Academy Cloud Foundations Course Assessment Key

Question #: 1
From module: 1 - Cloud Concepts Overview
Question: Which IT requirement would lead an architect to choose an infrastructure as a

service (IaaS) cloud service model?
Response options (correct answers prefixed with *):
A. *A company wants to maintain the highest level of flexibility over its IT resources.
B. A company wants to run a managed instance for the marketplace.
C. A company wants to maintain control of its applications but avoid maintaining servers
and operating systems.
D. A company wants to use a web-based email solution.
Feedback
A. IaaS provides access to networking features, compute, and data storage space in the
cloud. IaaS provides you with the highest level of flexibility and management control
over your IT resources when compared to other cloud service models.
B. Platform as a service (PaaS) might be a good option for this use case.
C. Platform as a service (PaaS) might be a good choice for this scenario. This lets the
company offload managing servers and operating systems, but still gives them full
control of their applications.
D. This example would be typical of a software as a service (SaaS) model.
Question #: 2
Question: Which statement is an advantage of the platform as a service (PaaS) cloud service
model?
A. *PaaS avoids the need to manage operating systems.

B. PaaS is the most similar to traditional on-premises models for IT resources.
C. PaaS reduces the need to handle application deployments.
D. PaaS provides the greatest level of control over IT resources.
Feedback
A. PaaS reduces the need to manage infrastructure including operating systems.

B. Infrastructure as a service (IaaS) is most similar to traditional IT models .
C. A company still manages its application deployments with PaaS.
D. Infrastructure as a service (IaaS) provides the greatest level of control over IT resources.
Question #: 3
Question: Which of the following are advantages of cloud computing for a company moving
from a traditional on-premises computing model? (Select TWO.)
A. *Resources can be created, scaled up, scaled down, or destroyed based on demand.
B. *The company can focus less on infrastructure and focus more on differentiating the
business.
C. The company can invest in more capital (fixed) expenses and reduce their variable
expenses.
D. IT teams can make capacity decisions before deploying applications so that they always
have excess capacity.
E. All on-premises server licenses can be easily transferred and managed centrally in the
cloud.
Feedback
• Correct multiresponse:The ability to add new resources quickly and the ability to focus
on business rather than infrastructure tasks are two important advantages of cloud
computing.
• Incorrect multiresponse:Cloud computing replaces capital (fixed) expenses with variable
expenses. IT doesn't have to provision capacity in advance; capacity can scale up or
down as needed. This prevents wasting idle resources. Although many vendors support
bring your own license (BYOL) in the cloud, not all software applications allow for this.
Question #: 4
Question: How do economies of scale help customers moving to cloud computing from on-
premises computing?
A. *Customers can achieve lower variable costs and scale infrastructure beyond what's
possible on-premises.
B. Customers have full control of their infrastructure.
C. Customers can deploy resources globally.
D. Customers can scale servers horizontally.
Feedback
A. Higher economies of scale translates into lower pay-as-you-go prices.

B. Cloud computing can be scaled vertically, but this isn't a benefit related to economies of
scale.
C. Cloud computing does provide customers access to resources globally, but this isn't a
benefit related to economies of scale.
D. Cloud computing can be scaled horizontally, but this isn't a benefit related to economies
of scale.
Question #: 5
Question: How does cloud computing improve a company's ability to provision resources to
meet capacity demands compared to on-premises computing?
A. *Cloud resources can scale up or down based on demand.

B. Cloud resources can be locked down to the resource level.
C. Cloud resources can experience peaks and valleys in usage.
D. Cloud resources can be cost forecasted.
Feedback
A. The ability to stop guessing capacity is an important benefit of cloud computing.

Resources can scale up or down to meet demand in just a few minutes.
B. Securing resources is important but not related to provisioning.
C. Both on-premises and cloud resources can experience peaks and valleys in usage.
Companies must determine how to configure resources to reduce idle time but still
handle peak volumes.
D. A company can forecast computing needs for on-premises or cloud computing. There
might be cost and performance impacts if a forecast is incorrect.
Question #: 6
Question: Which statement describes the business perspective of the AWS Cloud Adoption
Framework?
A. *Stakeholders can create a strong business case for cloud adoption and prioritize cloud
adoption initiatives.
B. Stakeholders can focus on the skills and processes that are needed to align IT strategy
and goals with business strategy and goals.
C. Stakeholders can evaluate organizational structures and roles, new skill and process
requirements, and identify gaps.
D. Stakeholders can use architectural dimensions and models to understand and
communicate the nature of IT systems and their relationships.
Feedback
A. The business perspective ensures that IT is aligned with business needs and that IT
investments can be traced to demonstrable business results.
B. This statement reflects the governance perspective.
C. This statement reflects the people perspective.
D. This statement reflects the platform perspective.
Question #: 7
From module: 2 - Cloud Economics and Billing
Question: Which statement accurately describes AWS pricing?
A. *Volume-based discounts are available when usage increases (on some services).
B. Companies must sign a long-term contract to be able to pay only for what they use.
C. Outbound data transfers aren't charged.
D. Companies can reserve capacity on some services, but it doesn't impact the cost.
Feedback
A. You can get volume-based discounts with AWS. For services like Amazon S3, pricing is
tiered which means that you pay less per GB when you use more.
B. You aren't required to sign a long-term contract to get pay-as-you-go pricing. This is a
key benefit to the AWS cloud.
C. Not all outbound data is charged.
D. For certain services like Amazon EC2 and Amazon RDS, you can invest in reserved
capacity. Reserved instances are charged at a lower rate than on-demand instances.
Question #: 8
Question:
Which of the following statements about how a company would use AWS Organizations are
accurate? (Select TWO.)
A. *A company can consolidate and centrally manage multiple AWS accounts.

