Free & Accurate Amazon AWS Certified Cloud Practitioner Practice Questions | ExamTopics
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #1~30
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #31~60
#121~130
121. Which AWS service provides a feature that can be used to proactively monitor and plan for the service quotas of AWS resources?
- A. AWS CloudTrail
- B. AWS Personal Health Dashboard
- C. AWS Trusted Advisor
- D. Amazon CloudWatch
=> D. Amazon CloudWatch
proactively: 능동적으로
122. Which of the following is an advantage that users experience when they move on-premises workloads to the AWS Cloud?
- A. Elimination of expenses for running and maintaining data centers
- B. Price discounts that are identical to discounts from hardware providers
- C. Distribution of all operational controls to AWS
- D. Elimination of operational expenses
=> A. Elimination of expenses for running and maintaining data centers
데이터 센터 운영비를 줄일 수 있다.
123. Which design principle is included in the operational excellence pillar of the AWS Well-Architected Framework?
- A. Create annotated documentation.
- B. Anticipate failure.
- C. Ensure performance efficiency.
- D. Optimize costs.
=> B. Anticipate failure
실패를 예측한다 -> 운영 오류가 적다. -> 운영 우수성이 올라간다.
124. Which AWS services offer gateway VPC endpoints that can be used to avoid sending traffic over the internet? (Choose two.)
- A. Amazon Simple Notification Service (Amazon SNS)
- B. Amazon Simple Queue Service (Amazon SQS)
- C. AWS CodeBuild
- D. Amazon S3
- E. Amazon DynamoDB
인터넷을 통한 트래픽 전송을 방지하는 데 사용할 수 있는 게이트웨이 VPC 엔드포인트를 제공하는 AWS 서비스는 무엇입니까?
=> D,E
Gateway type endpoints are available only for AWS services including S3 and DynamoDB. These endpoints will add an entry to your route table you selected and route the traffic to the supported services through Amazon’s private network.
게이트웨이 타입 엔드포인트는 s3와 dynamoDB 에서 가능하다고 한다.
125. Which of the following is the customer responsible for updating and patching, according to the AWS shared responsibility model?
- A. Amazon FSx for Windows File Server
- B. Amazon WorkSpaces virtual Windows desktop
- C. AWS Directory Service for Microsoft Active Directory
- D. Amazon RDS for Microsoft SQL Server
=> B. Amazon WorkSpaces virtual Windows desktop
We recommend that you regularly patch, update, and secure the operating system and applications on your WorkSpaces. You can configure your WorkSpaces to be updated by WorkSpaces during a regular maintenance window or you can update them yourself.
workspace 패치, 업데이트는 사용자의 몫이다.
126. Who has the responsibility to patch the host operating system of an Amazon EC2 instance, according to the AWS shared responsibility model?
- A. Both AWS and the customer
- B. The customer only
- C. The EC2 hardware manufacturer
- D. AWS only
=> D.AWS only
AWS updates the EC2 host and user updates the EC2 guest
127. A company is using an Amazon RDS DB instance for an application that is deployed in the AWS Cloud. The company needs regular patching of the operating system of the server where the DB instance runs.
What is the company's responsibility in this situation, according to the AWS shared responsibility model?
- A. Open a support case to obtain administrative access to the server so that the company can patch the DB instance operating system.
- B. Open a support case and request that AWS patch the DB instance operating system.
- C. Use administrative access to the server, and apply the operating system patches during the regular maintenance window that is defined for the DB instance.
- D. Establish a regular maintenance window that tells AWS when to patch the DB instance operating system.
=> D.
Some maintenance items require that Amazon RDS take your DB instance offline for a short time. Maintenance items that require a resource to be offline include required operating system or database patching. Required patching is automatically scheduled only for patches that are related to security and instance reliability. Such patching occurs infrequently (typically once every few months) and seldom requires more than a fraction of your maintenance window.
maintenance window? 이건 실습을 해봐야알 것 같다.
128. Why is an AWS Well-Architected review a critical part of the cloud design process?
- A. A Well-Architected review is mandatory before a workload can run on AWS.
- B. A Well-Architected review helps identify design gaps and helps evaluate design decisions and related documents.
- C. A Well-Architected review is an audit mechanism that is a part of requirements for service level agreements.
- D. A Well-Architected review eliminates the need for ongoing auditing and compliance tests.
=> B. A Well-Architected review helps identify design gaps and helps evaluate design decisions and related documents.
