Which actions represent best practices for using AWS IAM? (Select TWO.

)
QA. Configure a strong password policy.

OB. Share the security credentials among users of AWS accounts who are in the same Region.

Oc. Use access keys to log in to the AWS Management Console.

2D. Rotate access keys on a regular basis.

DE. Avoid using IAM roles to delegate permissions.

 b) ag TOF Kevi

Which AWS service provides automated backups of data by default?

OA. Amazon $3

@B. Amazon Aurora

OC. Amazon ElastiCache for Memcached

OD. Amazon Elastic File System (Amazon EFS)

 eer {»\ Elag
Tor Revi

Accompany wants to set up a secure network connection from on premises to the AWS Cloud within 1 week.

Which solution will meet these requirements?

OA. — AWS Direct Connect

OB. Amazon VPC

@C. AWS Site-to-Site VPN

OD. Edge location

 ee {»\ Elag
Tor Revi

Auser wants to transport data between AWS and an on-premises environment using a private network connection.

Which AWS service or feature can be used to meet these requirements?

OA. NAT gateway

@B. AWS Direct Connect

Oc. Amazon VPC

OD. Internet gateway

 oem ROM ate

A company has identified a high-risk network security issue during an AWS Well-Architected review. The company needs a managed solution that the company can use to deploy
essential network protections for all of its VPCs.

Which AWS service or feature meets these requirements?

@A. Security groups

OB. Network ACLs

OC. AWS Network Firewall

OD. Amazon VPC Network Access Analyzer

 ——_
An ecommerce company has Amazon EC2 instances running as web servers. There is a predictable pattern of peak traffic load that occurs two times each day, always at the same
time. The EC2 instances are idle for the remainder of the day.

What is the MOST cost-effective way to manage these resources while maintaining fault tolerance?

@A. Use an Auto Scaling group to scale resources in and out based on demand.

OB. Purchase Reserved Instances to ensure peak capacity at all times.

OC. — Write a cron job to stop the EC2 instances when the traffic demand is low.

OD. Write a script to vertically scale the EC2 instances during peak traffic demand.
Which tasks are customer responsibilities according to the AWS shared responsibility model? (Select TWO.)

DA. Determine application dependencies with operating systems.

MB. Provide user access with AWS Identity and Access Management (IAM).

Oc. Secure the data center in an Availability Zone.

OD. Patch the hypervisor.

ME. Provide network availability in Availability Zones.

 ——$
Accompany does not want to rely on elaborate forecasting to determine its usage of compute resources. Instead, the company wants to pay only for the resources that it uses. The
company also needs the ability to increase or decrease its resource usage to meet business requirements.

Which pillar of the AWS Well-Architected Framework aligns with these requirements?

OA. Operational excellence

OB. Security

OC. Reliability

@D. Cost optimization

 ANG ag TOF Revi

Treating infrastructure as code in the AWS Cloud allows users to:

OA. automate migration of on-premises hardware to AWS data centers.

OB. let a third party automate an audit of the AWS infrastructure.

OC. turn over application code to AWS so it can run on the AWS infrastructure.

©D. automate the infrastructure provisioning process.

Accompany moves a workload to AWS to run on Amazon EC2 instances. The company needs to run the workload in the most cost-effective way.

What can the company do to meet this requirement?

OA. Use AWS Key Management Service (AWS KMS).

@B. Use multiple AWS accounts and consolidated billing.

OC. Use AWS CloudFormation to deploy the infrastructure.

OD. Rightsize all the EC2 instances that are used in the deployment.
 eh y os rem lela cca [e

A company hosts an application on an Amazon EC2 instance. The EC2 instance needs to access several AWS resources. including Amazon S3 and Amazon DynamoDB.

What is the MOST operationally efficient solution to delegate permissions?

@A. Create an IAM role with the required permissions. Attach the role to the EC2 instance.

OB. — Create an IAM user and use its access key and secret access key in the application.

OC. Create an IAM user and use its access key and secret access key to create a CLI profile in the EC2 instance.

OD. Create an IAM role with the required permissions. Attach the role to the administrative IAM user.
 ae ¢»\ Elag tor

Accompany wants its workload to perform consistently and correctly.

Which benefit of AWS Cloud computing does this goal represent?

OA. Security

OB. Elasticity

OC. Pay-as-you-go pricing

@D. Reliability
Accompany is exploring the use of the AWS Cloud, and needs to create a cost estimate for a project before the infrastructure is provisioned.

Which AWS service or feature can be used to estimate costs before deployment?

OA. AWS Free Tier

@B. AWS Pricing Calculator

OC. AWS Billing and Cost Management

OD. AWS Cost and Usage Report

 C . RBes Ne meee 10) cai le

A company needs an AWS design solution for a distributed system. The system's components need to be set up so that one system component cannot negatively impact another
component.

Which AWS architectural best practice will meet this requirement?

OA. Use request throttling

OB. Use a stateful service

Oc. Implement automatic data backups

@D. Implement loose coupling

 tn\ jag Tor Kevi

Which AWS service can serve a Static website?

@A. Amazon $3

OB. Amazon Route 53

OC. Amazon QuickSight

OD. AWS X-Ray

 ANG ag TOF Revi

What is a benefit of using AWS serverless computing?

OA. Application deployment and management are not required.

OB. Application security will be fully managed by AWS.

OC. Monitoring and logging are not needed.

©D. Management of infrastructure is offloaded to AWS.

 ———
A company is running applications on Amazon EC2 instances in the same AWS account for several different projects. The company wants to track the infrastructure costs for each of
the projects separately. The company must conduct this tracking with the least possible impact to the existing infrastructure and with no additional cost.

What should the company do to meet these requirements?

OA. Use a different EC2 instance type for each project.

OB. Publish project-specific custom Amazon CloudWatch metrics for each application.

Oc. Deploy EC2 instances for each project in a separate AWS account.

@D. Use cost allocation tags with values that are specific to each project.
Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)

DA. Resource scalability

B. Performance efficiency

OC. — System elasticity

OD. Agile development

Es Operational excellence
A large company wants to track the combined AWS usage costs of all of its linked accounts.

How can this be accomplished?

OA. Use AWS Trusted Advisor to generate customized summary reports.

OB. Use AWS Organizations to generate consolidated billing reports.

OC. Use AWS Budgets to set utilization targets and receive summary reports.

@D. Use the AWS Control Tower dashboard to get a summary report of all linked account costs.
 Le y os rem lela cca [e

A company needs to test a new application that was written in Python. The code will activate when new images are stored in an Amazon S3 bucket. The application will put a watermark
on each image and then will store the images in a different S3 bucket.

Which AWS service should the company use to conduct the test with the LEAST amount of operational overhead?

@A. Amazon EC2

OB. AWS CodeDeploy

Oc. AWSLambda

OD. — Amazon Lightsail

Which AWS services or resources can a company use directly on its on-premises servers? (Select TWO.)

DOA. AWS OpsWorks

B. AWS CloudFormation

C. AWS Storage Gateway

OD. Application Load Balancer

OE. Amazon Cognito

 ——
Which of the following is a method for building a highly available application on AWS?

OA. Place an independent copy of the application in two or more Availability Zones.

OB. Place codependent components of the application in two or more Availability Zones.

OC. Run one version of the application in one Availability Zone and run an earlier version of the application in a second Availability Zone.

@D. Deploy two copies of the application in a single Availability Zone.

 Lea NEN {»\ Elag
Tor Revi

An application requires a database that offers consistent performance and latency that can be measured in single-digit milliseconds.

Which AWS service meets these requirements?

@A. Amazon DynamoDB

OB. Amazon RDS

Oc. — Amazon Redshift

OD. Amazon EMR

 Lo NN {»\ Elag
Tor Revi

Which AWS service or tool should a company use to centrally request and track service limit increases?

OA. — AWS Config

@B. Service Quotas

Oc. _ AWS Service Catalog

OD. AWS Budgets

 LO NNN {»\ Elag
Tor Revi

A cloud engineer wants to store data in Amazon S3. The engineer will access some of the data yearly and some of the data daily.

Which S3 storage class will meet these requirements MOST cost-effectively?

@A. $3 Standard

OB. S3 Glacier Deep Archive

OC. $3 One Zone-Infrequent Access (S3 One Zone-lA)

OD. $3 Intelligent-Tiering
 Ce {»\ Elag
Tor Revi

Which design principle is achieved by following the reliability pillar of the AWS Well-Architected Framework?

OA. _ Vertical scaling

OB. Manual failure recovery

@C. _ Testing recovery procedures

OD. Changing infrastructure manually

 ANG ag TOF Revi

Which activity can companies complete by using AWS Organizations?

OA. Troubleshoot the performance of applications.

OB. Manage service control policies (SCPs).

OC. Migrate applications to microservices.

©D. Monitor the performance of applications.

 {»\ Elag Tor Revi

Acompany has a set of ecommerce applications. The applications need to be able to send messages to each other.

Which AWS service meets this requirement?

OA. AWS Auto Scaling

OB. Elastic Load Balancing

@C. Amazon Simple Queue Service (Amazon SQS)

OD. Amazon Kinesis Data Streams

 ANG ag TOF Revi

Which task requires using AWS account root user credentials?

OA. Viewing billing information

@B. Changing the AWS Support plan

OC. Starting and stopping Amazon EC2 instances

OD. Opening an AWS Support case

 LL Se mele OM cals

A company needs to identify the last time that a specific user accessed the AWS Management Console.

Which AWS service will provide this information?

OA. Amazon Cognito

@B. AWS CloudTrail

OC. Amazon Inspector

OD. Amazon GuardDuty

 ANG ag TOF Revi

Which task is the responsibility of AWS when using AWS services?

OA. Management of IAM user permissions

OB. Creation of security group rules for outbound access

@C. Maintenance of physical and environmental controls

OD. Application of Amazon EC2 operating system patches

A company wants its Amazon EC2 instances to share the same geographic area but use multiple independent underlying power sources.

Which solution achieves this goal?

OA. Use EC2 instances in a single Availability Zone.

OB. Use EC2 instances in multiple AWS Regions.

@C. Use EC2 instances in multiple Availability Zones in the same AWS Region.

OD. Use EC2 instances in the same edge location and the same AWS Region.
 Nemes Rea sols

Accompany is building a mobile app to provide shopping recommendations to its customers. The company wants to use a graph database as part of the shopping recommendation
engine.

Which AWS database service should the company choose?

OA. Amazon DynamoDB

OB. Amazon Aurora

@C. Amazon Neptune

OD. Amazon DocumentDB (with MongoDB compatibility)

 Lo Ne {»\ Elag
Tor Revi

Acompany wants the ability to accommodate peak application usage without purchasing equipment for on-premises data centers.

Which AWS Cloud benefit is the company seeking?

OA. High availability

OB. Security

OC. Reliability

@D. Elasticity
 ee {»\ Elag
Tor Revi

Which task is the responsibility of a company that is using Amazon RDS?

OA. Provision the underlying infrastructure.

@®B. Create IAM policies to control administrative access to the service.

OC. __ Install the cables to connect the hardware for compute and storage.

OD. Install and patch the RDS operating system.

 CL. NE {»\ Elag
Tor Revi

Acompany needs to collect performance metrics about its Amazon RDS instances and Amazon EC2 instances.

Which AWS service meets this requirement?

@A. AWS CloudTrail

OB. — Amazon CloudWatch

Oc. — Amazon Inspector

OD. AWS Config

 Co {»\ Elag
Tor Revi

Acompany wants to build a data analytics application that uses Amazon Redshift. The company needs a cost estimate for its future Amazon Redshift usage.

Which AWS tool will provide a high-level cost estimation?

OA. AWS Budgets

OB. AWS Pricing Calculator

@C. AWS Cost Explorer

OD. Saving Plans

 ¢.\ Flag Tor Kevi

Which controls are shared under the AWS shared responsibility model? (Select TWO.)

BA. Awareness and training

OB. Patching of Amazon RDS

C. Configuration management

OD. Physical and environmental controls

DE. Service and communications protection or security

 Lae {»\ Elag
Tor Revi

Which AWS service provides the capability to view end-to-end performance metrics and troubleshoot distributed applications?

OA. AWS Cloudg

OB. AWS CodeStar

OC. AWS Cloud Map

@®D. AWSX-Ray
 ¢.\ Flag Tor Kevi

An application is receiving SQL injection attacks from multiple external resources.

Which AWS service or feature can help automate mitigation against these attacks?

@A. AWS WAF

OB. Security groups

OC. Elastic Load Balancer

OD. Network ACL

 CO a {»\ Elag
Tor Revi

Which AWS service could an administrator use to provide desktop environments for several employees?

OA. — AWS Organizations

OB. AWS Fargate

OC. AWS WAF

@D. AWS WorkSpaces

According to the AWS shared responsibility model, which task is the responsibility of the customer?

OA. Protect the global infrastructure that runs all of the services offered in the AWS Cloud.

OB. Configure logical access controls for resources, and protect account credentials.

@C. Configure the security used by managed services.

OD. Patch and back up Amazon Aurora.

 {»\ Elag Tor Revi

Which AWS service gives users the ability to run AWS services on premises?

OA. — Amazon CloudFront

@©B. AWS Outposts

Oc. — AWS Global Accelerator

OD. Amazon VPC

Which encryption types can be used to protect objects at rest in Amazon $3? (Select TWO.)

QA. Server-side encryption with Amazon S3 managed encryption keys (SSE-S3)

MB. Server-side encryption with AWS KMS managed keys (SSE-KMS)

Oc. TLS

OD. SSL

DE. Transparent Data Encryption (TDE)

 == {»\ Elag
Tor Revi

Which AWS service allows users to model and provision AWS resources using common programming languages?

OA. — AWS CloudFormation

OB. AWS CodePipeline

@C. AWS Cloud Development Kit (AWS CDK)

OD. — AWS Systems Manager
 = ¢»\ Elag tor

Which of the following is entirely the responsibility of AWS, according to the AWS shared responsibility model?

OA. Security awareness and training

OB. Development of an IAM password policy

OC. Patching of the guest operating system

@D. Physical and environmental controls

 —_—_
Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?

OA. Agility
@B. Elasticity

OC. Reliability

OD. Durability
Which of the following are characteristics of a serverless application that runs in the AWS Cloud? (Select TWO.)

DA. Users must manually configure Amazon EC2 instances.

OB. Users have a choice of operating systems.

Oc. The application has built-in fault tolerance.

2D. Users can run Amazon EC2 Spot Instances.

ME. The application can scale based on demand.

Which AWS benefit enables users to deploy cloud infrastructure that consists of multiple geographic regions connected by a network with low latency, high throughput, and redundancy?

@A. Economies of scale

OB. Security

OC. Elasticity

OD. Global reach

 tn\ ag TOF Revi

Which AWS services or features can control VPC traffic? (Select TWO.)

QA. Security groups

OB. AWS Direct Connect

Oc. Amazon GuardDuty

2D. Network ACLs

DE. Amazon Connect

 —_——
A large retail company wants to use an AWS service to process clickstream data from the company’s ecommerce website. The company wants to collect and analyze the streaming
data in real time.

Which AWS service meets these requirements?

@A. Amazon Kinesis

OB. — Amazon Athena

OC. — Amazon CloudFront

OD. — AWS Data Exchange

 ——_
Accompany is developing an application that the company will host on Amazon EC2 instances. The application must be available 24 hours a day, 7 days a week. The company needs a
scalable, highly available cloud architecture to support the application.

Which guidelines should the company apply in its design to meet these requirements? (Select TWO.)

MA. Use EC2 Spot Instances.

OB. Use Multi-AZ deployments.

OC. Use Auto Scaling groups

OD. Use AWS Backup.

IGE. Use EC2 Reserved Instances.

 Le SN {»\ Elag
Tor Revi

Which of the following is an AWS Well-Architected Framework design principle for operational excellence in the AWS Cloud?

OA. Go global in minutes.

@®B. ‘Make frequent, small, reversible changes.

Oc. _ Implement a strong foundation of identity and access management.

OD. Stop spending money on hardware infrastructure for data center operations.
 ¢.\ Flag Tor Kevi

Which of the following are economic benefits of using the AWS Cloud? (Select TWO.)

BA. Consumption-based pricing

OB. Perpetual licenses

C. Economies of scale

OD. AWS Enterprise Support at no additional cost

OE. _ Bring-your-own-hardware model

 oe rem lela cca[e

Which AWS service or tool helps to centrally manage billing and allow controlled access to resources across AWS accounts?

OA. AWS Identity and Access Management (IAM)

@©B. AWS Organizations

Oc. — AWS Cost Explorer

OD. AWS Budgets

What is a benefit of moving to the AWS Cloud in terms of improving time to market?

