CompTIA A+ is the industry standard for establishing a career in
IT.
CompTIA A+ certified professionals are proven problem solvers. They support
today’s core technologies from security to networking to virtualization and
more. CompTIA A+ is the industry standard for launching IT careers into today’s
digital world.
CompTIA A+ is the only industry recognized credential with performance testing
to prove pros can think on their feet to perform critical IT support tasks. It
is trusted by employers around the world to identify the go-to person in end
point management & technical support roles. CompTIA A+ appears in more tech
support job listings than any other IT credential.
The CompTIA A+ Core Series requires candidates to pass two exams: Core 1
(220-1101) and Core 2 (220-1102) covering the following new content, emphasizing
the technologies and skills IT pros need to support a hybrid workforce.
Increased reliance on SaaS applications for remote work
More on troubleshooting and how to remotely diagnose and correct common
software, hardware, or connectivity problems
Changing core technologies from cloud virtualization and IoT device security to
data management and scripting
Multiple operating systems now encountered by technicians on a regular basis,
including the major systems, their use cases, and how to keep them running
properly
Reflects the changing nature of the job role, where many tasks are sent to
specialized providers as certified personnel need to assess whether it’s best to
fix something on site, or to save time and money by sending proprietary
technologies directly to vendors
9 skills that you master and validate with CompTIA A+ artboard-6
HARDWARE Identifying, using, and connecting hardware components and devices,
including the broad knowledge about different devices that is now necessary to
support the remote workforce
artboard-7
OPERATING SYSTEMS Install and support Windows OS including command line & client support.
System configuration imaging and troubleshooting for Mac OS, Chrome OS, Android
and Linux OS.
artboard-5
SOFTWARE TROUBLESHOOTING Troubleshoot PC and mobile device issues including common OS, malware and
security issues.
artboard-8
NETWORKING Explain types of networks and connections including TCP/IP, WIFI and SOHO
artboard-19
TROUBLESHOOTING Troubleshoot real-world device and network issues quickly and efficiently
artboard-3
SECURITY Identify and protect against security vulnerabilities for devices and their
network connections
artboard-11
MOBILE DEVICES Install & configure laptops and other mobile devices and support
applications to ensure connectivity for end- users
artboard-13
VIRTUALIZATION & CLOUD COMPUTING Compare & contrast cloud computing concepts & set up client-side
virtualization
artboard-9
OPERATIONAL PROCEDURES Follow best practices for safety, environmental impacts, and communication
and professionalism
Jobs that use A+
Help Desk Tech Desktop Support Specialist
Field Service Technician
Help Desk Technician
Associate Network Engineer
System Support Technician
Junior Systems Administrator
CompTIA A+ 220-1101 (Core 1) and 220-1102 (Core 2)
Candidates must complete both 1101 and 1102 to earn certification. Exams
cannot be combined across the series. Launch Date : April 2022
Exam Description : CompTIA A+ 220-1101 covers mobile devices, networking
technology, hardware, virtualization and cloud computing.
Number of Questions : Maximum of 90 questions per exam
Length of Test : 90 Minutes per exam
Languages : English at launch. German, Japanese, Portuguese, Thai and Spanish
English at launch. German, Japanese, Portuguese, Thai and Spanish
Retirement : TBD - Usually three years after launch
Testing Provider: Pearson VUE: Testing Centers : Online Testing
We cover all five domains of the 220-1101 exam, including: 1.0 Mobile Devices (15%)
2.0 Networking (20%)
3.0 Hardware (25%)
4.0 Virtualization and Cloud Computing (11%)
5.0 Hardware and Network Troubleshooting (29%)
Question 1:
A customer called the service desk and complained that they could not reach the
internet on their computer. You ask the customer to open their command prompt,
type in ipconfig, and read you the IP address. The customer reads the IP as
169.254.12.45. What is the root cause of the customer's issue based on what you
know so far?
A. Their workstation cannot reach the DNS server
B. Their workstation cannot reach the default gateway
C. Their workstation cannot reach the web server
D. Their workstation cannot reach the DHCP server
Correct Answer: D
Explanation
OBJ-5.7: Since the customer's IP address is 169.254.12.45, it is an APIPA
address. Since the workstation has an APIPA address, it means the DHCP server
was unreachable. Automatic Private IP Addressing (APIPA) is a feature of
Windows-based operating systems that enables a computer to automatically assign
itself an IP address when there is no Dynamic Host Configuration Protocol (DHCP)
server available to perform that function. APIPA serves as a DHCP server
failover mechanism and makes it easier to configure and support small local area
networks (LANs). If no DHCP server is currently available, either because the
server is temporarily down or because none exists on the network, the computer
selects an IP address from a range of addresses (from 169.254.0.0 -
169.254.255.255) reserved for that purpose.
Question 2: Your company is currently using a 5 GHz wireless security system, so your
boss has asked you to install a 2.4 GHz wireless network to use for the
company's computer network to prevent interference. Which of the following can
NOT be installed to provide a 2.4 GHz wireless network?
