AWS Certified Cloud Practitioner Sample Question and Answers Set 4(151-200)

  Click Button To Hide All Answers

QUESTION NO: 151-  A company has multiple AWS accounts and wants to simplify and consolidate its billing process.
Which AWS service will achieve this?

(A)   AWS Cost and Usage Reports.

(B)   AWS Organizations.

(C)   AWS Cost Explorer.

(D)   AWS Budgets.

  Answer:  B

QUESTION NO: 152-  A company is designing an application hosted in a single AWS Region serving end-users spread across the world. The company wants to provide the end-users low latency access to the application data.
Which of the following services will help fulfill this requirement?

(A)   Amazon CloudFront.

(B)   AWS Direct Connect.

(C)   Amazon Route 53 global DNS.

(D)   Amazon Simple Storage Service (Amazon S3) transfer acceleration.

  Answer:  A

QUESTION NO: 153-  Which of the following deployment models enables customers to fully trade their capital IT expenses for operational expenses?

(A)   On-premises.

(B)   Hybrid.

(C)   Cloud.

(D)   Platform as a service.

  Answer:  C

QUESTION NO: 154-  How is asset management on AWS easier than asset management in a physical data center?

(A)   AWS provides a Configuration Management Database that users can maintain.

(B)   AWS performs infrastructure discovery scans on the customer’s behalf.

(C)   Amazon EC2 automatically generates an asset report and places it in the customer’s specified Amazon S3 bucket.

(D)   Users can gather asset metadata reliably with a few API calls.

  Answer:  B

QUESTION NO: 155-  What feature of Amazon RDS helps to create globally redundant databases?

(A)   Snapshots.

(B)   Automatic patching and updating.

(C)   Cross-Region read replicas.

(D)   Provisioned IOPS.

  Answer:  C

QUESTION NO: 156-  Using AWS Identity and Access Management (IAM) to grant access only to the resources needed to perform a task is a concept known as:

(A)   restricted access.

(B)   as-needed access.

(C)   least privilege access.

(D)   token access.

  Answer:  C

QUESTION NO: 157-  Which methods can be used to identify AWS costs by departments? (Choose two.)

(A)   Enable multi-factor authentication for the AWS account root user.

(B)   Create separate accounts for each department.

(C)   Use Reserved Instances whenever possible.

(D)   Use tags to associate each instance with a particular department.

(E)   Pay bills using purchase orders.

  Answer:  B, D

QUESTION NO: 158-  Which methods can be used to identify AWS costs by departments? (Choose two.)

(A)   Securing the hardware, software, facilities, and networks that run all products and services.

(B)   Providing certificates, reports, and other documentation directly to AWS customers under NDA.

(C)   Configuring the operating system, network, and firewall.

(D)   Obtaining industry certifications and independent third-party attestations.

  Answer:  C

QUESTION NO: 159-  Which managed AWS service provides real-time guidance on AWS security best practices?

(A)   AWS X-Ray.

(B)   AWS Trusted Advisor.

(C)   Amazon CloudWatch.

(D)   AWS Systems Manager.

  Answer:  B

QUESTION NO: 160-  Which feature adds elasticity to Amazon EC2 instances to handle the changing demand for workloads?

(A)   Resource groups.

(B)   Lifecycle policies.

(C)   Application Load Balancer.

(D)   Amazon EC2 Auto Scaling.

  Answer:  D

QUESTION NO: 161-  Under the AWS shared responsibility model, customers are responsible for which aspects of security in the cloud? (Choose two.)

(A)   Virtualization Management.

(B)   Hardware management.

(C)   Encryption management.

(D)   Facilities management.

(E)   Firewall management.

  Answer:  C, E

QUESTION NO: 162-  Which AWS hybrid storage service enables your on-premises applications to seamlessly use AWS Cloud storage through standard file-storage protocols?

(A)   AWS Direct Connect.

(B)   AWS Snowball.

(C)   AWS Storage Gateway.

(D)   AWS Snowball Edge.

  Answer:  C

QUESTION NO: 163-  What is a responsibility of AWS in the shared responsibility model?

(A)   Updating the network ACLs to block traffic to vulnerable ports.

(B)   Patching operating systems running on Amazon EC2 instances.

(C)   Updating the firmware on the underlying EC2 hosts.

(D)   Updating the security group rules to block traffic to the vulnerable ports.

  Answer:  C

QUESTION NO: 164-  Which architectural principle is used when deploying an Amazon Relational Database Service (Amazon RDS) instance in Multiple Availability Zone mode?

(A)   Implement loose coupling.

(B)   Design for failure.

(C)   Automate everything that can be automated.

(D)   Use services, not servers.

  Answer:  B

QUESTION NO: 165-  What does it mean to grant least privilege to AWS IAM users?

(A)   It is granting permissions to a single user only.

(B)   It is granting permissions using AWS IAM policies only.

(C)   It is granting AdministratorAccess policy permissions to trustworthy users.

(D)   It is granting only the permissions required to perform a given task

  Answer:  D

QUESTION NO: 166-What is a benefit of loose coupling as a principle of cloud architecture design?

(A)   It facilitates low-latency request handling.

(B)   It allows applications to have dependent workflows.

(C)   It prevents cascading failures between different components.

(D)   It allows companies to focus on their physical data center operations.

  Answer:  C

QUESTION NO: 167-A director has been tasked with investigating hybrid cloud architecture. The company currently accesses AWS over the public internet.
Which service will facilitate private hybrid connectivity?

(A)   Amazon Virtual Private Cloud (Amazon VPC) NAT Gateway.

(B)   AWS Direct Connect.

(C)   Amazon Simple Storage Service (Amazon S3) Transfer Acceleration.

(D)   AWS Web Application Firewall (AWS WAF).

  Answer:  B

QUESTION NO: 168-A company’s web application currently has tight dependencies on underlying components, so when one component fails the entire web application fails.
Applying which AWS Cloud design principle will address the current design issue?

(A)   Implementing elasticity, enabling the application to scale up or scale down as demand changes.

(B)   Enabling several EC2 instances to run in parallel to achieve better performance.

(C)   Focusing on decoupling components by isolating them and ensuring individual components can function when other components fail.

(D)   Doubling EC2 computing resources to increase system fault tolerance.

  Answer:  C

QUESTION NO: 169-How can a customer increase security to AWS account logons? (Choose two.)

(A)   Configure AWS Certificate Manager.

(B)   Enable Multi-Factor Authentication (MFA).

(C)   Use Amazon Cognito to manage access.

(D)   Configure a strong password policy.

(E)   Enable AWS Organizations.

  Answer:  B, C

QUESTION NO: 170-What AWS service would be used to centrally manage AWS access across multiple accounts?

(A)   AWS Service Catalog.

(B)   AWS Config.

(C)   AWS Trusted Advisor.

(D)   AWS Organizations.

  Answer:  D

QUESTION NO: 171-Which AWS service can a customer use to set up an alert notification when the account is approaching a particular dollar amount?

(A)   AWS Cost and Usage reports.

(B)   AWS Budgets.

(C)   AWS Cost Explorer.

(D)   AWS Trusted Advisor.

  Answer:  B

QUESTION NO: 172-What can users access from AWS Artifact?

(A)   AWS security and compliance documents.

(B)   A download of configuration management details for all AWS resources.

(C)   Training materials for AWS services.

(D)   A security assessment of the applications deployed in the AWS Cloud.

  Answer:  A

QUESTION NO: 173-What is the MINIMUM AWS Support plan that provides designated Technical Account Managers?

(A)   Enterprise.

(B)   Business.

(C)   Developer.

(D)   Basic.

  Answer:  A

QUESTION NO: 174-Which of the following is an AWS Well-Architected Framework design principle related to reliability?

(A)   Deployment to a single Availability Zone.

(B)   Ability to recover from failure.

(C)   Design for cost optimization.

(D)   Perform operations as code.

  Answer:  B

QUESTION NO: 175-Which type of AWS storage is ephemeral and is deleted when an instance is stopped or terminated?

(A)   Amazon EBS.

