Q781.A company needs to perform a one-time migration of 40TB of data from its on-premises storage servers to Amazon S3. The transfer must happen as quickly as possible while keeping costs to a minimum. The company has 100 Mbps internet connectivity. Which AWS service will meet these requirements?
A. AWS Snowball
B. AWS Direct Connect
C. AWS Storage Gateway
D. Amazon S3 Transfer Acceleration
Q782.A company uses a database that has a simple sign-up page to create users, and a basic login form to authenticate users so they can access the database. The company wants to give users the ability to store personal information, but the user access must be controlled in a more secure and reliable way. Which AWS service or feature will meet these requirements?
A. Security groups
B. Amazon GuardDuty
C. AWS Secrets Manager
D. Amazon Cognito
Q783.Which action is consistent with the principle of least privilege in terms of AWS Cloud architecture?
A. Allow users the minimum access that is needed to do a task.
B. Prevent managers from accessing important source code.
C. Provide only the permissions that are needed for users to do their jobs in the current month.
D. Assign permissions that are based on job titles.
Q784.A company is based in the us-east-1 Region and has a satellite office in the eu-west-2 Region. The company wants to use Amazon WorkSpaces to host its internal web portal and virtual desktops for employees. What should the company do to minimize latency and ensure the best possible performance for employees?
A. Deploy the internal web portal and virtual desktops to us-east-1 only. Use an Amazon CloudFront distribution for the users in eu-west-2.
B. Deploy the internal web portal to us-east-1 only. Deploy the virtual desktops to us-east-1 and eu-west-2.
C. Deploy the internal web portal to us-east-1 and eu-west-2. Deploy the virtual desktops on network optimized Amazon EC2 instances to us-east-1 only.
D. Deploy the internal web portal and virtual desktops to us-east-1 and eu-west-2.
Q785.A company needs a firewall that will control network connections to and from a single Amazon EC2 instance. This firewall will not control network connections to and from other instances that are in the same subnet. Which AWS service or feature can the company use to meet these requirements?
A. Network ACL
B. AWS WAF
C. Route table
D. Security group
Q786.A company is designing a new application that will store and retrieve millions of photos and videos. Which AWS service or feature can provide the underlying storage at the LOWEST cost?
A. Amazon EC2 instance store
B. Amazon Elastic Block Store (Amazon EBS)
C. Amazon S3
D. Amazon Simple Queue Service (Amazon SQS)
Q787.A company wants to rightsize its infrastructure to control costs.
At which points should the company rightsize? (Choose two.)
A. Rightsize before a migration occurs to the cloud.
B. Rightsize continuously after the cloud onboarding process.
C. Rightsize when AWS Support calls and explains that rightsizing is needed.
D. Rightsize when seasonal workloads are at their peak.
E. Rightsize after purchasing all Reserved Instances.
Q788.A company is building a mobile app to provide shopping recommendations to its customers. The company wants to use a graph database as part of the shopping recommendation engine. Which AWS database service should the company choose?
A. Amazon DynamoDB
B. Amazon Aurora
C. Amazon Neptune
D. Amazon DocumentDB (with MongoDB compatibility)
Q789.AWS can relieve a company’s IT staff of which of the following IT tasks? (Choose two.)
A. Patching database software
B. Storage capacity planning
C. Creating database schemas
D. Setting up access controls for data
E. Writing application code
Q790.What are the market advantages of running workloads in the AWS Cloud? (Choose two.)
A. Less staff time is required to deploy new workloads.
B. Increased time to market for new application features.
C. Higher acquisition costs to support peak workloads.
D. Increased productivity for application development teams.
E. A decrease in the average server CPU utilization.
Q791.A cloud practitioner wants information on the state of an existing AWS environment compared against established best practices. Which AWS services or features should the cloud practitioner use to obtain this information? (Choose two.)
A. AWS Artifact
B. AWS Solutions Library
C. AWS Trusted Advisor
D. AWS Well-Architected Tool
E. AWS Personal Health Dashboard
Q792.A cloud practitioner needs an effective method to decrease application latency and increase performance for end users. Which services will help? (Choose two.)
A. Amazon Elastic Container Service (Amazon ECS) for Kubernetes
B. Amazon S3
C. Amazon AppStrearn 2.0
D. Amazon ElastiCache
E. Amazon CloudFront
Q793.Which design principles are enabled by the AWS Cloud to improve the operation of workloads? (Choose two.)
