Tip 2 Cloud – Page 492 – Free study guides, practices test, sample questions

Which combination of the following actions should the Engineer take to enable users to be authenticated into the web application and call APIs?

A Security Engineer is working with a Product team building a web application on AWS.The application uses Amazon S3 to host the static content, Amazon APIGateway to provide RESTful services; and Amazon DynamoDB as the backend data store.The users already exist in a directory that is exposed through a SAML identity provider.Which combination of the following actions should the Engineer take to enable users to be authenticated into the web application and call APIs? (Choose three.)Read More →

What should a solutions architect do to meet these requirements?

By: study aws cloud

In: SAA-C03

With: 2 Comments

A company has an application that serves clients that are deployed in more than 20.000 retail storefront locations around the world.The application consists of backend web services that are exposed over HTTPS on port 443.The application is hosted on Amazon EC2 instances behind an Application Load Balancer (ALB).The retail locations communicate with the web application over the public internet.The company allows each retail location to register the IP address that the retail location has been allocated by its local ISP.The company’s security team recommends to increase the security of the application endpoint by restricting access to only the IP addresses registered by the retail locations.What should a solutions architect do to meet these requirements?Read More →

Which combination of steps will meet this requirement with the LEAST amount of operational overhead?

By: study aws cloud

In: SAP-C02

With: 2 Comments

A retail company is operating its ecommerce application on AWS.The application runs on Amazon EC2 instances behind an Application Load Balancer (ALB).The company uses an Amazon RDS DB instance as the database backend.Amazon CloudFront is configured with one origin that points to the ALB.Static content is cached.Amazon Route 53 is used to host all public zones.After an update of the application, the ALB occasionally returns a 502 status code (Bad Gateway) error.The root cause is malformed HTTP headers that are returned to the ALB.The webpage returns successfully when a solutions architect reloads the webpage immediately after the error occurs.While the company is working on the problem, the solutions architect needs to provide a custom error page instead of the standard ALB error page to visitors.Which combination of steps will meet this requirement with the LEAST amount of operational overhead? (Choose two.)Read More →

Which AWS service will meet these requirements with the LEAST operational effort?

By: study aws cloud

In: CLF-C01

With: 2 Comments

A software engineer wants to launch a virtual machine (VM) and MySQL database on AWS.Which AWS service will meet these requirements with the LEAST operational effort?Read More →

What should a solutions architect do to accomplish this?

By: study aws cloud

In: SAA-C02

With: 2 Comments

An operations team has a standard that states IAM policies should not be applied directly to users.Some new team members have not been following this standard.The operations manager needs a way to easily identify the users with attached policies.What should a solutions architect do to accomplish this?Read More →

Which AWS service will meet these requirements?

By: study aws cloud

In: CLF-C02

With: 2 Comments

A developer wants to deploy an application quickly on AWS without manually creating the required resources.Which AWS service will meet these requirements?Read More →

Which solution will meet these requirements MOST securely?

By: study aws cloud

In: DVA-C02

With: 2 Comments

A company wants to share information with a third party.The third party has an HTTP API endpoint that the company can use to share the information.The company has the required API key to access the HTTP API.The company needs a way to manage the API key by using code.The integration of the API key with the application code cannot affect application performance.Which solution will meet these requirements MOST securely?Read More →

Which combination of access changes will meet these requirements?

By: study aws cloud

In: DOP-C02

With: 2 Comments

A company has multiple member accounts that are part of an organization in AWS Organizations.The security team needs to review every Amazon EC2 security group and their inbound and outbound rules.The security team wants to programmatically retrieve this information from the member accounts using an AWS Lambda function in the management account of the organization.Which combination of access changes will meet these requirements? (Choose three.)Read More →

How can this be accomplished with the LEAST amount of administrative effort?

By: study aws cloud

In: SOA-C02

With: 2 Comments

A SysOps administrator is creating two AWS CloudFormation templates.The first template will create a VPC with associated resources, such as subnets, route tables, and an internet gateway.The second template will deploy application resources within the VPC that was created by the first template.The second template should refer to the resources created by the first template.How can this be accomplished with the LEAST amount of administrative effort?Read More →

How can the organization achieve this?

By: study aws cloud

In: SAP-C01

With: 2 Comments

An organization has created 5 IAM users.The organization wants to give them the same login ID but different passwords.How can the organization achieve this?Read More →