Cloud Practitioner · 34% of the exam

Cloud Technology and Services: free practice questions

5 sample questions from our 85-question bank for this domain — answers and explanations included. These are the same scenario-based style as the real AWS exam.

1. A company is migrating a large on-premises Oracle data warehouse (approximately 80 TB) to AWS for analytics modernization. They want to re-platform to a fully managed AWS service optimized for complex analytical queries across large datasets, and they want to minimize ongoing administrative effort. Which combination of AWS services represents the BEST migration and target architecture approach? (Select TWO)

  • A. Use AWS Database Migration Service (DMS) to migrate the data
  • B. Use AWS Snowball Edge to physically transfer the 80 TB dataset to AWS✓ Correct
  • C. Load the migrated data into Amazon RDS for Oracle as the target analytics database
  • D. Load the migrated data into Amazon Redshift as the target analytics database✓ Correct
  • E. Use Amazon SageMaker to store and query the migrated data warehouse
  • F. Use Amazon DynamoDB as the target analytics database
Explanation

AWS Snowball Edge is correct for the data transfer. At 80 TB, transferring data over the internet or Direct Connect would take an extremely long time and incur high data transfer costs. Snowball Edge is a physical device that AWS ships to the customer; data is loaded locally and shipped back to AWS for high-speed ingestion — the ideal approach for large-scale, one-time migrations. Amazon Redshift is correct as the target platform. It is AWS's fully managed, petabyte-scale cloud data warehouse specifically optimized for OLAP (complex analytical queries) with columnar storage and massively parallel processing (MPP) — the direct modern replacement for an on-premises Oracle data warehouse. AWS DMS is a strong tool for ongoing, incremental data replication and schema conversion but for an 80 TB initial bulk load, Snowball Edge is far more practical and efficient; DMS alone would be very slow at this scale. Amazon RDS for Oracle is a managed relational database service but is designed for OLTP workloads, not data warehousing — it would not provide the analytical query performance of Redshift and still uses an Oracle license cost. Amazon SageMaker is a machine learning platform for building and deploying ML models — it is not a data warehouse or general analytics query engine. Amazon DynamoDB is a NoSQL key-value and document database optimized for millisecond-latency OLTP workloads, not for complex multi-table analytical queries typical of a data warehouse.

2. A startup is launching a new application and expects steady, predictable traffic for the next two years. They want to minimize compute costs for their Amazon EC2 instances. Which purchasing option offers the greatest discount over On-Demand pricing for this scenario?

  • A. On-Demand Instances
  • B. Spot Instances
  • C. Reserved Instances (1-year, no upfront)
  • D. Reserved Instances (3-year, all upfront)✓ Correct
Explanation

Reserved Instances with a 3-year term and all-upfront payment provide the maximum discount available against On-Demand pricing — up to 72% depending on instance type and region. Since the startup has predictable 2-year traffic, committing for 3 years with all-upfront payment offers the best savings. | On-Demand Instances carry no commitment and therefore carry the highest per-hour cost. | Spot Instances can offer up to 90% savings but can be interrupted with two minutes' notice, making them unsuitable for steady, always-on workloads. | Reserved Instances with a 1-year, no-upfront term offer a meaningful discount but significantly less than the 3-year all-upfront option.

3. A company needs to host a MySQL-compatible database on AWS that automatically replicates data across three Availability Zones, provides up to five times the throughput of standard MySQL, and is fully managed. Which AWS service meets these requirements?

  • A. Amazon RDS for MySQL
  • B. Amazon Aurora✓ Correct
  • C. Amazon DynamoDB
  • D. Amazon Redshift
Explanation

Amazon Aurora is the correct answer. It is MySQL- and PostgreSQL-compatible, provides up to five times the throughput of standard MySQL, and automatically replicates data six ways across three Availability Zones. Amazon RDS for MySQL is managed but does not offer the same performance multiplier or the same multi-AZ replication architecture as Aurora. Amazon DynamoDB is a NoSQL key-value and document database — it is not MySQL-compatible. Amazon Redshift is a data warehousing service optimized for analytical queries on large datasets, not an OLTP relational database.

4. A company stores sensitive customer records in Amazon S3. The compliance team requires that all S3 objects be encrypted at rest and that the company manage their own encryption keys, retaining full control over key rotation and usage auditing. Which S3 encryption option satisfies this requirement?

  • A. SSE-S3 (Server-Side Encryption with Amazon S3-managed keys)
  • B. SSE-KMS (Server-Side Encryption with AWS KMS-managed keys)
  • C. SSE-C (Server-Side Encryption with Customer-provided keys)✓ Correct
  • D. Client-side encryption with an AWS SDK before uploading to S3
Explanation

SSE-C (Server-Side Encryption with Customer-Provided Keys) is correct when the customer must manage and retain full control of the encryption keys outside of AWS. The customer provides the key with each request; AWS uses it to encrypt/decrypt and then discards it without storing it. SSE-S3 uses keys fully managed by Amazon S3 — the customer has no control over the keys, which does not satisfy the requirement. SSE-KMS uses keys managed within AWS Key Management Service; while customers can control KMS key policies and audit usage via CloudTrail, the keys are stored and managed within AWS, meaning AWS retains some level of access — this may not satisfy requirements for keys that must be entirely outside AWS control. Client-side encryption is another valid option for external key control, but the question specifies server-side encryption ('encrypted at rest' via S3's encryption mechanism), and SSE-C is the server-side option that gives customers full key control.

5. A company stores user-uploaded images in Amazon S3. They want images to be immediately accessible for the first 30 days, then moved to a lower-cost storage class that still provides millisecond retrieval, and finally deleted after 365 days. Which combination of S3 features should they use?

  • A. S3 Versioning and S3 Transfer Acceleration
  • B. S3 Lifecycle policy transitioning to S3 Standard-IA after 30 days, then expiring objects at 365 days✓ Correct
  • C. S3 Lifecycle policy transitioning to S3 Glacier Deep Archive after 30 days, then expiring objects at 365 days
  • D. S3 Replication to a second bucket using a lower-cost storage class
Explanation

An S3 Lifecycle policy can automatically transition objects to S3 Standard-Infrequent Access (Standard-IA) after 30 days, which maintains millisecond retrieval latency at a lower storage cost, and then expire (delete) objects at 365 days — exactly matching the requirements. | S3 Glacier Deep Archive provides the lowest storage cost but has retrieval times of 12–48 hours, which violates the millisecond access requirement after day 30. | S3 Versioning maintains multiple versions of objects for data protection but does not automate tiering or deletion by age. Transfer Acceleration speeds up uploads and is unrelated to storage cost management. | S3 Replication copies objects to another bucket but does not automate deletion or reduce costs based on age.

80 more questions in this domain

Practice the full bank with instant grading, flashcards, and a timed mock exam.

Start practicing free