Question: 1
Company C is currently hosting their corporate site in an Amazon S3 bucket with Static Website
Hosting enabled. Currently, when visitors go to http://www.companyc.com the index.html page is
returned. Company C now would like a new page welcome.html to be returned when a visitor enters
http://www.companyc.com in the browser.
Which of the following steps will allow Company C to meet this requirement? Choose 2 answers
A. Upload an html page named welcome.html to their S3 bucket
B. Create a welcome subfolder in their S3 bucket
C. Set the Index Document property to welcome.html
D. Move the index.html page to a welcome subfolder
E. Set the Error Document property to welcome.html
Answer: A, C
Question: 2
What type of block cipher does Amazon S3 offer for server side encryption?
A. Triple DES
B. Advanced Encryption Standard
C. Blowfish
D. RC5
Answer: B
Question: 3
If an application is storing hourly log files from thousands of instances from a high traffic web site,
which naming scheme would give optimal performance on S3?
A. Sequential
B. instanceID_log-HH-DD-MM-YYYY
C. instanceID_log-YYYY-MM-DD-HH
D. HH-DD-MM-YYYY-log_instanceID
E. YYYY-MM-DD-HH-log_instanceID
Answer: D
Question: 4
Which of the following statements about SQS is true?
A. Messages will be delivered exactly once and messages will be delivered in First in, First out order
B. Messages will be delivered exactly once and message delivery order is indeterminate
C. Messages will be delivered one or more times and messages will be delivered in First in, First out
order
D. Messages will be delivered one or more times and message delivery order is indeterminate
Answer: D
Question: 5
A corporate web application is deployed within an Amazon VPC, and is connected to the corporate
data center via IPSec VPN. The application must authenticate against the on-premise LDAP server.
Once authenticated, logged-in users can only access an S3 keyspace specific to the user.
Which two approaches can satisfy the objectives? Choose 2 answers
A. The application authenticates against LDAP. The application then calls the IAM Security Service to
login to IAM using the LDAP credentials. The application can use the IAM temporary credentials to
access the appropriate S3 bucket.
B. The application authenticates against LDAP, and retrieves the name of an IAM role associated with
the user. The application then calls the IAM Security Token Service to assume that IAM Role. The
application can use the temporary credentials to access the appropriate S3 bucket.
C. The application authenticates against IAM Security Token Service using the LDAP credentials. The
application uses those temporary AWS security credentials to access the appropriate S3 bucket.
D. Develop an identity broker which authenticates against LDAP, and then calls IAM Security Token
Service to get IAM federated user credentials. The application calls the identity broker to get IAM
federated user credentials with access to the appropriate S3 bucket.
E. Develop an identity broker which authenticates against IAM Security Token Service to assume an
IAM Role to get temporary AWS security credentials. The application calls the identity broker to get
AWS temporary security credentials with access to the appropriate S3 bucket.
Answer: B, D
Source Link:
No comments:
Post a Comment