Questão 1
Questão
A customer is using AWS for Dev and Test. The customer wants to setup the Dev environment with Cloudformation.
Which of the below mentioned steps are not required while using Cloudformation?
Questão 2
Questão
A user has created an S3 bucket which is not publicly accessible. The bucket is having thirty objects which are also
private. If the user wants to make the objects public, how can he configure this with minimal efforts?
Responda
-
The user should select all objects from the console and apply a single policy to mark them public
-
The user can write a program which programmatically makes all objects public using S3 SDK
-
Set the AWS bucket policy which marks all objects as public
-
Make the bucket ACL as public so it will also mark all objects as public
Questão 3
Questão
A user has launched two EBS backed EC2 instances in the US-East-1a region. The user wants to change the zone of one of the instances. How can the user change it?
Responda
-
Stop one of the instances and change the availability zone
-
The zone can only be modified using the AWS CLI
-
From the AWS EC2 console, select the Actions – > Change zones and specify new zone
-
Create an AMI of the running instance and launch the instance in a separate AZ
Questão 4
Questão
A user has configured an Auto Scaling group with ELB. The user has enabled detailed CloudWatch monitoring on Elastic
Load balancing. Which of the below mentioned statements will help the user understand this functionality better?
Responda
-
ELB sends data to CloudWatch every minute only and does not charge the user
-
ELB will send data every minute and will charge the user extra
-
ELB is not supported by CloudWatch
-
It is not possible to setup detailed monitoring for ELB
Questão 5
Questão
A user has configured the Auto Scaling group with the minimum capacity as 3 and the maximum capacity as 5. When the user configures the AS group, how many instances will Auto Scaling launch?
Questão 6
Questão
A user is running one instance for only 3 hours every day. The user wants to save some cost with the instance. Which of the below mentioned Reserved Instance categories is advised in this case?
Responda
-
The user should not use RI; instead only go with the on-demand pricing
-
The user should use the AWS high utilized RI
-
The user should use the AWS medium utilized RI
-
The user should use the AWS low utilized RI
Questão 7
Questão
A root account owner has created an S3 bucket testmycloud. The account owner wants to allow everyone to upload the objects as well as enforce that the person who uploaded the object should manage the permission of those objects.
Which is the easiest way to achieve this?
Responda
-
The root account owner should create a bucket policy which allows the IAM users to upload the object
-
The root account owner should create the bucket policy which allows the other account owners to set the object policy of that bucket
-
The root account should use ACL with the bucket to allow everyone to upload the object
-
The root account should create the IAM users and provide them the permission to upload content to the bucket
Questão 8
Questão
A user has configured ELB with three instances. The user wants to achieve High Availability as well as redundancy with ELB. Which of the below mentioned AWS services helps the user achieve this for ELB?
Responda
-
Route 53
-
AWS Mechanical Turk
-
Auto Scaling
-
AWS EMR
Questão 9
Questão
A user has setup a CloudWatch alarm on an EC2 action when the CPU utilization is above 75%. The alarm sends a notification to SNS on the alarm state. If the user wants to simulate the alarm action how can he achieve this?
Responda
-
The user can set the alarm state to `Alarm’ using CLI
-
Run the SNS action manually
-
From the AWS console change the state to `Alarm’
-
Run activities on the CPU such that its utilization reaches above 75%
Questão 10
Questão
A user is planning to evaluate AWS for their internal use. The user does not want to incur any charge on his account during the evaluation. Which of the below mentioned AWS services would incur a charge if used?
Responda
-
AWS S3 with 1 GB of storage
-
AWS micro instance running 24 hours daily
-
AWS ELB running 24 hours a day
-
AWS PIOPS volume of 10 GB size
Questão 11
Questão
A user is trying to save some cost on the AWS services. Which of the below mentioned options will not help him save cost?
