- (Topic 2)
A company is running an application on AWS. The company wants to identify and prevent the accidental
Which AWS service or feature will meet these requirements?
Correct Answer:
A
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3. With the cloud, the collection and aggregation of account and network activities is simplified, but it can be time consuming for security teams to continuously analyze event log data for potential threats. With GuardDuty, you can automate anomaly detection and get actionable findings to help you protect your AWS resources4.
- (Topic 3)
A company is hosting an application in the AWS Cloud. The company wants to verify that underlying AWS services and general AWS infrastructure are operating normally.
Which combination of AWS services can the company use to gather the required information? (Select TWO.)
Correct Answer:
AD
AWS Personal Health Dashboard and AWS Service Health Dashboard are two AWS services that can help the company to verify that underlying AWS services and general AWS infrastructure are operating normally. AWS Personal Health Dashboard provides a personalized view into the performance and availability of the AWS services you are using, as well as alerts that are automatically triggered by changes in the health of those services. In addition to event-based alerts, Personal Health Dashboard provides proactive notifications of scheduled activities, such as any changes to the infrastructure powering your resources, enabling you to better plan for events that may affect you. These notifications can be delivered to you via email or mobile for quick visibility, and can always be viewed from within the AWS Management Console. When you get an alert, it includes detailed information and guidance, enabling you to take immediate action to address AWS events impacting your resources3. AWS Service Health Dashboard provides a general status of AWS services, and the Service health view displays the current and historical status of all AWS services. This page shows reported service events for services across AWS Regions. You don’t need to sign in or have an AWS account to access the AWS Service Health Dashboard – Service health page. You can also subscribe to RSS feeds for specific services or regions to receive notifications about service
events4. References: Getting started with your AWS Health Dashboard – Your account health, Introducing AWS Personal Health Dashboard
- (Topic 1)
A company is running applications on Amazon EC2 instances in the same AWS account for several different projects. The company wants to track the infrastructure costs for each of the projects separately. The company must conduct this tracking with the least possible impact to the existing infrastructure and with no additional cost.
What should the company do to meet these requirements?
Correct Answer:
D
The correct answer is D because cost allocation tags are a way to track the infrastructure costs for each of the projects separately. Cost allocation tags are key-value pairs that can be attached to AWS resources, such as EC2 instances, and used to categorize and group them for billing purposes. The other options are incorrect because they do not meet the requirements of the question. Use a different EC2 instance type for each project does not help to track the costs for each project, and may impact the performance and compatibility of the applications. Publish project-specific custom Amazon CloudWatch metrics for each application does not help to track the costs for each project, and may incur additional charges for using CloudWatch. Deploy EC2 instances for each project in a separate AWS account does help to track the costs for each project, but it impacts the existing infrastructure and incurs additional charges for using multiple accounts. Reference: Using Cost Allocation Tags
- (Topic 1)
Which AWS solution gives companies the ability to use protocols such as NFS to store and retrieve objects in Amazon S3?
Correct Answer:
C
AWS Storage Gateway file gateway allows companies to use protocols such as NFS and SMB to store and retrieve objects in Amazon S3. File gateway provides a seamless integration between on-premises applications and Amazon S3, and enables low- latency access to data through local caching. File gateway also supports encryption, compression, and lifecycle management of the objects in Amazon S3. For more information, see What is AWS Storage Gateway? and File Gateway.
- (Topic 3)
Elasticity in the AWS Cloud refers to which of the following? (Select TWO.)
Correct Answer:
BE
Elasticity in the AWS Cloud refers to the ability to acquire resources as you need them and release resources when you no longer need them. In the cloud, you want to do this automatically1. This means that you can rightsized resources as demand shifts, and you can easily procure resources when they are needed. Elasticity is not related to how quickly an Amazon EC2 instance can be restarted, the maximum amount of RAM an Amazon EC2 instance can use, or the pay-as-you-go billing model. These are aspects of scalability, performance, and cost, respectively2.
For more information on elasticity, you can refer to the following sources:
✑ Elasticity - AWS Well-Architected Framework
✑ Elastic - Reactive Systems on AWS
✑ What is the difference between scalability and elasticity?
