Which of the following are shared controls that apply to both AWS and the customer, according to the AWS shared responsibility model? (Choose two.)
Resource configuration management
Network data integrity
Employee awareness and training
Physical and environmental security
Replacement and disposal of disk drives
Answers are;
A. Resource configuration management
C. Employee awareness and training
Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include:
1. Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.
2. Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications.
3. Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.
Which benefits does a company gain when the company moves from on-premises IT architecture to the AWS Cloud? (Choose two.)
Reduced or eliminated tasks for hardware troubleshooting, capacity planning, and procurement
Elimination of the need for trained IT staff
Automatic security configuration of all applications that are migrated to the cloud
Elimination of the need for disaster recovery planning
Faster deployment of new features and applications
Answers are;
A. Reduced or eliminated tasks for hardware troubleshooting, capacity planning, and procurement
E. Faster deployment of new features and applications
A. Reduced or eliminated tasks for hardware troubleshooting, capacity planning, and procurement: With the AWS Cloud, companies can offload the responsibility of managing hardware infrastructure, including troubleshooting issues, planning for capacity needs, and procuring new hardware. AWS manages the underlying infrastructure, allowing companies to focus on their core business.
E. Faster deployment of new features and applications: AWS provides a wide range of services and tools that enable companies to quickly deploy and scale applications. The cloud infrastructure allows for agility and faster time to market, as companies can easily provision resources and take advantage of managed services for various functionalities.
Question 73
Which of the following is a benefit of decoupling an AWS Cloud architecture?
Reduced latency
Ability to upgrade components independently
Decreased costs
Fewer components to manage
Answer is Ability to upgrade components independently
Decoupling an AWS Cloud architecture involves breaking up a monolithic system into smaller, independent components that can be upgraded or replaced without affecting the entire system. This results in greater flexibility, scalability, and agility, as well as the ability to use different technologies or services for different components. Decoupling does not necessarily result in reduced latency, decreased costs, or fewer components to manage.
Which task is the responsibility of the customer according to the AWS shared responsibility model?
Maintain the security of the hardware that runs Amazon EC2 instances.
Patch the guest operating system of Amazon EC2 instances.
Protect the security of the AWS global infrastructure.
Patch Amazon RDS software.
Answer is Patch the guest operating system of Amazon EC2 instances.
Customers that deploy an Amazon EC2 instance are responsible for management of the guest operating system (including updates and security patches), any application software or utilities installed by the customer on the instances, and the configuration of the AWS-provided firewall (called a security group) on each instance.
Which of the following is a cloud benefit that AWS offers to its users?
The ability to configure AWS data center hypervisors
The ability to purchase hardware in advance of increased traffic
The ability to deploy to AWS on a global scale
Compliance audits for user IT environments
Answer is The ability to deploy to AWS on a global scale
The cloud benefit that AWS offers to its users is the ability to deploy to AWS on a global scale. AWS provides a global infrastructure that allows users to deploy their applications and services in multiple geographic regions around the world. This global presence enables users to reach their customers with low latency and provides them with the flexibility to expand their presence in different regions based on demand.
What are the six pillars of the AWS Well-Architected Framework?
Encryption, documentation, speed, hybrid design, and cost optimization
Containerization, cost margins, globalization, marketplace, and developer operations
Network, compute, storage, security, and developer operations
Operational excellence, reliability, performance efficiency, security, sustainability, and cost optimization
Answer is Operational excellence, reliability, performance efficiency, security, and cost optimization
Operational excellence - Focuses on operational practices that allow organizations to run their workloads efficiently, gain insights into their operations, and continuously improve processes and procedures.
Reliability - Focuses on the ability to recover from failures and meet business continuity objectives by designing systems that can automatically recover from infrastructure or service disruptions.
Performance efficiency - Focuses on using resources efficiently to meet system requirements, including selecting the right resource types and sizes and optimizing performance as demands change.
Security - Focuses on protecting information, systems, and assets while delivering business value through risk assessments, data protection mechanisms, and implementing various security controls.
Cost optimization - Focuses on avoiding unnecessary costs by optimizing resource usage, selecting the right pricing models, and analyzing spending patterns to ensure cost-effectiveness.
Which statements explain the business value of migration to the AWS Cloud? (Choose two.)
The migration of enterprise applications to the AWS Cloud makes these applications automatically available on mobile devices.
AWS availability and security provide the ability to improve service level agreements (SLAs) while reducing risk and unplanned downtime.
Companies that migrate to the AWS Cloud eliminate the need to plan for high availability and disaster recovery.
Companies that migrate to the AWS Cloud reduce IT costs related to infrastructure, freeing budget for reinvestment in other areas.
Applications are modernized because migration to the AWS Cloud requires companies to rearchitect and rewrite all enterprise applications.
Answers are;
B. AWS availability and security provide the ability to improve service level agreements (SLAs) while reducing risk and unplanned downtime.
D. Companies that migrate to the AWS Cloud reduce IT costs related to infrastructure, freeing budget for reinvestment in other areas.
B. AWS availability and security provide the ability to improve service level agreements (SLAs) while reducing risk and unplanned downtime. With AWS, businesses can leverage highly available and resilient infrastructure, robust security measures, and comprehensive backup and disaster recovery capabilities. This allows companies to enhance their SLAs, ensuring greater uptime and minimizing the risk of costly downtime events.
D. Companies that migrate to the AWS Cloud reduce IT costs related to infrastructure, freeing budget for reinvestment in other areas. AWS offers a pay-as-you-go pricing model, allowing businesses to scale resources up or down based on demand, and only pay for what they use. This eliminates the need for upfront capital investments in hardware and reduces ongoing maintenance and operational costs. The cost savings can be redirected to other strategic initiatives, such as innovation, product development, or expanding business operations.
Question 78
What is a proper definition of IAM Roles?
An IAM entity that defines a set of permissions for making AWS service requests, that will be used by AWS services
IAM Users in multiple Groups
A password policy
Permissions assigned to Users to perform actions
Answer is An IAM entity that defines a set of permissions for making AWS service requests, that will be used by AWS services
Some AWS service will need to perform actions on your behalf. To do so, you assign permissions to AWS services with IAM Roles.
Question 79
Which of the following is an IAM Security Tool?
IAM Credentials Report
IAM Root Account Manager
IAM Services Report
IAM Security Advisor
Answer is IAM Credentials Report
IAM Credentials report lists all your account's users and the status of their various credentials. The other IAM Security Tool is IAM Access Advisor. It shows the service permissions granted to a user and when those services were last accessed.
Question 80
Which answer is INCORRECT regarding IAM Users?
IAM Users can belong to multiple groups
IAM Users don't have to belong to a group
IAM Users can have policies assigned to them
IAM Users access AWS with the root account credentials
Answer is IAM Users access AWS with the root account credentials
IAM Users access AWS using a username and a password.