1. Your public website uses a load balancer and an Auto Scaling group in a virtual private cloud. Your chief security officer has asked you to set up a monitoring system that quickly detects and alerts your team when a large sudden traffic increase occurs. How should you set this up?

A) Set up an Amazon Cloud Watch alarm for the Amazon EC2 Network in metric for the Auto Scaling group and then use Amazon SNS to alert your team.
B) Set up a cron job to actively monitor the AWS(Amazon Web Service) Cloud Trail logs for increased traffic and use Amazon SNS to
C) Use an Amazon EMR job to run every thirty minutes analyze the CloudWatch logs from your application Amazon EC2 instances in a batch manner to detect a sharp increase in traffic and then use the Amazon SNS SMS notification to alert your team
D) Set up an Amazon Cloud Watch alarm for the Elastic Load Balancing Network in metric and then use Amazon SNS to alert your team.
E) Use an Amazon EMR job to run every thirty minutes, analyze the Elastic Load Balancing access logs in a batch manner to detect a sharp increase in traffic and then use the Amazon Simple Email Service to alert your tea


2. You need to grant a vendor access to your AWS(Amazon Web Service) account. They need to be able to read protected messages in a private S3 bucket at their leisure. They also use AWS. What Is the best way to accomplish this? Please select:

A) Create a cross-account lAM Role with permission to access the bucket, and grant permission to use the RoI?, to the vendor AWS(Amazon Web Service) account.
B) Generate a signed S3 PUT URL and a signed S3 PUT URL both with wildcard values and 2 year durations. Pass the URL5 to the vendor.
C) Create an EC2 Instance Profile on your account. Grant the associated lAM role full access to the bucket. Start.... an EC2 instance with this Profile and give SSH access to the instance to the vendor.
D) Create an lAM User with API Access Keys. Grant the User permissions to access the bucket. Give the vendor the AWS(Amazon Web Service) Access Key ID and AWS(Amazon Web Service) Secret Access Key for the User.



3. You are building an application based on the Go programming language for internal, nonproduction use which uses My SQL as a database. You want developers without very much AWS(Amazon Web Service) experience to be able to deploy new code with a single command line push. You also want to set this up as simply as possible. Which Sh tool is ideal for this setup? Please select:

A) AWS Ops Works
B) AWS ELB+EC2
C) AWS Cloud Formation
D)



4. You have instances running on your VPC. You have both production and development based instances running in the VPC. You want to ensure that people who are responsible for the development instances don't have the access to work on the production Instances to ensure better security. Using policies, which of the following would be the best way to accomplish this? Choose the correct answer from the options given below ?

A) Launch the test and production Instances in separate VPC?s and use VPC peering
B) Create an lAM policy with a condition which allows access to only instances that are used for production or development
C) Launch the test and production instances in different Availability Zones and use Multi Factor Authentication?
D) Define the tags on the test and production servers and add a condition to the lAM policy which allows access to specific tags



5. Your development team is developing a mobile application that access resources in AWS. The users accessing this application will be logging in via Face book and Google. Which of the following AWS(Amazon Web Service) mechanisms would you use to authenticate users for the application that needs to access AWS(Amazon Web Service) resources Please select:

A) Use separate lAM Roles that correspond to each Face book and Google user
B) Use Web identity federation to authenticate the users
C) Use AWS(Amazon Web Service) Policies to authenticate the users
D) Use separate lAM users that correspond to each Face book and Google user