A sys admin is maintaining an application on AWS. The application is installed on EC2 and user has configured ELB and Auto Scaling. Considering future load increase, the user is planning to launch new servers proactively so that they get registered with ELB. How can the user add these instances with Auto Scaling?

A. Increase the desired capacity of the Auto Scaling group

B. Increase the maximum limit of the Auto Scaling group

C. Launch an instance manually and register it with ELB on the fly

D. Decrease the minimum limit of the Auto Scaling group

A user has launched an EC2 instance store backed instance in the US-East-1a zone. The user created AMI #1 and copied it to the Europe region. After that, the user made a few updates to the application running in the US-East-1a zone. The user makes an AMI#2 after the changes. If the user launches a new instance in Europe from the AMI #1 copy, which of the below mentioned statements is true?

A. The new instance will have the changes made after the AMI copy as AWS just copies the reference of the original AMI during the copying. Thus, the copied AMI will have all the updated data

B. The new instance will have the changes made after the AMI copy since AWS keeps updating the AMI

C. It is not possible to copy the instance store backed AMI from one region to another

D. The new instance in the EU region will not have the changes made after the AMI copy

Which of the following are the customer's responsibilities, according to the AWS Shared Responsibility Security Model? (Choose two.)

A. Operating system, network, and firewall configuration

B. Client-side data encryption and data integrity authentication

C. AWS data center access logs

D. Hypervisor updates and configuration

E. Physical media destruction

Network ACLs are _______.

A. stateful

B. stateless

C. asynchronous

D. synchronous

The Security team has decided that there will be no public internet access to HTTP (TCP port 80) because it is moving to HTTPS for all incoming web traffic. The team has asked a SysOps Administrator to provide a report on any security groups that are not compliant.

What should the SysOps Administrator do to provide near real-time compliance reporting?

A. Enable AWS Trusted Advisor and show the Security team that the Security Groups unrestricted access check will alarm.

B. Schedule an AWS Lambda function to run hourly to scan and evaluate all security groups, and send a report to the Security team.

C. Use AWS Config to enable the restricted-common-ports rule, and add port 80 to the parameters.

D. Use Amazon Inspector to evaluate the security groups during scans, and send the completed reports to the Security team.