❣️ Please support us by purchasing this course on Udemy in an interactive version with the discounted link. If you're working for a company, you could most probably easily claim this expense during preparation for your exam. For us, it's to be, or not to be, in the game.

🛍️ Alternatively, you can buy the PDF with those questions on Etsy.

✋ Join a live online community and a course taught by industry experts and pass the Amazon Web Services Certified (AWS Certified) Cloud Practitioner (CLF-C02) confidently. We aim to build an ecosystem of Information Technology (IT) certifications and online courses in cooperation with the technology industry. We believe it will give our students 100% confidence in the pacing market in an open-source environment. We are just at the beginning of our way, so it's even better for you to join now!

1. Always happy to answer your questions on Udemy's Q&A's and outside :)
2. Failed? Please submit a screenshot of your exam result and request a refund (via our upcoming platform, not possible on Udemy); we'll always accept it.
3. Learn about topics, such as:
   • Access Control;
   • Amazon Aurora;
   • Amazon CloudFront;
   • Amazon CloudWatch;
   • Amazon Connect;
   • Amazon DynamoDB;
   • Amazon Elastic Block Store (Amazon EBS);
   • Amazon Elastic Compute Cloud (Amazon EC2);
   • Amazon Elastic Map Reduce (Amazon EMR);
   • Amazon Inspector;
   • Amazon Redshift;
   • Amazon Relational Database Service (Amazon RDS);
   • Amazon Simple Storage Service (Amazon S3);
   • Authentication & Authorization;
   • Availability Zones;
   • AWS Budgets;
   • AWS CloudFormation;
   • AWS CloudTrail;
   • AWS Command Line Interface (AWS CLI);
   • AWS Cost Explorer;
   • AWS Direct Connect;
   • AWS Health Dashboard;
   • AWS Identity and Access Management (AWS IAM);
   • AWS Key Management Service (AWS KMS);
   • AWS Lambda;
   • AWS Pricing Calculator;
   • AWS Trusted Advisor;
   • AWS Web Application Firewall (AWS WAF);
   • Capital Expenditure (CapEx) & Operational Expenditure (OpEx);
   • Cloud Concepts;
   • Compliancy, Governance, Identity & Privacy;
   • Inbound Data Traffic & Outbound Data Traffic;
   • Infrastructure as a Service (IaaS);
   • Platform as a Service (PaaS);
   • Public & Private Cloud;
   • Resource Groups;
   • Serverless;
   • Service Level Agreement (SLA);
   • Software as a Service (SaaS);
   • Virtual Private Clouds (VPC);
   • Much More!
4. Questions are similar to the actual exam, without duplications (like in other courses ;-)).
5. The Practice Tests Exams simulate the actual exam's content, timing, and percentage required to pass the exam.
6. This course is not a Amazon Web Services Certified (AWS Certified) Cloud Practitioner (CLF-C02) Exam Dump. Some people use brain dumps or exam dumps, but that's absurd, which we don't practice.
7. 597 unique questions.

v1.0.0: December 7, 2022.

• Launch of the course.

v1.1.0: January 8, 2023.

• Fix several questions with minor improvements.

v1.1.1: March 7, 2023.

• Fix several typos.

v1.1.2: June 19, 2023.

• Fix 1 question correct answer.

v1.1.3: July 13, 2023.

• Fix 1 question correct answer and several typos.

v1.1.4: August 14, 2023.

• Remove from 2 answers '(Correct)' word.

v1.2.0: October 2, 2023.

• Add 2 new questions and fix 6 questions with incorrect answers.

v1.2.1: November 22, 2023.

• Fix all remaining typos with support of automated proofreading software.

v1.2.2: April 11, 2024.

• Fix 1 question with a wrong answer.

We are so thankful for every contribution, which makes sure we can deliver top-notch content. Whenever you find a missing resource, broken link in a Table of Contents, the wrong answer, please submit an issue. Even better would be a Pull Request (PR).

• 👨‍🎓 Students preparing for the Amazon Web Services Certified (AWS Certified) Cloud Practitioner (CLF-C02) Exam;
• 👨‍🎓 AWS Engineers;
• 👨‍🎓 Azure Engineers;
• 👨‍🎓 Cloud Architects;
• 👨‍🎓 Cloud Engineers;
• 👨‍🎓 DevOps Engineers;
• 👨‍🎓 Enterprise Architects;
• 👨‍🎓 Google Cloud Platform (GCP) Engineers;
• 👨‍🎓 Infrastructure Engineers;
• 👨‍🎓 IT Professionals;
• 👨‍🎓 Lead Engineers;
• 👨‍🎓 Product Architects;
• 👨‍🎓 Product Managers;
• 👨‍🎓 Product Owners;
• 👨‍🎓 Project Managers;
• 👨‍🎓 Scrum Masters;
• 👨‍🎓 Security Engineers;
• 👨‍🎓 Site Reliability Engineers;
• 👨‍🎓 Software Developers/Engineers;
• 👨‍🎓 Software Testers;
• 👨‍🎓 Solution Architects;
• 👨‍🎓 Team Leaders.

• 🤩 Excitement to learn!
• 0️⃣ Prior knowledge is required;
• ✅ You can pass the Amazon Web Services Certified (AWS Certified) Cloud Practitioner (CLF-C02) Exam solely based on our Practice Tests Exams.

• AWS CLI.
• AWS API.
• AWS SDK.
• AWS Management Console.

• Replacing an existing EC2 instance with a larger, more powerful one.
• Increasing the compute capacity of a single EC< instance to address the growing demands of an application.
• Adding more RAM capacity to an EC2 instance.
• Adding more EC2 instances of the same size to handle an increase in traffic.

• Amazon Inspector.
• AWS CloudTrail.
• AWS Trusted Advisor.
• EC2 Instance Usage Report.

• Applying the principle of least privilege to all AWS resources.
• Automatically provisioning new resources to meet demand.
• All AWS services are considered Global Services, and this design helps customers serve their international users.
• Providing compensation to customers if issues occur.
• Ability to recover quickly from failures.

• Responsibilities vary depending on the services used.
• Security of the IaaS services is the responsibility of AWS.
• Patching the guest OS is always the responsibility of AWS.
• Security of the managed services is the responsibility of the customer.

• The Reserved Instance discounts can only be shared with the master account.
• All accounts can receive the hourly cost benefit of the Reserved Instances.
• The purchased instances will have better performance than On-demand instances.
• There are no cost benefits from using consolidated billing; It is for informational purposes only.

• Deploy the application across multiple Availability Zones and Edge locations.
• Deploy the application across multiple Availability Zones and subnets.
• Deploy the application across multiple Regions and Availability Zones.
• Deploy the application across multiple VPC's and subnets.

• Built-in computing capabilities that allow customers to process data locally.
• A catalog of third-party software solutions that customers need to build solutions and run their businesses.
• A hybrid cloud storage between on-premises environments and the AWS Cloud.
• An Exabyte-scale data transfer service that allows you to move extremely large amounts of data to AWS.
• Secure transfer of large amounts of data into and out of the AWS.

• AWS Health Dashboard.
• AWS Support Concierge.
• AWS Customer Service.
• AWS Operations Support.

• Applying the Amazon Connect latency-based routing policy.
• Registering a new US domain name to serve the users in the US.
• Building a new data center in the US and implementing a hybrid model.
• Deploying new Amazon EC2 instances in a Region located in the US.

• IAM roles.
• IAM users.
• IAM user groups.
• AWS Organizations.

• AWS OpsWorks.
• AWS Database Migration Service.
• AWS Server Migration Service.
• AWS Application Discovery Service.

• Build security in every layer.
• Parallelize tasks.
• Implement elasticity.
• Adopt monolithic architecture.

• Increasing speed and agility.
• There is no need to worry about security.
• Gaining complete control over the physical infrastructure.
• Operating applications on behalf of customers.
• All of the physical security and most of the data/network security are taken care of for you.

• Allows treating an application as a single, cohesive unit.
• Reduces inter-dependencies so that failures do not impact other components of the application.
• Allows updates of any monolithic application quickly and easily.
• Allows tracking of any API call made to any AWS service.

• AWS Budgets.
• AWS Pricing Calculator.
• AWS Systems Manager.
• AWS Cost & Usage Reports.

• AWS services' costs will be reduced to half the original price.
• The consolidated billing feature is just for organizational purpose.
• Each AWS account gets volume discounts.
• Each AWS account gets five times the free-tier services capacity.

• Regularly update firmware on EBS devices.
• Create EBS snapshots.
• Ensure that EBS data is encrypted at rest.
• Store a backup daily in an external drive.
• Prevent any unauthorized access to AWS data centers.

• By automatically scaling your on-premises resources based on changes in demand.
• By automatically scaling your AWS resources using an Elastic Load Balancer.
• By reducing interdependencies between application components wherever possible.
• By automatically provisioning the required AWS resources based on changes in demand.

• Setup a CloudWatch billing alarm that triggers an SNS notification when the threshold is exceeded.
• Configure the Amazon Simple Email Service to send billing alerts to their email address on a daily basis.
• Configure the AWS Budgets Service to alert the company when the threshold is exceeded.
• Configure AWS CloudTrail to automatically delete all AWS resources when the threshold is exceeded.
• Configure the Amazon Connect Service to alert the company when the threshold is exceeded.

• AWS Global Accelerator.
• AWS Regions.
• AWS Edge Locations.
• AWS Availability Zones.

• You should grant your users only the permissions they need when they need them and nothing more.
• AllIAM users should have at least the necessary permissions to access the core AWS services.
• All trusted IAM users should have access to any AWS service in the respective AWS account.
• IAM users should not be granted any permissions; to keep your account safe.

• Platform as a Service (PaaS).
• Infrastructure as a Service (IaaS).
• Software as a Service (SaaS).
• Networking as a Service (NaaS).

• S3 Intelligent-Tiering.
• AWS Marketplace.
• Amazon S3 Glacier Deep Archive.
• Amazon EBS.

• Route 53.
• AWS Config.
• Amazon CloudFront.
• Amazon EMR.

• AWS Shield.
• AWS Config.
• Amazon Cognito.
• AWS WAF.
• AWS KMS.

• AWS OpsWorks.
• AWS Storage Gateway.
• Amazon EBS volume.
• Amazon ElastiCache.

• Reserved instances.
• Spot instances.
• Dedicated instances.
• On-demand instances.

• Reserved Instances.
• On-demand Instances.
• Dedicated Instances.
• Spot Instances.

• AWS VPN.
• AWS Direct Connect.
• AWS Regions.
• Amazon CloudFront.

• AWS Artifact.
• AWS Certificate Manager.
• AWS Systems Manager.
• AWS Organizations.

• Amazon VPC.
• Amazon DynamoDB.
• Amazon Elastic MapReduce.
• AWS IAM.
• Amazon Elastic Compute Cloud.

• Amazon Aurora.
• Amazon DynamoDB.
• Amazon Elastic Block Store.
• Amazon Redshift.

• AWS Identity and Access Management (IAM) user.
• Infrastructure Event Management (IEM) engineer.
• AWS Consulting Partners.
• Technical Account Manager (TAM).

• By using Amazon VPC console.
• By contacting the AWS Support team.
• By using AWS Cost Explorer.
• By contacting the AWS Finance team.

• Access keys.
• Secret token.
• UserID.
• User name and password.

• Contact the AWS Customer Service team.
• Contact the AWS Abuse team.
• Contact the AWS Concierge team.
• Contact the AWS Security team.

• Patch Management.
• IAM Management.
• VPC Management.
• Configuration Management.
• Data Center operations.

• ELB.
• Auto Scaling.
• Amazon Athen.
• ECR.
• Amazon EC2.

• Amazon SNS.
• Amazon Kinesis Video Streams.
• AWS CloudFormation.
• Amazon CloudFront.

• A MySQL database installed on an EC2 instance.
• Amazon Aurora.
• Amazon DynamoDB.
• Amazon Neptune.

• AWS CloudFormation.
• AWS Config.
• Amazon SES.
• Amazon EMR.

• Client-side encryption.
• Configuring infrastructure devices.
• Server-side encryption.
• Filtering traffic with Security Groups.

• Detailed troubleshooting guidance to address AWS events impacting your resources.
• Health checks for Auto Scaling instances.
• Recommendations for Cost Optimization.
• A dashboard detailing vulnerabilities in your applications.
• Personalized view of AWS service health.

• AWS Lambda.
• AWS Config.
• Amazon CloudWatch.
• AWS CloudTrail.

• AWS Shield.
• AWS Management Console.
• AWS Secrets Manager.
• AWS Trusted Advisor.

• Amazon S3 provides unlimited storage for any type of data.
• Amazon S3 can run any type of application or backend system.
• Amazon S3 stores any number of objects, but with object size limits.
• Amazon S3 can be scaled manually to store and retrieve any amount of data from anywhere.
• Amazon S3 provides 99.999999999% (11 9's) of data durability.

• Disk disposal.
• Controlling physical access to compute resources.
• Patching the Network infrastructure.
• Setting password complexity rules.
• Configuring network access rules.

• Amazon Aurora.
• Amazon CloudWatch.
• AWS Quick Start reference deployments.
• AWS OpsWorks.

• Elastic RI.
• Premium RI.
• Standard RI.
• Convertible RI.

• AWS Organizations.
• AWS Trusted Advisor.
• IAM User Groups.
• AWS Config.

• Amazon EBS.
• Amazon Instance Store.
• Amazon EFS.
• Amazon S3.

• AWS Elastic Load Balancer.
• AWS Budgets.
• AWS Auto Scaling.
• AWS Cost Explorer.

• Amazon S3 Intelligent-Tiering.
• Amazon S3 Glacier Flexible Retrieval.
• Amazon S3 Standard.
• Amazon S3 Standard-Infrequent Access.

• Amazon DynamoDB.
• Amazon Aurora.
• Amazon Redshift.
• Amazon RDS.

• You have to pay a start-up fee when launching a new instance for the first time.
• The on-demand instances follow the AWS pay-as-you-go pricing model.
• With on-demand instances, no longer-term commitments or upfront payments are needed.
• When using on-demand Linux instances, you are charged per second based on an hourly rate.

• AWS Trusted Advisor.
• Amazon Inspector.
• Amazon SNS.
• Amazon CloudWatch.
• Concierge Support Team.

• Encrypted keys.
• Email verification.
• AWS KMS.
• AWS MFA.

• AWS Knowledge Center.
• AWS Health Dashboard.
• Infrastructure Event Management.
• AWS Support Concierge Service.

• Amazon RDS.
• Amazon Redshift.
• Amazon DynamoDB.
• Amazon CloudWatch.

• Invest heavily in architecting your environment, as it is not easy to change your design later.
• Use AWS reservations to reduce costs when testing your production environment.
• Automate wherever possible to make architectural (© ) experimentation easier.
• Provision a large compute capacity to handle any spikes in load

• Penetration testing is not allowed in AWS.
• Penetration testing is performed automatically by AWS to determine vulnerabilities in your AWS infrastructure.
• Penetration testing can be performed by the customer on their own instances without prior authorization from AWS.
• The AWS customers are only allowed to perform penetration testing on services managed by AWS.

• Amazon SQS.
• Amazon SES.
• AWS Direct Connect.
• Amazon Connect.

• Multi-factor authentication.
• Availability Zones.
• Elastic Load Balancing.
• Penetration testing.
• Vertical Scaling.

• AWS VPN.
• AWS Subnets.
• AWS Dedicated Hosts.
• Amazon VPC.

• Managing environmental events of AWS data centers.
• Protecting the confidentiality of data in transit in Amazon S3.
• Controlling physical access to AWS Regions.
• Ensuring that the underlying EC2 host is configured properly.
• Patching applications installed on Amazon EC2.

• Amazon VPC.
• Amazon CloudWatch.
• Amazon S3.
• Amazon EC2.
• AWS Lambda.

