AWS-Certified-Cloud-Practitioner Free Practice Test

- (Topic 1)
A company is using AWS Lambda functions to build an application.
Which tasks are the company's responsibility, according to the AWS shared responsibility model? (Select TWO.)

1. A. Patch the servers where the Lambda functions are deployed.
2. B. Establish the IAM permissions that define who can run the Lambda functions.
3. C. Write the code for the Lambda functions to define the application logic.
4. D. Deploy Amazon EC2 instances to support the Lambda functions.
5. E. Scale out the Lambda functions when the load increases.

Correct Answer: BC
According to the AWS shared responsibility model, AWS is responsible for the security of the cloud, while the user is responsible for the security in the cloud. This means that AWS manages the security and maintenance of the underlying infrastructure, such as the servers, networks, and operating systems, while the user manages the security and configuration of the resources and applications that run on AWS. For AWS Lambda functions, the tasks that are the user’s responsibility are:
✑ Establish the IAM permissions that define who can run the Lambda functions. IAM is a service that enables users to manage access and permissions for AWS resources and users. Users can create IAM policies, roles, and users to grant or deny permissions to run Lambda functions, invoke other AWS services, or access AWS resources from Lambda functions. [AWS Lambda Permissions] AWS Certified Cloud Practitioner - aws.amazon.com
✑ Write the code for the Lambda functions to define the application logic. Lambda functions are units of code that can be written in any supported programming language, such as Python, Node.js, Java, or Go. Users can write the code for the Lambda functions using the AWS Management Console, the AWS Command Line Interface (AWS CLI), the AWS SDKs, or any code editor of their choice. Users can also use AWS Lambda Layers to share and manage common code and dependencies across multiple functions. [AWS Lambda Overview] AWS Certified Cloud Practitioner - aws.amazon.com

- (Topic 1)
Who enables encryption of data at rest for Amazon Elastic Block Store (Amazon EBS)?

1. A. AWS Support
2. B. AWS customers
3. C. AWS Key Management Service (AWS KMS)
4. D. AWS Trusted Advisor

Correct Answer: B
AWS customers are responsible for enabling encryption of data at rest for Amazon Elastic Block Store (Amazon EBS). Amazon EBS encryption offers a simple encryption solution for your EBS volumes that does not require you to build, maintain, and secure your own key management infrastructure. You can encrypt both the boot and data volumes of your EC2 instances. You can use AWS Key Management Service (AWS KMS) customer master keys (CMKs) or your own CMKs to encrypt your volumes2.

- (Topic 2)
Which AWS services can a company use to host and run a MySQL database? (Select TWO.)

1. A. Amazon RDS
2. B. Amazon DynamoDB
3. C. Amazon S3
4. D. Amazon EC2
5. E. Amazon MQ

Correct Answer: AD
Amazon RDS and Amazon EC2 are two AWS services that you can use to host and run a MySQL database. Amazon RDS is a service that makes it easy to set up, operate, and scale a relational database in the cloud. You can use Amazon RDS to launch a MySQL database instance and let Amazon RDS manage common database tasks such as backups, patching, scaling, and replication6. Amazon EC2 is a service that provides secure, resizable compute capacity in the cloud. You can use Amazon EC2 to launch a virtual server and install MySQL software on it. You have complete control over your database configuration, but you are responsible for managing and maintaining the
database software and the underlying infrastructure7. Amazon DynamoDB is a key-value and document database that delivers single-digit millisecond performance at any scale. Amazon S3 is an object storage service that offers industry-leading scalability, data availability, security, and performance. Amazon MQ is a managed message broker service for Apache ActiveMQ. None of these services can help you host and run a MySQL database.

- (Topic 3)
A company encourages its teams to test failure scenarios regularly and to validate their understanding of the impact of potential failures.
Which pillar of the AWS Well-Architected Framework does this philosophy represent?

1. A. Operational excellence
2. B. Cost optimization
3. C. Performance efficiency
4. D. Security

Correct Answer: A
This is the pillar of the AWS Well-Architected Framework that represents the philosophy of testing failure scenarios regularly and validating the understanding of the impact of potential failures. The operational excellence pillar covers the best practices for designing, running, monitoring, and improving systems in the AWS Cloud. Testing failure scenarios is one of the ways to improve the system’s resilience, reliability, and recovery. You can learn more about the operational excellence pillar from this whitepaper or this digital course.

- (Topic 1)
Which task is the responsibility of a company that is using Amazon RDS?

1. A. Provision the underlying infrastructure.
2. B. Create IAM policies to control administrative access to the service.
3. C. Install the cables to connect the hardware for compute and storage.
4. D. Install and patch the RDS operating system.

Correct Answer: B
The correct answer is B because AWS IAM policies can be used to control administrative access to the Amazon RDS service. The other options are incorrect because they are the responsibilities of AWS, not the company that is using Amazon RDS. AWS manages the provisioning, cabling, installation, and patching of the underlying infrastructure for Amazon RDS. Reference: Amazon RDS FAQs