B. *A company can benefit from volume discounts from consolidated billing.
C. A company can only manage AWS Organizations through the AWS Management
Console.
D. A company can use AWS Organizations to create security groups that control access to
resource.
E. A company can use AWS Organizations' consolidated identity and access management
(IAM) feature to replace the existing IAM system for an individual account.
Feedback
• Correct multiresponse:AWS Organizations is a free account management service to

consolidate and centrally manage multiple AWS accounts. AWS Organizations includes
consolidated billing, which provides the ability to benefit from volume discounts.
• Incorrect multiresponse:AWS Organizations can be managed through different
interfaces: the AWS Management Console, AWS Command Line Interface (AWS CLI)
tools, and AWS software development kits (SDKs). The AWS Organizations HTTPS Query
API gives you programmatic access to AWS Organizations. AWS Organizations can't be
used to create security groups; it manages security through security control policies that
centrally control AWS services across multiple AWS accounts. AWS Organizations
doesn't replace associating AWS IAM policies with users, groups, and roles within an
AWS account.
Question #: 9
Question: Which statement accurately describes how customers can use AWS Support?
A. *Customers can get AWS Support for both experimental non-production accounts and
for business-critical production accounts.
B. Customers must choose one of three support plans: Basic Support, Business Support,
and Enterprise Support.
C. Customers should contact their Support Concierge to provide quick and efficient
technical support.
D. Customers are assigned a Technical Account Manager (TAM) for all AWS Support plans.
Feedback
A.
B. AWS provides support for non-production accounts. AWS Support can vary the type of
support that's provided depending on the customer’s needs and goals.
C. AWS Support offers four support plans: Basic Support, Developer Support, Business
Support, and Enterprise Support.
D. A Support Concierge is a billing and account expert whose role is to provide quick and
efficient analysis on billing and account issues. The concierge addresses all non-technical
billing and account-level inquiries.
E. A designated TAM is included in the Enterprise Support plan.
Question #: 10
Question: Which of the following factors are considered in calculating the total cost of
ownership (TCO) for the AWS Cloud? (Select TWO.)
A. *The number of servers that need to be migrated to the cloud

B. *The amount of storage that needs to be migrated to the cloud
C. The number of users that need to be migrated to the cloud
D. The number of groups that need to be migrated to the cloud
E. The number of roles that need to be migrated to the cloud
Feedback
• Correct multiresponse:TCO is the financial estimate to help identify direct and indirect
costs of a system. When comparing on-premises to cloud solutions, it's important to
accurately assess the true costs of both options. For example, some of the costs that are
associated wit
• Incorrect multiresponse:TCO is the financial estimate to help identify direct and indirect
costs of a system. When comparing on-premises to cloud solutions, it's important to
accurately assess the true costs of both options. The number of users, groups, and roles
aren't usually considered in this comparison. Server costs, storage costs, network costs,
and IT labor costs are included in the TCO.
Question #: 11
Question: A cloud practitioner wants to visualize their AWS costs per EC2 instance type for the
past 3 months. Which AWS tool or feature should they use?
A. *AWS Cost Explorer

B. AWS Budgets
C. AWS Bills page
D. AWS Pricing Calculator
Feedback
A. AWS Cost Explorer provides the ability to visualize, understand, and manage your AWS
costs and usage over time. Cost data for the past 12 months can be viewed, and how
much you are likely to spend over the next 3 months can be forecasted.
B. AWS Budgets shows the status of your budgets and provides forecasts of your estimated
costs.
C. The AWS Bills page gives you a detailed list, not an interactive visualization. Using Bills,
you can access to the most up-to-date information on your costs and usage, including
your monthly bill and the detailed breakdown of the AWS services that you use
D. AWS Pricing Calculator allows you to estimate the cost of AWS products and services.
Question #: 12
Question: How does the AWS Billing Dashboard help companies analyze their AWS usage to
find potential cost-saving opportunities?
A. *The billing dashboard shows the status of the month-to-date AWS expenditure and the
AWS services that account for the majority of the overall expenditure.
B. The billing dashboard shows the pricing models for all of the AWS services that are used
in your account and where your usage falls in the free tier.
C. The billing dashboard lists the costs incurred over the past month by service, by AWS
Region, and by linked accounts.
D. The billing dashboard lists all AWS accounts with activity in the previous 6 months and a
summary of spending for each account.
Feedback
A. The AWS Billing Dashboard lets you view the status of your
B. month-to-date AWS expenditure, identify the services that account for the majority of
your
C. overall expenditure, and understand at a high level how costs are trending.
D. The billing dashboard doesn't provide pricing models or usage data for all AWS services.
Information and pricing is available on each service page.
E. The billing dashboard doesn't provide breakdowns of costs as described. The AWS Bills
page provides details about costs incurred over the past month with a further
breakdown by AWS Region and linked accounts.
F. The billing dashboard doesn't list all AWS activity, and its time frame isn't 6 months.
Question #: 13
From module: 3 - AWS Global Infrastructure Overview
Question: Which statement about AWS Regions is true?
A. *Using a Region as close as possible to users can reduce latency.

B. All available Regions are enabled by default in an AWS account.
C. All AWS accounts can access all AWS Regions.
D. Data stored in an AWS Region isn't subject to geographical compliance requirements.
Feedback
A. All else being equal, it's generally desirable to run your applications and store your data
in a Region that's as close as possible to the user and systems that will access them.
B. AWS Regions that were introduced before March 20, 2019 are enabled by default.
Regions added after this date must be enabled to be used.
C. Some Regions have restricted access. For example, an AWS (China) account provides
access to specific Regions only.
D. Local laws might require that certain information be kept within geographical
boundaries. Such laws might restrict the Regions where you can offer content or
services.
Question #: 14
Question: What is the relationship between AWS Regions, Availability Zones, and data centers?
A. *Each Region has locations called Availability Zones. Each Availability Zone has data
centers.
B. Each Region has a set of data centers. Each data center maps to one Availability Zone.
C. Each Availability Zone includes data centers. Each data center in an Availability Zone is
located in a different geographical Region.
D. A set of data centers in a geographical area create a Region. Availability Zones are
connections between Regions.
Feedback
A. Each AWS Region has multiple, isolated locations that are known as Availability Zones.
Each Availability Zone has discrete physical data centers.
B. Availability Zones contain data centers.
C. An Availability Zone and its data centers exist within a single Region.
D. Regions are geographical areas. Availability Zones are partitions of AWS infrastructure.
Question #: 15
Question: Which statement about edge locations is true?
A. *Amazon CloudFront uses edge locations and Regional edge caches to deliver content
with lower latency.
B. Regional edge caches are used to cache data that's frequently updated and must be
refreshed continuously.
C. The AWS global network includes a large number of Regional edge caches and a smaller
number of edge locations to deliver content to users.
D. AWS points of presence provide two to three edge locations per Region.
Feedback
A. Amazon CloudFront is a content delivery network that uses edge locations to deliver
content to end users with reduced latency.
B. Regional edge caches are used for content that's infrequently accessed.
C. AWS points of presence include many edge locations and a smaller number of Regional
edge caches.
D. AWS points of presence are located in most of the major cities around the world.
Question #: 16
From module: 4- AWS Cloud Security
Question: Which of the following statements about responsibility are accurate based on the
AWS shared responsibility model? (Select TWO.)
A. *AWS is responsible for the physical security of data centers.

