AWS CCP Exam Questions & Answers
2023/2024
What are the five key characteristics of cloud computing? - ANSWER-On demand, self-service
broad network access
resource pooling
rapid elasticity
measured service
What is the AWS global infrastructure? - ANSWER-The most secure, extensive, and reliable cloud
platform.
What are the four types of cloud computing deployment models? - ANSWER-On premise, IaaS, SaaS,
PaaS
What is a region? - ANSWER-A geographical area with 2 or more AZ's, isolated from other AWS regions
What is an availability zone? - ANSWER-One or more data centers that are physically separated and
isolated from other az's
What is a global network? - ANSWER-Highly available, low-latency private global network
interconnecting every data center, AZ, and AWS region.
What is a regional edge cache? - ANSWER-Part of the cloudfront network. These are larger caches that
sit between AWS services and Edge locations.
What is an Edge location? - ANSWER-A location with a cache of content that can be delivered at low-
latency to users- used by cloudfront.
, What are the three options for paying in reservations? - ANSWER-No upfront, partial upfront, and all
upfront
What are the AWS pricing fundementals? - ANSWER-Compute, Storage, Outbound data transfer.
What are the four AWS pricing models? - ANSWER-On-demand, dedicated instances, spot instances, and
reservations
What are the best practices for root accounts? - ANSWER-Don't use the root credentials, Don't share the
root user credentials, create an IAM user and assign administrative permissions as required, enable
multi-factor authentication (MFA)
What does an ARN do for a user? - ANSWER-Uniquely identifies the user across AWS
How do understand, test, and validate the effects of access control policies? - ANSWER-Using the IAM
Policy Simulator.
What are the 3 authentication methods? - ANSWER-Access key, password, and signing certificate
When should you use IAM? - ANSWER-Only to support HTTPS connections in a region that is not
supported by ACM
What is the AWS Security Token Service? - ANSWER-A web service that enables you to request,
temporary, limited-privilege credentials for IAM users or for users that you authenticate.
What are the IAM best practices? - ANSWER-Lock away the AWS root user access keys, create individual
IAM users, use AWS defined policies to assign permissions whenever possible, use groups to assign
permissions to IAM users, grant least privilege, user access levels to review IAM permissions, configure a
strong password policy for users, enable MFA, use roles for applications that run on AWS EC2 instances,
delegate by using roles instead of sharing credentials, rotate credentials regularly, remove unnecessary
credentials, use policy conditions for extra security, monitor activity in your AWS account.
What is an EC2 Isntance? - ANSWER-An instance is an individual virtual server
2023/2024
What are the five key characteristics of cloud computing? - ANSWER-On demand, self-service
broad network access
resource pooling
rapid elasticity
measured service
What is the AWS global infrastructure? - ANSWER-The most secure, extensive, and reliable cloud
platform.
What are the four types of cloud computing deployment models? - ANSWER-On premise, IaaS, SaaS,
PaaS
What is a region? - ANSWER-A geographical area with 2 or more AZ's, isolated from other AWS regions
What is an availability zone? - ANSWER-One or more data centers that are physically separated and
isolated from other az's
What is a global network? - ANSWER-Highly available, low-latency private global network
interconnecting every data center, AZ, and AWS region.
What is a regional edge cache? - ANSWER-Part of the cloudfront network. These are larger caches that
sit between AWS services and Edge locations.
What is an Edge location? - ANSWER-A location with a cache of content that can be delivered at low-
latency to users- used by cloudfront.
, What are the three options for paying in reservations? - ANSWER-No upfront, partial upfront, and all
upfront
What are the AWS pricing fundementals? - ANSWER-Compute, Storage, Outbound data transfer.
What are the four AWS pricing models? - ANSWER-On-demand, dedicated instances, spot instances, and
reservations
What are the best practices for root accounts? - ANSWER-Don't use the root credentials, Don't share the
root user credentials, create an IAM user and assign administrative permissions as required, enable
multi-factor authentication (MFA)
What does an ARN do for a user? - ANSWER-Uniquely identifies the user across AWS
How do understand, test, and validate the effects of access control policies? - ANSWER-Using the IAM
Policy Simulator.
What are the 3 authentication methods? - ANSWER-Access key, password, and signing certificate
When should you use IAM? - ANSWER-Only to support HTTPS connections in a region that is not
supported by ACM
What is the AWS Security Token Service? - ANSWER-A web service that enables you to request,
temporary, limited-privilege credentials for IAM users or for users that you authenticate.
What are the IAM best practices? - ANSWER-Lock away the AWS root user access keys, create individual
IAM users, use AWS defined policies to assign permissions whenever possible, use groups to assign
permissions to IAM users, grant least privilege, user access levels to review IAM permissions, configure a
strong password policy for users, enable MFA, use roles for applications that run on AWS EC2 instances,
delegate by using roles instead of sharing credentials, rotate credentials regularly, remove unnecessary
credentials, use policy conditions for extra security, monitor activity in your AWS account.
What is an EC2 Isntance? - ANSWER-An instance is an individual virtual server