Responda
-
Delete the unutilized EBS volumes once the instance is terminated
-
Delete the AutoScaling launch configuration after the instances are terminated
-
Release the elastic IP if not required once the instance is terminated
-
Delete the AWS ELB after the instances are terminated
Questão 12
Questão
A user has created a VPC with CIDR 20.0.0.0/16 with only a private subnet and VPN connection using the VPC wizard.
The user wants to connect to the instance in a private subnet over SSH. How should the user define the security rule for
SSH?
Responda
-
Allow Inbound traffic on port 22 from the user’s network
-
The user has to create an instance in EC2 Classic with an elastic IP and configure the security group of a private subnet to allow SSH from that elastic IP
-
The user can connect to a instance in a private subnet using the NAT instance
-
Allow Inbound traffic on port 80 and 22 to allow the user to connect to a private subnet over the Internet
Questão 13
Questão
You are using ElastiCache Memcached to store session state and cache database queries in your infrastructure. You
notice in Cloud Watch that Evictions and GetMisses are Doth very high. What two actions could you take to rectify this?
(Choose two.)
Responda
-
Increase the number of nodes in your cluster
-
Tweak the max-item-size parameter
-
Shrink the number of nodes in your cluster
-
Increase the size of the nodes in the duster
Questão 14
Questão
Which statement best describes ElastiCache?
Responda
-
Reduces the latency by splitting the workload across multiple AZs
-
A simple web services interface to create and store multiple data sets, query your data easily, and return the results
-
Offload the read traffic from your database in order to reduce latency caused by read-heavy workload
-
Managed service that makes it easy to set up, operate and scale a relational database in the cloud
Questão 15
Questão
A user has received a message from the support team that an issue occurred 1 week back between 3 AM to 4 AM and
the EC2 server was not reachable. The user is checking the CloudWatch metrics of that instance. How can the user find
the data easily using the CloudWatch console?
Responda
-
The user can find the data by giving the exact values in the time Tab under CloudWatch metrics.
-
The user can find the data by filtering values of the last 1 week for a 1 hour period in the Relative tab under CloudWatch metrics.
-
It is not possible to find the exact time from the console. The user has to use CLI to provide the specific time.
-
The user can find the data by giving the exact values in the Absolute tab under CloudWatch metrics.
Questão 16
Questão
George has shared an EC2 AMI created in the US East region from his AWS account with Stefano. George copies the same AMI to the US West region. Can Stefano access the copied AMI of George’s account from the US West region?
Responda
-
No, copy AMI does not copy the permission
-
It is not possible to share the AMI with a specific account
-
Yes, since copy AMI copies all private account sharing permissions
-
Yes, since copy AMI copies all the permissions attached with the AMI
Questão 17
Questão
A user has launched a large EBS backed EC2 instance in the US-East-1a region. The user wants to achieve Disaster Recovery (DR) for that instance by creating another small instance in Europe. How can the user achieve DR?
Responda
-
Copy the running instance using the “Instance Copy” command to the EU region
-
Create an AMI of the instance and copy the AMI to the EU region. Then launch the instance from the EU AMI
-
Copy the instance from the US East region to the EU region
-
Use the “Launch more like this” option to copy the instance from one region to another
Questão 18
Questão
A user has configured an Auto Scaling group with ELB. The user has enabled detailed CloudWatch monitoring on Auto
Scaling. Which of the below mentioned statements will help the user understand the functionality better?
Responda
-
It is not possible to setup detailed monitoring for Auto Scaling
-
In this case, Auto Scaling will send data every minute and will charge the user extra
-
Detailed monitoring will send data every minute without additional charges
-
Auto Scaling sends data every minute only and does not charge the user
Questão 19
Questão
A user is trying to setup a recurring Auto Scaling process. The user has setup one process to scale up every day at 8 am
and scale down at 7 PM. The user is trying to setup another recurring process which scales up on the 1st of every month
at 8 AM and scales down the same day at 7 PM. What will Auto Scaling do in this scenario?
