- (Topic 2)
Which AWS service is designed to help users orchestrate a workflow process for a set of AWS Lambda functions?
Correct Answer:
D
The AWS service that is designed to help users orchestrate a workflow process for a set of AWS Lambda functions is AWS Step Functions. AWS Step Functions is a service that helps users coordinate multiple AWS services into serverless workflows that can be triggered by events, such as messages, API calls, or schedules. AWS Step Functions allows users to create and visualize complex workflows that can include branching, parallel execution, error handling, retries, and timeouts. AWS Step Functions can integrate with AWS Lambda to orchestrate a sequence of Lambda functions that perform different tasks or logic. Amazon DynamoDB, AWS CodePipeline, and AWS Batch are not the best services to use for orchestrating a workflow process for a set of AWS Lambda functions. Amazon DynamoDB is a fully managed NoSQL database service that provides fast and consistent performance, scalability, and flexibility. AWS CodePipeline is a fully managed continuous delivery service that helps users automate the release process of their applications. AWS Batch is a fully managed service that helps users run batch computing workloads on the AWS Cloud.
- (Topic 3)
A company wants to migrate its PostgreSQL database to AWS. The company does not use the database frequently.
Which AWS service or resource will meet these requirements with the LEAST management overhead?
Correct Answer:
D
Amazon Aurora Serverless is an on-demand, auto-scaling configuration for Amazon Aurora PostgreSQL-Compatible Edition. It is a fully managed service that automatically scales up and down based on the application’s actual needs. Amazon Aurora Serverless is suitable for applications that have infrequent, intermittent, or unpredictable database workloads, and that do not require the full power and range of options provided by provisioned Aurora clusters. Amazon Aurora Serverless eliminates the need to provision and manage database instances, and reduces the management overhead associated with database administration tasks such as scaling, patching, backup, and recovery. References: Amazon Aurora Serverless, Choosing between Aurora Serverless and provisioned Aurora DB clusters, [AWS Cloud Practitioner Essentials: Module 4 - Databases in the Cloud]
- (Topic 1)
Which task is the responsibility of AWS, according to the AWS shared responsibility model?
Correct Answer:
B
The correct answer is B because ensuring the environmental safety and security of the AWS infrastructure that hosts Workspaces is the responsibility of AWS, according to the AWS shared responsibility model. The AWS shared responsibility model is a framework that defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the global infrastructure, such as the regions, availability zones, and edge locations; the hardware, software, networking, and facilities that run the AWS services; and the virtualization layer that separates the customer instances and storage. The customer is responsible for the security in the cloud, which includes the customer data, the guest operating systems, the applications, the identity and access management, the firewall configuration, and the encryption. The other options are incorrect because they are the responsibility of the customer, according to the AWS shared responsibility model. Setting up multi-factor authentication (MFA) for each Workspaces user account, providing security for Workspaces user accounts through AWS Identity and Access Management (IAM), configuring AWS CloudTrail to log API calls and user activity, and encrypting data at rest and in transit are all tasks that the customer has to perform to secure their Workspaces environment. Reference: AWS Shared Responsibility Model, Amazon WorkSpaces Security
- (Topic 3)
A company wants an automated process to continuously scan its Amazon EC2 instances for software vulnerabilities.
Which AWS service will meet these requirements?
Correct Answer:
B
Amazon Inspector is the AWS service that can be used to perform vulnerability scans on AWS EC2 instances for software vulnerabilities automatically in a periodic fashion. Amazon Inspector automatically discovers EC2 instances and scans them for software vulnerabilities and unintended network exposure. Amazon Inspector uses AWS Systems Manager (SSM) and the SSM Agent to collect information about the software application inventory of the EC2 instances. This data is then scanned by Amazon Inspector for software vulnerabilities12. Amazon Inspector also integrates with other AWS services, such as Amazon EventBridge and AWS Security Hub, to automate discovery, expedite vulnerability routing, and shorten mean time to remediate (MTTR) vulnerabilities2.
- (Topic 1)
A developer needs to build an application for a retail company. The application must provide real-time product recommendations that are based on machine learning.
Which AWS service should the developer use to meet this requirement?
Correct Answer:
B
Amazon Personalize is a fully managed machine learning service that customers can use to generate personalized recommendations for their users. It can also generate user segments based on the users’ affinity for certain items or item metadata. Amazon Personalize uses the customers’ data to train and deploy custom recommendation models that can be integrated into their applications. Therefore, the correct answer is B. You can learn more about Amazon Personalize and its use cases from this page.