It validates an examinee’s ability to:
Explain the value of the AWS Cloud.
Understand and explain the AWS shared responsibility model.
Understand AWS Cloud security best practices.
Understand AWS Cloud costs, economics, and billing practices.
Describe and position the core AWS services, including compute, network, databases, and storage.
Identify AWS services for common use cases.
There are two types of questions on the examination:
Multiple choice: Has one correct response and three incorrect responses (distractors).
Multiple response: Has two or more correct responses out of five or more options.
1) Why is AWS more economical than traditional data centers for applications with varying compute workloads?
A) Amazon Elastic Compute Cloud (Amazon EC2) costs are billed on a monthly basis.
B) Customers retain full administrative access to their Amazon EC2 instances.
C) Amazon EC2 instances can be launched on-demand when needed.
D) Customers can permanently run enough instances to handle peak workloads.
2) Which AWS service would simplify migration of a database to AWS?
A) AWS Storage Gateway
B) AWS Database Migration Service (AWS DMS)
C) Amazon Elastic Compute Cloud (Amazon EC2)
D) Amazon AppStream 2.0
3) Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment?
A) AWS Config
B) AWS OpsWorks
C) AWS SDK
D) AWS Marketplace
4) Which AWS networking service enables a company to create a virtual network within AWS?
A) AWS Config
B) Amazon Route 53
C) AWS Direct Connect
D) Amazon Virtual Private Cloud (Amazon VPC)
5) Which of the following is AWS's responsibility under the AWS shared responsibility model?
A) Configuring third-party applications
B) Maintaining physical hardware
C) Securing application access and data
D) Managing custom Amazon Machine Images (AMIs)
6) Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery?
A) AWS Regions
B) AWS edge locations
C) AWS Availability Zones
D) Amazon Virtual Private Cloud (Amazon VPC)
7) How would a system administrator add an additional layer of login security to a user's AWS
Management Console?
A) Use AWS Cloud Directory
B) Audit AWS Identity and Access Management (IAM) roles
C) Enable Multi-Factor Authentication
D) Enable AWS CloudTrail
8) Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated?
A) Amazon CloudWatch
B) AWS CloudTrail
C) AWS X-Ray
D) AWS Identity and Access Management (AWS IAM)
9) Which service would you use to send alerts based on Amazon CloudWatch alarms?
A) Amazon Simple Notification Service (Amazon SNS)
B) AWS CloudTrail
C) AWS Trusted Advisor
D) Amazon Route 53
10) Where can a customer find information about prohibited actions on AWS infrastructure?
A) AWS Trusted Advisor
B) AWS Identity and Access Management (IAM)
C) AWS Billing Console
D) AWS Acceptable Use Policy