Responda
-
Auto Scaling will execute both processes but will add just one instance on the 1st
-
Auto Scaling will add two instances on the 1st of the month
-
Auto Scaling will schedule both the processes but execute only one process randomly
-
Auto Scaling will throw an error since there is a conflict in the schedule of two separate Auto Scaling Processes
Questão 20
Questão
A user has created an ELB with three instances. How many security groups will ELB create by default?
Questão 21
Questão
A user has setup an RDS DB with Oracle. The user wants to get notifications when someone modifies the security group
of that DB. How can the user configure that?
Responda
-
It is not possible to get the notifications on a change in the security group
-
Configure SNS to monitor security group changes
-
Configure event notification on the DB security group
-
Configure the CloudWatch alarm on the DB for a change in the security group
Questão 22
Questão
You are managing the AWS account of a big organization. The organization has more than 1000+ employees and they want to provide access to the various services to most of the employees. Which of the below mentioned options is the best possible solution in this case?
Responda
-
The user should create a separate IAM user for each employee and provide access to them as per the policy
-
The user should create an IAM role and attach STS with the role. The user should attach that role to the EC2 instance and setup AWS authentication on that server
-
The user should create IAM groups as per the organization’s departments and add each user to the group for better access control
-
Attach an IAM role with the organization’s authentication service to authorize each user for various AWS services
Questão 23
Questão
A user has launched an EC2 instance. The user is planning to setup the CloudWatch alarm. Which of the below mentioned actions is not supported by the CloudWatch alarm?
Questão 24
Questão
A user has configured a VPC with a new subnet. The user has created a security group. The user wants to configure that
instances of the same subnet communicate with each other. How can the user configure this with the security group?
Responda
-
There is no need for a security group modification as all the instances can communicate with each other inside the same subnet
-
Configure the subnet as the source in the security group and allow traffic on all the protocols and ports
-
Configure the security group itself as the source and allow traffic on all the protocols and ports
-
The user has to use VPC peering to configure this
Questão 25
Questão
A sys admin is maintaining an application on AWS. The application is installed on EC2 and user has configured ELB and
Auto Scaling. Considering future load increase, the user is planning to launch new servers proactively so that they get
registered with ELB. How can the user add these instances with Auto Scaling?
Responda
-
Increase the desired capacity of the Auto Scaling group
-
Increase the maximum limit of the Auto Scaling group
-
Launch an instance manually and register it with ELB on the fly
-
Decrease the minimum limit of the Auto Scaling grou
Questão 26
Questão
An organization has added 3 of his AWS accounts to consolidated billing. One of the AWS accounts has purchased a
Reserved Instance (RI) of a small instance size in the US-East-1a zone. All other AWS accounts are running instances
of a small size in the same zone. What will happen in this case for the RI pricing?
Responda
-
Only the account that has purchased the RI will get the advantage of RI pricing
-
One instance of a small size and running in the US-East-1a zone of each AWS account will get the benefit of RI pricing
-
Any single instance from all the three accounts can get the benefit of AWS RI pricing if they are running in the same zone and are of the same size
-
If there are more than one instances of a small size running across multiple accounts in the same zone no one will get the benefit of RI
Questão 27
Questão
A user has launched 10 instances from the same AMI ID using Auto Scaling. The user is trying to see the average CPU
utilization across all instances of the last 2 weeks under the CloudWatch console. How can the user achieve this?
Responda
-
View the Auto Scaling CPU metrics
-
Aggregate the data over the instance AMI ID
-
The user has to use the CloudWatchanalyser to find the average data across instances
-
It is not possible to see the average CPU utilization of the same AMI ID since the instance ID is different
Questão 28
Questão
An application is generating a log file every 5 minutes. The log file is not critical but may be required only for verification
in case of some major issue. The file should be accessible over the internet whenever required. Which of the below
mentioned options is a best possible storage solution for it?
