Home/Directory/devops engineer professional

devops engineer professional Practice Questions

Page 1 of 3 (240 total questions)

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?
View Question & Answer ➔
Your team is using AWS CodePipeline to deploy a multi-account application. You want to ensure that a production deployment only occurs if a security scan (SAST) in the staging account passes. How can you implement this cross-account approval and gating mechanism?
View Question & Answer ➔
An organization wants to implement 'Blue/Green' deployments for their Application Load Balancer-based ECS service. They want to use AWS CodeDeploy to automate the traffic shifting. Which deployment configuration should they use for a zero-downtime, safe transition?
View Question & Answer ➔
To ensure that all CloudFormation templates deployed across an organization follow security best practices (e.g., no public S3 buckets), which feature of AWS CloudFormation should be used to intercept and validate resource creation?
View Question & Answer ➔
Your organization wants to automate the patching of thousands of EC2 instances across multiple regions and accounts. They want to ensure that if a patch fails on more than 10% of the fleet, the process stops immediately. Which AWS Systems Manager feature handles this?
View Question & Answer ➔
To implement a Canary deployment for an AWS Lambda function, you decide to use 'Lambda Aliases' and 'Traffic Shifting'. Which AWS service can automate this process and roll back if CloudWatch Alarms are triggered?
View Question & Answer ➔
An organization wants to centrally manage and share 'CloudFormation Templates' with their developers as 'Products' in a catalog, ensuring that only approved architectures are used. Which service provides this?
View Question & Answer ➔
Which AWS service allows you to record, audit, and evaluate the configurations of your AWS resources over time, and automatically trigger 'Remediation' actions if a resource becomes non-compliant?
View Question & Answer ➔
To monitor the health of a complex microservices application and identify performance bottlenecks across multiple AWS services (Lambda, DynamoDB, SQS), which distributed tracing service should you implement?
View Question & Answer ➔
Your organization wants to implement 'Infrastructure as Code' for their multi-account AWS environment. They want to use a tool that allow them to deploy CloudFormation stacks into hundreds of accounts and across multiple regions with a single operation. Which feature should they use?
View Question & Answer ➔
You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?
View Question & Answer ➔
You need to grant developers read-only access to Amazon S3 buckets without giving them access to other services. What's the best approach using AWS IAM?
View Question & Answer ➔
Scenario: To minimize the downtime during a database schema update for a high-traffic application, you want to use a deployment strategy that creates a second, identical environment and swaps the DNS once the new version is verified. Solution ?
View Question & Answer ➔
An organization wants to implement a 'GitOps' workflow where their Kubernetes cluster configurations (running in EKS) are automatically synchronized with a Git repository. Which AWS service (or integration) facilitates this continuous delivery for EKS?
View Question & Answer ➔
Which AWS Systems Manager feature allows you to securely store and manage sensitive information like database passwords and API keys, providing integration with CloudFormation and IAM for access control?
View Question & Answer ➔
To implement a self-healing architecture for an EC2 fleet, you want to ensure that any instance failing a 'System Health Check' is automatically replaced. Which AWS feature handles this native recovery?
View Question & Answer ➔
An organization following SRE (Site Reliability Engineering) principles wants to measure the 'Error Budget' of their application. They need to track the percentage of successful requests over a 30-day window. Which CloudWatch feature should they use?
View Question & Answer ➔
Which AWS service provides a managed 'Jenkins-like' build environment that scales automatically, supports custom Docker images, and scales down to zero when not in use?
View Question & Answer ➔
To protect a mission-critical web application from 'SQL Injection' and 'Cross-Site Scripting' (XSS) attacks in a CI/CD pipeline, where should AWS WAF rules be applied for the earliest detection?
View Question & Answer ➔
