You are designing Internet connectivity for your VPC. The Web servers must be available on the
Internet.The application must have a highly available architecture.Which alternatives should you consider? (Choose 2)
A. Configure a NAT instance in your VPC Create a default route via the NAT instance and associate it
with all subnets Configure a DNS A record that points to the NAT instance public IP address.
B. Configure a CloudFront distribution and configure the origin to point to the private IP addresses of
your Web servers Configure a Route53 CNAME record to your CloudFront distribution.
C. Place all your web servers behind ELB Configure a Route53 CNMIE to point to the ELB DNS name.
D. Assign EIPs to all web servers. Configure a Route53 record set with all EIPs, with health checks and
DNS failover.
E. Configure ELB with an EIP Place all your Web servers behind ELB Configure a Route53 A record that
points to the EIP.
Answer: C,D
Question: 2
You are implementing AWS Direct Connect. You intend to use AWS public service end points such as Amazon S3, across the AWS Direct Connect link. You want other Internet traffic to use your existing link to an Internet Service Provider.What is the correct way to configure AWS Direct connect for access to services such as Amazon S3?
A. Configure a public Interface on your AWS Direct Connect link Configure a static route via your AWS
Direct Connect link that points to Amazon S3 Advertise a default route to AWS using BGP.
B. Create a private interface on your AWS Direct Connect link. Configure a static route via your AWS
Direct connect link that points to Amazon S3 Configure specific routes to your network in your VPC.
C. Create a public interface on your AWS Direct Connect link Redistribute BGP routes into your
existing routing infrastructure; advertise specific routes for your network to AWS.
D. Create a private interface on your AWS Direct connect link. Redistribute BGP routes into your
existing routing infrastructure and advertise a default route to AWS.
Answer: C
Explanation:
https://aws.amazon.com/directconnect/faqs/
Question: 3
You control access to S3 buckets and objects with:
A. Identity and Access Management (IAM) Policies.
B. Access Control Lists (ACLs).
C. Bucket Policies.
D. All of the above
Answer: D
Question: 4
The AWS IT infrastructure that AWS provides, complies with the following IT security standards, including:
A. SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II), SOC 2 and SOC 3
B. FISMA, DIACAP, and FedRAMP
C. PCI DSS Level 1, ISO 27001, ITAR and FIPS 140-2
D. HIPAA, Cloud Security Alliance (CSA) and Motion Picture Association of America (MPAA)
E. All of the above
Answer: A,B,C
Question: 5
Auto Scaling requests are signed with a _________ signature calculated from the request and the user’s private key.
A. SSL
B. AES-256
C. HMAC-SHA1
D. X.509
Answer: C
The best dumps material which I have every used is
ReplyDeleteAmazon SAP-C01 pdf. For me it, is the main source of all the information that I have regarding the field. SAP-C01 dumps covers all the necessary information in a very concise form.
It is my luck to have a friend who suggested me to buy SAP-C01 Dumps PDF from DumpsFactory. I am thankful to him and the team of experts at this platform who were very friendly. I knew about the reliability of this stuff by the time I checked free demo questions. I suggest all the candidates to check demo questions for satisfaction and then download SAP-C01 Dumps.
ReplyDelete