OA. Decreased deployment speed

OB. Increased application security

@C. Increased business agility

OD. Increased backup capabilities

 Lo Ne meee 10) cai le

A company runs an ecommerce website that is hosted on AWS. External auditors have requested proof that the AWS services that the company uses are compliant with the Payment
Card Industry Data Security Standard (PCI DSS).

Which AWS service will provide this information?

OA. AWS Certificate Manager (ACM)

OB. AWS Artifact

@C. AWS License Manager

OD. AWS CloudTrail

 Le NSN ¢»\ Elag tor

Which AWS Cloud design principle is a company using when the company implements AWS CloudTrail?

OA. _ Activate traceability.

OB. _ Use serverless compute architectures.

@C. Perform operations as code.

OD. — Goglobal in minutes.

Which AWS Support plans provide a complete set of AWS Trusted Advisor checks?

OA. AWS Business Support and AWS Basic Support

@B. AWS Enterprise Support and AWS Business Support

OC. AWS Enterprise Support and AWS Developer Support

OD. AWS Business Support and AWS Developer Support

Which of the following are advantages of the AWS Cloud? (Select TWO.)

DA. AWS manages all the security within the cloud.

MB. Expenses never change from month to month.

Oc. Users can stop spending money on the maintenance of data centers.

OD. Users do not need to deploy applications globally.

ME. Users can stop guessing about resource capacity.

 ¢»\ Elag tor

Acompany wants to run Amazon EC2 instances in locations that are near the company's global users.

Which aspect of the AWS environment will support this requirement?

@A. Availability Zone

OB. Edge locations

Oc. AWS Regions

OD. Regional edge caches

 ¢.\ Flag Tor Kevi

In which of the following AWS services should database credentials be stored for maximum security?

OA. AWS Identity and Access Management (IAM)

@B. AWS Secrets Manager

Oc. Amazon $3

OD. AWS Key Management Service (AWS KMS)

 {»\ Elag Tor Revi

Acompany runs thousands of simultaneous simulations using AWS Batch. Each simulation is stateless, is fault tolerant, and runs for up to 3 hours.

Which pricing model enables the company to optimize costs and meet these requirements?

@A. _ Reserved Instances

OB. Spot Instances

Oc. — On-Demand Instances

OD. Dedicated Instances

 Ne mel 8 CO) cate

Accompany has two AWS accounts in an organization in AWS Organizations for consolidated billing. All of the company’s AWS resources are hosted in one AWS Region.

Account A has purchased five Amazon EC2 Standard Reserved Instances (RIs) and has four EC2 instances running. Account B has not purchased any Ris and also has four EC2
instances running.

Which statement is true regarding pricing for these eight instances?

OA. _ The eight instances will be charged as regular instances.

iB. —_— Four instances will be charged as Ris, fed four will be charged as regular instances.

OC. Five instances will be charged as Rls, and three will be charged as regular instances.

OD. The eight instances will be charged as Ris.

 {»\ Elag Tor Revi

A retail company is migrating its IT infrastructure applications from on premises to the AWS Cloud.

Which costs will the company eliminate with this migration? (Select TWO.)

DOA. — Cost of data center operations

OB. Cost of application licensing

Oc. Cost of marketing campaigns

D. Cost of physical server hardware

Me. Cost of network management

ly
Which services can be used to deploy applications on AWS? (Select TWO.)

QA. AWS Elastic Beanstalk

OB. AWS Config

Ac. AWS OpsWorks

OD. AWS Application Discovery Service

OE. Amazon Kinesis

Acompany is hosting a web application in a Docker container on Amazon EC2.

AWS is responsible for which of the following tasks?

OA. Scaling the web application and services developed with Docker

OB. Provisioning or scheduling containers to run on clusters and maintain their availability

@C. Performing hardware maintenance in the AWS facilities that run the AWS Cloud

OD. Managing the guest operating system, including updates and security patches
Which AWS Cloud deployment model uses AWS Outposts as part of the application deployment infrastructure?

OA. — On-premises

OB. — Serverless

Oc. — Cloud-native

@D. Hybrid
Acompany has refined its workload to use specific AWS services to improve efficiency and reduce cost.

Which best practice for cost governance does this example show?

OA. Resource controls

OB. Cost allocation

@C. Architecture optimization

OD. Tagging enforcement

A company must compare the cost of running a MySQL database on an Amazon EC2 instance and Amazon RDS DB instance.

Which AWS service or tool should the company use?

OA. AWS Budgets

OB. AWS Control Tower

Oc. AWS Outposts

@®D. AWS Pricing Calculator

Which AWS service can a company use to perform complex analytical queries?

OA. Amazon RDS

OB. Amazon DynamoDB

@C. Amazon Redshift

OD. Amazon ElastiCache

A company is using Amazon DynamoDB.

Which task is the company's responsibility, according to the AWS shared responsibility model?

@A. Patch the operating system.

OB. Provision hosts.

OC. Manage database access permissions.

OD. — Secure the operating system.

What is an Availability Zone?

OA. Allocation where users can deploy compute, storage, database, and other select AWS services where no AWS Region currently exists

@B. One or more discrete data centers with redundant power, networking, and connectivity

OC. One or more clusters of servers where new workloads can be deployed

OD. A fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to users globally
Which AWS service is a highly available and scalable DNS web service?

OA. Amazon VPC

OB. Amazon CloudFront

@C. Amazon Route 53

OD. Amazon Connect

Which task is a customer's responsibility, according to the AWS shared responsibility model?

OA. Management of the guest operating systems

OB. Maintenance of the configuration of infrastructure devices

@C. Management of the host operating systems and virtualization

OD. Maintenance of the software that powers Availability Zones

 Se —s EEE
Acompany plans to move its test workloads to Amazon EC2. The test workloads can be interrupted and are not required to start at a particular time.

Which EC2 instance purchasing option is MOST cost-effective for this use case?

OA. On-Demand Instances

OB. Spot Instances

@C. Reserved Instances

OD. Dedicated Hosts

Which of the following is a cost efficiency principle related to the AWS Cloud?

OA. Right-size services based on capacity requirements.

@B. Use the Billing Dashboard to access information about monthly bills.

O¢. Use AWS Organizations to combine the expenses of multiple accounts into a single bill.

OD. Tag all AWS resources.

Which of the following is an advantage that users experience when they move on-premises workloads to the AWS Cloud?

OA. Elimination of expenses for running and maintaining data centers

OB. Price discounts that are identical to discounts from hardware providers

[@Jc. Distribution of all operational conigols to AWS

OD. Elimination of operational expenses

Which of the following is an advantage of AWS Cloud computing?

OA. Trade security for elasticity.

OB. Trade operational excellence for agility.

O¢. Trade fixed expenses for variable expenses.

@D. Trade elasticity for performance.

Which of the following are advantages of the AWS Cloud? (Select TWO.)

QA. Trade variable expenses for capital expenses

OB. High economies of scale

Ac. Launch globally in minutes

OD. Focus on managing hardware infrastructure

OE. Overprovision to ensure capacity

 SS —s EEE
A company has a workload that requires data to be collected, analyzed, and stored on premises. The company wants to extend the use of AWS services to run on premises with access to the company
network and the company's VPC.

Which AWS service meets this requirement?

OA. AWS Outposts

@®B. AWS Storage Gateway

OC. AWS Direct Connect

OD. AWS Snowball

Which statement describes a characteristic of the AWS global infrastructure?

OA. Edge locations contain multiple AWS Regions.

OB. AWS Regions contain multiple Regional edge caches.

@C. Availability Zones contain multiple data centers.

OD. Each data center contains multiple edge locations.

Which of the following is available to a company that has an AWS Business Support plan?

@A. AWS Support concierge

OB. AWS DDoS Response Team (DRT)

OC. — AWS technical account manager (TAM)

OD. AWS Health API

Which design principle should be considered when architecting in the AWS Cloud?

OA. Think of servers as non-disposable resources.

OB. Use synchronous integration of services.

@C. Design loosely coupled components.

OD. Implement the least permissive rules for security groups.

Which AWS service provides the ability to host a NoSQL database in the AWS Cloud?

OA. Amazon Aurora

@B. Amazon DynamoDB

OC. Amazon RDS

OD. Amazon Redshift

Acompany is configuring its AWS Cloud environment. The company’s administrators need to group users together and apply permissions to the group.

Which AWS service or feature can the company use to meet these requirements?

OA. AWS Organizations

OB. Resource groups

OC. Resource tagging

@®D. AWS Identity and Access Management (IAM)

 a —s EEE
Which of the following promotes AWS Cloud architectural best practices for designing and operating reliable, secure, efficient, and cost-effective systems?

OA. AWS Serverless Application Model framework

OB. AWS Business Support

OC.” Principle of least privilege

@D. AWS Well-Architected Framework

 Se —s EEE
Acompany is migrating its workloads to the AWS Cloud. The company must retain full control of patch management for the guest operating systems that host its applications.

Which AWS service should the company use to meet these requirements?

OA. Amazon DynamoDB

@B. Amazon EC2

OC. AWS Lambda

OD. Amazon RDS

A developer wants AWS users to access AWS services by using temporary security credentials.

Which AWS service or feature should the developer use to provide these credentials?

OA. IAM policies

OB. IAM user groups

@C. AWS Security Token Service (AWS STS)

OD. AWS IAM Identity Center (AWS Single Sign-On)

Acompany that has multiple AWS accounts wants to reduce its recurring cloud costs. The company is using AWS Organizations.

Which AWS tool or feature will share volume pricing discounts and Savings Plans among accounts?

OA. AWS Budgets

OB. Consolidated billing

Oc. AWS credits

OD. — Cost allocation tags

According to the AWS shared responsibility model, which of the following are AWS responsibilities? (Select TWO.)

A. Network infrastructure and virtualization of infrastructure

OB. Security of application data

OC. Guest operating systems

MD. Physical security of hardware

OE. Credentials and policies

A company needs to receive notification when a deployed workload is using more than a certain percentage of a service quota.

Which AWS service should the company use to meet this requirement?

OA. AWS Config

OB. AWS CloudTrail

OC. — AWS Trusted Advisor

OD. AWS Lambda

Which AWS Cloud benefit describes the ability to acquire resources as they are needed and release resources when they are no longer needed?

OA. — Economies of scale

@B. Elasticity

OC. Agility
OD. Security
Which AWS service uses a combination of publishers and subscribers?

OA. AWS Lambda

@B. Amazon Simple Notification Service (Amazon SNS)

O¢. Amazon CloudWatch

OD. AWS CloudFormation

 =< —s EEE
A cloud engineer needs to track AWS costs. The cloud engineer also needs to receive event-driven alerts when costs exceed specific thresholds.

Which AWS tool provides this functionality?

@A. AWS Cost Explorer

OB. AWS Budgets

OC. Cost allocation tags

OD. AWS Cost and Usage Reports

Which of the following are benefits that a company receives when it moves an on-premises production workload to AWS? (Select TWO.)

OA. — AWS trains the company’s staff on the use of all the AWS services.

OB. AWS manages all security in the cloud.

Oc. AWS offers free support from technical account managers (TAMs).

D. — AWS offers high availability.

E AWS provides economies of scale.

Which of the following acts as an instance-level firewall to control inbound and outbound access?

OA. Network access control list

@B. Security groups

OC. AWS Trusted Advisor

OD. Virtual private gateways

Which of the following are user authentication services managed by AWS? (Select TWO.)

A. Amazon Cognito

OB. AWS Lambda

OC. AWS License Manager

D. — AWS Identity and Access Management (IAM)

OE. AWS CodeStar

Which benefit does Amazon Rekognition provide?

OA. The ability to place watermarks on images

@B. The ability to detect objects that appear in pictures

O¢. The ability to resize millions of images automatically

OD. The ability to bid on object detection jobs

Aretail company is building a new mobile app. The company is evaluating whether to build the app at an on-premises data center or in the AWS Cloud.

Which of the following are benefits of building this app in the AWS Cloud? (Select TWO.)

OA. A large, upfront capital expense and low variable expenses

B. Increased speed for trying out new projects

C. Complete control over the physical security of the infrastructure

OD. Flexibility to scale up in minutes as the application becomes popular

OE: Ability to pick the specific data centers that will host the application servers
Which AWS feature or resource is a deployable Amazon EC2 instance template that is prepackaged with software and security requirements?

OA. — Amazon Elastic Block Store (Amazon EBS) volume

@B. AWS CloudFormation template

OC. — Amazon Elastic Block Store (Amazon EBS) snapshot

OD. Amazon Machine Image (AMI)

Which of the following is the customer responsible for updating and patching, according to the AWS shared responsibility model?

OA. — Amazon FSx for Windows File Server

@B. Amazon WorkSpaces virtual Windows desktop

OC. — AWS Directory Service for Microsoft Active Directory

OD. Amazon RDS for Microsoft SQL Server

Which design principles support the reliability pillar of the AWS Well-Architected Framework? (Select TWO.)

OA. Perform operations as code.

OB. Enable traceability.

C. Automatically scale to meet demand.

OD. Deploy resources globally to improve response time.

E: Automatically recover from failure.

 eeeeeeEeee—eEe—eEe——eEeeEeEeeEeee DR facies

A company wants to migrate its on-premises data warehouse to AWS. The information in the data warehouse is used to populate analytics dashboards.

Which AWS service should the company use for the data warehouse?

OA. Amazon ElastiCache

OB. — Amazon Aurora

Oc. Amazon RDS

@®D. Amazon Redshift

A company has identified a high-risk network security issue during an AWS Well-Architected review. The company needs a managed solution that the company can use to deploy essential network protections
for all of its VPCs.

Which AWS service or feature meets these requirements?

@A. Security groups

OB. Network ACLs

Oc. AWS Network Firewall

OD. Amazon VPC Network Access Analyzer

A company wants to protect its AWS Cloud information, systems, and assets while performing risk assessment and mitigation tasks.

Which pillar of the AWS Well-Architected Framework is supported by these goals?

OA. Reliability

OB. Security

Oc. Operational excellence

OD. Performance efficiency

Which AWS service will help a company identify the user who deleted an Amazon EC2 instance yesterday?

OA. — Amazon CloudWatch

OB. AWS Trusted Advisor

@C. AWS CloudTrail

OD. Amazon Inspector

Auser wants to identify any security group that is allowing unrestricted incoming SSH traffic.

Which AWS service can be used to accomplish this goal?

OA. Amazon Cognito

OB. — AWS Shield

OC. — Amazon Macie

@®D. — AWS Trusted Advisor

What is the total amount of storage offered by Amazon S3?

OA. 100 MB

OB. 5GB

Oc. 57TB

®D. — Unlimited
An ecommerce application uses Java Message Service (JMS) messaging to communicate between its fulfillment center and the application after an order has been placed. The company wants to migrate its
messaging application to AWS. The company also wants to minimize the effort used to rewrite the messaging code.

Which AWS service will meet these requirements?

OA. Amazon Simple Notification Service (Amazon SNS)

@B. Amazon Simple Email Service (Amazon SES)

Oc. Amazon Pinpoint

OD. Amazon MQ
Which AWS Cloud service can send alerts to customers if custom spending thresholds are exceeded?

GA. AWS Budgets

OB. AWS Cost Explorer

OC. AWS Cost Allocation Tags

OD. AWS Organizations

Which options does AWS make available for customers who want to learn about security in the cloud in an instructor-led setting? (Select TWO.)

OA. — AWS Trusted Advisor

B. AWS Online Tech Talks

OC. AWSBlog
OD. AWS Forums

E. AWS Classroom Training

Which AWS service provides DNS resolution?

OA. Amazon CloudFront

OB. Amazon VPC

@C. Amazon Route 53

OD. AWS Direct Connect

Which of the following are AWS Cloud design principles? (Select TWO.)

DA. Pay for compute resources in advance.

6B. Make data-driven decisions to determine cloud architectural design.

Oc. Emphasize manual processes to allow for changes.

OD. Test systems at production scale.

GE. Refine operational procedures infrequently.

Acompany uses Amazon Aurora as its database service. The company wants to encrypt its databases and database backups.

Which party manages the encryption of the database clusters and database snapshots, according to the AWS shared responsibility model?

@A. AWS

OB. The company

Oc. AWS Marketplace partners

OD. Third-party partners

Which task requires the use of AWS account root user credentials?

OA. The deletion of IAM users

@B. The change to a different AWS Support plan

O¢. The creation of an organization in AWS Organizations

OD. The deletion of Amazon EC2 instances

Which AWS service provides machine learning capability to detect and analyze content in images and videos?

OA. Amazon Connect

OB. — Amazon Lightsail

OC. — Amazon Personalize

@D. Amazon Rekognition

Auser is using AWS account root user credentials to try to close an AWS account that is managed by AWS Organizations. However, the attempt is unsuccessful.

