You are hosting a web site via website hosting on an S3 bucket - http://demo.s3-website-us-east-l

.amazonaws.com. You have some web pages that use Javascript that access resources in another bucket which has web site hosting also enabled. But when

users access the web pages , they are getting a blocked Javascript error. How can you rectify this?

You have a vendor that needs access to an AWS resource. You create an AWS user account. You want to restrict access to the resource using a policy for just

that user over a brief period. Which of the following would be an ideal policy to use?

A company wants to have a secure way of generating, storing and managing cryptographic exclusive access for the keys. Which of the following can be used for

this purpose?

Your company has an EC2 Instance that is hosted in an AWS VPC. There is a requirement to ensure that logs files from the EC2 Instance are stored accordingly.

The access should also be limited for the destination of the log files. How can this be accomplished? Choose 2 answers from the options given below. Each

answer forms part of the solution

Your company has defined privileged users for their AWS Account. These users are administrators for key resources defined in the company. There is now a

mandate to enhance the security

authentication for these users. How can this be accomplished?

You have a 2 tier application hosted in AWS. It consists of a web server and database server (SQL Server) hosted on separate EC2 Instances. You are devising

the security groups for these EC2 Instances. The Web tier needs to be accessed by users across the Internet. You have created a web security group(wg-123)

and database security group(db-345). Which combination of the following security group rules will allow the application to be secure and functional. Choose 2

answers from the options given below.

Your IT Security department has mandated that all data on EBS volumes created for underlying EC2 Instances need to be encrypted. Which of the following can

help achieve this?

You have an instance setup in a test environment in AWS. You installed the required application and the promoted the server to a production environment. Your IT

Security team has advised that there maybe traffic flowing in from an unknown IP address to port 22. How can this be mitigated immediately?