最新 [2023年03月] 効果的な学習法でJPNTestの問題集でDBS-C01テストを合格せよ [Q104-Q123]

最新 [2023年03月] 効果的な学習法でJPNTestの問題集でDBS-C01テストを合格せよ

実績のある受験者のシミュレーションされたDBS-C01試験PDF問題を試そう

質問 104
A company is running a blogging platform. A security audit determines that the Amazon RDS DB instance that is used by the platform is not configured to encrypt the data at rest. The company must encrypt the DB instance within 30 days.
What should a database specialist do to meet this requirement with the LEAST amount of downtime?

A. Convert the DB instance to an Amazon Aurora DB cluster, and enable encryption. When the DB cluster is available, update the endpoint that is used by the application to the cluster endpoint. Delete the unencrypted DB instance.
B. Create a read replica of the DB instance, and enable encryption. When the read replica is available, promote the read replica and update the endpoint that is used by the application. Delete the unencrypted DB instance.
C. Create a new encrypted DB instance. Perform an initial data load, and set up logical replication between the two DB instances When the new DB instance is in sync with the source DB instance, update the endpoint that is used by the application. Delete the unencrypted DB instance.
D. Take a snapshot of the DB instance. Make an encrypted copy of the snapshot. Restore the encrypted snapshot. When the new DB instance is available, update the endpoint that is used by the application. Delete the unencrypted DB instance.

正解: C

解説:
https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/encrypt-an-existing-amazon-rds-for-postgresql-db-instance.html When the new, encrypted copy of the DB instance becomes available, you can point your applications to the new database. However, if your project doesn't allow for significant downtime for this activity, you need an alternate approach that helps minimize the downtime. This pattern uses the AWS Database Migration Service (AWS DMS) to migrate and continuously replicate the data so that the cutover to the new, encrypted database can be done with minimal downtime.

質問 105
A company is load testing its three-tier production web application deployed with an AWS CloudFormation template on AWS. The Application team is making changes to deploy additional Amazon EC2 and AWS Lambda resources to expand the load testing capacity. A Database Specialist wants to ensure that the changes made by the Application team will not change the Amazon RDS database resources already deployed.
Which combination of steps would allow the Database Specialist to accomplish this? (Choose two.)

A. Define the database resources in a nested stack
B. Review the stack drift before modifying the template
C. Set a stack policy for the database resources
D. Create and review a change set before applying it
E. Export the database resources as stack outputs

正解: C,D

解説:
https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/best-practices.html#cfn-best-practices-changesets

質問 106
A company is writing a new survey application to be used with a weekly televised game show. The application will be available for 2 hours each week. The company expects to receive over 500,000 entries every week, with each survey asking 2-3 multiple choice questions of each user. A Database Specialist needs to select a platform that is highly scalable for a large number of concurrent writes to handle he anticipated volume.
Which AWS services should the Database Specialist consider? (Choose two.)

A. Amazon Neptune
B. Amazon Elasticsearch Service
C. Amazon DynamoDB
D. Amazon Redshift
E. Amazon ElastiCache

正解: C,E

質問 107
A financial company is running an Amazon Redshift cluster for one of its data warehouse solutions. The company needs to generate connection logs, user logs, and user activity logs. The company also must make these logs available for future analysis.
Which combination of steps should a database specialist take to meet these requirements? (Choose two.)

A. Create a new parameter group with the enable_user_activity_logging parameter set to true. Configure the cluster to use the new parameter group.
B. Modify the system table to enable logging for each user.
C. Edit the database configuration of the cluster by enabling audit logging. Direct the logging to a specified Amazon S3 bucket
D. Edit the database configuration of the cluster by enabling audit logging. Direct the logging to a specified log group in Amazon CloudWatch Logs.
E. Modify the cluster by enabling continuous delivery of AWS CloudTrail logs to Amazon S3.

正解: A,D

解説:
AWS CloudWatch Logs are stored indefinitely and CloudWatch Log Insights is used to analyze the logs and query upon them.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AnalyzingLogData.html
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html
"Log retention - By default, logs are kept indefinitely and never expire. You can adjust the retention policy for each log group, keeping the indefinite retention, or choosing a retention period between 10 years and one day."
https://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html

質問 108
A company runs a customer relationship management (CRM) system that is hosted on-premises with a MySQL database as the backend. A custom stored procedure is used to send email notifications to another system when data is inserted into a table. The company has noticed that the performance of the CRM system has decreased due to database reporting applications used by various teams. The company requires an AWS solution that would reduce maintenance, improve performance, and accommodate the email notification feature.
Which AWS solution meets these requirements?

