Cloud practitioner sample exam questions
The following are just sample exam questions I used to prepare for my certification. I drop them here because someone may find them useful. And please share it if you can.
N.B: If you find any mistake please comment below. Thanks
The questions are based on the new cloud practitioner domains(CLF-C02):
Cloud concepts(24%)
Security & compliance(30%)
Cloud Technology & Services(34%)
Billing, Pricing, & Support(12%)
Questions:
Question: What is the main benefit of cloud computing?
a) Increased physical security b) Reduced operational cost c) Limited scalability d) Slower deployment
Answer: b) Reduced operational cost
Explanation: Cloud computing typically reduces operational costs by eliminating the need for upfront infrastructure investments and providing pay-as-you-go pricing.
Question: What is the AWS Well-Architected Framework primarily designed to help with?
a) Managing security groups b) Building highly available and secure applications c) Automating infrastructure provisioning d) Data analytics
Answer: b) Building highly available and secure applications
Explanation: The AWS Well-Architected Framework is a set of best practices to help you build secure, high-performing, resilient, and efficient infrastructure for your applications.
Question: Which AWS service allows you to run code without provisioning or managing servers?
a) Amazon RDS b) Amazon EC2 c) AWS Lambda d) Amazon S3
Answer: c) AWS Lambda
Explanation: AWS Lambda is a serverless compute service that allows you to run code in response to events without managing servers.
Question: What is elasticity in the context of cloud computing?
a) The ability to scale resources up or down based on demand b) The ability to store large amounts of data c) The physical security of data centers d) The speed of internet connectivity
Answer: a) The ability to scale resources up or down based on demand
Explanation: Elasticity in cloud computing refers to the ability to dynamically adjust resources to match workload changes.
Question: Which AWS service helps you protect your data at rest by encrypting it?
a) Amazon RDS b) Amazon CloudFront c) AWS Key Management Service (KMS) d) Amazon DynamoDB
Answer: c) AWS Key Management Service (KMS)
Explanation: AWS KMS allows you to create and control encryption keys used to encrypt your data at rest.
Question: What is AWS IAM used for?
a) Monitoring AWS infrastructure b) Managing AWS resources c) Distributing content globally d) Encrypting data at rest
Answer: b) Managing AWS resources
Explanation: AWS Identity and Access Management (IAM) is used to manage access to AWS resources and services securely.
Question: What is the shared responsibility model in AWS security?
a) AWS is responsible for all aspects of security b) The customer is responsible for all aspects of security c) AWS and the customer share security responsibilities d) AWS is responsible for physical security only
Answer: c) AWS and the customer share security responsibilities
Explanation: AWS follows a shared responsibility model where AWS is responsible for the security of the cloud infrastructure, and the customer is responsible for security in the cloud.
Question: What is the purpose of AWS CloudTrail?
a) To monitor AWS resource utilization b) To track user activity and API usage c) To analyze website traffic d) To manage AWS databases
Answer: b) To track user activity and API usage
Explanation: AWS CloudTrail records API calls and actions taken on AWS resources, allowing you to monitor and audit activity.
Question: Which AWS service provides on-demand capacity for EC2 instances?
a) Amazon RDS b) Amazon S3 c) Amazon EC2 Auto Scaling d) Amazon DynamoDB
Answer: c) Amazon EC2 Auto Scaling
Explanation: EC2 Auto Scaling automatically adjusts the number of EC2 instances to maintain application availability and scale based on demand.
Question: What is Amazon S3 primarily used for?
a) Running virtual machines b) Storing and retrieving data c) Managing databases d) Performing analytics
Answer: b) Storing and retrieving data
Explanation: Amazon S3 is a highly scalable and durable object storage service used for storing and retrieving data.
Question: What AWS service allows you to set up a virtual private cloud (VPC) for network isolation?
a) Amazon RDS b) Amazon EC2 c) Amazon S3 d) Amazon VPC
Answer: d) Amazon VPC
Explanation: Amazon Virtual Private Cloud (VPC) allows you to create a private network within AWS for network isolation and security.
Question: Which AWS service is a managed container orchestration service?
a) Amazon ECS b) Amazon RDS c) Amazon S3 d) Amazon Lambda
Answer: a) Amazon ECS
Explanation: Amazon Elastic Container Service (ECS) is a managed container orchestration service for deploying and managing containers.