Responda
-
AWS S3
-
AWS Glacier
-
AWS RDS
-
AWS RRS
Questão 29
Questão
A user has created a VPC with CIDR 20.0.0.0/16. The user has created public and VPN only subnets along with hardware
VPN access to connect to the user’s datacenter. The user wants to make so that all traffic coming to the public subnet
follows the organization’s proxy policy. How can the user make this happen?
Responda
-
Setting up a NAT with the proxy protocol and configure that the public subnet receives traffic from NAT
-
Settin up a proxy policy in the internet gateway connected with the public subnet
-
It is not possible to setup the proxy policy for a public subnet
-
Setting the route table and security group of the public subnet which receives traffic from a virtual private gateway
Questão 30
Questão
A user has enabled the Multi AZ feature with the MS SQL RDS database server. Which of the below mentioned
statements will help the user understand the Multi AZ feature better?
Responda
-
In a Multi AZ, AWS runs two DBs in parallel and copies the data asynchronously to the replica copy
-
In a Multi AZ, AWS runs two DBs in parallel and copies the data synchronously to the replica copy
-
In a Multi AZ, AWS runs just one DB but copies the data synchronously to the standby replica copy
-
AWS MS SQL does not support the Multi AZ feature
Questão 31
Questão
A user has created an ELB with Auto Scaling. Which of the below mentioned offerings from ELB helps the user to stop
sending new requests traffic from the load balancer to the EC2 instance when the instance is being deregistered while
continuing in-flight requests?
Questão 32
Questão
A user has developed an application which is required to send the data to a NoSQL database. The user wants to decouple
the data sending such that the application keeps processing and sending data but does not wait for an acknowledgement
of DB. Which of the below mentioned applications helps in this scenario?
Questão 33
Questão
A user has a refrigerator plant. The user is measuring the temperature of the plant every 15 minutes. If the user wants to
send the data to CloudWatch to view the data visually, which of the below mentioned statements is true with respect to
the information given above?
Responda
-
The user needs to use AWS CLI or API to upload the data
-
The user can use the AWS Import Export facility to import data to CloudWatch
-
The user will upload data from the AWS console
-
The user cannot upload data to CloudWatch since it is not an AWS service metric
Questão 34
Questão
A user has launched an ELB which has 5 instances registered with it. The user deletes the ELB by mistake. What will
happen to the instances?
Responda
-
ELB will ask the user whether to delete the instances or not
-
Instances will be terminated
-
ELB cannot be deleted if it has running instances registered with it
-
Instances will keep running
Questão 35
Questão
An organization has created 50 IAM users. The organization has introduced a new policy which will change the access
of an IAM user. How can the organization implement this effectively so that there is no need to apply the policy at the
individual user level?
Responda
-
Use the IAM groups and add users as per their role to different groups and apply policy to group
-
The user can create a policy and apply it to multiple users in a single go with the AWS CLI
-
Add each user to the IAM role as per their organization role to achieve effective policy setupAdd each user to the IAM role as per their organization role to achieve effective policy setup
-
Use the IAM role and implement access at the role level
Questão 36
Questão
A user is publishing custom metrics to CloudWatch. Which of the below mentioned statements will help the user
understand the functionality better?
Responda
-
The user can use the CloudWatch Import tool
-
The user should be able to see the data in the console after around 15 minutes
-
If the user is uploading the custom data, the user must supply the namespace, timezone, and metric name as part of the command
-
The user can view as well as upload data using the console, CLI and APIs
Questão 37
Questão
A user has setup a web application on EC2. The user is generating a log of the application performance at every second.
There are multiple entries for each second. If the user wants to send that data to CloudWatch every minute, what should
he do?