A. 802.11g
B. 802.11b
C. 802.11ac
D. 802.11n
Correct Answer: C
Explanation
OBJ-2.3: Wireless networks are configured to use either 2.4 GHz or 5.0 GHz
frequencies, depending on the network type. 802.11a and 802.11ac both utilize a
5.0 GHz frequency for their communications. 802.11b and 802.11g both utilize a
2.4 GHz frequency for their communications. 802.11n and 802.11ax utilize either
2.4 GHz, 5.0 GHz, or both, depending on the Wi-Fi device's manufacturer. The
802.11b (Wireless B) standard utilizes a 2.4 GHz frequency to provide wireless
networking at speeds up to 11 Mbps. The 802.11g (Wireless G) standard utilizes a
2.4 GHz frequency to provide wireless networking at speeds up to 54 Mbps. The
802.11n (Wireless N) standard utilizes a 2.4 GHz frequency to provide wireless
networking at speeds up to 108 Mbps or a 5.0 GHz frequency to provide wireless
networking at speeds up to 600 Mbps. Wireless N supports the use of
multiple-input-multiple-output (MIMO) technology to use multiple antennas to
transmit and receive data at higher speeds. Wireless N supports channel bonding
by combining two 20 MHz channels into a single 40 MHz channel
to provide additional bandwidth. The 802.11ac (Wireless AC or Wi-Fi 5) standard
utilizes a 5 GHz frequency to provide wireless networking at theoretical speeds
up to 5.5 Gbps. Wireless AC uses channel bonding to create a single channel of
up to 160 MHz to provide additional bandwidth. Wireless AC uses multi-user
multiple-input-
Question 3: Which of the following resources is used by virtual machines to communicate
with other virtual machines on the same network but prevents them from
communicating with resources on the internet?
A. DNS
B. Virtual internal network
C. Virtual external network
D. Network address translation
Correct Answer: B
Explanation
OBJ-4.2: Most virtual machines running on a workstation will have their own
virtual internal network to communicate within the virtual environment while
preventing them from communicating with the outside world. You may also
configure a shared network address for the virtual machine to have the same IP
address as the physical host that it is running on. This usually relies on
network address translation to communicate from the virtual environment (inside)
to the physical world (outside/internet). If you are communicating internally in
the virtual network, there is no need for DNS or an external network.
Question 4:
A technician needs to upgrade the RAM in a database server. The server's memory
must support maintaining the highest levels of integrity. Which of the following
type of RAM should the technician install?
A. ECC
B. Non-Parity
C. SODIMM
D. VRAM
Correct Answer: A
Explanation
OBJ-3.2: Error checking and correcting or error correcting code (ECC) is a type
of system memory that has built-in error correction security. ECC is more
expensive than normal memory and requires support from the motherboard. ECC is
commonly used in production servers and not in standard desktops or laptops.
Non-parity memory is a type of system memory that does not perform error
checking except when conducting the initial startup memory count. VRAM (video
RAM) refers to any type of random access memory (RAM) specifically used to store
image data for a computer display. A small outline dual inline memory module (SODIMM)
can be purchased in various types and sizes to fit any laptop, router, or other
small form factor computing device.
Question 5: You just replaced a failed motherboard in a corporate workstation and
returned it to service. About an hour later, the customer complained that the
workstation is randomly shutting down and rebooting itself. You suspect the
memory module may be corrupt, and you perform a memory test, but the memory
passes all of your tests. Which of the following should you attempt NEXT in
troubleshooting this problem?
A. Remove and reseat the RAM
B. Verify the case fans are clean and properly connected
C. Reset the BIOS
D. Replace the RAM with ECC modules
Correct Answer: B
Explanation
OBJ-5.2: If a workstation overheats, it will shut down or reboot itself to
protect the processor. This can occur if the case fans are clogged with dust or
become unplugged. By checking and reconnecting the case fans, the technician can
rule out an overheating issue causing this problem. Since the memory was already
tested successfully, it does not need to be removed and reseated, or replaced
with ECC modules. The BIOS is not the issue since the computer booted up into
Windows successfully before rebooting.
Introduction The AWS Certified Solutions Architect - Associate (SAA-C03) exam is intended
for individuals who perform in a solutions architect role. The exam validates a
candidate’s ability to use AWS technologies to design solutions based on the AWS
Well-Architected Framework.
The exam also validates a candidate’s ability to complete the following
tasks: • Design solutions that incorporate AWS services to meet current business
requirements and future projected needs
• Design architectures that are secure, resilient, high-performing, and
cost-optimized
• Review existing solutions and determine improvements
Target candidate description The target candidate should have at least 1 year of hands-on experience
designing cloud solutions that use AWS services.
For a detailed list of specific tools and technologies that might be covered on
the exam, as well as lists of in-scope and out-of-scope AWS services, refer to
the Appendix.
Exam content Response types There are two types of questions on the exam:
• Multiple choice: Has one correct response and three incorrect responses (distractors)
• Multiple response: Has two or more correct responses out of five or more
response options
Select one or more responses that best complete the statement or answer the
question. Distractors, or incorrect answers, are response options that a
candidate with incomplete knowledge or skill might choose. Distractors are
generally plausible responses that match the content area.
Unanswered questions are scored as incorrect; there is no penalty for guessing.
The exam includes 50 questions that will affect your score.
Unscored content The exam includes 15 unscored questions that do not affect your score. AWS
collects information about candidate performance on these unscored questions to
evaluate these questions for future use as scored questions. These unscored
questions are not identified on the exam.
Exam results The AWS Certified Solutions Architect - Associate exam is a pass or fail
exam. The exam is scored against a minimum standard established by AWS
professionals who follow certification industry best practices and guidelines.
Your results for the exam are reported as a scaled score of 100–1,000. The
minimum passing score is 720. Your score shows how you performed on the exam as
a whole and whether or not you passed. Scaled scoring models help equate scores
across multiple exam forms that might have slightly different difficulty levels.
Your score report could contain a table of classifications of your performance
at each section level. This information provides general feedback about your
exam performance. The exam uses a compensatory scoring model, which means that
you do not need to achieve a passing score in each section. You need to pass
only the overall exam.
Each section of the exam has a specific weighting, so some sections have more
questions than other sections have. The table contains general information that
highlights your strengths and weaknesses. Use caution when interpreting
section-level feedback. Candidates who pass the exam will not receive this
additional information.
Content outline
This exam guide includes weightings, test domains, and task statements for the
exam. It is not a comprehensive listing of the content on the exam. However,
additional context for each of the task statements is available to help guide
your preparation for the exam. The following table lists the main content
domains and their weightings. The table precedes the complete exam content
outline, which includes the additional context. The percentage in each domain
represents only scored content.
Knowledge of: • Access controls and management across multiple accounts
• AWS federated access and identity services (for example, AWS Identity and
Access Management [IAM], AWS Single Sign-On [AWS SSO])
• AWS global infrastructure (for example, Availability Zones, AWS Regions)
• AWS security best practices (for example, the principle of least privilege)
• The AWS shared responsibility model
Skills in: • Applying AWS security best practices to IAM users and root users (for
example, multi-factor authentication [MFA])
• Designing a flexible authorization model that includes IAM users, groups,
roles, and policies
• Designing a role-based access control strategy (for example, AWS Security
Token Service [AWS STS], role switching, cross-account access)
• Designing a security strategy for multiple AWS accounts (for example, AWS
Control Tower, service control policies [SCPs])
• Determining the appropriate use of resource policies for AWS services
• Determining when to federate a directory service with IAM roles
Task Statement 2: Design secure workloads and applications.
Knowledge of:
• Application configuration and credentials security
• AWS service endpoints
• Control ports, protocols, and network traffic on AWS
• Secure application access
• Security services with appropriate use cases (for example, Amazon Cognito,
Amazon GuardDuty, Amazon Macie)
• Threat vectors external to AWS (for example, DDoS, SQL injection)
Skills in: • Designing VPC architectures with security components (for example,
security groups, route tables, network ACLs, NAT gateways)
• Determining network segmentation strategies (for example, using public subnets
and private subnets)
• Integrating AWS services to secure applications (for example, AWS Shield, AWS
WAF, AWS SSO, AWS Secrets Manager)
• Securing external network connections to and from the AWS Cloud (for example,
VPN, AWS Direct Connect)
Task Statement 3: Determine appropriate data security controls.
Knowledge of: • Data access and governance
• Data recovery
• Data retention and classification
• Encryption and appropriate key management
Skills in: • Aligning AWS technologies to meet compliance requirements
• Encrypting data at rest (for example, AWS Key Management Service [AWS KMS])
• Encrypting data in transit (for example, AWS Certificate Manager [ACM] using
TLS)
• Implementing access policies for encryption keys
• Implementing data backups and replications
• Implementing policies for data access, lifecycle, and protection
• Rotating encryption keys and renewing certificates
Domain 2: Design Resilient Architectures
Task Statement 1: Design scalable and loosely coupled architectures.
Knowledge of: • API creation and management (for example, Amazon API Gateway, REST API)
• AWS managed services with appropriate use cases (for example, AWS Transfer
Family, Amazon Simple Queue Service [Amazon SQS], Secrets Manager)
• Caching strategies
• Design principles for microservices (for example, stateless workloads compared
with stateful workloads)
• Event-driven architectures
• Horizontal scaling and vertical scaling
• How to appropriately use edge accelerators (for example, content delivery
network [CDN])
• How to migrate applications into containers
• Load balancing concepts (for example, Application Load Balancer)
• Multi-tier architectures
• Queuing and messaging concepts (for example, publish/subscribe)
• Serverless technologies and patterns (for example, AWS Fargate, AWS Lambda)
• Storage types with associated characteristics (for example, object, file,
block)
• The orchestration of containers (for example, Amazon Elastic Container Service
[Amazon ECS], Amazon Elastic Kubernetes Service [Amazon EKS])
• When to use read replicas
• Workflow orchestration (for example, AWS Step Functions)
Skills in: • Designing event-driven, microservice, and/or multi-tier architectures
based on requirements
• Determining scaling strategies for components used in an architecture design
• Determining the AWS services required to achieve loose coupling based on
requirements
• Determining when to use containers
• Determining when to use serverless technologies and patterns
• Recommending appropriate compute, storage, networking, and database
technologies based on requirements
• Using purpose-built AWS services for workloads
Task Statement 2: Design highly available and/or fault-tolerant architectures.
Knowledge of:
• AWS global infrastructure (for example, Availability Zones, AWS Regions,
Amazon Route 53)
• AWS managed services with appropriate use cases (for example, Amazon
Comprehend, Amazon Polly)
• Basic networking concepts (for example, route tables)
• Disaster recovery (DR) strategies (for example, backup and restore, pilot
light, warm standby, active-active failover, recovery point objective [RPO],
recovery time objective [RTO])
• Distributed design patterns
• Failover strategies
• Immutable infrastructure
• Load balancing concepts (for example, Application Load Balancer)
• Proxy concepts (for example, Amazon RDS Proxy)
• Service quotas and throttling (for example, how to configure the service
quotas for a workload in a standby environment)
• Storage options and characteristics (for example, durability, replication)
• Workload visibility (for example, AWS X-Ray)
Skills in:
• Determining automation strategies to ensure infrastructure integrity
• Determining the AWS services required to provide a highly available and/or
fault-tolerant architecture across AWS Regions or Availability Zones
• Identifying metrics based on business requirements to deliver a highly
available solution
• Implementing designs to mitigate single points of failure
• Implementing strategies to ensure the durability and availability of data (for
example, backups)
• Selecting an appropriate DR strategy to meet business requirements
• Using AWS services that improve the reliability of legacy applications and
applications not built for the cloud (for example, when application changes are
not possible)
• Using purpose-built AWS services for workloads
Domain 3: Design High-Performing Architectures
Task Statement 1: Determine high-performing and/or scalable storage solutions.
Knowledge of: • Hybrid storage solutions to meet business requirements
• Storage services with appropriate use cases (for example, Amazon S3, Amazon
Elastic File System [Amazon EFS], Amazon Elastic Block Store [Amazon EBS])
• Storage types with associated characteristics (for example, object, file,
block)
Skills in: • Determining storage services and configurations that meet performance
demands
• Determining storage services that can scale to accommodate future needs
Task Statement 2: Design high-performing and elastic compute solutions.
Knowledge of:
• AWS compute services with appropriate use cases (for example, AWS Batch,
Amazon EMR, Fargate)
• Distributed computing concepts supported by AWS global infrastructure and edge
services
• Queuing and messaging concepts (for example, publish/subscribe)
• Scalability capabilities with appropriate use cases (for example, Amazon EC2
Auto Scaling, AWS Auto Scaling)
• Serverless technologies and patterns (for example, Lambda, Fargate)
• The orchestration of containers (for example, Amazon ECS, Amazon EKS)
Skills in:
• Decoupling workloads so that components can scale independently
• Identifying metrics and conditions to perform scaling actions
• Selecting the appropriate compute options and features (for example, EC2
instance types) to meet business requirements
• Selecting the appropriate resource type and size (for example, the amount of
Lambda memory) to meet business requirements
Task Statement 3: Determine high-performing database solutions.
Knowledge of: • AWS global infrastructure (for example, Availability Zones, AWS Regions)
• Caching strategies and services (for example, Amazon ElastiCache)
• Data access patterns (for example, read-intensive compared with
write-intensive)
• Database capacity planning (for example, capacity units, instance types,
Provisioned IOPS)
• Database connections and proxies
• Database engines with appropriate use cases (for example, heterogeneous
migrations, homogeneous migrations)
• Database replication (for example, read replicas)
• Database types and services (for example, serverless, relational compared with
non-relational, in-memory)
Skills in: • Configuring read replicas to meet business requirements
• Designing database architectures
• Determining an appropriate database engine (for example, MySQL compared with
PostgreSQL)
• Determining an appropriate database type (for example, Amazon Aurora, Amazon
DynamoDB)
• Integrating caching to meet business requirements
Task Statement 4: Determine high-performing and/or scalable network
architectures.
Knowledge of: • Edge networking services with appropriate use cases (for example, Amazon
CloudFront, AWS Global Accelerator)
• How to design network architecture (for example, subnet tiers, routing, IP
addressing)
• Load balancing concepts (for example, Application Load Balancer)
• Network connection options (for example, AWS VPN, Direct Connect, AWS
PrivateLink)
Skills in: • Creating a network topology for various architectures (for example,
global, hybrid, multi-tier)
• Determining network configurations that can scale to accommodate future needs
• Determining the appropriate placement of resources to meet business
requirements
• Selecting the appropriate load balancing strategy
Task Statement 5: Determine high-performing data ingestion and transformation
solutions.
