Q:A company wants to implement a solution to monitor and audit configuration changes across their AWS accounts. They need historical data and the ability to assess compliance over time. Which AWS service should they use?
Ans:AWS Config
Q:An application running on EC2 instances needs to access secrets stored in AWS Secrets Manager. The company wants to ensure that only specific EC2 instances can access these secrets. How can they achieve this?
Ans:Use IAM roles with instance profiles and resource-based policies on the secrets
Q:A company wants to implement a solution to detect and prevent insider threats in their AWS environment. They need to monitor user activities and receive alerts on suspicious behavior. Which AWS service should they primarily use?
Ans:Amazon Detective
Q:An organization needs to implement a solution to securely store and use SSL/TLS certificates for their applications running on AWS. They want automatic renewal of certificates to avoid expiration. Which AWS service should they use?
Ans:AWS Certificate Manager (ACM)
Q:A company wants to implement a solution to monitor and alert on any changes to their IAM policies and roles. They need real-time notifications for any modifications. Which combination of AWS services should they use?
Ans:AWS CloudTrail with Amazon EventBridge and Amazon SNS
Q:An application needs to make API calls to AWS services, but the company wants to avoid hardcoding AWS credentials in the application code. What's the most secure way to handle this?
Ans:Use IAM roles for EC2 instances or other AWS services
Q:A company wants to ensure that all their AWS resources are tagged properly for better resource management and security. They need to enforce tagging policies across their organization. Which AWS service should they use?
Ans:AWS Config with tag policies
Q:An organization needs to implement a solution to securely access their on-premises resources from their VPC in AWS. They want a managed service that provides private connectivity. Which AWS service should they use?
Ans:AWS Direct Connect
Q:A company stores sensitive data in Amazon DynamoDB tables. They want to ensure that all data is encrypted and that they have full control over the encryption keys. What combination of AWS services and features should they use?
Ans:Use DynamoDB encryption at rest with AWS KMS customer managed keys (CMKs)
Q:An organization wants to implement a solution to detect and prevent unauthorized API calls in their AWS environment. They need real-time monitoring and the ability to automatically revoke temporary security credentials if suspicious activity is detected. Which AWS feature should they use?
Ans:AWS CloudTrail with Amazon EventBridge and custom Lambda functions
Q:A company needs to implement a solution to protect their web applications from DDoS attacks. They want a managed service that can automatically scale to handle large-scale attacks. Which AWS service should they use?
Ans:AWS Shield Advanced
Q:An organization wants to implement a solution to continuously monitor their AWS environment for security best practices and industry standards compliance. They need automated reporting and the ability to track compliance over time. Which AWS service should they use?
Ans:AWS Security Hub
Q:A company runs a multi-tier application in AWS and wants to implement network segmentation to improve security. They need to control traffic between different tiers of the application. What AWS feature should they primarily use?
Ans:Security Groups
Q:An organization needs to ensure that all data stored in their Amazon S3 buckets is encrypted. They want to enforce this requirement across all their AWS accounts. What combination of AWS services and features should they use?
Ans:Use AWS Organizations with Service Control Policies (SCPs) and S3 bucket policies
Q:A company wants to implement a solution to detect and prevent data exfiltration attempts from their AWS environment. They need real-time monitoring and the ability to automatically block suspicious activities. Which AWS service should they use?
Ans:Amazon GuardDuty with AWS Lambda for automated responses
Q:An application needs to access an Amazon S3 bucket, but the company wants to ensure that all requests to the bucket come from within their VPC. How can they achieve this?
Ans:Use a VPC Endpoint for S3 and bucket policies to restrict access to the VPC endpoint
Q:A company wants to implement a bastion host to allow secure SSH access to EC2 instances in private subnets. They need to ensure that the bastion host itself is highly available and secure. What architecture should they implement?
Ans:Deploy bastion hosts in multiple Availability Zones behind an Application Load Balancer with security groups restricting SSH access
Q:An organization needs to securely store and manage database credentials, API keys, and other secrets for their applications running on AWS. They want a centralized solution that supports automatic rotation of secrets. Which AWS service should they use?