What could cause this attempt to be unsuccessful?

OA. No multi-factor authentication (MFA) has been configured.

OB. The root user is not specifically assigned to the administration group.

Oc. The root user's password does not meet the minimum password complexity requirements.

@D. The organizational administrator has used a service control policy (SCP) to limit the root user permissions.
Which task is the responsibility of a company that is using Amazon RDS?

OA. Provision the underlying infrastructure.

@B. Create IAM policies to control administrative access to the service.

OC. Install the cables to connect the hardware for compute and storage.

OD. Install and patch the RDS operating system.

Which option is an advantage of AWS Cloud computing that minimizes variable costs?

OA. High availability

@B. Economies of scale

OC. Global reach

OD. Agility
When a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS, which Amazon EC2 instance type is required?

OA. — Spot Instances

OB. Dedicated Instances

@®C. Dedicated Hosts

OD. Reserved Instances

 —— —S Eee
A company has an online shopping website and wants to store customers’ credit card data. The company must meet Payment Card Industry (PCI) standards.

Which service can the company use to access AWS compliance documentation?

OA. Amazon Cloud Directory

OB. AWS Artifact

OC. — AWS Trusted Advisor

OD. Amazon Inspector

 Se —s EEE
A company needs to reserve a certain amount of Amazon EC2 compute resources in a specific Availability Zone within an AWS Region.

Which purchasing option should the company use to meet this requirement?

OA. EC2 Instance Savings Plans

OB. Compute Savings Plans

@C. Regional Reserved Instances

OD. Zonal Reserved Instances

Which AWS service aggregates, organizes, and prioritizes security alerts and findings from multiple AWS services?

OA. — Amazon Detective

OB. Amazon Inspector

OC. — Amazon Macie

@D. AWS Security Hub

Acompany wants to set up a secure network connection from on premises to the AWS Cloud within 1 week.

Which solution will meet these requirements?

OA. AWS Direct Connect

OB. Amazon VPC

@©C. AWS Site-to-Site VPN

OD. Edge location

A company wants to deploy and manage a Docker-based application on AWS.

Which solution meets these requirements with the LEAST amount of operational overhead?
@A. An open-source Docker orchestrator on Amazon EC2 instances

OB. AWS AppSyne

Oc. Amazon Elastic Container Registry (Amazon ECR)

OD. Amazon Elastic Container Service (Amazon ECS)

Which of the following is a benefit of decoupling an AWS Cloud architecture?

@A. Reduced latency

OB. Ability to upgrade components independently

O¢. Decreased costs

OD. Fewer components to manage

Which of the following are advantages of moving to the AWS Cloud? (Select TWO.)

DA. The ability to turn over the responsibility for all security to AWS.

6B. The ability to use the pay-as-you-go model.

Oc. The ability to have full control over the physical infrastructure.

4D. No longer having to guess what capacity will be required.

OE. No longer worrying about users access controls.

Alarge company wants to track the combined AWS usage costs of all of its linked accounts.

How can this be accomplished?

OA. Use AWS Trusted Advisor to generate customized summary reports.

@B. Use AWS Organizations to generate consolidated billing reports.

Oc. Use AWS Budgets to set utilization targets and receive summary reports.

OD. Use the AWS Control Tower dashboard to get a summary report of all linked account costs.
A company is migrating an application that includes an Oracle database to AWS. The company cannot rewrite the application.

To which AWS service could the company migrate the database?

OA. Amazon Athena

OB. Amazon DynamoDB

@cC. AmazonRDS

OD. Amazon DocumentDB (with MongoDB compatibility)

Which activity is a customer responsibility in the AWS Cloud according to the AWS shared responsibility model?

OA. Ensuring network connectivity from AWS to the internet

OB. Patching and fixing flaws within the AWS Cloud infrastructure

OC. Ensuring the physical security of cloud data centers

@D. Ensuring Amazon EBS volumes are backed up

Sa are

Which duties are the responsibility of a company that is using AWS Lambda? (Select TWO.)

OA. Security inside of code

B. Selection of CPU resources

Oc. Patching of operating system

D. Writing and updating of code

DE. Security of underlying infrastructure

Acompany's information security manager is supervising a move to AWS and wants to ensure that AWS best practices are followed. The manager has concerns about the
potential misuse of AWS account root user credentials.

Which of the following is an AWS best practice for using the AWS account root user credentials?

OA. Allow only the manager to use the account root user credentials for normal activities.

OB. Use the account root user credentials only for Amazon EC2 instances from the AWS Free Tier.

@C. Use the account root user credentials only when they alone must be used to perform a required function.

OD. Use the account root user credentials only for the creation of private VPC subnets.
fas

Which group shares responsibility with AWS for security and compliance of AWS accounts and resources?

OA. Third-party vendors

@B. Customers

OC. Reseller partners

OD. Internet providers

Sa are

Acloud engineer needs to download AWS security and compliance documents for an upcoming audit.

Which AWS service can provide the documents?

OA. AWS Trusted Advisor

@B. AWS Artifact

Oc. AWS Well-Architected Tool

OD. AWS Systems Manager

Sa are

Which AWS service allows a user to provision a managed MySQL DB instance?

OA. Amazon DynamoDB

OB. — Amazon Redshift

@C. Amazon RDS

OD. AWS Database Migration Service (AWS DMS)

A company has an application with robust hardware requirements. The application must be accessed by students who are using lightweight, low-cost laptops.

Which AWS service will help the company deploy the application without investing in backend infrastructure or high-end client hardware?

OA. Amazon AppStream 2.0

OB. AWS AppSync

@C. Amazon WorkLink

OD. AWS Elastic Beanstalk

Which statement is an AWS Cloud best practice that focuses on the elasticity and agility of cloud computing?

OA. Provision capacity based on past usage and theoretical peaks.

@B. Dynamically scale to meet usage demands.

OC. Build the application and infrastructure in a data center that grants physical access.

OD. Break apart the application into loosely coupled components.

Which AWS service should a cloud practitioner use to receive real-time guidance for provisioning resources, based on AWS best practices related to security, cost
optimization, and service limits?

@A. AWS Trusted Advisor

OB. AWSS Config

Oc. AWS Security Hub

OD. AWS Systems Manager

h

Which of the following describes an AWS Region?

OA. Aspecific location within a geographic area that provides high availability

OB. A set of data centers spanning multiple countries

Oc. A global picture of a user's cloud computing environment

@D. Acollection of databases that can be accessed from a specific geographic area only
Acompany is planning to move data backups to the AWS Cloud. The company needs to replace on-premises storage with storage that is cloud-based but locally cached.

Which AWS service meets these requirements?

@A. AWS Storage Gateway

OB. AWS Snowcone

Oc. AWS Backup

OD. Amazon Elastic File System (Amazon EFS)

Management at a large company wants to avoid long-term contracts and is interested in AWS to move from fixed costs to variable costs.

What is the value proposition of AWS for this company?

OA. Economy of scale

@B. Pay-as-you-go pricing

OC. Volume discounts

OD. Cost optimization

A company wants to run its applications in the AWS Cloud. The company does not have enough staff to maintain and protect its critical business applications.
SS
——————— -

Which task is the responsibility of a company that is using Amazon RDS?

OA. Provision the underlying infrastructure.

@B. Create IAM policies to control administrative access to the service.

Oc. Install the cables to connect the hardware for compute and storage.

OD. Install and patch the RDS operating system.

SSS

Which of the following are security principles in the AWS Well-Architected Framework? (Select TWO.)

OA. Analyze and attribute expenditures.

B. Monitor, alert, and audit actions and changes to AWS resources.

Oc. Deploy globally in minutes.

D. Protect data in transit and at rest.

DE. Perform operations as code.

Which AWS service or feature can a company use to determine which business unit is using specific AWS resources?

©A. Cost allocation tags

OB. Key pairs

OC. — Amazon Inspector

OD. AWS Trusted Advisor

fas

Acompany needs the historical cost and service usage details of its Amazon EC2 instances.

Which AWS service or tool will provide this information?

OA. AWS Budgets

OB. Amazon Forecast

@C. AWS Cost Explorer

OD. — AWS Pricing Calculator

An application that is hosted on Amazon EC2 has a steady and consistent workload. The application will operate for at least 1 year.

What is the MOST cost-effective instance purchasing option to meet these requirements?

OA. Spot Instances

OB. Reserved Instances

@C. On-Demand Instances

OD. Dedicated Hosts

 SSS

Which guidelines are key AWS architectural design principles? (Select TWO.)

DA. Design for fixed resources.

B. Build scalable architectures.

Oc. Use tightly coupled components.

!D. Use managed services when possible.

DE. Design for human interaction.

Which of the following are customer responsibilities under the AWS shared responsibility model? (Select TWO.)

OA. Physical security of AWS facilities

B. Configuration of security groups

Cc. Encryption of customer data on AWS

OD. Management of AWS Lambda infrastructure

DE. Management of network throughput of each AWS Region

 MS i

Acompany wants to establish a security layer in its VPC that will act as a firewall to control subnet traffic.

Which AWS service or feature will meet this requirement?

OA. Routing tables

@B. Network access control lists (network ACLs)

Oc. Security groups

OD. Amazon GuardDuty

An auditor needs to find out whether a specific AWS service is compliant with specific compliance frameworks.

Which AWS service will provide this information?

OA. AWS Artifact

OB. AWS Trusted Advisor

@C. Amazon GuardDuty

OD. AWS Certificate Manager (ACM)

How can an AWS user conduct security assessments of Amazon EC2 instances, NAT gateways, and Elastic Load Balancers in a way that is approved by AWS?

OA. Flood a target with requests.

OB. Use Amazon Inspector.

@C. Perform penetration testing.

OD. Use the AWS Service Health Dashboard.

Acompany's on-premises application deployment cycle was 3-4 weeks. After migrating to the AWS Cloud, the company can deploy the application in 2-3 days.

Which benefit has this company experienced by moving to the AWS Cloud?

OA. Elasticity

OB. Flexibility

@c. Agility

OD. Resilience
————————————e=Ey-

Anewly created IAM user has no IAM policy attached.

What will happen when the user logs in and attempts to view the AWS resources in the account?

@A. _ AIlAWS services will be read-only access by default.

OB. Access to all AWS resources will be denied.

OC. Access to the AWS billing services will be allowed.

OD. Access to AWS resources will be allowed through the AWS CLI.
Sa are

Acompany acquired another corporation. The company now has two AWS accounts.

Which AWS service or tool can the company use to consolidate the billing for these two accounts?

OA. AWS Systems Manager

@B. AWS Organizations

Oc. AWS License Manager

OD. Cost Explorer

i SS

Which AWS database service provides in-memory data storage?

OA. Amazon DynamoDB

OB. Amazon ElastiCache

OC. Amazon RDS

OD. Amazon Timestream

An ecommerce company is using Amazon EC2 Auto Scaling groups to manage a fleet of web servers running on Amazon EC2.

This architecture follows which AWS Well-Architected Framework best practice?

@A. Secure the workload

OB. Decouple infrastructure components

Oc. Design for failure

OD. Think parallel

What does the Amazon S3 Intelligent-Tiering storage class offer?

OA. Payment flexibility by reserving storage capacity

OB. Long-term retention of data by copying the data to an encrypted Amazon Elastic Block Store (Amazon EBS) volume

@C. Automatic cost savings by moving objects between tiers based on access pattern changes

OD. Secure, durable, and lowest cost storage for data archival
Which cloud computing advantage is a company applying when it uses AWS Regions to increase application availability to users in different countries?

OA. Pay-as-you-go pricing

OB. Capacity forecasting

OC. Economies of scale

@D. Global reach

Acompany has an application that uses AWS services. During scaling events, the company wants to keep application usage within AWS service quotas.

Which AWS services or tools can report on the quotas so that the company can improve the reliability of the application? (Select TWO.)

A. Service Quotas console

B. AWS Trusted Advisor

Oc. AWS Systems Manager

OD. AWS Shield

OE. AWS Cost Explorer

Sac are

Which of the following is one of the pillars of the AWS Well-Architected Framework?

OA. Efficiency and redundancy

OB. High availability

@C. Operational excellence

OD. Business optimization

SSS

Which guideline is a well-architected design principle for building cloud applications?

OA. Keep static data closer to compute resources.

OB. Provision resources for peak capacity.

@Cc. Design for automated recovery from failure.

OD. Use tightly coupled components.

Which AWS services and features are provided to all customers at no charge? (Select TWO.)

DOA. Amazon Aurora

B. VPC

Oc. Amazon SageMaker

D. AWS Identity and Access Management (IAM)

DE. Amazon Polly >
SE

Which AWS Support plan provides customers with access to an AWS technical account manager (TAM)?

OA. AWS Basic Support

OB. — AWS Developer Support

OC. AWS Business Support

@D. AWS Enterprise Support

AN ep

Acompany is using Amazon DynamoDB.

Which task is the company’s responsibility, according to the AWS shared responsibility model?

@A. Patch the operating system.

OB. Provision hosts.

Oc. Manage database access permissions.

OD. Secure the operating system.

Sa are

Which of the following are components of an AWS Site-to-Site VPN connection? (Select TWO.)

OA. AWS Storage Gateway

B. Virtual private gateway

Oc. NAT gateway

D. Customer gateway

DE. Internet gateway

Which cloud computing benefit does AWS demonstrate with its ability to offer lower variable costs as a result of high purchase volumes?

OA. Pay-as-you-go pricing

OB. High availability

OC. Global reach

@D. Economies of scale

—————_————e

Which AWS service is used to track, record, and audit configuration changes made to AWS resources?

OA. AWS Shield

@©B. AWS Config

OC. AWS IAM

OD. — Amazon Inspector

Which design principles are enabled by the AWS Cloud to improve the operation of workloads? (Select TWO.)

OA. Minimize upfront design

B. Loose coupling

Oc. Disposable resources

D. Server design and concurrency

DE. Minimal viable product

Acloud practitioner needs to design a NoSQL database that is highly scalable, is durable, and requires minimal maintenance.

Which AWS service meets these requirements?

OA. Amazon RDS for MySQL

OB. Microsoft SQL Server on Amazon EC2

@C. Amazon DynamoDB

OD. Amazon Redshift

De rte EE

Acompany is designing a web application that will run on Amazon EC2 instances.

Which AWS services and features will improve availability and reduce the impact of failures for this application? (Select TWO.)

A. Amazon EC2 Auto Scaling for the EC2 instances

OB. VPC subnet ACLs to check the health of a service

Oc. Resources that are distributed across multiple Availability Zones

D. Configuration of AWS Server Migration Service (AWS SMS) to move the EC2 instances to a different AWS Region

OE. Resources that are distributed across multiple AWS points of presence
 ee

A company wants to use Amazon EC2 instances to provide a static website to users all over the world. The company needs to minimize latency for the users.

Which solution meets these requirements?

OA. Use EC2 instances in a single Availability Zone.

OB. Use EC2 instances across multiple Availability Zones in the same AWS Region.

@c. Use Amazon CloudFront with the EC2 instances configured as the source.

OD. Use EC2 instances in the same edge location and the same AWS Region.
———————_—_—
———————— EE

Which AWS service or feature is used to send both text and email messages from distributed applications?

©A. Amazon Simple Notification Service (Amazon SNS)

OB. — Amazon Simple Email Service (Amazon SES)

OC. — Amazon CloudWatch alerts

OD. Amazon Simple Queue Service (Amazon SQS)

Acompany's project team needs to simultaneously mount a file system on multiple Amazon EC2 Linux instances. The file system also will be shared across multiple
Availability Zones.

Which AWS service will meet these requirements?

@A. Amazon Elastic File System (Amazon EFS)

OB. Amazon S3

OC. Amazon Elastic Block Store (Amazon EBS)

OD. Amazon FSx for Windows File Server

 a at a

A cloud practitioner is analyzing Amazon EC2 instance performance and usage to provide recommendations for potential cost savings.

Which cloud concept does this analysis demonstrate?

®A. Auto scaling

OB. Rightsizing

Oc. Load balancing

OD. High availability

Which of the following are shared controls that apply to both AWS and the customer, according to the AWS shared responsibility model? (Select TWO.)

OA. Resource configuration management

OB. Network data integrity

Cc. Employee awareness and training

D. Physical and environmental security

DE. Replacement and disposal of disk drives

Alarge company has a workload that requires hardware to remain on premises. The company wants to use the same management and control plane services that it
currently uses on AWS.

Which AWS service should the company use to meet these requirements?

OA. AWS Device Farm

OB. AWS Fargate

@©C. AWS Outposts

OD. AWS Ground Station

ES SSS

Which AWS service will help protect applications running on AWS from DDoS attacks?

OA. Amazon GuardDuty

OB. AWS WAF

@C. AWS Shield

OD. — Amazon Inspector

Sa are

Elasticity in the AWS Cloud refers to which of the following? (Select TWO.)

OA. How quickly an Amazon EC2 instance can be restarted

S&B. The ability to rightsize resources as demand shifts

Oc. The maximum amount of RAM an Amazon EC2 instance can use

OD. The pay-as-you-go billing model

GE. How easily resources can be procured when they are needed
Which AWS service or tool can be used to capture information about inbound and outbound traffic in an Amazon VPC?

©A. VPC Flow Logs

OB. — Amazon Inspector

OC. VPC endpoint services

OD. NAT gateway

Acompany needs to migrate all of its development teams to a cloud-based integrated development environment (IDE).

Which AWS service should the company use?

OA. AWS CodeBuild

OB. AWS Cloud9

Oc. AWS OpsWorks

©D. AWS Cloud Development Kit (AWS CDK)

——————_—>_[_—— es

Auser needs a dedicated private connection between a colocation facility and a VPC.

Which AWS service or feature should the user choose?

OA. AWS VPN

OB. AWS PrivateLink

@C. AWS Direct Connect

OD. AWS Client VPN

Accompany needs a content delivery network that provides secure delivery of data, videos, applications, and APIs to users globally with low latency and high transfer
speeds.

Which AWS service meets these requirements?

@A. Amazon CloudFront

OB. Elastic Load Balancing

OC. Amazon S3

OD. Amazon Elastic Transcoder

Accompany has been storing monthly reports in an Amazon S3 bucket. The company exports the report data into comma-separated values (.csv) files. A developer wants to
write a simple query that can read all of these files and generate a summary report.

Which AWS service or feature should the developer use to meet these requirements with the LEAST amount of operational overhead?

OA. Amazon S3 Select

OB. Amazon Athena

Oc. Amazon Redshift

©D. Amazon EC2

Acompany wants to track its AWS account's service costs. The company also wants to receive notifications when costs are forecasted to reach a specific level.

Which AWS service or tool provides this functionality?

@A. AWS Budgets

OB. AWS Cost Explorer

Oc. Savings Plans

OD. — AWS Billing Conductor

Acompany has multiple departments. The company must charge each department for its exact AWS Cloud usage, including data transfer costs.

How can the company determine these costs by department?

OA. Use one AWS account for each department.

OB. Use cost allocation tags on services that are used the most often.

@C. Use AWS Trusted Advisor.

OD. Use Savings Plans.

After selecting an Amazon EC2 Dedicated Host reservation, which pricing option would provide the largest discount?

OA. No upfront payment

OB. Hourly on-demand payment

OC. Partial upfront payment

@D. All upfront payment

a

An Availability Zone consists of:

@A. one or more data centers in a single location.

OB. two or more data centers in multiple locations.

OC. one or more physical hosts in a single data center.

OD. two or more physical hosts in multiple data centers.

Acompany wants to ensure that two Amazon EC2 instances are in separate data centers with minimal communication latency between the data centers.

How can the company meet this requirement?

OA. Place the EC2 instances in two separate AWS Regions connected with a VPC peering connection.

@B. Place the EC2 instances in two separate Availability Zones within the same AWS Region.

Oc. Place one EC2 instance on premises and the other in an AWS Region. Then connect them by using an AWS VPN connection.

OD. Place both EC2 instances in a placement group for dedicated bandwidth.
Which AWS Cloud benefit is shown by an architecture's ability to withstand failures with minimal downtime?

OA. Agility

OB. Elasticity

OC. Scalability

@D. High availability

re SS

Which AWS service is a key-value database that provides sub-millisecond latency on a large scale?

@A. Amazon DynamoDB

OB. — Amazon Aurora

OC. Amazon DocumentDB (with MongoDB compatibility)

OD. Amazon Neptune

Sa are

Which AWS service or feature can a company use to estimate AWS costs before provisioning workloads?

OA. AWS Pricing Calculator

OB. AWS Cost and Usage Report

@C. Cost Explorer

OD. AWS Budgets

Acompany needs to configure rules to identify threats and protect applications from malicious network access.

Which AWS service should the company use to meet these requirements?

©A. AWS Identity and Access Management (IAM)

OB. — Amazon QuickSight

Which actions are examples of a company's effort to rightsize its AWS resources to control cloud costs? (Select TWO.)

DA. Switch from Amazon RDS to Amazon DynamoDB to accommodate NoSQL datasets.

B. Base the selection of Amazon EC2 instance types on past utilization patterns.

Oc. Use Amazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers.

D. Use Multi-AZ deployments for Amazon RDS.

DE. Replace existing Amazon EC2 instances with AWS Elastic Beanstalk.
Accompany needs to continuously monitor its environment to analyze network and account activity and identify potential security threats.

Which AWS service should the company use to meet these requirements?

OA. AWS Artifact

©B. — Amazon Macie

OC. AWS Identity and Access Management (IAM)

@D. Amazon GuardDuty

Accompany needs to connect multiple VPCs and on-premises networks through a single network connection to the AWS Cloud.

Which solution meets this requirement?

OA. AWS Transit Gateway

OB. — AWS Direct Connect

@C. _~-VPC peering

©D. AWS Client VPN

Which AWS service has unlimited free use?

OA. Amazon SageMaker

OB. AWS Config

OC. AWS Organizations

@D. Amazon CloudWatch

Which design principle is achieved by following the reliability pillar of the AWS Well-Architected Framework?

OA. — Vertical scaling

OB. — Manual failure recovery

@C. _ Testing recovery procedures

OD. Changing infrastructure manually

Accompany does not want to rely on elaborate forecasting to determine its usage of compute resources. Instead, the company wants to pay only for the resources that it uses. The
company also needs the ability to increase or decrease its resource usage to meet business requirements.

Which pillar of the AWS Well-Architected Framework aligns with these requirements?

OA. Operational excellence

OB. Security

OC. Reliability

@D. Cost optimization

Accompany wants to migrate its on-premises data warehouse to AWS. The information in the data warehouse is used to populate analytics dashboards.

Which AWS service should the company use for the data warehouse?

OA. — Amazon ElastiCache

OB. — Amazon Aurora

Oc. Amazon RDS

@D. Amazon Redshift

Which of the following is a characteristic of the AWS account root user?

OA. The root user is the only user that can be configured with multi-factor authentication (MFA).

OB. The root user is the only user that can access the AWS Management Console.

@C. The root user is the first sign-in identity that is available when an AWS account is created.

OD. The root user has a password that cannot be changed.

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)

DA. Resource scalability

B. Performance efficiency

OC. — System elasticity

OD. — Agile development

E: Operational excellence
Which task is the responsibility of a company that is using Amazon RDS?

OA. Provision the underlying infrastructure.

@B. Create IAM policies to control administrative access to the service.

OC. Install the cables to connect the hardware for compute and storage.

OD. Install and patch the RDS operating system.

What is a characteristic of Convertible Reserved Instances (Ris)?

@A. Users can exchange Convertible Ris for other Convertible Ris from a different instance family.

OB. Users can exchange Convertible Ris for other Convertible Ris in different AWS Regions.

OC. Users can sell and buy Convertible Ris on the AWS Marketplace.

OD. Users can shorten the term of their Convertible Rls by merging them with other Convertible Ris.
What is an Availability Zone?

OA. A location where users can deploy compute, storage, database, and other select AWS services where no AWS Region currently exists

@B. One or more discrete data centers with redundant power, networking, and connectivity

OC. One or more clusters of servers where new workloads can be deployed

OD. A fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to users globally
Which services can be used to deploy applications on AWS? (Select TWO.)

OA. — AWS Elastic Beanstalk

B. AWS Config

Oc. AWS OpsWorks

OD. AWS Application Discovery Service

@E. Amazon Kinesis

Which AWS service or tool gives users the ability to set alerts that are sent when AWS Cloud costs exceed a certain amount?

@A. AWS Budgets

OB. AWS Cost and Usage Report

OC. AWS Cost Explorer

OD. — Amazon Inspector

A company is using AWS Lambda functions to build an application.

Which tasks are the company's responsibility, according to the AWS shared responsibility model? (Select TWO.)

DA. Patch the servers where the Lambda functions are deployed.

2B. Establish the [AM permissions that define who can run the Lambda functions.

Oc. Write the code for the Lambda functions to define the application logic.

4D. Deploy Amazon EC2 instances to support the Lambda functions.

DE. Scale out the Lambda functions when the load increases.
Accompany moves a workload to AWS to run on Amazon EC2 instances. The company needs to run the workload in the most cost-effective way.

What can the company do to meet this requirement?

OA. Use AWS Key Management Service (AWS KMS).

@B. Use multiple AWS accounts and consolidated billing.

OC. Use AWS CloudFormation to deploy the infrastructure.

OD. Rightsize all the EC2 instances that are used in the deployment.
Which AWS service or feature offers HTTP attack protection to users running public-facing web applications?

OA. Security groups

OB. Network ACLs

OC. AWS Shield Standard

@D. AWS WAF

Which AWS service or feature can a company use to apply security rules to a subnet for Amazon EC2 instances?

OA. AWS WAF

OB. — AWS Shield

Oc. — Network ACLs

@D. Security groups

Accompany plans to migrate its application to AWS and run the application on Amazon EC2 instances. The application will have continuous usage for 1 year.

Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?

OA. Reserved Instances

OB. Spot Instances

@C. On-Demand Instances

OD. Dedicated Hosts

Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?

OA. Agility
@B. Elasticity

OC. Reliability

OD. Durability
What can a user accomplish using AWS CloudTrail?

@A. Generate an JAM user credentials report.

OB. Record API calls made to AWS services.

OC. Assess the compliance of AWS resource configurations with policies and guidelines.

OD. Ensure that Amazon EC2 instances are patched with the latest security updates.
A company needs an AWS design solution for a distributed system. The system's components need to be set up so that one system component cannot negatively impact another
component.

Which AWS architectural best practice will meet this requirement?

OA. — Use request throttling

OB. Use a stateful service

Oc. Implement automatic data backups

@D. Implement loose coupling

Which AWS service can a company use to perform complex analytical queries?

OA. — Amazon RDS

OB. Amazon DynamoDB

@®C. — Amazon Redshift

OD. Amazon ElastiCache

Auser is able to set up a management payer account to view consolidated billing reports through:

OA. AWS Budgets.

©B. — Amazon Macie.

OC. — Amazon QuickSight.

@®D. AWS Organizations.

What is the total amount of storage offered by Amazon S3?

OA. 100 MB

OB. 5 GB

OC. 5 1B

@D. Unlimited
Which of the following is an AWS Well-Architected Framework design principle for operational excellence in the AWS Cloud?

OA. Go global in minutes.

@®B. ‘Make frequent, small, reversible changes.

OC. Implement a strong foundation of identity and access management.

OD. Stop spending money on hardware infrastructure for data center operations.
What is a benefit of using AWS serverless computing?

OA. Application deployment and management are not required.

OB. Application security will be fully managed by AWS.

OC. Monitoring and logging are not needed.

Management of infrastructure is offloaded to AWS.

 ee

Which AWS network services or features allow CIDR block notation when providing an IP address range? (Select TWO.)

BA. Security groups

OB. Amazon Machine Image (AMI)

C. Network access control list (network ACL)

OD. AWS Budgets

DE. Amazon Elastic Block Store (Amazon EBS)

Accompany wants to test mobile apps on a variety of popular mobile devices.

Which AWS service should the company use to achieve this goal?

OA. — AWS loT Core

OB. AWS Wavelength

@®C. AWS Device Farm

OD. AWS Direct Connect

Who enables encryption of data at rest for Amazon Elastic Block Store (Amazon EBS)?

OA. AWS Support

OB. AWScustomers

@C. AWS Key Management Service (AWS KMS)

OD. AWS Trusted Advisor

Which of the following are economic benefits of using the AWS Cloud? (Select TWO.)

QA. Consumption-based pricing

OB. Perpetual licenses

Mc. Economies of scale

OD. AWS Enterprise Support at no additional cost

DE. Bring-your-own-hardware model

A cloud engineer needs to track AWS costs. The cloud engineer also needs to receive event-driven alerts when costs exceed specific thresholds.

Which AWS tool provides this functionality?

@A. AWS Cost Explorer

OB. AWS Budgets

OC. Cost allocation tags

OD. AWS Cost and Usage Reports

Which AWS service provides the ability to host a NoSQL database in the AWS Cloud?

OA. — Amazon Aurora

@B. Amazon DynamoDB

Oc. Amazon RDS

OD. Amazon Redshift

Which Amazon Route 53 routing policy can a company use to route traffic to multiple resources in specified proportions?

@A. Weighted routing policy

OB. — Multivalue answer routing policy

OC. Failover routing policy

OD. Latency routing policy

Accompany stores configuration files in an Amazon S3 bucket. These configuration files must be accessed by applications that are running on Amazon EC2 instances.

According to AWS security best practices, how should the company grant permissions to allow the applications to access the S3 bucket?

OA. Use the AWS account root user access keys.

OB. Use the AWS access key ID and the EC2 secret access key.

@C. Use an IAM role with the necessary permissions.

OD. Activate multi-factor authentication (MFA) and versioning on the S3 bucket.

Accompany moves its infrastructure from on premises to the AWS Cloud. The company can now provision additional Amazon EC2 instances whenever the instances are required. With
this ability, the company can launch new marketing campaigns in 3 days instead of 3 weeks.

Which benefit of the AWS Cloud does this scenario demonstrate?

OA. Cost savings

OB. Improved operational resilience

@C. Increased business agility

OD. Enhanced security

Accompany wants to use a web browser to run, test, and debug AWS Lambda functions in an integrated development environment (IDE).

Which AWS service provides this functionality?

OA. AWS Cloudg

@®B. Amazon CodeGuru

OC. AWS CodeDeploy

OD. AWS CodeCommit

An application is running on multiple Amazon EC2 instances. The company wants to make the application highly available by configuring a load balancer with requests forwarded to the
EC2 instances based on URL paths.

Which AWS load balancer will meet these requirements and take the LEAST amount of effort to deploy?

@A. Network Load Balancer

OB. Application Load Balancer

OC. AWS OpsWorks Load Balancer

OD. Custom Load Balancer on Amazon EC2

Accompany is migrating an application that includes an Oracle database to AWS. The company cannot rewrite the application.

To which AWS service could the company migrate the database?

OA. — Amazon Athena

OB. — Amazon DynamoDB

@®C. AmazonRDS

©D. — Amazon DocumentDB (with MongoDB compatibility)

Which statement describes a characteristic of the AWS global infrastructure?

OA. Edge locations contain multiple AWS Regions.

OB. AWS Regions contain multiple Regional edge caches.

@C. Availability Zones contain multiple data centers.

OD. Each data center contains multiple edge locations.

Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Select TWO.)

QA. Patch AWS network devices.

OB. — Set user password rules.

Oc. Provide physical security for compute resources.

D. Configure security groups.

OE: Patch the operating system of an Amazon EC2 instance.

Accompany needs to establish a dedicated network connection from on premises to AWS. The connection must provide consistent, low-latency network performance.

Which AWS service should the company use to meet this requirement?

@A. AWS Direct Connect

OB. AWS Site-to-Site VPN

OC. — AWS Directory Service

OD. AWS Transit Gateway

Which benefit does Amazon Rekognition provide?

OA. The ability to place watermarks on images

@B. The ability to detect objects that appear in pictures

OC. The ability to resize millions of images automatically

OD. The ability to bid on object detection jobs

Accompany is using Amazon DynamoDB.

Which task is the company’s responsibility, according to the AWS shared responsibility model?

@A. Patch the operating system.

OB. Provision hosts.

OC. Manage database access permissions.

OD. Secure the operating system.

Which of the following is available to a company that has an AWS Business Support plan?

@A. AWS Support concierge

OB. — AWS DDoS Response Team (DRT)

Oc. — AWS technical account manager (TAM)

OD. AWS Health API

Which AWS feature or resource is a deployable Amazon EC2 instance template that is prepackaged with software and security requirements?

OA. Amazon Elastic Block Store (Amazon EBS) volume

@B. AWS CloudFormation template

OC. Amazon Elastic Block Store (Amazon EBS) snapshot

OD. — Amazon Machine Image (AMI)

A company needs to launch an Amazon EC2 instance.

Which of the following can the company use during the launch process to configure the root volume of the EC2 instance?

OA. Amazon EC2 Auto Scaling

@B. Amazon Data Lifecycle Manager (Amazon DLM)

OC. — Amazon Machine Image (AMI)

OD. Amazon Elastic Block Store (Amazon EBS) volume

An ecommerce application uses Java Message Service (JMS) messaging to communicate between its fulfillment center and the application after an order has been placed. The
company wants to migrate its messaging application to AWS. The company also wants to minimize the effort used to rewrite the messaging code.

Which AWS service will meet these requirements?

OA. Amazon Simple Notification Service (Amazon SNS)

@®B. Amazon Simple Email Service (Amazon SES)

OC. Amazon Pinpoint

OD. Amazon MQ
Which AWS service uses a combination of publishers and subscribers?

OA. AWS Lambda

@B. Amazon Simple Notification Service (Amazon SNS)

OC. Amazon CloudWatch

OD. AWS CloudFormation

Which of the following are characteristics of a serverless application that runs in the AWS Cloud? (Select TWO.)

DA. Users must manually configure Amazon EC2 instances.

OB. — _Users have a choice of operating systems.

Oc. The application has built-in fault tolerance.

D. Users can run Amazon EC2 Spot Instances.

E: The application can scale based on demand.

What is a benefit of moving to the AWS Cloud in terms of improving time to market?

OCA. — Decreased deployment speed

OB. __ Increased application security

@C. Increased business agility

©D. Increased backup capabilities

Accompany wants to deploy and manage a Docker-based application on AWS.

Which solution meets these requirements with the LEAST amount of operational overhead?

@A. An open-source Docker orchestrator on Amazon EC2 instances

OB. AWS AppSync

OC. Amazon Elastic Container Registry (Amazon ECR)

OD. Amazon Elastic Container Service (Amazon ECS)

Accompany wants to review its monthly costs of using Amazon EC2 and Amazon RDS for the past year.

Which AWS service or tool provides this information?

OA. — AWS Trusted Advisor

@B. Cost Explorer

Oc. — Amazon Forecast

OD. Amazon CloudWatch

Accompany has a workload that requires data to be collected, analyzed, and stored on premises. The company wants to extend the use of AWS services to run on premises with access
to the company network and the company's VPC.

Which AWS service meets this requirement?

OA. AWS Outposts

@B. AWS Storage Gateway

OC. — AWS Direct Connect

OD. AWS Snowball

Asecurity engineer wants a single-tenant AWS solution to create, control, and manage their own cryptographic keys to meet regulatory compliance requirements for data security.

Which AWS service should the engineer use?

OA. — AWS Key Management Service (AWS KMS)

OB. AWS Certificate Manager (ACM)

@®C. AWS CloudHSM

©D. — AWS Systems Manager

A retail company is migrating its IT infrastructure applications from on premises to the AWS Cloud.

Which costs will the company eliminate with this migration? (Select TWO.)

OA. — Cost of data center operations

OB. Cost of application licensing

Oc. Cost of marketing campaigns

D. Cost of physical server hardware

E. Cost of network management

Who is responsible for decommissioning end-of-life underlying storage devices that are used to host data on AWS?

OA. Customer

@B. AWS

OC. Account creator

OD. Auditing team

When a user wants to utilize their existing per-socket, per-core, or per-virtual machine software licenses for a Microsoft Windows server running on AWS, which Amazon EC2 instance
type is required?

OA. Spot Instances

OB. Dedicated Instances

@C. Dedicated Hosts

OD. Reserved Instances

Accompany wants to manage access and permissions for its third-party software as a service (SaaS) applications. The company wants to use a portal where end users can access
assigned AWS accounts and AWS Cloud applications.

Which AWS service should the company use to meet these requirements?

OA. Amazon Cognito

OB. — AWS IAM Identity Center (AWS Single Sign-On)

@C. AWS Identity and Access Management (IAM)

OD. AWS Directory Service for Microsoft Active Directory

Auser wants to identify any security group that is allowing unrestricted incoming SSH traffic.

Which AWS service can be used to accomplish this goal?

OA. Amazon Cognito

OB. AWS Shield

Oc. — Amazon Macie

@D. AWS Trusted Advisor

 ee

Accompany is developing an application that uses multiple AWS services. The application needs to use temporary, limited-privilege credentials for authentication with other AWS APIs.

Which AWS service or feature should the company use to meet these authentication requirements?

OA. Amazon API Gateway

OB. IAM users

@C. AWS Security Token Service (AWS STS)

OD. IAM instance profiles

Which AWS service Is a highly available and scalable DNS web service?

OA. Amazon VPC

OB. Amazon CloudFront

@C. Amazon Route 53

OD. Amazon Connect

Which of the following are advantages of the AWS Cloud? (Select TWO.)

DA. AWS manages all the security within the cloud.

2B. Expenses never change from month to month.

Oc. Users can stop spending money on the maintenance of data centers.

OD. Users do not need to deploy applications globally.

GE. Users can stop guessing about resource capacity.

Which AWS Cloud deployment model uses AWS Outposts as part of the application deployment infrastructure?

OA. On-premises

OB. Serverless

OC. — Cloud-native

@D. Hybrid
A company wants to continuously improve processes and procedures to deliver business value.

Which pillar of the AWS Well-Architected Framework does this goal represent?

OA. Performance efficiency

@B. Operational excellence

OC. Reliability

OD. Sustainability
Which AWS benefit enables users to deploy cloud infrastructure that consists of multiple geographic regions connected by a network with low latency, high throughput, and redundancy?

@A. Economies of scale

OB. Security

OC. Elasticity

OD. Global reach

Acompany has deployed its publicly accessible application in two different AWS Regions. The company has designated one Region as primary and the other Region as secondary for
disaster recovery purposes.

Which AWS service or resource can automatically divert all incoming application requests to the secondary Region?

OA. Application Load Balancer

OB. Amazon Route 53

Oc. AWS Direct Connect

OD. AWS VPN

A company does not want to rely on elaborate forecasting to determine its usage of compute resources. Instead, the company wants to pay only for the resources that it uses. The
company also needs the ability to increase or decrease its resource usage to meet business requirements.

Which pillar of the AWS Well-Architected Framework aligns with these requirements?

OA. Operational excellence

OB. Security

Oc. Reliability

@D. Cost optimization

An application is running on multiple Amazon EC2 instances. The company wants to make the application highly available by configuring a load balancer with requests forwarded to the
EC2 instances based on URL paths.

Which AWS load balancer will meet these requirements and take the LEAST amount of effort to deploy?

@A. Network Load Balancer

OB. Application Load Balancer

Oc. AWS OpsWorks Load Balancer

OD. Custom Load Balancer on Amazon EC2

Acompany is developing an application that the company will host on Amazon EC2 instances. The application must be available 24 hours a day, 7 days a week. The company needs a
scalable, highly available cloud architecture to support the application.

Which guidelines should the company apply in its design to meet these requirements? (Select TWO.)

A. Use EC2 Spot Instances.

OB. Use Multi-AZ deployments.

Oc. Use Auto Scaling groups

OD. Use AWS Backup.

GE. Use EC2 Reserved Instances.

Which of the following are characteristics of a serverless application that runs in the AWS Cloud? (Select TWO.)

DA. Users must manually configure Amazon EC2 instances.

OB. Users have a choice of operating systems.

Oc. The application has built-in fault tolerance.

GD. Users can run Amazon EC2 Spot Instances.

GE. The application can scale based on demand.

Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?

OA. Agility

OB. Elasticity

OC. Reliability

OD. Durability
Which AWS Support plans provide a complete set of AWS Trusted Advisor checks?

OA. AWS Business Support and AWS Basic Support

@B. AWS Enterprise Support and AWS Business Support

OC. AWSS Enterprise Support and AWS Developer Support

OD. AWS Business Support and AWS Developer Support

Acloud engineer wants to know the percentage of the allocated compute units that are in use for a specific Amazon EC2 instance.

Which AWS service can provide this information?

OA. AWS CloudTrail

OB. AWS Config

@C. Amazon CloudWatch

OD. AWS Artifact

Which design principle is achieved by following the reliability pillar of the AWS Well-Architected Framework?

OA. Vertical scaling

OB. Manual failure recovery

@C. Testing recovery procedures

OD. Changing infrastructure manually

An ecommerce company has Amazon EC2 instances running as web servers. There is a predictable pattem of peak traffic load that occurs two times each day, always at the same
time. The EC2 instances are idle for the remainder of the day.

What is the MOST cost-effective way fo manage these resources while maintaining fault tolerance?

@A. Use an Auto Scaling group to scale resources in and out based on demand.

OB. Purchase Reserved Instances to ensure peak capacity at all times.

Oc. Write a cron job to stop the EC2 instances when the traffic demand is low.

OD. Write a script to vertically scale the EC2 instances during peak traffic demand.
Which activity is a customer responsibility in the AWS Cloud according to the AWS shared responsibility model?

OA. Ensuring network connectivity from AWS to the internet

OB. Patching and fixing flaws within the AWS Cloud infrastructure

OC. Ensuring the physical security of cloud data centers

@D. Ensuring Amazon EBS volumes are backed up

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)

DA. Resource scalability

GB. Performance efficiency

Oc. System elasticity

OD. Agile development

GE. Operational excellence

Which activity can companies complete by using AWS Organizations?

OA. Troubleshoot the performance of applications.

OB. Manage service control policies (SCPs).

OC. Migrate applications to microservices.

@D. Monitor the performance of applications.

Which AWS service or feature can a company use to apply security rules to a subnet for Amazon EC2 instances?

OA. AWS WAF

OB. AWS Shield

OC. Network ACLs

@D. Security groups

What is a benefit of using AWS serverless computing?

OA. Application deployment and management are not required.

OB. Application security will be fully managed by AWS.

OC. Monitoring and logging are not needed.

@D. Management of infrastructure is offloaded to AWS.

Anewly created IAM user has no IAM policy attached.

What will happen when the user logs in and attempts to view the AWS resources in the account?

@A. All AWS services will be read-only access by default.

OB. Access to all AWS resources will be denied.

OC. Access to the AWS billing services will be allowed.

OD. Access to AWS resources will be allowed through the AWS CLI.
Acompany is exploring the use of the AWS Cloud, and needs to create a cost estimate for a project before the infrastructure is provisioned.

Which AWS service or feature can be used to estimate costs before deployment?

OA. AWS Free Tier

OB. AWS Pricing Calculator

OC. AWS Billing and Cost Management

OD. AWS Cost and Usage Report

Which of the following are advantages of the AWS Cloud? (Select TWO.)

DA. AWS manages all the security within the cloud.

GB. Expenses never change from month to month.

Oc. Users can stop spending money on the maintenance of data centers.

OD. Users do not need to deploy applications globally.

GE. Users can stop guessing about resource capacity.

Which AWS service or tool should a company use to centrally request and track service limit increases?

OA. AWS Config

OB. Service Quotas

OC. AWS Service Catalog

OD. AWS Budgets

Which AWS service provides inbound and outbound network ACLs to restrict connectivity to Amazon EC2 instances?

OA. AWSS Identity and Access Management (IAM)

OB. Amazon Connect

@C. Amazon VPC

OD. Amazon API Gateway

An auditor needs to find out whether a specific AWS service is compliant with specific compliance frameworks.

Which AWS service will provide this information?

OA. AWS Artifact

OB. AWS Trusted Advisor

@C. Amazon GuardDuty

OD. AWS Certificate Manager (ACM)

Which AWS service or tool helps to centrally manage billing and allow controlled access to resources across AWS accounts?

OA. AWSS Identity and Access Management (IAM)

OB. AWSS Organizations

OC. AWS Cost Explorer

OD. AWS Budgets

Which AWS service or feature captures information about the network traffic to and from an Amazon EC2 instance?

OA. VPC Reachability Analyzer

OB. Amazon Athena

@C. VPC Flow Logs

OD. AWS X-Ray

Which AWS benefit enables users to deploy cloud infrastructure that consists of multiple geographic regions connected by a network with low latency. high throughput, and redundancy?

@A. Economies of scale

OB. Security

OC. Elasticity

OD. Global reach

Accompany wants to troubleshoot and debug a serverless application that is deployed in the AWS Cloud.

Which AWS service should the company use to achieve this goal?

OA. AWS Config

OB. AWS CloudFormnation

Oc. AWS X-Ray

OD. AWS CloudTrail

Which AWS service could an administrator use to provide desktop environments for several employees?

OA. AWSS Organizations

OB. AWS Fargate

OC. AWS WAF

@D. AWS WorkSpaces

Accompany wants to use the AWS Cloud as an offsite backup location for its on-premises infrastructure.

Which AWS service will meet this requirement MOST cost-effectively?

OA. Amazon $3

OB. Amazon Elastic File System (Amazon EFS)

OC. Amazon FSx

@D. Amazon Elastic Block Store (Amazon EBS)

A company has a set of ecommerce applications. The applications need to be able to send messages to each other.

Which AWS service meets this requirement?

OA. AWS Auto Scaling

OB. Elastic Load Balancing

@C. Amazon Simple Queue Service (Amazon SQS)

OD. Amazon Kinesis Data Streams

Acompany's information security manager is supervising a move to AWS and wants to ensure that AWS best practices are followed. The manager has concerns about the potential
misuse of AWS account root user credentials.

Which of the following is an AWS best practice for using the AWS account root user credentials?

OA. Allow only the manager to use the account root user credentials for normal activities.

OB. Use the account root user credentials only for Amazon EC2 instances from the AWS Free Tier.

@C. Use the account root user credentials only when they alone must be used to perform a required function.

OD. Use the account root user credentials only for the creation of private VPC subnets.
Which AWS service provides the capability to view end-to-end performance metrics and troubleshoot distributed applications?

OA. AWS Cloud9

OB. AWS CodeStar

OC. AWS Cloud Map

@D. AWS X-Ray

Accompany wants to build a data analytics application that uses Amazon Redshift. The company needs a cost estimate for its future Amazon Redshift usage.

Which AWS tool will provide a high-level cost estimation?

OA. AWS Budgets

OB. AWS Pricing Calculator

@C. AWSS Cost Explorer

OD. Saving Plans

Accompany uses Linux-based workloads as compute resources. The company needs an AWS storage solution that can scale to petabytes on demand with no disruption to applications.

Which AWS service will meet these requirements?

OA. Amazon Elastic Block Store (Amazon EBS)

OB. Amazon $3

OC. AWS Snowball

@D. Amazon Elastic File System (Amazon EFS)

Acompany wants to establish a security layer in its VPC that will act as a firewall to control subnet traffic.

Which AWS service or feature will meet this requirement?

OA. Routing tables

OB. Network access control lists (network ACLs)

OC. Security groups

OD. Amazon GuardDuty

What is a benefit of moving to the AWS Cloud in terms of improving time to market?

OA. Decreased deployment speed

OB. Increased application security

@C. Increased business agility

OD. Increased backup capabilities

Which of the following are customer responsibilities under the AWS shared responsibility model? (Select TWO.)

DA. Physical security of AWS facilities

GB. Configuration of security groups

Gc. Encryption of customer data on AWS

OD. Management of AWS Lambda infrastructure

OE. Management of network throughput of each AWS Region

Which AWS services or resources can a company use directly on its on-premises servers? (Select TWO.)

DA. AWS OpsWorks

GB. AWS CloudFormation

Gc. AWS Storage Gateway

OD. Application Load Balancer

OE. Amazon Cognito

Which AWS service gives users the ability to run AWS services on premises?

OA. Amazon CloudFront

OB. AWS Ouiposts

OC. AWS Global Accelerator

OD. Amazon VPC

Which of the following are shared controls that apply to both AWS and the customer, according to the AWS shared responsibility model? (Select TWO.)

DA. Resource configuration management

OB. Network data inteanity

Gc. Employee awareness and training

GD. Physical and environmental security

OE. Replacement and disposal of disk drives

Which of the following is an AWS Well-Architected Framework design principle for operational excellence in the AWS Cloud?

OA. Go global in minutes.

OB. Make frequent, small, reversible changes.

OC. Implement a strong foundation of identity and access management.

OD. Stop spending money on hardware infrastructure for data center operations.
Which of the following is a method for building a highly available application on AWS?

OA. Place an independent copy of the application in two or more Availability Zones.

OB. Place codependent components of the application in two or more Availability Zones.

OC. Run one version of the application in one Availability Zone and run an earlier version of the application in a second Availability Zone.

@D. Deploy two copies of the application in a single Availability Zone.

A company needs an AWS design solution for a distributed system. The system's components need to be set up so that one system component cannot negatively impact another
component.

Which AWS architectural best practice will meet this requirement?

OA. Use request throttling

OB. Use a stateful service

Oc. Implement automatic data backups

@D. Implement loose coupling

Which duties are the responsibility of a company that is using AWS Lambda? (Select TWO.)

