Which Amazon EC2 pricing option reduces costs when a business makes an hourly spend commitment to

an instance family and Region for a 1-year or 3-year term?

Reserved Instances

Spot Instances

EC2 Instance Savings Plans

Dedicated Hosts

The correct response option is EC2 Instance Savings Plans.

EC2 Instance Savings Plans reduces compute costs by committing to a consistent hourly spend for a 1-
year or 3-year term. This results in savings of up to 72% over On-Demand Instance costs. Any EC2 usage
up to the commitment is charged at the discounted Savings Plan rate (for example, $10 an hour). Any
EC2 usage beyond the commitment is charged at regular On-Demand Instance rates.

The other response options are incorrect because:

Reserved Instances are a billing discount that is applied to the use of On-Demand Instances in an AWS
account. A business can purchase Standard Reserved and Convertible Reserved Instances for a 1-year or
3-year term. Unlike EC2 Instance Savings Plans, Reserved Instances do not require an hourly spend
commitment over the duration of the contract term.
 Spot Instances are ideal for workloads with flexible start and end times or that can withstand
interruptions. Spot Instances leverage unused EC2 computing capacity and offer cost savings at up to
90% of On-Demand Instance prices.

Dedicated Hosts are physical servers with EC2 instance capacity that is fully dedicated to a single
customer. A business can use existing per-socket, per-core, or per-VM software licenses to help maintain
license compliance. A business can purchase On-Demand Dedicated Hosts or Reserved Dedicated Hosts.
Of all the Amazon EC2 options that were covered in this course, Dedicated Hosts are the most expensive.

Learn more:

Savings Plans : https://aws.amazon.com/savingsplans/

Which statement best describes Amazon GuardDuty?

A service that checks applications for security vulnerabilities and deviations from security best practices

Correctly unselected

A service that monitors network requests for web applications

Correctly unselected

A service that helps protect applications against distributed denial-of-service (DDoS) attacks

Correctly unselected

A service that provides intelligent threat detection for AWS infrastructure and resources

Correctly selected

Correct
The correct response option is A service that provides intelligent threat detection for your AWS
infrastructure and resources.

AWS GuardDuty identifies threats by continually monitoring the network activity and account behavior
within an AWS environment.

The other response options are incorrect because:

A service that helps protect applications against distributed denial-of-service (DDoS) attacks - This
response option describes AWS Shield.

A service that checks applications for security vulnerabilities and deviations from security best
practices - This response option describes Amazon Inspector.

A service that monitors network requests for web applications - This response option describes AWS
WAF.

Learn more: Amazon GuardDuty : https://aws.amazon.com/guardduty

Which AWS Trusted Advisor category includes checks for high-utilization EC2 instances?

Fault Tolerance

Correctly unselected

Performance
Incorrectly unselected

Security

Correctly unselected

Cost Optimization

Incorrectly selected

Incorrect

The correct response option is Performance.

In this category, AWS Trusted Advisor also helps improve the performance of services by providing
recommendations for how to take advantage of provisioned throughput.

The other response options are incorrect because:

The Security category includes checks that review permissions and identify which AWS security
features to enable.

The Cost Optimization category includes checks for unused or idle resources that could be eliminated
and provide cost savings.

The Fault Tolerance category includes checks to help improve an application's availability and
redundancy.
Learn more:

AWS Trusted Advisor

A cloud engineer is running an Amazon EC2 instance and wants to store data in an attached resource.
Their data is temporary and will not be kept long term. Which resource should they use?

Instance store

Incorrectly unselected

Amazon S3 bucket

Correctly unselected

Subnet

Correctly unselected

Amazon Elastic Block Store (Amazon EBS) volume

Incorrectly selected

Incorrect

The correct response option is instance store.

Instance stores are ideal for temporary data that does not need to be kept long term.
When an Amazon EC2 instance is stopped or terminated, all the data that has been written to the
attached instance store is deleted.

The other response options are incorrect because:

Amazon EBS volumes are ideal for data that needs to be retained. When an Amazon EC2 instance is
stopped or terminated, all of the data on the attached EBS volume is still available.

Amazon S3 buckets cannot be attached to Amazon EC2 instances.

A subnet is a section of a virtual private cloud (VPC) in which you can group resources based on
security or operational needs.

Learn more:

Amazon EC2 instance store :

Which actions can a person perform in Amazon Route 53? (Select TWO.)

Monitor applications and respond to system-wide performance changes.

