1. What time-savings advantage is offered with the use of Amazon Rekognition?

- A. Amazon Rekognition provides automatic watermarking of images.

- B. Amazon Rekognition provides automatic detection of objects appearing in
pictures.
- C. Amazon Rekognition provides the ability to resize millions of images
automatically.
- D. Amazon Rekognition uses Amazon Mechanical Turk to allow humans to bid on
object detection jobs.

Correct Answer: B

2. When comparing AWS with on-premises Total Cost of Ownership (TCO), what costs
are included?
- A. Data center security
- B. Business analysis
- C. Project management
- D. Operating system administration

Correct Answer: A

3. According to the AWS shared responsibility model, what is AWS responsible for?
- A. Configuring Amazon VPC
- B. Managing application code
- C. Maintaining application traffic
- D. Managing the network infrastructure

Correct Answer: D

4. Which service should be used to estimate the costs of running a new project on
AWS?
- A. AWS TCO Calculator
- B. AWS Simple Monthly Calculator
- C. AWS Cost Explorer API
- D. AWS Budgets

Correct Answer: C

5. Which AWS tool will identify security groups that grant unrestricted Internet
access to a limited list of ports?
- A. AWS Organizations
- B. AWS Trusted Advisor
- C. AWS Usage Report
- D. Amazon EC2 dashboard

Correct Answer: B
6. Which AWS service can be used to generate alerts based on an estimated monthly
bill?
- A. AWS Config
- B. Amazon CloudWatch
- C. AWS X-Ray
- D. AWS CloudTrail

Correct Answer: B

7. Which Amazon EC2 pricing model offers the MOST significant discount when
compared to On-Demand Instances?
- A. Partial Upfront Reserved Instances for a 1-year term
- B. All Upfront Reserved Instances for a 1-year term
- C. All Upfront Reserved Instances for a 3-year term
- D. No Upfront Reserved Instances for a 3-year term

Correct Answer: C

8. Which of the following is the responsibility of AWS?

- A. Setting up AWS Identity and Access Management (IAM) users and groups
- B. Physically destroying storage media at end of life
- C. Patching guest operating systems
- D. Configuring security settings on Amazon EC2 instances

Correct Answer: B

9. Which of the following is an advantage of using AWS?

- A. AWS audits user data.
- B. Data is automatically secure.
- C. There is no guessing on capacity needs.
- D. AWS manages compliance needs.

Correct Answer: C

10. Which AWS service would a customer use with a static website to achieve lower
latency and high transfer speeds?
- A. AWS Lambda
- B. Amazon DynamoDB Accelerator
- C. Amazon Route 53
- D. Amazon CloudFront

Correct Answer: D

11. Which services manage and automate application deployments on AWS? (Choose
two.)
- A. AWS Elastic Beanstalk
- B. AWS CodeCommit
- C. AWS Data Pipeline
- D. AWS CloudFormation
 - E. AWS Config

Correct Answer: AD

12. A user wants guidance on possible savings when migrating from on-premises to
AWS. <br/> Which tool is suitable for this scenario?
- A. AWS Budgets
- B. Cost Explorer
- C. AWS Total Cost of Ownership (TCO) Calculator
- D. AWS Well-Architected Tool

Correct Answer: C

13. Which principles are used to architect applications for reliability on the AWS
Cloud? (Choose two.)
- A. Design for automated failure recovery
- B. Use multiple Availability Zones
- C. Manage changes via documented processes
- D. Test for moderate demand to ensure reliability
- E. Backup recovery to an on-premises environment

Correct Answer: AB

14. What tasks should a customer perform when that customer suspects an AWS account
has been compromised? (Choose two.)
- A. Rotate passwords and access keys.
- B. Remove MFA tokens.
- C. Move resources to a different AWS Region.
- D. Delete AWS CloudTrail Resources.
- E. Contact AWS Support.

Correct Answer: AE

15. What is an example of high availability in the AWS Cloud?

- A. Consulting AWS technical support at any time day or night
- B. Ensuring an application remains accessible, even if a resource fails
- C. Making any AWS service available for use by paying on demand
- D. Deploying in any part of the world using AWS Regions

Correct Answer: B

16. Which AWS security service protects applications from distributed denial of
service attacks with always-on detection and automatic inline mitigations?
- A. Amazon Inspector
- B. AWS Web Application Firewall (AWS WAF)
- C. Elastic Load Balancing (ELB)
- D. AWS Shield

Correct Answer: D
17. A company wants to monitor the CPU usage of its Amazon EC2 resources. <br/>
Which AWS service should the company use?
- A. AWS CloudTrail
- B. Amazon CloudWatch
- C. AWS Cost and Usage report
- D. Amazon Simple Notification Service (Amazon SNS)

Correct Answer: B

18. What is an AWS Identity and Access Management (IAM) role?

- A. A user associated with an AWS resource
- B. A group associated with an AWS resource
- C. An entity that defines a set of permissions for use with an AWS resource
- D. An authentication credential associated with a multi-factor authentication
(MFA) token

Correct Answer: C

19. What are the advantages of Reserved Instances? (Choose two.)

- A. They provide a discount over on-demand pricing.
- B. They provide access to additional instance types.
- C. They provide additional networking capability.
- D. Customers can upgrade instances as new types become available.
- E. Customers can reserve capacity in an Availability Zone.

Correct Answer: AE

20. How do Amazon EC2 Auto Scaling groups help achieve high availability for a web
application?
- A. They automatically add more instances across multiple AWS Regions based on
global demand of the application.
- B. They automatically add or replace instances across multiple Availability
Zones when the application needs it.
- C. They enable the application's static content to reside closer to end
users.
- D. They are able to distribute incoming requests across a tier of web server
instances.

Correct Answer: B

21. How can one AWS account use Reserved Instances from another AWS account?
- A. By using Amazon EC2 Dedicated Instances
- B. By using AWS Organizations consolidated billing
- C. By using the AWS Cost Explorer tool
- D. By using AWS Budgets

Correct Answer: B

22. A customer runs an On-Demand Amazon Linux EC2 instance for 3 hours, 5 minutes,
and 6 seconds. <br/> For how much time will the customer be billed?
 - A. 3 hours, 5 minutes
- B. 3 hours, 5 minutes, and 6 seconds
- C. 3 hours, 6 minutes
- D. 4 hours

Correct Answer: B

23. Which of the following AWS services provide compute resources? (Choose two.)
- A. AWS Lambda
- B. Amazon Elastic Container Service (Amazon ECS)
- C. AWS CodeDeploy
- D. Amazon Glacier
- E. AWS Organizations

Correct Answer: AB

24. Which AWS service enables users to deploy infrastructure as code by automating
the process of provisioning resources?
- A. Amazon GameLift
- B. AWS CloudFormation
- C. AWS Data Pipeline
- D. AWS Glue

Correct Answer: B

25. Which AWS services provide a way to extend an on-premises architecture to the
AWS Cloud? (Choose two.)
- A. Amazon EBS
- B. AWS Direct Connect
- C. Amazon CloudFront
- D. AWS Storage Gateway
- E. Amazon Connect

Correct Answer: BD

26. Which of the following allows users to provision a dedicated network connection
from their internal network to AWS?
- A. AWS CloudHSM
- B. AWS Direct Connect
- C. AWS VPN
- D. Amazon Connect

Correct Answer: B

27. Which services use AWS edge locations? (Choose two.)

- A. Amazon CloudFront
- B. AWS Shield
- C. Amazon EC2
- D. Amazon RDS
 - E. Amazon ElastiCache

Correct Answer: A,B

28. Which service would provide network connectivity in a hybrid architecture that
includes the AWS Cloud?
- A. Amazon VPC
- B. AWS Direct Connect
- C. AWS Directory Service
- D. Amazon API Gateway

Correct Answer: A

29. Which tool can be used to compare the costs of running a web application in a
traditional hosting environment to running it on AWS?
- A. AWS Cost Explorer
- B. AWS Budgets
- C. AWS Cost and Usage report
- D. AWS Total Cost of Ownership (TCO) Calculator

Correct Answer: D

30. What is the value of using third-party software from AWS Marketplace instead of
installing third-party software on Amazon EC2? (Choose two.)
- A. Users pay for software by the hour or month depending on licensing.
- B. AWS Marketplace enables the user to launch applications with 1-Click.
- C. AWS Marketplace data encryption is managed by a third-party vendor.
- D. AWS Marketplace eliminates the need to upgrade to newer software versions.
- E. Users can deploy third-party software without testing.

Correct Answer: AB

31. Which of the following is a cloud architectural design principle?

- A. Scale up, not out.
- B. Loosely couple components.
- C. Build monolithic systems.
- D. Use commercial database software.

Correct Answer: B

32. Under the shared responsibility model; which of the following areas are the
customer's responsibility? (Choose two.)
- A. Firmware upgrades of network infrastructure
- B. Patching of operating systems
- C. Patching of the underlying hypervisor
- D. Physical security of data centers
- E. Configuration of the security group

Correct Answer: BE
33. Which service enables customers to audit and monitor changes in AWS resources?
- A. AWS Trusted Advisor
- B. Amazon GuardDuty
- C. Amazon Inspector
- D. AWS Config

Correct Answer: D

34. Which AWS service identifies security groups that allow unrestricted access to
a user's AWS resources?
- A. AWS CloudTrail
- B. AWS Trusted Advisor
- C. Amazon CloudWatch
- D. Amazon Inspector

Correct Answer: B

35. According to the AWS shared responsibility model, who is responsible for
configuration management?
- A. It is solely the responsibility of the customer.
- B. It is solely the responsibility of AWS.
- C. It is shared between AWS and the customer.
- D. It is not part of the AWS shared responsibility model.

Correct Answer: C

36. Which AWS service is a content delivery network that securely delivers data,
video, and applications to users globally with low latency and high speeds?
- A. AWS CloudFormation
- B. AWS Direct Connect
- C. Amazon CloudFront
- D. Amazon Pinpoint

Correct Answer: C

37. Which benefit of the AWS Cloud supports matching the supply of resources with
changing workload demands?
- A. Security
- B. Reliability
- C. Elasticity
- D. High availability

Correct Answer: C

38. A user is running an application on AWS and notices that one or more AWS-owned
IP addresses is involved in a distributed denial-of-service (DDoS) attack. <br/>
Who should the user contact FIRST about this situation?
- A. AWS Premium Support
 - B. AWS Technical Account Manager
- C. AWS Solutions Architect
- D. AWS Abuse team

Correct Answer: D

39. Which of the following are benefits of hosting infrastructure in the AWS Cloud?
(Choose two.)
- A. There are no upfront commitments.
- B. AWS manages all security in the cloud.
- C. Users have the ability to provision resources on demand.
- D. Users have access to free and unlimited storage.
- E. Users have control over the physical infrastructure.

Correct Answer: AC

40. What AWS service would be used to centrally manage AWS access policies across
multiple accounts?
- A. AWS Service Catalog
- B. AWS Config
- C. AWS Trusted Advisor
- D. AWS Organizations

Correct Answer: D

41. What is AWS Trusted Advisor?

- A. It is an AWS staff member who provides recommendations and best practices
on how to use AWS.
- B. It is a network of AWS partners who provide recommendations and best
practices on how to use AWS.
- C. It is an online tool with a set of automated checks that provides
recommendations on cost optimization, performance, and security.
- D. It is another name for AWS Technical Account Managers who provide
recommendations on cost optimization, performance, and security.

Correct Answer: C

42. Which AWS service or feature allows a company to visualize, understand, and
manage AWS costs and usage over time?
- A. AWS Budgets
- B. AWS Cost Explorer
- C. AWS Organizations
- D. Consolidated billing

Correct Answer: B

43. Which AWS service offers on-demand access to AWS security and compliance
reports?
- A. AWS CloudTrail
- B. AWS Artifact
- C. AWS Health
- D. Amazon CloudWatch

Correct Answer: B

44. What are the benefits of using the AWS Cloud for companies with customers in
many countries around the world? (Choose two.)
- A. Companies can deploy applications in multiple AWS Regions to reduce
latency.
- B. Amazon Translate automatically translates third-party website interfaces
into multiple languages.
- C. Amazon CloudFront has multiple edge locations around the world to reduce
latency.
- D. Amazon Comprehend allows users to build applications that can respond to
user requests in many languages.
- E. Elastic Load Balancing can distribute application web traffic to multiple
AWS Regions around the world, which reduces latency.

Correct Answer: AC

45. Which AWS service handles the deployment details of capacity provisioning, load
balancing, Auto Scaling, and application health monitoring?
- A. AWS Config
- B. AWS Elastic Beanstalk
- C. Amazon Route 53
- D. Amazon CloudFront

Correct Answer: B

46. Which AWS service provides inbound and outbound network ACLs to harden
external connectivity to Amazon EC2?
- A. AWS IAM
- B. Amazon Connect
- C. Amazon VPC
- D. Amazon API Gateway

Correct Answer: C

47. When a company provisions web servers in multiple AWS Regions, what is being
increased?
- A. Coupling
- B. Availability
- C. Security
- D. Durability

Correct Answer: B
48. The pay-as-you-go pricing model for AWS services:
- A. reduces capital expenditures.
- B. requires payment up front for AWS services.
- C. is relevant only for Amazon EC2, Amazon S3, and Amazon RDS.
- D. reduces operational expenditures.

Correct Answer: A

49. Under the AWS shared responsibility model, AWS is responsible for which
security-related task?
- A. Lifecycle management of IAM credentials
- B. Physical security of global infrastructure
- C. Encryption of Amazon EBS volumes
- D. Firewall configuration

Correct Answer: B

50. Which AWS service enables users to consolidate billing across multiple
accounts?
- A. Amazon QuickSight
- B. AWS Organizations
- C. AWS Budgets
- D. Amazon Forecast

Correct Answer: B

51. How do customers benefit from Amazon's massive economies of scale?

- A. Periodic price reductions as the result of Amazon's operational
efficiencies
- B. New Amazon EC2 instance types providing the latest hardware
- C. The ability to scale up and down when needed
- D. Increased reliability in the underlying hardware of Amazon EC2 instances

Correct Answer: A

52. Which AWS services can be used to gather information about AWS account
activity? (Select TWO.)
- A. Amazon CloudFront
- B. AWS Cloud9
- C. AWS CloudTrail
- D. AWS CloudHSM
- E. Amazon CloudWatch

Correct Answer: CE

53. Which of the following common IT tasks can AWS cover to free up company IT
resources? (Select TWO.)
- A. Patching databases software
- B. Testing application releases
 - C. Backing up databases
- D. Creating database schema
- E. Running penetration tests

Correct Answer: AC

54. In which scenario should Amazon EC2 Spot Instances be used?

- A. A company wants to move its main website to AWS from an on-premises web
server.
- B. A company has a number of application services whose Service Level
Agreement (SLA) requires 99.999% uptime.
- C. A company's heavily used legacy database is currently running on-premises.
- D. A company has a number of infrequent, interruptible jobs that are
currently using On-Demand Instances.

Correct Answer: D

55. Which AWS feature should a customer leverage to achieve high availability of an
application?
- A. AWS Direct Connect
- B. Availability Zones
- C. Data centers
- D. Amazon Virtual Private Cloud (Amazon VPC)

Correct Answer: B

56. Which is the minimum AWS Support plan that includes Infrastructure Event
Management without additional costs?
- A. Enterprise
- B. Business
- C. Developer
- D. Basic

Correct Answer: B

57. Which AWS service can serve a static website?

- A. Amazon S3
- B. Amazon Route 53
- C. Amazon QuickSight
- D. AWS X-Ray

Correct Answer: A

58. How does AWS shorten the time to provision IT resources?

- A. It supplies an online IT ticketing platform for resource requests.
- B. It supports automatic code validation services.
- C. It provides the ability to programmatically provision existing resources.
- D. It automates the resource request process from a company's IT vendor list.
 Correct Answer: C

59. What can AWS edge locations be used for? (Select TWO.)
- A. Hosting applications
- B. Delivering content closer to users
- C. Running NoSQL database caching services
- D. Reducing traffic on the server by caching responses
- E. Sending notification messages to end users

Correct Answer: BD

60. Which of the following can limit Amazon Simple Storage Service (Amazon S3)
bucket access to specific users?
- A. A public and private key-pair
- B. Amazon Inspector
- C. AWS Identity and Access Management (IAM) policies
- D. Security Groups

Correct Answer: C

61. A solution that is able to support growth in users, traffic, or data size with
no drop in performance aligns with which cloud architecture principle?
- A. Think parallel
- B. Implement elasticity
- C. Decouple your components
- D. Design for failure

Correct Answer: B

62. Which of the following tasks is the responsibility of AWS?

- A. Encrypting client-side data
- B. Configuring AWS Identity and Access Management (IAM) roles
- C. Securing the Amazon EC2 hypervisor
- D. Setting user password policies

Correct Answer: C

63. One benefit of On-Demand Amazon Elastic Compute Cloud (Amazon EC2) pricing is:
- A. the ability to bid for a lower hourly cost.
- B. paying a daily rate regardless of time used.
- C. paying only for time used.
- D. pre-paying for instances and paying a lower hourly rate.

Correct Answer: C

64. An administrator needs to rapidly deploy a popular IT solution and start using
it immediately. <br/> Where can the administrator find assistance?
 - A. AWS Well-Architected Framework documentation
- B. Amazon CloudFront
- C. AWS CodeCommit
- D. AWS Quick Start reference deployments

Correct Answer: D

65. Which of the following services is in the category of AWS serverless platform?
- A. Amazon EMR
- B. Elastic Load Balancing
- C. AWS Lambda
- D. AWS Mobile Hub

Correct Answer: C