B. *Customers are responsible for managing their user data.
C. AWS is responsible for the configuration of security groups.
D. AWS is responsible for deciding what data to encrypt in customers' Amazon S3 buckets.
E. Customers are responsible for the installation, maintenance, and decommissioning of
the hardware that they use in the AWS data center.
Feedback
• Correct multiresponse:AWS is responsible for the physical security of data centers.

Customers are responsible for their user data.
• Incorrect multiresponse:Customers are responsible for deciding which data to encrypt
within their Amazon S3 buckets. AWS is responsible for the installation, maintenance,
and decommissioning of hardware.
Question #: 17
Question: An AWS account administrator wants to grant temporary cross-account access that
allows external users access to specific resources within their own account. Which action would
align with the best practice of using temporary sessions?
A. *Create an identity and access management (IAM) role that can be assumed by external
users and grant it permissions to the specific resources.
B. Create an IAM policy that grants external users access to the specific resources.
C. Create a new IAM user account for each user that needs access.
D. Create an IAM group, grant resource permissions to the group, then add IAM users to
the group.
Feedback
A. Allowing a user to assume an IAM role provides the user with temporary, limited access
that lasts only as long as they are in that role.
B. Granting access through an IAM policy attached to user accounts won't provide the
temporary aspect of the desired access.
C. Granting access through IAM user accounts won't provide the temporary aspect of the
desired access.
D. Granting access through IAM groups won't provide the temporary aspect of the desired
access.
Question #: 18
Question: Which of the following statements about identity and access management (IAM)
policies are accurate? (Select TWO.)
A. *Identity-based policies are attached to a user, group, or role.

B. *Access control lists (ACLs) are a form of resource-based policies.
C. Resource-based policies allow access by default.
D. Resource-based policies are attached to a user, group, or role.
E. Identity-based policies can only be attached to a single entity.
Feedback
• Correct multiresponse:Identity-based policies are attached to an identity, including

users, groups, or roles. Resource-based policies are attached to cloud resources. An ACL
that controls access to network resources is an example.
• Incorrect multiresponse:Both identity and resource policies deny access by default.
Identity-based policies that are managed policies can be applied across more than one
entity.
Question #: 19
Question: Which scenario describes a use case for AWS CloudTrail?
A. *An account administrator wants the ability to track user activity on their account.
B. A systems administrator wants to protect their web application from denial of service
attacks.
C. A developer wants to control user logins to their website.
D. An account administrator wants to centrally control access permissions for groups of
accounts.
Feedback
A. AWS CloudTrail is a service that logs all API requests to resources in an account. This
enables operational auditing on the account.
B. AWS Shield is a service that protects against distributed denial of service attacks.
C. Amazon Cognito provides sign up, sign in, and access control to your applications.
D. AWS Organizations is an account management service that enables you to consolidate
multiple AWS accounts into an organization that you create and centrally manage.
Question #: 20
Question: Which of the following statements about securing data in transit are true? (Select
TWO.)
A. *Transport layer security (TLS) provides encryption of data in transit.

B. *Transport layer security (TLS) certificates can be managed using AWS Certificate
Manager (ACM).
C. Data moving between AWS services is encrypted using transport layer security (TLS) and
AWS Key Management Service (AWS KMS).
D. Web traffic that runs over HTTP is encrypted using transport layer security (TLS).
E. Transport layer security (TLS) is a proprietary protocol that's used to secure traffic
between AWS VPCs.
Feedback
• Correct multiresponse:TLS is an open standard protocol that's used to encrypt data in

transit. AWS Certificate manager is a service that enables you to provision, manage, and
deploy TLS certificates for use with AWS services and your internal connected resources.
• Incorrect multiresponse:AWS KMS is a service for encrypting data at rest. Web traffic
over HTTP isn't encrypted. Web traffic over HTTPS is encrypted using TLS. TLS is an open
standard protocol and isn't owned by AWS.
Question #: 21
Question: A company must produce reports of any changes to its EC2 instance settings. Which
AWS service should they use?
A. *AWS Config
B. AWS Artifact
C. AWS CloudTrail
D. Amazon CloudWatch
Feedback
A. AWS Config is a service that enables you to assess, audit, and evaluate the
configurations of your AWS resources. AWS Config continuously monitors and records
your AWS resource configurations.
B. AWS Artifact is a resource for compliance-related information. It provides access to
security and compliance reports and select online agreements.
C. AWS CloudTrail is a service that tracks who accessed which APIS in an account.
D. Amazon CloudWatch monitors AWS resources and applications running AWS services,
but it doesn't provide reports of configuration changes.
Question #: 22
From module: 5 - Networking and Content Delivery
Question: Which option describes a capability of Amazon virtual private clouds (VPCs)?
A. *Can span Availability Zones

B. Can be configured as a physically isolated section of the AWS Cloud
C. Can belong to multiple AWS Regions
D. Can have its address range changed as desired after creation
Feedback
A. Amazon VPCs can span Availability Zones, and you can configure subnets in different
Availability Zones for high availability.
B. VPCs are a logical isolation of resources, not a physical section of the cloud.
C. A VPC is based within a single AWS Region.
D. After you create a VPC, you can't change the address range, so it's important that you
choose it carefully.
Question #: 23
Question: A network administrator wants to run their e-commerce web application on a virtual
private cloud (VPC). Which of the following steps is part of setting up the VPC? (Select TWO.)
A. *Specify the range of IP addresses for the VPC.

