AWS Certified Cloud Practitioner Sample Question and Answers Set
5(201-250)
Click Button To Hide All Answers
QUESTION NO: 201- According to the AWS
shared responsibility model, what is AWS responsible for?
(A) Configuring Amazon VPC.
(B) Managing application code.
(C) Maintaining application traffic.
(D) Managing the network infrastructure.
Answer: D
QUESTION NO: 202- Which service should be
used to estimate the costs of running a new project on AWS?
(A) AWS TCO Calculator.
(B) AWS Simple Monthly Calculator.
(C) AWS Cost Explorer API.
(D) AWS Budgets.
Answer: B
QUESTION NO: 203- Which AWS tool will
identify security groups that grant unrestricted Internet access to a limited list of ports?
(A) AWS Organizations.
(B) AWS Trusted Advisor.
(C) AWS Usage Report.
(D) Amazon EC2 dashboard.
Answer: B
QUESTION NO: 204- Which AWS service can
be used to generate alerts based on an estimated monthly bill?
(A) AWS Config.
(B) Amazon CloudWatch.
(C) AWS X-Ray.
(D) AWS CloudTrail.
Answer: B
QUESTION NO: 205- Which Amazon EC2
pricing model offers the MOST significant discount when compared to On Demand Instances?
(A) Partial Upfront Reserved Instances for a 1-year term.
(B) All Upfront Reserved Instances for a 1-year term.
(C) All Upfront Reserved Instances for a 3-year term.
(D) No Upfront Reserved Instances for a 3-year term.
Answer: C
QUESTION NO: 206- Which of the following
is the responsibility of AWS?
(A) Setting up AWS Identity and Access Management (IAM) users and groups.
(B) Physically destroying storage media at end of life.
(C) Patching guest operating systems.
(D) Configuring security settings on Amazon EC2 instances.
Answer: B
QUESTION NO: 207- Which of the following
is an advantage of using AWS?
(A) AWS audits user data.
(B) Data is automatically secure.
(C) There is no guessing on capacity needs.
(D) AWS manages compliance needs.
Answer: C
QUESTION NO: 208- Which AWS service would
a customer use with a static website to achieve lower latency and high
transfer speeds?
(A) AWS Lambda.
(B) Amazon DynamoDB Accelerator.
(C) Amazon Route 53.
(D) Amazon CloudFront.
Answer: D
QUESTION NO: 209- Which services manage
and automate application deployments on AWS? (Choose two.)
(A) AWS Elastic Beanstalk.
(B) AWS CodeCommit.
(C) AWS Data Pipeline.
(D) AWS CloudFormation.
(E) AWS Config.
Answer: A, D
QUESTION NO: 210- A user wants guidance
on possible savings when migrating from on-premises to AWS. Which tool is suitable for this scenario?
(A) AWS Budgets.
(B) Cost Explorer.
(C) AWS Total Cost of Ownership (TCO) Calculator.
(D) AWS Well-Architected Tool.
Answer: C
QUESTION NO: 211- Which principles are
used to architect applications for reliability on the AWS Cloud? (Choose two.
(A) Design for automated failure recovery.
(B) Use multiple Availability Zones.
(C) Manage changes via documented processes.
(D) Test for moderate demand to ensure reliability.
(E) Backup recovery to an on-premises environment.
Answer: A, B
QUESTION NO: 212- What tasks should a
customer perform when that customer suspects an AWS account has been
compromised? (Choose two.)
(A) Rotate passwords and access keys.
(B) Remove MFA tokens.
(C) Move resources to a different AWS Region.
(D) Delete AWS CloudTrail Resources.
(E) Contact AWS Support.
Answer: A, E
QUESTION NO: 213- What is an example of
high availability in the AWS Cloud?
(A) Consulting AWS technical support at any time day or night.
(B) Ensuring an application remains accessible, even if a resource fails.
(C) Making any AWS service available for use by paying on demand.
(D) Deploying in any part of the world using AWS Regions.
Answer: B
QUESTION NO: 214- Which AWS security
service protects applications from distributed denial of service attacks with
always-on detection and automatic inline mitigations?
(A) Amazon Inspector.
(B) AWS Web Application Firewall (AWS WAF).
(C) Elastic Load Balancing (ELB).
(D) AWS Shield.
Answer: D
QUESTION NO: 215- A company wants to
monitor the CPU usage of its Amazon EC2 resources. Which AWS service should the company use?
(A) AWS CloudTrail.
(B) Amazon CloudWatch.
(C) AWS Cost and Usage report.
(D) Amazon Simple Notification Service (Amazon SNS).
Answer: B
QUESTION NO: 216- What is an AWS Identity
and Access Management (IAM) role?
(A) A user associated with an AWS resource.
(B) A group associated with an AWS resource.
(C) An entity that defines a set of permissions for use with an AWS resource.
(D) An authentication credential associated with a multi-factor authentication (MFA) token.
Answer: C
QUESTION NO: 217- What are the advantages
of Reserved Instances? (Choose two.)
