Brigan Enser
Quiz von , erstellt am more than 1 year ago

Quiz on AWS, created by Brigan Enser on 06/07/2017.

1284
0
0
Brigan Enser
Erstellt von Brigan Enser vor mehr als 7 Jahre
Schließen

AWS

Frage 1 von 55

1

A startups photo-sharing site is deployed in a VPC. An ELB distributes web traffic across
two subnets. ELB session stickiness is configured to use the AWS-generated session
cookie, with a session TTL of 5 minutes. The webserver Auto Scaling Group is configured
as: min-size=4, max-size=4. The startups preparing for a public launch, by running
load-testing software installed on a single EC2 instance running in us-west-2a. After 60
minutes of load-testing, the webserver logs show: Which recommendations can help ensure
load-testing HTTP requests are evenly distributed across the four webservers? Choose 2
answers.

Wähle eine oder mehr der folgenden:

  • Re-configure the load-testing software to re-resolve DNS for each web request.

  • Use a 3rd-party load-testing service which offers globally-distributed test clients.

  • Configure ELB and Auto Scaling to distribute across us-west-2a and us-west-2c.

  • Configure ELB session stickiness to use the app-specific session cookie.

  • Launch and run the load-tester EC2 instance from us-east-1 instead.

Erklärung

Frage 2 von 55

1

Which of the following are correct statements with policy evaluation logic in AWS Identity
and Access Management? Choose 2 answers

Wähle eine oder mehr der folgenden:

  • An explicit deny does not override an explicit allow

  • By default, all request are allowed

  • An explicit allow overrides default deny

  • An explicit allow overrides an explicit deny

  • By default, all requests are denied

Erklärung

Frage 3 von 55

1

How can you secure data at rest on an EBS volume?

Wähle eine der folgenden:

  • Write the data randomly instead of sequentially.

  • Use an encrypted file system on top of the EBS volume.

  • Encrypt the volume using the S3 server-side encryption service.

  • Create an IAM policy that restricts read and write access to the volume.

  • Attach the volume to an instance using EC2’s SSL interface.

Erklärung

Frage 4 von 55

1

If an application is storing hourly log files from thousands of instances from a high traffic
web site, which naming scheme would give optimal performance on S3?

Wähle eine der folgenden:

  • Sequential

  • HH-DD-MM-YYYY-log_instanceID

  • YYYY-MM-DD-HH-log_instanceID

  • instanceID_log-HH-DD-MM-YYYY

  • instanceID_log-YYYY-MM-DD-HH

Erklärung

Frage 5 von 55

1

Your application is trying to upload a 6 GB file to Simple Storage Service and receive a
“Your proposed upload exceeds the maximum allowed object size.” error message. What is
a possible solution for this?

Wähle eine der folgenden:

  • None, Simple Storage Service objects are limited to 5 GB

  • Use the multi-part upload API for this object

  • Use the large object upload API for this object

  • Contact support to increase your object size limit

  • Upload to a different region

Erklärung

Frage 6 von 55

1

Company C is currently hosting their corporate site in an Amazon S3 bucket with Static
Website Hosting enabled. Currently, when visitors go to http://www.companyc.com the
index.html page is returned. Company C now would like a new page welcome.html to be
returned when a visitor enters http://www.companyc.com in the browser. Which of the
following steps will allow Company C to meet this requirement? Choose 2 answers

Wähle eine oder mehr der folgenden:

  • Upload an html page named welcome.html to their S3 bucket

  • Create a welcome subfolder in their S3 bucket

  • Set the Index Document property to welcome.html

  • Move the index.html page to a welcome subfolder

  • Set the Error Document property to welcome.html

Erklärung

Frage 7 von 55

1

Which of the following statements about SQS is true?

Wähle eine der folgenden:

  • Messages will be delivered one or more times and messages will be delivered in First in,
    First out order

  • Messages will be delivered exactly once and message delivery order is indeterminate

  • Messages will be delivered exactly once and messages will be delivered in First in, First
    out order

  • Messages will be delivered one or more times and message delivery order is
    indeterminate

Erklärung

Frage 8 von 55

1

EC2 instances are launched from Amazon Machine images (AMIS). A given public AMI can:

Wähle eine der folgenden:

  • be used to launch EC2 Instances in any AWS region.

  • only be used to launch EC2 instances in the same country as the AMI is stored.

  • only be used to launch EC2 instances in the same AWS region as the AMI is stored.

  • only be used to launch EC2 instances in the same AWS availability zone as the AMI is
    stored.

Erklärung

Frage 9 von 55

1

When a Simple Queue Service message triggers a task that takes 5 minutes to complete,
which process below will result in successful processing of the message and remove it from
the queue while minimizing the chances of duplicate processing?

Wähle eine der folgenden:

  • Retrieve the message with an increased visibility timeout, delete the message from the
    queue, process the message

  • Retrieve the message with increased DelaySeconds, process the message, delete the
    message from the queue

  • Retrieve the message with an increased visibility timeout, process the message, delete
    the message from the queue

  • Retrieve the message with increased DelaySeconds, delete the message from the
    queue, process the message

Erklärung

Frage 10 von 55

1

What is the format of structured notification messages sent by Amazon SNS?

Wähle eine der folgenden:

  • An XML object containing MessageId, UnsubscribeURL, Subject, Message and other
    values

  • An JSON object containing MessageId, DuplicateFlag, Message and other values

  • An XML object containing MessageId, DuplicateFlag, Message and other values

  • An JSON object containing MessageId, unsubscribeURL, Subject, Message and other
    values

Erklärung

Frage 11 von 55

1

Which approach below provides the least impact to provisioned throughput on the “Product”
table?

Wähle eine der folgenden:

  • Create an “Images” DynamoDB table to store the Image with a foreign key constraint to
    the “Product” table

  • Add an image data type to the “Product” table to store the images in binary format

  • Serialize the image and store it in multiple DynamoDB tables

  • Store the images in Amazon S3 and add an S3 URL pointer to the “Product” table item
    for each image

Erklärung

Frage 12 von 55

1

Which DynamoDB limits can be raised by contacting AWS support? Choose 2 answers

Wähle eine oder mehr der folgenden:

  • The number of hash keys per account

  • The maximum storage used per account

  • The number of tables per account

  • The number of local secondary indexes per account

  • The number of provisioned throughput units per account

Erklärung

Frage 13 von 55

1

Which of the following items are required to allow an application deployed on an EC2
instance to write data to a DynamoDB table? Assume that no security Keys are allowed to
be stored on the EC2 instance. Choose 2 answers

Wähle eine oder mehr der folgenden:

  • Create an IAM User that allows write access to the DynamoDB table.

  • Launch an EC2 Instance with the IAM User included in the launch configuration.

  • Create an IAM Role that allows write access to the DynamoDB table.

  • Launch an EC2 Instance with the IAM Role included in the launch configuration.

  • Add an IAM Role to a running EC2 instance.

  • Add an IAM User to a running EC2 Instance.

Erklärung

Frage 14 von 55

1

Which EC2 API call would you use to retrieve a list of Amazon Machine Images (AMIs)?

Wähle eine der folgenden:

  • DescnbeInstances

  • You cannot retrieve a list of AMIs as there are over 10,000 AMIs

  • GetAMls

  • DescribeImages

  • DescribeAMIs

Erklärung

Frage 15 von 55

1

An Amazon S3 bucket, “myawsbucket” is configured with website hosting in Tokyo region,
what is the region-specific website endpoint?

Wähle eine der folgenden:

  • www.myawsbucket.ap-northeast-1.amazonaws.com

  • myawsbucket.s3-website-ap-northeast-l.amazonawscom

  • myawsbucket.amazonaws.com

  • myawsbucket.tokyo.amazonaws.com

Erklärung

Frage 16 von 55

1

A corporate web application is deployed within an Amazon VPC, and is connected to the
corporate data center via IPSec VPN. The application must authenticate against the
on-premise LDAP server. Once authenticated, logged-in users can only access an S3
keyspace specific to the user. Which two approaches can satisfy the objectives? Choose 2
answers

Wähle eine oder mehr der folgenden:

  • The application authenticates against LDAP, and retrieves the name of an IAM role
    associated with the user. The application then calls the IAM Security Token Service to
    assume that IAM Role. The application can use the temporary credentials to access the
    appropriate S3 bucket.

  • Develop an identity broker which authenticates against IAM Security Token Service to
    assume an IAM Role to get temporary AWS security credentials. The application calls the
    identity broker to get AWS temporary security credentials with access to the appropriate S3
    bucket.

  • The application authenticates against IAM Security Token Service using the LDAP
    credentials. The application uses those temporary AWS security credentials to access the
    appropriate S3 bucket.