Well-Architected 검토는 설계 격차를 식별하고 설계 결정 및 관련 문서를 평가하는 데 도움이 됩니다.
음??? 무슨말인지 모르겠다.
129. A company implements an Amazon EC2 Auto Scaling policy along with an Application Load Balancer to automatically recover unhealthy applications that run on
Amazon EC2 instances.
Which pillar of the AWS Well-Architected Framework does this action cover?
- A. Security
- B. Performance efficiency
- C. Operational excellence
- D. Reliability
=> D. Reliability
130. Which AWS Cloud benefit is shown by an architecture's ability to withstand failures with minimal downtime?
- A. Agility
- B. Elasticity
- C. Scalability
- D. High availability
=> D. High availability
D is right. High availability = minimal downtime = recovery quickly from failure.
고가용성과 minimal downtime 과 연관이 있다?
가용성 : 시스템이 서비스를 정상적으로 제공할 수 있는 상태
#131~140
Under the AWS shared responsibility model, which task is the customer's responsibility when managing AWS Lambda functions?
- A. Creating versions of Lambda functions
- B. Maintaining server and operating systems
- C. Scaling Lambda resources according to demand
- D. Updating the Lambda runtime environment
=> A. Creating versions of Lambda functions
람다 함수의 버전 생성?
조금 애매하지만 그나마 사용자가 할 수 있는 것
132. What does the AWS Concierge Support team provide?
- A. A technical expert dedicated to the user
- B. A primary point of contact for AWS Billing and AWS Support
- C. A partner to help provide scaling guidance for an event launch
- D. A dedicated AWS staff member who reviews the user's application architecture
=> B. A primary point of contact for AWS Billing and AWS Support
AWS Concierge: B2B 지원
133. A company needs to generate reports that can break down cloud costs by product, by company-defined tags, and by hour, day, and month.
Which AWS tool should the company use to meet these requirements?
- A. Reserved Instance utilization and coverage reports
- B. Savings Plans utilization reports
- C. AWS Budgets reports
- D. AWS Cost and Usage Reports
=> D. AWS Cost and Usage Reports
134. A company has a serverless application that includes an Amazon API Gateway API, an AWS Lambda function, and an Amazon DynamoDB database.
Which AWS service can the company use to trace user requests as they move through the application's components?
- A. AWS CloudTrail
- B. Amazon CloudWatch
- C. Amazon Inspector
- D. AWS X-Ray
=:> A. AWS CloudTrail
135. A company needs to set up a petabyte-scale data warehouse in the AWS Cloud.
Which AWS service will meet this requirement?
- A. Amazon DynamoDB
- B. Amazon RDS
- C. Amazon Redshift
- D. Amazon ElastiCache
=> C. Amazon Redshift
redshift로 데이터 웨어하우스
136. Which AWS service is always provided at no charge?
- A. Amazon S3
- B. AWS Identity and Access Management (IAM)
- C. Elastic Load Balancers
- D. AWS WAF
=> B. AWS Identity and Access Management (IAM)
137. A company needs to design an AWS disaster recovery plan to cover multiple geographic areas.
Which action will meet this requirement?
- A. Configure multiple AWS accounts.
- B. Configure the architecture across multiple Availability Zones in an AWS Region.
- C. Configure the architecture across multiple AWS Regions.
- D. Configure the architecture among many edge locations.
=> C. Configure the architecture across multiple AWS Regions.
138. Which of the following is a benefit of moving from an on-premises data center to the AWS Cloud?
- A. Compute instances can be launched and terminated as needed to optimize costs.
- B. Compute costs can be viewed in the AWS Billing and Cost Management console.
- C. Users retain full administrative access to their compute instances.
- D. Users can optimize costs by permanently running enough instances at peak load.
=> A. Compute instances can be launched and terminated as needed to optimize costs.
139. In which ways does the AWS Cloud offer lower total cost of ownership (TCO) of computing resources than on-premises data centers? (Choose two.)
- A. AWS replaces upfront capital expenditures with pay-as-you-go costs.
- B. AWS is designed for high availability, which eliminates user downtime.
- C. AWS eliminates the need for on-premises IT staff.
- D. AWS uses economies of scale to continually reduce prices.
- E. AWS offers a single pricing model for Amazon EC2 instances.