B. *Create private and public subnets.
C. Delete the local route in the route table.
D. Create the main route table.
E. Attach the VPC to a security group.
Feedback
• Correct multiresponse:To create a VPC, you must specify the range of IP addresses to be
used. You can also set up subnets within the VPC, typically a public one for internet
traffic and private ones for application servers.
• Incorrect multiresponse:The main route table is created automatically when you set up
a VPC. You can customize the main route table, but you can't delete the local route.
Security groups are attached to instances not a VPC or its subnets.
Question #: 24
Question: A network administrator wants to configure a public subnet and route incoming and
outgoing traffic to and from an EC2 instance in the public subnet to the public internet. Which
virtual private cloud (VPC) feature should they use?
A. *An internet gateway

B. A network address translation (NAT) gateway
C. VPC sharing
D. A network access control list (ACL)
Feedback
A. To make a subnet public, you attach an internet gateway to your VPC and add a route to
the route table to send non-local traffic through the internet gateway to the internet
(0.0.0.0/0).
B. A NAT gateway enables instances in a private subnet to connect to the internet or other
AWS services, but prevents the internet from initiating a connection with those
instances.
C. VPC sharing enables customers to share subnets with other AWS accounts in the same
organization in AWS Organizations.
D. A network ACL is an optional layer of security for your Amazon VPC. It acts as a firewall
for controlling traffic in and out of one or more subnets.
Question #: 25
Question: Which requirement suggests configuring Amazon Route 53 with latency routing?
A. *A company wants to route traffic to the Region that provides the fastest experience
based on performance measurements.
B. A company wants to route traffic to only locations where they have distribution rights.
C. A company wants to perform A/B testing and route traffic to different locations based
on a percentage of traffic.
D. A company wants to detect website outages and automatically redirect customers to a
healthy location.
Feedback
A. Latency routing works by routing customers to the AWS endpoint (for example, Amazon
EC2 instances, elastic IP addresses, or load balancers) that provides the fastest
experience based on actual performance measurements of the different AWS Regions
where your application runs.
B. Geolocation routing lets you localize content and present content in the language of
your users. It can also be used to restrict the distribution of content to only the locations
where you have distribution rights.
C. Weighted round robin routing lets you route traffic to multiple resources in proportions
that you specify.
D. Failover routing (DNS failover) lets Amazon Route 53 help detect an outage of a website
and redirect users to alternate locations where the application is operating properly.
Question #: 26
Question: Which statement accurately describes a content delivery network (CDN)?
A. *A CDN caches frequently requested files.

B. A CDN speeds up domain name resolution for application servers.
C. A CDN creates fast connections between origin servers.
D. A CDN is a regional group of servers.
Feedback
A. A CDN caches copies of commonly requested files at edge locations and delivers copies
close to requestors to improve latency.
B. A CDN doesn't handle domain name service functions.
C. A CDN doesn't create connections between origin servers.
D. A CDN is a globally distributed set of servers.
Question #: 27
Question: Which configuration represents a valid use of security groups in a virtual private
cloud (VPC)?
A. *Limit outbound traffic from an EC2 instance in the VPC to a specific database server.
B. Set a deny rule that prevents outbound traffic from an EC2 instance in a VPC.
C. Limit inbound access to the private subnet of the VPC.
D. Set a deny rule that prevents access to the subnet from the public internet.
Feedback
A. By default, security groups allow all outbound traffic, but you can set a rule in a security
group to limit outbound destinations.
B. Security groups don't have deny rules. You can specify only what traffic is allowed.
C. Security groups control access to resources in a VPC, not the VPC or its subnets. ACLs
can limit traffic to the subnet.
D. Security groups control access to resources in a VPC, not the VPC or its subnets. ACLs
can limit traffic to the subnet.
Question #: 28
From module: 6 - Compute
Question: A company wants complete control over its server's configurations, operating system
(OS), and the application software stack. Which AWS compute service should they choose?
A. *Amazon EC2
B. AWS Lambda
C. Amazon RDS
D. Amazon Elastic Container Service (Amazon ECS)
Feedback
A. Amazon EC2 offers complete control over every configuration, the OS, and the software
stack running on your cloud compute instances.
B. AWS Lambda is a managed serverless compute service that eliminates the need for
provisioning servers or instances. Users don't have control over most server settings.
C. Amazon RDS is a managed service for relational databases that greatly reduces the
operational burden of managing relational databases. Users don't have complete
control over the underlying server configurations.
D. Amazon ECS is a managed service for deploying to containers. As a fully managed
service, Amazon ECS comes with AWS configuration and operational best practices built-
in.
Question #: 29
Question: A company needs to run a short script each time a new item is added to an Amazon
S3 bucket. Which compute option meets the need with the least amount of resource
provisioning?
A. *Create an AWS Lambda function to run the script whenever a new item is added to the
bucket.
B. Set up a small EC2 instance that runs code to check for new uploads to the bucket and
runs the script.
C. Set up the script to run in a container, and deploy the container on Amazon Elastic
Container Service (Amazon ECS).
D. Write a batch job to run the script on all new items overnight when there's less
competition for resources. Run the batch job on spot instances.
Feedback
A. With AWS Lambda, you don't provision servers. Functions run in an ephemeral
environment when initiated by an event.
B. Even with a small EC2 instance, you must configure the server within a VPC, and you pay
for the time that the server is running.
C. A containerized solution still requires provisioned resources to use. The steps for setting
up containers with Amazon ECS are simplified, but this isn't the least amount of
provisioning possible.
D. This doesn't meet the requirement of processing the items as they're added. Although
spot instances would be more cost effective, they must still be configured.
Question #: 30
Question: A developer is testing a prototype on EC2. The instances are terminated after testing,
but the application requires uninterrupted compute while processing. Which type of EC2
instance pricing meets the need at the lowest cost?
A. *On-demand instance
B. Reserved instance
C. Spot instance
D. Scheduled reserved instance
Feedback
A. On-demand instances have no upfront commitments or long-term contracts. You pay

for the time that your instances are running. It's a good choice for applications with
short-term, spiky, or unpredictable workloads.
B. Reserved instances can provide a lower cost, but require at least a 1-year commitment
to continue using the resource. This isn't cost effective for the described scenario.
C. Spot instances let you bid for unused EC2 capacity, and could be lower than other
options. However, spot instances can be interrupted.
D. Scheduled reserved instances let you reserve instances on a recurring schedule with a 1-
year commitment. This doesn't fit the described scenario.
Question #: 31
Question: A developer needs temporary block storage for cache data on an EC2 instance.
Which option should they choose?
A. *EC2 instance store

B. Amazon Elastic Block Store (Amazon EBS)
C. Amazon S3
D. Amazon Elastic File System (Amazon EFS)
Feedback
A. Amazon EC2 instance store provides ephemeral, or temporary, block-level storage

located on disks that are physically attached to the host computer.
B. Amazon EBS provides durable block storage for high throughput and transaction
intensive workloads.
C. Amazon S3 provides object storage. A typical use case would be to use Amazon S3 to
store snapshots of EC2 volume data.
D. Amazon EFS can be attached to EC2 instances, but it provides file storage rather than
block storage.
Question #: 32
Question: What role do security groups play in managing access to EC2 instances?
A. *Security groups provide a set of rules to control traffic to or from an instance.

