1. Question 1

What are the four main factors to consider when choosing a Region?

• ✅ Latency, price, service availability, and compliance

• ❌ Latency, high availability, taxes, and compliance

• ❌ Latency, taxes, speed, and compliance

• ❌ Latency, security, high availability, and resiliency

Explanation:
AWS recommends considering latency, cost, service availability, and compliance requirements when selecting a Region.

---

2. Question 2

Every action a user takes in AWS is an API call.

• ✅ True

• ❌ False

Explanation:
Console, CLI, SDK—everything internally triggers API calls.

---

3. Question 3

Relationship between Regions, AZs, and data centers

• ❌ Availability Zones are clusters of Regions. Regions are clusters of data centers.

• ❌ Data centers are cluster of Availability Zones. Regions are clusters of Availability Zones.

• ✅ Regions are clusters of Availability Zones. Availability Zones are clusters of data centers.

• ❌ Data centers are clusters of Regions. Regions are clusters of Availability Zones.

Explanation:
Region → multiple AZs → each AZ → multiple data centers.

---

4. Question 4

Benefit of cloud computing

• ❌ Run and maintain your own data centers.

• ❌ Increase time-to-market.

• ❌ Overprovision for scale.

• ✅ Go global in minutes.

Explanation:
Cloud lets you deploy globally within minutes.

---

5. Question 5

Manage AWS with CLI and automation

• ❌ AWS Management Console

• ✅ AWS Command Line Interface (AWS CLI)

• ❌ AWS SDKs

• ❌ AWS Management Console and AWS SDKs

Explanation:
CLI is designed for command-line access and automation.

---

6. Question 6

Best practice for securing root user

• ❌ Activate IAM access to billing

• ❌ Use root user for daily tasks

• ❌ Change account settings

• ✅ Enable multi-factor authentication (MFA)

Explanation:
AWS strongly recommends securing root with MFA and not using it for daily work.

---

7. Question 7

Use AWS after authenticating to corporate network (SSO scenario)

• ❌ Root user

• ❌ IAM user

• ✅ IAM Role

• ❌ IAM Group

Explanation:
Federated access uses roles that trusted identities assume.

---

8. Question 8

What can be found in an IAM policy?

• Effect

• Action

• Object

• ❌ Effect

• ❌ Action

• ❌ Object

• ✅ A and B (Effect + Action)

• ❌ B and C

Explanation:
IAM policies contain Effect, Action, Resource, and Condition. “Object” is not a component.

---

9. Question 9

IAM policies can restrict root user actions.

• ❌ True

• ✅ False

Explanation:
Root user cannot be restricted by IAM policies.

---

10. Question 10

AWS responsibility in shared responsibility model

• ❌ Controlling OS, platform, and customer data

• ❌ Managing customer data, encryption, and backups

• ✅ Managing hardware, software, networking, host OS, virtualization layers

• ❌ Managing customer-side encryption

Explanation:
AWS manages the security of the cloud.

---

11. Question 11

Recommended setup for many people using one AWS account

• ❌ All use root user

• ✅ Create IAM groups, assign permissions, add users or use roles

• ❌ Create IAM users with direct permissions

• ❌ Create one IAM user for everyone

Explanation:
Best practice is to use groups + least privilege.

---

12. Question 12

Customer is responsible for security in the cloud

• ✅ True

• ❌ False

Explanation:
Customer manages OS, patches, app security, IAM, data security—security in the cloud.

---

13. Question 13

Provides temporary credentials

• ❌ Principle of least privilege

• ✅ IAM role

• ❌ Identity provider

• ❌ IAM Identity Center

Explanation:
IAM roles provide temporary STS-based credentials.

---

14. Question 14

Networking component for private network

• ✅ Virtual private cloud (VPC)

• ❌ Instance

• ❌ Tags

• ❌ AMI

Explanation:
VPC is the logical isolated network in AWS.

---

🧾 Summary Table

---