A Solutions Architect is developing software on AWS that requires access to multiple AWS services, including an Amazon EC2 instance. This is a security sensitive application, and AWS credentials such as Access Key ID and Secret Access Key need to be protected and cannot be exposed anywhere in the system.
What security measure would satisfy these requirements?

• A.Assign an IAM user to the Amazon EC2 instance.
• B.Assign an IAM role to the Amazon EC2 instance.
• C.Store the AWS Access Key ID/Secret Access Key combination in software comments.
• D.Enable multi-factor authentication for the AWS root account.

Comment: *

Name: *

Email: *

Verification: *

A Solutions Architect is designing an Amazon VPC that requires access to a remote API server using IPv6.
Resources within the VPC should not be accessed directly from the
Internet.
How should this be achieved?

• A.Use a NAT gateway and deny public access using security groups
• B.Attach an egress-only internet gateway and update the routing tables
• C.Use a NAT gateway and update the routing tables
• D.Attach an internet gateway and deny public access using security groups

Comment: *

Name: *

Email: *

Verification: *

In regard to DynamoDB, when you create a table with a hash-and-range key.

• A.You must define one or more Local secondary indexes on that table
• B.You must define one or more Global secondary indexes on that table
• C.You can optionally define one or more secondary indexes on that table
• D.You must define one or more secondary indexes on that table

Comment: *

Name: *

Email: *

Verification: *

Regarding Amazon Route 53, if your application is running on Amazon EC2 instances in two or more
Amazon EC2 regions and if you have more than one Amazon EC2 instance in one or more regions, you can use _______ to route traffic to the correct region and then use ________to route traffic to instances within the region, based on probabilities that you specify.

• A.weighted-based routing; alias resource record sets
• B.latency-based routing; weighted resource record sets
• C.weighted-based routing; weighted resource record sets
• D.latency-based routing; alias resource record sets

Comment: *

Name: *

Email: *

Verification: *

A database is on an Amazon RDS MySQL 5.6 Multi-AZ 06 instance that experiences highly dynamic reads.
Application developers notice a significant slowdown when testing read performance from a secondary AWS Region. The developers want a solution that provider less than 1 second of read replication latency What should the solutions architect recommend?

• A.Create another RDS for MySQL read replica m the secondary Region
• B.Migrate the database to Amazon Aurora with cross-Region replicas.
• C.Implement Amazon ElastiCache to improve database query performance
• D.Install MySQL on Amazon EC2 in the secondary Region

Comment: *

Name: *

Email: *

Verification: *