  • The application authenticates against LDAP. The application then calls the IAM Security
    Service to login to IAM using the LDAP credentials. The application can use the IAM
    temporary credentials to access the appropriate S3 bucket.

  • Develop an identity broker which authenticates against LDAP, and then calls IAM
    Security Token Service to get IAM federated user credentials. The application calls the
    identity broker to get IAM federated user credentials with access to the appropriate S3
    bucket.

Erklärung

Frage 17 von 55

1

You are providing AWS consulting services for a company developing a new mobile
application that will be leveraging Amazon SNS Mobile Push for push notifications. In order
to send direct notification messages to individual devices each device registration identifier
or token needs to be registered with SNS; however the developers are not sure of the best
way to do this. You advise them to:

Wähle eine der folgenden:

  • Call the CreatePlatformEndPoint API function to register multiple device tokens.

  • Bulk upload the device tokens contained in a CSV file via the AWS Management
    Console.

  • Let the push notification service (e.g. Amazon Device Messaging) handle the registration.

  • Implement a token vending service to handle the registration.

Erklärung

Frage 18 von 55

1

What type of block cipher does Amazon S3 offer for server side encryption?

Wähle eine der folgenden:

  • RC5

  • Blowfish

  • Triple DES

  • Advanced Encryption Standard

Erklärung

Frage 19 von 55

1

You have written an application that uses the Elastic Load Balancing service to spread
traffic to several web servers Your users complain that they are sometimes forced to login
again in the middle of using your application, after they have already togged in. This is not
behavior you have designed. What is a possible solution to prevent this happening?

Wähle eine der folgenden:

  • Use instance memory to save session state.

  • Use instance storage to save session state.

  • Use EBS to save session state

  • Use ElastiCache to save session state.

  • Use Glacier to save session slate.

Erklärung

Frage 20 von 55

1

Which of the following is an example of a good DynamoDB hash key schema for
provisioned throughput efficiency?

Wähle eine der folgenden:

  • User ID, where the application has many different users.

  • Status Code where most status codes are the same.

  • Device ID, where one is by far more popular than all the others.

  • Game Type, where there are three possible game types.

Erklärung

Frage 21 von 55

1

Which statements about DynamoDB are true? Choose 2 answers

Wähle eine oder mehr der folgenden:

  • DynamoDB uses optimistic concurrency control

  • DynamoDB restricts item access during writes

  • DynamoDB uses a pessimistic locking model

  • DynamoDB restricts item access during reads

  • DynamoDB uses conditional writes for consistency

Erklärung

Frage 22 von 55

1

You are writing to a DynamoDB table and receive the following exception:”
ProvisionedThroughputExceededException”. though according to your Cloudwatch metrics
for the table, you are not exceeding your provisioned throughput. What could be an
explanation for this?

Wähle eine der folgenden:

  • You haven’t provisioned enough DynamoDB storage instances

  • You’re exceeding your capacity on a particular Range Key

  • You’re exceeding your capacity on a particular Hash Key

  • You’re exceeding your capacity on a particular Sort Key

  • You haven’t configured DynamoDB Auto Scaling triggers

Erklärung

Frage 23 von 55

1

Company A has an S3 bucket containing premier content that they intend to make available
to only paid subscribers of their website. The S3 bucket currently has default permissions of
all objects being private to prevent inadvertent exposure of the premier content to
non-paying website visitors. How can Company A provide only paid subscribers the ability
to download a premier content file in the S3 bucket?

Wähle eine der folgenden:

  • Apply a bucket policy that grants anonymous users to download the content from the S3
    bucket

  • Generate a pre-signed object URL for the premier content file when a paid subscriber
    requests a download

  • Add a bucket policy that requires Multi-Factor Authentication for requests to access the
    S3 bucket objects

  • Enable server side encryption on the S3 bucket for data protection against the
    non-paying website visitors

Erklärung

Frage 24 von 55

1

What happens, by default, when one of the resources in a CloudFormation stack cannot be
created?

Wähle eine der folgenden:

  • The stack creation continues, and the final results indicate which steps failed.

  • CloudFormation templates are parsed in advance so stack creation is guaranteed to
    succeed.

  • Previously-created resources are kept but the stack creation terminates.

  • Previously-created resources are deleted and the stack creation terminates.

Erklärung

Frage 25 von 55

1

What is the maximum number of S3 Buckets available per AWS account?

Wähle eine der folgenden:

  • There is no limit

  • 100 per account

  • 100 per IAM user

  • 100 per region

  • 500 per account

Erklärung

Frage 26 von 55

1

Which of the following are valid arguments for an SNS Publish request? Choose 3 answers

Wähle eine oder mehr der folgenden:

  • Subject

  • Language

  • Message

  • Destination

  • TopicAm

  • Format

Erklärung

Frage 27 von 55

1

A meteorological system monitors 600 temperature gauges, obtaining temperature samples
every minute and saving each sample to a DynamoDB table. Each sample involves writing
1K of data and the writes are evenly distributed over time. How much write throughput is
required for the target table?

Wähle eine oder mehr der folgenden:

  • 3600 write capacity units

  • 1 write capacity unit

  • 10 write capacity units

  • 60 write capacity units

  • 600 write capacity units

Erklärung

Frage 28 von 55

1

Which of the following platforms are supported by Elastic Beanstalk? Choose 2 answers

Wähle eine oder mehr der folgenden:

  • Apache Tomcat

  • IBM Websphere

  • Oracle JBoss

  • Jetty

  • .NET

Erklärung

Frage 29 von 55

1

You attempt to store an object in the US-STANDARD region in Amazon S3, and receive a
confirmation that it has been successfully stored. You then immediately make another API
call and attempt to read this object. S3 tells you that the object does not exist What could
explain this behavior?

Wähle eine der folgenden:

  • US-STANDARD imposes a 1 second delay before new objects are readable.

  • You exceeded the bucket object limit, and once this limit is raised the object will be
    visible.

  • Objects in Amazon S3 do not become visible until they are replicated to a second region.

  • US-STANDARD uses eventual consistency and it can take time for an object to be
    readable in a bucket

Erklärung

Frage 30 von 55

1

Which features can be used to restrict access to data in S3? Choose 2 answers

Wähle eine oder mehr der folgenden:

  • Set an S3 Bucket policy.

  • Enable IAM Identity Federation.

  • Set an S3 ACL on the bucket or the object.

  • Create a CloudFront distribution for the bucket.

  • Use S3 Virtual Hosting.

Erklärung

Frage 31 von 55

1

In AWS, which security aspects are the customer’s responsibility? Choose 4 answers

Wähle eine oder mehr der folgenden:

  • Decommissioning storage devices

  • Patch management on the EC2 instance’s operating system

  • Controlling physical access to compute resources

  • Security Group and ACL (Access Control List) settings

  • Life-cycle management of IAM credentials

  • Encryption of EBS (Elastic Block Storage) volumes

Erklärung

Frage 32 von 55

1

What AWS products and features can be deployed by Elastic Beanstalk? Choose 3
answers

Wähle eine oder mehr der folgenden:

  • Auto scaling groups

  • Route 53 hosted zones

  • Elastic Load Balancers

  • RDS Instances

  • Elastic IP addresses

  • SQS Queues

Erklärung

Frage 33 von 55

1

You run an ad-supported photo sharing website using S3 to serve photos to visitors of your
site. At some point you find out that other sites have been linking to the photos on your site,
causing loss to your business. What is an effective method to mitigate this?

Wähle eine der folgenden:

  • Store photos on an EBS volume of the web server

  • Remove public read access and use signed URLs with expiry dates.

  • Use CloudFront distributions for static content.

  • Block the IPs of the offending websites in Security Groups.

Erklärung

Frage 34 von 55

1

Which code snippet below returns the URL of a load balanced web site created in
CloudFormation with an AWS::ElasticLoadBalancing::LoadBalancer resource name
“ElasticLoad Balancer”?

Wähle eine der folgenden:

  • “Fn::Join” : [“”. [ “http://”, {“Fn::GetAtr” : [ “ElasticLoadBalancer”,”DNSName”]}]]

  • “Fn::Join” : [“.”, [ “http://”, {“Ref” : “ElasticLoadBalancerDNSName”}]]

  • “Fn::Join” : [“”. [ “http://”, {“Ref” : “ElasticLoadBalancerUrl”}]]

  • “Fn::Join” : [“”. [ “http://”, {“Fn::GetAtr” : [ “ElasticLoadBalancer”,”Url”]}]]

Erklärung

Frage 35 von 55

1

You are inserting 1000 new items every second in a DynamoDB table. Once an hour these
items are analyzed and then are no longer needed. You need to minimize provisioned
throughput, storage, and API calls. Given these requirements, what is the most efficient way
to manage these Items after the analysis?

