CLF-C01 : AWS Certified Cloud Practitioner : Part 06
-
Which of the following can an AWS customer use to launch a new Amazon Relational Database Service (Amazon RDS) cluster?
- AWS Concierge
- AWS CloudForm
- Amazon Simple Storage Service (Amazon S3)
- Amazon EC2 Auto Scaling
- AWS Management Console
-
Which of the following is an AWS Cloud architecture design principle?
- Implement single points of failure.
- Implement loose coupling.
- Implement monolithic design.
- Implement vertical scaling.
Explanation:
Loose coupling between services can also be done through asynchronous integration. It involves one component that generates events and another that consumes them. The two components do not integrate through direct point-to-point interaction, but usually through an intermediate durable storage layer. This approach decouples the two components and introduces additional resiliency. So, for example, if a process that is reading messages from the queue fails, messages can still be added to the queue to be processed when the system recovers. -
Which of the following security measures protect access to an AWS account? (Choose two.)
- Enable AWS CloudTrail.
- Grant least privilege access to IAM users.
- Create one IAM user and share with many developers and users.
- Enable Amazon CloudFront.
- Activate multi-factor authentication (MFA) for privileged users.
Explanation:
If you decided to create service accounts (that is, accounts used for programmatic access by applications running outside of the AWS environment) and generate access keys for them, you should create a dedicated service account for each use case. This will allow you to restrict the associated policy to only the permissions needed for the particular use case, limiting the blast radius if the credentials are compromised. For example, if a monitoring tool and a release management tool both require access to your AWS environment, create two separate service accounts with two separate policies that define the minimum set of permissions for each tool. -
Which service provides a hybrid storage service that enables on-premises applications to seamlessly use cloud storage?
- Amazon Glacier
- AWS Snowball
- AWS Storage Gateway
- Amazon Elastic Block Storage (Amazon EBS)
Explanation:
AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage. Customers use Storage Gateway to simplify storage management and reduce costs for key hybrid cloud storage use cases. These include moving tape backups to the cloud, reducing on-premises storage with cloud-backed file shares, providing low latency access to data in AWS for on-premises applications, as well as various migration, archiving, processing, and disaster recovery use cases. -
Which of the following services falls under the responsibility of the customer to maintain operating system configuration, security patching, and networking?
- Amazon RDS
- Amazon EC2
- Amazon ElastiCache
- AWS Fargate
Explanation:
The customer is responsible for managing, support, patching and control of the guest operating system and AWS services provided like EC2. -
Which of the following is an important architectural design principle when designing cloud applications?
- Use multiple Availability Zones.
- Use tightly coupled components.
- Use open source software.
- Provision extra capacity.
Explanation:
Data Center resilience is practiced through Availability Zones across data centers that reduce the impact of failures.
Fault isolation improvement can be made to traditional horizontal scaling by sharding (a method of grouping instances into groups called shards, instead of sending the traffic from all users to every node like in the traditional IT structure.) -
Which AWS support plan includes a dedicated Technical Account Manager?
- Developer
- Enterprise
- Business
- Basic
Explanation:
The enterprise support plans supports technical account manager. Developer and business support plans are devoid of this facility.
-
Amazon Relational Database Service (Amazon RDS) offers which of the following benefits over traditional database management?
- AWS manages the data stored in Amazon RDS tables.
- AWS manages the maintenance of the operating system.
- AWS automatically scales up instance types on demand.
- AWS manages the database type.
-
Which service is best for storing common database query results, which helps to alleviate database access load?
- Amazon Machine Learning
- Amazon SQS
- Amazon ElastiCache
- Amazon EC2 Instance Store
Explanation:
Amazon ElastiCache for Redis is a great choice for implementing a highly available, distributed, and secure in-memory cache to decrease access latency, increase throughput, and ease the load off your relational or NoSQL databases and applications. ElastiCache can serve frequently requested items at sub-millisecond response times, and enables you to easily scale for higher loads without growing the costlier backend databases. Database query results caching, persistent session caching, and full-page caching are all popular examples of caching with ElastiCache for Redis -
Which of the following is a component of the shared responsibility model managed entirely by AWS?
- Patching operating system software
- Encrypting data
- Enforcing multi-factor authentication
- Auditing physical data center assets
Explanation:
Of course, Amazon is responsible for auditing physical data center assets and resources since it is the property of Amazon Inc. Customers have no access to physical sites, hence they are not responsible for maintaining physical data center assets. -
Which options does AWS make available for customers who want to learn about security in the cloud in an instructor-led setting? (Choose two.)
- AWS Trusted Advisor
- AWS Online Tech Talks
- AWS Blog
- AWS Forums
- AWS Classroom Training
-
Which of the following features can be configured through the Amazon Virtual Private Cloud (Amazon VPC) Dashboard? (Choose two.)
- Amazon CloudFront distributions
- Amazon Route 53
- Security Groups
- Subnets
- Elastic Load Balancing
Explanation:
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.
You can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your web servers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet. -
If each department within a company has its own AWS account, what is one way to enable consolidated billing?
- Use AWS Budgets on each account to pay only to budget.
- Contact AWS Support for a monthly bill.
- Create an AWS Organization from the payer account and invite the other accounts to join.
- Put all invoices into one Amazon Simple Storage Service (Amazon S3) bucket, load data into Amazon Redshift, and then run a billing report.
-
How do customers benefit from Amazon’s massive economies of scale?
- Periodic price reductions as the result of Amazon’s operational efficiencies
- New Amazon EC2 instance types providing the latest hardware
- The ability to scale up and down when needed
- Increased reliability in the underlying hardware of Amazon EC2 instances
-
Which AWS services can be used to gather information about AWS account activity? (Choose two.)
- Amazon CloudFront
- AWS Cloud9
- AWS CloudTrail
- AWS CloudHSM
- Amazon CloudWatch
Explanation:
AWS offers a solution that uses AWS CloudTrail to log account activity, Amazon Kinesis to compute and stream metrics in real-time, and Amazon DynamoDB to durably store the computed data. Metrics are calculated for create, modify, and delete API calls for more than 60 supported AWS services. The solution also features a dashboard that visualizes your account activity in real-time. -
Which of the following common IT tasks can AWS cover to free up company IT resources? (Choose two.)
- Patching databases software
- Testing application releases
- Backing up databases
- Creating database schema
- Running penetration tests
-
In which scenario should Amazon EC2 Spot Instances be used?
- A company wants to move its main website to AWS from an on-premises web server.
- A company has a number of application services whose Service Level Agreement (SLA) requires 99.999% uptime.
- A company’s heavily used legacy database is currently running on-premises.
- A company has a number of infrequent, interruptible jobs that are currently using On-Demand Instances.
-
Which AWS feature should a customer leverage to achieve high availability of an application?
- AWS Direct Connect
- Availability Zones
- Data centers
- Amazon Virtual Private Cloud (Amazon VPC)
Explanation:
This is to achieve High Availability for any web application (in this case SwiftCode) deployed in AWS. The following features will be present:- High availability across multiple instances/multiple availability zones.
– Auto Scaling of instances (scale up and scale down) based on number of requests coming in
– Additional Security to the instances/database that are in production
– No impact to end users during newer version of code deployment
– No Impact during patching the instances -
Which is the minimum AWS Support plan that includes Infrastructure Event Management without additional costs?
- Enterprise
- Business
- Developer
- Basic
-
Which AWS service can serve a static website?
- Amazon S3
- Amazon Route 53
- Amazon QuickSight
- AWS X-Ray
Explanation:
You can host a static website on Amazon Simple Storage Service (Amazon S3). On a static website, individual webpages include static content. They might also contain client-side scripts. By contrast, a dynamic website relies on server-side processing, including server-side scripts such as PHP, JSP, or ASP.NET. Amazon S3 does not support server-side scripting.
Subscribe
0 Comments
Newest