Quiz 1 of 0
Exam Simulator: Design Secure Architectures – Part A
Anastasia-Instructor September 1, 2022
Time limit: 0
Quiz Summary
0 of 15 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Quiz complete. Results are being recorded.
Results
0 of 15 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
-
Unfortunately, you didn’t pass the quiz, but hey, you have unlimited access.😎
Practice makes you perfect! 👊 -
Congratulations! 🥳
You have passed the quiz successfully! You are one step closer to pass the real exam!
We hope to see you again on another certification path.✌️
Good luck with the exam! Stay strong.👊
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 15
1. Question
Your web application is on a fleet of EC2 instances located in three Availability Zones which are behind an Application Load Balancer. Which health check configuration will you implement to ensure that your web app is highly-available?
CorrectIncorrect -
Question 2 of 15
2. Question
Your new online event management application is hosted in AWS. The application uses Multi-AZ RDS for its database tier, which has a standby replica. What are the events that will make Amazon RDS to automatically perform a failover to the standby replica? (Select all that apply.)
CorrectIncorrect -
Question 3 of 15
3. Question
You have just hosted a website in an Amazon S3 bucket named examsdigest. The URL that loads the website is http://examsdigest.s3-website-eu-west-1.amazonaws.com. Now you want to use JavaScript on the webpages that are stored in this bucket to be able to make authenticated GET and PUT requests against the same bucket by using the Amazon S3 API endpoint for the bucket. The web browser blocks Javascript to make the requests.
What solution will you implement to allow the requests?
CorrectIncorrect -
Question 4 of 15
4. Question
You are deploying an application on Amazon EC2 that call AWS APIs. Which method of securely passing credentials to the application should you use?
CorrectIncorrect -
Question 5 of 15
5. Question
You are developing an application that uses Python Lambda functions. You need to store some sensitive data such as credentials for accessing the database. How will you store this data securely and adjust your function’s behavior without updating code?
CorrectIncorrect -
Question 6 of 15
6. Question
You have just launched an SFTP Secure Server Windows using an On-Demand EC2 instance in a newly created VPC named vpc-0e359265 with default settings. The server should not be accessible publicly but only through your IP address 155.144.123.12.
Which of the following is the most suitable way to implement this requirement?
CorrectIncorrect -
Question 7 of 15
7. Question
Your new machine learning application is hosted on an EC2 instance with multiple Elastic Block Storage Volumes attached and uses Redshift as it is simple and cost-effective to efficiently analyze all your data. Due to a security policy, you encrypted all of the EBS volumes attached to the instance to protect the confidential data stored in the volumes.
Which of the following statements are true about encrypted Amazon Elastic Block Store volumes? (Select all that apply.)
CorrectIncorrect -
Question 8 of 15
8. Question
You have just created a new On-Demand EC2 instance located in a subnet with ID subnet-aa181cd0 and IPv4 CIRD 172.31.16.0/20 in AWS which hosts your WordPress blog site. The security group attached to this EC2 instance has the following Inbound Rules:
You can establish an FTP connection into the EC2 instance from the internet. However, you are not able to establish an SSH connection from the internet. How to resolve the issue?
CorrectIncorrect -
Question 9 of 15
9. Question
You have been tasked to set up a Linux bastion host that will allow access to the Amazon EC2 instances running in the VPC with ID vpc-0e359265. For security reasons, only the clients connecting from a specific external IP address should have SSH access to the host. The external public IP address is 23.24.25.26.
Which is the best option to complete the task?
CorrectIncorrect -
Question 10 of 15
10. Question
What are some of the major advantages of having a Virtual Private Network (VPN) in AWS? (Choose all that apply)
CorrectIncorrect -
Question 11 of 15
11. Question
The mobile application you have just launched stores player and score information using Amazon S3 and DynamoDB. The users of your app can sign in using an external identity provider (IdP), such as Login with Amazon, Facebook, or Google. Amazon recommends that you do not embed or distribute long-term AWS credentials with apps that a user downloads to a device, even in an encrypted store.
Which AWS Security Token Service will you use to requests temporary AWS security credentials when needed?
CorrectIncorrect -
Question 12 of 15
12. Question
Which of the following AWS Key Management Service (AWS KMS) practice encrypts plaintext data with a data key, and then encrypts the data key under another key?
CorrectIncorrect -
Question 13 of 15
13. Question
You have just created a number of IAM users in your AWS account. What else needs to be done in order to ensure that the users are able to make API calls to AWS services and use AWS PowerShell tools?
CorrectIncorrect -
Question 14 of 15
14. Question
You are developing a fitness application that provides users with a rich array of guided workouts for a variety of fitness levels. Your application resides on an EC2 instance which requires access to various AWS services for its operations.
Which of the following is the best way to allow your EC2 instance to access your S3 bucket and other AWS services?
CorrectIncorrect -
Question 15 of 15
15. Question
You are developing a service marketplace platform in which people buy and sell online services. The project manager instructed you that the API calls on the AWS resources should be monitored and recorded. You used CloudTrail to help you in compliance, operational, and risk auditing of your AWS account. The project manager asked you where does CloudTrail store all of the logs?
CorrectIncorrect