Wähle eine der folgenden:

  • Retain the items in a single table

  • Delete items individually over a 24 hour period

  • Delete the table and create a new table per hour

  • Create a new table per hour

Erklärung

Frage 36 von 55

1

Which of the following statements about SWF are true? Choose 3 answers

Wähle eine oder mehr der folgenden:

  • SWF uses deciders and workers to complete tasks

  • SWF requires at least 1 EC2 instance per domain

  • SWF triggers SNS notifications on task assignment

  • SWF requires an S3 bucket for workflow storage

  • SWF tasks are assigned once and never duplicated

  • SWF workflow executions can last up to a year

Erklärung

Frage 37 von 55

1

Company D is running their corporate website on Amazon S3 accessed from
http//www.companyd.com. Their marketing team has published new web fonts to a separate
S3 bucket accessed by the S3 endpoint https://s3-us-west1. amazonaws.com/cdfonts.
While testing the new web fonts, Company D recognized the web fonts are being blocked
by the browser. What should Company D do to prevent the web fonts from being blocked by
the browser?

Wähle eine der folgenden:

  • Create a policy on the cdfonts bucket to enable access to everyone

  • Add the Content-MD5 header to the request for webfonts in the cdfonts bucket from the
    website

  • Configure the cdfonts bucket to allow cross-origin requests by creating a CORS
    configuration

  • Enable versioning on the cdfonts bucket for each web font

Erklärung

Frage 38 von 55

1

How is provisioned throughput affected by the chosen consistency model when reading
data from a DynamoDB table?

Wähle eine der folgenden:

  • Strongly consistent reads use the same amount of throughput as eventually consistent
    reads

  • Strongly consistent reads use variable throughput depending on read activity

  • Strongly consistent reads use more throughput than eventually consistent reads.

  • Strongly consistent reads use less throughput than eventually consistent reads

Erklärung

Frage 39 von 55

1

When uploading an object, what request header can be explicitly specified in a request to
Amazon S3 to encrypt object data when saved on the server side?

Wähle eine der folgenden:

  • x-amz-storage-class

  • Content-MD5

  • x-amz-security-token

  • x-amz-server-side-encryption

Erklärung

Frage 40 von 55

1

Which of the following are valid SNS delivery transports? Choose 2 answers

Wähle eine oder mehr der folgenden:

  • SMS

  • DynamoDB

  • HTTP

  • UDP

  • Named Pipes

Erklärung

Frage 41 von 55

1

You have an environment that consists of a public subnet using Amazon VPC and 3
instances that are running in this subnet. These three instances can successfully
communicate with other hosts on the Internet. You launch a fourth instance in the same
subnet, using the same AMI and security group configuration you used for the others, but
find that this instance cannot be accessed from the Internet. What should you do to enable
internet access?

Wähle eine der folgenden:

  • Deploy a NAT instance into the public subnet.

  • Modify the routing table for the public subnet

  • Configure a publicly routable IP Address In the host OS of the fourth instance.

  • Assign an Elastic IP address to the fourth instance.

Erklärung

Frage 42 von 55

1

How can software determine the public and private IP addresses of the Amazon EC2
instance that it is running on?

Wähle eine der folgenden:

  • Query the appropriate Amazon CloudWatch metric.

  • Use ipconfig or ifconfig command.

  • Query the local instance userdata.

  • Query the local instance metadata.

Erklärung

Frage 43 von 55

1

Which of the following services are included at no additional cost with the use of the AWS
platform? Choose 2 answers

Wähle eine oder mehr der folgenden:

  • CloudFormation

  • Simple Workflow Service

  • Elastic Load Balancing

  • Elastic Compute Cloud

  • Simple Storage Service

  • Auto Scaling

Erklärung

Frage 44 von 55

1

Which of the following programming languages have an officially supported AWS SDK?
Choose 2 answers

Wähle eine oder mehr der folgenden:

  • PHP

  • Pascal

  • Java

  • SQL

  • Perl

Erklärung

Frage 45 von 55

1

After launching an instance that you intend to serve as a NAT (Network Address
Translation) device in a public subnet you modify your route tables to have the NAT device
be the target of internet bound traffic of your private subnet. When you try and make an
outbound connection to the Internet from an instance in the private subnet, you are not
successful. Which of the following steps could resolve the issue?

Wähle eine der folgenden:

  • Attaching a second Elastic Network interface (ENI) to the NAT instance, and placing it in
    the private subnet

  • Attaching an Elastic IP address to the instance in the private subnet

  • Attaching a second Elastic Network Interface (ENI) to the instance in the private subnet,
    and placing it in the public subnet

  • Disabling the Source/Destination Check attribute on the NAT instance

Erklärung

Frage 46 von 55

1

Which of the following is chosen as the default region when making an API call with an
AWS SDK?

Wähle eine der folgenden:

  • ap-northeast-1

  • us-west-2

  • us-east-1

  • eu-west-1

  • us-central-1

Erklärung

Frage 47 von 55

1

When using a large Scan operation in DynamoDB, what technique can be used to minimize
the impact of a scan on a table’s provisioned throughput?

Wähle eine der folgenden:

  • Set a smaller page size for the scan

  • Prewarm the table by updating all items

  • Use parallel scans

  • Define a range index on the table

Erklärung

Frage 48 von 55

1

Which of the following services are key/value stores? Choose 3 answers

Wähle eine oder mehr der folgenden:

  • Amazon ElastiCache

  • Simple Notification Service

  • DynamoDB

  • Simple Storage Service

  • Simple Workflow Service

Erklärung

Frage 49 von 55

1

An application stores payroll information nightly in DynamoDB for a large number of
employees across hundreds of offices. Item attributes consist of individual name, office
identifier, and cumulative daily hours. Managers run reports for ranges of names working in
their office. One query is. “Return all Items in this office for names starting with A through
E”. Which table configuration will result in the lowest impact on provisioned throughput for
this query?

Wähle eine der folgenden:

  • Configure the table to have a range index on the name attribute, and a hash index on the
    office identifier

  • Configure a hash index on the name attribute and no range index

  • Configure the table to have a hash index on the name attribute, and a range index on the
    office identifier

  • Configure a hash index on the office Identifier attribute and no range index

Erklärung

Frage 50 von 55

1

What is one key difference between an Amazon EBS-backed and an instance-store backed
instance?

Wähle eine der folgenden:

  • Virtual Private Cloud requires EBS backed instances

  • Amazon EBS-backed instances can be stopped and restarted

  • Auto scaling requires using Amazon EBS-backed instances.

  • Instance-store backed instances can be stopped and restarted.

Erklärung

Frage 51 von 55

1

Company B provides an online image recognition service and utilizes SOS to decouple
system components for scalability The SQS consumers poll the imaging queue as often as
possible to keep end-to-end throughput as high as possible. However, Company B is
realizing that polling in tight loops is burning CPU cycles and increasing costs with empty
responses. How can Company B reduce the number of empty responses?

Wähle eine der folgenden:

  • Set the imaging queue visibility Timeout attribute to 20 seconds

  • Set the DelaySeconds parameter of a message to 20 seconds

  • Set the Imaging queue ReceiveMessageWaitTimeSeconds attribute to 20 seconds

  • Set the imaging queue MessageRetentionPeriod attribute to 20 seconds

Erklärung

Frage 52 von 55

1

What item operation allows the retrieval of multiple items from a DynamoDB table in a single
API call?

Wähle eine der folgenden:

  • GetItem

  • BatchItem

  • GetMultipleItems

  • GetItemRange

Erklärung

Frage 53 von 55

1

In DynamoDB, what type of HTTP response codes indicate that a problem was found with
the client request sent to the service?

Wähle eine der folgenden:

  • 5xx HTTP response code

  • 200 HTTP response code

  • 306 HTTP response code

  • 4xx HTTP response code

Erklärung

Frage 54 von 55

1

If a message is retrieved from a queue in Amazon SQS, how long is the message
inaccessible to other users by default?

Wähle eine der folgenden:

  • 30 seconds

  • 0 seconds

  • 1 hour

  • 1 day

  • forever

Erklärung

Frage 55 von 55

1

Games-R-Us is launching a new game app for mobile devices. Users will log into the game
using their existing Facebook account and the game will record player data and scoring
information directly to a DynamoDB table. What is the most secure approach for signing
requests to the DynamoDB API?

Wähle eine der folgenden:

  • Create an IAM user with access credentials that are distributed with the mobile app to
    sign the requests

  • Distribute the AWS root account access credentials with the mobile app to sign the
    requests

  • Request temporary security credentials using web identity federation to sign the requests

  • Establish cross account access between the mobile app and the DynamoDB table to sign
    the requests

Erklärung