Fausto Busuito commited on
Commit
54c53e2
1 Parent(s): 96884ca

Application changes

Browse files
questions/Amazon.SAA-C03.v2024-10-25.json CHANGED
@@ -256,10 +256,10 @@
256
  {
257
  "question": "A law firm needs to share information with the public The information includes hundreds of files that must be publicly readable Modifications or deletions of the files by anyone before a designated future date are prohibited. Which solution will meet these requirements in the MOST secure way?",
258
  "options": [
259
- "Upload all files to an Amazon S3 bucket that is configured for static website hosting. Grant read- only 1AM permissions to any AWS principals that access the S3 bucket until the designated date.",
260
  "Create a new Amazon S3 bucket with S3 Versioning enabled Use S3 Object Lock with a retention period in accordance with the designated date Configure the S3 bucket for static website hosting. Set an S3 bucket policy to allow read-only access to the objrcts.",
261
  "Create a new Amazon S3 bucket with S3 Versioning enabled Configure an event trigger to run an AWS Lambda function in case of object modification or deletion. Configure the Lambda function to replace the objects with the original versions from a private S3 bucket.",
262
- "Upload all files to an Amazon S3 bucket that is configured for static website hosting. Select the folder that contains the files. Use S3 Object Lock with a retention period in accordance with the designated date. Grant read-only 1AM permissions to any AWS principals that access the S3 bucket."
263
  ],
264
  "correct": [
265
  "B"
@@ -292,10 +292,10 @@
292
  {
293
  "question": "A company is designing a microservice-based architecture tor a new application on AWS. Each microservice will run on its own set of Amazon EC2 instances. Each microservice will need to interact with multiple AWS services such as Amazon S3 and Amazon Simple Queue Service (Amazon SQS). The company wants to manage permissions for each EC2 instance based on the principle of least privilege. Which solution will meet this requirement?",
294
  "options": [
295
- "Assign an 1AM user to each micro-service. Use access keys stored within the application code to authenticate AWS service requests.",
296
- "Create a single 1AM role that has permission to access all AWS services. Associate the 1AM role with all EC2 instances that run the microservices",
297
  "Use AWS Organizations to create a separate account for each microservice. Manage permissions at the account level.",
298
- "Create individual 1AM roles based on the specific needs of each microservice. Associate the 1AM roles with the appropriate EC2 instances."
299
  ],
300
  "correct": [
301
  "D"
@@ -368,12 +368,12 @@
368
  ]
369
  },
370
  {
371
- "question": "A company needs a solution to prevent AWS CloudFormation stacks from deploying AWS Identity and Access Management (1AM) resources that include an inline policy or \"*\" in the statement The solution must also prohibit deployment ot Amazon EC2 instances with public IP addresses The company has AWS Control Tower enabled in its organization in AWS Organizations. Which solution will meet these requirements?",
372
  "options": [
373
  "Use AWS Control Tower proactive controls to block deployment of EC2 instances with public IP addresses and inline policies with elevated access or \"*\"",
374
  "Use AWS Control Tower detective controls to block deployment of EC2 instances with public IP addresses and inline policies with elevated access or \"\"",
375
- "Use AWS Config to create rules for EC2 and 1AM compliance Configure the rules to run an AWS Systems Manager Session Manager automation to delete a resource when it is not compliant",
376
- "Use a service control policy (SCP) to block actions for the EC2 instances and 1AM resources if the actions lead to noncompliance"
377
  ],
378
  "correct": [
379
  "D"
@@ -420,12 +420,12 @@
420
  ]
421
  },
422
  {
423
- "question": "A company has applications that run on Amazon EC2 instances. The EC2 instances connect to Amazon RDS databases by using an 1AM role that has associated policies. The company wants to use AWS Systems Manager to patch the EC2 instances without disrupting the running applications. Which solution will meet these requirements?",
424
  "options": [
425
- "Create a new 1AM role. Attach the AmazonSSMManagedlnstanceCore policy to the new 1AM role. Attach the new 1AM role to the EC2 instances and the existing 1AM role.",
426
- "Create an 1AM user. Attach the AmazonSSMManagedlnstanceCore policy to the 1AM user. 24 23 Configure Systems Manager to use the 1AM user to manage the EC2 instances.",
427
  "Enable Default Host Configuration Management in Systems Manager to manage the EC2 instances.",
428
- "Remove the existing policies from the existing 1AM role. Add the AmazonSSMManagedlnstanceCore policy to the existing 1AM role."
429
  ],
430
  "correct": [
431
  "C"
 
256
  {
257
  "question": "A law firm needs to share information with the public The information includes hundreds of files that must be publicly readable Modifications or deletions of the files by anyone before a designated future date are prohibited. Which solution will meet these requirements in the MOST secure way?",
258
  "options": [
259
+ "Upload all files to an Amazon S3 bucket that is configured for static website hosting. Grant read- only IAM permissions to any AWS principals that access the S3 bucket until the designated date.",
260
  "Create a new Amazon S3 bucket with S3 Versioning enabled Use S3 Object Lock with a retention period in accordance with the designated date Configure the S3 bucket for static website hosting. Set an S3 bucket policy to allow read-only access to the objrcts.",
261
  "Create a new Amazon S3 bucket with S3 Versioning enabled Configure an event trigger to run an AWS Lambda function in case of object modification or deletion. Configure the Lambda function to replace the objects with the original versions from a private S3 bucket.",
262
+ "Upload all files to an Amazon S3 bucket that is configured for static website hosting. Select the folder that contains the files. Use S3 Object Lock with a retention period in accordance with the designated date. Grant read-only IAM permissions to any AWS principals that access the S3 bucket."
263
  ],
264
  "correct": [
265
  "B"
 
292
  {
293
  "question": "A company is designing a microservice-based architecture tor a new application on AWS. Each microservice will run on its own set of Amazon EC2 instances. Each microservice will need to interact with multiple AWS services such as Amazon S3 and Amazon Simple Queue Service (Amazon SQS). The company wants to manage permissions for each EC2 instance based on the principle of least privilege. Which solution will meet this requirement?",
294
  "options": [
295
+ "Assign an IAM user to each micro-service. Use access keys stored within the application code to authenticate AWS service requests.",
296
+ "Create a single IAM role that has permission to access all AWS services. Associate the IAM role with all EC2 instances that run the microservices",
297
  "Use AWS Organizations to create a separate account for each microservice. Manage permissions at the account level.",
298
+ "Create individual IAM roles based on the specific needs of each microservice. Associate the IAM roles with the appropriate EC2 instances."
299
  ],
300
  "correct": [
301
  "D"
 
368
  ]
369
  },
370
  {
371
+ "question": "A company needs a solution to prevent AWS CloudFormation stacks from deploying AWS Identity and Access Management (IAM) resources that include an inline policy or \"*\" in the statement The solution must also prohibit deployment ot Amazon EC2 instances with public IP addresses The company has AWS Control Tower enabled in its organization in AWS Organizations. Which solution will meet these requirements?",
372
  "options": [
373
  "Use AWS Control Tower proactive controls to block deployment of EC2 instances with public IP addresses and inline policies with elevated access or \"*\"",
374
  "Use AWS Control Tower detective controls to block deployment of EC2 instances with public IP addresses and inline policies with elevated access or \"\"",
375
+ "Use AWS Config to create rules for EC2 and IAM compliance Configure the rules to run an AWS Systems Manager Session Manager automation to delete a resource when it is not compliant",
376
+ "Use a service control policy (SCP) to block actions for the EC2 instances and IAM resources if the actions lead to noncompliance"
377
  ],
378
  "correct": [
379
  "D"
 
420
  ]
421
  },
422
  {
423
+ "question": "A company has applications that run on Amazon EC2 instances. The EC2 instances connect to Amazon RDS databases by using an IAM role that has associated policies. The company wants to use AWS Systems Manager to patch the EC2 instances without disrupting the running applications. Which solution will meet these requirements?",
424
  "options": [
425
+ "Create a new IAM role. Attach the AmazonSSMManagedlnstanceCore policy to the new IAM role. Attach the new IAM role to the EC2 instances and the existing IAM role.",
426
+ "Create an IAM user. Attach the AmazonSSMManagedlnstanceCore policy to the IAM user. 24 23 Configure Systems Manager to use the IAM user to manage the EC2 instances.",
427
  "Enable Default Host Configuration Management in Systems Manager to manage the EC2 instances.",
428
+ "Remove the existing policies from the existing IAM role. Add the AmazonSSMManagedlnstanceCore policy to the existing IAM role."
429
  ],
430
  "correct": [
431
  "C"
templates/quiz.html CHANGED
@@ -19,7 +19,7 @@
19
  </script>
20
  </head>
21
  <body onload="updateTimer()">
22
- <h1>Question {{ question_number }} of {{ total_questions }} - {{ selected_file }} <span id="timer"></span></h1>
23
  <p>{{ question.question }}</p>
24
  <form action="{{ url_for('quiz') }}" method="post">
25
  {% if multiple_selection %}
 
19
  </script>
20
  </head>
21
  <body onload="updateTimer()">
22
+ <h1>Question {{ question_number }} of {{ total_questions }} | {{ selected_file }} <span id="timer"></span></h1>
23
  <p>{{ question.question }}</p>
24
  <form action="{{ url_for('quiz') }}" method="post">
25
  {% if multiple_selection %}