Responda
-
The user should send only the data of the 60th second as CloudWatch will map the receive data timezone with the sent data timezone
-
It is not possible to send the custom metric to CloudWatch every minute
-
Give CloudWatch the Min, Max, Sum, and SampleCount of a number of every minute
-
Calculate the average of one minute and send the data to CloudWatch
Questão 38
Questão
A user has created a queue named “myqueue” in US-East region with AWS SQS. The user’s AWS account ID is
123456789012. If the user wants to perform some action on this queue, which of the below Queue URL should he use?
Responda
-
http://sqs.us-east-1.amazonaws.com/123456789012/myqueue
-
http://sqs.amazonaws.com/123456789012/myqueue
-
http://sqs.123456789012.us-east-1.amazonaws.com/myqueue
-
http://123456789012.sqs.us-east-1.amazonaws.com/myqueue
Questão 39
Questão
A user is accessing RDS from an application. The user has enabled the Multi AZ feature with the MS SQL RDS DB.
During a planned outage how will AWS ensure that a switch from DB to a standby replica will not affect access to the
application?
Responda
-
RDS will have an internal IP which will redirect all requests to the new DB
-
RDS uses DNS to switch over to stand by replica for seamless transition
-
The switch over changes Hardware so RDS does not need to worry about access
-
RDS will have both the DBs running independently and the user has to manually switch over
Questão 40
Questão
A user is planning to use AWS Cloudformation. Which of the below mentioned functionalities does not help him to correctly understand Cloudfromation?
Responda
-
Cloudformation follows the DevOps model for the creation of Dev & Test.
-
AWS Cloudfromation does not charge the user for its service but only charges for the AWS resources created with it.
-
Cloudformation works with a wide variety of AWS services, such as EC2, EBS, VPC, IAM, S3, RDS, ELB, etc.
-
CloudFormation provides a set of application bootstrapping scripts which enables the user to install Software.
Questão 41
Questão
You are tasked with the migration of a highly trafficked Node JS application to AWS. In order to comply with organizational standards Chef recipes must be used to configure the application servers that host this application and to support application lifecycle events. Which deployment option meets these requirements while minimizing administrative burden?
Responda
-
Create a new stack within Opsworks add the appropriate layers to the stack and deploy the application.
-
Create a new application within Elastic Beanstalk and deploy this application to a new environment.
-
Launch a Mode JS server from a community AMI and manually deploy the application to the launched EC2 instance.
-
Launch and configure Chef Server on an EC2 instance and leverage the AWS CLI to launch application servers and configure those instances using Chef.
Questão 42
Questão
Which of the following statements about this S3 bucket policy is true?
Responda
-
Denies the server with the IP address 192 168 100 0 full access to the “mybucket” bucket
-
Denies the server with the IP address 192 168 100 188 full access to the “mybucket” bucket
-
Grants all the servers within the 192 168 100 0/24 subnet full access to the “mybucket” bucket
-
Grants all the servers within the 192 168 100 188/32 subnet full access to the “mybucket” bucket
Questão 43
Questão
Which two AWS services provide out-of-the-box user configurable automatic backup-as-a-service and backup rotation options? (Choose two.)
Responda
-
Amazon S3
-
Amazon RDS
-
Amazon EBS
-
Amazon Red shift
Questão 44
Questão
What would happen to an RDS (Relational Database Service) multi-Availability Zone deployment of the primary DB instance fails?
Responda
-
The IP of the primary DB instance is switched to the standby OB instance
-
The RDS (Relational Database Service) DB instance reboots
-
A new DB instance is created in the standby availability zone
-
The canonical name record (CNAME) is changed from primary to standby
Questão 45
Questão
You use S3 to store critical data for your company Several users within your group currently have lull permissions to your S3 buckets You need to come up with a solution mat does not impact your users and also protect against the accidental deletion of objects. Which two options will address this issue? (Choose two.)
Responda
-
Enable versioning on your S3 Buckets
-
Configure your S3 Buckets with MFA delete
-
Create a Bucket policy and only allow read only permissions to all users at the bucket level
-
Enable object life cycle policies and configure the data older than 3 months to be archived in Glacier
Questão 46
Questão
An application that you are managing has EC2 instances & Dynamo DB tables deployed to several AWS Regions. In order to monitor the performance of the application globally, you would like to see two graphs:
1.) Avg CPU Utilization across all EC2 instances
2.) Number of Throttled Requests for all DynamoDB tables
How can you accomplish this?
