AWS-Certified-Cloud-Practitioner Free Practice Test

- (Topic 3)
A company wants to monitor for misconfigured security groups that are allowing unrestricted access to specific ports.
Which AWS service will meet this requirement?

1. A. AWS Trusted Advisor
2. B. Amazon CloudWatch
3. C. Amazon GuardDuty
4. D. AWS Health Dashboard

Correct Answer: A
AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices, including security and performance. It can help you monitor for misconfigured security groups that are allowing unrestricted access to specific ports. Amazon CloudWatch is a service that monitors your AWS resources and the applications you run on AWS. Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior. AWS Health Dashboard provides relevant and timely information to help you manage events in progress, and provides proactive notification to help you plan for scheduled activities.

- (Topic 1)
A newly created IAM user has no IAM policy attached.
What will happen when the user logs in and attempts to view the AWS resources in the account?

1. A. All AWS services will be read-only access by default.
2. B. Access to all AWS resources will be denied.
3. C. Access to the AWS billing services will be allowed.
4. D. Access to AWS resources will be allowed through the AWS CLL

Correct Answer: B
Access to all AWS resources will be denied if a newly created IAM user has no IAM policy attached and logs in and attempts to view the AWS resources in the account.
IAM policies are the way to grant permissions to IAM users, groups, and roles to access and manage AWS resources. By default, IAM users have no permissions, unless they are explicitly granted by an IAM policy. Therefore, a newly created IAM user without any IAM policy attached will not be able to view or perform any actions on the AWS resources in the account. Access to the AWS billing services and AWS CLI will also be denied, unless the user has the necessary permissions.

- (Topic 1)
Which of the following are AWS Cloud design principles? (Select TWO.)

1. A. Pay for compute resources in advance.
2. B. Make data-driven decisions to determine cloud architectural design.
3. C. Emphasize manual processes to allow for changes.
4. D. Test systems at production scale.
5. E. Refine operational procedures infrequently.

Correct Answer: BD
The correct answers are B and D because making data-driven decisions to determine cloud architectural design and testing systems at production scale are AWS Cloud design principles. Making data-driven decisions to determine cloud architectural design means that users should collect and analyze data from their AWS resources and applications to optimize their performance, availability, security, and cost. Testing systems at production scale means that users should simulate real-world scenarios and load conditions to validate the functionality, reliability, and scalability of their systems. The other options are incorrect because they are not AWS Cloud design principles. Paying for compute resources in advance means that users have to invest heavily in data centers and servers before they know how they will use them. This is not a cloud design principle, but rather a traditional IT model. Emphasizing manual processes to allow for changes means that users have to rely on human intervention and coordination to perform operational tasks and updates. This is not a cloud design principle, but rather a source of inefficiency and error. Refining operational procedures infrequently means that users have to stick to the same methods and practices without adapting to the changing needs and feedback. This is not a cloud design principle, but rather a hindrance to innovation and improvement. Reference: AWS Well-Architected Framework

- (Topic 3)
A company has deployed an application in the AWS Cloud. The company wants to ensure that the application is highly resilient.
Which component of AWS infrastructure can the company use to meet this requirement?

1. A. Content delivery network (CDN)
2. B. Edge locations
3. C. Wavelength Zones
4. D. Availability Zones

Correct Answer: D
Availability Zones are components of AWS infrastructure that can help the company ensure that the application is highly resilient. Availability Zones are multiple, isolated locations within each AWS Region. Each Availability Zone has independent power, cooling, and physical security, and is connected to the other Availability Zones in the same Region via low-latency, high-throughput, and highly redundant networking. Availability Zones allow you to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center.

- (Topic 1)
A company wants to migrate its on-premises data warehouse to AWS. The information in the data warehouse is used to populate analytics dashboards.
Which AWS service should the company use for the data warehouse?

1. A. Amazon ElastiCache
2. B. Amazon Aurora
3. C. Amazon RDS
4. D. Amazon Redshift

Correct Answer: D
The AWS service that the company should use for the data warehouse is Amazon Redshift. Amazon Redshift is a fully managed, petabyte-scale data warehouse service that is optimized for analytical queries. It can integrate with various data sources and business intelligence tools to provide fast and cost-effective insights. Amazon Redshift also offers high availability, scalability, security, and compliance features. [Amazon Redshift Overview]