=> A, D
140. Which AWS service monitors AWS accounts for security threats?
- A. Amazon GuardDuty
- B. AWS Secrets Manager
- C. Amazon Cognito
- D. AWS Certificate Manager (ACM)
=> A. Amazon GuardDuty
Amazon GuardDuty: intelligent threat protection for accounts and workloads
지능형 위협 감지
#141~150
141. Which benefit is included with an AWS Enterprise Support plan?
- A. AWS Partner Network (APN) support at no cost.
- B. Designated support from an AWS technical account manager (TAM)
- C. On-site support from AWS engineers
- D. AWS managed compliance as code with AWS Config
=> B. Designated support from an AWS technical account manager (TAM)
142. Which task does AWS perform automatically?
- A. Encrypt data that is stored in Amazon DynamoDB.
- B. Patch Amazon EC2 instances.
- C. Encrypt user network traffic.
- D. Create TLS certificates for users' websites.
=> A. Encrypt data that is stored in Amazon DynamoDB.
All user data stored in Amazon DynamoDB is fully encrypted at rest. DynamoDB encryption at rest provides enhanced security by encrypting all your data at rest using encryption keys stored in AWS Key Management Service (AWS KMS)
=> dynamoDB 에 저장되는 데이터는 자동으로 암호화가 된다.
143. Which AWS service or tool can a company use to visualize, understand, and manage AWS spending and usage over time?
- A. AWS Trusted Advisor
- B. Amazon CloudWatch
- C. Cost Explorer
- D. AWS Budgets
=> C. Cost Explorer
AWS Cost Explorer는 시간에 따른 AWS 비용과 사용량을 시각화, 이해 및 관리할 수 있는 손쉬운 인터페이스를 제공합니다. 비용 및 사용량 데이터를 분석하는 사용자 지정 보고서를 작성하여 신속하게 시작합니다.
cost explorer도 시각화를 보여준다 .
144. A company wants to deploy some of its resources in the AWS Cloud. To meet regulatory requirements, the data must remain local and on premises. There must be low latency between AWS and the company resources.
Which AWS service or feature can be used to meet these requirements?
- A. AWS Local Zones
- B. Availability Zones
- C. AWS Outposts
- D. AWS Wavelength Zones
=> C. AWS Outposts
하이브리드 -> outposts
145. A company requires an isolated environment within AWS for security purposes.
Which action can be taken to accomplish this?
- A. Create a separate Availability Zone to host the resources.
- B. Create a separate VPC to host the resources.
- C. Create a placement group to host the resources.
- D. Create an AWS Direct Connect connection between the company and AWS.
=> B. Create a separate VPC to host the resources.
vpc를 이용해 리소스를 분리한다.
146. Which AWS service is a highly available and scalable DNS web service?
- A. Amazon VPC
- B. Amazon CloudFront
- C. Amazon Route 53
- D. Amazon Connect
=> C. Amazon Route 53
dns? route53이지.
147. Which of the following is an AWS best practice for managing an AWS account root user?
- A. Keep the root user password with the security team.
- B. Enable multi-factor authentication (MFA) for the root user.
- C. Create an access key for the root user.
- D. Keep the root user password consistent for compliance purposes.
=> B. Enable multi-factor authentication (MFA) for the root user.
rootuser와 mfa는 셋트로 나온다 .
148. A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access.
What should the company use to access instances remotely instead of opening inbound SSH ports and managing SSH keys?
- A. EC2 key pairs
- B. AWS Systems Manager Session Manager
- C. AWS Identity and Access Management (IAM)
- D. Network ACLs
=> B. AWS Systems Manager Session Manager
AWS Systems Manager Session Manager is a new interactive shell and CLI that helps to provide secure, access-controlled, and audited Windows and Linux EC2 instance management. Session Manager removes the need to open inbound ports, manage SSH keys, or use bastion hosts.
system manager 로 ssh 원격 관리할 수 있다.
149. After selecting an Amazon EC2 Dedicated Host reservation, which pricing option would provide the largest discount?
- A. No upfront payment
- B. Hourly on-demand payment
- C. Partial upfront payment
- D. All upfront payment
=> D. All upfront payment
150. A company has refined its workload to use specific AWS services to improve efficiency and reduce cost.
Which best practice for cost governance does this example show?
- A. Resource controls
- B. Cost allocation
- C. Architecture optimization
- D. Tagging enforcement
=> C. Architecture optimization
"Architecture optimization focuses on the need to continually refine workloads to be more cost-conscious to create better architected systems."
아키텍처 수정이 가장 큰 요인이 아닐까?