Win IT Exam with Last Dumps 2023


Amazon SAP-C01 Exam

Page 23/47
Viewing Questions 221 230 out of 470 Questions
48.94%

Question 221
Within an IAM policy, can you add an IfExists condition at the end of a Null condition?
A. Yes, you can add an IfExists condition at the end of a Null condition but not in all Regions.
B. Yes, you can add an IfExists condition at the end of a Null condition depending on the condition.
C. No, you cannot add an IfExists condition at the end of a Null condition.
D. Yes, you can add an IfExists condition at the end of a Null condition.

Question 222
Regarding Identity and Access Management (IAM), Which type of special account belonging to your application allows your code to access Google services programmatically?
A. Service account
B. Simple Key
C. OAuth
D. Code account

Question 223
IAM users do not have permission to create Temporary Security Credentials for federated users and roles by default. In contrast, IAM users can call __________ without the need of any special permissions
A. GetSessionName
B. GetFederationToken
C. GetSessionToken
D. GetFederationName

Question 224
An organization is planning to use NoSQL DB for its scalable data needs. The organization wants to host an application securely in AWS VPC.
What action can be recommended to the organization?
A. The organization should setup their own NoSQL cluster on the AWS instance and configure route tables and subnets.
B. The organization should only use a DynamoDB because by default it is always a part of the default subnet provided by AWS.
C. The organization should use a DynamoDB while creating a table within the public subnet.
D. The organization should use a DynamoDB while creating a table within a private subnet.

Question 225
What happens when Dedicated instances are launched into a VPC?
A. If you launch an instance into a VPC that has an instance tenancy of dedicated, you must manually create a Dedicated instance.
B. If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is created as a Dedicated instance, only based on the tenancy of the instance.
C. If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is automatically a Dedicated instance, regardless of the tenancy of the instance.
D. None of these are true.

Question 226
An organization is setting up RDS for their applications. The organization wants to secure RDS access with VPC.
Which of the following options is not required while designing the RDS with VPC?
A. The organization must create a subnet group with public and private subnets. Both the subnets can be in the same or separate AZ.
B. The organization should keep minimum of one IP address in each subnet reserved for RDS failover.
C. If the organization is connecting RDS from the internet it must enable the VPC attributes DNS hostnames and DNS resolution.
D. The organization must create a subnet group with VPC using more than one subnet which are a part of separate AZs.

Question 227
You create a VPN connection, and your VPN device supports Border Gateway Protocol (BGP).
Which of the following should be specified to configure the VPN connection?
A. Classless routing
B. Classfull routing
C. Dynamic routing
D. Static routing

Question 228
An organization has developed an application which provides a smarter shopping experience. They need to show a demonstration to various stakeholders who may not be able to access the in premise application so they decide to host a demo version of the application on AWS.
Consequently, they will need a fixed elastic IP attached automatically to the instance when it is launched.
In this scenario which of the below mentioned options will not help assign the elastic IP automatically?
A. Write a script which will fetch the instance metadata on system boot and assign the public IP using that metadata.
B. Provide an elastic IP in the user data and setup a bootstrapping script which will fetch that elastic IP and assign it to the instance.
C. Create a controlling application which launches the instance and assigns the elastic IP based on the parameter provided when that instance is booted.
D. Launch instance with VPC and assign an elastic IP to the primary network interface.

Question 229
An organization is having a VPC for the HR department, and another VPC for the Admin department. The HR department requires access to all the instances running in the Admin VPC while the Admin department requires access to all the resources in the HR department.
How can the organization setup this scenario?
A. Setup VPC peering between the VPCs of Admin and HR.
B. Setup ACL with both VPCs which will allow traffic from the CIDR of the other VPC.
C. Setup the security group with each VPC which allows traffic from the CIDR of another VPC.
D. It is not possible to connect resources of one VPC from another VPC.

Question 230
Can a Direct Connect link be connected directly to the Internet?
A. Yes, this can be done if you pay for it.
B. Yes, this can be done only for certain regions.
C. Yes
D. No