강2월드

Free & Accurate Amazon AWS Certified Cloud Practitioner Practice Questions | ExamTopics
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #1~30
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #31~60

2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 #61~90

2023.01.05 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 #91~120

2023.01.06 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 #121~150

#151~160

151. A company would like to host its MySQL databases on AWS and maintain full control over the operating system, database installation, and configuration.
Which AWS service should the company use to host the databases?

=> A. Amazon RDS

152. How does the AWS global infrastructure offer high availability and fault tolerance to its users?

=>  D

A가 아닌 이유

AWS Regions within various Availability Zones

리전이 여러 az 에 속한 것이 아닌 그 반대임. 

영어 조심 

153. A company is using Amazon EC2 Auto Scaling to scale its Amazon EC2 instances.
Which benefit of the AWS Cloud does this example illustrate?

=> B. Elasticity

가용성: 시스템이 서비스를 정상적으로 제공할 수 있는 상태

탄력성: 요구사항이 변화함에 따라 확장 및 축소하는 것 

가용성이 나올려면 failure 키워드가 나와야한다. 

154. Which AWS service or feature is used to send both text and email messages from distributed applications?

=> A. Amazon Simple Notification Service (Amazon SNS)

155. A user is able to set up a master payer account to view consolidated billing reports through:

=> D. AWS Organizations.

통합 청구서 -> organizations 

"You can track the charges across multiple accounts and download the combined cost and usage data."

156. According to the AWS shared responsibility model, which task is the customer's responsibility?

=> D. Updating the guest operating system on Amazon EC2 instances

guest os 업데이트가 사용자의 몫?

157. A company wants to migrate a small website and database quickly from on-premises infrastructure to the AWS Cloud. The company has limited operational knowledge to perform the migration.
Which AWS service supports this use case?

=> B. Amazon Lightsail

the point of Lightsail is to quickly provision ready-to-use AWS resources instead of deeping into th technical details of EC2, S3, DynamoDB etc.

가상 프라이빗 서버 및 웹 호스팅–Amazon Lightsail—Amazon Web Services

저렴한 비용의 사전 구성된 클라우드 리소스를 통해 애플리케이션 및 웹 사이트를 빠르게 구축

lightsail 로 간단하게 웹사이트를 구축할 수 있다. 

158. A company is moving multiple applications to a single AWS account. The company wants to monitor the AWS Cloud costs incurred by each application.
What can the company do to meet this requirement?

=> D. Create cost allocation tags.

You can use tags to organize your resources, and cost allocation tags to track your AWS costs on a detailed level. You can apply tags that represent business categories (such as cost centers, application names, or owners) to organize your costs across multiple services.

할당 태그를 달아서 모니터링 할 수 있다. 

159. Which design principle is achieved by following the reliability pillar of the AWS Well-Architected Framework?

=> C. Testing recovery procedures

160. A user needs to quickly deploy a non-relational database on AWS. The user does not want to manage the underlying hardware or the database software.
Which AWS service can be used to accomplish this?

=>  B. Amazon DynamoDB

#161~170

161. Which task is an AWS responsibility when a workload is running in Amazon RDS?

=> C. Installing the database engine

162. A development team wants to publish and manage web services that provide REST APIs.
Which AWS service will meet this requirement?

163. A company has a social media platform in which users upload and share photos with other users. The company wants to identify and remove inappropriate photos. The company has no machine learning (ML) scientists and must build this detection capability with no ML expertise.
Which AWS service should the company use to build this capability?

=>  C. Amazon Rekognition

comprehend는 text 와 관련된 것

164. Which responsibility belongs to AWS when a company hosts its databases on Amazon EC2 instances?

=> D. Operating system installations.

좀 헷갈린다 .

165. A company wants to use Amazon S3 to store its legacy data. The data is rarely accessed. However, the data is critical and cannot be recreated. The data needs to be available for retrieval within seconds.
Which S3 storage class meets these requirements MOST cost-effectively?

=> C. S3 Standard-Infrequent Access (S3 Standard-IA)

166. An online retail company wants to migrate its on-premises workload to AWS. The company needs to automatically handle a seasonal workload increase in a cost- effective manner.
Which AWS Cloud features will help the company meet this requirement? (Choose two.)

