Free Amazon SAP-C01 Exam Dumps

Here you can find all the free questions related with Amazon AWS Certified Solutions Architect - Professional (SAP-C01) exam. You can also find on this page links to recently updated premium files with which you can practice for actual Amazon AWS Certified Solutions Architect - Professional Exam. These premium versions are provided as SAP-C01 exam practice tests, both as desktop software and browser based application, you can use whatever suits your style. Feel free to try the AWS Certified Solutions Architect - Professional Exam premium files for free, Good luck with your Amazon AWS Certified Solutions Architect - Professional Exam.

Question No: 11

MultipleChoice

A company runs an e-commerce platform with front-end and e-commerce tiers. Both tiers run on LAMP stacks with the front-end instances running behind a load balancing appliance that has a virtual offering on AWS. Currently, the operations team uses SSH to log in to the instances to maintain patches and address other concerns. The platform has recently been the target of multiple attacks, including

* A DDoS attack

* An SOL injection attack

* Several successful dictionary attacks on SSH accounts on the web servers.

The company wants to improve the security of the e-commerce platform by migrating to AWS. The company's solutions architects have decided to use the following approach:

* Code review the existing application and fix any SQL injection issues

* Migrate the web application to AWS and leverage the latest AWS Linux AMI to address initial security patching

* Install AWS Systems Manager to manage patching and allow the system administrators to run commands on all instances, as needed.

What additional steps will address at of the identified attack types while providing high availability and minimizing risk?

Options

AEnable SSH access to the Amazon EC2 instances using a security group that limits access to specific IPs Migrate on-premises MySQL to Amazon RDS Multi-AZ. Install the third-party load balancer from the AWS Marketplace and migrate the existing rules to the load balancer's AWS instances. Enable AWS Shield Standard for DDoS protection.

BDisable SSH access to the Amazon EC2 instances. Migrate on-premises MySQL to Amazon RDS Multi-AZ Leverage an Elastic Load Balancer to spread the load and enable AWS Shield Advanced for protection. Add an Amazon CloudFront distnbution in front of the website. Enable AWS WAF on the distribution to manage the rules.

CEnable SSH access to the Amazon EC2 instances through a bastion host secured by limiting access to specific IP addresses Migrate on-premises MySQL to a self-managed EC2 instance Leverage an AWS Elastic Load Balancer to spread the load, and enable AWS Shield Standard for DDoS protection. Add an Amazon CloudFront distribution in front of the website.

DDisable SSH access to the EC2 instances. Migrate on-premises MySQL to Amazon RDS Single-AZ. Leverage an AWS Elastic Load Balancer to spread the load Add an Amazon CloudFront distribution in front of the website Enable AWS WAF on the distribution to manage the rules

Question No: 12

MultipleChoice

A company requires thai all internal application connectivity use private IP addresses. To facilitate this policy, a solutions architect has created interface endpoints to connect to AWS public services. Upon testing, the solutions architect notices that the service names are resolving to public IP addresses, and that internal services cannot connect to the interface endpoints.

Which step should the solutions architect take to resolve this issue?

Options

AUpdate the subnet route table with a route to the interface endpoint.

BEnable the private DNS option on the VPC attributes.

CConfigure the security group on the interface endpoint to allow connectivity to the AWS services.

DConfigure an Amazon Route 53 private hosted zone with a conditional forwarder for the internal application.

Limited Time Offer

25%

Off

Get Premium SAP-C01 Questions as Interactive Web-Based Practice Test or PDF