Responda
-
Tag your resources with the application name, and select the tag name as the dimension in the Cloudwatch Management console to
view the respective graphs.
-
Use the Cloud Watch CLI tools to pull the respective metrics from each regional .endpointAggregate the data offline & store it for graphing in CloudWatch.
-
Add SNMP traps to each instance and DynamoDB table.
Leverage a central monitoring server to capture data from each instance and table.
Put the aggregate data into Cloud Watch for graphing.
-
When configuring the agent set the appropriate application name & view the graphs in CloudWatch.
Questão 47
Questão
You are attempting to connect to an instance in Amazon VPC without success. You have already verified that the VPC has an Internet Gateway (IGW) the instance has an associated Elastic IP (EIP) and correct security group rules are in place. Which VPC component should you evaluate next?
Responda
-
The configuration of a MAT instance
-
The configuration of the Routing Table
-
The configuration of the internet Gateway (IGW)
-
The configuration of SRC’DST checking
Questão 48
Questão
Which of the following requires a custom CloudWatch metric to monitor?
Responda
-
Data transfer of an EC2 instance
-
Disk usage activity of an EC2 instance
-
Memory Utilization of an EC2 instance
-
CPU Utilization of an EC2mstance
Questão 49
Questão
A customer has a web application that uses cookie Based sessions to track logged in users It Is deployed on AWS using
ELB and Auto Scaling. The customer observes that when load increases. Auto Scaling launches new Instances but the
load on the easting Instances does not decrease, causing all existing users to have a sluggish experience. Which two
answer choices independently describe a behavior that could be the cause of the sluggish user experience? (Choose
two.)
Responda
-
ELB’s normal behavior sends requests from the same user to the same backend instance.
-
ELB’s behavior when sticky sessions are enabled causes ELB to send requests in the same session to the same backend instance.
-
A faulty browser is not honoring the TTL of the ELB DNS name.
-
The web application uses long polling such as comet or websockets.
Thereby keeping a connection open to a web server for a long time.
Questão 50
Questão
You have been asked to leverage Amazon VPC EC2 and SQS to implement an application that submits and receives
millions of messages per second to a message queue. You want to ensure your application has sufficient bandwidth
between your EC2 instances and SQS. Which option will provide the most scalable solution for communicating between
the application and SQS?
Responda
-
Ensure the application instances are properly configured with an Elastic Load Balancer
-
Ensure the application instances are launched in private subnets with the EBS-optimized option enabled
-
Ensure the application instances are launched in public subnets with the associate-public-IP address=true option enabled
-
Launch application instances in private subnets with an Auto Scaling group and Auto Scaling triggers configured to watch the SQS queue size
Questão 51
Questão
You have been asked to propose a multi-region deployment of a web-facing application where a controlled portion of
your traffic is being processed by an alternate region. Which configuration would achieve that goal?
Responda
-
Route53 record sets with weighted routing policy
-
Route53 record sets with latency based routing policy
-
Auto Scaling with scheduled scaling actions set
-
Elastic Load Balancing with health checks enabled
Questão 52
Questão
An organization’s security policy requires multiple copies of all critical data to be replicated across at least a primary and
backup data center. The organization has decided to store some critical data on Amazon S3. Which option should you
implement to ensure this requirement is met?
Responda
-
Use the S3 copy API to replicate data between two S3 buckets in different regions
-
You do not need to implement anything since S3 data is automatically replicated between regions
-
Use the S3 copy API to replicate data between two S3 buckets in different facilities within an AWS Region
-
You do not need to implement anything since S3 data is automatically replicated between multiple facilities within an AWS Region
Questão 53
Questão
The majority of your Infrastructure is on premises and you have a small footprint on AWS. Your company has decided to
roll out a new application that is heavily dependent on low latency connectivity to LDAP for authentication. Your security
policy requires minimal changes to the company’s existing application user management processes. What option would
you implement to successfully launch this application?