=> B, D 

167. Which AWS service helps developers use loose coupling and reliable messaging between microservices?

=> D. Amazon Simple Queue Service (Amazon SQS)

168. A company needs to build an application that uses AWS services. The application will be delivered to residents in European Counties. The company must abide by regional regulatory requirements.
Which AWS service or program should the company use to determine which AWS services meet the regional requirements?

=> D. AWS Artifact

abide 머무르다. 

나라마다 규정 준수하기 artifact

답이 c,d 나뉘는데 난 d라고 생각한다 .

169. A company needs to implement identity management for a fleet of mobile apps that are running in the AWS Cloud.
Which AWS service will meet this requirement?

=> A. Amazon Cognito

A – Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily.

170. A company needs an Amazon EC2 instance for a rightsized database server that must run constantly for 1 year.
Which EC2 instance purchasing option will meet these requirements MOST cost-effectively?

=> A. Standard Reserved Instance

컨버터블 RI는 추후에 속성을 변경할 수 있지만 할인율이 떨어진다 . 

#171~180 

171. A company has multiple applications and is now building a new multi-tier application. The company will host the new application on Amazon EC2 instances. The company wants the network routing and traffic between the various applications to follow the security principle of least privilege.
Which AWS service or feature should the company use to enforce this principle?

=>A. Security groups

인스턴스 단위으 보안 sg

172. A company's web application requires AWS credentials and authorizations to use an AWS service.
Which IAM entity should the company use as best practice?

173. A company is creating a document that defines the operating system patch routine for all the company's systems.
Which AWS resources should the company include in this document? (Choose two.)

=> A.,E 

Option E, Amazon Elastic Container Service (Amazon ECS) instances, are not a valid AWS resource. Amazon ECS is a container orchestration service that allows customers to run and manage containerized applications in the cloud, but it does not have instances as a concept.

ecs의 os 는 고객이 관리해야한다. 

174. Which AWS service or feature gives a company the ability to control incoming traffic and outgoing traffic for Amazon EC2 instances?

=> A. Security groups

175. A company is starting to build its infrastructure in the AWS Cloud. The company wants access to technical support during business hours. The company also wants general architectural guidance as teams build and test new applications.
Which AWS Support plan will meet these requirements at the LOWEST cost?

=> B. AWS Developer Support

We recommend AWS Developer Support if you are testing or doing early development on AWS and want the ability to get technical support during business hours as well as general architectural guidance as you build and test. In addition to enhanced technical support and architectural guidance, Developer Support provides access to documentation and forums, AWS Trusted Advisor, and AWS Personal Health Dashboard.

처음에 설계한다면  developer support를 사용하자.

176. A company is migrating its public website to AWS. The company wants to host the domain name for the website on AWS.
Which AWS service should the company use to meet this requirement?

=> B. Amazon Route 53

177. A company needs to evaluate its AWS environment and provide best practice recommendations in five categories: cost, performance, service limits, fault tolerance, and security.
Which AWS service can the company use to meet these requirements?

=> C. AWS Trusted Advisor

178. Which AWS service provides the capability to view end-to-end performance metrics and troubleshoot distributed applications?

179. Which cloud computing benefit does AWS demonstrate with its ability to offer lower variable costs as a result of high purchase volumes?

180. Which AWS service provides threat detection by monitoring for malicious activities and unauthorized actions to protect AWS accounts, workloads, and data that is stored in Amazon S3?

Free & Accurate Amazon AWS Certified Cloud Practitioner Practice Questions | ExamTopics
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #1~30
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #31~60

2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 #61~90

2023.01.05 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 #91~120

#121~130

121. Which AWS service provides a feature that can be used to proactively monitor and plan for the service quotas of AWS resources?

=> D. Amazon CloudWatch

proactively: 능동적으로 

122. Which of the following is an advantage that users experience when they move on-premises workloads to the AWS Cloud?

=> A. Elimination of expenses for running and maintaining data centers

데이터 센터 운영비를 줄일 수 있다. 

123. Which design principle is included in the operational excellence pillar of the AWS Well-Architected Framework?

=> B. Anticipate failure

실패를 예측한다 -> 운영 오류가 적다. -> 운영 우수성이 올라간다. 

124. Which AWS services offer gateway VPC endpoints that can be used to avoid sending traffic over the internet? (Choose two.)

인터넷을 통한 트래픽 전송을 방지하는 데 사용할 수 있는 게이트웨이 VPC 엔드포인트를 제공하는 AWS 서비스는 무엇입니까?

