You are currently hosting multiple applications in a VPC and have logged numerous port scans
coming in from a specific IP address block. Your security team has requested that all access from
the offending IP address block be denied tor the next 24 hours.
Which of the following is the best method to quickly and temporarily deny access from the
specified IP address block?
When preparing for a compliance assessment of your system built inside of AWS. what are three
best-practices for you to prepare for anaudit?
Choose 3 answers
You have started a new job and are reviewing your company’s infrastructure on AWS You notice
one web application where they have an Elastic Load Balancer (&B) in front of web instances in an
Auto Scaling Group When you check the metrics for the ELB in CloudWatch you see four healthy
instances In Availability Zone (AZ) A and zero in AZ B There are zero unhealthy instances.
What do you need to fix to balance the instances across AZs?
You have been asked to leverage Amazon VPC BC2 and SOS to implement an application that
submits and receives millions of messages per second to a message queue. You want to ensure
your application has sufficient bandwidth between your EC2 instances and SQS
Which option will provide (he most scalable solution for communicating between the application
You have identified network throughput as a bottleneck on your ml small EC2 instance when
uploading data Into Amazon S3 In the same region.
How do you remedy this situation?
When attached to an Amazon VPC which two components provide connectivity with external
networks? Choose 2 answers
Your application currently leverages AWS Auto Scaling to grow and shrink as load Increases’
decreases and has been performing well Your marketing team expects a steady ramp up in traffic
to follow an upcoming campaign that will result in a 20x growth in traffic over 4 weeks Your
forecast for the approximate number of Amazon EC2 instances necessary to meet the peak
demand is 175.
What should you do to avoid potential service disruptions during the ramp up in traffic?
You have an Auto Scaling group associated with an Elastic Load Balancer (ELB). You have
noticed that instances launched via the Auto Scaling group are being marked unhealthy due to an
ELB health check, but these unhealthy instances are not being terminated
What do you need to do to ensure trial instances marked unhealthy by the ELB will be terminated
Which two AWS services provide out-of-the-box user configurable automatic backup-as-a-service
and backup rotation options?
Choose 2 answers
An organization has configured a VPC with an Internet Gateway (IGW). pairs of public and private
subnets (each with one subnet per Availability Zone), and an Elastic Load Balancer (ELB)
configured to use the public subnets The application s web tier leverages the ELB. Auto Scaling
and a mum-AZ RDS database instance The organization would like to eliminate any potential
single points ft failure in this design.
What step should you take to achieve this organization’s objective?