TutorialsDojo Flashcards
You need to set up an alert that notifies the IT manager about EC2 instances service limits.
Use Amazon CloudWatch Events to detect and react to changes in the status of Trusted Advisor checks
You need to track the deletion and rotation of CMKs.
Use AWS CloudTrail to log AWS KMS API calls
You need to investigate if the traffic is reaching the EC2 instance.
Use VPC flow logs
You need to ensure that the SSH protocol is always disabled on private servers.
Use AWS Config Rules
You need to retrieve the instance metadata of an EC2 instance.
http://169.254.169.254/latest/
You have to monitor the CPU usage of a single process in your EC2 instance.
Use the CloudWatch Agent procstat plugin to monitor system utilization.
When the incoming message traffic increases the EC2 instances fall behind and it takes too long to process the messages.
Create an Auto Scaling group that can scale out based on the number of messages in the queue.
You need to log the client’s IP address latencies request paths and server responses that go through your Application Load Balancer.
Enable access logging in ALB and store the logs on an S3 bucket.
You need to determine which cipher is used for the SSL connection in your ELB.
Enable Server Order Preference
You need to monitor the total number of requests or connections in your load balancer.
Monitor the SurgeQueueLength metric
You need to ensure that the backups of an Amazon Redshift cluster are always available.
Configure the Amazon Redshift cluster to automatically copy snapshots of a cluster to another region.
You must remotely execute shell scripts and securely manage the configuration of EC2 instances.
Use Systems Manager Run Command
You need to identify the configuration changes in the CloudFormation resources.
Use drift detection
Requires a CloudFormation template that can be reused for multiple environments. If the template has been updated all the stack that is referencing it will automatically use the updated configuration.
Use Nested Stacks
You need to automate the process of updating the CloudFomration templates to map to the latest AMI IDs.
Use CloudFormation with Systems Manager Parameter Store
The eviction count in Amazon ElastiCache for Memcached has exceeded its threshold.
Scale the cluster by increasing the number of nodes.
You need to provide each department a new AWS account with governance guardrails and a defined baseline in place.
Set up AWS Control Tower
An S3 bucket must be configured to move the objects older than 60 days to Infrequent Access storage class.
Set up a lifecycle policy
You need to monitor all the COPY and UNLOAD traffic in the Redshift cluster.
Enable Enhanced VPC routing on the Redshift cluster.
You need to generate a report on the replication and encryption status of all of the objects stored in the S3 bucket.
Use S3 Inventory
A total of 500 TB of data needs to be transferred to Amazon S3 in the fastest way.
Use multiple AWS Snowball devices
You need to encrypt all the objects at rest in your S3 bucket
Use SS3-S3 SSE-KMS or SSE-C
You have to rotate an existing CMK with imported key material every 6 months
Create a new CMK with imported key material and update the key ID to point to the new CMK
A company needs to restrict access to the data in an S3 bucket.
Use S3 ACL and bucket policy