=> D,E 

Gateway type endpoints are available only for AWS services including S3 and DynamoDB. These endpoints will add an entry to your route table you selected and route the traffic to the supported services through Amazon’s private network.

게이트웨이 타입 엔드포인트는 s3와 dynamoDB 에서 가능하다고 한다.

125. Which of the following is the customer responsible for updating and patching, according to the AWS shared responsibility model?

=> B. Amazon WorkSpaces virtual Windows desktop

We recommend that you regularly patch, update, and secure the operating system and applications on your WorkSpaces. You can configure your WorkSpaces to be updated by WorkSpaces during a regular maintenance window or you can update them yourself.

workspace 패치, 업데이트는 사용자의 몫이다. 

126. Who has the responsibility to patch the host operating system of an Amazon EC2 instance, according to the AWS shared responsibility model?

=> D.AWS only

AWS updates the EC2 host and user updates the EC2 guest

127. A company is using an Amazon RDS DB instance for an application that is deployed in the AWS Cloud. The company needs regular patching of the operating system of the server where the DB instance runs.
What is the company's responsibility in this situation, according to the AWS shared responsibility model?

=> D. 

Some maintenance items require that Amazon RDS take your DB instance offline for a short time. Maintenance items that require a resource to be offline include required operating system or database patching. Required patching is automatically scheduled only for patches that are related to security and instance reliability. Such patching occurs infrequently (typically once every few months) and seldom requires more than a fraction of your maintenance window.

maintenance window? 이건 실습을 해봐야알 것 같다. 

128. Why is an AWS Well-Architected review a critical part of the cloud design process?

=> B.  A Well-Architected review helps identify design gaps and helps evaluate design decisions and related documents.

Well-Architected 검토는 설계 격차를 식별하고 설계 결정 및 관련 문서를 평가하는 데 도움이 됩니다. 

음??? 무슨말인지 모르겠다. 

129. A company implements an Amazon EC2 Auto Scaling policy along with an Application Load Balancer to automatically recover unhealthy applications that run on
Amazon EC2 instances.
Which pillar of the AWS Well-Architected Framework does this action cover?

=> D. Reliability

130. Which AWS Cloud benefit is shown by an architecture's ability to withstand failures with minimal downtime?

=> D. High availability

D is right. High availability = minimal downtime = recovery quickly from failure.

고가용성과 minimal downtime 과 연관이 있다?

가용성 : 시스템이 서비스를 정상적으로 제공할 수 있는 상태

#131~140

Under the AWS shared responsibility model, which task is the customer's responsibility when managing AWS Lambda functions?

람다 함수의 버전 생성? 

조금 애매하지만 그나마 사용자가 할 수 있는 것

132. What does the AWS Concierge Support team provide?

=> B. A primary point of contact for AWS Billing and AWS Support

AWS Concierge:  B2B 지원 

133. A company needs to generate reports that can break down cloud costs by product, by company-defined tags, and by hour, day, and month.
Which AWS tool should the company use to meet these requirements?

=>  D. AWS Cost and Usage Reports

134. A company has a serverless application that includes an Amazon API Gateway API, an AWS Lambda function, and an Amazon DynamoDB database.
Which AWS service can the company use to trace user requests as they move through the application's components?

=:> A. AWS CloudTrail

135. A company needs to set up a petabyte-scale data warehouse in the AWS Cloud.
Which AWS service will meet this requirement?

=> B. AWS Identity and Access Management (IAM)

137. A company needs to design an AWS disaster recovery plan to cover multiple geographic areas.
Which action will meet this requirement?

=> C. Configure the architecture across multiple AWS Regions.

138. Which of the following is a benefit of moving from an on-premises data center to the AWS Cloud?

=> A. Compute instances can be launched and terminated as needed to optimize costs.

139. In which ways does the AWS Cloud offer lower total cost of ownership (TCO) of computing resources than on-premises data centers? (Choose two.)

=> A, D

140. Which AWS service monitors AWS accounts for security threats?

=> A. Amazon GuardDuty

Amazon GuardDuty: intelligent threat protection for accounts and workloads

지능형 위협 감지

#141~150 

141. Which benefit is included with an AWS Enterprise Support plan?

=> B. Designated support from an AWS technical account manager (TAM)

142. Which task does AWS perform automatically?

=> A. Encrypt data that is stored in Amazon DynamoDB.

