NEW QUESTION 1
What does Amazon RDS stand for?

• A. Regional Data Sewer.
• B. Relational Database Service.
• C. Nothing.
• D. Regional Database Service.

Answer: B

NEW QUESTION 2
Is there any way to own a direct connection to Amazon Web Services'?

• A. You can create an encrypted tunnel to VPC, but you don't own the connection.
• B. Yes, it's called Amazon Dedicated Connection.
• C. No, AWS only allows access from the public Internet.
• D. Yes, it's called Direct Connec

Answer: D

NEW QUESTION 3
Which IAM role do you use to grant AWS Lambda permission to access a DynamoDB Stream?

• A. Dynamic role
• B. Invocation role
• C. Execution role
• D. Event Source role

Answer: C

Explanation: You grant AWS Lambda permission to access a DynamoDB Stream using an IAM role known as the "execution ro|e".
Reference: http://docs.aws.amazon.com/|ambda/latest/dg/intro-permission-model.htm|

NEW QUESTION 4
You have just finshed setting up an advertisement server in which one of the obvious choices for a service was Amazon Elastic Map Reduce( EMR) and are now troubleshooting some weird cluster states that you are seeing. Which of the below is not an Amazon EMR cluster state?

• A. STARTING
• B. STOPPED
• C. RUNNING
• D. WAITING

Answer: B

Explanation: Amazon Elastic Map Reduce (EMR) is a web service that enables businesses, researchers, data analysts, and developers to easily and cost-effectively process vast amounts of data.
Amazon EMR historically referred to an Amazon EMR cluster (and all processing steps assigned to it) as a "c|uster". Every cluster has a unique identifier that starts with "j-".
The different cluster states of an Amazon EMR cluster are listed below. STARTING — The cluster provisions, starts, and configures EC2 instances. BOOTSTRAPPING — Bootstrap actions are being executed on the cluster. RUNNING — A step for the cluster is currently being run.
WAITING — The cluster is currently active, but has no steps to run. TERMINATING - The cluster is in the process of shutting down. TERMINATED - The cluster was shut down without error. TERMINATED_W|TH_ERRORS - The cluster was shut down with errors.
Reference: https://aws.amazon.com/elasticmapreduce/faqs/

NEW QUESTION 5
Can I test my DB Instance against a new version before upgrading?

• A. Only in VPC
• B. No
• C. Yes

Answer: C

NEW QUESTION 6
What is an isolated database environment running in the cloud (Amazon RDS) called?

• A. DB Instance
• B. DB Unit
• C. DB Sen/er
• D. DB Volume

Answer: A

NEW QUESTION 7
You would like to create a mirror image of your production environment in another region for disaster recovery purposes. Which of the following AWS resources do not need to be recreated in the second region? (Choose 2 answers)

• A. Route 53 Record Sets
• B. IM Roles
• C. Elastic IP Addresses (EIP)
• D. EC2 Key Pairs
• E. Launch configurations
• F. Security Groups

Answer: AC

Explanation: Reference:
http://tech.com/wp-content/themes/optimize/download/AWSDisaster_Recovery.pdf (page 6)

NEW QUESTION 8
After setting up several database instances in Amazon Relational Database Service (Amazon RDS) you decide that you need to track the performance and health of your databases. How can you do this?

• A. Subscribe to Amazon RDS events to be notified when changes occur with a DB instance, DB snapshot, DB parameter group, or DB security group.
• B. Use the free Amazon CIoudWatch service to monitor the performance and health of a DB instance.
• C. All of the items listed will track the performance and health of a database.
• D. View, download, or watch database log files using the Amazon RDS console or Amazon RDS API
• E. You can also query some database log files that are loaded into database tables.

Answer: C

Explanation: Amazon Relational Database Service (Amazon RDS) is a web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizeable capacity for an industry-standard relational database and manages common database administration tasks.
There are several ways you can track the performance and health of a database or a DB instance. You can:
Use the free Amazon CIoudWatch service to monitor the performance and health of a DB instance. Subscribe to Amazon RDS events to be notified when changes occur with a DB instance, DB snapshot, DB parameter group, or DB security group.
View, download, or watch database log files using the Amazon RDS console or Amazon RDS APIs. You can also query some database log files that are loaded into database tables.
Use the AWS CIoudTraiI service to record AWS calls made by your AWS account. The calls are recorded in log files and stored in an Amazon S3 bucket.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Monitoring.htmI

NEW QUESTION 9
You have just set up yourfirst Elastic Load Balancer (ELB) but it does not seem to be configured properly. You discover that before you start using ELB, you have to configure the listeners for your load balancer. Which protocols does ELB use to support the load balancing of applications?

• A. HTTP and HTTPS
• B. HTTP, HTTPS , TCP, SSL and SSH
• C. HTTP, HTTPS , TCP, and SSL
• D. HTTP, HTTPS , TCP, SSL and SFTP

Answer: C

Explanation: Before you start using Elastic Load BaIancing(ELB), you have to configure the listeners for your load balancer. A listener is a process that listens for connection requests. It is configured with a protocol and a port number for front-end (client to load balancer) and back-end (load balancer to back-end instance) connections.
Elastic Load Balancing supports the load balancing of applications using HTTP, HTTPS (secure HTTP), TCP, and SSL (secure TCP) protocols. The HTTPS uses the SSL protocol to establish secure connections over the HTTP layer. You can also use SSL protocol to establish secure connections over the TCP layer.
The acceptable ports for both HTTPS/SSL and HTTP/TCP connections are 25, 80, 443, 465, 587, and
1024-65535.
Reference:
http://docs.aws.amazon.com/E|asticLoadBaIancing/latest/DeveIoperGuide/elb-listener-config.htmI

NEW QUESTION 10
An EC2 instance is connected to an ENI (Elastic Network Interface) in one subnet. What happens when you attach an ENI of a different subnet to this EC2 instance?

• A. The EC2 instance follows the rules of the older subnet
• B. The EC2 instance follows the rules of both the subnets
• C. Not possible, cannot be connected to 2 ENIs
• D. The EC2 instance follows the rules of the newer subnet

Answer: B

Explanation: AWS allows you create an elastic network interface (ENI), attach an ENI to an EC2 instance, detach an ENI from an EC2 instance and attach this ENI to another EC2 instance. The attributes of a network traffic follow the ENI which is attached to an EC2 instance or detached from an EC2 instance. When you move an ENI from one EC2 instance to another, network traffic is redirected to the new EC2 instance. You can create and attach additional ENIs to an EC2 instance.
Attaching multiple network interfaces (ENIs) to an EC2 instance is useful to: Create a management network.
Use network and security appliances in your VPC.
Create dual-homed instances with workloads/roles on distinct subnets Create a low-budget, high-availability solution.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.htm|

NEW QUESTION 11
How can you apply more than 100 rules to an Amazon EC2-Classic?

• A. By adding more security groups
• B. You need to create a default security group specifying your required rules if you need to use more than 100 rules per security group.
• C. By default the Amazon EC2 security groups support 500 rules.
• D. You can't add more than 100 rules to security groups for an Amazon EC2 instanc

Answer: D

Explanation: In EC2-Classic, you can associate an instance with up to 500 security groups and add up to 100 rules to a security group.
Reference: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/using-network-security.htmI

NEW QUESTION 12
After you recommend Amazon Redshift to a client as an alternative solution to paying data warehouses to analyze his data, your client asks you to explain why you are recommending Redshift. Which of the following would be a reasonable response to his request?

• A. It has high performance at scale as data and query complexity grows.
• B. It prevents reporting and analytic processing from interfering with the performance of OLTP workloads.
• C. You don't have the administrative burden of running your own data warehouse and dealing with setup, durability, monitoring, scaling, and patching.
• D. All answers listed are a reasonable response to his QUESTION

Answer: D

Explanation: Amazon Redshift delivers fast query performance by using columnar storage technology to improve I/O efficiency and parallelizing queries across multiple nodes. Redshift uses standard PostgreSQL JDBC and ODBC drivers, allowing you to use a wide range of familiar SQL clients. Data load speed scales linearly with cluster size, with integrations to Amazon S3, Amazon DynamoDB, Amazon Elastic MapReduce,
Amazon Kinesis or any SSH-enabled host.
AWS recommends Amazon Redshift for customers who have a combination of needs, such as: High performance at scale as data and query complexity grows
Desire to prevent reporting and analytic processing from interfering with the performance of OLTP workloads
Large volumes of structured data to persist and query using standard SQL and existing BI tools Desire to the administrative burden of running one's own data warehouse and dealing with setup, durability, monitoring, scaling and patching
Reference: https://aws.amazon.com/running_databases/#redshift_anchor

NEW QUESTION 13
MySQL installations default to port _.

• A. A.3306B.443
• B. 80
• C. 1158

Answer: A

NEW QUESTION 14
SQL Sewer _ store log ins and passwords in the master database.

• A. can be configured to but by default does not
• B. doesn't
• C. does

Answer: C

NEW QUESTION 15
An organization has a statutory requirement to protect the data at rest for the S3 objects. Which of the below mentioned options need not be enabled by the organization to achieve data security?

• A. MFA delete for S3 objects
• B. Client side encryption
• C. Bucket versioning
• D. Data replication

Answer: D

Explanation: AWS S3 provides multiple options to achieve the protection of data at REST. The options include Permission (Policy), Encryption (Client and Server Side), Bucket Versioning and MFA based delete. The user can enable any of these options to achieve data protection. Data replication is an internal facility by AWS where S3 replicates each object across all the Availability Zones and the organization need not
enable it in this case.
Reference: http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf

NEW QUESTION 16
Which one of the following can't be used as an origin server with Amazon CIoudFront?

• A. A web server running in your infrastructure
• B. Amazon S3
• C. Amazon Glacier
• D. A web server running on Amazon EC2 instances

Answer: C

Explanation: Amazon CIoudFront is designed to work with Amazon S3 as your origin server, customers can also use Amazon C|oudFront with origin sewers running on Amazon EC2 instances or with any other custom origin.
Reference: http://docs.aws.amazon.com/AmazonCIoudFront/latest/DeveIoperGuide/distribution-web.html

NEW QUESTION 17
Provisioned IOPS Costs: you are charged for the IOPS and storage whether or not you use them in a given month.

• A. FALSE
• B. TRUE

Answer: B

NEW QUESTION 18
Your company has recently extended its datacenter into a VPC on AVVS to add burst computing capacity as needed Members of your Network Operations Center need to be able to go to the AWS Management Console and administer Amazon EC2 instances as necessary You don't want to create new IAM users for each NOC member and make those users sign in again to the AWS Management Console Which option below will meet the needs for your NOC members?

• A. Use OAuth 2 0 to retrieve temporary AWS security credentials to enable your NOC members to sign in to the AVVS Management Console.
• B. Use web Identity Federation to retrieve AWS temporary security credentials to enable your NOC members to sign in to the AWS Management Console.
• C. Use your on-premises SAML 2.0-compliant identity provider (IOP) to grant the NOC members federated access to the AWS Management Console via the AWS sing Ie sign-on (550) endpoint.
• D. Use your on-premises SAML2.0-comp|iam identity provider (IOP) to retrieve temporary security credentials to enable NOC members to sign in to the AWS Management Console.

Answer: D

NEW QUESTION 19
What is one key difference between an Amazon EBS-backed and an instance-store backed instance?

• A. Amazon EBS-backed instances can be stopped and restarted.
• B. Instance-store backed instances can be stopped and restarted.
• C. Auto scaling requires using Amazon EBS-backed instances.
• D. Virtual Private Cloud requires EBS backed instance

Answer: A

Explanation: Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAIV|is.htmI#storage-for-theroot-devi ce