• Home
  • Articles
  • Updated Apr 27, 2024 Test Engine to Practice Test for DBS-C01 Valid and Updated Dumps [Q69-Q91]

Updated Apr 27, 2024 Test Engine to Practice Test for DBS-C01 Valid and Updated Dumps [Q69-Q91]

Share

Updated Apr 27, 2024 Test Engine to Practice Test for DBS-C01 Valid and Updated Dumps

Exam Questions for DBS-C01 Updated Versions With Test Engine


The AWS Certified Database - Specialty (DBS-C01) Exam is a certification exam that is designed to test the knowledge and skills of individuals who are interested in becoming certified professionals in database management. DBS-C01 exam is conducted by Amazon Web Services (AWS), which is one of the leading providers of cloud computing services in the world. DBS-C01 exam is designed to test the candidate's knowledge of database concepts, database design, database management, and database security.


The AWS Certified Database - Specialty (DBS-C01) exam consists of multiple-choice and multiple-response questions that assess a candidate's understanding of database architecture, database design, database deployment, database security, and troubleshooting. DBS-C01 exam is intended for individuals with at least two years of experience in database technologies and AWS services. Candidates are expected to have a deep understanding of AWS database services, including their features, limitations, and best practices.

 

NEW QUESTION # 69
A company's application development team wants to share an automated snapshot of its Amazon RDS database with another team. The database is encrypted with a custom AWS Key Management Service (AWS KMS) key under the "WeShare" AWS account. The application development team needs to share the DB snapshot under the "WeReceive" AWS account.
Which combination of actions must the application development team take to meet these requirements?
(Choose two.)

  • A. Share the DB snapshot by using the default AWS KMS encryption key.
  • B. Make a copy of the DB snapshot, and set the encryption option to disable.
  • C. Share the DB snapshot by setting the DB snapshot visibility option to public.
  • D. Add access from the "WeReceive" account to the custom AWS KMS key policy of the sharing team.
  • E. Make a copy of the DB snapshot, and set the encryption option to enable.

Answer: D,E

Explanation:
Explanation
https://aws.amazon.com/premiumsupport/knowledge-center/rds-snapshots-share-account/


NEW QUESTION # 70
A company uses Amazon DynamoDB as the data store for its ecommerce website. The website receives little to no traffic at night, and the majority of the traffic occurs during the day. The traffic growth during peak hours is gradual and predictable on a daily basis, but it can be orders of magnitude higher than during off-peak hours.
The company initially provisioned capacity based on its average volume during the day without accounting for the variability in traffic patterns. However, the website is experiencing a significant amount of throttling during peak hours. The company wants to reduce the amount of throttling while minimizing costs.
What should a database specialist do to meet these requirements?

  • A. Use provisioned capacity. Create an AWS Application Auto Scaling policy to update capacity based on consumption.
  • B. Use provisioned capacity. Set it to the capacity levels required for peak daytime throughput.
  • C. Use on-demand capacity.
  • D. Use reserved capacity. Set it to the capacity levels required for peak daytime throughput.

Answer: A

Explanation:
On-demand mode is a good option if any of the following are true: You create new tables with unknown workloads. You have unpredictable application traffic. You prefer the ease of paying for only what you use. https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.ProvisionedThroughput.Manual Amazon DynamoDB auto scaling uses the AWS Application Auto Scaling service to dynamically adjust provisioned throughput capacity on your behalf https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/AutoScaling.html


NEW QUESTION # 71
A company has a database monitoring solution that uses Amazon CloudWatch for its Amazon RDS for SQL Server environment. The cause of a recent spike in CPU utilization was not determined using the standard metrics that were collected. The CPU spike caused the application to perform poorly, impacting users. A Database Specialist needs to determine what caused the CPU spike.
Which combination of steps should be taken to provide more visibility into the processes and queries running during an increase in CPU load? (Choose two.)

  • A. Enable Amazon CloudWatch Events and view the incoming T-SQL statements causing the CPU to spike.
  • B. Enable Enhanced Monitoring metrics to view CPU utilization at the RDS SQL Server DB instance level.
  • C. Enable Amazon RDS Performance Insights to view the database load and filter the load by waits, SQL statements, hosts, or users.
  • D. Use Amazon QuickSight to view the SQL statement being run.
  • E. Implement a caching layer to help with repeated queries on the RDS SQL Server DB instance.

