A company needs to have real-time access to image data while seamlessly maintaining a copy of the images in an offsite location.
Which AWS solution would allow access to the image data locally while also providing for disaster recovery?

A. Create an AWS Storage Gateway volume gateway configured as a stored volume. Mount it from clients using Internet Small Computer System Interface (iSCSI).
B. Mount an Amazon EFS volume on a local server. Share this volume with employees who need access to the images.
C. Store the images in Amazon S3, and use AWS Data Pipeline to allow for caching of S3 data on local workstations.
D. Use Amazon S3 for file storage, and enable S3 Transfer Acceleration to maintain a cache for frequently used files to increase local performance.

A Security and Compliance team is reviewing Amazon EC2 workloads for unapproved AMI usage.
Which action should a SysOps Administrator recommend?

A. Create a custom report using AWS Systems Manager Inventory to identify unapproved AMIs
B. Run Amazon Inspector on all EC2 instances and flag instances using unapproved AMIs
C. Use an AWS Config rule to identify unapproved AMIs
D. Use AWS Trusted Advisor to identify EC2 workloads using unapproved AMIs

A SysOps Administrator is deploying a test site running on Amazon EC2 instances. The application requires both incoming and outgoing connectivity to the Internet.
Which combination of steps are required to provide internet connectivity to the EC2 instances? (Choose two.)

A. Add a NAT gateway to a public subnet
B. Attach a private address to the elastic network interface on the EC2 instance
C. Attach an Elastic IP address to the internet gateway
D. Add an entry to the route table for the subnet that points to an internet gateway
E. Create an internet gateway and attach it to a VPC

A company needs to migrate an on-premises asymmetric key management system into AWS.
Which AWS service should be used to accomplish this?

A. AWS Certificate Manager
B. AWS CloudHSM
C. AWS KMS
D. AWS Secrets Manager

An ecommerce site is using Amazon ElastiCache with Memcached to store session state for a web application and to cache frequently used data. For the last month, users have been complaining about performance. The metric data for the Amazon EC2 instances and the Amazon RDS instance appear normal, but the eviction count metrics are high.
What should be done to address this issue and improve performance?

A. Scale the cluster by adding additional nodes
B. Scale the cluster by adding read replicas
C. Scale the cluster by increasing CPU capacity
D. Scale the web layer by adding additional EC2 instances

A SysOps Administrator is notified that an Amazon EC2 instance has stopped responding. The AWS Management Console indicates that the system checks are failing.
What should the SysOps Administrator do first to resolve this issue?

A. Reboot the EC2 instance so it can be launched on a new host.
B. Stop and then start the EC2 instance so that it can be launched on a new host.
C. Terminate the EC2 instance and relaunch it.
D. View the AWS CloudTrail log to investigate what changed on the EC2 instance.

A serverless application running on AWS Lambda is expected to receive a significant increase in traffic. A SysOps Administrator needs to ensure that the Lambda function is configured to scale so the application can process the increased traffic.
What should the Administrator do to accomplish this?

A. Attach additional elastic network interfaces to the Lambda function
B. Configure AWS Application Auto Scaling based on the Amazon CloudWatch Lambda metric for the number of invocations
C. Ensure the concurrency limit for the Lambda function is higher than the expected simultaneous function executions
D. Increase the memory available to the Lambda function

A company uses federation to authenticate users and grant AWS permissions. The SysOps Administrator has been asked to determine who made a request to AWS Organizations for a new AWS account.
What should the Administrator review to determine who made the request?

A. AWS CloudTrail for the federated identity user name
B. AWS IAM Access Advisor for the federated user name
C. AWS Organizations access log for the federated identity user name
D. Federated identity provider logs for the user name

A web application runs on Amazon EC2 instances behind an ELB Application Load Balancer. The instances run in an EC2 Auto Scaling group across multiple Availability Zones. Amazon Route 53 is used for DNS and points to the load balancer. A SysOps Administrator has launched a new Auto Scaling group with a new version of the application, and wants to gradually shift traffic to the new version.
How can this be accomplished?

A. Create an Auto Scaling target tracking scaling policy to gradually move traffic from the old version to the new one
B. Change the Application Load Balancer to a Network Load Balancer, then add both Auto Scaling groups as targets
C. Use an Amazon Route 53 weighted routing policy to gradually move traffic from the old version to the new one
D. Deploy Amazon Redshift to gradually move traffic from the old version to the new one using a set of predefined values

A VPC is connected to a company data center by a VPN. An Amazon EC2 instance with the IP address 172.31.16.139 is within a private subnet of the VPC. A SysOps Administrator issued a ping command to the EC2 instance from an on-premises computer with the IP address 203.0.113.12 and did not receive an acknowledgment.
VPC Flow Logs were enabled and showed the following:

What action will resolve the issue?

A. Modify the EC2 security group rules to allow inbound traffic from the on-premises computer
B. Modify the EC2 security group rules to allow outbound traffic to the on-premises computer
C. Modify the VPC network ACL rules to allow inbound traffic from the on-premises computer
D. Modify the VPC network ACL rules to allow outbound traffic to the on-premises computer