Skip to the content.

Practice Exam 22

Click on the Answer button for the correct answer and its explanation.

If this practice exam has been helpful to you please share it with others and react to this below.


  1. A company operating in the AWS Cloud requires separate invoices for specific environments, such as development, testing, and production.
    How can this be achieved?
    • A. Use multiple AWS accounts
    • B. Use resource tagging
    • C. Use multiple VPCs
    • D. Use Cost Explorer
    Answer

    Correct Answer: B

  2. Which AWS service can be used in the application deployment process?
    • A. AWS AppSync
    • B. AWS Batch
    • C. AWS CodePipeline
    • D. AWS DataSync
    Answer

    Correct Answer: C

  3. What can be used to reduce the cost of running Amazon EC2 instances? (Choose two.)
    • A. Spot Instances for stateless and flexible workloads
    • B. Memory optimized instances for high-compute workloads
    • C. On-Demand Instances for high-cost and sustained workloads
    • D. Reserved Instances for sustained workloads
    • E. Spend limits set using AWS Budgets
    Answer

    Correct Answer: AD

  4. A company is launching an e-commerce site that will store and process credit card data. The company requires information about AWS compliance reports and AWS agreements.
    Which AWS service provides on-demand access to these items?
    • A. AWS Certificate Manager
    • B. AWS Config
    • C. AWS Artifact
    • D. AWS CloudTrail
    Answer

    Correct Answer: C

  5. Which AWS service or feature allows the user to manage cross-region application traffic?
    • A. Amazon AppStream 2.0
    • B. Amazon VPC
    • C. Elastic Load Balancer
    • D. Amazon Route 53
    Answer

    Correct Answer: A

  6. Which AWS service can be used to track unauthorized API calls?
    • A. AWS Config
    • B. AWS CloudTrail
    • C. AWS Trusted Advisor
    • D. Amazon Inspector
    Answer

    Correct Answer: B

  7. A user needs to regularly audit and evaluate the setup of all AWS resources, identify non-compliant accounts, and be notified when a resource changes.
    Which AWS service can be used to meet these requirements?
    • A. AWS Trusted Advisor
    • B. AWS Config
    • C. AWS Resource Access Manager
    • D. AWS Systems Manager
    Answer

    Correct Answer: B

  8. A user is planning to launch two additional Amazon EC2 instances to increase availability.
    Which action should the user take?
    • A. Launch the instances across multiple Availability Zones in a single AWS Region.
    • B. Launch the instances as EC2 Reserved Instances in the same AWS Region and the same Availability Zone.
    • C. Launch the instances in multiple AWS Regions, but in the same Availability Zone.
    • D. Launch the instances as EC2 Spot Instances in the same AWS Region, but in different Availability Zones.
    Answer

    Correct Answer: A

  9. A company must store critical business data in Amazon S3 with a backup to another AWS Region.
    How can this be achieved?
    • A. Use an Amazon CloudFront Content Delivery Network (CDN) to cache data globally
    • B. Set up Amazon S3 cross-region replication to another AWS Region
    • C. Configure the AWS Backup service to back up to the data to another AWS Region
    • D. Take Amazon S3 bucket snapshots and copy that data to another AWS Region
    Answer

    Correct Answer: B

  10. Which AWS Cloud service can send alerts to customers if custom spending thresholds are exceeded?
    • A. AWS Budgets
    • B. AWS Cost Explorer
    • C. AWS Cost Allocation Tags
    • D. AWS Organizations
    Answer

    Correct Answer: A

  11. What is the recommended method to request penetration testing on AWS resources?
    • A. Open a support case
    • B. Fill out the Penetration Testing Request Form
    • C. Request a penetration test from your technical account manager
    • D. Contact your AWS sales representative
    Answer

    Correct Answer: B

  12. A user needs to automatically discover, classify, and protect sensitive data stored in Amazon S3.
    Which AWS service can meet these requirements?
    • A. Amazon Inspector
    • B. Amazon Macie
    • C. Amazon GuardDuty
    • D. AWS Secrets Manager
    Answer

    Correct Answer: B

  13. Which components are required to build a successful site-to-site VPN connection on AWS? (Choose two.)
    • A. Internet gateway
    • B. NAT gateway
    • C. Customer gateway
    • D. Transit gateway
    • E. Virtual private gateway
    Answer

    Correct Answer: CD

  14. Which Amazon EC2 pricing option is best suited for applications with short-term, spiky, or unpredictable workloads that cannot be interrupted?
    • A. Spot Instances
    • B. Dedicated Hosts
    • C. On-Demand Instances
    • D. Reserved Instances
    Answer

