Time limit: 0
Quiz Summary
0 of 25 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Quiz complete. Results are being recorded.
Results
0 of 25 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
-
Unfortunately, you didn’t pass the quiz, but hey, you have unlimited access.😎
Practice makes you perfect! 👊 -
Congratulations! 🥳
You have passed the quiz successfully! You are one step closer to pass the real exam!
We hope to see you again on another certification path.✌️
Good luck with the exam! Stay strong.👊
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 25
1. Question
You can configure a Lambda function to connect to private subnets in a virtual private cloud (VPC) in your AWS account.
What happens when you connect a function to a VPC?
CorrectIncorrect -
Question 2 of 25
2. Question
A company wants to monitor the traffic that is reaching its instance by capturing information about the IP traffic going to and from the network interfaces in its VPC.
Which solution will meet this requirement?
CorrectIncorrect -
Question 3 of 25
3. Question
Which of the following VPC features acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level?
CorrectIncorrect -
Question 4 of 25
4. Question
You have been tasked to improve the security of the data flow between your Amazon Redshift cluster and other resources. The very first step is to use VPC flow logs to monitor all the COPY and UNLOAD traffic of your Redshift cluster that moves in and out of your VPC.
Which of the following option is the most suitable solution to improve the security of your data?
CorrectIncorrect -
Question 5 of 25
5. Question
A company has a VPC for the IT department and another VPC for the accounting department. Which type of networking connection in AWS should a SysOps administrator use for the IT department in order to get access to all resources that are in the accounting department, and vice versa?
CorrectIncorrect -
Question 6 of 25
6. Question
A company wants to create a VPC with a dedicated tenancy for the 10.0.0.0/16 IPv4 CIDR block.
Which command should a SysOps administrator type in the command-line tool to meet the requirement?
CorrectIncorrect -
Question 7 of 25
7. Question
A company needs to increase the security of its VPC. The company wants to control traffic in and out of its subnets.
Which service should a SysOps administrator use to meet the requirement?
CorrectIncorrect -
Question 8 of 25
8. Question
Which of the following ACL rules allows inbound HTTP traffic from any IPv4 address.
CorrectIncorrect -
Question 9 of 25
9. Question
A company just launched an EC2 instance in a subnet into its VPC. After investigation, a SysOps administrator has realized that the EC2 instance isn’t accessible from the Internet.
What could be the primary cause of this issue?
CorrectIncorrect -
Question 10 of 25
10. Question
A company just finalized the process of hosting its WordPress blog on a new Amazon EC2 Linux instance. After trying to connect to the instance the SysOps administrator gets the following error message:
Network error: Connection timed out or Error connecting
Which actions should the SysOps administrator take to fix this issue? (Select TWO.)
CorrectIncorrect -
Question 11 of 25
11. Question
Α company handles sensitive data in their private subnet, the data is processed by the EC2 instances and then delivered to S3. The company wants the data to NOT be passed through the public Internet.
How could a SysOps administrator design this solution so that the data does not pass through the public Internet?
CorrectIncorrect -
Question 12 of 25
12. Question
A company wants to use a network address translation (NAT) gateway to enable the instances in its private subnet to connect to the internet and prevent the internet from initiating a connection with those instances.
Sort the steps from the top (first step) to the bottom (last step) to create a NAT gateway using the console.
-
Select the allocation ID of an Elastic IP address to associate with the NAT gateway
-
Choose Create a NAT Gateway
-
Open the Amazon VPC console at https://console.aws.amazon.com/vpc
-
In the navigation pane, choose NAT Gateways, Create NAT Gateway
-
Specify the subnet in which to create the NAT gateway
View Answers:
CorrectIncorrect -
-
Question 13 of 25
13. Question
A company wants to use a security group to control inbound and outbound traffic. The company has already launched an instance in a VPC and now they want to assign two security groups to the instance.