(A) They provide a discount over on-demand pricing.
(B) They provide access to additional instance types.
(C) They provide additional networking capability.
(D) Customers can upgrade instances as new types become available.
(E) Customers can reserve capacity in an Availability Zone.
Answer: A, E
QUESTION NO: 218- How do Amazon EC2 Auto
Scaling groups help achieve high availability for a web application?
(A) They automatically add more instances across multiple AWS Regions based on global demand of the application.
(B) They automatically add or replace instances across multiple Availability Zones when the
application needs it.
(C) They enable the application's static content to reside closer to end users.
(D) They are able to distribute incoming requests across a tier of web server instances.
Answer: B
QUESTION NO: 219- How can one AWS account
use Reserved Instances from another AWS account?
(A) By using Amazon EC2 Dedicated Instances.
(B) By using AWS Organizations consolidated billing.
(C) By using the AWS Cost Explorer tool.
(D) By using AWS Budgets.
Answer: B
QUESTION NO: 220- A customer runs an
On-Demand Amazon Linux EC2 instance for 3 hours, 5 minutes, and 6
seconds. For how much time will the customer be billed?
(A) 3 hours, 5 minutes.
(B) 3 hours, 5 minutes, and 6 seconds.
(C) 3 hours, 6 minutes.
(D) 4 hours.
Answer: B
QUESTION NO: 221- Which of the following
AWS services provide compute resources? (Choose two.)
(A) AWS Lambda.
(B) Amazon Elastic Container Service (Amazon ECS).
(C) AWS CodeDeploy.
(D) Amazon Glacier.
(E) AWS Organizations.
Answer: A, B
QUESTION NO: 222- Which AWS service
enables users to deploy infrastructure as code by automating the process of
provisioning resources?
(A) Amazon GameLift.
(B) AWS CloudFormation.
(C) AWS Data Pipeline.
(D) AWS Glue.
Answer: B
QUESTION NO: 223- Which AWS services
provide a way to extend an on-premises architecture to the AWS Cloud?
(Choose two.)
(A) Amazon EBS.
(B) AWS Direct Connect.
(C) Amazon CloudFront.
(D) AWS Storage Gateway.
(E) Amazon Connect.
Answer: B, D
QUESTION NO: 224- Which of the following
allows users to provision a dedicated network connection from their internal network to AWS?
(A) AWS CloudHSM.
(B) AWS Direct Connect.
(C) AWS VPN.
(D) Amazon Connect.
Answer: B
QUESTION NO: 225- Which services use AWS
edge locations? (Choose two.)
(A) Amazon CloudFront.
(B) AWS Shield.
(C) Amazon EC2.
(D) Amazon RDS.
(E) Amazon ElastiCache.
Answer: A, B
QUESTION NO: 226- Which service would
provide network connectivity in a hybrid architecture that includes the AWS
Cloud?
(A) Amazon VPC.
(B) AWS Direct Connect.
(C) AWS Directory Service.
(D) Amazon API Gateway.
Answer: B
QUESTION NO: 227- Which tool can be used
to compare the costs of running a web application in a traditional hosting environment to running it on
AWS?
(A) AWS Cost Explorer.
(B) AWS Budgets.
(C) AWS Cost and Usage report.
(D) AWS Total Cost of Ownership (TCO) Calculator.
Answer: D
QUESTION NO: 228- What is the value of
using third-party software from AWS Marketplace instead of installing third-party software on Amazon EC2?
(Choose two.)
(A) Users pay for software by the hour or month depending on licensing.
(B) AWS Marketplace enables the user to launch applications with 1-Click.
(C) AWS Marketplace data encryption is managed by a third-party vendor.
(D) AWS Marketplace eliminates the need to upgrade to newer software versions.
(E) Users can deploy third-party software without testing.
Answer: A, B
QUESTION NO: 229- Which of the following
is a cloud architectural design principle?
(A) Scale up, not out.
(B) Loosely couple components.
(C) Build monolithic systems.
(D) Use commercial database software.
Answer: B
QUESTION NO: 230- Under the shared
responsibility model; which of the following areas are the customer's
responsibility? (Choose two.)
(A) Firmware upgrades of network infrastructure.
(B) Patching of operating systems.
(C) Patching of the underlying hypervisor.
(D) Physical security of data centers.
(E) Configuration of the security group.
Answer: B, E
QUESTION NO: 231- Which service enables
customers to audit and monitor changes in AWS resources?
(A) AWS Trusted Advisor.
(B) Amazon GuardDuty.
(C) Amazon Inspector.
(D) AWS Config.
Answer: D
QUESTION NO: 232- Which AWS service
identifies security groups that allow unrestricted access to a user’s AWS
resources?
(A) AWS CloudTrail.
(B) AWS Trusted Advisor.
(C) Amazon CloudWatch.
(D) Amazon Inspector.
Answer: B
QUESTION NO: 233- According to the AWS
shared responsibility model, who is responsible for configuration
management?
(A) It is solely the responsibility of the customer.
(B) It is solely the responsibility of AWS.
(C) It is shared between AWS and the customer.
(D) It is not part of the AWS shared responsibility model.
Answer: C
QUESTION NO: 234- Which AWS service is a
content delivery network that securely delivers data, video, and
applications to users globally with low latency and high speeds?
(A) AWS CloudFormation.
(B) AWS Direct Connect.
(C) Amazon CloudFront.
(D) Amazon Pinpoint.
Answer: C
QUESTION NO: 235- Which benefit of the
AWS Cloud supports matching the supply of resources with changing
workload demands?
(A) Security.
(B) Reliability.
(C) Elasticity.
(D) High availability.
Answer: C
QUESTION NO: 236- A user is running an
application on AWS and notices that one or more AWS-owned IP addresses
is involved in a distributed denial-of-service (DDoS) attack. Who should the user contact FIRST about this
situation?
(A) AWS Premium Support.
(B) AWS Technical Account Manager.
(C) AWS Solutions Architect.
(D) AWS Abuse team.
Answer: D
QUESTION NO: 237- Which of the following
are benefits of hosting infrastructure in the AWS Cloud? (Choose two.)
(A) There are no upfront commitments.
(B) AWS manages all security in the cloud.
(C) Users have the ability to provision resources on demand.
(D) Users have access to free and unlimited storage.
(E) Users have control over the physical infrastructure.
Answer: A, C
QUESTION NO: 238- Access keys in AWS
Identity and Access Management (IAM) are used to:
(A) log in to the AWS Management Console.
(B) make programmatic calls to AWS from AWS APIs.
(C) log in to Amazon EC2 instances.
(D) authenticate to AWS CodeCommit repositories.
Answer: B
QUESTION NO: 239- What is AWS Trusted
Advisor?
(A) It is an AWS staff member who provides recommendations and best practices on how to use
AWS.
(B) It is a network of AWS partners who provide recommendations and best practices on how to use
AWS.
(C) It is an online tool with a set of automated checks that provides recommendations on cost
optimization, performance, and security.
(D) It is another name for AWS Technical Account Managers who provide recommendations on cost
optimization, performance, and security.
Answer: C
QUESTION NO: 240- Which AWS service or
feature allows a company to visualize, understand, and manage AWS
costs and usage over time?
(A) AWS Budgets.
(B) AWS Cost Explorer.
(C) AWS Organizations.
(D) Consolidated billing.
Answer: B
QUESTION NO: 241- Which AWS service
offers on-demand access to AWS security and compliance reports?
(A) AWS CloudTrail.
(B) AWS Artifact.
(C) AWS Health.
(D) Amazon CloudWatch.
Answer: B
QUESTION NO: 242- What are the benefits
of using the AWS Cloud for companies with customers in many countries
around the world? (Choose two.)
(A) Companies can deploy applications in multiple AWS Regions to reduce latency.
(C) Amazon CloudFront has multiple edge locations around the world to reduce latency.
(D) Amazon Comprehend allows users to build applications that can respond to user requests in many
languages.
(E) Elastic Load Balancing can distribute application web traffic to multiple AWS Regions around the world, which
reduces latency.
Answer: A, C
QUESTION NO: 243- Which AWS service
handles the deployment details of capacity provisioning, load balancing, Auto
Scaling, and application health monitoring?
(A) AWS Config.
(B) AWS Elastic Beanstalk.
(C) Amazon Route 53.
(D) Amazon CloudFront.
Answer: B
QUESTION NO: 244- Which AWS service
provides inbound and outbound network ACLs to harden external connectivity to Amazon EC2?
(A) AWS IAM.
(B) Amazon Connect.
(C) Amazon VPC.
(D) Amazon API Gateway.
Answer: C
QUESTION NO: 245- When a company
provisions web servers in multiple AWS Regions, what is being increased?
(A) Coupling.
(B) Availability.
(C) Security.
(D) Durability.
Answer: B
QUESTION NO: 246- The pay-as-you-go
pricing model for AWS services:
(A) reduces capital expenditures.
(B) requires payment up front for AWS services.
(C) is relevant only for Amazon EC2, Amazon S3, and Amazon RDS.
(D) reduces operational expenditures.
Answer: A
QUESTION NO: 247- Under the AWS shared
responsibility model, AWS is responsible for which security-related task?
(A) Lifecycle management of IAM credentials.
(B) Physical security of global infrastructure.
(C) Encryption of Amazon EBS volumes.
(D) Firewall configuration.
Answer: B
QUESTION NO: 248- Which AWS service
enables users to consolidate billing across multiple accounts?
(A) Amazon QuickSight.
(B) AWS Organizations.
(C) AWS Budgets.
(D) Amazon Forecast.
Answer: B
QUESTION NO: 249- Under the AWS shared
responsibility model, which of the following is an example of security in the AWS Cloud?
(A) Managing edge locations.
(B) Physical security.
(C) Firewall configuration.
(D) Global infrastructure.
Answer: B
QUESTION NO: 250- How can an AWS user
with an AWS Basic Support plan obtain technical assistance from AWS?