WGU D282 Pre-Assessment – Cloud
Foundations Review | 100% Verified
Questions & Answers | Grade A
1. Which cloud service model provides the consumer with the ability to deploy and run their
own custom software using a cloud provider's platform?
A) IaaS
B) SaaS
C) PaaS
D) ITaaS
2. A company wants to migrate its on-premises data center to the cloud and have full control
over the operating systems and applications, while the cloud provider manages the hardware.
Which service model is this?
A) Software as a Service (SaaS)
B) Platform as a Service (PaaS)
C) Infrastructure as a Service (IaaS)
D) Database as a Service (DBaaS)
3. What is a primary characteristic of a public cloud?
A) Dedicated to a single organization
B) Owned and operated by a third-party cloud provider
C) Always less expensive than on-premises
D) Located on a company's own premises
4. Which cloud deployment model would a financial institution most likely use for sensitive
data due to strict regulatory requirements?
A) Public Cloud
B) Hybrid Cloud
C) Community Cloud
D) Private Cloud
5. The ability to add or remove computing resources dynamically to meet changing demand is
known as:
A) Durability
B) Elasticity
,C) Scalability
D) Agility
6. Which AWS service is a global content delivery network (CDN)?
A) AWS Global Accelerator
B) Amazon Route 53
C) Amazon CloudFront
D) AWS Direct Connect
7. What is the primary purpose of Amazon Route 53?
A) Virtual Private Cloud
B) Domain Name System (DNS) web service
C) Object Storage
D) Content Delivery Network
8. Which AWS service allows for the deployment of code without provisioning or managing
servers?
A) AWS Lambda
B) Amazon EC2
C) AWS Fargate
D) AWS Elastic Beanstalk
9. An organization needs a fully managed relational database in AWS. Which service should
they use?
A) Amazon Redshift
B) Amazon DynamoDB
C) Amazon RDS
D) Amazon S3
10. Which of the following is an object storage service?
A) Amazon EBS
B) Amazon EFS
C) Amazon S3
D) Amazon EC2
11. The "Shared Responsibility Model" in cloud computing divides responsibilities between:
A) The IT department and the security department
B) The cloud provider and the cloud consumer
C) The network team and the server team
D) The company and its clients
,12. In the AWS Shared Responsibility Model, who is responsible for securing the physical
infrastructure of the cloud?
A) The customer
B) AWS
C) Shared responsibility
D) The customer's security team
13. Who is responsible for managing the guest operating system and application security on
an Amazon EC2 instance?
A) AWS
B) The customer
C) Shared responsibility
D) The operating system vendor
14. Which of the following is a customer responsibility in the IaaS model?
A) Physical security of data centers
B) Patching the database software running on an EC2 instance
C) Controlling the hypervisor
D) Securing the underlying network infrastructure
15. What is the primary purpose of an AWS Identity and Access Management (IAM) Policy?
A) To set a budget for AWS services
B) To define permissions for users, groups, and roles
C) To launch new virtual servers
D) To monitor network traffic
16. The principle of granting only the permissions needed to perform a task is known as:
A) Least Privilege
B) Privilege Escalation
C) Root Access
D) Multi-Factor Authentication
17. Which IAM entity is intended to be assumable by an AWS service or user to grant
temporary security credentials?
A) IAM User
B) IAM Group
C) IAM Role
D) IAM Policy
, 18. A company wants its EC2 instances to securely access other AWS services without storing
access keys on the instance. What should they use?
A) IAM Users
B) IAM Groups
C) IAM Roles
D) Access Keys
19. Which AWS service provides a virtual network isolated from other networks in the cloud?
A) AWS Direct Connect
B) Amazon VPC
C) AWS VPN
D) Amazon CloudFront
20. Within a VPC, what is a subnet?
A) A range of IP addresses in your VPC
B) A security firewall
C) A virtual private gateway
D) A network access control list
21. Which component of a VPC allows resources in a private subnet to initiate outbound
traffic to the internet while blocking unsolicited inbound traffic?
A) Internet Gateway
B) NAT Gateway
C) Virtual Private Gateway
D) Security Group
22. A Security Group in AWS acts as a:
A) Stateful firewall
B) Stateless firewall
C) Network gateway
D) DNS server
23. Which AWS cost management tool allows you to set custom budget alerts when costs
exceed a threshold?
A) AWS Cost Explorer
B) AWS Budgets
C) AWS Pricing Calculator
D) AWS Trusted Advisor
Foundations Review | 100% Verified
Questions & Answers | Grade A
1. Which cloud service model provides the consumer with the ability to deploy and run their
own custom software using a cloud provider's platform?
A) IaaS
B) SaaS
C) PaaS
D) ITaaS
2. A company wants to migrate its on-premises data center to the cloud and have full control
over the operating systems and applications, while the cloud provider manages the hardware.
Which service model is this?
A) Software as a Service (SaaS)
B) Platform as a Service (PaaS)
C) Infrastructure as a Service (IaaS)
D) Database as a Service (DBaaS)
3. What is a primary characteristic of a public cloud?
A) Dedicated to a single organization
B) Owned and operated by a third-party cloud provider
C) Always less expensive than on-premises
D) Located on a company's own premises
4. Which cloud deployment model would a financial institution most likely use for sensitive
data due to strict regulatory requirements?
A) Public Cloud
B) Hybrid Cloud
C) Community Cloud
D) Private Cloud
5. The ability to add or remove computing resources dynamically to meet changing demand is
known as:
A) Durability
B) Elasticity
,C) Scalability
D) Agility
6. Which AWS service is a global content delivery network (CDN)?
A) AWS Global Accelerator
B) Amazon Route 53
C) Amazon CloudFront
D) AWS Direct Connect
7. What is the primary purpose of Amazon Route 53?
A) Virtual Private Cloud
B) Domain Name System (DNS) web service
C) Object Storage
D) Content Delivery Network
8. Which AWS service allows for the deployment of code without provisioning or managing
servers?
A) AWS Lambda
B) Amazon EC2
C) AWS Fargate
D) AWS Elastic Beanstalk
9. An organization needs a fully managed relational database in AWS. Which service should
they use?
A) Amazon Redshift
B) Amazon DynamoDB
C) Amazon RDS
D) Amazon S3
10. Which of the following is an object storage service?
A) Amazon EBS
B) Amazon EFS
C) Amazon S3
D) Amazon EC2
11. The "Shared Responsibility Model" in cloud computing divides responsibilities between:
A) The IT department and the security department
B) The cloud provider and the cloud consumer
C) The network team and the server team
D) The company and its clients
,12. In the AWS Shared Responsibility Model, who is responsible for securing the physical
infrastructure of the cloud?
A) The customer
B) AWS
C) Shared responsibility
D) The customer's security team
13. Who is responsible for managing the guest operating system and application security on
an Amazon EC2 instance?
A) AWS
B) The customer
C) Shared responsibility
D) The operating system vendor
14. Which of the following is a customer responsibility in the IaaS model?
A) Physical security of data centers
B) Patching the database software running on an EC2 instance
C) Controlling the hypervisor
D) Securing the underlying network infrastructure
15. What is the primary purpose of an AWS Identity and Access Management (IAM) Policy?
A) To set a budget for AWS services
B) To define permissions for users, groups, and roles
C) To launch new virtual servers
D) To monitor network traffic
16. The principle of granting only the permissions needed to perform a task is known as:
A) Least Privilege
B) Privilege Escalation
C) Root Access
D) Multi-Factor Authentication
17. Which IAM entity is intended to be assumable by an AWS service or user to grant
temporary security credentials?
A) IAM User
B) IAM Group
C) IAM Role
D) IAM Policy
, 18. A company wants its EC2 instances to securely access other AWS services without storing
access keys on the instance. What should they use?
A) IAM Users
B) IAM Groups
C) IAM Roles
D) Access Keys
19. Which AWS service provides a virtual network isolated from other networks in the cloud?
A) AWS Direct Connect
B) Amazon VPC
C) AWS VPN
D) Amazon CloudFront
20. Within a VPC, what is a subnet?
A) A range of IP addresses in your VPC
B) A security firewall
C) A virtual private gateway
D) A network access control list
21. Which component of a VPC allows resources in a private subnet to initiate outbound
traffic to the internet while blocking unsolicited inbound traffic?
A) Internet Gateway
B) NAT Gateway
C) Virtual Private Gateway
D) Security Group
22. A Security Group in AWS acts as a:
A) Stateful firewall
B) Stateless firewall
C) Network gateway
D) DNS server
23. Which AWS cost management tool allows you to set custom budget alerts when costs
exceed a threshold?
A) AWS Cost Explorer
B) AWS Budgets
C) AWS Pricing Calculator
D) AWS Trusted Advisor