Answer: B,C

Explanation:
Explanation
https://aws.amazon.com/premiumsupport/knowledge-center/rds-instance-high-cpu/ "Several factors can cause an increase in CPU utilization. For example, user-initiated heavy workloads, analytic queries, prolonged deadlocks and lock waits, multiple concurrent transactions, long-running transactions, or other processes that utilize CPU resources. First, you can identify the source of the CPU usage by: Using Enhanced Monitoring Using Performance Insights"


NEW QUESTION # 72
A company's ecommerce website uses Amazon DynamoDB for purchase orders. Each order is made up of a Customer ID and an Order ID. The DynamoDB table uses the Customer ID as the partition key and the Order ID as the sort key.
To meet a new requirement, the company also wants the ability to query the table by using a third attribute named Invoice ID. Queries using the Invoice ID must be strongly consistent. A database specialist must provide this capability with optimal performance and minimal overhead.
What should the database administrator do to meet these requirements?

  • A. Use the partition key and a FilterExpression parameter with a filter on Invoice ID for all queries.
  • B. Add a local secondary index on Invoice ID to the existing table.
  • C. Recreate the table by using the latest snapshot while adding a local secondary index on Invoice ID.
  • D. Add a global secondary index on Invoice ID to the existing table.

Answer: C

Explanation:
as Local secondary index can only be created while creating the Dynamodb table. and query needs to use third attribute on top of primary and sort key, so Local Secondary index has primary and sort key as well as the third attribute. Global secondary index can be created without primary and sort key


NEW QUESTION # 73
A Database Specialist needs to speed up any failover that might occur on an Amazon Aurora PostgreSQL DB cluster. The Aurora DB cluster currently includes the primary instance and three Aurora Replicas.
How can the Database Specialist ensure that failovers occur with the least amount of downtime for the application?

  • A. Call the AWS CLI failover-db-cluster command
  • B. Enable Enhanced Monitoring on the DB cluster
  • C. Start a database activity stream on the DB cluster
  • D. Set the TCP keepalive parameters low

Answer: A


NEW QUESTION # 74
A Database Specialist is designing a disaster recovery strategy for a production Amazon DynamoDB table.
The table uses provisioned read/write capacity mode, global secondary indexes, and time to live (TTL). The Database Specialist has restored the latest backup to a new table.
To prepare the new table with identical settings, which steps should be performed? (Choose two.)

  • A. Re-create global secondary indexes in the new table
  • B. Define IAM policies for access to the new table
  • C. Set the provisioned read and write capacity
  • D. Encrypt the table from the AWS Management Console or use the update-table command
  • E. Define the TTL settings

Answer: A,C


NEW QUESTION # 75
A company is developing an application that performs intensive in-memory operations on advanced data structures such as sorted sets. The application requires sub-millisecond latency for reads and writes. The application occasionally must run a group of commands as an ACID-compliant operation. A database specialist is setting up the database for this application. The database specialist needs the ability to create a new database cluster from the latest backup of the production cluster.
Which type of cluster should the database specialist create to meet these requirements?

  • A. Amazon Neptune
  • B. Amazon ElastiCache for Redis
  • C. Amazon DynamoDB Accelerator (DAX)
  • D. Amazon ElastiCache for Memcached

Answer: B

Explanation:
Explanation
https://aws.amazon.com/elasticache/redis-vs-memcached/
https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/elasticache-use-cases.html#elasticache-for-redis-


NEW QUESTION # 76
A database specialist is launching a test graph database using Amazon Neptune for the first time. The database specialist needs to insert millions of rows of test observations from a .csv file that is stored in Amazon S3. The database specialist has been using a series of API calls to upload the data to the Neptune DB instance.
Which combination of steps would allow the database specialist to upload the data faster? (Choose three.)

