- All Exams Instant Download
How can the InfoSec team ensure compliance with this mandate?
The InfoSec team has mandated that in the future only approved Amazon Machine Images (AMIs) can be used. How can the InfoSec team ensure compliance with this mandate?A . Terminate all Amazon EC2 instances and relaunch them with approved AMIs.B . Patch all running instances by using AWS Systems Manager.C...
What is causing this situation?
The Information Technology department has stopped using Classic Load Balancers and switched to Application Load Balancers to save costs. After the switch, some users on older devices are no longer able to connect to the website. What is causing this situation?A . Application Load Balancers do not support older web...
What should the Security Engineer do to meet these requirements?
An organization wants to deploy a three-tier web application whereby the application servers run on Amazon EC2 instances. These EC2 instances need access to credentials that they will use to authenticate their SQL connections to an Amazon RDS DB instance. Also, AWS Lambda functions must issue queries to the RDS...
What is a scalable and efficient approach to meet this requirement?
A Security Engineer must enforce the use of only Amazon EC2, Amazon S3, Amazon RDS, Amazon DynamoDB, and AWS STS in specific accounts. What is a scalable and efficient approach to meet this requirement?A . Set up an AWS Organizations hierarchy, and replace the FullAWSAccess policy with the following Service...
Which action should the Engineer take based on this situation?
A Security Engineer received an AWS Abuse Notice listing EC2 instance IDs that are reportedly abusing other hosts. Which action should the Engineer take based on this situation? (Choose three.)A . Use AWS Artifact to capture an exact image of the state of each instance.B . Create EBS Snapshots of...
What is the MOST cost-effective way to manage the storage of credentials?
A water utility company uses a number of Amazon EC2 instances to manage updates to a fleet of 2,000 Internet of Things (IoT) field devices that monitor water quality. These devices each have unique access credentials. An operational safety policy requires that access to specific credentials is independently auditable. What...
What would resolve the connectivity issue?
A Software Engineer is trying to figure out why network connectivity to an Amazon EC2 instance does not appear to be working correctly. Its security group allows inbound HTTP traffic from 0.0.0.0/0, and the outbound rules have not been modified from the default. A custom network ACL associated with its...
Which solution would remediate the audit finding while minimizing the effort required?
An organization has a system in AWS that allows a large number of remote workers to submit data files. File sizes vary from a few kilobytes to several megabytes. A recent audit highlighted a concern that data files are not encrypted while in transit over untrusted networks. Which solution would...
Which application flow would meet the data protection requirements on AWS?
A pharmaceutical company has digitized versions of historical prescriptions stored on premises. The company would like to move these prescriptions to AWS and perform analytics on the data in them. Any operation with this data requires that the data be encrypted in transit and at rest. Which application flow would...
What is the SIMPLEST way to meet these requirements?
A security team is responsible for reviewing AWS API call activity in the cloud environment for security violations. These events must be recorded and retained in a centralized location for both current and future AWS regions. What is the SIMPLEST way to meet these requirements?A . Enable AWS Trusted Advisor...
