テスト資料DBS-C01テストエンジン試験問題はここにある[2022年12月]
合格突破受験者シミュレーションされたDBS-C01試験PDF問題を試そう
Amazon DBS-C01 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
質問 24
A company has multiple applications serving data from a secure on-premises database. The company is migrating all applications and databases to the AWS Cloud. The IT Risk and Compliance department requires that auditing be enabled on all secure databases to capture all log ins, log outs, failed logins, permission changes, and database schema changes. A Database Specialist has recommended Amazon Aurora MySQL as the migration target, and leveraging the Advanced Auditing feature in Aurora.
Which events need to be specified in the Advanced Auditing configuration to satisfy the minimum auditing requirements? (Choose three.)
- A. QUERY
- B. QUERY_DCL
- C. QUERY_DML
- D. CONNECT
- E. TABLE
- F. QUERY_DDL
正解: B,D,F
解説:
Explanation
Connect - logins / DCL - authorizations (grant,revoke), DDL - schema updates
質問 25
A company is going through a security audit. The audit team has identified cleartext master user password in the AWS CloudFormation templates for Amazon RDS for MySQL DB instances. The audit team has flagged this as a security risk to the database team.
What should a database specialist do to mitigate this risk?
- A. Use an AWS Secrets Manager resource to generate a random password and reference the secret in the CloudFormation template.
- B. Change all the databases to use AWS IAM for authentication and remove all the cleartext passwords in CloudFormation templates.
- C. Remove the passwords from the CloudFormation templates so Amazon RDS prompts for the password when the database is being created.
- D. Remove the passwords from the CloudFormation template and store them in a separate file. Replace the passwords by running CloudFormation using a sed command.
正解: A
解説:
Explanation
https://aws.amazon.com/blogs/infrastructure-and-automation/securing-passwords-in-aws-quick-starts-using-aws-
質問 26
An ecommerce company is using Amazon DynamoDB as the backend for its order-processing application. The steady increase in the number of orders is resulting in increased DynamoDB costs. Order verification and reporting perform many repeated GetItem functions that pull similar datasets, and this read activity is contributing to the increased costs. The company wants to control these costs without significant development efforts.
How should a Database Specialist address these requirements?
- A. Use DynamoDB Accelerator to offload the reads
- B. Use Amazon DynamoDB Streams and Amazon Kinesis Data Firehose to push the data into Amazon Redshift
- C. Use AWS DMS to migrate data from DynamoDB to Amazon DocumentDB
- D. Use an Amazon ElastiCache for Redis in front of DynamoDB to boost read performance
正解: B
質問 27
A startup company is building a new application to allow users to visualize their on-premises and cloud networking components. The company expects billions of components to be stored and requires responses in milliseconds. The application should be able to identify:
The networks and routes affected if a particular component fails.
The networks that have redundant routes between them.
The networks that do not have redundant routes between them.
The fastest path between two networks.
Which database engine meets these requirements?
- A. Amazon ElastiCache for Redis
- B. Amazon Aurora MySQL
- C. Amazon Neptune
- D. Amazon DynamoDB
正解: C
質問 28
A company uses the Amazon DynamoDB table contractDB in us-east-1 for its contract system with the following schema:
orderID (primary key) timestamp (sort key) contract (map) createdBy (string) customerEmail (string) After a problem in production, the operations team has asked a database specialist to provide an IAM policy to read items from the database to debug the application. In addition, the developer is not allowed to access the value of the customerEmail field to stay compliant.
Which IAM policy should the database specialist use to achieve these requirements?
A)
B)
C)
D)
- A. Option B
- B. Option A
- C. Option C
- D. Option C
正解: B
質問 29
A large financial services company requires that all data be encrypted in transit. A Developer is attempting to connect to an Amazon RDS DB instance using the company VPC for the first time with credentials provided by a Database Specialist. Other members of the Development team can connect, but this user is consistently receiving an error indicating a communications link failure. The Developer asked the Database Specialist to reset the password a number of times, but the error persists.