  • A. Use AWS DMS to move data from Amazon S3 to the Neptune Loader.
  • B. Ensure an IAM role for the Neptune DB instance is configured with the appropriate permissions to allow access to the file in the S3 bucket.
  • C. Create an S3 VPC endpoint and issue an HTTP POST to the database's loader endpoint.
  • D. Curl the S3 URI while inside the Neptune DB instance and then run the addVertex or addEdge commands.
  • E. Ensure Amazon Cognito returns the proper AWS STS tokens to authenticate the Neptune DB instance to the S3 bucket hosting the CSV file.
  • F. Ensure the vertices and edges are specified in different .csv files with proper header column formatting.

Answer: B,C,F

Explanation:
Correct Answer: B, E, F
Explanation from Amazon documents:
To upload data faster to a Neptune DB instance from a .csv file stored in Amazon S3, the database specialist should use the Neptune Bulk Loader, which is a feature that allows you to load data from external files directly into a Neptune DB instance1. The Neptune Bulk Loader is faster and has less overhead than the API calls, such as SPARQL INSERT statements or Gremlin addV and addE steps2. The Neptune Bulk Loader supports both RDF and Gremlin data formats1.
To use the Neptune Bulk Loader, the database specialist needs to do the following13:
Ensure the vertices and edges are specified in different .csv files with proper header column formatting. This is required for the Gremlin data format, which uses two .csv files: one for vertices and one for edges. The first row of each file must contain the column names, which must match the property names of the graph elements. The files must also have a column named ~id for vertices and ~from and ~to for edges, which specify the unique identifiers of the graph elements1.
Ensure an IAM role for the Neptune DB instance is configured with the appropriate permissions to allow access to the file in the S3 bucket. This is required for the Neptune DB instance to read the data from the S3 bucket. The IAM role must have a trust policy that allows Neptune to assume the role, and a permissions policy that allows access to the S3 bucket and objects3.
Create an S3 VPC endpoint and issue an HTTP POST to the database's loader endpoint. This is required for the Neptune DB instance to communicate with the S3 bucket without going through the public internet. The S3 VPC endpoint must be in the same VPC as the Neptune DB instance. The HTTP POST request must specify the source parameter as the S3 URI of the .csv file, and optionally other parameters such as format, failOnError, parallelism, etc1.
Therefore, option B, E, and F are the correct steps to upload the data faster. Option A is not necessary because Amazon Cognito is not used for authenticating the Neptune DB instance to the S3 bucket. Option C is not suitable because AWS DMS is not designed for loading graph data into Neptune. Option D is not efficient because curling the S3 URI and running the addVertex or addEdge commands will be slower and more costly than using the Neptune Bulk Loader.


NEW QUESTION # 77
A marketing company is developing an application to track responses to email message campaigns. The company needs a database storage solution that is optimized to work with highly connected data. The database needs to limit connections and programmatic access to the data by using IAM policies.
Which solution will meet these requirements?

  • A. Amazon Aurora MySQL DB cluster
  • B. Amazon DynamoDB table
  • C. Amazon ElastiCache for Redis cluster
  • D. Amazon Neptune DB cluster

Answer: D

Explanation:
Explanation
Amazon Neptune is a fast, reliable, fully managed graph database service that makes it easy to build and run applications that work with highly connected data sets1. Graph databases are designed to store and query data that has complex relationships and interconnections, such as social networks, recommendation engines, fraud detection, and knowledge graphs2. Amazon Neptune supports two popular graph models: Property Graph and Resource Description Framework (RDF), and their respective query languages: Apache TinkerPop Gremlin and SPARQL2.
Amazon Neptune also supports IAM policies to control access to the database resources and operations. You can use IAM database authentication to authenticate users and applications that connect to a Neptune DB cluster. IAM database authentication works with MySQL and PostgreSQL database clients. You can also use IAM roles to manage access to Neptune from other AWS services, such as Amazon EC2, AWS Lambda, and Amazon SageMaker2.
Therefore, Amazon Neptune DB cluster is a suitable solution for the marketing company's requirements, as it can provide a graph database storage solution that is optimized for highly connected data and can limit connections and programmatic access by using IAM policies.


