| Question.121 A company runs an encrypted Amazon RDS for Oracle DB instance. The company wants to make regular backups available in another AWS Region. What is the MOST operationally efficient solution that meets these requirements? (A) Modify the DB instance. Enable cross-Region automated backups. (B) Create an RDS read replica in another Region. Create a snapshot of the read replica. (C) Use AWS Database Migration Service (AWS DMS) to copy the data to a DB instance in another Region. (D) Temporarily turn off encryption on the DB instance. Take a snapshot. Copy the snapshot to another Region. |
121. Click here to View Answer
Answer: A
| Question.122 A company stores files on 50 Amazon S3 buckets in the same AWS Region. The company wants to connect to the S3 buckets securely over a private connection from its Amazon EC2 instances. The company needs a solution that produces no additional cost. Which solution will meet these requirements? (A) Create a gateway VPC endpoint for each S3 bucket. Attach the gateway VPC endpoints to each subnet inside the VPC. (B) Create an interface VPC endpoint for each S3 bucket. Attach the interface VPC endpoints to each subnet inside the VPC. (C) Create one gateway VPC endpoint for all the S3 buckets. Add the gateway VPC endpoint to the VPC route table. (D) Create one interface VPC endpoint for all the S3 buckets. Add the interface VPC endpoint to the VPC route table. |
122. Click here to View Answer
Answer: C
| Question.123 The security team is concerned because the number of AWS Identity and Access Management (IAM) policies being used in the environment is increasing. The team tasked a SysOps administrator to report on the current number of IAM policies in use and the total available IAM policies. Which AWS service should the administrator use to check how current IAM policy usage compares to current service limits? (A) AWS Trusted Advisor (B) Amazon Inspector (C) AWS Config (D) AWS Organizations |
123. Click here to View Answer
Answer: A
| Question.124 A companys SysOps administrator deploys a public Network Load Balancer (NLB) in front of the companys web application. The web application does not use any Elastic IP addresses. Users must access the web application by using the companys domain name. The SysOps administrator needs to configure Amazon Route 53 to route traffic to the NLB. Which solution will meet these requirements MOST cost-effectively? (A) Create a Route 53 AAAA record for the NLB. (B) Create a Route 53 alias record for the NLB. (C) Create a Route 53 CAA record for the NLB. (D) Create a Route 53 CNAME record for the NLB. |
124. Click here to View Answer
Answer: B
| Question.125 A company’s web application runs on Amazon EC2 instances in a single AWS Region. The infrastructure must be designed so the application remains available with no performance degradation in the event of an Availability Zone (AZ) failure. To ensure optimal performance, the application must maintain a minimum of 12 instances at all times. Which solution will meet the requirements with the fewest running instances possible? (A) 2 AZs with 6 instances in each AZ (B) 2 AZs with 12 instances in each AZ (C) 3 AZs with 4 instances in each AZ (D) 3 AZs with 6 instances in each AZ |
125. Click here to View Answer
Answer: C