- (Topic 3)
A company needs to control inbound and outbound traffic for an Amazon EC2 instance.
Which AWS service or feature can the company associate with the EC2 instance to meet this requirement?

1. A. Network ACL
2. B. Security group
3. C. AWS WAF
4. D. VPC route tables

Correct Answer: B
A security group is a virtual firewall that can be associated with an Amazon EC2 instance to control the inbound and outbound traffic for the instance. You can specify which protocols, ports, and source or destination IP ranges are allowed or denied by the security group. A network ACL is a stateless filter that can be associated with a subnet to control the traffic to and from the subnet, but it is not associated with an EC2 instance4. AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. VPC route tables are used to determine where network traffic is directed within a VPC or to an internet gateway, virtual private gateway, NAT device, VPC peering connection, or VPC endpoint.

- (Topic 1)
A company has been storing monthly reports in an Amazon S3 bucket. The company exports the report data into comma-separated values (.csv) files. A developer wants to write a simple query that can read all of these files and generate a summary report.
Which AWS service or feature should the developer use to meet these requirements with the LEAST amount of operational overhead?

1. A. Amazon S3 Select
2. B. Amazon Athena
3. C. Amazon Redshift
4. D. Amazon EC2

Correct Answer: B
Amazon Athena is the AWS service that the developer should use to write a simple query that can read all of the .csv files stored in an Amazon S3 bucket and generate a summary report. Amazon Athena is an interactive query service that allows users to analyze data in Amazon S3 using standard SQL. Amazon Athena does not require any server setup or management, and users only pay for the queries they run. Amazon Athena can handle various data formats, including .csv, and can integrate with other AWS services such as Amazon QuickSight for data visualization

- (Topic 3)
A company runs a MySQL database in its on-premises data center. The company wants to run a copy of this database in the AWS Cloud.
Which AWS service would support this workload?

1. A. Amazon RDS
2. B. Amazon Neptune
3. C. Amazon ElastiCache for Redis
4. D. Amazon Quantum Ledger Database (Amazon QLDB)

Correct Answer: A
Amazon Relational Database Service (Amazon RDS) is a web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity, while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups. Amazon RDS supports six popular database engines: Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle Database, and SQL Server. Amazon RDS can support running a copy of a MySQL database in the AWS Cloud, as it offers compatibility, scalability, and availability features.

- (Topic 1)
Which AWS service or feature is used to Troubleshoot network connectivity issues between Amazon EC2 instances?

1. A. AWS Certificate Manager (ACM)
2. B. Internet gateway
3. C. VPC Flow Logs
4. D. AWS CloudHSM

Correct Answer: C
VPC Flow Logs is the AWS service or feature that is used to troubleshoot network connectivity issues between Amazon EC2 instances. VPC Flow Logs is a feature that enables users to capture information about the IP traffic going to and from network interfaces in their VPC. VPC Flow Logs can help users monitor and diagnose network- related issues, such as traffic not reaching an instance, or an instance not responding to requests. VPC Flow Logs can be published to Amazon CloudWatch Logs, Amazon S3, or Amazon Kinesis Data Firehose for analysis and storage.

- (Topic 2)
A company wants to migrate its Microsoft SQL Server database management system from on premises to the AWS Cloud.
Which AWS service should the company use to reduce management overhead for this environment?

1. A. Amazon Elastic Container Service (Amazon ECS)
2. B. Amazon SageMaker
3. C. Amazon RDS
4. D. Amazon Athena

Correct Answer: C
Amazon Relational Database Service (Amazon RDS) is the AWS service that the company should use to migrate its Microsoft SQL Server database management system from on premises to the AWS Cloud. Amazon RDS is a fully managed service that provides a scalable, secure, and high-performance relational database platform. Amazon RDS supports several database engines, including Microsoft SQL Server. Amazon RDS reduces the management overhead for the database environment by taking care of tasks such as provisioning, patching, backup, recovery, and monitoring. For more information, see What is Amazon Relational Database Service (Amazon RDS)? and Amazon RDS for SQL Server.