B. Security groups define the identity and access management (IAM) roles that can access
an instance.
C. Security groups identify the public and private key required to connect to an EC2
instance.
D. Security groups control inbound access to the subnet that an EC2 is associated with.
Feedback
A. A security group acts as a virtual firewall that can be applied to your instances, and it
controls inbound and outbound traffic.
B. Security groups are not based on IAM.
C. Key pairs are created to connect to EC2 instances, but this isn't the role of the security
group.
D. Network access control lists (NACLs) control traffic to the subnet.
Question #: 33
Question: A company has a set of big data processing jobs in Amazon Simple Queue Service
(Amazon SQS) that need a lot of compute. Which EC2 instancing pricing model would meet the
need at the lowest possible cost?
A. *Spot instance
B. Scheduled reserved instance
C. On-demand instance
D. Reserved instance
Feedback
A. Spot instances are a good choice for processing that can be interrupted, such as
processing with a queue that can handle retries. Companies can bid on unused EC2
capacity at a desired price and processing will stop if the price rises above their bid.
B. Scheduled reserved instances allow for scheduling recurring EC2 instances. But this isn't
the least cost option that suits the scenario.
C. On-demand instances let a company pay only for what it uses with no upfront
commitment. But it isn't the lowest possible cost option for this scenario.
D. Reserved instances provide pricing discounts for committing to continue using the
instances for a contracted period. This isn't the lowest cost option for the scenario.
Question #: 34
From module: 7 - Storage
Question:
A developer wants to use Amazon Elastic Block Store (Amazon EBS) for their application. What
action should they take?
A. *Attach the Amazon EBS volume to an Amazon EC2 instance.

B. Back up the Amazon EBS volume using Snapshots.
C. Replicate the Amazon EBS volume in a different Availability Zone.
D. Attach the Amazon EBS Volume to multiple Amazon EC2 instances in multiple
Availability Zones.
Feedback
A. To access EBS storage, you first attach it to an EC2 instance.

B. To access EBS storage, you first attach it to an EC2 instance. You would be able to create
point-in-time snapshots of your volumes to provide an even higher level of data
durability afterwards.
C. After being attached to an Amazon EC2 instance, Amazon EBS volumes are
automatically replicated within its Availability Zone.
D. After creating individual storage volumes, you can attach them to a new or existing
Amazon EC2 instance, but you can't attach them to instances in different Availability
Zones.
Question #: 35
Question: Which statement about Amazon Elastic Block Storage (Amazon EBS) is true?
A. *Amazon EBS volumes persist independently from the EC2 instance to which they are
attached.
B. Amazon EBS volumes aren't recommended for storage that requires frequent updating.
C. Amazon EBS volumes are automatically replicated across multiple Availability Zones.
D. EBS volumes cannot be resized.
Feedback
A. An Amazon EBS volume is a durable, block-level storage device that you can attach to
your instances. It can persist independently from the EC2 instance as well.
B. You can use Amazon EBS volumes as primary storage for data that requires frequent
updates, such as the system drive for an instance or storage for a database application.
C. Amazon EBS volumes are automatically replicated within its Availability Zone.
D. With Amazon EBS elastic volumes, you can increase the volume size, change the volume
type, or adjust the performance of your EBS volumes.
Question #: 36
Question: Which scenario is a good fit for Amazon Elastic File System (Amazon EFS) storage?
A. *A company needs to give all EC2 instances in its VPC read and write access to a
network file system (NFS).
B. A company wants to host a website.
C. A company wants to build a petabyte-sized data lake for analytics.
D. A company needs temporary file storage for its application running on EC2.
Feedback
A. Amazon EFS provides simple, scalable, elastic file storage for use with your compute
resources.
B. You can't host a public website directly from Amazon EFS.
C. Amazon S3 object storage is a better choice for a data lake.
D. EC2 instance store is a better choice for temporary storage for application cache.
Question #: 37
Question: Which statement about AWS storage services is accurate?
A. *To access an Amazon Elastic File System (Amazon EFS), the file system must be
mounted on an Amazon EC2 instance in your VPC.
B. EC2 instance store is a good choice for running big data processing and analytics.
C. EC2 instance store provides durable storage for the EC2 instance it's attached to, but
isn't available to other EC2 instances.
D. Amazon Elastic Block Storage (Amazon EBS) volumes provide temporary block storage to
EC2, but don't persist when the EC2 instance is stopped.
Feedback
A. With Amazon EFS, you can create a file system, mount the file system on an Amazon
EC2 instance, and then read and write data from to and from your file system.
B. EC2 instance store provides temporary block storage and wouldn't be the right choice
for big data and analytics file systems.
C. EC2 instance store provides temporary storage to the EC2 instance that it's attached to.
D. Amazon EBS volumes persist independently from the running life of an EC2 instance.
Question #: 38
Question: A company needs to store long-lived data. They need the data to be available
immediately, but access patterns are unpredictable. Which Amazon S3 storage class would be
most cost effective?
A. *Amazon S3 Intelligent-Tiering
B. Amazon S3 One Zone-Infrequent Access
C. Amazon S3 Glacier
D. Amazon S3 Standard
Feedback
A. The Amazon S3 Intelligent-Tiering storage class is designed to optimize costs by

automatically moving data to the most cost-effective access tier, without performance
impact or operational overhead.
B. Amazon S3 One Zone-Infrequent Access is designed for data that exists within a single
Availability Zone that is infrequently accessed, but must be available rapidly when
needed.
C. Amazon S3 Glacier is a secure, durable, and low-cost storage class for data archiving.
Files can be retrieved within a few minutes or hours.
D. Amazon S3 Standard delivers low latency and high throughput, and is appropriate for a
variety of use cases. But, it wouldn't be the most cost-effective solution.
Question #: 39
Question: A company uploads PDF forms to Amazon S3 that must be retained for 1 year. The
forms are rarely accessed after 1 week but must be available within 1 day when they're
requested. What lifecycle policy is the most cost effective for their needs?
A. *Move objects from Amazon S3 Standard to Amazon S3 Glacier after 7 days. Delete
them after 365 days.
B. Move objects from Amazon S3 Standard to Amazon Infrequent Access after 7 days.
C. Move objects from Amazon S3 Standard to Amazon S3 One Zone-Infrequent Access
after 7 days. Delete the objects after 365 days.
D. Move objects from Amazon S3 Infrequent Access to Amazon standard after 1 week.
Feedback
A. This lifecycle takes advantage of the lower storage costs of Amazon S3 Glacier and
supports the speed with which items need to be accessed.
B. Amazon S3 Infrequent Access is not the most cost effective way to store the data.
C. This option does not provide the lowest cost available.
D. Objects can't be moved from Amazon S3 Infrequent Access to Amazon Standard, and
neither option would be the most cost effective.
Question #: 40
Question: Which statement about Amazon S3 Glacier security is accurate?
A. *Access to Amazon S3 Glacier can be managed using IAM policies.

