Aws Cloud Practitioner Acloudguru
56 community-sourced questions and answers. Free — no login.
Delete root access keys, activate MFA on root account, apply IAM password policy, use groups to assign permissions, create individual IAM users
Best Practices for Securing Root AWS Account
Federated Access
To grant users access to AWS services with corporate directory
User Authorized, then Autheniticated
The order a user is granted access to AWS services
Compliance with Laws & Regulations, Certifications/Attestations
Components of the AWS Assurance Program
Risk Management, Control Environment, Information Security
Components of the AWS Risk and Compliance Program
Roles, Groups, Permissions, Users
Components of IAM
7
AWS WAF can go down to which OSI layer
True
Auto Scaling allows you to add or remove EC2 instances from your EC2 fleet based on conditions you specify
IN
Users are responsible for security ___ the cloud
OF
AWS is responsible for security ___ the cloud
HIPAA
Which Compliance guarantees attests to the fact that the AWS platform has met the standard required for the secure storage of medical records in the US
AWS Trusted Advisor
Which service will help optimize your entire AWS environment in real time following AWS best practices
AWS Shield
What is AWS' managed DDoS protection service
AWS Concierge
Which AWS support panel should you contact if you are an AWS Enterprise customer with questions about billing and your overall AWS account
AURI, PURI, NURI
Payment options for Reserved Instances
20
Maximum number of Linked Accounts per Paying Account under Consolidated Billing
VPC, Auto-Scaling, CloudFormation, Elastic Beanstalk, IAM
Free AWS Services
On-Demand, Reserved, Spot, Dedicated Hosts
EC2 pricing options
Collection of resources that share one or more tags (or portions of tags)
Resource Group
Enterprise
AWS Support level with a TAM
Billing Support
All accounts receive this support service as a standard
Number of requests, additional storage, clock hours of server time
RDS billing criteria
Elasticity
The ability to scale computing resources up and down easily, while only paying for the resources used
Assuming everything will fail, scalability, disposable resources, infrastructure as code
Principles of sound cloud design
Stop guessing about your capacity requirements, scale horizontally
Principles of sound design when it comes to reliability
Multi-Region
Which deployment strategy should you follow if you have a mission-critical application which must be globally available at all times
A geographical area divided into AZs. Each contains at least two AZs
AWS Regions
Variable expense, increased speed and agility, elasticity, go global in minutes
Advantages of Cloud Computing
Democratize advanced technologies, use serverless architectures, deploy into multiple regions to go global in minutes
Principles of sound design when it comes to performance efficiency
Regions, AZs, Edge Locations
AWS Global Infrastructure
Fault-tolerant
A system that will remain operational even in the even of a component failure
Public, Hybrid, Private
Cloud Computing Deployments
Highly Available
A system that is always available, without the need for human intervention
AZ
Collection of data centers within a specific region
2
Minimum number of AZs per region
Business, Enterprise
Support plans with unlimited contacts and unlimited support cases
Elastic Beanstalk
Allows you to select both your instance type and your database
ALB 1st selects a target based on a routing rule, then uses a Round-Robin strategy to select a node - Classic uses Round-Robin for TCP listeners only
AWS Load Balancer types that use a Round-Robin load distribution strategy
Storing application assets, Static web hosting
Common use cases for S3 include:
Edge Locations
S3 Transfer Acceleration uses AWS' network of ___ to more quickly get your data into AWS
Create individual IAM users, activate MFA on root account, use roles to delegate access to IAM users
Steps you should take in securing your AWS account
AWS Snowball, AWS Application Discovery Service
Migration Services
Lambda
What compute service should you use to execute your code when you need to execute code in response to a specific change to your S3 bucket?
No
Can the paying account make changes to any of the resources owned by a linked account (with consolidated billing)
Fault tolerance, security, cost optimization, performance
Categories that AWS Trusted Advisor provides best practices and/or checks of your AWS environment
Management Console, SDK, Command Line
Valid access types for an IAM user
Auto Scaling
You need to ensure that you have the correct number of EC2 instances available to handle the load of your application. What service should you use?
JSON
IAM policies are written using ___
Glacier
Data archival service that is extremely inexpensive but has a multi hour data retrieval window
Re-create the volume from a snapshot
How to re-create an EBS volume that you previously used
DynamoDB
What is AWS' managed NoSQL database
Public IP Address
What does an EC2 instance in your VPC need for the Internet Gateway to route its traffic to the internet
Networking and Content Delivery
AWS VPC is a component of which of the following overall services categories
A container for storing Archives
What is a Vault in Amazon Glacier
Yes
For a fixed rate, can you choose detailed, once a minute monitoring of your EC2 instances?
Internet Gateway
For a subnet to be public and send non-local traffic to the internet gateway, we must update the Route Table of the public subnet and attach which of the following to the VPC that contains the subnet?
Looking for a different version?
CBTs get updated every year. Search for the exact version you're taking (e.g. "cyber awareness 2025").
Search all study materials