A company requires that all IAM user accounts that have not been used for 90 days or more must have their access keys and passwords immediately disabled.A SysOps administrator must automate the process of disabling unused keys using the MOST operationally efficient method.How should the SysOps administrator implement this solution?Read More →
A company is running multiple applications on Amazon EC2.Each application is deployed and managed by multiple business units.All applications are deployed on a single AWS account but on different virtual private clouds (VPCs).The company uses a separate VPC in the same account for test and development purposes.Production applications suffered multiple outages when users accidentally terminated and modified resources that belonged to another business unit.A SolutionsArchitect has been asked to improve the availability of the company applications while allowing the Developers access to the resources they need.Which option meets the requirements with the LEAST disruption?Read More →
A company is migrating one of its legacy systems from an on-premises data center to AWS.The application server will run on AWS, but the database must remain in the on-premises data center for compliance reasons.The database is sensitive to network latency.Additionally, the data that travels between the on-premises data center and AWS must have IPsec encryption.Which combination of AWS solutions will meet these requirements? (Choose two.)Read More →
A developer deploys an ecommerce application on Amazon EC2 instances behind an Application Load Balancer (ALB).The instances run in an Amazon EC2 Auto Scaling group.The EC2 instances are based on an Amazon Machine Image (AMI) that uses an Amazon Elastic Block Store (Amazon EBS) root volume.After deployment, the developer notices that a third of the instances seem to be idle.These instances are not receiving requests from the load balancer.The developer verifies that all the instances are registered with the load balancer.The developer must implement a solution to allow the EC2 instances to receive requests from the load balancer.Which action will meet this requirement?Read More →
A user has created a VPC with public and private subnets.The VPC has CIDR 20.0.0.0/16.The private subnet uses CIDR 20.0.1.0/24 and the public subnet usesCIDR 20.0.0.0/24.The user is planning to host a web server in the public subnet (port 80.and a DB server in the private subnet (port 3306).The user is configuring a security group of the NAT instance.Which of the below mentioned entries is not required for the NAT security group?Read More →
A data scientist is building a new model for an ecommerce company.The model will predict how many minutes it will take to deliver a package.During model training, the data scientist needs to evaluate model performance.Which metrics should the data scientist use to meet this requirement? (Choose two.)Read More →
A company has a serverless website with millions of objects in an Amazon S3 bucket.The company uses the S3 bucket as the origin for an Amazon CloudFront distribution.The company did not set encryption on the S3 bucket before the objects were loaded.A solutions architect needs to enable encryption for all existing objects and for all objects that are added to the S3 bucket in the future.Which solution will meet these requirements with the LEAST amount of effort?Read More →
An ecommerce company uses an Amazon Aurora MySQL DB cluster to process payments.The company’s database specialist notices that Aurora performs database maintenance actions periodically.The database specialist is concerned because the upcoming maintenance window conflicts with a company sales event.What should the database specialist do to address this concern with the LEAST operational effort?Read More →
A company has migrated its container-based applications to Amazon EKS and want to establish automated email notifications.The notifications sent to each email address are for specific activities related to EKS components.The solution will include Amazon SNS topics and an AWS Lambda function to evaluate incoming log events and publish messages to the correct SNS topic.Which logging solution will support these requirements?Read More →
A company has an existing public web application for www.example.com.The Application Load Balancer (ALB) is configured with a single HTTP 80 listener.A SysOps administrator must ensure that all web requests to www.example.com are encrypted between the client and the ALB.The SysOps administrator already has requested and validated a public certificate for www.example.com in AWS Certificate Manager (ACM).Existing users of the application must not be required to change the endpoint to which they are connecting.Which additional set of steps should the SysOps administrator take to meet these requirements?Read More →
© 2026. Tip2Cloud doesn't offer any real exam questions. All questions & answers were supported by AI.