AWS Certified Solutions Architect 01

Description

AWS Certified Solutions Architect
Quỳnh Như
Quiz by Quỳnh Như, updated more than 1 year ago
Quỳnh Như
Created by Quỳnh Như almost 8 years ago
377
7

Resource summary

Question 1

Question
You are designing an intrusion detection prevention (IDS/IPS) solution for a customer web application in a single VPC. You are considering the options for implementing IOS IPS protection for traffic coming from the Internet. Which of the following options would you consider? (Choose 2 answers)
Answer
  • Implement IDS/IPS agents on each Instance running In VPC
  • Configure an instance in each subnet to switch its network interface card to promiscuous mode and analyze network traffic.`
  • Implement Elastic Load Balancing with SSL listeners In front of the web applications
  • Implement a reverse proxy layer in front of web servers and configure IDS/IPS agents on each reverse proxy server.

Question 2

Question
Your customer is willing to consolidate their log streams (access logs application logs security logs etc.) in one single system. Once consolidated, the customer wants to analyze these logs in real time based on heuristics. From time to time, the customer needs to validate heuristics, which requires going back to data samples extracted from the last 12 hours? What is the best approach to meet your customer’s requirements?
Answer
  • Send all the log events to Amazon SQS. Setup an Auto Scaling group of EC2 servers to consume the logs and apply the heuristics.
  • Send all the log events to Amazon Kinesis develop a client process to apply heuristics on the logs
  • Configure Amazon Cloud Trail to receive custom logs, use EMR to apply heuristics the logs
  • Setup an Auto Scaling group of EC2 syslogd servers, store the logs on S3 use EMR to apply heuristics on the logs

Question 3

Question
You require the ability to analyze a customer's clickstream data on a website so they can do behavioral analysis. Your customer needs to know what sequence of pages and ads their customer clicked on. This data will be used in real time to modify the page layouts as customers click through the site to increase stickiness and advertising click-through. Which option meets the requirements for captioning and analyzing this data?
Answer
  • Log clicks in weblogs by URL store to Amazon S3, and then analyze with Elastic MapReduce
  • Push web clicks by session to Amazon Kinesis and analyze behavior using Kinesis workers
  • Write click events directly to Amazon Redshift and then analyze with SQL
  • Publish web clicks by session to an Amazon SQS queue men periodically drain these events to Amazon RDS and analyze

Question 4

Question
You are designing a connectivity solution between on-premises infrastructure and Amazon VPC Your server’s on-premises will De communicating with your VPC instances You will De establishing IPSec tunnels over the internet You will be using VPN gateways and terminating the IPsec tunnels on AWS-supported customer gateways. Which of the following objectives would you achieve by implementing an IPSec tunnel as outlined above? (Choose 4 answers)
Answer
  • End-to-end protection of data in transit
  • End-to-end Identity authentication
  • Data encryption across the Internet
  • Protection of data in transit over the Internet
  • Peer identity authentication between VPN gateway and customer gateway
  • Data integrity protection across the Internet
Show full summary Hide full summary

Similar

Computing Hardware - CPU and Memory
ollietablet123
SFDC App Builder 2
Parker Webb-Mitchell
Data Types
Jacob Sedore
Intake7 BIM L1
Stanley Chia
Software Processes
Nurul Aiman Abdu
Design Patterns
Erica Solum
CCNA Answers – CCNA Exam
Abdul Demir
Abstraction
Shannon Anderson-Rush
Spyware
Sam2
HTTPS explained with Carrier Pigeons
Shannon Anderson-Rush
Data Analytics
anelvr