| Question.61 A SysOps administrator needs to automate the invocation of an AWS Lambda function. The Lambda function must run at the end of each day to generate a report on data that is stored in an Amazon S3 bucket. What is the MOST operationally efficient solution that meets these requirements? (A) Create an Amazon EventBridge (Amazon CloudWatch Events) rule that has an event pattern for Amazon S3 and the Lambda function as a target. (B) Create an Amazon EventBridge (Amazon CloudWatch Events) rule that has a schedule and the Lambda function as a target. (C) Create an S3 event notification to invoke the Lambda function whenever objects change in the S3 bucket. (D) Deploy an Amazon EC2 instance with a cron job to invoke the Lambda function. |
61. Click here to View Answer
Answer: B
| Question.62 A company has several member accounts that are in an organization in AWS Organizations. The company recently discovered that administrators have been using account root user credentials. The company must prevent the administrators from using root user credentials to perform any actions on Amazon EC2 instances. What should a SysOps administrator do to meet this requirement? (A) Create an identity-based IAM policy in each member account to deny actions on EC2 instances by the root user. (B) In the organization’s management account, create a service control policy (SCP) to deny actions on EC2 instances by the root user in all member accounts. (C) Use AWS Config to prevent any actions on EC2 instances by the root user. (D) Use Amazon Inspector in each member account to scan for root user logins and to prevent any actions on EC2 instances by the root user. |
62. Click here to View Answer
Answer: A
| Question.63 SIMULATION Instructions If the copy-paste functionality is not working in your environment, refer to the instructions file on the VM desktop and use Ctrl+C, Ctrl+V or Command-C, Command-V. Configure Amazon EventBridge to meet the following requirements. 1. Use the us-east-2 Region for all resources. 2. Unless specified below, use the default configuration settings. 3. Use your own resource naming unless a resource name is specified below. 4. Ensure all Amazon EC2 events in the default event bus are replayable for the past 45 days. 5. Create a rule named RunFunction to send the exact message {name:example) every 15 minutes to an existing AWS Lambda function named LogEventFunction 6. Create a rule named SpotWarning to send a notification to a new standard Amazon SNS topic named TopicEvents whenever an Amazon EC2 Spot Instance is interrupted. Do NOT create any topic subscriptions. The notification must match the following structure: Input path: {`instance`:`detail.instance-id} Input template: `The EC2 Spot Instance <instance> has been interrupted.` Important: Click the Next button to complete this lab and continue to the next lab. Once you click the Next button, you will NOT be able to return to this lab. |
63 Click here to View Answer
| Question.64 A company needs to ensure strict adherence to a budget for 25 applications deployed on AWS. Separate teams are responsible for storage, compute, and database costs. A SysOps administrator must implement an automated solution to alert each team when their projected spend will exceed a quarterly amount that has been set by the finance department. The solution cannot incur additional compute, storage, or database costs. Which solution will meet these requirements? (A) Configure AWS Cost and Usage Reports to send a daily report to an Amazon S3 bucket. Create an AWS Lambda function that will evaluate spend by service and notify each team by using Amazon Simple Notification Service (Amazon SNS) notifications. Invoke the Lambda function when a report is placed in the S3 bucket. (B) Configure AWS Cost and Usage Reports to send a daily report to an Amazon S3 bucket. Create a rule in Amazon EventBridge (Amazon CloudWatch Events) to evaluate the spend by service and notify each team by using Amazon Simple Queue Service (Amazon SQS) when the cost threshold is exceeded. (C) Use AWS Budgets to create one cost budget and select each of the services in use. Specify the budget amount defined by the finance department along with the forecasted cost threshold. Enter the appropriate email recipients for the budget. (D) Use AWS Budgets to create a cost budget for each team, filtering by the services they own. Specify the budget amount defined by the finance department along with a forecasted cost threshold. Enter the appropriate email recipients for each budget. |
64. Click here to View Answer
Answer: D
| Question.65 A company wants to track its AWS costs in all member accounts that are part of an organization in AWS Organizations. Managers of the member accounts want to receive a notification when the estimated costs exceed a predetermined amount each month. The managers are unable to configure a billing alarm. The IAM permissions for all users are correct. What could be the cause of this issue? (A) The management/payer account does not have billing alerts turned on. (B) The company has not configured AWS Resource Access Manager (AWS RAM) to share billing information between the member accounts and the management/payer account. (C) Amazon GuardDuty is turned on for all the accounts. (D) The company has not configured an AWS Config rule to monitor billing. |
65. Click here to View Answer
Answer: A