    Correct Answer: C

  15. Which AWS cloud architecture principle states that systems should reduce interdependencies?
    • A. Scalability
    • B. Services, not servers
    • C. Removing single points of failure
    • D. Loose coupling
    Answer

    Correct Answer: D

  16. What is the MOST effective resource for staying up to date on AWS security announcements?
    • A. AWS Personal Health Dashboard
    • B. AWS Secrets Manager
    • C. AWS Security Bulletins
    • D. Amazon Inspector
    Answer

    Correct Answer: C

  17. Which AWS service offers persistent storage for a file system?
    • A. Amazon S3
    • B. Amazon EC2 instance store
    • C. Amazon Elastic Block Store (Amazon EBS)
    • D. Amazon ElastiCache
    Answer

    Correct Answer: C

  18. Which of the following allows AWS users to manage cost allocations for billing?
    • A. Tagging resources
    • B. Limiting who can create resources
    • C. Adding a secondary payment method
    • D. Running all operations on a single AWS account
    Answer

    Correct Answer: A

  19. Which AWS service allows users to download security and compliance reports about the AWS infrastructure on demand?
    • A. Amazon GuardDuty
    • B. AWS Security Hub
    • C. AWS Artifact
    • D. AWS Shield
    Answer

    Correct Answer: C

  20. Which of the following AWS services are serverless? (Choose two.)
    • A. AWS Lambda
    • B. Amazon Elasticsearch Service
    • C. AWS Elastic Beanstalk
    • D. Amazon DynamoDB
    • E. Amazon Redshift
    Answer

    Correct Answer: AD

  21. Which AWS managed services can be used to extend an on-premises data center to the AWS network? (Choose two.)
    • A. AWS VPN
    • B. NAT gateway
    • C. AWS Direct Connect
    • D. Amazon Connect
    • E. Amazon Route 53
    Answer

    Correct Answer: AC

  22. Which requirement must be met for a member account to be unlinked from an AWS Organizations account?
    • A. The linked account must be actively compliant with AWS System and Organization Controls (SOC).
    • B. The payer and the linked account must both create AWS Support cases to request that the member account be unlinked from the organization.
    • C. The member account must meet the requirements of a standalone account.
    • D. The payer account must be used to remove the linked account from the organization.
    Answer

    Correct Answer: C

  23. What AWS benefit refers to a customer’s ability to deploy applications that scale up and down the meet variable demand?
    • A. Elasticity
    • B. Agility
    • C. Security
    • D. Scalability
    Answer

    Correct Answer: D

  24. During a compliance review, one of the auditors requires a copy of the AWS SOC 2 report.
    Which service should be used to submit this request?
    • A. AWS Personal Health Dashboard
    • B. AWS Trusted Advisor
    • C. AWS Artifact
    • D. Amazon S3
    Answer

    Correct Answer: C

  25. A company wants to set up a highly available workload in AWS with a disaster recovery plan that will allow the company to recover in case of a regional service interruption.
    Which configuration will meet these requirements?
    • A. Run on two Availability Zones in one AWS Region, using the additional Availability Zones in the AWS Region for the disaster recovery site.
    • B. Run on two Availability Zones in one AWS Region, using another AWS Region for the disaster recovery site.
    • C. Run on two Availability Zones in one AWS Region, using a local AWS Region for the disaster recovery site.
    • D. Run across two AWS Regions, using a third AWS Region for the disaster recovery site.
    Answer

    Correct Answer: D

    Explanation: https://aws.amazon.com/blogs/startups/large-scale-disaster-recovery-using-aws-regions/

  26. A company has a 500 TB image repository that needs to be transported to AWS for processing.
    Which AWS service can import this data MOST cost-effectively?
    • A. AWS Snowball
    • B. AWS Direct Connect
    • C. AWS VPN
    • D. Amazon S3
    Answer

    Correct Answer: A

    Explanation: https://aws.amazon.com/blogs/storage/migrating-hundreds-of-tb-of-data-to-amazon-s3-with-aws-datasync/

  27. Which AWS service can run a managed PostgreSQL database that provides online transaction processing (OLTP)?
    • A. Amazon DynamoDB
    • B. Amazon Athena
    • C. Amazon RDS
    • D. Amazon EMR
    Answer

    Correct Answer: C

    Explanation: https://aws.amazon.com/rds/postgresql/

  28. Which of the following assist in identifying costs by department? (Choose two.)
    • A. Using tags on resources
    • B. Using multiple AWS accounts
    • C. Using an account manager
    • D. Using AWS Trusted Advisor
    • E. Using Consolidated Billing
    Answer

    Correct Answer: AB

  29. A company wants to allow full access to an Amazon S3 bucket for a particular user.
    Which element in the S3 bucket policy holds the user details that describe who needs access to the S3 bucket?
    • A. Principal
    • B. Action
    • C. Resource
    • D. Statement
    Answer

    Correct Answer: A

    Explanation: https://docs.aws.amazon.com/AmazonS3/latest/dev/walkthrough1.html

  30. Which AWS service allows for effective cost management of multiple AWS accounts?
    • A. AWS Organizations
    • B. AWS Trusted Advisor
    • C. AWS Direct Connect
    • D. Amazon Connect
    Answer

    Correct Answer: A

    Explanation: https://aws.amazon.com/blogs/aws/aws-organizations-policy-based-management-for-multiple-aws-accounts/

  31. A company is piloting a new customer-facing application on Amazon Elastic Compute Cloud (Amazon EC2) for one month.
    What pricing model is appropriate?
    • A. Reserved Instances
    • B. Spot Instances
    • C. On-Demand Instances
    • D. Dedicated Hosts
    Answer

    Correct Answer: C

    Explanation: https://aws.amazon.com/ec2/pricing/

  32. Which AWS tools automatically forecast future AWS costs?
    • A. AWS Support Center
    • B. AWS Total Cost of Ownership (TCO) Calculator
    • C. AWS Simple Monthly Calculator
    • D. Cost Explorer
    Answer

    Correct Answer: D

    Explanation: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/ce-forecast.html

  33. Under the AWS shared responsibility model, which of the following is a responsibility of AWS?
    • A. Enabling server-side encryption for objects stored in S3
    • B. Applying AWS IAM security policies
    • C. Patching the operating system on an Amazon EC2 instance
    • D. Applying updates to the hypervisor
    Answer

    Correct Answer: D

    Explanation: https://aws.amazon.com/compliance/shared-responsibility-model/?ref=wellarchitected

  34. A user is able to set up a master payer account to view consolidated billing reports through:
    • A. AWS Budgets.
    • B. Amazon Macie.
    • C. Amazon QuickSight.
    • D. AWS Organizations.
    Answer

    Correct Answer: D

    Explanation: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/consolidated-billing.html

  35. Performing operations as code is a design principle that supports which pillar of the AWS Well-Architected Framework?
    • A. Performance efficiency
    • B. Operational excellence
    • C. Reliability
    • D. Security
    Answer

    Correct Answer: B

    Explanation: https://aws.amazon.com/blogs/apn/the-5-pillars-of-the-aws-well-architected-framework/

  36. Which design principle is achieved by following the reliability pillar of the AWS Well-Architected Framework?
    • A. Vertical scaling
    • B. Manual failure recovery
    • C. Testing recovery procedures
    • D. Changing infrastructure manually
    Answer

    Correct Answer: C

    Explanation: https://aws.amazon.com/blogs/apn/the-5-pillars-of-the-aws-well-architected-framework/

  37. What is a characteristic of Convertible Reserved Instances (RIs)?
    • A. Users can exchange Convertible RIs for other Convertible RIs from a different instance family.
    • B. Users can exchange Convertible RIs for other Convertible RIs in different AWS Regions.
    • C. Users can sell and buy Convertible RIs on the AWS Marketplace.
    • D. Users can shorten the term of their Convertible RIs by merging them with other Convertible RIs.
    Answer

    Correct Answer: A

    Explanation: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-convertible-exchange.html

  38. The user is fully responsible for which action when running workloads on AWS?
    • A. Patching the infrastructure components
    • B. Implementing controls to route application traffic
    • C. Maintaining physical and environmental controls
    • D. Maintaining the underlying infrastructure components
    Answer

    Correct Answer: B

  39. An architecture design includes Amazon EC2, an Elastic Load Balancer, and Amazon RDS.
    What is the BEST way to get a monthly cost estimation for this architecture?
    • A. Open an AWS Support case, provide the architecture proposal, and ask for a monthly cost estimation.
    • B. Collect the published prices of the AWS services and calculate the monthly estimate.
    • C. Use the AWS Simple Monthly Calculator to estimate the monthly cost.
    • D. Use the AWS Total Cost of Ownership (TCO) Calculator to estimate the monthly cost.
    Answer

    Correct Answer: C

    Explanation: https://docs.aws.amazon.com/pricing-calculator/latest/userguide/aws-pc.pdf

  40. Which are benefits of using Amazon RDS over Amazon EC2 when running relational databases on AWS? (Choose two.)
    • A. Automated backups
    • B. Schema management
    • C. Indexing of tables
    • D. Software patching
    • E. Extract, transform, and load (ETL) management
    Answer

    Correct Answer: AD

    Explanation: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html

  41. What does the Amazon S3 Intelligent-Tiering storage class offer?
    • A. Payment flexibility by reserving storage capacity
    • B. Long-term retention of data by copying the data to an encrypted Amazon Elastic Block Store (Amazon EBS) volume
    • C. Automatic cost savings by moving objects between tiers based on access pattern changes
    • D. Secure, durable, and lowest cost storage for data archival
    Answer

    Correct Answer: C

    Explanation: https://aws.amazon.com/about-aws/whats-new/2018/11/s3-intelligent-tiering/

  42. A company has multiple data sources across the organization and wants to consolidate data into one data warehouse.
    Which AWS service can be used to meet this requirement?
    • A. Amazon DynamoDB
    • B. Amazon Redshift
    • C. Amazon Athena
    • D. Amazon QuickSight
    Answer

    Correct Answer: B

    Explanation: https://aws.amazon.com/redshift/faqs/

  43. Which AWS service can be used to track resource changes and establish compliance?
    • A. Amazon CloudWatch
    • B. AWS Config
    • C. AWS CloudTrail
    • D. AWS Trusted Advisor
    Answer

    Correct Answer: B

    Explanation: https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html

  44. A user has underutilized on-premises resources.
    Which AWS Cloud concept can BEST address this issue?
    • A. High availability
    • B. Elasticity
    • C. Security
    • D. Loose coupling
    Answer

    Correct Answer: B

    Explanation: https://www.gremlin.com/blog/implementing-cost-saving-strategies-on-amazon-ec-2-with-chaos-engineering/

  45. A user has a stateful workload that will run on Amazon EC2 for the next 3 years.
    What is the MOST cost-effective pricing model for this workload?
    • A. On-Demand Instances
    • B. Reserved Instances
    • C. Dedicated Instances
    • D. Spot Instances
    Answer

    Correct Answer: B

  46. A cloud practitioner needs an Amazon EC2 instance to launch and run for 7 hours without interruptions.
    What is the most suitable and cost-effective option for this task?
    • A. On-Demand Instance
    • B. Reserved Instance
    • C. Dedicated Host
    • D. Spot Instance
    Answer

    Correct Answer: A

  47. Which of the following are benefits of using AWS Trusted Advisor? (Choose two.)
    • A. Providing high-performance container orchestration
    • B. Creating and rotating encryption keys
    • C. Detecting underutilized resources to save costs
    • D. Improving security by proactively monitoring the AWS environment
    • E. Implementing enforced tagging across AWS resources
    Answer

    Correct Answer: CD

    Explanation: https://aws.amazon.com/about-aws/whats-new/2016/06/aws-support-enables-tagging-capabilities-for-trusted-advisor/

  48. A developer has been hired by a large company and needs AWS credentials.
    Which are security best practices that should be followed? (Choose two.)
    • A. Grant the developer access to only the AWS resources needed to perform the job.
    • B. Share the AWS account root user credentials with the developer.
    • C. Add the developer to the administrator’s group in AWS IAM.
    • D. Configure a password policy that ensures the developer’s password cannot be changed.
    • E. Ensure the account password policy requires a minimum length.
    Answer

    Correct Answer: AE

  49. Which AWS storage service is designed to transfer petabytes of data in and out of the cloud?
    • A. AWS Storage Gateway
    • B. Amazon S3 Glacier Deep Archive
    • C. Amazon Lightsail
    • D. AWS Snowball
    Answer

    Correct Answer: D

    Explanation: https://docs.aws.amazon.com/snowball/latest/ug/transfer-petabytes.html

  50. Which service provides a user the ability to warehouse data in the AWS Cloud?
    • A. Amazon EFS
    • B. Amazon Redshift
    • C. Amazon RDS
    • D. Amazon VPC
    Answer

    Correct Answer: B

    Explanation: https://aws.amazon.com/redshift/

Please feel free to comment below if any information is inaccurate or if any answers need correction.

Exam List