.png){kind=logo}
PDF Download
CLOUD PRACTITIONER RIGHT ANSWERS PT. 4 (LA) EXAM
QUESTIONS
Actual Qs and Ans Expert-Verified Explanation
This Exam contains:
-Guarantee passing score -49 Questions and Answers -format set of multiple-choice -Expert-Verified Explanation Question 1: You are managing the company's AWS account. The current support plan is Basic, but you would like to begin using Infrastructure Event Management. What support plan (that already includes Infrastructure Event Management without an additional fee) should you upgrade to?
Answer:
Upgrade to Enterprise Plan AWS Infrastructure Event Management is a structured program available to Enterprise support customers (and Business Support customers for an additional fee) that helps you plan for large-scale events, such as product or application launches, infrastructure migrations, and marketing events.With Infrastructure Event Management, you get strategic planning assistance before your event, as well as real-time support during these moments that matter most for your business.https://aws.amazon.com/premiumsupport/programs/iem/#:~:text=AWS%20Infrastructure%20Event%20Management%20is,infrastructure%20migrations%2C%20and%20marketing%20events Question 2: Which AWS service can you use to connect your AWS cloud with an on-premises data center?
Answer:
Virtual Private Gateway A virtual private gateway is a logical, fully redundant distributed edge routing function that sits at the edge of your VPC. As it is capable of terminating VPN connections from your on-prem or customer environments, the VPG is the VPN concentrator on the Amazon side of the Site-to-Site VPN connection.
Question 3: Which statement is true regarding the AWS Global Infrastructure?
Answer:
Each AWS region contains multiple availability zones.
https://aws.amazon.com/about-aws/global-infrastructure/
Question 4: A small startup is configuring its AWS cloud environment. Which AWS service will allow grouping these users together and applying permissions to them as a group?
Answer:
AWS IAM
AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
https://aws.amazon.com/iam/
Question 5: You have recently started using AWS and now need to launch a large number of instances in your VPC. You learn that this number exceeds the service limits for instances in a VPC. What can you do?
Answer:
Contact AWS and request a service limit increase.Use the Limits page in the Amazon EC2 console to request an increase in the limits for resources provided by Amazon EC2 or Amazon VPC on a per-Region basis.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html
Question 6: After configuring your VPC and all of the resources within it, you want to add an extra layer of security at the subnet level. Which will you use to add this security?
Answer:
Network ACL A network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. You might set up network ACLs with rules similar to your security groups to add an additional layer of security to your VPC.
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html
Question 7: You want to define a virtual network in your AWS cloud to be able to launch resources in that virtual network. What do you need to configure?
Answer:
VPC Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including the selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and
IPv6 in your VPC for secure and easy access to resources and applications.
https://aws.amazon.com/vpc/
Question 8: Your Finance Department has instructed you to save costs wherever possible when using the AWS Cloud. You notice that using reserved EC2 instances on a 1-year contract will save money. What payment method will save the most money?
Answer:
All Upfront With the All Upfront option, you pay for the entire Reserved Instance term with one upfront payment.This option provides you with the largest discount compared to On-Demand Instance pricing.
https://aws.amazon.com/ec2/pricing/reserved-instances/pricing/
Question 9: A retail company has EC2 On-Demand instances running to serve customer transactions. There is a set pattern of traffic where demand is high at two points in the day, but the instances sit idle for much of the day. What is a good way to optimize these resources?
Answer:
Use an Auto Scaling Group to scale out and in based on demand.The Auto Scaling Group can be used to scale out and scale in the instances as the demand dictates.This will save money and avoid having instances sitting idle for long periods of time.AWS Auto Scaling monitors your applications and automatically adjusts your capacity to maintain steady, predictable performance at the lowest possible cost. Using AWS Auto Scaling, it's easy to set up application scaling for multiple resources across multiple services in minutes.
https://aws.amazon.com/autoscaling/
Question 10: You are storing sensitive employee information in an S3 Bucket. What can you use to give bucket access only to authorized personnel?
Answer:
Bucket Policy S3 bucket policies specify what actions are allowed or denied for which principals on the bucket that the bucket policy is attached to (e.g., allow user Alice to PUT but not DELETE objects in the bucket).https://aws.amazon.com/blogs/security/iam-policies-and-bucket-policies-and-acls-oh-my-controlling-access-to-s3-resources/#:~:text=In%20other%20words%2C%20IAM%20policies,do%20in%20your%20AWS%20environment.&text=S3%20bucket%20policies%20specify%20what,DELETE%20objects%20in%20the%20bucket Question 11: Users need to access AWS resources from the command-line interface. Which IAM option can be used for authentication?
Answer:
Access Keys You must provide your AWS access keys to make programmatic calls to AWS or to use the AWS Command Line Interface or AWS Tools for PowerShell.When you create your access keys, you create the access key ID (for example, AKIAIOSFODNN7EXAMPLE) and secret access key (for example,
wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY) as a set. The secret access key is available for download only when you create it. If you don't download your secret access key or if you lose it, you must create a new one.
https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html
Question 12: A company has a large number of S3 buckets and needs to manage and automate tasks on these buckets at one time. Which AWS feature can do this?
Answer:
Resource Groups You can use resource groups to organize your AWS resources. Resource groups make it easier to manage and automate tasks on large numbers of resources at one time. This guide shows you how to create and manage resource groups in AWS Resource Groups.
https://docs.aws.amazon.com/ARG/latest/userguide/welcome.html
Question 13: You have been tasked to create an S3 bucket for storing templates. A team member has forwarded you the templates, which are used for creating multiple different AWS resources such as S3 buckets, EC2 instances, and VPCs. Which service uses these templates to create AWS resources?
Answer:
CloudFormation AWS CloudFormation simplifies provisioning and management on AWS. You can create templates for the service or application architectures you want and have AWS CloudFormation use those templates for quick and reliable provisioning of the services or applications (called "stacks"). You can also easily update or replicate the stacks as needed.
https://aws.amazon.com/cloudformation/resources/templates/
Question 14: You are trying out AWS on a trial basis and need to deploy an application without having to configure servers. Which AWS service can you use?
Answer:
Elastic Beanstalk AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.
https://aws.amazon.com/elasticbeanstalk/
Question 15: Your company hosts gaming applications online and would like to deliver these apps to a worldwide audience. Which AWS Service would enable delivery to users worldwide and greatly improve response times?
Answer:
CloudFront Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos,
.png)