Correctly unchecked

Access AWS security and compliance reports and select online agreements.

Correctly unchecked

Connect user requests to infrastructure in AWS and outside of AWS.

Correctly checked
Manage DNS records for domain names.

Correctly checked

Automate the deployment of workloads into an AWS environment.

Correctly unchecked

Correct

The correct two response options are:

Connect user requests to infrastructure in AWS and outside of AWS.

Manage DNS records for domain names.

Amazon Route 53 is a DNS web service. It gives developers and businesses a reliable way to route end
users to internet applications that are hosted in AWS.

Additionally, businesses can transfer DNS records for existing domain names that are currently managed
by other domain registrars, or register new domain names directly within Amazon Route 53.

The other response options are incorrect because:

 Monitor applications and respond to system-wide performance changes - These actions can be
performed in Amazon CloudWatch.

Access AWS security and compliance reports and special online agreements - This action can be
performed in AWS Artifact.

Automate the deployment of workloads into an AWS environment - This action can be performed with
AWS Quick Starts.

Learn more:

Amazon Route 53

Which service consolidates and manages multiple AWS accounts from a central location?

AWS Artifact

Correctly unselected

AWS Key Management Service (AWS KMS)

Correctly unselected

AWS Organizations

Correctly selected

AWS Identity and Access Management (IAM)

Correctly unselected

Correct

The correct response option is AWS Organizations.

In AWS Organizations, businesses centrally control permissions for their accounts by using service control
policies (SCPs). Additionally, businesses can use the consolidated billing feature in AWS Organizations to
combine usage and receive a single bill for multiple AWS accounts.

The other response options are incorrect because:

AWS Identity and Access Management (IAM) is a service that manages access to AWS services and
resources.

AWS Artifact is a service that provides the capability to access AWS security and compliance reports
and special online agreements.

AWS Key Management Service (AWS KMS) is a service that creates, manages, and uses cryptographic
keys.

Learn more:

AWS Organizations

Which migration strategy involves changing how an application is architected and developed, typically by
using cloud-native features?

Replatforming

Incorrectly selected
Refactoring

Incorrectly unselected

Repurchasing

Correctly unselected

Rehosting

Correctly unselected

Incorrect

The correct response option is Refactoring.

The other response options are incorrect because:

Repurchasing involves replacing an existing application with a cloud-based version, such as software
found in AWS Marketplace.

Rehosting involves moving an application to the cloud with little to no modifications to the application
itself. It is also known as “lift and shift.”

Replatforming involves selectively optimizing aspects of an application to achieve benefits in the cloud
without changing the core architecture of the application. It is also known as “lift, tinker, and shift.”

Learn more:

6 Strategies for Migrating Applications to the Cloud

Which tool provides the capability to visualize, understand, and manage AWS costs and usage over time?

AWS Pricing Calculator

Correctly unselected

AWS Artifact

Correctly unselected

AWS Budgets

Correctly unselected

AWS Cost Explorer

Correctly selected

Correct

The correct response option is AWS Cost Explorer.

With AWS Cost Explorer, businesses can quickly create custom reports to analyze their AWS cost and
usage data.

The other response options are incorrect because:

 AWS Budgets lets businesses set custom alerts that will notify individuals when a service usage
exceeds (or is forecasted to exceed) the amount that has been budgeted.

AWS Pricing Calculator creates an estimate for the cost of a business' use cases on AWS. In the AWS
Pricing Calculator, a person can enter details for their cloud computing requirements and then receive a
detailed estimate that can be exported and shared.

AWS Artifact is a service that provides access to AWS security and compliance reports and special
online agreements.

Learn more:

AWS Cost Explorer

Which action can a person perform in Amazon CloudFront?

Provision an isolated section of the AWS Cloud to launch resources in a virtual network that a person
defines.

Correctly unselected

Run infrastructure in a hybrid cloud approach.

Correctly unselected

Deliver content to customers through a global network of edge locations.

Correctly selected

Provision resources by using programming languages or a text file.

Correctly unselected

Correct
The correct response is Deliver content to customers through a global network of edge locations.

Amazon CloudFront is a content delivery service.

It uses a network of edge locations to cache content and deliver content to customers all over the world.
When content is cached, it is stored locally as a copy. This content might be video files, photos,
webpages, and so on.

The other response options are incorrect because:

Run infrastructure in a hybrid cloud approach - This action can be performed with AWS Outposts.

Provision resources by using programming languages or a text file - This action can be performed in
AWS CloudFormation.

Provision an isolated section of the AWS Cloud to launch resources in a virtual network that a person
defines - This action can be performed in Amazon Virtual Private Cloud (Amazon VPC).

Learn more:

Amazon CloudFront(opens in a new tab)

Which component or service establishes a dedicated private connection between an on-premises data
center and virtual private cloud (VPC)?

Amazon CloudFront

Correctly unselected

AWS Direct Connect

Correctly selected

Virtual private gateway

Correctly unselected

Internet gateway

Correctly unselected

Correct

The correct response option is AWS Direct Connect.

AWS Direct Connect is a service that establishes a dedicated private connection between an on-premises
data center and VPC.

The private connection that AWS Direct Connect provides helps reduce network costs and increase the
amount of bandwidth that can travel through a network.
The other response options are incorrect because:

Amazon CloudFront is a content delivery service. It uses a network of edge locations to cache content
and deliver content to customers all over the world.

A virtual private gateway establishes a virtual private network (VPN) connection between a VPC and a
private network, such as an on-premises data center or internal corporate network. A virtual private
gateway allows traffic into the VPC only if it is coming from an approved network.

An internet gateway is a connection between a VPC and the internet. It allows public traffic from the
internet to access a VPC.

Learn more:

AWS Direct Connect

A cloud architect wants Amazon S3 to monitor object access patterns. Which storage class should they
use?

Amazon S3 One Zone-IA

Correctly unselected

Amazon S3 Glacier Flexible Retrieval

Correctly unselected

Amazon S3 Standard-IA

Correctly unselected
Amazon S3 Intelligent-Tiering

Correctly selected

Correct

The correct response option is Amazon S3 Intelligent-Tiering.

In the Amazon S3 Intelligent-Tiering storage class, Amazon S3 monitors object access patterns. If an
object has not been accessed for 30 consecutive days, Amazon S3 automatically moves it to the
infrequent access tier, Amazon S3 Standard-IA. If an object is accessed in the infrequent access tier,
Amazon S3 automatically moves it to the frequent access tier, Amazon S3 Standard.

The other response options are incorrect because:

Amazon S3 Glacier Flexible Retrieval is a low-cost storage class that is ideal for data archiving. A person
can retrieve objects stored in the Amazon S3 Glacier Flexible Retrieval storage class within a few minutes
to a few hours.

The Amazon S3 Standard-IA storage class is ideal for data that is infrequently accessed but requires
high availability when needed. Both Amazon S3 Standard and Amazon S3 Standard-IA store data in a
minimum of three Availability Zones. Amazon S3 Standard-IA provides the same level of availability as
Amazon S3 Standard but at a lower storage price.

Amazon S3 One Zone-IA is ideal for infrequently accessed data that does not require high availability.

Learn more:

Amazon S3 storage classes

Which service provides review details for user activities and API calls that have occurred within an AWS
environment?

Amazon Inspector

Correctly unselected

Amazon CloudWatch

Correctly unselected

AWS Trusted Advisor

Correctly unselected

AWS CloudTrail

Correctly selected

Correct

The correct response option is AWS CloudTrail.

With CloudTrail, a person can view a complete history of user activity and API calls for their applications
and resources.

Events are typically updated in CloudTrail within 15 minutes after an API call was made. A person can
filter events by specifying the time and date that an API call occurred, the user who requested the
action, the type of resource that was involved in the API call, and more.

The other response options are incorrect because:

Amazon CloudWatch is a service that provides data for monitoring applications, optimizing resource
utilization, and responding to system-wide performance changes.

Amazon Inspector is a service that checks applications for security vulnerabilities and deviations from
security best practices.

AWS Trusted Advisor is an online tool that inspects an AWS environment and provides real-time
guidance in accordance with AWS best practices.

Learn more:

AWS CloudTrail

Which pillar of the AWS Well-Architected Framework focuses on using computing resources in ways that
meet system requirements?

Reliability

Incorrectly selected

Security

Correctly unselected

Operational Excellence
Correctly unselected

Performance Efficiency

Incorrectly unselected

Incorrect

The correct response option is Performance Efficiency.

The Performance Efficiency pillar focuses on using computing resources efficiently to meet system
requirements, and to maintain that efficiency as demand changes and technologies evolve.

The other responses are incorrect because:

The Operational Excellence pillar includes the ability to run workloads effectively, gain insights into
their operations, and continuously improve supporting processes to deliver business value.

