Quỳnh Như
Test por , creado hace más de 1 año

AWS Certified Solutions Architect

372
7
0
Quỳnh Như
Creado por Quỳnh Như hace más de 7 años
Cerrar

AWS Certified Solutions Architect 01

Pregunta 1 de 4

1

You are designing an intrusion detection prevention (IDS/IPS) solution for a customer web application in a

single VPC. You are considering the options for implementing IOS IPS protection for traffic coming from the

Internet.

Which of the following options would you consider? (Choose 2 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • Implement IDS/IPS agents on each Instance running In VPC

  • Configure an instance in each subnet to switch its network interface card to promiscuous mode and analyze network traffic.`

  • Implement Elastic Load Balancing with SSL listeners In front of the web applications

  • Implement a reverse proxy layer in front of web servers and configure IDS/IPS agents on each reverse proxy server.

Explicación

Pregunta 2 de 4

1

Your customer is willing to consolidate their log streams (access logs application logs security logs etc.) in one

single system. Once consolidated, the customer wants to analyze these logs in real time based on heuristics.

From time to time, the customer needs to validate heuristics, which requires going back to data samples

extracted from the last 12 hours?

What is the best approach to meet your customer’s requirements?

Selecciona una o más de las siguientes respuestas posibles:

  • Send all the log events to Amazon SQS. Setup an Auto Scaling group of EC2 servers to consume the logs and apply the heuristics.

  • Send all the log events to Amazon Kinesis develop a client process to apply heuristics on the logs

  • Configure Amazon Cloud Trail to receive custom logs, use EMR to apply heuristics the logs

  • Setup an Auto Scaling group of EC2 syslogd servers, store the logs on S3 use EMR to apply heuristics on the logs

Explicación

Pregunta 3 de 4

1

You require the ability to analyze a customer's clickstream data on a website so they can do behavioral

analysis. Your customer needs to know what sequence of pages and ads their customer clicked on. This data

will be used in real time to modify the page layouts as customers click through the site to increase stickiness

and advertising click-through. Which option meets the requirements for captioning and analyzing this data?

Selecciona una o más de las siguientes respuestas posibles:

  • Log clicks in weblogs by URL store to Amazon S3, and then analyze with Elastic MapReduce

  • Push web clicks by session to Amazon Kinesis and analyze behavior using Kinesis workers

  • Write click events directly to Amazon Redshift and then analyze with SQL

  • Publish web clicks by session to an Amazon SQS queue men periodically drain these events to Amazon

    RDS and analyze

Explicación

Pregunta 4 de 4

1

You are designing a connectivity solution between on-premises infrastructure and Amazon VPC Your server’s

on-premises will De communicating with your VPC instances You will De establishing IPSec tunnels over the

internet You will be using VPN gateways and terminating the IPsec tunnels on AWS-supported customer

gateways.

Which of the following objectives would you achieve by implementing an IPSec tunnel as outlined above?

(Choose 4 answers)

Selecciona una o más de las siguientes respuestas posibles:

  • End-to-end protection of data in transit

  • End-to-end Identity authentication

  • Data encryption across the Internet

  • Protection of data in transit over the Internet

  • Peer identity authentication between VPN gateway and customer gateway

  • Data integrity protection across the Internet

Explicación

Anterior
Siguiente