Which AWS tool allows you to visually design and automate complex serverless workflows (e.g., image processing with multiple Lambda functions) using a drag-and-drop interface?
View Question & Answer ➔
A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?
View Question & Answer ➔
An organization wants to ensure that all their S3 buckets are 'Private' and encrypted. They want to receive an alert whenever a bucket is created that doesn't meet these requirements. Which AWS service provides these continuous compliance checks?
View Question & Answer ➔
Scenario: To minimize the risk of a misconfiguration during a CloudFormation deployment, you want to see exactly which resources will be created, modified, or deleted before you commit the changes. Solution ?
View Question & Answer ➔
An organization wants to automate the analysis of their application logs to detect 'Anomaly' patterns (e.g., sudden spike in 5XX errors) that might indicate a budding issue. Which CloudWatch feature provides this AI-based detection?
View Question & Answer ➔
Which AWS service allows you to centrally manage the 'Software Licenses' for your EC2 instances and on-premises servers to ensure compliance and avoid over-provisioning?
View Question & Answer ➔
To implement a 'Secret Rotation' workflow for an Amazon RDS database password, which AWS service provides built-in templates and Lambda integration to automatically update the password every 30 days?
View Question & Answer ➔
An organization wants to run their massive Big Data analytics workload using Amazon EMR. They want to ensure that if a data node fails, it is automatically replaced without impacting the active Spark jobs. Which EMR feature handles this?
View Question & Answer ➔
Which AWS tool provides a 'Developer Dashboard' that aggregates logs, metrics, and deployment status from multiple AWS services (Lambda, ECS, EKS) in a single unified view?
View Question & Answer ➔
Scenario: To minimize the risk of a 'Deployment Failure' due to a script error, you want to ensure that your CodeDeploy deployment automatically rolls back if a specific CloudWatch alarm is triggered during the deployment. Solution ?
View Question & Answer ➔
Which AWS networking service allows you to create a secure, high-performance 'Mirror' of your VPC traffic and send it to an IDS/IPS appliance for deep packet inspection without impacting the main traffic flow?
View Question & Answer ➔
Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?
View Question & Answer ➔
An organization wants to implement 'Governance as Code' and wants to ensure that any new AWS account created under their organization automatically has a specific set of CloudWatch Alarms and IAM roles. Which feature handles this?
View Question & Answer ➔
Which AWS service allows you to capture and analyze the HTTP(S) requests made to your web applications to debug performance bottlenecks and visualize the service dependencies in a 'Service Map'?
View Question & Answer ➔
An organization is using AWS CodePipeline to deploy their serverless application. They want to ensure that a 'Integration Test' stage runs against a temporary 'Prview' environment before deploying to production. Which service should they use to manage these ephemeral environments?
View Question & Answer ➔
Scenario: To minimize the latency for users worldwide, you decide to use a managed 'API Gateway' that provides 'Edge-optimized' endpoints with built-in DDoS protection. Solution ?
View Question & Answer ➔
Your team needs to provision a resource that is not natively supported by AWS CloudFormation (e.g., a 3rd-party SaaS configuration). Which CloudFormation feature allows you to write custom logic in a Lambda function to handle the creation, update, and deletion of this resource?
View Question & Answer ➔
An organization wants to ensure that all their EC2 instances have the latest security patches installed within 48 hours of release. They need a managed service that can scan, report, and automatically apply patches without manual intervention. Which AWS service fits?
View Question & Answer ➔
To monitor the deployment of a new application version in CodeDeploy, you want to ensure that if the '5XX Error' metric for your ALB exceeds 5% during the deployment, the process is aborted. How can you automate this?
View Question & Answer ➔
Your organization wants to transition from a manual 'Release Management' process to a fully automated CI/CD pipeline. They want to use an AWS service that provides a unified dashboard to visualize the entire workflow from source code change to production deployment. Which service should they use?
View Question & Answer ➔
An organization following a 'Multi-account' strategy wants to ensure that all their CloudFormation templates use a specific version of a shared library (Lambda Layer). Which service should they use to share and govern these approved resources across accounts?
View Question & Answer ➔
You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?
View Question & Answer ➔
An organization wants to implement 'Zero-Downtime' updates for their Amazon RDS instances during maintenance windows. They want to ensure that the standby instance takes over with minimal interruption. Which RDS feature should they enable?
View Question & Answer ➔
Your team is using AWS CodePipeline to deploy their application. They want to ensure that a 'Integration Test' stage runs against a temporary 'Preview' environment before deploying to production. Which service should they use to manage these ephemeral environments?
View Question & Answer ➔
An organization wants to analyze their AWS environment for security vulnerabilities like 'Open SSH ports' or 'Over-privileged IAM roles' and wants to receive a 'Security Score' with actionable recommendations. Which service provides this integrated assessment?
View Question & Answer ➔
Your organization wants to use 'AWS Proton' to manage infrastructure for their serverless microservices. They want to ensure that when a developer updates a 'Service Template', it automatically triggers an update for all 'Service Instances'. How is this automated?
View Question & Answer ➔
To improve the performance of a high-traffic web application, you want to use 'AWS Global Accelerator' to route traffic to the closest healthy endpoint. How does Global Accelerator handle health checks?
View Question & Answer ➔
Which AWS security service can automatically detect 'Suspicious API calls' (e.g., from an unknown IP address or a known malicious source) by analyzing your account's CloudTrail logs?
View Question & Answer ➔
Your team wants to implement 'Blue/Green' deployment for their Lambda functions. They want to shift 10% of traffic to the new version every 10 minutes. Which CodeDeploy deployment configuration should they use?
View Question & Answer ➔
An organization following SRE principles wants to measure the 'Error Budget' of their application. They need to track the percentage of successful requests over a 30-day window. Which CloudWatch feature should they use?
View Question & Answer ➔
To ensure that all EC2 instances launched in your AWS account have a specific 'Tag' (e.g., Owner) and an 'IAM Role' attached, which combination of services should you use to automate the audit and remediation?
View Question & Answer ➔
Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?
View Question & Answer ➔
To protect a mission-critical web application from 'Botnets' and 'L7 DDoS' attacks, you want to implement a solution that identifies sophisticated bot traffic patterns and blocks them before they reach your origin. Which service should you choose?
View Question & Answer ➔
An organization wants to run their massive Big Data analytics workload using Amazon EMR. They want to ensure they don't over-pay for capacity during periods of low activity. Which EMR feature automatically adjusts the number of nodes in the cluster?
View Question & Answer ➔
You are hosting a globally distributed application that requires a single static entry point to route users to the closest healthy region. The application uses HTTP/HTTPS traffic and requires SSL termination and WAF protection. Solution ?
View Question & Answer ➔
Which AWS security service allows you to automatically rotate your database passwords every 30 days and provides a managed way to inject these secrets into your Lambda functions without human intervention?
View Question & Answer ➔
An organization following 'Infrastructure as Code' principle wants to ensure that any change to the production environment's 'Config' settings requires an approval from a second administrator. Solution ?
View Question & Answer ➔
Which AWS monitoring tool allows you to perform complex, interactive analytics and SQL-based queries across millions of log records from various sources like CloudTrail, VPC Flow Logs, and application logs?
View Question & Answer ➔
An organization wants to implement 'Compliance as Code' and wants to ensure that any new EC2 instance created in their account is automatically checked for unauthorized open ports. Which service handles this automated setup?
View Question & Answer ➔
To improve the performance of your web application for users worldwide, you decide to use a managed 'Service' that provides content caching at edge locations and can protect against DDoS attacks. Solution ?
View Question & Answer ➔
An organization is using AWS Systems Manager to collect logs from thousands of EC2 instances. They want to set up an alert that triggers whenever the 'CPU utilization' of any instance stays above 90% for more than 5 minutes. What type of alert should they create?
View Question & Answer ➔
Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?
View Question & Answer ➔
To protect your AWS resources from being accessed by unauthorized users from the internet, you want to implement a solution that requires 'Multi-Factor Authentication' (MFA) and restricts access based on the user's source IP address. Which identity feature should you use?
View Question & Answer ➔
An organization wants to move their legacy .NET applications to AWS with minimal code changes. They want a managed platform that handles OS patching, scaling, and provides easy integration with active directory. Which service should they choose?
View Question & Answer ➔
How can you securely store and retrieve database connection strings in AWS so they are not hardcoded in your application's source code or configuration files?
View Question & Answer ➔
Your organization wants to optimize the cost of their dev/test environments. They want to ensure that all EC2 instances are automatically shut down at 6 PM and restarted at 8 AM daily. Which AWS Systems Manager feature handles this?
View Question & Answer ➔
An organization wants to analyze the network topology of their massive multi-account AWS environment. They want a visualization that shows how traffic is flowing between their VPCs, Transit Gateways, and Peering connections. Which tool should they use?
View Question & Answer ➔
Which AWS security service uses machine learning to identify data exfiltration patterns or unauthorized logins by analyzing VPC Flow Logs, CloudTrail, and DNS logs across your entire AWS organization?
View Question & Answer ➔
Scenario: To minimize the risk of a single engineer making a catastrophic change, you want to ensure that any change to the 'IAM Policies' in production requires an approval from a second administrator in a ticket management system. Solution ?
View Question & Answer ➔
Your organization wants to automatically revert an AWS CloudFormation stack update if an 'HTTP 5xx' error spike is detected in the application's ELB metrics during the update. Which CloudFormation feature should be configured?
View Question & Answer ➔
An organization wants to implement 'Self-Healing' for their EC2 instances that are running in a private subnet. They want to ensure that if the 'StatusCheckFailed_System' metric triggers, the instance is automatically recovered with the same IP and metadata. Which service handles this?
View Question & Answer ➔
Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?
View Question & Answer ➔
In an SRE model, you want to track the 'Error Budget' for your microservices. Which tool provides the best aggregation of Service Level Indicators (SLIs) like latency and error rate to compute your SLO compliance?
View Question & Answer ➔
Your organization wants to automate the response to an 'Unauthorized EC2 Instance Termination' event detected via CloudTrail. They want to receive a notification and automatically launch a replacement instance. Which AWS service is best for orchestrating this response?
View Question & Answer ➔
To minimize the 'Blast Radius' of a potential compromise in a CI/CD pipeline, an architect recommends using 'Dynamic Credentials' for the build environment (CodeBuild). How can this be implemented?
View Question & Answer ➔
Which AWS service allows you to centrally manage and evaluate the configurations of your AWS resources across multiple accounts and regions, providing a 'Compliance Timeline' for each resource?
View Question & Answer ➔
Scenario: You are building a serverless data pipeline and want to ensure that if a Lambda function fails more than 3 times, the event is automatically sent to an SQS queue for manual investigation. Solution ?
View Question & Answer ➔
Which AWS security service can automatically detect 'Publicly Accessible' S3 buckets in your organization and trigger a Lambda function to immediately remove the public permission?
View Question & Answer ➔
To improve the performance and cost of your application which has unpredictable traffic spikes, you want to use an Auto Scaling policy that proactively scales capacity based on historical patterns. Which feature of ASG should you choose?
View Question & Answer ➔
Which AWS tool provides a 'No-Code' experience to identify and troubleshoot operational issues across all your AWS resources by aggregating alerts from CloudWatch, Config, and CloudTrail?
View Question & Answer ➔
An organization wants to analyze the performance of their SQL queries in Amazon Aurora to identify the slowest queries and see execution plans. Which feature of RDS provides this insight?
View Question & Answer ➔
A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?
View Question & Answer ➔
To protect against an entire regional outage, an architect decides to maintain a 'Pilot Light' DR strategy where the database is continuously replicated to a secondary region. Which AWS service facilitates this database replication for Amazon RDS?
View Question & Answer ➔
Which AWS service allows you to centrally manage and automate security configuration checks for your enterprise using a set of best-practice 'Conformance Packs' and policies?
View Question & Answer ➔
To automate the creation of hundreds of AWS accounts for different departments, an organization wants to use a service that provides a 'Landing Zone' and automatically applies governance guardrails. Which service should they use?
View Question & Answer ➔
Scenario: You want to ensure that any change to a production stack in CloudFormation triggers a Slack notification to your SRE team. Solution ?
View Question & Answer ➔
Which AWS tool provides a 'Health Dashboard' that alerts you to AWS infrastructure issues that might affect your specifically deployed resources (e.g., an underlying hardware failure on a specific host)?
View Question & Answer ➔
An organization following SRE principles wants to implement 'Canary' monitoring for their web endpoints to track user-experience metrics like Page Load Time from different global locations. Which service provides this feature?
View Question & Answer ➔
To improve the security and performance of a large fleet of web servers which spend most of their time processing HTTP requests, an organization decides to switch to ARM64-based virtual machines. Which AWS VM series should they choose?
View Question & Answer ➔
Which AWS security service allows you to perform automated security assessment of your EC2 instances to identify 'Network Reachability' and 'Host Vulnerabilities' (CVEs)?
View Question & Answer ➔
Scenario: To minimize the risk of a misconfiguration during a CloudFormation deployment, you want to ensure that a 'Stack Update' is automatically rolled back if a specific 'Wait Condition' is not met within 30 minutes. Solution ?
View Question & Answer ➔
You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?
View Question & Answer ➔
Which AWS service allows you to centrally manage and distribute 'Docker Images' across your organization and provides built-in vulnerability scanning for these images?
View Question & Answer ➔
To improve the performance and cost of a large fleet of virtual machines that are running MongoDB workloads, an organization decides to switch to 'NVMe-based' storage. Which EC2 instance series should they choose?
View Question & Answer ➔
Which AWS service provides a managed 'ETL' (Extract, Transform, Load) solution that can automatically discover and catalog metadata from your data lake in S3 and transform it for analysis?
View Question & Answer ➔
To automate the deployment of a serverless application consisting of dozens of Lambda functions and DynamoDB tables, which AWS CLI extension (or tool) should you use?
View Question & Answer ➔
An organization wants to track the 'Cost per Microservice' in their Kubernetes cluster running on Amazon EKS. Which feature or tool provides this granular cost visibility?
View Question & Answer ➔
Which AWS service provides a 'No-Code' experience to identify and troubleshoot operational issues across all your AWS resources by aggregating alerts from CloudWatch, Config, and CloudTrail?
View Question & Answer ➔
An organization wants to perform 'Stress Testing' on their EC2 fleet by simulating a network outage or instance failure to verify their system's resilience. Which AWS service provides these managed 'Fault Injection' capabilities?
View Question & Answer ➔
To improve the performance of an application which has highly variable traffic, you want to scale your EC2 fleet based on a custom metric like 'Number of messages in SQS queue'. How should you configure this?
View Question & Answer ➔
Which AWS security service allows you to automatically detect 'Sensitive Data' (like PII or credit card numbers) in your S3 buckets at scale?
View Question & Answer ➔

Page 1 of 3Next →

devops engineer professional Practice Questions

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Your team is using AWS CodePipeline to deploy a multi-account application. You want to ensure that a production deployment only occurs if a security scan (SAST) in the staging account passes. How can you implement this cross-account approval and gating mechanism?

An organization wants to implement 'Blue/Green' deployments for their Application Load Balancer-based ECS service. They want to use AWS CodeDeploy to automate the traffic shifting. Which deployment configuration should they use for a zero-downtime, safe transition?

To ensure that all CloudFormation templates deployed across an organization follow security best practices (e.g., no public S3 buckets), which feature of AWS CloudFormation should be used to intercept and validate resource creation?

Your organization wants to automate the patching of thousands of EC2 instances across multiple regions and accounts. They want to ensure that if a patch fails on more than 10% of the fleet, the process stops immediately. Which AWS Systems Manager feature handles this?

To implement a Canary deployment for an AWS Lambda function, you decide to use 'Lambda Aliases' and 'Traffic Shifting'. Which AWS service can automate this process and roll back if CloudWatch Alarms are triggered?

An organization wants to centrally manage and share 'CloudFormation Templates' with their developers as 'Products' in a catalog, ensuring that only approved architectures are used. Which service provides this?

Which AWS service allows you to record, audit, and evaluate the configurations of your AWS resources over time, and automatically trigger 'Remediation' actions if a resource becomes non-compliant?

To monitor the health of a complex microservices application and identify performance bottlenecks across multiple AWS services (Lambda, DynamoDB, SQS), which distributed tracing service should you implement?

Your organization wants to implement 'Infrastructure as Code' for their multi-account AWS environment. They want to use a tool that allow them to deploy CloudFormation stacks into hundreds of accounts and across multiple regions with a single operation. Which feature should they use?

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

You need to grant developers read-only access to Amazon S3 buckets without giving them access to other services. What's the best approach using AWS IAM?

Scenario: To minimize the downtime during a database schema update for a high-traffic application, you want to use a deployment strategy that creates a second, identical environment and swaps the DNS once the new version is verified. Solution ?

An organization wants to implement a 'GitOps' workflow where their Kubernetes cluster configurations (running in EKS) are automatically synchronized with a Git repository. Which AWS service (or integration) facilitates this continuous delivery for EKS?

Which AWS Systems Manager feature allows you to securely store and manage sensitive information like database passwords and API keys, providing integration with CloudFormation and IAM for access control?

To implement a self-healing architecture for an EC2 fleet, you want to ensure that any instance failing a 'System Health Check' is automatically replaced. Which AWS feature handles this native recovery?

An organization following SRE (Site Reliability Engineering) principles wants to measure the 'Error Budget' of their application. They need to track the percentage of successful requests over a 30-day window. Which CloudWatch feature should they use?

Which AWS service provides a managed 'Jenkins-like' build environment that scales automatically, supports custom Docker images, and scales down to zero when not in use?

To protect a mission-critical web application from 'SQL Injection' and 'Cross-Site Scripting' (XSS) attacks in a CI/CD pipeline, where should AWS WAF rules be applied for the earliest detection?

Which AWS tool allows you to visually design and automate complex serverless workflows (e.g., image processing with multiple Lambda functions) using a drag-and-drop interface?

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

An organization wants to ensure that all their S3 buckets are 'Private' and encrypted. They want to receive an alert whenever a bucket is created that doesn't meet these requirements. Which AWS service provides these continuous compliance checks?

Scenario: To minimize the risk of a misconfiguration during a CloudFormation deployment, you want to see exactly which resources will be created, modified, or deleted before you commit the changes. Solution ?

An organization wants to automate the analysis of their application logs to detect 'Anomaly' patterns (e.g., sudden spike in 5XX errors) that might indicate a budding issue. Which CloudWatch feature provides this AI-based detection?

Which AWS service allows you to centrally manage the 'Software Licenses' for your EC2 instances and on-premises servers to ensure compliance and avoid over-provisioning?

To implement a 'Secret Rotation' workflow for an Amazon RDS database password, which AWS service provides built-in templates and Lambda integration to automatically update the password every 30 days?

An organization wants to run their massive Big Data analytics workload using Amazon EMR. They want to ensure that if a data node fails, it is automatically replaced without impacting the active Spark jobs. Which EMR feature handles this?

Which AWS tool provides a 'Developer Dashboard' that aggregates logs, metrics, and deployment status from multiple AWS services (Lambda, ECS, EKS) in a single unified view?

Scenario: To minimize the risk of a 'Deployment Failure' due to a script error, you want to ensure that your CodeDeploy deployment automatically rolls back if a specific CloudWatch alarm is triggered during the deployment. Solution ?

Which AWS networking service allows you to create a secure, high-performance 'Mirror' of your VPC traffic and send it to an IDS/IPS appliance for deep packet inspection without impacting the main traffic flow?

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

An organization wants to implement 'Governance as Code' and wants to ensure that any new AWS account created under their organization automatically has a specific set of CloudWatch Alarms and IAM roles. Which feature handles this?

Which AWS service allows you to capture and analyze the HTTP(S) requests made to your web applications to debug performance bottlenecks and visualize the service dependencies in a 'Service Map'?

An organization is using AWS CodePipeline to deploy their serverless application. They want to ensure that a 'Integration Test' stage runs against a temporary 'Prview' environment before deploying to production. Which service should they use to manage these ephemeral environments?

Scenario: To minimize the latency for users worldwide, you decide to use a managed 'API Gateway' that provides 'Edge-optimized' endpoints with built-in DDoS protection. Solution ?

Your team needs to provision a resource that is not natively supported by AWS CloudFormation (e.g., a 3rd-party SaaS configuration). Which CloudFormation feature allows you to write custom logic in a Lambda function to handle the creation, update, and deletion of this resource?

An organization wants to ensure that all their EC2 instances have the latest security patches installed within 48 hours of release. They need a managed service that can scan, report, and automatically apply patches without manual intervention. Which AWS service fits?

To monitor the deployment of a new application version in CodeDeploy, you want to ensure that if the '5XX Error' metric for your ALB exceeds 5% during the deployment, the process is aborted. How can you automate this?

Your organization wants to transition from a manual 'Release Management' process to a fully automated CI/CD pipeline. They want to use an AWS service that provides a unified dashboard to visualize the entire workflow from source code change to production deployment. Which service should they use?

An organization following a 'Multi-account' strategy wants to ensure that all their CloudFormation templates use a specific version of a shared library (Lambda Layer). Which service should they use to share and govern these approved resources across accounts?

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

An organization wants to implement 'Zero-Downtime' updates for their Amazon RDS instances during maintenance windows. They want to ensure that the standby instance takes over with minimal interruption. Which RDS feature should they enable?

Your team is using AWS CodePipeline to deploy their application. They want to ensure that a 'Integration Test' stage runs against a temporary 'Preview' environment before deploying to production. Which service should they use to manage these ephemeral environments?

An organization wants to analyze their AWS environment for security vulnerabilities like 'Open SSH ports' or 'Over-privileged IAM roles' and wants to receive a 'Security Score' with actionable recommendations. Which service provides this integrated assessment?

Your organization wants to use 'AWS Proton' to manage infrastructure for their serverless microservices. They want to ensure that when a developer updates a 'Service Template', it automatically triggers an update for all 'Service Instances'. How is this automated?

To improve the performance of a high-traffic web application, you want to use 'AWS Global Accelerator' to route traffic to the closest healthy endpoint. How does Global Accelerator handle health checks?

Which AWS security service can automatically detect 'Suspicious API calls' (e.g., from an unknown IP address or a known malicious source) by analyzing your account's CloudTrail logs?

Your team wants to implement 'Blue/Green' deployment for their Lambda functions. They want to shift 10% of traffic to the new version every 10 minutes. Which CodeDeploy deployment configuration should they use?

An organization following SRE principles wants to measure the 'Error Budget' of their application. They need to track the percentage of successful requests over a 30-day window. Which CloudWatch feature should they use?

To ensure that all EC2 instances launched in your AWS account have a specific 'Tag' (e.g., Owner) and an 'IAM Role' attached, which combination of services should you use to automate the audit and remediation?

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

To protect a mission-critical web application from 'Botnets' and 'L7 DDoS' attacks, you want to implement a solution that identifies sophisticated bot traffic patterns and blocks them before they reach your origin. Which service should you choose?

An organization wants to run their massive Big Data analytics workload using Amazon EMR. They want to ensure they don't over-pay for capacity during periods of low activity. Which EMR feature automatically adjusts the number of nodes in the cluster?

You are hosting a globally distributed application that requires a single static entry point to route users to the closest healthy region. The application uses HTTP/HTTPS traffic and requires SSL termination and WAF protection. Solution ?

Which AWS security service allows you to automatically rotate your database passwords every 30 days and provides a managed way to inject these secrets into your Lambda functions without human intervention?