A. Minimize upfront design
B. Loose coupling
C. Disposable resources
D. Server design and concurrency
E. Minimal viable product
Q794.A company hosts its website on Amazon EC2 instances. The company needs to ensure that the website reaches a global audience and provides minimum latency to users. Which AWS service should the company use to meet these requirements?
A. Amazon Route 53
B. Amazon CloudFront
C. Elastic Load Balancing
D. AWS Lambda
Q795.Which AWS service or feature is highly available by default?
A. Amazon EC2
B. Amazon Aurora
C. NAT instances
D. Amazon RDS
Q796.A company is developing an application that uses multiple AWS services. The application needs to use temporary, limited-privilege credentials for authentication with other AWS APIs. Which AWS service or feature should the company use to meet these authentication requirements?
A. Amazon API Gateway
B. IAM users
C. AWS Security Token Service (AWS STS)
D. IAM instance profiles
Q797.Which AWS service should a company use to continuously monitor the compliance of AWS resource configurations?
A. AWS Organizations
B. AWS Config
C. AWS Artifact
D. AWS Service Catalog
Q798.A company uses Amazon DynamoDB in its AWS Cloud architecture.
According to the AWS shared responsibility model, which of the following are responsibilities of the company? (Choose two.)
A. Operating system patching and upgrades
B. Application of appropriate permissions with IAM tools
C. Configuration of data encryption options
D. Creation of DynamoDB endpoints
E. Infrastructure provisioning and maintenance
Q799.Which AWS service or feature offers HTTP attack protection to users running public-facing web applications?
A. Security groups
B. Network ACLs
C. AWS WAF
D. AWS Shield Standard
Q800.Which option is the default pricing model for Amazon EC2 instances?
A. On-Demand Instances
B. Savings Plans
C. Spot instances
D. Reserved Instances
Q801.Which of the following are pillars of the AWS Well-Architected Framework? (Choose two.)
A. High availability
B. Performance efficiency
C. Cost optimization
D. Going global in minutes
E. Continuous development
Q802.Which component of the AWS global infrastructure does Amazon CloudFront use to speed up the delivery of content to users across the world?
A. Amazon VPC
B. Edge location
C. Local Zone
D. AWS Outposts connection
Q803.Which of the following is a design principle of the reliability pillar of the AWS Well-Architected Framework?
A. Scale globally in minutes.
B. Adopt a consumption model.
C. Automatically recover from failure.
D. Make frequent, small, reversible changes.
Q804.A cloud practitioner needs to obtain AWS compliance reports before migrating an environment to the AWS Cloud. How can these reports be generated?
A. Contact the AWS Compliance team
B. Download the reports from AWS Artifact
C. Open a case with AWS Support
D. Generate the reports with Amazon Macie
Q805.A company wants to use Amazon EC2 instances to provide a static website to users all over the world. The company needs to minimize latency for the users. Which solution meets these requirements?
A. Use EC2 instances in a single Availability Zone.
B. Use EC2 instances across multiple Availability Zones in the same AWS Region.
C. Use Amazon CloudFront with the EC2 instances configured as the source.
D. Use EC2 instances in the same edge location and the same AWS Region.
Q806.A company has a business-critical Amazon RDS for MySQL DB instance that resides in a single Availability Zone. Which solution will improve the availability of the DB instance?
A. Convert the DB instance into a multi-Region deployment.
B. Create an Amazon Simple Queue Service (Amazon SQS) queue in the same AWS Region to manage writes to the DB instance.
C. Convert the DB instance into a Multi-AZ deployment.
D. Create an Amazon Simple Queue Service (Amazon SQS) queue in a different AWS Region to manage writes to the DB instance.
Q807.Which AWS Cloud service can send alerts to customers if custom spending thresholds are exceeded?
A. AWS Budgets
B. AWS Cost Explorer
C. AWS Cost Allocation Tags
D. AWS Organizations
Q808.Which AWS services or features can control VPC traffic? (Choose two.)
A. Security groups
B. AWS Direct Connect
C. Amazon GuardDuty
D. Network ACLs
E. Amazon Connect
Q809.An ecommerce application uses Java Message Service (JMS) messaging to communicate between its fulfillment center and the application after an order has been placed. The company wants to migrate its messaging application to AWS. The company also wants to minimize the effort used to rewrite the messaging code. Which AWS service will meet these requirements?
A. Amazon Simple Notification Service (Amazon SNS)
B. Amazon Simple Email Service (Amazon SES)
C. Amazon Pinpoint
D. Amazon MQ
Q810.A cloud practitioner needs to obtain AWS compliance reports before migrating an environment to the AWS Cloud. How can these reports be generated?