NEW QUESTION # 78
A company has a hybrid environment in which a VPC connects to an on-premises network through an AWS Site-to-Site VPN connection. The VPC contains an application that is hosted on Amazon EC2 instances. The EC2 instances run in private subnets behind an Application Load Balancer (ALB) that is associated with multiple public subnets. The EC2 instances need to securely access an Amazon DynamoDB table.
Which solution will meet these requirements?

  • A. Use the Site-to-Site VPN connection to route all DynamoD8 network traffic through the on-premises network infrastructure to access the EC2 instances
  • B. Add a NAT gateway in one of the public subnets of the VPC_ Configure the security groups of the EC2 instances to access the DynamoDB table through the NAT gateway
  • C. Use the internet gateway of the VPC to access the DynamoDB table. Use the ALB to route the traffic to the EC2 instances.
  • D. Create a VPC endpoint for DynamoDB_ Assign the endpoint to the route table of the private subnets that contain the EC2 instances.

Answer: D

Explanation:
Option D is correct because it meets the requirements of securely accessing a DynamoDB table from EC2 instances in a hybrid environment. A VPC endpoint for DynamoDB enables EC2 instances in a VPC to use their private IP addresses to access DynamoDB with no exposure to the public internet1.
The EC2 instances do not require public IP addresses, and do not need an internet gateway, a NAT device, or a virtual private gateway in the VPC. The endpoint policy and the security groups of the EC2 instances can control access to DynamoDB. Traffic between the VPC and DynamoDB does not leave the Amazon network. Assigning the endpoint to the route table of the private subnets that contain the EC2 instances ensures that any requests to DynamoDB from those subnets are routed to the private endpoint within the Amazon network.


NEW QUESTION # 79
A social media company recently launched a new feature that gives users the ability to share live feeds of their daily activities with their followers. The company has an Amazon RDS for MySOL DB instance that stores data about follower engagement After the new feature launched, the company noticed high CPU utilization and high database latency during reads and writes. The company wants to implement a solution that will identify the source of the high CPU utilization.
Which solution will meet these requirements with the LEAST administrative oversight?

  • A. Use Amazon Aurora Database Activity Streams
  • B. Use AWS CloudTrail
  • C. Use Amazon DevOps Guru insights_
  • D. Use Amazon CloudWatch Logs

Answer: C

Explanation:
Explanation
Amazon DevOps Guru is a service that helps you identify and troubleshoot performance issues and operational risks in your AWS applications. DevOps Guru uses machine learning to analyze data from various sources, such as Amazon CloudWatch metrics, AWS CloudTrail events, and Amazon RDS performance events, to detect anomalous behavior and generate insights. Insights provide a summary of the issue, the affected resources, the severity, the start and end time, and recommendations for remediation. DevOps Guru can also send notifications to Amazon Simple Notification Service (SNS) topics or AWS Chatbot channels when insights are created or updated.
Using DevOps Guru insights is a suitable solution for the social media company because it can help them identify the source of the high CPU utilization and high database latency in their Amazon RDS for MySQL DB instance with minimal administrative oversight. DevOps Guru can automatically monitor their application and generate insights when it detects any operational issues or risks. The company can then use the recommendations provided by DevOps Guru to resolve the issue and improve their application performance.


NEW QUESTION # 80
A company wants to automate the creation of secure test databases with random credentials to be stored safely for later use. The credentials should have sufficient information about each test database to initiate a connection and perform automated credential rotations. The credentials should not be logged or stored anywhere in an unencrypted form.
Which steps should a Database Specialist take to meet these requirements using an AWS CloudFormation template?

