- (Topic 3)
Which of the following is an AWS Well-Architected Framework design principle for operational excellence in the AWS Cloud?
Correct Answer:
B
Making frequent, small, reversible changes is one of the design principles for operational excellence in the AWS Cloud, as defined by the AWS Well-Architected Framework. This principle means that you should design your workloads to allow for rapid and safe changes, such as deploying updates, rolling back failures, and experimenting with new features. By making small and reversible changes, you can reduce the risk of errors,
minimize the impact of failures, and increase the speed of recovery2. References: 2: AWS Documentation - AWS Well-Architected Framework - Operational Excellence Pillar
- (Topic 3)
A company uses AWS for its web application. The company wants to minimize latency and perform compute operations for the application as close to end users as possible.
Which AWS service or infrastructure component will provide this functionality?
Correct Answer:
C
Edge locations are sites that Amazon CloudFront uses to cache copies of your content for faster delivery to users at any location. You can use Amazon CloudFront to deliver your entire website, including dynamic, static, streaming, and interactive content using a global network of edge locations. Requests for your content are automatically routed to the nearest edge location, so content is delivered with the best possible performance3. Edge locations can also host AWS Lambda functions to perform compute operations for your web application as close to end users as possible4.
- (Topic 3)
Which AWS services or features can a company use to connect the network of its on- premises data center to AWS? (Select TWO.)
Correct Answer:
AD
AWS VPN and AWS Direct Connect are two services that enable customers to connect their on-premises data center network to the AWS Cloud. AWS VPN establishes a secure and encrypted connection over the public internet, while AWS Direct Connect establishes a dedicated and private connection through a partner network. You can learn more about AWS VPN from [this webpage] or [this digital course]. You can learn more about AWS Direct Connect from [this webpage] or [this digital course].
- (Topic 3)
A company wants to migrate to AWS and use the same security software it uses on premises. The security software vendor offers its security software as a service on AWS.
Where can the company purchase the security solution?
Correct Answer:
D
AWS Marketplace is an online store that helps customers find, buy, and immediately start using the software and services that run on AWS. Customers can choose from a wide range of software products in popular categories such as security, networking, storage, machine learning, business intelligence, database, and DevOps. Customers can also use AWS Marketplace to purchase software as a service (SaaS) solutions that are integrated with AWS. Customers can benefit from simplified procurement, billing, and deployment processes, as well as flexible pricing options and free trials. Customers can also leverage AWS Marketplace to discover and subscribe to solutions offered by AWS Partners, such as the security software vendor mentioned in the question. References: AWS Marketplace, [AWS Marketplace: Software as a Service (SaaS)], [AWS Cloud Practitioner Essentials: Module 6 - AWS Pricing, Billing, and Support]
- (Topic 3)
Which AWS service or feature can the company use to limit the access to AWS services for member accounts?
Correct Answer:
B
Service control policies (SCPs) are a type of organization policy that you can use to manage permissions in your organization. SCPs offer central control over the maximum available permissions for all accounts in your organization, allowing you to ensure your accounts stay within your organization’s access control guidelines2. SCPs are available only in an organization that has all features enabled2.