B. The data in Amazon S3 glacier is public by default.
C. Applications encryption must be initiated on objects archived to Amazon S3 Glacier
either using the console or programmatically.
D. For all operations and interactions with Amazon S3 Glacier you can use the AWS
Management Console.
Feedback
A. You can set up an identity and access management (IAM) policy that specifies user
access for Amazon S3 Glacier security purposes.
B. By default, only you can access your data.
C. Any data that's archived in Amazon S3 Glacier is encrypted by default. With Amazon S3,
your application must initiate server-side encryption.
D. Other than creating and deleting vaults and creating and managing archive policies, you
must use either the Amazon S3 Glacier REST APIs, the AWS Java or .NET SDKs, or the
AWS CLI. You can also use lifecycle policies to archive data into Amazon S3 Glacier.
Question #: 41
Question: Which scenario describes a good use case for Amazon S3 Standard storage?
A. *Host website images.

B. Run a relational database.
C. Share an NFS file system.
D. Act as an EC2 instance store.
Feedback
A. Amazon S3 buckets can serve the static contents of your website, including images,
HTML, CSS, JavaScript, and other files.
B. Amazon S3 object storage isn't the right choice for running a database. Amazon Elastic
Block Store (Amazon EBS) would be a better choice for database hosting.
C. Amazon S3 provides object storage not file system storage. Amazon EFS would be a
good choice for this use case.
D. Instance store is temporary block level storage that's added to your Amazon EC2
instance.
Question #: 42
Question: A company needs to store billions of low volume daily events that will be used for
analytics. Which storage option best fits this use case?
A. *Amazon S3
B. Amazon Elastic Container Service (Amazon ECS)
C. Amazon Elastic Block Storage (Amazon EBS)
D. EC2 instance store
Feedback
A. You can store a virtually unlimited number of objects on Amazon S3 and access them
with analytics services.
B. Amazon ECS is a managed container orchestration service, and wouldn't fit the need for
storing daily event records.
C. Amazon EBS is designed to provide durable, detachable, block-level storage for your
Amazon EC2 instances. It isn't the right choice for storing billions of events for analytics.
D. Instance store is temporary storage that's added to your Amazon EC2 instance. It
wouldn't be the right fit to store the data and access it for analytics.
Question #: 43
From module: 8 - Databases
Question: Which option is a company's responsibility when running Amazon RDS?
A. *Application optimization
B. Database software patching
C. Operating system installation
D. Operating system patching
Feedback
A. With Amazon RDS, you manage your application optimization, but AWS manages
maintaining the database.
B. Amazon RDS is a managed service. AWS manages administrative tasks like database
software patching.
C. Amazon RDS is a managed service. AWS manages administrative tasks like operating
system installation.
D. Amazon RDS is a managed service. AWS manages administrative tasks like operating
system patches.
Question #: 44
Question: Which feature of Amazon RDS should a company configure to enable high
availability?
A. *Multi-AZ deployment
B. Encryption with AWS Key Management Service keys
C. VPC deployment
D. Provisioned IOPS storage
Feedback
A. After a Multi-AZ deployment is configured, Amazon RDS automatically generates a

standby copy of the database instance in another Availability Zone within the same VPC.
B. Enabling encryption provides security for data in your databases but doesn't impact
availability.
C. Amazon RDS can be deployed into a VPC, but this doesn't enable high availability.
D. Provisioned IOPS is a storage class of Amazon RDS.
Question #: 45
Question: A company has an e-commerce site that requires storage and retrieval of
unstructured customer metadata to support one of its microservices. Which database option is
best suited to store this data?
A. *Amazon DynamoDB
B. Amazon RDS
C. Amazon Aurora
D. Amazon Redshift
Feedback
A. A non-relational database like Amazon DynamoDB is best suited for storing

unstructured data.
B. A relational database like Amazon RDS isn't the best choice for storing unstructured
metadata.
C. A relational database service like Amazon Aurora isn't the best choice for unstructured
metadata.
D. A data warehouse service like Amazon RedShift isn't the best choice for storing
unstructured metadata to be accessed within an application.
Question #: 46
Question: What is an attribute in a DynamoDB table?
A. *A data element that doesn't need to be broken down further

B. A key that uniquely identifies a set of data elements
C. A set of related data
D. A data element that is shared by all items in a table
Feedback
A. An attribute is a fundamental data element, something that doesn't need to be broken

down any further.
B. An attribute might be used as a key, but not all attributes are keys.
C. An item is a collection of attributes similar to a row in a relational database.
D. An attribute is a data element, but each item might have different attributes unlike a
relational database where each row has the same fields.
Question #: 47
Question: Which scenario is a good fit for Amazon Redshift?
A. *A company needs a data warehouse to support analytics applications.

B. A company needs a database for managing unstructured data.
C. A company needs a relational database for a line of business transactional database.
D. A company needs to store large volumes of mixed media image and video files.
Feedback
A. Amazon Redshift is a fully managed data warehouse that can be queried with standard
SQL and business intelligence tools.
B. Amazon Redshift isn't the right fit for managing state data.
C. Amazon Redshift isn't a good choice for a transactional database.
D. Amazon Redshift isn't a good storage solution for image and video files.
Question #: 48
Question: Which scenario best describes a use case for Amazon Aurora?
A. *A company needs a highly available PostgreSQL-compatible database.