Knowledge of:
• Data analytics and visualization services with appropriate use cases (for
example, Amazon Athena, AWS Lake Formation, Amazon QuickSight)
• Data ingestion patterns (for example, frequency)
• Data transfer services with appropriate use cases (for example, AWS DataSync,
AWS Storage Gateway)
• Data transformation services with appropriate use cases (for example, AWS
Glue)
• Secure access to ingestion access points
• Sizes and speeds needed to meet business requirements
• Streaming data services with appropriate use cases (for example, Amazon
Kinesis)
Skills in: • Building and securing data lakes
• Designing data streaming architectures
• Designing data transfer solutions
• Implementing visualization strategies
• Selecting appropriate compute options for data processing (for example, Amazon
EMR)
• Selecting appropriate configurations for ingestion
• Transforming data between formats (for example, .csv to .parquet)
Domain 4: Design Cost-Optimized Architectures
Task Statement 1: Design cost-optimized storage solutions.
Knowledge of: • Access options (for example, an S3 bucket with Requester Pays object
storage)
• AWS cost management service features (for example, cost allocation tags,
multi-account billing)
• AWS cost management tools with appropriate use cases (for example, AWS Cost
Explorer, AWS Budgets, AWS Cost and Usage Report)
• AWS storage services with appropriate use cases (for example, Amazon FSx,
Amazon EFS, Amazon S3, Amazon EBS)
• Backup strategies
• Block storage options (for example, hard disk drive [HDD] volume types, solid
state drive [SSD] volume types)
• Data lifecycles
• Hybrid storage options (for example, DataSync, Transfer Family, Storage
Gateway)
• Storage access patterns
• Storage tiering (for example, cold tiering for object storage)
• Storage types with associated characteristics (for example, object, file,
block)
Skills in:
• Designing appropriate storage strategies (for example, batch uploads to Amazon
S3 compared with individual uploads)
• Determining the correct storage size for a workload
• Determining the lowest cost method of transferring data for a workload to AWS
storage
• Determining when storage auto scaling is required
• Managing S3 object lifecycles
• Selecting the appropriate backup and/or archival solution
• Selecting the appropriate service for data migration to storage services
• Selecting the appropriate storage tier
• Selecting the correct data lifecycle for storage
• Selecting the most cost-effective storage service for a workload
Task Statement 2: Design cost-optimized compute solutions.
Knowledge of:
• AWS cost management service features (for example, cost allocation tags,
multi-account billing)
• AWS cost management tools with appropriate use cases (for example, Cost
Explorer, AWS Budgets, AWS Cost and Usage Report)
• AWS global infrastructure (for example, Availability Zones, AWS Regions)
• AWS purchasing options (for example, Spot Instances, Reserved Instances,
Savings Plans)
• Distributed compute strategies (for example, edge processing)
• Hybrid compute options (for example, AWS Outposts, AWS Snowball Edge)
• Instance types, families, and sizes (for example, memory optimized, compute
optimized, virtualization)
• Optimization of compute utilization (for example, containers, serverless
computing, microservices)
• Scaling strategies (for example, auto scaling, hibernation)
Skills in: • Determining an appropriate load balancing strategy (for example,
Application Load Balancer [Layer 7] compared with Network Load Balancer [Layer
4] compared with Gateway Load Balancer)
• Determining appropriate scaling methods and strategies for elastic workloads
(for example, horizontal compared with vertical, EC2 hibernation)
• Determining cost-effective AWS compute services with appropriate use cases
(for example, Lambda, Amazon EC2, Fargate)
• Determining the required availability for different classes of workloads (for
example, production workloads, non-production workloads)
• Selecting the appropriate instance family for a workload
• Selecting the appropriate instance size for a workload
Task Statement 3: Design cost-optimized database solutions.
Knowledge of:
• AWS cost management service features (for example, cost allocation tags,
multi-account billing)
• AWS cost management tools with appropriate use cases (for example, Cost
Explorer, AWS Budgets, AWS Cost and Usage Report)
• Caching strategies
• Data retention policies
• Database capacity planning (for example, capacity units)
• Database connections and proxies
• Database engines with appropriate use cases (for example, heterogeneous
migrations, homogeneous migrations)
• Database replication (for example, read replicas)
• Database types and services (for example, relational compared with
non-relational, Aurora, DynamoDB)
Skills in: • Designing appropriate backup and retention policies (for example, snapshot
frequency)
• Determining an appropriate database engine (for example, MySQL compared with
PostgreSQL)
• Determining cost-effective AWS database services with appropriate use cases
(for example, DynamoDB compared with Amazon RDS, serverless)
• Determining cost-effective AWS database types (for example, time series
format, columnar format)
• Migrating database schemas and data to different locations and/or different
database engines
Task Statement 4: Design cost-optimized network architectures.