A. Contact the AWS Compliance team
B. Download the reports from AWS Artifact
C. Open a case with AWS Support
D. Generate the reports with Amazon Macie
Q811.A company is running a monolithic on-premises application that does not scale and is difficult to maintain. The company has a plan to migrate the application to AWS and divide the application into microservices. Which best practice of the AWS Well-Architected Framework is the company following with this plan?
A. Integrate functional testing as part of AWS deployment.
B. Use automation to deploy changes.
C. Deploy the application to multiple locations.
D. Implement loosely coupled dependencies.
Q812.A company is running a workload in the AWS Cloud. Which AWS best practice ensures the MOST cost-effective architecture for the workload?
A. Loose coupling
B. Rightsizing
C. Caching
D. Redundancy
Q813.Which AWS service gives users the ability to combine existing accounts into a centrally managed hierarchy?
A. AWS Organizations
B. AWS Identity and Access Management (IAM)
C. AWS Config
D. Amazon Inspector
Q814.Which AWS service gives users the ability to combine existing accounts into a centrally managed hierarchy?
A. AWS Organizations
B. AWS Identity and Access Management (IAM)
C. AWS Config
D. Amazon Inspector
Q815.Which AWS Cloud design principle is a company using when the company implements AWS CloudTrail?
A. Activate traceability.
B. Use serverless compute architectures.
C. Perform operations as code.
D. Go global in minutes.
Q816.A company is running applications on Amazon EC2 instances in the same AWS account for several different projects. The company wants to track the infrastructure costs for each of the projects separately. The company must conduct this tracking with the least possible impact to the existing infrastructure and with no additional cost. What should the company do to meet these requirements?
A. Use a different EC2 instance type for each project.
B. Publish project-specific custom Amazon CloudWatch metrics for each application.
C. Deploy EC2 instances for each project in a separate AWS account.
D. Use cost allocation tags with values that are specific to each project.
Q817.A company is storing sensitive customer data in an Amazon S3 bucket. The company wants to protect the data from accidental deletion or overwriting. Which S3 feature should the company use to meet these requirements?
A. S3 Lifecycle rules
B. S3 Versioning
C. S3 bucket policies
D. S3 server-side encryption
Q818.A company runs thousands of simultaneous simulations using AWS Batch. Each simulation is stateless, is fault tolerant, and runs for up to 3 hours. Which pricing model enables the company to optimize costs and meet these requirements?
A. Reserved Instances
B. Spot Instances
C. On-Demand Instances
D. Dedicated Instances
Q819.Which AWS database service provides in-memory data storage?
A. Amazon DynamoDB
B. Amazon ElastiCache
C. Amazon RDS
D. Amazon Timestream
Q820.Who enables encryption of data at rest for Amazon Elastic Block Store (Amazon EBS)?
A. AWS Support
B. AWS customers
C. AWS Key Management Service (AWS KMS)
D. AWS Trusted Advisor
Q821.A company plans to move its test workloads to Amazon EC2. The test workloads can be interrupted and are not required to start at a particular time. Which EC2 instance purchasing option is MOST cost-effective for this use case?
A. On-Demand Instances:
B. Spot Instances
C. Reserved Instances
D. Dedicated Hosts
Q822.Which of the following is a benefit of operating in the AWS Cloud?
A. The ability to migrate on-premises network devices to the AWS Cloud
B. The ability to expand compute, storage, and memory when needed
C. The ability to host custom hardware in the AWS Cloud
D. The ability to customize the underlying hypervisor layer for Amazon EC2
Q823:A company needs to connect multiple VPCs and on-premises networks through a single network connection to the AWS Cloud. Which solution meets this requirement?
A. AWS Transit Gateway
B. AWS Direct Connect
C. VPC peering
D. AWS Client VPN
Q824:Which Amazon Route 53 routing policy can a company use to route traffic to multiple resources in specific proportions?
A. Weighted routing policy
B. Multivalue answer routing policy
C. Failover routing policy
D. Latency routing policy
Q825.A company website is experiencing DDoS attacks. Which AWS service can help protect the company website against these attacks?
A. AWS Resource Access Manager
B. AWS Amplify
C. AWS Shield
D. Amazon GuardDuty
Q826.A company must compare the cost of running a MySQL database on an Amazon EC2 instance and Amazon RDS DB instance. Which AWS service or tool should the company use?