A. Use MySQL running on an Amazon EC2 instance with Auto Scaling to accommodate the reporting applications. Configure a stored procedure and an AWS Lambda function that uses Amazon SES to send email notifications to the other system.
B. Use Amazon Aurora MySQL in a multi-master cluster to accommodate the reporting applications. Configure Amazon RDS event subscriptions to publish a message to an Amazon SNS topic and subscribe the other system's email address to the topic.
C. Use Amazon Aurora MySQL with a read replica for the reporting applications. Configure a stored procedure and an AWS Lambda function to publish a message to an Amazon SNS topic. Subscribe the other system's email address to the topic.
D. Use MySQL running on an Amazon EC2 instance with a read replica to accommodate the reporting applications. Configure Amazon SES integration to send email notifications to the other system.

正解: C

質問 109
A company conducted a security audit of its AWS infrastructure. The audit identified that data was not encrypted in transit between application servers and a MySQL database that is hosted in Amazon RDS.
After the audit, the company updated the application to use an encrypted connection. To prevent this problem from occurring again, the company's database team needs to configure the database to require in-transit encryption for all connections.
Which solution will meet this requirement?

A. Update the security group in use by the DB instance, and remove port 80 to prevent unencrypted connections from being established.
B. Update the parameter group in use by the DB instance, and set the require_secure_transport parameter to ON.
C. Connect to the database, and use ALTER USER to enable the REQUIRE SSL option on the database user.
D. Update the DB instance, and enable the Require Transport Layer Security option.

正解: B

解説:
https://aws.amazon.com/about-aws/whats-new/2022/08/amazon-rds-mysql-supports-ssl-tls-connections/

質問 110
A Database Specialist is setting up a new Amazon Aurora DB cluster with one primary instance and three Aurora Replicas for a highly intensive, business-critical application. The Aurora DB cluster has one mediumsized primary instance, one large-sized replica, and two medium sized replicas. The Database Specialist did not assign a promotion tier to the replicas.
In the event of a primary failure, what will occur?

A. Aurora will promote an Aurora Replica that is of the same size as the primary instance
B. Aurora will promote an arbitrary Aurora Replica
C. Aurora will not promote an Aurora Replica
D. Aurora will promote the largest-sized Aurora Replica

正解: A

質問 111
A company needs a data warehouse solution that keeps data in a consistent, highly structured format. The company requires fast responses for end-user queries when looking at data from the current year, and users must have access to the full 15-year dataset, when needed. This solution also needs to handle a fluctuating number incoming queries. Storage costs for the 100 TB of data must be kept low.
Which solution meets these requirements?

A. Leverage an Amazon Redshift data warehouse solution using a dense storage instance to store the most recent data. Keep historical data on Amazon S3 and access it using the Amazon Redshift Spectrum layer. Provision enough instances to support high demand.
B. Leverage an Amazon Redshift data warehouse solution using a dense storage instance to store the most recent data. Keep historical data on Amazon S3 and access it using the Amazon Redshift Spectrum layer. Enable Amazon Redshift Concurrency Scaling.
C. Leverage an Amazon Redshift data warehouse solution using a dense storage instance type while keeping all the data on local Amazon Redshift storage. Provision enough instances to support high demand.
D. Leverage an Amazon Redshift data warehouse solution using a dense storage instance to store the most recent data. Keep historical data on Amazon S3 and access it using the Amazon Redshift Spectrum layer. Leverage Amazon Redshift elastic resize.

正解: B

質問 112
A company with branch offices in Portland, New York, and Singapore has a three-tier web application that leverages a shared database. The database runs on Amazon RDS for MySQL and is hosted in the us-west-2 Region. The application has a distributed front end deployed in the us-west-2, ap-southheast-1, and us-east-2 Regions.
This front end is used as a dashboard for Sales Managers in each branch office to see current sales statistics.
There are complaints that the dashboard performs more slowly in the Singapore location than it does in Portland or New York. A solution is needed to provide consistent performance for all users in each location.
Which set of actions will meet these requirements?

A. Create an RDS read replica in the us-west-2 Region where the primary instance resides. Create a read replica in the ap-southeast-1 Region from the read replica located on the us-west-2 Region. Reconfigure the ap-southeast-1 front-end dashboard to access this instance.
B. Take a snapshot of the instance in the us-west-2 Region. Create a new instance from the snapshot in the ap-southeast-1 Region. Reconfigure the ap-southeast-1 front-end dashboard to access this instance.
C. Create an RDS read replica in the ap-southeast-1 Region from the primary RDS DB instance in the us- west-2 Region. Reconfigure the ap-southeast-1 front-end dashboard to access this instance.
D. Create a new RDS instance in the ap-southeast-1 Region. Use AWS DMS and change data capture (CDC) to update the new instance in the ap-southeast-1 Region. Reconfigure the ap-southeast-1 front-end dashboard to access this instance.

