CopyrightNoticeAWSCertifiedSolutionsArchitectAssociatePracticeQuestionsCopyright©2018ShaunL.HummelAllRightsReserved.Nopartofthisworkmaybesold,reproducedortransmittedinanyformorbyanymeanswithoutwrittenpermissionfromtheauthor.

DisclaimerThisbookwaswrittenasastudyguideforobtainingAWScertification.Whileeveryefforthasbeenmadetomakethisbookasaccurateaspossiblenowarrantyisimplied.Theauthorshallnotbeliableorresponsibleforanylossordamagearisingfromtheinformationcontainedinthisbook.

AboutTheAuthorShaunHummelisaSeniorNetworkEngineerwith15yearsenterprisenetworkplanning,designandimplementationexperience.AuthorofAWSCertifiedSolutionsArchitectAssociate:ExamStudyNotes.

ContentsIntroduction

1.0EC2Compute2.0VirtualPrivateCloud3.0StorageServices4.0SecurityArchitecture5.0DatabaseServices6.0FaultTolerantSystems7.0DeploymentandOrchestration8.0MonitoringServicesAnswerKey

IntroductionTheskillsrequiredforinformationtechnologyarechangingrapidlywithcloudcomputingandnetworkprogrammability.Thevirtualizationofservers,applicationsandnetworkdevicesiscausinganoverlapofmanagementdomainsfornetwork,systemsandsecurityengineers.Thenetworkdevicesandapplicationsnowresideatnetworkserversasvirtualmachines(VM).Inadditionthereisashifttowardaninternet-basedconnectivitymodelthatischanginghowthenetworkismanaged.Theserver-centricarchitectureredefineshownetworkcapacityismanagedaswell.Therearenewervirtualizedmanagementsolutionshavebeendevelopedforintegratingphysicalandvirtualplatforms.Eachgroupmustdevelopnewskillsforvirtualization,server-basedtroubleshootingandcloudmanagement.Thevirtualizationofapplicationsanddevicesallowforanon-demandconnectivityandoperationalmodel.Itischaracterizedbyadynamic,elastic,scalablearchitecturethatishardwareindependent.ThenewnetworkingparadigmusesOpenAPIs,overlaysandSDNprogrammablenetworkdevices.Thevirtualizationoverlayabstractstheunderlyingnetworkinfrastructurefromtheapplicationlayer.Thevirtualizationarchitectureisnowenablingseamlessaccessandglobalconnectivityofenterpriseandclouddatacenterapplications.Theincreasingpopularityofcloudcomputingistheresultofanoperationalmodelthatnowhascompaniesmigratingdatacenterapplicationstocloudfacilities.Accordingtoastudyalmost70%ofallIPinternettrafficwillterminateatacloudfacilityby2018.AWScertificationhasbecomepopularasatrainingplatformforsystemsadministrators,engineersandarchitects.Candidatesmustanswertechnicalquestionsandhavetheskillsrequiredtoselect,deploy,integrateandmaintainAWScloudsolutions.Thestudyguideiscomprisedof300+practicequestions.AllquestionsarebasedonofficialAWScertificationguidelinesthatcoverallexamtopicsrequiredtopassAWSCertifiedSolutionsArchitectAssociateexam.

AWSCertifiedSolutionsArchitect:AssociateExamReadeachquestioncarefullyandselectthecorrectanswer/sfromtheoptionsprovided.Useatexteditor(notepad)torecordyouranswersforeachquestion.EC2ComputeQuestion1:WhatthreeattributesareselectablewhencreatinganEBSvolumeforanEC2instance?

A. volumetypeB. IOPSC. regionD. CMKE. ELBF. EIP

Question2:Youhavebeenaskedtomigratea10GBunencryptedEBSvolumetoanencryptedvolumeforsecuritypurposes.Whatarethreekeystepsrequiredaspartofthemigration?

A. pausetheunencryptedinstanceB. createanewencryptedvolumeofthesamesizeandavailabilityzoneC. createanewencryptedvolumeofthesamesizeinanyavailabilityzoneD. startconverterinstanceE. shutdownanddetachtheunencryptedinstance

Question3:WhatisEC2instanceprotection?

A. preventsAutoScalingfromselectingspecificEC2instancetobereplacedwhenscalingin

B. preventsAutoScalingfromselectingspecificEC2instancetobereplacedwhenscalingout

C. preventsAutoScalingfromselectingspecificEC2instanceforterminationwhenscalingout

D. preventsAutoScalingfromselectingspecificEC2instanceforterminationwhenscalingin

E. preventsAutoScalingfromselectingspecificEC2instanceforterminationwhenpaused

F. preventsAutoScalingfromselectingspecificEC2instanceforterminationwhenstopped

Question4:

WhattwofeaturesaresupportedwithEBSvolumeSnapshotfeature?

A. EBSreplicationacrossregions

B. EBSmulti-zonereplication

C. EBSsingleregiononly

D. fullsnapshotdataonly

E. unencryptedsnapshotonly

Question5:

WhattworesourcetagsaresupportedforanEC2instance?

A. VPCendpoint

B. EIP

C. networkinterface

D. securitygroup

E. FlowLog

Question6:

WhattwooptionsareavailabletoalerttenantswhenanEC2instanceisterminated?

A. SNS

B. CloudTrail

C. Lambdafunction

D. SQS

E. STS

Question7:

WhatclassofEC2instancetypeisrecommendedforrunningdataanalytics?

A. memoryoptimized

B. computeoptimized

C. storageoptimized

D. generalpurposeoptimized

Question8:

WhatclassofEC2instancetypeisrecommendedfordatabaseservers?

A. memoryoptimized

B. computeoptimized

C. storageoptimized

D. generalpurposeoptimized

Question9:

Whattwoattributesdistinguisheachpricingmodel?

A. reliability

B. amazonservice

C. discount

D. performance

E. redundancy

Question10:

WhatarethreestandardAWSpricingmodels?

A. elastic

B. spot

C. reserved

D. dynamic

E. demand

Question11:HowisanEBSrootvolumecreatedwhenlaunchinganEC2instancefromanewEBS-backedAMI?

A. S3template

B. originalAMI

C. snapshot

D. instancestore

Question12:

WhatAmazonAWSsourcesareavailableforcreatinganEBS-BackedLinuxAMI?(selecttwo)

A. EC2instance

B. AmazonSMS

C. VMImport/Export

D. EBSSnapshot

E. S3bucket

Question13:

Whatisrequiredtopreventaninstancefrombeinglaunchedandincurringcosts?

A. stopinstance

B. terminateinstance

C. terminateAMIandde-registerinstance

D. stopandde-registerinstance

E. stop,deregisterAMIandterminateinstance

Question14:

WhatisanEBSSnapshot?

A. backupofanEBSrootvolumeandinstancedata

B. backupofanEC2instance

C. backupofconfigurationsettings

D. backupofinstancestore

Question15:

WhereareELBandAuto-Scalinggroupsdeployedasaunifiedsolutionforhorizontalscaling?

A. databaseinstances

B. allinstances

C. webserverinstances

D. defaultVPConly

Question16:

WhatfeatureissupportedwhenattachingordetachinganEBSvolumefromanEC2instance?

A. EBSvolumecanbeattachedanddetachedtoanEC2instanceinthesameregion

B. EBSvolumecanbeattachedanddetachedtoanEC2instancethatiscross-region

C. EBSvolumecanonlybecopiedandattachedtoanEC2instancethatiscross-region

D. EBSvolumecanonlybeattachedanddetachedtoanEC2instanceinthesameAvailabilityZone

Question17:

WhattwostatementscorrectlydescribehowtoaddormodifyIAMrolestoarunningEC2instance?

A. attachanIAMroletoanexistingEC2instancefromtheEC2consoleB. replaceanIAMroleattachedtoanexistingEC2instancefromtheEC2

consoleC. attachanIAMroletotheuseraccountandrelaunchtheEC2instanceD. addtheEC2instancetoagroupwheretheroleisamember

Question18:WhatisthedefaultbehaviorforanEC2instancewhenterminated?(Selecttwo)

A. DeleteOnTerminationattributecannotbemodifiedB. EBSrootdevicevolumeandadditionalattachedvolumesaredeleted

immediatelyC. EBSdatavolumesthatyouattachatlaunchpersistD. EBSrootdevicevolumeisautomaticallydeletedwheninstance

terminates

Question19:

HowdoyoulaunchanEC2instanceafteritisterminated?(Selecttwo)

A. launchanewinstanceusingthesameAMI

B. rebootinstancefromCLI

C. launchanewinstancefromaSnapshot

D. rebootinstancefrommanagementconsole

E. contactAWSsupporttoreset

Question20:

WhatservicecanautomateEBSsnapshots(backups)forrestoringEBSvolumes?

A. CloudWatchevent

B. SNStopic

C. CloudTrail

D. AmazonInspector

E. CloudWatchalarm

Question21:

WhatwillcauseAWStoterminateanEC2instanceonlaunch?(Selecttwo)

A. securitygrouperror

B. numberofEC2instancesonAWSaccountexceeded

C. EBSvolumelimitsexceeded

D. multipleIPaddressesassignedtoinstance

E. unsupportedinstancetypeassigned

Question22:

YourecentlymadesomeconfigurationchangestoanEC2instance.YouthenlaunchedanewEC2instancefromthesameAMIhowevernoneofthesettingsweresaved.Whatisthecauseofthiserror?

A. didnotsaveconfigurationchangestoEC2instanceB. didnotsaveconfigurationchangestoAMIC. didnotcreatenewAMID. didnotrebootEC2instancetoenablechanges

Question23:WhatstatementsarecorrectconcerningDisableApiTerminationattribute?(Selecttwo)

A. cannotenableterminationprotectionforSpotinstancesB. terminationprotectionisdisabledbydefaultforanEC2instanceC. terminationprotectionisenabledbydefaultforanEC2instanceD. canenableterminationprotectionforSpotinstancesE. DisableApiTerminationattributesupportedforEBS-backedinstances

only

Question24:

WhatisrequiredtocopyanencryptedEBSsnapshotcross-account?(Selecttwo)A. copytheunencryptedEBSsnapshottoanS3bucketB. distributethecustomkeyfromCloudFrontC. sharethecustomkeyforthesnapshotwiththetargetaccountD. sharetheencryptedEBSsnapshotwiththetargetaccountE. sharetheencryptedEBSsnapshotspubliclyF. enablerootaccesssecurityonbothaccounts

Question25:

WhatthreeservicesenableSingle-AZasadefault?

A. EC2

B. ELB

C. Auto-Scaling

D. DynamoDB

E. S3

Question26:

WhatAWSserviceautomaticallypublishesaccesslogseveryfiveminutes?

A. VPCFlowLogs

B. ElasticLoadBalancer

C. CloudTrail

D. DNSRoute53

Question27:

Youhavedevelopedaweb-basedapplicationforfilesharingthatwillallowcustomerstoaccessfiles.Thereareavarietyofsizesthatincludelarger.pdfandvideofiles.Whattwosolutionstackscouldtenantsuseforanonlinefilesharingservice?(Selecttwo)

A. EC2,ELB,Auto-Scaling,S3B. Route53,Auto-Scaling,DynamoDBC. EC2,Auto-Scaling,RDSD. CloudFront

Question28:

WhatinfrastructureservicesareprovidedtoEC2instances?(Selectthree)

A. VPN

B. storage

C. compute

D. transport

E. security

F. support

Question29:

WhatstepsarerequiredfromAWSconsoletocopyanEBS-backedAMIforadatabaseinstancecross-region?

A. createSnapshotofdatavolume,selectCopy,selectdestinationregionB. selectCopyEBS-backedAMIoptionanddestinationregionC. selectcopydatabasevolumeanddestinationregionD. createSnapshotofEBS-backedAMI,selectCopySnapshotoption,

selectdestinationregionE. createSnapshotofInstance-storeAMI,selectCopyAMIoption,select

destinationregion

Question30:

Howiscapacity(compute,storageandnetworkspeed)managedandassignedtoEC2instances?

A. AMI

B. instancetype

C. IOPS

D. Auto-Scaling

Question31:

WhatstoragetypeenablepermanentattachmentofvolumestoEC2instances?

A. S3

B. RDS

C. TDS

D. EBS

E. instancestore

Question32:Whatistherecommendedmethodformigrating(copying)anEC2instancetoadifferentregion?

A. terminateinstance,selectregion,copyinstancetodestinationregionB. selectAMIassociatedwithEC2instanceanduseCopyAMIoptionC. stopinstanceandcopyAMItodestinationregionD. cross-regioncopyisnotcurrentlysupported

Question33:

WhataretwoattributesthatdefineanEC2instancetype?

A. vCPU

B. licensetype

C. EBSvolumestorage

D. IPaddress

E. Auto-Scaling

Question34:

HowisanAmazonElasticLoadBalancer(ELB)assigned?

A. perEC2instance

B. perAuto-Scalinggroup

C. persubnet

D. perVPC

Question35:

WhatmethoddetectswhentoreplaceanEC2instancethatisassignedtoanAuto-Scalinggroup?

A. healthcheck

B. loadbalancingalgorithm

C. EC2healthcheck

D. notcurrentlysupported

E. dynamicpathdetection

F. Auto-Scaling

Question36:

WhattwostatementscorrectlydescribeAuto-Scalinggroups?

A. horizontalscalingofcapacity

B. decreasenumberofinstancesonly

C. EC2instancesareassignedtoagroup

D. databaseinstancesonly

E. nosupportformultipleavailabilityzones

Question37:

WhatisthedefaultmaximumnumberofElasticIPaddressesassignableperAmazonAWSregion?

A. 1

B. 100

C. 5

D. unlimited

Question38:

HowaresnapshotsforanEBSvolumecreatedwhenitistherootdeviceforaninstance?

A. pauseinstance,unmountvolumeandsnapshot

B. terminateinstanceandsnapshot

C. unencryptvolumeandsnapshotdynamically

D. stopinstance,unmountvolumeandsnapshot

Question39:

WhatcloudcomputecomponentsareconfiguredbytenantsandnotAmazonAWSsupportengineers?(Selectthree)

A. hypervisor

B. upstreamphysicalswitch

C. virtualappliances

D. guestoperatingsystem

E. applicationsanddatabases

F. RDS

Question40:

WhatthreeattributesareusedtodefinealaunchconfigurationtemplateforanAuto-Scalinggroup?

A. instancetype

B. privateIPaddress

C. ElasticIP

D. securitygroup

E. AMI

Question41:

WhatthreecharacteristicsorlimitationsdifferentiateEC2instancetypes?

A. VPConlyB. applicationtypeC. EBSvolumeonlyD. virtualizationtypeE. AWSserviceselected

Question42:

SelecttwodifferencebetweenHVMandPVvirtualizationtypes?

A. HVMsupportsallcurrentgenerationinstancetypesB. HVMissimilartobaremetalhypervisorarchitectureC. PVprovidesbetterperformancethanHVMformostinstancetypes

D. HVMdoesn’tsupportenhancednetworkingE. HVMdoesn’tsupportcurrentgenerationinstancetypes

VirtualPrivateCloud(VPC)Question1:Whataretheminimumcomponentsrequiredtoenableaweb-basedapplicationwithpublicwebserversandaprivatedatabasetier?(Selectthree)

A. InternetgatewayB. AssignEIPaddressingtodatabaseinstancesonprivatesubnetC. VirtualprivategatewayD. AssigndatabaseinstancestoprivatesubnetandprivateIPaddressingE. AssignEIPandprivateIPaddressingtowebserversonpublicsubnet

Question2:

Refertothenetworkdrawing.Howarepacketsroutedfromprivatesubnettopublicsubnetforthefollowingweb-basedapplicationwithadatabasetier?

A. Internetgateway

B. customroutetable

C. 10.0.0.0/16

D. nat-instance-id

E. igw-id

F. addcustomroutetable

Question3:

WhatVPCcomponentprovidesNetworkAddressTranslation?

A. NATinstance

B. NATgateway

C. virtualprivategateway

D. Internetgateway

E. ECS

Question4:

WhataretheadvantagesofNATgatewayoverNATinstance?(Selecttwo)

A. NATgatewayrequiresasingleEC2instance

B. NATgatewayisscalable

C. NATgatewaytranslatesfaster

D. NATgatewaysisamanagedservice

E. NATgatewayisLinux-based

Question5:

WhatisthemanagementresponsibilityoftenantsandnotAmazonAWS?

A. EC2instances

B. RDS

C. Beanstalk

D. NATinstance

Question6:

Whattwofeaturesprovideanencrypted(VPN)connectionfromVPCtoanenterprisedatacenter?

A. Internetgateway

B. AmazonRDS

C. Virtualprivategateway

D. CSR1000Vrouter

E. NATgateway

Question7:

WhattwoattributesaresupportedwhenconfiguringanAmazonVirtualprivategateway(VPG)?

A. routepropagation

B. ElasticIP(EIP)

C. DHCP

D. publicIPv4address

E. publicsubnets

Question8:

WhattwofeaturesareavailablewithAWSDirectConnectservice?

A. internetaccess

B. extendon-premisesVLANstocloud

C. bidirectionalforwardingdetection(BFD)

D. loadbalancingbetweenDirectConnectandVPNconnection

E. publicandprivateAWSservices

Question9:

WhenisDirectConnectapreferredsolutionoverVPNIPsec?

A. fastandreliableconnection

B. redundancyisakeyrequirement

C. fastandeasytodeploy

D. layer3connectivity

E. layer2connectivity

Question10:

YouhavebeenaskedtosetupaVPCendpointconnectionbetweenVPCandS3bucketsforstoringbackupsandsnapshots.WhatAWScomponentsarecurrentlyrequiredwhenconfiguringaVPCendpoint?

A. Internetgateway

B. NATinstance

C. ElasticIP

D. privateIPaddress

Question11:

WhataretheprimaryadvantagesofVPCendpoints?(Selecttwo)

A. reliability

B. cost

C. throughput

D. security

Question12:

WhataretheDHCPoptionattributesusedtoassignprivateDNSserverstoyourVPC?

A. dnsresolutionanddomainname

B. hostnamesandinternetdomain

C. domainserversanddomainname

D. domain-name-serversanddomain-name

Question13:

WhatDNSattributesareconfiguredwhenDefaultVPCoptionisselected?

A. DNSresolution:yes/DNShostnames:yes

B. DNSresolution:yes/DNShostnames:no

C. DNSresolution:no/DNShostnames:yes

D. DNSresolution:no/DNShostnames:no

Question14:

WhatconfigurationsettingsarerequiredfromtheremoteVPCinordertocreatecross-accountpeering?(Selectthree)

A. VPCID

B. accountusername

C. accountID

D. CMKkeys

E. VPCCIDRblock

F. volumetype

Question15:

WhatCIDRblockrangeissupportedforIPv4addressingandsubnettingwithinasingleVPC?

A. /16to/32

B. /16to/24

C. /16to/28

D. /16to/20

Question16:WhatproblemiscausedbythefactthatVPCpeeringdoesnotpermittransitiverouting?

A. additionalVPCroutetablestomanageB. virtualprivategatewayisrequiredC. InternetgatewayisrequiredforeachVPCD. routingbetweenconnectedspokesthroughhubVPCiscomplexE. increasednumberofpeerlinksrequired

Question17:

WhattwostatementscorrectlydescribesElasticLoadBalanceroperation?

A. spansmultipleregions

B. assignedperEC2instance

C. assignedpersubnet

D. assignedperAuto-Scalinggroup

E. nocross-regionsupport

Question18:

WhataretwoadvantagesofElasticIP(EIP)overAWSpublicIPv4addresses?

A. EIPcanbereassigned

B. EIPisprivate

C. EIPisdynamic

D. EIPispersistent

E. EIPispublicandprivate

Question19:

WhatAWSservicesaregloballymanaged?(Selectfour)

A. IAM

B. S3

C. CloudFront

D. Route53

E. DynamoDB

F. WAF

G. ELB

Question20:

WhatmethodsareavailableforcreatingaVPC?(Selectthree)

A. AWSmanagementconsole

B. AWSmarketplace

C. VPCwizard

D. VPCconsole

E. DirectConnect

Question21:WhattwodefaultsettingsareconfiguredfortenantsbyAWSwhenDefaultVPCoptionisselected?

A. createsasize/20defaultsubnetineachAvailabilityZoneB. createsanInternetgatewayC. createsamainroutetablewithlocalroute10.0.0.0/16D. createavirtualprivategatewayE. createasecuritygroupthatexplicitlydeniesalltraffic

Question22:

WhatthreestatementscorrectlydescribesIPaddressallocationwithinaVPC?A. EC2instancemustbeterminatedtoreassignanIPaddressB. EC2instancethatispausedcanreassignIPaddressC. EC2instancethatisstoppedcanreassignIPaddressD. privateIPaddressesareallocatedfromapoolandcanbereassignedE. privateIPaddressescanbeassignedbytenantF. VPCsupportsdualstackmode(IPv4/IPv6)

Question23:

WhataretwoadvantagesofselectingdefaulttenancyoptionforyourVPCwhencreatingit?

A. performanceandreliability

B. someAWSservicesdonotworkwithadedicatedtenancyVPC

C. tenantcanlaunchinstanceswithinVPCasdefaultordedicatedinstances

D. instancelaunchisfaster

Question24:WhatisthepurposeofalocalroutewithinaVPCroutetable?

A. localrouteisderivedfromthedefaultVPCCIDRblock10.0.0.0/16B. communicatebetweeninstanceswithinthesamesubnetordifferent

subnetsC. usedtocommunicatebetweeninstanceswithinthesamesubnetD. defaultrouteforcommunicatingbetweenprivateandpublicsubnetsE. onlyinstalledinthemainroutetable

Question25:

WhatisthedefaultbehaviorwhenaddinganewsubnettoyourVPC?(Selecttwo)

A. newsubnetisassociatedwiththemainroutetableB. newsubnetisassociatedwiththecustomroutetableC. newsubnetisassociatedwithanyselectedroutetableD. newsubnetisassignedtothedefaultsubnetE. newsubnetisassignedfromtheVPCCIDRblock

Question26:YouhaveenabledAmazonRDSdatabaseservicesinVPC1foranapplicationthathaspublicwebserversinVPC2.HowdoyouconnectthewebserverstotheRDSdatabaseinstancesotheycancommunicateconsideringtheVPC'sareinthesameregion?

A. VPCendpointsB. VPNgatewayC. path-basedroutingD. VPCpeeringE. AWSNetworkLoadBalancer

Question27:

WhatAWSservicesnowsupportVPCendpointsfeatureforoptimizingsecurity?(Selectthree)

A. Kinesis

B. DNSRoute53

C. S3

D. DynamoDB

E. RDS

Question28:

WhatarethreecharacteristicsofanAmazonVirtualPrivateCloud?

A. publicandprivateIPaddressing

B. broadcasts

C. multipleprivateIPaddressespernetworkinterface

D. dedicatedsingletenanthardwareonly

E. persistentpublicIPaddresses

F. HSRP

Question29:WhatisthedifferencebetweenVPCmainroutetableandcustomroutetable?

A. VPConlycreatesamainroutetablewhenstartedB. customroutetableisthedefaultC. customroutetableiscreatedforpublicsubnetsD. customroutetableiscreatedforprivatesubnetsE. mainroutetableiscreatedforpublicandprivatesubnets

Question30:

WhatisthepurposeofthenativeVPCrouter?

A. routepacketsacrosstheinternet

B. routepacketsbetweenprivatecloudinstances

C. routepacketsbetweensubnets

D. routepacketsfrominstancestoS3storagevolumes

E. routepacketsacrossVPN

Question31:

HowareprivateDNSserversassignedtoanAmazonVPC?

A. notsupported

B. selectnondefaultVPC

C. selectdefaultVPC

D. selectEC-2classic

Question32:

WhataretwocharacteristicsofanAmazonsecuritygroup?

A. instancelevelpacketfiltering

B. denyrulesonly

C. permitrulesonly

D. subnetlevelpacketfiltering

E. inboundonly

Question33:

WhatstatementistrueofNetworkAccessControlLists(ACL)operationwithinanAmazonVPC?

A. instanceandsubnetlevelpacketfiltering

B. subnetlevelpacketfiltering

C. inboundonly

D. onlyoneACLallowedperVPC

E. outboundonly

Question34:

HowarepacketsforwardedbetweenpublicandprivatesubnetswithinVPC?

A. EIP

B. NAT

C. mainroutetable

D. VPN

Question35:

WhattwostatementsaccuratelydescribeAmazonVPCarchitecture?

A. ElasticLoadBalancer(ELB)cannotspanmultipleavailabilityzones

B. VPCdoesnotsupportDMVPNconnection

C. VPCsubnetcannotspanmultipleavailabilityzones

D. VPCcannotspanmultipleregions

E. FlowlogsarenotsupportedwithinaVPC

Question36:

WhatisarequirementforattachingEC2instancestoon-premisesclientsandapplications?

A. AmazonVirtualPrivateGateway(VPN)

B. AmazonInternetGateway

C. VPNConnection

D. ElasticLoadBalancer(ELB)

E. NAT

Question37:

WhattwostatementscorrectlydescribeAmazonvirtualprivategateway?

A. assigntoprivatesubnetsonly

B. assigntopublicsubnetsonly

C. singlevirtualprivategatewayperVPC

D. multiplevirtualprivategatewaysperVPC

E. singlevirtualprivategatewayperregion

Question38:

WhatisthemaximumaccessportspeedavailablewithAmazonDirectConnectservice?

A. 1Gbps

B. 10Gbps

C. 500Mbps

D. 100Gbps

E. 100Mbps

Question39:

Refertothedrawing.YourcompanyhasaskedyoutoconfigureapeeringlinkbetweentwoVPCsthatarecurrentlynotconnectedorexchanginganypackets.WhatdestinationandtargetisconfiguredintheroutingtableofVPC1toenablepacketforwardingtoVPC2?

A.destination=172.16.0.0/16target=pcx-vpc2vpc1

B.destination=10.0.0.0/16target=pcx-vpc2

C.destination=172.16.0.0/16target=10.0.0.0/16

D.destination=172.16.0.0/16target=pcx-vpc1vpc2

E.defaultrouteonly

Question40:

HowisroutingenabledbydefaultwithinaVPCforanEC2instance?

A. addadefaultroute

B. mainroutetable

C. customroutetable

D. mustbeconfiguredexplicitly

Question41:

WhatthreefeaturesarenotsupportedwithVPCpeering?

A. overlappingCIDRblocks

B. IPv6addressing

C. Gateways

D. transitiverouting

E. RedShift

F. ElastiCache

Question42:

WhatrouteisusedinaVPCroutingtableforpacketforwardingtoaGateway?

A. staticroute

B. 10.0.0.0/16

C. tenantconfigured

D. 0.0.0.0/0

E. 0.0.0.0/16

Question43:Youareaskedtodeployawebapplicationcomprisedofmultiplepublicwebserverswithonlyprivateaddressingassigned.WhatAmazonAWSsolutionsenablesmultipleserversonaprivatesubnetwithonlyasingleEIPrequiredandAvailabilityZoneredundancy?

A. NATinstanceB. InternetgatewayC. virtualprivategatewayD. NATgatewayE. ElasticNetworkInterface(ENI)

Question44:

WhatistheIPaddressingschemaassignedtoadefaultVPC?

A. 172.31.0.0/16CIDRblocksubnettedwith172.31.0.0/20

B. 172.16.0.0/16CIDRblocksubnettedwith172.16.0.0/24

C. 10.0.0.0/16CIDRblocksubnettedwith10.0.0.0/24

D. 172.16.0.0/24CIDRblocksubnettedwith172.31.0.0/18

Question45:

WhatdefaultconfigurationandcomponentsareaddedbyAWSwhenDefaultVPCtypeisselected?(Selectthree)

A. Internetgateway

B. virtualprivategateway

C. NATinstance

D. securitygroup

E. DNS

Question46:

Whatfeaturerequirestenantstodisablesource/destinationcheck?

A. ElasticIP(EIP)

B. datareplication

C. VPCpeering

D. NAT

E. Internetgateway

StorageServicesQuestion1:

WhatAWSstoragesolutionallowsthousandsofEC2instancestosimultaneouslyupload,access,deleteandsharefiles?

A. EBS

B. S3

C. Glacier

D. EFS

Question2:

WhatisrequiredforanEFSmounttarget?(Selecttwo)

A. EIP

B. DNSname

C. IPaddress

D. DHCP

E. IAMrole

Question3:

Whatconnectivityfeaturesarerecommendedforcopyingon-premisesfilestoEFS?(Selecttwo)

A. VPNIPsec

B. InternetGateway

C. DirectConnect

D. FileSync

E. FTP

F. AWSStorageGateway

Question4:

WhatAWSservicesencryptsdataatrestbydefault?(Selecttwo)

A. S3

B. AWSStorageGateway

C. EBS

D. Glacier

E. RDS

Question5:

WhatfaulttolerantfeaturesdoesS3storageprovide?(Selectthree)

A. cross-regionreplication

B. versioningmustbedisabled

C. cross-regionasynchronousreplicationofobjects

D. synchronousreplicationofobjectswithinaregion

E. multipledestinationbuckets

Question6:

Whatisthefastesttechniquefordeleting900objectsinanS3bucketwithasingleHTTPrequest?

A. Multi-PartDeleteAPI

B. Multi-ObjectDeleteAPI

C. 100objectsismaximumperrequest

D. Fast-DeleteAPI

Question7:

WhatsecuritycontrolstechniqueisrecommendedforS3cross-accountaccess?

A. IAMgroup

B. securitygroups

C. S3ACL

D. bucketpolicies

Question8:

Whataretwoadvantagesofcross-regionreplicationofanS3bucket?

A. cost

B. securitycompliance

C. scalability

D. Beanstalksupport

E. minimizelatency

Question9:

WhataretwoprimarydifferencebetweenAmazonS3StandardandS3/RRSstorageclasses?

A. AmazonStandarddoesnotreplicateatall

B. RRSprovideshigherdurability

C. RRSprovideshigheravailability

D. RRSdoesnotreplicateobjectsasmanytimes

E. applicationusageisdifferent

Question10:

WhattwofeaturesareenabledwithS3services?

A. storeobjectsofanysize

B. dynamicwebcontent

C. supportsProvisionedIOPS

D. storevirtuallyunlimitedamountsofdata

E. bucketnamesaregloballyunique

Question11:

WhatnewfeaturewasrecentlyaddedtoSQSthatdefineshowmessagesareordered?

A. streams

B. SNS

C. FIFO

D. TLS

E. decoupling

Question12:

WhattwoAWSstoragetypesarepersistent?

A. ephemeral

B. S3

C. EBS

D. instancestore

E. SAML

Question13:

Selectthreeon-premisesbackupsolutionsusedforcopyingdatatoanAmazonAWSS3bucket?

A. AWSImport/Export

B. RDS

C. Snowball

D. AvailabilityZone(AZ)replication

E. AWSStorageGateway

Question14:

Youhave1TBofdataandwanttoarchivethedatathatwon'tbeaccessedthatoften.WhatAmazonAWSstoragesolutionisrecommended?

A. Glacier

B. EBS

C. ephemeral

D. CloudFront

Question15:

WhatarethreemethodsofaccessingDynamoDBforcustomizationpurposes?

A. CLI

B. AWSconsole

C. APIcall

D. vCenter

E. Beanstalk

Question16:

WhataretwoprimarydifferencesbetweenGlacierandS3storageservices?

A. Glacierislowercost

B. S3islowercost

C. Glacierispreferredforfrequentdataaccesswithlowerlatency

D. S3ispreferredforfrequentdataaccesswithlowerlatency

E. S3supportslargerfilesize

Question17:

WhatstatementcorrectlydescribestheoperationofAWSGlacierarchive?

A. archiveisagroupofvaults

B. archiveisanunencryptedvault

C. archivesupportsaggregatedfilesonly

D. maximumfilesizeis1TB

E. archivesupportssingleandaggregatedfiles

Question18:WhatarethreeprimarydifferencesbetweenS3vsEBS?

A. S3isamulti-purposepublicinternet-basedstorageB. EBSisdirectlyassignedtoatenantVPCEC2instanceC. EBSandS3providepersistentstorageD. EBSsnapshotsaretypicallystoredonS3bucketsE. EBSandS3usebucketstomanagefilesF. EBSandS3arebasedonblocklevelstorage

Question19:

Whaton-premisessolutionisavailablefromAmazonAWStominimizelatencyforalldata?

A. Gateway-VTL

B. Gateway-cachedvolumes

C. Gateway-storedvolumes

D. EBS

E. S3bucket

F. ElastiCache

Question20:

WhatfeaturetransitionsS3storagetoStandard-IAforcostoptimization?

A. RRS/S3

B. Glaciervault

C. storageclassanalysis

D. path-basedrouting

Question21:

HowdoesAWSuniquelyidentifyS3objects?

A. bucketname

B. version

C. key

D. objecttag

Question22:

Whatistheadvantageofread-after-writeconsistencyforS3buckets?

A. nostalereadsforPUTofanynewobjectinallregions

B. higherthroughputforallrequests

C. stalereadsforPUTrequestsinsomeregions

D. nostalereadsforGETrequestsinasingleregions

Question23:

WhatisthemaximumsinglefileobjectsizesupportedwithAmazonS3?

A. 5GB

B. 5TB

C. 1TB

D. 100GB

Question24:

WhatsecurityproblemissolvedbyusingCross-OriginResourceSharing(CORS)?

A. enableHTTPrequestsfromwithinscriptstoadifferentdomain

B. enablesharingofweb-basedfilesbetweendifferentbuckets

C. providesecurityforthirdpartyobjectswithinAWS

D. permitssharingobjectsbetweenAWSservices

Question25:

Whatisrecommendedformigrating40TBofdatafromon-premisestoS3whentheinternetlinkisoftenoverutilized?

A. AWSStoragegateway

B. AWSSnowball

C. AWSImport/Export

D. AWSElasticFileSystem

E. AWSElasticsearch

F. AWSMulti-PartUploadAPI

Question26:

YourcompanyispublishinganonlinecatalogofbooksthatiscurrentlyusingDynamoDBforstoringtheinformationassociatedwitheachitem.Thereisarequirementtoaddimagesforeachbook.Whatsolutionismostcosteffectiveanddesignedforthatpurpose?

A. RedShiftB. EBSC. RDSD. S3E. Kinesis

Question27:

Youhaveanapplicationthatcollectsmonitoringdatafrom10,000sensors(IoT)deployedintheUSA.Thedatapointsarecomprisedofvideoeventsforhomesecurityandenvironmentstatusalerts.TheapplicationwillbedeployedtoAWSwithEC2instancesasdatacollectors.WhatAWSstorageserviceispreferredforstoringvideofilesfromsensors?

A. RedShiftB. RDSC. S3D. DynamoDB

SecurityArchitectureQuestion1:

WhatstatementscorrectlydescribesecuritygroupswithinaVPC?(Selectthree)

A. defaultsecuritygrouponlypermitinboundtraffic

B. securitygroupsarestatefulfirewalls

C. onlyallowrulesaresupported

D. allowanddenyrulesaresupported

E. securitygroupsareassociatedtonetworkinterfaces

Question2:

Whatthreeitemsarerequiredtoconfigureasecuritygrouprule?

A. protocoltype

B. VPCname

C. portnumber

D. sourceIP

E. destinationIP

F. description

Question3:

WhattwosourceIPaddresstypesarepermittedinasecuritygrouprule?

A. onlyCIDRblockswith/16subnetmask

B. sourceIPaddress0.0.0.0/0

C. singlesourceIPaddresswith/24subnetmask

D. securitygroupid

E. IPv6addresswith/64prefixlength

Question4:

WhatprotocolsmustbeenabledforremoteaccesstoLinux-basedandWindows-basedEC2instances?

A. SSH,ICMP,Telnet

B. SSH,HTTP,RDP

C. SSH,HTTP,SSL

D. SSH,RDP,ICMP

Question5:

DistinguishnetworkACLsfromsecuritygroupswithinaVPC?(Selectthree)

A. ACLfiltersatthesubnetlevel

B. ACLisbasedondenyrulesonly

C. ACLisappliedtoinstancesandsubnets

D. ACLisstateless

E. ACLsupportsanumberedlistforfiltering

Question6:WhathappenstothesecuritypermissionsofatenantwhenanIAMroleisgranted?(Selecttwo)

A. tenantinheritsonlypermissionsassignedtotheIAMroletemporarilyB. addsecuritypermissionsoftheIAMroletoexistingpermissionsC. previoussecuritypermissionsarenolongerineffectD. previoussecuritypermissionsaredeletedunlessreconfiguredE. tenantinheritsonlyreadpermissionsassignedtotheIAMrole

Question7:

WhereareIAMpermissionsgrantedtoinvokeandexecuteaLambdafunctionforS3access?(Selecttwo)

A. S3bucket

B. EC2instance

C. Lambdafunction

D. IAMrole

E. eventmapping

Question8:

YouhavesomedevelopersworkingoncodeforanapplicationandtheyrequiretemporaryaccesstoAWSclouduptoanhour.Whatistheeasiestweb-basedsolutionfromAWStoprovidesaccessandminimizesecurityexposure?

A. ACL

B. securitygroup

C. IAMgroup

D. STS

E. EFS

Question9:

WhattwomethodsareusedtorequesttemporarycredentialsbasedonAWSSecurityTokenService(STS)?

A. WebIdentityFederation

B. LDAP

C. IAMidentity

D. dynamicACL

E. privatekeyrotation

Question10:

WhattwocomponentsarerequiredforenablingSAMLauthenticationrequeststoAWSIdentityandAccessManagement(IAM)?

A. accesskeys

B. sessiontoken

C. SSO

D. identityprovider(IdP)

E. SAMLproviderentity

Question11:

WhataretworeasonsfordeployingOriginAccessIdentity(OAI)whenenablingCloudFront?

A. preventusersfromdeletingobjectsinS3bucketsB. mitigatedistributeddenialofserviceattacks(DDoS)C. preventusersfromaccessingobjectswithAmazonS3URLD. preventusersfromaccessingobjectswithCloudFrontURLE. replaceIAMforinternet-basedcustomerauthentication

Question12:

WhatsolutionsarerecommendedtomitigateDDoSattacks?(Selectthree)

A. host-basedfirewall

B. elasticloadbalancer

C. WAF

D. SSL/TLS

E. Bastionhost

F. NATgateway

Question13:

WhatfeaturesarerequiredtopreventusersfrombypassingAWSCloudFrontsecurity?(Selectthree)

A. Bastionhost

B. signedURL

C. IPwhitelist

D. signedcookies

E. originaccessidentity(OAI)

Question14:

Whatistheadvantageofresource-basedpoliciesforcross-accountaccess?

A. trustedaccountpermissionsarenotreplaced

B. trustedaccountpermissionsarereplaced

C. resource-basedpoliciesareeasiertodeploy

D. trustingaccountmanagesallpermissions

Question15:

SelectthreerequirementsforconfiguringaBastionhost?

A. EIP

B. SSHinboundpermission

C. defaultroute

D. CloudWatchlogsgroup

E. VPN

F. Auto-Scaling

Question16:

WhatrulemustbeaddedtothesecuritygroupassignedtoamounttargetinstancethatenablesEFSaccessfromanEC2instance?

A. Type=EC2,protocol=IP,port=2049,source=remotesecuritygroupid

B. Type=EC2,protocol=EFS,port=2049,source=0.0.0.0/0C. Type=NFS,protocol=TCP,port=2049,source=remotesecurity

groupidD. Type=NFSv4,protocol=UDP,port=2049,source=remotesecurity

groupid

Question17:

WhatstatementcorrectlydescribesIAMarchitecture?A. IAMsecurityisunifiedperregionandreplicatedbasedonrequirements

foranAWStenantaccountB. IAMsecurityisdefinedperregionforrolesonlyonanAWStenant

accountC. IAMsecurityisgloballyunifiedacrosstheAWScloudforanAWS

tenantaccountD. IAMsecurityisdefinedseparatelyperregionandcross-regionsecurity

enabledforanAWStenantaccount

Question18:

Whataretwoadvantagesofcustomer-managedencryptionkeys(CMK)?

A. createandrotateencryptionkeys

B. AES-128cipherfordataatrest

C. auditencryptionkeys

D. encryptsdatain-transitforserver-sideencryptiononly

Question19:

WhatfeatureisnotavailablewithAWSTrustedAdvisor?

A. costoptimization

B. infrastructurebestpractices

C. vulnerabilityassessment

D. monitorapplicationmetrics

Question20:

WhatisrequiredtoPingfromasourceinstancetoadestinationinstance?A.NetworkACL:notrequiredSecurityGroup:allowICMPoutboundonsource/destinationEC2instancesB.NetworkACL:allowICMPinbound/outboundonsource/destinationsubnetsSecurityGroup:notrequiredC.NetworkACL:allowICMPinbound/outboundonsource/destinationsubnetsSecurityGroup:allowICMPoutboundonsourceEC2instanceSecurityGroup:allowICMPinboundondestinationEC2instanceD.NetworkACL:allowTCPinbound/outboundonsource/destinationsubnetsSecurityGroup:allowTCPandICMPinboundonsourceEC2instance

Question21:

Whattwostepsarerequiredtograntcross-accountpermissionsbetweenAWSaccounts?

A. createanIAMuser

B. attachatrustpolicytoS3

C. createatransitivepolicy

D. attachatrustpolicytotherole

E. createanIAMrole

Question22:YouhaveconfiguredasecuritygrouptoallowICMP,SSHandRDPinboundandassignedthesecuritygrouptoallinstancesinasubnet.ThereisnoaccesstoanyLinux-basedorWindows-basedinstancesandyoucannotPinganyinstances.ThenetworkACLforthesubnetisconfiguredtoallowallinboundtraffictothesubnet.Whatisthemostprobablecause?

A. on-premisesfirewallrulesB. securitygroupandnetworkACLoutboundrulesC. networkACLoutboundrulesD. securitygroupoutboundrulesE. Bastionhostrequired

Question23:

WhatthreetechniquesprovideauthenticationsecurityonS3volumes?

A. bucketpolicies

B. networkACL

C. IdentityandAccessManagement(IAM)

D. encryption

E. AES256

Question24:WhatstatementcorrectlydescribessupportforAWSencryptionofS3objects?

A. tenantsmanageencryptionforserver-sideencryptionofS3objectsB. Amazonmanagesencryptionforserver-sideencryptionofS3objectsC. client-sideencryptionofS3objectsisnotsupportedD. S3bucketsareencryptedonlyE. SSLisonlysupportedwithGlacierstorage

Question25:

WhatauthenticationmethodprovidesFederatedSingleSign-On(SSO)forcloudapplications?

A. ADS

B. ISE

C. RADIUS

D. TACACS

E. SAML

Question26:

BasedontheAmazonsecuritymodel,whatinfrastructureconfigurationandassociatedsecurityistheresponsibilityoftenantsandnotAmazonAWS?(Selecttwo)

A. dedicatedcloudserver

B. hypervisor

C. operatingsystemlevel

D. applicationlevel

E. upstreamphysicalswitch

Question27:

WhatsecurityauthenticationisrequiredbeforeconfiguringormodifyingEC2instances?(Selectthree)

A. authenticationattheoperatingsystemlevel

B. EC2instanceauthenticationwithasymmetrickeys

C. authenticationattheapplicationlevel

D. Telnetusernameandpassword

E. SSH/RDPsessionconnection

Question28:

WhatfeatureispartofAmazonTrustedAdvisor?

A. securitycompliance

B. troubleshootingtool

C. EC2configurationtool

D. securitycertificates

Question29:

WhataretwobestpracticesforaccountmanagementwithinAmazonAWS?A. donotuserootaccountforcommonadministrativetasksB. createasingleAWSaccountwithmultipleIAMusersthathaveroot

privilegeC. createmultipleAWSaccountswithmultipleIAMusersperAWS

accountD. userootaccountforalladministrativetasksE. createmultiplerootuseraccountsforredundancy

Question30:

WhatAWSfeatureisrecommendedforoptimizingdatasecurity?

A. Multi-factorauthentication

B. usernameandencryptedpassword

C. Two-factorauthentication

D. SAML

E. FederatedLDAP

Question31:

WhatIAMclassenablesanEC2instancetoaccessafileobjectinanS3bucket?

A. user

B. root

C. role

D. group

Question32:

Whatarethreerecommendedsolutionsthatprovideprotectionandmitigationfromdistributeddenialofservice(DDoS)attacks?

A. securitygroups

B. CloudWatch

C. encryption

D. WAF

E. datareplication

F. Auto-Scaling

Question33:

WhatarethreerecommendedbestpracticeswhenconfiguringIdentityandAccessManagement(IAM)securityservices?

A. LockordeleteyourrootaccesskeyswhennotrequiredB. IAMgroupsarenotrecommendedforstoragesecurityC. createanIAMuserwithadministratorprivilegesD. shareyourpasswordand/oraccesskeyswithmembersofyourgroup

onlyE. deleteanyAWSaccountwheretheaccesskeysareunknown

Question34:

WhattwofeaturescreatesecurityzonesbetweenEC2instanceswithinaVPC?

A. securitygroups

B. VirtualSecurityGateway

C. networkACL

D. WAF

Question35:

WhatAWSserviceprovidesvulnerabilityassessmentservicestotenantswithinthecloud?

A. AmazonWAFB. AmazonInspectorC. AmazonCloudLogicD. AmazonTrustedAdvisor

Question36:

WhataretwoprimarydifferencesbetweenADConnectorandSimpleADforclouddirectoryservices?

A. SimpleADrequiresanon-premisesADSdirectoryB. SimpleADisfullymanagedandsetupinminutesC. ADConnectorrequiresanon-premisesADSdirectoryD. SimpleADismorescalablethanADConnectorE. SimpleADprovidesenhancedintegrationwithIAM

DatabaseServicesQuestion1:

Howisloadbalancingenabledformultipletaskstothesamecontainerinstance?

A. path-basedrouting

B. reverseproxy

C. NAT

D. dynamicportmapping

E. dynamiclisteners

Question2:

WhatencryptionsupportisavailablefortenantsthataredeployingAWSDynamoDB?

A. server-sideencryption

B. client-sideencryption

C. client-sideandserver-sideencryption

D. encryptionnotsupported

E. blocklevelencryption

Question3:

WhatarethreeprimaryreasonsfordeployingElastiCache?

A. datasecurity

B. managedservice

C. replicationwithRedis

D. durability

E. lowlatency

Question4:

Whatservicedoesnotsupportsessiondatapersistencestoretoenableweb-basedstatefulapplications?

A. RDS

B. Memcached

C. DynamoDB

D. Redis

E. RedShift

Question5:

HowdoesMemcachedimplementhorizontalscaling?

A. Auto-Scaling

B. databasestore

C. partitioning

D. EC2instances

E. S3bucket

Question6:

WhattwooptionsareavailablefortenantstoaccessElastiCache?

A. VPCpeeringlink

B. EC2instances

C. EFSmount

D. cross-regionVPC

Question7:

Whattwostatementscorrectlydescribein-transitencryptionsupportonElastiCacheplatform?

A. notsupportedforElastiCacheplatform

B. supportedonRedisreplicationgroup

C. encryptscacheddataatrest

D. notsupportedonMemcachedcluster

E. IPsecmustbeenabledfirst

Question8:

WhatAmazonAWSplatformisdesignedforcomplexanalyticsofavarietyoflargedatasetsbasedoncustomcode.Theapplicationsincludemachinelearninganddatatransformation?

A. EC2

B. Beanstalk

C. Redshift

D. EMR

Question9:

WhataretwoprimaryadvantagesofDynamoDB?

A. SQLsupport

B. managedservice

C. performance

D. CloudFrontintegration

Question10:

WhattwofaulttolerantfeaturesdoesAmazonRDSsupport?

A. copysnapshottoadifferentregion

B. createreadreplicatoadifferentregion

C. copyunencryptedread-replicaonly

D. copyread/writereplicaandsnapshot

Question11:

WhatmanagedservicesareincludedwithAmazonRDS?(selectfour)

A. assignnetworkcapacitytodatabaseinstances

B. installdatabasesoftware

C. performregularbackups

D. datareplicationacrossmultipleavailabilityzones

E. datareplicationacrosssingleavailabilityzoneonly

F. configuredatabase

G. performancetuning

Question12:

Whattwoconfigurationfeaturesarerequiredtocreateaprivatedatabaseinstance?

A. securitygroup

B. networkACL

C. CloudWatch

D. ElasticIP(EIP)

E. NondefaultVPC

F. DNS

Question13:

Whatstoragetypeisrecommendedforanonlinetransactionprocessing(OLTP)applicationdeployedtoMulti-AZRDSwithsignificantworkloads?

A. GeneralPurposeSSD

B. Magnetic

C. EBSvolumes

D. ProvisionedIOPS

Question14:

WhatfeaturesaresupportedwithAmazonRDS?(Selectthree)

A. horizontalscalingwithmultiplereadreplicas

B. elasticloadbalancingRDSreadreplicas

C. replicatereadreplicascross-region

D. automaticfailovertomasterdatabaseinstance

E. applicationloadbalancer(ALB)

Question15:

WhatarethreeadvantagesofstandbyreplicainaMulti-AZRDSdeployment?

A. faulttolerance

B. eliminateI/Ofreezes

C. horizontalscaling

D. verticalscaling

E. dataredundancy

Question16:

WhatconsistencymodelisthedefaultusedbyDynamoDB?

A. stronglyconsistent

B. eventuallyconsistent

C. nodefaultmodel

D. casualconsistency

E. sequentialconsistency

Question17:

WhatdoesRDSusefordatabaseandlogstorage?

A. EBS

B. S3

C. instancestore

D. localstore

E. SSD

Question18:

WhatstatementscorrectlydescribesupportforMicrosoftSQLServerwithinAmazonVPC?(Selectthree)

A. read/writereplica

B. readreplicaonly

C. verticalscaling

D. nativeloadbalancing

E. EBSstorageonly

F. S3storageonly

Question19:

SelecttwofeaturesavailablewithAmazonRDSforMySQL?

A. Auto-Scaling

B. readrequeststostandbyreplicas

C. real-timedatabasereplication

D. activereadrequestsonly

Question20:

WhataretwocharacteristicsofAmazonRDS?

A. databasemanagedservice

B. NoSQLqueries

C. nativeloadbalancer

D. databasewritereplicas

E. automaticfailoverofreadreplica

Question21:

WhatcachingenginesaresupportedwithAmazonElastiCache?(Selecttwo)

A. HAProxy

B. Route53

C. RedShift

D. Redis

E. Memcached

F. CloudFront

Question22:

WhatarethreeprimarycharacteristicsofDynamoDB?

A. lessscalablethanRDS

B. staticcontent

C. storemetadataforS3objects

D. replicationtothreeAvailabilityZones

E. highread/writethroughput

Question23:

WhatarethreeexamplesofusingLambdafunctionstomovedatabetweenAWSservices?

A. readdatadirectlyfromDynamoDBstreamstoRDSB. readdatafromKinesisstreamandwritedatatoDynamoDBC. readdatafromDynamoDBstreamtoFirehoseandwritetoS3D. readdatafromS3andwritemetadatatoDynamoDBE. readdatafromKinesisFirehosetoKinesisdatastream

Question24:YouhaveenabledAmazonRDSdatabaseservicesinVPC1foranapplicationwithpublicwebserversinVPC2.HowdoyouconnectthewebserverstotheRDSdatabaseinstancesotheycancommunicateconsideringtheVPC'sareindifferentregions?

A. VPCendpointsB. VPNgatewayC. path-basedroutingD. publiclyaccessibledatabaseE. VPCpeering

Question25:

YouhavearequirementtocreateanindextosearchcustomerobjectsstoredinS3buckets.ThesolutionshouldenableyoutocreateametadatasearchindexforeachobjectstoredtoanS3bucket.Selectthemostscalableandcosteffectivesolution?

A. RDS,ElastiCacheB. DynamoDB,LambdaC. RDS,EMR,ALBD. RedShift

Question26:WhatarethreeadvantagesofusingDynamoDBoverS3forstoringIoTsensordatawherethereare100,000datapointsamplessentperminute?

A. S3mustcreateasinglefileforeacheventB. IoTcanwritedatadirectlytoDynamoDBC. DynamoDBprovidesfastread/writestoastructuredtableforqueriesD. DynamoDBisdesignedforfrequentaccessandfastlookupofsmall

recordsE. S3isdesignedforfrequentaccessandfastlookupofsmallerrecordsF. IoTcanwritedatadirectlytoS3

Question27:

Yourcompanyisaproviderofonlinegamingthatcustomersaccesswithvariousnetworkaccessdevicesincludingmobilephones.Whatisadatawarehousingsolutionsforlargeamountsofinformationonplayerbehavior,statisticsandeventsforanalysisusingSQLtools?

A. RedShiftB. DynamoDBC. RDSD. DynamoDBE. Elasticsearch

Question28:WhattwostatementsarecorrectwhencomparingElasticsearchandRedShiftasanalyticaltools?

A. ElasticsearchisatextsearchengineanddocumentindexingtoolB. RedShiftsupportscomplexSQL-basedquerieswithPetabytesizeddata

storeC. ElasticsearchsupportsSQLqueriesD. RedShiftprovidesonlybasicanalyticalservicesE. ElasticsearchdoesnotsupportJSONdatatype

Question29:

Whathappenswhenreadorwriterequestsexceedcapacityunits(throughputcapacity)foraDynamoDBtableorindex?(Selecttwo)

A. DynamoDBautomaticallyincreasesread/writeunitsB. DynamoDBcanthrottlerequestssothatrequestsarenotexceededC. HTTP400codeisreturned(BadRequest)D. HTTP500codeisreturned(ServerError)E. DynamoDBautomaticallyincreasesread/writeunitsifprovisioned

throughputisenabled

Question30:

WhatreadconsistencymethodprovideslowerlatencyforGetItemrequests?

A. stronglypersistentB. eventuallyconsistentC. stronglyconsistentD. writeconsistent

Question31:

YoumustspecifystronglyconsistentreadandwritecapacityforyourDynamoDBdatabase.Youhavedeterminedreadcapacityof128Kbpsandwritecapacityof25Kbpsisrequiredforyourapplication.WhatisthereadandwritecapacityunitsrequiredforDynamoDBtable?

A. 32readunits,25writeunitsB. 1readunit,1writeunitC. 16readunits,2.5writeunitsD. 64readunits,10writeunits

Question32:

WhatDynamoDBcapacitymanagementtechniqueisbasedonthetenantspecifyinganupperandlowerrangeforread/writecapacityunits?

A. demandB. provisionedthroughputC. reservedcapacityD. autoscalingE. generalpurpose

Question33:

WhatisthemaximumvolumesizeofaMySQLRDSdatabase?

A. 6TBB. 3TBC. 16TBD. unlimited

Question34:

WhatisthemaximumsizeofaDynamoDBrecord(item)?

A. 400KBB. 64KBC. 1KBD. 10KB

FaultTolerantSystemsQuestion1:

WhattwofeaturesdescribeanApplicationLoadBalancer(ALB)?

A. dynamicportmapping

B. SSLlistener

C. layer7loadbalancer

D. backendserverauthentication

E. multi-regionforwarding

Question2:

Whatenablesloadbalancingbetweenmultipleapplicationsperloadbalancer?

A. listeners

B. stickysessions

C. path-basedrouting

D. backendserverauthentication

Question3:

WhatthreefeaturesarecharacteristicofClassicLoadBalancer?

A. dynamicportmapping

B. path-basedrouting

C. SSLlistener

D. backendserverauthentication

E. ECS

F. Layer4basedloadbalancer

Question4:

WhatsecurityfeatureisonlyavailablewithClassicLoadBalancer?

A. IAMrole

B. SAML

C. back-endserverauthentication

D. securitygroups

E. LDAP

Question5:

WhatisaprimarydifferencebetweenClassicandNetworkLoadBalancer?

A. IPaddresstarget

B. Auto-Scaling

C. protocoltarget

D. cross-zoneloadbalancing

E. listener

Question6:

WhatarethefirsttwoconditionsusedbyAmazonAWSdefaultterminationpolicyforMulti-AZarchitecture?

A. unprotectedinstancewitholdestlaunchconfigurationB. AvailabilityZone(AZ)withthemostinstancesC. atleastoneinstancethatisnotprotectedfromscaleinD. unprotectedinstanceclosesttothenextbillinghourE. randomselectionofanyunprotectedinstance

Question7:

WhatfeatureisusedforhorizontalscalingofconsumerstoprocessdatarecordsfromaKinesisdatastream?

A. verticalscalingshards

B. Auto-Scaling

C. Lambda

D. ElasticLoadBalancer

Question8:

WhatDNSrecordscanbeusedforpointingazoneapextoanElasticLoadBalancerorCloudFrontdistribution?(Selecttwo)

A. Alias

B. CNAME

C. MX

D. A

E. NameServer

Question9:

WhatservicesareprimarilyprovidedbyDNSRoute53?(Selectthree)A. loadbalancingwebserverswithinaprivatesubnetB. resolvehostnamesandIPaddressesC. loadbalancingwebserverswithinapublicsubnetD. loadbalancingdatareplicationrequestsbetweenECScontainersE. resolvequeriesandrouteinternettraffictoAWSresourcesF. automatedhealthcheckstoEC2instances

Question10:

WhataretwofeaturesthatcorrectlydescribeAvailabilityZone(AZ)architecture?

A. multipleregionsperAZ

B. interconnectedwithprivateWANlinks

C. multipleAZperregion

D. interconnectedwithpublicWANlinks

E. dataauto-replicatedbetweenzonesindifferentregions

F. DirectConnectsupportsLayer2connectivitytoregion

Question11:

HowisRoute53configuredforWarmStandbyfaulttolerance?(Selecttwo)

A. automatedhealthchecks

B. path-basedrouting

C. failoverrecords

D. Aliasrecords

Question12:

HowisDNSRoute53configuredforMulti-Sitefaulttolerance?(Selecttwo)

A. IPaddress

B. weightedrecords(non-zero)

C. healthchecks

D. Aliasrecords

E. zeroweightedrecords

Question13:

WhatisanAvailabilityZone?

A. datacenter

B. multipleVPCs

C. multipleregions

D. singleregion

E. multipleEC2serverinstances

Question14:

HowareDNSrecordsmanagedwithAmazonAWStoenablehighavailability?

A. Auto-Scaling

B. serverhealthchecks

C. reverseproxy

D. elasticloadbalancing

Question15:

WhatisthedifferencebetweenWarmStandbyandMulti-Sitefaulttolerance?(Selecttwo)

A. Multi-SiteenableslowerRTOandmostrecentRPOB. WarmStandbyenableslowerRTOandmostrecentRPOC. Multi-Siteprovidesactive/activeloadbalancingD. Multi-Siteprovidesactive/standbyloadbalancingE. DNSRoute53isnotrequiredforWarmStandby

Question16:

WhatAWSbestpracticeisrecommendedforcreatingfaulttolerantsystems?

A. verticalscaling

B. ElasticIP(EIP)

C. securitygroups

D. horizontalscaling

E. RedShift

Question17:

WhattwostatementscorrectlydescribeversioningforprotectingdataatrestonS3buckets?

A. enabledbydefault

B. overwritesmostcurrentfileversion

C. restoresdeletedfiles

D. savesmultipleversionsofasinglefile

E. disabledbydefault

Question18:

WhattwomethodsarerecommendedbyAWSforprotectingEBSdataatrest?

A. replication

B. snapshots

C. encryption

D. VPN

Question19:

YouhaveanElasticLoadBalancerassignedtoaVPCwithpublicandprivatesubnets.ELBisconfiguredtoloadbalancetraffictoagroupofEC2instancesassignedtoanAuto-Scalinggroup.Whatthreestatementsarecorrect?

A. ElasticLoadBalancerisassignedtoapublicsubnetB. networkACLisassignedtoElasticLoadBalancerC. securitygroupisassignedtoElasticLoadBalancerD. cross-zoneloadbalancingisnotsupportedE. ElasticLoadBalancerforwardstraffictoprimaryprivateIPaddress

(eth0interface)oneachinstance

DeploymentandOrchestrationQuestion1:

WhatAmazonAWSserviceisavailableforcontainermanagement?

A. ECS

B. Docker

C. Kinesis

D. Lambda

Question2:

WhatisassociatedwithMicroservices?(Selecttwo)

A. ApplicationLoadBalancer

B. Kinesis

C. RDS

D. DynamoDB

E. ECS

Question3:

WheredoesAmazonretrievewebcontentwhenitisnotinthenearestCloudFrontedgelocation?

A. secondarylocation

B. fileserver

C. EBS

D. S3bucket

Question4:

WhattwofeaturesofanAPIGatewayminimizetheeffectsofpeaktrafficeventsandminimizelatency?

A. loadbalancing

B. firewalling

C. throttling

D. scaling

E. caching

Question5:

WhatthreecharacteristicsdifferentiateLambdafromtraditionalEC2deploymentorcontainerization?

A. LambdaisbasedonKinesisscripts

B. Lambdaisserverless

C. tenanthasownershipofEC2instances

D. tenanthasnocontrolofEC2instances

E. Lambdaisacode-basedservice

F. LambdasupportsonlyS3andGlacier

Question6:

HowiscodeuploadedtoLambda?

A. Lambdainstance

B. Lambdacontainer

C. Lambdaentrypoint

D. Lambdafunction

E. LambdaAMI

Question7:

HowareLambdafunctionstriggered?

A. EC2instance

B. hypervisor

C. Kinesis

D. operatingsystem

E. eventsource

Question8:WhatthreestatementscorrectlydescribestandardLambdaoperation?

A. Lambdafunctionisallocated500MBephemeraldiskspaceB. Lambdafunctionisallocated100MBEBSstorageC. LambdastorescodeinS3D. LambdastorescodeinaGlaciervaultE. LambdastorescodeincontainersF. maximumexecutiontimeis300seconds

Question9:

WhatnetworkeventsarerestrictedbyLambda?(Selecttwo)

A. onlyinboundTCPnetworkconnectionsareblockedbyAWSLambda

B. allinboundnetworkconnectionsareblockedbyAWSLambda

C. allinboundandoutboundconnectionsareblocked

D. outboundconnectionssupportonlyTCP/IPsockets

E. outboundconnectionssupportonlySSLsockets

Question10:

HowisversioningsupportedwithLambda?(Selecttwo)

A. Lambdanativesupport

B. ECScontainer

C. notsupported

D. Aliases

E. replication

F. S3versioning

Question11:

WhatisthedifferencebetweenStream-basedandAWSServiceswhenenablingLambda?

A. streamsmaintainseventsourcemappinginLambdaB. streamsmaintainseventsourcemappingineventsourceC. streamsmaintainseventsourcemappinginEC2instanceD. streamsmaintainseventsourcemappinginnotificationE. streamsmaintainseventsourcemappinginAPI

Question12:

Selecttwocustomoriginserversfromthefollowing?

A. S3bucket

B. S3object

C. EC2instance

D. ElasticLoadBalancer

E. APIgateway

Question13:

WhattwoattributesareonlyassociatedwithCloudFrontprivatecontent?

A. AmazonS3URL

B. signedcookies

C. webdistribution

D. signedURL

E. object

Question14:

HowareoriginserverslocatedwithinCloudFront(Selecttwo)

A. DNSrequest

B. distributionlist

C. webdistribution

D. RTMPprotocol

E. sourcemapping

Question15:

WhereareHTMLfilessourcedfromwhentheyarenotcachedataCloudFrontedgelocation?

A. S3object

B. originHTTPserver

C. S3bucket

D. nearestedgelocation

E. RTMPserver

F. failoveredgelocation

Question16:

WhatisthecapacityofasingleKinesisshard?(Selecttwo)

A. 2000PUTrecordspersecond

B. 1MB/secdatainputand2MB/secdataoutput

C. 10MB/secdatainputand10MB/secdataoutput

D. 1000PUTrecordspersecond

E. unlimited

Question17:

WhatAmazonAWSservicesupportsreal-timeprocessingofdatastreamfrommultipleconsumersandreplayofrecords?

A. DynamoDB

B. EMR

C. Kinesisdatastreams

D. SQS

E. RedShift

Question18:Yourcompanyhasaskedyoutocaptureandforwardareal-timedatastreamonamassivescaledirectlytoRedShiftforanalysiswithBItools.WhatAWStoolismostappropriatethatprovidesthefeaturesetandcosteffective?

A. DynamoDBB. SQSC. ElasticMapReduceD. KinesisFirehoseE. SNSF. CloudFront

Question19:

WhatfeaturepermitstenantstouseaprivatedomainnameinsteadofthedomainnamethatCloudFrontassignstoadistribution?

A. Route53

B. CNAMErecord

C. MXrecord

D. RTMP

E. SignedURL

Question20:

WhatAmazonAWSserviceisavailabletoguaranteetheconsumingofauniquemessageonlyonce?

A. Beanstalk

B. SQL

C. Exchange

D. SQS

Question21:

Whatisthefastestandeasiestmethodformigratinganon-premisesVMwarevirtualmachinetotheAWScloud?

A. AmazonMarketplace

B. AWSServerMigrationService

C. AWSStorageGateway

D. EC2Import/Export

Question22:

Selectthestatelessprotocolfromthefollowing?

A. FTP

B. TCP

C. HTTP

D. SSH

Question23:

WhatarethreevalidendpointsforanAPIgateway?

A. RESTfulAPI

B. Lambdafunction

C. AWSservice

D. webserver

E. HTTPmethod

Question24:

Howisavolumeselected(identified)whenmakinganEBSSnapshot?

A. accountid

B. volumeid

C. tag

D. ARN

Question25:

WhatdeploymentserviceenablestenantstoreplicateanexistingAWSstack?

A. Beanstalk

B. CloudFormation

C. RedShift

D. EMR

Question26:

WhatthreeservicescaninvokeaLambdafunction?

A. SNStopic

B. CloudWatchevent

C. EC2instance

D. securitygroup

E. S3bucketnotification

Question27:

WhattwoservicesenableautomaticpollingofastreamfornewrecordsonlyandforwardthemtoanAWSstorageservice?

A. SNS

B. Kinesis

C. Lambda

D. DynamoDB

Question28:

YourcompanyisdeployingawebsitewithdynamiccontenttocustomersinUS,EUandAPACregionsoftheworld.Contentwillincludelivestreamingvideostocustomers.SSLcertificatesarerequiredforsecuritypurposes.SelecttheAWSservicedeliversallrequirementsandprovidesthelowestlatency?

A. DynamoDBB. CloudFrontC. S3D. Redis

Question29:

WhataretheadvantagesofBeanstalk?(Selecttwo)

A. orchestrationanddeploymentabstraction

B. template-orienteddeploymentservice

C. easiestsolutionfordeveloperstodeploycloudapplications

D. doesnotsupportcloudcontainers

Question30:

YouareanetworkanalystwithJSONscriptingexperienceandaskedtoselectanAWSsolutionthatenablesautomateddeploymentofcloudservices.ThetemplatedesignwouldincludeanondefaultVPCwithEC2instances,ELB,Auto-Scalingandactive/activefailover.WhatAWSsolutionisrecommended?

A. BeanstalkB. OpsWorksC. CloudTrailD. CloudFormation

Question31:

SelecttwostatementsthatcorrectlydescribeOpsWorks?

A. Opsworksprovidesoperationalandconfigurationautomation

B. OpsWorksisalowercostalternativetoBeanStalk

C. OpsWorksisprimarilyamonitoringservice

D. Chefscripts(recipes)areakeyaspectofOpsWorks

Question32:

YourcompanyhasdevelopedanIoTapplicationthatsendsTelemetrydatafrom100,000sensors.Thesensorssendadatapointof1KBatone-minuteintervalstoaDynamoDBcollectorformonitoringpurposes.WhatAWSstackwouldenableyoutostoredataforreal-timeprocessingandanalyticsusingBItools?

A. Sensors->KinesisStream->Firehose->DynamoDBB. Sensors->KinesisStream->Firehose->DynamoDB->S3C. Sensors->AWSIoT->Firehose->RedShiftD. Sensors->KinesisDataStreams->Firehose->RDS

Question33:

YourcompanyhasanapplicationthatwasdevelopedandmigratedtoAWScloud.TheapplicationleveragessomeAWSservicesaspartofthearchitecture.ThestackincludesEC2instances,RDSdatabase,S3buckets,RedShiftandLambdafunctions.InadditionthereisIAMsecuritypermissionsconfiguredwithdefinedusers,groupsandroles.TheapplicationismonitoredwithCloudWatchandSTSwasrecentlyaddedforpermittingWebIdentityFederationsign-onfromGoogleaccounts.YouwantasolutionthatcanleveragetheexperienceofyouremployeeswithAWScloudinfrastructureaswell.WhatAWSservicecancreateatemplateofthedesignandconfigurationforeasierdeploymentoftheapplicationtomultipleregions?

A. SnowballB. OpsworksC. CloudFormationD. Beanstalk

MonitoringServicesQuestion1:

WhatstatementcorrectlydescribesCloudWatchoperationwithinAWScloud?

A. logdataisstoredindefinitely

B. logdataisstoredfor15days

C. alarmhistoryisneverdeleted

D. ELBisnotsupported

Question2:

WhataretwoAWSsubscriberendpointservicesthataresupportedwithSNS?

A. RDS

B. Kinesis

C. SQS

D. Lambda

E. EBS

F. ECS

Question3:

WhatAWSservicesworkinconcerttointegratesecuritymonitoringandauditwithinaVPC?(Selectthree)

A. Syslog

B. CloudWatch

C. WAF

D. CloudTrail

E. VPCFlowLog

Question4:

HowisCloudWatchintegratedwithLambda?(Selecttwo)

A. tenantmustenableCloudWatchmonitoring

B. networkmetricssuchaslatencyarenotmonitored

C. LambdafunctionsareautomaticallymonitoredthroughLambdaservice

D. loggroupiscreatedforeacheventsource

E. loggroupiscreatedforeachfunction

Question5:

WhattwostatementscorrectlydescribeAWSmonitoringandauditoperations?A. CloudTrailcapturesAPIcalls,storestheminanS3bucketandgenerates

aCloudwatcheventB. CloudWatchalarmcansendamessagetoaLambdafunctionC. CloudWatchalarmcansendamessagetoanSNSTopicthattriggersan

eventforaLambdafunctionD. CloudTrailcapturesallAWSeventsandstorestheminalogfileE. VPClogsdonotsupporteventsforsecuritygroups

Question6:

WhatisrequiredforremotemanagementaccesstoyourLinux-basedinstance?

A. ACL

B. Telnet

C. SSH

D. RDP

Question7:

WhataretwofeaturesofCloudWatchoperation?A. CloudWatchdoesnotsupportcustommetricsB. CloudWatchpermissionsaregrantedperfeatureandnotAWSresourceC. collectandmonitoroperatingsystemandapplicationgeneratedlogfilesD. AWSservicesautomaticallycreatelogsforCloudWatchE. CloudTrailgenerateslogsautomaticallywhenAWSaccountisactivated

Question8:

YouareaskedtoselectanAWSsolutionthatwillcreatealogentryanytimeasnapshotofanRDSdatabaseinstanceanddeletestheoriginalinstance.SelecttheAWSservicethatwouldprovidethatfeature?

A. VPCFlowLogs

B. RDSAccessLogs

C. CloudWatch

D. CloudTrail

Question9:

WhatisrequiredtoenableapplicationandoperatingsystemgeneratedlogsandpublishtoCloudWatchLogs?

A. Syslog

B. enableaccesslogs

C. IAMcross-accountenabled

D. CloudWatchLogAgent

Question10:

WhatisthepurposeofVPCFlowLogs?

A. captureVPCerrormessages

B. captureIPtrafficonnetworkinterfaces

C. monitornetworkperformance

D. monitornetflowdatafromsubnets

E. enableSyslogservicesforVPC

Question11:

Selecttwocloudinfrastructureservicesand/orcomponentsincludedwithdefaultCloudWatchmonitoring?

A. SQSqueues

B. operatingsystemmetrics

C. hypervisormetrics

D. virtualappliances

E. applicationlevelmetrics

Question12:

WhatfeatureenablesCloudWatchtomanagecapacitydynamicallyforEC2instances?

A. replicationlag

B. Auto-Scaling

C. ElasticLoadBalancer

D. verticalscaling

Question13:

WhatAWSserviceisusedtomonitortenantremoteaccessandvarioussecurityerrorsincludingauthenticationretries?

A. SSH

B. Telnet

C. CloudFront

D. CloudWatch

Question14:

HowdoesAmazonAWSisolatemetricsfromdifferentapplicationsformonitoring,storeandreportingpurposes?

A. EC2instances

B. Beanstalk

C. CloudTrail

D. namespaces

E. Docker

Question15:

WhatAmazonAWSserviceprovidesaccounttransactionmonitoringandsecurityaudit?

A. CloudFront

B. CloudTrail

C. CloudWatch

D. securitygroup

Question16:

WhattwostatementscorrectlydescribeCloudWatchmonitoringofdatabaseinstances?

A. metricsaresentautomaticallyfromDynamoDBandRDStoCloudWatch

B. alarmsmustbeconfiguredforDynamoDBandRDSwithinCloudWatchC. metricsarenotenabledautomaticallyforDynamoDBandRDSD. RDSdoesnotsupportmonitoringofoperatingsystemmetrics

Question17:

WhatAWSservicecansendnotificationstocustomersmartphonesandmobileapplicationswithattachedvideoand/oralerts?

A. EMRB. LambdaC. SQSD. SNSE. CloudTrail

***AnswerKey***EC2ComputeQuestion1:

WhatthreeattributesareselectablewhencreatinganEBSvolumeforanEC2instance?

A. volumetypeB. IOPSC. regionD. CMKE. ELBF. EIP

Answer(A,B,D)

Question2:Youhavebeenaskedtomigratea10GBunencryptedEBSvolumetoanencryptedvolumeforsecuritypurposes.Whatarethreekeystepsrequiredaspartofthemigration?

A. pausetheunencryptedinstanceB. createanewencryptedvolumeofthesamesizeandavailabilityzoneC. createanewencryptedvolumeofthesamesizeinanyavailabilityzoneD. startconverterinstanceE. shutdownanddetachtheunencryptedinstance

Answer(B,D,E)

Question3:WhatisEC2instanceprotection?

A. preventsAutoScalingfromselectingspecificEC2instancetobereplacedwhenscalingin

B. preventsAutoScalingfromselectingspecificEC2instancetobereplacedwhenscalingout

C. preventsAutoScalingfromselectingspecificEC2instanceforterminationwhenscalingout

D. preventsAutoScalingfromselectingspecificEC2instanceforterminationwhenscalingin

E. preventsAutoScalingfromselectingspecificEC2instanceforterminationwhenpaused

F. preventsAutoScalingfromselectingspecificEC2instanceforterminationwhenstopped

Answer(D)

Question4:

WhattwofeaturesaresupportedwithEBSvolumeSnapshotfeature?

A. EBSreplicationacrossregions

B. EBSmulti-zonereplication

C. EBSsingleregiononly

D. fullsnapshotdataonly

E. unencryptedsnapshotonlyAnswer(A,B)

Question5:

WhattworesourcetagsaresupportedforanEC2instance?

A. VPCendpoint

B. EIP

C. networkinterface

D. securitygroup

E. FlowLogAnswer(A,E)

Question6:

WhattwooptionsareavailabletoalerttenantswhenanEC2instanceisterminated?

A. SNS

B. CloudTrail

C. Lambdafunction

D. SQS

E. STSAnswer(A,C)

Question7:

WhatclassofEC2instancetypeisrecommendedforrunningdataanalytics?

A. memoryoptimized

B. computeoptimized

C. storageoptimized

D. generalpurposeoptimized

Answer(B)

Question8:

WhatclassofEC2instancetypeisrecommendedfordatabaseservers?

A. memoryoptimized

B. computeoptimized

C. storageoptimized

D. generalpurposeoptimizedAnswer(A)

Question9:

Whattwoattributesdistinguisheachpricingmodel?

A. reliability

B. amazonservice

C. discount

D. performance

E. redundancyAnswer(A,C)

Question10:

WhatarethreestandardAWSpricingmodels?

A. elastic

B. spot

C. reserved

D. dynamic

E. demandAnswer(B,C,E)

Question11:HowisanEBSrootvolumecreatedwhenlaunchinganEC2instancefromanewEBS-backedAMI?

A. S3template

B. originalAMI

C. snapshot

D. instancestore

Answer(C)

Question12:

WhatAmazonAWSsourcesareavailableforcreatinganEBS-BackedLinuxAMI?(selecttwo)

A. EC2instance

B. AmazonSMS

C. VMImport/Export

D. EBSSnapshot

E. S3bucketAnswer(A,D)

Question13:

Whatisrequiredtopreventaninstancefrombeinglaunchedandincurringcosts?

A. stopinstance

B. terminateinstance

C. terminateAMIandde-registerinstance

D. stopandde-registerinstance

E. stop,deregisterAMIandterminateinstanceAnswer(E)

Question14:

WhatisanEBSSnapshot?

A. backupofanEBSrootvolumeandinstancedata

B. backupofanEC2instance

C. backupofconfigurationsettings

D. backupofinstancestoreAnswer(A)

Question15:

WhereareELBandAuto-Scalinggroupsdeployedasaunifiedsolutionforhorizontalscaling?

A. databaseinstances

B. allinstances

C. webserverinstances

D. defaultVPConlyAnswer(C)

Question16:WhatfeatureissupportedwhenattachingordetachinganEBSvolumefromanEC2instance?

A. EBSvolumecanbeattachedanddetachedtoanEC2instanceinthesameregion

B. EBSvolumecanbeattachedanddetachedtoanEC2instancethatiscross-region

C. EBSvolumecanonlybecopiedandattachedtoanEC2instancethatiscross-region

D. EBSvolumecanonlybeattachedanddetachedtoanEC2instanceinthesameAvailabilityZone

Answer(D)

Question17:

WhattwostatementscorrectlydescribehowtoaddormodifyIAMrolestoarunningEC2instance?

A. attachanIAMroletoanexistingEC2instancefromtheEC2consoleB. replaceanIAMroleattachedtoanexistingEC2instancefromtheEC2

consoleC. attachanIAMroletotheuseraccountandrelaunchtheEC2instanceD. addtheEC2instancetoagroupwheretheroleisamember

Answer(A,B)

Question18:WhatisthedefaultbehaviorforanEC2instancewhenterminated?(Selecttwo)

A. DeleteOnTerminationattributecannotbemodifiedB. EBSrootdevicevolumeandadditionalattachedvolumesaredeleted

immediatelyC. EBSdatavolumesthatyouattachatlaunchpersistD. EBSrootdevicevolumeisautomaticallydeletedwheninstance

terminatesAnswer(C,D)

Question19:

HowdoyoulaunchanEC2instanceafteritisterminated?(Selecttwo)

A. launchanewinstanceusingthesameAMI

B. rebootinstancefromCLI

C. launchanewinstancefromaSnapshot

D. rebootinstancefrommanagementconsole

E. contactAWSsupporttoresetAnswer(A,C)

Question20:

WhatservicecanautomateEBSsnapshots(backups)forrestoringEBSvolumes?

A. CloudWatchevent

B. SNStopic

C. CloudTrail

D. AmazonInspector

E. CloudWatchalarmAnswer(A)

Question21:

WhatwillcauseAWStoterminateanEC2instanceonlaunch?(Selecttwo)

A. securitygrouperror

B. numberofEC2instancesonAWSaccountexceeded

C. EBSvolumelimitsexceeded

D. multipleIPaddressesassignedtoinstance

E. unsupportedinstancetypeassigned

Answer(B,C)

Question22:YourecentlymadesomeconfigurationchangestoanEC2instance.YouthenlaunchedanewEC2instancefromthesameAMIhowevernoneofthesettingsweresaved.Whatisthecauseofthiserror?

A. didnotsaveconfigurationchangestoEC2instanceB. didnotsaveconfigurationchangestoAMIC. didnotcreatenewAMID. didnotrebootEC2instancetoenablechanges

Answer(C)

Question23:WhatstatementsarecorrectconcerningDisableApiTerminationattribute?(Selecttwo)

A. cannotenableterminationprotectionforSpotinstancesB. terminationprotectionisdisabledbydefaultforanEC2instanceC. terminationprotectionisenabledbydefaultforanEC2instanceD. canenableterminationprotectionforSpotinstancesE. DisableApiTerminationattributesupportedforEBS-backedinstances

onlyAnswer(A,B)

Question24:

WhatisrequiredtocopyanencryptedEBSsnapshotcross-account?(Selecttwo)A. copytheunencryptedEBSsnapshottoanS3bucketB. distributethecustomkeyfromCloudFrontC. sharethecustomkeyforthesnapshotwiththetargetaccountD. sharetheencryptedEBSsnapshotwiththetargetaccountE. sharetheencryptedEBSsnapshotspubliclyF. enablerootaccesssecurityonbothaccounts

Answer(C,D)

Question25:

WhatthreeservicesenableSingle-AZasadefault?

A. EC2

B. ELB

C. Auto-Scaling

D. DynamoDB

E. S3

Answer(A,B,C)

Question26:

WhatAWSserviceautomaticallypublishesaccesslogseveryfiveminutes?

A. VPCFlowLogs

B. ElasticLoadBalancer

C. CloudTrail

D. DNSRoute53Answer(B)

Question27:

Youhavedevelopedaweb-basedapplicationforfilesharingthatwillallowcustomerstoaccessfiles.Thereareavarietyofsizesthatincludelarger.pdfandvideofiles.Whattwosolutionstackscouldtenantsuseforanonlinefilesharingservice?(Selecttwo)

A. EC2,ELB,Auto-Scaling,S3B. Route53,Auto-Scaling,DynamoDBC. EC2,Auto-Scaling,RDSD. CloudFront

Answer(A,D)

Question28:

WhatinfrastructureservicesareprovidedtoEC2instances?(Selectthree)

A. VPN

B. storage

C. compute

D. transport

E. security

F. support

Answer(B,C,D)

Question29:

WhatstepsarerequiredfromAWSconsoletocopyanEBS-backedAMIforadatabaseinstancecross-region?

A. createSnapshotofdatavolume,selectCopy,selectdestinationregionB. selectCopyEBS-backedAMIoptionanddestinationregionC. selectcopydatabasevolumeanddestinationregionD. createSnapshotofEBS-backedAMI,selectCopySnapshotoption,

selectdestinationregionE. createSnapshotofInstance-storeAMI,selectCopyAMIoption,select

destinationregionAnswer(D)

Question30:

Howiscapacity(compute,storageandnetworkspeed)managedandassignedtoEC2instances?

A. AMI

B. instancetype

C. IOPS

D. Auto-ScalingAnswer(B)

Question31:

WhatstoragetypeenablepermanentattachmentofvolumestoEC2instances?

A. S3

B. RDS

C. TDS

D. EBS

E. instancestoreAnswer(D)

Question32:Whatistherecommendedmethodformigrating(copying)anEC2instancetoadifferentregion?

A. terminateinstance,selectregion,copyinstancetodestinationregionB. selectAMIassociatedwithEC2instanceanduseCopyAMIoptionC. stopinstanceandcopyAMItodestinationregionD. cross-regioncopyisnotcurrentlysupported

Answer(B)

Question33:

WhataretwoattributesthatdefineanEC2instancetype?

A. vCPU

B. licensetype

C. EBSvolumestorage

D. IPaddress

E. Auto-ScalingAnswer(A,C)

Question34:

HowisanAmazonElasticLoadBalancer(ELB)assigned?

A. perEC2instance

B. perAuto-Scalinggroup

C. persubnet

D. perVPCAnswer(A)

Question35:

WhatmethoddetectswhentoreplaceanEC2instancethatisassignedtoanAuto-Scalinggroup?

A. healthcheck

B. loadbalancingalgorithm

C. EC2healthcheck

D. notcurrentlysupported

E. dynamicpathdetection

F. Auto-ScalingAnswer(A)

Question36:

WhattwostatementscorrectlydescribeAuto-Scalinggroups?

A. horizontalscalingofcapacity

B. decreasenumberofinstancesonly

C. EC2instancesareassignedtoagroup

D. databaseinstancesonly

E. nosupportformultipleavailabilityzonesAnswer(A,C)

Question37:

WhatisthedefaultmaximumnumberofElasticIPaddressesassignableperAmazonAWSregion?

A. 1

B. 100

C. 5

D. unlimitedAnswer(C)

Question38:

HowaresnapshotsforanEBSvolumecreatedwhenitistherootdeviceforaninstance?

A. pauseinstance,unmountvolumeandsnapshot

B. terminateinstanceandsnapshot

C. unencryptvolumeandsnapshotdynamically

D. stopinstance,unmountvolumeandsnapshotAnswer(D)

Question39:

WhatcloudcomputecomponentsareconfiguredbytenantsandnotAmazonAWSsupportengineers?(Selectthree)

A. hypervisor

B. upstreamphysicalswitch

C. virtualappliances

D. guestoperatingsystem

E. applicationsanddatabases

F. RDS

Answer(C,D,E)

Question40:

WhatthreeattributesareusedtodefinealaunchconfigurationtemplateforanAuto-Scalinggroup?

A. instancetype

B. privateIPaddress

C. ElasticIP

D. securitygroup

E. AMIAnswer(A,D,E)

Question41:

WhatthreecharacteristicsorlimitationsdifferentiateEC2instancetypes?

A. VPConlyB. applicationtypeC. EBSvolumeonlyD. virtualizationtypeE. AWSserviceselected

Answer(A,C,D)

Question42:

SelecttwodifferencebetweenHVMandPVvirtualizationtypes?

A. HVMsupportsallcurrentgenerationinstancetypesB. HVMissimilartobaremetalhypervisorarchitectureC. PVprovidesbetterperformancethanHVMformostinstancetypesD. HVMdoesn’tsupportenhancednetworkingE. HVMdoesn’tsupportcurrentgenerationinstancetypes

Answer(A,B)

VirtualPrivateCloud(VPC)Question1:Whataretheminimumcomponentsrequiredtoenableaweb-basedapplicationwithpublicwebserversandaprivatedatabasetier?(selectthree)

A. InternetgatewayB. AssignEIPaddressingtodatabaseinstancesonprivatesubnetC. VirtualprivategatewayD. AssigndatabaseinstancestoprivatesubnetandprivateIPaddressingE. AssignEIPandprivateIPaddressingtowebserversonpublicsubnet

Answer(A,D,E)

Question2:

Refertothenetworkdrawing.Howarepacketsroutedfromprivatesubnettopublicsubnetforthefollowingweb-basedapplicationwithadatabasetier?

A. Internetgateway

B. customroutetable

C. 10.0.0.0/16

D. nat-instance-id

E. igw-id

F. addcustomroutetableAnswer(D)

Question3:

WhatVPCcomponentprovidesNetworkAddressTranslation?

A. NATinstance

B. NATgateway

C. virtualprivategateway

D. Internetgateway

E. ECSAnswer(D)

Question4:

WhataretheadvantagesofNATgatewayoverNATinstance?(Selecttwo)

A. NATgatewayrequiresasingleEC2instance

B. NATgatewayisscalable

C. NATgatewaytranslatesfaster

D. NATgatewaysisamanagedservice

E. NATgatewayisLinux-basedAnswer(B,D)

Question5:

WhatisthemanagementresponsibilityoftenantsandnotAmazonAWS?

A. EC2instances

B. RDS

C. Beanstalk

D. NATinstanceAnswer(A,D)

Question6:

Whattwofeaturesprovideanencrypted(VPN)connectionfromVPCtoanenterprisedatacenter?

A. Internetgateway

B. AmazonRDS

C. Virtualprivategateway

D. CSR1000Vrouter

E. NATgatewayAnswer(C,D)

Question7:

WhattwoattributesaresupportedwhenconfiguringanAmazonVirtualprivategateway(VPG)?

A. routepropagation

B. ElasticIP(EIP)

C. DHCP

D. publicIPv4address

E. publicsubnetsAnswer(A,C)

Question8:

WhattwofeaturesareavailablewithAWSDirectConnectservice?

A. internetaccess

B. extendon-premisesVLANstocloud

C. bidirectionalforwardingdetection(BFD)

D. loadbalancingbetweenDirectConnectandVPNconnection

E. publicandprivateAWSservicesAnswer(C,E)

Question9:

WhenisDirectConnectapreferredsolutionoverVPNIPsec?

A. fastandreliableconnection

B. redundancyisakeyrequirement

C. fastandeasytodeploy

D. layer3connectivity

E. layer2connectivityAnswer(A)

Question10:

YouhavebeenaskedtosetupaVPCendpointconnectionbetweenVPCandS3bucketsforstoringbackupsandsnapshots.WhatAWScomponentsarecurrentlyrequiredwhenconfiguringaVPCendpoint?

A. Internetgateway

B. NATinstance

C. ElasticIP

D. privateIPaddressAnswer(D)

Question11:

WhataretheprimaryadvantagesofVPCendpoints?(Selecttwo)

A. reliability

B. cost

C. throughput

D. securityAnswer(B,D)

Question12:

WhataretheDHCPoptionattributesusedtoassignprivateDNSserverstoyourVPC?

A. dnsresolutionanddomainname

B. hostnamesandinternetdomain

C. domainserversanddomainname

D. domain-name-serversanddomain-nameAnswer(D)

Question13:

WhatDNSattributesareconfiguredwhenDefaultVPCoptionisselected?

A. DNSresolution:yes/DNShostnames:yes

B. DNSresolution:yes/DNShostnames:no

C. DNSresolution:no/DNShostnames:yes

D. DNSresolution:no/DNShostnames:noAnswer(A)

Question14:

WhatconfigurationsettingsarerequiredfromtheremoteVPCinordertocreatecross-accountpeering?(Selectthree)

A. VPCID

B. accountusername

C. accountID

D. CMKkeys

E. VPCCIDRblock

F. volumetype

Answer(A,C,E)

Question15:

WhatCIDRblockrangeissupportedforIPv4addressingandsubnettingwithinasingleVPC?

A. /16to/32

B. /16to/24

C. /16to/28

D. /16to/20Answer(C)

Question16:WhatproblemiscausedbythefactthatVPCpeeringdoesnotpermittransitiverouting?

A. additionalVPCroutetablestomanageB. virtualprivategatewayisrequiredC. InternetgatewayisrequiredforeachVPCD. routingbetweenconnectedspokesthroughhubVPCiscomplexE. increasednumberofpeerlinksrequired

Answer(E)

Question17:

WhattwostatementscorrectlydescribesElasticLoadBalanceroperation?

A. spansmultipleregions

B. assignedperEC2instance

C. assignedpersubnet

D. assignedperAuto-Scalinggroup

E. nocross-regionsupportAnswer(D,E)

Question18:

WhataretwoadvantagesofElasticIP(EIP)overAWSpublicIPv4addresses?

A. EIPcanbereassigned

B. EIPisprivate

C. EIPisdynamic

D. EIPispersistent

E. EIPispublicandprivateAnswer(A,D)

Question19:

WhatAWSservicesaregloballymanaged?(Selectfour)

A. IAM

B. S3

C. CloudFront

D. Route53

E. DynamoDB

F. WAF

G. ELB

Answer(A,C,D,F)

Question20:

WhatmethodsareavailableforcreatingaVPC?(Selectthree)

A. AWSmanagementconsole

B. AWSmarketplace

C. VPCwizard

D. VPCconsole

E. DirectConnectAnswer(A,C,D)

Question21:WhattwodefaultsettingsareconfiguredfortenantsbyAWSwhenDefaultVPCoptionisselected?

A. createsasize/20defaultsubnetineachAvailabilityZoneB. createsanInternetgatewayC. createsamainroutetablewithlocalroute10.0.0.0/16D. createavirtualprivategatewayE. createasecuritygroupthatexplicitlydeniesalltraffic

Answer(A,B)

Question22:

WhatthreestatementscorrectlydescribesIPaddressallocationwithinaVPC?A. EC2instancemustbeterminatedtoreassignanIPaddressB. EC2instancethatispausedcanreassignIPaddressC. EC2instancethatisstoppedcanreassignIPaddressD. privateIPaddressesareallocatedfromapoolandcanbereassignedE. privateIPaddressescanbeassignedbytenantF. VPCsupportsdualstackmode(IPv4/IPv6)

Answer(A,E,F)

Question23:

WhataretwoadvantagesofselectingdefaulttenancyoptionforyourVPCwhencreatingit?

A. performanceandreliability

B. someAWSservicesdonotworkwithadedicatedtenancyVPC

C. tenantcanlaunchinstanceswithinVPCasdefaultordedicatedinstances

D. instancelaunchisfasterAnswer(B,C)

Question24:WhatisthepurposeofalocalroutewithinaVPCroutetable?

A. localrouteisderivedfromthedefaultVPCCIDRblock10.0.0.0/16B. communicatebetweeninstanceswithinthesamesubnetordifferent

subnetsC. usedtocommunicatebetweeninstanceswithinthesamesubnetD. defaultrouteforcommunicatingbetweenprivateandpublicsubnetsE. onlyinstalledinthemainroutetable

Answer(C)

Question25:

WhatisthedefaultbehaviorwhenaddinganewsubnettoyourVPC?(Selecttwo)

A. newsubnetisassociatedwiththemainroutetableB. newsubnetisassociatedwiththecustomroutetableC. newsubnetisassociatedwithanyselectedroutetableD. newsubnetisassignedtothedefaultsubnetE. newsubnetisassignedfromtheVPCCIDRblock

Answer(A,E)

Question26:YouhaveenabledAmazonRDSdatabaseservicesinVPC1foranapplicationthathaspublicwebserversinVPC2.HowdoyouconnectthewebserverstotheRDSdatabaseinstancesotheycancommunicateconsideringtheVPC'sareinthesameregion?

A. VPCendpointsB. VPNgatewayC. path-basedroutingD. VPCpeeringE. AWSNetworkLoadBalancer

Answer(D)

Question27:

WhatAWSservicesnowsupportVPCendpointsfeatureforoptimizingsecurity?(Selectthree)

A. Kinesis

B. DNSRoute53

C. S3

D. DynamoDB

E. RDS

Answer(A,C,D)

Question28:

WhatarethreecharacteristicsofanAmazonVirtualPrivateCloud?

A. publicandprivateIPaddressing

B. broadcasts

C. multipleprivateIPaddressespernetworkinterface

D. dedicatedsingletenanthardwareonly

E. persistentpublicIPaddresses

F. HSRPAnswer(A,C,E)

Question29:WhatisthedifferencebetweenVPCmainroutetableandcustomroutetable?

A. VPConlycreatesamainroutetablewhenstartedB. customroutetableisthedefaultC. customroutetableiscreatedforpublicsubnetsD. customroutetableiscreatedforprivatesubnetsE. mainroutetableiscreatedforpublicandprivatesubnets

Answer(C)

Question30:

WhatisthepurposeofthenativeVPCrouter?

A. routepacketsacrosstheinternet

B. routepacketsbetweenprivatecloudinstances

C. routepacketsbetweensubnets

D. routepacketsfrominstancestoS3storagevolumes

E. routepacketsacrossVPN

Answer(C)

Question31:

HowareprivateDNSserversassignedtoanAmazonVPC?

A. notsupported

B. selectnondefaultVPC

C. selectdefaultVPC

D. selectEC-2classicAnswer(B)

Question32:

WhataretwocharacteristicsofanAmazonsecuritygroup?

A. instancelevelpacketfiltering

B. denyrulesonly

C. permitrulesonly

D. subnetlevelpacketfiltering

E. inboundonlyAnswer(A,C)

Question33:

WhatstatementistrueofNetworkAccessControlLists(ACL)operationwithinanAmazonVPC?

A. instanceandsubnetlevelpacketfiltering

B. subnetlevelpacketfiltering

C. inboundonly

D. onlyoneACLallowedperVPC

E. outboundonlyAnswer(B)

Question34:

HowarepacketsforwardedbetweenpublicandprivatesubnetswithinVPC?

A. EIP

B. NAT

C. mainroutetable

D. VPNAnswer(B)

Question35:

WhattwostatementsaccuratelydescribeAmazonVPCarchitecture?

A. ElasticLoadBalancer(ELB)cannotspanmultipleavailabilityzones

B. VPCdoesnotsupportDMVPNconnection

C. VPCsubnetcannotspanmultipleavailabilityzones

D. VPCcannotspanmultipleregions

E. FlowlogsarenotsupportedwithinaVPCAnswer(C,D)

Question36:

WhatisarequirementforattachingEC2instancestoon-premisesclientsandapplications?

A. AmazonVirtualPrivateGateway(VPN)

B. AmazonInternetGateway

C. VPNConnection

D. ElasticLoadBalancer(ELB)

E. NATAnswer(B)

Question37:

WhattwostatementscorrectlydescribeAmazonvirtualprivategateway?

A. assigntoprivatesubnetsonly

B. assigntopublicsubnetsonly

C. singlevirtualprivategatewayperVPC

D. multiplevirtualprivategatewaysperVPC

E. singlevirtualprivategatewayperregion

Answer(A,C)

Question38:

WhatisthemaximumaccessportspeedavailablewithAmazonDirectConnectservice?

A. 1Gbps

B. 10Gbps

C. 500Mbps

D. 100Gbps

E. 100MbpsAnswer(B)

Question39:

Refertothedrawing.YourcompanyhasaskedyoutoconfigureapeeringlinkbetweentwoVPCsthatarecurrentlynotconnectedorexchanginganypackets.WhatdestinationandtargetisconfiguredintheroutingtableofVPC1toenablepacketforwardingtoVPC2?

A.destination=172.16.0.0/16target=pcx-vpc2vpc1

B.destination=10.0.0.0/16target=pcx-vpc2

C.destination=172.16.0.0/16target=10.0.0.0/16

D.destination=172.16.0.0/16target=pcx-vpc1vpc2

E.defaultrouteonly

Answer(D)

Question40:

HowisroutingenabledbydefaultwithinaVPCforanEC2instance?

A. addadefaultroute

B. mainroutetable

C. customroutetable

D. mustbeconfiguredexplicitlyAnswer(B)

Question41:

WhatthreefeaturesarenotsupportedwithVPCpeering?

A. overlappingCIDRblocks

B. IPv6addressing

C. Gateways

D. transitiverouting

E. RedShift

F. ElastiCacheAnswer(A,C,D)

Question42:

WhatrouteisusedinaVPCroutingtableforpacketforwardingtoaGateway?

A. staticroute

B. 10.0.0.0/16

C. tenantconfigured

D. 0.0.0.0/0

E. 0.0.0.0/16Answer(D)

Question43:Youareaskedtodeployawebapplicationcomprisedofmultiplepublicwebserverswithonlyprivateaddressingassigned.WhatAmazonAWSsolutionsenablesmultipleserversonaprivatesubnetwithonlyasingleEIPrequiredandAvailabilityZoneredundancy?

A. NATinstanceB. InternetgatewayC. virtualprivategatewayD. NATgatewayE. ElasticNetworkInterface(ENI)

Answer(D)

Question44:

WhatistheIPaddressingschemaassignedtoadefaultVPC?

A. 172.31.0.0/16CIDRblocksubnettedwith172.31.0.0/20

B. 172.16.0.0/16CIDRblocksubnettedwith172.16.0.0/24

C. 10.0.0.0/16CIDRblocksubnettedwith10.0.0.0/24

D. 172.16.0.0/24CIDRblocksubnettedwith172.31.0.0/18Answer(A)

Question45:

WhatdefaultconfigurationandcomponentsareaddedbyAWSwhenDefaultVPCtypeisselected?(Selectthree)

A. Internetgateway

B. virtualprivategateway

C. NATinstance

D. securitygroup

E. DNSAnswer(A,D,E)

Question46:

Whatfeaturerequirestenantstodisablesource/destinationcheck?

A. ElasticIP(EIP)

B. datareplication

C. VPCpeering

D. NAT

E. InternetgatewayAnswer(D)

StorageServicesQuestion1:

WhatAWSstoragesolutionallowsthousandsofEC2instancestosimultaneouslyupload,access,deleteandsharefiles?

A. EBS

B. S3

C. Glacier

D. EFSAnswer(D)

Question2:

WhatisrequiredforanEFSmounttarget?(Selecttwo)

A. EIP

B. DNSname

C. IPaddress

D. DHCP

E. IAMrole

Answer(B,C)

Question3:

Whatconnectivityfeaturesarerecommendedforcopyingon-premisesfilestoEFS?(Selecttwo)

A. VPNIPsec

B. InternetGateway

C. DirectConnect

D. FileSync

E. FTP

F. AWSStorageGatewayAnswer(C,D)

Question4:

WhatAWSservicesencryptsdataatrestbydefault?(Selecttwo)

A. S3

B. AWSStorageGateway

C. EBS

D. Glacier

E. RDSAnswer(B,D)

Question5:

WhatfaulttolerantfeaturesdoesS3storageprovide?(Selectthree)

A. cross-regionreplication

B. versioningmustbedisabled

C. cross-regionasynchronousreplicationofobjects

D. synchronousreplicationofobjectswithinaregion

E. multipledestinationbucketsAnswer(A,C,D)

Question6:

Whatisthefastesttechniquefordeleting900objectsinanS3bucketwithasingleHTTPrequest?

A. Multi-PartDeleteAPI

B. Multi-ObjectDeleteAPI

C. 100objectsismaximumperrequest

D. Fast-DeleteAPIAnswer(B)

Question7:

WhatsecuritycontrolstechniqueisrecommendedforS3cross-accountaccess?

A. IAMgroup

B. securitygroups

C. S3ACL

D. bucketpoliciesAnswer(D)

Question8:

Whataretwoadvantagesofcross-regionreplicationofanS3bucket?

A. cost

B. securitycompliance

C. scalability

D. Beanstalksupport

E. minimizelatencyAnswer(B,E)

Question9:

WhataretwoprimarydifferencebetweenAmazonS3StandardandS3/RRSstorageclasses?

A. AmazonStandarddoesnotreplicateatall

B. RRSprovideshigherdurability

C. RRSprovideshigheravailability

D. RRSdoesnotreplicateobjectsasmanytimes

E. applicationusageisdifferentAnswer(D,E)

Question10:

WhattwofeaturesareenabledwithS3services?

A. storeobjectsofanysize

B. dynamicwebcontent

C. supportsProvisionedIOPS

D. storevirtuallyunlimitedamountsofdata

E. bucketnamesaregloballyuniqueAnswer(D,E)

Question11:

WhatnewfeaturewasrecentlyaddedtoSQSthatdefineshowmessagesareordered?

A. streams

B. SNS

C. FIFO

D. TLS

E. decouplingAnswer(C)

Question12:

WhattwoAWSstoragetypesarepersistent?

A. ephemeral

B. S3

C. EBS

D. instancestore

E. SAMLAnswer(B,C)

Question13:

Selectthreeon-premisesbackupsolutionsusedforcopyingdatatoanAmazonAWSS3bucket?

A. AWSImport/Export

B. RDS

C. Snowball

D. AvailabilityZone(AZ)replication

E. AWSStorageGatewayAnswer(A,C,E)

Question14:

Youhave1TBofdataandwanttoarchivethedatathatwon'tbeaccessedthatoften.WhatAmazonAWSstoragesolutionisrecommended?

A. Glacier

B. EBS

C. ephemeral

D. CloudFrontAnswer(A)

Question15:

WhatarethreemethodsofaccessingDynamoDBforcustomizationpurposes?

A. CLI

B. AWSconsole

C. APIcall

D. vCenter

E. BeanstalkAnswer(A,B,C)

Question16:

WhataretwoprimarydifferencesbetweenGlacierandS3storageservices?

A. Glacierislowercost

B. S3islowercost

C. Glacierispreferredforfrequentdataaccesswithlowerlatency

D. S3ispreferredforfrequentdataaccesswithlowerlatency

E. S3supportslargerfilesizeAnswer(A,D)

Question17:

WhatstatementcorrectlydescribestheoperationofAWSGlacierarchive?

A. archiveisagroupofvaults

B. archiveisanunencryptedvault

C. archivesupportsaggregatedfilesonly

D. maximumfilesizeis1TB

E. archivesupportssingleandaggregatedfilesAnswer(E)

Question18:WhatarethreeprimarydifferencesbetweenS3vsEBS?

A. S3isamulti-purposepublicinternet-basedstorageB. EBSisdirectlyassignedtoatenantVPCEC2instanceC. EBSandS3providepersistentstorageD. EBSsnapshotsaretypicallystoredonS3bucketsE. EBSandS3usebucketstomanagefilesF. EBSandS3arebasedonblocklevelstorage

Answer(A,B,D)

Question19:

Whaton-premisessolutionisavailablefromAmazonAWStominimizelatencyforalldata?

A. Gateway-VTL

B. Gateway-cachedvolumes

C. Gateway-storedvolumes

D. EBS

E. S3bucket

F. ElastiCacheAnswer(C)

Question20:

WhatfeaturetransitionsS3storagetoStandard-IAforcostoptimization?

A. RRS/S3

B. Glaciervault

C. storageclassanalysis

D. path-basedroutingAnswer(C)

Question21:

HowdoesAWSuniquelyidentifyS3objects?

A. bucketname

B. version

C. key

D. objecttagAnswer(C)

Question22:

Whatistheadvantageofread-after-writeconsistencyforS3buckets?

A. nostalereadsforPUTofanynewobjectinallregions

B. higherthroughputforallrequests

C. stalereadsforPUTrequestsinsomeregions

D. nostalereadsforGETrequestsinasingleregionsAnswer(A)

Question23:

WhatisthemaximumsinglefileobjectsizesupportedwithAmazonS3?

A. 5GB

B. 5TB

C. 1TB

D. 100GBAnswer(B)

Question24:

WhatsecurityproblemissolvedbyusingCross-OriginResourceSharing(CORS)?

A. enableHTTPrequestsfromwithinscriptstoadifferentdomain

B. enablesharingofweb-basedfilesbetweendifferentbuckets

C. providesecurityforthirdpartyobjectswithinAWS

D. permitssharingobjectsbetweenAWSservices

Answer(A)

Question25:

Whatisrecommendedformigrating40TBofdatafromon-premisestoS3whentheinternetlinkisoftenoverutilized?

A. AWSStoragegateway

B. AWSSnowball

C. AWSImport/Export

D. AWSElasticFileSystem

E. AWSElasticsearch

F. AWSMulti-PartUploadAPIAnswer(B)

Question26:

YourcompanyispublishinganonlinecatalogofbooksthatiscurrentlyusingDynamoDBforstoringtheinformationassociatedwitheachitem.Thereisarequirementtoaddimagesforeachbook.Whatsolutionismostcosteffectiveanddesignedforthatpurpose?

A. RedShiftB. EBSC. RDSD. S3E. Kinesis

Answer(D)

Question27:

Youhaveanapplicationthatcollectsmonitoringdatafrom10,000sensors(IoT)deployedintheUSA.Thedatapointsarecomprisedofvideoeventsforhomesecurityandenvironmentstatusalerts.TheapplicationwillbedeployedtoAWSwithEC2instancesasdatacollectors.WhatAWSstorageserviceispreferredforstoringvideofilesfromsensors?

A. RedShiftB. RDSC. S3D. DynamoDB

Answer(C)

SecurityArchitectureQuestion1:

WhatstatementscorrectlydescribesecuritygroupswithinaVPC?(Selectthree)

A. defaultsecuritygrouponlypermitinboundtraffic

B. securitygroupsarestatefulfirewalls

C. onlyallowrulesaresupported

D. allowanddenyrulesaresupported

E. securitygroupsareassociatedtonetworkinterfacesAnswer(B,C,E)

Question2:

Whatthreeitemsarerequiredtoconfigureasecuritygrouprule?

A. protocoltype

B. VPCname

C. portnumber

D. sourceIP

E. destinationIP

F. descriptionAnswer(A,C,D)

Question3:

WhattwosourceIPaddresstypesarepermittedinasecuritygrouprule?

A. onlyCIDRblockswith/16subnetmask

B. sourceIPaddress0.0.0.0/0

C. singlesourceIPaddresswith/24subnetmask

D. securitygroupid

E. IPv6addresswith/64prefixlengthAnswer(B,D)

Question4:

WhatprotocolsmustbeenabledforremoteaccesstoLinux-basedandWindows-basedEC2instances?

A. SSH,ICMP,Telnet

B. SSH,HTTP,RDP

C. SSH,HTTP,SSL

D. SSH,RDP,ICMPAnswer(D)

Question5:

DistinguishnetworkACLsfromsecuritygroupswithinaVPC?(Selectthree)

A. ACLfiltersatthesubnetlevel

B. ACLisbasedondenyrulesonly

C. ACLisappliedtoinstancesandsubnets

D. ACLisstateless

E. ACLsupportsanumberedlistforfilteringAnswer(A,D,E)

Question6:WhathappenstothesecuritypermissionsofatenantwhenanIAMroleisgranted?(Selecttwo)

A. tenantinheritsonlypermissionsassignedtotheIAMroletemporarilyB. addsecuritypermissionsoftheIAMroletoexistingpermissionsC. previoussecuritypermissionsarenolongerineffectD. previoussecuritypermissionsaredeletedunlessreconfiguredE. tenantinheritsonlyreadpermissionsassignedtotheIAMrole

Answer(A,C)

Question7:

WhereareIAMpermissionsgrantedtoinvokeandexecuteaLambdafunctionforS3access?(Selecttwo)

A.S3bucket

B. EC2instance

C. Lambdafunction

D. IAMrole

E. eventmappingAnswer(A,D)

Question8:

YouhavesomedevelopersworkingoncodeforanapplicationandtheyrequiretemporaryaccesstoAWSclouduptoanhour.Whatistheeasiestweb-basedsolutionfromAWStoprovidesaccessandminimizesecurityexposure?

A. ACL

B. securitygroup

C. IAMgroup

D. STS

E. EFS

Answer(D)

Question9:

WhattwomethodsareusedtorequesttemporarycredentialsbasedonAWSSecurityTokenService(STS)?

A. WebIdentityFederation

B. LDAP

C. IAMidentity

D. dynamicACL

E. privatekeyrotationAnswer(A,C)

Question10:

WhattwocomponentsarerequiredforenablingSAMLauthenticationrequeststoAWSIdentityandAccessManagement(IAM)?

A. accesskeys

B. sessiontoken

C. SSO

D. identityprovider(IdP)

E. SAMLproviderentityAnswer(D,E)

Question11:

WhataretworeasonsfordeployingOriginAccessIdentity(OAI)whenenablingCloudFront?

A. preventusersfromdeletingobjectsinS3bucketsB. mitigatedistributeddenialofserviceattacks(DDoS)C. preventusersfromaccessingobjectswithAmazonS3URLD. preventusersfromaccessingobjectswithCloudFrontURLE. replaceIAMforinternet-basedcustomerauthentication

Answer(B,C)

Question12:

WhatsolutionsarerecommendedtomitigateDDoSattacks?(Selectthree)

A. host-basedfirewall

B. elasticloadbalancer

C. WAF

D. SSL/TLS

E. Bastionhost

F. NATgatewayAnswer(B,C,E)

Question13:

WhatfeaturesarerequiredtopreventusersfrombypassingAWSCloudFrontsecurity?(Selectthree)

A. Bastionhost

B. signedURL

C. IPwhitelist

D. signedcookies

E. originaccessidentity(OAI)Answer(B,D,E)

Question14:

Whatistheadvantageofresource-basedpoliciesforcross-accountaccess?

A. trustedaccountpermissionsarenotreplaced

B. trustedaccountpermissionsarereplaced

C. resource-basedpoliciesareeasiertodeploy

D. trustingaccountmanagesallpermissions

Answer(A)

Question15:

SelectthreerequirementsforconfiguringaBastionhost?

A. EIP

B. SSHinboundpermission

C. defaultroute

D. CloudWatchlogsgroup

E. VPN

F. Auto-ScalingAnswer(A,B,D)

Question16:

WhatrulemustbeaddedtothesecuritygroupassignedtoamounttargetinstancethatenablesEFSaccessfromanEC2instance?

A. Type=EC2,protocol=IP,port=2049,source=remotesecuritygroupid

B. Type=EC2,protocol=EFS,port=2049,source=0.0.0.0/0C. Type=NFS,protocol=TCP,port=2049,source=remotesecurity

groupidD. Type=NFSv4,protocol=UDP,port=2049,source=remotesecurity

groupidAnswer(C)

Question17:WhatstatementcorrectlydescribesIAMarchitecture?

A. IAMsecurityisunifiedperregionandreplicatedbasedonrequirementsforanAWStenantaccount

B. IAMsecurityisdefinedperregionforrolesonlyonanAWStenantaccount

C. IAMsecurityisgloballyunifiedacrosstheAWScloudforanAWStenantaccount

D. IAMsecurityisdefinedseparatelyperregionandcross-regionsecurityenabledforanAWStenantaccount

Answer(C)

Question18:

Whataretwoadvantagesofcustomer-managedencryptionkeys(CMK)?

A. createandrotateencryptionkeys

B. AES-128cipherfordataatrest

C. auditencryptionkeys

D. encryptsdatain-transitforserver-sideencryptiononlyAnswer(A,C)

Question19:

WhatfeatureisnotavailablewithAWSTrustedAdvisor?

A. costoptimization

B. infrastructurebestpractices

C. vulnerabilityassessment

D. monitorapplicationmetricsAnswer(C)

Question20:

WhatisrequiredtoPingfromasourceinstancetoadestinationinstance?A.NetworkACL:notrequiredSecurityGroup:allowICMPoutboundonsource/destinationEC2instancesB.NetworkACL:allowICMPinbound/outboundonsource/destinationsubnetsSecurityGroup:notrequiredC.NetworkACL:allowICMPinbound/outboundonsource/destinationsubnetsSecurityGroup:allowICMPoutboundonsourceEC2instanceSecurityGroup:allowICMPinboundondestinationEC2instanceD.NetworkACL:allowTCPinbound/outboundonsource/destinationsubnetsSecurityGroup:allowTCPandICMPinboundonsourceEC2instanceAnswer(C)

Question21:

Whattwostepsarerequiredtograntcross-accountpermissionsbetweenAWSaccounts?

A. createanIAMuser

B. attachatrustpolicytoS3

C. createatransitivepolicy

D. attachatrustpolicytotherole

E. createanIAMrole

Answer(D,E)

Question22:YouhaveconfiguredasecuritygrouptoallowICMP,SSHandRDPinboundandassignedthesecuritygrouptoallinstancesinasubnet.ThereisnoaccesstoanyLinux-basedorWindows-basedinstancesandyoucannotPinganyinstances.ThenetworkACLforthesubnetisconfiguredtoallowallinboundtraffictothesubnet.Whatisthemostprobablecause?

A. on-premisesfirewallrulesB. securitygroupandnetworkACLoutboundrulesC. networkACLoutboundrulesD. securitygroupoutboundrulesE. Bastionhostrequired

Answer(C)

Question23:

WhatthreetechniquesprovideauthenticationsecurityonS3volumes?

A. bucketpolicies

B. networkACL

C. IdentityandAccessManagement(IAM)

D. encryption

E. AES256Answer(A,B,C)

Question24:WhatstatementcorrectlydescribessupportforAWSencryptionofS3objects?

A. tenantsmanageencryptionforserver-sideencryptionofS3objectsB. Amazonmanagesencryptionforserver-sideencryptionofS3objectsC. client-sideencryptionofS3objectsisnotsupportedD. S3bucketsareencryptedonlyE. SSLisonlysupportedwithGlacierstorage

Answer(B)

Question25:

WhatauthenticationmethodprovidesFederatedSingleSign-On(SSO)forcloudapplications?

A. ADS

B. ISE

C. RADIUS

D. TACACS

E. SAMLAnswer(E)

Question26:

BasedontheAmazonsecuritymodel,whatinfrastructureconfigurationandassociatedsecurityistheresponsibilityoftenantsandnotAmazonAWS?(Selecttwo)

A. dedicatedcloudserver

B. hypervisor

C. operatingsystemlevel

D. applicationlevel

E. upstreamphysicalswitchAnswer(C,D)

Question27:

WhatsecurityauthenticationisrequiredbeforeconfiguringormodifyingEC2instances?(Selectthree)

A. authenticationattheoperatingsystemlevel

B. EC2instanceauthenticationwithasymmetrickeys

C. authenticationattheapplicationlevel

D. Telnetusernameandpassword

E. SSH/RDPsessionconnectionAnswer(A,B,E)

Question28:

WhatfeatureispartofAmazonTrustedAdvisor?

A. securitycompliance

B. troubleshootingtool

C. EC2configurationtool

D. securitycertificatesAnswer(A)

Question29:

WhataretwobestpracticesforaccountmanagementwithinAmazonAWS?A. donotuserootaccountforcommonadministrativetasksB. createasingleAWSaccountwithmultipleIAMusersthathaveroot

privilegeC. createmultipleAWSaccountswithmultipleIAMusersperAWS

accountD. userootaccountforalladministrativetasksE. createmultiplerootuseraccountsforredundancy

Answer(A,C)

Question30:

WhatAWSfeatureisrecommendedforoptimizingdatasecurity?

A. Multi-factorauthentication

B. usernameandencryptedpassword

C. Two-factorauthentication

D. SAML

E. FederatedLDAPAnswer(A)

Question31:

WhatIAMclassenablesanEC2instancetoaccessafileobjectinanS3bucket?

A. user

B. root

C. role

D. groupAnswer(C)

Question32:

Whatarethreerecommendedsolutionsthatprovideprotectionandmitigationfromdistributeddenialofservice(DDoS)attacks?

A. securitygroups

B. CloudWatch

C. encryption

D. WAF

E. datareplication

F. Auto-ScalingAnswer(A,B,D)

Question33:

WhatarethreerecommendedbestpracticeswhenconfiguringIdentityandAccessManagement(IAM)securityservices?

A. LockordeleteyourrootaccesskeyswhennotrequiredB. IAMgroupsarenotrecommendedforstoragesecurityC. createanIAMuserwithadministratorprivilegesD. shareyourpasswordand/oraccesskeyswithmembersofyourgroup

onlyE. deleteanyAWSaccountwheretheaccesskeysareunknown

Answer(A,C,E)

Question34:

WhattwofeaturescreatesecurityzonesbetweenEC2instanceswithinaVPC?

A. securitygroups

B. VirtualSecurityGateway

C. networkACL

D. WAF

Answer(A,B)

Question35:

WhatAWSserviceprovidesvulnerabilityassessmentservicestotenantswithinthecloud?

A. AmazonWAFB. AmazonInspectorC. AmazonCloudLogicD. AmazonTrustedAdvisor

Answer(B)

Question36:

WhataretwoprimarydifferencesbetweenADConnectorandSimpleADforclouddirectoryservices?

A. SimpleADrequiresanon-premisesADSdirectoryB. SimpleADisfullymanagedandsetupinminutesC. ADConnectorrequiresanon-premisesADSdirectoryD. SimpleADismorescalablethanADConnectorE. SimpleADprovidesenhancedintegrationwithIAM

Answer(B,C)

DatabaseServicesQuestion1:

Howisloadbalancingenabledformultipletaskstothesamecontainerinstance?

A. path-basedrouting

B. reverseproxy

C. NAT

D. dynamicportmapping

E. dynamiclistenersAnswer(D)

Question2:

WhatencryptionsupportisavailablefortenantsthataredeployingAWSDynamoDB?

A. server-sideencryption

B. client-sideencryption

C. client-sideandserver-sideencryption

D. encryptionnotsupported

E. blocklevelencryption

Answer(B)

Question3:

WhatarethreeprimaryreasonsfordeployingElastiCache?

A. datasecurity

B. managedservice

C. replicationwithRedis

D. durability

E. lowlatency

Answer(B,C,E)

Question4:

Whatservicedoesnotsupportsessiondatapersistencestoretoenableweb-basedstatefulapplications?

A. RDS

B. Memcached

C. DynamoDB

D. Redis

E. RedShift

Answer(B)

Question5:

HowdoesMemcachedimplementhorizontalscaling?

A. Auto-Scaling

B. databasestore

C. partitioning

D. EC2instances

E. S3bucketAnswer(C)

Question6:

WhattwooptionsareavailablefortenantstoaccessElastiCache?

A. VPCpeeringlink

B. EC2instances

C. EFSmount

D. cross-regionVPCAnswer(A,B)

Question7:

Whattwostatementscorrectlydescribein-transitencryptionsupportonElastiCacheplatform?

A. notsupportedforElastiCacheplatform

B. supportedonRedisreplicationgroup

C. encryptscacheddataatrest

D. notsupportedonMemcachedcluster

E. IPsecmustbeenabledfirstAnswer(B,D)

Question8:

WhatAmazonAWSplatformisdesignedforcomplexanalyticsofavarietyoflargedatasetsbasedoncustomcode.Theapplicationsincludemachinelearninganddatatransformation?

A. EC2

B. Beanstalk

C. Redshift

D. EMRAnswer(D)

Question9:

WhataretwoprimaryadvantagesofDynamoDB?

A. SQLsupport

B. managedservice

C. performance

D. CloudFrontintegrationAnswer(B,C)

Question10:

WhattwofaulttolerantfeaturesdoesAmazonRDSsupport?

A. copysnapshottoadifferentregion

B. createreadreplicatoadifferentregion

C. copyunencryptedread-replicaonly

D. copyread/writereplicaandsnapshotAnswer(A,B)

Question11:

WhatmanagedservicesareincludedwithAmazonRDS?(selectfour)

A. assignnetworkcapacitytodatabaseinstances

B. installdatabasesoftware

C. performregularbackups

D. datareplicationacrossmultipleavailabilityzones

E. datareplicationacrosssingleavailabilityzoneonly

F. configuredatabase

G. performancetuningAnswer(A,B,C,D)

Question12:

Whattwoconfigurationfeaturesarerequiredtocreateaprivatedatabaseinstance?

A. securitygroup

B. networkACL

C. CloudWatch

D. ElasticIP(EIP)

E. NondefaultVPC

F. DNSAnswer(A,F)

Question13:

Whatstoragetypeisrecommendedforanonlinetransactionprocessing(OLTP)applicationdeployedtoMulti-AZRDSwithsignificantworkloads?

A. GeneralPurposeSSD

B. Magnetic

C. EBSvolumes

D. ProvisionedIOPSAnswer(D)

Question14:

WhatfeaturesaresupportedwithAmazonRDS?(Selectthree)

A. horizontalscalingwithmultiplereadreplicas

B. elasticloadbalancingRDSreadreplicas

C. replicatereadreplicascross-region

D. automaticfailovertomasterdatabaseinstance

E. applicationloadbalancer(ALB)Answer(A,C,E)

Question15:

WhatarethreeadvantagesofstandbyreplicainaMulti-AZRDSdeployment?

A. faulttolerance

B. eliminateI/Ofreezes

C. horizontalscaling

D. verticalscaling

E. dataredundancyAnswer(A,B,E)

Question16:

WhatconsistencymodelisthedefaultusedbyDynamoDB?

A. stronglyconsistent

B. eventuallyconsistent

C. nodefaultmodel

D. casualconsistency

E. sequentialconsistency

Answer(B)

Question17:

WhatdoesRDSusefordatabaseandlogstorage?

A. EBS

B. S3

C. instancestore

D. localstore

E. SSDAnswer(A)

Question18:

WhatstatementscorrectlydescribesupportforMicrosoftSQLServerwithinAmazonVPC?(Selectthree)

A. read/writereplica

B. readreplicaonly

C. verticalscaling

D. nativeloadbalancing

E. EBSstorageonly

F. S3storageonly

Answer(B,C,D)

Question19:

SelecttwofeaturesavailablewithAmazonRDSforMySQL?

A. Auto-Scaling

B. readrequeststostandbyreplicas

C. real-timedatabasereplication

D. activereadrequestsonlyAnswer(B,C)

Question20:

WhataretwocharacteristicsofAmazonRDS?

A. databasemanagedservice

B. NoSQLqueries

C. nativeloadbalancer

D. databasewritereplicas

E. automaticfailoverofreadreplicaAnswer(A,C)

Question21:

WhatcachingenginesaresupportedwithAmazonElastiCache?(Selecttwo)

A. HAProxy

B. Route53

C. RedShift

D. Redis

E. Memcached

F. CloudFrontAnswer(D,E)

Question22:

WhatarethreeprimarycharacteristicsofDynamoDB?

A. lessscalablethanRDS

B. staticcontent

C. storemetadataforS3objects

D. replicationtothreeAvailabilityZones

E. highread/writethroughput

Answer(C,D,E)

Question23:

WhatarethreeexamplesofusingLambdafunctionstomovedatabetweenAWSservices?

A. readdatadirectlyfromDynamoDBstreamstoRDSB. readdatafromKinesisstreamandwritedatatoDynamoDBC. readdatafromDynamoDBstreamtoFirehoseandwritetoS3D. readdatafromS3andwritemetadatatoDynamoDBE. readdatafromKinesisFirehosetoKinesisdatastream

Answer(B,C,D)

Question24:YouhaveenabledAmazonRDSdatabaseservicesinVPC1foranapplicationwithpublicwebserversinVPC2.HowdoyouconnectthewebserverstotheRDSdatabaseinstancesotheycancommunicateconsideringtheVPC'sareindifferentregions?

A. VPCendpointsB. VPNgatewayC. path-basedroutingD. publiclyaccessibledatabaseE. VPCpeering

Answer(D)

Question25:

YouhavearequirementtocreateanindextosearchcustomerobjectsstoredinS3buckets.ThesolutionshouldenableyoutocreateametadatasearchindexforeachobjectstoredtoanS3bucket.Selectthemostscalableandcosteffectivesolution?

A. RDS,ElastiCacheB. DynamoDB,LambdaC. RDS,EMR,ALBD. RedShift

Answer(B)

Question26:WhatarethreeadvantagesofusingDynamoDBoverS3forstoringIoTsensordatawherethereare100,000datapointsamplessentperminute?

A. S3mustcreateasinglefileforeacheventB. IoTcanwritedatadirectlytoDynamoDBC. DynamoDBprovidesfastread/writestoastructuredtableforqueriesD. DynamoDBisdesignedforfrequentaccessandfastlookupofsmall

recordsE. S3isdesignedforfrequentaccessandfastlookupofsmallerrecordsF. IoTcanwritedatadirectlytoS3

Answer(B,C,D)

Question27:

Yourcompanyisaproviderofonlinegamingthatcustomersaccesswithvariousnetworkaccessdevicesincludingmobilephones.Whatisadatawarehousingsolutionsforlargeamountsofinformationonplayerbehavior,statisticsandeventsforanalysisusingSQLtools?

A. RedShiftB. DynamoDBC. RDSD. DynamoDBE. Elasticsearch

Answer(A)

Question28:WhattwostatementsarecorrectwhencomparingElasticsearchandRedShiftasanalyticaltools?

A. ElasticsearchisatextsearchengineanddocumentindexingtoolB. RedShiftsupportscomplexSQL-basedquerieswithPetabytesizeddata

storeC. ElasticsearchsupportsSQLqueriesD. RedShiftprovidesonlybasicanalyticalservicesE. ElasticsearchdoesnotsupportJSONdatatype

Answer(A,B)

Question29:

Whathappenswhenreadorwriterequestsexceedcapacityunits(throughputcapacity)foraDynamoDBtableorindex?(Selecttwo)

A. DynamoDBautomaticallyincreasesread/writeunitsB. DynamoDBcanthrottlerequestssothatrequestsarenotexceededC. HTTP400codeisreturned(BadRequest)D. HTTP500codeisreturned(ServerError)E. DynamoDBautomaticallyincreasesread/writeunitsifprovisioned

throughputisenabledAnswer(B,C)

Question30:

WhatreadconsistencymethodprovideslowerlatencyforGetItemrequests?

A. stronglypersistentB. eventuallyconsistentC. stronglyconsistentD. writeconsistent

Answer(B)

Question31:

YoumustspecifystronglyconsistentreadandwritecapacityforyourDynamoDBdatabase.Youhavedeterminedreadcapacityof128Kbpsandwritecapacityof25Kbpsisrequiredforyourapplication.WhatisthereadandwritecapacityunitsrequiredforDynamoDBtable?

A. 32readunits,25writeunitsB. 1readunit,1writeunitC. 16readunits,2.5writeunitsD. 64readunits,10writeunits

Answer(A)

Question32:

WhatDynamoDBcapacitymanagementtechniqueisbasedonthetenantspecifyinganupperandlowerrangeforread/writecapacityunits?

A. demandB. provisionedthroughputC. reservedcapacityD. autoscalingE. generalpurpose

Answer(D)

Question33:

WhatisthemaximumvolumesizeofaMySQLRDSdatabase?

A. 6TBB. 3TBC. 16TBD. unlimited

Answer(C)

Question34:

WhatisthemaximumsizeofaDynamoDBrecord(item)?

A. 400KBB. 64KBC. 1KBD. 10KB

Answer(A)

FaultTolerantSystemsQuestion1:

WhattwofeaturesdescribeanApplicationLoadBalancer(ALB)?

A. dynamicportmapping

B. SSLlistener

C. layer7loadbalancer

D. backendserverauthentication

E. multi-regionforwardingAnswer(A,C)

Question2:

Whatenablesloadbalancingbetweenmultipleapplicationsperloadbalancer?

A. listeners

B. stickysessions

C. path-basedrouting

D. backendserverauthentication

Answer(C)

Question3:

WhatthreefeaturesarecharacteristicofClassicLoadBalancer?

A. dynamicportmapping

B. path-basedrouting

C. SSLlistener

D. backendserverauthentication

E. ECS

F. Layer4basedloadbalancerAnswer(C,D,F)

Question4:

WhatsecurityfeatureisonlyavailablewithClassicLoadBalancer?

A. IAMrole

B. SAML

C. back-endserverauthentication

D. securitygroups

E. LDAPAnswer(C)

Question5:

WhatisaprimarydifferencebetweenClassicandNetworkLoadBalancer?

A. IPaddresstarget

B. Auto-Scaling

C. protocoltarget

D. cross-zoneloadbalancing

E. listenerAnswer(A)

Question6:WhatarethefirsttwoconditionsusedbyAmazonAWSdefaultterminationpolicyforMulti-AZarchitecture?

A. unprotectedinstancewitholdestlaunchconfigurationB. AvailabilityZone(AZ)withthemostinstancesC. atleastoneinstancethatisnotprotectedfromscaleinD. unprotectedinstanceclosesttothenextbillinghourE. randomselectionofanyunprotectedinstance

Answer(B,C)

Question7:

WhatfeatureisusedforhorizontalscalingofconsumerstoprocessdatarecordsfromaKinesisdatastream?

A. verticalscalingshards

B. Auto-Scaling

C. Lambda

D. ElasticLoadBalancerAnswer(B)

Question8:

WhatDNSrecordscanbeusedforpointingazoneapextoanElasticLoadBalancerorCloudFrontdistribution?(Selecttwo)

A. Alias

B. CNAME

C. MX

D. A

E. NameServerAnswer(A,D)

Question9:WhatservicesareprimarilyprovidedbyDNSRoute53?(Selectthree)

A. loadbalancingwebserverswithinaprivatesubnetB. resolvehostnamesandIPaddressesC. loadbalancingwebserverswithinapublicsubnetD. loadbalancingdatareplicationrequestsbetweenECScontainersE. resolvequeriesandrouteinternettraffictoAWSresourcesF. automatedhealthcheckstoEC2instances

Answer(B,E,F)

Question10:

WhataretwofeaturesthatcorrectlydescribeAvailabilityZone(AZ)architecture?

A. multipleregionsperAZ

B. interconnectedwithprivateWANlinks

C. multipleAZperregion

D. interconnectedwithpublicWANlinks

E. dataauto-replicatedbetweenzonesindifferentregions

F. DirectConnectsupportsLayer2connectivitytoregionAnswer(B,C)

Question11:

HowisRoute53configuredforWarmStandbyfaulttolerance?(Selecttwo)

A. automatedhealthchecks

B. path-basedrouting

C. failoverrecords

D. AliasrecordsAnswer(A,C)

Question12:

HowisDNSRoute53configuredforMulti-Sitefaulttolerance?(Selecttwo)

A. IPaddress

B. weightedrecords(non-zero)

C. healthchecks

D. Aliasrecords

E. zeroweightedrecords

Answer(B,C)

Question13:

WhatisanAvailabilityZone?

A. datacenter

B. multipleVPCs

C. multipleregions

D. singleregion

E. multipleEC2serverinstancesAnswer(A)

Question14:

HowareDNSrecordsmanagedwithAmazonAWStoenablehighavailability?

A. Auto-Scaling

B. serverhealthchecks

C. reverseproxy

D. elasticloadbalancingAnswer(C)

Question15:

WhatisthedifferencebetweenWarmStandbyandMulti-Sitefaulttolerance?(Selecttwo)

A. Multi-SiteenableslowerRTOandmostrecentRPOB. WarmStandbyenableslowerRTOandmostrecentRPOC. Multi-Siteprovidesactive/activeloadbalancingD. Multi-Siteprovidesactive/standbyloadbalancingE. DNSRoute53isnotrequiredforWarmStandby

Answer(A,C)

Question16:

WhatAWSbestpracticeisrecommendedforcreatingfaulttolerantsystems?

A. verticalscaling

B. ElasticIP(EIP)

C. securitygroups

D. horizontalscaling

E. RedShiftAnswer(D)

Question17:

WhattwostatementscorrectlydescribeversioningforprotectingdataatrestonS3buckets?

A. enabledbydefault

B. overwritesmostcurrentfileversion

C. restoresdeletedfiles

D. savesmultipleversionsofasinglefile

E. disabledbydefaultAnswer(C,E)

Question18:

WhattwomethodsarerecommendedbyAWSforprotectingEBSdataatrest?

A. replication

B. snapshots

C. encryption

D. VPNAnswer(B,C)

Question19:YouhaveanElasticLoadBalancerassignedtoaVPCwithpublicandprivatesubnets.ELBisconfiguredtoloadbalancetraffictoagroupofEC2instancesassignedtoanAuto-Scalinggroup.Whatthreestatementsarecorrect?

A. ElasticLoadBalancerisassignedtoapublicsubnetB. networkACLisassignedtoElasticLoadBalancerC. securitygroupisassignedtoElasticLoadBalancerD. cross-zoneloadbalancingisnotsupportedE. ElasticLoadBalancerforwardstraffictoprimaryprivateIPaddress

(eth0interface)oneachinstanceAnswer(A,C,E)

DeploymentQuestion1:

WhatAmazonAWSserviceisavailableforcontainermanagement?

A. ECS

B. Docker

C. Kinesis

D. LambdaAnswer(A)

Question2:

WhatisassociatedwithMicroservices?(Selecttwo)

A. ApplicationLoadBalancer

B. Kinesis

C. RDS

D. DynamoDB

E. ECSAnswer(A,E)

Question3:

WheredoesAmazonretrievewebcontentwhenitisnotinthenearestCloudFrontedgelocation?

A. secondarylocation

B. fileserver

C. EBS

D. S3bucketAnswer(D)

Question4:

WhattwofeaturesofanAPIGatewayminimizetheeffectsofpeaktrafficeventsandminimizelatency?

A.loadbalancing

B. firewalling

C. throttling

D. scaling

E. caching

Answer(C,E)

Question5:

WhatthreecharacteristicsdifferentiateLambdafromtraditionalEC2deploymentorcontainerization?

A. LambdaisbasedonKinesisscripts

B. Lambdaisserverless

C. tenanthasownershipofEC2instances

D. tenanthasnocontrolofEC2instances

E. Lambdaisacode-basedservice

F. LambdasupportsonlyS3andGlacierAnswer(B,D,E)

Question6:

HowiscodeuploadedtoLambda?

A. Lambdainstance

B. Lambdacontainer

C. Lambdaentrypoint

D. Lambdafunction

E. LambdaAMIAnswer(D)

Question7:

HowareLambdafunctionstriggered?

A. EC2instance

B. hypervisor

C. Kinesis

D. operatingsystem

E. eventsourceAnswer(E)

Question8:WhatthreestatementscorrectlydescribestandardLambdaoperation?

A. Lambdafunctionisallocated500MBephemeraldiskspaceB. Lambdafunctionisallocated100MBEBSstorageC. LambdastorescodeinS3D. LambdastorescodeinaGlaciervaultE. LambdastorescodeincontainersF. maximumexecutiontimeis300seconds

Answer(A,C,F)

Question9:WhatnetworkeventsarerestrictedbyLambda?(Selecttwo)

A. onlyinboundTCPnetworkconnectionsareblockedbyAWSLambdaB. allinboundnetworkconnectionsareblockedbyAWSLambdaC. allinboundandoutboundconnectionsareblockedD. outboundconnectionssupportonlyTCP/IPsocketsE. outboundconnectionssupportonlySSLsockets

Answer(B,D)

Question10:

HowisversioningsupportedwithLambda?(Selecttwo)

A. Lambdanativesupport

B. ECScontainer

C. notsupported

D. Aliases

E. replication

F. S3versioningAnswer(A,D)

Question11:WhatisthedifferencebetweenStream-basedandAWSServiceswhenenablingLambda?

A. streamsmaintainseventsourcemappinginLambdaB. streamsmaintainseventsourcemappingineventsourceC. streamsmaintainseventsourcemappinginEC2instanceD. streamsmaintainseventsourcemappinginnotificationE. streamsmaintainseventsourcemappinginAPI

Answer(A)

Question12:

Selecttwocustomoriginserversfromthefollowing?

A. S3bucket

B. S3object

C. EC2instance

D. ElasticLoadBalancer

E. APIgatewayAnswer(C,D)

Question13:

WhattwoattributesareonlyassociatedwithCloudFrontprivatecontent?

A. AmazonS3URL

B. signedcookies

C. webdistribution

D. signedURL

E. objectAnswer(B,D)

Question14:

HowareoriginserverslocatedwithinCloudFront(Selecttwo)

A. DNSrequest

B. distributionlist

C. webdistribution

D. RTMPprotocol

E. sourcemappingAnswer(A,C)

Question15:

WhereareHTMLfilessourcedfromwhentheyarenotcachedataCloudFrontedgelocation?

A. S3object

B. originHTTPserver

C. S3bucket

D. nearestedgelocation

E. RTMPserver

F. failoveredgelocationAnswer(B)

Question16:

WhatisthecapacityofasingleKinesisshard?(Selecttwo)

A. 2000PUTrecordspersecond

B. 1MB/secdatainputand2MB/secdataoutput

C. 10MB/secdatainputand10MB/secdataoutput

D. 1000PUTrecordspersecond

E. unlimitedAnswer(B,D)

Question17:

WhatAmazonAWSservicesupportsreal-timeprocessingofdatastreamfrommultipleconsumersandreplayofrecords?

A. DynamoDB

B. EMR

C. Kinesisdatastreams

D. SQS

E. RedShiftAnswer(C)

Question18:Yourcompanyhasaskedyoutocaptureandforwardareal-timedatastreamonamassivescaledirectlytoRedShiftforanalysiswithBItools.WhatAWStoolismostappropriatethatprovidesthefeaturesetandcosteffective?

A. DynamoDBB. SQSC. ElasticMapReduceD. KinesisFirehoseE. SNSF. CloudFront

Answer(D)

Question19:

WhatfeaturepermitstenantstouseaprivatedomainnameinsteadofthedomainnamethatCloudFrontassignstoadistribution?

A. Route53

B. CNAMErecord

C. MXrecord

D. RTMP

E. SignedURLAnswer(B)

Question20:

WhatAmazonAWSserviceisavailabletoguaranteetheconsumingofauniquemessageonlyonce?

A. Beanstalk

B. SQL

C. Exchange

D. SQSAnswer(D)

Question21:

Whatisthefastestandeasiestmethodformigratinganon-premisesVMwarevirtualmachinetotheAWScloud?

A. AmazonMarketplace

B. AWSServerMigrationService

C. AWSStorageGateway

D. EC2Import/ExportAnswer(B)

Question22:

Selectthestatelessprotocolfromthefollowing?

A. FTP

B. TCP

C. HTTP

D. SSHAnswer(C)

Question23:

WhatarethreevalidendpointsforanAPIgateway?

A. RESTfulAPI

B. Lambdafunction

C. AWSservice

D. webserver

E. HTTPmethod

Answer(B,C,D)

Question24:

Howisavolumeselected(identified)whenmakinganEBSSnapshot?

A. accountid

B. volumeid

C. tag

D. ARNAnswer(D)

Question25:

WhatdeploymentserviceenablestenantstoreplicateanexistingAWSstack?

A. Beanstalk

B. CloudFormation

C. RedShift

D. EMR

Answer(B)

Question26:

WhatthreeservicescaninvokeaLambdafunction?

A. SNStopic

B. CloudWatchevent

C. EC2instance

D. securitygroup

E. S3bucketnotificationAnswer(A,B,E)

Question27:

WhattwoservicesenableautomaticpollingofastreamfornewrecordsonlyandforwardthemtoanAWSstorageservice?

A. SNS

B. Kinesis

C. Lambda

D. DynamoDBAnswer(B,C)

Question28:YourcompanyisdeployingawebsitewithdynamiccontenttocustomersinUS,EUandAPACregionsoftheworld.Contentwillincludelivestreamingvideostocustomers.SSLcertificatesarerequiredforsecuritypurposes.SelecttheAWSservicedeliversallrequirementsandprovidesthelowestlatency?

A. DynamoDBB. CloudFrontC. S3D. Redis

Answer(B)

Question29:

WhataretheadvantagesofBeanstalk?(Selecttwo)

A. orchestrationanddeploymentabstraction

B. template-orienteddeploymentservice

C. easiestsolutionfordeveloperstodeploycloudapplications

D. doesnotsupportcloudcontainersAnswer(A,C)

Question30:YouareanetworkanalystwithJSONscriptingexperienceandaskedtoselectanAWSsolutionthatenablesautomateddeploymentofcloudservices.ThetemplatedesignwouldincludeanondefaultVPCwithEC2instances,ELB,Auto-Scalingandactive/activefailover.WhatAWSsolutionisrecommended?

A. BeanstalkB. OpsWorksC. CloudTrailD. CloudFormation

Answer(D)

Question31:

SelecttwostatementsthatcorrectlydescribeOpsWorks?

A. Opsworksprovidesoperationalandconfigurationautomation

B. OpsWorksisalowercostalternativetoBeanStalk

C. OpsWorksisprimarilyamonitoringservice

D. Chefscripts(recipes)areakeyaspectofOpsWorksAnswer(A,D)

Question32:

YourcompanyhasdevelopedanIoTapplicationthatsendsTelemetrydatafrom100,000sensors.Thesensorssendadatapointof1KBatone-minuteintervalstoaDynamoDBcollectorformonitoringpurposes.WhatAWSstackwouldenableyoutostoredataforreal-timeprocessingandanalyticsusingBItools?

A. Sensors->KinesisStream->Firehose->DynamoDBB. Sensors->KinesisStream->Firehose->DynamoDB->S3C. Sensors->AWSIoT->Firehose->RedShiftD. Sensors->KinesisDataStreams->Firehose->RDS

Answer(C)

Question33:

YourcompanyhasanapplicationthatwasdevelopedandmigratedtoAWScloud.TheapplicationleveragessomeAWSservicesaspartofthearchitecture.ThestackincludesEC2instances,RDSdatabase,S3buckets,RedShiftandLambdafunctions.InadditionthereisIAMsecuritypermissionsconfiguredwithdefinedusers,groupsandroles.TheapplicationismonitoredwithCloudWatchandSTSwasrecentlyaddedforpermittingWebIdentityFederationsign-onfromGoogleaccounts.YouwantasolutionthatcanleveragetheexperienceofyouremployeeswithAWScloudinfrastructureaswell.WhatAWSservicecancreateatemplateofthedesignandconfigurationforeasierdeploymentoftheapplicationtomultipleregions?

A. SnowballB. OpsworksC. CloudFormationD. Beanstalk

Answer(C)

MonitoringServicesQuestion1:

WhatstatementcorrectlydescribesCloudWatchoperationwithinAWScloud?

A. logdataisstoredindefinitely

B. logdataisstoredfor15days

C. alarmhistoryisneverdeleted

D. ELBisnotsupportedAnswer(A)

Question2:

WhataretwoAWSsubscriberendpointservicesthataresupportedwithSNS?

A. RDS

B. Kinesis

C. SQS

D. Lambda

E. EBS

F. ECSAnswer(C,D)

Question3:

WhatAWSservicesworkinconcerttointegratesecuritymonitoringandauditwithinaVPC?(Selectthree)

A. Syslog

B. CloudWatch

C. WAF

D. CloudTrail

E. VPCFlowLogAnswer(B,D,E)

Question4:

HowisCloudWatchintegratedwithLambda?(Selecttwo)

A. tenantmustenableCloudWatchmonitoring

B. networkmetricssuchaslatencyarenotmonitored

C. LambdafunctionsareautomaticallymonitoredthroughLambdaservice

D. loggroupiscreatedforeacheventsource

E. loggroupiscreatedforeachfunctionAnswer(C,E)

Question5:

WhattwostatementscorrectlydescribeAWSmonitoringandauditoperations?A. CloudTrailcapturesAPIcalls,storestheminanS3bucketandgenerates

aCloudwatcheventB. CloudWatchalarmcansendamessagetoaLambdafunctionC. CloudWatchalarmcansendamessagetoanSNSTopicthattriggersan

eventforaLambdafunctionD. CloudTrailcapturesallAWSeventsandstorestheminalogfileE. VPClogsdonotsupporteventsforsecuritygroups

Answer(A,C)

Question6:

WhatisrequiredforremotemanagementaccesstoyourLinux-basedinstance?

A. ACL

B. Telnet

C. SSH

D. RDPAnswer(C)

Question7:

WhataretwofeaturesofCloudWatchoperation?A. CloudWatchdoesnotsupportcustommetricsB. CloudWatchpermissionsaregrantedperfeatureandnotAWSresourceC. collectandmonitoroperatingsystemandapplicationgeneratedlogfilesD. AWSservicesautomaticallycreatelogsforCloudWatchE. CloudTrailgenerateslogsautomaticallywhenAWSaccountisactivated

Answer(B,C)

Question8:

YouareaskedtoselectanAWSsolutionthatwillcreatealogentryanytimeasnapshotofanRDSdatabaseinstanceanddeletestheoriginalinstance.SelecttheAWSservicethatwouldprovidethatfeature?

A. VPCFlowLogs

B. RDSAccessLogs

C. CloudWatch

D. CloudTrailAnswer(D)

Question9:

WhatisrequiredtoenableapplicationandoperatingsystemgeneratedlogsandpublishtoCloudWatchLogs?

A. Syslog

B. enableaccesslogs

C. IAMcross-accountenabled

D. CloudWatchLogAgentAnswer(D)

Question10:

WhatisthepurposeofVPCFlowLogs?

A. captureVPCerrormessages

B. captureIPtrafficonnetworkinterfaces

C. monitornetworkperformance

D. monitornetflowdatafromsubnets

E. enableSyslogservicesforVPCAnswer(B)

Question11:

Selecttwocloudinfrastructureservicesand/orcomponentsincludedwithdefaultCloudWatchmonitoring?

A. SQSqueues

B. operatingsystemmetrics

C. hypervisormetrics

D. virtualappliances

E. applicationlevelmetricsAnswer(A,C)

Question12:

WhatfeatureenablesCloudWatchtomanagecapacitydynamicallyforEC2instances?

A. replicationlag

B. Auto-Scaling

C. ElasticLoadBalancer

D. verticalscalingAnswer(B)

Question13:

WhatAWSserviceisusedtomonitortenantremoteaccessandvarioussecurityerrorsincludingauthenticationretries?

A. SSH

B. Telnet

C. CloudFront

D. CloudWatchAnswer(D)

Question14:

HowdoesAmazonAWSisolatemetricsfromdifferentapplicationsformonitoring,storeandreportingpurposes?

A. EC2instances

B. Beanstalk

C. CloudTrail

D. namespaces

E. DockerAnswer(D)

Question15:

WhatAmazonAWSserviceprovidesaccounttransactionmonitoringandsecurityaudit?

A. CloudFront

B. CloudTrail

C. CloudWatch

D. securitygroupAnswer(B)

Question16:

WhattwostatementscorrectlydescribeCloudWatchmonitoringofdatabaseinstances?

A. metricsaresentautomaticallyfromDynamoDBandRDStoCloudWatch

B. alarmsmustbeconfiguredforDynamoDBandRDSwithinCloudWatchC. metricsarenotenabledautomaticallyforDynamoDBandRDSD. RDSdoesnotsupportmonitoringofoperatingsystemmetrics

Answer(A,B)

Question17:WhatAWSservicecansendnotificationstocustomersmartphonesandmobileapplicationswithattachedvideoand/oralerts?

A. EMRB. LambdaC. SQSD. SNSE. CloudTrail

Answer(D)AmazonBooks•AWSCertifiedSolutionsArchitectAssociateExam:StudyNotes•AWSCertifiedSolutionsArchitectAssociateExam:CertificationPracticeQuestions(fullanswerkeyversion)