A. AWS Budgets
B. AWS Control Tower
C. AWS Outposts
D. AWS Pricing Calculator
Q827.A company that has multiple AWS accounts wants to reduce its recurring cloud costs. The company is using AWS Organizations. Which AWS tool or feature will share volume pricing discounts and Savings Plans among accounts?
A. AWS Budgets
B. Consolidated billing
C. AWS credits
D. Cost allocation tags
Q828.A company is using a third-party service to back up 10 TB of data to a tape library. The on-premises backup server is running out of space. The company wants to use AWS services for the backups without changing its existing backup workflows. Which AWS service should the company use to meet these requirements?
A. Amazon Elastic Block Store (Amazon EBS)
B. AWS Storage Gateway
C. Amazon Elastic Container Service (Amazon ECS)
D. AWS Lambda
Q829.A company is building a new application on AWS. The company needs the application to remain available if an individual application component fails. Which design principle should the company use to meet this requirement?
A. Disposable resources
B. Automation
C. Rightsizing
D. Loose coupling
Q830.A company website is experiencing DDoS attacks. Which AWS service can help protect the company website against these attacks?
A. AWS Resource Access Manager
B. AWS Amplify
C. AWS Shield
D. Amazon GuardDuty
Q831.A company must compare the cost of running a MySQL database on an Amazon EC2 instance and Amazon RDS DB instance. Which AWS service or tool should the company use?
A. AWS Budgets
B. AWS Control Tower
C. AWS Outposts
D. AWS Pricing Calculator
Q832.A company that has multiple AWS accounts wants to reduce its recurring cloud costs. The company is using AWS Organizations. Which AWS tool or feature will share volume pricing discounts and Savings Plans among accounts?
A. AWS Budgets
B. Consolidated billing
C. AWS credits
D. Cost allocation tags
Q833.Which encryption types can be used to protect objects at rest in Amazon S3? (Choose two.)
A. Server-side encryption with Amazon S3 managed encryption keys (SSE-S3)
B. Server-side encryption with AWS KMS managed keys (SSE-KMS)
C. TLS
D. SSL
E. Transparent Data Encryption (TDE)
Q834.A batch workload takes 5 hours to finish on an Amazon EC2 instance. The amount of data to be processed doubles monthly and the processing time is proportional. What is the best cloud architecture to address this consistently growing demand?
A. Run the application on a bigger EC2 instance size.
B. Switch to an EC2 instance family that better matches batch requirements.
C. Distribute the application across multiple EC2 instances and run the workload in parallel.
D. Run the application on a bare metal EC2 instance.
Q835.A company runs an application in the AWS Cloud. The levels of traffic to the application vary throughout the week. The company wants to increase the reliability of its application at all times, even during times of high traffic. Which combination of steps will meet this requirement? (Choose two.)
A. Test recovery procedures.
B. Purchase instances weekly based on the previous week’s high traffic points.
C. Handle software failures automatically.
D. Scale the application vertically.
E. Make all changes in the environment manually.
Q836.A company has identified a high-risk network security issue during an AWS Well-Architected review. The company needs a managed solution that the company can use to deploy essential network protections for all of its VPCs. Which AWS service or feature meets these requirements?
A. Security groups
B. Network ACLs
C. AWS Network Firewall
D. Amazon VPC Network Access Analyzer
Q837.How does AWS Cloud computing help businesses reduce costs? (Choose two.)
A. AWS charges the same prices for services in every AWS Region.
B. AWS enables capacity to be adjusted on demand.
C. AWS offers discounts for Amazon EC2 instances that remain idle for more than 1 week.
D. AWS does not charge for data sent from the AWS Cloud to the internet.
E. AWS eliminates many of the costs of building and maintaining on-premises data centers.
Q838.In which of the following AWS services should database credentials be stored for maximum security?
A. AWS Identity and Access Management (IAM)
B. AWS Secrets Manager
C. Amazon S3
D. AWS Key Management Service (AWS KMS)
Q839.Which AWS service providers automated backups of data by default?
A. Amazon S3
B. Amazon Aurora
C. Amazon ElastiCache for Memcached
D. Amazon Elastic File System (Amazon EFS)
Q840.Which tasks can be performed by an IAM user that has been granted all of the AWS Identity and Access Management (IAM) permissions that are available? (Choose two.)
A. Activate IAM access to the AWS Billing and Cost Management console.
B. Close an AWS account.
C. Turn on multi-factor authentication (MFA) for non-administrative IAM users.
D. Change the AWS Support plan.
E. Delegate access to another AWS account.