An organization following 'Infrastructure as Code' principle wants to ensure that any change to the production environment's 'Config' settings requires an approval from a second administrator. Solution ?

Which AWS monitoring tool allows you to perform complex, interactive analytics and SQL-based queries across millions of log records from various sources like CloudTrail, VPC Flow Logs, and application logs?

An organization wants to implement 'Compliance as Code' and wants to ensure that any new EC2 instance created in their account is automatically checked for unauthorized open ports. Which service handles this automated setup?

To improve the performance of your web application for users worldwide, you decide to use a managed 'Service' that provides content caching at edge locations and can protect against DDoS attacks. Solution ?

An organization is using AWS Systems Manager to collect logs from thousands of EC2 instances. They want to set up an alert that triggers whenever the 'CPU utilization' of any instance stays above 90% for more than 5 minutes. What type of alert should they create?

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

To protect your AWS resources from being accessed by unauthorized users from the internet, you want to implement a solution that requires 'Multi-Factor Authentication' (MFA) and restricts access based on the user's source IP address. Which identity feature should you use?

An organization wants to move their legacy .NET applications to AWS with minimal code changes. They want a managed platform that handles OS patching, scaling, and provides easy integration with active directory. Which service should they choose?

How can you securely store and retrieve database connection strings in AWS so they are not hardcoded in your application's source code or configuration files?

Your organization wants to optimize the cost of their dev/test environments. They want to ensure that all EC2 instances are automatically shut down at 6 PM and restarted at 8 AM daily. Which AWS Systems Manager feature handles this?

An organization wants to analyze the network topology of their massive multi-account AWS environment. They want a visualization that shows how traffic is flowing between their VPCs, Transit Gateways, and Peering connections. Which tool should they use?

Which AWS security service uses machine learning to identify data exfiltration patterns or unauthorized logins by analyzing VPC Flow Logs, CloudTrail, and DNS logs across your entire AWS organization?

Scenario: To minimize the risk of a single engineer making a catastrophic change, you want to ensure that any change to the 'IAM Policies' in production requires an approval from a second administrator in a ticket management system. Solution ?

Your organization wants to automatically revert an AWS CloudFormation stack update if an 'HTTP 5xx' error spike is detected in the application's ELB metrics during the update. Which CloudFormation feature should be configured?

An organization wants to implement 'Self-Healing' for their EC2 instances that are running in a private subnet. They want to ensure that if the 'StatusCheckFailed_System' metric triggers, the instance is automatically recovered with the same IP and metadata. Which service handles this?

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

In an SRE model, you want to track the 'Error Budget' for your microservices. Which tool provides the best aggregation of Service Level Indicators (SLIs) like latency and error rate to compute your SLO compliance?

Your organization wants to automate the response to an 'Unauthorized EC2 Instance Termination' event detected via CloudTrail. They want to receive a notification and automatically launch a replacement instance. Which AWS service is best for orchestrating this response?

To minimize the 'Blast Radius' of a potential compromise in a CI/CD pipeline, an architect recommends using 'Dynamic Credentials' for the build environment (CodeBuild). How can this be implemented?

Which AWS service allows you to centrally manage and evaluate the configurations of your AWS resources across multiple accounts and regions, providing a 'Compliance Timeline' for each resource?

Scenario: You are building a serverless data pipeline and want to ensure that if a Lambda function fails more than 3 times, the event is automatically sent to an SQS queue for manual investigation. Solution ?

Which AWS security service can automatically detect 'Publicly Accessible' S3 buckets in your organization and trigger a Lambda function to immediately remove the public permission?

To improve the performance and cost of your application which has unpredictable traffic spikes, you want to use an Auto Scaling policy that proactively scales capacity based on historical patterns. Which feature of ASG should you choose?

Which AWS tool provides a 'No-Code' experience to identify and troubleshoot operational issues across all your AWS resources by aggregating alerts from CloudWatch, Config, and CloudTrail?