  • A. Add a resource of type AWS::SecretsManager::Secret and specify the GenerateSecretString property. Then, define the database user name in the SecureStringTemplate template. Create a resource for the database and reference the secret string for the MasterUserName and MasterUserPassword properties. Then, add a resource of type AWS::SecretsManagerSecretTargetAttachment with the SecretId and TargetId properties set to the Amazon Resource Names (ARNs) of the secret and the database.
  • B. Create the database with the MasterUserName and MasterUserPassword properties set to the default values. Then, create the secret with the user name and password set to the same default values. Add a Secret Target Attachment resource with the SecretId and TargetId properties set to the Amazon Resource Names (ARNs) of the secret and the database. Finally, update the secret's password value with a randomly generated string set by the GenerateSecretString property.
  • C. Add a Mapping property from the database Amazon Resource Name (ARN) to the secret ARN. Then, create the secret with a chosen user name and a randomly generated password set by the GenerateSecretString property. Add the database with the MasterUserName and MasterUserPassword properties set to the user name of the secret.
  • D. Create the secret with a chosen user name and a randomly generated password set by the GenerateSecretString property. Add an SecretTargetAttachment resource with the SecretId property set to the Amazon Resource Name (ARN) of the secret and the TargetId property set to a parameter value matching the desired database ARN. Then, create a database with the MasterUserName and MasterUserPassword properties set to the previously created values in the secret.

Answer: A


NEW QUESTION # 81
An electric utility company wants to store power plant sensor data in an Amazon DynamoDB table. The utility company has over 100 power plants and each power plant has over 200 sensors that send data every 2 seconds. The sensor data includes time with milliseconds precision, a value, and a fault attribute if the sensor is malfunctioning. Power plants are identified by a globally unique identifier. Sensors are identified by a unique identifier within each power plant. A database specialist needs to design the table to support an efficient method of finding all faulty sensors within a given power plant.
Which schema should the database specialist use when creating the DynamoDB table to achieve the fastest query time when looking for faulty sensors?

  • A. Use the plant identifier as the partition key and the sensor identifier as the sort key. Create a local secondary index (LSI) on the fault attribute.
  • B. Create a composite of the plant identifier and sensor identifier as the partition key. Use the measurement time as the sort key. Create a local secondary index (LSI) on the fault attribute.
  • C. Create a composite of the plant identifier and sensor identifier as the partition key. Use the measurement time as the sort key. Create a global secondary index (GSI) with the plant identifier as the partition key and the fault attribute as the sort key.
  • D. Use the plant identifier as the partition key and the measurement time as the sort key. Create a global secondary index (GSI) with the plant identifier as the partition key and the fault attribute as the sort key.

Answer: A

Explanation:
Plant id as partition key and Sensor id as a sort key. Fault can be identified quickly using the local secondary index and associated plant and sensor can be identified easily.


NEW QUESTION # 82
A security team is conducting an audit for a financial company. The security team discovers that the database credentials of an Amazon RDS for MySQL DB instance are hardcoded in the source code. The source code is stored in a shared location for automatic deployment and is exposed to all users who can access the location.
A database specialist must use encryption to ensure that the credentials are not visible in the source code.
Which solution will meet these requirements?

  • A. Store the credentials in an AWS Systems Manager Parameter Store secure string parameter that is encrypted by AWS Key Management Service (AWS KMS). Access the credentials with calls to Systems Manager.
  • B. Use an AWS Key Management Service (AWS KMS) key to encrypt the most recent database backup. Restore the backup as a new database to activate encryption.
  • C. Store the source code to access the credentials in an AWS Systems Manager Parameter Store secure string parameter that is encrypted by AWS Key Management Service (AWS KMS). Access the code with calls to Systems Manager.
  • D. Use an AWS Key Management Service (AWS KMS) key to encrypt the DB instance at rest. Activate RDS encryption in transit by using SSL certificates.

Answer: A

Explanation:
only creds in system manager secure parameter.


NEW QUESTION # 83
A database administrator needs to save a particular automated database snapshot from an Amazon RDS for Microsoft SQL Server DB instance for longer than the maximum number of days.
Which solution will meet these requirements in the MOST operationally efficient way?

  • A. Create a native SQL Server backup. Save the backup to an Amazon S3 bucket.
  • B. Export the contents of the snapshot to an Amazon S3 bucket.
  • C. Change the retention period of the snapshot to 45 days.
  • D. Create a manual copy of the snapshot.

Answer: D

Explanation:
Correct Answer: A
Explanation from Amazon documents:
Amazon RDS for Microsoft SQL Server supports two types of database snapshots: automated and manual. Automated snapshots are taken daily and are retained for a period of time that you specify, from 1 to 35 days. Manual snapshots are taken by you and are retained until you delete them.
To save a particular automated database snapshot for longer than the maximum number of days, the database administrator can create a manual copy of the snapshot. This can be done using the AWS Management Console, the AWS CLI, or the RDS API. The manual copy of the snapshot will be retained until it is deleted, regardless of the retention period of the automated snapshot. This solution is the most operationally efficient way to meet the requirements, because it does not require any additional steps or resources.
Therefore, option A is the correct solution to meet the requirements. Option B is not operationally efficient because it requires exporting the contents of the snapshot to an Amazon S3 bucket, which can be time-consuming and costly. Option C is not possible because the maximum retention period for automated snapshots is 35 days, not 45 days. Option D is not operationally efficient because it requires creating a native SQL Server backup and saving it to an Amazon S3 bucket, which can also be time-consuming and costly.


NEW QUESTION # 84
A Database Specialist is designing a new database infrastructure for a ride hailing application. The application data includes a ride tracking system that stores GPS coordinates for all rides. Real-time statistics and metadata lookups must be performed with high throughput and microsecond latency. The database should be fault tolerant with minimal operational overhead and development effort.
Which solution meets these requirements in the MOST efficient way?

  • A. Use Amazon Aurora MySQL as the database and use Aurora's buffer cache
  • B. Use Amazon RDS for MySQL as the database and use Amazon ElastiCache
  • C. Use Amazon DynamoDB as the database and use DynamoDB Accelerator
  • D. Use Amazon DynamoDB as the database and use Amazon API Gateway

Answer: C

Explanation:
https://aws.amazon.com/dynamodb/dax/#:~:text=Amazon%20DynamoDB%20Accelerator%20(DAX)%20is,millions%20of%20requests%20per%20second. "Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache for DynamoDB that delivers up to a 10x performance improvement - from milliseconds to microseconds - even at millions of requests per second. "


NEW QUESTION # 85
A company is hosting critical business data in an Amazon Redshift cluster. Due to the sensitive nature of the data, the cluster is encrypted at rest using AWS KMS. As a part of disaster recovery requirements, the company needs to copy the Amazon Redshift snapshots to another Region.
Which steps should be taken in the AWS Management Console to meet the disaster recovery requirements?

  • A. Create a new KMS customer master key in the source Region. Switch to the destination Region, enable Amazon Redshift cross-Region snapshots, and use the KMS key of the source Region.
  • B. Enable Amazon Redshift cross-Region snapshots in the source Region, and create a snapshot copy grant and use a KMS key in the destination Region.
  • C. Create a new KMS customer master key in the destination Region and create a new IAM role with access to the new KMS key. Enable Amazon Redshift cross-Region replication in the source Region and use the KMS key of the destination Region.
  • D. Create a new IAM role with access to the KMS key. Enable Amazon Redshift cross-Region replication using the new IAM role, and use the KMS key of the source Region.

Answer: B

Explanation:
Explanation
If you want to enable cross-Region snapshot copy for an AWS KMS-encrypted cluster, you must configure a snapshot copy grant for a root key in the destination AWS Region Source-Region : configure a cross-Region snapshot for an AWS KMS-encrypted cluster In Destination AWS Region : choose the AWS Region to which to copy snapshots.
https://docs.aws.amazon.com/redshift/latest/mgmt/managing-snapshots-console.html#xregioncopy-kms-encrypte


NEW QUESTION # 86
A company is releasing a new mobile game featuring a team play mode. As a group of mobile device users play together, an item containing their statuses is updated in an Amazon DynamoDB table. Periodically, the other users' devices read the latest statuses of their teammates from the table using the BatchGetltemn operation.
Prior to launch, some testers submitted bug reports claiming that the status data they were seeing in the game was not up-to-date. The developers are unable to replicate this issue and have asked a database specialist for a recommendation.
Which recommendation would resolve this issue?

  • A. Ensure the DynamoDB table is configured to be always consistent.
  • B. Enable a stream on the DynamoDB table and subscribe each device to the stream to ensure all devices receive up-to-date status information.
  • C. Ensure the BatchGetltem operation is called with the ConsistentRead parameter set to true.
  • D. Ensure the BatchGetltem operation is called with the ConsistentRead parameter set to false.

Answer: C

Explanation:
https://docs.aws.amazon.com/ja_jp/amazondynamodb/latest/developerguide/API_BatchGetItem_v20111205.html By default, BatchGetItem performs eventually consistent reads on every table in the request. If you want strongly consistent reads instead, you can set ConsistentRead to true for any or all tables.


NEW QUESTION # 87
A company has applications running on Amazon EC2 instances in a private subnet with no internet connectivity. The company deployed a new application that uses Amazon DynamoDB, but the application cannot connect to the DynamoDB tables. A developer already checked that all permissions are set correctly.
What should a database specialist do to resolve this issue while minimizing access to external resources?

  • A. Assign a new security group to the EC2 instances with an outbound rule to ports 80 and 443.
  • B. Create a VPC endpoint for DynamoDB and add a route to the endpoint in the subnet's route table.
  • C. Add a route to an internet gateway in the subnet's route table.
  • D. Add a route to a NAT gateway in the subnet's route table.

Answer: B

Explanation:
Explanation
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/vpc-endpoints-dynamodb.html


NEW QUESTION # 88
A database specialist was alerted that a production Amazon RDS MariaDB instance with 100 GB of storage was out of space. In response, the database specialist modified the DB instance and added 50 GB of storage capacity. Three hours later, a new alert is generated due to a lack of free space on the same DB instance. The database specialist decides to modify the instance immediately to increase its storage capacity by 20 GB.
What will happen when the modification is submitted?

  • A. The request will succeed only if CPU utilization is less than 10%.
  • B. The request will succeed only if the primary instance is in active status.
  • C. The request will fail because this storage capacity is too large.
  • D. The request will fail as the most recent modification was too soon.

Answer: B


NEW QUESTION # 89
A company recently acquired a new business. A database specialist must migrate an unencrypted 12 TB Amazon RDS for MySQL DB instance to a new AWS account. The database specialist needs to minimize the amount of time required to migrate the database.
Which solution meets these requirements?

  • A. Create a snapshot of the source DB instance in the source account. Share the snapshot with the destination account. In the target account, create a DB instance from the snapshot.
  • B. Create a read replica of the DB instance. Give the destination account access to the read replica. In the destination account, create a snapshot of the shared read replica and provision a new RDS for MySQL DB instance.
  • C. Use mysqldump to back up the source database. Create an RDS for MySQL DB instance in the destination account. Use the mysql command to restore the backup in the destination database.
  • D. Use AWS Resource Access Manager to share the source DB instance with the destination account. Create a DB instance in the destination account using the shared resource.

Answer: A

Explanation:
Sharing an unencrypted manual DB snapshot enables authorized AWS accounts to directly restore a DB instance from the snapshot instead of taking a copy of it and restoring from that. https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ShareSnapshot.html However Resource Access Manager could not share non-Aurora cluster. https://docs.aws.amazon.com/ram/latest/userguide/shareable.html


NEW QUESTION # 90
A company developed a new application that is deployed on Amazon EC2 instances behind an Application Load Balancer. The EC2 instances use the security group named sg-application-servers. The company needs a database to store the data from the application and decides to use an Amazon RDS for MySQL DB instance.
The DB instance is deployed in private DB subnet.
What is the MOST restrictive configuration for the DB instance security group?

  • A. Only allow incoming traffic from the subnet of the application servers on port 3306.
  • B. Only allow incoming traffic from the subnet of the application servers on port 443.
  • C. Only allow incoming traffic from the sg-application-servers security group on port 3306.
  • D. Only allow incoming traffic from the sg-application-servers security group on port 443.

Answer: C

Explanation:
Explanation
most restrictive approach is to allow only incoming connections from SG of EC2 instance on port 3306


NEW QUESTION # 91
......

DBS-C01 Exam Dumps - Free Demo & 365 Day Updates: https://surepass.free4dump.com/DBS-C01-real-dump.html

Related Articles

more
Amazon DBS-C01 Certification Practice Exam