AWS Cloud PractitionerVersion en ligne Infrastructure, security and compliance par Oscar 1 What is cloud computing? a Backing up files that are stored on desktop and mobile devices to prevent data loss. b Deploying applications that are connected to an on-premises infrastructure. c Using on-demand delivery of IT resources and applications through the internet. d Running code without needing to manage or provision servers. 2 What is another name for on-premises deployment? a Cloud-based application b Hybrid deployment c Private cloud deployment d AWS Cloud 3 How does the scale of cloud computing help to save costs? a Practitioners do not have to invest in technology resources before using them. b The aggregated cloud usage from a large number of customers results in lower pay-as-you-go prices. c Accessing services on-demand helps prevent excess or limited capacity. d Practitioners can quickly deploy applications to customers and provide low latency. 4 Which of the following is TRUE for the AWS Global Infrastructure? a An Availability Zone consists of a single Region. b An Availability Zone consists of two or more Regions. c A Region consists of a single Availability Zone. d A Region consists of three or more Availability Zones. 5 Which factors should be considered when selecting a Region? (Select TWO.) Choose one or more answers a Compliance with data governance and legal requirements b Proximity to your customers c Access to 24/7 technical support d Ability to assign custom permissions to different users e Access to the AWS Command Line Interface (AWS CLI) 6 Which statement best describes Amazon CloudFront? a A service that can be used to run infrastructure in a hybrid cloud approach b A serverless compute engine for containers c A service that can be used to send and receive messages between software components through a queue d A global content delivery service 7 Which site does Amazon CloudFront use to cache copies of content for faster delivery to users at any location? a Edge location b Region c Availability Zone d Origin 8 Which action can a cloud practitioner perform with AWS Outposts? a Automate actions for AWS services and applications through scripts. b Access wizards and automated workflows to perform tasks in AWS services. c Extend AWS infrastructure and services to different locations including an on-premises data center. d Develop AWS applications in supported programming languages. 9 A practitioner is configuring service control policies (SCPs) in AWS Organizations. Which identities and resources can SCPs be applied to? (Select TWO.) Choose one or more answers a AWS Identity and Access Management (IAM) users b AWS Identity and Access Management (IAM) groups c An individual member account d AWS Identity and Access Management (IAM) roles e An organizational unit (OU) 10 Which tasks can be completed in AWS Artifact? (Select TWO.) Choose one or more answers a Access AWS compliance reports on-demand. b Consolidate and manage multiple AWS accounts within a central location. c Create users to allow people and applications to interact with AWS services and resources. d Set permissions for accounts by configuring service control policies (SCPs). e Review, accept, and manage agreements with AWS. 11 Which option describes an AWS Identity and Access Management (IAM) policy? a An authentication process that provides an extra layer of protection for an AWS account b A document that grants or denies permissions to AWS services and resources c An identity that a user can assume to gain temporary access to permissions d The identity that is established when a user first creates an AWS account 12 An employee requires temporary access to create several Amazon S3 buckets. Which option should be used for this task? a AWS account root user b AWS Identity and Access Management (IAM) group c AWS Identity and Access Management (IAM) role d Service control policy (SCP) 13 Which of the following descriptions best describes the concept of least privilege? a Adding an AWS Identity and Access Management (IAM) user into at least one IAM group b Granting only the permissions that are needed to perform specific job tasks c Checking a packet’s permissions against an access control list d Performing a denial of service attack that originates from at least one device 14 Which service helps protect your applications against distributed denial of service (DDoS) attacks? a Amazon GuardDuty b Amazon Inspector c AWS Artifact d AWS Shield 15 Which task can AWS Key Management Service (AWS KMS) perform? a Configure multi-factor authentication (MFA) b Update the AWS account root user password c Create cryptographic keys d Assign permissions to users and groups 16 Which item is the best example of one responsibility of an AWS architect? a Monitor alarms for disaster response. b Maintain application-level code in the AWS Cloud. c Manage access to a group of AWS accounts. d Analyze solutions for business needs and requirements. 17 Which item is a cluster of data centers within a geographic location with low latency network connectivity? a Availability Zone b Region c Edge location d Outposts 18 Which factors must be considered when picking an AWS Region? (Select TWO.) Choose one or more answers a Local data regulations b Operating system requirements c Latency to end users d Support for hybrid networking e Programming language of the application 19 What is the primary benefit of deploying applications into multiple Availability Zones? a Stronger security policies for resources b Decreased latency to resources c High availability for resources d There is no benefit to this design 20 Which AWS Well-Architected Framework pillar contains the principle of least privilege? a Operational excellence b Security c Reliability d Performance efficiency 21 Which option can be attached to a user, group, or role? a Resource-based policies b AWS Security Token Service (AWS STS) c Security groups d Identity-based policies 22 Which option sets permissions on a specific resource and requires a principal to be listed in the policy? a Identity-based policies b Service control policies (SCPs) c Resource-based policies d Permissions boundaries 23 Which options are elements of an IAM user’s long-term programmatic access? (Select TWO.) Choose one or more answers a Username b Access key ID c Password d Secret access key e Multi-factor authentication (MFA) token 24 True or False: The root user should be used for daily administration of an AWS account. a True b False 25 Which option can only be managed with AWS Organizations? a Service control policies (SCPs) b Resource-based policies c Permissions boundaries d Identity-based policies
Créer jeu