AWS CERTIFIED CLOUD PRACTITIONER – 003: QUESTIONS AND ANSWERS

40 questions, 4 alternatives, 1 is the correct one.

Results

You scored above 70% You have passed

You scored below 70% You have failed

#1. What approach to transcoding a large number of individual video files adheres to AWS architecture principles?

For all video processing, the Encoding.com team uses Amazon Elastic Cloud Compute (Amazon EC2), with Amazon Simple Storage Service (Amazon S3) for temporary video storage and encoding platform instance backups. Encoding.com also uses the AWS Import/Export service for customers with massive video-encoding jobs that would take too long to transfer via the public Internet.

https://aws.amazon.com/solutions/case-studies/encoding/

#2. One of the advantages to moving infrastructure from an on-premises data center to the AWS Cloud is:

Configurations instead of maintenance.

#3. Where are AWS compliance documents, such as an SOC 1 report, located?

AWS SOC 1 Report, available to AWS customers from AWS Artifact.

https://aws.amazon.com/compliance/soc-faqs/

#4. Which AWS characteristic makes AWS cost effective for a workload with dynamic user demand?

AWS offers you a pay-as-you-go approach for pricing for over 160 cloud services.  With AWS you pay only for the individual services you need, for as long as you use them, and without requiring long-term contracts or complex licensing.

https://aws.amazon.com/pricing/

#5. Which of the Reserved Instance (RI) pricing models can change the attributes of the RI as long as the exchange results in the creation of RIs of equal or greater value?

RIs provide you with a significant discount (up to 75%) compared to On-Demand instance pricing. You have the flexibility to change families, OS types, and tenancies while benefitting from RI pricing when you use Convertible RIs.

https://aws.amazon.com/ec2/pricing/reserved-instances/

#6. What privilege is specific to the AWS root account, and cannot be granted to another IAM user on the account?

#7. AWS supports which of the following methods to add security to Identity and Access Management (IAM) users?

You can enable MFA for your AWS account and for individual IAM users you have created under your account. MFA can be also be used to control access to AWS service APIs.

https://aws.amazon.com/iam/features/mfa/

#8. What is the initial size of an Aurora database?

Aurora DBs start at 10GB and can scale in 10 GB increments up to 64 TB

https://aws.amazon.com/rds/aurora/faqs/

#9. Which AWS tools assist with estimating costs?

You can use tags to organize your resources, and cost allocation tags to track your AWS costs on a detailed level. After you activate cost allocation tags, AWS uses the cost allocation tags to organize your resource costs on your cost allocation report, to make it easier for you to categorize and track your AWS costs.

https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html

#10. Which of the following can limit Amazon Storage Service (Amazon S3) bucket access to specific users?

Managing access refers to granting others (AWS accounts and users) permission to perform the resource operations by writing an access policy. For example, you can grant PUT Object permission to a user in an AWS account so the user can upload objects to your bucket. In addition to granting permissions to individual users and accounts, you can grant permissions to everyone (also referred as anonymous access) or to all authenticated users (users with AWS credentials). For example, if you configure your bucket as a website, you may want to make objects public by granting the GET Object permission to everyone.

https://aws.amazon.com/blogs/security/how-to-restrict-amazon-s3-bucket-access-to-a-specific-iam-role/

#11. Which of the following are advantages of AWS consolidated billing?

You can use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts or multiple Amazon Internet Services Pvt. Ltd (AISPL) accounts. Every organization in AWS Organizations has a master (payer) account that pays the charges of all the member (linked) accounts. For more information about organizations, see the

https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/consolidated-billing.html

#12. Which is a recommended pattern for designing a highly available architecture on AWS?

#13. Which AWS IAM feature allows developers to access AWS services through the AWS CLI?

(I’m not 100% sure about this answer)

#14. Under the AWS shared responsibility model, which of the following activities are the customer’s responsibility?

The AWS customer is the one in charge of the

https://aws.amazon.com/compliance/shared-responsibility-model/

#15. Compared with costs in traditional and virtualized data centers, AWS has:

#16. According to best practices, how should an application be designed to run in the AWS Cloud?

Loose Coupling

As application complexity increases, a desirable attribute of an IT system is that it can
be broken into smaller, loosely coupled components. This means that IT systems
should be designed in a way that reduces inter-dependencies —a change or a failure in
one component should not cascade to other components.

https://d1.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf

#17. For which auditing process does AWS have sole responsibility?

AWS responsibility “Security of the Cloud” – AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.

https://aws.amazon.com/compliance/shared-responsibility-model/

#18. Which of the following is characteristic of Amazon S3?

Amazon S3 also supports features that help maintain data version control, prevent accidental deletions, and replicate data to the same or different AWS Region. With S3 Versioning, you can easily preserve, retrieve, and restore every version of an object stored in Amazon S3, which allows you to recover from unintended user actions and application failures. To prevent accidental deletions, enable Multi-Factor Authentication (MFA) Delete on an S3 bucket. If you try to delete an object stored in an MFA Delete-enabled bucket, it will require two forms of authentication: your AWS account credentials and the concatenation of a valid serial number, a space, and the six-digit code displayed on an approved authentication device, like a hardware key fob or a Universal 2nd Factor (U2F) security key.

https://aws.amazon.com/s3/features/

#19. A company is considering using AWS for a self-hosted database that requires a nightly shutdown for maintenance and cost-saving purposes. Which service should the company use?

Amazon Elastic Block Store (EBS) is an easy to use, high performance block storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction intensive workloads at any scale. A broad range of workloads, such as relational and non-relational databases, enterprise applications, containerized applications, big data analytics engines, file systems, and media workflows are widely deployed on Amazon EBS.

https://aws.amazon.com/ebs/

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html

#20. What is the lowest-cost, durable storage option for retaining database backups for immediate retrieval?

