1. As a Data Engineer, you need to design a storage solution for your analytical workload using Amazon S3. Which statement best describes the Storage Class Analysis feature?

A) It analyzes application access and reports on how data is being accessed.
B) It allows administrators to verify only bucket access by users and applications.
C) It analyzes storage access patterns and helps you determine when data should be transitioned to another storage class.
D) It allows users to see how their data is being written to disk.



2. Which VPC component should be used to allow communication between the VPC and the internet?

A) Network Access Control List (Network ACL)
B) Internet Gateway
C) Security group
D) Elastic Load Balancer



3. Select all AWS access key management best practices from the answers below. (select 3)(Select 3answers)

A) Use MFA for access keys.
B) Don't embed access keys directly into code.
C) Don't create your root user access key.
D) Rotate access keys every day.
E) Remove unused access keys.


4. As an Administrator for a global company, you have been tasked with creating a number of Amazon S3 buckets. What should you consider when naming each of the buckets? (select 2)(Select 2answers)

A) Bucket names must be unique across all AWS accounts in all the AWS Regions within a partition (Standard Regions, China Regions, AWS GovCloud).
B) Bucket names can be formatted as an IP address.
C) Bucket names must begin and end with a letter or number.
D) Bucket names can consist only of lowercase letters and numbers.



5. Your development team is deploying a new web application on AWS. You anticipate that your application will become a target of frequent DDoS attacks. Which AWS services below can be used in tandem to help protect against DDoS attacks? (select 3)(Select 3answers)

A) AWS Trusted Advisor
B) AWS Shield
C) Amazon Route 53
D) Amazon CloudFront
E) Amazon GuardDuty