Which AWS service can be used to encrypt data at rest?
Amazon GuardDuty
AWS Shield
AWS Security Hub
AWS Key Management Service (AWS KMS)
Answer is AWS Key Management Service (AWS KMS)
Using services like AWS KMS, AWS CloudHSM, and AWS ACM, customers can implement a comprehensive data at rest and data in transit encryption strategy across their AWS ecosystem to ensure all data of a given classification shares the same security posture.
A company wants to convert video files and audio files from their source format into a format that will play on smartphones, tablets, and web browsers.
Which AWS service supports a hybrid architecture that gives users the ability to extend AWS infrastructure, AWS services, APIs, and tools to data centers, co- location environments, or on-premises facilities?
AWS Snowmobile
AWS Local Zones
AWS Outposts
AWS Fargate
Answer is AWS Outposts
AWS Outposts is a family of fully managed solutions delivering AWS infrastructure and services to virtually any on-premises or edge location for a truly consistent hybrid experience. Outposts solutions allow you to extend and run native AWS services on premises, and is available in a variety of form factors, from 1U and 2U Outposts servers to 42U Outposts racks, and multiple rack deployments.
Local zone is close.
AWS Local Zones are a type of infrastructure deployment that places compute, storage, database, and other select AWS services close to large population and industry centers.
A company has a physical tape library to store data backups. The tape library is running out of space. The company needs to extend the tape library's capacity to the AWS Cloud.
Which AWS service should the company use to meet this requirement?
Amazon Elastic Block Store (Amazon EBS)
Amazon S3
Amazon Elastic File System (Amazon EFS)
AWS Storage Gateway
Answer is AWS Storage Gateway
AWS Storage Gateway is a set of hybrid cloud storage services that provide on-premises access to virtually unlimited cloud storage.
Question 206
Which AWS service can be used to turn text into lifelike speech?
Amazon Polly
Amazon Kendra
Amazon Rekognition
Amazon Connect
Answer is Amazon Polly
Directly form AWS White Paper for Services, "Amazon Polly is a service that turns text into lifelike speech."
Which AWS service or tool can be used to capture information about inbound and outbound traffic in an Amazon VPC?
VPC Flow Logs
Amazon Inspector
VPC endpoint services
NAT gateway
Answer is VPC Flow Logs
VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.
Question 208
A company wants to ensure that two Amazon EC2 instances are in separate data centers with minimal communication latency between the data centers.
How can the company meet this requirement?
Place the EC2 instances in two separate AWS Regions connected with a VPC peering connection.
Place the EC2 instances in two separate Availability Zones within the same AWS Region.
Place one EC2 instance on premises and the other in an AWS Region. Then connect them by using an AWS VPN connection.
Place both EC2 instances in a placement group for dedicated bandwidth.
Answer is Place the EC2 instances in two separate Availability Zones within the same AWS Region.
A cluster placement group is a logical grouping of instances within a SINGLE AVAILABILITY ZONE that benefits from low network latency, high network throughput.
in the same AvZone the latency will be lower. Actually the placement group will be a choice but it did not give the option to differenciate the datacenter between the EC2 instance.
Which AWS service is used to provide encryption for Amazon EBS?
AWS Certificate Manager
AWS Systems Manager
AWS KMS
AWS Config
Answer is AWS KMS
AWS Key Management Service (KMS) makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications. AWS KMS is a secure and resilient service that uses hardware security modules that have been validated under FIPS 140-2, or are in the process of being validated, to protect your keys. AWS KMS is integrated with AWS CloudTrail to provide you with logs of all key usage to help meet your regulatory and compliance needs.