1. You need to establish a secure backup and archiving solution for your company, using AWS. Documents should be immediately accessible for three months and available for five years for compliance reasons. Which AWS(Amazon Web Service) service fulfills these requirements in the most cost-effective way?

A) Use Direct Connect to upload data to S3 and use AM policies to move the data into Glacier for long-term archiving.
B) Upload data to S3 and use lifecycle policies to move the data Into Glacier for long-term archiving.
C) Upload the data on EBS, use lifecycle policies to move EBS snapshots into S3 and later into Glacier for long term archiving.
D) Use Storage Gateway to store data to 53 and use lifecycle policies to move the data into Red shift for long term archiving.



2. The CFO of a company wants to allow one of his employees to view only the AWS(Amazon Web Service) usage report page. Which of the below mentioned lAM policy statements allows the user to have access to the AWS(Amazon Web Service) usage report page? Please select:

A) Effect: Allow?, Action: [aws-portal: ViewBilling9, 'Resource?: Your answer Is incorrect.
B) Effect: Allow. 'Action: [aws-portal:ViewUsage aws-portal:ViewBilling9, Resource:
C) Effect: Allow'. 'Action: [Describe9, Resource': BilIing?
D) Effect: Allow?, NAction: AccountUsage]. Resource:



3. Your company has a set of EC2 Instances defined in AWS. These Ec2 Instances have strict security groups attached to them. You need to ensure that changes to the Security groups are noted and acted on accordingly. How can you achieve this?

A) Use Cloud watch events to be triggered for any changes to the Security Groups. Configure the Lambda function for email notification as well.
B) Use Cloud watch metrics to monitor the activity on the Security Groups. Use filters to search for the
C) Use Cloud watch logs to monitor the activity on the Security Groups. Use filters to search for the changes and use SNS for the notification.
D) Use AWS(Amazon Web Service) Inspector to monitor the activity on the Security Groups. Use filters to search for the changes and use SNS for the notification.



4. An application running on EC2 instances in a VPC must access sensitive data in the data center. The access must be encrypted in transit and have consistent low latency. Which hybrid architecture will meet these requirements?

A) A VPN between the VPC and the data center over a Direct Connect connection
B) A VPN between the VPC and the data center
C) Expose the data with a public HTTPS endpoint.
D) A Direct Connect connection between the VPC and data center



5. You have a set of 100 EC2 Instances in an AWS(Amazon Web Service) account. You need to ensure that all of these instances are patched and kept to date. All of the instances are in a private subnet. How can you achieve this. Choose 2 answers from the options given below Please select:(Select 2answers)

A) Use the AWS(Amazon Web Service) Inspector to patch the updates
B) Ensure an Internet gateway is present to download the updates
C) Use the Systems Manager to patch the instances
D) Ensure a NAT gateway is present to download the updates