- (Topic 1)
A company needs to use standard SQL to query and combine exabytes of structured and semi-structured data across a data warehouse, operational database, and data lake.
Which AWS service meets these requirements?

Correct Answer:D
Amazon Redshift is the service that meets the requirements of using standard SQL to query and combine exabytes of structured and semi-structured data across a data warehouse, operational database, and data lake. Amazon Redshift is a fully managed, petabyte-scale data warehouse service that allows you to run complex analytic queries using standard SQL and your existing business intelligence tools. Amazon Redshift also supports Redshift Spectrum, a feature that allows you to directly query and join data stored in Amazon S3 using the same SQL syntax. Amazon Redshift can scale up or down to handle any volume of data and deliver fast query performance5

- (Topic 3)
A company wants to ensure that all of its Amazon EC2 instances have compliant operating system patches.
Which AWS service will meet these requirements?

Correct Answer:D
AWS Systems Manager gives you visibility and control of your infrastructure on AWS. Systems Manager provides a unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources. You can use Systems Manager to apply OS patches, create system images, configure Windows and Linux operating systems, and execute PowerShell commands5. Systems Manager can help you ensure that all of your Amazon EC2 instances have compliant operating system patches by using the Patch Manager feature.

- (Topic 2)
A company is using Amazon RDS.
A company is launching a critical business application in an AWS Region. How can the company increase resilience for this application?

Correct Answer:D
Deploying the application by using multiple Availability Zones is the best way to increase resilience for the application. According to the Amazon RDS User Guide, "Amazon RDS provides high availability and failover support for DB instances using Multi- AZ deployments. In a Multi-AZ deployment, Amazon RDS automatically provisions and maintains a synchronous standby replica in a different Availability Zone. The primary DB instance is synchronously replicated across Availability Zones to a standby replica to provide data redundancy, eliminate I/O freezes, and minimize latency spikes during system backups."4 Deploying a copy of the application in another AWS account, using multiple VPCs, or using multiple subnets do not provide the same level of resilience as using multiple Availability Zones.

- (Topic 3)
A company is storing sensitive customer data in an Amazon S3 bucket. The company wants to protect the data from accidental deletion or overwriting.
Which S3 feature should the company use to meet these requirements?

Correct Answer:B
S3 Versioning is a feature that allows you to keep multiple versions of an object in the same bucket. You can use S3 Versioning to protect your data from accidental deletion or overwriting by enabling it on a bucket or a specific object. S3 Versioning also allows you to restore previous versions of an object if needed. S3 Lifecycle rules are used to automate the transition of objects between storage classes or to expire objects after a certain period of time. S3 bucket policies are used to control access to the objects in a
bucket. S3 server-side encryption is used to encrypt the data at rest in S3. References: S3 Versioning, S3 Lifecycle rules, S3 bucket policies, S3 server-side encryption

- (Topic 3)
What is a customer responsibility when using AWS Lambda according to the AWS shared responsibility model?

Correct Answer:A
According to the AWS shared responsibility model, AWS is responsible for
the security of the cloud, while customers are responsible for the security in the cloud. This means that AWS is responsible for the physical servers, networking, and operating system that run Lambda functions, while customers are responsible for the security of their code and AWS IAM to the Lambda service and within their function1. Customers need to manage the code within the Lambda function, such as writing, testing, debugging, deploying, and updating the code, as well as ensuring that the code does not contain any vulnerabilities or malicious code that could compromise the security or performance of the
function23. References: 2: AWS Lambda - Amazon Web Services (AWS), 3: AWS Lambda Documentation, 1: Amazon CLF-C02: What is customer responsibility under AWS … - PUPUWEB

- (Topic 3)
Which option is an AWS Cloud Adoption Framework (AWS CAF) foundational capability for the operations perspective?

Correct Answer:C
Identity and access management is one of the foundational capabilities for the operations perspective of the AWS Cloud Adoption Framework (AWS CAF). It involves managing the identities, roles, permissions, and credentials of users and systems that interact with AWS resources. Performance and capacity management is a capability for the platform perspective. Application portfolio management is a capability for the business perspective. Product management is a capability for the governance perspective.