CLF-C01 : AWS Certified Cloud Practitioner : Part 04

  1. Web servers running on Amazon EC2 access a legacy application running in a corporate data center.

    What term would describe this model?

    • Cloud-native
    • Partner network
    • Hybrid architecture
    • Infrastructure as a service
  2. What is the benefit of using AWS managed services, such as Amazon ElastiCache and Amazon Relational Database Service (Amazon RDS)?

    • They require the customer to monitor and replace failing instances.
    • They have better performance than customer-managed services.
    • They simplify patching and updating underlying OSs.
    • They do not require the customer to optimize instance type or size selections.
  3. Which service provides a virtually unlimited amount of online highly durable object storage?

    • Amazon Redshift
    • Amazon Elastic File System (Amazon EFS)
    • Amazon Elastic Container Service (Amazon ECS)
    • Amazon S3
  4. Which of the following Identity and Access Management (IAM) entities is associated with an access key ID and secret access key when using AWS Command Line Interface (AWS CLI)?

    • IAM group
    • IAM user
    • IAM role
    • IAM policy
  5. Which of the following security-related services does AWS offer? (Choose two.)

    • Multi-factor authentication physical tokens
    • AWS Trusted Advisor security checks
    • Data encryption
    • Automated penetration testing
    • Amazon S3 copyrighted content detection
  6. Which AWS managed service is used to host databases?

    • AWS Batch
    • AWS Artifact
    • AWS Data Pipeline
    • Amazon RDS
    Explanation
    Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups. It frees you to focus on your applications so you can give them the fast performance, high availability, security and compatibility they need.
  7. Which AWS service provides a simple and scalable shared file storage solution for use with Linux-based AWS and on-premises servers?

    • Amazon S3
    • Amazon Glacier
    • Amazon Elastic Block Store (Amazon EBS)
    • Amazon Elastic File System (Amazon EFS)
    Explanation:
    Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. It is built to scale on demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.Amazon EFS is designed to provide the throughput, IOPS, and low latency needed for Linux workloads. Throughput and IOPS scale as a file system grows and can burst to higher throughput levels for short periods of time to support the unpredictable performance needs of file workloads. For the most demanding workloads, Amazon EFS can support performance over 10 GB/sec and up to 500,000 IOPS.
  8. When architecting cloud applications, which of the following are a key design principle?

    • Use the largest instance possible
    • Provision capacity for peak load
    • Use the Scrum development process
    • Implement elasticity

    Explanation:

    Cloud services main proposition is to provide elasticity through horizontal scaling. It’s already there. As for using largest instance possible, it is not a design principle that helps cloud applications in anyway. Scrum development process is not related to architecting. Therefore, a key principle is to provision your application for on-demand capacity. Peak loads is something that cloud applications experience everyday. Peak load management should be a necessary part of cloud application design principle.

  9. Which AWS service should be used for long-term, low-cost storage of data backups?

    • Amazon RDS
    • Amazon Glacier
    • AWS Snowball
    • AWS EBS
    Explanation
    Amazon S3 Glacier is a secure, durable, and low-cost storage class of S3 for data archiving and long-term backup. Customers can store large or small amounts of data for as little as $0.004 per gigabyte per month. The S3 Glacier storage class is ideal for archives where data is regularly retrieved and some of the data may be needed in minutes. Amazon RDS is a relational database service that hosts databases. It helps you create and manage databases. Amazon Snowball is a petabyte-scale data transfer service that provides cost efficient data transfer to AWS from tamper proof physical devices. Similarly, Elastic block storage offers persistent block storage volumes for EC2 instances.
  10. Under the shared responsibility model, which of the following is a shared control between a customer and AWS?

    • Physical controls
    • Patch management
    • Zone security
    • Data center auditing
  11. Which AWS service allows companies to connect an Amazon VPC to an on-premises data center?

    • AWS VPN
    • Amazon Redshift
    • API Gateway
    • Amazon Connect
    Explanation:
    AWS Direct Connect enables you to securely connect your AWS environment to your on-premises data center or office location over a standard 1 gigabit or 10 gigabit Ethernet fiber-optic connection. AWS Direct Connect offers dedicated high speed, low latency connection, which bypasses internet service providers in your network path. An AWS Direct Connect location provides access to Amazon Web Services in the region it is associated with, as well as access to other US regions. AWS Direct Connect allows you to logically partition the fiber-optic connections into multiple logical connections called Virtual Local Area Networks (VLAN). You can take advantage of these logical connections to improve security, differentiate traffic, and achieve compliance requirements.
  12. A company wants to reduce the physical compute footprint that developers use to run code.

    Which service would meet that need by enabling serverless architectures?

    • Amazon Elastic Compute Cloud (Amazon EC2)
    • AWS Lambda
    • Amazon DynamoDB
    • AWS CodeCommit
    Explanation:
    AWS Lambda is an integral part of coding on AWS. It reduces physical compute footprint by utilizing aws cloud services to run code.
  13. Which AWS service provides alerts when an AWS event may impact a company’s AWS resources?

    • AWS Personal Health Dashboard
    • AWS Service Health Dashboard
    • AWS Trusted Advisor
    • AWS Infrastructure Event Management
    Explanation:
    AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. While the Service Health Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources.
  14. Which of the following are categories of AWS Trusted Advisor? (Choose two.)

    • Fault Tolerance
    • Instance Usage
    • Infrastructure
    • Performance
    • Storage Capacity
    Explanation:
    Like your customized cloud expert, AWS Trusted Advisor analyzes your AWS environment and provides best practice recommendations in five categories: cost optimization, performance, security, fault tolerance and service
  15. Which task is AWS responsible for in the shared responsibility model for security and compliance?

    • Granting access to individuals and services
    • Encrypting data in transit
    • Updating Amazon EC2 host firmware
    • Updating operating systems
    Explanation:
    AWS Compliance enables customers to establish and operate in an AWS security control environment
    – The shared responsibility model is part of AWS Compliance program
    – The Security of the cloud is managed by Amazon AWS provider
    – The Security in the cloud is responsibility of the customer
    – The customer is responsible for their information and data, their secure transmission, integrity, and encryption
    – Also, the customer is responsible for managing, support, patching and control of the guest operating system and AWS services provided like EC2
    – AWS customers retain control and ownership of their data
    – The AWS network provides significant protection against traditional network security issues and the customer can implement further protection
  16. Where should a company go to search software listings from independent software vendors to find, test, buy and deploy software that runs on AWS?

    • AWS Marketplace
    • Amazon Lumberyard
    • AWS Artifact
    • Amazon CloudSearch
    Explanation:
    AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS.
  17. Which of the following is a benefit of using the AWS Cloud?

    • Permissive security removes the administrative burden.
    • Ability to focus on revenue-generating activities.
    • Control over cloud network hardware.
    • Choice of specific cloud hardware vendors.
    Explanation:
    Developer and IT staff productivity accounted for nearly 30% of overall financial benefits. The remaining benefits were driven by the flexibility and agility of Amazon cloud infrastructure services, which make it easier to trial new business models, support revenue-generating applications, and provide more reliable services to end users.
  18. When performing a cost analysis that supports physical isolation of a customer workload, which compute hosting model should be accounted for in the Total Cost of Ownership (TCO)?

    • Dedicated Hosts
    • Reserved Instances
    • On-Demand Instances
    • No Upfront Reserved Instances
    Explanation:
    Use Dedicated Hosts to launch Amazon EC2 instances on physical servers that are dedicated for your use. Dedicated Hosts give you additional visibility and control over how instances are placed on a physical server, and you can reliably use the same physical server over time. As a result, Dedicated Hosts enable you to use your existing server-bound software licenses like Windows Server and address corporate compliance and regulatory requirements.
  19. Which AWS service provides the ability to manage infrastructure as code?

    • AWS CodePipeline
    • AWS CodeDeploy
    • AWS Direct Connect
    • AWS CloudFormation
    Explanation:
    AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This file serves as the single source of truth for your cloud environment.
  20. If a customer needs to audit the change management of AWS resources, which of the following AWS services should the customer use?

    • AWS Config
    • AWS Trusted Advisor
    • Amazon CloudWatch
    • Amazon Inspector
    Explanation:
    AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. This enables you to simplify compliance auditing, security analysis, change management, and operational troubleshooting.
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments