# Practice Exam 22 Click on the **Answer** button for the correct answer and its explanation. If this practice exam has been helpful to you please share it with others and react to this below. --- 1. A company operating in the AWS Cloud requires separate invoices for specific environments, such as development, testing, and production.
How can this be achieved? - A. Use multiple AWS accounts - B. Use resource tagging - C. Use multiple VPCs - D. Use Cost Explorer
Answer Correct Answer: A
2. Which AWS service can be used in the application deployment process? - A. AWS AppSync - B. AWS Batch - C. AWS CodePipeline - D. AWS DataSync
Answer Correct Answer: C
3. What can be used to reduce the cost of running Amazon EC2 instances? (Choose two.) - A. Spot Instances for stateless and flexible workloads - B. Memory optimized instances for high-compute workloads - C. On-Demand Instances for high-cost and sustained workloads - D. Reserved Instances for sustained workloads - E. Spend limits set using AWS Budgets
Answer Correct Answer: AD
4. A company is launching an e-commerce site that will store and process credit card data. The company requires information about AWS compliance reports and AWS agreements.
Which AWS service provides on-demand access to these items? - A. AWS Certificate Manager - B. AWS Config - C. AWS Artifact - D. AWS CloudTrail
Answer Correct Answer: C
5. Which AWS service or feature allows the user to manage cross-region application traffic? - A. Amazon AppStream 2.0 - B. Amazon VPC - C. Elastic Load Balancer - D. Amazon Route 53
Answer Correct Answer: D
6. Which AWS service can be used to track unauthorized API calls? - A. AWS Config - B. AWS CloudTrail - C. AWS Trusted Advisor - D. Amazon Inspector
Answer Correct Answer: B
7. A user needs to regularly audit and evaluate the setup of all AWS resources, identify non-compliant accounts, and be notified when a resource changes.
Which AWS service can be used to meet these requirements? - A. AWS Trusted Advisor - B. AWS Config - C. AWS Resource Access Manager - D. AWS Systems Manager
Answer Correct Answer: B
8. A user is planning to launch two additional Amazon EC2 instances to increase availability.
Which action should the user take? - A. Launch the instances across multiple Availability Zones in a single AWS Region. - B. Launch the instances as EC2 Reserved Instances in the same AWS Region and the same Availability Zone. - C. Launch the instances in multiple AWS Regions, but in the same Availability Zone. - D. Launch the instances as EC2 Spot Instances in the same AWS Region, but in different Availability Zones.
Answer Correct Answer: A
9. A company must store critical business data in Amazon S3 with a backup to another AWS Region.
How can this be achieved? - A. Use an Amazon CloudFront Content Delivery Network (CDN) to cache data globally - B. Set up Amazon S3 cross-region replication to another AWS Region - C. Configure the AWS Backup service to back up to the data to another AWS Region - D. Take Amazon S3 bucket snapshots and copy that data to another AWS Region
Answer Correct Answer: B
10. Which AWS Cloud service can send alerts to customers if custom spending thresholds are exceeded? - A. AWS Budgets - B. AWS Cost Explorer - C. AWS Cost Allocation Tags - D. AWS Organizations
Answer Correct Answer: A
11. What is the recommended method to request penetration testing on AWS resources? - A. Open a support case - B. Fill out the Penetration Testing Request Form - C. Request a penetration test from your technical account manager - D. Contact your AWS sales representative
Answer Correct Answer: B
12. A user needs to automatically discover, classify, and protect sensitive data stored in Amazon S3.
Which AWS service can meet these requirements? - A. Amazon Inspector - B. Amazon Macie - C. Amazon GuardDuty - D. AWS Secrets Manager
Answer Correct Answer: B
13. Which components are required to build a successful site-to-site VPN connection on AWS? (Choose two.) - A. Internet gateway - B. NAT gateway - C. Customer gateway - D. Transit gateway - E. Virtual private gateway
Answer Correct Answer: CE
14. Which Amazon EC2 pricing option is best suited for applications with short-term, spiky, or unpredictable workloads that cannot be interrupted? - A. Spot Instances - B. Dedicated Hosts - C. On-Demand Instances - D. Reserved Instances
Answer Correct Answer: C
15. Which AWS cloud architecture principle states that systems should reduce interdependencies? - A. Scalability - B. Services, not servers - C. Removing single points of failure - D. Loose coupling
Answer Correct Answer: D
16. What is the MOST effective resource for staying up to date on AWS security announcements? - A. AWS Personal Health Dashboard - B. AWS Secrets Manager - C. AWS Security Bulletins - D. Amazon Inspector
Answer Correct Answer: C
17. Which AWS service offers persistent storage for a file system? - A. Amazon S3 - B. Amazon EC2 instance store - C. Amazon Elastic Block Store (Amazon EBS) - D. Amazon ElastiCache
Answer Correct Answer: C
18. Which of the following allows AWS users to manage cost allocations for billing? - A. Tagging resources - B. Limiting who can create resources - C. Adding a secondary payment method - D. Running all operations on a single AWS account
Answer Correct Answer: A
19. Which AWS service allows users to download security and compliance reports about the AWS infrastructure on demand? - A. Amazon GuardDuty - B. AWS Security Hub - C. AWS Artifact - D. AWS Shield
Answer Correct Answer: C
20. Which of the following AWS services are serverless? (Choose two.) - A. AWS Lambda - B. Amazon Elasticsearch Service - C. AWS Elastic Beanstalk - D. Amazon DynamoDB - E. Amazon Redshift
Answer Correct Answer: AD
21. Which AWS managed services can be used to extend an on-premises data center to the AWS network? (Choose two.) - A. AWS VPN - B. NAT gateway - C. AWS Direct Connect - D. Amazon Connect - E. Amazon Route 53
Answer Correct Answer: AC
22. Which requirement must be met for a member account to be unlinked from an AWS Organizations account? - A. The linked account must be actively compliant with AWS System and Organization Controls (SOC). - B. The payer and the linked account must both create AWS Support cases to request that the member account be unlinked from the organization. - C. The member account must meet the requirements of a standalone account. - D. The payer account must be used to remove the linked account from the organization.
Answer Correct Answer: C
23. What AWS benefit refers to a customer's ability to deploy applications that scale up and down the meet variable demand? - A. Elasticity - B. Agility - C. Security - D. Scalability
Answer Correct Answer: D
24. During a compliance review, one of the auditors requires a copy of the AWS SOC 2 report.
Which service should be used to submit this request? - A. AWS Personal Health Dashboard - B. AWS Trusted Advisor - C. AWS Artifact - D. Amazon S3
Answer Correct Answer: C
25. A company wants to set up a highly available workload in AWS with a disaster recovery plan that will allow the company to recover in case of a regional service interruption.
Which configuration will meet these requirements? - A. Run on two Availability Zones in one AWS Region, using the additional Availability Zones in the AWS Region for the disaster recovery site. - B. Run on two Availability Zones in one AWS Region, using another AWS Region for the disaster recovery site. - C. Run on two Availability Zones in one AWS Region, using a local AWS Region for the disaster recovery site. - D. Run across two AWS Regions, using a third AWS Region for the disaster recovery site.
Answer Correct Answer: BD Explanation: Option D increased complexity and cost.
26. A company has a 500 TB image repository that needs to be transported to AWS for processing.
Which AWS service can import this data MOST cost-effectively? - A. AWS Snowball - B. AWS Direct Connect - C. AWS VPN - D. Amazon S3
Answer Correct Answer: A Explanation:
27. Which AWS service can run a managed PostgreSQL database that provides online transaction processing (OLTP)? - A. Amazon DynamoDB - B. Amazon Athena - C. Amazon RDS - D. Amazon EMR
Answer Correct Answer: C Explanation:
28. Which of the following assist in identifying costs by department? (Choose two.) - A. Using tags on resources - B. Using multiple AWS accounts - C. Using an account manager - D. Using AWS Trusted Advisor - E. Using Consolidated Billing
Answer Correct Answer: AB
29. A company wants to allow full access to an Amazon S3 bucket for a particular user.
Which element in the S3 bucket policy holds the user details that describe who needs access to the S3 bucket? - A. Principal - B. Action - C. Resource - D. Statement
Answer Correct Answer: A Explanation:
30. Which AWS service allows for effective cost management of multiple AWS accounts? - A. AWS Organizations - B. AWS Trusted Advisor - C. AWS Direct Connect - D. Amazon Connect
Answer Correct Answer: A Explanation:
31. A company is piloting a new customer-facing application on Amazon Elastic Compute Cloud (Amazon EC2) for one month.
What pricing model is appropriate? - A. Reserved Instances - B. Spot Instances - C. On-Demand Instances - D. Dedicated Hosts
Answer Correct Answer: C Explanation:
32. Which AWS tools automatically forecast future AWS costs? - A. AWS Support Center - B. AWS Total Cost of Ownership (TCO) Calculator - C. AWS Simple Monthly Calculator - D. Cost Explorer
Answer Correct Answer: D Explanation:
33. Under the AWS shared responsibility model, which of the following is a responsibility of AWS? - A. Enabling server-side encryption for objects stored in S3 - B. Applying AWS IAM security policies - C. Patching the operating system on an Amazon EC2 instance - D. Applying updates to the hypervisor
Answer Correct Answer: D Explanation:
34. A user is able to set up a master payer account to view consolidated billing reports through: - A. AWS Budgets. - B. Amazon Macie. - C. Amazon QuickSight. - D. AWS Organizations.
