- (Topic 3)
A company is planning to migrate to the AWS Cloud. The company is conducting organizational transformation and wants to become more responsive to customer inquiries and feedback.
Which tasks should the company perform to meet these requirements, according to the AWS Cloud Adoption Framework (AWS CAF)? (Select TWO.)
Correct Answer:
AC
Realigning teams to focus on products and value streams, and using agile methods to rapidly iterate and evolve are tasks that the company should perform to meet the requirements of becoming more responsive to customer inquiries and feedback, according to the AWS Cloud Adoption Framework (AWS CAF). AWS CAF organizes guidance into six areas of focus, called perspectives: business, people, governance, platform, security, and operations. Each perspective is divided into capabilities, which describe the skills and processes to execute the transition effectively. The people perspective helps you prepare your organization for cloud adoption, and includes capabilities such as organizational change management, staff skills and readiness, and organizational alignment. The business perspective helps you align IT strategy with business strategy, and includes capabilities such as business case development, value proposition, and product ownership. Creating new value propositions with new products and services is a task that belongs to the business perspective, but it is not directly related to the requirement of becoming more responsive to customer inquiries and feedback. Using a new data and analytics platform to create actionable insights is a task that belongs to the platform perspective, which helps you design, implement, and optimize the architecture of the AWS environment. However, it is also not directly related to the requirement of becoming more responsive to customer inquiries and feedback. Migrating and modernizing legacy infrastructure is a task that belongs to the operations perspective, which helps you enable, run, use, operate, and recover IT workloads to the level agreed upon with your business stakeholders. However, it is also not directly related to the requirement of becoming more responsive to customer inquiries and feedback.
- (Topic 1)
A company plans to migrate to AWS and wants to create cost estimates for its AWS use cases.
Which AWS service or tool can the company use to meet these requirements?
Correct Answer:
A
AWS Pricing Calculator is a web-based planning tool that customers can use to create estimates for their AWS use cases. They can use it to model their solutions before building them, explore the AWS service price points, and review the calculations behind their estimates. Therefore, the correct answer is A. You can learn more about AWS Pricing Calculator and how it works from this page.
- (Topic 2)
Which credential allows programmatic access to AWS resources for use from the AWS CLI or the AWS API?
Correct Answer:
B
Access keys are long-term credentials that consist of an access key ID and a secret access key. You use access keys to sign programmatic requests that you make to AWS using the AWS CLI or AWS API1. User name and password are credentials that you use to sign in to the AWS Management Console or the AWS Management Console mobile app2. SSH public keys are credentials that you use to authenticate with EC2 instances that are launched from certain Linux AMIs3. AWS Key Management Service (AWS KMS) keys are customer master keys (CMKs) that you use to encrypt and decrypt your data and to control access to your data across AWS services and in your applications4.
- (Topic 1)
Which of the following acts as an instance-level firewall to control inbound and outbound access?
Correct Answer:
B
The correct answer is B because security groups are AWS features that act as instance-level firewalls to control inbound and outbound access. Security groups are virtual firewalls that can be attached to one or more Amazon EC2 instances. Users can configure rules for security groups to allow or deny traffic based on protocols, ports, and source or destination IP addresses. The other options are incorrect because they are not AWS features that act as instance-level firewalls to control inbound and outbound access. Network access control list is an AWS feature that acts as a subnet-level firewall to control inbound and outbound access. AWS Trusted Advisor is an AWS service that provides real- time guidance to help users follow AWS best practices for security, performance, cost optimization, and fault tolerance. Virtual private gateways are AWS features that enable users to create a secure and encrypted connection between their VPC and their on- premises network. Reference: Security Groups for Your VPC
- (Topic 3)
A company needs to securely store important credentials that an application uses to connect users to a database.
Which AWS service can meet this requirement with the MINIMAL amount of operational overhead?
Correct Answer:
C
AWS Secrets Manager is a service that helps you protect secrets needed to access your applications, services, and IT resources. You can use AWS Secrets Manager to store, rotate, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. AWS Secrets Manager eliminates the need to hardcode sensitive information in plain text, and reduces the risk of unauthorized access or leakage. AWS Secrets Manager also integrates with other AWS services, such as AWS Lambda, Amazon RDS, and AWS CloudFormation, to simplify the management of secrets across your environment5
