?

A.

The client

B.

The company

C.

AWS

D.

The third-party provider

Full Access
Question # 158

Which services can be used to deploy applications on AWS? (Select TWO.)

A.

AWS Elastic Beanstalk

B.

AWS Config

C.

AWS OpsWorks

Q D. AWS Application Discovery Service

D.

Amazon Kinesis

Full Access
Question # 159

A company wants to provide one of its employees with access to Amazon RDS. The company also wants to limit the interaction to only the AWS CLl and AWS software development kits (SDKs).

Which combination of actions should the company take to meet these requirements while following the principles of least privilege? (Select TWO)

A.

Create an 1AM user and provide AWS Management Console access only.

B.

Create an 1AM user and provide programmatic access only.

C.

Create an 1AM role and provide AWS Management Console access only.

D.

Create an 1AM policy with administrator access and attach it to the 1AM user.

E.

Create an 1AM policy with Amazon RDS access and attach it to the 1AM user.

Full Access
Question # 160

Which AWS service gives users the ability to provision a dedicated and private network connection from their internal

network to AWS?

A.

AWS CloudHSM

B.

AWS Direct Connect

C.

AWS VPN

D.

Amazon Connect

Full Access
Question # 161

A company needs to set up user authentication for a new application. Users must be able to sign in directly with a user name and password, or through a third-party provider.

Which AWS service should the company use to meet these requirements?

A.

AWS IAM Identity Center (AWS Single Sign-On)

B.

AWS Signer

C.

Amazon Cognito

D.

AWS Directory Service

Full Access
Question # 162

What is the best resource for a user to find compliance-related information and reports about AWS?

A.

AWS Artifact

B.

AWS Marketplace

C.

Amazon Inspector

D.

Increase operational costs across data centers.

Full Access
Question # 163

Which AWS service or feature offers security for a VPC by acting as a firewall to control traffic in and out of subnets?

A.

AWS Security Hub

B.

Security groups

C.

Network ACL

D.

AWSWAF

Full Access
Question # 164

Which pillar of the AWS Well-Architected Framework focuses on the ability to recover automatically from service Interruptions?

A.

Security

B.

Performance efficiency

C.

Operational excellence

D.

Reliability

Full Access
Question # 165

A company wants to migrate its PostgreSQL database to AWS. The company does not use the database frequently.

Which AWS service or resource will meet these requirements with the LEAST management overhead?

A.

PostgreSQL on Amazon EC2

B.

Amazon RDS for PostgreSQL

C.

Amazon Aurora PostgreSQL-Compatible Edition

D.

Amazon Aurora Serverless

Full Access
Question # 166

A company wants durable storage for static content and infinitely scalable data storage infrastructure at the lowest cost.

Which AWS service should the company choose?

A.

Amazon Elastic Block Store (Amazon EBS)

B.

Amazon S3

C.

AWS Storage Gateway

D.

Amazon Elastic File System (Amazon EFS)

Full Access
Question # 167

A company wants a list of all users in its AWS account, the status of all of the users' access keys, and if multi-factor authentication (MFA) has been configured.

Which AWS service or feature will meet these requirements?

A.

AWS Key Management Service (AWS KMS)

B.

IAM Access Analyzer

C.

IAM credential report

D.

Amazon CloudWatch

Full Access
Question # 168

Which AWS service or tool provides users with a graphical interface that they can use to manage AWS services?

A.

AWS Copilot

B.

AWS CLI

C.

AWS Management Console

D.

AWS software development kits (SDKs)

Full Access
Question # 169

A company is planning to migrate to the AWS Cloud and wants to become more responsive to customer inquiries and feedback. The company wants to focus on organizational transformation.

A company wants to give its customers the ability to view specific data that is hosted in Amazon S3 buckets. The company wants to keep control over the full datasets that the company shares with the customers.

Which S3 feature will meet these requirements?

A.

S3 Storage Lens

B.

S3 Cross-Region Replication (CRR)

C.

S3 Versioning

D.

