Question 261
You're trying to delete an SSL certificate from the IAM certificate store, and you're getting the message "Certificate: is being used by CloudFront."Which of the following statements is probably the reason why you are getting this error?
A. Before you can delete an SSL certificate you need to set up https on your server.
B. Before you can delete an SSL certificate, you need to set up the appropriate access level in IAM
C. Before you can delete an SSL certificate, you need to either rotate SSL certificates or revert from using a custom SSL certificate to using the default CloudFront certificate.
D. You can't delete SSL certificates. You need to request it from AWS.
Question 262
A user has set the IAM policy where it denies all requests if a request is not from IP 10.10.10.1/32. The other policy says allow all requests between 5 PM to 7PM.
What will happen when a user is requesting access from IP 55.109.10.12/32 at 6 PM?
A. It will deny access
B. It is not possible to set a policy based on the time or IP
C. IAM will throw an error for policy conflict
D. It will allow access
Question 263
Do you need to use Amazon Cognito to use the Amazon Mobile Analytics service?
A. No. However, it is recommend by AWS to use Amazon Cognito for security best practices.
B. Yes. You need to use it only if you have IAM root access.
C. No. You cannot use it at all, and you need to use AWS IAM accounts.
D. Yes. It is recommended by AWS to use Amazon Cognito to use Amazon Mobile Analytics service.
Question 264
Which of the following AWS services can be used to define alarms to trigger on a certain activity, such as activity success, failure, or delay in AWS Data Pipeline?
A. Amazon SES
B. Amazon CodeDeploy
C. Amazon SNS
D. Amazon SQS
Question 265
You want to use Amazon Redshift and you are planning to deploy dw1.
8xlarge nodes. What is the minimum amount of nodes that you need to deploy with this kind of configuration?
A. 1
B. 4
C. 3
D. 2
Question 266
Mike is appointed as Cloud Consultant in ABC.com. ABC has the following VPCs set- up in the US East Region:A VPC with CIDR block 10.10.0.0/16, a subnet in that VPC with CIDR block 10.10.1.0/24 A VPC with CIDR block 10.40.0.0/16, a subnet in that VPC with CIDR block 10.40.1.0/24 ABC.com is trying to establish network connection between two subnets, a subnet with CIDR block 10.10.1.0/24 and another subnet with CIDR block 10.40.1.0/24.
Which one of the following solutions should Mike recommend to ABC.com?
A. Create 2 Virtual Private Gateways and configure one with each VPC.
B. Create 2 Internet Gateways, and attach one to each VPC.
C. Create a VPC Peering connection between both VPCs.
D. Create one EC2 instance in each subnet, assign Elastic IPs to both instances, and configure a set up Site-to-Site VPN connection between both EC2 instances.
Question 267
Can Provisioned IOPS be used on RDS instances launched in a VPC?
A. Yes, they can be used only with Oracle based instances.
B. Yes, they can be used for all RDS instances.
C. No
D. Yes, they can be used only with MySQL based instances.
Question 268
To get started using AWS Direct Connect, in which of the following steps do you configure Border Gateway Protocol (BGP)?
A. Complete the Cross Connect
B. Configure Redundant Connections with AWS Direct Connect
C. Create a Virtual Interface
D. Download Router Configuration
Question 269
Which of the following components of AWS Data Pipeline polls for tasks and then performs those tasks?
A. Pipeline Definition
B. Task Runner
C. Amazon Elastic MapReduce (EMR)
D. AWS Direct Connect
Question 270
A user is hosting a public website on AWS. The user wants to have the database and the app server on the AWS VPC. The user wants to setup a database that can connect to the Internet for any patch upgrade but cannot receive any request from the internet. How can the user set this up?
A. Setup DB in a private subnet with the security group allowing only outbound traffic.
B. Setup DB in a public subnet with the security group allowing only inbound data.
C. Setup DB in a local data center and use a private gateway to connect the application with DB.
D. Setup DB in a private subnet which is connected to the internet via NAT for outbound.