Which step should be taken to troubleshoot this issue?
- A. Ensure that the database option group for the RDS DB instance allows ingress from the Developermachine's IP address
- B. Ensure that the connection is using SSL and is addressing the port where the RDS DB instance is listeningfor encrypted connections
- C. Ensure that the RDS DB instance has not reached its maximum connections limit
- D. Ensure that the RDS DB instance's subnet group includes a public subnet to allow the Developer toconnect
正解: D
質問 30
A financial company has allocated an Amazon RDS MariaDB DB instance with large storage capacity to accommodate migration efforts. Post-migration, the company purged unwanted data from the instance. The company now want to downsize storage to save money. The solution must have the least impact on production and near-zero downtime.
Which solution would meet these requirements?
- A. Create a new read replica and make it the primary by terminating the existing primary
- B. Create a new RDS DB instance with the required storage and move the databases from the old instancesto the new instance using AWS DMS
- C. Create a snapshot of the old databases and restore the snapshot with the required storage
- D. Create a new database using native backup and restore
正解: C
質問 31
A database specialist was alerted that a production Amazon RDS MariaDB instance with 100 GB of storage was out of space. In response, the database specialist modified the DB instance and added 50 GB of storage capacity. Three hours later, a new alert is generated due to a lack of free space on the same DB instance. The database specialist decides to modify the instance immediately to increase its storage capacity by 20 GB.
What will happen when the modification is submitted?
- A. The request will fail because this storage capacity is too large.
- B. The request will succeed only if CPU utilization is less than 10%.
- C. The request will fail as the most recent modification was too soon.
- D. The request will succeed only if the primary instance is in active status.
正解: C
解説:
Explanation
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html
質問 32
A software development company is using Amazon Aurora MySQL DB clusters for several use cases, including development and reporting. These use cases place unpredictable and varying demands on the Aurora DB clusters, and can cause momentary spikes in latency. System users run ad-hoc queries sporadically throughout the week. Cost is a primary concern for the company, and a solution that does not require significant rework is needed.
Which solution meets these requirements?
- A. Create new Aurora Serverless DB clusters for development and reporting, then migrate to these new DB clusters.
- B. Use existing DB clusters and stop/start the databases on a routine basis using scheduling tools.
- C. Upgrade one of the DB clusters to a larger size, and consolidate development and reporting activities on this larger DB cluster.
- D. Change the DB clusters to the burstable instance family.
正解: D
質問 33
A Database Specialist is planning to create a read replica of an existing Amazon RDS for MySQL Multi-AZ DB instance. When using the AWS Management Console to conduct this task, the Database Specialist discovers that the source RDS DB instance does not appear in the read replica source selection box, so the read replica cannot be created.
What is the most likely reason for this?
- A. The source DB instance has to be converted to Single-AZ first to create a read replica from it.
- B. Enhanced Monitoring is not enabled on the source DB instance.
- C. The minor MySQL version in the source DB instance does not support read replicas.
- D. Automated backups are not enabled on the source DB instance.
正解: D
解説:
Explanation
>Your source DB instance must have backup retention enabled.
https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstanceReadReplica.html
質問 34
A corporation wishes to move a 1 TB Oracle database from its current location to an Amazon Aurora PostgreSQL DB cluster. The database specialist at the firm noticed that the Oracle database stores 100 GB of large binary objects (LOBs) across many tables. The Oracle database supports LOBs up to 500 MB in size and an average of 350 MB. AWS DMS was picked by the Database Specialist to transfer the data with the most replication instances.
How should the database specialist improve the transfer of the database to AWS DMS?
