AWS Cloud Practitioner

Study online at https://quizlet.com/_bvpivw

1. A company is planning to run a global marketing D. Amazon Cloud-

application in the AWS Cloud. The application will fea- Front
ture videos that can be viewed by users. The company
must ensure that all users can view these videos with
low latency.Which AWS service should the company
use to meet this requirement?
A. AWS Auto Scaling
B. Amazon Kinesis Video Streams
C. Elastic Load Balancing
D. Amazon CloudFront

2. Which pillar of the AWS Well-Architected Framework B. Reliability

refers to the ability of a system to recover from in-
frastructure or service disruptions and dynamically
acquire computing resources to meet demand?
A. Security
B. Reliability
C. Performance efficiency
D. Cost optimization

3. Which of the following are benefits of migrating to the A. Operational re-

AWS Cloud? (Choose two.) silience
A. Operational resilience C. Business agility
B. Discounts for products on Amazon.com
C. Business agility
D. Business excellence
E. Increased staff retention

4. A company is planning to replace its physical B. Performance ef-

on-premises compute servers with AWS serverless ficiency
compute services. The company wants to be able
to take advantage of advanced technologies quickly
after the migration.Which pillar of the AWS Well-Ar-
chitected Framework does this plan represent?
A. Security
B. Performance efficiency
C. Operational excellence
D. Reliability

1 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
5. A large company has multiple departments. Each D. AWS Organiza-
department has its own AWS account. Each de- tions
partment has purchased Amazon EC2 Reserved In-
stances.Some departments do not use all the Re-
served Instances that they purchased, and other de-
partments need more Reserved Instances than they
purchased.The company needs to manage the AWS
accounts for all the departments so that the depart-
ments can share the Reserved Instances.Which AWS
service or tool should the company use to meet these
requirements?
A. AWS Systems Manager
B. Cost Explorer
C. AWS Trusted Advisor
D. AWS Organizations

6. Which component of the AWS global infrastructure B. Availability

is made up of one or more discrete data centers that Zone
have redundant power, networking, and connectivi-
ty?
A. AWS Region
B. Availability Zone
C. Edge location
D. AWS Outposts

7. Which duties are the responsibility of a company that A. Security inside

is using AWS Lambda? (Choose two.) of code
A. Security inside of code D. Writing and up-
B. Selection of CPU resources dating of code
C. Patching of operating system
D. Writing and updating of code
E. Security of underlying infrastructure

8. Which AWS services or features provide disas- B. EC2 Amazon

ter recovery solutions for Amazon EC2 instances? Machine Images
(Choose two.) (AMIs)
A. À•À¡2
Reserved Instances C. Amazon Elastic
B. EC2 Amazon Machine Images (AMIs) Block Store (Ama-
C. Amazon Elastic Block Store (Amazon EBS) snap-

2 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
shots zon EBS) snap-
D. AWS Shield shots
E. Amazon GuardDuty

9. A company is migrating to the AWS Cloud instead of B. Increased glob-

running its infrastructure on premises.Which of the al reach and agility
following are advantages of this migration? (Choose C. Ability to deploy
two.) globally in minutes
A. Elimination of the need to perform security audit-
ing
B. Increased global reach and agility
C. Ability to deploy globally in minutes
D. Elimination of the cost of IT staff members
E. Redundancy by default for all compute services

10. A user is comparing purchase options for an appli- C. Buy Reserved

cation that runs on Amazon EC2 and Amazon RDS. Instances for the
The application cannot sustain any interruption. The predicted amount
application experiences a predictable amount of us- of usage through-
age, including some seasonal spikes that last only out the year. Allow
a few weeks at a time. It is not possible to modify any seasonal us-
the application.Which purchase option meets these age to run at an
requirements MOST cost-effectively? On-Demand rate.
A. Review the AWS Marketplace and buy Partial Up-
front Reserved Instances to cover the predicted and
seasonal load.
B. Buy Reserved Instances for the predicted amount
of usage throughout the year. Allow any seasonal
usage to run on Spot Instances.
C. Buy Reserved Instances for the predicted amount
of usage throughout the year. Allow any seasonal
usage to run at an On-Demand rate.
D. Buy Reserved Instances to cover all potential
usage that results from the seasonal usage.

11. A company wants to review its monthly costs of B. Cost Explorer

using Amazon EC2 and Amazon RDS for the past
year.Which AWS service or tool provides this infor-
mation?

3 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. AWS Trusted Advisor
B. Cost Explorer
C. Amazon Forecast
D. Amazon CloudWatch

12. A company wants to migrate a critical application to B. AWS Lambda

AWS. The application has a short runtime. The appli-
cation is invoked by changes in data or by shifts in
system state. The company needs a compute solution
that maximizes operational efficiency and minimizes
the cost of running the application.Which AWS solu-
tion should the company use to meet these require-
ments?
A. Amazon EC2 On-Demand Instances
B. AWS Lambda
C. Amazon EC2 Reserved Instances
D. Amazon EC2 Spot Instances

13. Which AWS service or feature allows users to con- D. AWS software
nect with and deploy AWS services programmatical- development kits
ly? (SDKs)
A. AWS Management Console
B. AWS Cloud9
C. AWS CodePipeline
D. AWS software development kits (SDKs)

14. A company plans to create a data lake that uses A. The selection of
Amazon S3.Which factor will have the MOST effect on S3 storage tiers
cost?
A. The selection of S3 storage tiers
B. Charges to transfer existing data into Amazon S3
C. The addition of S3 bucket policies
D. S3 ingest fees for each request

15. A company is launching an ecommerce application B. Savings Plans

that must always be available. The application will
run on Amazon EC2 instances continuously for the
next12 months.What is the MOST cost-effective in-
stance purchasing option that meets these require-
ments?
4 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. Spot Instances
B. Savings Plans
C. Dedicated Hosts
D. On-Demand Instances

16. Which AWS service or feature can a company use to A. Cost allocation
determine which business unit is using specific AWS tags
resources?
A. Cost allocation tags
B. Key pairs
C. Amazon Inspector
D. AWS Trusted Advisor

17. A company wants to migrate its workloads to AWS, B. AWS Consult-

but it lacks expertise in AWS Cloud computing.Which ing Partners
AWS service or feature will help the company with its
migration?
A. AWS Trusted Advisor
B. AWS Consulting Partners
C. AWS Artifacts
D. AWS Managed Services

18. Which AWS service or tool should a company use to B. Service Quotas
centrally request and track service limit increases?
A. AWS Config
B. Service Quotas
C. AWS Service Catalog
D. AWS Budgets

19. Which documentation does AWS Artifact provide? B. AWS ISO certi-
A. Amazon EC2 terms and conditions fications
B. AWS ISO certifications
C. A history of a company's AWS spending
D. A list of previous-generation Amazon EC2 in-
stance types

20. Which task requires using AWS account root user B. Changing the
credentials? AWS Support plan
A. Viewing billing information
B. Changing the AWS Support plan
5 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Starting and stopping Amazon EC2 instances
D. Opening an AWS Support case

21. A company needs to simultaneously process hun- A. Amazon Sim-

dreds of requests from different users.Which combi- ple Queue Service
nation of AWS services should the company use to (Amazon SQS)
build an operationally efficient solution? and AWS Lambda
A. Amazon Simple Queue Service (Amazon SQS) and
AWS Lambda
B. AWS Data Pipeline and Amazon EC2
C. Amazon Kinesis and Amazon Athena
D. AWS Amplify and AWS AppSync

22. What is the scope of a VPC within the AWS network? D. A VPC can
A. A VPC can span all Availability Zones globally. span all Availabili-
B. A VPC must span at least two subnets in each AWS ty Zones within an
Region. AWS Region.
C. A VPC must span at least two edge locations in
each AWS Region.
D. A VPC can span all Availability Zones within an
AWS Region.

23. Which of the following are components of an AWS B. Virtual private

Site-to-Site VPN connection? (Choose two.) gateway
A. AWS Storage Gateway D. Customer gate-
B. Virtual private gateway way
C. NAT gateway
D. Customer gateway
E. Internet gateway

24. A company needs to establish a connection between B. VPC peering

two VPCs. The VPCs are located in two different AWS
Regions. The company wants to use the existing in-
frastructure of the VPCs for this connection.Which
AWS service or feature can be used to establish this
connection?
A. AWS Client VPN
B. VPC peering
C. AWS Direct Connect
D. VPC endpoints
6 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw

25. According to the AWS shared responsibility model, C. Design encryp-

what responsibility does a customer have when us- tion-at-rest strate-
ing Amazon RDS to host a database? gies
A. Manage connections to the database
B. Install Microsoft SQL Server
C. Design encryption-at-rest strategies
D. Apply minor database patches

26. What are some advantages of using Amazon EC2 D. EC2 has a flexi-
instances to host applications in the AWS Cloud in- ble, pay-as-you-go
stead of on premises? (Choose two.) pricing model.
A. EC2 includes operating system patch manage- E. EC2 has auto-
ment. matic storage cost
B. EC2 integrates with Amazon VPC, AWS CloudTrail, optimization.
and AWS Identity and Access Management (IAM).
C. EC2 has a 100% service level agreement (SLA).
D. EC2 has a flexible, pay-as-you-go pricing model.
E. EC2 has automatic storage cost optimization.

27. A user needs to determine whether an Amazon EC2 C. Use AWS

instance's security groups were modified in the last CloudTrail to see if
month.How can the user see if a change was made? the security group
A. Use Amazon EC2 to see if the security group was was changed.
changed.
B. Use AWS Identity and Access Management (IAM)
to see which user or role changed the security group.
C. Use AWS CloudTrail to see if the security group
was changed.
D. Use Amazon CloudWatch to see if the security
group was changed.

28. Which AWS service will help protect applications run- C. AWS Shield
ning on AWS from DDoS attacks? Most Voted
A. Amazon GuardDuty
B. AWS WAF
C. AWS Shield
D. Amazon Inspector

29. D. Security group

7 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
Which AWS service or feature acts as a firewall for
Amazon EC2 instances?
A. Network ACL
B. Elastic network interface
C. Amazon VPC
D. Security group

30. How does the AWS Cloud pricing model differ from B. There are no in-
the traditional on-premises storage pricing model? frastructure oper-
A. AWS resources do not incur costs ating costs
B. There are no infrastructure operating costs
C. There are no upfront cost commitments
D. There are no software licensing costs

31. A company has a single Amazon EC2 instance. The B. Scale horizon-
company wants to adopt a highly available architec- tally across mul-
ture.What can the company do to meet this require- tiple Availability
ment? Zones.
A. Scale vertically to a larger EC2 instance size.
B. Scale horizontally across multiple Availability
Zones.
C. Purchase an EC2 Dedicated Instance.
D. Change the EC2 instance family to a compute
optimized instance.

32. A company's on-premises application deployment C. Agility

cycle was 3-4 weeks. After migrating to the AWS
Cloud, the company can deploy the application in 2-3
days.Which benefit has this company experienced by
moving to the AWS Cloud?
A. Elasticity
B. Flexibility
C. Agility
D. Resilience

33. Which of the following are included in AWS Enter- A. AWS technical
prise Support? (Choose two.) account manager
A. AWS technical account manager (TAM) (TAM)
B. AWS partner-led support D. Support of
C. AWS Professional Services third-party soft-
8 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
D. Support of third-party software integration to AWS ware integration to
E. 5-minute response time for critical issues AWS

34. A global media company uses AWS Organizations to B. Service control

manage multiple AWS accounts.Which AWS service policies (SCPs)
or feature can the company use to limit the access to
AWS services for member accounts?
A. AWS Identity and Access Management (IAM)
B. Service control policies (SCPs)
C. Organizational units (OUs)
D. Access control lists (ACLs)

35. A company wants to limit its employees' AWS access C. AWS Service
to a portfolio of predefined AWS resources.Which Catalog
AWS solution should the company use to meet this
requirement?
A. AWS Config
B. AWS software development kits (SDKs)
C. AWS Service Catalog
D. AWS AppSync

36. An online company was running a workload on A. Business agility

premises and was struggling to launch new prod-
ucts and features. After migrating the workload to
AWS, the company can quickly launch products
and features and can scale its infrastructure as re-
quired.Which AWS Cloud value proposition does this
scenario describe?
A. Business agility
B. High availability
C. Security
D. Centralized auditing

37. Which of the following are advantages of the AWS B. Ability to quick-
Cloud? (Choose two.) ly change required
A. AWS management of user-owned infrastructure capacity
B. Ability to quickly change required capacity C. High
C. High economies of scale economies of
D. Increased deployment time to market scale
E. Increased fixed expenses
9 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw

38. AWS has the ability to achieve lower pay-as-you-go C. High

pricing by aggregating usage across hundreds of economies of
thousands of users.This describes which advantage scale
of the AWS Cloud?
A. Launch globally in minutes
B. Increase speed and agility
C. High economies of scale
D. No guessing about compute capacity

39. A company has a database server that is always A. Standard Re-

running. The company hosts the server on Amazon served Instances
EC2 instances. The instance sizes are suitable for the
workload. The workload will run for 1 year.Which EC2
instance purchasing option will meet these require-
ments MOST cost-effectively?
A. Standard Reserved Instances
B. On-Demand Instances
C. Spot Instances
D. Convertible Reserved Instances

40. A company is developing a mobile app that needs a D. Amazon Doc-

high-performance NoSQL database.Which AWS ser- umentDB (with
vices could the company use for this database? MongoDB com-
(Choose two.) patibility)
A. Amazon Aurora E. Amazon Dy-
B. Amazon RDS namoDB
C. Amazon Redshift
D. Amazon DocumentDB (with MongoDB compatibil-
ity)
E. Amazon DynamoDB

41. Which tasks are the responsibility of AWS, according B. Upgrade the
to the AWS shared responsibility model? (Choose firmware of the
two.) network infra-
A. Patch the Amazon EC2 guest operating system. structure.
B. Upgrade the firmware of the network infrastruc- D. Maintain the
ture. physical security
C. Apply password rotation for IAM users. of edge locations.
D. Maintain the physical security of edge locations.
10 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
E. Maintain least privilege access to the root user
account.

42. Which of the following are features of network ACLs A. They are state-
as they are used in the AWS Cloud? (Choose two.) less.
A. They are stateless. D. They process
B. They are stateful. rules in order,
C. They evaluate all rules before allowing traffic. starting with the
D. They process rules in order, starting with the low- lowest numbered
est numbered rule, when deciding whether to allow rule, when decid-
traffic. ing whether to al-
E. They operate at the instance level. low traffic.

43. A company has designed its AWS Cloud infrastruc- D. Operational ex-
ture to run its workloads effectively. The compa- cellence
ny also has protocols in place to continuously im-
prove supporting processes.Which pillar of the AWS
Well-Architected Framework does this scenario rep-
resent?
A. Security
B. Performance efficiency
C. Cost optimization
D. Operational excellence

44. Which AWS service or feature can be used to create C. AWS Direct
a private connection between an on-premises work- Connect
load and an AWS Cloud workload?
A. Amazon Route 53
B. Amazon Macie
C. AWS Direct Connect
D. AWS PrivateLink

45. A company needs to graphically visualize AWS billing B. Cost Explorer

and usage over time. The company also needs in-
formation about its AWS monthly costs.Which AWS
Billing and Cost Management tool provides this data
in a graphical format?
A. AWS Bills
B. Cost Explorer

11 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. AWS Cost and Usage Report
D. AWS Budgets

46. A company wants to run production workloads on B. AWS Enterprise

AWS. The company needs concierge service, a des- Support
ignated AWS technical account manager (TAM), and
technical support that is available 24 hours a day, 7
days a week.Which AWS Support plan will meet these
requirements?
A. AWS Basic Support
B. AWS Enterprise Support
C. AWS Business Support
D. AWS Developer Support

47. Which architecture design principle describes the D. Loosely couple

need to isolate failures between dependent compo- components.
nents in the AWS Cloud?
A. Use a monolithic design.
B. Design for automation.
C. Design for single points of failure.
D. Loosely couple components.

48. Which AWS services are managed database ser- C. Amazon RDS
vices? (Choose two.) E. Amazon Dy-
A. Amazon Elastic Block Store (Amazon EBS) namoDB
B. Amazon S3
C. Amazon RDS
D. Amazon Elastic File System (Amazon EFS)
E. Amazon DynamoDB

49. A company is using the AWS Free Tier for several A. The company
AWS services for an application.What will happen if will be charged
the Free Tier usage period expires or if the application the standard
use exceeds the Free Tier usage limits? pay-as-you-go
A. The company will be charged the standard service rates for
pay-as-you-go service rates for the usage that ex- the usage that
ceeds the Free Tier usage. exceeds the Free
B. AWS Support will contact the company to set up Tier usage.
standard service charges.
C. The company will be charged for the services it
12 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
consumed during the Free Tier period, plus additional
charges for service consumption after the Free Tier
period.
D. The company's AWS account will be frozen and
can be restarted after a payment plan is established.

50. A company recently deployed an Amazon RDS in- B. Security groups

stance in its VPC. The company needs to implement a
stateful firewall to limit traffic to the private corporate
network.Which AWS service or feature should the
company use to limit network traffic directly to its
RDS instance?
A. Network ACLs
B. Security groups
C. AWS WAF
D. Amazon GuardDuty

51. Which AWS service uses machine learning to help B. Amazon Macie
discover, monitor, and protect sensitive data that is
stored in Amazon S3 buckets?
A. AWS Shield
B. Amazon Macie
C. AWS Network Firewall
D. Amazon Cognito

52. A company wants to improve the overall availability C. AWS Global Ac-
and performance of its applications that are host- celerator
ed on AWS.Which AWS service should the company
use?
A. Amazon Connect
B. Amazon Lightsail
C. AWS Global Accelerator
D. AWS Storage Gateway

53. Which AWS service or feature identifies whether an C. AWS IAM Ac-
Amazon S3 bucket or an IAM role has been shared cess Analyzer
with an external entity?
A. AWS Service Catalog
B. AWS Systems Manager

13 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. AWS IAM Access Analyzer
D. AWS Organizations

54. A company does not want to rely on elaborate fore- D. Cost optimiza-
casting to determine its usage of compute resources. tion
Instead, the company wants to pay only for the re-
sources that it uses. The company also needs the
ability to increase or decrease its resource usage
to meet business requirements.Which pillar of the
AWS Well-Architected Framework aligns with these
requirements?
A. Operational excellence
B. Security
C. Reliability
D. Cost optimization

55. A company wants to launch its workload on AWS D. Reliability

and requires the system to automatically recover
from failure.Which pillar of the AWS Well-Architected
Framework includes this requirement?
A. Cost optimization
B. Operational excellence
C. Performance efficiency
D. Reliability

56. A large enterprise with multiple VPCs in several AWS B. AWS Transit
Regions around the world needs to connect and Gateway
centrally manage network connectivity between its
VPCs.Which AWS service or feature meets these re-
quirements?
A. AWS Direct Connect
B. AWS Transit Gateway
C. AWS Site-to-Site VPN
D. VPC endpoints

57. Which AWS service supports the creation of visual B. Amazon Quick-
reports from AWS Cost and Usage Report data? Sight
A. Amazon Athena
B. Amazon QuickSight

14 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Amazon CloudWatch
D. AWS Organizations

58. Which AWS service should be used to monitor Ama- C. Amazon Cloud-
zon EC2 instances for CPU and network utilization? Watch
A. Amazon Inspector
B. AWS CloudTrail
C. Amazon CloudWatch
D. AWS Config

59. A company is preparing to launch a new web store C. AWS infrastruc-

that is expected to receive high traffic for an upcom- ture event man-
ing event. The web store runs only on AWS, and the agement
company has an AWS Enterprise Support plan.Which
AWS resource will provide guidance about how the
company should scale its architecture and opera-
tional support during the event?
A. AWS Abuse team
B. The designated AWS technical account manager
(TAM)
C. AWS infrastructure event management
D. AWS Professional Services

60. A user wants to deploy a service to the AWS Cloud by B. AWS CloudFor-
using infrastructure-as-code (IaC) principles.Which mation
AWS service can be used to meet this requirement?
A. AWS Systems Manager
B. AWS CloudFormation
C. AWS CodeCommit
D. AWS Config

61. A company that has multiple business units wants A. AWS Organiza-
to centrally manage and govern its AWS Cloud envi- tions
ronments. The company wants to automate the cre-
ation ofAWS accounts, apply service control policies
(SCPs), and simplify billing processes.Which AWS
service or tool should the company use to meet these
requirements?
A. AWS Organizations
B. Cost Explorer
15 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. AWS Budgets
D. AWS Trusted Advisor

62. Which IT controls do AWS and the customer share, B. Patch manage-
according to the AWS shared responsibility model? ment
(Choose two.) C. Cloud aware-
A. Physical and environmental controls ness and training
B. Patch management
C. Cloud awareness and training
D. Zone security
E. Application data encryption

63. A company is launching an application in the AWS B. S3 Versioning

Cloud. The application will use Amazon S3 storage.
A large team of researchers will have shared access
to the data. The company must be able to recover
data that is accidentally overwritten or deleted.Which
S3 feature should the company turn on to meet this
requirement?
A. Server access logging
B. S3 Versioning
C. S3 Lifecycle rules
D. Encryption in transit and at rest

64. A manufacturing company has a critical application D. AWS Outposts

that runs at a remote site that has a slow internet
connection. The company wants to migrate the work-
load toAWS. The application is sensitive to latency
and interruptions in connectivity. The company wants
a solution that can host this application with mini-
mum latency.Which AWS service or feature should
the company use to meet these requirements?
A. Availability Zones
B. AWS Local Zones
C. AWS Wavelength
D. AWS Outposts

65. A company wants to migrate its applications from its B. Create a

on-premises data center to a VPC in the AWS Cloud. VPN connec-
These applications will need to access on-premis- tion between an
16 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
es resources.Which actions will meet these require- on-premises de-
ments? (Choose two.) vice and a virtual
A. Use AWS Service Catalog to identify a list of private gateway in
on-premises resources that can be migrated. the VPC.
B. Create a VPN connection between an on-premises D. Set up
device and a virtual private gateway in the VPC. an AWS Direct
C. Use an Amazon CloudFront distribution and con- Connect connec-
figure it to accelerate content delivery close to the tion between the
on-premises resources. on-premises data
D. Set up an AWS Direct Connect connection be- center and AWS.
tween the on-premises data center and AWS.
E. Use Amazon CloudFront to restrict access to static
web content provided through the on-premises web
servers.

66. A company wants to use the AWS Cloud to provide B. Amazon App-
secure access to desktop applications that are run- Stream 2.0
ning in a fully managed environment.Which AWS ser-
vice should the company use to meet this require-
ment?
A. Amazon S3
B. Amazon AppStream 2.0
C. AWS AppSync
D. AWS Outposts

67. A company wants to implement threat detection on C. Amazon Guard-

its AWS infrastructure. However, the company does Duty
not want to deploy additional software.Which AWS
service should the company use to meet these re-
quirements?
A. Amazon VPC
B. Amazon EC2
C. Amazon GuardDuty
D. AWS Direct Connect

68. Which AWS service uses edge locations? B. AWS Global Ac-
A. Amazon Aurora celerator
B. AWS Global Accelerator

17 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Amazon Connect
D. AWS Outposts

69. A company needs to install an application in a Docker A. AWS Fargate

container.Which AWS service eliminates the need to
provision and manage the container hosts?
A. AWS Fargate
B. Amazon FSx for Windows File Server
C. Amazon Elastic Container Service (Amazon ECS)
D. Amazon EC2

70. Which AWS service or feature checks access policies B. AWS IAM Ac-
and offers actionable recommendations to help users cess Analyzer
set secure and functional policies?
A. AWS Systems Manager
B. AWS IAM Access Analyzer
C. AWS Trusted Advisor
D. Amazon GuardDuty

71. A company has a fleet of cargo ships. The cargo D. AWS Snowball
ships have sensors that collect data at sea, where Edge
there is intermittent or no internet connectivity. The
company needs to collect, format, and process the
data at sea and move the data to AWS later.Which
AWS service should the company use to meet these
requirements?
A. AWS IoT Core
B. Amazon Lightsail
C. AWS Storage Gateway
D. AWS Snowball Edge

72. A retail company needs to build a highly available A. Amazon EC2

architecture for a new ecommerce platform. The com- B. Amazon Elastic
pany is using only AWS services that replicate data Block Store (Ama-
across multiple Availability Zones.Which AWS ser- zon EBS)
vices should the company use to meet this require-
ment? (Choose two.)
A. Amazon EC2
B. Amazon Elastic Block Store (Amazon EBS)
C. Amazon Aurora
18 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
D. Amazon DynamoDB
E. Amazon Redshift

73. Which characteristic of the AWS Cloud helps users B. Elasticity

eliminate underutilized CPU capacity?
A. Agility
B. Elasticity
C. Reliability
D. Durability

74. Service control policies (SCPs) manage permissions C. AWS Organiza-

for which of the following? tions
A. Availability Zones
B. AWS Regions
C. AWS Organizations
D. Edge locations

75. Which AWS service can be used to encrypt data at D. AWS Key Man-
rest? agement Service
A. Amazon GuardDuty (AWS KMS)
B. AWS Shield
C. AWS Security Hub
D. AWS Key Management Service (AWS KMS)

76. Which characteristics are advantages of using the B. Compute ca-

AWS Cloud? (Choose two.) pacity that is ad-
A. A 100% service level agreement (SLA) for all AWS justed on demand
services D. Enhanced se-
B. Compute capacity that is adjusted on demand curity
C. Availability of AWS Support for code development
D. Enhanced security
E. Increases in cost and complexity

77. A user is storing objects in Amazon S3. The user B. Tag the objects
needs to restrict access to the objects to meet com- in the S3 bucket.
pliance obligations.What should the user do to meet
this requirement?
A. Use AWS Secrets Manager.
B. Tag the objects in the S3 bucket.