The Security pillar focuses on protecting data, systems, and assets. It also focuses on using cloud
technologies to improve the security of your workloads.

The Reliability pillar focuses on the ability of a workload to consistently and correctly perform its
intended functions.

Learn more:

AWS Well-Architected Framework

Which statement best describes Elastic Load Balancing?

A service that provides data for monitoring applications, optimize resource utilization, and respond to
system-wide performance changes

Correctly unselected

A service that provides the capability to create, manage, and scale a distributed in-memory or cache
environment in the cloud

Correctly unselected

A service that monitors applications and automatically adds or removes capacity from resource groups in
response to changing demand

Correctly unselected

A service that distributes incoming traffic across multiple targets, such as Amazon EC2 instances

Correctly selected

Correct

The correct response option is A service that distributes incoming traffic across multiple targets, such as
Amazon EC2 instances.

A load balancer acts as a single point of contact for all incoming web traffic to an Auto Scaling group. This
means that as Amazon EC2 instances are added or removed in response to the amount of incoming
traffic, these requests are routed to the load balancer first and then spread across multiple resources
that will handle them.
The other response options are incorrect because:

A service that monitors applications and automatically adds or removes capacity from resource groups
in response to changing demand - This response option describes AWS Auto Scaling.

A service that provides data for monitoring applications, optimize resource utilization, and respond to
system-wide performance changes - This response option describes Amazon CloudWatch. Although
Elastic Load Balancing does optimize resource utilization by distributing incoming traffic across available
resources, this would not be the best response option because Elastic Load Balancing does not provide
all the other listed features.

A service that provides the capability to create, manage, and scale a distributed in-memory or cache
environment in the cloud - This response option describes Amazon ElastiCache.

Learn more: https://aws.amazon.com/elasticloadbalancing

A cloud engineer wants to store data in a volume that is attached to an Amazon EC2 instance. Which
service should they use?

Amazon ElastiCache

Correctly unselected

AWS Lambda

Correctly unselected

Amazon Simple Storage Service (Amazon S3)

Correctly unselected
Amazon Elastic Block Store (Amazon EBS)

Correctly selected

Correct

The correct response option is Amazon Elastic Block Store (Amazon EBS).

Amazon EBS provides block-level storage volumes for Amazon EC2 instances. If a person stops or
terminates an Amazon EC2 instance, all the data on the attached EBS volume remains available.

The other response options are incorrect because:

Amazon Simple Storage Service (Amazon S3) is a service that provides object-level storage. Amazon S3
stores data as objects within buckets.

AWS Lambda is a service that runs code without provisioning or managing servers.

Amazon ElastiCache is a service that adds caching layers on top of databases to help improve the read
times of common requests.

Learn more: Amazon EBS

Which Perspective of the AWS Cloud Adoption Framework focuses on recovering IT workloads to meet
the requirements of business stakeholders?
People Perspective

Correctly unselected

Business Perspective

Correctly unselected

Operations Perspective

Correctly selected

Governance Perspective

Correctly unselected

Correct

The correct response option is Operations Perspective.

The Operations Perspective of the AWS Cloud Adoption Framework also includes principles for operating
in the cloud by using agile best practices.

The other response options are incorrect because:

The Business Perspective helps moves a business from a model that separates business and IT
strategies into a business model that integrates IT strategy.
 The People Perspective helps Human Resources (HR) employees prepare their teams for cloud
adoption by updating organizational processes and staff skills to include cloud-based competencies.

The Governance Perspective provides the capability to update the staff skills and organizational
processes that are necessary to ensure business governance in the cloud.

Learn more:

Whitepaper: An Overview of the AWS Cloud Adoption Framework

Which service provides the capability to quickly deploy and scale applications on AWS?

Amazon CloudFront

Incorrectly selected

AWS Outposts

Correctly unselected

AWS Snowball

Correctly unselected

AWS Elastic Beanstalk

Incorrectly unselected

Incorrect

The correct response option is AWS Elastic Beanstalk.

Businesses upload their application, and Elastic Beanstalk automatically handles the deployment details
of capacity provisioning, load balancing, auto-scaling, and application health monitoring.

The other response options are incorrect because:

AWS Outposts is a service that runs infrastructure in a hybrid cloud approach.

Amazon CloudFront is a content delivery service.

AWS Snowball is a device that transfers large amounts of data into and out of AWS.

Learn more: AWS Quick Starts : https://aws.amazon.com/quickstart