A.Move the bucket to a new region

B.Add a bucket policy to the bucket.

C.Move the files to a new bucket.

D.Use Amazon EBS instead of S3

 

 

 

 

Answer: B

Explanation:

Amazon S3 supports several mechanisms that give you flexibility to control who can access your data as well as how, when, and where they can access it. Amazon S3 provides four different access control mechanisms: AWS Identity and Access Management (IAM) policies, Access Control Lists (ACLs), bucket policies, and query string authentication. IAM enables organizations to create and manage multiple users under a single AWS account. With IAM policies, you can grant IAM users fine-grained control to your Amazon S3 bucket or objects. You can use ACLs to selectively add (grant) certain permissions on individual objects.

Amazon S3 bucket policies can be used to add or deny permissions across some or all of the objects within a single bucket.

With Query string authentication, you have the ability to share Amazon S3 objects through URLs that are valid for a specified period of time.

Reference: http://aws.amazon.com/s3/details/#security

 

 

 

 

Question: 92

A user is accessing an EC2 instance on the SSH port for IP 10.20.30.40. Which one is a secure way to configure that the instance can be accessed only from this IP?

A.In the security group, open port 22 for IP 10.20.30.40

B.In the security group, open port 22 for IP 10.20.30.40/32

C.In the security group, open port 22 for IP 10.20.30.40/24

D.In the security group, open port 22 for IP 10.20.30.40/0

 

 

 

 

Answer: B

Explanation:

In AWS EC2, while configuring a security group, the user needs to specify the IP address in CIDR notation. The CIDR IP range 10.20.30.40/32 says it is for a single IP 10.20.30.40. If the user specifies the IP as 10.20.30.40 only, the security group will not accept and ask it in a CIRD format. Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network- security.html

 

 

 

 

Question: 93

Which of the following statements is true of creating a launch configuration using an EC2 instance?

A.The launch configuration can be created only using the Query APIs.

B.Auto Scaling automatically creates a launch configuration directly from an EC2 instance.

C.A user should manually create a launch configuration before creating an Auto Scaling group.

D.The launch configuration should be created manually from the AWS CLI.

 

 

 

 

Answer: B

Explanation:

You can create an Auto Scaling group directly from an EC2 instance. When you use this feature, Auto Scaling automatically creates a launch configuration for you as well.

Reference: http://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/create-lc-with- instanceID.h tml

 

 

 

 

Question: 94

You need to set up a high level of security for an Amazon Relational Database Service (RDS) you have just built in order to protect the confidential information stored in it. What are all the possible security groups that RDS uses?

A.DB security groups, VPC security groups, and EC2 security groups.

B.DB security groups only.

C.EC2 security groups only.

D.VPC security groups, and EC2 security groups.

 

 

 

 

Answer: A

Explanation:

A security group controls the access to a DB instance. It does so by allowing access to IP address ranges or Amazon EC2 instances that you specify.

Amazon RDS uses DB security groups, VPC security groups, and EC2 security groups. In simple terms, a DB security group controls access to a DB instance that is not in a VPC, a VPC security group controls access to a DB instance inside a VPC, and an Amazon EC2 security group controls access to an EC2 instance and can be used with a DB instance.

Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html

 

 

 

 

Question: 95

You have been using T2 instances as your CPU requirements have not been that intensive. However you now start to think about larger instance types and start looking at M1 and M3 instances. You are a little confused as to the differences between them as they both seem to have the same ratio of CPU and memory. Which statement below is incorrect as to why you would use one over the other?

A.M3 instances are less expensive than M1 instances.

B.M3 instances are configured with more swap memory than M1 instances.

发表评论

电子邮件地址不会被公开。 必填项已用*标注

error: Content is protected !!