1. A static website is hosted in an Amazon S3 bucket. Several HTML pages on the site use JavaScript to download images from another Amazon S3 bucket. These images are not displayed when users browse the site. What is the possible cause for the issue?

A) Cross Origin Resource Sharing must be enabled on the Amazon S3 bucket.
B) Port 80 must be opened on the security group in which the Amazon S3 bucket is located.
C) The images must be stored in the same Amazon S3 bucket.
D) The referenced Amazon S3 bucket is in another region.



2. A company is using Amazon API Gateway to manage access to a set of microservices implemented as AWS Lambda functions. Following a bug report, the company makes a minor breaking change to one of the APIs. In order to avoid impacting existing clients when the new API is deployed, the company wants to allow clients six months to migrate from v1 to v2. Which approach should the Developer use to handle this change?

A) Use API Gateway to deploy a new stage named v2 to the API and provide users with its URL.
B) Update the underlying Lambda function, create an Amazon CloudFront distribution with the updated Lambda function as its origin.
C) Update the underlying Lambda function and provide clients with the new Lambda invocation URL.
D) Use API Gateway to automatically propagate the change to clients, specifying 180 days in the phased deployment parameter.



3. The upload of a 15 GB object to Amazon S3 fails. The error message reads: 'Your proposed upload exceeds the maximum allowed object size. What technique will allow the Developer to upload this object?

A) Contact AWS Support to increase the object size limit.
B) Upload the object over an AWS Direct Connect connection.
C) Upload the object to another AWS region.
D) Upload the object using the multi-part upload API.



4. A Developer is testing a Docker-based application that uses the AWS SDK to interact with Amazon DynamoDB. In the local development environment, the application has used IAM access keys. The application is now ready for deployment onto an ECS cluster. How should the application authenticate with AWS services in production?

A) Configure the credentials file with a new access key/secret access key
B) Configure an ECS task IAM role for the application to use
C) Refactor the application to call AWS STS AssumeRole based on an instance role
D) Configure AWS access key/secret access key environment variables with new credentials



5. An organization must store thousands of sensitive audio and video files in an Amazon S3 bucket. Organizational security policies require that all data written to this bucket be encrypted. How can compliance with this policy be ensured?

A) Configure an Amazon S3 bucket policy to prevent the upload of objects that contain the x-amz-server-side-encryption header.
B) Use AWS Lambda to send notifications to the security team if unencrypted objects are pun in the bucket.
C) Configure an Amazon S3 bucket policy to prevent the upload of objects that do not contain the x-amz-server-side-encryption header.
D) Create an Amazon CloudWatch event rule to verify that all objects stored in the Amazon S3 bucket are encrypted.