1. You run a database on an EC2 instance, the data stored on store Elastic Block (EBS) for persistence At times throughout the day, you see a big gap in the database response times looking queries in the instance with the command isolate you see a lot of waiting time on the disk volume that data from databases are stored on. What two ways can you improve the performance of storage database while maintaining the current data persistence?

A) Move the database to an instance EBS-Optimized
B) Use the temporary storage on a 4xiarge m2 instance instead
C) None
D) T Using provisioned IOP EBS
E) Move to SSD e.g. supported


2. Your security policy organization requires all privileged users use either frequently rotated passwords or unique access credentials in addition to username / password. What are the next two options allow an organization to implement this policy for AWS users?

A) Enable the policy 1 hour password Disposable privileged users
B) Create 1 AM users to privileged accounts
C) Configuring multi-factor for the privileged IAM user authentication
D) None
E) Implement identity federation between your organization Identity provider leveraging the IAM Security Token Service


3. You have a server with a data volume of 500GB Amazon EBS. The volume is 80%. You should back up the volume at regular intervals and be able to recreate the volume in a new area availability in the shortest time possible. Al applications using the volume can be paused for a few minutes duration without noticeable impact user. Which of the following backup methods will best fulfill your needs?

A) Take periodic pictures of the EBS volume
B) Back up al data to a single compressed archive and archive to Amazon S3 using a parallelized download several parts
C) None
D) Create another EBS volume availability in the second zone attach to the Amazon EC2 instance, and use a disk manager for me two mirrored drives
E) Use a third incremental backup application to back up on Amazon Glacier


4. You are currently hosting multiple applications in a VPC and recorded many scans ports coming from a specific IP address block. Your security team requested that all IP address block access to offend denied tor the next 24 hours. Which of the following is the best method to quickly and temporarily deny access from the specified IP address block?

A) Change Network ACLs associated with all public subnets in the VPC to deny access from the IP address block
B) Add Rule to all VPC Security Groups 5 to deny access from the IP address block.
C) Creating an AD policy to change Windows Firewall settings on all VPC hosts to deny access from the IP address block
D) Change Windows Firewall settings on all Amazon Machine Images (AMIS) that your organization uses this VPC to prevent access from the address block P
E) None


5. You have identified the network throughput as a bottleneck on your mL small EC2 instance when downloading data in Amazon S3 in the same region. How can you remedy this situation?

A) Add an additional ENI
B) Use PIOPS EBS on the local volume
C) Change to a larger body
D) Use Direct Connect between EC2 and S3