Question: How is AWS pricing typically structured for many services?
a) Pay-as-you-go b) Fixed monthly fee c) Annual upfront payment d) Free
Answer: a) Pay-as-you-go
Explanation: AWS often uses a pay-as-you-go pricing model where you pay for the resources you use, without upfront fees or long-term commitments.
Question: What is an AWS Free Tier?
a) A free support plan for AWS services b) A limited-time promotion for new AWS customers c) A discount for non-profit organizations d) A type of virtual private cloud (VPC)
Answer: b) A limited-time promotion for new AWS customers
Explanation: The AWS Free Tier is a promotional offering that provides limited free access to AWS services for new customers.
Question: What is AWS Trusted Advisor?
a) A tool for creating AWS accounts b) A certification program for AWS professionals c) A service that provides cost optimization and security recommendations d) A machine learning service
Answer: c) A service that provides cost optimization and security recommendations
Explanation: AWS Trusted Advisor analyzes your AWS environment and provides recommendations for cost optimization and security improvements.
Question: What is the AWS global network of data centers called?
a) AWS Cloud Network b) AWS Global Infrastructure c) AWS Data Center Network d) AWS Region
Answer: d) AWS Region
Explanation: AWS Regions are the globally distributed data centers that make up the AWS infrastructure.
Question: Which AWS service allows you to set up a content delivery network (CDN) to distribute content globally?
a) Amazon RDS b) Amazon CloudFront c) Amazon VPC d) Amazon S3
Answer: b) Amazon CloudFront
Explanation: Amazon CloudFront is a CDN service that distributes content to multiple edge locations for low-latency access.
Question: What is the term for the practice of using multiple AWS Regions for disaster recovery?
a) Region Redundancy b) Multi-Availability Zone c) Regional Failover d) Multi-Region
Answer: d) Multi-Region
Explanation: Multi-region architecture involves replicating resources across multiple AWS Regions for disaster recovery and high availability.
Question: Which AWS service provides a simple way to set up a virtual private network (VPN) connection to your on-premises network?
a) Amazon RDS b) Amazon VPC c) AWS Direct Connect d) Amazon S3
Answer: c) AWS Direct Connect
Explanation: AWS Direct Connect provides dedicated network connections between your on-premises data center and AWS.
Question: What is AWS Artifact?
a) A compliance and security portal that provides on-demand access to AWS compliance reports b) A threat detection service c) A security group for Amazon EC2 instances d) A data encryption service
Answer: a) A compliance and security portal that provides on-demand access to AWS compliance reports
Explanation: AWS Artifact is a portal that provides access to AWS compliance reports and other security and compliance-related documents.
Question: Which AWS service allows you to configure and control access to AWS services and resources?
a) Amazon RDS b) Amazon EC2 c) AWS IAM (Identity and Access Management) d) AWS Key Management Service (KMS)
Answer: c) AWS IAM (Identity and Access Management)
Explanation: AWS IAM allows you to configure and control access to AWS services and resources securely.
Question: What is AWS Inspector used for?
a) To scan and assess the security of Amazon S3 buckets b) To monitor network traffic in real-time c) To manage containers in Amazon ECS d) To perform vulnerability assessments on EC2 instances
Answer: d) To perform vulnerability assessments on EC2 instances
Explanation: AWS Inspector helps you identify vulnerabilities and security issues in EC2 instances.
Question: What is the AWS Key Management Service (KMS) primarily used for?
a) To create virtual private networks (VPNs) b) To monitor network traffic c) To manage encryption keys d) To manage user identities
Answer: c) To manage encryption keys
Explanation: AWS KMS is used to create and manage encryption keys for protecting data at rest and in transit.
Question: What is the purpose of AWS Elastic Beanstalk?
a) To monitor EC2 instances b) To manage databases c) To deploy and manage web applications d) To provide virtual private networks (VPNs)
Answer: c) To deploy and manage web applications
Explanation: AWS Elastic Beanstalk is a Platform as a Service (PaaS) that simplifies the deployment and management of web applications.
Question: What AWS service is designed for real-time data streaming and analytics?
a) Amazon RDS b) Amazon Redshift c) Amazon Kinesis d) Amazon DynamoDB
Answer: c) Amazon Kinesis
Explanation: Amazon Kinesis is a service for real-time data streaming and analytics.
Question: What is the primary use case for Amazon Aurora?
a) Real-time data analytics b) Data warehousing c) Scalable and highly available relational databases d) Object storage
Answer: c) Scalable and highly available relational databases
Explanation: Amazon Aurora is a relational database service known for its scalability and high availability.