- A. Create two tasks: task1 with LOB tables using limited LOB mode with a maximum LOB size of 500 MB and task 2 without LOBs
- B. Create a single task using full LOB mode with a LOB chunk size of 500 MB to migrate the data and LOBs together
- C. Create two tasks: task1 with LOB tables using full LOB mode with a LOB chunk size of 500 MB and task2 without LOBs
- D. Create a single task using limited LOB mode with a maximum LOB size of 500 MB to migrate data and LOBs together
正解: A
解説:
Explanation
https://docs.aws.amazon.com/dms/latest/userguide/CHAP_BestPractices.html#CHAP_BestPractices.LOBS,
"AWS DMS migrates LOB data in two phases: 1. AWS DMS creates a new row in the target table and populates the row with all data except the associated LOB value. 2.AWS DMS updates the row in the target table with the LOB data." This means that we would need two tasks, one per phase and use limited LOB mode for best performance.
質問 35
A company needs a data warehouse solution that keeps data in a consistent, highly structured format. The company requires fast responses for end-user queries when looking at data from the current year, and users must have access to the full 15-year dataset, when needed. This solution also needs to handle a fluctuating number incoming queries. Storage costs for the 100 TB of data must be kept low.
Which solution meets these requirements?
- A. Leverage an Amazon Redshift data warehouse solution using a dense storage instance to store the most recent data. Keep historical data on Amazon S3 and access it using the Amazon Redshift Spectrum layer. Enable Amazon Redshift Concurrency Scaling.
- B. Leverage an Amazon Redshift data warehouse solution using a dense storage instance to store the most recent data. Keep historical data on Amazon S3 and access it using the Amazon Redshift Spectrum layer. Provision enough instances to support high demand.
- C. Leverage an Amazon Redshift data warehouse solution using a dense storage instance type while keeping all the data on local Amazon Redshift storage. Provision enough instances to support high demand.
- D. Leverage an Amazon Redshift data warehouse solution using a dense storage instance to store the most recent data. Keep historical data on Amazon S3 and access it using the Amazon Redshift Spectrum layer. Leverage Amazon Redshift elastic resize.
https://docs.aws.amazon.com/redshift/latest/dg/concurrency-scaling.html
"With the Concurrency Scaling feature, you can support virtually unlimited concurrent users and concurrent queries, with consistently fast query performance. When concurrency scaling is enabled, Amazon Redshift automatically adds additional cluster capacity when you need it to process an increase in concurrent read queries. Write operations continue as normal on your main cluster. Users always see the most current data, whether the queries run on the main cluster or on a concurrency scaling cluster. You're charged for concurrency scaling clusters only for the time they're in use. For more information about pricing, see Amazon Redshift pricing. You manage which queries are sent to the concurrency scaling cluster by configuring WLM queues. When you enable concurrency scaling for a queue, eligible queries are sent to the concurrency scaling cluster instead of waiting in line."
正解: A
質問 36
A financial services organization employs an Amazon Aurora PostgreSQL DB cluster to host an application on AWS. No log files detailing database administrator activity were discovered during a recent examination. A database professional must suggest a solution that enables access to the database and maintains activity logs.
The solution should be simple to implement and have a negligible effect on performance.
Which database specialist solution should be recommended?
- A. Enable Aurora Database Activity Streams on the database in asynchronous mode. Connect the Amazon Kinesis data stream to Kinesis Data Firehose. Set the Firehose destination to an Amazon S3 bucket.
- B. Allow connections to the DB cluster through a bastion host only. Restrict database access to the bastion host and application servers. Push the bastion host logs to Amazon CloudWatch Logs using the CloudWatch Logs agent.
- C. Enable Aurora Database Activity Streams on the database in synchronous mode. Connect the Amazon Kinesis data stream to Kinesis Data Firehose. Set the Kinesis Data Firehose destination to an Amazon S3 bucket.
- D. Create an AWS CloudTrail trail in the Region where the database runs. Associate the database activity logs with the trail.
正解: A
解説:
Explanation
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/DBActivityStreams.Overview.html
質問 37
A Database Specialist is migrating an on-premises Microsoft SQL Server application database to Amazon RDS for PostgreSQL using AWS DMS. The application requires minimal downtime when the RDS DB instance goes live.