Responda
-
Create a second, independent LOAP server in AWS for your application to use for authentication
-
Establish a VPN connection so your applications can authenticate against your existing on-premises LDAP servers
-
Establish a VPN connection between your data center and AWS create a LDAP replica on AWS and configure your application to use the LDAP replica for authentication
-
Create a second LDAP domain on AWS establish a VPN connection to establish a trust relationship between your new and existing domains and use the new domain for authentication
Questão 54
Questão
When preparing for a compliance assessment of your system built inside of AWS. What are three best-practices for you
to prepare for an audit? (Choose three.)
Responda
-
Gather evidence of your IT operational controls
-
Request and obtain applicable third-party audited AWS compliance reports and certifications
-
Request and obtain a compliance and security tour of an AWS data center for a pre-assessment security review
-
Request and obtain approval from AWS to perform relevant network scans and in-depth penetration tests of your system’s Instances and endpoints
-
Schedule meetings with AWS’s third-party auditors to provide evidence of AWS compliance that maps to your control objectives
Questão 55
Questão
You have set up Individual AWS accounts for each project. You have been asked to make sure your AWS Infrastructure
costs do not exceed the budget set per project for each month. Which of the following approaches can help ensure that
you do not exceed the budget each month?
Responda
-
Consolidate your accounts so you have a single bill for all accounts and projects.
-
Set up auto scaling with CloudWatch alarms using SNS to notify you when you are running too many Instances in a given account.
-
Set up CloudWatch billing alerts for all AWS resources used by each project, with a notification occurring when the amount for each resource tagged to a particular project matches the budget allocated to the project.
-
Set up CloudWatch billing alerts for all AWS resources used by each account, with email notifications when it hits 50%. 80% and 90% of its budgeted monthly spend.
Questão 56
Questão
You are creating an Auto Scaling group whose Instances need to insert a custom metric into CloudWatch. Which method would be the best way to authenticate your CloudWatch PUT request?
Responda
-
Create an IAM role with the Put MetricData permission and modify the Auto Scaling launch configuration to launch instances in that role
-
Create an IAM user with the PutMetricData permission and modify the Auto Scaling launch configuration to inject the userscredentials into the instance User Data
-
Modify the appropriate Cloud Watch metric policies to allow the Put MetricData permission to instances from the Auto Scaling group
-
Create an IAM user with the PutMetricData permission and put the credentials in a private repository and have applications on the server pull the credentials as needed
Questão 57
Questão
Your organization’s security policy requires that all privileged users either use frequently rotated passwords or one-time
access credentials in addition to username/password. Which two of the following options would allow an organization to
enforce this policy for AWS users? (Choose two.)
Responda
-
Configure multi-factor authentication for privileged 1AM users
-
Create IAM users for privileged accounts
-
Implement identity federation between your organization’s Identity provider leveraging the 1AM Security Token Service
-
Enable the IAM single-use password policy option for privileged users
Questão 58
Questão
A user is launching an instance.
He is on the "Tag the instance" screen.
Which of the below mentioned information will not help the user understand the functionality of an AWS tag?
Responda
-
Each tag will have a key and value
-
The user can apply tags to the S3 bucket
-
The maximum value of the tag key length is 64 unicode characters
-
AWS tags are used to find the cost distribution of various resources
Questão 59
Questão
An organization is setting up programmatic billing access for their AWS account.
Which of the below mentioned services is not required or enabled when the organization wants to use programmatic access?
Questão 60
Questão
A user is using the AWS SQS to decouple the services. Which of the below mentioned operations is not supported by SQS?
Responda
-
SendMessageBatch
-
DeleteMessageBatch
-
CreateQueue
-
DeleteMessageQueue