DA. Security inside of code

GB. Selection of CPU resources

Oc. Patching of operating system

GD. Writing and updating of code

OE. Security of underlying infrastructure

Which of the following are economic benefits of using the AWS Cloud? (Select TWO.)

GA. Consumption-based pricing

OB. Perpetual licenses

Gc. Economies of scale

OD. AWS Enterprise Support at no additional cost

OE. Bring-your-own-hardware model

A large retail company wants to use an AWS service to process clickstream data from the company’s ecommerce website. The company wants to collect and analyze the streaming
data in real time.

Which AWS service meets these requirements?

@A. Amazon Kinesis

OB. Amazon Athena

oc. Amazon CloudFront

OD. AWS Data Exchange

Which AWS service will help protect applications running on AWS from DDoS attacks?

OA. Amazon GuardDuty

OB. AWS WAF

@C. AWS Shield

OD. Amazon Inspector

Acompany is building a mobile app to provide shopping recommendations to its customers. The company wants to use a graph database as part of the shopping recommendation
engine.

Which AWS database service should the company choose?

OA. Amazon DynamoDB

OB. Amazon Aurora

@C. Amazon Neptune

OD. Amazon DocumentDB (with MongoDB compatibility)

Acompany needs to monitor compute usage and receive an email message notification every time an Amazon EC2 instance starts or stops.

Which AWS service should the company use to meet these requirements?

OA. Amazon EventBridge

OB. Amazon WorkMail

@C. Amazon Simple Email Service (Amazon SES)

OD. AWS Trusted Advisor

Accompany wants to continuously monitor its AWS accounts and workloads for malicious activity. The company also wants to receive detailed security findings for visibility and
remediation.

Which AWS service should the company use to meet these requirements?

@A. Amazon GuardDuty

OB. AWS Shield

Oc. AWS WAF

OD. AWS CloudTrail

Which AWS service provides automated backups of data by default?

OA. Amazon $3

OB. Amazon Aurora

OC. Amazon ElastiCache for Memcached

OD. Amazon Elastic File System (Amazon EFS)

Which AWS Support plan assigns an AWS concierge agent to a company's account?

OA. AWS Basic Support

OB. AWS Developer Support

OC. AWS Business Support

@D. AWS Enterprise Support

Accompany wants to run Amazon EC2 instances in locations that are near the company’s global users.

Which aspect of the AWS environment will support this requirement?

@A. Availability Zone

OB. Edge locations

Oc. AWS Regions

OD. Regional edge caches

Which AWS service can serve a static website?

@A. Amazon $3

OB. Amazon Route 53

OC. Amazon QuickSight

OD. AWS X-Ray

An application requires a database that offers consistent performance and latency that can be measured in single-digit milliseconds.

Which AWS service meets these requirements?

@A. Amazon DynamoDB

OB. Amazon RDS

OC. Amazon Redshift

OD. Amazon EMR

Accompany moves a workload to AWS to run on Amazon EC2 instances. The company needs to run the workload in the most cost-effective way.

What can the company do to meet this requirement?

OA. Use AWS Key Management Service (AWS KMS).

OB. Use multiple AWS accounts and consolidated billing.

OC. Use AWS CloudFormation to deploy the infrastructure.

OD. Rightsize all the EC2 instances that are used in the deployment.
A retail company is migrating its IT infrastructure applications from on premises to the AWS Cloud.

Which costs will the company eliminate with this migration? (Select TWO.)

OA. Cost of data center operations

OB. Cost of application licensing

OC. Cost of marketing campaigns

G&D. Cost of physical server hardware

GE. Cost of network management

Acompany is running applications on Amazon EC2 instances in the same AWS account for several different projects. The company wants to track the infrastructure costs for each of
the projects separately. The company must conduct this tracking with the least possible impact to the existing infrastructure and with no additional cost.

What should the company do to meet these requirements?

OA. Use a different EC2 instance type for each project.

OB. Publish project-specific custom Amazon CloudWatch metrics for each application.

Oc. Deploy EC2 instances for each project in a separate AWS account.

@D. Use cost allocation tags with values that are specific to each project.
Treating infrastructure as code in the AWS Cloud allows users to:

OA. automate migration of on-premises hardware to AWS data centers.

OB. let a third party automate an audit of the AWS infrastructure.

OC. turn over application code to AWS so it can run on the AWS infrastructure.

@D. automate the infrastructure provisioning process.

Acompany has two AWS accounts in an organization in AWS Organizations for consolidated billing. All of the company’s AWS resources are hosted in one AWS Region.

Account A has purchased five Amazon EC2 Standard Reserved Instances (RIs) and has four EC2 instances running. Account B has not purchased any Rls and also has four EC2
instances running.

Which statement is true regarding pricing for these eight instances?

OA. The eight instances will be charged as regular instances.

@B. Four instances will be charged as Ris, and four will be charged as regular instances.

oc. Five instances will be charged as Ris, and three will be charged as regular instances.

OD. The eight instances will be charged as Rls.

Acompany’s project team needs to simultaneously mount a file system on multiple Amazon EC2 Linux instances. The file system also will be shared across multiple Availability Zones.

Which AWS service will meet these requirements?

@A. Amazon Elastic File System (Amazon EFS)

OB. Amazon $3

OC. Amazon Elastic Block Store (Amazon EBS)

OD. Amazon FSx for Windows File Server

Which AWS service is used to track, record, and audit configuration changes made to AWS resources?

OA. AWS Shield

OB. AWS Config

OC. AWS IAM

OD. Amazon Inspector

Which AWS service gives users the ability to deploy highly repeatable infrastructure configurations?

@A. AWS CloudFornation

OB. AWS CodeDeploy

OC. AWS CodeBuild

OD. AWS Systems Manager

Which AWS services and features are provided to all customers at no charge? (Select TWO.)

DA. Amazon Aurora

GB. VPC

Oc. Amazon SageMaker

GD. AWS Identity and Access Management (IAM)

OE. Amazon Polly

How can an AWS user conduct security assessments of Amazon EC2 instances. NAT gateways, and Elastic Load Balancers in a way that is approved by AWS?

OA. Flood a target with requests.

OB. Use Amazon Inspector.

@C. Perform penetration testing.

OD. Use the AWS Service Health Dashboard.

Auser wants to transport data between AWS and an on-premises environment using a private network connection.

Which AWS service or feature can be used to meet these requirements?

OA. NAT gateway

OB. AWS Direct Connect

OC. Amazon VPC

OD. Internet gateway

Acompany runs thousands of simultaneous simulations using AWS Batch. Each simulation is stateless, is fault tolerant, and runs for up to 3 hours.

Which pricing model enables the company to optimize costs and meet these requirements?

@A. Reserved Instances

OB. Spot Instances

OC. On-Demand Instances

OD. Dedicated Instances

Elasticity in the AWS Cloud refers to which of the following? (Select TWO.)

DA. How quickly an Amazon EC2 instance can be restarted

GB. The ability to rightsize resources as demand shifts

Oc. The maximum amount of RAM an Amazon EC2 instance can use

OD. The pay-as-you-go billing model

GE. How easily resources can be procured when they are needed
Accompany needs a solution that can provide automated notifications and perform automated actions if the company’s monthly AWS costs exceed a specific threshold.

Which AWS service or tool provides this functionality?

OA. AWS Budgets

@©B. AWS Cost Explorer

OC. — AWS Trusted Advisor

OD. Amazon Inspector

Which of the following is a component of the AWS Global Infrastructure?

OA. Amazon Alexa

@B. AWS Regions

OC. Amazon Lightsail

OD. AWS Organizations

Which AWS service is suitable for an event-driven workload?

OA. Amazon EC2

OB. AWS Elastic Beanstalk

@C. AWS Lambda

OD. Amazon Lumberyard

A company has a business-critical Amazon RDS for MySQL DB instance that resides in a single Availability Zone.

Which solution will improve the availability of the DB instance?

OA. Convert the DB instance into a multi-Region deployment.

OB. Create an Amazon Simple Queue Service (Amazon SQS) queue in the same AWS Region to manage writes to the DB instance.

@C. Convert the DB instance into a Multi-AZ deployment.

OD. Create an Amazon Simple Queue Service (Amazon SQS) queue in a different AWS Region to manage writes to the DB instance.
Which AWS Cloud benefit is shown by an architecture's ability to withstand failures with minimal downtime?

OA. Agility

OB. Elasticity

OC. Scalability

@D. High availability

Accompany is building an application that requires the ability to send, store, and receive messages between application components. The company has another requirement
to process messages in first-in, first-out (FIFO) order.

Which AWS service should the company use?

OA. AWS Step Functions

OB. Amazon Simple Notification Service (Amazon SNS)

Oc. Amazon Kinesis Data Streams

@©D. Amazon Simple Queue Service (Amazon SQS)

 |
Which action will help increase security in the AWS Cloud?

OA. Enable programmatic access for all IAM users.

OB. Use IAM users instead of IAM roles to delegate permissions.

@C. Rotate access keys on a reoccurring basis.

OD. Use inline policies instead of customer managed policies.

Acompany is storing sensitive customer data in an Amazon S3 bucket. The company wants to protect the data from accidental deletion or overwriting.

Which S3 feature should the company use to meet these requirements?

OA. S3 Lifecycle rules

@B. $3 Versioning

OC. S3 bucket policies

OD. — S3 server-side encryption

According to the AWS shared responsibility model, the customer is responsible for applying the latest security updates and patches for which of the following?

OA. Amazon DynamoDB

OB. Amazon EC2 instances

Oc. Amazon RDS instances

©D. Amazon S3
Which AWS service or feature captures information about the network traffic to and from an Amazon EC2 instance?

OA. VPC Reachability Analyzer

OB. Amazon Athena

@C. VPC Flow Logs

OD. AWS X-Ray

Which AWS service helps users audit API activity across their AWS account?

@A. AWS CloudTrail

OB. Amazon Inspector

OC. AWS WAF

OD. AWS Config

Sa $$
Which of the following are security principles in the AWS Well-Architected Framework? (Select TWO.)

OA. Analyze and attribute expenditures.

B. Monitor, alert, and audit actions and changes to AWS resources.

Oc. Deploy globally in minutes.

D. Protect data in transit and at rest.

DE. Perform operations as code.

A company has a MySQL database running on a single Amazon EC2 instance. The company now requires higher availability in the event of an outage.

Which set of tasks would meet this requirement?

OA. Add an Application Load Balancer in front of the EC2 instance.

OB. Configure EC2 Auto Recovery to move the instance to another Availability Zone.

©C. Migrate to Amazon RDS and enable Multi-AZ.

OD. Enable termination protection for the EC2 instance to avoid outages.
a= ©

Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Select TWO.)

OA. Patch the Amazon EC2 guest operating system.

OB. Upgrade the firmware of the network infrastructure.

Oc. Apply password rotation for IAM users.

D. Maintain the physical security of edge locations.

GE. Maintain least privilege access to the root user account.

A ee ee
A developer wants AWS users to access AWS services by using temporary security credentials.

Which AWS service or feature should the developer use to provide these credentials?

OA. IAM policies

OB. IAM user groups

@C. AWS Security Token Service (AWS STS)

OD. AWS IAM Identity Center (AWS Single Sign-On)

Acompany needs to use standard SQL to query and combine exabytes of structured and semi-structured data across a data warehouse, operational database, and data
lake.

Which AWS service meets these requirements?

OA. Amazon DynamoDB

OB. Amazon Aurora

OC. Amazon Athena

©D. Amazon Redshift

After selecting an Amazon EC2 Dedicated Host reservation, which pricing option would provide the largest discount?

OA. No upfront payment

OB. Hourly on-demand payment

Oc. _ Partial upfront payment

©D. All upfront payment

Which statement is an AWS Cloud best practice that focuses on the elasticity and agility of cloud computing?

OA. Provision capacity based on past usage and theoretical peaks.

@B. Dynamically scale to meet usage demands.

Oc. Build the application and infrastructure in a data center that grants physical access.

OD. Break apart the application into loosely coupled components.

Which cloud computing advantage is a company applying when it uses AWS Regions to increase application availability to users in different countries?

OA. Pay-as-you-go pricing

OB. Capacity forecasting

Oc. Economies of scale

©D. Global reach

A company's on-premises application deployment cycle was 3-4 weeks. After migrating to the AWS Cloud, the company can deploy the application in 2-3 days.

Which benefit has this company experienced by moving to the AWS Cloud?

OA. Elasticity

OB. Flexibility

@C. Agility

OD. Resilience
 8

Accompany is building a serverless architecture that connects application data from multiple data sources. The company needs a solution that does not require additional
code.

Which AWS service meets these requirements?

@A. AWS Lambda

OB. Amazon Simple Queue Service (Amazon SQS)

OC. Amazon CloudWatch

OD. Amazon EventBridge

Management at a large company wants to avoid long-term contracts and is interested in AWS to move from fixed costs to variable costs.

What is the value proposition of AWS for this company?

OA. Economy of scale

@B. _ Pay-as-you-go pricing

Oc. Volume discounts

OD. Cost optimization

Acompany has multiple departments. The company must charge each department for its exact AWS Cloud usage, including data transfer costs.

How can the company determine these costs by department?

OA. Use one AWS account for each department.

@©B. — Use cost allocation tags on services that are used the most often.

Oc. Use AWS Trusted Advisor.

OD. Use Savings Plans.

A ee ee
A company wants to integrate its online shopping website with social media login credentials.

Which AWS service can the company use to make this integration?

OA. AWS Directory Service

OB. AWS Identity and Access Management (IAM)

@C. Amazon Cognito

OD. AWS IAM Identity Center (AWS Single Sign-On)

A en ee os
Which guideline is a well-architected design principle for building cloud applications?

OA. Keep static data closer to compute resources.

OB. Provision resources for peak capacity.

@C. Design for automated recovery from failure.

OD. Use tightly coupled components.

An application that is hosted on Amazon EC2 has a steady and consistent workload. The application will operate for at least 1 year.

What is the MOST cost-effective instance purchasing option to meet these requirements?

OA. Spot Instances

OB. Reserved Instances

@C. On-Demand Instances

OD. Dedicated Hosts

A.user needs to perform a one-time backup of an Amazon Elastic Block Store (Amazon EBS) volume that is attached to an Amazon EC2 instance.

What is the MOST operationally efficient way to perform this backup?

OA. Attach another EBS volume to the EC2 instance, and copy the contents.

OB. Copy the EBS volume to a server that is running outside AWS and is connected with AWS Direct Connect.

@©C. Create an EBS snapshot of the volume.

OD. Create a custom script to copy the EBS file contents to Amazon S3.
Which tool should a developer use to integrate AWS service features directly into an application?

@A. AWS Software Development Kit

OB. AWS CodeDeploy

Oc. AWS Lambda

OD. AWS Batch

Acompany with many remote global locations needs to upload 100 GB of data daily to its Amazon S3 data lake. The remote locations experience high latency uploading
data and need to find a solution to improve performance.

Which AWS service or feature will meet these requirements?

OA. AWS Snowball

OB. AWS Storage Gateway

@®C. AWS Database Migration Service (AWS DMS)

OD. S3 Transfer Acceleration

Which AWS service or feature can a company use to estimate AWS costs before provisioning workloads?

OA. AWS Pricing Calculator

OB. AWS Cost and Usage Report

@C. Cost Explorer

OD. AWS Budgets

seni —— Me EINES
A company needs to centralize the periodic backups that are being created for Amazon EC2 instances and an Amazon Elastic File System (Amazon EFS) file system.

Which AWS service will meet this requirement with MINIMAL operational effort?

OA. Amazon S3

OB. AWS Data Pipeline

OC: AWS Backup

@©D. AWS Storage Gateway

What is the security best practice concerning sensitive data stored in Amazon S3?

OA. Enable cross-Region replication on the S3 bucket.

@B. Enable S3 server-side encryption on the S3 bucket.

Oc. Configure AWS WAF to prevent unauthorized access to the S3 bucket.

OD. Configure Amazon GuardDuty to prevent unauthorized access to the S3 bucket.

Which actions are examples of a company's effort to rightsize its AWS resources to control cloud costs? (Select TWO.)

OA. Switch from Amazon RDS to Amazon DynamoDB to accommodate NoSQL datasets.

B. Base the selection of Amazon EC2 instance types on past utilization patterns.

OC. —UseAmazon S3 Lifecycle policies to move objects that users access infrequently to lower-cost storage tiers.

D. Use Multi-AZ deployments for Amazon RDS.

DE. Replace existing Amazon EC2 instances with AWS Elastic Beanstalk.
Acompany is deploying a mobile app on AWS. Thousands of users will access the app.

Which AWS service should the company use to create a directory to manage sign-in for the users?

OA. AWS Directory Service

OB. AWS IAM Identity Center (AWS Single Sign-On)

OC. Amazon Cognito

©D. AWS Identity and Access Management (IAM)

Which AWS services offer gateway VPC endpoints that can be used to avoid sending traffic over the internet? (Select TWO.)

QA. Amazon Simple Notification Service (Amazon SNS)

OB. Amazon Simple Queue Service (Amazon SQS)

Oc. AWS CodeBuild

D. Amazon S3

E. Amazon DynamoDB
Which AWS service or feature can a company use to determine which business unit is using specific AWS resources?

@A. Cost allocation tags

OB. Key pairs

Oc. Amazon Inspector

OD. AWS Trusted Advisor

Where can AWS users review answers to frequently asked questions about security in the AWS Cloud?

OA. AWS Trusted Advisor

OB. AWS Knowledge Center

@C. AWS Support Center

OD. AWS Artifact

Which AWS service provides domain registration, DNS routing, and service health checks?

OA. AWS Direct Connect

@B. Amazon Route 53

OC. Amazon CloudFront

OD. Amazon API Gateway

Which guidelines are key AWS architectural design principles? (Select TWO.)

DOA. Design for fixed resources.

GB. Build scalable architectures.

Oc. Use tightly coupled components.

@D. Use managed services when possible.

OE. Design for human interaction.

A en ee
Which AWS service provides inbound and outbound network ACLs to restrict connectivity to Amazon EC2 instances?

OA. AWS Identity and Access Management (IAM)

OB. Amazon Connect

©C. Amazon VPC

OD. Amazon API Gateway

A a
Which design principles are enabled by the AWS Cloud to improve the operation of workloads? (Select TWO.)

DOA. Minimize upfront design

B. Loose coupling

OC. Disposable resources

D. Server design and concurrency

DE. Minimal viable product

An ecommerce company is using Amazon EC2 Auto Scaling groups to manage a fleet of web servers running on Amazon EC2.

This architecture follows which AWS Well-Architected Framework best practice?

@A. Secure the workload

OB. Decouple infrastructure components

OC. Design for failure

OD. Think parallel

2fom edh ae me
A company provides Amazon WorkSpaces to its remote employees. The company wants to prevent employees from using their virtual desktops to visit specific websites
that are known to be malicious.

Which AWS service should the company use to meet this requirement?

OA. AWS Shield Advanced

OB. Amazon Route 53

OC. Amazon GuardDuty

©D. AWS Network Firewall

AU a
Which AWS service should a company use to provision, manage, and deploy SSL/TLS certificates?

OA. AWS Secrets Manager

OB. Amazon Inspector

Oc. AWS CodeDeploy

@D. AWS Certificate Manager (ACM)

A company is migrating a relational database server to the AWS Cloud. The company wants to minimize administrative overhead of database maintenance tasks.

Which AWS service will meet these requirements?

OA. Amazon DynamoDB

OB. Amazon EC2

Oc. Amazon Redshift

©D. Amazon RDS

2fom edh ———— me
A company needs to evaluate its AWS environment and provide best practice recommendations in five categories: cost, performance, service limits, fault tolerance, and
security.

Which AWS service can the company use to meet these requirements?

OA. AWS Shield

OB. AWS WAF

@C. AWS Trusted Advisor

OD. AWS Service Catalog

A company is preparing to launch a new web store that is expected to receive high traffic for an upcoming event. The web store runs only on AWS, and the company has an
AWS Enterprise Support plan.

Which AWS resource will provide guidance about how the company should scale its architecture and operational support during the event?

OA. AWS Abuse team

OB. The designated AWS technical account manager (TAM)

@®C. AWS infrastructure event management

OD. AWS Professional Services

Which component of the AWS global infrastructure does Amazon CloudFront use to speed up the delivery of content to users across the world?

OA. Amazon VPC

OB. Edge location

@C. Local Zone

OD. AWS Outposts connection

Which cloud computing benefit does AWS demonstrate with its ability to offer lower variable costs as a result of high purchase volumes?

OA. Pay-as-you-go pricing

OB. High availability

Oc. Global reach

©D. Economies of scale

Acompany wants to quickly implement a continuous integration/continuous delivery (CI/CD) pipeline.

Which AWS service will meet this requirement?

OA. AWS Config

@B. Amazon Cognito

OC: AWS DataSync

OD. AWS CodeStar

ee arrnicas
Which of the following is an AWS best practice for managing an AWS account root user?

OA. Keep the root user password with the security team.

@B. Enable multi-factor authentication (MFA) for the root user.

Oc. Create an access key for the root user.

OD. Keep the root user password consistent for compliance purposes.
 Seas —<— me ee
A company needs to implement an AWS data warehouse solution that can manage petabytes of data. Areporting application will perform online analytic processing (OLAP)
queries on the data.

Which AWS service should the company use to meet these requirements?

OA. — Amazon Elastic File System (Amazon EFS)

OB. Amazon Redshift

OC: Amazon RDS for MySQL

OD. Amazon DynamoDB

A company would like to host its MySQL databases on AWS and maintain full control over the operating system, database installation, and configuration.

Which AWS service should the company use to host the databases?

@A. Amazon RDS

OB. Amazon EC2

OC: Amazon DynamoDB

OD. Amazon Aurora

Which AWS service gives users the ability to deploy highly repeatable infrastructure configurations?

@A. AWS CloudFormation

OB. AWS CodeDeploy

Oc. AWS CodeBuild

OD. AWS Systems Manager

Which AWS service gives users the ability to build interactive business intelligence dashboards that include machine learning insights?

OA. Amazon Athena

OB. Amazon Kendra

@©C. Amazon QuickSight

OD. Amazon Redshift

Which AWS design principle emphasizes the reduction of interdependencies between components of an application?

OA. Scalability

@B. Loose coupling

OC. Automation

OD. Caching
Which of the following is one of the pillars of the AWS Well-Architected Framework?

OA. Efficiency and redundancy

OB. High availability

@C. Operational excellence

OD. Business optimization

Sa
A cloud engineer needs to download AWS security and compliance documents for an upcoming audit.

Which AWS service can provide the documents?

OA. AWS Trusted Advisor

OB. AWS Artifact

OC. — AWS Well-Architected Tool

OD. AWS Systems Manager

Accompany acquired another corporation. The company now has two AWS accounts.

Which AWS service or tool can the company use to consolidate the billing for these two accounts?

OA. AWS Systems Manager

@©B. AWS Organizations

OC. — AWS License Manager

OD. Cost Explorer

Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co-location
environments, or on-premises facilities?

OA. AWS Snowmobile

OB. AWS Local Zones

@©C. AWS Outposts

OD. AWS Fargate

A company is using Amazon EC2 instances.

Which tasks are the company's responsibility, according to the AWS shared responsibility model? (Select TWO.)

DA. Choose the initial root password of new Linux instances.

B. Identify which users can access the EC2 instances, and manage their permissions in the operating system.

Oc. Apply the updates of the hypervisor where the EC2 instances are running.

OD. Choose between a Wi-Fi connection and an Ethernet connection for the global internet access.

E: Identify and manage the users who are allowed to create or delete EC2 instances.
A company wants to continuously improve processes and procedures to deliver business value.

Which pillar of the AWS Well-Architected Framework does this goal represent?

OA. Performance efficiency

@©B. _—_ Operational excellence

Oc. _ Reliability

OD. Sustainability
A company needs to store data across multiple Availability Zones in an AWS Region. The data will not be accessed regularly but must be immediately retrievable.

Which Amazon Elastic File System (Amazon EFS) storage class meets these requirements MOST cost-effectively?

OA. EFS Standard

@B. EFS Standard-Infrequent Access (EFS Standard-lA)

Oc. EFS One Zone

OD. EFS One Zone-Infrequent Access (EFS One Zone-lA)

A company wants to build an application that uses AWS Lambda to run Python code.

Under the AWS shared responsibility model, which tasks will be the company's responsibility? (Select TWO.)
OA. Management of the underlying infrastructure.

OB. Management of the operating system.

C: Writing the business logic code.

OD. __ Installation of the computer language runtime.

GE. Providing AWS Identity and Access Management (IAM) access to the Lambda service.

>
Which of the following is an architectural design principle of the AWS Well-Architected Framework?

@®A. Loosely couple components

OB. Build monolithic systems

oc. Scale vertically, not horizontally

OD. Use third-party software

Acompany wants to use the AWS Cloud to define its entire infrastructure as code. The company wants to limit human error and activate consistent responses to events.

Which pillar of the AWS Well-Architected Framework does this plan support?

OA. Security

@B. Operational excellence

oc. Cost optimization

OD. Reliability
Which AWS benefit is demonstrated by on-demand technology services that enable companies to replace upfront fixed expenses with variable expenses?

OA. High availability

OB. Economies of scale

@Cc. Pay-as-you-go pricing

OD. Global reach

Acompany wants to set AWS spending targets and track costs against those targets.

Which AWS tool or feature should the company use to meet these requirements?

@A. AWS Cost Explorer

OB. AWS Budgets

OC. — AWS Cost and Usage Report

OD. Savings Plans

Using Amazon Elastic Container Service (Amazon ECS) to break down a monolithic architecture into microservices is an example of:

@A. a loosely coupled architecture.

OB. a tightly coupled architecture.

oc. a stateless architecture.

OD. a stateful architecture.

Which fully managed AWS service assists with the creation, testing, and management of custom Amazon EC2 images?

@A. EC2 Image Builder

OB. Amazon Machine Image (AMI)

oc. AWS Launch Wizard

OD. AWS Elastic Beanstalk

Which of the following is a cloud benefit that AWS offers to its users?

OA. The ability to configure AWS data center hypervisors

OB. The ability to purchase hardware in advance of increased traffic

@C. The ability to deploy to AWS on a global scale

OD. Compliance audits for user IT environments

Which AWS service should a cloud engineer use to view API calls to AWS services?

OA. — Amazon CloudWatch

@B. AWS CloudTrail

OC. AWS Config

OD. AWS Artifact

Acompany wants to centrally manage security policies and billing services within a multi-account AWS environment.

Which AWS service should the company use to meet these requirements?

@A. AWS Identity and Access Management (IAM)

OB. AWS Organizations

oc. AWS Resource Access Manager (AWS RAM)

OD. AWS Config

How does the AWS Cloud help companies build agility into their processes and cloud infrastructure?

OA. Companies can avoid provisioning too much capacity when they do not know how much capacity is required.

OB. Companies can expand into new geographic regions.

oc. Companies can access a range of technologies to experiment and innovate quickly.

@D. Companies can pay for IT resources only when they use the resources.
Which of the following is an AWS value proposition that describes a user's ability to scale infrastructure based on demand?

OA. Speed of innovation

@B. Resource elasticity

oc. Decoupled architecture

OD. Global deployment

Which of the following are design principles for reliability in the AWS Cloud? (Select TWO.)

QA. Build architectures with tightly coupled resources.

@B. Use AWS Trusted Advisor to meet security best practices.

Oc. Use automation to recover immediately from failure.

OD. Rightsize Amazon EC2 instances to ensure optimal performance.

DE. Simulate failures to test recovery processes.

Acompany has migrated its workload to AWS. The company wants to forecast the workload's costs for each quarter for the next year.

Which AWS service or tool provides this functionality?

@A. AWS Organizations

OB. AWS Budgets

oc. AWS Cost Explorer

©D. — AWS Cost and Usage Report

Which of the following is included within the security pillar of the AWS Well-Architected Framework?

@A. Identity federation

OB. Data protection

oc. Incident reporting

OD. Disaster recovery

When designing AWS workloads to be operational even when there are component failures, what is an AWS best practice?

OA. Perform quarterly disaster recovery tests.

OB. Place the main component on the us-east-1 Region.

@Cc. Design for automatic failover to healthy resources.

OD. Design workloads to fit on a single Amazon EC2 instance.

A company wants to host its relational databases on AWS. The databases have predefined schemas that the company needs to replicate on AWS.

Which AWS services could the company use for the databases? (Select TWO.)

OA. — Amazon Aurora

B. Amazon RDS

C. Amazon DocumentDB (with MongoDB compatibility)

OD. Amazon Neptune

DE. Amazon DynamoDB

An ecommerce company has migrated its IT infrastructure from an on-premises data center to the AWS Cloud.

Which cost is the company's direct responsibility?

@A. Cost of application software licenses

OB. — Cost of the hardware infrastructure on AWS

oc. Cost of power for the AWS servers

OD. Cost of physical security for the AWS data center

Which of the following is a recommended design principle of the AWS Well-Architected Framework?

@A. Reduce downtime by making infrastructure changes infrequently and in large increments.

OB. Invest the time to configure infrastructure manually.

oc, Learn to improve from operational failures.

OD. Use monolithic application design for centralization.

Which statements represent the cost-effectiveness of the AWS Cloud? (Select TWO.)

QA. Users can trade fixed expenses for variable expenses.

OB. Users can deploy all over the world in minutes.

Oc. AWS offers increased speed and agility.

OD. AWS is responsible for patching the infrastructure.

QE. Users benefit from economies of scale.

2————SasasasasaaasasasassasasasasaaeaeeaeaeeSSSSaajgaL

Acompany needs to identify its underutilized Amazon Elastic Block Store (Amazon EBS) volumes.
Which AWS service should the company use to meet this requirement?

OA. Amazon Inspector

@©B. AWS Trusted Advisor

Oc. AWS Config

OD. AWS CloudTrail

e eeaeaeaeaeaeaeaeaeaeaeaeaeanasSeaqqqgxu

Which AWS service provides recommendations to help users optimize costs and follow AWS best practices?

@A. AWS Trusted Advisor

OB. AWS Service Catalog

OC. — AWS Ground Station

OD. — Amazon GuardDuty

SS

Acompany needs to graphically visualize costs that it has incurred in its AWS account.

Which AWS service or tool provides this capability?

OA. AWS Pricing Calculator

@B. Cost Explorer

Oc. AWS Budgets

OD. — Amazon Cognito

Which AWS service, feature, or tool should a company use to share volume pricing discounts when the company has multiple accounts?

OA. — Amazon QuickSight

@®B. _ Consolidated billing

Oc. — AWS Cost Explorer

OD. — AWS Budgets

e eeaeaeaeaeaeaeaeaeaeaeaeaeanasSeaqqqgxu

Which pricing model will interrupt a running Amazon EC2 instance if capacity becomes temporarily unavailable?

OA. On-Demand Instances

OB. Standard Reserved Instances

@C. Spot Instances

OD. Convertible Reserved Instances

2————SasasasasaaasasasassasasasasaaeaeeaeaeeSSSSaajgaL

A company has a stateless application that can handle interruptions. The application must be available all day and night. Traffic increases heavily during business hours.

Which instance types for base and peak traffic are MOST cost-efficient to meet these requirements?

OA. Reserved Instances for both the base and peak traffic

OB. Reserved Instances for base traffic and Spot Instances for peak traffic using an Amazon EC2 Fleet

OC. On-Demand Instances for base traffic and On-Demand Instances with auto scaling for peak traffic

@D. On-Demand Instances for base traffic and Spot Instances for peak traffic using an Amazon EC2 Fleet
Acompany wants to run its workload on Amazon EC2 instances for more than 1 year. This workload will run continuously.

Which option offers a discounted hourly rate compared to the hourly rate of On-Demand Instances?

OA. AWS Graviton processor

OB. Dedicated Hosts

@C. —_EC2 Instance Savings Plans

OD. Amazon EC2 Auto Scaling instances

2————SasasasasaaasasasassasasasasaaeaeeaeaeeSSSSaajgaL

Which AWS service stores graph data in the form of vertices and edges?

@A. Amazon DynamoDB

OB. Amazon RDS

OC. Amazon Quantum Ledger Database (Amazon QLDB)

OD. Amazon Neptune

If a user has an AWS account with an Enterprise-level AWS Support plan, who is the primary point of contact for billing or account inquiries?

OA. Solutions architect

@B. AWS Concierge Support team

Oc. — AnAWS Marketplace seller

OD. _ AWS Partner Network (APN) partner

Acompany is designing an identity access management solution for an application. The company wants users to be able to use their social media, email, or online shopping accounts
to access the application.

Which AWS service provides this functionality?

OA. AWS IAM Identity Center (AWS Single Sign-On)

OB. AWS Config

@©C. ~~ Amazon Cognito

OD. AWS Identity and Access Management (IAM)

Which AWS service is a cloud security posture management (CSPM) service that aggregates alerts from various AWS services and partner products in a standardized format?

@A. AWS Security Hub

OB. AWS Trusted Advisor

Oc. — Amazon EventBridge

OD. — Amazon GuardDuty

e eeaeaeaeaeaeaeaeaeaeaeaeaeanasSeaqqqgxu

Service control policies (SCPs) manage permissions for which of the following?