#21. What is an example of agility in the AWS Cloud?

An agile project delivers quickly, in small increments, and then gets feedback on whether it is actually achieving the intended business purpose of the objective. If it is not meeting that purpose, then changes can be made or the project halted without committing further resources. The point is to set the organization up to learn and change plans based on that learning. With an uncertain future, we cannot be sure that our project will have the results we want or will cost what we believe it will cost.

https://aws.amazon.com/blogs/enterprise-strategy/risk-is-lack-of-agility/

#22. Which of the following security-related actions are available at no cost?

$$

https://aws.amazon.com/premiumsupport/pricing/

#23. A customer needs to run a MySQL database that easily scales. Which AWS service should they use?

#24. How many Availability Zones should compute resources be provisioned across to achieve high availability?

The minimum should cover the failure of 1 AZ.

2 AZ are required.

#25. Which of the following Reserved Instance (RI) pricing models provides the highest average savings compared to On-Demand pricing?

Standard Reserved Instances provide you with a significant discount (up to 75%) compared to On-Demand instance pricing, and can be purchased for a 1-year or 3-year term. Customers have the flexibility to change the Availability Zone, the instance size, and networking type of their Standard Reserved Instances.

https://aws.amazon.com/ec2/pricing/reserved-instances/pricing/

#26. Which of the following is a shared control between the customer and AWS?

“Awareness & Training – AWS trains AWS employees, but a customer must train their own employees.”

https://aws.amazon.com/compliance/shared-responsibility-model/

#27. What service is used by RDS Enhanced Monitoring?

RDS uses CloudWatch to store the Enhanced Monitoring statistics.

https://aws.amazon.com/about-aws/whats-new/2019/04/enhanced-monitoring-supports-additional-metrics/

#28. Which of the following services will automatically scale with an expected increase in web traffic?

Elastic Load Balancing provides confidence that your applications will scale to the demands of your customers. With the ability to trigger Auto Scaling for your Amazon EC2 instance fleet when latency of any one of your EC2 instances exceeds a preconfigured threshold, your applications will always be ready to serve the next customer request.

https://aws.amazon.com/elasticloadbalancing/

#29. What can you create in AWS to maintain a log of network connections?

AWS uses Flow Logs to log network connections and communications within the cloud.

https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html

#30. Which AWS service should be used for read/write of constantly changing data?

#31. Which of the following Amazon EC2 pricing models allow customers to use existing server-bound software licenses?

Amazon EC2 Dedicated Hosts
Dedicated hardware to support existing software licenses and improve compliance

https://aws.amazon.com/ec2/dedicated-hosts/

https://aws.amazon.com/ec2/pricing/

#32. Which of the following components of the AWS Global Infrastructure consists of one or more discrete data centers interconnected through low latency links?

Availability Zones. Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities.

https://docs.aws.amazon.com/whitepapers/latest/aws-overview/global-infrastructure.html

#33. A characteristic of edge locations is that they:

If the content is already in the edge location with the lowest latency, CloudFront delivers it immediately.

If the content is not in that edge location, CloudFront retrieves it from an origin that you’ve defined—such as an Amazon S3 bucket, a MediaPackage channel, or an HTTP server (for example, a web server) that you have identified as the source for the definitive version of your content.

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html

#34. Which of the following is a fast and reliable NoSQL database service?

Fast and flexible NoSQL database service for any scale

https://aws.amazon.com/dynamodb/

#35. Which service should a customer use to consolidate and centrally manage multiple AWS accounts?

AWS Organizations helps you centrally govern your environment as you grow and scale your workloads on AWS. Whether you are a growing startup or a large enterprise, Organizations helps you to centrally manage billing; control access, compliance, and security; and share resources across your AWS accounts.

https://aws.amazon.com/organizations/

#36. Which of the following is a correct relationship between regions, Availability Zones, and edge locations?

CloudFront delivers your content through a worldwide network of data centers called edge locations. When a user requests content that you’re serving with CloudFront, the user is routed to the edge location that provides the lowest latency (time delay), so that content is delivered with the best possible performance.

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html

https://aws.amazon.com/about-aws/global-infrastructure/regions_az/#Region_Maps_and_Edge_Networks

#37. What is one of the advantages of the Amazon RDS?

#38. Which of the Reserved Instance (RI) pricing models can change the attributes of the RI as long as the exchange results in the creation of RIs of equal or greater value?

Convertible RIs: These provide a discount (up to 54% off On-Demand) and the capability to change the attributes of the RI as long as the exchange results in the creation of Reserved Instances of equal or greater value. Like Standard RIs, Convertible RIs are best suited for steady-state usage.

https://aws.amazon.com/ec2/pricing/reserved-instances/

#39. Which service enables risk auditing by continuously monitoring and logging account activity, including user actions in the AWS Management Console and AWS SDKs?

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting. In addition, you can use CloudTrail to detect unusual activity in your AWS accounts. These capabilities help simplify operational analysis and troubleshooting.

https://aws.amazon.com/cloudtrail/

#40. Which of the following inspects AWS environments to find opportunities that can save money for users and also improve system performance?

Reduce Costs, Increase Performance, and Improve Security
AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices.

Whether establishing new workflows, developing applications, or as part of ongoing improvement, take advantage of the recommendations provided by Trusted Advisor on a regular basis to help keep your solutions provisioned optimally.

https://aws.amazon.com/premiumsupport/technology/trusted-advisor/

finish