B. A company needs a data warehouse that can be queried using standard business
intelligence tools.
C. A company needs a database to store semi-structured data.
D. A company wants to run an Oracle database in the cloud.
Feedback
A. Amazon Aurora is a MySQL- and PostgreSQL-compatible relational database that is built

for the cloud and designed to be highly available.
B. Amazon Aurora is not a data warehouse.
C. Amazon Aurora is a relational database and isn't the best choice for semi-structured
data.
D. Oracle is not an Aurora-compatible database engine.
Question #: 49
From module: 9 -Cloud Architecture
Question: Which statement reflects a design principle of the Reliability pillar of the AWS Well-
Architected Framework?
A. *Replace one large resource with multiple, smaller resources, and distribute requests
across these smaller resources.
B. Do not deploy code to production until you're certain it can't fail.
C. Limit automation when updating infrastructure.
D. Scale vertically to the largest instance types that your budget allows based on your best
guess of capacity.
Feedback
A. Scaling horizontally increases aggregate workload availability and reduces the impact of
a single point of failure.
B. A key principle of the Well-Architected Framework is that everything fails. Automate
recovery from failure and test your recovery procedures to ensure reliability.
C. Managing change with automation is a design principle of the reliability pillar.
D. Scaling horizontally to distribute the work and monitoring usage rather than guessing
capacity are both principles of reliability.
Question #: 50
Question: Which statement reflects a design principle of the Security pillar of the AWS Well-
Architected Framework?
A. *Apply security at all layers of an architecture.

B. Do not deploy a solution to production until you are certain that there are no security
risks.
C. Ensure that staff are actively monitoring potential risks manually.
D. Decentralize privilege management.
Feedback
A. Applying defense in depth means applying security at all layers of your architecture.
B. It's impossible to prevent all security risks. The related design principle is to prepare for
security events so that you can respond when events occur.
C. Automating security best practices allows you to scale more rapidly and cost effectively.
D. Centralizing privilege management is part of implementing a strong security foundation.
Question #: 51
Question: How does AWS Trusted Advisor assist a company getting started with AWS?
A. *Trusted Advisor provides recommendations on configuring your AWS resources.

B. Trusted Advisor automatically increases service limits (quotas) if you are near the limit.
C. Trusted Advisor prevents access to resources that have overly broad permissions.
D. Trusted Advisor provides recommendations for migrating on-premises resources to the
cloud.
Feedback
A. Trusted Advisor is an online tool that provides real-time guidance to help you provision
your resources following AWS best practices.
B. Trusted Advisor provides an alert if limits are over a certain threshold, but it doesn't
automatically increase a service limit.
C. Trusted advisor provides alerts on its dashboard if it identifies potential security risks.
But, it doesn't manage access.
D. Trusted Advisor provides recommendations based on the resources in use in an AWS
account.
Question #: 52
Question: What type of alert might be provided by AWS Trusted Advisor?
A. *An alert that multi-factor authentication (MFA) isn't activated on an AWS account
B. An alert of unusual API calls made in an AWS account
C. An alert that an IAM user has requested service quota changes
D. An alert of unauthorized access in an AWS account
Feedback
A. Trusted Advisor generates an alert if MFA is not activated on the account's root user.
B. Trusted Advisor might suggest that there's a configuration issue with the service that
tracks API calls, but it doesn't provide the actual tracking.
C. Trusted Advisor alerts if a service quota is being approached, but it doesn't alert that
someone requested a change.
D. Trusted Advisor doesn't track access, but it might identify a gap in the account's security
policies.
Question #: 53
Question: Which statement describes high availability?
A. *A system can withstand some measure of degradation without going down.

B. A system can provide its expected functionality when desired by a user.
C. The probability that your entire system will function as intended for a specified period.
D. A measure of the total time in service divided by the number of failures.
Feedback
A. In a highly available system, downtime is minimized as much as possible and minimal

human intervention is required.
B. This statement describes reliability.
C. This measure defines the reliability of a system.
D. This measure defines the mean time to failure which is used to measure reliability.
Question #: 54
Question: For which type of use case is it usually OK to have 2 9s of availability ( 99%)?
A. *Batch processing
B. ATM transactions
C. Internet of Things (IoT) applications
D. Online commerce
Feedback
A. At 99% availability (2 9s), the system can withstand a maximum disruption of 3 days and
15 hours in a year. This is acceptable for batch processing, data extraction, transfer, and
load jobs.
B. ATM transactions and telecommunications systems are examples of applications that
require a much higher level of availability, typically 5 9s (99.999%).
C. IoT applications cannot miss any data.
D. Online commerce and point of sale applications are examples of systems that require
99.95% availability.
Question #: 55
From module: 10 - Automatic Scaling and Monitoring
Question: Which scenario should be addressed with a network load balancer?
A. *A solution must load balance millions of requests per second while maintaining low
latency.
B. A solution must load balance incoming gRPC requests.
C. A solution must support routing traffic to a containerized application based on the
contents of incoming requests.
D. A solution must route traffic at the Open Systems Interconnection (OSI) model layer 7.
Feedback
A. A network load balancer is capable of handling millions of requests per second while
maintaining ultra-low latencies.
B. An application load balancer is ideal for advanced load balancing of Hypertext Transfer
Protocol (gRPC) traffic.
C. An application load balancer provides request routing based on request contents and is
targeted at delivery of modern application architectures, including container-based
applications.
D. A network load balancer routes traffic at the Open Systems Interconnection (OSI) model
layer 4.
Question #: 56
Question: A company has an application running on two EC2 instances. They want to reduce
idle EC2 capacity. The application load is difficult to forecast, and they want to keep the CPU
utilization close to 40% on all instances. Which type of Amazon EC2 Auto Scaling
A. *Dynamic scaling
B. Predictive scaling
C. Scheduled scaling
D. Manual scaling
Feedback
A. With dynamic scaling, you can define parameters that control the scaling process so that
your auto scaling group can respond automatically to unpredictable conditions.
B. Predictive scaling is useful for scaling in advance of predictable demand. This lets you
scale more proactively before load change if the load pattern can be anticipated.
C. Scheduled scaling lets you scale in or out on a schedule. This isn't the best option for an
unpredictable load.
D. Manual scaling lets you manually change the size of your Amazon EC2 Auto Scaling
group. Manually scaling can be useful when automatic scaling isn't needed or when you
need to hold capacity at a fixed number of instances.
Question #: 57
Question: Which of the following pieces of information MUST be configured for the EC2
instances that will be part of an Auto Scaling group? (Select TWO).
A. *ID of a Amazon Machine Image (AMI)

