Exam Logo

Amazon (SAP-C01) Exam Questions And Answers page 58

Does Amazon RDS API provide actions to modify DB instances inside a VPC and associate them with DB Security Groups?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
Does an AWS Direct Connect location provide access to Amazon Web Services in the region it is associated with as well as access to other US regions?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing enterprise-wide scalable operations on AWS
Does Autoscaling automatically assign tags to resources?
Implementing cost control strategies Designing for security and compliance
Doug has created a VPC with CIDR 10.201.0.0/16 in his AWS account. In this VPC he has created a public subnet with CIDR block 10.201.31.0/24.
While launching a new EC2 from the console, he is not able to assign the private IP address 10.201.31.6 to this instance.

Which is the most likely reason for this issue?
Designing highly available, cost-efficient, fault-tolerant, scalable systems
Do you need to use Amazon Cognito to use the Amazon Mobile Analytics service?
Implementing cost control strategies
During an audit, a security team discovered that a development team was putting IAM user secret access keys in their code and then committing it to an AWS CodeCommit repository. The security team wants to automatically find and remediate instances of this security vulnerability.

Which solution will ensure that the credentials are appropriately secured automatically?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
During a security audit of a Service team s application, a Solutions Architect discovers that a username and password for an Amazon RDS database and a set of AWS IAM user credentials can be viewed in the AWS Lambda function code. The Lambda function uses the username and password to run queries on the database, and it uses the IAM credentials to call AWS services in a separate management account.

The Solutions Architect is concerned that the credentials could grant inappropriate access to anyone who can view the Lambda code. The management account and the Service team s account are in separate AWS Organizations organizational units (OUs).

Which combination of changes should the Solutions Architect make to improve the solution s security? (Choose two.)
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
DynamoDB uses only as a transport protocol, not as a storage format.
Designing highly available, cost-efficient, fault-tolerant, scalable systems
For Amazon EC2 issues, while troubleshooting AWS CloudFormation, you need to view the cloud-init and cfn logs for more information. Identify a directory to which these logs are published.
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
For AWS CloudFormation, which stack state refuses UpdateStack calls?
Designing highly available, cost-efficient, fault-tolerant, scalable systems