Question 6 of 443
A developer is configuring an Amazon CloudFront distribution for a new application to provide encryption in transit. The application is running in the eu-west-1
Region. The developer creates a new certificate in AWS Certificate Manager (ACM) in eu-west-1, but the certificate is not visible in the CloudFront distribution settings.
What should the developer do to fix this problem?
Region. The developer creates a new certificate in AWS Certificate Manager (ACM) in eu-west-1, but the certificate is not visible in the CloudFront distribution settings.
What should the developer do to fix this problem?
Suggested Answer: C
To use an ACM certificate with Amazon CloudFront, the certificate must be created in the US East (N. Virginia) region, also known as us-east-1. CloudFront is a global service, and it requires that the certificates be in us-east-1 to be used. Therefore, creating the certificate in the eu-west-1 region will not work for a CloudFront distribution. The correct action is to ensure the ACM certificate is created in the us-east-1 region, which is not addressed directly by any of the given options.
Community votes
No votes yet
Question 7 of 443
A developer is building an application that runs behind an Application Load Balancer (ALB). The ALB is configured as the origin for an Amazon CloudFront distribution. Users will log in to the application by using their social media accounts.
How can the developer authenticate users?
How can the developer authenticate users?
Suggested Answer: B
To authenticate users logging in with their social media accounts when the application runs behind an Application Load Balancer (ALB) and uses CloudFront, you should configure the ALB to use Amazon Cognito as one of the authentication providers. Amazon Cognito supports social identity providers like Google, Facebook, and Amazon, which allows easy integration and authentication without additional custom code. This configuration is directly supported by the ALB and simplifies the integration of social media logins for your application.
Community votes
No votes yet
Question 8 of 443
A company has an application that analyzes photographs. A developer is preparing the application for deployment to Amazon EC2 instances. The application's image analysis functions require a mix of GPU instances and CPU instances that run on Amazon Linux. The developer needs to add code to the application so that the functions can determine whether they are running on a GPU instance.
What should the functions do to obtain this information?
What should the functions do to obtain this information?
Suggested Answer: D
To determine whether an application is running on a GPU instance, the function should retrieve the instance type from the instance metadata. Instance metadata provides information about an instance that can be used to make decisions based on the instance's characteristics, including whether it has GPU capabilities.
Community votes
No votes yet
Question 9 of 443
A company has an application that uses Amazon Cognito user pools as an identity provider. The company must secure access to user records. The company has set up multi-factor authentication (MFA). The company also wants to send a login activity notification by email every time a user logs in.
What is the MOST operationally efficient solution that meets this requirement?
What is the MOST operationally efficient solution that meets this requirement?
Suggested Answer: B
The most operationally efficient solution to send a login activity notification by email every time a user logs in is to use an AWS Lambda function triggered by an Amazon Cognito post authentication Lambda trigger. This approach is efficient because it directly integrates with the authentication process of Amazon Cognito, ensuring that an email notification is sent immediately after a successful login without needing additional infrastructure or complex configurations involving other AWS services. This method effectively leverages the built-in capabilities of Cognito to meet the requirements.
Community votes
No votes yet
Question 10 of 443
A company hosts a three-tier web application on AWS behind an Amazon CloudFront distribution. A developer wants a dashboard to monitor error rates and anomalies of the CloudFront distribution with the shortest possible refresh interval.
Which combination of slops should the developer take to meet these requirements? (Choose two.)
Which combination of slops should the developer take to meet these requirements? (Choose two.)
Suggested Answer: A, D
To monitor error rates and anomalies of a CloudFront distribution with the shortest possible refresh interval, activating real-time logs on the CloudFront distribution and creating a stream in Amazon Kinesis Data Streams ensures immediate log delivery. Additionally, creating Amazon CloudWatch alarms based on expected values of selected CloudWatch metrics provides near-real-time anomaly and error detection, fitting the requirements for rapid refresh intervals.
Community votes
No votes yet