AWS Certified Cloud Practitioner

65%

Question 141

Which AWS services and/or features increase availability and mitigate the effect of failures while constructing a typical three-tier web
application? (Select two.)
(Understanding of the core AWS services)

AWS Auto Scaling for Amazon EC2 instances

Amazon VPC subnet ACLs to check the health of a service

Distributed resources across multiple Availability Zones

AWS Server Migration Service (AWS SMS) to move Amazon EC2 instances into a different Region

Distributed resources across multiple AWS points of presence

Check the answer and show the description

Question 142

Which AWS serverless platform services are included?

Amazon EC2, Amazon S3, Amazon Athena

Amazon Kinesis, Amazon SQS, Amazon EMR

AWS Step Functions, Amazon DynamoDB, Amazon SNS

Amazon Athena, Amazon Cognito, Amazon EC2

Check the answer and show the description

Answer is AWS Step Functions, Amazon DynamoDB, Amazon SNS

AWS provides a set of fully managed services that you can use to build and run serverless applications. Serverless applications
don't require provisioning, maintaining, and administering servers for backend components such as compute, databases, storage,
stream processing, message queueing, and more. You also no longer need to worry about ensuring application fault tolerance and
availability. Instead, AWS handles all of these capabilities for you.

Serverless platform includes: AWS lambda, Amazon S3, DynamoDB, API gateway, Amazon SNS, AWS step functions, Amazon
kinesis and developing tools and services.

Reference:
https://aws.amazon.com/serverless/
Question 143

Which change management actions, according to the AWS Well-Architected Framework, should be followed to ensure AWS Cloud
reliability? (Select two.)
(Understanding of the core AWS services)

Use AWS Config to generate an inventory of AWS resources

Use service limits to prevent users from creating or making changes to AWS resources

Use AWS CloudTrail to record AWS API calls into an auditable log file

Use AWS Certificate Manager to whitelist approved AWS resources and services

Use Amazon GuardDuty to validate configuration changes made to AWS resources

Check the answer and show the description

Answers are;
A. Use AWS Config to generate an inventory of AWS resources
C. Use AWS CloudTrail to record AWS API calls into an auditable log file

AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets
Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. SSL/TLS
certificates are used to secure network communications and establish the identity of websites over the Internet as well as
resources on private networks. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading,
and renewing SSL/TLS certificates. So cannot be D
service limits is about resource quantity so B is wrong
GuardDuty is about threat protection so E is wrong
Can only be and A and C

Reference:
https://d1.awsstatic.com/whitepapers/architecture/AWS-Reliability-Pillar.pdf
(Page 35)

Question 144

Which AWS services or functionalities enable failover across several AWS Regions to ensure high availability and low latency? (Select
two.)
(Understanding of the core AWS services)

Amazon Route 53

Network Load Balancer

Amazon S3 Transfer Acceleration

AWS Global Accelerator

Application Load Balancer

Answers are;
A. Amazon Route 53
D. AWS Global Accelerator

A and D are Regional, B and E are zonal.

Reference:
https://docs.aws.amazon.com/whitepapers/latest/real-time-communication-on-aws/cross-region-dns-based-load-balancing-and-
failover.html

Question 145

A copy of the AWS SOC 2 report is required during a compliance review by one of the auditors.

Which service should this request be sent through?

AWS Personal Health Dashboard

AWS Trusted Advisor

AWS Artifact

Amazon S3

Check the answer and show the description

Answer is AWS Artifact

Reference:
https://aws.amazon.com/compliance/soc-faqs/

Question 146

Amazon Elastic Container Service (Amazon ECS) and Amazon DynamoDB are used by a firm to execute its mission-critical web
application. Multiple times during the day, the workload jumps to up to ten times the regular level.

Which AWS Cloud feature helps the business to adapt to these demand changes?
(Understanding of the core AWS services)

Agility

Global reach

Scalability

Security
 Check the answer and show the description

Answer is Scalability

Reference:
https://aws.amazon.com/autoscaling/

Question 147

A company is developing a mobile app that needs a high-performance NoSQL database.

Amazon Aurora

Amazon RDS

Amazon Redshift

Amazon DocumentDB (with MongoDB compatibility)

Amazon DynamoDB

Check the answer and show the description

Answers are;
Amazon DocumentDB (with MongoDB compatibility) Most Voted
E. Amazon DynamoDB Most Voted

RDS is a SQL based DB. Dynamo DB and Document DB are the only No-SQL options.

Reference:
https://cloud.netapp.com/blog/aws-cvo-blg-aws-nosql-choosing-the-best-option-for-you

Question 148

Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud
workload?
(Understanding of the core AWS services)

Amazon Route 53

Amazon Macie

AWS Direct Connect

AWS PrivateLink
 Check the answer and show the description

Answer is AWS Direct Connect

Direct connect is for private dedicated connection between on premise and AWS.
PrivateLink provides direct secure connections from VPCs to other AWS services.
VPC Private Link is a way of making your service available to set of consumers. You can expose a service and the consumers can
consume your service by creating an endpoint for your service.With PrivateLink, endpoints are instead created directly inside of
your VPC, using Elastic Network Interfaces (ENIs) and IP addresses in your VPC's subnets.To use AWS PrivateLink, create a VPC
endpoint in your VPC, specifying the name of the service and a subnet. This creates an elastic network interface in the subnet that
serves as an entry point for traffic destined to the service.
The service is now in your VPC, enabling connectivity to AWS services via private IP addresses.

Reference:
https://aws.amazon.com/privatelink/?privatelink-blogs.sort-by=item.additionalFields.createdDate&privatelink-blogs.sort-
order=desc

Question 149

Which AWS services are managed database services? (Choose two.)

Amazon Elastic Block Store (Amazon EBS)

Amazon S3

Amazon RDS

Amazon Elastic File System (Amazon EFS)

Amazon DynamoDB

Check the answer and show the description

Answers are;
C. Amazon RDS
E. Amazon DynamoDB

Except for C & E, none of them is DB services

Question 150

Which AWS service uses machine learning to help discover, monitor, and protect sensitive data that is stored in Amazon S3 buckets?
(Understanding of the core AWS services)

AWS Shield

Amazon Macie

AWS Network Firewall

Amazon Cognito
 Check the answer and show the description

Answer is Amazon Macie

Reference: https://aws.amazon.com/macie/#:~:text=Amazon%20Macie%20is%20a%20fully
,your%20sensitive%20data%20in%20AWS

Previous Question Next Question

Quick access to all questions in this exam

1-10 11-20 21-30 31-40 41-50 51-60 61-70 71-80 81-90 91-100 101-110 111-120 121-130 131-140 141-150 151-160

161-170 171-180 181-190 191-200 201-210 211-220 221-230 231-240

© 2017-2022 Pass n Exam, Inc. · Privacy · Terms Back to top