Your company has confidential documents stored in the simple storage service. Due to compliance requirements, you have to ensure that the data in the S3 bucket is available in a different geographical location.
As an architect what is the change you would make to comply with this requirement.
Please select:

• A.Apply Multi-AZ for the underlying 53 bucket
• B.Copy the data to an EBS Volume in another Region
• C.Create a snapshot of the S3 bucket and copy it to another region
• D.Enable Cross region replication for the S3 bucket

Comment: *

Name: *

Email: *

Verification: *

Your company has a set of resources defined in the AWS Cloud. Their IT audit department has requested to get a list of resources that have been defined across the account. How can this be achieved in the easiest manner?
Please select:

• A.Create a powershell script using the AWS CLI. Query for all resources with the tag of production.
• B.Create a bash shell script with the AWS CLI. Query for all resources in all regions. Store the results in an S3 bucket.
• C.Use Cloud Trail to get the list of all resources
• D.Use AWS Config to get the list of all resources

Correct Answer: D

The most feasible option is to use AWS Config. When you turn on AWS Config, you will get a list of resources defined in your AWS Account.
A sample snapshot of the resources dashboard in AWS Config is shown below

Option A is incorrect because this would give the list of production based resources and now all resources
Option B is partially correct But this will just add more maintenance overhead.
Option C is incorrect because this can be used to log API activities but not give an account of all resou
For more information on AWS Config, please visit the below URL:
https://docs.aws.amazon.com/config/latest/developereuide/how-does-confie-work.html
The correct answer is: Use AWS Config to get the list of all resources
Submit your Feedback/Queries to our Experts

Comment: *

Name: *

Email: *

Verification: *

A pharmaceutical company has digitized versions of historical prescriptions stored on premises. The company would like to move these prescriptions to AWS and perform analytics on the data in them. Any operation with this data requires that the data be encrypted in transit and at rest.
Which application flow would meet the data protection requirements on AWS?

• A.Digitized files -> Amazon Kinesis Data Firehose -> Amazon S3 -> Amazon Athena
• B.Digitized files -> Amazon Kinesis Data Streams -> Kinesis Client Library consumer -> Amazon S3 -> Athena
• C.Digitized files -> Amazon Kinesis Data Firehose -> Amazon Elasticsearch
• D.Digitized files -> Amazon Kinesis Data Analytics

Comment: *

Name: *

Email: *

Verification: *

A global company must mitigate and respond to DDoS attacks at Layers 3, 4 and 7 All of the company's IAM applications are serverless with static content hosted on Amazon S3 using Amazon CloudFront and Amazon Route 53 Which solution will meet these requirements?

• A.Use IAM WAF to protect IAM Lambda functions encrypted with IAM KMS and a NACL restricting all Ingress traffic
• B.Use IAM WAF with an upgrade to the IAM Business support plan
• C.Use IAM Certificate Manager with an Application Load Balancer configured with an origin access identity
• D.Use IAM Shield Advanced

Comment: *

Name: *

Email: *

Verification: *

A company has a large set of keys defined in AWS KMS. Their developers frequently use the keys for the applications being developed. What is one of the ways that can be used to reduce the cost of accessing the keys in the AWS KMS service.
Please select:

• A.Enable rotation of the keys
• B.Use Data key caching
• C.Create an alias of the key
• D.Use the right key policy

Comment: *

Name: *

Email: *

Verification: *