All user data stored in Amazon DynamoDB is fully encrypted at rest. DynamoDB encryption at rest provides enhanced security by encrypting all your data at rest using encryption keys stored in AWS Key Management Service (AWS KMS)

=> dynamoDB 에 저장되는 데이터는 자동으로 암호화가 된다. 

143. Which AWS service or tool can a company use to visualize, understand, and manage AWS spending and usage over time?

=> C. Cost Explorer

AWS Cost Explorer는 시간에 따른 AWS 비용과 사용량을 시각화, 이해 및 관리할 수 있는 손쉬운 인터페이스를 제공합니다. 비용 및 사용량 데이터를 분석하는 사용자 지정 보고서를 작성하여 신속하게 시작합니다. 

cost explorer도 시각화를 보여준다 .

144. A company wants to deploy some of its resources in the AWS Cloud. To meet regulatory requirements, the data must remain local and on premises. There must be low latency between AWS and the company resources.
Which AWS service or feature can be used to meet these requirements?

=> C. AWS Outposts

하이브리드 -> outposts

145. A company requires an isolated environment within AWS for security purposes.
Which action can be taken to accomplish this?

=> B. Create a separate VPC to host the resources.

vpc를 이용해 리소스를 분리한다.

146. Which AWS service is a highly available and scalable DNS web service?

=> B. Enable multi-factor authentication (MFA) for the root user.

rootuser와 mfa는 셋트로 나온다 .

148. A company wants to improve its security and audit posture by limiting Amazon EC2 inbound access.
What should the company use to access instances remotely instead of opening inbound SSH ports and managing SSH keys?

=> B. AWS Systems Manager Session Manager

AWS Systems Manager Session Manager is a new interactive shell and CLI that helps to provide secure, access-controlled, and audited Windows and Linux EC2 instance management. Session Manager removes the need to open inbound ports, manage SSH keys, or use bastion hosts.

system manager 로 ssh 원격 관리할 수 있다. 

149. After selecting an Amazon EC2 Dedicated Host reservation, which pricing option would provide the largest discount?

=> D. All upfront payment

150. A company has refined its workload to use specific AWS services to improve efficiency and reduce cost.
Which best practice for cost governance does this example show?

=> C. Architecture optimization

"Architecture optimization focuses on the need to continually refine workloads to be more cost-conscious to create better architected systems."

아키텍처 수정이 가장 큰 요인이 아닐까? 

0. 들어가며

12/26부터 준비해서 1/5 시험 11일 정도 걸렸다.

원래 2주뒤에 시험 칠려고 했는데 부산은 시험장이 별로 없어서 그냥 적당한 날로 했다.

쌩기초라기보다는 구름 쿠버네티스 과정을 하면서 얼핏 흘려들은게 좀 있다. 

벼락치기로 합격했으므로 참고만하시고 시험을 치실 땐 조금 더 준비하시는걸 추천 합니다. 

1. 준비 과정

(1) aws skill builder 강의

AWS Cloud Practitioner Essentials (amazon.com)

6시간 수업 분량인데 게을러서 8일동안 수업을 들었다. 

강의 자료가 워낙 잘되어있고 강의마다 미니 문제도 있어서 생각보다 많이 알차다.

블로그에 정리? 하면서 강의 들으니까 좀 더 좋았던 것 같다.

(2) aws 덤프 문제 풀기

Free & Accurate Amazon AWS Certified Cloud Practitioner Practice Questions | ExamTopics

덤프 문제가 537 문제 정도가 있는데 시험 치는 당일까지 100문제 정도 풀었다.

2. 시험과정

(1) 시험 신청

AWS Certified Cloud Practitioner 자격증 | AWS Certification | AWS (amazon.com)

당연히 여기서 시험을 신청했다.

외국어라서 30분 추가할 수 있는데 신청하라! (혹시 모른다.)

personVue 로 신청할려고 했는데 시험 일정 예약에 오류가 계속 생겨서 그냥 시험장 신청을 했다. 

(주소 입력시 오류가 계속 뜨는데 주의)

(2) 시험장 

부산은 렉시스 시험장이라고 지도에는 시민 공원 쪽이라고 하는데 실은 nc 백화점 쪽에 가깝다.

부산 사람이고 서면을 자주 갔다면 익숙한 장소이다. 

시험장이라고 일반적인 시험장이라고 생각했는데 그게 아니라 

열린 컴퓨터실? 뭐라할지 모르겠네 ( 무튼 걱정하지말라우)

여권을 챙겨가라!  

(3) 시험결과 

시험을 다치루고 설문조사가 끝나면 2주뒤에 결과가 나오는줄 알았는데 합격여부가 바로 화면에 표시된다.

갑자기 기분 너무 좋았음.

그리고  credly 라는 사이트에서 배지 준다.

3. 준비 팁 

매우 매우 주관적이지만 혹시나 도움이 될까하는 마음으로;;;

(1) skill builder 수업 열심히 듣기

처음에는 skill builder 수업이 6시간 분량이라서 하루만에 다듣고 덤프 문제만 주구장창 풀려고 했는데

그 반대가 되버렸다.

skill builder에서 가르치는 내용이 매우 핵심적인 내용이라서 해당 내용만 제대로 숙지한다면 60%는 확실하게 맞춘다.

시험 핵심 내용 vpc,az , well-frame architecture 등등 aws가 자랑하는 요소들이 반복적으로 꼭나온다.

따라서 해당 내용들이랑 관련된 키워드는 무조건 숙지하는 것이 좋다. 

ex) 만약 문제에 TAM(technical account1 manager) 가 나오면 -> aws Enterprise Support 구나 

보다보면 눈에 익는다. 

(2) 문제 풀기

덤프 사이트에 정답에 대해 의견이 갈리는 문제들이 많다. 

덤프 문제를 다 풀더라도 시험에 기상천외한 aws 서비스를 묻는 문제가 나오면 틀릴 수 밖에 없다. 

문제 푸는 건 그냥 문제 형식 눈에 익히기 (영어 공부 ) + skill builder에서 알려주지 않는 서비스들 (빈도 2~3쯤 되는 것)만 

알아가도 시험을 얼추 합격할 것이다. 

덤프는 무조건 조금이라도 풀고 들어가는 것이 좋다! 

4. 마무리- 다음시험?

누군가한테는 ㅈ밥 자격증이라고 생각할 수 있지만 나한테는 간만에 딴 자격증이고 오래만에 성취감을 느낄 수 있는 일이라서 기분이 좋았다. 

3주안에 Solution architecture assosiate를 딸거다. 올해도 퐈이야ㅑㅑ!

Free & Accurate Amazon AWS Certified Cloud Practitioner Practice Questions | ExamTopics
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #1~30
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #31~60

2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 #61~90

#91~100

91. Which AWS service is used to provide encryption for Amazon EBS?

=> C. AWS KMS

92. Which AWS services make use of global edge locations? (Choose two.)

=> B,C

aws global accelerator 트래픽을 엣지 로케이션에 할당한다.

AWS 글로벌 인프라의 성능, 보안 및 가용성을 활용하여 Global Accelerator 엣지 로케이션 중 하나에 사용자 트래픽을 온보드할 수 있습니다. 

93. A company is operating several factories where it builds products. The company needs the ability to process data, store data, and run applications with local system interdependencies that require low latency.
Which AWS service should the company use to meet these requirements?

iot grenngrass 는 디바이스의 데이터와 클라우드의 데이터를 싱크 시키는 것

94. Which of the following is a recommended design principle for AWS Cloud architecture?

=> C.

업데이트를 진행해도 오류가 적다. -> 운영 효율이 높아짐

96. Which of the following acts as an instance-level firewall to control inbound and outbound access?

=> B. Security groups

인스턴스 단에서의 방화벽, 보안그룹

97. A company has a workload that will run continuously for 1 year. The workload cannot tolerate service interruptions.
Which Amazon EC2 purchasing option will be MOST cost-effective?

-> A. All Upfront Reserved Instances

98. Which AWS service helps protect against DDoS attacks?

=> A. AWS Shield

ddos 공격은 aws shield

99. Using AWS Config to record, audit, and evaluate changes to AWS resources to enable traceability is an example of which AWS Well-Architected Framework pillar?

보안성과 추적성 traceability를 연결하자

100. Which AWS tool or feature acts as a VPC firewall at the subnet level?

=> B

Amazon Simple Queue Service (Amazon SQS) is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed systems, and serverless applications. Amazon SQS moves data between distributed application components and helps you decouple these components.

 sqs 로 서비스를 격리시킨다.

