Amazon CLF-C02 Practice Test - Questions Answers, Page 49

According to the AWS shared responsibility model, AWS is responsible for the security of the cloud, while customers are responsible for the security in the cloud.This means that AWS is responsible for the physical servers, networking, and operating system that run Lambda functions, while customers are responsible for the security of their code and AWS IAM to the Lambda service and within their function1.Customers need to manage the code within the Lambda function, such as writing, testing, debugging, deploying, and updating the code, as well as ensuring that the code does not contain any vulnerabilities or malicious code that could compromise the security or performance of the function23.Reference:2:AWS Lambda - Amazon Web Services (AWS),3:AWS Lambda Documentation,1:Amazon CLF-C02: What is customer responsibility under AWS ... - PUPUWEB

EC2 Instance Savings Plans are a flexible pricing model that offer discounted hourly rates on Amazon EC2 instance usage for a 1 or 3 year term. EC2 Instance Savings Plans provide savings up to 72% off On-Demand rates, in exchange for a commitment to a specific instance family in a chosen AWS Region (for example, M5 in Virginia). These plans automatically apply to usage regardless of size (for example, m5.xlarge, m5.2xlarge, etc.), OS (for example, Windows, Linux, etc.), and tenancy (Host, Dedicated, Default) within the specified family in a Region.With an EC2 Instance Savings Plan, you can change your instance size within the instance family (for example, from c5.xlarge to c5.2xlarge) or the operating system (for example, from Windows to Linux), or move from Dedicated tenancy to Default and continue to receive the discounted rate provided by your EC2 Instance Savings Plan4567.Reference:4:Compute Savings Plans -- Amazon Web Services,5:What are Savings Plans? - Savings Plans,6:How To Cut Your AWS Bill With Savings Plans (and avoid some common ...,7:AWS Savings Plans vs Reserved Instances - GorillaStack

Global reach is a cloud computing advantage that a company can apply when it uses AWS Regions to increase application availability to users in different countries. Global reach refers to the ability to deploy applications and services in multiple geographic locations around the world, and to serve customers with low latency and high performance.AWS has the largest and most reliable global infrastructure of any cloud provider, with 25 Regions and 81 Availability Zones across the Americas, Europe, Asia Pacific, Africa, and the Middle East123.By using AWS Regions, a company can choose the best location for its application based on customer proximity, compliance requirements, and disaster recovery strategies23.Reference:1:AWS Global Infrastructure - Amazon Web Services (AWS),2:Regions and Availability Zones - Amazon Elastic Compute Cloud,3:AWS Infrastructure: Regions and Availability Zones Explained

Amazon Neptune is a fully managed graph database service on AWS. A graph database is a type of database that stores and queries data as a network of nodes and edges, representing entities and relationships.Graph databases are useful for applications that deal with highly connected data, such as social networks, recommendation engines, fraud detection, and knowledge graphs45. Amazon Neptune is a fast, reliable, and scalable graph database service that supports two popular graph models: property graphs and RDF. Amazon Neptune also supports two open standards for querying graphs: Apache TinkerPop Gremlin and SPARQL.Amazon Neptune handles the heavy lifting of managing the database, such as provisioning, patching, backup, recovery, encryption, and replication456.Reference:4:Managed Graph Database - Amazon Neptune - AWS,5:Amazon Neptune -- A Fully Managed Graph Database Service,6:Working with AWS Neptune. Neptune is a fully-managed graph ... - Medium

AWS serverless computing is a way of building and running applications without thinking about servers. AWS manages the infrastructure for you, so you don't have to provision, scale, patch, or monitor servers.You only pay for the compute time you consume, and you can focus on your application logic instead of managing servers12.Reference:Serverless Computing -- Amazon Web Services,AWS Serverless Computing, Benefits, Architecture and Use-cases - XenonStack

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow log data can be published to Amazon CloudWatch Logs, Amazon S3, or Amazon Kinesis Data Firehose.You can use VPC Flow Logs to diagnose network issues, monitor traffic patterns, detect security anomalies, and comply with auditing requirements34.Reference:Logging IP traffic using VPC Flow Logs - Amazon Virtual Private Cloud,New -- VPC Traffic Mirroring -- Capture & Inspect Network Traffic | AWS News Blog

AWS Identity and Access Management (IAM) is a service that helps you securely control access to AWS resources for your users. You use IAM to control who can use your AWS resources (authentication) and what resources they can use and in what ways (authorization).IAM also enables you to follow the principle of least privilege, which means granting only the permissions that are necessary to perform a task1.Reference:AWS Identity and Access Management (IAM) - AWS Documentation

AWS IAM Identity Center (AWS Single Sign-On) is a cloud-based service that makes it easy to centrally manage single sign-on (SSO) access to multiple AWS accounts and business applications.You can use AWS SSO to enable your users to sign in to the AWS Management Console or the AWS Command Line Interface (AWS CLI) with their existing corporate credentials2.You can also manage SSO access and user permissions across all your AWS accounts in AWS Organizations3.Reference:AWS Single Sign-On - AWS Documentation,AWS Organizations - AWS Documentation

According to the AWS shared responsibility model, AWS is responsible for the security of the cloud, while customers are responsible for the security in the cloud. This means that AWS is responsible for the physical servers, networking, and operating system that run DynamoDB, while customers are responsible for the security of their data and access to the database.Customers need to manage database access permissions, such as creating and managing AWS Identity and Access Management (IAM) policies and roles, and using encryption and key management options to protect their data123.Reference:1:Shared Responsibility Model - Amazon Web Services (AWS),2:Security in Amazon DynamoDB - Amazon DynamoDB,3:AWS Shared Responsibility Model - Introduction to DevOps ...