(B)   Amazon EC2 instance store.

(C)   Amazon EFS.

(D)   Amazon S3.

  Answer:  B

QUESTION NO: 176-What is an advantage of using the AWS Cloud over a traditional on-premises solution?

(A)   Users do not have to guess about future capacity needs.

(B)   Users can utilize existing hardware contracts for purchases.

(C)   Users can fix costs no matter what their traffic is.

(D)   Users can avoid audits by using reports from AWS.

  Answer:  A

QUESTION NO: 177-Which of the following is an AWS-managed compute service?

(A)   Amazon SWF.

(B)   Amazon EC2.

(C)   AWS Lambda.

(D)   Amazon Aurora.

  Answer:  B

QUESTION NO: 178-Which of the following is an important architectural principle when designing cloud applications?

(A)   Store data and backups in the same region.

(B)   Design tightly coupled system components.

(C)   Avoid multi-threading.

(D)   Design for failure.

  Answer:  D

QUESTION NO: 179-Which mechanism allows developers to access AWS services from application code?

(A)   AWS Software Development Kit.

(B)   AWS Management Console.

(C)   AWS CodePipeline.

(D)   AWS Config.

  Answer:  A

QUESTION NO: 180-Which Amazon EC2 pricing model is the MOST cost efficient for an uninterruptible workload that runs once a year for 24 hours?

(A)   On-Demand Instances.

(B)   Reserved Instances.

(C)   Spot Instances.

(D)   Dedicated Instances.

  Answer:  A

QUESTION NO: 181-Which of the following services is a MySQL-compatible database that automatically grows storage as needed?

(A)   Amazon Elastic Compute Cloud (Amazon EC2).

(B)   Amazon Relational Database Service (Amazon RDS) for MySQL.

(C)   Amazon Lightsail.

(D)   Amazon Aurora.

  Answer:  D

QUESTION NO: 182-Which Amazon Virtual Private Cloud (Amazon VPC) feature enables users to connect two VPCs together?

(A)   Amazon VPC endpoints.

(B)   Amazon Elastic Compute Cloud (Amazon EC2) ClassicLink.

(C)   Amazon VPC peering.

(D)   AWS Direct Connect.

  Answer:  C

QUESTION NO: 183-Which service’s PRIMARY purpose is software version control?

(A)   Amazon CodeStar.

(B)   AWS Command Line Interface (AWS CLI).

(C)   Amazon Cognito.

(D)   AWS CodeCommit.

  Answer:  D

QUESTION NO: 184-A company is considering migrating its applications to AWS. The company wants to compare the cost of running the workload on-premises to running the equivalent workload on the AWS platform.
Which tool can be used to perform this comparison?

(A)   AWS Simple Monthly Calculator.

(B)   AWS Total Cost of Ownership (TCO) Calculator.

(C)   AWS Billing and Cost Management console.

(D)   Cost Explorer.

  Answer:  B

QUESTION NO: 185-Which AWS service provides a secure, fast, and cost-effective way to migrate or transport exabyte-scale datasets into AWS?

(A)   AWS Batch.

(B)   AWS Snowball.

(C)   AWS Migration Hub.

(D)   AWS Snowmobile.

  Answer:  D

QUESTION NO: 186-Which of the following BEST describe the AWS pricing model? (Choose two.)

(A)   Fixed-term.

(B)   Pay-as-you-go.

(C)   Colocation.

(D)   Planned.

(E)   Variable cost.

  Answer:  B, E

QUESTION NO: 187-Which load balancer types are available with Elastic Load Balancing (ELB)? (Choose two.)

(A)   Public load balancers with AWS Application Auto Scaling capabilities.

(B)   F5 Big-IP and Citrix NetScaler load balancers.

(C)   Classic Load Balancers.

(D)   Cross-zone load balancers with public and private IPs.

(E)   Application Load Balancers.

  Answer:  C, E

QUESTION NO: 188-Why should a company choose AWS instead of a traditional data center?

(A)   AWS provides users with full control over the underlying resources.

(B)   AWS does not require long-term contracts and provides a pay-as-you-go model.