S3 Access Points

Full Access
Question # 170

Which AWS service is a key-value database that provides sub-millisecond latency on a large scale?

A.

Amazon DynamoDB

B.

Amazon Aurora

C.

Amazon DocumentDB (with MongoDB compatibility)

D.

Amazon Neptune

Full Access
Question # 171

Which AWS service is used to provide encryption for Amazon EBS?

A.

AWS Certificate Manager

B.

AWS Systems Manager

C.

AWS KMS

D.

AWS Config

Full Access
Question # 172

A company is moving Us development and test environments to AWS to increase agility and reduce cost. Because these are not production workloads and the servers are not fully utilized, occasional unavailability is acceptable.

What is the MOST cost-effective Amazon EC2 pricing model that will meet these requirements?

A.

Reserved instances

B.

On-Demand Instances

C.

Spot Instances

D.

Dedicated Hosts

Full Access
Question # 173

A company needs a bridge between technology and business to help evolve to a culture of continuous growth and learning.

Which perspective in the AWS Cloud Adoption Framework (AWS CAF) serves as this bridge?

A.

People

B.

Governance

C.

Operations

D.

Security

Full Access
Question # 174

A company is building a new application on AWS. The company needs the application to remain available if an individual application component fails.

Which design principle should the company use to meet this requirement?

A.

Disposable resources

B.

Automation

C.

Rightsizing

D.

Loose coupling

Full Access
Question # 175

Which AWS services make use of global edge locations'? (Select TWO.)

A.

AWS Fargate

B.

Amazon CloudFront

C.

AWS Global Accelerator

D.

AWS Wavelength

E.

Amazon VPC

Full Access
Question # 176

A user wants to invoke an AWS Lambda function when an Amazon EC2 instance enters the "stopping" state.

Which AWS service is appropriate for this use case?

A.

Amazon EventBridge

B.

AWS Config

C.

Amazon Simple Notification Service (Amazon SNS)

D.

AWS CloudFormation

Full Access
Question # 177

A company needs a graph database service that is scalable and highly available.

Which AWS service meets these requirements?

A.

Amazon Aurora

B.

Amazon Redshift

C.

Amazon DynamoDB

D.

Amazon Neptune

Full Access
Question # 178

A company plans to perform a one-time migration of a large dataset with millions of files from its on-premises data center to the AWS Cloud.

Which AWS service should the company use for the migration?

A.

AWS Database Migration Service (AWS DMS)

B.

AWS DataSync

C.

AWS Migration Hub

D.

AWS Application Migration Service

Full Access
Question # 179

A company has two AWS accounts in an organization in AWS Organizations for consolidated billing. All of the company's AWS resources are hosted in one AWS Region.

Account A has purchased five Amazon EC2 Standard Reserved Instances (RIs) and has four EC2 instances

running. Account B has not purchased any RIs and also has four EC2 instances running.

Which statement is true regarding pricing for these eight instances?

A.

The eight instances will be charged as regular instances.

B.

Four instances will be charged as RIs, and four will be charged as regular instances.

C.

Five instances will be charged as RIs, and three will be charged as regular instances.

D.

The eight instances will be charged as RIs.

Full Access
Question # 180

Which AWS Cloud Adoption Framework (AWS CAF) perspective focuses on real-time insights and answers questions about strategy?

A.

Operations

B.

People

C.

Business

D.

Platform

Full Access
Question # 181

Which AWS service uses AWS Compute Optimizer to provide sizing recommendations based on workload metrics?

A.

Amazon EC2

B.

Amazon RDS

C.

Amazon Lightsail

D.

AWS Step Functions

Full Access
Question # 182

A company wants to set up its workloads to perform their intended functions and recover quickly from failure. Which pillar of the AWS Well-Architected Framework aligns with these goals?

A.

Performance efficiency

B.

Sustainability

C.

Reliability

D.

Security

Full Access
Question # 183

A company has a set of ecommerce applications. The applications need to be able to send messages to each other. Which AWS service meets this requirement?

A.

AWS Auto Scaling

B.

Elastic Load Balancing

C.

Amazon Simple Queue Service (Amazon SOS)

D.

Amazon Kinesis Data Streams

Full Access
Question # 184

A company needs a managed NFS file system that the company can use with its AWS compute....

Which AWS service or feature will meet these requirements?

A.

Amazon Elastic Block Store (Amazon EBS)

B.

AWS Storage Gateway Tape Gateway

C.

Amazon S3 Glacier Flexible Retrieval

D.

Amazon Elastic Pile System (Amazon EFS)

Full Access
Question # 185

A company migrated its systems to the AWS Cloud. The systems are rightsized, and a security review did not reveal any issues. The company must ensure that additional developments, integrations, changes, and system usage growth do not jeopardize this optimized AWS infrastructure.

Which AWS service should the company use to report ongoing optimization and security?

A.

AWS Trusted Advisor

B.

AWS Health Dashboard

C.

Amazon Connect

D.

AWS Systems Manager

Full Access
Question # 186

A company is requesting Payment Card Industry (PCI) reports that validate the operating effectiveness of AWS security controls.

How should the company obtain these reports?

A.

Contact AWS Support

B.

Download reports from AWS Artifact.

C.

Download reports from AWS Security Hub.

D.

Contact an AWS technical account manager (TAM).

Full Access
Question # 187

Which AWS services can be used to store files? (Select TWO.)

A.

Amazon S3

B.

AWS Lambda

C.

Amazon Elastic Block Store (Amazon EBS)

D.

Amazon SageMaker

E.

AWS Storage Gateway

Full Access
Question # 188

To assist companies with Payment Card Industry Data Security Standard (PCI DSS) compliance in the cloud. AWS provides:

A.

physical inspections of data centers by appointment.

B.

required PCI compliance certifications for any application running on AWS.

C.

an AWS Attestation of Compliance (AOC) report for specific AWS services.

D.

professional PCI compliance services.

Full Access
Question # 189

Which guidelines are best practices for using AWS Identity and Access Management (1AM)? (Select TWO.)

A.

Share access keys.

B.

Create individual 1AM users.

C.

Use inline policies instead of customer managed policies.

D.

Grant maximum privileges to 1AM users.

E.

Use groups to assign permissions to 1AM users.

Full Access
Question # 190

A company is assessing its AWS Business Support plan to determine if the plan still meets the company's needs. The company is considering switching to AWS Enterprise Support.

Which additional benefit will the company receive with AWS Enterprise Support?

A.

A full set of AWS Trusted Advisor checks

B.

Phone, email, and chat access to cloud support engineers 24 hours a day, 7 days a week

C.

A designated technical account manager (TAM) to assist in monitoring and optimization

D.

A consultative review and architecture guidance for the company's applications

Full Access
Question # 191

Which of the following services can be used to block network traffic to an instance? (Select TWO.)

A.

Security groups

B.

Amazon Virtual Private Cloud (Amazon VPC) flow logs

C.

Network ACLs

D.

Amazon CloudWatch

E.

AWS CloudTrail

Full Access
Question # 192

Which AWS service or feature identifies whether an Amazon S3 bucket or an IAM role has been shared with an external entity?

A.

AWS Service Catalog

B.

AWS Systems Manager

C.

AWS IAM Access Analyzer

D.

AWS Organizations

Full Access
Question # 193

Which of the following is an advantage that the AWS Cloud provides to users?

A.

Users eliminate the need to guess about infrastructure capacity requirements.

B.

Users decrease their variable costs by maintaining sole ownership of IT hardware.

C.

Users maintain control of underlying IT infrastructure hardware.

D.

Users maintain control of operating systems for managed services.

Full Access
Question # 194

A developer who has no AWS Cloud experience wants to use AWS technology to build a web application.

Which AWS service should the developer use to start building the application?

A.

Amazon SageMaker

B.

AWS Lambda

C.

Amazon Lightsail

D.

Amazon Elastic Container Service (Amazon ECS)

Full Access
Question # 195

A company has a MariaDB database on premises. The company wants to move the data to the AWS Cloud. Which AWS service will host this database with the LEAST amount of operational overhead?

A.

Amazon RDS

B.

Amazon Neptune

C.

Amazon S3

D.

Amazon DynamoDB

Full Access
Question # 196

A company has a workload that will run continuously for 1 year. The workload cannot tolerate service interruptions.

Which Amazon EC2 purchasing option will be MOST cost-effective?

A.

All Upfront Reserved Instances

B.

Partial Upfront Reserved Instances

C.

Dedicated Instances

D.

On-Demand Instances

Full Access
Question # 197

A company wants to migrate its workloads to AWS, but it lacks expertise in AWS Cloud computing.

Which AWS service or feature will help the company with its migration?

A.

AWS Trusted Advisor

B.

AWS Consulting Partners

C.

AWS Artifacts

D.

AWS Managed Services

Full Access
Question # 198

Which AWS Support plans provide access to an AWS technical account manager (TAM)? (Select)

A.

AWS Basic Support

B.

AWS Developer Support

C.

AWS Business Support

D.

AWS Enterprise On-Ramp Support

E.

AWS Enterprise Support

Full Access
Question # 199

Which AWS Cloud deployment model uses AWS Outposts as part of the application deployment infrastructure?

A.

On-premises

B.

Serverless

C.

Cloud-native

D.

Hybrid

Full Access
Question # 200

A company wants to run its application on Amazon EC2 instances. The company needs to keep the application on-premises to meet a compliance requirement. Which AWS offering will meet these requirements?

A.

Dedicated Instances

B.

Amazon CloudFront

C.

AWS Fargate

D.

AWS Outposts

Full Access
Question # 201

A company runs business applications in an on-premises data center and in the AWS Cloud. The company needs a shared file system that can be available to both environments.

Which AWS service meets these requirements?

A.

Amazon Elastic Block Store (Amazon EBS)

B.

Amazon S3

C.

Amazon ElastiCache

D.

Amazon Elastic File System (Amazon EFS)

Full Access
Question # 202

Which AWS service is designed to help users handle large amounts of data in a data warehouse environment?

A.

Amazon RDS

B.

Amazon DynamoDB

C.

Amazon Redshift

D.

Amazon Aurora

Full Access
Question # 203

A company wants to quickly implement a continuous integration/continuous delivery (CI/CD) pipeline.

Which AWS service will meet this requirement?

A.

AWS Config

B.

Amazon Cognito

C.

AWS DataSync

D.

AWS CodeStar

Full Access
Question # 204

Which AWS service can identify when an Amazon EC2 instance was terminated?

A.

AWS Identity and Access Management (IAM)

B.

AWS CloudTrail

C.

AWS Compute Optimizer

D.

Amazon EventBridge

Full Access
Question # 205

A company is operating several factories where it builds products. The company needs the ability to process data, store data, and run applications with local system interdependencies that require low latency.

Which AWS service should the company use to meet these requirements?

A.

AWS loT Greengrass

B.

AWS Lambda

C.

AWS Outposts

D.

AWS Snowball Edge

Full Access
Question # 206

A company has all of its servers in the us-east-1 Region. The company is considering the deployment of additional servers different Region.

Which AWS tool should the company use to find pricing information for other Regions?

A.

Cost Explorer

B.

AWS Budgets

C.

AWS Purchase Order Management

D.

AWS Pricing Calculator

Full Access
Question # 207

Which options are AWS Cloud Adoption Framework (AWS CAF) people perspective capabilities? (Select TWO.)

A.

Organizational alignment

B.

Portfolio management

C.

Organization design

D.

Risk management

E.

Modern application development

Full Access
Question # 208

Which AWS service or tool helps users visualize, understand, and manage spending and usage over time?

A.

AWS Organizations

B.

AWS Pricing Calculator

C.

AWS Cost Explorer

D.

AWS Service Catalog

Full Access
Question # 209

A company wants to define a central data protection policy that works across AWS services for compute, storage, and database resources.

