CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. AWS-Certified-Advanced-Networking-Specialty

Free AWS-Certified-Advanced-Networking-Specialty Exam Braindumps (page: 33)

Page 33 of 102
PDF with 407 Questions

Which of the following characters is not allowed while creating a Namespace for a CloudWatch metric?

  1. /
  2. :
  3. #
  4. @

Answer(s): D

Explanation:

Namespace is a grouping or a container for a CloudWatch metric. The names must be valid XML characters, typically containing the alphanumeric characters "0-9A-Za-z" plus "."(period), "-" (hyphen), "_" (underscore), "/" (slash), "#" (hash), and ":" (colon). All AWS namespaces follow the convention AWS/<service>, such as AWS/EC2 and AWS/ELB.


Reference:

http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html



You would like to ensure that all Amazon S3 buckets going forward, current and newly created ones, have logging enabled. What type of trigger(s) should you use?

  1. only a periodic trigger
  2. only a configuration change trigger
  3. both configuration change and periodic triggers
  4. only a transitioning trigger

Answer(s): B

Explanation:

This case requires only a configuration change trigger because you only need to trigger when S3 buckets are created and changed. There is no time component to when the trigger needs to fire.


Reference:

http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config-rules.html



You have many IAM users with the ability to create EC2 volumes. Most of the data your team works with is sensitive, so you would like to make sure all volumes are encrypted. How might you facilitate this requirement?

  1. Create an AWS KMS policy and attach it to all IAM users that can create EC2 volumes.
  2. Use AWS Config and create a rule that requires all volumes, upon creation, be encrypted.
  3. Use AWS Config to send out reminders to IAM users every time they create an EC2 volume.
  4. Set EC2 to notify creators to encrypt their EC2 volumes.

Answer(s): B

Explanation:

AWS Config is used to evaluate the configuration settings of many AWS resources. When an EC2 volume in created, AWS Config can evaluate the volume against a rule that requires volumes to be encrypted. If the volume is not encrypted, AWS Config flags the volume and the rule as noncompliant.


Reference:

http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html



You can use the ___________command of the AWS Config service CLI to see the compliance state of each resource that AWS Config evaluates for a specific rule.

  1. describe-compliance-by-resource
  2. describe-compliance-by-config-rule
  3. get-compliance-details-by-config-rule
  4. get-compliance-details-by-resource

Answer(s): C

Explanation:

You can use the get-compliance-details-by-config-rule command of the AWS Config CLI to see the compliance state of each resource that AWS Config evaluates for a specific rule.


Reference:

http://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_view-compliance.html



Page 33 of 102



Post your Comments and Discuss Amazon AWS-Certified-Advanced-Networking-Specialty exam with other Community members:

Hello commented on September 04, 2024
awesome questions
Anonymous
upvote

Meenakshi commented on June 06, 2024
One of the best exam dumps site I have ever used. I have passed 3 of my exams with the help of this website.
INDIA
upvote