















































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Build advanced cloud computing knowledge with this PrepIQ Ultimate Exam preparation guide focused on modern cloud infrastructure and enterprise solutions. Topics include virtualization, cloud architecture, deployment models, cloud security, scalability, DevOps integration, containerization, automation, and multi-cloud governance. Suitable for cloud engineers, administrators, architects, DevOps professionals, and IT transformation specialists.
Typology: Exams
1 / 87
This page cannot be seen from the preview
Don't miss anything!
















































































Question 1. Which cloud service model provides virtualized hardware resources that customers can configure and manage like traditional servers? A) SaaS B) PaaS C) IaaS D) FaaS Answer: C Explanation: IaaS (Infrastructure as a Service) delivers virtual machines, storage, and networking, allowing customers to install operating systems and applications, similar to on-premises servers. Question 2. In the shared responsibility model, which of the following is typically the cloud provider’s responsibility? A) Application-level patching B) Data classification C) Physical security of data centers D) User access management Answer: C Explanation: Cloud providers secure the underlying physical infrastructure, while customers handle data, applications, and identity management. Question 3. Which AWS pricing model charges per second of compute usage and automatically scales to zero when idle? A) On-Demand B) Reserved Instances C) Spot Instances D) AWS Lambda Answer: D
Explanation: AWS Lambda is a serverless service that bills per 1-ms execution time, scaling to zero when no functions are running. Question 4. What is the primary purpose of an AWS Availability Zone (AZ)? A) To provide a distinct pricing tier B) To isolate network traffic from other regions C) To deliver high availability through physically separate data centers D) To host edge caching for CloudFront Answer: C Explanation: An AZ is a physically isolated data center within a region, designed to protect applications from failures in other AZs. Question 5. Which Azure service enables developers to run code without provisioning or managing servers, and integrates with Azure Event Grid? A) Azure Virtual Machines B) Azure Functions C) Azure Kubernetes Service D) Azure App Service Answer: B Explanation: Azure Functions is a serverless compute offering that can be triggered by events from Event Grid, Service Bus, etc., without server management. Question 6. In GCP, which storage class is optimized for data accessed less than once a month and offers the lowest storage cost? A) Standard B) Nearline C) Coldline D) Archive Answer: D
Explanation: Capital expenditures (CapEx) are upfront investments in physical assets, unlike operational expenditures (OpEx) which are recurring costs. Question 10. Which Azure networking component connects an on-premises data center to Azure over a private, dedicated fiber link? A) VPN Gateway B) ExpressRoute C) Azure Front Door D) Azure Traffic Manager Answer: B Explanation: ExpressRoute provides a private, high-throughput connection between on-premises infrastructure and Azure, bypassing the public internet. Question 11. Which AWS feature allows you to define a set of rules that automatically transition S3 objects to cheaper storage tiers? A) S3 Versioning B) S3 Transfer Acceleration C) S3 Lifecycle Policies D) S3 Cross-Region Replication Answer: C Explanation: S3 Lifecycle Policies automate the movement of objects between storage classes (e.g., Standard to Glacier) based on age or other criteria. Question 12. In GCP, which service is a fully managed data warehouse designed for large-scale analytics? A) Cloud SQL B) Cloud Spanner C) BigQuery D) Cloud Datastore
Answer: C Explanation: BigQuery is a serverless, highly scalable analytics data warehouse that supports SQL queries over petabyte-scale datasets. Question 13. Which of the following is a characteristic of a public cloud deployment model? A) Resources are shared among multiple organizations on the same infrastructure. B) The cloud environment is exclusively used by a single organization. C) It requires on-premises hardware for data storage. D) It is governed by a community-wide set of policies. Answer: A Explanation: Public clouds are owned by third-party providers and deliver services over the internet to many customers, sharing the same physical resources. Question 14. Which AWS IAM entity is used to define a set of permissions that can be attached to users, groups, or roles? A) Policy B) Bucket C) VPC D) Availability Zone Answer: A Explanation: IAM policies are JSON documents that specify allowed or denied actions on AWS resources. Question 15. What does the “elastic” in Elastic Load Balancer (ELB) refer to? A) The ability to stretch traffic across multiple continents automatically. B) Dynamic scaling of load-balancing capacity based on traffic patterns. C) Support for both TCP and UDP protocols.