Knowledge of:
• AWS cost management service features (for example, cost allocation tags,
multi-account billing)
• AWS cost management tools with appropriate use cases (for example, Cost
Explorer, AWS Budgets, AWS Cost and Usage Report)
• Load balancing concepts (for example, Application Load Balancer)
• NAT gateways (for example, NAT instance costs compared with NAT gateway costs)
• Network connectivity (for example, private lines, dedicated lines, VPNs)
• Network routing, topology, and peering (for example, AWS Transit Gateway, VPC
peering)
• Network services with appropriate use cases (for example, DNS)
Skills in: • Configuring appropriate NAT gateway types for a network (for example, a
single shared NAT gateway compared with NAT gateways for each Availability Zone)
• Configuring appropriate network connections (for example, Direct Connect
compared with VPN compared with internet)
• Configuring appropriate network routes to minimize network transfer costs (for
example, Region to Region, Availability Zone to Availability Zone, private to
public, Global Accelerator, VPC endpoints)
• Determining strategic needs for content delivery networks (CDNs) and edge
caching
• Reviewing existing workloads for network optimizations
• Selecting an appropriate throttling strategy
• Selecting the appropriate bandwidth allocation for a network device (for
example, a single VPN compared with multiple VPNs, Direct Connect speed)
Question 1:
A software development company is using serverless computing with AWS Lambda to
build and run applications without having to set up or manage servers. They have
a Lambda function that connects to a MongoDB Atlas, which is a popular Database
as a Service (DBaaS) platform and also uses a third party API to fetch certain
data for their application. One of the developers was instructed to create the
environment variables for the MongoDB database hostname, username, and password
as well as the API credentials that will be used by the Lambda function for DEV,
SIT, UAT, and PROD environments.
Considering that the Lambda function is storing sensitive database and API
credentials, how can this information be secured to prevent other developers in
the team, or anyone, from seeing these credentials in plain text? Select the
best option that provides maximum security.
A. Enable SSL encryption that leverages on AWS CloudHSM to store and encrypt the
sensitive information.
B. AWS Lambda does not provide encryption for the environment variables. Deploy
your code to an EC2 instance instead.
C. There is no need to do anything because, by default, AWS Lambda already
encrypts the environment variables using the AWS Key Management Service.
D. Create a new KMS key and use it to enable encryption helpers that leverage on
AWS Key Management Service to store and encrypt the sensitive information.
Correct Answer: D
Explanation
When you create or update Lambda functions that use environment variables, AWS
Lambda encrypts them using the AWS Key Management Service. When your Lambda
function is invoked, those values are decrypted and made available to the Lambda
code.
The first time you create or update Lambda functions that use environment
variables in a region, a default service key is created for you automatically
within AWS KMS. This key is used to encrypt environment variables. However, if
you wish to use encryption helpers and use KMS to encrypt environment variables
after your Lambda function is created, you must create your own AWS KMS key and
choose it instead of the default key. The default key will give errors when
chosen. Creating your own key gives you more flexibility, including the ability
to create, rotate, disable, and define access controls, and to audit the
encryption keys used to protect your data.
Question 2: A company hosted an e-commerce website on an Auto Scaling group of EC2
instances behind an Application Load Balancer. The Solutions Architect noticed
that the website is receiving a large number of illegitimate external requests
from multiple systems with IP addresses that constantly change. To resolve the
performance issues, the Solutions Architect must implement a solution that would
block the illegitimate requests with minimal impact on legitimate traffic.
Which of the following options fulfills this requirement?
A. Create a regular rule in AWS WAF and associate the web ACL to an Application
Load Balancer.
B. Create a rate-based rule in AWS WAF and associate the web ACL to an
Application Load Balancer.
C. Create a custom rule in the security group of the Application Load Balancer
to block the offending requests.
D. Create a custom network ACL and associate it with the subnet of the
Application Load Balancer to block the offending requests.
Correct Answer: B
Question 4: There was an incident in your production environment where the user data
stored in the S3 bucket has been accidentally deleted by one of the Junior
DevOps Engineers. The issue was escalated to your manager and after a few days,
you were instructed to improve the security and protection of your AWS
resources.
What combination of the following options will protect the S3 objects in your
bucket from both accidental deletion and overwriting? (Select TWO.)
A. Enable Versioning
B. Enable Amazon S3 Intelligent-Tiering
C. Provide access to S3 data strictly through pre-signed URL only
D. Enable Multi-Factor Authentication Delete
E. Disallow S3 Delete using an IAM bucket policy
Correct Answer: B,D
Question 5: A popular social media website uses a CloudFront web distribution to serve
their static contents to their millions of users around the globe. They are
receiving a number of complaints recently that their users take a lot of time to
log into their website. There are also occasions when their users are getting
HTTP 504 errors. You are instructed by your manager to significantly reduce the
user's login time to further optimize the system.