• Amazon EBS.
• Amazon SQS.
• Amazon S3.
• Amazon Instance store.

• Instance Password.
• Key pairs.
• Access Keys.
• MFA.

• In-memory caching for read-heavy applications.
• An Ehcache compatible in-memory data store.
• An online software store that allows Customers to launch pre-configured software with just few clicks.
• A domain name system in the cloud.

• AWS WAF.
• AWS Trusted Advisor.
• AWS Organizations.
• Amazon Config.

• Dedicated Instances.
• Dedicated Hosts.
• On-demand Instances.
• Reserved Instances.

• Free support for all enterprise customers.
• Automatic data protection.
• Reduced Capital Expenditure (CapEx).
• AWS holds responsibility for managing customer applications.

• Always use Global Services in your architecture rather than Regional Services.
• Always choose to pay as you go.
• Treat servers as fixed resources.
• Automate wherever possible.
• Remove single points of failure.

• AWS Direct Connect.
• Amazon CloudFront.
• AWS Snowball.
• Amazon Route 53.

• Internet gateways.
• Virtual Private Cloud.
• Security Groups.
• Amazon CloudFront.

• Amazon Cognito.
• AWS IAM.
• Amazon Aurora.
• AWS WAF.

• Amazon EMR.
• Amazon MQ.
• Amazon SNS.
• Amazon SQS.

• Monitoring network performance.
• Installing software on EC2 instances.
• Creating hypervisors.
• Configuring Access Control Lists (ACLs).
• Hardware maintenance.

• Amazon Redshift.
• Amazon DynamoDB.
• Amazon EC2.
• Amazon RDS.

• MFA.
• Security tokens.
• A user name and password.
• Access keys.

• IAM.
• An internet gateway.
• EBS Snapshot.
• AMI.

• Reserved Compute capacity.
• Eliminating Single Points of Failure (SPOFs).
• Distributed infrastructure.
• Virtualized compute resources.
• Dedicated hosting.

• Encryption of EBS volumes.
• VPC security.
• Access permissions.
• Hardware patching.
• Securing global physical infrastructure.

• The ability of a system to recover gracefully from failure.
• The efficient use of computing resources to meet requirements.
• The ability to monitor systems and improve supporting processes and procedures.
• The ability to manage datacenter operations more efficiently.

• Edge locations are used by CloudFront to cache the most recent responses.
• Edge locations are used by CloudFront to improve your end users' experience when uploading files.
• Edge locations are used by CloudFront to distribute traffic across multiple instances to reduce latency.
• Edge locations are used by CloudFront to distribute content to global users with low latency.

• AWS CloudTrail.
• Amazon Comprehend.
• AWS Transit Gateway.
• AWS X-Ray.
• AWS Config.

• Amazon ECS.
• AWS Data Pipeline.
• AWS Cloud9.
• AWS Personal Health Dashboard.

• CloudFront.
• CloudEndure Migration.
• CloudWatch.
• CloudTrail.

• Use the Import/Export feature to move old files automatically to Amazon Glacier.
• Use the right combination of storage classes based on different use cases.
• Pick the right Availability Zone for your S3 bucket.
• Move all the data stored in S3 standard to EBS.

• AWS Direct Connect.
• Amazon EC2 Auto Scaling.
• Elastic Load Balancer.
• CloudFormation.
• Network ACLs.

• Enabling Amazon EC2 Auto Scaling for all of your workloads.
• Using the AWS Network Load Balancer (NLB) to load balance the incoming HTTP requests.
• Removing all of your Cost Allocation Tags.
• Deploying your AWS resources across multiple Availability Zones.

• S3 Transfer Acceleration.
• AWS WAF.
• AWS Snowmobile.
• AWS Snowball.

• AWS X-Ray.
• Network ACL.
• Security Groups.
• VPC Flow logs.

• AWS KMS.
• AWS Global accelerator.
• AWS Direct Connect.
• AWS Glue.
• Amazon CloudFront.

• Building the relational database schema.
• Performing backups.
• Managing the database settings.
• Patching the database software.
• Installing the database software.

• Amazon DynamoDB.
• Amazon SNS.
• Amazon RDS.
• Amazon ElastiCache.

• APN Consulting Partners.
• AWS TAM.
• APN Technology Partners.
• AWS Professional Services.

• Amazon LightSail.
• AWS Lambda.
• Amazon RDS instances.
• Amazon EC2 instances.

• She has properly built an elastic system.
• She has properly built a fault tolerant system.
• She has properly built an encrypted system.
• She has properly built a scalable system.

• Amazon EFS.
• Amazon SNS.
• Amazon EBS.
• Amazon ECS.
• Amazon EMR.

• Amazon Simple Queue Service.
• AWS Storage Gateway.
• Amazon Simple Email Service.
• Amazon Simple Storage Service.

• Pay less as AWS grows.
• Pay as you go.
• Pay less by using more.
• Save when you reserve.

• Right-size before and after migration.
• Use a Multi-Region Active-Passive architecture.
• Combine On-demand Capacity Reservations with Saving Plans.
• Use a Multi-Region Active-Active architecture.

• Amazon Glacier.
• Amazon EBS.
• Amazon EFS.
• Amazon S3.

• AWS CodePipeline.
• AWS X-Ray.
• Amazon Inspector.
• AWS CloudTrail.

• Amazon Redshift.
• AWS Snowball.
• Amazon Simple Storage Service.
• Amazon EBS.
• Amazon DynamoDB.

• AWS Regions.
• Multi-AZ Deployment.
• Automatic patching.
• Read Replicas.
• Edge Locations.

• Replicate the current resources across multiple Availability Zones within the same region.
• Migrate the application to a hosting provider in Asia.
• Recreate the website content.
• Create a CDN using CloudFront, so that content is cached at Edge Locations close to and in Asia.

• AWS Identity and Access Management.
• Amazon RDS.
• Network Access Control Lists.
• Amazon EMR.

• Iaas & SaaS.
• IaaS.
• SaaS.
• PaaS.

• Strengthen physical security by applying the principle of least privilege.
• Ensure that the application runs on hardware from trusted vendors.
• Use IAM policies to maintain performance.
• Decouple the components of the application so that they run independently.

• Amazon EBS.
• Amazon SQS.
• Amazon Instance store.
• Amazon S3.

• Active archives.
• Dynamic websites' assets.
• Long-term analytic data.
• Active databases.
• Cached data.

• A PaaS solution to automate application deployment.
• A compute engine for Amazon ECS.
• A scalable file storage solution for use with AWS and on-premises servers.
• A NoSQL database service.

• Amazon Kinesis.
• Security groups.
• Amazon Inspector.
• AWS Network Access Control Lists.

• Patch management controls.
• Database controls.
• Awareness & Training.
• Environmental controls.
• Physical controls.

• Reserved instances - No Upfront.
• Reserved instances - Partial Upfront.
• On-Demand instances.
• Spot Instances.

• Elasticity.
• Global reach.
• Data durability.
• High availability.

• AWS Batch.
• AWS Outposts.
• Amazon Lightsail.
• Amazon EC2.
• AWS Lambda.

• Replicate data across multiple Edge Locations worldwide and use Amazon CloudFront to perform automatic failover in the event of an outage.
• Deploy AWS resources across multiple Availability Zones within the same AWS Region.
• Create point-in-time backups in another subnet and recover this data when a disaster occurs.
• Deploy AWS resources to another AWS Region and implement an Active-Active disaster recovery strategy.

• You can contact AWS support to increase the service limits.
• Each IAM user has the same service limit.
• There are no service limits on AWS.
• You can use the AWS Trusted Advisor to monitor your service limits.
• The Amazon Simple Email Service is responsible for sending email notifications when usage approaches a service limit.

• AWS Console.
• AWS Service Catalog.
• AWS OpsWorks.
• AWS CLI.

• AWS Artifact.
• AWS Cloud9.
• AWS Direct Connect.
• AWS CloudTrail.
• AWS VPN.

