AWS CLOUD CERTIFICATION SCRIPT 2026
QUESTIONS WITH SOLUTIONS GRADED A+
◍ True or False?Private subnets have direct access to the Internet..
Answer: False
◍ With Amazon VPC, what is the maximum size IP address range you can
have in a VPC?orWhat is the maximum size IP address range you can have
in an Amazon VPC?.
Answer: /16
◍ In ________, Amazon Web Services (AWS) began offering IT
infrastructure services to businesses in the form of web services -- now
commonly known as cloud computing..
Answer: 2006
◍ Which of the following is an optional security control that can be applied at
the subnet layer of a VPC? (Select the best answer).
Answer: Network ACL
◍ True or False? Networking, storage, compute, and databases are examples of
service categories that AWS offers..
Answer: True
◍ True or False? AWS is responsible for the security of everything above the
hypervisor layer..
Answer: False
◍ True or False? AWS Key Management Service (AWS KMS) enables you to
assess, audit, and evaluate the configurations of your AWS resources..
Answer: False
◍ When creating an AWS Identity and Access Management (IAM) policy,
what are the two types of access that can be granted to a user? (Choose
, two.).
Answer: - AWS Management Console access- Programmatic access
◍ ______ means the infrastructure has built-in component redundancy and
______ means that resources dynamically adjust to increases or decreases in
capacity requirements..
Answer: Fault tolerant, elastic and scalableFault tolerant means the
infrastructure has built-in component redundancy and elastic and scalable
means that resources dynamically adjust to increases or decreases in
capacity requirements.
◍ Which of the following elements are used to create an Amazon ec2 auto
scaling launch configuration? (Choose three).
Answer: - Amazon Machine Image (AMI)- Instance Type- Amazon Elastic
Block Store (Amazon EBS) volumes
◍ In the shared responsibility model, the customer is responsible for providing
what? (Select the best answer.).
Answer: Security in the cloud
◍ True or False? The Access Key and Secret Access Key are used to log into
the AWS Management Console..
Answer: False
◍ Your web application needs four instances to support steady traffic all of the
time. On the last day of the month, the traffic triples. What is the most
cost-effective way to handle this pattern? (Select the best answer).
Answer: Run four Reserved Instances constantly, then add eight
On-Demand Instances on the last day of each month.
◍ Which of the following are features of an edge location? (select all that
applies)
A. Used in conjunction with the CloudFront service
B. Distribute Network Address
C. Distribute content to users
D. Cache common responses.
, Answer: - Used in conjunction with the CloudFront service- Distribute
content to users- Cache common responses
◍ Which AWS service provides infrastructure security optimization
recommendations?
A. AWS Price List Application Programming Interface (API)
B. Reserved Instances
C. AWS Trusted Advisor
D. Amazon Elastic Compute Cloud (Amazon EC2) Spot Fleet.
Answer: AWS Trusted AdvisorOnline tool that helps you configure
resources to follow best practices.
◍ You are a solutions architect working for a large retail company that is
migrating its existing infrastructure to AW
S. You recommend they use a custom Amazon VP
C. They'll need a public subnet for their web servers and a private subnet for
their databases. They web servers and database servers be highly available,
with a minimum of two web servers and two database servers each. How
many subnets should you have to maintain high availability?
A. 3
B. 2
C. 1
D. 4.
Answer: 4You need two public subnets (one for each Availability Zone) and
two private subnets (one for each Availability Zone). Therefore, you need
four subnets.
◍ The the Shared Responsibility Model, which of the following are examples
of "security in the cloud?" (Choose two)
A. In which country content is stored
B. Compliance with compute security standards and regulations
C. Protecting the global infrastructure
D. Physical security of the facility in which the services operate
E. Which AWS services are used the content.
QUESTIONS WITH SOLUTIONS GRADED A+
◍ True or False?Private subnets have direct access to the Internet..
Answer: False
◍ With Amazon VPC, what is the maximum size IP address range you can
have in a VPC?orWhat is the maximum size IP address range you can have
in an Amazon VPC?.
Answer: /16
◍ In ________, Amazon Web Services (AWS) began offering IT
infrastructure services to businesses in the form of web services -- now
commonly known as cloud computing..
Answer: 2006
◍ Which of the following is an optional security control that can be applied at
the subnet layer of a VPC? (Select the best answer).
Answer: Network ACL
◍ True or False? Networking, storage, compute, and databases are examples of
service categories that AWS offers..
Answer: True
◍ True or False? AWS is responsible for the security of everything above the
hypervisor layer..
Answer: False
◍ True or False? AWS Key Management Service (AWS KMS) enables you to
assess, audit, and evaluate the configurations of your AWS resources..
Answer: False
◍ When creating an AWS Identity and Access Management (IAM) policy,
what are the two types of access that can be granted to a user? (Choose
, two.).
Answer: - AWS Management Console access- Programmatic access
◍ ______ means the infrastructure has built-in component redundancy and
______ means that resources dynamically adjust to increases or decreases in
capacity requirements..
Answer: Fault tolerant, elastic and scalableFault tolerant means the
infrastructure has built-in component redundancy and elastic and scalable
means that resources dynamically adjust to increases or decreases in
capacity requirements.
◍ Which of the following elements are used to create an Amazon ec2 auto
scaling launch configuration? (Choose three).
Answer: - Amazon Machine Image (AMI)- Instance Type- Amazon Elastic
Block Store (Amazon EBS) volumes
◍ In the shared responsibility model, the customer is responsible for providing
what? (Select the best answer.).
Answer: Security in the cloud
◍ True or False? The Access Key and Secret Access Key are used to log into
the AWS Management Console..
Answer: False
◍ Your web application needs four instances to support steady traffic all of the
time. On the last day of the month, the traffic triples. What is the most
cost-effective way to handle this pattern? (Select the best answer).
Answer: Run four Reserved Instances constantly, then add eight
On-Demand Instances on the last day of each month.
◍ Which of the following are features of an edge location? (select all that
applies)
A. Used in conjunction with the CloudFront service
B. Distribute Network Address
C. Distribute content to users
D. Cache common responses.
, Answer: - Used in conjunction with the CloudFront service- Distribute
content to users- Cache common responses
◍ Which AWS service provides infrastructure security optimization
recommendations?
A. AWS Price List Application Programming Interface (API)
B. Reserved Instances
C. AWS Trusted Advisor
D. Amazon Elastic Compute Cloud (Amazon EC2) Spot Fleet.
Answer: AWS Trusted AdvisorOnline tool that helps you configure
resources to follow best practices.
◍ You are a solutions architect working for a large retail company that is
migrating its existing infrastructure to AW
S. You recommend they use a custom Amazon VP
C. They'll need a public subnet for their web servers and a private subnet for
their databases. They web servers and database servers be highly available,
with a minimum of two web servers and two database servers each. How
many subnets should you have to maintain high availability?
A. 3
B. 2
C. 1
D. 4.
Answer: 4You need two public subnets (one for each Availability Zone) and
two private subnets (one for each Availability Zone). Therefore, you need
four subnets.
◍ The the Shared Responsibility Model, which of the following are examples
of "security in the cloud?" (Choose two)
A. In which country content is stored
B. Compliance with compute security standards and regulations
C. Protecting the global infrastructure
D. Physical security of the facility in which the services operate
E. Which AWS services are used the content.
