1,546 questions with instant explanations, domain breakdown, and wrong-answer analysis. Built for the real exam.
This is exactly what you see during practice — question, options, and a full explanation after you answer.
A company uses AWS CloudTrail to log API calls across all regions. The SysOps administrator notices that logs for a specific region are missing from the centralized S3 bucket. What is the most likely cause?
CloudTrail trails can be configured to log API calls from specific regions or all regions. If logs for a particular region are missing from the centralized S3 bucket, the most likely cause is that the trail was not enabled for that region during trail creation or update. By defau…Read full explanation
A team uses AWS CodeDeploy with a deployment configuration of CodeDeployDefault.OneAtATime to deploy a web application to an Auto Scaling group. Instances are behind an Application Load Balancer. The deployment fails with 'The overall deployment failed because too many individual instances failed deployment.' What is the most likely cause?
The deployment fails because the health check grace period on the Auto Scaling group is too short. When CodeDeploy deploys one instance at a time (CodeDeployDefault.OneAtATime), the instance is taken out of service, updated, and then returned to the load balancer. If the grace pe…Read full explanation
An organization requires that all Amazon S3 buckets be encrypted at rest by default. A SysOps administrator needs to enforce this using AWS Config. Which AWS Config managed rule should be used?
The AWS Config managed rule `s3-bucket-encryption-enabled` checks whether S3 buckets have default encryption enabled (SSE-S3, SSE-KMS, or SSE-C). This directly enforces the requirement that all buckets are encrypted at rest by default, as it evaluates each bucket's encryption con…Read full explanation
Answer at your own pace. Explanation and domain tag shown immediately after each answer.
Countdown timer starts immediately. Results and domain scores shown at the end — just like the real exam.
Full explanations on every question
Not just the right answer — you get exactly why each wrong option is wrong, so you learn the concept, not the answer.
Domain score breakdown
After each session see your score by exam domain so you know exactly where to focus study time.
100% free, forever
No subscription, no trial, no email wall. Start a session in under 10 seconds.
Exam-style questions
Scenario-based, precise wording, realistic distractors — written to match what you actually see on exam day.