



















































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This exam focuses on common questions candidates have about certification requirements, exam structures, retake policies, scheduling, scoring, validity period, and continuing education expectations. By reviewing FAQ-style questions, candidates become familiar with administrative and procedural aspects of the certification process.
Typology: Exams
1 / 91
This page cannot be seen from the preview
Don't miss anything!




















































































Question 1. Which architecture style is most appropriate for an application that must scale independently for each business function? A) Monolithic B) Microservices C) Serverless D) Client‑Server Answer: B Explanation: Microservices break an application into independent services, allowing each to be scaled, deployed, and managed separately. Question 2. In a cloud environment, vertical scaling refers to: A) Adding more instances of a service B) Increasing the resources (CPU, RAM) of a single instance C) Distributing traffic across multiple regions D) Using a content delivery network Answer: B Explanation: Vertical scaling (scaling up) enlarges the capacity of a single compute resource, whereas horizontal scaling adds more instances. Question 3. Which of the following statements about elasticity is TRUE? A) Resources are added manually by administrators. B) Elasticity guarantees 100 % uptime. C) Resources can be automatically provisioned and de‑provisioned based on demand. D) Elasticity only applies to storage services. Answer: C Explanation: Elasticity is the ability of a system to automatically adjust resources in response to workload changes.
Question 4. High availability is primarily achieved by: A) Using a single large instance. B) Deploying resources in multiple Availability Zones. C) Encrypting data at rest. D) Enabling multi‑factor authentication. Answer: B Explanation: Distributing workloads across multiple Availability Zones reduces the impact of zone‑level failures, increasing availability. Question 5. Which disaster‑recovery strategy provides the fastest recovery time objective (RTO)? A) Backup and restore B) Pilot light C) Warm standby D) Multi‑site active‑active Answer: D Explanation: An active‑active multi‑site configuration runs workloads simultaneously in two locations, enabling near‑instant failover. Question 6. In a VPC, a subnet that routes traffic to the internet via an Internet Gateway is called: A) Private subnet B) Public subnet C) Isolated subnet D) Transit subnet Answer: B
Answer: C Explanation: Layer 7 (application‑layer) load balancers inspect protocol data (e.g., HTTP headers) to direct traffic. Question 10. Which CDN benefit directly improves user experience for globally distributed clients? A) Reducing compute costs. B) Providing edge caching of static assets. C) Enabling server‑side encryption. D) Automating database backups. Answer: B Explanation: CDNs cache content at edge locations close to users, reducing latency and improving performance. Question 11. Which compute option is best suited for running a stateless function that processes image uploads on demand? A) Virtual Machine (VM) B) Container service C) Function‑as‑a‑Service (FaaS) D) Dedicated bare‑metal server Answer: C Explanation: FaaS (serverless) runs code in response to events, scaling automatically and charging only for execution time, ideal for on‑demand tasks. Question 12. Auto Scaling groups primarily help with: A) Manual provisioning of resources. B) Automatic adjustment of compute capacity based on defined policies.
C) Encrypting data at rest. D) Managing DNS records. Answer: B Explanation: Auto Scaling monitors metrics and adds or removes instances to maintain desired performance and cost. Question 13. When selecting an instance type for a memory‑intensive database workload, you should prioritize: A) Compute‑optimized instances. B) Storage‑optimized instances. C) General‑purpose instances. D) Memory‑optimized instances. Answer: D Explanation: Memory‑optimized instances provide a higher RAM‑to‑CPU ratio, benefiting workloads that require large in‑memory caches or buffers. Question 14. Object storage is most appropriate for which of the following use cases? A) Hosting a relational database’s data files. B) Storing VM boot disks. C) Archiving log files and serving static website assets. D) Providing block‑level storage for high‑performance applications. Answer: C Explanation: Object storage excels at storing unstructured data like logs, backups, and static website files, offering durability and scalability. Question 15. Block storage differs from object storage because it: A) Provides a hierarchical file system interface.
A) Atomicity B) Consistency C) Isolation D) Durability Answer: A Explanation: Atomicity guarantees that all operations within a transaction succeed as a unit; otherwise, none are applied. Question 19. Which NoSQL database type is best suited for storing hierarchical JSON documents? A) Key‑Value store B) Document store C) Graph database D) Column‑family store Answer: B Explanation: Document databases (e.g., MongoDB) store semi‑structured JSON‑like documents, supporting nested data. Question 20. A read replica in a relational database architecture is primarily used to: A) Provide high‑availability failover. B) Offload read‑heavy traffic from the primary instance. C) Store backup snapshots. D) Perform write‑intensive workloads. Answer: B Explanation: Read replicas replicate data from the primary DB and serve read queries, reducing load on the primary.
Question 21. Which characteristic distinguishes OLAP from OLTP systems? A) OLAP processes transactional inserts. B) OLAP is optimized for complex analytical queries over large datasets. C) OLAP enforces strict ACID compliance for every operation. D) OLAP supports real‑time user interactions. Answer: B Explanation: OLAP (Online Analytical Processing) is designed for aggregations and analytical queries, whereas OLTP handles high‑volume transactional operations. Question 22. A data lake typically stores data in which format? A) Fully normalized relational tables. B) Raw, unstructured or semi‑structured files. C) Pre‑aggregated cubes. D) Encrypted binary blobs only. Answer: B Explanation: Data lakes ingest raw data (e.g., logs, images) in its native format, allowing flexible downstream processing. Question 23. Real‑time analytics on streaming data most often relies on which type of service? A) Batch processing pipelines. B) Data warehouse queries. C) Stream processing platforms (e.g., Kinesis, Kafka). D) Offline ETL jobs. Answer: C Explanation: Stream processing services ingest and analyze data continuously as it arrives, enabling real‑time insights.
Question 27. Which cloud security service specifically protects web applications from SQL injection, cross‑site scripting, and other OWASP Top 10 threats? A) DDoS protection service B) Web Application Firewall (WAF) C) Network firewall D) Endpoint protection platform Answer: B Explanation: A WAF inspects HTTP traffic and blocks known web‑application attacks. Question 28. The Shared Responsibility Model states that: A) The cloud provider is responsible for all security controls. B) The customer is responsible for the underlying hardware. C) Both provider and customer share responsibilities, with the provider securing the infrastructure and the customer securing their workloads. D) Responsibility shifts entirely to the customer after deployment. Answer: C Explanation: The provider secures the physical infrastructure; the customer secures data, applications, and configurations. Question 29. Which service is best suited for storing and retrieving secrets such as API keys and database passwords? A) Object storage bucket B) Key Management Service (KMS) only C) Secrets Manager or Parameter Store D) Public DNS records Answer: C
Explanation: Secrets Manager and Parameter Store provide secure storage, rotation, and controlled access for sensitive configuration data. Question 30. GDPR primarily concerns the protection of: A) Financial transaction data. B) Personal data of individuals in the European Union. C) Health records in the United States. D) Intellectual property patents. Answer: B Explanation: The General Data Protection Regulation governs how EU residents’ personal data may be processed and transferred. Question 31. Which logging practice helps meet compliance requirements for audit trails? A) Deleting logs after 24 hours. B) Storing logs in an encrypted, immutable storage with defined retention periods. C) Sending logs to a public forum. D) Aggregating logs only in memory. Answer: B Explanation: Immutable, retained, and encrypted logs ensure integrity and availability for audits. Question 32. Metrics differ from logs in that metrics are: A) Unstructured textual records of events. B) Quantitative, time‑series data points used for monitoring performance. C) Detailed traces of individual requests. D) Only generated by database services. Answer: B
D) Pay‑As‑You‑Go Answer: C Explanation: Reserved Instances require a 1‑ or 3‑year commitment and provide a discounted hourly rate compared to On‑Demand. Question 36. Spot Instances are most appropriate for: A) Mission‑critical databases requiring 99.99 % uptime. B) Stateless, fault‑tolerant workloads that can handle interruptions. C) Long‑running batch jobs with strict deadlines. D) Production web servers without redundancy. Answer: B Explanation: Spot Instances are cheaper but can be reclaimed; they suit workloads that can be paused or restarted. Question 37. Tagging resources primarily assists with: A) Improving network latency. B) Enabling fine‑grained access control and cost allocation. C) Encrypting data at rest. D) Automatic scaling of compute. Answer: B Explanation: Tags add metadata to resources, allowing cost reporting, organization, and policy enforcement. Question 38. Infrastructure as Code (IaC) differs from traditional manual provisioning because IaC: A) Requires physical access to servers. B) Uses declarative configuration files to automate resource creation.
C) Cannot be version‑controlled. D) Is only usable for networking components. Answer: B Explanation: IaC defines desired infrastructure state in code, enabling repeatable, automated deployments. Question 39. Terraform’s state file is essential because it: A) Stores encrypted user passwords. B) Tracks the current resources that Terraform manages, enabling accurate updates. C) Contains the source code of Lambda functions. D) Is used to generate billing reports. Answer: B Explanation: The state file records the real‑world resources created, allowing Terraform to detect drift and apply changes safely. Question 40. Which CI/CD stage is responsible for compiling source code and producing binary artifacts? A) Source B) Build C) Test D) Deploy Answer: B Explanation: The Build stage transforms source code into executable artifacts (e.g., JAR, Docker image). Question 41. A pipeline that runs unit tests after the build stage but before deployment is implementing which best practice?
Question 44. When choosing between synchronous API calls and asynchronous message queues, the primary factor is: A) Need for immediate response vs. tolerance for eventual consistency. B. Required bandwidth. C. Number of developers on the team. D. Size of the code repository. Answer: A Explanation: Synchronous calls require immediate results; queues enable delayed processing and eventual consistency. Question 45. Which AWS service provides a managed, highly available, and scalable DNS solution? A) Amazon S B) Amazon Route 53 C) Amazon CloudFront D) Amazon VPC Answer: B Explanation: Route 53 is a DNS web service offering domain registration, routing, and health checking. Question 46. A NAT Gateway is used to: A) Provide inbound internet traffic to private subnets. B) Allow outbound internet access for resources in private subnets. C) Encrypt traffic between VPCs. D. Perform load balancing at Layer 7. Answer: B
Explanation: NAT Gateways enable instances without public IPs to initiate outbound connections while remaining unreachable from the internet. Question 47. Which storage option provides block‑level access with sub‑millisecond latency for a high‑performance database? A) Standard object storage. B) General‑purpose SSD block storage. C) Magnetic HDD. D) Glacier archive. Answer: B Explanation: General‑purpose SSD block storage delivers low latency suitable for transactional databases. Question 48. In a relational database, a foreign key constraint ensures: A) All rows are unique. B) Referential integrity between related tables. C) Data is encrypted at rest. D. Automatic scaling of compute resources. Answer: B Explanation: A foreign key enforces that a value in one table matches a primary key value in another, maintaining relational consistency. Question 49. Which of the following describes a “cold start” in serverless functions? A) A function that never terminates. B) The latency incurred when a new execution environment is provisioned. C) A function that runs on a dedicated VM. D. Automatic scaling to zero instances.
Answer: C Explanation: TLS (formerly SSL) encrypts HTTP, resulting in HTTPS, protecting data during transmission. Question 53. Which IAM policy element specifies the actions that are allowed or denied? A) Effect B) Action C) Resource D) Condition Answer: B Explanation: The “Action” element lists API operations (e.g., s3:PutObject) that the policy affects. Question 54. A security incident that involves a compromised access key should be mitigated by: A. Deleting the associated IAM user. B) Rotating the access key and revoking the old one. C) Disabling MFA for all users. D) Increasing instance sizes. Answer: B Explanation: Rotating the compromised key removes the attacker’s access while preserving legitimate usage. Question 55. Which compliance framework focuses on the protection of health information in the United States?
Answer: B Explanation: HIPAA (Health Insurance Portability and Accountability Act) governs PHI handling. Question 56. An audit log that records every API call made to a cloud account is an example of: A. A metric. B) A trace. C) A log. D) A secret. Answer: C Explanation: API call records are event logs that capture who performed which action and when. Question 57. Which cost‑optimization technique involves shutting down non‑production instances during off‑hours? A) Right‑sizing. B) Reserved Instances. C) Instance scheduling. D) Spot bidding. Answer: C Explanation: Scheduling automates start/stop of resources based on usage patterns, reducing unnecessary spend.