New 2025 Cloud-Deployment-and-Operations exam questions Welcome to download the newest TestSimulate Cloud-Deployment-and-Operations PDF dumps (70 Q&As)

P.S. Free 2025 Courses and Certificates Cloud-Deployment-and-Operations dumps are available on Google Drive shared by TestSimulate

NEW QUESTION # 30
(A company stores critical data on general-purpose Amazon EBS volumes. The company can only tolerate the loss of up to one hour of data. Which solution should be used to protect data from loss?)

• A. Switch to Block Express volume type
• B. Replace existing volumes with local storage
• C. Schedule automated volume snapshots using CloudWatch Events
• D. Enable automated volume backups in Cloud Control

Answer: C

Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
To protect critical data on EBS volumes with a maximum tolerable data loss of one hour, the company should schedule automated volume snapshots using CloudWatch Events. Snapshots capture the state of the volume at a point in time, and regular scheduling (e.g., every hour) ensures data loss is limited to the snapshot interval.
The WGU Cloud Deployment and Operations Study Guide (Section 7.3, EBS and Snapshots) states,
"Automated EBS snapshots can be scheduled using CloudWatch Events rules to create backups at defined intervals, ensuring an RPO of one hour by capturing volume data regularly." Local storage, Cloud Control backups, and Block Express are not viable solutions for this automated snapshot requirement.

NEW QUESTION # 31
(An administrator needs to deploy a NAT gateway in an existing VPC subnet. Which two tasks should this administrator perform during deployment? Choose 2 answers.)

• A. Configure the access control list associated with the subnet
• B. Assign a private IP address to the NAT gateway
• C. Configure the route table associated with the subnet
• D. Assign an elastic IP address to the NAT gateway

Answer: C,D

Explanation:
To deploy a NAT gateway in an existing VPC subnet, the administrator must assign an elastic IP address to the NAT gateway for public internet access and configure the route table associated with the subnet to route traffic through the NAT gateway. The WGU Cloud Deployment and Operations Study Guide (Section 3.2, NAT Gateway) states, "Deployment of a NAT gateway requires an elastic IP address for outbound internet connectivity and a route table update to direct private subnet traffic to the NAT gateway (e.g., 0.0.0.0/0 via NAT)." Private IP assignment and ACL configuration are not required steps.

NEW QUESTION # 32
(A company builds an application that renders 3D movies for its users. The application does this by spawning a fleet of instances that each take a slice of the workload and then render a few hundred frames in around 30 minutes. If processing on a node is interrupted, the work can be moved to other running nodes. The cost to users is based on the underlying AWS cost plus a margin. Which EC2 instance type is most suitable to run workload pattern at the lowest cost?)

• A. Reserved Instance
• B. Spot Instance
• C. Dedicated Instance
• D. On-Demand Instance

Answer: B

Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
Spot Instances are the most suitable EC2 instance type for this workload pattern, offering the lowest cost for short, interruptible tasks like 3D rendering, where work can be redistributed if interrupted. This aligns with the company's cost-plus pricing model. The WGU Cloud Deployment and Operations Study Guide (Section
7.3, EC2 Instance Types) states, "Spot Instances provide significant cost savings (up to 90% off On-Demand) for fault-tolerant, short-term workloads like rendering, where interruptions can be handled by redistributing tasks to other nodes." On-Demand, Dedicated, and Reserved Instances are more expensive and less flexible for this use case.

NEW QUESTION # 33
(A company has the following disaster recovery requirements: The loss of up to three hours of data is acceptable. Services must be restored within one hour of failure. Which recovery characteristics will allow the company to meet the requirements?)

• A. RPO 1 hour, RTO 2 hours
• B. RPO 2 hours, RTO 1 hour
• C. RPO 4 hours, RTO 1 hour
• D. RPO 1 hour, RTO 4 hours

Answer: C

Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
Recovery Point Objective (RPO) measures the maximum acceptable data loss, while Recovery Time Objective (RTO) measures the maximum acceptable downtime. The company requires an RPO of up to 3 hours (acceptable data loss) and an RTO of 1 hour (service restoration time). The correct option is RPO 4 hours, RTO 1 hour, as it meets the RPO requirement (allowing up to 3 hours of data loss is within 4 hours) and satisfies the RTO of 1 hour. The WGU Cloud Deployment and Operations Study Guide (Section 8.1, Disaster Recovery) states, "RPO defines the maximum data loss tolerance (e.g., 3 hours), and RTO defines the maximum downtime (e.g., 1 hour); a configuration of RPO 4 hours and RTO 1 hour aligns with these thresholds." Other options fail to meet both criteria simultaneously.

NEW QUESTION # 34
(What is used to change stacks across multiple accounts and Regions in a single operation?)