Ans:AWS Secrets Manager
Q:A company stores sensitive documents in Amazon S3 buckets. They want to ensure that the documents are encrypted with customer-provided keys before they are uploaded to S3. What encryption method should they use?
Ans:Client-Side Encryption
Q:An organization wants to implement a Web Application Firewall (WAF) to protect their web applications from common web exploits. They need the solution to be scalable and easy to manage across multiple applications. What AWS service should they use?
Ans:AWS WAF integrated with Amazon CloudFront
Q:A financial services company needs to ensure that their AWS resources comply with specific industry regulations. They want to automatically detect and remediate any non-compliant resources. Which AWS service should they use?
Ans:AWS Config with custom rules and auto remediation
Q:An e-commerce application stores credit card information in an Amazon RDS MySQL database. The company wants to ensure this sensitive data is protected both at rest and in transit. What combination of AWS services and features should they implement?
Ans:Use RDS encryption with AWS KMS for at-rest encryption, and SSL/TLS for in-transit encryption
Q:A company needs to encrypt sensitive data at rest in their Amazon S3 buckets. They want to have full control over the encryption keys and be able to audit their usage. Which encryption method should they choose?
Ans:Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS)
Q:An organization wants to implement a centralized logging solution for their multi-account AWS environment. They need to ensure that logs from all accounts are securely collected and cannot be tampered with. Which AWS service should they use to achieve this?
Ans:AWS CloudTrail with organization trail and log file integrity validation
Q:A company runs a public-facing three-tier web application in a VPC across multiple Availability Zones. Amazon EC2 instances for the application tier running in private subnets need to download software patches from the internet. However, the EC2 instances cannot be directly accessible from the internet. Which actions should be taken to allow the EC2 instances to download the needed patches?
Ans:Configure a NAT gateway in a public subnet and adjust route tables for private subnets to route internet-bound traffic through the NAT gateway.
Q:A company runs a critical application that requires microsecond latency for data processing. They want to ensure high availability and fault tolerance for this application. Which EC2 instance placement strategy should they use?
Ans:Use EC2 Cluster Placement Groups across multiple Availability Zones
Q:An e-commerce application experiences sudden traffic spikes during flash sales. The company wants to implement a caching solution to reduce the load on their backend systems. Which AWS service should they use?
Ans:Amazon ElastiCache
Q:A company wants to design a resilient architecture for their application that uses Amazon RDS. They need to ensure minimal downtime during maintenance windows or in case of a failure. What RDS feature should they implement?
Ans:Use RDS Multi-AZ deployment
Q:An organization needs to implement a solution for their stateful application that requires session persistence. Which feature of Elastic Load Balancing should they use?
Ans:Enable sticky sessions (session affinity) on the Application Load Balancer
Q:A company wants to implement a solution that automatically detects and replaces unhealthy EC2 instances in their application tier. Which AWS feature should they use?
Ans:Use an Auto Scaling group with Elastic Load Balancing health checks
Q:An application uses AWS Lambda for processing. The company wants to ensure that the Lambda function can access resources in a VPC securely. What should they configure?
Ans:Configure the Lambda function to run in a VPC
Q:A company's application relies on several microservices deployed as containers. They want to ensure high availability and efficient resource utilization. Which AWS service should they use to manage these containers?
Ans:Amazon ECS with Fargate
Q:An organization wants to design a multi-region active-active architecture for their application to provide low-latency access to users worldwide and ensure business continuity in case of a regional outage. Which AWS services should they primarily use?
Ans:Use Route 53 with latency-based routing, and DynamoDB Global Tables
Q:A company wants to implement a solution that automatically recovers their EC2 instances in case of system or hardware failures. Which EC2 feature should they use?
Ans:EC2 Auto Recovery
Q:An application uses Amazon Aurora as its database. The company wants to ensure that the database can handle read-heavy workloads efficiently. What feature should they implement?
Ans:Aurora Read Replicas with Reader Endpoint
Q:A company wants to implement a backup solution for their EC2 instances that allows for consistent, point-in-time backups and easy recovery. Which AWS service should they use?
Ans:AWS Backup
Q:An e-commerce application needs to decouple its order processing system from the inventory management system to improve scalability and fault tolerance. Which AWS service should they use?
Ans:Amazon SQS (Simple Queue Service)
Q:A company runs a batch processing application that needs to handle a varying number of jobs. They want to optimize cost while ensuring all jobs are processed in a timely manner. Which AWS service should they use?
Ans:AWS Batch
Q:An organization wants to implement a content delivery solution that provides low latency and high transfer speeds to users across the globe. Which AWS service should they use?
Ans:Amazon CloudFront
Q:A company's application experiences performance issues during peak hours due to high read traffic on their RDS MySQL instance. How can they improve the application's resilience to handle these traffic spikes?
Ans:Create RDS Read Replicas and use Amazon ElastiCache
Q:An application uses Amazon DynamoDB for its database. The company wants to ensure that they can recover the database to any point in time within the last 35 days. What feature should they enable?
Ans:Enable DynamoDB Point-in-Time Recovery
Q:A company wants to implement a disaster recovery strategy for their critical applications. They need to have a secondary environment that can be quickly promoted to production in case of a disaster. Which AWS service should they primarily use?
Ans:AWS CloudFormation
Q:An application uses Amazon RDS for its database tier. The development team needs a copy of the production database for testing purposes without impacting the production environment. What feature should they use?
Ans:Create an RDS Read Replica and promote it to a standalone database instance.
Q:A company's application relies heavily on a single EC2 instance for a critical component. How can they improve the resilience of this part of their architecture?
Ans:Implement an Auto Scaling group with a minimum and maximum of 2 instances across different Availability Zones.
Q:An organization wants to design a highly available and fault-tolerant architecture for their stateless web application. Which combination of AWS services should they use?
Ans:Use Elastic Load Balancing, EC2 Auto Scaling groups, and deploy across multiple Availability Zones.
Q:A company's application uses Amazon S3 for storing user-uploaded files. They want to protect against accidental deletions and ensure quick recovery of deleted files. What S3 feature should they enable?
Ans:Enable S3 Versioning
Q:An application stores critical data in an Amazon RDS MySQL instance. The company needs to ensure minimal data loss and quick recovery in case of a disaster. What should they implement?
Ans:Configure Multi-AZ deployment for the RDS instance and enable automated backups.
Q:A company's web application runs on EC2 instances behind an Application Load Balancer. They want to ensure high availability and fault tolerance. What AWS features should they implement?
Ans:Use Auto Scaling groups across multiple Availability Zones.
Q:An e-commerce application experiences high traffic during flash sales, causing the database to become a bottleneck. How can the application be redesigned to handle these traffic spikes more effectively?
Ans:Implement Amazon ElastiCache in front of the database and use Amazon DynamoDB for session management.
Q:A company runs a public-facing three-tier web application in a VPC across multiple Availability Zones. Amazon EC2 instances for the application tier running in private subnets need to download software patches from the internet. However, the EC2 instances cannot be directly accessible from the internet. Which actions should be taken to allow the EC2 instances to download the needed patches?
Ans:Configure a NAT gateway in a public subnet and adjust route tables for private subnets to route internet-bound traffic through the NAT gateway.
Q:An application requires high-performance NoSQL database with support for documents, key-value, and graph models. Which AWS database service should be used?
Ans:Amazon Neptune
Q:A company wants to improve the performance of their serverless applications. Which AWS service should they use for HTTP APIs?
Ans:Amazon API Gateway with HTTP APIs
Q:An e-commerce application needs to implement a high-performance search functionality. Which AWS service should be used?
Ans:Amazon Elasticsearch Service (now called Amazon OpenSearch Service)
Q:A company's application involves processing and analyzing time-series data. Which AWS database service should they use for optimal performance?
Ans:Amazon Timestream
Q:An application requires high-performance computing capabilities for running simulations. Which EC2 instance type should be used?
Ans:Use P3 instances
Q:A company wants to optimize the cost and performance of their data warehouse queries. Which feature of Amazon Redshift should they use?
Ans:Redshift Query Optimizer
Q:An application needs to perform complex, multi-step workflows with high throughput. Which AWS service should be used to orchestrate these workflows?
Ans:AWS Step Functions
Q:A company's machine learning training jobs are taking too long to complete. Which AWS service should they use to improve performance?
