A company wants to allow users to authenticate and authorize multiple AWS accounts by using a single set of credentials. Which AWS service or resource will meet this requirem
A. AWS Organizations B. IAM user C. AWS IAM Identity Center (AWS Single Sign-On) D. AWS Control Tower
Answer: C Explanation: AWS IAM Identity Center (AWS Single Sign-On) is a cloud-based servicethat makes it easy to centrally manage single sign-on (SSO) access to multiple AWSaccounts and business applications. You can use AWS SSO to enable your users to sign into the AWS Management Console or the AWS Command Line Interface (AWS CLI) withtheir existing corporate credentials2. You can also manage SSO access and userpermissions across all your AWS accounts in AWS Organizations3. References: AWSSingle Sign-On - AWS Documentation, AWS Organizations - AWS Documentation
Question # 72
Which AWS service or feature allows a user to establish a dedicated network connection between a company's on-premises data center and the AWS Cloud?
A. AWS Direct Connect B. VPC peering C. AWS VPN D. Amazon Route 53
Answer: A Explanation: AWS Direct Connect is an AWS service that allows users to establish adedicated network connection between their on-premises data center and the AWS Cloud.This connection bypasses the public internet and provides more predictable networkperformance, reduced bandwidth costs, and increased security. Users can choose fromdifferent port speeds and connection types, and use AWS Direct Connect to access AWSservices in any AWS Region globally. Users can also use AWS Direct Connect inconjunction with AWS VPN to create a hybrid network architecture that combines thebenefits of both private and public connectivity. References: AWS Direct Connect, [AWSCloud Practitioner Essentials: Module 3 - Compute in the Cloud]
Question # 73
A company has deployed an application in the AWS Cloud. The company wants to ensure that the application is highly resilient. Which component of AWS infrastructure can the company use to meet this requirement?
A. Content delivery network (CDN) B. Edge locations C. Wavelength Zones D. Availability Zones
Answer: D Explanation: Availability Zones are components of AWS infrastructure that can help thecompany ensure that the application is highly resilient. Availability Zones are multiple,isolated locations within each AWS Region. Each Availability Zone has independent power,cooling, and physical security, and is connected to the other Availability Zones in the sameRegion via low-latency, high-throughput, and highly redundant networking. AvailabilityZones allow you to operate production applications and databases that are more highlyavailable, fault tolerant, and scalable than would be possible from a single data center.
Question # 74
Which AWS service or feature identifies whether an Amazon S3 bucket or an IAM role has been shared with an external entity?
A. AWS Service Catalog B. AWS Systems Manager C. AWS IAM Access Analyzer D. AWS Organizations
Answer: C Explanation: AWS IAM Access Analyzer is a service that helps you identify the resourcesin your organization and accounts, such as Amazon S3 buckets or IAM roles, that areshared with an external entity. This lets you identify unintended access to your resourcesand data, which is a security risk. IAM Access Analyzer uses logic-based reasoning toanalyze the resource-based policies in your AWS environment. For each instance of aresource shared outside of your account, IAM Access Analyzer generates afinding. Findings include information about the access and the external principal granted toit345. References: 3: Using AWS Identity and Access Management AccessAnalyzer, 4: IAM Access Analyzer - Amazon Web Services (AWS), 5: Welcome - IAMAccess Analyzer
Question # 75
What can a cloud practitioner use to retrieve AWS security and compliance documents and submit them as evidence to an auditor or regulator?
A. AWS Certificate Manager B. AWS Systems Manager C. AWS Artifact D. Amazon Inspector
Answer: C Explanation: AWS Artifact is a service that provides on-demand access to AWS securityand compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI)reports, and Service Organization Control (SOC) reports. You can download thesedocuments and submit them as evidence to your auditors or regulators to demonstrate thesecurity and compliance of the AWS infrastructure and services that you use. AWS Artifactalso allows you to review, accept, and manage AWS agreements, such as the BusinessAssociate Addendum (BAA) for customers who are subject to the Health InsurancePortability and Accountability Act (HIPAA). References: AWS Artifact, What is AWSArtifact?
Question # 76
A company wants to run its workload on Amazon EC2 instances for more than 1 year. This workload will run continuously. Which option offers a discounted hourly rate compared to the hourly rate of On-Demand Instances?
A. AWS Graviton processor B. Dedicated Hosts C. EC2 Instance Savings Plans D. Amazon EC2 Auto Scaling instances
Answer: C Explanation: EC2 Instance Savings Plans are a flexible pricing model that offer discountedhourly rates on Amazon EC2 instance usage for a 1 or 3 year term. EC2 Instance SavingsPlans provide savings up to 72% off On-Demand rates, in exchange for a commitment to aspecific instance family in a chosen AWS Region (for example, M5 in Virginia). These plansautomatically apply to usage regardless of size (for example, m5.xlarge, m5.2xlarge, etc.),OS (for example, Windows, Linux, etc.), and tenancy (Host, Dedicated, Default) within thespecified family in a Region. With an EC2 Instance Savings Plan, you can change yourinstance size within the instance family (for example, from c5.xlarge to c5.2xlarge) or theoperating system (for example, from Windows to Linux), or move from Dedicated tenancyto Default and continue to receive the discounted rate provided by your EC2 InstanceSavings Plan4567. References: 4: Compute Savings Plans – Amazon WebServices, 5: What are Savings Plans? - Savings Plans, 6: How To Cut Your AWS Bill WithSavings Plans
Question # 77
A company needs to migrate a PostgreSQL database from on-premises to Amazon RDS. Which AWS service or tool should the company use to meet this requirement?
A. Cloud Adoption Readiness Tool B. AWS Migration Hub C. AWS Database Migration Service (AWS DMS) D. AWS Application Migration Service
Answer: C Explanation: AWS Database Migration Service (AWS DMS) is a managed and automatedservice that helps you migrate your databases from your on-premises or cloud environmentto AWS, either as a one-time migration or as a continuous replication. AWS DMS supportsmigration between 20-plus database and analytics engines, such as PostgreSQL, Oracle, MySQL, SQL Server, MongoDB, Amazon Aurora, Amazon RDS, Amazon Redshift, andAmazon S3. AWS DMS also provides schema conversion and validation tools, as well asmonitoring and security features. AWS DMS is a cost-effective and reliable solution fordatabase migration, as you only pay for the compute resources and additional log storageused during the migration process, and you can minimize the downtime and data loss withMulti-AZ and ongoing replication12To migrate a PostgreSQL database from on-premises to Amazon RDS using AWS DMS,you need to perform the following steps:Create an AWS DMS replication instance in the same AWS Region as your targetAmazon RDS PostgreSQL DB instance. The replication instance is a server thatruns the AWS DMS replication software and connects to your source and targetendpoints. You can choose the instance type, storage, and network settings basedon your migration requirements3Create a source endpoint that points to your on-premises PostgreSQL database.You need to provide the connection details, such as the server name, port,database name, user name, and password. You also need to specify the enginename as postgres and the SSL mode as required4Create a target endpoint that points to your Amazon RDS PostgreSQL DBinstance. You need to provide the connection details, such as the server name,port, database name, user name, and password. You also need to specify theengine name as postgres and the SSL mode as verify-full.Create a migration task that defines the migration settings and options, such asthe replication instance, the source and target endpoints, the migration type (fullload, full load and change data capture, or change data capture only), the tablemappings, the task settings, and the task monitoring role. You can also use theAWS Schema Conversion Tool (AWS SCT) to convert your source schema to thetarget schema and apply it to the target endpoint before or after creating themigration task.Start the migration task and monitor its progress and status using the AWS DMSconsole, the AWS CLI, or the AWS DMS API. You can also use AWSCloudFormation to automate the creation and execution of the migration task.The other options are not suitable for migrating a PostgreSQL database from on-premisesto Amazon RDS. Cloud Adoption Readiness Tool is a tool that helps you assess yourreadiness for cloud adoption based on six dimensions: business, people, process, platform,operations, and security. It does not perform any database migration tasks. AWS MigrationHub is a service that helps you track and manage the progress of your applicationmigrations across multiple AWS and partner services, such as AWS DMS, AWSApplication Migration Service, AWS Server Migration Service, and CloudEndure Migration.It does not perform any database migration tasks itself, but rather integrates with othermigration services. AWS Application Migration Service is a service that helps you migrateyour applications from your on-premises or cloud environment to AWS without making anychanges to the applications, their architecture, or the migrated servers. It does not supportdatabase migration, but rather replicates your servers as Amazon Machine Images (AMIs)and launches them as EC2 instances on AWS.References: AWS Database Migration Service, What is AWS Database MigrationService?, Working with an AWS DMS replication instance, Creating source and targetendpoints for PostgreSQL, [Creating a target endpoint for Amazon RDS for PostgreSQL], [Creating a migration task for AWS DMS], [AWS Schema Conversion Tool], [Starting amigration task for AWS DMS], [AWS CloudFormation], [Cloud Adoption Readiness Tool],[AWS Migration Hub], [AWS Application Migration Service]
Question # 78
At what support level do users receive access to a support concierge?
A. Basic Support B. Developer Support C. Business Support D. Enterprise Support
Answer: D Explanation: Users receive access to a support concierge at the Enterprise Support level.A support concierge is a team of AWS billing and account experts that specialize in workingwith enterprise accounts. They can help users with billing and account inquiries, costoptimization, FinOps support, cost analysis, and prioritized answers to billing questions.The support concierge is included as part of the Enterprise Support plan, which alsoprovides access to a Technical Account Manager (TAM), Infrastructure EventManagement, AWS Trusted Advisor, and 24/7 technical support. References: AWSSupport Plan Comparison, AWS Enterprise Support Plan, AWS Support Concierge
Question # 79
Which AWS service is always provided at no charge?
A. Amazon S3 B. AWS Identity and Access Management (IAM) C. Elastic Load Balancers D. AWS WAF
Answer: B Explanation: AWS Identity and Access Management (IAM) is a web service that helps yousecurely control access to AWS resources. You can use IAM to create and manage AWSusers and groups, and use permissions to allow and deny their access to AWSresources. IAM is always provided at no charge12. References: 1: AWS Identity andAccess Management (IAM) - Amazon Web Services (AWS), 2: Which aws service isalways provided at no charge? - Brainly.in
Question # 80
A company must be able to develop, test, and launch an application in the AWS Cloud quickly. Which advantage of cloud computing will meet these requirements?
A. Stop guessing capacity B. Trade fixed expense for variable expense C. Achieve economies of scale D. Increase speed and agility
Answer: D Explanation: One of the benefits of cloud computing is that it enables customers toincrease speed and agility in developing, testing, and launching applications. Cloudcomputing provides on-demand access to a variety of IT resources, such as compute,storage, networking, databases, and analytics, without requiring upfront investments orlong-term commitments. Customers can provision and release resources in minutes, scaleup and down as needed, and experiment with new technologies and features. This allowscustomers to accelerate their innovation cycles, deliver faster time-to-market, and respondto changing customer needs and demands