正解: C

解説:
Explanation
https://aws.amazon.com/rds/features/read-replicas/
"Amazon RDS Read Replicas provide enhanced performance and durability for RDS database (DB) instances.
They make it easy to elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads. You can create one or more replicas of a given source DB Instance and serve high-volume application read traffic from multiple copies of your data, thereby increasing aggregate read throughput. "
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.XRgn.html

質問 113
A company runs online transaction processing (OLTP) workloads on an Amazon RDS for PostgreSQL Multi- AZ DB instance. Tests were run on the database after work hours, which generated additional database logs. The free storage of the RDS DB instance is low due to these additional logs.
What should the company do to address this space constraint issue?

A. Run the SELECT rds_rotate_error_log() stored procedure to rotate the logs
B. Create a ticket with AWS Support to have the logs deleted
C. Log in to the host and run the rm $PGDATA/pg_logs/* command
D. Modify the rds.log_retention_period parameter to 1440 and wait up to 24 hours for database logs to be deleted

正解: D

解説:
To set the retention period for system logs, use the rds.log_retention_period parameter. You can find rds.log_retention_period in the DB parameter group associated with your DB instance. The unit for this parameter is minutes. For example, a setting of 1,440 retains logs for one day. The default value is 4,320 (three days). The maximum value is 10,080 (seven days).
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.Concepts.PostgreSQL.html

質問 114
A team of Database Specialists is currently investigating performance issues on an Amazon RDS for MySQL DB instance and is reviewing related metrics. The team wants to narrow the possibilities down to specific database wait events to better understand the situation.
How can the Database Specialists accomplish this?

A. Enable the option to push all database logs to Amazon CloudWatch for advanced analysis
B. Create appropriate Amazon CloudWatch dashboards to contain specific periods of time
C. Enable Enhanced Monitoring will the appropriate settings
D. Enable Amazon RDS Performance Insights and review the appropriate dashboard

正解: D

質問 115
An ecommerce company has tasked a Database Specialist with creating a reporting dashboard that visualizes critical business metrics that will be pulled from the core production database running on Amazon Auror a. Data that is read by the dashboard should be available within 100 milliseconds of an update.
The Database Specialist needs to review the current configuration of the Aurora DB cluster and develop a cost-effective solution. The solution needs to accommodate the unpredictable read workload from the reporting dashboard without any impact on the write availability and performance of the DB cluster.
Which solution meets these requirements?

A. Add an automatic scaling policy to the DB cluster to add Aurora Replicas to the cluster based on CPU consumption.
B. Provision a clone of the existing DB cluster for the new Application team.
C. Turn on the serverless option in the DB cluster so it can automatically scale based on demand.
D. Create a separate DB cluster for the new workload, refresh from the source DB cluster, and set up ongoing replication using AWS DMS change data capture (CDC).

正解: C

質問 116
A company requires near-real-time notifications when changes are made to Amazon RDS DB security groups.
Which solution will meet this requirement with the LEAST operational overhead?

A. Configure an RDS event notification subscription for DB security group events.
B. Configure an Amazon CloudWatch alarm for RDS metrics about changes to DB security groups.
C. Turn on AWS CloudTrail. Configure notifications for the detection of changes to DB security groups.
D. Create an AWS Lambda function that monitors DB security group changes. Create an Amazon Simple Notification Service (Amazon SNS) topic for notification.

正解: A

解説:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html#USER_Events.Messages.security-group

質問 117
A company is going through a security audit. The audit team has identified cleartext master user password in the AWS CloudFormation templates for Amazon RDS for MySQL DB instances. The audit team has flagged this as a security risk to the database team.
What should a database specialist do to mitigate this risk?

A. Remove the passwords from the CloudFormation template and store them in a separate file. Replace the passwords by running CloudFormation using a sed command.
B. Change all the databases to use AWS IAM for authentication and remove all the cleartext passwords in CloudFormation templates.
C. Use an AWS Secrets Manager resource to generate a random password and reference the secret in the CloudFormation template.
D. Remove the passwords from the CloudFormation templates so Amazon RDS prompts for the password when the database is being created.

正解: C

解説:
https://aws.amazon.com/blogs/infrastructure-and-automation/securing-passwords-in-aws-quick-starts-using-aws-secrets-manager/

質問 118
A company developed an AWS CloudFormation template used to create all new Amazon DynamoDB tables in its AWS account. The template configures provisioned throughput capacity using hard-coded values. The company wants to change the template so that the tables it creates in the future have independently configurable read and write capacity units assigned.
Which solution will enable this change?