B) Amazon ECS (Elastic Container Service) with Fargate launch type C) Amazon RDS D) Amazon S Answer: B Explanation: ECS with the Fargate launch type provides serverless containers, handling provisioning, scaling, and patching automatically. Question 19. What is the primary benefit of using Infrastructure as Code (IaC) tools like Azure ARM templates? A) Manual configuration of each resource to avoid automation errors. B) Storing sensitive credentials directly in the template. C) Version-controlled, repeatable deployment of infrastructure. D) Eliminating the need for monitoring. Answer: C Explanation: IaC allows infrastructure definitions to be stored as code, enabling version control, reproducibility, and automated provisioning. Question 20. Which GCP networking component provides a single anycast IP address that distributes traffic across multiple backend instances globally? A) Cloud VPN B) Cloud Interconnect C) Cloud Load Balancing (global) D) VPC Peering Answer: C Explanation: Global Cloud Load Balancing uses anycast IPs to route client requests to the nearest healthy backend instance. Question 21. Which AWS storage service offers block-level storage that can be attached to EC2 instances?
A) Amazon S B) Amazon EFS C) Amazon EBS D) Amazon Glacier Answer: C Explanation: Elastic Block Store (EBS) provides persistent block storage volumes that can be mounted as disks on EC2 instances. Question 22. In Azure, which feature enforces compliance by automatically applying governance rules to resources at creation time? A) Azure Monitor B) Azure Policy C) Azure Advisor D) Azure Sentinel Answer: B Explanation: Azure Policy evaluates resources against defined rules and can deny or remediate non-compliant configurations. Question 23. Which cloud deployment model is best suited for multiple organizations with shared concerns such as security, compliance, or jurisdiction? A) Public Cloud B) Private Cloud C) Community Cloud D) Hybrid Cloud Answer: C Explanation: A community cloud is shared by several organizations with common requirements, allowing them to pool resources while maintaining shared governance.
Question 27. In Azure, which service is used to securely store and manage secrets, keys, and certificates? A) Azure Key Vault B) Azure Storage Accounts C) Azure Monitor D) Azure DevOps Answer: A Explanation: Azure Key Vault provides centralized, secure storage for cryptographic keys, secrets, and certificates, with fine-grained access control. Question 28. Which GCP service is a fully managed environment for building and scaling web applications without managing servers? A) Google Compute Engine B) Google App Engine C) Google Cloud Functions D) Google Cloud Run Answer: B Explanation: App Engine abstracts away infrastructure management, automatically handling scaling, load balancing, and health monitoring. Question 29. What does the term “TCO” stand for, and why is it important when evaluating cloud solutions? A) Technical Compliance Overview – ensures regulatory adherence. B) Total Cost of Ownership – captures all direct and indirect costs over time. C) Transactional Cloud Operations – measures API call volume. D) Tiered Capacity Optimization – relates to storage classes. Answer: B
Explanation: Total Cost of Ownership considers acquisition, operation, maintenance, and other expenses, helping organizations compare cloud versus on-premises solutions. Question 30. Which AWS service enables you to run relational databases with automated backups, patching, and scaling? A) Amazon Redshift B) Amazon RDS C) Amazon DynamoDB D) Amazon Aurora Serverless Answer: B Explanation: Amazon Relational Database Service (RDS) manages database engines (e.g., MySQL, PostgreSQL) with automated maintenance tasks. Question 31. In Azure, what does the term “Availability Set” provide for virtual machines? A) Automatic load balancing across regions. B) Fault and update domain separation to improve VM uptime. C) Direct connection to on-premises networks. D) Serverless execution of code. Answer: B Explanation: Availability Sets distribute VMs across fault and update domains, ensuring that not all VMs are impacted by hardware failures or maintenance events. Question 32. Which GCP security feature provides a centralized audit log of all admin activity and API calls? A) Cloud Armor B) Cloud Audit Logs C) Cloud Identity
C) On-Demand Instances D) Serverless Functions Answer: B Explanation: Reserved Instances (or commitments) provide discounted pricing for predictable, long-term usage in exchange for a commitment period. Question 36. What is the primary purpose of a bastion host in a VPC environment? A) To provide a public endpoint for web traffic. B) To serve as a jump server for secure SSH/RDP access to private instances. C) To cache static content at the edge. D) To automatically scale database read replicas. Answer: B Explanation: A bastion host is a hardened, publicly reachable server used to securely access instances inside a private subnet. Question 37. Which AWS service offers a fully managed in-memory data store compatible with Redis and Memcached? A) Amazon RDS B) Amazon ElastiCache C) Amazon SQS D) AWS Glue Answer: B Explanation: ElastiCache provides managed Redis and Memcached clusters for low-latency, in-memory data caching. Question 38. Which GCP product is specifically designed for managing containerized workloads using Kubernetes? A) Google Cloud Functions
B) Google Kubernetes Engine (GKE) C) Google Compute Engine D) Google Cloud Run Answer: B Explanation: GKE is a managed Kubernetes service that automates cluster provisioning, upgrades, and scaling. Question 39. Which AWS tool helps you estimate monthly costs based on projected usage of services? A) AWS Budgets B) AWS Cost Explorer C) AWS Pricing Calculator D) AWS Trusted Advisor Answer: C Explanation: The AWS Pricing Calculator lets users model service usage to generate cost estimates before deployment. Question 40. In Azure, which service provides a fully managed, horizontally scalable NoSQL database with multi-region replication? A) Azure SQL Database B) Azure Table Storage C) Azure Cosmos DB D) Azure Cache for Redis Answer: C Explanation: Azure Cosmos DB offers globally distributed, multi-model NoSQL capabilities with automatic scaling and multi-region replication. Question 41. Which AWS feature automatically distributes incoming application traffic across multiple EC2 instances in different AZs?
Question 44. Which GCP offering is a serverless, event-driven compute platform that runs code in response to events without managing servers? A) Cloud Run B) Cloud Functions C) Compute Engine D) App Engine Standard Answer: B Explanation: Cloud Functions executes code triggered by events (e.g., Pub/Sub, HTTP) and automatically scales to zero when idle. Question 45. In cloud security, what does “encryption at rest” protect? A) Data while it travels over the network. B) Data stored on persistent storage media. C) Data in application memory. D) Data in logs generated by monitoring tools. Answer: B Explanation: Encryption at rest secures data stored on disks, object stores, or databases, preventing unauthorized access if storage media is compromised. Question 46. Which AWS service enables you to create a virtual network that extends your on-premises data center into the AWS cloud over a dedicated connection? A) AWS Direct Connect B) AWS VPN C) AWS Transit Gateway D) Amazon VPC Peering Answer: A Explanation: Direct Connect provides a private, high-bandwidth, low-latency link between on-premises infrastructure and AWS.
Question 47. What is the primary benefit of using Spot Instances in AWS? A) Guaranteed 24/7 uptime. B) Lower cost by utilizing unused EC2 capacity. C) Automatic compliance auditing. D) Built-in serverless execution. Answer: B Explanation: Spot Instances let you bid on unused EC2 capacity at steep discounts, ideal for fault-tolerant workloads. Question 48. Which Azure feature allows you to enforce that all storage accounts encrypt data using a customer-managed key? A) Azure Policy B) Azure Monitor C) Azure Blueprint D) Azure Advisor Answer: A Explanation: Azure Policy can be set to require that storage accounts use customer-managed keys for encryption, ensuring compliance. Question 49. In GCP, which component is used to provide private connectivity between your on-premises network and Google Cloud? A) Cloud VPN B) Cloud Interconnect C) Cloud DNS D) Cloud CDN Answer: B
Answer: B Explanation: Auto-scaling monitors metrics (e.g., CPU, request count) and adds or removes resources to match workload fluctuations. Question 53. Which AWS service offers a managed, highly available, and scalable DNS service that also performs health checks? A) Amazon Route 53 B) Amazon CloudWatch C) AWS Global Accelerator D) AWS Elastic Beanstalk Answer: A Explanation: Route 53 provides DNS resolution, domain registration, and health-checking capabilities. Question 54. In Azure, which service provides a unified view of metrics, logs, and alerts across resources? A) Azure Monitor B) Azure Security Center C) Azure Sentinel D) Azure DevOps Answer: A Explanation: Azure Monitor aggregates telemetry data, enabling dashboards, alerts, and analytics for all Azure resources. Question 55. Which GCP storage class is best suited for data that is accessed frequently and requires low latency? A) Nearline B) Coldline C) Archive
D) Standard Answer: D Explanation: Standard storage offers high durability and low latency for frequently accessed objects. Question 56. What is the primary function of AWS CloudTrail? A) Real-time metric collection for resources. B) Logging API calls for governance, compliance, and auditing. C) Distributing content globally via edge locations. D) Managing encryption keys. Answer: B Explanation: CloudTrail records AWS API calls made by or on behalf of an account, providing an audit trail. Question 57. Which Azure service enables you to run containerized workloads without managing the underlying VM infrastructure? A) Azure Container Instances (ACI) B) Azure Virtual Machines C) Azure Service Fabric D) Azure Batch Answer: A Explanation: ACI provides serverless containers, allowing you to run Docker images without provisioning VMs. Question 58. In AWS, which storage option provides object storage with virtually unlimited scalability and 99.999999999% durability? A) Amazon EFS B) Amazon S C) Amazon EBS