- (Exam Topic 1)
A company runs applications that process credit card information. Auditors have asked if the AWS environment has changed since the previous audit. If the AWS environment has changed, the auditors want to know how it has changed. Which AWS services can provide this information? (Select TWO.)
Correct Answer:
CD
AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS' security and compliance reports and select online agreements.
AWS Trusted Advisor provides recommendations that help you follow AWS best practices. Trusted Advisor evaluates your account by using checks. These checks identify ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas.
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.
AWS CloudTrail enables auditing, security monitoring, and operational troubleshooting by tracking user activity and API usage. CloudTrail logs, continuously monitors, and retains account activity related to actions across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.
AWS Identity and Access Management (IAM) provides fine-grained access control across all of AWS. With IAM, you can specify who can access which services and resources, and under which conditions. With IAM policies, you manage permissions to your workforce and systems to ensure least-privilege permissions.
- (Exam Topic 2)
Which AWS services are delivered globally instead of regionally? (Select TWO.)
Correct Answer:
BC
- (Exam Topic 3)
Which benefit of the AWS Cloud helps companies achieve lower usage costs because of the aggregate of all AWS users?
Correct Answer:
A
- (Exam Topic 3)
A company wants to build an application that uses AWS Lambda to run Python code.
Under the AWS shared responsibility model, which tasks will be the company's responsibility? (Select TWO.)
Correct Answer:
CE
- (Exam Topic 3)
Which AWS services use cloud-native storage that provides replication across multiple Availability Zones by default? (Choose two.)
Correct Answer:
BE