A SysOps administrator trust manage the security of An AWS account Recently an IAM users access key was mistakenly uploaded to a public code repository. The SysOps administrator must identity anything that was changed by using this access key.

• A.Search AWS CloudTrail event history tor all events initiated with the compromised access key within the suspected timeframe
• B.Create an Amazon EventBridge (Amazon CloudWatch Events) rule to send all IAM events lo an AWS Lambda function for analysis
• C.Search VPC Flow Logs foe all events initiated with the compromised access key within the suspected Timeframe.
• D.Query Amazon EC2 togs by using Amazon CloudWatch Logs Insights for all events Heated with the compromised access key within the suspected timeframe

Comment: *

Name: *

Email: *

Verification: *

A company has an AWS Cloud Formation template that creates an Amazon S3 bucket. A user authenticates to the corporate AWS account with their Active Directory credentials and attempts to deploy the Cloud Formation template. However, the stack creation fails.
Which factors could cause this failure? (Select TWO.)

• A.The user's IAM policy does not allow the cloudformation:CreateStackSet action.
• B.The user's IAM policy explicitly denies the s3:PutObject action
• C.The user's IAM policy does not allow the cloudformation:CreateStack action.
• D.The user's IAM policy does not allow the s3:CreateBucket action.
• E.The user's IAM policy explicitly denies the s3:ListBucket action.

Comment: *

Name: *

Email: *

Verification: *

A SysOps administrator is creating two AWS CloudFormation templates. The first template will create a VPC with associated resources, such as subnets, route tables, and an internet gateway. The second template will deploy application resources within the VPC that was created by the first template. The second template should refer to the resources created by the first template.
How can this be accomplished with the LEAST amount of administrative effort?

• A.Create a custom resource that queries the stack created by the first template and retrieves the required values.
• B.Input the names of resources in the first template and refer to those names in the second template as a parameter.
• C.Create a mapping in the first template that is referenced by the second template.
• D.Add an export field to the outputs of the first template and import the values in the second template.

Comment: *

Name: *

Email: *

Verification: *

A company's web application is available through an Amazon CloudFront distribution and directly through an internet-facing Application Load Balancer (ALB) A SysOps administrator must make the application accessible only through the CloudFront distribution and not directly through the ALB. The SysOps administrator must make this change without changing the application code Which solution will meet these requirements?

• A.Replace the ALB with a new internal ALB Set the distribution's origin to the internal ALB domain name Add a custom HTTP header to the origin settings for the distribution In the ALB listener add a rule to forward requests that contain the matching custom header and the header's value Add a default rule to return a fixed response code of 403.
• B.Add a custom HTTP header to the origin settings for the distribution in the ALB listener add a rule to forward requests that contain the matching custom header and the header's value Add a default rule to return a fixed response code of 403.
• C.Modify the ALB type to internal Set the distribution's origin to the internal ALB domain name
• D.Create a Lambda@Edge function Configure the function to compare a custom header value in the request with a stored password and to forward the request to the origin in case of a match Associate the function with the distribution.

Comment: *

Name: *

Email: *

Verification: *

A company has a memory-intensive application that runs on a fleet of Amazon EC2 instances behind an Elastic Load Balancer (ELB). The instances run in an Auto Scaling group. A Sysops administrator must ensure that the application can scale based on the number of users that connect to the application.
Which solution will meet these requirements?

• A.Create a scaling policy that will scale the application based on the ActiveConnectionCount Amazon CloudWatch metric that is generated from the ELB.
• B.Create a scaling policy that will scale the application based on the mem used Amazon CloudWatch metric that is generated from the ELB.
• C.Create a scheduled scaling policy to increase the number of EC2 instances in the Auto Scaling group to support additional connections.
• D.Create and deploy a script on the ELB to expose the number of connected users as a custom Amazon CloudWatch metric. Create a scaling policy that uses the metric.

Comment: *

Name: *

Email: *

Verification: *