1. As a head of the development team, you need to grant to a new employee access to create several Amazon S3 buckets. Which option would be the best choice in this case?

A) Service control policy (SCP)
B) IAM group
C) IAM role
D) AWS account root user



2. Which Amazon S3 storage class should you use to optimize storage costs by automatically moving data to the most cost-effective access tier?

A) S3 Standard-IA
B) S3 Standard
C) S3 Intelligent-Tiering
D) S3 One Zone-IA



3. Your team uses Amazon CloudFront as a Content Delivery Network (CDN) for high performance for your global website. Which component of the AWS infrastructure does Amazon CloudFront use to ensure low latency delivery?

A) Edge locations
B) Virtual Private Cloud (VPC)
C) Availability Zones (AZ)
D) AWS Regions



4. You have configured a VPC in AWS Cloud. Which AWS component should you use to allow communication between your VPC and the internet?

A) Security group
B) Internet gateway
C) AWS Elastic Load Balancing
D) AWS Direct Connect



5. You've deployed a web application that is running on Amazon EC2 instance in a subnet in your VPC. When you try to connect to it via a browser using HTTP over the internet the connection times out. What can solve the problem? (select 3)(Select 3answers)

A) You should check that the VPC contains an Internet Gateway and the subnet's route table is routing 0.0.0.0/0 to the Internet Gateway.
B) You should check that the security group allows inbound access on port 80.
C) You should check that the VPC contains a Virtual Private Gateway and the subnet's route table is routing 0.0.0.0/0 to the Virtual Private Gateway.
D) You should check that the security group allows outbound access on port 80.
E) You should check that the network ACL allows inbound access on port 80.