A company wants its AWS usage to be more sustainable. The company wants to track, measure, review, and forecast polluting emissions that result from its AWS applications. Which AWS service or tool can the company use to meet these requirements?
A. AWS Health Dashboard B. AWS customer carbon footprint tool C. AWS Support Center D. Amazon QuickSight
Answer: BExplanation: AWS customer carbon footprint tool is a tool that helps customers measure and manage their carbon emissions from their AWS usage. It provides data on the carbonintensity, energy consumption, and estimated emissions of AWS services across regionsand time periods. It also enables customers to review and forecast their emissions, andcompare them with industry benchmarks. AWS Health Dashboard is a service that providespersonalized information about the health and performance of AWS services and resources. AWS Support Center is a service that provides access to AWS supportresources, such as cases, forums, and documentation. Amazon QuickSight is a servicethat provides business intelligence and analytics for AWS data sources.
Question # 242
Which AWS services are supported by Savings Plans? (Select TWO.)
A. Amazon EC2 B. Amazon RDS C. Amazon SageMaker D. Amazon Redshift E. Amazon DynamoDB
Answer: A,C Explanation: The AWS services that are supported by Savings Plans are:Amazon EC2: Amazon EC2 is a service that provides scalable computing capacityin the AWS cloud. You can use Amazon EC2 to launch virtual servers, configuresecurity and networking, and manage storage. Amazon EC2 is eligible for bothCompute Savings Plans and EC2 Instance Savings Plans12.Amazon SageMaker: Amazon SageMaker is a service that helps you build anddeploy machine learning models. You can use Amazon SageMaker to accessJupyter notebooks, use common machine learning algorithms, train and tunemodels, and deploy them to a hosted environment. Amazon SageMaker is eligiblefor SageMaker Savings Plans13.The other options are not supported by Savings Plans. Amazon RDS, Amazon Redshift,and Amazon DynamoDB are database services that are eligible for Reserved Instances,but not Savings Plans4.
Question # 243
A company wants to migrate its workloads to AWS, but it lacks expertise in AWS Cloud computing. Which AWS service or feature will help the company with its migration?
A. AWS Trusted Advisor B. AWS Consulting Partners C. AWS Artifacts D. AWS Managed Services
Answer: D Explanation: AWS Managed Services is a service that provides operational managementfor AWS infrastructure and applications. It helps users migrate their workloads to AWS andprovides ongoing support, security, compliance, and automation. AWS Trusted Advisor is aservice that provides best practices and recommendations for cost optimization,performance, security, and fault tolerance. AWS Consulting Partners are professionalservices firms that help customers design, architect, build, migrate, and manage theirworkloads and applications on AWS. AWS Artifacts is a service that provides on-demandaccess to AWS compliance reports and select online agreements.
Question # 244
A company has designed its AWS Cloud infrastructure to run its workloads effectively. The company also has protocols in place to continuously improve supporting processes. Which pillar of the AWS Well-Architected Framework does this scenario represent?
A. Security B. Performance efficiency C. Cost optimization D. Operational excellence
Answer: D Explanation: The scenario represents the operational excellence pillar of the AWS Well-Architected Framework, which focuses on running and monitoring systems to deliverbusiness value and continually improve supporting processes and procedures1. Security,performance efficiency, cost optimization, and reliability are the other four pillars of theframework1.
Question # 245
A company needs a graph database service that is scalable and highly available. Which AWS service meets these requirements?
A. Amazon Aurora B. Amazon Redshift C. Amazon DynamoDB D. Amazon Neptune
Answer: D Explanation: The AWS service that meets the requirements of providing a graphdatabase service that is scalable and highly available is Amazon Neptune. AmazonNeptune is a fast, reliable, and fully managed graph database service that supportsproperty graph and RDF graph models. Amazon Neptune is designed to store billions ofrelationships and query the graph with milliseconds latency. Amazon Neptune also offershigh availability and durability by replicating six copies of the data across three AvailabilityZones and continuously backing up the data to Amazon S35. Amazon Aurora, AmazonRedshift, and Amazon DynamoDB are other AWS services that provide relational or nonrelationaldatabase solutions, but they do not support graph database models.
Question # 246
Which VPC component provides a layer of security at the subnet level?
A. Security groups B. Network ACLs C. NAT gateways D. Route tables
Answer: B Explanation: Network ACLs are a feature that provide a layer of security at the subnet level by acting as a firewall to control traffic in and out of one or more subnets. NetworkACLs can be configured with rules that allow or deny traffic based on the source anddestination IP addresses, ports, and protocols5. Security groups are a feature that providea layer of security at the instance level by acting as a firewall to control traffic to and fromone or more instances. Security groups can be configured with rules that allow or denytraffic based on the source and destination IP addresses, ports, protocols, and securitygroups. NAT gateways are a feature that enable instances in a private subnet to connect tothe internet or other AWS services, but prevent the internet from initiating a connection withthose instances. Route tables are a feature that determine where network traffic from asubnet or gateway is directed.
Question # 247
According to the AWS shared responsibility model, which task is the customer's responsibility?
A. Maintaining the infrastructure needed to run AWS Lambda B. Updating the operating system of Amazon DynamoDB instances C. Maintaining Amazon S3 infrastructure D. Updating the guest operating system on Amazon EC2 instances
Answer: D Explanation: The AWS shared responsibility model describes the division ofresponsibilities between AWS and the customer for security and compliance. AWS isresponsible for the security of the cloud, which includes the hardware, software,networking, and facilities that run AWS services. The customer is responsible for security inthe cloud, which includes the customer data, applications, operating systems, and networkand firewall configurations. Therefore, updating the guest operating system on AmazonEC2 instances is the customer’s responsibility2
Question # 248
Which task must a user perform by using the AWS account root user credentials?
A. Make changes to AWS production resources. B. Change AWS Support plans. C. Access AWS Cost and Usage Reports. D. Grant auditors’ access to an AWS account for a compliance audit.
Answer: B Explanation: Changing AWS Support plans is a task that must be performed by using theAWS account root user credentials. The root user is the email address that you used tosign up for AWS. It has complete access to all AWS services and resources in the account. You should use the root user only to perform a few account and service managementtasks, such as changing AWS Support plans, closing the account, or changing the accountname or email address. Making changes to AWS production resources, accessing AWSCost and Usage Reports, and granting auditors access to an AWS account for acompliance audit are tasks that can be performed by using IAM users or roles, which areentities that you create in AWS to delegate permissions to access AWS services andresources.
Question # 249
Amazon Elastic File System (Amazon EFS) and Amazon FSx offer which type of storage?
A. File storage B. Object storage C. Block storage D. Instance store
Answer: A Explanation: Amazon Elastic File System (Amazon EFS) and Amazon FSx are AWSservices that offer file storage. File storage is a type of storage that organizes data into filesand folders that can be accessed and shared over a network. File storage is suitable forapplications that require shared access to data, such as content management, mediaprocessing, and web serving. Amazon EFS provides a simple, scalable, and fully managedelastic file system that can be used with AWS Cloud services and on-premisesresources. Amazon FSx provides fully managed third-party file systems, such as WindowsFile Server and Lustre, with native compatibility and high performance12
Question # 250
A company needs to securely store important credentials that an application uses to connect users to a database. Which AWS service can meet this requirement with the MINIMAL amount of operational overhead?
A. AWS Key Management Service (AWS KMS) B. AWS Config C. AWS Secrets Manager D. Amazon GuardDuty
Answer: C Explanation: AWS Secrets Manager is a service that helps you protect secrets needed toaccess your applications, services, and IT resources. You can use AWS Secrets Managerc to store, rotate, and retrieve database credentials, API keys, and other secrets throughouttheir lifecycle. AWS Secrets Manager eliminates the need to hardcode sensitive informationin plain text, and reduces the risk of unauthorized access or leakage. AWS SecretsManager also integrates with other AWS services, such as AWS Lambda, Amazon RDS,and AWS CloudFormation, to simplify the management of secrets across yourenvironment5