• AWS EC2 Auto Recovery.
• AWS Auto Scaling.
• AWS Network Load Balancer.
• AWS Application Load Balancer.

• Amazon Neptune.
• Amazon Aurora.
• Amazon RDS for SQL Server.
• Amazon RDS for PostgreSQL.

• AWS CloudHSM.
• Security Groups.
• AWS Batch.
• AWS IAM.
• Network Access Control Lists (Network ACLs).

• Amazon Redshift.
• Amazon Kinesis.
• Amazon DynamoDB.
• Amazon RDS.

• Application development.
• Market research.
• Business analysis.
• Physical hardware.

• EC2 instances will be billed on one second increments, with a minimum of one minute.
• EC2 instances will be billed on one hour increments, with a minimum of one day.
• EC2 instances will be billed on one minute increments, with a minimum of one hour.
• EC2 instances will be billed on one day increments, with a minimum of one month.

• Instance type.
• The Availability Zone where the instance is provisioned.
• Load balancing.
• Number of buckets.
• Number of private IPs.

• By creating an AWS Config template from the old instance and launching a new instance from it.
• By creating an EBS Snapshot of the old instance.
• By installing Aurora on EC2 and launching a new instance from it.
• By creating an AMI from the old instance and launching a new instance from it.

• IAM Principals.
• AWS Service Control Policies (SCPs).
• IAM policies.
• AWS Fargate.

• AWS allows you to host your applications in multiple regions around the world.
• AWS provides customizable hardware at the lowest possible cost.
• AWS allows you to provision resources in minutes.
• AWS allows you to pay upfront to reduce costs.

• Lower administrative burden.
• Complete control over the underlying host.
• Resizable compute capacity.
• Scales automatically to larger or smaller instance types.
• Supports the document and key-value data structure.

• Internet Gateway.
• AWS IQ.
• AWS Direct Connect.
• AWS Site-to-Site VPN.

• Enterprise Support.
• Developer Support.
• Basic Support.
• Business Support.

• Network Access Control Lists (NACLs).
• Key Pairs.
• Access Keys.
• IAM Policies.
• Security Groups.

• Reserved instances.
• Spot Instances.
• On-Demand instances.
• Dedicated instances.

• AWS Service Health Dashboard.
• AWS Management Console.
• Amazon CloudWatch.
• AWS Personal Health Dashboard.

• AWS Software Development Kit.
• AWS Command Line Interface.
• AWS CodeDeploy.
• AWS Management Console.

• Amazon Personalize.
• Amazon Route 53.
• AWS KMS.
• AWS Config.

• AWS CloudFormation.
• AWS Migration Hub.
• AWS IAM.
• AWS Elastic Beanstalk.
• Amazon Macie.

• AWS Trusted Advisor.
• AWS Pricing Calculator.
• Amazon QuickSight.
• AWS X-Ray.

• VPC Peering.
• AWS Transit Gateway.
• Amazon Connect.
• Security Groups.

• Instances can be shut down by AWS at any time with no notification.
• Reserved instances require at least a one-year pricing commitment.
• There is no additional charge for using dedicated instances.
• Reserved instances provide a significant discount compared to on-demand instances.
• [ ]Reserved instances are best suited for periodic workloads.

• Multiple Availability Zones allows you to build resilient and highly available architectures.
• Multiple Availability Zones results in lower total cost compared to deploying in a single Availability Zone.
• Multiple Availability Zones allows for data replication and global reach.
• Multiple Availability Zones within a region increases the storage capacity available in that region.

• On-Demand Instances.
• Spot Instances.
• Reserved Instances - All Upfront.
• Reserved Instances - No Upfront.

• Allows you to exceed AWS service limits.
• Reduces application response time between servers and global users.
• Increases available compute capacity.
• Increases the availability of your application.

• AWS sells the old devices to other hosting providers.
• AWS destroys the old devices in accordance with industry-standard practices.
• AWS sends the old devices for remanufacturing.
• AWS stores the old devices in a secure place.

• Amazon Route 53.
• AWS ACM.
• AWS Directory Service.
• AWS Identity & Access Management.
• AWS Data Pipeline.

• Amazon EC2.
• Amazon S3.
• AWS Lambda.
• Amazon EMR.
• Amazon EBS.

• Application management.
• Capacity management.
• Access control.
• Operating system maintenance.
• Data management.

• By distributing traffic across multiple S3 buckets.
• By replicating data to multiple availability zones.
• By creating database Read Replicas.
• By ensuring that only healthy targets receive traffic.

• On-demand instances.
• Spot instances.
• Dedicated instances.
• Reserved instances.

• Snowball.
• S3 Transfer Acceleration.
• Snowmobile.
• Amazon VPC.

• Amazon S3 Glacier.
• Amazon EFS.
• Amazon S3 Standard.
• Amazon EBS.

• Security Groups.
• Amazon ECS.
• AWS IAM.
• AWS Support.

• Premium Support.
• Business Support.
• Enterprise Support.
• Standard Support.

• AWS Config.
• Amazon CloudWatch.
• AWS CloudTrail.
• AWS CloudFormation.

• Provides complete control over the virtual infrastructure.
• Allows customers to deliver new solutions faster.
• Lowers operational complexity.
• Eliminates the need to encrypt data.
• Allows developers to control all patching related activities.

• Hosting static websites.
• Hosting websites that require sustained high CPU utilization.
• Cost-effective database and log storage.
• A media store for the CloudFront service.
• Processing data streams at any scale.

• Delete all access keys and use passwords instead.
• Only share them with trusted people.
• Rotate them regularly.
• Save them within your application code.

• Key Pair.
• Access Keys.
• SDK.
• MFA.

• It improves the performance of AWS resources.
• It reduces the time needed to provision AWS resources.
• It reduces the number of developers necessary.
• It allows for programmatic management of AWS resources.

• AWS Storage Gateway.
• Amazon S3.
• Amazon EBS.
• Amazon Glacier.

• Customers can add all AWS accounts to an AWS Organization, enable Consolidated Billing, and turn off Reserved Instance sharing.
• Customers can use Amazon Neptune to track and analyze their usage patterns, detect underutilized reserved instances, and then sell them on the Amazon EC2 Reserved Instance Marketplace.
• Customers can use the AWS Budgets service to track the reserved instances usage and set up alert notifications when their utilization drops below the threshold that they define.
• Customers can use Amazon CloudTrail to automatically check for unused reservations and get recommendations to reduce their bill.

• Amazon Aurora.
• Amazon Redshift.
• Amazon DynamoDB.
• Amazon Neptune.

• It enables customers to quickly find descriptions and use cases for AWS services.
• It enables customers to explore the different catalogs of AWS services.
• It simplifies organizing and governing commonly deployed IT services.
• It allows developers to deploy infrastructure on AWS using familiar programming languages.

• Protecting credentials.
• Logging access activity.
• Patching the database software.
• Operating system maintenance.
• Creating access policies.

• AWS Snowball Migration Service.
• AWS Application Discovery Service.
• AWS DMS.
• AWS Migration Hub.

• Amazon Machine Image.
• AWS Cost Explorer.
• AWS Cost & Usage Report.
• Amazon CloudWatch.

• An AWS Region is a geographical location with a collection of Edge locations.
• An AWS Region is a virtual network dedicated only to a single AWS customer.
• An AWS Region is a geographical location with a collection of Availability Zones.
• An AWS Region represents the country where the AWS infrastructure exist.

• SNS logs.
• SQS logs.
• CloudWatch Logs.
• CloudTrail logs.

• Availability Zones.
• Data sovereignty.
• The number of reads and writes per second.
• The nature of the queries.
• Software bugs.

• Quickly identify resources that belong to a specific project.
• Quickly identify software solutions on AWS.
• Track API calls in your AWS account.
• Quickly identify deleted resources and their metadata.
• Track AWS spending across multiple resources.

• Controls that are solely the responsibility of the customer based on the application they are deploying within AWS services.
• Controls that a customer inherits from AWS.
• Controls that apply to both the infrastructure layer and customer layers.
• Controls that the customer and AWS collaborate together upon to secure the infrastructure.

• Build multi-region architectures to better serve global customers.
• Apply security at all layers.
• Implement strong Identity and Access controls.
• Use serverless architectures.
• Enable audit logging.

• Protecting sensitive data.
• Patching of the underlying infrastructure.
• Setup and operation of managed databases.
• Maintaining consistent hardware components.
• Installing and configuring third-party software.

• Free commercial software licenses.
• Free technical support.
• Elastic resources.
• On-site visits for auditing.
• Cost Savings.

• Amazon Inspector.
• AWS Virtual Private Gateway.
• AWS Batch.
• Amazon ECS.
• AWS Config.

• Amazon EC2 is considered a Serverless Web Service.
• Amazon EC2 eliminates the need to invest in hardware upfront.
• Amazon EC2 can launch as many or as few virtual servers as needed.
• Amazon EC2 offers scalable computing.

• AWS Lambda.
• Amazon CloudWatch.
• AWS Transit Gateway.
• Amazon EC2.

• Amazon EBS Snapshots.
• Amazon VPC.
• AWS Managed Servers.
• Amazon EC2 Instances.

• AWS Secrets Manager.
• AWS WAF.
• AWS CAF.
• Amazon EFS.

• AWS Cost Explorer.
• AWS TCO Calculator.
• AWS Budgets.
• AWS Pricing Calculator.

• Using AWS Trusted Advisor to find underutilized resources.
• Using AWS CloudTrail to record user activities.
• Using AWS CloudFormation to manage infrastructure as code.
• Deploying an application in multiple Availability Zones.

• AWS allows them to pay later when their business succeed.
• AWS can build complete data centers faster than any other Cloud provider.
• Using AWS, they can reduce time-to-market by focusing on business activities rather than on building and managing data centers.
• AWS removes the need to invest in operational expenditure.
• Using AWS allows companies to replace large capital expenditure with low variable costs.

• Automatically scales to meet required throughput capacity.
• Provides resizable instances to match the current demand.
• Supports both relational and non-relational data models.
• Offers extremely low (single-digit millisecond) latency.
• Supports the most popular NoSQL database engines such as CouchDB and MongoDB.

• Versioning.
• Deduplication.
• Permissions.
• Decryption.
• Conversion.

• AWS Partners.
• AWS Artifact.
• AWS Professional Services.
• Amazon Athena.
• Amazon PinPoint.

• Deleting unused EBS volumes after terminating an EC2instance.
• Deleting unused AutoScaling launch configuration.
• Deleting unused Elastic Load Balancers.
• Releasing unused Elastic IPs after terminating an EC2instance.

• AWS Cost Explorer.
• AWS Pricing Calculator.
• AWS Budgets.
• AWS Consolidated Billing.

• Running penetration tests.
• Reserving capacity.
• Data center operations.
• Auditing and regulatory compliance.
• Infrastructure security.

• Amazon Simple Email Service (Amazon SES).
• Amazon Simple Storage Service (Amazon S3).
• Amazon Simple Notification Service (Amazon SNS).
• Amazon Simple Queue Service (Amazon SQS).

• AWS CodeDeploy.
• AWS Quick Starts.
• AWS CloudFormation.
• AWS DMS.
• AWS Management Console.

• Low monthly instance maintenance costs.
• Low-cost instance tagging.
• Per-second instance billing.
• Low instance start-up fees.

• AWS Security Team.
• AWS Professional Services.
• AWS Trusted Advisor.
• AWS Concierge Support Team.

• AWS KMS.
• AWS Service Control Policies (SCPs).
• Multi-Factor Authentication (MFA).
• Amazon Macie.

• AWS Well-Architected Tool.
• AWS Artifact.
• AWS Glue.
• Amazon Chime.

• Least Privilege.
• Pilot Light.
• Fault Tolerance.
• Multi-threading.

• All up-front reservation.
• All reserved instance payment options provide the same discount level.
• Partial up-front reservation.
• No up-front reservation.

• Access control.
• Physical MFA devices.
• Data encryption.
• Unlimited storage.
• Load balancing.

• 3 hours for the Linux instance and 5 hours for the CentOS instance.
• 2 hours, 5 minutes and 9 seconds for the Linux instance and 4 hours, 23 minutes and 7 seconds for the CentOS instance.
• 2 hours, 5 minutes and 9 seconds for the Linux instance and 5 hours for the CentOS instance.
• 3 hours for the Linux instance and 4 hours, 23 minutes and 7 seconds for the CentOS instance.

• AWS Trusted Advisor.
• AWS Operations Support.
• AWS Support API.
• AWS Personal Health Dashboard.

• AWS CLI.
• AWS Security Groups.
• AWS SDKs.
• AWS Network Access Control Lists.
• AWS CodeCommit.

• AWS Resource Groups.
• IAM Policies.
• IAM Roles.
• IAM Users.
• AWS Organizations.

• Database Snapshots.
• Multi-AZ Deployments.
• Automated Backups.
• Read Replicas.

• Using the AWS ACM service.
• Using Security Bulletins.
• Using the AWS Management Console.
• Using Compliance Resources.

• IAM Users.
• Key Pair.
• IAM Roles.
• IAM Groups.

• AWS Global Accelerator.
• AWS Application Load Balancer (ALB).
• Amazon CloudFront.
• Transit VPC.

• Use Software test automation tools.
• Use AWS CodeDeploy to build and automate your AWS environment.
• Use code to provision and operate your AWS infrastructure.
• Migrate all of your applications to a dedicated host.

• Restrict any API call made through SDKs or CLI.
• Create one IAM account for each department in the company (Development, QA, Production), and share it across all staff in that department.
• Require Multi-Factor Authentication (MFA) for all IAM User access.
• Set up two login passwords.

• Amazon VPC.
• Amazon S3.
• Amazon Lightsail.
• AWS Cost Explorer.

• The AWS Region's security level.
• Data sovereignty.
• Cost.
• The planned number of VPCs.
• Geographic proximity to the company's location.

• Amazon EFS.
• Amazon Neptune.
• Amazon ElastiCache.
• DAX.

• Auto Scaling Groups caches the most recent responses at global edge locations to reduce latency and improve performance.
• Auto Scaling Groups scales EC2 instances in multiple Availability Zones to increase application availability and fault tolerance.
• Auto Scaling Groups scales EC2 instances across multiple regions to reduce latency for global users.
• Auto Scaling Groups distributes application traffic across multiple Availability Zones to enhance performance.

• AWS helps customers invest more in capital expenditures.
• AWS automates all infrastructure operations, so customers save more on human resources costs.
• AWS continues to lower the cost of cloud computing for its customers.
• AWS secures AWS resources at no additional charge.

• Building a schema for an application.
• Replacing physical hardware.
• Creating a new hypervisor.
• Patch management of the underlying infrastructure.
• File system encryption.

• AWS CloudHSM.
• U2F Security Key.
• AWS Access Keys.
• AWS Key Pair.

• Amazon SNS.
• AWS Elastic Beanstalk.
• AWS Systems Manager.
• AWS Trusted Advisor.

• The amount of time the instances will be running.
• Number of security groups.
• Allocated Elastic IP Addresses.
• Number of Hosted Zones.
• Number of instances.

• AWS Data Pipeline.
• AWS Storage Gateway.
• Amazon Aurora.
• Amazon EFS.

• Amazon Simple Storage Service.
• Amazon Elastic Block Store.
• Amazon Elastic Container Service.
• AWS Storage Gateway.

• EBS and S3 are accessible only to the root account owner.
• The systems administrator must contact AWS Support first to activate his new IAM account.
• There is not enough space in S3 to store the snapshots.
• There is a non-explicit deny to all new users.

• AWS CloudTrail.
• Amazon CloudFront.
• AWS CloudFormation.
• Amazon CloudWatch.

• Amazon Cloud Directory allows the organization of hierarchies of data across multiple dimensions.
• Amazon Cloud Directory enables the analysis of video and data streams in real time.
• Amazon Cloud Directory allows users to access AWS with their existing Active Directory credentials.
• Amazon Cloud Directory allows for registration and management of domain names.

• 12 hours.
• 15 minutes.
• 24 hours.
• One hour.

• Deploy the application to at least two Availability Zones.
• Use Elastic Load Balancing (ELB) across multiple AWS Regions.
• Deploy the application code on at least two servers in the same Availability Zone.
• Rewrite the application code to handle all incoming requests.

• Labor and IT costs.
• Cooling and power consumption.
• Amazon EBS computing power.
• Software architecture.
• Software compatibility.

• AWS Basic Support.
• AWS Developer Support.
• AWS Business Support.
• AWS Enterprise Support.

• Amazon EC2.
• AWS Lambda.
• Amazon DynamoDB.
• Amazon EMR.
• Amazon RDS.

• Amazon GuardDuty.
• AWS ACM.
• Amazon Detective.
• AWS WAF.

• AWS Config.
• AWS OpsWorks.
• AutoScaling.
• AWS CloudFormation.

• Amazon EBS.
• Amazon EFS.
• Amazon S3.
• Amazon Instance Store.

• AWS WAF.
• Amazon CloudWatch.
• AWS Cloud9.
• AWS CloudTrail.

• On-demand Instances.
• Dedicated Hosts.
• Spot Instances.
• Reserved Instances.

• Create an IAM role and attach a policy with Amazon DynamoDB access permissions.
• Create an IAM role and attach a policy with Administrator access permissions.
• Create an IAM user and attach a policy with Amazon DynamoDB access permissions.
• Create an IAM user and attach a policy with Administrator access permissions.

• Generate new IAM access keys every time you delegate permissions.
• Store the required AWS credentials directly within the application code.
• Use temporary security credentials (IAM roles) instead of long-term access keys.
• Do nothing; Applications that run on Amazon EC2 instances do not need permission to interact with other AWS services or resources.

• Use servers instead of managed services.
• Use existing third-party software licenses on AWS.
• Migrate production workloads to AWS edge locations instead of AWS Regions.
• Use AWS Outposts to run all workloads in a cost-optimized environment.

• Amazon SQS.
• Virtual Private Gateway.
• AWS Artifact.
• Amazon CloudFront.

• Amazon Connect.
• AWS CLI.
• AWS Identity and Access Management (IAM).
• Amazon SNS.
• Amazon Virtual Private Cloud.

• Vertically scaling EC2 instances.
• Running RDS instances in parallel.
• Vertically scaling RDS instances.
• Running EC2 instances in parallel.

• AWS Cost Explorer.
• AWS Pricing Calculator.
• AWS Budgets.
• AWS Cost & Usage Report.

• Stop all running services and open an investigation.
• Give your root account password to AWS Support so that they can assistin troubleshooting and securing the account.
• Check the AWS CloudTrail logs and delete all IAM users that have access to your resources.
• Open an investigation and delete any potentially compromised IAM users.
• Change your AWS root account password and the passwords of any IAM users.

• Elastic coupling.
• Loosely coupling.
• Scalable coupling.
• Tightly coupling.

• Amazon Elastic File System.
• Amazon Simple Storage Service.
• Amazon Elastic Block Store.
• AWS Storage Gateway.

• Create private connection to your data center.
• Achieve global high availability.
• Automate the process of provisioning new compute resources.
• Make synchronous replication of your data possible.

• Lambda only supports Python and Node.js, but third party plugins are available to convert code in other languages to these formats.
• Lambda natively supports a number of programming languages such as Node.js, Python, and Java.
• Lambda is AWS' proprietary programming language for microservices.
• Lambda doesn't support programming languages; it is a serverless compute service.
• Lambda can support any programming language using an API.

• Automatically decouples application components.
• Facilitates tracking of user requests to identify application issues.
• Helps improve application performance.
• Deploys applications to Amazon EC2 instances.
• Deploys applications to on-premises servers.

• Edge locations are located in separate Availability Zones worldwide to serve global customers.
• An availability zone exists within an edge location to distribute content globally with low latency.
• An Availability Zone is a geographic location where AWS provides multiple, physically separated and isolated edge locations.
• An AWS Availability Zone is an isolated location within an AWS Region, however edge locations are located in multiple cities worldwide.

• 24x7 access to customer service.
• Access to Cloud Support Engineers via email only during business hours.
• Access to the Infrastructure Event Management (IEM) feature for additional fee.
• 24x7 access to the TAM feature.
• Partial access to the core Trusted Advisor checks.

• Amazon GuardDuty.
• Amazon Personalize.
• Amazon Cognito.
• AWS IAM.

• AWS CloudFormation.
• AWS Config.
• AWS CloudTrail.
• AWS Auto Scaling.

• Eliminates the need to monitor servers and applications.
• Manages all the compliance and auditing tasks.
• Provides custom hardware to meet any specification.
• Eliminates the need to guess on infrastructure capacity needs.
• Enables customers to trade their capital expenses for operational expenses.

• AWS Fargate.
• Amazon Elastic Compute Cloud.
• Amazon RDS.
• AWS Database Migration service (DMS).
• AWS Lambda.

• AWS CloudFormation.
• Amazon Route 53.
• Amazon Chime.
• Amazon Aurora.

• Amazon Comprehend.
• AWS IAM.
• Amazon Polly.
• Amazon Rekognition.

• Amazon Neptune.
• Amazon CloudSearch.
• Microsoft SQL Server on Amazon EC2.
• MySQL on Amazon EC2.
• Amazon RDS for MySQL.

• EC2 On-Demand Instances.
• EC2 Reserved Instances - No Upfront.
• EC2 Spot Instances.
• EC2 Reserved Instances - All Upfront.

• AWS account owner.
• AWS technical account manager.
• AWS security team.
• AWS cloud support engineers.

• AWS File Transfer Acceleration.
• AWS Server Migration Service.
• AWS Database Migration Service.
• AWS Application Discovery Service.

• It helps AWS customers deploy their applications without worrying about the underlying infrastructure.
• It applies advanced IAM security features automatically.
• It automates the provisioning and updating of your infrastructure in a safe and controlled manner.
• It allows you to model your entire infrastructure in just a text file.
• It compiles and builds application code in a timely manner.

• On-premises.
• Mixed.
• Hybrid.
• Cloud.

• CloudEndure Disaster Recovery.
• CloudEndure Migration.
• AWS Backup.
• AWS Glue.

• S3 Standard-IA.
• S3 Intelligent-Tiering.
• S3 Glacier Deep Archive.
• S3 Standard.

• In another Edge location.
• In another Region.
• In another VPC.
• In another Availability Zone.

• You should use instance store volumes to store login data.
• You should regularly patch the operating system and applications on your EC2 instances.
• You should deploy critical components of your application in the Availability Zone that you trust.
• You can track all API calls using Amazon Athena.

• Cost comparisons between AWS Cloud environments and on-premises environments.
• Accurate estimates of AWS service costs based on your expected usage.
• Consolidated billing.
• Highly accurate cost forecasts for up to 12 months ahead.

• RDS Single-AZ.
• RDS Write Replica.
• RDS Snapshots.
• RDS Multi-AZ.

• Deleting all EBS volumes attached to the instances.
• You cannot minimize charges for on-demand instances.
• Terminating the instances.
• Stopping the instances.

• Delete root user access keys if you do not need them.
• Apply MFA for the root account and use it for all of your work.
• Access the root account only from your personal Mobile Phone.
• Only share your AWS account password or access keys with trusted persons.

• The size of volumes provisioned per month.
• The compute capacity you consume.
• The amount of data you have stored in snapshots.
• The compute time you consume.
• The number of Snowball storage devices you request.

• Attach a separate IAM policy for each individual account.
• Apply the Principle of Least Privilege.
• For security purposes, you should not grant any permission to the DevOps team.
• Create six different IAM passwords.

• Compute charges.
• The number of services used.
• Data Transfer In charges.
• Data Transfer Out charges.
• The number of IAM roles provisioned.