19 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Use security groups.
D. Use network ACLs.

78. A company wants to convert video files and au- A. Amazon Elastic
dio files from their source format into a format Transcoder
that will play on smartphones, tablets, and web
browsers.Which AWS service will meet these require-
ments?
A. Amazon Elastic Transcoder
B. Amazon Comprehend
C. AWS Glue
D. Amazon Rekognition

79. Which of the following are benefits of Amazon EC2 A. Improved

Auto Scaling? (Choose two.) health and avail-
A. Improved health and availability of applications ability of applica-
B. Reduced network latency tions
C. Optimized performance and costs C. Optimized per-
D. Automated snapshots of data formance and
E. Cross-Region Replication costs

80. A company has several departments. Each depart- B. Consolidated

ment has its own AWS accounts for its applications. billing
The company wants all AWS costs on a single invoice
to simplify payment, but the company wants to know
the costs that each department is incurring.Which
AWS tool or feature will provide this functionality?
A. AWS Cost and Usage Reports
B. Consolidated billing
C. Savings Plans
D. AWS Budgets

81. A company runs its workloads on premises. The com- A. AWS Pricing
pany wants to forecast the cost of running a large Calculator
application on AWS.Which AWS service or tool can
the company use to obtain this information?
A. AWS Pricing Calculator
B. AWS Budgets
C. AWS Trusted Advisor
D. Cost Explorer
20 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw

82. A company wants to eliminate the need to guess D. Pay-as-you-go

infrastructure capacity before deployments. The com- pricing
pany also wants to spend its budget on cloud
resources only as the company uses the re-
sources.Which advantage of the AWS Cloud matches
the company's requirements?
A. Reliability
B. Global reach
C. Economies of scale
D. Pay-as-you-go pricing

83. Which AWS service supports a hybrid architecture C. AWS Outposts

that gives users the ability to extend AWS infrastruc-
ture, AWS services, APIs, and tools to data centers,
co- location environments, or on-premises facilities?
A. AWS Snowmobile
B. AWS Local Zones
C. AWS Outposts
D. AWS Fargate

84. A company has a physical tape library to store data D. AWS Storage
backups. The tape library is running out of space. The Gateway
company needs to extend the tape library's capacity
to the AWS Cloud.Which AWS service should the
company use to meet this requirement?
A. Amazon Elastic Block Store (Amazon EBS)
B. Amazon S3
C. Amazon Elastic File System (Amazon EFS)
D. AWS Storage Gateway

85. An online retail company has seasonal sales spikes B. Elasticity

several times a year, primarily around holidays. De- E. Pay-as-you-go
mand is lower at other times. The company finds it pricing
difficult to predict the increasing infrastructure de-
mand for each season.Which advantages of moving
to the AWS Cloud would MOST benefit the company?
(Choose two.)
A. Global footprint
B. Elasticity
21 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. AWS service quotas
D. AWS shared responsibility model
E. Pay-as-you-go pricing

86. Which AWS service can be used to turn text into A. Amazon Polly
lifelike speech?
A. Amazon Polly
B. Amazon Kendra
C. Amazon Rekognition
D. Amazon Connect

87. Which AWS service or tool can be used to capture A. VPC Flow Logs
information about inbound and outbound traffic in an
Amazon VPC?
A. VPC Flow Logs
B. Amazon Inspector
C. VPC endpoint services
D. NAT gateway

88. A company wants to ensure that two Amazon EC2 B. Place the EC2
instances are in separate data centers with mini- instances in two
mal communication latency between the data cen- separate Availabil-
ters.How can the company meet this requirement? ity Zones within
A. Place the EC2 instances in two separate AWS the same AWS
Regions connected with a VPC peering connection. Region.
B. Place the EC2 instances in two separate Availabil-
ity Zones within the same AWS Region.
C. Place one EC2 instance on premises and the other
in an AWS Region. Then connect them by using an
AWS VPN connection.
D. Place both EC2 instances in a placement group for
dedicated bandwidth.

89. In which situations should a company create an IAM B. When the com-
user instead of an IAM role? (Choose two.) pany creates AWS
A. When an application that runs on Amazon EC2 access creden-
instances requires access to other AWS services tials for individuals
B. When the company creates AWS access creden- D. When the com-
tials for individuals pany needs to
C. When the company creates an application that
22 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
runs on a mobile phone that makes requests to AWS add users to IAM
D. When the company needs to add users to IAM groups
groups
E. When users are authenticated in the corporate
network and want to be able to use AWS without
having to sign in a second time

90. Which AWS services should a company use to read B. Amazon RDS
and write data that changes frequently? (Choose E. Amazon Elastic
two.) File System (Ama-
A. Amazon S3 Glacier zon EFS)
B. Amazon RDS
C. AWS Snowball
D. Amazon Redshift
E. Amazon Elastic File System (Amazon EFS)

91. Which AWS service is used to provide encryption for C. AWS KMS
Amazon EBS?
A. AWS Certificate Manager
B. AWS Systems Manager
C. AWS KMS
D. AWS Config

92. Which AWS services make use of global edge loca- B. Amazon Cloud-
tions? (Choose two.) Front
A. AWS Fargate C. AWS Global Ac-
B. Amazon CloudFront celerator
C. AWS Global Accelerator
D. AWS Wavelength
E. Amazon VPC

93. A company is operating several factories where it C. AWS Outposts

builds products. The company needs the ability to
process data, store data, and run applications with
local system interdependencies that require low la-
tency.Which AWS service should the company use to
meet these requirements?
A. AWS IoT Greengrass
B. AWS Lambda

23 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. AWS Outposts
D. AWS Snowball Edge

94. Which of the following is a recommended design D. Avoid monolith-

principle for AWS Cloud architecture? ic architecture by
A. Design tightly coupled components. segmenting work-
B. Build a single application component that can loads.
handle all the application functionality.
C. Make large changes on fewer iterations to reduce
chances of failure.
D. Avoid monolithic architecture by segmenting
workloads.

95. A company is designing its AWS workloads so C. Operational ex-

that components can be updated regularly and so cellence
that changes can be made in small, reversible in-
crements.Which pillar of the AWS Well-Architected
Framework does this design support?
A. Security
B. Performance efficiency
C. Operational excellence
D. Reliability

96. Which of the following acts as an instance-level fire- B. Security groups

wall to control inbound and outbound access?
A. Network access control list
B. Security groups
C. AWS Trusted Advisor
D. Virtual private gateways

97. A company has a workload that will run continuously A. All Upfront Re-
for 1 year. The workload cannot tolerate service inter- served Instances
ruptions.Which Amazon EC2 purchasing option will
be MOST cost-effective?
A. All Upfront Reserved Instances
B. Partial Upfront Reserved Instances
C. Dedicated Instances
D. On-Demand Instances

98. A. AWS Shield

24 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
Which AWS service helps protect against DDoS at-
tacks?
A. AWS Shield
B. Amazon Inspector
C. Amazon GuardDuty
D. Amazon Detective

99. Using AWS Config to record, audit, and evaluate A. Security

changes to AWS resources to enable traceability is an
example of which AWS Well-Architected Framework
pillar?
A. Security
B. Operational excellence
C. Performance efficiency
D. Cost optimization

100. Which AWS tool or feature acts as a VPC firewall at B. Network ACL
the subnet level?
A. Security group
B. Network ACL
C. Traffic Mirroring
D. Internet gateway

101. Which AWS service can be used to decouple applica- B. Amazon Sim-
tions? ple Queue Service
A. AWS Config (Amazon SQS)
B. Amazon Simple Queue Service (Amazon SQS)
C. AWS Batch
D. Amazon Simple Email Service (Amazon SES)

102. Which disaster recovery option is the LEAST expen- C. Backup and re-
sive? store
A. Warm standby
B. Multisite
C. Backup and restore
D. Pilot light

103. Which type of AWS storage is ephemeral and is delet- B. Amazon EC2
ed when an Amazon EC2 instance is stopped or ter- instance store
minated?
25 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. Amazon Elastic Block Store (Amazon EBS)
B. Amazon EC2 instance store
C. Amazon Elastic File System (Amazon EFS)
D. Amazon S3

104. Which of the following is a characteristic of the AWS C. The root user
account root user? is the first sign-in
A. The root user is the only user that can be config- identity that is
ured with multi-factor authentication (MFA). available when an
B. The root user is the only user that can access the AWS account is
AWS Management Console. created.
C. The root user is the first sign-in identity that is
available when an AWS account is created.
D. The root user has a password that cannot be
changed.

105. A company hosts an application on an Amazon EC2 A. Create an

instance. The EC2 instance needs to access several IAM role with the
AWS resources, including Amazon S3 and Amazon- required permis-
DynamoDB.What is the MOST operationally efficient sions. Attach the
solution to delegate permissions? role to the EC2 in-
A. Create an IAM role with the required permissions. stance.
Attach the role to the EC2 instance.
B. Create an IAM user and use its access key and
secret access key in the application.
C. Create an IAM user and use its access key and
secret access key to create a CLI profile in the EC2
instance
D. Create an IAM role with the required permissions.
Attach the role to the administrative IAM user.

106. Which of the following is a component of the AWS B. AWS Regions

Global Infrastructure?
A. Amazon Alexa
B. AWS Regions
C. Amazon Lightsail
D. AWS Organizations

107. What is the purpose of having an internet gateway B. To allow com-

within a VPC? munication be-
26 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. To create a VPN connection to the VPC tween the VPC
B. To allow communication between the VPC and the and the internet
internet
C. To impose bandwidth constraints on internet traf-
fic
D. To load balance traffic from the internet across
Amazon EC2 instances

108. Which AWS service allows users to download securi- C. AWS Artifact
ty and compliance reports about the AWS infrastruc-
ture on demand?
A. Amazon GuardDuty
B. AWS Security Hub
C. AWS Artifact
D. AWS Shield

109. A pharmaceutical company operates its infrastruc- C. AWS Transit

ture in a single AWS Region. The company has thou- Gateway
sands of VPCs in a various AWS accounts that it
wants to interconnect.Which AWS service or feature
should the company use to help simplify manage-
ment and reduce operational costs?
A. VPC endpoint
B. AWS Direct Connect
C. AWS Transit Gateway
D. VPC peering

110. A company is planning an infrastructure deployment D. AWS Pricing

to the AWS Cloud. Before the deployment, the compa- Calculator
ny wants a cost estimate for running the infrastruc-
ture.Which AWS service or feature can provide this
information?
A. Cost Explorer
B. AWS Trusted Advisor
C. AWS Cost and Usage Report
D. AWS Pricing Calculator

111. Which AWS service of tool helps to centrally man- B. AWS Organiza-
age billing and allow controlled access to resources tions
across AWS accounts?
27 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. AWS Identity and Access Management (IAM)
B. AWS Organizations
C. Cost Explorer
D. AWS Budgets

112. Which of the following are Amazon Virtual Private B. Subnets; inter-
Cloud (Amazon VPC) resources? net gateways
A. Objects; access control lists (ACLs)
B. Subnets; internet gateways
C. Access policies; buckets
D. Groups; roles

113. A company needs to identify the last time that a B. AWS CloudTrail
specific user accessed the AWS Management Con-
sole.Which AWS service will provide this informa-
tion?
A. Amazon Cognito
B. AWS CloudTrail
C. Amazon Inspector
D. Amazon GuardDuty

114. A company launched an Amazon EC2 instance with A. Use Ama-

the latest Amazon Linux 2 Amazon Machine Image zon EC2 Instance
(AMI).Which actions can a system administrator take Connect.
to connect to the EC2 instance? (Choose two.) D. Use AWS
A. Use Amazon EC2 Instance Connect. Systems Manager
B. Use a Remote Desktop Protocol (RDP) connection. Session Manager.
C. Use AWS Batch
D. Use AWS Systems Manager Session Manager.
E. Use Amazon Connect

115. A company wants to perform sentiment analysis on C. Amazon Com-

customer service email messages that it receives. prehend
The company wants to identify whether the customer
service engagement was positive or negative.Which
AWS service should the company use to perform this
analysis?
A. Amazon Textract
B. Amazon Translate

28 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Amazon Comprehend
D. Amazon Rekognition

116. What is the total amount of storage offered by Ama- D. Unlimited

zon S3?
A. 100MB
B. 5 GB
C. 5 TB
D. Unlimited

117. A company is migrating to Amazon S3. The company C. AWS Snowball

needs to transfer 60 TB of data from an on-premis-
es data center to AWS within 10 days.Which AWS
service should the company use to accomplish this
migration?
A. Amazon S3 Glacier
B. AWS Database Migration Service (AWS DMS)
C. AWS Snowball
D. AWS Direct Connect

118. What type of database is Amazon DynamoDB? C. Key-value

A. In-memory
B. Relational
C. Key-value
D. Graph

119. A large organization has a single AWS account.What A. It allows for ad-
are the advantages of reconfiguring the single ac- ministrative isola-
count into multiple AWS accounts? (Choose two.) tion between dif-
A. It allows for administrative isolation between dif- ferent workloads.
ferent workloads. D. Having multiple
B. Discounts can be applied on a quarterly basis by accounts reduces
submitting cases in the AWS Management Console. the risks associat-
C. Transitioning objects from Amazon S3 to Amazon ed with malicious
S3 Glacier in separate AWS accounts will be less activity targeted at
expensive. a single account.
D. Having multiple accounts reduces the risks as-
sociated with malicious activity targeted at a single
account.
E. Amazon QuickSight offers access to a cost tool
29 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
that provides application-specific recommendations
for environments running in multiple accounts.

120. A retail company has recently migrated its website B. AWS WAF
to AWS. The company wants to ensure that it is pro-
tected from SQL injection attacks. The website uses
anApplication Load Balancer to distribute traffic to
multiple Amazon EC2 instances.Which AWS service
or feature can be used to create a custom rule that
blocks SQL injection attacks?
A. Security groups
B. AWS WAF
C. Network ACLs
D. AWS Shield

121. Which AWS service provides a feature that can be D. Amazon Cloud-
used to proactively monitor and plan for the service Watch
quotas of AWS resources?
A. AWS CloudTrail
B. AWS Personal Health Dashboard
C. AWS Trusted Advisor
D. Amazon CloudWatch

122. Which of the following is an advantage that users A. Elimination of

experience when they move on-premises workloads expenses for run-
to the AWS Cloud? ning and maintain-
A. Elimination of expenses for running and maintain- ing data centers
ing data centers
B. Price discounts that are identical to discounts
from hardware providers
C. Distribution of all operational controls to AWS
D. Elimination of operational expenses

123. Which design principle is included in the operational B. Anticipate fail-

excellence pillar of the AWS Well-Architected Frame- ure.
work?
A. Create annotated documentation.
B. Anticipate failure.
C. Ensure performance efficiency.
D. Optimize costs.
30 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw

124. Which AWS services offer gateway VPC endpoints D. Amazon S3

that can be used to avoid sending traffic over the E. Amazon Dy-
internet? (Choose two.) namoDB
A. Amazon Simple Notification Service (Amazon
SNS)
B. Amazon Simple Queue Service (Amazon SQS)
C. AWS CodeBuild
D. Amazon S3
E. Amazon DynamoDB

125. Which of the following is the customer responsible B. Amazon Work-

for updating and patching, according to the AWS Spaces virtual
shared responsibility model? Windows desktop
A. Amazon FSx for Windows File Server
B. Amazon WorkSpaces virtual Windows desktop
C. AWS Directory Service for Microsoft Active Direc-
tory
D. Amazon RDS for Microsoft SQL Server

126. Who has the responsibility to patch the host operat- D. AWS only
ing system of an Amazon EC2 instance, according to
the AWS shared responsibility model?
A. Both AWS and the customer
B. The customer only
C. The EC2 hardware manufacturer
D. AWS only

127. A company is using an Amazon RDS DB instance D. Establish a reg-

for an application that is deployed in the AWS Cloud. ular maintenance
The company needs regular patching of the oper- window that tells
ating system of the server where the DB instance AWS when to
runs.What is the company's responsibility in this sit- patch the DB in-
uation, according to the AWS shared responsibility stance operating
model? system.
A. Open a support case to obtain administrative
access to the server so that the company can patch
the DB instance operating system.
B. Open a support case and request that AWS patch
the DB instance operating system.
31 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Use administrative access to the server, and ap-
ply the operating system patches during the regular
maintenance window that is defined for the DB in-
stance.
D. Establish a regular maintenance window that tells
AWS when to patch the DB instance operating sys-
tem.

128. Why is an AWS Well-Architected review a critical part B. A Well-Ar-

of the cloud design process? chitected review
A. A Well-Architected review is mandatory before a helps identify de-
workload can run on AWS. sign gaps and
B. A Well-Architected review helps identify design helps evaluate
gaps and helps evaluate design decisions and related design decisions
documents. and related docu-
C. A Well-Architected review is an audit mechanism ments.
that is a part of requirements for service level agree-
ments.
D. A Well-Architected review eliminates the need for
ongoing auditing and compliance tests.

129. A company implements an Amazon EC2 Auto Scaling D. Reliability

policy along with an Application Load Balancer to
automatically recover unhealthy applications that run
onAmazon EC2 instances.Which pillar of the AWS
Well-Architected Framework does this action cover?
A. Security
B. Performance efficiency
C. Operational excellence
D. Reliability

130. Which AWS Cloud benefit is shown by an architec- D. High availability

ture's ability to withstand failures with minimal down-
time?
A. Agility
B. Elasticity
C. Scalability
D. High availability

131.
32 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
Under the AWS shared responsibility model, which A. Creating ver-
task is the customer's responsibility when managing sions of Lambda
AWS Lambda functions? functions
A. Creating versions of Lambda functions
B. Maintaining server and operating systems
C. Scaling Lambda resources according to demand
D. Updating the Lambda runtime environment

132. What does the AWS Concierge Support team pro- B. A primary point
vide? of contact for AWS
A. A technical expert dedicated to the user Billing and AWS
B. A primary point of contact for AWS Billing and Support
AWS Support
C. A partner to help provide scaling guidance for an
event launch
D. A dedicated AWS staff member who reviews the
user's application architecture

133. A company needs to generate reports that can break D. AWS Cost and
down cloud costs by product, by company-defined Usage Reports
tags, and by hour, day, and month.Which AWS tool
should the company use to meet these require-
ments?
A. Reserved Instance utilization and coverage re-
ports
B. Savings Plans utilization reports
C. AWS Budgets reports
D. AWS Cost and Usage Reports

134. A company has a serverless application that includes D. AWS X-Ray

an Amazon API Gateway API, an AWS Lambda func-
tion, and an Amazon DynamoDB database.Which
AWS service can the company use to trace user re-
quests as they move through the application's com-
ponents?
A. AWS CloudTrail
B. Amazon CloudWatch
C. Amazon Inspector
D. AWS X-Ray

33 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
135. A company needs to set up a petabyte-scale data C. Amazon Red-
warehouse in the AWS Cloud.Which AWS service will shift
meet this requirement?
A. Amazon DynamoDB
B. Amazon RDS
C. Amazon Redshift
D. Amazon ElastiCache

136. Which AWS service is always provided at no charge? B. AWS Identity

A. Amazon S3 and Access Man-
B. AWS Identity and Access Management (IAM) agement (IAM)
C. Elastic Load Balancers
D. AWS WAF

137. A company needs to design an AWS disaster recov- C. Configure

ery plan to cover multiple geographic areas.Which the architecture
action will meet this requirement? across multiple
A. Configure multiple AWS accounts. AWS Regions.
B. Configure the architecture across multiple Avail-
ability Zones in an AWS Region.
C. Configure the architecture across multiple AWS
Regions.
D. Configure the architecture among many edge lo-
cations.

138. Which of the following is a benefit of moving from an A. Compute in-

on-premises data center to the AWS Cloud? stances can be
A. Compute instances can be launched and terminat- launched and ter-
ed as needed to optimize costs. minated as need-
B. Compute costs can be viewed in the AWS Billing ed to optimize
and Cost Management console. costs.
C. Users retain full administrative access to their
compute instances.
D. Users can optimize costs by permanently running
enough instances at peak load.

139. In which ways does the AWS Cloud offer lower to- A. AWS replaces
tal cost of ownership (TCO) of computing resources upfront capital
than on-premises data centers? (Choose two.) expenditures with
A. AWS replaces upfront capital expenditures with pay-as-you-go
34 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
pay-as-you-go costs. costs.
B. AWS is designed for high availability, which elimi- D. AWS uses
nates user downtime. economies of
C. AWS eliminates the need for on-premises IT staff. scale to continual-
D. AWS uses economies of scale to continually re- ly reduce prices.
duce prices.
E. AWS offers a single pricing model for Amazon EC2
instances.

140. Which AWS service monitors AWS accounts for se- A. Amazon Guard-
curity threats? Duty
A. Amazon GuardDuty
B. AWS Secrets Manager
C. Amazon Cognito
D. AWS Certificate Manager (ACM)

141. Which benefit is included with an AWS Enterprise B. Designated

Support plan? support from an
A. AWS Partner Network (APN) support at no cost. AWS technical ac-
B. Designated support from an AWS technical ac- count manager
count manager (TAM) (TAM)
C. On-site support from AWS engineers
D. AWS managed compliance as code with AWS
Config

142. Which task does AWS perform automatically? A. Encrypt data

A. Encrypt data that is stored in Amazon DynamoDB. that is stored
B. Patch Amazon EC2 instances. in Amazon Dy-
C. Encrypt user network traffic. namoDB.
D. Create TLS certificates for users' websites.

143. Which AWS service or tool can a company use to C. Cost Explorer
visualize, understand, and manage AWS spending
and usage over time?
A. AWS Trusted Advisor
B. Amazon CloudWatch
C. Cost Explorer
D. AWS Budgets

144. C. AWS Outposts

35 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A company wants to deploy some of its resources
in the AWS Cloud. To meet regulatory requirements,
the data must remain local and on premises. There
must be low latency between AWS and the company
resources.Which AWS service or feature can be used
to meet these requirements?
A. AWS Local Zones
B. Availability Zones
C. AWS Outposts
D. AWS Wavelength Zones

145. A company requires an isolated environment within B. Create a sepa-

AWS for security purposes.Which action can be taken rate VPC to host
to accomplish this? the resources.
A. Create a separate Availability Zone to host the
resources.
B. Create a separate VPC to host the resources.
C. Create a placement group to host the resources.
D. Create an AWS Direct Connect connection be-
tween the company and AWS.

146. Which AWS service is a highly available and scalable C. Amazon Route
DNS web service? 53
A. Amazon VPC
B. Amazon CloudFront
C. Amazon Route 53
D. Amazon Connect

147. Which of the following is an AWS best practice for B. Enable mul-
managing an AWS account root user? ti-factor authenti-
A. Keep the root user password with the security cation (MFA) for
team. the root user.
B. Enable multi-factor authentication (MFA) for the
root user.
C. Create an access key for the root user.
D. Keep the root user password consistent for com-
pliance purposes.

148. A company wants to improve its security and au-

dit posture by limiting Amazon EC2 inbound ac-
36 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
cess.What should the company use to access in- B. AWS Systems
stances remotely instead of opening inbound SSH Manager Session
ports and managing SSH keys? Manager
A. EC2 key pairs
B. AWS Systems Manager Session Manager
C. AWS Identity and Access Management (IAM)
D. Network ACLs

149. After selecting an Amazon EC2 Dedicated Host reser- D. All upfront pay-
vation, which pricing option would provide the largest ment
discount?
A. No upfront payment
B. Hourly on-demand payment
C. Partial upfront payment
D. All upfront payment

150. A company has refined its workload to use specif- C. Architecture op-
ic AWS services to improve efficiency and reduce timization
cost.Which best practice for cost governance does
this example show?
A. Resource controls
B. Cost allocation
C. Architecture optimization
D. Tagging enforcement

151. A company would like to host its MySQL databas- B. Amazon EC2
es on AWS and maintain full control over the oper-
ating system, database installation, and configura-
tion.Which AWS service should the company use to
host the databases?
A. Amazon RDS
B. Amazon EC2
C. Amazon DynamoDB
D. Amazon Aurora

152. How does the AWS global infrastructure offer high D. The AWS in-
availability and fault tolerance to its users? frastructure con-
A. The AWS infrastructure is made up of multiple sists of isolat-
AWS Regions within various Availability Zones locat- ed AWS Regions
ed in areas that have low flood risk, and are inter- with independent
37 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
connected with low-latency networks and redundant Availability Zones
power supplies. that are connect-
B. The AWS infrastructure consists of subnets con- ed with low-laten-
taining various Availability Zones with multiple data cy networking and
centers located in the same geographic location. redundant power
C. AWS allows users to choose AWS Regions and supplies.
data centers so that users can select the closest data
centers in different Regions.
D. The AWS infrastructure consists of isolated AWS
Regions with independent Availability Zones that are
connected with low-latency networking and redun-
dant power supplies.

153. A company is using Amazon EC2 Auto Scaling to B. Elasticity

scale its Amazon EC2 instances.Which benefit of the
AWS Cloud does this example illustrate?
A. High availability
B. Elasticity
C. Reliability
D. Global reach

154. Which AWS service or feature is used to send both A. Amazon Sim-
text and email messages from distributed applica- ple Notification
tions? Service (Amazon
A. Amazon Simple Notification Service (Amazon SNS)
SNS)
B. Amazon Simple Email Service (Amazon SES)
C. Amazon CloudWatch alerts
D. Amazon Simple Queue Service (Amazon SQS)

155. A user is able to set up a master payer account to D. AWS Organiza-

view consolidated billing reports through: tions.
A. AWS Budgets.
B. Amazon Macie.
C. Amazon QuickSight.
D. AWS Organizations.

156. According to the AWS shared responsibility model, D. Updating the

which task is the customer's responsibility? guest operating
A. Maintaining the infrastructure needed to run AWS system on Ama-
38 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
Lambda zon EC2 in-
B. Updating the operating system of Amazon Dy- stances
namoDB instances
C. Maintaining Amazon S3 infrastructure
D. Updating the guest operating system on Amazon
EC2 instances

157. A company wants to migrate a small website and B. Amazon Light-

database quickly from on-premises infrastructure to sail
the AWS Cloud. The company has limited operational
knowledge to perform the migration.Which AWS ser-
vice supports this use case?
A. Amazon EC2
B. Amazon Lightsail
C. Amazon S3
D. AWS Lambda

158. A company is moving multiple applications to a sin- D. Create cost al-

gle AWS account. The company wants to monitor the location tags.
AWS Cloud costs incurred by each application.What
can the company do to meet this requirement?
A. Set up invoiced billing.
B. Use AWS Artifact.
C. Set budgets in Cost Explorer.
D. Create cost allocation tags.

159. Which design principle is achieved by following the C. Testing recov-

reliability pillar of the AWS Well-Architected Frame- ery procedures
work?
A. Vertical scaling
B. Manual failure recovery
C. Testing recovery procedures
D. Changing infrastructure manually

160. A user needs to quickly deploy a non-relational data- B. Amazon Dy-

base on AWS. The user does not want to manage the namoDB
underlying hardware or the database software.Which
AWS service can be used to accomplish this?
A. Amazon RDS
B. Amazon DynamoDB
39 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Amazon Aurora
D. Amazon Redshift

161. Which task is an AWS responsibility when a workload C. Installing the

is running in Amazon RDS? database engine
A. Creating the database table
B. Updating the database schema
C. Installing the database engine
D. Dropping the database records

162. A development team wants to publish and manage B. Amazon API

web services that provide REST APIs.Which AWS Gateway
service will meet this requirement?
A. AWS App Mesh
B. Amazon API Gateway
C. Amazon CloudFront
D. AWS Cloud Map

163. A company has a social media platform in which C. Amazon

users upload and share photos with other users. The Rekognition
company wants to identify and remove inappropriate
photos. The company has no machine learning (ML)
scientists and must build this detection capability
with no ML expertise.Which AWS service should the
company use to build this capability?
A. Amazon SageMaker
B. Amazon Textract
C. Amazon Rekognition
D. Amazon Comprehend

164. Which responsibility belongs to AWS when a compa- D. Operating sys-

ny hosts its databases on Amazon EC2 instances? tem installations.
A. Database backups
B. Database software patches
C. Operating system patches
D. Operating system installations.

165. A company wants to use Amazon S3 to store its C. S3 Standard-In-

legacy data. The data is rarely accessed. However, frequent Access
the data is critical and cannot be recreated. The (S3 Standard-IA)
40 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
data needs to be available for retrieval within sec-
onds.Which S3 storage class meets these require-
ments MOST cost-effectively?
A. S3 Standard
B. S3 One Zone-Infrequent Access (S3 One Zone-IA)
C. S3 Standard-Infrequent Access (S3 Standard-IA)
D. S3 Glacier

166. An online retail company wants to migrate its B. Pay-as-you-go

on-premises workload to AWS. The company needs pricing
to automatically handle a seasonal workload increase D. Auto Scaling
in a cost- effective manner.Which AWS Cloud fea- policies
tures will help the company meet this requirement?
(Choose two.)
A. Cross-Region workload deployment
B. Pay-as-you-go pricing
C. Built-in AWS CloudTrail audit capabilities
D. Auto Scaling policies
E. Centralized logging

167. Which AWS service helps developers use loose D. Amazon Sim-
coupling and reliable messaging between microser- ple Queue Service
vices? (Amazon SQS)
A. Elastic Load Balancing
B. Amazon Simple Notification Service (Amazon
SNS)
C. Amazon CloudFront
D. Amazon Simple Queue Service (Amazon SQS)

168. A company needs to build an application that uses C. AWS Compli-

AWS services. The application will be delivered to ance Program
residents in European Counties. The company must
abide by regional regulatory requirements.Which
AWS service or program should the company use
to determine which AWS services meet the regional
requirements?
A. AWS Audit Manager
B. AWS Shield

41 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. AWS Compliance Program
D. AWS Artifact

169. A company needs to implement identity management A. Amazon Cogni-

for a fleet of mobile apps that are running in the to
AWS Cloud.Which AWS service will meet this require-
ment?
A. Amazon Cognito
B. AWS Security Hub
C. AWS Shield
D. AWS WAF

170. A company needs an Amazon EC2 instance for a A. Standard Re-

rightsized database server that must run constantly served Instance
for 1 year.Which EC2 instance purchasing option will
meet these requirements MOST cost-effectively?
A. Standard Reserved Instance
B. Convertible Reserved Instance
C. On-Demand Instance
D. Spot Instance

171. A company has multiple applications and is now A. Security groups

building a new multi-tier application. The company
will host the new application on Amazon EC2 in-
stances. The company wants the network routing and
traffic between the various applications to follow the
security principle of least privilege.Which AWS ser-
vice or feature should the company use to enforce
this principle?
A. Security groups
B. AWS Shield
C. AWS Global Accelerator
D. AWS Direct Connect gateway

172. A company's web application requires AWS creden- A. IAM role

tials and authorizations to use an AWS service.Which
IAM entity should the company use as best practice?
A. IAM role
B. IAM user

42 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. IAM group
D. IAM multi-factor authentication (MFA)

173. A company is creating a document that defines the A. Amazon EC2

operating system patch routine for all the company's instances
systems.Which AWS resources should the company D. Amazon RDS
include in this document? (Choose two.) instances
A. Amazon EC2 instances
B. AWS Lambda functions
C. AWS Fargate tasks
D. Amazon RDS instances
E. Amazon Elastic Container Service (Amazon ECS)
instances

174. Which AWS service or feature gives a company the A. Security groups
ability to control incoming traffic and outgoing traffic
for Amazon EC2 instances?
A. Security groups
B. Amazon Route 53
C. AWS Direct Connect
D. Amazon VPC

175. A company is starting to build its infrastructure in the B. AWS Developer

AWS Cloud. The company wants access to technical Support
support during business hours. The company also
wants general architectural guidance as teams build
and test new applications.Which AWS Support plan
will meet these requirements at the LOWEST cost?
A. AWS Basic Support
B. AWS Developer Support
C. AWS Business Support
D. AWS Enterprise Support

176. A company is migrating its public website to AWS. B. Amazon Route

The company wants to host the domain name for 53
the website on AWS.Which AWS service should the
company use to meet this requirement?
A. AWS Lambda
B. Amazon Route 53

43 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Amazon CloudFront
D. AWS Direct Connect

177. A company needs to evaluate its AWS environment C. AWS Trusted

and provide best practice recommendations in five Advisor
categories: cost, performance, service limits, fault
tolerance, and security.Which AWS service can the
company use to meet these requirements?
A. AWS Shield
B. AWS WAF
C. AWS Trusted Advisor
D. AWS Service Catalog

178. Which AWS service provides the capability to view D. AWS X-Ray
end-to-end performance metrics and troubleshoot
distributed applications?
A. AWS Cloud9
B. AWS CodeStar
C. AWS Cloud Map
D. AWS X-Ray

179. Which cloud computing benefit does AWS demon- D. Economies of

strate with its ability to offer lower variable costs as scale
a result of high purchase volumes?
A. Pay-as-you-go pricing
B. High availability
C. Global reach
D. Economies of scale

180. Which AWS service provides threat detection by C. Amazon Guard-

monitoring for malicious activities and unauthorized Duty
actions to protect AWS accounts, workloads, and
data that is stored in Amazon S3?
A. AWS Shield
B. AWS Firewall Manager
C. Amazon GuardDuty
D. Amazon Inspector

181. Which AWS service can a company use to store and C. Amazon Elas-
manage Docker images? tic Container Reg-
44 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. Amazon DynamoDB istry (Amazon
B. Amazon Kinesis Data Streams ECR)
C. Amazon Elastic Container Registry (Amazon ECR)
D. Amazon Elastic File System (Amazon EFS)

182. A company needs an automated security assess- D. Amazon In-

ment report that will identify unintended network ac- spector
cess to Amazon EC2 instances. The report also must
identify operating system vulnerabilities on those
instances.Which AWS service or feature should the
company use to meet this requirement?
A. AWS Trusted Advisor
B. Security groups
C. Amazon Macie
D. Amazon Inspector

183. A global company is building a simple time-tracking C. Use Amazon

mobile app. The app needs to operate globally and DynamoDB global
must store collected data in a database. Data must tables
be accessible from the AWS Region that is closest to
the user.What should the company do to meet these
data storage requirements with the LEAST amount of
operational overhead?
A. Use Amazon EC2 in multiple Regions to host
separate databases
B. Use Amazon RDS cross-Region replication
C. Use Amazon DynamoDB global tables
D. Use AWS Database Migration Service (AWS DMS)

184. Which of the following are economic advantages of A. Increased work-

the AWS Cloud? (Choose two.) force productivity
A. Increased workforce productivity D. Simplified total
B. Decreased need to encrypt user data cost of ownership
C. Manual compliance audits (TCO) accounting
D. Simplified total cost of ownership (TCO) account-
ing
E. Faster product launches

185. Which controls does the customer fully inherit from

AWS in the AWS shared responsibility model?
45 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. Patch management controls C. Physical
B. Awareness and training controls and environmen-
C. Physical and environmental controls tal controls
D. Configuration management controls

186. Which task is a customer's responsibility, according A. Management of

to the AWS shared responsibility model? the guest operat-
A. Management of the guest operating systems ing systems
B. Maintenance of the configuration of infrastructure
devices
C. Management of the host operating systems and
virtualization
D. Maintenance of the software that powers Availabil-
ity Zones

187. A company needs to deliver new website features C. Agility

quickly in an iterative manner to minimize the time to
market.Which AWS Cloud concept does this require-
ment represent?
A. Reliability
B. Elasticity
C. Agility
D. High availability

188. A company wants to increase its ability to recover its C. Reliability

infrastructure in the case of a natural disaster.Which
pillar of the AWS Well-Architected Framework does
this ability represent?
A. Cost optimization
B. Performance efficiency
C. Reliability
D. Security

189. Which AWS service tracks API calls and user activi- D. AWS CloudTrail
ty?
A. AWS Organizations
B. AWS Config
C. Amazon CloudWatch
D. AWS CloudTrail

46 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
190. Which AWS service, feature, or tool uses machine D. AWS Cost
learning to continuously monitor cost and usage for Anomaly Detec-
unusual cloud spending? tion
A. Amazon Lookout for Metrics
B. AWS Budgets
C. Amazon CloudWatch
D. AWS Cost Anomaly Detection

191. A company deployed an application on an Amazon A. Auto Scaling

EC2 instance. The application ran as expected for groups
6 months in the past week, users have reported la-
tency issues. A system administrator found that the
CPU utilization was at 100% during business hours.
The company wants a scalable solution to meet de-
mand.Which AWS service or feature should the com-
pany use to handle the load for its application during
periods of high demand?
A. Auto Scaling groups
B. AWS Global Accelerator
C. Amazon Route 53
D. An Elastic IP address

192. A company wants to migrate to AWS and use the D. AWS Market-
same security software it uses on premises. The se- place
curity software vendor offers its security software as
a service on AWS.Where can the company purchase
the security solution?
A. AWS Partner Solutions Finder
B. AWS Support Center
C. AWS Management Console
D. AWS Marketplace

193. A company is generating large sets of critical data C. AWS Direct

in its on-premises data center. The company needs Connect
to securely transfer the data to AWS for processing.
These transfers must occur daily over a dedicated
connection.Which AWS service should the company
use to meet these requirements?
A. AWS Backup

47 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
B. AWS DataSync
C. AWS Direct Connect
D. AWS Snowball

194. A company wants to run production workloads on C. AWS Business

AWS. The company wants access to technical sup- Support Most Vot-
port from engineers 24 hours a day, 7 days a week. ed
The company also wants access to the AWS Health
API and contextual architectural guidance for busi-
ness use cases. The company has a strong IT support
team and does not need concierge support.Which
AWS Support plan will meet these requirements at
the LOWEST cost?
A. AWS Basic Support
B. AWS Developer Support
C. AWS Business Support
D. AWS Enterprise Support

195. Which of the following is a managed AWS service that B. AWS Glue
is used specifically for extract, transform, and load
(ETL) data?
A. Amazon Athena
B. AWS Glue
C. Amazon S3
D. AWS Snowball Edge

196. Which of the following actions are controlled A. Control ac-

with AWS Identity and Access Management (IAM)? cess to AWS ser-
(Choose two.) vice APIs and to
A. Control access to AWS service APIs and to other other specific re-
specific resources. sources.
B. Provide intelligent threat detection and continu- C. Protect the
ous monitoring. AWS environment
C. Protect the AWS environment using multi-factor using multi-fac-
authentication (MFA). tor authentication
D. Grant users access to AWS data centers. (MFA).
E. Provide firewall protection for applications from
common web attacks.

197.
48 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
Which of the following are shared controls that apply A. Resource con-
to both AWS and the customer, according to the AWS figuration man-
shared responsibility model? (Choose two.) agement
A. Resource configuration management C. Employee
B. Network data integrity awareness and
C. Employee awareness and training training
D. Physical and environmental security
E. Replacement and disposal of disk drives

198. What information is found on an AWS Identity and Ac- A. The date and
cess Management (IAM) credential report? (Choose time when an
two.) IAM user's pass-
A. The date and time when an IAM user's password word was last
was last used to sign in to the AWS Management used to sign in to
Console. the AWS Manage-
B. The type of multi-factor authentication (MFA) de- ment Console.
vice assigned to an IAM user. D. Whether mul-
C. The User-Agent browser identifier for each IAM ti-factor authenti-
user currently logged in. cation (MFA) has
D. Whether multi-factor authentication (MFA) has been enabled for
been enabled for an IAM user. an IAM user.
E. The number of incorrect login attempts by each
IAM user in the previous 30 days.

199. What is the LEAST expensive AWS Support plan that B. AWS Business
contains a full set of AWS Trusted Advisor best prac- Support
tice checks?
A. AWS Enterprise Support
B. AWS Business Support
C. AWS Developer Support
D. AWS Basic Support

200. Which AWS service provides domain registration, B. Amazon Route

DNS routing, and service health checks? 53
A. AWS Direct Connect
B. Amazon Route 53
C. Amazon CloudFront
D. Amazon API Gateway

201.
49 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A bank needs to store recordings of calls made to B. Amazon S3
its contact center for 6 years. The recordings must Glacier
be accessible within 48 hours from the time they are
requested.Which AWS service will provide a secure
and cost-effective solution for retaining these files?
A. Amazon DynamoDB
B. Amazon S3 Glacier
C. Amazon Connect
D. Amazon ElastiCache

202. Which AWS service should be used to migrate a C. AWS Database

company's on-premises MySQL database to Amazon Migration Service
RDS? (AWS DMS)
A. AWS Direct Connect
B. AWS Server Migration Service (AWS SMS)
C. AWS Database Migration Service (AWS DMS)
D. AWS Schema Conversion Tool (AWS SCT)

203. Which benefits does a company gain when the com- A. Reduced or
pany moves from on-premises IT architecture to the eliminated tasks
AWS Cloud? (Choose two.) for hardware trou-
A. Reduced or eliminated tasks for hardware trou- bleshooting, ca-
bleshooting, capacity planning, and procurement pacity planning,
B. Elimination of the need for trained IT staff and procurement
C. Automatic security configuration of all applica- E. Faster deploy-
tions that are migrated to the cloud ment of new fea-
D. Elimination of the need for disaster recovery plan- tures and applica-
ning tions
E. Faster deployment of new features and applica-
tions

204. Which of the following is a benefit of decoupling an B. Ability to

AWS Cloud architecture? upgrade compo-
A. Reduced latency nents indepen-
B. Ability to upgrade components independently dently
C. Decreased costs
D. Fewer components to manage

205. Which task is the responsibility of the customer ac- B. Patch the guest
cording to the AWS shared responsibility model? operating system
50 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. Maintain the security of the hardware that runs of Amazon EC2 in-
Amazon EC2 instances. stances.
B. Patch the guest operating system of Amazon EC2
instances.
C. Protect the security of the AWS global infrastruc-
ture.
D. Patch Amazon RDS software.

206. Which AWS Organizations feature can be used to C. Consolidated

track charges across multiple accounts and report billing
the combined cost?
A. Service control policies (SCPs)
B. Cost Explorer
C. Consolidated billing
D. AWS Identity and Access Management (IAM)

207. Which of the following is a cloud benefit that AWS C. The ability to
offers to its users? deploy to AWS on
A. The ability to configure AWS data center hypervi- a global scale
sors
B. The ability to purchase hardware in advance of
increased traffic
C. The ability to deploy to AWS on a global scale
D. Compliance audits for user IT environments

208. An ecommerce company has migrated its IT infra- A. Cost of appli-

structure from an on-premises data center to the AWS cation software li-
Cloud.Which cost is the company's direct responsi- censes
bility?
A. Cost of application software licenses
B. Cost of the hardware infrastructure on AWS
C. Cost of power for the AWS servers
D. Cost of physical security for the AWS data center

209. What are the five pillars of the AWS Well-Architected D. Operational ex-
Framework? cellence, reliabili-
A. Encryption, documentation, speed, hybrid design, ty, performance ef-
and cost optimization ficiency, security,
B. Containerization, cost margins, globalization, mar- and cost optimiza-
ketplace, and developer operations tion
51 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Network, compute, storage, security, and develop-
er operations
D. Operational excellence, reliability, performance
efficiency, security, and cost optimization

210. A company accepts enrollment applications on hand- B. Amazon Tex-

written paper forms. The company uses a manual tract
process to enter the form data into its backend sys-
tems.The company wants to automate the process by
scanning the forms and capturing the enrollment data
from scanned PDF files.Which AWS service should
the company use to build this process?
A. Amazon Rekognition
B. Amazon Textract
C. Amazon Transcribe
D. Amazon Comprehend

211. Which AWS service should a company use to orga- B. Amazon Rekog-
nize, characterize, and search large numbers of im- nition
ages?
A. Amazon Transcribe
B. Amazon Rekognition
C. Amazon Aurora
D. Amazon QuickSight

212. An ecommerce company wants to use Amazon EC2 D. Amazon Cloud-

Auto Scaling to add and remove EC2 instances based Watch alarm
on CPU utilization.Which AWS service or feature
can initiate an Amazon EC2 Auto Scaling action to
achieve this goal?
A. Amazon Simple Queue Service (Amazon SQS)
B. Amazon Simple Notification Service (Amazon
SNS)
C. AWS Systems Manager
D. Amazon CloudWatch alarm

213. A company wants to host a private version con- C. AWS Code-

trol system for its application code in the AWS Commit
Cloud.Which AWS service should the company use
to meet this requirement?
52 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. AWS CodePipeline
B. AWS CodeStar
C. AWS CodeCommit
D. AWS CodeDeploy

214. Which AWS service or tool can a company set up to A. AWS Budgets
send notifications that a custom spending threshold
has been reached or exceeded?
A. AWS Budgets
B. AWS Trusted Advisor
C. AWS CloudTrail
D. AWS Support

215. Which AWS service is used to host static websites? A. Amazon S3

A. Amazon S3
B. Amazon Elastic Block Store (Amazon EBS)
C. AWS CloudFormation
D. Amazon Elastic File System (Amazon EFS)

216. Which AWS service contains built-in engines to pro- A. AWS WAF
tect web applications that run in the cloud from SQL
injection attacks and cross-site scripting?
A. AWS WAF
B. AWS Shield Advanced
C. Amazon GuardDuty
D. Amazon Detective

217. A company owns per-core software licenses.Which B. Dedicated

Amazon EC2 instance purchasing option must the Hosts
company use for this license type?
A. Reserved Instances
B. Dedicated Hosts
C. Spot Instances
D. Dedicated Instances

218. A company needs to set up user authentication for C. Amazon Cogni-

a new application. Users must be able to sign in to
directly with a user name and password, or through
a third- party provider.Which AWS service should the
company use to meet these requirements?
53 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. AWS Single Sign-On
B. AWS Signer
C. Amazon Cognito
D. AWS Directory Service

219. A company's IT team is managing MySQL database B. Use Ama-

server clusters. The IT team has to patch the data- zon RDS with a
base and take backup snapshots of the data in the MySQL database.
clusters.The company wants to move this workload
to AWS so that these tasks will be completed auto-
matically.What should the company do to meet these
requirements?
A. Deploy MySQL database server clusters on Ama-
zon EC2 instances.
B. Use Amazon RDS with a MySQL database.
C. Use an AWS CloudFormation template to deploy
MySQL database servers on Amazon EC2 instances.
D. Migrate all the MySQL database data to Amazon
S3.

220. What is the primary use case for Amazon GuardDuty? C. Automatic mon-
A. Prevention of DDoS attacks itoring for threats
B. Protection against SQL injection attacks to AWS workloads
C. Automatic monitoring for threats to AWS work-
loads
D. Automatic provisioning of AWS resources

221. Which statements explain the business value of mi- B. AWS availabil-
gration to the AWS Cloud? (Choose two.) ity and security
A. The migration of enterprise applications to the provide the ability
AWS Cloud makes these applications automatically to improve service
available on mobile devices. level agreements
B. AWS availability and security provide the ability (SLAs) while re-
to improve service level agreements (SLAs) while ducing risk and
reducing risk and unplanned downtime. unplanned down-
C. Companies that migrate to the AWS Cloud elimi- time.
nate the need to plan for high availability and disaster D. Companies that
recovery. migrate to the
D. Companies that migrate to the AWS Cloud reduce AWS Cloud re-

54 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
IT costs related to infrastructure, freeing budget for duce IT costs re-
reinvestment in other areas. lated to infrastruc-
E. Applications are modernized because migration ture, freeing bud-
to the AWS Cloud requires companies to rearchitect get for reinvest-
and rewrite all enterprise applications. ment in other ar-
eas.

