ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Analytics - Specialty All Questions

View all questions & answers for the AWS Certified Data Analytics - Specialty exam
Go to Exam

Exam AWS Certified Data Analytics - Specialty topic 1 question 57 discussion

Exam question from Amazon's AWS Certified Data Analytics - Specialty
Question #: 57
Topic #: 1
[All AWS Certified Data Analytics - Specialty Questions]

A company is migrating its existing on-premises ETL jobs to Amazon EMR. The code consists of a series of jobs written in Java. The company needs to reduce overhead for the system administrators without changing the underlying code. Due to the sensitivity of the data, compliance requires that the company use root device volume encryption on all nodes in the cluster. Corporate standards require that environments be provisioned though AWS CloudFormation when possible.
Which solution satisfies these requirements?

  • A. Install open-source Hadoop on Amazon EC2 instances with encrypted root device volumes. Configure the cluster in the CloudFormation template.
  • B. Use a CloudFormation template to launch an EMR cluster. In the configuration section of the cluster, define a bootstrap action to enable TLS.
  • C. Create a custom AMI with encrypted root device volumes. Configure Amazon EMR to use the custom AMI using the CustomAmild property in the CloudFormation template.
  • D. Use a CloudFormation template to launch an EMR cluster. In the configuration section of the cluster, define a bootstrap action to encrypt the root device volume of every node.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by paul0099 at Aug. 17, 2020, 10:52 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
zeronine
Highly Voted 3 years, 7 months ago
I think the answer is C https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-custom-ami.html https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticmapreduce-cluster.html
upvoted 30 times
carol1522
3 years, 7 months ago
Agree with c
upvoted 2 times
LMax
3 years, 6 months ago
me too
upvoted 2 times
...
...
awssp12345
3 years, 7 months ago
Agreed
upvoted 3 times
...
lakediver
3 years, 5 months ago
Agree C. If you are using an Amazon EMR version earlier than 5.24.0, an encrypted EBS root device volume is supported only when using a custom AMI. For Amazon EMR version 5.24.0 and later, you can use a security configuration option to encrypt EBS root device and storage volumes when you specify AWS KMS as your key provider. https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-data-encryption-options.html#emr-encryption-localdisk
upvoted 4 times
...
...
Huy
Highly Voted 3 years, 6 months ago
Agree with C. D is a trap, it is Security Configuration section not bootstrap action in Configuration section.
upvoted 7 times
...
pk349
Most Recent 2 years ago
C: I passed the test
upvoted 2 times
...
Ryo0w0o
2 years, 5 months ago
I will go for D. https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-data-encryption-options.html#emr-encryption-localdisk According to the link, we can use EBS encryption from a security configuration and it says "We recommend using EBS encryption".
upvoted 1 times
...
cloudlearnerhere
2 years, 6 months ago
Selected Answer: C
Correct answer is C as CloudFormation can be used to launch an EMR cluster with custom AMI with encrypted root device volumes. Option A is wrong as open source Hadoop would not be provisioned using CloudFormation. Option B is wrong as TLS does not provide data at rest encryption. Option D is wrong as bootstrap actions cannot be used to encrypt root device volume.
upvoted 2 times
Naku
2 years, 4 months ago
bro, can you tell if we just do first 80 questions , can we pass?
upvoted 5 times
...
...
Arka_01
2 years, 7 months ago
Selected Answer: C
"without changing the underlying code" and "CloudFomation Template" are the keys here. So CustomAMIID for including a Custom AMI with encrypted root volume will work.
upvoted 2 times
...
rocky48
2 years, 10 months ago
Selected Answer: C
C is the right answer.
upvoted 2 times
...
jrheen
3 years ago
Answer - C
upvoted 1 times
...
lakediver
3 years, 5 months ago
If you are using an Amazon EMR version earlier than 5.24.0, an encrypted EBS root device volume is supported only when using a custom AMI. For more information, see Creating a custom AMI with an encrypted Amazon EBS root device volume in the Amazon EMR Management Guide Beginning with Amazon EMR version 5.24.0, you can use a security configuration option to encrypt EBS root device and storage volumes when you specify AWS KMS as your key provider. For more information, see Local disk encryption.
upvoted 2 times
...
aws2019
3 years, 6 months ago
Agree with c
upvoted 1 times
...
lostsoul07
3 years, 6 months ago
C is the right answer
upvoted 3 times
...
[Removed]
3 years, 6 months ago
C sounds right but where in CF can you define a CustomAmild? Its imageID and that's it. An AMI is an AMI. For D to work, you would have to use a 3rd party software, but it would work
upvoted 2 times
[Removed]
3 years, 6 months ago
Scratch that, you can do CustomAmiID in an EMR cluster..... C is indeed the answer.
upvoted 1 times
...
...
jove
3 years, 6 months ago
C is correct
upvoted 2 times
...
sanjaym
3 years, 7 months ago
Sensing answer should be C.
upvoted 1 times
...
jack42
3 years, 7 months ago
Its C, you cant use bootstrap action to encrypt the root volume, you need to pass it using security configurations.
upvoted 2 times
...
syu31svc
3 years, 7 months ago
https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-root-volume-property/ Answer is C
upvoted 3 times
...
Paitan
3 years, 7 months ago
Confused between C and D.
upvoted 1 times
KoMo
3 years, 7 months ago
I think the bootstrap config is only for installing additional softwares https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticmapreduce-cluster-bootstrapactionconfig.html
upvoted 2 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago