Loading...
【所有题目】9. A retailer exports data daily from its transactional databases into an S3 bucket in the Sydney region. The retailer's Data Warehousing team wants to import this data into an existing Amazon Redshift cluster in their VPC at Sydney. Corporate security policy mandates that data can only be transported within a VPC. What combination of the following steps will satisfy the security policy? Choose 2 answers
正确答案: A, D
Correct answer are A & D as Redshift Enhanced VPC Routing helps access AWS services including S3 through VPC, without having to route any traffic through internet. Also, note the region is the same.,Refer AWS documentation - Redshift Enhanced VPC Routing,When you use Amazon Redshift Enhanced VPC Routing, Amazon Redshift forces all COPY and UNLOAD traffic between your cluster and your data repositories through your Amazon VPC. You can now use standard VPC features, such as VPC security groups, network access control lists (ACLs), VPC endpoints, VPC endpoint policies, Internet gateways, and Domain Name System (DNS) servers, to tightly manage the flow of data between your Amazon Redshift cluster and other resources. When you use Enhanced VPC Routing to route traffic through your VPC, you can also use VPC flow logs to monitor COPY and UNLOAD traffic.,If Enhanced VPC Routing is not enabled, Amazon Redshift routes traffic through the Internet, including traffic to other services within the AWS network.,VPC Endpoints – For traffic to an Amazon S3 bucket in the same region as your cluster, you can create a VPC endpoint to direct traffic directly to the bucket. When you use VPC endpoints, you can attach an endpoint policy to manage access to Amazon S3.,Option B is wrong as Redshift cannot directly access S3 without internet,Option C is wrong as NAT enables connectivity to services via Internet only or other AWS services.,NAT gateway – To connect to an Amazon S3 bucket in another region or to another service within the AWS network, or to access a host instance outside the AWS network, you can configure a network address translation (NAT) gateway.
dbs_9
False
A, D
1
invalid_random_id
0
9
20230824: 网站迁移至配置更好的服务器!
20220828: 上线全新版本,欢迎体验!
20220406: SAP通过,本网站SAP题库有较多原题
20220323: 1.更新SAP题库;2.优化保存提示;3.备考SAP中
20201130: 注意:服务器最近遭到SQL注入攻击,请不要一个密码多个网站使用
20200714: 继续更新saa题库,来自tutorialsdojo的收费题,每天更新30题,共180题
20200603: 本人已于20200525通过SAA考试,更新60道SAA考试真题