Question: What is AWS Lambda primarily used for?
a) Running virtual machines b) Storing and retrieving data c) Executing code in response to events d) Managing containers
Answer: c) Executing code in response to events
Explanation: AWS Lambda allows you to run code in response to events without managing servers or infrastructure.
Question: What is AWS Trusted Advisor primarily used for?
a) Providing technical support b) Analyzing and optimizing AWS costs c) Managing encryption keys d) Monitoring network traffic
Answer: b) Analyzing and optimizing AWS costs
Explanation: AWS Trusted Advisor helps you identify cost-saving opportunities in your AWS environment.
Question: What is an AWS Support plan?
a) A plan for deploying AWS resources b) A plan for securing AWS resources c) A subscription for accessing AWS services d) A plan for accessing AWS technical support
Answer: d) A plan for accessing AWS technical support
Explanation: AWS Support plans provide access to AWS technical support and resources.
Question: What is the AWS Total Cost of Ownership (TCO) Calculator used for?
a) To calculate the cost of AWS services b) To compare the costs of running workloads on-premises vs. in AWS c) To estimate the number of users on an AWS account d) To calculate the cost of Amazon S3 storage
Answer: b) To compare the costs of running workloads on-premises vs. in AWS
Explanation: The AWS TCO Calculator helps you estimate and compare the costs of running workloads on-premises vs. in AWS.
Question: What is the AWS Well-Architected Framework's pillar that focuses on optimizing costs?
a) Operational Excellence b) Security c) Reliability d) Cost Optimization
Answer: d) Cost Optimization
Explanation: The Cost Optimization pillar of the AWS Well-Architected Framework focuses on optimizing costs while maintaining performance.
Question: What AWS service allows you to archive data for long-term retention at a lower cost?
a) Amazon S3 Glacier b) Amazon CloudFront c) Amazon Redshift d) Amazon Aurora
Answer: a) Amazon S3 Glacier
Explanation: Amazon S3 Glacier is designed for data archiving and long-term retention at a lower cost.
Question: What is the purpose of AWS Organizations?
a) To manage DNS records b) To create virtual private clouds (VPCs) c) To centrally manage and consolidate AWS accounts d) To analyze website traffic
Answer: c) To centrally manage and consolidate AWS accounts
Explanation: AWS Organizations allows you to centrally manage and consolidate multiple AWS accounts.
Question: What is the term for the practice of distributing incoming traffic across multiple Amazon EC2 instances?
a) Data warehousing b) Load balancing c) Content delivery d) Data archiving
Answer: b) Load balancing
Explanation: Load balancing distributes incoming traffic across multiple instances to ensure high availability and fault tolerance.
Question: Which AWS service is designed to help you detect and respond to security incidents?
a) AWS Identity and Access Management (IAM) b) AWS Security Hub c) AWS Key Management Service (KMS) d) AWS Direct Connect
Answer: b) AWS Security Hub
Explanation: AWS Security Hub provides a comprehensive view of your security posture and helps you detect and respond to security incidents.
Question: What is AWS WAF used for?
a) To analyze website traffic b) To monitor EC2 instances c) To protect web applications from common web exploits d) To manage encryption keys
Answer: c) To protect web applications from common web exploits
Explanation: AWS WAF (Web Application Firewall) helps protect web applications from common security threats and exploits.
Question: What is the AWS Artifact report called that provides a summary of compliance for specific AWS services?
a) AWS Security Hub b) AWS Trusted Advisor c) AWS Config d) AWS Artifact Compliance Report
Answer: d) AWS Artifact Compliance Report
Explanation: AWS Artifact provides various compliance reports, and the Compliance Report provides a summary of compliance for specific AWS services.
Question: What is the purpose of AWS Macie?
a) To manage databases b) To analyze network traffic c) To monitor AWS infrastructure d) To discover and protect sensitive data
Answer: d) To discover and protect sensitive data
Explanation: AWS Macie is a service for discovering and protecting sensitive data.
Question: What is the AWS service used to create and manage relational databases in the cloud?
a) Amazon RDS b) Amazon S3 c) Amazon EC2 d) AWS Lambda
Answer: a) Amazon RDS
Explanation: Amazon RDS (Relational Database Service) is used to create and manage relational databases in the cloud.
Question: Which AWS service provides a fully managed data warehouse for analytics?
a) Amazon RDS b) Amazon Aurora c) Amazon Redshift d) Amazon DynamoDB
Answer: c) Amazon Redshift
Explanation: Amazon Redshift is a fully managed data warehouse service for analytics.
Question: What is the primary use case for Amazon Elastic File System (EFS)?
a) Storing and retrieving data b) Running virtual machines c) Distributing content globally d) Shared file storage
Answer: d) Shared file storage
Explanation: Amazon EFS is a managed file storage service designed for shared access across multiple instances.
Question: What is Amazon Lightsail?
a) A container orchestration service b) A managed web hosting service c) A data warehousing service d) A machine learning platform
Answer: b) A managed web hosting service
Explanation: Amazon Lightsail provides a simplified, managed web hosting service with pre-configured options.
Question: What is the AWS Simple Monthly Calculator used for?
a) To calculate monthly AWS costs based on usage b) To estimate the number of users on an AWS account c) To manage encryption keys d) To perform vulnerability assessments
Answer: a) To calculate monthly AWS costs based on usage
Explanation: The AWS Simple Monthly Calculator helps estimate monthly AWS costs based on resource usage.
Question: What is the term for the practice of using multiple AWS Availability Zones for fault tolerance?
a) Regional redundancy b) Multi-Region c) Data archiving d) Cost optimization
Answer: a) Regional redundancy
Explanation: Regional redundancy involves replicating resources across multiple AWS Availability Zones for fault tolerance.
Question: What is the AWS Cost Explorer used for?
a) To create AWS accounts b) To analyze and visualize AWS cost and usage data c) To monitor EC2 instances d) To set up a virtual private network (VPN)
Answer: b) To analyze and visualize AWS cost and usage data
Explanation: AWS Cost Explorer helps you analyze and visualize your AWS cost and usage data.
Question: What does the AWS Shared Responsibility Model specify?
a) The division of responsibilities between AWS and the customer for security and compliance b) How AWS shares its profits with customers c) The pricing structure of AWS services d) The technical details of AWS infrastructure
Answer: a) The division of responsibilities between AWS and the customer for security and compliance
Explanation: The Shared Responsibility Model specifies the responsibilities of AWS and the customer for security and compliance.
Question: What is the AWS Marketplace?
a) A platform for selling physical products b) A marketplace for cloud-based software and services c) A community forum for AWS users d) A data analytics service
Answer: b) A marketplace for cloud-based software and services
Explanation: The AWS Marketplace is an online store where you can find and purchase software and services that run on AWS.
Question: What is AWS Elastic Load Balancing (ELB) used for?
a) To manage databases b) To distribute incoming traffic across multiple Amazon EC2 instances c) To analyze website traffic d) To store and retrieve data
Answer: b) To distribute incoming traffic across multiple Amazon EC2 instances
Explanation: AWS Elastic Load Balancing (ELB) distributes incoming traffic to ensure high availability and scalability.
Question: What is the AWS Service Level Agreement (SLA)?
a) A legal contract between AWS and customers b) A document outlining AWS security policies c) A guarantee of uptime and availability for AWS services d) A description of AWS support plans
Answer: c) A guarantee of uptime and availability for AWS services
Explanation: The AWS SLA provides a guarantee of uptime and availability for AWS services.
Question: What is AWS Cognito primarily used for?
a) To manage encryption keys b) To analyze network traffic c) To authenticate and authorize users for web and mobile applications d) To monitor AWS infrastructure
Answer: c) To authenticate and authorize users for web and mobile applications
Explanation: AWS Cognito is a service for user authentication and authorization in web and mobile applications.
Question: What is the AWS Key Management Service (KMS) Customer Master Key (CMK)?
a) A public key used for encryption b) A private key used for decryption c) A symmetric encryption key used for data encryption d) A password used for AWS account access
Answer: c) A symmetric encryption key used for data encryption
Explanation: The AWS KMS Customer Master Key (CMK) is a symmetric encryption key used for data encryption.
Question: Which AWS service provides automated security assessments?
a) Amazon RDS b) Amazon GuardDuty c) Amazon VPC d) Amazon CloudFront
Answer: b) Amazon GuardDuty
Explanation: Amazon GuardDuty provides automated security assessments for AWS accounts and resources.
Question: What is the AWS Well-Architected Framework's pillar that focuses on the ability to recover from failures?
a) Operational Excellence b) Security c) Reliability d) Cost Optimization
Answer: c) Reliability
Explanation: The Reliability pillar of the AWS Well-Architected Framework focuses on the ability to recover from failures.
Question: Which AWS service provides a fully managed NoSQL database?
a) Amazon RDS b) Amazon S3 c) Amazon DynamoDB d) Amazon Redshift
Answer: c) Amazon DynamoDB
Explanation: Amazon DynamoDB is a fully managed NoSQL database service.
Question: What is the purpose of AWS Elastic Container Service (ECS)?
a) To manage containers b) To provide virtual private networks (VPNs) c) To run data analytics d) To distribute content globally
Answer: a) To manage containers
Explanation: AWS Elastic Container Service (ECS) is used to manage containers and containerized applications.
Question: What is the AWS Marketplace used for?
a) To purchase AWS support plans b) To find and purchase software and services that run on AWS c) To create virtual private clouds (VPCs) d) To monitor EC2 instances
Answer: b) To find and purchase software and services that run on AWS
Explanation: The AWS Marketplace is used to find and purchase software and services that run on AWS.
Question: What is the AWS Direct Connect used for?
a) To set up a virtual private network (VPN) b) To analyze network traffic c) To manage databases d) To create dedicated network connections to AWS
Answer: d) To create dedicated network connections to AWS
Explanation: AWS Direct Connect provides dedicated network connections to AWS.
Question: What is AWS Budgets used for?
a) To calculate AWS costs b) To monitor and control AWS costs c) To perform vulnerability assessments d) To analyze network traffic
Answer: b) To monitor and control AWS costs
Explanation: AWS Budgets is used to monitor and control AWS costs by setting cost and usage budgets.
Question: What is an AWS Trusted Advisor recommendation?
a) A security group for EC2 instances b) A cost optimization or security recommendation for AWS resources c) A certification program for AWS professionals d) A type of virtual private cloud (VPC)
Answer: b) A cost optimization or security recommendation for AWS resources
Explanation: AWS Trusted Advisor provides cost optimization and security recommendations for AWS resources.
Question: What is AWS Organizations used for?
a) To analyze website traffic b) To manage DNS records c) To centrally manage and consolidate AWS accounts d) To create virtual private clouds (VPCs)
Answer: c) To centrally manage and consolidate AWS accounts
Explanation: AWS Organizations is used to centrally manage and consolidate multiple AWS accounts.
Question: What is the AWS Global Accelerator used for?
a) To accelerate internet speed for all AWS services b) To distribute content globally c) To improve network latency and availability for applications d) To manage virtual private clouds (VPCs)
Answer: c) To improve network latency and availability for applications
Explanation: AWS Global Accelerator is used to improve network latency and availability for applications by routing traffic through AWS's global network.
Question: What is the AWS Trusted Advisor recommendation for cost optimization known as?
a) Cost Efficiency Alert b) Cost Explorer Report c) Cost Savings Plan d) Cost Optimization Opportunity
Answer: d) Cost Optimization Opportunity
Explanation: In AWS Trusted Advisor, cost optimization recommendations are often referred to as "Cost Optimization Opportunities."
Question: Which AWS service provides security information and event management (SIEM) capabilities?
a) AWS Security Hub b) AWS Cognito c) AWS Direct Connect d) AWS Key Management Service (KMS)
Answer: a) AWS Security Hub
Explanation: AWS Security Hub provides SIEM capabilities for security monitoring and threat detection.
Question: What is the AWS Artifact report called that provides information about compliance with GDPR (General Data Protection Regulation)?
a) GDPR Compliance Report b) AWS GDPR Framework Report c) EU Data Protection Report d) GDPR Data Processing Addendum (DPA)
Answer: d) GDPR Data Processing Addendum (DPA)
Explanation: The GDPR Data Processing Addendum (DPA) is a specific report provided in AWS Artifact related to GDPR compliance.
Question: What AWS service is designed for real-time data streaming, analytics, and machine learning?
a) Amazon Redshift b) Amazon Kinesis c) Amazon Aurora d) Amazon Elastic File System (EFS)
Answer: b) Amazon Kinesis
Explanation: Amazon Kinesis is a service designed for real-time data streaming, analytics, and machine learning.
Disclaimer: These questions are generated by ChatGPT using the following prompt:
Act as an AWS examiner. You are going to create 65 questions on AWS cloud practitioner with answers. Answers should be at the end with their explanations. Try to make those questions in the same format as the actual exam. To be specific the cloud practitioner exam covers the following given in quotes " Cloud concepts(24%), security & compliance(30%), cloud technology & services(34%), Billing, Pricing, & support(12%)