- (Topic 1)
Which AWS service is a key-value database that provides sub-millisecond latency on a large scale?

1. A. Amazon DynamoDB
2. B. Amazon Aurora
3. C. Amazon DocumentDB (with MongoDB compatibility)
4. D. Amazon Neptune

Correct Answer: A
The correct answer is A because Amazon DynamoDB is a key-value database that provides sub-millisecond latency on a large scale. Amazon DynamoDB is a fully managed, serverless, and scalable NoSQL database service that supports both key- value and document data models. The other options are incorrect because they are not key-value databases. Amazon Aurora is a relational database that is compatible with MySQL and PostgreSQL. Amazon DocumentDB (with MongoDB compatibility) is a document database that is compatible with MongoDB. Amazon Neptune is a graph database that supports property graph and RDF models. Reference: Amazon DynamoDB FAQs

- (Topic 2)
Which AWS service requires the customer to patch the guest operating system?

1. A. AWS Lambda
2. B. Amazon OpenSearch Service
3. C. Amazon EC2
4. D. Amazon ElastiCache

Correct Answer: C
The AWS service that requires the customer to patch the guest operating system is Amazon EC2. Amazon EC2 is a service that provides scalable compute capacity in the cloud, and allows customers to launch and run virtual servers, called instances, with a variety of operating systems, configurations, and specifications. The customer is responsible for patching and updating the guest operating system and any applications that run on the EC2 instances, as part of the security in the cloud. AWS Lambda, Amazon
OpenSearch Service, and Amazon ElastiCache are not services that require the customer to patch the guest operating system. AWS Lambda is a serverless compute service that allows customers to run code without provisioning or managing servers. Amazon OpenSearch Service is a fully managed service that makes it easy to deploy, operate, and scale OpenSearch clusters in the AWS Cloud. Amazon ElastiCache is a fully managed service that provides in-memory data store and cache solutions, such as Redis and Memcached. These services are managed by AWS, and AWS is responsible for patching and updating the underlying infrastructure and software.

- (Topic 3)
A company is migrating its applications from on-premises to the AWS Cloud. The company wants to ensure that the applications are assigned only the minimum permissions that are needed to perform all operations.
Which AWS service will meet these requirements'?

1. A. AWS Identity and Access Management (IAM)
2. B. Amazon CloudWatch
3. C. Amazon Macie
4. D. Amazon GuardDuty

Correct Answer: A
AWS Identity and Access Management (IAM) is a service that helps you securely control access to AWS resources for your users. You use IAM to control who can use your AWS resources (authentication) and what resources they can use and in what ways (authorization). IAM also enables you to follow the principle of least privilege, which means granting only the permissions that are necessary to perform a task1. References: AWS Identity and Access Management (IAM) - AWS Documentation

- (Topic 3)
A company is planning to migrate to the AWS Cloud and wants to become more responsive to customer inquiries and feedback. The company wants to focus on organizational transformation.
A company wants to give its customers the ability to view specific data that is hosted in Amazon S3 buckets. The company wants to keep control over the full datasets that the company shares with the customers.
Which S3 feature will meet these requirements?

1. A. S3 Storage Lens
2. B. S3 Cross-Region Replication (CRR)
3. C. S3 Versioning
4. D. S3 Access Points

Correct Answer: D
S3 Access Points are a feature of Amazon S3 that allows you to easily manage access to specific data that is hosted in S3 buckets. S3 Access Points are unique hostnames that customers can use to access data in S3 buckets. You can create multiple access points for a single bucket, each with its own name and permissions. You can use S3 Access Points to provide different levels of access to different groups of customers, such as read-only or write-only access. You can also use S3 Access Points to enforce encryption or logging requirements for specific data. S3 Access Points help you keep control over the full datasets that you share with your customers, while simplifying the access management and improving the performance and scalability of your applications.

- (Topic 1)
An Availability Zone consists of:

1. A. one or more data centers in a single location.
2. B. two or more data centers in multiple locations.
3. C. one or more physical hosts in a single data center.
4. D. two or more physical hosts in multiple data centers.

Correct Answer: A
The correct answer is A because an Availability Zone consists of one or more data centers in a single location. An Availability Zone is an isolated location within an AWS Region that has independent power, cooling, and networking. Each Availability Zone has one or more data centers that host the physical servers and storage devices that run the AWS services. The other options are incorrect because they are not accurate descriptions of an Availability Zone. Two or more data centers in multiple locations are not an Availability Zone, but rather multiple Availability Zones within an AWS Region. One or more physical hosts in a single data center are not an Availability Zone, but rather the components of a data center within an Availability Zone. Two or more physical hosts in multiple data centers are not an Availability Zone, but rather the components of multiple data centers within one or more Availability Zones. Reference: [Regions, Availability Zones, and Local Zones]