You are designing a system that has a Bastion host. This component needs to be highly available without human
intervention. Which of the following approaches would you select?
A user has configured a VPC with a new subnet. The user has created a security group. The user wants to configure that
instances of the same subnet communicate with each other. How can the user configure this with the security group?
A Virtual Private Cloud (VPC. is a virtual network dedicated to the users AWS account. AWS provides two features that the
user can use to increase security in VPC: security groups and network ACLs. Security groups work at the instance level. If
the user is using the default security group, it will have a rule which allows the instances to communicate with other. For a
new security group, the user has to specify the rule, add it to define the source as the security group itself, and select all the
protocols and ports for that source.
A database running on Amazon EC2 requires sustained IOPS performance.
Which kind of Amazon EBS volume should an Administrator choose for this solution?
You have a web application leveraging an Elastic Load Balancer (ELB) In front of the web servers deployed using an Auto
Scaling Group Your database is running on Relational Database Service (RDS) The application serves out technical articles
and responses to them in general there are more views of an article than there are responses to the article. On occasion, an
article on the site becomes extremely popular resulting in significant traffic Increases that causes the site to go down.
What could you do to help alleviate the pressure on the infrastructure while maintaining availability during these events?
A B C
A new application runs on Amazon EC2 instances and accesses data in an Amazon RDS database instance. When fully
deployed in production, the application fails. The database can be queried from a console on a bastion host. When looking at
the web server logs, the following error is repeated multiple times:
*** Error Establishing a Database Connection.
Which of the following may be causes of the connectivity problems? (Choose two.)
In EC2, what happens to the data in an instance store if an instance reboots (either intentionally or unintentionally)?
The data in an instance store persists only during the lifetime of its associated instance. If an in-stance reboots (intentionally
or unintentionally), data in the instance store persists. However, data on instance store volumes is lost under the following
Failure of an underlying drive
The instance is stopped Terminating an instance Reference:
A SysOps Administrator is reviewing AWS Trusted Advisor warnings and encounters a warning for an S3 bucket policy that
has open access permissions. While discussing the issue the bucket owner, the Administrator realizes the S3 bucket is an
origin for an Amazon CloudFront web distribution.
Which action should the Administrator take to ensure that users access objects in Amazon S3 by using only CloudFront
A developer created a new application that uses Spot Fleet for a variety of instance families across multiple Availability
What should the developer do to ensure that the Spot Fleet is configured for cost optimization?
A user has launched an EC2 instance from an instance store backed AMI. The infrastructure team wants to create an AMI
from the running instance. Which of the below mentioned credentials is not required while creating the AMI?
When the user has launched an EC2 instance from an instance store backed AMI and the admin team wants to create an
AMI from it, the user needs to setup the AWS AMI or the API tools first. Once the tool is setup the user will need the
AWS account ID;
AWS access and secret access key; X.509 certificate with private key.
A company hosts its website on Amazon ECF2 instances behind an ELB Application Load Balancer. The company manages
its DNS with Amazon Route 53, and wants to point its domains zone apex to the website.
Which type of record should be used to meet these requirements?