102. Which disaster recovery option is the LEAST expensive?

=> B. Amazon EC2 instance store

인스턴스 스토어는 인스터스를 종료하면 꺼진다.

ephemeral : 일시적인

104. Which of the following is a characteristic of the AWS account root user?

= > C. The root user is the first sign-in identity that is available when an AWS account is created.

루트계정은 처음 생성되는 계정

105. A company hosts an application on an Amazon EC2 instance. The EC2 instance needs to access several AWS resources, including Amazon S3 and Amazon
DynamoDB.
What is the MOST operationally efficient solution to delegate permissions?

=> B

107. What is the purpose of having an internet gateway within a VPC?

=> B

인터넷 게이트웨이 인터넷과 vpc 연결

108. Which AWS service allows users to download security and compliance reports about the AWS infrastructure on demand?

=> C.AWS Transit Gateway

110. A company is planning an infrastructure deployment to the AWS Cloud. Before the deployment, the company wants a cost estimate for running the infrastructure.
Which AWS service or feature can provide this information?

#111~120

111. Which AWS service of tool helps to centrally manage billing and allow controlled access to resources across AWS accounts?

=> B. AWS Organizations

중앙에서 결제 관리

AWS Organizations

112. Which of the following are Amazon Virtual Private Cloud (Amazon VPC) resources?

113. A company needs to identify the last time that a specific user accessed the AWS Management Console.
Which AWS service will provide this information?

=> B. AWS CloudTrail

114. A company launched an Amazon EC2 instance with the latest Amazon Linux 2 Amazon Machine Image (AMI).
Which actions can a system administrator take to connect to the EC2 instance? (Choose two.)

=> A,D

EC2 Instance Connect를 사용한 연결 - Amazon Elastic Compute Cloud

다음 지침에서는 EC2 Instance Connect를 사용하여 Linux 인스턴스에 연결하는 방법을 설명합니다.

AWS Systems Manager Session Manager, EC2 인스턴스 쉘 접근을 위한 신규 기능 | Amazon Web Services 한국 블로그

AWS에서는 이미 AWS Systems Manager Run Command를 통해 셸 수준의 액세스에 대한 필요성을 어느 정도 해결한 바 있습니다. 

With Session Manager, you can manage your Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, and on-premises servers and virtual machines (VMs)

115. A company wants to perform sentiment analysis on customer service email messages that it receives. The company wants to identify whether the customer service engagement was positive or negative.
Which AWS service should the company use to perform this analysis?

116. What is the total amount of storage offered by Amazon S3?

=> D. unlimited

객체 하나 최대의 크기가 5tb

117.  A company is migrating to Amazon S3. The company needs to transfer 60 TB of data from an on-premises data center to AWS within 10 days.
Which AWS service should the company use to accomplish this migration?

=> C. AWS Snowball

118. What type of database is Amazon DynamoDB?

=> C. key-value

119. A large organization has a single AWS account.
What are the advantages of reconfiguring the single account into multiple AWS accounts? (Choose two.)

=> A,D 

It allows for administrative isolation between different workloads.

관리자가 워크로드를 독립 시킴

Having multiple accounts reduces the risks associated with malicious activity targeted at a single account.

단일 계정의 리스크를 줄임.

120. A retail company has recently migrated its website to AWS. The company wants to ensure that it is protected from SQL injection attacks. The website uses an
Application Load Balancer to distribute traffic to multiple Amazon EC2 instances.
Which AWS service or feature can be used to create a custom rule that blocks SQL injection attacks?

Free & Accurate Amazon AWS Certified Cloud Practitioner Practice Questions | ExamTopics
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #1~30
2023.01.04 - [DevOps/aws] - Amazon AWS Certified Cloud Practitioner Exam Practice Questions | aws 클라우드 프랙티셔너 문제 #31~60

#61~70

61. A company that has multiple business units wants to centrally manage and govern its AWS Cloud environments. The company wants to automate the creation of
AWS accounts, apply service control policies (SCPs), and simplify billing processes.
Which AWS service or tool should the company use to meet these requirements?

A. AWS Organizations
B. Cost Explorer
C. AWS Budgets
D. AWS Trusted Advisor

=>D. AWS Organizations 62. Which IT controls do AWS and the customer share, according to the AWS shared responsibility model? (Choose two.)

A. Physical and environmental controls
B. Patch management
C. Cloud awareness and training
D. Zone security
E. Application data encryption

B,C

Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. Examples include: Patch Management – AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications. Configuration Management – AWS maintains the configuration of its infrastructure devices, but a customer is responsible for configuring their own guest operating systems, databases, and applications. Awareness & Training - AWS trains AWS employees, but a customer must train their own employees.
Aws 공동책임 모델.
Application 암호화는 고객 책임
공동 책임으로 patch management, cloud awareness amd training

63. A company is launching an application in the AWS Cloud. The application will use Amazon S3 storage. A large team of researchers will have shared access to the data. The company must be able to recover data that is accidentally overwritten or deleted.
Which S3 feature should the company turn on to meet this requirement?

A. Server access logging
B. S3 Versioning
C. S3 Lifecycle rules
D. Encryption in transit and at rest

B. S3 versioning

64. A manufacturing company has a critical application that runs at a remote site that has a slow internet connection. The company wants to migrate the workload to
AWS. The application is sensitive to latency and interruptions in connectivity. The company wants a solution that can host this application with minimum latency.
Which AWS service or feature should the company use to meet these requirements?

A. Availability Zones
B. AWS Local Zones
C. AWS Wavelength
D. AWS Outposts

=>  B. AWS Local Zone

이번에 AWS Local Zone이라는 새로운 형태의 인프라를 공개합니다. AWS Local Zone은 주요 AWS 서비스를 특정 지리적 위치에 있는 사용자에게 낮은 대기 시간으로 서비스를 제공할 때 사용할 수 있습니다.  첫번째 Local Zone은 남부 캘리포니아의 로스앤젤레스 등지의 사용자들에게 제공하는 애플리케이션의 지연 시간을 크게 낮추도록(10밀리초 미만) 설계되었습니다. 지연 시간에 매우 민감한 수요가 많은 애플리케이션에 특히 유용할 것입니다. 예를 들어, 다음과 같은 요소가 포함됩니다.

65. A company wants to migrate its applications from its on-premises data center to a VPC in the AWS Cloud. These applications will need to access on-premises resources.
Which actions will meet these requirements? (Choose two.)

A. Use AWS Service Catalog to identify a list of on-premises resources that can be migrated.
B. Create a VPN connection between an on-premises device and a virtual private gateway in the VPC.
C. Use an Amazon CloudFront distribution and configure it to accelerate content delivery close to the on-premises resources.
D. Set up an AWS Direct Connect connection between the on-premises data center and AWS.
E. Use Amazon CloudFront to restrict access to static web content provided through the on-premises web servers.
B,D

66.  A company wants to use the AWS Cloud to provide secure access to desktop applications that are running in a fully managed environment.
Which AWS service should the company use to meet this requirement?

A. Amazon S3
B. Amazon AppStream 2.0
C. AWS AppSync
D. AWS Outposts

B. Amazon appstream 2.0

AppStream 2.0 이란?
완전 관리형 어플리케이션 및 데스크톱 스트리밍 서비스
중앙에서 데스크톱 애플리케이션 관리
전세계  사용자가 사용할 수 있음
2019년 2월 Seoul Region 출시

67. A company wants to implement threat detection on its AWS infrastructure. However, the company does not want to deploy additional software.
Which AWS service should the company use to meet these requirements?

A. Amazon VPC
B. Amazon EC2
C. Amazon GuardDuty
D. AWS Direct Connect

C. Aws GuardDuty

1. Continuously monitor your AWS accounts, instances, container workloads, users, and storage for potential threats.  
2. Expose threats quickly using anomaly detection, machine learning, behavioral modeling, and threat intelligence feeds from AWS and leading third-parties.  
3. Mitigate threats early by initiating automated responses.

68. Which AWS service uses edge locations?

A. Amazon Aurora
B. AWS Global Accelerator
C. Amazon Connect
D. AWS Outpost

D랑 b 랑 헷갈린다.
AWS의 Global Accelerator(글로벌 액셀러레이터)는 AWS의 글로벌 네트워크 인프라를 통해 사용자 트래픽을 전송하여 인터넷 사용자 성능을 최대 60% 개선하는 네트워킹 서비스입니다.