Which AWS service will meet this requirement?

A.

AWS Batch

B.

AWS Elastic Disaster Recovery

C.

AWS Backup

D.

Amazon FSx

Full Access
Question # 210

Which AWS service supports the deployment and management of applications in the AWS Cloud?

A.

Amazon CodeGuru

B.

AWS Fargate

C.

AWS CodeCommit

D.

AWS Elastic Beanstalk

Full Access
Question # 211

Which tasks are the customer's responsibility, according to the AWS shared responsibility model? (Select TWO.)

A.

Establish the global infrastructure.

B.

Perform client-side data encryption.

C.

Configure 1AM credentials.

D.

Secure edge locations.

E.

Patch Amazon RDS DB instances.

Full Access
Question # 212

Which AWS service is an in-memory data store service?

A.

Amazon Aurora

B.

Amazon RDS

C.

Amazon DynamoDB

D.

Amazon ElastiCache

Full Access
Question # 213

A company's application has high customer usage during certain times of the day. The company wants to reduce the number of Amazon EC2 instances that run when application usage is low.

Which AWS service or instance purchasing option should the company use to meet this requirement?

A.

EC2 Instance Savings Plans

B.

Spot Instances

C.

Reserved Instances

D.

Amazon EC2 Auto Scaling

Full Access
Question # 214

A company is migrating its applications from on-premises to the AWS Cloud. The company wants to ensure that the applications are assigned only the minimum permissions that are needed to perform all operations.

Which AWS service will meet these requirements'?

A.

AWS Identity and Access Management (IAM)

B.

Amazon CloudWatch

C.

Amazon Macie

D.

Amazon GuardDuty

Full Access
Question # 215

A company is planning to migrate its application to the AWS Cloud.

Which AWS tool or set of resources should the company use to analyze and asses its readiness for migration?

A.

AWS Cloud Adoption Framework (AWS CAF)

B.

AWS Pricing Calculator

C.

AWS Well-Architected Framework

D.

AWS Budgets

Full Access
Question # 216

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)

A.

Availability

B.

Reliability

C.

Scalability

D.

Responsive design

E.

Operational excellence

Full Access
Question # 217

Which task is the responsibility of a company that is using Amazon RDS?

A.

Provision the underlying infrastructure.

B.

Create IAM policies to control administrative access to the service.

C.

Install the cables to connect the hardware for compute and storage.

D.

Install and patch the RDS operating system.

Full Access
Question # 218

What is the total amount of storage offered by Amazon S3?

A.

WOMB

B.

5 GB

C.

5 TB

D.

Unlimited

Full Access
Question # 219

What is a benefit of moving to the AWS Cloud in terms of improving time to market?

A.

Decreased deployment speed

B.

Increased application security

C.

Increased business agility

D.

Increased backup capabilities

Full Access
Question # 220

A company needs to store data across multiple Availability Zones in an AWS Region. The data will not be

accessed regularly but must be immediately retrievable.

Which Amazon Elastic File System (Amazon EFS) storage class meets these requirements MOST cost effectively?

A.

EFS Standard

B.

EFS Standard-Infrequent Access(EFS Standard-IA)

C.

EFS One Zone

D.

EFS One Zone-Infrequent Access (EFS One Zone-IA)

Full Access
Question # 221

Which AWS Well-Architected Framework concept represents a system's ability to remain functional when the system encounters operational problems?

A.

Consistency

B.

Elasticity

C.

Durability

D.

Latency

Full Access
Question # 222

A retail company is migrating its IT infrastructure applications from on premises to the AWS Cloud.

Which costs will the company eliminate with this migration? (Select TWO.)

A.

Cost of data center operations

B.

Cost of application licensing

C.

Cost of marketing campaigns

D.

Cost of physical server hardware

E.

Cost of network management

Full Access
Question # 223

Which task is a customer's responsibility, according to the AWS shared responsibility model?

A.

Management of the guest operating systems

B.

Maintenance of the configuration of infrastructure devices

C.

Management of the host operating systems and virtualization

D.