Answer Correct Answer: D Explanation:
35. Performing operations as code is a design principle that supports which pillar of the AWS Well-Architected Framework? - A. Performance efficiency - B. Operational excellence - C. Reliability - D. Security
Answer Correct Answer: B Explanation:
36. Which design principle is achieved by following the reliability pillar of the AWS Well-Architected Framework? - A. Vertical scaling - B. Manual failure recovery - C. Testing recovery procedures - D. Changing infrastructure manually
Answer Correct Answer: C Explanation:
37. What is a characteristic of Convertible Reserved Instances (RIs)? - A. Users can exchange Convertible RIs for other Convertible RIs from a different instance family with an equal or higher value than the Convertible Reserved Instances that you are exchanging. - B. Users can exchange Convertible RIs for other Convertible RIs in different AWS Regions. - C. Users can sell and buy Convertible RIs on the AWS Marketplace. - D. Users can shorten the term of their Convertible RIs by merging them with other Convertible RIs.
Answer Correct Answer: A Explanation:
38. The user is fully responsible for which action when running workloads on AWS? - A. Patching the infrastructure components - B. Implementing controls to route application traffic - C. Maintaining physical and environmental controls - D. Maintaining the underlying infrastructure components
Answer Correct Answer: B
39. An architecture design includes Amazon EC2, an Elastic Load Balancer, and Amazon RDS.
What is the BEST way to get a monthly cost estimation for this architecture? - A. Open an AWS Support case, provide the architecture proposal, and ask for a monthly cost estimation. - B. Collect the published prices of the AWS services and calculate the monthly estimate. - C. Use the AWS Simple Monthly Calculator to estimate the monthly cost. - D. Use the AWS Total Cost of Ownership (TCO) Calculator to estimate the monthly cost.
Answer Correct Answer: C Explanation:
40. Which are benefits of using Amazon RDS over Amazon EC2 when running relational databases on AWS? (Choose two.) - A. Automated backups - B. Schema management - C. Indexing of tables - D. Software patching - E. Extract, transform, and load (ETL) management
Answer Correct Answer: AD Explanation:
41. What does the Amazon S3 Intelligent-Tiering storage class offer? - A. Payment flexibility by reserving storage capacity - B. Long-term retention of data by copying the data to an encrypted Amazon Elastic Block Store (Amazon EBS) volume - C. Automatic cost savings by moving objects between tiers based on access pattern changes - D. Secure, durable, and lowest cost storage for data archival
Answer Correct Answer: C Explanation:
42. A company has multiple data sources across the organization and wants to consolidate data into one data warehouse.
Which AWS service can be used to meet this requirement? - A. Amazon DynamoDB - B. Amazon Redshift - C. Amazon Athena - D. Amazon QuickSight
Answer Correct Answer: B Explanation:
43. Which AWS service can be used to track resource changes and establish compliance? - A. Amazon CloudWatch - B. AWS Config - C. AWS CloudTrail - D. AWS Trusted Advisor
Answer Correct Answer: B Explanation:
44. A user has underutilized on-premises resources.
Which AWS Cloud concept can BEST address this issue? - A. High availability - B. Elasticity - C. Security - D. Loose coupling
Answer Correct Answer: B Explanation:
45. A user has a stateful workload that will run on Amazon EC2 for the next 3 years.
What is the MOST cost-effective pricing model for this workload? - A. On-Demand Instances - B. Reserved Instances - C. Dedicated Instances - D. Spot Instances
Answer Correct Answer: B
46. A cloud practitioner needs an Amazon EC2 instance to launch and run for 7 hours without interruptions.
What is the most suitable and cost-effective option for this task? - A. On-Demand Instance - B. Reserved Instance - C. Dedicated Host - D. Spot Instance
Answer Correct Answer: A
47. Which of the following are benefits of using AWS Trusted Advisor? (Choose two.) - A. Providing high-performance container orchestration - B. Creating and rotating encryption keys - C. Detecting underutilized resources to save costs - D. Improving security by proactively monitoring the AWS environment - E. Implementing enforced tagging across AWS resources
Answer Correct Answer: CD Explanation:
48. A developer has been hired by a large company and needs AWS credentials.
Which are security best practices that should be followed? (Choose two.) - A. Grant the developer access to only the AWS resources needed to perform the job. - B. Share the AWS account root user credentials with the developer. - C. Add the developer to the administrator's group in AWS IAM. - D. Configure a password policy that ensures the developer's password cannot be changed. - E. Ensure the account password policy requires a minimum length.
Answer Correct Answer: AE
49. Which AWS storage service is designed to transfer petabytes of data in and out of the cloud? - A. AWS Storage Gateway - B. Amazon S3 Glacier Deep Archive - C. Amazon Lightsail - D. AWS Snowball
Answer Correct Answer: D Explanation:
50. Which service provides a user the ability to warehouse data in the AWS Cloud? - A. Amazon EFS - B. Amazon Redshift - C. Amazon RDS - D. Amazon VPC
Answer Correct Answer: B Explanation:
Please feel free to comment below if any information is inaccurate or if any answers need correction. [ Exam List](../practice-exam/exams.md)