OA. _ Availability Zones

OB. AWS Regions

@C. AWS Organizations

OD. Edge locations

Which of the following services is a fully managed AWS service that a company's employees can use to access applications through a virtual interface?

OA. ~~ Amazon EC2

OB. AWS Elastic Beanstalk

@C. Amazon AppStream 2.0

OD. AWS Lambda

Acompany needs a managed NFS file system that the company can use with its AWS compute resources.

Which AWS service or feature will meet these requirements?

OA. Amazon Elastic Block Store (Amazon EBS)

OB. AWS Storage Gateway Tape Gateway

Oc. Amazon S3 Glacier Flexible Retrieval

@©D. Amazon Elastic File System (Amazon EFS)

po cc a

Accompany needs to perform an audit of recent AWS account activity. The audit will investigate who initiated an event and what actions were performed.

Which AWS service should the company use to meet these requirements?

OA. AWS Config

OB. Amazon Rekognition

@C. AWS CloudTrail

OD. Amazon Simple Notification Service (Amazon SNS)

po wT

Acompany is building a new application on AWS. The company needs the application to remain available if an individual application component fails.

Which design principle should the company use to meet this requirement?

OA. Disposable resources

OB. Automation

OC. Rightsizing

©D. Loose coupling

A company wants to use machine learning to identify suspicious activities in its AWS account.

Which AWS service provides this functionality?

OA. AWS Shield

OB. Amazon Macie

@©C. Amazon Detective

OD. AWS WAF

Accompany is building an application that will receive millions of database queries each second. The company needs the data store for the application to scale to meet
these needs.

Which AWS service will meet this requirement?

OA. Amazon DynamoDB

@B. AWS Cloud9

Oc. Amazon ElastiCache for Memcached

OD. Amazon Neptune

 a wT

Which AWS solution gives companies the ability to use protocols such as NFS to store and retrieve objects in Amazon S3?

OA. Amazon FSx for Lustre

OB. AWS Storage Gateway volume gateway

@®C. AWS Storage Gateway file gateway

OD. Amazon Elastic File System (Amazon EFS)

je

Which AWS service gives users the ability to provision a dedicated and private network connection from their internal network to AWS?

OA. AWS CloudHSM

@B. AWS Direct Connect

OC. AWS VPN

OD. Amazon Connect

Accompany is building AWS architecture to deliver real-time data feeds from an on-premises data center into an application that runs on AWS. The company needs a
consistent network connection with minimal latency.

What should the company use to connect the application and the data center to meet these requirements?

@A. AWS Direct Connect

OB. Public internet

OC. AWS VPN

OD. Amazon Connect

Which AWS service gives users the ability to download compliance reports from third-party auditors?

OA. AWS Lambda

OB. AWS Trusted Advisor

@C. AWS Artifact

OD. — AWS Audit Manager

A company has legacy on-premises applications that have latency-sensitive dependencies. The company wants to use AWS services
without affecting latency between application components.

Which AWS service or feature meets these requirements?

OA. AWS Wavelength

OB. AWS Local Zones

@C. AWS Outposts

OD. Availability Zones

Which tasks are the responsibility of AWS, according to the AWS shared responsibility model? (Select TWO.)

OA. Patch the Amazon EC2 guest operating system.

B. Upgrade the firmware of the network infrastructure.

OG. Apply password rotation for IAM users.

D. Maintain the physical security of edge locations.

JE; Maintain least privilege access to the root user account.

Acompany needs to run a workload that requires low-latency access to an on-premises data center. The company wants a fully
managed service to extend its existing VPC to local resources.

Which AWS service or resource should the company use?

OA. AWS Outposts

@B. Amazon Connect

OC. AWS Snowball Edge

OD. Amazon WorkLink

Which of the following will help a user determine if they need to request a VPC service limit increase?

@A. AWS Personal Health Dashboard

OB. AWS Trusted Advisor

OG, AWS Cost and Usage Report

OD. AWS Service Catalog

Which AWS service provides command line access to AWS tools and resources directly from a web browser?

OA. AWS CloudHSM

@®B. AWS CloudShell

OG, Amazon WorkSpaces

OD. AWS Cloud Map

a

Which AWS service or feature can a company use to apply security rules to a subnet for Amazon EC2 instances?

OA. AWS WAF

OB. AWS Shield

@C. Network ACLs

OD. Security groups

Which component of the AWS global infrastructure provides low-latency access to content in multiple geographic areas by storing copies
of data close to end users?

OA. AWS Regions

OB. Availability Zones

@C. Local Zones

OD. Edge locations

Which of the following are characteristics of AWS Regions and Availability Zones? (Select TWO.)

OA. Regions bring AWS services to on-premises facilities.

B. Regions consist of multiple Availability Zones.

OG, An Availability Zone contains several Regions.

OD. Regions are within 100 km (60 miles) of each other.

E. Regions are located around the world.

Acompany wants to migrate its Microsoft SQL Server database management system from on premises to the AWS Cloud.

Which AWS service should the company use to reduce management overhead for this environment?

OA. Amazon Elastic Container Service (Amazon ECS)

OB. Amazon SageMaker

@C. Amazon RDS

OD. Amazon Athena

Which AWS service gives a company the ability to use a private, dedicated connection between a VPC and an on-premises data center?

@A. AWS Direct Connect

OB. Amazon API Gateway

OC. AWS Systems Manager

OD. AWS CloudFormation

Which AWS services or features provide disaster recovery solutions for Amazon EC2 instances? (Select TWO.)

A. EC2 Reserved Instances

B. EC2 Amazon Machine Images (AMIs)

OC. Amazon Elastic Block Store (Amazon EBS) snapshots

QOD. AWS Shield

JE; Amazon GuardDuty

Accompany wants an in-memory data store that is compatible with open source in the cloud.

Which AWS service should the company use?

OA. Amazon DynamoDB

@B. Amazon ElastiCache

Oc. Amazon Elastic Block Store (Amazon EBS)

OD. Amazon Redshift

Acompany is building a business intelligence solution using Amazon Redshift. The company wants to use an AWS service to create
interactive dashboards and not pay any upfront costs for it.

Which service should the company use?

OA. Amazon CloudWatch

OB. AWS Personal Health Dashboard

Oc. AWS Service Catalog

@D. Amazon QuickSight

Acompany is building a business intelligence solution using Amazon Redshift. The company wants to use an AWS service to create
interactive dashboards and not pay any upfront costs for it.

Which service should the company use?

OA. Amazon CloudWatch

OB. AWS Personal Health Dashboard

Oc. AWS Service Catalog

@D. Amazon QuickSight

Which AWS service provides a scalable data warehouse solution?

OA. Amazon S3

OB. Amazon DynamoDB

OG, Amazon Kinesis Data Streams

@D. Amazon Redshift

A developer needs to use a standardized template to create copies of a company's AWS architecture for development, test, and
production environments.

Which AWS service should the developer use to meet this requirement?

OA. AWS Cloud Map

@B. AWS CloudFormation

OC. Amazon CloudFront

OD. AWS CloudTrail

A company is launching a new application in the AWS Cloud. The application will run on an Amazon EC2 instance. More EC2 instances
will be needed when the workload increases.

Which AWS service or tool can the company use to launch the number of EC2 instances that will be needed to handle the workload?

OA. Elastic Load Balancing

@B. Amazon EC2 Auto Scaling

OC. AWS App2Container (A2C)

OD. AWS Systems Manager

Accompany runs an application in the AWS Cloud. The levels of traffic to the application vary throughout the week. The company wants
to increase the reliability of its application at all times, even during times of high traffic.

Which combination of steps will meet this requirement? (Select TWO.)

A. Test recovery procedures.

OB. Purchase instances weekly based on the previous week's high traffic points.

OC. Handle software failures automatically.

D. Scale the application vertically.

OE. Make all changes in the environment manually.

Acompany provides Amazon WorkSpaces to its remote employees. The company wants to prevent employees from using their virtual
desktops to visit specific websites that are known to be malicious.

Which AWS service should the company use to meet this requirement?

@A. AWS Shield Advanced

OB. Amazon Route 53

OC. Amazon GuardDuty

OD. AWS Network Firewall

A company wants to design a reliable web application that is hosted on Amazon EC2.

Which approach will achieve this goal?

OA. Launch large EC2 instances in the same Availability Zone.

OB. Spread EC2 instances across more than one security group.

@C. Spread EC2 instances across more than one Availability Zone.

OD. Use an Amazon Machine Image (AMI) from AWS Marketplace.

A company needs to request temporary, limited-privilege credentials for [AM users and for the federated users that the company authenticates.

Which AWS service will provide these credentials?

A Amazon GuardDuty

oB AWS Key Management Service (AWS KMS)

®@Cc. AWS Security Token Service (AWS STS)

D. AWS Identity and Access Management Access Analyzer

A company wants to protect resources that the company hosts on AWS, including Application Load Balancers and Amazon CloudFront distributions. The company wants an AWS service that can provide near
real-time visibility into attacks on the company's resources. The service must also have a dedicated AWS team to assist with distributed denial of service (DDoS) attacks.

Which AWS service will meet these requirements?

A AWS WAF

AWS Shield Standard

©
@

Amazon Macie
92

AWS Shield Advanced

9
A company wants to use Amazon EC2 instances to run a stateless and restartable process after business hours.

Which instance purchasing option will meet these requirements MOST cost-effectively?

A Spot Instances

®B Reserved Instances

C. Dedicated Hosts

D. On-Demand Instances
A company recently migrated to the AWS Cloud. The company needs to determine whether its newly imported Amazon EC2 instances are the appropriate size and type.

Which AWS services can provide this information to the company? (Select TWO.)

A. AWS Auto Rcaling

1B. AWS Control Tower

Cc AWS Trusted Advisor

D. AWS Compute Optimizer

Es Amazon Forecast
Which action should a company take to improve security in its AWS account?

OA Require multi-factor authentication (MFA) for privileged users.

B Remove the root user account.

OC, Create an access key for the AWS account root user.

D. Create an access key for each privileged user.

A company is reviewing its operating policies.

Which policy complies with guidance in the security pillar of the AWS Well-Architected Framework?

@A Ensure that employees have access to all company data.

2B Expand employees’ permissions as they gain more experience,

Grant all privileges and access to all users.

Oo

D. Apply security requirements at all layers of a process.

Which of the following is a benefit of decoupling an AWS Cloud architecture?

A Reduced latency

®B Ability to upgrade components independently

IC. Decreased costs

D. Fewer components to manage

Which AWS service automates the building, testing, and deployment of user software?

OA AWS CodePipeline

B AWS CodeCommit

IC. AWS CodeBuild

D. AWS CodeArtifact
Which AWS service or tool can a company use to view the status of AWS services and receive personalized communications about an AWS account or organization?

®A AWS Health Dashboard

B Amazon Inspector

aC, AWS Systems Manager

D. Amazon CloudWaitch
A company has multiple AWS accounts. The company needs to simplify and consolidate its billing process.

Which AWS service or tool will meet these requirements?

A AWS Cost and Usage Report

©B AWS Organizations

C. Cost Explorer

D. AWS Budgets
r —= —OO EE Eee

Which AWS service or tool inspects a user's AWS environment and makes recommendations for cost savings and system performance improvements?

OA. Cost Explorer

@B. AWS Trusted Advisor

Oc. — Amazon Inspector

OD. AWS Budgets

NS —<—= ——
OO EE EEE

Which architecture design principle describes the need to isolate failures between dependent components in the AWS Cloud?

OA. Use a monolithic design.

OB. Design for automation.

Oc. Design for single points of failure.

®D. Loosely couple components.

A —<—=

Which of the following is a benefit of using an AWS managed service?

OA. Reduced operational overhead for a company's IT staff

@B. Increased fixed costs that can be predicted by a finance team

Oc. Removal of the need to have a backup strategy

OD. Removal of the need to follow compliance standards

A —<—<—<—=

Which of the following is a design principle of the reliability pillar of the AWS Well-Architected Framework?

OA. Scale globally in minutes.

OB. — Adopt a consumption model.

@C. Automatically recover from failure.

OD. Make frequent, small, reversible changes.

A batch workload takes 5 hours to finish on an Amazon EC2 instance. The amount of data to be processed doubles monthly and the processing time is proportional.

What is the best cloud architecture to address this consistently growing demand?

OA. Run the application on a bigger EC2 instance size.

OB. Switch to an EC2 instance family that better matches batch requirements.

@c. Distribute the application across multiple EC2 instances and run the workload in parallel.

OD. Run the application on a bare metal EC2 instance.

r —<—=

What does the concept of agility mean in AWS Cloud computing? (Select TWO.)

OA. The speed at which AWS resources are implemented

OB. The speed at which AWS creates new AWS Regions

Mc. The ability to experiment quickly

OD. The elimination of wasted capacity

GE. The low cost of entry into cloud computing

Acompany is considering a migration from on premises to the AWS Cloud. The company's IT team needs to offload support of the workload.

What should the IT team do to accomplish this goal?

@A. Use AWS Managed Services to provision, run, and support the company infrastructure.

OB. Build hardware refreshes into the operational calendar to ensure availability.

Oc. Use Amazon Elastic Container Service (Amazon ECS) on Amazon EC2 instances.

OD. Overprovision compute capacity for seasonal events and traffic spikes to prevent downtime.
Which benefit of cloud computing gives a company the ability to deploy applications to users all over the world through a network of AWS Regions, Availability Zones, and
edge locations?

OA. Economy of scale

@B. Global reach

Oc. Agility

OD. High availability

NS

Which of the following are advantages of the AWS Cloud? (Select TWO.)

DA. AWS management of user-owned infrastructure

B. Ability to quickly change required capacity

Mc. High economies of scale

OD. Increased deployment time to market

DE. Increased fixed expenses

A developer is writing a program that must switch between multiple IAM roles.

Which AWS services or features can the program use to meet this requirement? (Select TWO.)

A. AWS CLI

B. AWS Security Token Service (AWS STS) API

Oc. IAM inline policies

OD. AWS Organizations

DE. AWS Trusted Advisor

Ea

Acompany wants to increase its ability to recover its infrastructure in the case of a natural disaster.

Which pillar of the AWS Well-Architected Framework does this ability represent?

OA. Cost optimization

OB. Performance efficiency

@C. Reliability

OD. Security
 — me a gi er Pet
Ar

Which AWS service gives users the ability to simplify costs and take advantage of quantity discounts with a single bill?

OA. Service Quotas

OB. AWS Service Catalog

OC. — AWS Control Tower

©D. AWS Organizations

 SSS

How does AWS Cloud computing help businesses reduce costs? (Select TWO.)

QA. AWS charges the same prices for services in every AWS Region.

2B. AWS enables capacity to be adjusted on demand.

Oc. AWS offers discounts for Amazon EC2 instances that remain idle for more than 1 week.

OD. AWS does not charge for data sent from the AWS Cloud to the internet.

DE. AWS eliminates many of the costs of building and maintaining on-premises data centers.
I eee

Which AWS service or tool can be used to consolidate payments for a company with multiple AWS accounts?

OA. AWS Cost and Usage Report

@B. AWS Organizations

Oc. Cost Explorer

OD. AWS Budgets

e

Acompany wants to build an application for a new line of business.

According to the AWS Well-Architected Framework, what design principles should be implemented? (Select TWO.)

OA. Consolidate multiple AWS accounts into a single account.

OB. Buy and host hardware in the AWS Cloud.

Cc. Decouple the AWS Cloud architecture to break up monolithic deployments.

OD. Move on-premises network hardware to VPCs.

E. Design elasticity into the AWS Cloud design.

IS eee

How does the AWS Cloud pricing model differ from the traditional on-premises storage pricing model?

OA. AWS resources do not incur costs

OB. There are no infrastructure operating costs

@C. There are no upfront cost commitments

OD. There are no software licensing costs

I eee

Which of the following are pillars of the AWS Well-Architected Framework? (Select TWO.)

OA. High availability

B. Performance efficiency

C. Cost optimization

OD. Going global in minutes

OE. Continuous development

I eee

Which AWS service should a company use to check for IAM access keys that have not been rotated recently?

OA. AWS WAF

OB. AWS Trusted Advisor

@©C. Amazon Inspector

OD. AWS Certificate Manager (ACM)

Acompany is running a monolithic on-premises application that does not scale and is difficult to maintain. The company has a plan to migrate the application to AWS and
divide the application into microservices.

Which best practice of the AWS Well-Architected Framework is the company following with this plan?

@A. Integrate functional testing as part of AWS deployment.

OB. Use automation to deploy changes.

Oc. Deploy the application to multiple locations.

OD. Implement loosely coupled dependencies.