(C)   AWS offers edge locations in every country, supporting global reach.

(D)   AWS has no limits on the number of resources that can be created.

  Answer:  B

QUESTION NO: 189-Which solution provides the FASTEST application response times to frequently accessed data to users in multiple AWS Regions?

(A)   AWS CloudTrail across multiple Availability Zones.

(B)   Amazon CloudFront to edge locations.

(C)   AWS CloudFormation in multiple regions.

(D)   A virtual private gateway over AWS Direct Connect.

  Answer:  B

QUESTION NO: 190-Which AWS service provides a self-service portal for on-demand access to AWS compliance reports?

(A)   AWS Config.

(B)   AWS Certificate Manager.

(C)   Amazon Inspector.

(D)   AWS Artifact.

  Answer:  D

QUESTION NO: 191-Which of the following AWS services can be used to run a self-managed database?

(A)   Amazon Route 53.

(B)   AWS X-Ray.

(C)   AWS Snowmobile.

(D)   Amazon Elastic Compute Cloud (Amazon EC2).

  Answer:  D

QUESTION NO: 192-What exclusive benefit is provided to users with Enterprise Support?

(A)   Access to a Technical Project Manager.

(B)   Access to a Technical Account Manager.

(C)   Access to a Cloud Support Engineer.

(D)   Access to a Solutions Architect.

  Answer:  B

QUESTION NO: 193-How can a user protect against AWS service disruptions if a natural disaster affects an entire geographic area?

(A)   Deploy applications across multiple Availability Zones within an AWS Region.

(B)   Use a hybrid cloud computing deployment model within the geographic area.

(C)   Deploy applications across multiple AWS Regions.

(D)   Store application artifacts using AWS Artifact and replicate them across multiple AWS Regions.

  Answer:  C

QUESTION NO: 194-How does AWS MOST effectively reduce computing costs for a growing start-up company?

(A)   It provides on-demand resources for peak usage.

(B)   It automates the provisioning of individual developer environments.

(C)   It automates customer relationship management.

(D)   It implements a fixed monthly computing budget.

  Answer:  A

QUESTION NO: 195-A startup is working on a new application that needs to go to market quickly. The application requirements may need to be adjusted in the near future.
Which of the following is a characteristic of the AWS Cloud that would meet this specific need?

(A)   Elasticity.

(B)   Reliability.

(C)   Performance.

(D)   Agility.

  Answer:  D

QUESTION NO: 196-Which AWS Support plan provides a full set of AWS Trusted Advisor checks?

(A)   Business and Developer Support.

(B)   Business and Basic Support.

(C)   Enterprise and Developer Support.

(D)   Enterprise and Business Support.

  Answer:  D

QUESTION NO: 197-Which of the following services have Distributed Denial of Service (DDoS) mitigation features? (Choose two.)

(A)   AWS WAF.

(B)   Amazon DynamoDB.

(C)   Amazon EC2.

(D)   Amazon CloudFront.

(E)   Amazon Inspector.

  Answer:  A, D

QUESTION NO: 198-When building a cloud Total Cost of Ownership (TCO) model, which cost elements should be considered for workloads running on AWS? (Choose three.)

(A)   Compute costs.

(B)   Facilities costs.

(C)   Storage costs.

(D)   Data transfer costs.

(E)   Network infrastructure costs.

(F)   Hardware lifecycle costs.

  Answer:  A, C, E

QUESTION NO: 199-What time-savings advantage is offered with the use of Amazon Rekognition?

(A)   Amazon Rekognition provides automatic watermarking of images.

(B)   Amazon Rekognition provides automatic detection of objects appearing in pictures.

(C)   Amazon Rekognition provides the ability to resize millions of images automatically.

(D)   Amazon Rekognition uses Amazon Mechanical Turk to allow humans to bid on object detection jobs.

  Answer:  B

QUESTION NO: 200-When comparing AWS with on-premises Total Cost of Ownership (TCO), what costs are included?

(A)   Data center security.

(B)   Business analysis.

(C)   Project management.

(D)   Operating system administration.

  Answer:  A