Quỳnh Như
Quiz by , created more than 1 year ago

AWS Certified Solutions Architect

370
7
0
Quỳnh Như
Created by Quỳnh Như over 7 years ago
Close

AWS Certified Solutions Architect 01

Question 1 of 4

1

You are designing an intrusion detection prevention (IDS/IPS) solution for a customer web application in a

single VPC. You are considering the options for implementing IOS IPS protection for traffic coming from the

Internet.

Which of the following options would you consider? (Choose 2 answers)

Select one or more of the following:

  • Implement IDS/IPS agents on each Instance running In VPC

  • Configure an instance in each subnet to switch its network interface card to promiscuous mode and analyze network traffic.`

  • Implement Elastic Load Balancing with SSL listeners In front of the web applications

  • Implement a reverse proxy layer in front of web servers and configure IDS/IPS agents on each reverse proxy server.

Explanation

Question 2 of 4

1

Your customer is willing to consolidate their log streams (access logs application logs security logs etc.) in one

single system. Once consolidated, the customer wants to analyze these logs in real time based on heuristics.

From time to time, the customer needs to validate heuristics, which requires going back to data samples

extracted from the last 12 hours?

What is the best approach to meet your customer’s requirements?

Select one or more of the following:

  • Send all the log events to Amazon SQS. Setup an Auto Scaling group of EC2 servers to consume the logs and apply the heuristics.

  • Send all the log events to Amazon Kinesis develop a client process to apply heuristics on the logs

  • Configure Amazon Cloud Trail to receive custom logs, use EMR to apply heuristics the logs

  • Setup an Auto Scaling group of EC2 syslogd servers, store the logs on S3 use EMR to apply heuristics on the logs

Explanation

Question 3 of 4

1

You require the ability to analyze a customer's clickstream data on a website so they can do behavioral

analysis. Your customer needs to know what sequence of pages and ads their customer clicked on. This data

will be used in real time to modify the page layouts as customers click through the site to increase stickiness

and advertising click-through. Which option meets the requirements for captioning and analyzing this data?

Select one or more of the following:

  • Log clicks in weblogs by URL store to Amazon S3, and then analyze with Elastic MapReduce

  • Push web clicks by session to Amazon Kinesis and analyze behavior using Kinesis workers

  • Write click events directly to Amazon Redshift and then analyze with SQL

  • Publish web clicks by session to an Amazon SQS queue men periodically drain these events to Amazon

    RDS and analyze

Explanation

Question 4 of 4

1

You are designing a connectivity solution between on-premises infrastructure and Amazon VPC Your server’s

on-premises will De communicating with your VPC instances You will De establishing IPSec tunnels over the

internet You will be using VPN gateways and terminating the IPsec tunnels on AWS-supported customer

gateways.

Which of the following objectives would you achieve by implementing an IPSec tunnel as outlined above?

(Choose 4 answers)

Select one or more of the following:

  • End-to-end protection of data in transit

  • End-to-end Identity authentication

  • Data encryption across the Internet

  • Protection of data in transit over the Internet

  • Peer identity authentication between VPN gateway and customer gateway

  • Data integrity protection across the Internet

Explanation

Previous
Next