Table of Contents
In this article, we will continue with our practice test for AWS Certified Cloud Practitioner(Foundational) exam. If you haven't checked the last part of this practice test series then you can check it on AWS Certified Cloud Practitioner(Foundational) Practice Test Part - 2 [Latest]. Here also we are going to cover some more important questions and answers that you must be practicing before facing the certification exam. This will further boost your confidence to successfully pass this exam.
![AWS Certified Cloud Practitioner(Foundational) Practice Test Part - 3 [Latest]](https://www.cyberithub.com/wp-content/uploads/2024/12/cloud_test.jpg)
AWS Certified Cloud Practitioner(Foundational) Practice Test Part - 3 [Latest]
Also Read: AWS Certified Cloud Practitioner(Foundational) Practice Test Part - 1 [Latest]
1. Which categories are included in the AWS Trusted Advisor dashboard? (Select TWO)
a) Reliability
b) Performance
c) Scalability
d) Elasticity
e) Fault Tolerance
Ans. b) Performance
e) Fault Tolerance
2. Which service enables you to review the security of your Amazon S3 buckets by checking for open access permissions?
a) Amazon CloudWatch
b) AWS CloudTrail
c) AWS Trusted Advisor
d) Amazon GuardDuty
Ans. c) AWS Trusted Advisor
3. Which actions can you perform using Amazon CloudWatch? (Select TWO)
a) Monitor your resources utilization and performance
b) Receive real-time guidance for improving your AWS environment
c) Compare your infrastructure to AWS best practices in five categories
d) Access metrics from a single dashboard
e) Automatically detect unusual account activity
Ans. a) Monitor your resources utilization and performance
d) Access metrics from a single dashboard
4. Which tasks can you perform using AWS CloudTrail? (Select TWO)
a) Monitor your AWS infrastructure and resources in real time
b) Track user activities and API requests throughout your AWS infrastructure
c) View metrics and graphs to monitor the performance of resources
d) Filter logs to assist with operational analysis and troubleshooting
e) Configure automatic actions and alerts in response to metrics
Ans. b) Track user activities and API requests throughout your AWS infrastructure
d) Filter logs to assist with operational analysis and troubleshooting
5. Which task can AWS Key Management Service (AWS KMS) perform?
a) Configure multi-factor authentication (MFA)
b) Update the AWS account root user password
c) Create cryptographic keys
d) Assign permissions to users and groups
Ans. c) Create cryptographic keys
6. Which service helps protect your applications against distributed denial-of-service (DDoS) attacks?
a) Amazon GuardDuty
b) Amazon Inspector
c) AWS Artifact
d) AWS Shield
Ans. d) AWS Shield
7. Which statement best describes the principle of least privilege?
a) Adding an IAM user into at least one IAM group
b) Checking a packet's permissions against an access control list
c) Granting only the permissions that are needed to perform specific tasks
d) Performing a denial of service attack that originates from at least one device
Ans. c) Granting only the permissions that are needed to perform specific tasks
8. An employee requires temporary access to create several Amazon S3 buckets. Which option would be the best choice for this task?
a) AWS account root user
b) IAM group
c) IAM role
d) Service control policy (SCP)
Ans. c) IAM role
9. Which statement best describes an IAM policy?
a) An authentication process that provides an extra layer of protection for your AWS account
b) A document that grants or denies permissions to AWS services and resources
c) An identity that you can assume to gain temporary access to permissions
d) The identity that is established when you first create the AWS account
Ans. b) A document that grants or denies permissions to AWS services and resources
10. Which tasks can you complete in AWS Artifact? (Select TWO)
a) Access AWS compliance reports on-demand
b) Consolidate and manage multiple AWS accounts within a central location
c) Create users to enable people and applications to interact with AWS services and resources
d) Set permissions for accounts by configuring service control policies (SCPs)
e) Review, accept and manage agreements with AWS
Ans. a) Access AWS compliance reports on-demand
e) Review, accept and manage agreements with AWS
11. You are configuring service control policies (SCPs) in AWS Organizations. Which identities and resources can SCPs be applied to? (Select TWO)
a) IAM users
b) IAM groups
c) An individual member account
d) IAM roles
e) An organizational unit (OU)
Ans. c) An individual member account
e) An organizational unit (OU)
12. Which tasks are the responsibilities of customers? (Select TWO)
a) Maintaining network infrastructure
b) Patching software on Amazon EC2 instances
c) Implementing physical security controls at data centers
d) Setting permissions for Amazon S3 objects
e) Maintaining servers that run Amazon EC2 instances
Ans. b) Patching software on Amazon EC2 instances
d) Setting permissions for Amazon S3 objects
13. Which service is used to query and analyze data across a data warehouse?
a) Amazon Redshift
b) Amazon Neptune
c) Amazon DocumentDB
d) Amazon ElasticCache
Ans. a) Amazon Redshift
14. Which statement best describes Amazon DynamoDB?
a) A service that enables you to run relational databases in the AWS Cloud
b) A serverless key-value database service
c) A service that you can use to migrate relational databases, nonrelational databases, and other types of data stores
d) An enterprise-class relational database
Ans. b) A serverless key-value database service
15. You want to store data in an object storage service. Which AWS service is best for this type of storage?
a) Amazon Managed Blockchain
b) Amazon Elastic File System (Amazon EFS)
c) Amazon Elastic Block Store (Amazon EBS)
d) Amazon Simple Storage Service (Amazon S3)
Ans. d) Amazon Simple Storage Service (Amazon S3)
16. Which statement or statements are TRUE about Amazon EBS volumes and Amazon EFS file systems?
a) EBS volumes store data within a single Availability Zone. Amazon EFS file systems store data across multiple Availability Zones.
b) EBS volumes store data across multiple Availability Zones. Amazon EFS file systems store data within a single Availability Zone.
c) EBS volumes and Amazon EFS file systems both store data within a single Availability Zone
d) EBS volumes and Amazon EFS file systems both store data across multiple Availability Zones.
Ans. a) EBS volumes store data within a single Availability Zone. Amazon EFS file systems store data across multiple Availability Zones.
17. Which Amazon S3 storage classes are optimized for archival data? (Select TWO)
a) Amazon S3 Standard
b) Amazon S3 Glacier Flexible Retrieval
c) Amazon S3 Intelligent-Tiering
d) Amazon S3 Standard-IA
e) Amazon S3 Glacier Deep Archive
Ans. b) Amazon S3 Glacier Flexible Retrieval
e) Amazon S3 Glacier Deep Archive
18. What are the scenarios in which you should use Amazon Relational Database Service (Amazon RDS)? (Select TWO)
a) Running a serverless database
b) Using SQL to organize data
c) Storing data in a key-value database
d) Scaling up to 10 trillion requests per day
e) Storing data in an Amazon Aurora database.
Ans. b) Using SQL to organize data
e) Storing data in an Amazon Aurora database.
19. Which of the following are characteristics of the Amazon EBS Service? (Select TWO)
a) Best for data that requires retention
b) Best for temporary data that is not kept long term
c) Separate drives from the host computer of an EC2 instance
d) Physically attached to the host computer of an EC2 instance
e) Data is deleted when an EC2 instance is stopped
Ans. a) Best for data that requires retention
c) Separate drives from the host computer of an EC2 instance
20. A company plans to create a data lake that uses Amazon S3. Which factor will have the MOST effect on cost?
a) The selection of S3 storage tiers
b) Charges to transfer existing data into Amazon S3
c) The addition of S3 bucket policies
d) S3 ingest fees for each request
Ans. a) The selection of S3 storage tiers
21. Which AWS service or feature can a company use to determine which business unit is using specific AWS resources?
a) Cost allocation tags
b) Key pairs
c) Amazon Inspector
d) AWS Trusted Advisor
Ans. a) Cost allocation tags
22. A company wants to migrate its workloads to AWS, but it lacks expertise in AWS Cloud computing. Which AWS service or feature will help the company with its migration?
a) AWS Trusted Advisor
b) AWS Consulting Partners
c) AWS Artifacts
d) AWS Managed Services
Ans. b) AWS Consulting Partners
23. Which AWS service or tool should a company use to centrally request and track service limit increases?
a) AWS Config
b) Service Quotas
c) AWS Service Catalog
d) AWS Budgets
Ans. b) Service Quotas
24. A large enterprise with multiple VPCs in several AWS Regions around the world needs to connect and centrally manage network connectivity between its VPCs. Which AWS service or feature meets these requirements?
a) AWS Direct Connect
b) AWS Transit Gateway
c) AWS Site-to-Site VPN
d) VPC endpoints
Ans. b) AWS Transit Gateway
25. Which AWS service supports the creation of visual reports from AWS Cost and Usage Report data?
a) Amazon Athena
b) Amazon QuickSight
c) Amazon CloudWatch
d) AWS Organizations
Ans. b) Amazon QuickSight
26. A manufacturing company has a critical application that runs at a remote site that has a slow internet connection. The company wants to migrate the workload to AWS. The application is sensitive to latency and interruptions in connectivity. The company wants a solution that can host this application with minimum latency. Which AWS service or feature should the company use to meet these requirements?
a) Availability Zones
b) AWS Local Zones
c) AWS Wavelength
d) AWS Outposts
Ans. d) AWS Outposts
27. A company wants to use the AWS Cloud to provide secure access to desktop applications that are running in a fully managed environment. Which AWS service should the company use to meet this requirement?
a) Amazon S3
b) Amazon AppStream
c) AWS AppSync
d) AWS Outposts
Ans. b) Amazon AppStream
28. A company needs to install an application in a Docker container. Which AWS service eliminates the need to provision and manage the container hosts?
a) AWS Fargate
b) Amazon FSx for Windows File Server
c) Amazon Elastic Container Service (Amazon ECS)
d) Amazon EC2
Ans. a) AWS Fargate
29. A company has a fleet of cargo ships. The cargo ships have sensors that collect data at sea, where there is intermittent or no internet connectivity. The company needs to collect, format, and process the data at sea and move the data to AWS later. Which AWS service should the company use to meet these requirements?
a) AWS IoT Core
b) Amazon Lightsail
c) AWS Storage Gateway
d) AWS Snowball Edge
Ans. d) AWS Snowball Edge
30. A company has several departments. Each department has its own AWS accounts for its applications. The company wants all AWS costs on a single invoice to simplify payment, but the company wants to know the costs that each department is incurring. Which AWS tool or feature will provide this functionality?
a) AWS Cost and Usage Reports
b) Consolidated billing
c) Savings Plans
d) AWS Budgets
Ans. b) Consolidated billing
31. Which AWS service can be used to turn text into lifelike speech?
a) Amazon Polly
b) Amazon Kendra
c) Amazon Rekognition
d) Amazon Connect
Ans. a) Amazon Polly
32. Which of the following is a component of the AWS Global Infrastructure?
a) Amazon Alexa
b) AWS Regions
c) Amazon Lightsail
d) AWS Organizations
Ans. b) AWS Regions
33. A company wants to perform sentiment analysis on customer service email messages that it receives. The company wants to identify whether the customer service engagement was positive or negative. Which AWS service should the company use to perform this analysis?
a) Amazon Textract
b) Amazon Translate
c) Amazon Comprehend
d) Amazon Rekognition
Ans. c) Amazon Comprehend
34. A retail company has recently migrated its website to AWS. The company wants to ensure that it is protected from SQL injection attacks. The website uses an Application Load Balancer to distribute traffic to multiple Amazon EC2 instances.
Which AWS service or feature can be used to create a custom rule that blocks SQL injection attacks?
a) Security groups
b) AWS WAF Most Voted
c) Network ACLs
d) AWS Shield
Ans. b) AWS WAF
35. Which AWS service provides a feature that can be used to proactively monitor and plan for the service quotas of AWS resources?
a) AWS CloudTrail
b) AWS Personal Health Dashboard
c) AWS Trusted Advisor
d) Amazon CloudWatch
Ans. c) AWS Trusted Advisor
36. Which design principle is included in the operational excellence pillar of the AWS Well-Architected Framework?
a) Create annotated documentation.
b) Anticipate failure.
c) Ensure performance efficiency.
d) Optimize costs.
Ans. b) Anticipate failure.
37. Which of the following AWS service have automated backups configured by default?
a) Amazon RDS MySQL Database
b) MySQL Database installed on EC2
c) Amazon Batch
d) Amazon Athena
Ans. a) Amazon RDS MySQL Database
38. Which feature of the AWS Cloud helps quickly deliver new functionality iteratively, thereby minimizing the time to market?
a) Availability Zones
b) Agility
c) Elasticity
d) Enhanced networking
Ans. b) Agility
39. Which of the following method should be used to gain programmatic access to AWS resources from the AWS CLI?
a) IAM Role
b) User ID and Password
c) Security Group
d) Access Key
Ans. d) Access Key
40. What is the billing system for an EC2 instance running the Amazon Linux 2 AMI?
a) Per Instance
b) Per Second
c) Per Minute
d) Per Month
Ans. b) Per Second
41. According to the AWS Shared Responsibility Model, which of the following fall under the customer responsibilities? (Select TWO.)
a) Setting up encryption on an Amazon S3 bucket
b) Physical security of data center facilities
c) Patching the EC2 Operating System
d) Patching the network infrastructure
Ans. a) Setting up encryption on an Amazon S3 bucket
c) Patching the EC2 Operating System
42. Which of the following technique is based on CloudWatch metrics and threshold values?
a) Scheduled Scaling
b) Target Tracking
c) Step Scaling
d) Predictive Scaling
Ans. c) Step Scaling
43. What is the amount of data that you can store in Amazon S3?
a) 100 PB
b) 1 PB
c) Virtually Unlimited
d) 1 EB
Ans. c) Virtually Unlimited
44. What is a specific benefit of an Enterprise Support plan?
a) Included AWS Cloud Architect
b) Included Technical Account Manager
c) Included AWS Support Analysts
d) Included AWS Technical Support Manager
Ans. b) Included Technical Account Manager
45. Which AWS security tool uses an agent installed in EC2 instances to check for any vulnerabilities or unexpected deviations in the application?
a) AWS Macie
b) AWS Glacier
c) AWS Inspector
d) AWS KMS
Ans. c) AWS Inspector
46. Which of the following AWS feature can be used to capture information about inbound and outbound IP traffic on network interfaces in a VPC?
a) VPC Peering
b) VPC Flow Logs
c) Transit Gateway
d) Site to Site VPN
Ans. b) VPC Flow Logs
47. Which AWS service is designed to be used for operational analytics?
a) Amazon Elastic Search
b) Amazon Timestream
c) Amazon DynamoDB
d) Amazon Kinesis
Ans. a) Amazon Elastic Search
48. Which service can be used to monitor, store and access log files generated by EC2 instances and on-premises servers?
a) AWS Organization
b) Amazon CloudWatch Logs
c) Amazon CloudFront
d) AWS Global Accelerator
Ans. b) Amazon CloudWatch Logs
49. Which of the following components can be configured through the VPC console in AWS? (Select TWO)
a) Endpoint
b) Subnet
c) Security Group
d) Key-Pair
Ans. a) Endpoint
b) Subnet
50. Which AWS service provides a managed software version control system?
a) AWS CloudWatch
b) AWS CodeCommit
c) AWS Code Artifact
d) AWS CodeBuild
Ans. b) AWS CodeCommit