222. A company needs to identify personally identifiable D. Amazon Macie

information (PII), such as credit card numbers, from
data that is stored in Amazon S3.Which AWS service
should the company use to meet this requirement?
A. Amazon Inspector
B. AWS Shield
C. Amazon GuardDuty
D. Amazon Macie

223. Which AWS services or tools are designed to protect C. AWS Shield
a workload from SQL injections, cross-site scripting, Standard
and DDoS attacks? (Choose two.) E. AWS WAF
A. VPC endpoint
B. Virtual private gateway
C. AWS Shield Standard
D. AWS Config
E. AWS WAF

224. A company wants to forecast future costs and usage D. Cost Explorer
of AWS resources based on past consumption.Which
AWS service or tool will provide this forecast?
A. AWS Cost and Usage Report
B. Amazon Forecast
C. AWS Pricing Calculator
D. Cost Explorer

225. Which AWS services use cloud-native storage that C. Amazon Nep-
provides replication across multiple Availability tune
Zones by default? (Choose two.) D. Amazon Doc-
A. Amazon ElastiCache umentDB (with
B. Amazon RDS for Oracle MongoDB com-
C. Amazon Neptune patibility)
D. Amazon DocumentDB (with MongoDB compatibil-
55 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
ity)
E. Amazon Redshift

226. Which AWS services are serverless? (Choose two.) A. AWS Fargate
A. AWS Fargate D. Amazon S3
B. Amazon Managed Streaming for Apache Kafka
C. Amazon EMR
D. Amazon S3
E. Amazon EC2

227. Which task is the responsibility of AWS, according to C. Perform auto-

the AWS shared responsibility model? mated backups of
A. Apply guest operating system patches to Amazon Amazon RDS in-
EC2 instances. stances.
B. Provide monitoring of human resources informa-
tion management (HRIM) systems.
C. Perform automated backups of Amazon RDS in-
stances.
D. Optimize the costs of running AWS services.

228. A company needs to deploy a PostgreSQL database C. Amazon RDS

into Amazon RDS. The database must be highly avail- with multiple Avail-
able and fault tolerant.Which AWS solution should ability Zones
the company use to meet these requirements?
A. Amazon RDS with a single Availability Zone
B. Amazon RDS snapshots
C. Amazon RDS with multiple Availability Zones
D. AWS Database Migration Service (AWS DMS)

229. A company wants to add facial identification to its D. Amazon Rekog-

user verification process on an application.Which nition
AWS service should the company use to meet this
requirement?
A. Amazon Polly
B. Amazon Transcribe
C. Amazon Lex
D. Amazon Rekognition

230. A company wants the ability to quickly upload its B. AWS Elastic
applications to the AWS Cloud without needing to Beanstalk
56 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
provision underlying resources.Which AWS service
will meet these requirements?
A. AWS CloudFormation
B. AWS Elastic Beanstalk
C. AWS CodeDeploy
D. AWS CodeCommit

231. Which AWS service monitors CPU utilization on Ama- D. Amazon Cloud-
zon EC2 instances? Watch
A. AWS CloudTrail
B. Amazon Inspector
C. AWS Config
D. Amazon CloudWatch

232. A company needs to label its AWS resources so that A. Use cost alloca-
the company can categorize and track costs.What tion tags.
should the company do to meet this requirement?
A. Use cost allocation tags.
B. Use AWS Identity and Access Management (IAM).
C. Use AWS Organizations.
D. Use the AWS Cost Management coverage report.

233. A company wants its employees to have access D. Amazon Work-

to virtual desktop infrastructure to securely access Spaces
company-provided desktops through the employ-
ees' personal devices.Which AWS service should the
company use to meet these requirements?
A. Amazon AppStream 2.0
B. AWS AppSync
C. Amazon FSx for Windows File Server
D. Amazon WorkSpaces

234. Which task can a company complete by using AWS D. Share pre-pur-
Organizations? chased Amazon
A. Track application deployment statuses globally. EC2 resources
B. Remove unused and underutilized AWS resources across accounts.
across all accounts.
C. Activate DDoS protection across all accounts.
D. Share pre-purchased Amazon EC2 resources
across accounts.
57 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw

235. A user has been granted permission to change their A. AWS Com-
own IAM user password.Which AWS services can the mand Line Inter-
user use to change the password? (Choose two.) face (AWS CLI)
A. AWS Command Line Interface (AWS CLI) C. AWS Manage-
B. AWS Key Management Service (AWS KMS) ment Console
C. AWS Management Console
D. AWS Resource Access Manager (AWS RAM)
E. AWS Secrets Manager

236. A company needs to run an application on Amazon A. On-Demand In-

EC2 instances. The instances cannot be interrupted stances
at any time. The company needs an instance purchas-
ing option that requires no long-term commitment or
upfront payment.Which instance purchasing option
will meet these requirements MOST cost-effectively?
A. On-Demand Instances
B. Spot Instances
C. Dedicated Hosts
D. Reserved Instances

237. A company uses Amazon EC2 instances to run its A. AWS Cost Ex-
web application. The company uses On-Demand In- plorer
stances and Spot Instances. The company needs to
visualize its monthly spending on both types of in-
stances.Which AWS service or feature will meet this
requirement?
A. AWS Cost Explorer
B. AWS Budgets
C. Amazon CloudWatch
D. AWS Cost Categories

238. Which task can a user complete by using AWS Iden- D. Grant permis-
tity and Access Management (IAM)? sions to applica-
A. Validate JSON syntax from an application config- tions that run on
uration file. Amazon EC2 in-
B. Analyze logs from an Amazon API Gateway call. stances.
C. Filter traffic to or from an Amazon EC2 instance.
D. Grant permissions to applications that run on
Amazon EC2 instances.
58 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw

239. A company needs to generate reports for business D. Amazon Red-

intelligence and operational analytics on petabytes shift
of semistructured and structured data. These reports
are produced from standard SQL queries on data that
is in an Amazon S3 data lake.Which AWS service
provides the ability to analyze this data?
A. Amazon RDS
B. Amazon Neptune
C. Amazon DynamoDB
D. Amazon Redshift

240. A system automatically recovers from failure when a D. Reliability

company launches its workload on the AWS Cloud
services platform.Which pillar of the AWS Well-Archi-
tected Framework does this situation demonstrate?
A. Cost optimization
B. Operational excellence
C. Performance efficiency
D. Reliability

241. Which of the following describes AWS Local Zones? C. An extension of

A. A cluster of data centers in one geographic loca- an AWS Region to
tion more granular lo-
B. A site used by Amazon CloudFront to cache fre- cations
quently accessed content
C. An extension of an AWS Region to more granular
locations
D. One or more data centers with redundant power
and networking

242. A retail company is migrating its IT infrastructure ap- A. Cost of data

plications from on premises to the AWS Cloud.Which center operations
costs will the company eliminate with this migration? D. Cost of physical
(Choose two.) server hardware
A. Cost of data center operations
B. Cost of application licensing
C. Cost of marketing campaigns
D. Cost of physical server hardware
E. Cost of network management
59 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw

243. What is a benefit of moving to the AWS Cloud in terms C. Increased busi-
of improving time to market? ness agility
A. Decreased deployment speed
B. Increased application security
C. Increased business agility
D. Increased backup capabilities

244. Which of the following are characteristics of a server- C. The application

less application that runs in the AWS Cloud? (Choose has built-in fault
two.) tolerance.
A. Users must manually configure Amazon EC2 in- E. The application
stances. can scale based
B. Users have a choice of operating systems. on demand.
C. The application has built-in fault tolerance.
D. Users can run Amazon EC2 Spot Instances.
E. The application can scale based on demand.

245. A company has existing software licenses that it B. Launch an

wants to bring to AWS, but the licensing model re- Amazon EC2 in-
quires licensing physical cores.How can the compa- stance on a Dedi-
ny meet this requirement in the AWS Cloud? cated Host.
A. Launch an Amazon EC2 instance with default
tenancy.
B. Launch an Amazon EC2 instance on a Dedicated
Host.
C. Create an On-Demand Capacity Reservation.
D. Purchase Dedicated Reserved Instances.

246. A company has a complex AWS architecture. The B. AWS Enterprise

company needs assistance from a dedicated techni- Support
cal professional who can suggest strategies regard-
ing incidents, trade-offs, support, and risk manage-
ment.Which AWS Support plan will provide the re-
quired support?
A. AWS Business Support
B. AWS Enterprise Support
C. AWS Developer Support
D. AWS Basic Support

60 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
247. Which of the following is an advantage that the AWS A. Users elimi-
Cloud provides to users? nate the need to
A. Users eliminate the need to guess about infra- guess about infra-
structure capacity requirements. structure capacity
B. Users decrease their variable costs by maintaining requirements.
sole ownership of IT hardware.
C. Users maintain control of underlying IT infrastruc-
ture hardware.
D. Users maintain control of operating systems for
managed services.

248. Which AWS services can use AWS WAF to protect B. Amazon Cloud-
against common web exploitations? (Choose two.) Front
A. Amazon Route 53 E. Amazon API
B. Amazon CloudFront Gateway
C. AWS Transfer Family
D. AWS Site-to-Site VPN
E. Amazon API Gateway

249. Which controls are shared under the AWS shared A. Awareness and
responsibility model? (Choose two.) training
A. Awareness and training C. Configuration
B. Patching of Amazon RDS management
C. Configuration management
D. Physical and environmental controls
E. Service and communications protection or secu-
rity

250. A company manages global applications that require B. AWS Global Ac-
static IP addresses.Which AWS service would enable celerator
the company to improve the availability and perfor-
mance of its applications?
A. Amazon CloudFront
B. AWS Global Accelerator
C. Amazon S3 Transfer Acceleration
D. Amazon API Gateway

251. Which of the following are AWS compute services? A. Amazon Light-
(Choose two.) sail
A. Amazon Lightsail D. AWS Batch
61 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
B. AWS Systems Manager
C. AWS CloudFormation
D. AWS Batch
E. Amazon Inspector

252. A company needs to report on events that involve the D. AWS CloudTrail
specific AWS services that the company uses.Which logs
AWS service or resource can the company use with
Amazon CloudWatch to meet this requirement?
A. Amazon Inspector
B. AWS Personal Health Dashboard
C. AWS Trusted Advisor
D. AWS CloudTrail logs

253. A company with AWS Enterprise Support needs help B. AWS Concierge
understanding its monthly AWS bill and wants to Support team
implement billing best practices.Which AWS tool or
resource is available to accomplish these goals?
A. Resource tagging
B. AWS Concierge Support team
C. AWS Abuse team
D. AWS Support

254. Which of the following is an AWS key-value data- C. Amazon Dy-

base offering consistent single-digit millisecond per- namoDB
formance at any scale?
A. Amazon RDS
B. Amazon Aurora
C. Amazon DynamoDB
D. Amazon Redshift

255. A company is developing a new Node.js application. C. Amazon Dy-

The application must have a scalable NoSQL data- namoDB
base to meet increasing demand as the popularity of
the application grows.Which AWS service will meet
the requirements for the database?
A. Amazon Aurora Serverless
B. Amazon ElastiCache
C. Amazon DynamoDB
D. Amazon Redshift
62 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw

256. A company wants to set up an entire development B. AWS CodeStar

and continuous delivery toolchain for coding, build-
ing, testing, and deploying code.Which AWS service
will meet these requirements?
A. Amazon CodeGuru
B. AWS CodeStar
C. AWS CodeCommit
D. AWS CodeDeploy

257. Which service enables customers to audit API calls A. AWS CloudTrail
in their AWS accounts?
A. AWS CloudTrail
B. AWS Trusted Advisor
C. Amazon Inspector
D. AWS X-Ray

258. A company is moving its office and must establish A. AWS VPN
an encrypted connection to AWS.Which AWS service
will help meet this requirement?
A. AWS VPN
B. Amazon Route 53
C. Amazon API Gateway
D. Amazon Connect

259. A company needs steady and predictable perfor- D. Amazon EC2

mance from its Amazon EC2 instances at the lowest Auto Scaling
possible cost. The company also needs the ability
to scale resources to ensure that it has the right
resources available at the right time.Which AWS ser-
vice or resource will meet these requirements?
A. Amazon CloudWatch
B. Application Load Balancer
C. AWS Batch
D. Amazon EC2 Auto Scaling

260. Which action will provide documentation to help a B. Using AWS Ar-
company evaluate whether its use of the AWS Cloud tifact
is compliant with local regulatory standards?
A. Running Amazon GuardDuty
63 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
B. Using AWS Artifact
C. Creating an AWS Support ticket
D. Evaluating AWS CloudTrail logs

261. A company wants a cost-effective option when run- A. Spot Instances

ning its applications in an Amazon EC2 instance for
short time periods. The applications can be interrupt-
ed.Which EC2 instance type will meet these require-
ments?
A. Spot Instances
B. On-Demand Instances
C. Reserved Instances
D. Dedicated Instances

