問題1
A developer is monitoring an application that runs on an Amazon EC2 instance. The developer has configured a custom Amazon CloudWatch metric with d#ta granularity of 1 second. If any issues occur, the developer wants to be notified within 30 seconds by Amazon Simple Notification Service (Amazon SNS).
What should the developer do to meet this requirement?
A developer is monitoring an application that runs on an Amazon EC2 instance. The developer has configured a custom Amazon CloudWatch metric with d#ta granularity of 1 second. If any issues occur, the developer wants to be notified within 30 seconds by Amazon Simple Notification Service (Amazon SNS).
What should the developer do to meet this requirement?
正確答案: D
問題2
An application will ingest data at a very high throughput from many sources and must store the data in an Amazon S3 bucket. Which service would BEST accomplish this task?
An application will ingest data at a very high throughput from many sources and must store the data in an Amazon S3 bucket. Which service would BEST accomplish this task?
正確答案: D
問題3
When uploading an object, what request header can be explicitly specified in a request to Amazon S3 to encrypt object data when saved on the server side?
When uploading an object, what request header can be explicitly specified in a request to Amazon S3 to encrypt object data when saved on the server side?
正確答案: C
說明:(僅 NewDumps 成員可見)
問題4
A developer is storing sensitive data generated by an application in Amazon S3. The developer wants to encrypt the data at rest. A company policy requires an audit trail of when the master key was used and by whom.
Which encryption option will meet these requirements?
A developer is storing sensitive data generated by an application in Amazon S3. The developer wants to encrypt the data at rest. A company policy requires an audit trail of when the master key was used and by whom.
Which encryption option will meet these requirements?
正確答案: B
問題5
How does Envelope Encryption work in AWS KMS?
How does Envelope Encryption work in AWS KMS?
正確答案: A
問題6
A developer has created a new AWS IAM user that has s3 putobject permission to write to a specific Amazon bucket. This S3 bucket uses server-side encryption with AWS KMS managed keys (SEE-KMS) as the encryption. Using the access key and secret key of the IAM user, the application received an access denied error when calling the PutObject API.
How can this issue be resolved?
A developer has created a new AWS IAM user that has s3 putobject permission to write to a specific Amazon bucket. This S3 bucket uses server-side encryption with AWS KMS managed keys (SEE-KMS) as the encryption. Using the access key and secret key of the IAM user, the application received an access denied error when calling the PutObject API.
How can this issue be resolved?
正確答案: C
問題7
A development team is designing a mobile app that requires multi-factor authentication Which steps should be taken to achieve this? (Select TWO)
A development team is designing a mobile app that requires multi-factor authentication Which steps should be taken to achieve this? (Select TWO)
正確答案: C,E
問題8
A developer is migrating to Amazon Cognito from a custom user management solution that stores user information in a database. The developer has created a...... Amazon Cognito user pool. The developer needs to migrate the existing user information to the user pool without forcing users to change their passwords.
Which solution will meet these requirements?
A developer is migrating to Amazon Cognito from a custom user management solution that stores user information in a database. The developer has created a...... Amazon Cognito user pool. The developer needs to migrate the existing user information to the user pool without forcing users to change their passwords.
Which solution will meet these requirements?
正確答案: B
問題9
A customer wants to deploy its source code on an AWS Elastic Beanstalk environment. The customer needs to perform deployment with minimal outage and should only use existing instances to retain application access log.
What deployment policy would satisfy these requirements?
A customer wants to deploy its source code on an AWS Elastic Beanstalk environment. The customer needs to perform deployment with minimal outage and should only use existing instances to retain application access log.
What deployment policy would satisfy these requirements?
正確答案: A
問題10
A company has a web application In an Amazon Elastic Container Service (Amazon ECS) cluster running hundreds of secure services in AWS Fargate containers. The services are in target groups routed by an Application Load Balancer (ALB) Application users log in to the website anonymously, but they must be authenticated using any OpenID Connect protocol-compatible identity provider (IdP) to access the secure services Which authentication approach would meet these requirements with the LEAST amount of effort?
A company has a web application In an Amazon Elastic Container Service (Amazon ECS) cluster running hundreds of secure services in AWS Fargate containers. The services are in target groups routed by an Application Load Balancer (ALB) Application users log in to the website anonymously, but they must be authenticated using any OpenID Connect protocol-compatible identity provider (IdP) to access the secure services Which authentication approach would meet these requirements with the LEAST amount of effort?
正確答案: C
問題11
A company has an online order website that uses Amazon DynamoDB to store item inventory. A sample of the inventory object is as follows:
A developer needs to reduce all inventory prices by 100 as long as the resulting price would not be less than 500. What should the developer do to make this change with the LEAST number of calls to DynamoDB?
A company has an online order website that uses Amazon DynamoDB to store item inventory. A sample of the inventory object is as follows:
A developer needs to reduce all inventory prices by 100 as long as the resulting price would not be less than 500. What should the developer do to make this change with the LEAST number of calls to DynamoDB?
正確答案: C
問題12
A developer is building an application on Amazon EC2 The developer encountered an "Access Denied" error on some of the API calls to AWS services while testing The developer needs to modify permissions that have been already given to the instance How can these requirements be met with minimal changes and minimum downtime?
A developer is building an application on Amazon EC2 The developer encountered an "Access Denied" error on some of the API calls to AWS services while testing The developer needs to modify permissions that have been already given to the instance How can these requirements be met with minimal changes and minimum downtime?
正確答案: B
問題13
A developer is changing the configuration for a CPU-intensive AWS Lambda function that runs once an hour. The function usually takes 45 seconds to run, but sometimes the run time is up to 1 minute. The timeout parameter is set to 3 minutes, and all other parameters are set to default.
The developer needs to optimize the run time of this function.
Which solution will meet this requirement?
A developer is changing the configuration for a CPU-intensive AWS Lambda function that runs once an hour. The function usually takes 45 seconds to run, but sometimes the run time is up to 1 minute. The timeout parameter is set to 3 minutes, and all other parameters are set to default.
The developer needs to optimize the run time of this function.
Which solution will meet this requirement?
正確答案: A