• A. Nested stacks
• B. StackInstance
• C. Stack policies
• D. StackSets

Answer: D

Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
StackSets are used to change stacks across multiple AWS accounts and regions in a single operation, enabling centralized management of infrastructure deployments. StackSets allow administrators to create, update, or delete stacks consistently across specified accounts and regions. The WGU Cloud Deployment and Operations Study Guide (Section 5.4, StackSets) states, "StackSets provide the capability to manage and update stacks across multiple accounts and regions with a single operation, streamlining multi-region deployments." StackInstance, nested stacks, and stack policies do not support this multi-account, multi-region functionality.

NEW QUESTION # 35
(Which action must be used to create a metric filter in the Amazon CloudWatch console?)

• A. Select a log group
• B. Specify a stream
• C. Enable an alarm
• D. Define a trace

Answer: A

Explanation:
To create a metric filter in the Amazon CloudWatch console, the first step is to select a log group from which the log data will be analyzed. A log group contains log streams, and metric filters are applied to the log data within these groups to extract metrics based on patterns. The WGU Cloud Deployment and Operations Study Guide (Section 4.2, CloudWatch Logs) specifies that the process begins by navigating to the CloudWatch console, selecting a log group, and then defining the filter pattern. Actions like enabling an alarm, defining a trace, or specifying a stream are subsequent or unrelated steps.

NEW QUESTION # 36
(Which AWS solution can be used to send events from Shopify?)

• A. IoT Events
• B. EventBridge
• C. Service events
• D. CloudTrail events

Answer: B

Explanation:
Amazon EventBridge is the AWS solution that can be used to send events from external sources like Shopify.
EventBridge supports integration with third-party applications through its event bus, allowing custom events (e.g., from Shopify via webhooks) to be ingested and routed to AWS services or targets. The WGU Cloud Deployment and Operations Study Guide (Section 4.3, EventBridge) notes that EventBridge is designed for event ingestion from SaaS applications, making it suitable for Shopify integration. CloudTrail, IoT Events, and Service events are not designed for this purpose.

NEW QUESTION # 37
(What should be configured in Systems Manager to set the error threshold for automation documents?)

• A. Rate control
• B. Resource group
• C. Session preferences
• D. Maintenance windows

Answer: A

Explanation:
In AWS Systems Manager, the error threshold for automation documents is configured using rate control.
Rate control allows administrators to define the maximum number of errors or concurrent executions that can occur before an automation task is throttled or stopped, ensuring system stability. The WGU Cloud Deployment and Operations Study Guide (Section 5.1, Systems Manager Automation) explicitly states, "Rate control settings in Automation documents can be used to specify the maximum number of errors allowed during execution, helping to manage error thresholds effectively." Resource groups, session preferences, and maintenance windows do not directly address error thresholds.

NEW QUESTION # 38
(A company has deployed an application to AWS and a standby instance to its on-premises data center. The on-premises infrastructure is a scaled-down version of the AWS infrastructure. Which routing policy in Route
53 will allow the company to send 75% of the load to AWS and the remaining 25% to its on-premises infrastructure?)

• A. Simple routing policy
• B. Geolocation routing policy
• C. Weighted routing policy
• D. Failover routing policy

Answer: C

Explanation:
The weighted routing policy in Amazon Route 53 allows the company to distribute traffic with specific percentages, such as 75% to AWS and 25% to the on-premises infrastructure, by assigning weights to each resource record. This enables load balancing across hybrid environments. The WGU Cloud Deployment and Operations Study Guide (Section 3.1, Route 53 Routing Policies) states, "Weighted routing policy assigns weights to resource record sets (e.g., 75 for AWS, 25 for on-premises), controlling the percentage of traffic directed to each endpoint." Geolocation, failover, and simple policies do not support percentage-based traffic splitting.

NEW QUESTION # 39
(Which AWS solution can send email based on CloudWatch alarms?)

• A. Simple Queue Service (SQS)
• B. Kinesis
• C. Amplify
• D. Simple Notification Service (SNS)

Answer: D

Explanation:
Amazon CloudWatch alarms can trigger notifications when a metric breaches a defined threshold. The AWS solution designed to send emails based on these alarms is Amazon Simple Notification Service (SNS). SNS supports sending notifications via email, SMS, and other protocols when subscribed endpoints are triggered by CloudWatch alarms. The WGU Cloud Deployment and Operations Study Guide (Section 4.3, Monitoring and Alarms) states that SNS is the primary service for delivering notifications from CloudWatch, allowing users to configure emailsubscriptions for alarm states. Other options like SQS, Amplify, and Kinesis are not designed for this purpose.

NEW QUESTION # 40
(What needs to be configured in Systems Manager to run Automation documents on schedule?)

• A. Rate control
• B. Maintenance window
• C. Resource groups
• D. Session preferences

Answer: B

Explanation:
To run Automation documents on a schedule in AWS Systems Manager, a maintenance window must be configured. Maintenance windows define the time periods during which automated tasks, including the execution of Automation documents, can run. The WGU Cloud Deployment and Operations Study Guide (Section 5.2, Maintenance Windows) explains that maintenance windows are used to schedule and control the execution of Systems Manager tasks, ensuring they align with operational windows. Rate control, session preferences, and resource groups are not used for scheduling automation tasks.