Which of the following options should you use together to set up a
cost-effective solution that can improve your application's performance? (Select
TWO.)
A. Customize the content that the CloudFront web distribution delivers to your
users using Lambda@Edge, which allows your Lambda functions to execute the
authentication process in AWS locations closer to the users.
B. Deploy your application to multiple AWS regions to accommodate your users
around the world. Set up a Route 53 record with latency routing policy to route
incoming traffic to the region that provides the best latency to the user.
C. Configure your origin to add a Cache-Control max-age directive to your
objects, and specify the longest practical value for max-age to increase the
cache hit ratio of your CloudFront distribution.
D. Set up an origin failover by creating an origin group with two origins.
Specify one as the primary origin and the other as the second origin which
CloudFront automatically switches to when the primary origin returns specific
HTTP status code failure responses.
E. Use multiple and geographically disperse VPCs to various AWS regions then
create a transit VPC to connect all of your resources. In order to handle the
requests faster, set up Lambda functions in each region using the AWS Serverless
Application Model (SAM) service.
Correct Answer: A,D
Question 6: A company is using Amazon S3 to store frequently accessed data. When an
object is created or deleted, the S3 bucket will send an event notification to
the Amazon SQS queue. A solutions architect needs to create a solution that will
notify the development and operations team about the created or deleted objects.
Which of the following would satisfy this requirement?
A. Create a new Amazon SNS FIFO topic for the other team. Grant Amazon S3
permission to send the notification to the second SNS topic.
B. Set up another Amazon SQS queue for the other team. Grant Amazon S3
permission to send a notification to the second SQS queue.
C. Set up an Amazon SNS topic and configure two Amazon SQS queues to poll the
SNS topic. Grant Amazon S3 permission to send notifications to Amazon SNS and
update the bucket to use the new SNS topic.
D. Create an Amazon SNS topic and configure two Amazon SQS queues to subscribe
to the topic. Grant Amazon S3 permission to send notifications to Amazon SNS and
update the bucket to use the new SNS topic.
Correct Answer: D
Appendix Which key tools, technologies, and concepts might be covered on the exam?
The following is a non-exhaustive list of the tools and technologies that could
appear on the exam. This list is subject to change and is provided to help you
understand the general scope of services, features, or technologies on the exam.
The general tools and technologies in this list appear in no particular order.
AWS services are grouped according to their primary functions. While some of
these technologies will likely be covered more than others on the exam, the
order and placement of them in this list is no indication of relative weight or
importance:
• Compute
• Cost management
• Database
• Disaster recovery
• High performance
• Management and governance
• Microservices and component decoupling
• Migration and data transfer
• Networking, connectivity, and content delivery
• Resiliency
• Security
• Serverless and event-driven design principles
• Storage
Candidates for this exam set up and use the application functionality in
Dynamics 365 Commerce and provide support for the application.
Candidates have a strong understanding of unified commerce business operations.
They may have experience configuring, deploying, and maintaining Dynamics 365
Commerce.
Part of the requirements for: Microsoft Certified: Dynamics 365 Commerce
Functional Consultant Associate
Related exams: 1 related exam
Important: See details
Exam MB-340: Microsoft Dynamics 365 Commerce Functional Consultant (beta)
Languages: English
Retirement date: none
This exam measures your ability to accomplish the following technical tasks:
configure Dynamics 365 Commerce Headquarters; configure products, prices,
discounts, loyalty, and affiliations; manage Point of Sales (POS) in Dynamics
365 Commerce; configure and manage Dynamics 365 Commerce call centers; and
manage e-commerce.
Skills measured Configure Dynamics 365 Commerce Headquarters (20-25%)
Configure products, prices, discounts, loyalty, and affiliations (20-25%)
Manage Point of Sales (POS) in Dynamics 365 Commerce (15-20%)
Configure and manage Dynamics 365 Commerce call centers (10-15%)
Manage e-commerce (15-20%)
Audience Profile
Candidates for this exam design, configure, and manage Dynamics 365 Commerce and
provide ongoing support for the app.
Candidates have a strong understanding of unified commerce business operations.
They may have experience deploying, using, and maintaining Dynamics 365
Commerce.
Skills Measured
NOTE: The bullets that appear below each of the skills measured are intended to
illustrate how we are assessing that skill. This list is NOT definitive or
exhaustive.
NOTE: Most questions cover features that are general availability (GA). The exam
may contain questions on Preview features if those features are commonly used.
Configure Dynamics 365 Commerce Headquarters (25-30%) Configure prerequisites and commerce parameters
create employee and customer address books
configure and manage retail workers
assign address books to customers, channels, and workers
create email templates and email notification profiles
configure organizational hierarchies and hierarchy purposes
configure Commerce shared parameters
configure company-specific Commerce parameters
Describe and configure additional functionality
create and configure channel and sales order attributes
configure commissions and sales representatives
configure payment methods and card types
configure and manage gift cards
describe Omni-channel capabilities including payments, orders, and returns
configure data distribution
create info codes, sub-codes, and info code groups
describe Dynamics 365 Fraud Protection purchase protection, loss prevention,
and account protection
Manage statements
describe advantages of using trickle feed-based posting
validate retail transactions by using the transaction consistency checker
configure and manage retail statement calculations and posting
troubleshoot statement posting issues
Configure Distributed Order Management (DOM)
configure fulfillment profiles
configure cost components including shipping, handling, and packaging costs
configure management rules and parameters
monitor fulfillment plans and order exceptions
Configure order fulfillment
configure modes of delivery including shipments, pick up, and carry out
configure curbside customer order pickup
configure charge codes, charge groups, and automatic charges
configure and assign order fulfillment groups
Configure products, prices, discounts, loyalty, and
affiliations (25-30%) Configure products and merchandising
configure product category hierarchies
configure product attributes and attribute groups
configure assortments and product catalogs
manage product labels and shelf labels
describe uses cases for recommendation types including product, personalized,
Shop similar looks, and Shop similar descriptions recommendations
configure recommendations
configure warranty settings
configure inventory buffers and inventory levels
configure products and variants including configuring barcodes
Manage Point of Sale (POS) in Dynamics 365 Commerce (15-20%) Configure retail stores
create a retail store
configure POS registers and devices
configure retail profiles
configure sales tax overrides
configure Task Management lists and parameters
define cash management processes
define shifts and shift management processes
configure channel return policies
describe offline capabilities and limitations
Manage store inventory
configure availability calculations for products
manage inbound and outbound inventory operations
process customer pick-up and shipment orders
manage inventory processes including stock counts
look up product inventory
process serialized items
Perform POS operations
perform sales and order processes
perform end of day processes
reconcile store cash
monitor store productivity by using task management and reporting features
Configure and Manage Dynamics 365 Commerce call centers
(10-15%) Configure call centers
create a call center
configure and publish product catalogs
create product catalog scripts
configure fraud conditions, rules, and variables to trigger order holds
configure fraud alerts
Configure continuity orders and installment billing
set up continuity programs and parameters
configure continuity order batch jobs
manage continuity child orders
Manage call centers
create, modify, and process sales orders
process call center payments
manage order holds
create return merchandise authorizations (RMAs)
process returns, exchanges, and replacements
Manage e-commerce (15-20%) Configure an e-commerce channel
create an online store
configure an e-commerce site
configure channel assignments for an e-commerce site
configure ratings and reviews
Manage e-commerce content
configure URLs and aliases
configure product detail pages and category pages
manage site themes, page fragments, templates, layouts, and pages
upload and manage digital assets including videos and images
set focal points and attribute values for media assets
configure publish groups
Operate an e-commerce channel
create e-commerce orders
synchronize e-commerce orders
moderate ratings and reviews
Configure business-to-business (B2B) e-commerce
describe differences between B2B and business-to-consumer (B2C) solutions
describe use cases for organizational modeling hierarchies
manage business partners and business partner users
configure product quantity limits
QUESTION 1
A company has recently deployed Microsoft Dynamics 365 Finance. You have been
hired as a Systems
Administrator. Your role will include the management of the Dynamics 365 system.
The company has several departments. You need to configure allocations for the
departments. The company
has the following requirements for the allocations:
The allocations should be fixed or variable.
Allocation journal entries must be automatically created for review before
posting.
You need to configure the system to meet the requirements.
What should you configure?
A. Transfer balance
B. Allocation terms
C. Ledger settlements
D. Ledger allocation rules
Correct Answer: D
QUESTION 2
Your role of Systems Administrator includes the management of your company’s
Microsoft Dynamics 365 Finance system.
You need to configure posting definitions and posting profiles. You need to
determine under which
circumstance you should configure a posting definition or a posting profile.
Which two of the following statements are true? (Choose two).
A. You should use posting definitions when you need to support encumbrance
accounting for purchase orders and pre-encumbrance accounting for purchase
requisitions.
B. You should use posting profiles when you need to support encumbrance
accounting for purchase orders and pre-encumbrance accounting for purchase
requisitions.
C. You should use posting definitions when you need to generate multiple,
balanced ledger entries based on attributes such as transaction types and
accounts.
D. You should use posting definitions when you need only one offset ledger
entry.
Correct Answer: A,C
QUESTION 3
A company has recently deployed Microsoft Dynamics 365 Finance. You have been
hired as a Systems
Administrator. Your role will include the management of the Dynamics 365 Finance
system.
You need to configure fiscal calendars to be used with fixed asset depreciation,
financial transactions, and budget cycles.
Which two of the following statements are true? (Choose two)
A. A fiscal calendar can contain multiple fiscal years.
B. A fiscal calendar is limited to a maximum of one year.
C. A fiscal calendar can be used by multiple legal entities.
D. A fiscal period can contain multiple fiscal calendars.
