Which of these configuration or deployment practices is a security risk for RDS?

• A.Storing SQL function code in plaintext
• B.Non-Multi-AZ RDS instance
• C.Having RDS and EC2 instances exist in the same subnet
• D.RDS in a public subnet

Comment: *

Name: *

Email: *

Verification: *

There is a requirement for a vendor to have access to an S3 bucket in your account. The vendor already has an AWS account. How can you provide access to the vendor on this bucket.

• A.Create a new 1AM user and grant the relevant access to the vendor on that bucket.
• B.Create a new 1AM group and grant the relevant access to the vendor on that bucket.
• C.Create a cross-account role for the vendor account and grant that role access to the S3 bucket.
• D.Create an S3 bucket policy that allows the vendor to read from the bucket from their AWS account.

Comment: *

Name: *

Email: *

Verification: *

After presenting a working proof of concept for a new application that uses AWS API Gateway, a Developer must set up a team development environment for the project. Due to a tight timeline, the Developer wants to minimize time spent on infrastructure setup, and would like to reuse the code repository created for the proof of concept. Currently, all source code is stored in AWS CodeCommit. Company policy mandates having alpha, beta, and production stages with separate Jenkins servers to build code and run tests for every stage. The Development Manager must have the ability to block code propagation between admins at any time. The Security team wants to make sure that users will not be able to modify the environment without permission. How can this be accomplished?

• A.Create API Gateway alpha, beta, and production stages. Create a CodeCommit trigger to deploy code to the different stages using an AWS Lambda function.
• B.Create Jenkins servers for the alpha, beta, and production stages on Amazon EC2 instances. Create multiple CodeCommit triggers to deploy code to different stages using an AWS Lambda function.
• C.Create an AWS CodePipeline pipeline that pulls code from the CodeCommit repository. Create alpha, beta, and production stages with Jenkins servers on CodePipeline.
• D.Create API Gateway alpha, beta, and production stages. Create an AWS CodePipeline that pulls code from the CodeCommit repository. Create CodePipeline actions to deploy code to the API Gateway stages.

Comment: *

Name: *

Email: *

Verification: *

You're responsible for a popular file sharing application that uses Elastic Load Balancing to distribute traffic to an Amazon EC2 application tier deployed in an Auto Scaling group that runs across multiple Availability Zones.
You currently record the number of user file transfers to a log file on the application server, and then write data points from the logs to an Amazon RDS MySQL instance.
You aren't happy with how your application scales, and want to implement a new scaling policy based on the average number of user file transfers in a 10-minute period instead of average CPU utilization in the last five minutes.
What steps should you take to ensure that your application tier scales based on this new policy?
Choose 2 answers

• A.Create a new CloudWatch alarm based on a custom metric streaming from the Amazon RDS MySQL instance that triggers an Auto Scaling action to scale the application tier.
• B.Create a new Auto Scaling launch configuration that includes an Amazon EC2 user data script that installs a CloudWatch Logs Agent on newly launched instances in the application tier. The agent will be configured to stream the file transfers log tile to CloudWatch.
• C.Create a new Auto Scaling launch configuration for the application tier that scales based on an Auto Scaling policy that reads the file transfer log data from the Amazon RIDS MySQL instance.
• D.Create a new CloudWatch alarm based on the Elastic Load Balancing "RequestCount" metric that triggers an Auto Scaling action to scale the application tier.
• E.Create a new Auto Scaling launch configuration that includes an Amazon EC2 user data script that installs an Amazon RDS Logs Agent on newly launched instances in the application tier. The agent will be configured to stream the file transfer data points to the Auto Scaling group.
• F.Create a new CloudWatch alarm based on a custom metric published from file transfer logs streaming to CloudWatch that triggers an Auto Scaling action to scale the application tier.

Comment: *

Name: *

Email: *

Verification: *

You are planning on using the Amazon RDS facility for Fault tolerance for your application. How does Amazon RDSmuIti Availability Zone model work

• A.A second, standby database is deployed and maintained in a different availability zone from master, using synchronous replication.
• B.A second, standby database is deployed and maintained in a different availability zone from master using asynchronous replication.
• C.A second, standby database is deployed and maintained in a different region from master using asynchronous replication.
• D.A second, standby database is deployed and maintained in a different region from master using synchronous replication.

Correct Answer: A

Explanation
Amazon RDS Multi-AZ deployments provide enhanced availability and durability for Database (DB) Instances, making them a natural fit for production database workloads. When you provision a Multi-AZ DB Instance, Amazon RDS automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). Cach AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable.
In case of an infrastructure failure, Amazon RDS performs an automatic failover to the standby (or to a read replica in the case of Amazon Aurora), so that you can resume database operations as soon as the failover is complete.
The below diagram from the AWS documentation shows how this is configured.

Option B is invalid because the replication is synchronous.
Option C and D are invalid because this is built around AZ and not regions.
For more information on Multi-AZ RDS, please visit the below URL:
* https://aws.amazon.com/rds/details/multi-az/

Comment: *

Name: *

Email: *

Verification: *