Ans:Amazon SageMaker with distributed training
Q:An application requires high-performance block storage with sub-millisecond latency. Which AWS storage service should be used?
Ans:Amazon EBS with io2 Block Express volumes
Q:A company wants to improve the performance of their GraphQL API. Which AWS service should they use?
Ans:AWS AppSync
Q:An application needs to perform real-time processing of streaming data. Which AWS service should be used for optimal performance?
Ans:Amazon Kinesis Data Streams with enhanced fan-out
Q:A company's web application experiences high latency for users in certain geographic regions. How can they improve performance for these users?
Ans:Use Amazon CloudFront with regional edge caches
Q:An application requires low-latency access to frequently changing data across multiple regions. Which AWS database service should be used?
Ans:Amazon DynamoDB with Global Tables
Q:A company wants to improve the performance of their containerized applications. Which AWS container orchestration service should they use?
Ans:Amazon ECS with AWS Fargate
Q:An application needs to handle sudden spikes in traffic without performance degradation. Which AWS service should be used to automatically adjust capacity?
Ans:AWS Auto Scaling
Q:A company's data analytics application needs to perform complex queries on large datasets. Which AWS service should they use for optimal query performance?
Ans:Amazon Redshift
Q:An application needs to process messages from multiple sources and requires guaranteed ordering of messages. Which AWS service should be used?
Ans:Amazon SQS FIFO (First-In-First-Out) queues
Q:A company's application uses Amazon DynamoDB and needs to support a high number of read operations per second. How can they optimize the database for this workload?
Ans:Use DynamoDB Accelerator (DAX)
Q:An organization needs to implement a high-performance storage solution for their big data analytics workload. Which AWS service should they use?
Ans:Amazon FSx for Lustre
Q:A company's application involves complex calculations that are CPU-intensive. Which EC2 instance family should they choose for optimal performance?
Ans:Use C5 instances
Q:An application processes large datasets stored in Amazon S3. The processing jobs are taking too long to complete. Which service should be used to improve performance?
Ans:Use Amazon Athena for querying data directly in S3
Q:A company's web application uses Amazon RDS MySQL as its database. During peak times, the database becomes a bottleneck. How can they improve the database performance?
Ans:Use RDS Read Replicas and implement connection pooling at the application level
Q:A data processing application needs to handle large volumes of data with low-latency access. Which AWS storage service should be used for optimal performance?
Ans:Amazon EBS with Provisioned IOPS (io1 or io2) volumes
Q:An e-commerce application experiences slow response times during peak hours due to high read traffic on the product catalog. How can the architecture be optimized to improve performance?
Ans:Implement Amazon ElastiCache in front of the database and use Amazon CloudFront to cache static content.
Q:A company runs a public-facing three-tier web application in a VPC across multiple Availability Zones. Amazon EC2 instances for the application tier running in private subnets need to download software patches from the internet. However, the EC2 instances cannot be directly accessible from the internet. Which actions should be taken to allow the EC2 instances to download the needed patches?
Ans:Configure a NAT gateway in a public subnet and adjust route tables for private subnets to route internet-bound traffic through the NAT gateway.
Q:An application uses AWS Step Functions to orchestrate serverless workflows. The company wants to reduce the cost of these workflows. What should they consider?
Ans:Use Express Workflows for short-lived, high-volume orchestration
Q:A company wants to optimize the cost of their data storage on S3 while ensuring frequently accessed data remains quickly available. Which S3 feature should they use?
Ans:Use S3 Intelligent-Tiering with Archive Access tiers
Q:An application uses Amazon ECS for container orchestration. The company wants to optimize the cost of running their containers. What ECS feature should they consider using?
Ans:Use ECS Capacity Providers with Fargate Spot
Q:A company has a large number of IAM users and roles, some of which are no longer needed. How can they identify and remove these to optimize costs?
Ans:Use AWS IAM Access Analyzer
Q:An application uses AWS Lambda for image processing. The company wants to reduce the cost of these operations. What should they consider?
Ans:Optimize Lambda function code and use Amazon Elastic File System (EFS) for shared resources
Q:A company wants to optimize their data transfer costs between AWS services in different regions. What should they consider using?
Ans:Use AWS Global Accelerator
Q:An application uses a large number of small files stored in Amazon S3. The company wants to reduce their S3 request costs. What S3 feature can help with this?
Ans:Use S3 Multipart Upload to combine small files
Q:A company has a data warehousing solution using Amazon Redshift. They want to optimize costs without impacting performance. What Redshift feature should they consider using?
Ans:Use Redshift Concurrency Scaling
Q:An application uses Amazon ElastiCache for Redis to improve database performance. The company wants to optimize the costs of this caching layer. What feature should they use?
Ans:Use ElastiCache Reserved Nodes
Q:A company wants to optimize the cost of their EC2 instances while still maintaining the ability to handle their baseline load. Which EC2 purchasing option should they consider?
Ans:Use a mix of Reserved Instances and On-Demand Instances
Q:An application uses Amazon RDS Multi-AZ deployment for high availability. However, the company wants to reduce costs for their non-production environments. What change can they make?
Ans:Use Single-AZ deployments for non-production environments
Q:A company has a large number of EBS volumes, many of which are underutilized. How can they identify and optimize the costs associated with these volumes?
Ans:Use AWS Trusted Advisor and act on its recommendations
Q:An application uses Lambda functions for various tasks. Some functions are taking longer than necessary to execute, increasing costs. How can the company optimize their Lambda costs?
Ans:Optimize Lambda function code and adjust memory settings
Q:A company wants to reduce the cost of their development and testing environments. These environments don't need to run 24/7. What AWS feature can help them automatically shut down and start up these resources on a schedule?
Ans:Use AWS Instance Scheduler
Q:An application generates reports that are accessed frequently for the first week, occasionally for the next month, and rarely after that. How can the company optimize their S3 storage costs for these reports?
Ans:Use S3 Lifecycle policies to transition objects between storage classes
Q:A company needs to transfer large amounts of data from their on-premises data center to Amazon S3. Which service should they use to optimize data transfer costs?
Ans:AWS Snowball
Q:An application uses Amazon DynamoDB for its database needs. The read and write traffic is highly variable and unpredictable. How can the company optimize their DynamoDB costs?
Ans:Use DynamoDB On-Demand capacity mode
Q:A company has a large number of EC2 instances and wants to optimize their costs. Which AWS feature should they use to get recommendations on potential savings?
Ans:AWS Cost Explorer's EC2 Resource Optimization Recommendations
Q:An application uses EC2 instances to run stateless web services. The company wants to reduce costs without sacrificing availability. What AWS service should they consider using instead?
Ans:AWS Fargate
Q:A company stores large amounts of log data that needs to be kept for compliance reasons but is rarely accessed. Which S3 storage class should they use to minimize costs?
Ans:Use S3 Glacier Deep Archive
Q:An application uses Amazon RDS MySQL for its database. The database is heavily used during business hours but sits idle at night and on weekends. How can the company optimize database costs?
Ans:Use Amazon RDS Scheduler to stop the database during idle hours
Q:A company runs a batch processing job every night that takes about 4 hours to complete. They currently use On-Demand EC2 instances for this job. How can they reduce the cost of running these batch jobs?
Ans:Use EC2 Spot Instances for the batch processing job
Q:An application stores infrequently accessed data in Amazon S3. The data is rarely retrieved but must be available within minutes when needed. How can the company reduce storage costs while maintaining the required availability?
Ans:Use S3 Intelligent-Tiering storage class
Q:A company has a web application with varying traffic patterns throughout the day. During peak hours, they need 10 EC2 instances, but during off-peak hours, they only need 2. How can they optimize their EC2 costs?
Ans:Use EC2 Auto Scaling with scheduled actions
Q:A company runs a public-facing three-tier web application in a VPC across multiple Availability Zones. Amazon EC2 instances for the application tier running in private subnets need to download software patches from the internet. However, the EC2 instances cannot be directly accessible from the internet. Which actions should be taken to allow the EC2 instances to download the needed patches?
Ans:Configure a NAT gateway in a public subnet and adjust route tables for private subnets to route internet-bound traffic through the NAT gateway.
Confused about our certifications?
Let Our Advisor Guide You
