[January-2022]New Braindump2go 712-50 PDF Dumps(Q406-Q440)

QUESTION 141

A bank is using Amazon Managed Streaming for Apache Kafka (Amazon MSK) to populate real-time data into a data lake. The data lake is built on Amazon S3, and data must be accessible from the data lake within 24 hours. Different microservices produce messages to different topics in the cluster. The cluster is created with 8 TB of Amazon Elastic Block Store (Amazon EBS) storage and a retention period of 7 days.

The customer transaction volume has tripled recently and disk monitoring has provided an alert that the cluster is almost out of storage capacity.

What should a data analytics specialist do to prevent the cluster from running out of disk space1?


A.Use the Amazon MSK console to triple the broker storage and restart the cluster

B.Create an Amazon CloudWatch alarm that monitors the KafkaDataLogsDiskUsed metric

Automatically flush the oldest messages when the value of this metric exceeds 85%

C.Create a custom Amazon MSK configuration

Set the log retention hours parameter to 48 Update the cluster with the new configuration file

D.Triple the number of consumers to ensure that data is consumed as soon as it is added to a topic.


Answer: B


QUESTION 142

An analytics software as a service (SaaS) provider wants to offer its customers business intelligence (BI) reporting capabilities that are self-service. The provider is using Amazon QuickSight to build these reports. The data for the reports resides in a multi-tenant database, but each customer should only be able to access their own data.

The provider wants to give customers two user role options:

- Read-only users for individuals who only need to view dashboards

- Power users for individuals who are allowed to create and share new dashboards with other users

Which QuickSight feature allows the provider to meet these requirements?


A.Embedded dashboards

B.Table calculations

C.Isolated namespaces

D.SPICE


Answer: A


QUESTION 143

A manufacturing company has many loT devices in different facilities across the world. The company is using Amazon Kinesis Data Streams to collect the data from the devices. The company's operations team has started to observe many WnteThroughputExceeded exceptions. The operations team determines that the reason is the number of records that are being written to certain shards. The data contains device ID capture date measurement type, measurement value and facility ID. The facility ID is used as the partition key.

Which action will resolve this issue?


A.Change the partition key from facility ID to a randomly generated key

B.Increase the number of shards

C.Archive the data on the producers' side

D.Change the partition key from facility ID to capture date


Answer: B


QUESTION 144

A reseller that has thousands of AWS accounts receives AWS Cost and Usage Reports in an Amazon S3 bucket.

The reports are delivered to the S3 bucket in the following format:

<examp/e-reporT-prefix>/<examp/e-report-rtame>/yyyymmdd-yyyymmdd/<examp/e-report-name> parquet

An AWS Glue crawler crawls the S3 bucket and populates an AWS Glue Data Catalog with a table Business analysts use Amazon Athena to query the table and create monthly summary reports for the AWS accounts. The business analysts are experiencing slow queries because of the accumulation of reports from the last 5 years. The business analysts want the operations team to make changes to improve query performance.

Which action should the operations team take to meet these requirements?


A.Change the file format to csv.zip.

B.Partition the data by date and account ID

C.Partition the data by month and account ID

D.Partition the data by account ID, year, and month


Answer: B


QUESTION 145

A retail company stores order invoices in an Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster Indices on the cluster are created monthly. Once a new month begins, no new writes are made to any of the indices from the previous months. The company has been expanding the storage on the Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster to avoid running out of space, but the company wants to reduce costs Most searches on the cluster are on the most recent 3 months of data while the audit team requires infrequent access to older data to generate periodic reports. The most recent 3 months of data must be quickly available for queries, but the audit team can tolerate slower queries if the solution saves on cluster costs.

Which of the following is the MOST operationally efficient solution to meet these requirements?


A.Archive indices that are older than 3 months by using Index State Management (ISM) to create a policy to store the indices in Amazon S3 Glacier

When the audit team requires the archived data restore the archived indices back to the Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster

B.Archive indices that are older than 3 months by taking manual snapshots and storing the snapshots in Amazon S3

When the audit team requires the archived data, restore the archived indices back to the Amazon OpenSearch Service (Amazon Elasticsearch Service) cluster

C.Archive indices that are older than 3 months by using Index State Management (ISM) to create a policy to migrate the indices to Amazon OpenSearch Service (Amazon Elasticsearch Service) UltraWarm storage

D.Archive indices that are older than 3 months by using Index State Management (ISM) to create a policy to migrate the indices to Amazon OpenSearch Service (Amazon Elasticsearch Service) UltraWarm storage

When the audit team requires the older data: migrate the indices in UltraWarm storage back to hot storage


Answer: D


QUESTION 146

A hospital uses an electronic health records (EHR) system to collect two types of data.

- Patient information, which includes a patient's name and address

- Diagnostic tests conducted and the results of these tests Patient information is expected to change periodically

Existing diagnostic test data never changes and only new records are added.

The hospital runs an Amazon Redshift cluster with four dc2.large nodes and wants to automate the ingestion of the patient information and diagnostic test data into respective Amazon Redshift tables for analysis. The EHR system exports data as CSV files to an Amazon S3 bucket on a daily basis. Two sets of CSV files are generated. One set of files is for patient information with updates, deletes, and inserts. The other set of files is for new diagnostic test data only. What is the MOST cost-effective solution to meet these requirements?


A.Use Amazon EMR with Apache Hudi.

Run daily ETL jobs using Apache Spark and the Amazon Redshift JDBC driver

B.Use an AWS Glue crawler to catalog the data in Amazon S3

Use Amazon Redshift Spectrum to perform scheduled queries of the data in Amazon S3 and ingest the data into the patient information table and the diagnostic tests table.

C.Use an AWS Lambda function to run a COPY command that appends new diagnostic test data to the diagnostic tests table

Run another COPY command to load the patient information data into the staging tables

Use a stored procedure to handle create update, and delete operations for the patient information table

D.Use AWS Database Migration Service (AWS DMS) to collect and process change data capture (CDC) records

Use the COPY command to load patient information data into the staging tables.

Use a stored procedure to handle create, update and delete operations for the patient information table


Answer: B


QUESTION 147

A utility company wants to visualize data for energy usage on a daily basis in Amazon QuickSight.

A data analytics specialist at the company has built a data pipeline to collect and ingest the data into Amazon S3 Each day the data is stored in an individual csv file in an S3 bucket.

This is an example of the naming structure 20210707_datacsv 20210708_datacsv.

To allow for data querying in QuickSight through Amazon Athena the specialist used an AWS Glue crawler to create a table with the path "s3 //powertransformer/20210707_data csv".

However when the data is queried, it returns zero rows.

How can this issue be resolved?


A.Modify the IAM policy for the AWS Glue crawler to access Amazon S3.

B.Ingest the files again.

C.Store the files in Apache Parquet format.

D.Update the table path to "s3://powertransformer/".


Answer: D


QUESTION 148

A large energy company is using Amazon QuickSight to build dashboards and report the historical usage data of its customers. This data is hosted in Amazon Redshift. The reports need access to all the fact tables' billions ot records to create aggregation in real time grouping by multiple dimensions. A data analyst created the dataset in QuickSight by using a SQL query and not SPICE Business users have noted that the response time is not fast enough to meet their needs.

Which action would speed up the response time for the reports with the LEAST implementation effort?


A.Use QuickSight to modify the current dataset to use SPICE

B.Use AWS Glue to create an Apache Spark job that joins the fact table with the dimensions.

Load the data into a new table

C.Use Amazon Redshift to create a materialized view that joins the fact table with the dimensions

D.Use Amazon Redshift to create a stored procedure that joins the fact table with the dimensions.

Load the data into a new table


Answer: A


QUESTION 149

A marketing company collects clickstream data. The company sends the data to Amazon Kinesis Data Firehose and stores the data in Amazon S3. The company wants to build a series of dashboards that will be used by hundreds of users across different departments. The company will use Amazon QuickSight to develop these dashboards. The company has limited resources and wants a solution that could scale and provide daily updates about clickstream activity.

Which combination of options will provide the MOST cost-effective solution? (Select TWO )


A.Use Amazon Redshift to store and query the clickstream data

B.Use QuickSight with a direct SQL query

C.Use Amazon Athena to query the clickstream data in Amazon S3

D.Use S3 analytics to query the clickstream data

E.Use the QuickSight SPICE engine with a daily refresh


Answer: BD


QUESTION 150

A company uses an Amazon EMR cluster with 50 nodes to process operational data and make the data available for data analysts. These jobs run nightly use Apache Hive with the Apache Jez framework as a processing model and write results to Hadoop Distributed File System (HDFS) In the last few weeks, jobs are failing and are producing the following error message "File could only be replicated to 0 nodes instead of 1". A data analytics specialist checks the DataNode logs the NameNode logs and network connectivity for potential issues that could have prevented HDFS from replicating data. The data analytics specialist rules out these factors as causes for the issue.

Which solution will prevent the jobs from failing'?


A.Monitor the HDFSUtilization metric. If the value crosses a user-defined threshold add task nodes to the EMR cluster

B.Monitor the HDFSUtilization metric If the value crosses a user-defined threshold add core nodes to the EMR cluster

C.Monitor the MemoryAllocatedMB metric. If the value crosses a user-defined threshold, add task nodes to the EMR cluster

D.Monitor the MemoryAllocatedMB metric. If the value crosses a user-defined threshold, add core nodes to the EMR cluster.


Answer: C


QUESTION 151

A company recently created a test AWS account to use for a development environment. The company also created a production AWS account in another AWS Region. As part of its security testing the company wants to send log data from Amazon CloudWatch Logs in its production account to an Amazon Kinesis data stream in its test account.

Which solution will allow the company to accomplish this goal?


A.Create a subscription filter in the production accounts CloudWatch Logs to target the Kinesis data stream in the test account as its destination

In the test account create an IAM role that grants access to the Kinesis data stream and the CloudWatch Logs resources in the production account

B.In the test account create an IAM role that grants access to the Kinesis data stream and the CloudWatch Logs resources in the production account

Create a destination data stream in Kinesis Data Streams in the test account with an IAM role and a trust policy that allow CloudWatch Logs in the production account to write to the test account

C.In the test account, create an IAM role that grants access to the Kinesis data stream and the CloudWatch Logs resources in the production account

Create a destination data stream in Kinesis Data Streams in the test account with an IAM role and a trust policy that allow CloudWatch Logs in the production account to write to the test account

D.Create a destination data stream in Kinesis Data Streams in the test account with an IAM role and a trust policy that allow CloudWatch Logs in the production account to write to the test account

Create a subscription filter in the production accounts CloudWatch Logs to target the Kinesis data stream in the test account as its destination


Answer: D


QUESTION 152

A bank wants to migrate a Teradata data warehouse to the AWS Cloud.

The bank needs a solution for reading large amounts of data and requires the highest possible performance.

The solution also must maintain the separation of storage and compute.

Which solution meets these requirements?


A.Use Amazon Athena to query the data in Amazon S3

B.Use Amazon Redshift with dense compute nodes to query the data in Amazon Redshift managed storage

C.Use Amazon Redshift with RA3 nodes to query the data in Amazon Redshift managed storage

D.Use PrestoDB on Amazon EMR to query the data in Amazon S3


Answer: C


QUESTION 153

A company has several Amazon EC2 instances sitting behind an Application Load Balancer (ALB). The company wants its IT Infrastructure team to analyze the IP addresses coming into the company's ALB. The ALB is configured to store access logs in Amazon S3. The access logs create about 1 TB of data each day, and access to the data will be infrequent. The company needs a solution that is scalable, cost-effective and has minimal maintenance requirements.

Which solution meets these requirements?


A.Copy the data into Amazon Redshift and query the data

B.Use Amazon EMR and Apache Hive to query the S3 data

C.Use Amazon Athena to query the S3 data

D.Use Amazon Redshift Spectrum to query the S3 data


Answer: D


QUESTION 406

Which of the following statements below regarding Key Performance indicators (KPIs) are true?


A.Development of KPI's are most useful when done independently

B.They are a strictly quantitative measure of success

C.They should be standard throughout the organization versus domain-specific so they are more easily correlated

D.They are a strictly qualitative measure of success


Answer: A


QUESTION 407

When information security falls under the Chief Information Officer (CIO), what is their MOST essential role?


A.Oversees the organization's day-to-day operations, creating the policies and strategies that govern operations

B.Enlisting support from key executives the information security program budget and policies

C.Charged with developing and implementing policies designed to protect employees and customers' data from unauthorized access

D.Responsible for the success or failure of the IT organization and setting strategic direction


Answer: D


QUESTION 408

ABC Limited has recently suffered a security breach with customers' social security number available on the dark web for sale. The CISO, during the time of the incident, has been fired, and you have been hired as the replacement. The analysis of the breach found that the absence of an insider threat program, lack of least privilege policy, and weak access control was to blame.

You would like to implement key performance indicators to mitigate the risk.

Which metric would meet the requirement?


A.Number of times third parties access critical information systems

B.Number of systems with known vulnerabilities

C.Number of users with elevated privileges

D.Number of websites with weak or misconfigured certificates


Answer: C


QUESTION 409

An organization recently acquired a Data Loss Prevention (DLP) solution, and two months after the implementation, it was found that sensitive data was posted to numerous Dark Web sites. The DLP application was checked, and there are no apparent malfunctions and no errors. What is the MOST likely reason why the sensitive data was posted?


