Get 2019 Latest AWS Certified Advanced Networking-Specialty Dumps

QUESTION 6

Which of the following services is used to send an alert from CloudWatch?

A. AWS SNS
B. AWS EBS
C. AWS SES
D. AWS SQS

Answer: A
Explanation:
AWS Auto Scaling and Simple Notification Service (SNS) work in conjunction with CloudWatch. You use Amazon SNS with CloudWatch to send messages when an alarm threshold has been reached.
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/related_services.html

QUESTION 7

To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use ____.

A. trusted signers
B. optimistic locking
C. integrity validation
D. root credentialing

Answer: C
Explanation:
The AWS CloudTrail uses log file integrity validation to determine whether the log files were changed or modified since CloudTrail delivered them to an Amazon S3 bucket.
Reference: https://aws.amazon.com/cloudtrail/

QUESTION 8

An AWS CloudTrail log file provides the identity and source IP address of the API caller, and a time of the API call, request parameters, and ____.

A. response elements
B. event selectors
C. port alarms
D. destination buckets

Answer: A
Explanation:
An AWS CloudTrail log file provide the following details.
. Identity of the API caller
. Time of the API call
. Source IP address of the API caller
. Request parameters
. Response elements
Reference: https://aws.amazon.com/cloudtrail/

QUESTION 9

What does the term "statistics" mean with respect to CloudWatch metrics?

A. Time of a metric collection
B. Data aggregation over a specific period of time
C. Status of a metric
D. Unit of a metric
Answer: B
Explanation:

Statistics represents data aggregation of the metric data values over a specific period of time.
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.ht
ml#Statistic

QUESTION 10

Which endpoint is considered to be best practise when analysing data within a Configuration Stream of AWS Config?

A. SNS
B. E-Mail
C. SQS
D. Kinesis

Answer: C
Explanation:
The Simple Queue Service can be subscribed to the AWS Config topic (the Configuration Stream) which gives you a highly available and decoupled environment for the data within your Configuration Streams. By using SQS it allows you to create and use your own applications to extract only information and data that is pertinent to you. There can be vast amounts of data coming into the Configuration Stream, but you might only want to be notified and made away of any changes that may relate to any potential security issues. As a result, you may want to pull information from the queue that only relate to to Security Groups/NACLs/IAM Roles or any other resource type that could affect the security of your environment.
Reference:
http://docs.aws.amazon.com/config/latest/developerguide/monitor-resource-changes.html

AWS-Certified-Advanced-Networking-Specialty-Dumps

QUESTION 1

Which of the following does not configure Amazon CloudFront cache behaviors to forward
cookies to an origin for web distributions?

A. Origin server
B. AWS CLI
C. Amazon EMR
D. Amazon S3

Answer: D
Explanation:
Amazon S3 and some HTTP servers do not process cookies. Do not configure Amazon
CloudFront cache behaviors to forward cookies to an origin that doesn't process cookies or you'll
adversely affect cache ability and consequently performance.
Reference: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html


QUESTION 2

What is the maximum number of CloudTrails that you can create per AWS region?

A. 10
B. 2
C. 16
D. 5

Answer: D
Explanation:
You can create up to five CloudTrails per Amazon AWS region. A trail that applies to all regions
exists in each region and is counted as one trail in each region.
Reference: https://aws.amazon.com/cloudtrail/faqs/

QUESTION 3

Use ___________ to get more visibility into the health of your AWS Elastic Beanstalk application
and take appropriate actions in case of hardware failure or performance degradation.

A. Amazon Elastic Beanstalk command line
B. Amazon EC2 log files
C. Amazon CloudWatch
D. Amazon Load balancing

Answer: C
Explanation:
In AWS Elastic Beanstalk, you can use Amazon CloudWatch to get more visibility into the health
of your AWS Elastic Beanstalk application and take appropriate actions in case of hardware
failure or performance degradation.
Reference:
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.concepts.design.html

QUESTION 4

To directly manage your CloudTrail security layer, you can use ____ for your CloudTrail log files.

A. SSE-S3
B. SCE-KMS
C. SCE-S3
D. SSE-KMS

Answer: D
Explanation:
By default, the log files delivered by CloudTrail to your bucket are encrypted by Amazon serverside encryption with Amazon S3-managed encryption keys (SSE-S3). To provide a security layer
that is directly manageable, you can instead use server-side encryption with AWS KMS-managed
keys (SSE-KMS) for your CloudTrail log files.
Reference:
http://docs.aws.amazon.com/awscloudtrail/latest/userguide/encrypting-cloudtrail-log-files-withaws-kms.html


QUESTION 5

Which of the following statements is true of AWS Elastic Beanstalk?

A. AWS Elastic Beanstalk uses CloudWatch for monitoring and alarms, meaning CloudWatch costs
are applied to your AWS account for any alarms that you use.
B. AWS Elastic Beanstalk uses CloudWatch for monitoring and alarms, and both are free of charge.
C. AWS Elastic Beanstalk doesn't use CloudWatch for monitoring and alarms, but you pay extra for
any AWS Elastic Beanstalk Alarm you set in the monitoring tool.
D. AWS Elastic Beanstalk has its own free-of-charge monitoring tool, and you are not charged for
the alarm you set.

Answer: A
Explanation:
AWS Elastic Beanstalk uses CloudWatch for monitoring and alarms, meaning CloudWatch costs
are applied to your AWS account for any alarms that you use.
Reference:
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.alarms.html