• A user who chooses to buy On-demand, Convertible, Partial upfront instances.
• A user who chooses to buy Reserved, Convertible, All upfront instances.
• A user who chooses to buy Reserved, Standard, No upfront instances.
• A user who chooses to buy Reserved, Standard, All upfront instances.

• The ability to bid to get the lowest possible prices.
• The ability to register EC2 instances to get volume discounts on every hour the instances are running.
• The ability to buy Dedicated Instances for up to 90% discount.
• The ability to pay upfront to get lower hourly costs.

• It means that you save more when you consume more.
• It means as more time passes using AWS, you pay more for its services.
• It means that AWS will continuously lower costs as it grows.
• It means that you have the ability to pay as you go.

• AWS Auto Scaling.
• Amazon Elastic Compute Cloud.
• Amazon Elastic File System.
• Amazon ElastiCache.

• Amazon VPC allows customers to control user interactions with all other AWS resources.
• AWS Customers have complete control over their Amazon VPC virtual networking environment.
• AWS is responsible for all the management and configuration details of Amazon VPC.
• Amazon VPC helps customers to review their AWS architecture and adopt best practices.

• AWS Cost Explorer.
• AWS Pricing Calculator.
• AWS Budgets.
• AWS TCO Calculator.

• AWS Config.
• Amazon Redshift.
• Amazon MQ.
• AWS Trusted Advisor.
• Amazon Cognito.

• AWS OpsWorks.
• AWS CloudFormation.
• AWS Quick Starts.
• AWS CloudTrail.

• Amazon Kinesis.
• Amazon QuickSight.
• AWS CodeDeploy.
• Amazon Athena.

• Amazon RDS.
• Amazon DynamoDB.
• AWS Lambda.
• AWS Fargate.
• Amazon EMR.

• Testing your application's response time from different locations.
• Testing your network to find security vulnerabilities that an attacker could exploit.
• Testing your instances to check for the unhealthy ones.
• Testing your software for bugs and errors.

• Enables you to backup extremely large amounts of data at very low costs.
• Enables you to move Exabyte-scale data from on-premises datacenters into AWS.
• Enables you to analyze and process extremely large amounts of data in a timely manner.
• Enables you to easily run and scale Apache Spark, Hadoop,and other Big Data frameworks.
• Enables you to easily run and manage Docker containers.

• There is no chat feature in AWS support.
• The chat feature is available for all plans for an additional fee, but you have to request it first.
• At a minimum, upgrade to Business support plan.
• Upgrade from the Basic Support plan to Developer Support.

• AWS Fargate.
• AWS Batch.
• Amazon Personalize.
• AWS Elastic Beanstalk.

• With AWS, you replace low upfront expenses with large variable payments.
• With AWS, you replace low upfront expenses with large fixed payments.
• With AWS, you replace large upfront expenses with low fixed payments.
• With AWS, you replace large capital expenses with low variable payments.

• Database setup.
• Network traffic protection.
• Management of the operating system.
• Access management.
• Management of firewall rules.

• Using tags to group resources.
• Using AWS CloudFormation to automate the deployment of resources.
• Deploying resources of the same type in different regions.
• Configuring Amazon Inspector to automatically analyze costs and email reports.

• AWS Direct Connect.
• Amazon Comprehend.
• AWS Snowmobile.
• AWS VPN.

• It automates the process of building, maintaining, and running ETL jobs.
• It provides physical devices to migrate data from on premises to AWS.
• It allows integration of on-premises IT environments with Cloud Storage.
• It provides hardware-based key storage for regulatory compliance.

• Amazon S3 Glacier Deep Archive.
• Amazon S3 Standard-Infrequent Access.
• Amazon S3 Glacier.
• Instance Store.

• AWS Global Accelerator.
• AWS Data Pipeline.
• AWS DAX Accelerator.
• AWS Transfer Acceleration.

• Serverless Architectures use new powerful computing devices.
• With the Server-based Architectures, compute resources continue to run all the time but with serverless architecture, compute resources are only used when code is being executed.
• When you reserve serverless capacity, you will get large discounts compared to server reservation.
• With Serverless Architectures you have the ability to scale automatically up or down as demand changes.

• Point-to-point connectivity between an on-premises data center and AWS.
• Detects configuration changes in the AWS environment.
• DNS configuration and management.
• Manages global application traffic through a variety of routing types.
• Provides infrastructure security optimization recommendations.

• AWS Snowmobile.
• AWS Import/Export.
• AWS DMS.
• AWS Snowball.

• Amazon Redshift.
• Amazon Athena.
• AWS Cloud9.
• Amazon ElastiCache for Redis.

• Delete the encryption keys once your data is encrypted.
• With AWS you do not need to worry about encryption.
• Enable S3 Encryption.
• Encrypt the data prior to uploading it.
• Delete all IAM users that have access to S3.

• AWS CodeDeploy.
• AWS CodeCommit.
• CloudEndure.
• AWS CodeBuild.

• Using default encryption for any number of S3 buckets.
• The number of EBS volumes attached to your instances.
• The storage class used for the objects stored.
• Creating and deleting S3 buckets.
• The total size in gigabytes of all objects stored.

• Tracks user activity and APl usage.
• Increases application availability by caching at the edge.
• Enables faster disaster recovery.
• Stores archived data at very low costs.
• Delivers content to end users with low latency.

• Amazon Lightsail.
• Amazon Connect.
• AWS Direct Connect.
• AWS Elastic Beanstalk.

• Using the AWS Cost & Usage Report.
• Using the AWS Total Cost of Ownership (TCO) dashboard.
• Using the AWS CloudWatch logs dashboard.
• Using the Amazon VPC dashboard.

• Convertible.
• Expedited.
• Bulk.
• Spot.
• Standard.

• AWS Artifact.
• AWS Config.
• Amazon CloudWatch.
• AWS CloudTrail.

• AWS Resource Groups.
• AWS Placement Groups.
• AWS Management Console.
• AWS Tag Editor.

• Amazon Inspector.
• Amazon CloudWatch.
• AWS CloudFormation.
• AWS CloudTrail.

• Amazon Detective.
• AWS X-Ray.
• AWS Security Hub.
• AWS Shield.

• Amazon EC2.
• AWS Fargate.
• AWS Lambda.
• Amazon ECS.
• Amazon EMR.

• Use EC2 Dedicated Hosts.
• Use EC2 Reserved Instances.
• Use EC2 Spot Instances.
• Use EC2 On-demand Instances.

• Tagging Enforcement.
• Architecture Optimization.
• Budgeting Processes.
• Resource Controls.

• RedShift.
• RDS.
• CloudHSM.
• DMS.

• IAM Identity.
• IAM Group.
• IAM Role.
• IAM Policy.

• AWS allows customers to launch powerful EC2 instances to handle spikes in load.
• AWS allows customers to pay upfront to get bigger discounts.
• AWS allows customers to launch and terminate EC2 instances based on demand.
• AWS allows customers to choose cheaper types of EC2 instances that best fit their needs.

• PostgreSQL.
• Oracle.
• Microsoft SQL Server.
• Teradata.

• AWS DMS.
• Amazon S3 Transfer Acceleration.
• AWS Directory Service.
• AWS Transit Gateway.

• Run WordPress on an Amazon Lightsail instance.
• Install WordPress on an Amazon EC2 instance.
• Use the Amazon S3 Web hosting feature.
• Host the website directly on AWS Cloud Development Kit (AWS CDK).

• AWS KMS.
• AWS Certificate Manager.
• AWS CodeDeploy.
• AWS CodeCommit.
• CloudHSM.

• Amazon EC2.
• Amazon Cognito.
• Amazon RDS.
• Amazon Inspector.

• Auto Scaling.
• ELB.
• Amazon Route53.
• Amazon Elastic Container Service.

• AWS IAM.
• AWS Outposts.
• AWS Federation.
• Amazon Redshift.

