Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Associate Developer Exam > Section 12: CloudFront & AWS Global Accelerator > Flashcards

Section 12: CloudFront & AWS Global Accelerator Flashcards

1
Q 
Which features allows us to distribute paid content from S3 securely, globally, if the S3 bucket is secured to only exchange data with CloudFront?
A) Origin Access Identity 
B) S3 Pre-Signed URL
C) CloudFront Signed URL
D) CloudFront Distribution Invalidations
A

C) CloudFront Signed URL

CloudFront Signed URL are commonly used to distribute paid content through dynamic CloudFront Signed URL generation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You are hosting highly dynamic content in Amazon S3 in us-east-1. Recently, there has been a need to make that data available with low latency in Singapore. What do you recommend using?
A) CloudFront
B) S3 Cross Region Replication
C) S3 Pre-Signed URLs

A

B) S3 Cross Region Replication

S3 CRR allows you to replicate the data from one bucket in a region to another bucket in another region

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How can you ensure that only users who access our website through Canada are authorized in CloudFront?
A) Set up a security group and attach it to CloudFront
B) Use a Route 53 Latency record and attach it to CloudFront
C) Use CloudFront Geo Restriction

A

C) Use CloudFront Geo Restriction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
You would like to provide your users access to hundreds of private files in your CloudFront distribution, which is fronting an HTTP web server behind an application load balancer. What should you use?
A) CloudFront Signed URL
B) CloudFront Signed Cookies
C) CloudFront Origin Access Identity
D) CloudFront HTTPS encryption
A

B) CloudFront Signed Cookies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You are creating an application that is going to expose an HTTP REST API. There is a need to provide request routing rules at the HTTP level. Due to security requirements, your application can only be exposed through the use of two static IPs. How can you create a solution that validates these requirements?
A) Use Global Accelerator and an Application Load Balancer
B) Use a Network Load Balancer and attach Elastic IPs to it
C) Use an Application Load Balancer and attach Elastic IPs to it
D) Use CLoudFront with Elastic IP and Application Load Balancer

A

A) Use Global Accelerator and an Application Load Balancer

Global Accelerator will provide us with the two static IP, and the ALB will provide use with the HTTP routing rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
What does this S3 bucket policy do? 
{
   "Version":"2012-10-17",
   "Id":"Mystery policy",
   "Statement":[
     {
       "Sid":"What could it be?",
       "Effect":"Allow",
       "Principal":{"CanonicalUser":"CloudFront Origin Identity Canonical User ID"},
       "Action":"s3:GetObject",
       "Resource":"arn:aws:s3:::examplebucket/*"
     }
   ]
}

A) Forces GetObjects request to be encrypted if coming form CloudFront
B) Only allows the S3 bucket content to be accessed from your CloudFront distribution origin identity
C) Only allows GetObject type of request on the S3 bucket from anybody

A

B) Only allows the S3 bucket content to be accessed from your CloudFront distribution origin identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Associate Developer Exam (25 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions