ExamGecko
Search Search Login
Home Home / Amazon / DBS-C01
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An ecommerce company uses Amazon DynamoDB as the backend for its payments system. A new regulation requires the company to log all data access requests for financial audits. For this purpose, the company plans to use AWS logging and save logs to Amazon S3 How can a database specialist activate logging on the database?
A company is due for renewing its database license. The company wants to migrate its 80 TB transactional database system from on-premises to the AWS Cloud. The migration should incur the least possible downtime on the downstream database applications. The company’s network infrastructure has limited network bandwidth that is shared with other applications. Which solution should a database specialist use for a timely migration?
A retail company uses Amazon Redshift Spectrum to run complex analytical queries on objects that are stored in an Amazon S3 bucket. The objects are joined with multiple dimension tables that are stored in an Amazon Redshift database. The company uses the database to create monthly and quarterly aggregated reports. Users who attempt to run queries are reporting the following error message: error: Spectrum Scan Error: Access throttled Which solution will resolve this error?
A database specialist needs to delete user data and sensor data 1 year after it was loaded in an Amazon DynamoDB table. TTL is enabled on one of the attributes. The database specialist monitors TTL rates on the Amazon CloudWatch metrics for the table and observes that items are not being deleted as expected. What is the MOST likely reason that the items are not being deleted?
A company is about to launch a new product, and test databases must be re-created from production dat a. The company runs its production databases on an Amazon Aurora MySQL DB cluster. A Database Specialist needs to deploy a solution to create these test databases as quickly as possible with the least amount of administrative effort. What should the Database Specialist do to meet these requirements?
A company maintains several databases using Amazon RDS for MySQL and PostgreSQL. Each RDS database generates log files with retention periods set to their default values. The company has now mandated that database logs be maintained for up to 90 days in a centralized repository to facilitate real-time and after- the-fact analyses. What should a Database Specialist do to meet these requirements with minimal effort?
A company runs online transaction processing (OLTP) workloads on an Amazon RDS for PostgreSQL Multi- AZ DB instance. Tests were run on the database after work hours, which generated additional database logs. The free storage of the RDS DB instance is low due to these additional logs. What should the company do to address this space constraint issue?
A marketing company is developing an application to track responses to email message campaigns. The company needs a database storage solution that is optimized to work with highly connected dat a. The database needs to limit connections and programmatic access to the data by using IAM policies. Which solution will meet these requirements?
An online bookstore uses Amazon Aurora MySQL as its backend database. After the online bookstore added a popular book to the online catalog, customers began reporting intermittent timeouts on the checkout page. A database specialist determined that increased load was causing locking contention on the database. The database specialist wants to automatically detect and diagnose database performance issues and to resolve bottlenecks faster. Which solution will meet these requirements?
Amazon Neptune is being used by a corporation as the graph database for one of its products. During an ETL procedure, the company's data science team produced enormous volumes of temporary data by unintentionally. The Neptune DB cluster extended its storage capacity automatically to handle the added data, but the data science team erased the superfluous data. What should a database professional do to prevent incurring extra expenditures for cluster volume space that is not being used?

Question 303 - DBS-C01 discussion

Report
Export

A company has a reporting application that runs on an Amazon EC2 instance in an isolated developer account on AWS. The application needs to retrieve data during non-peak company hours from an Amazon Aurora PostgreSQL database that runs in the companys production account The companys security team requires that access to production resources complies with AWS best security practices

A database administrator needs to provide the reporting application with access to the production database. The company has already configured VPC peering between the production account and developer account The company has also updated the route tables in both accounts With the necessary entries to correctly set up VPC peering

What must the database administrator do to finish providing connectivity to the reporting application?

A.
Add an inbound security group rule to the database security group that allows access from the developer account VPC CIDR on port 5432. Add an outbound security group rule to the EC2 security group that allows access to the production account VPC CIDR on port 5432.
Answers
A.
Add an inbound security group rule to the database security group that allows access from the developer account VPC CIDR on port 5432. Add an outbound security group rule to the EC2 security group that allows access to the production account VPC CIDR on port 5432.
B.
Add an outbound security group rule to the database security group that allows access from the developer account VPC CIDR on port 5432. Add an outbound security group rule to the EC2 security group that allows access to the production account VPC CIDR on port 5432.
Answers
B.
Add an outbound security group rule to the database security group that allows access from the developer account VPC CIDR on port 5432. Add an outbound security group rule to the EC2 security group that allows access to the production account VPC CIDR on port 5432.
C.
Add an inbound security group rule to the database security group that allows access from the developer account VPC CIDR on all TCP ports. Add an inbound security group rule to the EC2 security group that allows access to the production account VPC CIDR on port 5432_
Answers
C.
Add an inbound security group rule to the database security group that allows access from the developer account VPC CIDR on all TCP ports. Add an inbound security group rule to the EC2 security group that allows access to the production account VPC CIDR on port 5432_
D.
Add an inbound security group rule to the database security group that allows access from the developer account VPC CIDR on port 5432_ Add an outbound security group rule to the EC2 security group that allows access to the production account VPC CIDR on all TCP ports
Answers
D.
Add an inbound security group rule to the database security group that allows access from the developer account VPC CIDR on port 5432_ Add an outbound security group rule to the EC2 security group that allows access to the production account VPC CIDR on all TCP ports
Suggested answer: A

Explanation:

The correct answer is A. Add an inbound security group rule to the database security group that allows access from the developer account VPC CIDR on port 5432. Add an outbound security group rule to the EC2 security group that allows access to the production account VPC CIDR on port 5432. The explanation is as follows: To allow the reporting application to access the production database, the database administrator needs to configure the security group rules for both the database and the EC2 instance. The security group rules must allow traffic between the peered VPCs on the port that the database uses, which is 5432 for PostgreSQL1. Option A is correct because it adds an inbound rule to the database security group that allows access from the developer account VPC CIDR on port 5432. This means that the database can accept connections from the EC2 instance in the peered VPC. It also adds an outbound rule to the EC2 security group that allows access to the production account VPC CIDR on port 5432. This means that the EC2 instance can initiate connections to the database in the peered VPC. Option B is incorrect because it adds an outbound rule to the database security group, which is not necessary. The database does not need to initiate connections to the EC2 instance, only accept them. It also does not add an inbound rule to the EC2 security group, which is not required. The EC2 instance does not need to accept connections from the database, only initiate them. Option C is incorrect because it adds an inbound rule to the database security group that allows access from the developer account VPC CIDR on all TCP ports. This is too permissive and violates the principle of least privilege2. It also adds an inbound rule to the EC2 security group that allows access to the production account VPC CIDR on port 5432. This is unnecessary and does not help with connectivity. Option D is incorrect because it adds an outbound rule to the EC2 security group that allows access to the production account VPC CIDR on all TCP ports. This is too permissive and violates the principle of least privilege2. It also does not add an outbound rule to the database security group, which is not needed.


Show Answer
asked 16/09/2024
Lyndon Kumire
28 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms