BDS-C00 Online Practice Questions and Answers

An organization needs to store sensitive information on Amazon S3 and process it through Amazon EMR. Data must be encrypted on Amazon S3 and Amazon EMR at rest and in transit. Using Thrift Server, the Data Analysis team users HIVE to interact with this data. The organization would like to grant access to only specific databases and tables, giving permission only to the SELECT statement.

Which solution will protect the data and limit user access to the SELECT statement on a specific portion of data?

A. Configure Transparent Data Encryption on Amazon EMR. Create an Amazon EC2 instance and install Apache Ranger. Configure the authorization on the cluster to use Apache Ranger.

B. Configure data encryption at rest for EMR File System (EMRFS) on Amazon S3. Configure data encryption in transit for traffic between Amazon S3 and EMRFS. Configure storage and SQL base authorization on HiveServer2.

C. Use AWS KMS for encryption of data. Configure and attach multiple roles with different permissions based on the different user needs.

D. Configure Security Group on Amazon EMR. Create an Amazon VPC endpoint for Amazon S3.

Configure HiveServer2 to use Kerberos authentication on the cluster.

Multiple rows in an Amazon Redshift table were accidentally deleted. A System Administrator is restoring the table from the most recent snapshot. The snapshot contains all rows that were in the table before the deletion.

What is the SIMPLEST solution to restore the table without impacting users?

A. Restore the snapshot to a new Amazon Redshift cluster, then UNLOAD the table to Amazon S3. In the original cluster, TRUNCATE the table, then load the data from Amazon S3 by using a COPY command.

B. Use the Restore Table from a Snapshot command and specify a new table name DROP the original table, then RENAME the new table to the original table name.

C. Restore the snapshot to a new Amazon Redshift cluster. Create a DBLINK between the two clusters in the original cluster, TRUNCATE the destination table, then use an INSERT command to copy the data from the new cluster.

D. Use the ALTER TABLE REVERT command and specify a time stamp of immediately before the data deletion. Specify the Amazon Resource Name of the snapshot as the SOURCE and use the OVERWRITE REPLACE option.

Location of Instances are ____________

A. Regional

B. based on Availability Zone

C. Global

A user is planning to setup notifications on the RDS DB for a snapshot. Which of the below mentioned event categories is not supported by RDS for this snapshot source type?

A. Backup

B. Creation

C. Deletion

D. Restoration

Are you able to integrate a multi-factor token service with the AWS Platform?

A. Yes, you can integrate private multi-factor token devices to authenticate users to the AWS platform.

B. No, you cannot integrate multi-factor token devices with the AWS platform.

C. Yes, using the AWS multi-factor token devices to authenticate users on the AWS platform.

A us-based company is expanding their web presence into Europe. The company wants to extend their AWS infrastructure from Northern Virginia (us-east-1) into the Dublin (eu-west-1) region.

Which of the following options would enable an equivalent experience for users on both continents?

A. Use a public-facing load balancer per region to load-balancer web traffic, and enable HTTP health checks

B. Use a public-facing load balancer per region to load balancer web traffic, and enable sticky sessions

C. Use Amazon Route S3, and apply a geolocation routing policy to distribution traffic across both regions

D. Use Amazon Route S3, and apply a weighted routing policy to distribute traffic across both regions

A user has created a launch configuration for Auto Scaling where CloudWatch detailed monitoring is disabled. The user wants to now enable detailed monitoring. How can the user achieve this?

A. Update the Launch config with CLI to set InstanceMonitoringDisabled = false

B. The user should change the Auto Scaling group from the AWS console to enable detailed monitoring

C. Update the Launch config with CLI to set InstanceMonitoring.Enabled = true

D. Create a new Launch Config with detail monitoring enabled and update the Auto Scaling group

After an Amazon VPC instance is launched, can I change the VPC security groups it belongs to?

A. No. You cannot.

B. Yes. You can.

C. Only if you are the root user D. Only if the tag "VPC_Change_Group" is true

An existing application stores sensitive information on a non-boot Amazon EBS data volume attached to an Amazon Elastic Compute Cloud instance.

Which of the following approaches would protect the sensitive data on an Amazon EBS volume?

A. Snapshot the current Amazon EBS volume. Restore the snapshot to a new, encrypted Amazon EBS volume Mount the Amazon EBS volume

B. Create and mount a new, encrypted Amazon EBS volume. Move the data to the new volume.

Delete the old Amazon EBS volume

C. Unmount the EBS volume. Toggle the encryption attribute to True. Re-mount the Amazon EBs volume

D. Upload your customer keys to AWS CloudHSM. Associate the Amazon EBS volume with AWS CloudHSM. Re-mount the Amazon EBS volume

To help you manage your Amazon EC2 instances, images, and other Amazon EC2 resources, you can assign your own metadata to each resource in the form of____________

A. special filters

B. functions

C. tags

D. wildcards