NEW QUESTION # 41
(Which solution should be used to identify and shut down idle EC2 instances in an AWS account?)

• A. CloudWatch
• B. CloudTrail
• C. CloudSearch
• D. CloudFront

Answer: A

Explanation:
Comprehensive and Detailed Explanation From Exact Extract:
CloudWatch should be used to identify and shut down idle EC2 instances by monitoring metrics such as CPU utilization or network activity. Custom alarms can be set to trigger an AWS Lambda function or Systems Manager automation to terminate idle instances, optimizing costs. The WGU Cloud Deployment and Operations Study Guide (Section 4.1, CloudWatch Metrics) states, "CloudWatch can monitor EC2 instance metrics like CPUUtilization; an alarm can be configured to invoke a Lambda function to terminate idle instances, ensuring cost efficiency." CloudFront, CloudSearch, and CloudTrail are not designed for this monitoring and automation task.

NEW QUESTION # 42
(A company is using Route 53 for Domain Name System (DNS) hosting. The company requires a zone that should only be accessible from instances in a Virtual Private Cloud (VPC). Which type of hosted zone should be used?)

• A. Private Zone
• B. Lightsail DNS Zone
• C. Public Hosted Zone
• D. DNS Zone

Answer: A

Explanation:
A Private Hosted Zone in Amazon Route 53 should be used to restrict DNS resolution to instances within a Virtual Private Cloud (VPC), ensuring that the zone is only accessible internally. This isolates DNS services from public internet access. The WGU Cloud Deployment and Operations Study Guide (Section 3.1, Route 53 Hosted Zones) states, "A Private Hosted Zone in Route 53 limits DNS resolution to resources within a specified VPC, preventing external access and enhancing security for internal services." Public Hosted Zones, DNS Zones, and Lightsail DNS Zones do not provide this VPC-specific restriction.

NEW QUESTION # 43
(A company that uses five Elastic IP addresses does not want to request more from AWS. Which solution should be used to route requests to a healthy endpoint?)

• A. Use Systems Manager to update endpoints
• B. Edit the route table for the VPC
• C. Register a DNS name to an auto-assigned public IP address
• D. Adjust the TTL of the IP packets

Answer: C

Explanation:
To route requests to a healthy endpoint without requesting additional Elastic IP addresses, the company should register a DNS name to an auto-assigned public IP address using a service like Route 53. This leverages dynamic DNS to distribute traffic, reducing reliance on fixed EIPs. The WGU Cloud Deployment and Operations Study Guide (Section 3.1, Route 53) states, "Registering a DNS name with an auto-assigned public IP in Route 53 allows traffic routing to healthy instances, avoiding the need for additional Elastic IP addresses." TTL adjustment, route table edits, and Systems Manager are not relevant solutions.

NEW QUESTION # 44
(An administrator needs to create Systems Manager Automation documents to take action based on AWS Config rules. Which two file formats should be used? Choose 2 answers.)

• A. JSON
• B. CSV
• C. YAML
• D. XML

Answer: A,C

Explanation:
Systems Manager Automation documents can be created using JSON or YAML file formats to define workflows and actions based on AWS Config rules. These formats allow administrators to specify the steps and parameters for automation tasks, such as remediation actions triggered by Config rule evaluations. The WGU Cloud Deployment and Operations Study Guide (Section 5.1, Systems Manager Automation) states that both JSON and YAML are supported formats for writing Automation documents, providing flexibility in scripting automation logic. XML and CSV are not supported formats for this purpose.

NEW QUESTION # 45
(Which CloudWatch metric filter includes log events with the word ERROR but excludes log events with the word WARNING?)

• A. "ERROR" WARN
• B. ERROR -WARN
• C. ?ERROR ?WARN
• D. ERROR WARN

Answer: B

Explanation:
A metric filter in Amazon CloudWatch Logs can be used to search for specific terms in log data and create metrics based on the matches. To include log events with the word "ERROR" and exclude those with the word "WARNING," the correct syntax involves using a filter pattern with a positive match for "ERROR" and a negation for "WARNING." The correct pattern is "ERROR -WARN," where the minus sign (-) indicates exclusion of log events containing "WARN." According to the WGU Cloud Deployment and Operations Study Guide (Section 4.2, CloudWatch Logs), metric filters use a pattern-based syntax where terms are included or excluded using positive matches and the negation operator (-). This ensures that only logs with
"ERROR" and without "WARN" are processed into the metric.

NEW QUESTION # 46
......

Cloud-Deployment-and-Operations exam questions from TestSimulate dumps: https://www.testsimulate.com/Cloud-Deployment-and-Operations-study-materials.html (70 Q&As)