262. A retail company is building a new mobile app. The B. Increased

company is evaluating whether to build the app at an speed for trying
on-premises data center or in the AWS Cloud.Which out new projects
of the following are benefits of building this app in the D. Flexibility to
AWS Cloud? (Choose two.) scale up in min-
A. A large, upfront capital expense and low variable utes as the ap-
expenses plication becomes
B. Increased speed for trying out new projects popular
C. Complete control over the physical security of the
infrastructure
D. Flexibility to scale up in minutes as the application
becomes popular
E. Ability to pick the specific data centers that will
host the application servers

263. A developer is working on enhancing applications at C. AWS Code-

AWS. The developer needs a service that can securely Commit
host GitHub-based code, repositories, and version
controls.Which AWS service should the developer
use?
A. AWS CodeStar
B. Amazon CodeGuru
C. AWS CodeCommit
D. AWS CodePipeline

264.
64 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
What is an AWS Region? B. A physical lo-
A. A broad set of global, cloud-based products that cation around the
include compute, storage, and databases world where data
B. A physical location around the world where data centers are clus-
centers are clustered tered
C. One or more discrete data centers with redundant
power, networking, and connectivity
D. A service that developers use to build applications
that deliver latencies of single-digit milliseconds to
users

265. Which AWS benefit enables users to deploy cloud D. Global reach
infrastructure that consists of multiple geographic
regions connected by a network with low latency,
high throughput, and redundancy?
A. Economies of scale
B. Security
C. Elasticity
D. Global reach

266. A company is considering a migration from on A. Use AWS Man-

premises to the AWS Cloud. The company's IT aged Services to
team needs to offload support of the workload.What provision, run, and
should the IT team do to accomplish this goal? support the com-
A. Use AWS Managed Services to provision, run, and pany infrastruc-
support the company infrastructure. ture.
B. Build hardware refreshes into the operational cal-
endar to ensure availability.
C. Use Amazon Elastic Container Service (Amazon
ECS) on Amazon EC2 instances.
D. Overprovision compute capacity for seasonal
events and traffic spikes to prevent downtime.

267. What is a benefit of using AWS serverless comput- D. Management of

ing? infrastructure is of-
A. Application deployment and management are not floaded to AWS.
required.
B. Application security will be fully managed by AWS.

65 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Monitoring and logging are not needed.
D. Management of infrastructure is offloaded to AWS.

268. A company plans to launch an application that will D. AWS Pricing

run in multiple locations within the United States. Calculator
The company needs to identify the two AWS Re-
gions where the application can operate at the low-
est price.Which AWS service or feature should the
company use to determine the Regions that offer the
lowest price?
A. Cost Explorer
B. AWS Budgets
C. AWS Trusted Advisor
D. AWS Pricing Calculator

269. Which approach will enhance a user's security on D. Encrypt data by

AWS? using AWS Key
A. Use Multi-AZ deployments with Amazon RDS. Management Ser-
B. Create a hybrid architecture by using AWS Direct vice (AWS KMS).
Connect.
C. Monitor application-specific information with AWS
X-Ray.
D. Encrypt data by using AWS Key Management
Service (AWS KMS).

270. Which AWS service or tool is associated with an D. Security group

Amazon EC2 instance and acts as a virtual firewall to
control inbound and outbound traffic?
A. AWS WAF
B. AWS Shield
C. Network access control list (ACL)
D. Security group

271. A company wants to migrate its on-premises Mi- B. Security patch-

crosoft SQL Server database server to the AWS ing of the guest
Cloud. The company has decided to use Amazon EC2 operating system
instances to run this database.Which of the following
is the company responsible for managing, according
to the AWS shared responsibility model?
A. EC2 hypervisor
66 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
B. Security patching of the guest operating system
C. Network connectivity of the host server
D. Uptime service level agreement (SLA) for the EC2
instances

272. A developer wants to deploy an application on a D. AWS Fargate

container-based service. The service must automat-
ically provision and manage the backend instances.
The service must provision only the necessary re-
sources.Which AWS service will meet these require-
ments?
A. Amazon EC2
B. Amazon Lightsail
C. Amazon Elastic Kubernetes Service (Amazon
EKS)
D. AWS Fargate

273. Which tasks require use of the AWS account root A. Changing an
user? (Choose two.) AWS Support plan
A. Changing an AWS Support plan E. Closing an
B. Modifying an Amazon EC2 instance type AWS account
C. Grouping resources in AWS Systems Manager
D. Running applications in Amazon Elastic Kuber-
netes Service (Amazon EKS)
E. Closing an AWS account

274. Which AWS service enables the decoupling and scal- A. Amazon Sim-
ing of applications? ple Queue Service
A. Amazon Simple Queue Service (Amazon SQS) (Amazon SQS)
B. AWS Outposts
C. Amazon S3
D. Amazon Simple Email Service (Amazon SES)

275. Which of the following describes some of the core B. Amazon S3 is

functionality of Amazon S3? an object stor-
A. Amazon S3 is a high-performance block storage age service that
service that is designed for use with Amazon EC2. provides high-lev-
B. Amazon S3 is an object storage service that el performance,
provides high-level performance, security, scalability, security, scalabili-
and data availability.
67 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
C. Amazon S3 is a fully managed, highly reliable, and ty, and data avail-
scalable file storage system that is accessible over ability.
the industry-standard SMB protocol.
D. Amazon S3 is a scalable, fully managed elastic
NFS for use with AWS Cloud services and on-premis-
es resources.

276. How does consolidated billing help reduce costs for A. It aggregates
a company that has multiple AWS accounts? usage across ac-
A. It aggregates usage across accounts so that counts so that
the company can reach volume discount thresholds the company can
sooner. reach volume dis-
B. It offers an additional 5% discount on purchases count thresholds
of All Upfront Reserved Instances. sooner.
C. It provides a simplified billing invoice that the
company can process more quickly than a standard
invoice.
D. It gives AWS resellers the ability to bill their cus-
tomers for usage.

277. A company wants to secure its consumer web ap- D. AWS Certificate
plication by using SSL/TLS to encrypt traffic.Which Manager (ACM)
AWS service can the company use to meet this goal?
A. AWS WAF
B. AWS Shield
C. Amazon VPC
D. AWS Certificate Manager (ACM)

278. Which of the following are advantages of moving to C. Users expe-

the AWS Cloud? (Choose two.) rience increased
A. Users can implement all AWS services in seconds. speed and agility.
B. AWS assumes all responsibility for the security of D. Users ben-
infrastructure and applications. efit from mas-
C. Users experience increased speed and agility. sive economies of
D. Users benefit from massive economies of scale. scale.
E. Users can move hardware from their data center
to the AWS Cloud.

279. A company stores configuration files in an Ama-

zon S3 bucket. These configuration files must be ac-
68 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
cessed by applications that are running on Amazon C. Use an IAM role
EC2 instances.According to AWS security best prac- with the neces-
tices, how should the company grant permissions to sary permissions.
allow the applications for access the S3 bucket?
A. Use the AWS account root user access keys.
B. Use the AWS access key ID and the EC2 secret
access key.
C. Use an IAM role with the necessary permissions.
D. Activate multi-factor authentication (MFA) and ver-
sioning on the S3 bucket.

280. A company needs an AWS service that will continu- D. Amazon Guard-
ously monitor the company's AWS account for sus- Duty
picious activity. The service must have the ability to
initiate automated actions against threats that are
identified in the security findings.Which service will
meet these requirements?
A. AWS Trusted Advisor
B. Amazon Detective
C. Amazon Inspector
D. Amazon GuardDuty

281. A company wants to analyze streaming user data and C. Amazon Kine-
respond to customer queries in real time.Which AWS sis Data Analytics
service can meet these requirements?
A. Amazon QuickSight
B. Amazon Redshift
C. Amazon Kinesis Data Analytics
D. AWS Data Pipeline

282. Who can create and manage access keys for an AWS A. The AWS ac-
account root user? count owner
A. The AWS account owner
B. An IAM user that has administrator permissions
C. IAM users within a designated group
D. An IAM user that has the required role

283. Which AWS service can help a company detect an C. Amazon Route
outage of its website servers and redirect users to 53
alternate servers?
69 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
A. Amazon CloudFront
B. Amazon GuardDuty
C. Amazon Route 53
D. AWS Trusted Advisor

284. A web application is hosted on AWS using an Elastic B. Protecting

Load Balancer, multiple Amazon EC2 instances, and against IP spoof-
Amazon RDS.Which security measures fall under the ing and packet
responsibility of AWS? (Choose two.) sniffing
A. Running a virus scan on EC2 instances C. Installing
B. Protecting against IP spoofing and packet sniffing the latest securi-
C. Installing the latest security patches on the RDS ty patches on the
instance RDS instance
D. Encrypting communication between the EC2 in-
stances and the Elastic Load Balancer
E. Configuring a security group and a network access
control list (NACL) for EC2 instances

285. Which of the following is an AWS Well-Architected B. Make frequent,

Framework design principle for operational excel- small, reversible
lence in the AWS Cloud? changes.
A. Go global in minutes.
B. Make frequent, small, reversible changes.
C. Implement a strong foundation of identity and
access management.
D. Stop spending money on hardware infrastructure
for data center operations.

286. Which AWS service provides intelligent recommen- A. Amazon Code-

dations to improve code quality and identify an appli- Guru
cation's most expensive lines of code?
A. Amazon CodeGuru
B. AWS CodeStar
C. AWS CodeCommit
D. AWS CodeDeploy

287. A company wants to expand from one AWS Region C. Begin to deploy
into a second AWS Region.What does the company resources in the
need to do to expand into the second Region? second Region.
A. Contact an AWS account manager to sign a new
70 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
contract.
B. Move an Availability Zone to the second Region.
C. Begin to deploy resources in the second Region.
D. Download the AWS Management Console for the
second Region.

288. Which AWS service provides storage that can be B. Amazon Elastic
mounted across multiple Amazon EC2 instances? File System (Ama-
A. Amazon WorkSpaces zon EFS)
B. Amazon Elastic File System (Amazon EFS)
C. AWS Database Migration Service (AWS DMS)
D. AWS Snowball Edge

289. A company needs to deploy applications in the AWS B. AWS Elastic

Cloud as quickly as possible. The company also Beanstalk
needs to minimize the complexity that is related to
the management of AWS resources.Which AWS ser-
vice should the company use to meet these require-
ments?
A. AWS Config
B. AWS Elastic Beanstalk
C. Amazon EC2
D. Amazon Personalize

290. A company has a set of databases that are stored C. Dedicated

on premises. The company wants to bring its exist- Hosts
ing Microsoft SQL Server licenses when the com-
pany moves the databases to run on Amazon EC2
instances.Which EC2 instance purchasing option
should the company use to meet these require-
ments?
A. Dedicated Instances
B. Reserved Instances
C. Dedicated Hosts
D. Spot Instances

291. Which of the following is a way to use Amazon EC2 C. Scale the size
Auto Scaling groups to scale capacity in the AWS of EC2 instances
Cloud? up or down au-
A. Scale the number of EC2 instances in or out
71 / 72
 AWS Cloud Practitioner
Study online at https://quizlet.com/_bvpivw
automatically, based on demand. tomatically, based
B. Use serverless EC2 instances. on demand.
C. Scale the size of EC2 instances up or down auto-
matically, based on demand.
D. Transfer unused CPU resources between EC2 in-
stances.

292. A company discovered unauthorized access to re- C. AWS Abuse

sources in its on-premises data center. Upon investi- team
gation, the company found that the requests originat-
ed from a resource hosted on AWS.Which AWS team
should the company contact to report this issue?
A. AWS Customer Service team
B. AWS Sales team
C. AWS Abuse team
D. AWS Technical Support team

293. Which of the following are aspects of the AWS shared B. For Amazon S3,
responsibility model? (Choose two.) AWS operates the
A. Configuration management of infrastructure de- infrastructure lay-
vices is the customer's responsibility. er, the operating
B. For Amazon S3, AWS operates the infrastructure systems, and the
layer, the operating systems, and the platforms. platforms.
C. AWS is responsible for protecting the physical C. AWS is respon-
cloud infrastructure. sible for protecting
D. AWS is responsible for training the customer's the physical cloud
employees on AWS products and services. infrastructure.
E. For Amazon EC2, AWS is responsible for maintain-
ing the guest operating system.

72 / 72