• Reserved capacity instead of on demand.
• Loose coupling over tight coupling.
• Servers instead of managed services.
• Disposable resources instead of fixed servers.
• Multi-AZ deployments instead of multi-region deployments.

• AWS CloudTrail Trails.
• IAM Credential Report.
• AWS Artifact reports.
• AWS Cost and Usage Report.

• AWS Shield.
• AWS Certificate Manager.
• AWS CloudHSM.
• AWS WAF.

• There is no need to architect for these capabilities in AWS, as AWS is redundant by default.
• Deploy the application in a single Availability Zone.
• Deploy the application in multiple Availability Zones in a single AWS region.
• Deploy the application in multiple Availability Zones in multiple AWS regions.

• Instance Store.
• S3.
• DynamoDB.
• Amazon Route 53.
• AWS VPN.

• Number of Requests.
• Traffic Distribution.
• Number of Volumes.
• Instance type.
• Storage Class.

• AWS Service Control Policies (SCPs).
• AWS Artifact.
• AWS Budgets.
• AWS Acceptable Use Policy.

• AWS Bulletins.
• AWS TAM.
• AWS Support APl.
• AWS Security Blog.
• AWS Classroom Training.

• By enabling S3 Versioning.
• By configuring S3 Bucket Policies.
• By configuring S3 Lifecycle Policies.
• By disabling S3 Cross-Region Replication (CRR).

• Securing regions and edge locations.
• Performing auditing tasks.
• Monitoring AWS resources usage.
• Securing access to AWS resources.

• Business & Enterprise Support.
• Basic & Developer Support.
• Developer & Enterprise Support.
• Developer & Business Support.

• AWS Lambda runs code without provisioning or managing servers.
• AWS Lambda provides resizable compute capacity in the cloud.
• There is no charge when your AWS Lambda code is not running.
• AWS Lambda can be called directly from any mobile app.

• It's not possible to meet regulatory compliance requirements in the Cloud.
• AWS applies the most common Cloud security standards, and is responsible for complying with customers' applicable laws and regulations.
• AWS has many common assurance certifications such as ISO 9001 and HIPAA.
• Many AWS services are assessed regularly to comply with local laws and regulations.

• Your security team.
• Your development team.
• AWS.
• Your internal DevOps team.

• Amazon Elastic Transcoder.
• Amazon Pinpoint.
• AmazonS3.
• Amazon Rekognition.

• Control access to AWS services.
• Help organizations design and maintain an accelerated path to successful cloud adoption.
• Manage your organization's payment methods.
• Help organization achieve their desired business outcomes with AWS.
• Consolidate billing across multiple AWS accounts.

• AWS Shield.
• Amazon Redshift.
• Amazon RDS.
• Amazon Comprehend.

• AWS Application Discovery service.
• Amazon DevPay.
• AWS Marketplace.
• Resource Groups.

• AWS CodePipeline.
• AWS CodeCommit.
• AWS X-Ray.
• Amazon Inspector.

• Amazon Cognito.
• AWS Systems Manager.
• AWS Cloud9.
• Amazon Route 53.

• Federation.
• Access keys.
• IAM Permissions.
• WAF rules.

• Awareness and Training.
• Communications controls.
• Data center security controls.
• Environmental controls.
• Resource Configuration Management.

• AWS Billing Dashboard.
• AWS Cost Dashboard.
• AWS Service Health Dashboard.
• AWS Security Dashboard.

• Store media assets in the region closest to your end users.
• Store media assets on an additional EBS volume and increase the capacity of your server.
• Replicate media assets to at least two availability zones.
• Reduce the size of media assets using the Amazon Elastic Transcoder.
• Store media assets in $3 and use CloudFront to distribute these assets.

• Use manual monitoring techniques to protect your AWS resources.
• Use IAM roles to grant temporary access instead of long-term credentials.
• Scale horizontally to protect from failures.
• Enable real-time traceability.
• Never store sensitive data in the cloud.

• Use the AWS Pricing Calculator service to monitor the costs incurred by each department.
• Use Amazon Aurora to forecast AWS spending based on usage.
• Apply cost allocation tags to segment AWS costs by different e projects and departments.
• Configure AWS Price List API to receive billing updates for each department automatically.

• Manages user access and encryption keys.
• Controls what IP address ranges can connect to your database instance.
• Deploys SSL/TLS certificates for use with your database instance.
• Distributes incoming traffic across multiple targets.

• EC2 launch type.
• Fargate launch type.
• Lightsail launch type.
• Lambda launch type.

• Try to remove unnecessary AWS accounts.
• Add the accounts to an AWS Organization and use Consolidated Billing.
• Track the AWS charges that are incurred by the member accounts.
• Enable AWS tiered-pricing before provisioning resources.

• Network ACLs and Traffic Manager.
• Network ACLs and Subnets.
• Security Groups and Internet Gateways.
• Security Groups and Network ACLs.

• Access to the full set of Trusted Advisor checks.
• Support Concierge Service.
• Less than 15 minutes response-time support if your business critical system goes down.
• AWS Support API.
• Proactive Technical Account Management.

• Amazon Simple Storage Service.
• AWS Elastic Beanstalk.
• AWS CodeCommit.
• Amazon Elastic File System.

• AWS manages everything related to EC2 operating systems.
• AWS customers are responsible for patching any database software running on Amazon EC2.
• Server side encryption is the responsibility of AWS.
• AWS is responsible for the security of your application.

• Improves Fault-Tolerance.
• Provides your business with a seamless remote accessibility.
• Prevents unauthorized users from getting into your network.
• Provides automatic data backups.
• Can be scaled manually in a shorter period of time.

• With the AWS pay-as-you-go pricing model, you don't have to pay any upfront fee.
• You have no responsibility for third-party software license costs.
• You only pay for the individual services that you need with no long-term contracts.
• For some services, you have to pay a startup fee in order to get the service running.
• There are no reservations on AWS, you only pay for what you use.

• AWS Control Tower.
• Amazon Macie.
• AWS Systems Manager Patch Manager.
• AWS Systems Manager Patch Manager AWS Security Hub.

• Use CloudFront to monitor the CPU usage.
• Set the AWS Config CPU threshold to 60% to receive a notification when EC2 usage exceeds that value.
• Use CloudWatch Alarms to monitor the CPUand alert when the CPU usage is >= 60%.
• Use SNS to menitor the utilization of the server.

• Amazon EBS.
• Amazon RDS.
• You can't run a database inside an Amazon EC2 instance.
• Amazon DynamoDB.

• Amazon CloudWatch.
• Amazon CloudSearch.
• Amazon Elastic MapReduce.
• Amazon CloudHSM.

• Storage consumed.
• Number of requests to your functions.
• Number of volumes.
• Placement groups.
• Compute time consumed.

• An IAM user is uniquely associated with only one person, however a role is intended to be assumable by anyone who needs it.
• An IAM user has permanent credentials associated with it, however a role has temporary credentials associated with it.
• IAM users are more cost effective than IAM roles.
• Arole is uniquely associated with only one person, however an IAM user is intended to be assumable by anyone who needs it.
• An IAM user has temporary credentials associated withit, however a role has permanent credentials associated with it.

• Deleting unused buckets.
• Using reservations.
• Deleting unnecessary snapshots.
• Changing the type of the volume.
• Distributing requests to multiple volumes.

• Notifies AWS customers about abuse events once they are reported.
• Continuously monitors AWS infrastructure and helps detect threats such as attacker reconnaissance or account compromise.
• Helps AWS customers identify the root cause of potential security issues.
• Checks security groups for rules that allow unrestricted access to AWS. resources.

• Amazon RDS.
• AWS Outposts.
• Amazon DocumentDB.
• Amazon DynameDB.

• Amazon CloudWatch.
• AWS Service Catalog.
• AWS Directory Service.
• AWS Tagging.

• Amazon Glacier only accepts data in a compressed format.
• Glacier can only be used to store frequently accessed data and data archives.
• Amazon Glacier does not provide immediate retrieval of data.
• Attach Glacier to an EC2 Instance to be able to store data.