B. *EC2 instance type
C. Network access control list (ACL)
D. Auto Scaling group metrics
E. Storage volume
Feedback
• Correct multiresponse:When you create an Auto Scaling group, you provide a launch
configuration or launch template that must include the AMI and instance type to use for
the EC2 instances in the group.
• Incorrect multiresponse:Security groups rather than ACLs are associated with your EC2
instances. Group metrics can be enabled on the Auto Scaling group but aren't
configured on each EC2 instance. You can optionally configure Amazon Elastic Block
Store volumes for the instances, but this isn't required.
Question #: 58
Question: How is Elastic Load Balancing (ELB) used with Amazon EC2 Auto Scaling? (Select
TWO).
A. *ELB performs health checks on new EC2 instances that are added to the Amazon EC2
Auto Scaling group.
B. *ELB distributes traffic between EC2 instances in an Auto Scaling group.
C. ELB triggers an Auto Scaling event when a threshold is reached.
D. ELB establishes the minimum and maximum number of instances in the Amazon EC2
Auto Scaling group.
E. ELB automatically adds new instances to the Auto Scaling group when the load reaches
a predetermined limit.
Feedback
• Correct multiresponse:When a new instance is added to an Amazon EC2 Auto Scaling

group, it makes a call to ELB to register the new instance. ELB performs health checks
and distributes traffic between the instances in the Auto Scaling group.
• Incorrect multiresponse:The minimum and maximum number of instances is defined as
part of the Auto Scaling group, and new instances are added based on how the Auto
Scaling group is configured. Amazon CloudWatch initiates an Auto Scaling event when a
threshold is reached.
Question #: 59
Question: Which statement about AWS Auto Scaling is true?
A. *AWS Auto Scaling can be used to automatically scale Amazon DynamoDB tables and
indexes.
B. AWS Auto Scaling and Amazon EC2 Auto Scaling are synonymous.
C. You can use either Amazon EC2 Auto Scaling or AWS Auto Scaling, but not both.
D. AWS Auto Scaling can be used to automatically scale Amazon RDS databases.
Feedback
A. AWS Auto Scaling enables scaling plans for resources, including Amazon DynamoDB
tables and indexes.
B. AWS Auto Scaling is a separate service that can be used together with Amazon EC2 Auto
Scaling.
C. You can use both Amazon EC2 Auto Scaling and AWS Auto Scaling to scale different
types of resources within your workloads.
D. AWS Auto Scaling isn't available for Amazon RDS, although it is available for Aurora
replicas.
Question #: 60
Question: Which statement accurately describes how auto scaling is used?
A. *Auto scaling is useful for predictable workloads.

B. Auto scaling is useful for dynamic, unpredictable workloads but doesn't add much value
for predictable workloads.
C. Auto scaling allows an application to automatically add resources, but it can't
automatically scale them back down.
D. The size of an auto scaling group will scale up and down automatically based on its
configuration and the number of instances can't be manually adjusted.
Feedback
A. Predictable workloads are a good use for auto scaling policies that scale up or down
based on a schedule.
B. Auto scaling is useful for both predictable and dynamic workloads.
C. Auto scaling can automatically scale up or down.
D. The size of an auto scaling group can be manually adjusted.

Academy Cloud Foundations Course Assessment Key

Uploaded by

Academy Cloud Foundations Course Assessment Key

Uploaded by

Question #: 1

From module: 1 - Cloud Concepts Overview

Question: Which IT requirement would lead an architect to choose an infrastructure as a

Response options (correct answers prefixed with *):

From module: 1 - Cloud Concepts Overview

Response options (correct answers prefixed with *):

A. *PaaS avoids the need to manage operating systems.

A. PaaS reduces the need to manage infrastructure including operating systems.

From module: 1 - Cloud Concepts Overview

Response options (correct answers prefixed with *):

From module: 1 - Cloud Concepts Overview

Response options (correct answers prefixed with *):

A. Higher economies of scale translates into lower pay-as-you-go prices.

From module: 1 - Cloud Concepts Overview

Response options (correct answers prefixed with *):

A. *Cloud resources can scale up or down based on demand.

A. The ability to stop guessing capacity is an important benefit of cloud computing.

From module: 1 - Cloud Concepts Overview

Response options (correct answers prefixed with *):

From module: 2 - Cloud Economics and Billing

Question: Which statement accurately describes AWS pricing?

Response options (correct answers prefixed with *):

From module: 2 - Cloud Economics and Billing

Response options (correct answers prefixed with *):

A. *A company can consolidate and centrally manage multiple AWS accounts.

• Correct multiresponse:AWS Organizations is a free account management service to

From module: 2 - Cloud Economics and Billing

Response options (correct answers prefixed with *):

From module: 2 - Cloud Economics and Billing

Response options (correct answers prefixed with *):

A. *The number of servers that need to be migrated to the cloud

From module: 2 - Cloud Economics and Billing

Response options (correct answers prefixed with *):

A. *AWS Cost Explorer

From module: 2 - Cloud Economics and Billing

Response options (correct answers prefixed with *):

From module: 3 - AWS Global Infrastructure Overview

Question: Which statement about AWS Regions is true?

Response options (correct answers prefixed with *):

A. *Using a Region as close as possible to users can reduce latency.

From module: 3 - AWS Global Infrastructure Overview

Response options (correct answers prefixed with *):

From module: 3 - AWS Global Infrastructure Overview

Question: Which statement about edge locations is true?

Response options (correct answers prefixed with *):

From module: 4- AWS Cloud Security

Response options (correct answers prefixed with *):

A. *AWS is responsible for the physical security of data centers.

• Correct multiresponse:AWS is responsible for the physical security of data centers.

From module: 4- AWS Cloud Security

Response options (correct answers prefixed with *):

From module: 4- AWS Cloud Security

Response options (correct answers prefixed with *):

A. *Identity-based policies are attached to a user, group, or role.

• Correct multiresponse:Identity-based policies are attached to an identity, including

From module: 4- AWS Cloud Security

Question: Which scenario describes a use case for AWS CloudTrail?

Response options (correct answers prefixed with *):

From module: 4- AWS Cloud Security

Response options (correct answers prefixed with *):

A. *Transport layer security (TLS) provides encryption of data in transit.

• Correct multiresponse:TLS is an open standard protocol that's used to encrypt data in

From module: 4- AWS Cloud Security

Response options (correct answers prefixed with *):

From module: 5 - Networking and Content Delivery

Response options (correct answers prefixed with *):

A. *Can span Availability Zones

From module: 5 - Networking and Content Delivery

Response options (correct answers prefixed with *):

A. *Specify the range of IP addresses for the VPC.

From module: 5 - Networking and Content Delivery

Response options (correct answers prefixed with *):

A. *An internet gateway

From module: 5 - Networking and Content Delivery

Response options (correct answers prefixed with *):

From module: 5 - Networking and Content Delivery