- (Topic 1)
According to the AWS shared responsibility model, which of the following are AWS responsibilities? (Select TWO.)

1. A. Network infrastructure and virtualization of infrastructure
2. B. Security of application data
3. C. Guest operating systems
4. D. Physical security of hardware
5. E. Credentials and policies

Correct Answer: AD
The correct answers are A and D because network infrastructure and virtualization of infrastructure and physical security of hardware are AWS responsibilities according to the AWS shared responsibility model. The AWS shared responsibility model is a framework that defines the division of responsibilities between AWS and the customer for security and compliance. AWS is responsible for the security of the cloud, which includes the global infrastructure, such as the regions, availability zones, and edge locations; the hardware, software, networking, and facilities that run the AWS services; and the virtualization layer that separates the customer instances and storage. The customer is responsible for the security in the cloud, which includes the customer data, the guest operating systems, the applications, the identity and access management, the firewall configuration, and the encryption. The other options are incorrect because they are not AWS responsibilities according to the AWS shared responsibility model. Security of application data, guest operating systems, and credentials and policies are customer responsibilities according to the AWS shared responsibility model. Reference: [AWS Shared Responsibility Model]

- (Topic 1)
A company needs to continuously monitor its environment to analyze network and account activity and identify potential security threats.
Which AWS service should the company use to meet these requirements?

1. A. AWS Artifact
2. B. Amazon Macie
3. C. AWS Identity and Access Management (IAM)
4. D. Amazon GuardDuty

Correct Answer: D
Amazon GuardDuty is a service that provides intelligent threat detection and continuous monitoring for the AWS environment. It analyzes network and account activity using machine learning and threat intelligence to identify potential security threats, such as unauthorized access, compromised credentials, malicious hosts, and reconnaissance activities. It also generates detailed and actionable findings that can be viewed on the AWS Management Console or sent to other AWS services, such as Amazon CloudWatch Events and AWS Lambda, for further analysis or remediation. Amazon GuardDuty OverviewAWS Certified Cloud Practitioner - aws.amazon.com

- (Topic 3)
Which AWS services can be used to store files? (Select TWO.)

1. A. Amazon S3
2. B. AWS Lambda
3. C. Amazon Elastic Block Store (Amazon EBS)
4. D. Amazon SageMaker
5. E. AWS Storage Gateway

Correct Answer: AC
Amazon S3 and Amazon EBS are two AWS services that can be used to store files . Amazon S3 is an object storage service that offers high scalability, durability, availability, and performance. Amazon EBS is a block storage service that provides persistent and low-latency storage volumes for Amazon EC2 instances. AWS Lambda, Amazon SageMaker, and AWS Storage Gateway are other AWS services that have different purposes, such as serverless computing, machine learning, and hybrid cloud storage .

- (Topic 1)
A company is migrating an application that includes an Oracle database to AWS. The company cannot rewrite the application.
To which AWS service could the company migrate the database?

1. A. Amazon Athena
2. B. Amazon DynamoDB®
3. C. Amazon RDS
4. D. Amazon DocumentDB (with MongoDB compatibility)

Correct Answer: C
Amazon Relational Database Service (Amazon RDS) is a service that provides fully managed relational database engines. Amazon RDS supports several database engines, including Oracle, MySQL, PostgreSQL, MariaDB, SQL Server, and Amazon Aurora. Amazon RDS can be used to migrate an application that includes an Oracle database to AWS without rewriting the application, as long as the application is compatible with the Oracle version and edition supported by Amazon RDS. Amazon RDS can also provide benefits such as high availability, scalability, security, backup and restore, and performance optimization. [Amazon RDS Overview] AWS Certified Cloud Practitioner - aws.amazon.com

- (Topic 2)
Which AWS service or tool should a company use to forecast AWS spending?

1. A. Amazon DevPay
2. B. AWS Organizations
3. C. AWS Trusted Advisor
4. D. Cost Explorer

Correct Answer: D
Cost Explorer is an AWS service or tool that can be used to forecast AWS spending. It allows users to analyze their AWS costs and usage using interactive graphs and tables. It also provides features such as filtering, grouping, and forecasting to help users plan their future spending. Amazon DevPay is an AWS service that allows developers to sell applications that are built on AWS services. It handles the billing and metering for the customers of the applications and collects payments from them. It is not a tool for forecasting AWS spending. AWS Organizations is an AWS service that allows users to centrally manage and govern their AWS accounts. It provides features such as creating groups of accounts, applying policies, and automating account creation. It is not a tool for forecasting AWS spending. AWS Trusted Advisor is an AWS service that provides best practices and recommendations to optimize the performance, security, and cost of AWS resources. It can help users identify opportunities to reduce their AWS costs, but it is not a tool for forecasting AWS spending