What change should the Database Specialist make to enable the migration?
- A. Configure the AWS DMS connections to allow two-way communication to allow for ongoing change data capture (CDC)
- B. Configure the on-premises application database to act as a source for an AWS DMS full load with ongoing change data capture (CDC)
- C. Configure the AWS DMS replication instance to allow both full load and ongoing change data capture (CDC)
- D. Configure the AWS DMS task to generate full logs to allow for ongoing change data capture (CDC)
正解: B
解説:
Explanation
"requires minimal downtime when the RDS DB instance goes live" in order to do CDC: "you must first ensure that ARCHIVELOG MODE is on to provide information to LogMiner. AWS DMS uses LogMiner to read information from the archive logs so that AWS DMS can capture changes"
https://docs.aws.amazon.com/dms/latest/sbs/chap-oracle2postgresql.steps.configureoracle.html
"If you want to capture and apply changes (CDC), then you also need the following privileges."
質問 38
A company wants to migrate its on-premises MySQL databases to Amazon RDS for MySQL. To comply with the company's security policy, all databases must be encrypted at rest. RDS DB instance snapshots must also be shared across various accounts to provision testing and staging environments.
Which solution meets these requirements?
- A. Create an RDS for MySQL DB instance with an AWS CloudHSM key. Update the key policy to include the Amazon Resource Name (ARN) of the other AWS accounts as a principal, and then allow the kms:CreateGrant action.
- B. Create an RDS for MySQL DB instance with an AWS managed CMK. Create a new key policy to include the Amazon Resource Name (ARN) of the other AWS accounts as a principal, and then allow the kms:CreateGrant action.
- C. Create an RDS for MySQL DB instance with an AWS Key Management Service (AWS KMS) customer managed CMK. Update the key policy to include the Amazon Resource Name (ARN) of the other AWS accounts as a principal, and then allow the kms:CreateGrant action.
- D. Create an RDS for MySQL DB instance with an AWS owned CMK. Create a new key policy to include the administrator user name of the other AWS accounts as a principal, and then allow the kms:CreateGrant action.
正解: C
質問 39
A Database Specialist is creating Amazon DynamoDB tables, Amazon CloudWatch alarms, and associated infrastructure for an Application team using a development AWS account. The team wants a deployment method that will standardize the core solution components while managing environment-specific settings separately, and wants to minimize rework due to configuration errors.
Which process should the Database Specialist recommend to meet these requirements?
- A. Create an AWS Lambda function that builds the required objects using an AWS SDK. Set the requiredparameter values in a test event in the Lambda console for each environment that the Application team canmodify, as needed. Deploy the infrastructure by triggering the test event in the console.
- B. Create a parameterized AWS CloudFormation template that builds the required objects. Import thetemplate into the CloudFormation interface in the AWS Management Console. Make the required changesto the parameters and deploy the CloudFormation stack.
- C. Create a parameterized AWS CloudFormation template that builds the required objects. Keep separateenvironment parameter files in separate Amazon S3 buckets. Provide an AWS CLI command that deploysthe CloudFormation stack directly referencing the appropriate parameter bucket.
- D. Organize common and environmental-specific parameters hierarchically in the AWS Systems ManagerParameter Store, then reference the parameters dynamically from an AWS CloudFormation template.Deploy the CloudFormation stack using the environment name as a parameter.
正解: B
質問 40
A large financial services company requires that all data be encrypted in transit. A Developer is attempting to connect to an Amazon RDS DB instance using the company VPC for the first time with credentials provided by a Database Specialist. Other members of the Development team can connect, but this user is consistently receiving an error indicating a communications link failure. The Developer asked the Database Specialist to reset the password a number of times, but the error persists.
Which step should be taken to troubleshoot this issue?
- A. Ensure that the database option group for the RDS DB instance allows ingress from the Developer machine's IP address
- B. Ensure that the RDS DB instance's subnet group includes a public subnet to allow the Developer to connect
- C. Ensure that the RDS DB instance has not reached its maximum connections limit
- D. Ensure that the connection is using SSL and is addressing the port where the RDS DB instance is listening for encrypted connections
正解: D
解説:
Explanation
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.Concepts.General.SSL.Using.html
質問 41
A company is developing a multi-tier web application hosted on AWS using Amazon Aurora as the database.
The application needs to be deployed to production and other non-production environments. A Database Specialist needs to specify different MasterUsername and MasterUserPassword properties in the AWS CloudFormation templates used for automated deployment. The CloudFormation templates are version controlled in the company's code repository. The company also needs to meet compliance requirement by routinely rotating its database master password for production.
What is most secure solution to store the master password?
- A. Encrypt the master password using an AWS KMS key. Store the encrypted master password in the CloudFormation template.
- B. Use the ssm dynamic reference to retrieve the master password stored in the AWS Systems Manager Parameter Store and enable automatic rotation.
- C. Use the secretsmanager dynamic reference to retrieve the master password stored in AWS Secrets Manager and enable automatic rotation.
- D. Store the master password in a parameter file in each environment. Reference the environment-specific parameter file in the CloudFormation template.
正解: C
解説:
Explanation
"By using the secure string support in CloudFormation with dynamic references you can better maintain your infrastructure as code. You'll be able to avoid hard coding passwords into your templates and you can keep these runtime configuration parameters separated from your code. Moreover, when properly used, secure strings will help keep your development and production code as similar as possible, while continuing to make your infrastructure code suitable for continuous deployment pipelines."
https://aws.amazon.com/blogs/mt/using-aws-systems-manager-parameter-store-secure-string-parameters-in-aws-
https://aws.amazon.com/blogs/security/how-to-use-aws-secrets-manager-rotate-credentials-amazon-rds-database
質問 42
A company is migrating its on-premises database workloads to the AWS Cloud. A database specialist performing the move has chosen AWS DMS to migrate an Oracle database with a large table to Amazon RDS.
The database specialist notices that AWS DMS is taking significant time to migrate the data.
Which actions would improve the data migration speed? (Choose three.)
- A. Increase the capacity of the AWS DMS replication server.
- B. Enable full large binary object (LOB) mode to migrate all LOB data for all large tables.
- C. Create multiple AWS DMS tasks to migrate the large table.
- D. Enable an Amazon RDS Multi-AZ configuration.
- E. Configure the AWS DMS replication instance with Multi-AZ.
- F. Establish an AWS Direct Connect connection between the on-premises data center and AWS.
正解: A,D,F
質問 43
A company is running an Amazon RDS for PostgeSQL DB instance and wants to migrate it to an Amazon Aurora PostgreSQL DB cluster. The current database is 1 TB in size. The migration needs to have minimal downtime.
What is the FASTEST way to accomplish this?
- A. Migrate data from the RDS for PostgreSQL DB instance to an Aurora PostgreSQL DB cluster using an Aurora Replica. Promote the replica during the cutover.
- B. Use the pg_dump and pg_restore utilities to extract and restore the RDS for PostgreSQL DB instance to the Aurora PostgreSQL DB cluster.
- C. Create an Aurora PostgreSQL DB cluster. Set up replication from the source RDS for PostgreSQL DB instance using AWS DMS to the target DB cluster.
- D. Create a database snapshot of the RDS for PostgreSQL DB instance and use this snapshot to create the Aurora PostgreSQL DB cluster.
正解: D
質問 44
......
正真正銘で最適なDBS-C01オンライン練習試験資料:https://www.jpntest.com/shiken/DBS-C01-mondaishu
優良な質を持つDBS-C01問題集と解釈が待ってます。 今すぐゲット:https://drive.google.com/open?id=1bUirJBElCt-bqxH6kA9hi3eeyN9Pr6mC