Maintenance of the software that powers Availability Zones

A company has refined its workload to use specific AWS services to improve efficiency and reduce cost.

Full Access
Question # 224

A company is developing an application that uses multiple AWS services. The application needs to use

temporary, limited-privilege credentials for authentication with other AWS APIs.

Which AWS service or feature should the company use to meet these authentication requirements?

A.

Amazon API Gateway

B.

IAM users

C.

AWS Security Token Service (AWS STS)

D.

IAM instance profiles

Full Access
Question # 225

Which AWS service or tool can be used to consolidate payments for a company with multiple AWS accounts?

A.

AWS Cost and Usage Report

B.

AWS Organizations

C.

Cost Explorer

D.

AWS Budgets

Full Access
Question # 226

A company is launching a new application in the AWS Cloud. The application will run on an Amazon EC2 instance. More EC2 instances will be needed when the workload increases.

Which AWS service or tool can the company use to launch the number of EC2 instances that will be needed to handle the workload?

A.

Elastic Load Balancing

B.

Amazon EC2 Auto Scaling

C.

AWS App2Container (A2C)

D.

AWS Systems Manager

Full Access
Question # 227

A company needs a content delivery network that provides secure delivery of data, videos, applications, and APIs to users globally with low latency and high transfer speeds.

Which AWS service meets these requirements?

A.

Amazon CloudFront

B.

Elastic Load Balancing

C.

Amazon S3

D.

Amazon Elastic Transcoder

Full Access
Question # 228

A company is running applications on Amazon EC2 instances in the same AWS account for several different projects. The company wants to track the infrastructure costs for each of the projects separately. The company must conduct this tracking with the least possible impact to the existing infrastructure and with no additional cost.

What should the company do to meet these requirements?

A.

Use a different EC2 instance type for each project.

B.

Publish project-specific custom Amazon CloudWatch metrics for each application.

C.

Deploy EC2 instances for each project in a separate AWS account.

D.

Use cost allocation tags with values that are specific to each project.

Full Access
Question # 229

Which feature of the AWS Cloud gives users the ability to pay based on current needs rather than forecasted needs?

A.

AWS Budgets

B.

Pay-as-you-go pricing

C.

Volume discounts

D.

Savings Plans

Full Access
Question # 230

What can a user accomplish using AWS CloudTrail?

A.

Generate an IAM user credentials report.

B.

Record API calls made to AWS services.

C.

Assess the compliance of AWS resource configurations with policies and guidelines.

D.

Ensure that Amazon EC2 instances are patched with the latest security updates.

A company uses Amazon Workspaces.

Full Access
Question # 231

Which of the following acts as an instance-level firewall to control inbound and outbound access?

A.

Network access control list

B.

Security groups

C.

AWS Trusted Advisor

D.

Virtual private gateways

Full Access
Question # 232

A company is migrating an application that includes an Oracle database to AWS. The company cannot rewrite the application.

To which AWS service could the company migrate the database?

A.

Amazon Athena

B.

Amazon DynamoDB

®C. Amazon RDS

C.

Amazon DocumentDB (with MongoDB compatibility)

Full Access
Question # 233

Which AWS service will help protect applications running on AWS from DDoS attacks?

A.

Amazon GuardDuty

B.

AWS WAF

C.

AWS Shield

D.

Amazon Inspector

Full Access
Question # 234

A cloud engineer needs to download AWS security and compliance documents for an upcoming audit.

Which AWS service can provide the documents?

A.

AWS Trusted Advisor

B.

AWS Artifact

C.

AWS Well-Architected Tool

D.

AWS Systems Manager

Full Access
Question # 235

A company wants its Amazon EC2 instances to operate in a highly available environment, even if there is a

natural disaster in a particular geographic area.

Which solution achieves this goal?

A.

Use EC2 instances in a single Availability Zone.

B.

Use EC2 instances in multiple AWS Regions.

C.

Use EC2 instances in multiple edge locations.

D.

Use Amazon CloudFront with the EC2 instances configured as the source.

Full Access