Sort the steps from the top (first step) to the bottom (last step) to create a security group using the console.
-
Choose Create
-
In the navigation pane, choose Security Groups
-
Enter a name for the security group (for example, my-security-group), and then provide a description
-
Choose Create security group
-
Open the Amazon VPC console at https://console.aws.amazon.com/vpc
-
From VPC, select the ID of your VPC
View Answers:
CorrectIncorrect -
-
Question 14 of 25
14. Question
A company wants to add an additional layer of protection from web attacks that attempt to exploit vulnerabilities to its web app. The company needs to create rules to filter web traffic based on specific IP addresses and block common web exploits like SQL injection and cross-site scripting.
Which of the following AWS service meet these requirements?
CorrectIncorrect -
Question 15 of 25
15. Question
A company that has a MySQL on Amazon Relational Database Service discovers common attack patterns, such as SQL injection and cross-site scripting. You have been hired to implement a solution to improve web traffic visibility by monitoring the entire inbound traffic and improve the security against web attacks.
Which of the following services should you implement to meet the requirements?
CorrectIncorrect -
Question 16 of 25
16. Question
Which of the following AWS service is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization?
CorrectIncorrect -
Question 17 of 25
17. Question
A company is using Amazon Elastic Container Service (Amazon ECS) containers to host its applications. The company wants to use AWS WAF to protect the applications that are hosted in Amazon ECS containers.
Which actions should a SysOps administrator take to meet these requirements?
CorrectIncorrect -
Question 18 of 25
18. Question
A company is using Amazon CloudFront distributions and Amazon Route 53 hosted zones. The company wants to add protection against DDoS attacks for those resource types using AWS Shield Advanced.
Which of the following is the THIRD step in the AWS Shield Advanced configuration process?
CorrectIncorrect -
Question 19 of 25
19. Question
Your Online Travel Agent (OTA) startup in California recently faced tremendous growth. Users from all over the world started using the APP. After investigation, you noticed 60% of the traffic was originated from Germany. Because of this, you decide to localize your content and present all of your website’s content in German to the users from Germany and English to the rest of the users. Also, you want all queries from Europe to be routed to an ELB load balancer in the Frankfurt region.
Which of the following services would allow you to fulfill this requirement?
CorrectIncorrect -
Question 20 of 25
20. Question
A company wants to configure a public hosted zone to provide information about how they want to route traffic on the internet for its domain (examsdigest.com).
Which solution will meet these requirements with the LEAST amount of effort?
CorrectIncorrect -
Question 21 of 25
21. Question
A SysOps Administrator is configuring a Route 53 Resolver using the wizard. Which of the following steps has to be done before choosing the direction that you want to forward DNS queries?
CorrectIncorrect -
Question 22 of 25
22. Question
A company wants to create a secure static website for its domain name. The company’s website uses only files like HTML, CSS, JavaScript, and doesn’t need servers or server-side processing.
Which of the following are prerequisites to deploy this secure static website solution using the console? (Select TWO.)
CorrectIncorrect -
Question 23 of 25
23. Question
A SysOps administrator tries to add an alternate domain name (CNAME) to its distribution but CloudFront returns an
InvalidViewerCertificate
error.Which actions should the SysOps administrator take to fix this issue? (Select TWO.)
CorrectIncorrect -
Question 24 of 25
24. Question
A company is using VPC Flow Logs to capture information about the IP traffic going to and from the network interfaces in its VPC. The company has created a flow log, and the Amazon VPC console displays the flow log as
Active
. However, they cannot see any log streams in CloudWatch Logs or log files in its Amazon S3 bucket.Which actions should the SysOps administrator take to fix this issue?
CorrectIncorrect -
Question 25 of 25
25. Question
A company just created a subnet and configured a routing. The company wants to launch an instance of type t2.micro into the default subnet for the current Region using a command-line tool.
Which action should a SysOps administrator take to meet these requirements?
CorrectIncorrect