Instant Access Amazon.SAP-C01.v2022-05-10.q102 Actual Practice Test Engine for Free (Page 4)

40%off

SAP-C01 Premium Dumps

Latest SAP-C01 Exam Premium Dumps provide by TrainingQuiz.com to help you Passing SAP-C01 Exam! TrainingQuiz.com offers the updated SAP-C01 exam dumps, the TrainingQuiz.com SAP-C01 exam questions has been updated to correct Answer. Get the latest TrainingQuiz.com SAP-C01 pdf dumps with Exam Engine here:

(320 Q&As Dumps, 40%OFF Special Discount: DumpsDB)

Question 11

You have subscribed to the AWS Business and Enterprise support plan.
Your business has a backlog of problems, and you need about 20 of your IAM users to open technical support cases.
How many users can open technical support cases under the AWS Business and Enterprise support plan?

A.5 users
B.10 users
C.Unlimited
D.1 user

Question 12

A company is in the process of implementing AWS Organizations to constrain its developers to use only Amazon. EC2, and Amazon S3, and Amazon DynamoDB. The developers account resides in a dedicated organizational unit (OU). The Solution Architect has implemented the following SCP on the Developers account:

When this policy is deployed, IAM users in the Developers account are still to use AWS services that are not listed in the policy.
What should the Solution Architect do to eliminate the developers' ability to use services outside the scope of this policy?

A.Create a explicit deny statement for each AWS service that should be constrained.
B.Remove the FullAWSAcess SCP from the Developer account's OU.
C.Add an explicit deny statement using a wildcare in the end of the SCP.
D.Modify the FullAWS SCP to explicitly deny all services

Question 13

A company is adding a new approved external vendor that only supports IPv6 connectivity. The company's backend systems sit in the private subnet of an Amazon VPC. The company uses a NAT gateway to allow these systems to communicate with external vendors over IPv4. Company policy requires systems that communicate with external vendors use a security group that limits access to only approved external vendors. The virtual private cloud (VPC) uses the default network ACL.
The Systems Operator successfully assigns IPv6 addresses to each of the backend systems. The Systems Operator also updates the outbound security group to include the IPv6 CIDR of the external vendor (destination). The systems within the VPC are able to ping one another successfully over IPv6. However, these systems are unable to communicate with the external vendor.
What changes are required to enable communication with the external vendor?

A.Create an IPv6 NAT instance. Add a route for destination 0.0.0.0/0 pointing to the NAT instance.
B.Enable IPv6 on the NAT gateway. Add a route for destination ::/0 pointing to the NAT gateway.
C.Enable IPv6 on the internet gateway. Add a route for destination 0.0.0.0/0 pointing to the IGW.
D.Create an egress-only internet gateway. Add a route for destination ::/0 pointing to the gateway.

Question 14

The following AWS Identity and Access Management (IAM) customer managed policy has been attached to an IAM user:

which statement describes the access that this policy provides to the user?

A.This policy denies access to all Amazon S3 actions, excluding all actions in the prod-data S3 bucket.
B.This policy grants access to all Amazon S3 actions including all actions in the prod-data S3 bucket.
C.This policy denies access to the Amazon S3 bucket and objects not having prod-data in the bucket name.

Question 15

A large company in Europe plans to migrate its applications to the AWS Cloud. The company uses multiple AWS accounts for various business groups. A data privacy law requires the company to restrict developers' access to AWS European Regions only.
What should the solutions architect do to meet this requirement with the LEAST amount of management overhead^

A.Enable AWS Organizations, attach the AWS accounts, and create OUs for European Regions and non-European Regions. Create SCPs to limit access to non-European Regions and attach the policies to the OUs.
B.Set up AWS Single Sign-On and attach AWS accounts. Create permission sets with policies to restrict access to non-European Regions Create 1AM users and 1AM groups in each account.
C.Create IAM users and IAM groups in each account. Create 1AM policies to limit access to non-European Regions Attach the 1AM policies to the 1AM groups
D.Enable AWS Organizations, attach the AWS accounts, and create OUs for European Regions and non-European Regions. Create permission sets with policies to restrict access to non-European Regions. Create 1AM users and 1AM groups in the primary account.