​

Global Accelerator는 사용자와 가장 가까운 위치의 사용 가능한 정상 엔드포인트로 트래픽을 자동으로 재라우팅하여 엔드포인트 장애를 완화합니다. Global Accelerator의 자동 라우팅 최적화 기능은 인터넷이 혼잡할 때 패킷 손실, 지터 및 지연 시간을 일관적으로 낮게 유지합니다.

69. A company needs to install an application in a Docker container.
Which AWS service eliminates the need to provision and manage the container hosts?

A. AWS Fargate
B. Amazon FSx for Windows File Server
C. Amazon Elastic Container Service (Amazon ECS)
D. Amazon EC2

C . ecs

70. Which AWS service or feature checks access policies and offers actionable recommendations to help users set secure and functional policies?

A. AWS Systems Manager
B. AWS IAM Access Analyzer
C. AWS Trusted Advisor
D. Amazon GuardDuty
​
B. AWS IAM Access Analyzer
AWS IAM Access Analyzer는 클라우드 자원에 연결된 액세스 제어 정책을 수학적으로 분석하여, AWS 계정 내의 접근 제어의 전체적인 영향을 파악할 수 있으므로 외부의 의도하지 않은 액세스로부터 보호할 수 있습니다.

#71~80

71. A company has a fleet of cargo ships. The cargo ships have sensors that collect data at sea, where there is intermittent or no internet connectivity. The company needs to collect, format, and process the data at sea and move the data to AWS later.
Which AWS service should the company use to meet these requirements?

=> C,D

Data replication 관점에서 C,D 가 더 많다

73. Which characteristic of the AWS Cloud helps users eliminate underutilized CPU capacity?

=> D. AWS Key Management Service (AWS KMS)

76. Which characteristics are advantages of using the AWS Cloud? (Choose two.)

=>B,D

on-premise 환경이 100% SLA 이다. 

Service Level Agreement정보시스템 수요자와 공급자 사이의 상호 동의에 의하여 서비스 수준을 명시적으로 정의하고 이를 문서화한 약정서

77. A user is storing objects in Amazon S3. The user needs to restrict access to the objects to meet compliance obligations.
What should the user do to meet this requirement?

=> A. Amazon Elastic Transcoder

Amazon Elastic Transcoder는 클라우드에서 미디어를 트랜스코딩하는 서비스입니다. 확장성이 뛰어나고 사용하기 쉬우며 비용 효율적인 이 방법을 통해 개발자 및 비즈니스에서 소스 형식의 미디어 파일을 스마트폰, 태블릿, PC 등의 디바이스에서 재생되는 버전으로 변환(또는 "트랜스코딩")할 수 있습니다.

79. Which of the following are benefits of Amazon EC2 Auto Scaling? (Choose two.)

80. A company has several departments. Each department has its own AWS accounts for its applications. The company wants all AWS costs on a single invoice to simplify payment, but the company wants to know the costs that each department is incurring.
Which AWS tool or feature will provide this functionality?

=> A. AWS Pricing Calculator

Anticipate / new app = Pricing Calculator

가격 예측은 pricing Calculator

82. A company wants to eliminate the need to guess infrastructure capacity before deployments. The company also wants to spend its budget on cloud resources only as the company uses the resources.
Which advantage of the AWS Cloud matches the company's requirements?

=> D. Pay-as-you-go pricing

83. Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co- location environments, or on-premises facilities?

=> D. Aws Storage Gateway

Storage Gateway란?

• 온프레미스를 클라우드 기반 스토리지와 연결하여, 온프레미스와 IT 환경과 AWS의 스토리지를 사용하는 서비스
• 파일 기반, 볼륨 기반 및 테이프 기반 솔루션 제공

storage Gateway를 통해 온프레미스+ aws로 스토리지를 사용할 수 있다.

85. An online retail company has seasonal sales spikes several times a year, primarily around holidays. Demand is lower at other times. The company finds it difficult to predict the increasing infrastructure demand for each season.
Which advantages of moving to the AWS Cloud would MOST benefit the company? (Choose two.)

86. Which AWS service can be used to turn text into lifelike speech?

=> A. Amazon Polly 

"Amazon Polly is a service that turns text into lifelike speech"

polly는 텍스트를 사람 음성으로 바꿔준다. 

87. Which AWS service or tool can be used to capture information about inbound and outbound traffic in an Amazon VPC?

88. A company wants to ensure that two Amazon EC2 instances are in separate data centers with minimal communication latency between the data centers.
How can the company meet this requirement?

=> B,E