2023 The Most Effective DBS-C01 with 270 Questions Answers
Try Free and Start Using Realistic Verified DBS-C01 Dumps Instantly.
NEW QUESTION # 104
A company is running a two-tier ecommerce application in one AWS account. The web server is deployed using an Amazon RDS for MySQL Multi-AZ DB instance. A Developer mistakenly deleted the database in the production environment. The database has been restored, but this resulted in hours of downtime and lost revenue.
Which combination of changes in existing IAM policies should a Database Specialist make to prevent an error like this from happening in the future? (Choose three.)
- A. Enable multi-factor authentication for sensitive operations to access sensitive resources and API operations
- B. Use policy conditions to restrict access to selective IP addresses
- C. Enable AWS CloudTrail logging and Enhanced Monitoring
- D. Use AccessList Controls policy type to restrict users for database instance deletion
- E. Allow all users to restore a database from a backup that will reduce the overall downtime to restore the database
- F. Grant least privilege to groups, users, and roles
Answer: A,B,F
Explanation:
https://aws.amazon.com/blogs/database/using-iam-multifactor-authentication-with-amazon-rds/
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/security_iam_id-based-policy-htmlhttps://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/DataDurability.html
NEW QUESTION # 105
A Database Specialist is creating a new Amazon Neptune DB cluster, and is attempting to load fata from Amazon S3 into the Neptune DB cluster using the Neptune bulk loader API. The Database Specialist receives the following error:
"Unable to connect to s3 endpoint. Provided source = s3://mybucket/graphdata/ and region = us-east-1. Please verify your S3 configuration." Which combination of actions should the Database Specialist take to troubleshoot the problem? (Choose two.)
- A. Check that a Neptune VPC endpoint exists
- B. Check that Neptune has an IAM role granting read access to Amazon S3
- C. Check that Amazon EC2 has an IAM role granting read access to Amazon S3
- D. Check that an Amazon S3 VPC endpoint exists
- E. Check that Amazon S3 has an IAM role granting read access to Neptune
Answer: C,D
NEW QUESTION # 106
A company migrated one of its business-critical database workloads to an Amazon Aurora Multi-AZ DB cluster. The company requires a very low RTO and needs to improve the application recovery time after database failovers.
Which approach meets these requirements?
- A. Set the max_connections parameter to 16,000 in the instance-level parameter group.
- B. Enable the query cache at the instance level.
- C. Modify the client connection timeout to 300 seconds.
- D. Create an Amazon RDS Proxy database proxy and update client connections to point to the proxy endpoint.
Answer: D
Explanation:
Amazon RDS Proxy allows applications to pool and share connections established with the database, improving database efficiency and application scalability. With RDS Proxy, failover times for Aurora and RDS databases are reduced by up to 66% and database credentials, authentication, and access can be managed through integration with AWS Secrets Manager and AWS Identity and Access Management (IAM).
https://aws.amazon.com/rds/proxy/
NEW QUESTION # 107
Recently, an ecommerce business transferred one of its SQL Server databases to an Amazon RDS for SQL Server Enterprise Edition database instance. The corporation anticipates an increase in read traffic as a result of an approaching sale. To accommodate the projected read load, a database professional must establish a read replica of the database instance.
Which procedures should the database professional do prior to establishing the read replica? (Select two.)
- A. Identify a potential downtime window and stop the application calls to the source DB instance.
- B. Ensure that the source DB instance is a Multi-AZ deployment with Always ON Availability Groups.
- C. Ensure that automatic backups are enabled for the source DB instance.
- D. Ensure that the source DB instance is a Multi-AZ deployment with SQL Server Database Mirroring (DBM).
- E. Modify the read replica parameter group setting and set the value to 1.
Answer: B,C
Explanation:
Explanation
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/SQLServer.ReadReplicas.html
NEW QUESTION # 108
A company has a database monitoring solution that uses Amazon CloudWatch for its Amazon RDS for SQL Server environment. The cause of a recent spike in CPU utilization was not determined using the standard metrics that were collected. The CPU spike caused the application to perform poorly, impacting users. A Database Specialist needs to determine what caused the CPU spike.
Which combination of steps should be taken to provide more visibility into the processes and queries running during an increase in CPU load? (Choose two.)
- A. Enable Amazon RDS Performance Insights to view the database load and filter the load by waits, SQL statements, hosts, or users.
- B. Implement a caching layer to help with repeated queries on the RDS SQL Server DB instance.
- C. Enable Enhanced Monitoring metrics to view CPU utilization at the RDS SQL Server DB instance level.
- D. Use Amazon QuickSight to view the SQL statement being run.
- E. Enable Amazon CloudWatch Events and view the incoming T-SQL statements causing the CPU to spike.
Answer: A,C
Explanation:
Explanation
https://aws.amazon.com/premiumsupport/knowledge-center/rds-instance-high-cpu/ "Several factors can cause an increase in CPU utilization. For example, user-initiated heavy workloads, analytic queries, prolonged deadlocks and lock waits, multiple concurrent transactions, long-running transactions, or other processes that utilize CPU resources. First, you can identify the source of the CPU usage by: Using Enhanced Monitoring Using Performance Insights"
NEW QUESTION # 109
A company is moving its fraud detection application from on premises to the AWS Cloud and is using Amazon Neptune for data storage. The company has set up a 1 Gbps AWS Direct Connect connection to migrate 25 TB of fraud detection data from the on-premises data center to a Neptune DB instance. The company already has an Amazon S3 bucket and an S3 VPC endpoint, and 80% of the company's network bandwidth is available.
How should the company perform this data load?
- A. Use the AWS CLI to transfer the data from on premises to the S3 bucket. Use the Copy command for Neptune to move the data in bulk from the S3 bucket to the Neptune DB instance.
- B. Use AWS Database Migration Service (AWS DMS) to transfer the data from on premises to the S3 bucket. Use the Loader command for Neptune to move the data in bulk from the S3 bucket to the Neptune DB instance.
- C. Use AWS DataSync to transfer the data from on premises to the S3 bucket. Use the Loader command for Neptune to move the data in bulk from the S3 bucket to the Neptune DB instance.
- D. Use an AWS SDK with a multipart upload to transfer the data from on premises to the S3 bucket. Use the Copy command for Neptune to move the data in bulk from the S3 bucket to the Neptune DB instance.
Answer: C
NEW QUESTION # 110
A company uses an Amazon RDS for PostgreSQL DB instance for its customer relationship management (CRM) system. New compliance requirements specify that the database must be encrypted at rest.
Which action will meet these requirements?
- A. Create an encrypted copy of manual snapshot of the DB instance. Restore a new DB instance from the encrypted snapshot.
- B. Modify the DB instance and enable encryption.
- C. Restore a DB instance from the most recent automated snapshot and enable encryption.
- D. Create an encrypted read replica of the DB instance. Promote the read replica to a standalone instance.
Answer: A
Explanation:
Explanation
https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/encrypt-an-existing-amazon-rds-for-postgresq You can enable encryption for an Amazon RDS DB instance when you create it, but not after it's created.
However, you can add encryption to an unencrypted DB instance by creating a snapshot of your DB instance, and then creating an encrypted copy of that snapshot. You can then restore a DB instance from the encrypted snapshot to get an encrypted copy of your original DB instance. The pattern uses AWS Database Migration Service (AWS DMS) to migrate data and AWS Key Management Service (AWS KMS) for encryption.
NEW QUESTION # 111
A company uses Amazon Aurora MySQL as the primary database engine for many of its applications. A database specialist must create a dashboard to provide the company with information about user connections to databases. According to compliance requirements, the company must retain all connection logs for at least 7 years.
Which solution will meet these requirements MOST cost-effectively?
- A. Publish the DatabaseConnections metric for the Aurora DB instances to Amazon CloudWatch. Build a dashboard by using CloudWatch dashboards.
- B. Start a database activity stream for the Aurora cluster. Push the activity records to an Amazon Kinesis data stream. Build a dynamic dashboard by using AWS Lambda.
- C. Enable advanced auditing on the Aurora cluster to log CONNECT events. Export audit logs from Amazon CloudWatch to Amazon S3 by using an AWS Lambda function that is invoked by an Amazon EventBridge (Amazon CloudWatch Events) scheduled event. Build a dashboard by using Amazon QuickSight.
- D. Capture connection attempts to the Aurora cluster with AWS Cloud Trail by using the DescribeEvents API operation. Create a CloudTrail trail to export connection logs to Amazon S3. Build a dashboard by using Amazon QuickSight.
Answer: C
Explanation:
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Auditing.html
NEW QUESTION # 112
A company has an Amazon RDS Multi-AZ DB instances that is 200 GB in size with an RPO of 6 hours. To meet the company's disaster recovery policies, the database backup needs to be copied into another Region.
The company requires the solution to be cost-effective and operationally efficient.
What should a Database Specialist do to copy the database backup into a different Region?
- A. Use Amazon RDS automated snapshots every 6 hours and use Amazon S3 cross-Region replication tocopy the snapshot into another Region
- B. Create an AWS Lambda function to take an Amazon RDS snapshot every 6 hours and use a secondLambda function to copy the snapshot into another Region
- C. Create a cross-Region read replica for Amazon RDS in another Region and take an automated snapshot ofthe read replica
- D. Use Amazon RDS automated snapshots and use AWS Lambda to copy the snapshot into another Region
Answer: C
NEW QUESTION # 113
A database specialist was alerted that a production Amazon RDS MariaDB instance with 100 GB of storage was out of space. In response, the database specialist modified the DB instance and added 50 GB of storage capacity. Three hours later, a new alert is generated due to a lack of free space on the same DB instance. The database specialist decides to modify the instance immediately to increase its storage capacity by 20 GB.
What will happen when the modification is submitted?
- A. The request will fail because this storage capacity is too large.
- B. The request will succeed only if CPU utilization is less than 10%.
- C. The request will succeed only if the primary instance is in active status.
- D. The request will fail as the most recent modification was too soon.
Answer: D
Explanation:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html
NEW QUESTION # 114
A Database Specialist is working with a company to launch a new website built on Amazon Aurora with several Aurora Replicas. This new website will replace an on-premises website connected to a legacy relational database. Due to stability issues in the legacy database, the company would like to test the resiliency of Aurora.
Which action can the Database Specialist take to test the resiliency of the Aurora DB cluster?
- A. Use Aurora Backtrack to crash the DB cluster
- B. Stop the DB cluster and analyze how the website responds
- C. Use Aurora fault injection to crash the master DB instance
- D. Remove the DB cluster endpoint to simulate a master DB instance failure
Answer: C
Explanation:
Explanation
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Managing.FaultInjectionQue
"You can test the fault tolerance of your Amazon Aurora DB cluster by using fault injection queries. Fault injection queries are issued as SQL commands to an Amazon Aurora instance and they enable you to schedule a simulated occurrence of one of the following events: A crash of a writer or reader DB instance A failure of an Aurora Replica A disk failure Disk congestion When a fault injection query specifies a crash, it forces a crash of the Aurora DB instance. The other fault injection queries result in simulations of failure events, but don't cause the event to occur. When you submit a fault injection query, you also specify an amount of time for the failure event simulation to occur for."
NEW QUESTION # 115
A banking company recently launched an Amazon RDS for MySQL DB instance as part of a proof-of-concept project. A database specialist has configured automated database snapshots. As a part of routine testing, the database specialist noticed one day that the automated database snapshot was not created.
Which of the following are possible reasons why the snapshot was not created? (Choose two.)
- A. A copy of the RDS automated snapshot for this DB instance is in progress within the same AWS Region.
- B. RDS event notifications have not been enabled.
- C. A copy of the RDS automated snapshot for this DB instance is in progress in a different AWS Region.
- D. The RDS DB instance is in the STORAGE_FULL state.
- E. The RDS maintenance window is not configured.
Answer: A,D
Explanation:
Explanation
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html
NEW QUESTION # 116
A company is using an Amazon RDS for MySQL DB instance for its internal applications. A security audit shows that the DB instance is not encrypted at rest. The company's application team needs to encrypt the DB instance.
What should the team do to meet this requirement?
- A. Stop the DB instance and create a snapshot. Copy the snapshot into another encrypted snapshot. Restore the encrypted snapshot to a new encrypted DB instance. Delete the original DB instance, and update the applications to point to the new encrypted DB instance.
- B. Stop the DB instance and create an encrypted snapshot. Restore the encrypted snapshot to a new encrypted DB instance. Delete the original DB instance, and update the applications to point to the new encrypted DB instance.
- C. Create an encrypted read replica of the DB instance. Promote the read replica to master. Delete the original DB instance, and update the applications to point to the new encrypted DB instance.
- D. Stop the DB instance and modify it to enable encryption. Apply this setting immediately without waiting for the next scheduled RDS maintenance window.
Answer: A
NEW QUESTION # 117
In North America, a business launched a mobile game that swiftly expanded to 10 million daily active players.
The game's backend is hosted on AWS and makes considerable use of a TTL-configured Amazon DynamoDB table.
When an item is added or changed, its TTL is set to 600 seconds plus the current epoch time. The game logic is reliant on the purging of outdated data in order to compute rewards points properly. At times, items from the table are read that are many hours beyond their TTL expiration.
How should a database administrator resolve this issue?
- A. Use a client library that supports the TTL functionality for DynamoDB.
- B. Create a local secondary index on the TTL attribute.
- C. Include a query filter expression to ignore items with an expired TTL.
- D. Set the ConsistentRead parameter to true when querying the table.
Answer: C
Explanation:
Explanation
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/howitworks-ttl.html
NEW QUESTION # 118
A corporation is transitioning from an IBM Informix database to an Amazon RDS for SQL Server Multi-AZ implementation with Always On Availability Groups (AGs). SQL Server Agent tasks are scheduled to execute at 5-minute intervals on the Always On AG listener to synchronize data between the Informix and SQL Server databases. After a successful failover to the backup node with minimum delay, users endure hours of stale data.
How can a database professional guarantee that consumers view the most current data after a failover?
- A. Create the SQL Server Agent jobs on the secondary node from a script when the secondary node takes over after a failure.
- B. Set the databases on the secondary node to read-only mode.
- C. Set TTL to less than 30 seconds for cached DNS values on the Always On AG listener.
- D. Break up large transactions into multiple smaller transactions that complete in less than 5 minutes.
Answer: A
Explanation:
Explanation
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_SQLServerMultiAZ.html If you have SQL Server Agent jobs, recreate them on the secondary. You do so because these jobs are stored in the msdb database, and you can't replicate this database by using Database Mirroring (DBM) or Always On Availability Groups (AGs). Create the jobs first in the original primary, then fail over, and create the same jobs in the new primary.
NEW QUESTION # 119
......
Download Free Latest Exam DBS-C01 Certified Sample Questions: https://gocertify.actual4labs.com/Amazon/DBS-C01-actual-exam-dumps.html