A. Add values for the rcuCount and wcuCount parameters as outputs of the template. Configure DynamoDB to provision throughput capacity using the stack outputs.
B. Add values for the rcuCount and wcuCount parameters to the Mappings section of the template.
Configure DynamoDB to provision throughput capacity using the stack's mappings.
C. Add values for the rcuCount and wcuCount parameters to the Mappings section of the template. Replace the hard-coded values with calls to the Ref intrinsic function, referencing the new parameters.
D. Add values for two Number parameters, rcuCount and wcuCount, to the template. Replace the hard-coded values with calls to the Ref intrinsic function, referencing the new parameters.

正解: D

解説:
Explanation
Input parameter and FindInMap You can use an input parameter with the Fn::FindInMap function to refer to a specific value in a map. For example, suppose you have a list of regions and environment types that map to a specific AMI ID. You can select the AMI ID that your stack uses by using an input parameter (EnvironmentType). To determine the region, use the AWS::Region pseudo parameter, which gets the AWS Region in which you create the stack.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html

質問 119
A company developed an AWS CloudFormation template used to create all new Amazon DynamoDB tables in its AWS account. The template configures provisioned throughput capacity using hard-coded values. The company wants to change the template so that the tables it creates in the future have independently configurable read and write capacity units assigned.
Which solution will enable this change?

A. Add values for the rcuCount and wcuCount parameters as outputs of the template. Configure DynamoDB to provision throughput capacity using the stack outputs.
B. Add values for the rcuCount and wcuCount parameters to the Mappings section of the template. Configure DynamoDB to provision throughput capacity using the stack's mappings.
C. Add values for the rcuCount and wcuCount parameters to the Mappings section of the template. Replace the hard-coded values with calls to the Ref intrinsic function, referencing the new parameters.
D. Add values for two Number parameters, rcuCount and wcuCount, to the template. Replace the hard-coded values with calls to the Ref intrinsic function, referencing the new parameters.

正解: D

質問 120
A company's Security department established new requirements that state internal users must connect to an existing Amazon RDS for SQL Server DB instance using their corporate Active Directory (AD) credentials. A Database Specialist must make the modifications needed to fulfill this requirement.
Which combination of actions should the Database Specialist take? (Choose three.)

A. Use the AWS Management Console to create an AWS Managed Microsoft AD. Create a trust relationshipwith the corporate AD.
B. Disable Transparent Data Encryption (TDE) on the RDS SQL Server DB instance.
C. Use the AWS Management Console to create an AD Connector. Create a trust relationship with thecorporate AD.
D. Configure the AWS Managed Microsoft AD domain controller Security Group.
E. Modify the RDS SQL Server DB instance to use the directory for Windows authentication.
Createappropriate new logins.
F. Stop the RDS SQL Server DB instance, modify it to use the directory for Windows authentication, and startit again. Create appropriate new logins.

正解: A,D,F

質問 121
A financial company has allocated an Amazon RDS MariaDB DB instance with large storage capacity to accommodate migration efforts. Post-migration, the company purged unwanted data from the instance. The company now want to downsize storage to save money. The solution must have the least impact on production and near-zero downtime.
Which solution would meet these requirements?

A. Create a new RDS DB instance with the required storage and move the databases from the old instances to the new instance using AWS DMS
B. Create a new database using native backup and restore
C. Create a new read replica and make it the primary by terminating the existing primary
D. Create a snapshot of the old databases and restore the snapshot with the required storage

正解: A

解説:
Explanation
https://aws.amazon.com/premiumsupport/knowledge-center/rds-db-storage-size/ Use AWS Database Migration Service (AWS DMS) for minimal downtime.

質問 122
A company has a quarterly customer survey. The survey uses an Amazon EC2 instance that is hosted in a public subnet to host a customer survey website. The company uses an Amazon RDS DB instance that is hosted in a private subnet in the same VPC to store the survey results.
The company takes a snapshot of the DB instance after a survey is complete, deletes the DB instance, and then restores the DB instance from the snapshot when the survey needs to be conducted again. A database specialist discovers that the customer survey website times out when it attempts to establish a connection to the restored DB instance.
What is the root cause of this problem?

A. The route table of the private subnet that hosts the DB instance does not have a NAT gateway configured for communication with the EC2 instance.
B. The public subnet that hosts the EC2 instance does not have an internet gateway configured for communication with the DB instance.
C. The wrong security group was associated with the new DB instance when it was restored from the snapshot.
D. The VPC peering connection has not been configured properly for the EC2 instance to communicate with the DB instance.

正解: C

質問 123
......

シミュレーションされた材料でDBS-C01テストエンジンで学習：https://www.jpntest.com/shiken/DBS-C01-mondaishu

合格には必要なるDBS-C01試験問題集：https://drive.google.com/open?id=1Olsx4Wk2UNNiCesrgAwpKI3UucEn8y69