1. Your company has an on-premise Active Directory setup in place. The company has extended their footprint on AWS, but still want to have the ability to use their on-premise Active Directory for authentication. Which of the following AWS(Amazon Web Service) services can be used to ensure that AWS(Amazon Web Service) resources such as AWS(Amazon Web Service) Workspaces can S continue to use the existing credentials stored in the on-premise Active Directory.

A) Use the Active Directory connector service on AWS
B) Use the Classic Link feature on AWS
C) Use the AWS(Amazon Web Service) Simple AD service
D) Use the Active Directory service on AWS



2. Your application Is having a very high traffic, so you have enabled auto scaling in multi availability zone to suffice the needs of your application but you observe that one of the availability zone is not receiving any traffic. What can be wrong here? Please select:

A) Auto scaling only works for single availability zone
B) Availability zone is not added to Elastic load balancer
C) Auto scaling can be enabled for multi AZ only in north Virginia region
D) instances need to manually added to availability zone



3. Your development team is using access keys to develop an application that has access to S3 and Dynamo DB. A new security policy has outlined that the credentials should not be older than 2 months e and should be rotated. How can you achieve this

A) Delete the user associated with the keys after every 2 months. Then recreate the user again.
B) Use a script which will query the date the keys are created. If older than 2 months, delete them and recreate new keys .
C) Use the application to rotate the keys in every 2 months via the SDK
D) Delete the lAM Role associated with the keys after every 2 months. Then recreate the lAM Role again.



4. You are in charge of designing Cloud formation templates for your company. One of the key requirements is to ensure that if a Cloud formation stack is deleted , a snapshot of the relational database which is part of the stack, is created. How can you achieve this in the best possible way.

A) Use the Deletion policy of the cloud formation template to ensure a snapshot is created of the relational database.
B) Use the Update policy of the cloud formation template to ensure a snapshot is created of the relational database.
C) Create a new cloud formation template to create a snapshot of the relational database.
D) Create a snapshot of the relational database beforehand so that when the cloud formation stack is deleted, the snapshot of the database will be present.



5. You're building a mobile application game. The application needs permissions for each user to communicate and store data in Dynamo DB tables. What is the best method for granting each mobile device that installs your application to access Dynamo DB tables for storage when required? Choose the correct answer from the options below

A) Create an lAM role with the proper permission policy to communicate with the DynamoDB table. Use web identity federation, which assumes the lAM role using Assume Role With Web ldentity, when the user signs in, granting temporary security credentials using STS.
B) Create an Active Directory server and an AD user for each mobile application user. When the user signs in to the AD sign-on. allow the AD server to federate using SAML 2.0 to lAM and assign a role to the AD user which is the assumed with Assume Role With sAML.
C) During the install and game configuration process, have each user create an lAM credential and assign the lAM user to a group with proper permissions to communicate with Dynamo DB.
D) Create an lAM group that only gives access to your application and to the Dynamo Ds tables. Then, when writing to Dynamo DB. simply include the unique device ID to associate the data with that specific user.