Untitled

Q1. A customer has asked for a solution that will analyze the clickstream data from a website and provide a real-time
dashboard of important metrics including, what pages visitors linger on and what items are searched. This will help identify
the pages that need improvement. Which of the folling options will meet the requirements for capturing and analyzing the data?

A. Have the website upload the log files to an Amazon S3 bucket. Run a daily Amazon Elastic MapReduce job to analyze the data
and update the board.

B. Have the web clicks added to Amazon Kinesis. Use Kinesis workers to analyze the data and update the board.

C. Have each click placed on an Amazon SQS queue and then have an Amazon EC2 instance launched periodically to drain the queue
into RDS. Then, analyze the data with SQL and update the board.

D. Have the web clicks written to Amazon DynamoDB and use EMR hourly to extract and analyze the data before posting to the
board.

==B==

Q2. An education company delivers course materials to their students as PDF downloads. Recently there have more downloads
than students in their classes. The company wants to limit each PDF to being downloaded only by members of that class. In
their current architecture, students sign in to their website running on EC2 instances. The website provides links to publicly
accessible files in Amazon S3. They want to use Amazon CloudFront to limit the number of downloads. What should you recommend?

A. Configure CloudFront with an Origin Access Identity for S3, and remove public read actions from the S3 bucket policy.
Configure S3 as a Trusted Signer for CloudFront. Have the web servers return a CloudFront-signed URL.

B. Configure CloudFront with an Origin Access Identity for S3. Create an EC2 role for the web servers that explicity denies
all S3 actions. Have the web servers return a CloudFront-signed URL.

C. Create a CloudFront Behavior with the AWS account as a Trusted Signer. Update the S3 bucket policy to remove all public
read actions. Have the web servers return the S3 URL.

D. Configure CloudFront with an Origin Access Identity for S3, and remove public read actions from the S3 bucket policy.
Create a CloudFront Behavior with the AWS account as a Trusted Signer. Have the web servers return a CloudFront-signed URL.

==D==

Q3. An AWS customer has a mobile pet minder application. The backend receives picture every 10 seconds from source cameras
and updates the end-user's mobile application with the latest picture of their pet. Pictures are not stored, they are either
delivered or deleted when the next picture arrives. The customer wants to ensure that only their customers have access to the
pictures, that the service can cope with sudden large peaks in load, and that it is highly available. Which of the following
options will meet all of these requirements?

A. Use Amazon Cognito for mobile user sign-in. Use an Auto Scaling group of EC2 instances across multiple Availability Zone
for serving the images, ElastiCache with a Redis Replication Group for caching, and multi-AZ RDS for storing user
information.

B. Use Amazon Cognito for mobile user sign-in, an Auto Scaling group of EC2 instances across multiple Availability Zones for
serving the images, and an EC2 instance running AWS Storage Gateway for holding the images.

C. Use AWS web identity federation for mobile user sign-in, an Auto Scaling group of EC2 instances across multiple
Availability Zones for serving the images, an ElastiCache instance of memcached as a caching layer, and multi-AZ RDS
instance as image store.

D. Use ELB with SSL mutual authentication for mobile user sign-in, an Auto Scaling group of EC2 instances across multiple
Availability Zone for holding and serving the images, and RDS for storing user information.

==A==