A.The DLP Solution was not integrated with mobile device anti-malware

B.Data classification was not properly performed on the assets

C.The sensitive data was not encrypted while at rest

D.A risk assessment was not performed after purchasing the DLP solution


Answer: D


QUESTION 410

The main purpose of the SOC is:


A.An organization which provides Tier 1 support for technology issues and provides escalation when needed

B.A distributed organization which provides intelligence to governments and private sectors on cyber-criminal activities

C.The coordination of personnel, processes and technology to identify information security events and provide timely response and remediation

D.A device which consolidates event logs and provides real-time analysis of security alerts generated by applications and network hardware


Answer: C


QUESTION 411

When obtaining new products and services, why is it essential to collaborate with lawyers, IT security professionals, privacy professionals, security engineers, suppliers, and others?


A.This makes sure the files you exchange aren't unnecessarily flagged by the Data Loss Prevention (DLP) system

B.Contracting rules typically require you to have conversations with two or more groups

C.Discussing decisions with a very large group of people always provides a better outcome

D.It helps to avoid regulatory or internal compliance issues


Answer: D


QUESTION 412

A cloud computing environment that is bound together by technology that allows data and applications to be shared between public and private clouds is BEST referred to as a?


A.Public cloud

B.Private cloud

C.Community cloud

D.Hybrid cloud


Answer: D


QUESTION 413

When reviewing a Solution as a Service (SaaS) provider's security health and posture, which key document should you review?


A.SaaS provider's website certifications and representations (certs and reps)

B.SOC-2 Report

C.Metasploit Audit Report

D.Statement from SaaS provider attesting their ability to secure your data


Answer: B


QUESTION 414

As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clients, and bad publicity can jeopardize your own brand.

Which is the BEST type of risk that defines this event?


A.Compliance Risk

B.Reputation Risk

C.Operational Risk

D.Strategic Risk


Answer: B


QUESTION 415

What is a Statement of Objectives (SOA)?


A.A section of a contract that defines tasks to be performed under said contract

B.An outline of what the military will do during war

C.A document that outlines specific desired outcomes as part of a request for proposal

D.Business guidance provided by the CEO


Answer: A


QUESTION 416

During a cyber incident, which non-security personnel might be needed to assist the security team?


A.Threat analyst, IT auditor, forensic analyst

B.Network engineer, help desk technician, system administrator

C.CIO, CFO, CSO

D.Financial analyst, payroll clerk, HR manager


Answer: A


QUESTION 417

With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information and information security, include these four things:


A.Metrics tracking security milestones, understanding criticality of information and information security, visibility into the types of information and how it is used, endorsement by the board of directors

B.Annual security training for all employees, continual budget reviews, endorsement of the development and implementation of a security program, metrics to track the program

C.Understanding criticality of information and information security, review investment in information security, endorse development and implementation of a security program, and require regular reports on adequacy and effectiveness

D.Endorsement by the board of directors for security program, metrics of security program milestones, annual budget review, report on integration and acceptance of program


Answer: C


QUESTION 418

You are the CISO for an investment banking firm. The firm is using artificial intelligence (AI) to assist in approving clients for loans.

Which control is MOST important to protect AI products?


A.Hash datasets

B.Sanitize datasets

C.Delete datasets

D.Encrypt datasets


Answer: D


QUESTION 419

Which level of data destruction applies logical techniques to sanitize data in all user-addressable storage locations?


A.Purge

B.Clear

C.Mangle

D.Destroy


Answer: B


QUESTION 420

A university recently hired a CISO. One of the first tasks is to develop a continuity of operations plan (COOP).

In developing the business impact assessment (BIA), which of the following MOST closely relate to the data backup and restoral?


A.Recovery Point Objective (RPO)

B.Mean Time to Delivery (MTD)

C.Recovery Time Objective (RTO)

D.Maximum Tolerable Downtime (MTD)


Answer: C


QUESTION 421

A key cybersecurity feature of a Personal Identification Verification (PIV) Card is:


A.Inability to export the private certificate/key

B.It can double as physical identification at the DMV

C.It has the user's photograph to help ID them

D.It can be used as a secure flash drive


Answer: C


QUESTION 422

When performing a forensic investigation, what are the two MOST common data sources for obtaining evidence from a computer and mobile devices?


A.RAM and unallocated space

B.Unallocated space and RAM

C.Slack space and browser cache

D.Persistent and volatile data


Answer: D


QUESTION 423

To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?


A.Compliance management

B.Asset management

C.Risk management

D.Security management


Answer: D


QUESTION 424

You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?


A.The controls in place to secure the system

B.Name of the connected system

C.The results of a third-party audits and recommendations

D.Type of information used in the system


Answer: C


QUESTION 425

Who should be involved in the development of an internal campaign to address email phishing?


A.Business unit leaders, CIO, CEO

B.Business Unite Leaders, CISO, CIO and CEO

C.All employees

D.CFO, CEO, CIO


Answer: B


QUESTION 426

Of the following types of SOCs (Security Operations Centers), which one would be MOST likely used if the CISO has decided to outsource the infrastructure and administration of it?


A.Virtual

B.Dedicated

C.Fusion

D.Command


Answer: A


QUESTION 427

Many successful cyber-attacks currently include:


A.Phishing Attacks

B.Misconfigurations

C.Social engineering

D.All of these


Answer: C


QUESTION 428

When evaluating a Managed Security Services Provider (MSSP), which service(s) is/are most important:


A.Patch management

B.Network monitoring

C.Ability to provide security services tailored to the business' needs

D.24/7 tollfree number


Answer: C


QUESTION 429

Which of the following strategies provides the BEST response to a ransomware attack?


A.Real-time off-site replication

B.Daily incremental backup

C.Daily full backup

D.Daily differential backup


Answer: B


QUESTION 430

What is the MOST critical output of the incident response process?


A.A complete document of all involved team members and the support they provided

B.Recovery of all data from affected systems

C.Lessons learned from the incident, so they can be incorporated into the incident response processes

D.Clearly defined documents detailing standard evidence collection and preservation processes


Answer: C


QUESTION 431

Who is responsible for verifying that audit directives are implemented?


A.IT Management

B.Internal Audit

C.IT Security

D.BOD Audit Committee


Answer: B


QUESTION 432

XYZ is a publicly-traded software development company. Who is ultimately accountable to the shareholders in the event of a cybersecurity breach?


A.Chief Financial Officer (CFO)

B.Chief Software Architect (CIO)

C.CISO

D.Chief Executive Officer (CEO)


Answer: C


QUESTION 433

What organizational structure combines the functional and project structures to create a hybrid of the two?


A.Traditional

B.Composite

C.Project

D.Matrix


Answer: D


QUESTION 434

The primary responsibility for assigning entitlements to a network share lies with which role?


A.CISO

B.Data owner

C.Chief Information Officer (CIO)

D.Security system administrator


Answer: B


QUESTION 435

What does RACI stand for?


A.Reasonable, Actionable, Controlled, and Implemented

B.Responsible, Actors, Consult, and Instigate

C.Responsible, Accountable, Consulted, and Informed

D.Review, Act, Communicate, and Inform


Answer: C


QUESTION 436

What key technology can mitigate ransomware threats?


A.Use immutable data storage

B.Phishing exercises

C.Application of multiple end point anti-malware solutions

D.Blocking use of wireless networks


Answer: A


QUESTION 437

Which of the following are the triple constraints of project management?


A.Time, quality, and scope

B.Cost, quality, and time

C.Scope, time, and cost

D.Quality, scope, and cost


Answer: C


QUESTION 438

A Security Operations (SecOps) Manager is considering implementing threat hunting to be able to make better decisions on protecting information and assets. What is the MAIN goal of threat hunting to the SecOps Manager?


A.Improve discovery of valid detected events

B.Enhance tuning of automated tools to detect and prevent attacks

C.Replace existing threat detection strategies

D.Validate patterns of behavior related to an attack


Answer: A


QUESTION 439

A bastion host should be placed:


A.Inside the DMZ

B.In-line with the data center firewall

C.Beyond the outer perimeter firewall

D.As the gatekeeper to the organization's honeynet


Answer: C


QUESTION 440

Optical biometric recognition such as retina scanning provides access to facilities through reading the unique characteristics of a person's eye.

However, authorization failures can occur with individuals who have?


A.Glaucoma or cataracts

B.Two different colored eyes (heterochromia iridium)

C.Contact lens

D.Malaria


Answer: A


2022 Latest Braindump2go 712-50 PDF and 712-50 VCE Dumps Free Share:

https://drive.google.com/drive/folders/1Th-259mRWSeetI20FPdeU_Na8TegTWwA?usp=sharing

4.7 Star App Store Review!
Cpl.dev***uke
The Communities are great you rarely see anyone get in to an argument :)
king***ing
Love Love LOVE
Download

Select Collections